Money for Nothing
The phone call from the collection agency back in May should've been expected.
The caller was looking for Todd Davis, the CEO of one of the nation's fastest-growing anti-identity-theft companies, Tempe-based LifeLock. When Davis picked up the phone, the collection agency told him he had failed to pay back a $500 loan he took out in Texas.
Davis, who lives in Chandler, probably knew at once he was a victim of identity theft.
But how could he be a victim? His company boasts it can protect people from identity theft, and Davis was, naturally, one of its first customers.
Yet there's no doubt it was identity theft, says Lieutenant Dean Sullivan of the Fort Worth Police Department. The suspect took out a loan under Davis' name using a check as collateral.
"How they came about his information, I don't know," Sullivan says.
There's an easy answer for that.
Davis gives out his Social Security number 457-55-5462 in the company's ads.
Davis states on LifeLock's Web site, "Just like we have with mine, LifeLock will make your personal information useless to a criminal."
But LifeLock couldn't really make it useless. Like other aspects of LifeLock's marketing campaign, Davis' statement just isn't true.
Despite LifeLock's service, the thief found Davis' information plenty useful. The check that the thief used to take out the loan was from his or her own bank, and police found the suspect's home address. So far, no arrest has been made.
The story won't make a good testimonial for LifeLock. It's a perfect example of how the firm's primary service placing fraud alerts on customers' credit reports failed to stop identity theft from occurring.
Other companies offer that service, as well, even though it's free and extremely simple for people to do themselves. Dozens of firms offering anti-identity-theft services have built a multimillion-dollar industry in the past few years.
Consumer advocates say they're a rip-off.
Companies like LifeLock can try to prevent only one kind of identity theft, new-account fraud, and Davis' case proves they can't always do that, either.
Initial details of the case were first published June 11 by blogger Kim Zetter of Wired.com. Zetter said she received a tip from a reader about the crime after another blog post about LifeLock.
Zetter and other bloggers were writing a lot about LifeLock that week because of a May 31 New Times story, which detailed how the company's founder, Robert J. Maynard Jr., lied repeatedly to the public that he was a victim of identity theft, according to information provided by Nevada authorities.
Maynard claims and he's sticking to the story, despite overwhelming evidence to the contrary that he was falsely arrested by Valley authorities in 2003 and held for a week in jail because of a Las Vegas gambling debt that he didn't owe. The experience gave him the idea to start LifeLock, he has told newspapers and TV news stations. He and Davis use the story as a horrific example of why people need their company's services.
But Clark County, Nevada, prosecutor Bernard Zadrowski told New Times the roughly $16,000 debt to the Mirage casino had, in fact, been Maynard's. Nevada treats unpaid casino markers like bad checks, and felony charges against Maynard Jr. were dropped after he paid the debt, Zadrowski said.
The New Times story also detailed how Maynard Jr. was one of the heads of a credit-repair company shut down by the government in the mid-1990s, leaving him permanently banned from the credit-repair business, and how his own father accuses him of identity theft. Dr. Robert Maynard Sr., a Valley optometrist, said his personal data was used by his son to order an American Express card in Maynard Sr.'s name and make about $150,000 in charges all without Maynard Sr.'s consent.
Less than two weeks after the story ran, LifeLock announced that Robert J. Maynard Jr. had resigned from the company.
The Los Angeles Times wrote about his resignation in a June 12 article and mentioned the scam against Davis prominently, saying that even as the company was acting to distance itself from problems exposed about its founder, "new questions arose about its marketing claims." The Times also said the incident could affect Davis' credit rating.
Davis said he's still "upset" over the May 31 story, and he wouldn't agree to an interview for this article. But New Times sent him several questions, which he answered by e-mail with the help of the company's new public relations consultant, spin artist Jason Rose, known for taking on clients with image problems, including Maricopa County Sheriff Joe Arpaio and Pink Taco restaurant.
