Complaint filed against Lenovo over pre-installed Superfish adware

UpdatedJanuary 19, 2025

•1 min read

Complaint filed against Lenovo over pre-installed Superfish adware

A complaint has been filed against Lenovo in the U.S. District Court for the Southern District of California for Lenovo’s admitted (pdf ) preloading of Superfish adware on their customers’ computers.

Superfish injects product recommendations into search results and displays ads on otherwise legitimate pages. But, it also includes a universal self-signed certificate authority. This universal certificate authority allows man-in-the-middle attacks to inject ads even on secure encrypted (SSL) pages without triggering browser security warnings. Thus, making Lenovo laptops vulnerable to malware and malicious man-in-the-middle attacks. Additionally, Superfish adware uses memory resources and consumes bandwidth, affecting computer and network performance.

The Plaintiff, a blogger from San Diego, Jessica Bennett, alleges her laptop was damaged as a result of Lenovo’s pre-installation of Superfish on her laptop.

The complaint requests a jury trial and class action certification. The complaint charges both Lenovo and Superfish with violations of: The California Invasion of Privacy Act (CIPA); The Federal Electronic Communications Privacy Act (ECPA); Trespass to personal chattel under California common law; and “fraudulent” business practices under California’s Unfair Competition Law.

#privacy #technology #spyware #adware

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

What does “valuable consideration” mean under the California Consumer Privacy Act?

January 1, 2020 brings important new privacy rights for California residents as the California Consumer Privacy Act (“CCPA”) goes into effect. Following in the footsteps of the European Union’s General Data Protection Regulation (“GDPR”), the Califor...

Nov 25, 20193 min read

What does “valuable consideration” mean under the California Consumer Privacy Act?

“Why am I getting all these Privacy Policy update emails?”

In April 2016, the European Union (“EU”) passed a sweeping new regulation, the General Data Protection Regulation (“GDPR”), which becomes effective today, May 25, 2018. Because the GDPR is a regulation, as opposed to a directive (such as the 1998 EU ...

May 25, 20184 min read

“Why am I getting all these Privacy Policy update emails?”

Snapchat sued for allegedly violating Illinois Biometric Information Privacy Act (BIPA)

Snapchat faces a class action lawsuit accusing it of violating the Illinois Biometric Information Privacy Act (“BIPA”). The suit centers around the Snapchat app’s “lenses” feature, which allows the app to draw animated additions to a person’s face. T...

Jul 18, 20162 min read

Snapchat sued for allegedly violating Illinois Biometric Information Privacy Act (BIPA)

DOJ files Motion to Vacate hearing in terrorist’s iPhone case

The Department of Justice (DOJ) filed a last minute Motion to Vacate today’s hearing regarding the San Bernardino terrorist’s encrypted iPhone. The DOJ previously sought Apple’s assistance to modify the iPhone’s software, weakening the mobile phone’s...

Mar 22, 20161 min read

DOJ files Motion to Vacate hearing in terrorist’s iPhone case

New FTC Rules For Online Native Advertising

The Federal Trade Commission (FTC) recently issued guidelines regarding native advertising in a recent enforcement policy statement. These guidelines, more a reaffirmation of previous FTC enforcement actions, are aimed at regulating “promotional mess...

Dec 27, 20152 min read

New FTC Rules For Online Native Advertising

C

Corey Varma

11 posts

Corey Varma is an attorney in Chicago, Illinois with a focus in Information Technology and Privacy law, Cyberspace law, Social Media law, and Intellectual Property law.