Sep 5, 2017

FTC settles software security flaw case with Lenovo

Eric Risberg / AP

The Federal Trade Commission announced today that it — along with 32 state attorneys general from around the country — had settled charges against Lenovo, Inc.

  • Lenovo preinstalled an advertising program called VisualDiscovery, manufactured by a third-party called Snapfish, that displayed pop-up ads based on a user's browsing history.
  • This "man-in-the-middle" technique collected the entirety of users' electronic communications without their knowledge or consent and put their information at risk of intrusion.
  • It's the "online equivalent of someone without your knowledge intercepting your mail, reading it, resealing it, and placing it back in your mailbox," said FTC Acting Chair Maureen Ohlhausen.

Why it matters: The Lenovo case shows a renewed commitment by the FTC to pursue consumer privacy cases. As highlighted by Ohlhausen in a call with reporters, this is the third privacy ruling handed down by the FTC in the last 30 days after similar cases involving Uber and TaxSlayer.

Go deeper