In one e-mail, Rose and Davis say the fact that Davis was victimized was not an embarrassment to the company; rather, it showed how well the company works. The e-mail explains that when the system fails, as it did in this case, LifeLock will spend time and, if necessary, up to $1 million to help its customers.
The company did help its CEO by hiring another company to aid in solving Davis' problem.
But the same thing wouldn't happen to you, because LifeLock's terms of agreement state that you can't be a customer if you publish your Social Security number.
If anyone in this state knows what to do about identity theft, it's Bob Hartle.
Hartle lives with his wife, JoAnn, in the residence where he grew up in south Phoenix. The place is filled with the hides and heads of animals he and JoAnn hunted when they lived in Alaska. In 1994, the Hartles were living in Iowa when they found out that a thief had destroyed Bob Hartle's good name ("Bob Hartle's Identity Crisis," April 24, 1997).
The incident spurred Hartle to become an expert on the subject, and he became personally responsible for the state's first anti-identity-theft law, signed by Governor Fife Symington in 1996. Before then, no specific felony statute made it a crime to take someone's data and use it wrongfully.
Hartle's a retired Honeywell employee who now works as a security officer for a tech firm. He and JoAnn educate the public and help identity-theft victims in their spare time. Their Web site address is www.idfraud.org.
At seminars, Hartle says not to spend money on anti-identity-theft services. He says they are a waste of time. That's also the message of Consumer Reports and other watchdogs that have analyzed the services.
The fact is, you can do most everything the services do for no cost.
If you become a victim a possibility even if you buy the services odds are the crime will cost you no money and take relatively little time to resolve.
To understand the criticism by Hartle and others, you first have to know what the identity-theft companies are selling: credit-report monitoring, fraud alerts, insurance, and help for victims.
Most of the companies offer several of the services at once.
All three major credit bureaus Equifax, Experian and TransUnion offer credit-report monitoring in a way that could almost be called a protection racket.
The credit bureaus make money by collecting financial data on people and then selling it. They are the keepers of your credit report and credit score. When you apply for a loan, they're the ones who tell credit card companies, mortgage firms, and car dealerships who you are and whether you're likely to make timely payments.
The credit bureaus charge the lenders for that information. Then they charge you as much as $14.95 a month to monitor your credit report, simply shooting you an e-mail if someone opens a credit account in your name.
In other words, you pay the bureaus to let you know when they help someone commit fraud in your name.
You can choose not to buy the bureaus' services, but you can't choose to ignore the bureaus if their info on you is misused not if you ever want to buy something on credit again.
Even if you pony up the monthly fee, there's no protection from identity theft.
And if you get victimized, you still have work to do. The bureaus can't interpret your credit report. Only you know which of your credit accounts are legitimate and which aren't. If you think a thief has opened a line of credit in your name, you still have to contact the credit bureau just as you would do if you learned about the crime because a collection agency called you.
Then there are companies like TrustedID, Debix and LifeLock, which take advantage of a three-year-old federal law that allows people to put fraud alerts on their credit reports. If a fraud alert is on your report, lenders are supposed to call you before issuing credit in your name.
Most of the companies offer some kind of insurance for customers, but the majority of identity theft victims would never need it. Financial losses are typically covered by the bank, merchant, or credit card company that gave credit to the wrong person.
So-called resolution services, which offer to help victims cut through the red tape after a theft occurs, seem like a good idea in complicated cases. But those services are outrageously expensive. One company, Kroll Fraud Solutions, charges between $1,000 and $2,000 to deal with a fairly simple new-account fraud case.
When any of these services are offered by your bank or credit union for free, they're worth it. Bank of America, for example, offers a free service for its customers if they become a victim of identity theft involving Bank of America accounts.
There's no question that most, if not all, of the companies exploit Americans' fear of identity theft to sell their service. They compare identity theft to a calamity such as a house fire. They play up crime figures reported by the Federal Trade Commission and other sources, which state that millions of Americans will become victims every year. And the news media help drive the mania with reports of the most extreme examples.
