Backlash: Facebook's Data-Sharing With Chinese Firms

Uploaded on 2018-06-08 in TECHNOLOGY-Key Areas-Social Media, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Facebook is coming under fire from top US lawmakers with the clout to regulate the social media powerhouse after the company revealed it had data-sharing partnerships with four Chinese consumer-device makers, including Huawei Technologies Co.

The leaders of the US House and Senate commerce panels chastised Facebook Chief Executive Officer Mark Zuckerberg for keeping silent about the partnerships when asked at hearings in April about third parties that might be receiving users’ personal data from the company. Facebook also has missed a deadline to respond to follow-up questions from the Senate Commerce, Science and Transportation Committee, even after receiving an extension, Chairman John Thune said.

“All of this new information and new reporting I think raises even more questions,” Thune, a South Dakota Republican, said at the Capitol.

“And they haven’t responded to the questions that we posed after the last hearings. So they have some explaining to do.”

Facebook said in a recent statement that it plans to respond to questions from the Senate by the end of the week. “We are working right now to provide substantive answers to the over 2,000 questions we received coming out of the April hearings,” according to the statement.

The criticism adds to growing tension between Facebook and lawmakers from both parties, who are increasingly questioning the company’s data privacy and security practices. 
Zuckerberg testified for 10 hours over two days in hearings triggered by revelations that a British firm with ties to President

Donald Trump’s 2016 campaign harvested information from as many as 87 million Facebook users without their knowledge.

Partnerships
The company confirmed the partnerships with four Chinese consumer-device makers after the New York Times reported about them. A top executive said that the company was careful with the information provided through the partnerships, which were designed to help smartphone makers build custom versions of Facebook’s app.
“Facebook’s integrations with Huawei, Lenovo, OPPO and TCL were controlled from the get go, and we approved the Facebook experiences these companies built,” Francisco Varela, the company’s vice president of mobile partnerships, said in a statement. 

“Given the interest from Congress, we wanted to make clear that all the information from these integrations with Huawei was stored on the device, not on Huawei’s servers.”

Facebook spokesman Andy Stone said the relationships didn’t need to be disclosed because they were already public, announced by Huawei at least twice in 2011. Facebook mentioned Huawei as one of its partners in a 2012 blog post. The company also said other technology companies had similar arrangements.

The disclosure adds to public distrust of Facebook, whose social network has more than 2 billion users worldwide, and which owns other popular divisions like Instagram, WhatsApp and Messenger.

Senator Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee, said that he saw "a serious danger" that Facebook shared user information with Chinese device makers.

Seeking Clarification
Thune and Senator Bill Nelson of Florida, the Commerce panel’s top Democrat, asked Zuckerberg in a letter if he now wanted to amend his April testimony that Facebook users have “complete control” over who sees their data and how it is shared.
In light of the new report about partnerships with Chinese companies, they also asked a series of new questions, including how data that is shared is stored and whether users or the Federal Trade Commission were ever aware of the data-sharing agreement. The company was given a June 18 deadline to respond.

Nelson slammed Zuckerberg on the Senate floor for failing to mention what the senator called "yet another example of questionable business practices by Facebook that could undermine basic consumer privacy." He added, "It’s hard to know what’s true anymore."

The concerns are being echoed in the House.

“At our hearing with CEO Mark Zuckerberg, bipartisan members of the committee asked direct questions about Facebook sharing personal data with third parties," Energy and Commerce Committee Chairman Greg Walden of Oregon said in a joint statement with the panel’s top Democrat, Frank Pallone of New Jersey.

‘Clear Answers’
"Clearly, the company’s partnerships with Chinese technology companies and others should have been disclosed before Congress and the American people," they said. 

"The spirit of our questions about third-party access to user data should not have required technical knowledge of the legal agreements Facebook has with device manufacturers to get clear answers for the public."

Walden and Pallone said their committee continues to examine these issues closely with the ongoing audit of Facebook data practices, and awaits responses from Facebook to written questions from the hearing.

“We strongly encourage full transparency from Facebook and the entire tech community,” the lawmakers said.

Huawei said in an emailed statement that it never collected or stored Facebook user data but had worked in the past with the social media company to make services “more convenient for users.”

Huawei, China’s largest maker of telecommunications equipment, was founded in 1988 by former Chinese army officer Ren Zhengfei. Congress has barred the Pentagon from buying Huawei’s gear, along with ZTE Corp., citing the companies’ connections to the Chinese government and the potential for intellectual-property theft and spying.

Information-Management

You Might Also Read: 

Facebook Gave Chinese Tech Firms Access To User Data:

Facebook Collects Your Data Even If You Don’t Use Facebook:

 

« Data About Your Company On The Dark Web
US Needs To Cultivate Its Cyber Workforce »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Atlantic Council

Atlantic Council

The Atlantic Council's Cyber Statecraft Initiative focuses on international cooperation, competition, and conflict in cyberspace.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

Proteus

Proteus

Proteus is an Information Security consulting firm specialized in Risk Analysis and Executive Control.

Neupart

Neupart

Neupart provides Information Security Management System, Secure ISMS, allowing organisations to automate IT Governance, Risk and Compliance management.

Brainloop

Brainloop

Brainloop's security architecture enables you to work on and distribute strictly confidential documents both within and beyond the firewall.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

Serbus

Serbus

Serbus Secure is a fully managed suite of secure communication, enterprise mobility and mobile device security tools.

Ontinue

Ontinue

Ontinue ION is an MXDR service that provides Nonstop SecOps through five key capabilities that enable your organization to respond to attacks and continuously reduce risk.

Intelequia

Intelequia

Intelequia SOC is the Security Operations Center your company needs. 24x7 monitoring, protection and automated response to cyber threats.

Panoplia Digital Protection

Panoplia Digital Protection

Panoplia Digital Protection is a cutting-edge cybersecurity company that leverages the power of AI and ML to help businesses and consumers protect themselves against cyber threats.

Tenchi Security

Tenchi Security

Tenchi Security are specialized in Third-Party Cyber Risk Management (TPCRM) and aim to reduce information asymmetry when it comes to third and Nth-Party security and compliance risk management.

Ampsight

Ampsight

Ampsight specializes in enabling cloud integration, securing data, and navigating complications that drive critical-mission success.

Xiphera

Xiphera

Xiphera designs and implements proven cryptographic security for embedded systems.