Written by Keenan W. Ng
It was recently discovered that Lenovo has been selling laptops with preinstalled adware that creates a catastrophic security hole in the web browser leaving users vulnerable to hacks. Superfish, a small company in Palo Alto, develops the adware. Plenty has been written about the technical aspects of the security flaw and more will be written going forward. As the ramifications of the Superfish vulnerability play out in the community, at least two lawsuits* have been filed. More lawsuits certainly will come. One of these cases, Sterling International Consulting Group (“SICG”) v. Lenovo, Inc. and Superfish, Inc.(collectively, “Lenovo”), alleges violations of the Computer Fraud and Abuse Act. SICG seeks class action certification and was filed in the Northern District of California. The problem with Sterling is that the plaintiffs may have a hard time establishing the authorization element of the CFAA.
Allegations