People give each other paper shredders for Christmas. They scan their bank account and credit card statements for false charges. If the anti-identity-theft companies are to be believed, tens of thousands of people have signed up for services that claim to protect people.
The reality is that the crime isn't nearly as terrible as the identity-protection firms try to scare you into believing.
More than half the cases involve fraudulent credit card charges that are quickly reversed by credit card companies. Even in cases in which thieves open credit accounts in other people's names, the victims usually pay no out-of-pocket costs.
Ironically, the people most likely to buy the services are those least likely to need them. According to LifeLock's literature, most of their customers are 35 to 50, well off, and "not the most susceptible to identity theft."
Police say the hardest hit are young people in their 20s or people of modest means. One California victim described how, after a thief withdrew the $2,000 in her checking account, she was forced to ask her employer for a loan because a bank took two weeks to put the money back.
Believe it or not, even shredding that staple of identity protection isn't necessary for many of us, especially if you live in a house with individual garbage collection rather than share a trash bin with neighbors.
Al Shiya, a spokesman for Phoenix's public works department, says that once a garbage truck picks up a trash barrel, there is "zero risk" of identity theft from pilfered garbage. Green-barrel garbage is compressed, put in a pit and covered by dirt in the city's Buckeye landfill the same day it's picked up or the next day. Nobody scavenges at the landfill, which sits on thousands of acres and is surrounded by a high, chain-link fence. Blue-barrel recycling garbage is sorted at a secure facility.
"There have been no incidents in anyone's memory here where anyone's identity was compromised within this process," he says.
Expert Bob Hartle believes none of the ID-protection services except the ones you can get for free has any real value. He doesn't trust them, either.
Anyone considering such a service should read the fine print, he says. Many companies require you to give them power of attorney, which Hartle says could be misused. He points out that while some companies say they do criminal background checks on their employees, you won't know if they really do.
The monitoring and relief services help you only after theft has occurred, so you're paying month after month for something you don't normally need. If you do get zapped, it's no big deal to get the problem fixed, he says.
True, the services might sound appealing if you're lazy and have money to burn, but Hartle insists you won't get anything you can't do yourself in very little time.
Most people don't really need a fraud alert on their credit reports. Unless you've published your Social Security number like LifeLock CEO Todd Davis did or somebody hacks into your employer's human-resources computer, placing a fraud alert isn't worth the bother.
A fraud alert probably won't prevent crime, as the Davis example shows. A lender may not call a major credit bureau, which means an alert won't be found, or a lender may see an alert but choose not to call its customer.
An alert also may stop you from taking advantage of a good credit offer. If your contact number for a fraud alert is your mobile phone, you'd better have the phone in your purse or pocket before you try to open a new credit account or you'll be stuck.
But some experts recommend fraud alerts as a simple precaution. Most times, an alert should prevent the type of identity theft in which criminals open accounts under your name.
The right to place a fraud alert on your credit report is relatively new, provided courtesy of Congress via the Fair and Accurate Credit Transactions Act of 2003, also known as the FACT Act. The main problem for consumers is that the law allows the credit bureaus to lift the fraud alert after 90 days, making it easier for their customers lenders to do business. If you want permanent protection, you need to renew the alerts every three months.
Companies that place the alerts for you, like LifeLock and Debix, say that going without their service is like mowing your own lawn or changing your vehicle's oil yourself.
The analogy is flawed, because mowing your lawn or changing your own oil is actually hard work. Sweat will probably be involved, and the chores will take a chunk of time, unlike performing for yourself the service that LifeLock offers.
Placing a fraud alert yourself is a cakewalk. All you have to do is dial the toll-free phone number of one of the major credit bureaus. The process will take less than five minutes, maybe as little as two or three minutes. You have to notify only one of the major credit bureaus of a fraud alert because that bureau will then notify the other two. If you let six months go by without placing an alert, no biggie remember, you probably don't need it in the first place.
