On September 5, 2017, the Federal Trade Commission (FTC) announced that it and 32 state attorneys general had settled charges with Lenovo regarding the company’s practice of pre-loading software on its laptops that compromised consumers’ cybersecurity and privacy. As part of the settlement, Lenovo agreed to pay $3.5 million in penalties to the states, and per an agreement with the FTC, Lenovo will be required to implement a comprehensive software security program for most consumer software preloaded on its laptops for the next 20 years. The settlement highlights the ongoing interest by the FTC and state attorneys general regarding cybersecurity vulnerabilities in software and makes clear the FTC’s position that hardware manufacturers have an obligation to evaluate the security of third-party software they preinstall on their devices.
Click here to read our complete WSGR Alert about Lenovo’s settlement with the FTC.