Lenovo agreed to pay $3.5 million and change how it sells laptop computers as part of a settlement reached with federal officials and authorities in New Jersey and 31 other states says it “disagrees with the allegations” contained in complaints about its preloaded software.
Lenovo said Tuesday it’s unaware of any instances of a third party exploiting vulnerabilities in the VisualDiscovery software to gain access to a user’s communications.
“Lenovo compromised consumers’ privacy when it preloaded software that could access consumers’ sensitive information without adequate notice or consent to its use,” said Acting FTC Chairman Maureen K. Ohlhausen. “This conduct is even more serious because the software compromised online security protections that consumers rely on.”
- MORE COVERAGE: FTC commissioner blasts Lenovo
The VisualDiscovery software was installed on hundreds of thousands of laptops to deliver pop-up ads to consumers.
The pre-installed adware, which some are calling “malware,” exploded into international headlines in February 2015.
In a statement Thursday after the news broke, Lenovo said it had stopped the installs due to customer complaints.
“Superfish technology is purely based on contextual/image and not behavioral,” a Lenovo administrator identified as “Mark” posted.
“It does not profile nor monitor user behavior. It does not record user information. It does not know who the user is. Users are not tracked nor re-targeted. Every session is independent. When using Superfish for the first time, the user is presented the Terms of User and Privacy Policy, and has option not to accept these terms, i.e., Superfish is then disabled.”
The Federal Trade Commission, however, says Lenovo “compromised consumers’ privacy.”
The company notes it stopped preloading VisualDiscovery and worked with antivirus software providers to disable and remove it from consumers’ computers after learning of the issues. It says it’s pleased to “bring this matter to a close.”