If you've already become a victim, and you've got an official identity-theft report, it would be downright dumb to pay someone to place the fraud alert. That's because victims have the right to place a seven-year fraud alert, eliminating the need for frequent renewals.
Pulling your credit report is another service these companies offer that you can do for free. Simply log on to the secure Web site www.annualcreditreport.com, or call 1-877-322-8228 and punch in some personal data.
You can pull the reports of all three bureaus once a year, or stagger your reports by pulling one from each bureau every four months. Most of the time, though not always, the records at the three bureaus are the same.
"Getting your credit report three times a year should be enough to find out, generally, what's going on," says Gail Hillebrand, a senior attorney for Consumers Union, the nonprofit publisher of Consumer Reports.
It costs about $9 to see your credit score, but the credit bureaus will give you the score and other data during a free, month-long trial period. Hillebrand says that's not a bad way to go, as long as you're careful to cancel the membership before the free trial ends.
The two measures pulling your credit report and placing fraud alerts are so easy that you would spend just as much time and effort signing up with a service company. And ask yourself, when the company starts sending you regular e-mails, credit reports, and other information, will you really take the time to study all of that? Probably not, if you don't even have time to pull your own credit report.
If you never look at your credit report and you haven't placed a fraud alert, it's easier for someone to take credit out in your name. Being a victim will make you feel violated and ticked off. It will definitely cost you some time.
The service companies want you to believe you'll be devastated.
The truth is, police and prosecutors say, severe cases of identity theft are rare. With some legwork, financial damage is almost always reversed, says Annielaurie Van Wie, a prosecutor with the Maricopa County Attorney's office.
"I haven't seen people having a lot of problems with that," she says.
That means you're likely to pay one of the service companies more over time than you ever will ever be out in an identity-theft scam.
Sure, you'd rather not have it happen at all, but if it does, your involvement could help convict a thief. That's what happened after an ex-con pretended to be Cameron Dana of Mesa.
Last year, a man using Dana's name took out a $20,000 commercial loan at a store by filling out a form. Once the credit was approved, the first thing he bought was a utility trailer. As store employees looked on, thinking they were seeing the birth of a construction company, the man packed the trailer with new power tools and other supplies until the funds were exhausted. Then he hitched the trailer to his new Ford F-350 diesel pickup and drove off.
The man was really Richard Hainsworth, a 36-year-old meth user. Armed with Dana's identification, Hainsworth acted like a lottery winner for about two weeks, racking up about $75,000 in charges.
Only after Hainsworth visited another Home Depot, this time in Mesa, did anyone get suspicious. When he applied for $1,000 in personal credit and promptly bought about $1,000 in goods, someone at the store notified Citigroup, the company Home Depot uses for its credit services.
Hainsworth left with the merchandise, but a Citigroup agent called the real Cameron Dana to double-check the purchase.
Dana, 32, is a sixth-generation Arizonan descended from Mormon pioneers and raised in Mesa. He's a tall, burly guy with close-cropped hair and big hands who makes a living buying and refurbishing homes, then selling them at a profit. After hanging up the phone with Citigroup, Dana asked a buddy what to do and was soon looking at his credit reports on the Internet.
They showed a total of 16 new credit accounts opened in his name, each one laden with charges:
A $30,000 truck, the $20,000 in goods from Home Depot, a Harley-Davidson from a Prescott motorcycle dealer, cell phones, a $5,000 visit to OfficeMax.
Dana called police, then began conducting his own investigation.
"To every one of the merchants, I said, 'Get your security tapes,'" he recalled. "My most motivating factor: I wanted to see what this guy's face looked like."
He turned over everything he found to the cops.
"I would have liked to strangle the guy," he says.
Hainsworth was arrested in June 2006 by Gilbert police and later convicted on a 2005 charge of stealing a boat. He's serving 61/2 years in prison, but faces another sentencing soon in Yavapai County for stealing the Harley.
Mesa police say they are using the evidence they collected in Dana's case to aid in the Yavapai prosecution.
Dana, on the other hand, wound up fine despite his complete lack of identity-theft protection.
