The N.C. Attorney General’s Office said Tuesday that the state will receive $101,046 from Lenovo Inc.’s U.S. division to resolve allegations that the company violated state consumer-protection laws.
Lenovo US has been accused of installing software on laptops sold to North Carolina consumers that made personal information vulnerable to hackers.
The software, VisualDiscovery, displayed a one-time pop-up window the first time consumers visited a shopping website. Unless consumers opted out, VisualDiscovery would be enabled on their computers.
The settlement was negotiated and finalized in coordination with the Federal Trade Commission and 31 other states. The total settlement amount is $3.5 million.
The settlement requires Lenovo to change its consumer disclosures about installed advertising software, to require a consumer’s affirmative consent to using the software on their device, and to provide a reasonable and effective means for consumers to opt-out, disable or remove the software.
Lenovo is also required to implement and maintain a software security compliance program and must obtain initial and biennial assessments for the next 20 years from a qualified, independent, third-party professional that certifies the effectiveness and compliance with the security-compliance program.