Lenovo says it only collects anonymous, non-personal data to improve its software. But in 2015, Lenovo was caught secretly installing software that spied on ALL your encrypted web browsing — including banking and medical websites — and sold that data to advertisers. They had to pay over $10 million in fines and settlements.
critical
Lenovo says you can choose what data to share. But they embedded code in the laptop's hardware (BIOS) that automatically reinstalled their tracking software every time the computer started — even if you completely wiped the hard drive and reinstalled Windows from scratch. There was no setting to turn this off because it ran before Windows even loaded.
critical
Lenovo advertises strong security protections in its laptop firmware. But security researchers found that Lenovo accidentally left factory debugging tools — one literally called "SecureBackDoor" — active in the laptops sold to consumers. These tools let attackers completely bypass the security protections Lenovo was advertising. The same type of mistake was found again just 7 months later.
Google says no ads in education tools. Technically true — for some of them. But YouTube? Regular Google tracking. Google Search? Same. Students use both daily for school. Like a casino saying "no gambling in the lobby" while slot machines are in the next room with the door always open.
critical
Google signed a pledge not to collect student data beyond educational needs. Then left Chrome Sync on by default, uploading every website your kid visits. The opt-out was buried so deep the EFF and a state AG both called it deceptive. Your kid can't choose not to use the Chromebook.
critical
Google scanned your kid's face and recorded their voice to build biometric profiles. On school laptops. Without asking you. For ten years. They settled for $8.75 million — less than Google makes during a bathroom break. They call this "strong controls."