It cost him a few postage stamps to make the five-figure debt disappear, though he was forced to commit a few solid hours to the mess. He obtained a police report and filled out a Citigroup identity-theft form, then gave copies of the documents to the credit bureaus. He made 16 copies of the Citigroup form and mailed them to each of the merchants who gave out the credit. He put a seven-year fraud alert on his credit report. Then he was done.
Just in case some other thief gets hold of Dana's personal data, he will have to check his credit report more often in the future.
"I can do it myself," he says.
On the second floor of the nondescript Lincoln Towne Center in Scottsdale is the headquarters of Identity Theft 911, which moved to the Valley in late 2004 from San Francisco. One of the company's stated goals is education, and it puts out a lot of information on its Web site about how to beat identity thieves. It's a for-profit firm that partners with major financial institutions, which give its victim-help service to customers.
Mark Fullbright is one of several advocates who work the phones at Identity Theft 911.
"People are shaken, angry," says Fullbright, who says he has worked at local banks for the past 15 years and has become something of a fraud expert. "We give them a lot of assurance. You could have a phone call last an hour, or just a few minutes."
The company's clients include AFL-CIO member unions' employees, banks, credit unions, and insurance companies. Outside of its victim-help service, Identity Theft 911 offers credit monitoring to customers for a fee, but it doesn't push the feature.
"We don't know why anybody would pay for [anti-identity-theft] service," says Eduard Goodman, the company's general counsel.
Goodman and Fullbright also eschew the prevailing wisdom about fraud alerts, saying, although their company can place the alerts, people don't really need them unless they believe it's very likely they'll be victimized.
Goodman also points out a potential drawback to more people placing fraud alerts on their accounts: "The more fraud alerts out there, it's like crying wolf."
The attitude is different at other companies, like Debix, an Austin-based competitor of LifeLock that markets to individual consumers by playing up the fear angle.
"The risks for you as a consumer, you know, just like car accidents, are real," says Debix CEO Bo Holland in a telephone interview. "House fires are real."
Debix is very similar to LifeLock, and its services cost about the same: $99 a year. The company places a fraud alert with the credit bureaus but adds a twist. When someone tries to open a line of credit in the name of a Debix customer, the company calls the customer and asks for a PIN to complete the transaction.
Despite the bells and whistles, it's still the same old thing. You pay a lot for someone to do a few minutes worth of easy work. Same with Truston, TrustedID, the services offered by the credit bureaus, and many others.
A company called PrePaid Legal Services Inc. employs armies of independent contractors to help sell its anti-identity-theft services, which are actually provided by Kroll Fraud Solutions. Because of that apparent lack of control, Hartle, the identity theft expert, singles out PrePaid Legal as a company to be particularly wary of.
To the contrary, says Robert Garcia, a retired 25-year veteran of the Tucson Police Department who represents the company. He says Kroll performs background checks on its freelance workers, unlike other companies in the field. He says no PrePaid Legal employee has ever misused a customer's personal information.
Even if it's safe to use PrePaid Legal, potential customers might tremble at the price. Garcia says he recently contracted with the city of Tucson to offer city employees a plan that costs $25 a month, more than twice as much as typical protection services. Sure, the price includes help with legal matters, like wills, but people usually don't rewrite wills every month.
Van Wie, the county prosecutor, attends community meetings around the Valley regularly, and people often ask what she thinks of anti-identity-theft services. She says she doesn't recommend them.
If anything, she believes the plans offered by the credit bureaus make the most sense because they hold the credit reports.
"I don't steer people toward anything, but I'll say, 'Look at what you're getting for your money,'" Van Wie says. "I explain how to do it themselves."
Van Wie's bureau filed more than 2,600 cases of identity theft-related crimes last year, including 15 cases of trafficking in stolen identities. Her office couldn't immediately break down how many of the cases were serious and how many were resolved with little hassle and no expense to the victims.
Van Wie does not use an identify theft service personally.
