Lenovo’s Superfish fallout: Can we forgive and forget? by Brayden King @FortuneMagazine 7:43 AM EST E-mail Tweet Facebook Google Plus Linkedin Share icons Lenovo Group Ltd. has come under criticism for preinstalling its consumer laptops with the ad-serving software Superfish, making them vulnerable for hackers to access encrypted Web data and even online passwords. Although the Chinese PC maker said it stopped shipping computers with the adware and wouldn’t preload the software on its products again, the fallout shows just how important reputation can be for a company. Lenovo, the world’s largest vendor of personal computers, is a company that has been able to create a positive reputation with customers; it was, in fact, recently ranked by the Reputation Institute as one of the world’s most reputable companies. Now, its reputation has come under fire, and the trust that customers once had in Lenovo as a safe place to store their data is in question. As customers, we put our lives in the hands of impersonal companies who we trust will deliver the products and services they claim without seeking unfair advantages over us. But as privacy becomes a bigger concern, who can we trust? In recent research that I’ve conducted, my colleague, Mae McDonnell, and I show that companies with positive reputations benefit from a “halo effect,” even when they have been accused of wrongdoing.However, when a company is proven guilty of a transgression, the halo effect turns into a “halo tax.”” In other words, companies with good reputations are punished more severely than companies with weaker reputations when the evidence of their wrong doing is stacked against them. Consider the data breach at Target TGT last year. Prior to the breach, consumers largely had a positive view of the company and trusted them implicitly with their private information, but once it became clear that Target’s lax policies were responsible for the breach, consumers’ judgments became much harsher. Their reputation suddenly became a liability. If there had been more ambiguity about Target’s guilt, the company’s reputation might have led consumers to place the blame elsewhere. It’s no wonder that Lenovo is being publicly shamed for its unwise choice to install malware on computers. Lenovo has worked hard to build a positive reputation. They had earned the trust of their customers, but the scandal over malware installation on their computers has suddenly put that reputation at risk. The reputation they once counted as their greatest asset is now a liability as customers, analysts, investors, and hacktivist groups like Lizard Squad turn against them for this violation of trust. And seriously, what were they thinking? Although it’s impossible for outsiders to know what led Lenovo to install the software, people can and will draw their own conclusions. The fact that the company’s decision seems so inconceivable will only make customers’ judgments against the company that much harsher. Count that towards the halo tax on Lenovo. Moving forward, Lenovo should be concerned about the long-term implications of this scandal. To rebuild bridges, the company should be more transparent about their privacy policies and the types of software they prepackage with their PCs. People who have placed the details of the most personal aspects of their lives on Lenovo computers will certainly think twice about whether Lenovo deserves that trust. In an era where people live much of their personal and professional lives through their computers and mobile devices, we can’t afford to put our trust in a company whose reputation doesn’t merit it. Brayden King is an associate professor of management and organizations at Kellogg School of Management at Northwestern University.