New Hampshire will receive more than $50,000 as the result of a settlement with the company Lenovo for selling laptops loaded with advertising software that could snoop on owners’ web surfing, which created a security hole that left the machines vulnerable to hackers.
The money is part of a $3.5 million settlement between Lenovo, a Chinese company, and the Federal Trade Commission. New Hampshire is one of 32 states that participated in the lawsuit.
The suit concerns software called VisualDiscovery from the company Superfish, installed on about 750,000 laptops sold in 2014 and 2015.
VisualDiscovery purportedly operated as a shopping assistant by delivering pop-up ads to consumers of products sold by Superfish retail partners whenever a customer’s mouse hovered over the image of a product on a shopping website.
A statement from the Attorney General’s Office describes the suit: “The states alleged that VisualDiscovery operated by acting as a local proxy, or ‘man in the middle,’ that stood between the consumer’s browser and all Internet Web sites that the user visited, including encrypted sites. … Consumer information, including sensitive communications with encrypted Web sites, would be collected and transmitted to Superfish, the states allege.”
Lenovo denied wrongdoing in its statement agreeing to the settlement.
The settlement also requires Lenovo to change its consumer disclosures about pre-installed advertising software and improve ways for consumers to opt out of such software. It must maintain “a software security compliance program: and undergo every-other-year assessments for 20 years about compliance with the security compliance program.”
The settlement is not final unless and until it is approved by a court. New Hampshire will receive $56,374.15, a figure based on estimated sales of the laptops in the state.