Published on JD Supra on January 10, 2018
The Federal Trade Commission’s recent approval of a final settlement with Lenovo (United States) Inc., one of the world’s largest computer manufacturers, offers a reminder that when it comes to consumers’ sensitive personal information, transparency is key, and failure to assess and address security risks created by third-party software vendors may be deemed an unfair act or practice under Section 5 of the FTC Act.
Lenovo’s problems began in August 2014 when Lenovo began selling laptops to consumers with preinstalled “man-in-the-middle” software provided by a third-party vendor, Superfish, Inc. The software delivered pop-up ads notifying consumers of similar products sold by Superfish’s retail partners when consumers hovered over a product image on a shopping website.
3705 Canyon Ridge Ct. NE | Atlanta, Georgia 30319
161 N. Clark Street | Ste. 1700 | Chicago IL 60601