Backlash: Facebook's Data-Sharing With Chinese Firms

Facebook is coming under fire from top US lawmakers with the clout to regulate the social media powerhouse after the company revealed it had data-sharing partnerships with four Chinese consumer-device makers, including Huawei Technologies Co.

The leaders of the US House and Senate commerce panels chastised Facebook Chief Executive Officer Mark Zuckerberg for keeping silent about the partnerships when asked at hearings in April about third parties that might be receiving users’ personal data from the company. Facebook also has missed a deadline to respond to follow-up questions from the Senate Commerce, Science and Transportation Committee, even after receiving an extension, Chairman John Thune said.

“All of this new information and new reporting I think raises even more questions,” Thune, a South Dakota Republican, said at the Capitol.

“And they haven’t responded to the questions that we posed after the last hearings. So they have some explaining to do.”

Facebook said in a recent statement that it plans to respond to questions from the Senate by the end of the week. “We are working right now to provide substantive answers to the over 2,000 questions we received coming out of the April hearings,” according to the statement.

The criticism adds to growing tension between Facebook and lawmakers from both parties, who are increasingly questioning the company’s data privacy and security practices. 
Zuckerberg testified for 10 hours over two days in hearings triggered by revelations that a British firm with ties to President

Donald Trump’s 2016 campaign harvested information from as many as 87 million Facebook users without their knowledge.

Partnerships
The company confirmed the partnerships with four Chinese consumer-device makers after the New York Times reported about them. A top executive said that the company was careful with the information provided through the partnerships, which were designed to help smartphone makers build custom versions of Facebook’s app.
“Facebook’s integrations with Huawei, Lenovo, OPPO and TCL were controlled from the get go, and we approved the Facebook experiences these companies built,” Francisco Varela, the company’s vice president of mobile partnerships, said in a statement. 

“Given the interest from Congress, we wanted to make clear that all the information from these integrations with Huawei was stored on the device, not on Huawei’s servers.”

Facebook spokesman Andy Stone said the relationships didn’t need to be disclosed because they were already public, announced by Huawei at least twice in 2011. Facebook mentioned Huawei as one of its partners in a 2012 blog post. The company also said other technology companies had similar arrangements.

The disclosure adds to public distrust of Facebook, whose social network has more than 2 billion users worldwide, and which owns other popular divisions like Instagram, WhatsApp and Messenger.

Senator Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, said that he saw "a serious danger" that Facebook shared user information with Chinese device makers.

Seeking Clarification
Thune and Senator Bill Nelson of Florida, the Commerce panel’s top Democrat, asked Zuckerberg in a letter if he now wanted to amend his April testimony that Facebook users have “complete control” over who sees their data and how it is shared.
In light of the new report about partnerships with Chinese companies, they also asked a series of new questions, including how data that is shared is stored and whether users or the Federal Trade Commission were ever aware of the data-sharing agreement. The company was given a June 18 deadline to respond.

Nelson slammed Zuckerberg on the Senate floor for failing to mention what the senator called "yet another example of questionable business practices by Facebook that could undermine basic consumer privacy." He added, "It’s hard to know what’s true anymore."

The concerns are being echoed in the House.

“At our hearing with CEO Mark Zuckerberg, bipartisan members of the committee asked direct questions about Facebook sharing personal data with third parties," Energy and Commerce Committee Chairman Greg Walden of Oregon said in a joint statement with the panel’s top Democrat, Frank Pallone of New Jersey.

‘Clear Answers’
"Clearly, the company’s partnerships with Chinese technology companies and others should have been disclosed before Congress and the American people," they said. 

"The spirit of our questions about third-party access to user data should not have required technical knowledge of the legal agreements Facebook has with device manufacturers to get clear answers for the public."

Walden and Pallone said their committee continues to examine these issues closely with the ongoing audit of Facebook data practices, and awaits responses from Facebook to written questions from the hearing.

“We strongly encourage full transparency from Facebook and the entire tech community,” the lawmakers said.

Huawei said in an emailed statement that it never collected or stored Facebook user data but had worked in the past with the social media company to make services “more convenient for users.”

Huawei, China’s largest maker of telecommunications equipment, was founded in 1988 by former Chinese army officer Ren Zhengfei. Congress has barred the Pentagon from buying Huawei’s gear, along with ZTE Corp., citing the companies’ connections to the Chinese government and the potential for intellectual-property theft and spying.

Information-Management

You Might Also Read: 

Facebook Gave Chinese Tech Firms Access To User Data:

Facebook Collects Your Data Even If You Don’t Use Facebook:

 

« Data About Your Company On The Dark Web
US Needs To Cultivate Its Cyber Workforce »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cloud Foundry Foundation (CFF)

Cloud Foundry Foundation (CFF)

Cloud Foundry supports the full application development lifecycle, from inception, through all testing stages, to deployment.

Janusnet

Janusnet

Janusnet develops software and solutions for organisations to enforce and manage data security.

Netsparker

Netsparker

Netsparker provide a web application security scanner to automatically find security flaws in your websites, web applications and web services.

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

I-Tracing

I-Tracing

I-TRACING are experts in IT security, specialized in legal compliance of information systems, security of information systems, and the collection of digital evidence and traces.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Equilibrium Security Services

Equilibrium Security Services

Equilibrium Security Services is a specialist cyber security company providing a full spectrum of IT security solutions from consultancy to design & implementation and managed security services.

Resolver

Resolver

Resolver’s Integrated Risk Management platform helps plan and prepare your organization to limit the likeliness or impact of security risk and compliance events from occurring.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

IBA Security

IBA Security

IBA Security is a center of competence consolidating the cybersecurity expertise of the IBA Group.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

Shevirah

Shevirah

Shevirah specializes in products for automated mobile and IoT device vulnerability assessment, penetration testing, and mobile security awareness training.

VirtualArmour

VirtualArmour

VirtualArmour is a managed security services provider with global reach and local attitude.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

doIT Solutions

doIT Solutions

doIT solutions specialize in IT security and infrastructure, security automation, data center, and cybersecurity.

PhishProtection

PhishProtection

We created Phish Protection to prevent all types of phishing including spear phishing protection and office 365 email protection for your small business.