The FTC stays firm in their commitment to protecting America's consumers after subjecting Lenovo to a $3.5 million penalty for its illegal pre-installation of VisualDiscovery adware from developer "Superfish." As part of the settlement, Lenovo is still allowed to sell computers with the adware from Superfish, provided they inform their customers and acquire their approval before shipping. Moreover, the brand is ordered to stop including software that initiates advertisement to customers.
FTC to Lenovo
Included in the FTC announcement states: "As part of the settlement with the FTC, Lenovo is prohibited from misrepresenting any features of software preloaded on laptops that will inject advertising into consumers' Internet browsing sessions or transmit sensitive consumer information to third parties." Despite the considerate reprimand, the FTC confirmed that Lenovo has since stopped installing the "Superfish" adware.
The alarming way VisualDiscovery invaded the user's encrypted communications came in the form of man-in-the-middle attack. The adware was included on Lenovo's PCs and laptops and was eventually detected by customers who noticed the strange ways advertisements appear on their browsing activities.
Additional condition to Lenovo
In addition to Lenovo's agreement with the FTC, the brand must be able to provide a comprehensive software security that will guard the user from any illegal activities on their devices. Apparently, the software security applies to Lenovo's pre-installed software and not including the customer's software input.
In a report by The Verge, New York Attorney General Eric Schneiderman said: "No consumer should have to worry that a software glitch will make them vulnerable to hackers.
This settlement will reform Lenovo’s policies and procedures to prevent this breakdown from occurring in the future.” In a separate report by The Verge, it stated that since this is Lenovo's first violation, the company cannot be indicted of exposing the customers to risk. As a result, they are required to provide security review of their bundled software with the help of a third party auditor..
FTC chairman Maureen Ohlhausen also warned Lenovo of to be more careful about the governing rules of pre-installing software on their devices. More importantly, to be aware of the data that the company may retrieve.
