Consumer sues Lenovo (Canada) Inc for breach of contract and breach of privacy alleging its computers were pre installed with malware

March 18, 2015 |

In Bennett v Lenovo (Canada) Inc (the statement of claim found here) the plaintiff, Daniel Bennett, last week commenced a proceeding under the Canadian Class Proceedings Act 1992 against Lenovo for breach of contract, a breach of the Consumer Protection Act 2002 and intrusion upon seclusion.  The last cause of action, intrusion upon seclusion, is a privacy tort.  The nub of the claim is that Lenovo preloaded certain models of its laptops with malicious adware, Spearfish.  The allegation is that the malware intercepts users secure connection and allows criminals to do the same.  That affects customers’ security. As pleaded it is a very interesting case in the privacy area.  The breach of contract claim is grounded on the allegation that laptops with pre installed malware is dangerous and defective which is a breach of an implied term that the computers would be free of defects.  The claim under the Consumer Protection Act pleads reliance on the implied condition that goods will be of merchantable quality.  The intrusion upon seclusion argument relates argues that in Lenovo exposing consumers to risks that their personal information would be sold to third parties for commercial purposes it was intruding upon the seclusion of the plaintiffs.

The media release provides:

TORONTO, ONTARIO–(Marketwired – March 16, 2015) – A class action lawsuit seeking $10 million in damages on behalf of Canadian consumers who purchased Lenovo computers that came with pre-installed Superfish software (“Superfish“) was launched March 11, 2015 in the Ontario Superior Court of Justice.

As stated in the claim, “Superfish is potentially dangerous and may allow anyone on a Wi-Fi network to hijack the user’s browser and collect his or her bank credentials, passwords, and other highly sensitive information.”

The lawsuit alleges that Lenovo breached its contracts with consumers and invaded their privacy by pre-installing the Superfish software on several models of computers that were shipped into Canada between September, 2014 and January, 2015. The affected models may include:

  • G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45, G40-80
  • U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
  • Y Series: Y430P, Y40-70, Y50-70, Y40-80, Y70-70
  • Z Series: Z40-75, Z50-75, Z40-70, Z50-70, Z70-80
  • S Series: S310, S410, S40-70, S415, S415Touch, S435, S20-30, S20-30Touch
  • Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 Pro, Flex 10
  • MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11, MIIX 3 1030
  • YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11, YOGA3 Pro
  • E Series: E10-30
  • Edge Series: Lenovo Edge 15

The action is brought under Ontario’s Class Proceedings Act, 1992 and seeks to represent all Canadian consumers who purchased computers that were shipped with Superfish pre-installed.

This case is important as it will define the scope of the obligations that electronic device manufacturers (“EDMs“) have to consumers where the EDMs engage in the practice of pre-installing potentially harmful software on the devices they sell.

 

One Response to “Consumer sues Lenovo (Canada) Inc for breach of contract and breach of privacy alleging its computers were pre installed with malware”

  1. Consumer sues Lenovo (Canada) Inc for breach of contract and breach of privacy alleging its computers were pre installed with malware | Australian Law Blogs

    […] Consumer sues Lenovo (Canada) Inc for breach of contract and breach of privacy alleging its computer… […]

Leave a Reply