LifeLock, the online company that purports to protect people from identity theft is back in the news again due to a second round of Federal Trade Commission actions against it. The news is particularly important to the digital marketing community because they have a popular affiliate program for their service which gives affiliates access to special promotions and allows marketers to earn significant commissions for sales of LifeLock accounts. If you're an affiliate of theirs, you may already know that the company has recently been subject to a lot of scrutiny, and while LifeLock may finally be turning the corner back toward business as usual, the long lasting impact of a massive stock price drop and repeated regulatory fines has some wondering if it will ever fully recover. The Story It all started back in 2010 when the company was fined by the Federal Trade Commission for false advertising, as they were marketing the idea that their service was a 100% effective protection against identity theft. Not only did the FTC believe these claims to be false, they also noted that LifeLock had left a lot of gaps in the protection services they provided, which allegedly left customers' data quite vulnerable. In reference to a TV ad the company had posted, with a truck driving around displaying CEO Todd Davis' social security number, FTC chairman Jon Leibowitz said "In truth, the protection they provided left such a large hole … that you could drive that truck through it." Leibowitz brought to light the fact that the LifeLock service was not able to stop people from making charges on already existing accounts, or to open new loans in the name of someone with a LifeLock account. It should be noted that the latter problem befell Todd Davis after he widely advertised his social security number, when someone got a $500 loan in his name using this information that was now publicly available. Thus, LifeLock was ordered to put more protections in place to protect their clients. They promised encryption, yet nothing was allegedly encrypted. They promised only "need to know" access to sensitive customer information by employees, but they allegedly failed to do that as well. The company allegedly hadn't done things as simple as installing anti-virus and anti-spyware software on computers used by company employees, which is a basic in any office, but perhaps especially in a company whose specialty is security. Fast forward to July 2015, and LifeLock found itself in trouble with the FTC once more. The agency found that the company had not put into place sufficient protections for the vulnerable and personal data they claim to keep safe, and filed yet another complaint, causing LifeLock's stock to drop by 50%. On December 17 of last year, LifeLock finally settled with the FTC, agreeing to pay $100 million to the FTC, $68 million of which may be used to pay consumers who have been affected directly. In addition, the provisions from the original 2010 order have now been extended for 13 years beyond their original date. What LifeLock Affiliates Need To Know Now affiliates are dealing with the fallout from this situation. If you're a LifeLock affiliate, you should have received an e-mail from them, telling you about the settlement, with a one sheet of their commitments to online security. In this e-mail they assure affiliates that the ruling is only in reference to advertising practices, and not the handling of secure information. "It's important to remember that the allegations raised by the FTC are related to advertisements that we no longer run and policies that are no longer in place. The settlement with the FTC does not require us to change any of our current products or practices," they say. However, other sources, including the FTC itself, seem to say otherwise, and point to the allegations that LifeLock didn't ameliorate their practices enough between 2012 and 2014, from the 2010 FTC filing as the reason for the new and hefty fine. LifeLock now claims that they implement the following procedures in their practices to ensure privacy and security: They base their information security programs on "widely accepted" practices and update frequently to keep up with current requirements. 24/7 monitoring and "multiple layers" of security Third party and internal audits Encryption of "personally identifiable information" Limiting personal and secure information available to member services agents Screening and proper training of employees While these guidelines are vague, LifeLock assures affiliates that "compliance with the FTC order is a very high priority for LifeLock." As an affiliate, you should know what is going on as this situation could affect your own business. Lifelock's stock tanked as a result of this second ruling. It is making a slow comeback, but this plus the fact that LifeLock must pay a huge fine of $100 million seems like a red flag in regards to their ability to pay out in the future. Do what you want with this information but it would seem important to closely monitor this situation and be on top of any payouts that you are expecting.