Backlash: Facebook's Data-Sharing With Chinese Firms

Facebook is coming under fire from top US lawmakers with the clout to regulate the social media powerhouse after the company revealed it had data-sharing partnerships with four Chinese consumer-device makers, including Huawei Technologies Co.

The leaders of the US House and Senate commerce panels chastised Facebook Chief Executive Officer Mark Zuckerberg for keeping silent about the partnerships when asked at hearings in April about third parties that might be receiving users’ personal data from the company. Facebook also has missed a deadline to respond to follow-up questions from the Senate Commerce, Science and Transportation Committee, even after receiving an extension, Chairman John Thune said.

“All of this new information and new reporting I think raises even more questions,” Thune, a South Dakota Republican, said at the Capitol.

“And they haven’t responded to the questions that we posed after the last hearings. So they have some explaining to do.”

Facebook said in a recent statement that it plans to respond to questions from the Senate by the end of the week. “We are working right now to provide substantive answers to the over 2,000 questions we received coming out of the April hearings,” according to the statement.

The criticism adds to growing tension between Facebook and lawmakers from both parties, who are increasingly questioning the company’s data privacy and security practices. 
Zuckerberg testified for 10 hours over two days in hearings triggered by revelations that a British firm with ties to President

Donald Trump’s 2016 campaign harvested information from as many as 87 million Facebook users without their knowledge.

Partnerships
The company confirmed the partnerships with four Chinese consumer-device makers after the New York Times reported about them. A top executive said that the company was careful with the information provided through the partnerships, which were designed to help smartphone makers build custom versions of Facebook’s app.
“Facebook’s integrations with Huawei, Lenovo, OPPO and TCL were controlled from the get go, and we approved the Facebook experiences these companies built,” Francisco Varela, the company’s vice president of mobile partnerships, said in a statement. 

“Given the interest from Congress, we wanted to make clear that all the information from these integrations with Huawei was stored on the device, not on Huawei’s servers.”

Facebook spokesman Andy Stone said the relationships didn’t need to be disclosed because they were already public, announced by Huawei at least twice in 2011. Facebook mentioned Huawei as one of its partners in a 2012 blog post. The company also said other technology companies had similar arrangements.

The disclosure adds to public distrust of Facebook, whose social network has more than 2 billion users worldwide, and which owns other popular divisions like Instagram, WhatsApp and Messenger.

Senator Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, said that he saw "a serious danger" that Facebook shared user information with Chinese device makers.

Seeking Clarification
Thune and Senator Bill Nelson of Florida, the Commerce panel’s top Democrat, asked Zuckerberg in a letter if he now wanted to amend his April testimony that Facebook users have “complete control” over who sees their data and how it is shared.
In light of the new report about partnerships with Chinese companies, they also asked a series of new questions, including how data that is shared is stored and whether users or the Federal Trade Commission were ever aware of the data-sharing agreement. The company was given a June 18 deadline to respond.

Nelson slammed Zuckerberg on the Senate floor for failing to mention what the senator called "yet another example of questionable business practices by Facebook that could undermine basic consumer privacy." He added, "It’s hard to know what’s true anymore."

The concerns are being echoed in the House.

“At our hearing with CEO Mark Zuckerberg, bipartisan members of the committee asked direct questions about Facebook sharing personal data with third parties," Energy and Commerce Committee Chairman Greg Walden of Oregon said in a joint statement with the panel’s top Democrat, Frank Pallone of New Jersey.

‘Clear Answers’
"Clearly, the company’s partnerships with Chinese technology companies and others should have been disclosed before Congress and the American people," they said. 

"The spirit of our questions about third-party access to user data should not have required technical knowledge of the legal agreements Facebook has with device manufacturers to get clear answers for the public."

Walden and Pallone said their committee continues to examine these issues closely with the ongoing audit of Facebook data practices, and awaits responses from Facebook to written questions from the hearing.

“We strongly encourage full transparency from Facebook and the entire tech community,” the lawmakers said.

Huawei said in an emailed statement that it never collected or stored Facebook user data but had worked in the past with the social media company to make services “more convenient for users.”

Huawei, China’s largest maker of telecommunications equipment, was founded in 1988 by former Chinese army officer Ren Zhengfei. Congress has barred the Pentagon from buying Huawei’s gear, along with ZTE Corp., citing the companies’ connections to the Chinese government and the potential for intellectual-property theft and spying.

Information-Management

You Might Also Read: 

Facebook Gave Chinese Tech Firms Access To User Data:

Facebook Collects Your Data Even If You Don’t Use Facebook:

 

« Data About Your Company On The Dark Web
US Needs To Cultivate Its Cyber Workforce »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Backup Technology

Backup Technology

Backup Technology is a world leader in the Online Cloud Backup, Disaster Recovery and Business Continuity market.

Infrascale

Infrascale

Infrascale specialise in providing cloud backup and disaster recovery services.

InAuth

InAuth

InAuth Security Platform delivers advanced device identification, risk detection, and analysis capabilities to help organizations limit risk and reduce fraud.

SRI International

SRI International

SRI International is a research institute performing client-sponsored R&D in a broad range of study areas including computing and cybersecurity.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

Argo Group

Argo Group

Argo is an international underwriter of specialty insurance. Argo Cyber offers a full spectrum of coverage solutions related to professional and technology services.

Stealth Software Technologies

Stealth Software Technologies

Stealth Software Technologies is focused on the generation of research and software products focused on applied cryptography and cybersecurity.

FDD Center on Cyber and Technology Innovation (CCTI)

FDD Center on Cyber and Technology Innovation (CCTI)

The Foundation for Defense of Democracies is a nonprofit research institute focusing on foreign policy and national security. Ares of focus include cyber security and technology innovation.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

Jisc

Jisc

Jisc is a membership organisation working in partnership with the UK’s research and education communities to develop the digital technologies they need to teach, discover and thrive.

Nitel

Nitel

Nitel is a leading next-generation technology services provider. We simplify the complex technology challenges of today’s enterprises to create seamless and integrated managed network solutions.

CyberGate Technologies

CyberGate Technologies

CyberGate Technologies is a world-class, customer focus cyber security service and consultancy company operating the UK, Europe, Middle East, and Africa.

Northrop Grumman

Northrop Grumman

Northrop Grumman is a global provider and integrator of complex, advanced and rapidly adapting information technology, cybersecurity, mobility and optimized services and solutions.

Druva

Druva

Druva is the industry’s leading SaaS platform for data resiliency, and the only vendor to ensure data protection across the most common data risks backed by a $10m guarantee.