The credit history of LifeLock's CEO was hardly blemish-free before the Texas thief stole his identity. Like the company's founder, Robert Maynard Jr., Todd Davis also has a bankruptcy on his record. He filed in 2000 to escape about $82,000 in unpaid bills, federal records show.
His credit score might be higher now, if you believe the two-year-old company's claim that it has gained tens of thousands of customers just in the past month. It just moved into a second location at Hayden Ferry Lakeside Office Tower II, on the banks of Tempe's Town Lake.
It's true that LifeLock has become one of the most recognized names in identity-theft protection because of its robust radio advertising on the Howard Stern, Rush Limbaugh, and Paul Harvey shows.
But if you listen to its competitors, LifeLock is also one of the biggest jokes in the industry which is really something, considering the industry as a whole isn't much better.
LifeLock's marketing style and its ability to find both customers and investor funding makes the bosses at other companies fume with indignation and, perhaps, jealousy.
Then came New Times' May 31 story, which focused on Maynard, and much of that fuming turned to glee.
"I can't lie to you," says Goodman, general counsel for Identity Theft 911. "I was very pleased with [that] story."
Maynard had been telling a tale for two years that he was falsely arrested by Valley authorities in 2003 and held for a week in jail because of a Mirage Casino debt he didn't owe. The experience gave him the idea to start LifeLock, he said. The story was retold to newspapers and TV news stations by Maynard and Davis as a horrific example of why people need the company's services.
After New Times revealed Maynard's story was full of holes, California-based Truston began offering discounts to LifeLock customers who switched services. Debix later did the same thing. Company spokesmen rushed to the comment sections of industry blog sites to pile on LifeLock and plug their own companies as a better alternative.
But some loyalty to LifeLock was evident in an avalanche of Internet tongue-wagging that followed the article. On one blog site, TechCrunch, editor Michael Arrington posited that a "hit job" on LifeLock might have been part of a conspiracy by the credit bureaus, which ostensibly don't want LifeLock to steal business from them.
The New Times story became even more widely read when, the day after it was published, presidential candidate Fred Thompson announced he had done a radio ad for LifeLock that would air over the next two months.
The timing of the story and other articles about Thompson's involvement became an embarrassment to Thompson as his critics used the LifeLock ad to bludgeon him. The Los Angeles Times covered the development in a June 9 story titled "An Awkward Ad by Fred Thompson," which also mentioned Maynard's bogus claims of identity theft but uncovered no new information.
A couple of days later, LifeLock announced that Maynard had resigned.
In early July, LifeLock hired public-relations heavyweight Jason Rose to help with its tarnished image. New Times e-mailed LifeLock new questions for this article, and LifeLock's CEO e-mailed a response, starting by thanking New Times "for pointing out to us a number of issues regarding LifeLock co-founder Robert Maynard Jr."
The company claims to be distancing itself from Maynard, who still owns about 10 percent of the business, and Davis says the company's founder no longer has access to an office or any LifeLock systems, and that he has no more ability to conduct business for LifeLock.
However, Davis says the company will continue to employ Maynard as a consultant who works from home. Asked to explain why the founder was being retained by LifeLock in any way, Davis did not comment.
Davis, who claims he never knew Maynard's jail story was false, had previously said he would investigate the tale but now says he considers the matter closed. He denies, however, that he repeated Maynard's story at a Phoenix golf club in June before members of the local business group, the Enterprise Network. Michelle LaFlam, the network's administrator, initially told New Times she recalled Davis telling the story but, when reached again in July, says he may not have repeated it, after all.
In any case, Rose says LifeLock employees won't continue to recite Maynard's story. And, he says, LifeLock plans to remove all references and links to articles about the tale from its Web site.
Maynard, who refused to answer questions from New Times before the May 31 article, commented to www.Scambusters.org and Zetter from Wired.com after it appeared. He told Scambusters that he had "no knowledge" of the casino debt, but that he chose to pay the $16,000 because it wasn't much money to him. In fact, Maynard was hundreds of thousands of dollars in debt in 2003.
