Backlash: Facebook's Data-Sharing With Chinese Firms

Uploaded on 2018-06-08 in TECHNOLOGY-Key Areas-Social Media, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Facebook is coming under fire from top US lawmakers with the clout to regulate the social media powerhouse after the company revealed it had data-sharing partnerships with four Chinese consumer-device makers, including Huawei Technologies Co.

The leaders of the US House and Senate commerce panels chastised Facebook Chief Executive Officer Mark Zuckerberg for keeping silent about the partnerships when asked at hearings in April about third parties that might be receiving users’ personal data from the company. Facebook also has missed a deadline to respond to follow-up questions from the Senate Commerce, Science and Transportation Committee, even after receiving an extension, Chairman John Thune said.

“All of this new information and new reporting I think raises even more questions,” Thune, a South Dakota Republican, said at the Capitol.

“And they haven’t responded to the questions that we posed after the last hearings. So they have some explaining to do.”

Facebook said in a recent statement that it plans to respond to questions from the Senate by the end of the week. “We are working right now to provide substantive answers to the over 2,000 questions we received coming out of the April hearings,” according to the statement.

The criticism adds to growing tension between Facebook and lawmakers from both parties, who are increasingly questioning the company’s data privacy and security practices. 
Zuckerberg testified for 10 hours over two days in hearings triggered by revelations that a British firm with ties to President

Donald Trump’s 2016 campaign harvested information from as many as 87 million Facebook users without their knowledge.

Partnerships
The company confirmed the partnerships with four Chinese consumer-device makers after the New York Times reported about them. A top executive said that the company was careful with the information provided through the partnerships, which were designed to help smartphone makers build custom versions of Facebook’s app.
“Facebook’s integrations with Huawei, Lenovo, OPPO and TCL were controlled from the get go, and we approved the Facebook experiences these companies built,” Francisco Varela, the company’s vice president of mobile partnerships, said in a statement. 

“Given the interest from Congress, we wanted to make clear that all the information from these integrations with Huawei was stored on the device, not on Huawei’s servers.”

Facebook spokesman Andy Stone said the relationships didn’t need to be disclosed because they were already public, announced by Huawei at least twice in 2011. Facebook mentioned Huawei as one of its partners in a 2012 blog post. The company also said other technology companies had similar arrangements.

The disclosure adds to public distrust of Facebook, whose social network has more than 2 billion users worldwide, and which owns other popular divisions like Instagram, WhatsApp and Messenger.

Senator Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, said that he saw "a serious danger" that Facebook shared user information with Chinese device makers.

Seeking Clarification
Thune and Senator Bill Nelson of Florida, the Commerce panel’s top Democrat, asked Zuckerberg in a letter if he now wanted to amend his April testimony that Facebook users have “complete control” over who sees their data and how it is shared.
In light of the new report about partnerships with Chinese companies, they also asked a series of new questions, including how data that is shared is stored and whether users or the Federal Trade Commission were ever aware of the data-sharing agreement. The company was given a June 18 deadline to respond.

Nelson slammed Zuckerberg on the Senate floor for failing to mention what the senator called "yet another example of questionable business practices by Facebook that could undermine basic consumer privacy." He added, "It’s hard to know what’s true anymore."

The concerns are being echoed in the House.

“At our hearing with CEO Mark Zuckerberg, bipartisan members of the committee asked direct questions about Facebook sharing personal data with third parties," Energy and Commerce Committee Chairman Greg Walden of Oregon said in a joint statement with the panel’s top Democrat, Frank Pallone of New Jersey.

‘Clear Answers’
"Clearly, the company’s partnerships with Chinese technology companies and others should have been disclosed before Congress and the American people," they said. 

"The spirit of our questions about third-party access to user data should not have required technical knowledge of the legal agreements Facebook has with device manufacturers to get clear answers for the public."

Walden and Pallone said their committee continues to examine these issues closely with the ongoing audit of Facebook data practices, and awaits responses from Facebook to written questions from the hearing.

“We strongly encourage full transparency from Facebook and the entire tech community,” the lawmakers said.

Huawei said in an emailed statement that it never collected or stored Facebook user data but had worked in the past with the social media company to make services “more convenient for users.”

Huawei, China’s largest maker of telecommunications equipment, was founded in 1988 by former Chinese army officer Ren Zhengfei. Congress has barred the Pentagon from buying Huawei’s gear, along with ZTE Corp., citing the companies’ connections to the Chinese government and the potential for intellectual-property theft and spying.

Information-Management

You Might Also Read: 

Facebook Gave Chinese Tech Firms Access To User Data:

Facebook Collects Your Data Even If You Don’t Use Facebook:

 

« Data About Your Company On The Dark Web
US Needs To Cultivate Its Cyber Workforce »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Micron Technology

Micron Technology

Micron is a global leader in the semiconductor industry providing memory and secure storage devices for Networks, Mobile devices and IoT applications.

Centre for International Governance Innovation (CIGI)

Centre for International Governance Innovation (CIGI)

CIGI research areas include Conflict Management & Security which encompass cyber security and cyber warfare.

Data Security Council of India (DSCI)

Data Security Council of India (DSCI)

DSCI is a premier industry body on cyber security and data protection in India, committed to making the cyberspace safe, secure and trusted.

Serverless Computing

Serverless Computing

Serverless Computing London will help architects, developers and CIOs decide on the best path to a more efficient, scalable and secure computing future.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

VIBE Cybersecurity International

VIBE Cybersecurity International

VIBE’s certificate-less authenticated encryption enables scalable, flexible key exchange, and other advanced cryptographic functions using identity-based elliptic curve cryptosystems (ECC).

Sierra Ventures

Sierra Ventures

Sierra Ventures is an early-stage venture firm investing globally with a focus on Next Generation Enterprise and Emerging Technologies.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

Elemental Cyber Security

Elemental Cyber Security

Elemental is a game changing cyber security compliance automation and enforcement technology provider.

Newberry Group

Newberry Group

The Newberry Group provides comprehensive IT services and solutions that optimize operations, minimize risk and deliver measurable business value.

Client Solution Architects (CSA)

Client Solution Architects (CSA)

Client Solution Architects (CSA) is a leading digital transformation consulting firm focused on the U.S. Defense Department and all U.S. Federal enterprise information technology service areas.

SIXGEN

SIXGEN

SIXGEN provides incident response, operational and penetration testing, red teaming, tool development, cyber training development and continuous monitoring.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.

RAH Infotech

RAH Infotech

RAH Infotech is India’s leading value added distributor and solutions provider in the Network and Security domain. We are specialists in Enterprise and App Security and Application Delivery.