"I understand the issue in Nevada looks bad, but I did not do it," he wrote.
He also was quoted as saying he and his father co-signed for the American Express card, though he offered no proof.
David Cowan, who in April was among the investors who gave LifeLock $6 million in new funding, wrote in his blog space in June that Maynard has health issues that affected his past. Cowan wrote that Maynard has bipolar disorder, which can lead to "dire financial and legal consequences," but that LifeLock's founder received proper treatment and "built his third company responsibly."
In an e-mail exchange with New Times this month, Maynard refused to comment on his medical history. But he did ask his Phoenix lawyer, Martin Galbut, to respond for the first time to New Times' questions about the jail story and about the American Express deal.
In a curious July 5 letter to New Times asking for unneeded corrections, Galbut wrote that the May 31 story "misrepresents facts" concerning the 2003 Mirage casino incident. As for the evidence, Galbut says Maynard can prove a fake California driver's license was issued in his name and revoked in 2000.
Galbut was asked how the fake California license he says was issued in 2000 relates to two apparently genuine driver's licenses of Maynard's on file at the Mirage in 2003 but he hadn't explained that by press time.
The accusation that Maynard Jr. stole his father's identity to obtain a credit card is false, Galbut writes, because Maynard Sr. "has never alleged that the initial American Express card was obtained fraudulently."
Yet that's exactly what Maynard Sr. alleged in New Times' May 31 article.
In a follow-up phone call to Galbut's firm, attorney Bryan Gottfredson says he can't explain the discrepancy.
Reached again in July, Maynard Sr. says he's been advised by his lawyer not to talk further about the American Express case, because a lawsuit against him by the company for the unpaid bill hasn't been settled. But he added that New Times' May 31 story is accurate.
Though LifeLock contends it's ending its lying ways, Robert Maynard Jr.'s brainchild company just can't seem to break the habit.
One of the most jarring examples of a type of service nobody should ever buy is the "audit" LifeLock claims it performs on whether a child's Social Security number has been stolen by criminals.
Experts say it may be a good idea for parents to occasionally inquire whether a child's personal information is being exploited. A child wouldn't be held responsible for fraudulent charges, but identity theft could affect his or her future credit rating.
In a 2005 press release regarding its service for children, LifeLock says it will "track any unusual 'work activity' with the Social Security Administration." More recently, in one of his e-mails to New Times, LifeLock CEO Davis wrote, "For $25 a year, LifeLock performs an auditing service to make sure your child's Social Security number isn't being fraudulently used by someone else."
Mark Hinkle of the Social Security Administration says such claims simply aren't true. He stresses that the agency doesn't partner with or do audits on behalf of any private company.
Asked again about the matter, LifeLock revealed how its "audit" works. Customers who order the service merely receive a Social Security Administration statement-request form from LifeLock and instructions on how to mail it to the government. Called an SSA-7004, the form is available online at www.socialsecurity.gov.
"Due to the Administration's rules, we are unable to sign this form on your behalf," LifeLock's instructions state.
Speaking for the company, Jason Rose denies LifeLock misleads anyone about how it portrays its service for children.
But to use the oil-change analogy, the "audit" LifeLock claims to perform is like paying Jiffy Lube to hand you a wrench.
LifeLock also makes sure your child has no credit bureau account. Once you give the company your child's personal information, LifeLock attempts to pull a free annual credit report (which any semi-intelligent parent could do in five minutes). If no credit report comes up, as it shouldn't, then everything is okay.
LifeLock doesn't tell customers the employment "audit" won't be accurate. Or that it's not all that necessary. The Social Security Administration has a system in which it mails out letters to parents if computers show that someone under the age of 7 is earning wages.
Even if an illegal immigrant is using your child's Social Security number for employment, that alone won't cause any negative effect. And Hinkle says that unless the immigrant uses the child's name as well as Social Security number, the agency won't print the immigrant's work history on the child's Social Security statement:
"In most cases, if you're talking about fraudulent work, it doesn't even get credited to the earnings report because it doesn't match."
Just days after he attended a seminar on identity theft by Bob and JoAnn Hartle, retired postal worker Mike Wysocki noticed a bunch of strange packages in his mail.
"I had five or six little packets that contained CDs," says Wysocki, 55. "One was eBay Monster, another was how to obtain government grants odd things."
Wysocki went online and checked his credit card account at Arizona Federal Credit Union. He found 19 charges, all for small amounts and totaling $289, that weren't his. He canceled his card. The next day, he received a bunch of books in the mail.
He asked a police officer why someone would do that what would they gain by sending him stuff? The cop was stumped, but a credit union fraud specialist told Wysocki it was common. Thieves often test a credit card number with small purchases, and if all goes well, they move to the big stuff.
The credit union told him it would take about four months to investigate, and it would fully reimburse him if he wasn't at fault.
Wysocki says he placed a fraud alert on his credit report with a quick phone call.
But the fraud alert wouldn't stop a similar crime from occurring on another credit card. Credit-monitoring services wouldn't have caught the transaction, because they don't monitor bank and credit union accounts.
The service companies can do nothing to prevent credit card fraud, the most common form of identity theft. Nor can they help with most other forms.
Phoenix police Sergeant Jason Davis, who works with the department's document crimes detail, described a few of the schemes for New Times. Identity thieves, he says, can be pretty inventive.
In a frustrating turnabout, thieves will get someone's personal data and use it to obtain a free credit report. Once thieves find out somebody has a Sears charge card, for example, they can go to Sears and probably make purchases on the account.
The services can't stop that, either.
Another huge problem the services don't prevent is medical identity theft. There's no central reporting agency for medical bills. Davis' boss, Lieutenant Giles Tipsword, says organized theft rings have been getting their hands on Medicare profiles, then selling them to other fraudsters who ran up charges for tens of thousands of dollars of health care.
Just having a criminal use your personal information at all can be a big problem, even if the crook doesn't use the data to steal anything. If police have an arrest warrant with your name on it, you could be arrested the next time you are pulled over for speeding.
Sergeant Davis says he talked to a woman who found out the thief using her identity had caused police to issue multiple warrants for her arrest. Phoenix police had her come down for fingerprinting, then gave her a letter saying she wasn't the wanted criminal who was using her name, date of birth, and Social Security number.
If you are arrested falsely in a case like that even if you've joined a service company like LifeLock you'll still have a negative experience to remember.
At a news conference in June, Phoenix police brought out printers, other document-making equipment, and hundreds of checks that came from a single bust of identity theft suspects. The suspects were using personal information from new victims to alter the checks, stolen from a bank vehicle in 2004, in an attempt to cash them.
"There's no foolproof way to stop this," Tipsword says.
So the best advice is: Don't fall prey to identify-protection scams.
Chances are you'll never be targeted by identity thieves. And if you are, there's next to nothing an identity-protection firm could've done to prevent it. Or much it could do to help you solve the problem that you couldn't easily do yourself at little to no expense.
DIY: FRAUD ALERTS
Placing a fraud alert tells someone loaning money in your name to call you first. Drawback: Might delay an impulsive credit purchase.
Here's how to do it:
This is the number for Experian, one of the major credit reporting bureaus. They'll report the fraud alert to other bureaus.
Calling this number gives you automated options. Here's what to do:
Press 2 (you don't want the "free" offer),
Press 3 (you want the fraud stuff, not more sales offers),
Press 2 (to place an alert),
Press 1 (for initial 90-day fraud alert).
Getting to this stage takes approximately 1 minute; then you punch in your personal identification numbers.
TO GET YOUR CREDIT REPORT
Super-easy and free process: www.annualcreditreport.com
or call 1-877-322-8228
Get the Weekly Newsletter
Our weekly feature stories, movie reviews, calendar picks and more - minus the newsprint and sent directly to your inbox.