Yet Another Facebook Data Scandal: This Time It Is About China and the US National Security
Before the buzz around Facebook and Cambridge Analytica data misuse completely subsided, the largest social network found itself in the middle of another trouble. This time the controversy emerged from Facebook’s decade-old partnerships with smartphone manufacturers, apparently giving the latter access to private data of the social network users.
On June 6th, Facebook faced lawmakers’ and public concerns about user data privacy and national security. As the story unfolds, lawless.tech picked the most important facts and opinions available at the time of writing.
Facebook Data Policy May Pose Threat to the US National Security
On June 3d, The New York Times released a report about the data-sharing agreements Facebook had with more than 60 device manufacturers in the USA and beyond. These agreements allowed manufacturers to offer Facebook’s most popular features, such as messaging, “likes”, and status updates, embedded in phone’s native software. However, the agreements also gave Facebook’s counterparties access to personal data of the network users and their friends, not necessarily with their consent. The same day, Facebook published a response denying the accusations in user privacy violation.
On June 5, 2018 The New York Times reported that the list of counterparties in these agreements, which date to at least 2010, includes at least four Chinese device makers, such as Huawei, Lenovo, OPPO, and TCL. The same day, Facebook has confirmed these partnerships.
On June 6th, lawmakers from Republican and Democratic parties strongly criticized Facebook and demanded that it should be more forthcoming about all data it has shared with its Chinese partners.
Back in February 2018, the U.S. special services, expressed distrust of Chinese telecommunication companies Huawei and ZTE, China’s second biggest telecommunications equipment maker. FBI Director Chris Wray said that such companies “beholden to foreign governments that don’t share our values” can modify or steal information and have “the capacity to conduct undetected espionage.”
Back in April 2018, the Federal Communications Commission (the FCC), the authority regulating interstate and international communications by radio, television, wire, satellite, and cable in the USA, proposed new rules prohibiting government programs to buy products from companies that could pose a security threat to the integrity of U.S. telecom networks. This move was aimed at Huawei and ZTE. Subsequently, the Pentagon ordered to stop selling Huawei and ZTE smartphones and devices on U.S. military bases in May 2018.
By signing the aforementioned agreement Facebook allowed Huawei to have special access to all the data about social network users. Such an access potentially threatens the privacy of personal information. Members of the US Congress expressed concerns that users’ friends data could have been accessed without their explicit consent. The main concern, however, is the apparent threat to the US national security.
According to Billboard, Huawei denied all allegations of data misuse. Facebook’s stated it’s winding down the partnership with the manufacturer.
The whole situation adds to the growing tension between Facebook and American lawmakers from both parties, who are continuously doubting the company’s approach to privacy and security.
Earlier in April, Mark Zuckerberg, CEO of Facebook, testified before the Congress regarding the processing of 87 million users’ personal information without their knowledge by Cambridge Analytica, a political consulting firm that played a significant role in Donald Trump’s presidential campaign.
Everything looks like the arrangements between Facebook and Chinese companies are going against the governmental policy. Considering Facebook’s numerous security and privacy issues, and the recent Cambridge Analytica scandal in particular, the authorities’ reaction was almost immediate.
The US Senators to Enquire Zuckerberg About the Data-sharing Agreements
On June 5th Senator Mark Warner, the top Democrat on the Senate Intelligence Committee, said that he saw “a serious danger” in the fact that Facebook shared user information with Chinese device makers.
“I believe it’s a serious danger. I’ve been disappointed we’ve not gotten a straight answer, very surprising to me if they somehow excluded the Chinese telecom providers,” Mr. Warner said during the event hosted by Axios.
Mr. Warner also informed The New York Times that the concerns about Huawei weren’t new. He cited the 2012 Investigative Report, pointing out the “close relationships between the Chinese Communist Party and equipment makers like Huawei.”
The aforementioned report states that the Committee is “focused primarily on reviewing Huawei and ZTE ties to the Chinese state, including support by the Chinese government and state-owned banks, their connections to the Chinese Communist Party, and their work done on behalf of the Chinese military and intelligence services.”
“The news that Facebook provided privileged access to Facebook’s API [application programming interface] to Chinese device makers like Huawei and TCL raises legitimate concerns, and I look forward to learning more about how Facebook ensured that information about their users was not sent to Chinese servers,” Senator Warner added.
The same day, John Thune, the Chairman of the Senate Commerce, Science, and Transportation Committee and Senator Bill Nelson of Florida, the Ranking Member of the same Committee, wrote a letter to Mr. Zuckerberg, where they asked whether he wants to amend his April testimony that Facebook users “own every piece of content that they share on Facebook, and they have complete control over who sees such a content and how you share it.”
In the letter, lawmakers also asked several new questions regarding the new partnerships:
- How does Facebook verify compliance with these data-sharing agreements on the part of partner manufacturers?
- Some manufacturers stored users and users friends data on their own servers. For what purposes was this data stored? What policies on data storage and retention did Facebook’s agreements with these partner companies include? How did Facebook verify compliance with such policies?
- How did Facebook disclose these partnerships and data practices to users? Was the Federal Trade Commission aware of these partnerships? Were the partnerships subject to the mandatory audits required under the 2011 Consent Order?
- According to the New York Times Facebook entered into this type of partnership agreement with at least 60 device manufacturers, including Apple, Amazon, BlackBerry, Microsoft and Samsung. How many such partnerships did Facebook enter into? Please provide a list of all partner manufacturers. In addition, please note which of those manufacturers represent the 22 partnership which Facebook has stated it has already ended.
Facebook CEO was asked to provide the answers to all questions stated above as soon as possible but by no later than 05:00 p.m. on June 18th, 2018.
In the evening of June 5th, Senator Edward “Ed” Markey wrote on Twitter:
Mark Zuckerberg needs to return to Congress and testify why @facebook shared Americans’ private information with questionable Chinese companies. Our privacy and national security cannot be the cost of doing business. https://t.co/nyRbc8xwBY
— Ed Markey (@SenMarkey) June 6, 2018
On Wednesday, June 6th, the leaders of the House and Senate commerce panels also critisized Mark Zuckerberg for not disclosing the information about the partnerships and data-sharing agreements in question during his visit to Capitol Hill in April.
The Ranking Member of the Committee on Commerce, Science, and Transportation Senator Nelson, added:
“He never revealed these data-sharing agreements in our hearing in April. As a result, it’s hard to know what’s true anymore. And now we learn that Facebook gave Chinese companies believed to be national security risks access to user data. What in the world is next? And what in the world is going to protect Americans’ personally identifiable private information?”
That very day, the Senate Energy and Commerce Committee Chairman Greg Walden and Ranking Member Frank Pallone, Jr. issued the following statement on Facebook allowing Chinese technology companies access to data of users and users’ friends without explicit consent:
“At our hearing with CEO Mark Zuckerberg, bipartisan members of the committee asked direct questions about Facebook sharing personal data with third-parties. Clearly, the company’s partnerships with Chinese technology companies and others should have been disclosed before Congress and the American people. The spirit of our questions about third-party access to user data should not have required technical knowledge of the legal agreements Facebook has with device manufacturers to get clear answers for the public. As the committee continues to examine these issues closely with the ongoing audit of Facebook data practices, and awaits response to our written questions from the hearing, we strongly encourage full transparency from Facebook and the entire tech community.”
Senator Markey addressed the letter to the Senate State Foreign Relations Committee on June 6th, asking the Committee to call Facebook CEO to testify about its data-sharing agreements with smartphone manufacturers, Chinese companies Huawei, Lenovo, Oppo and TCL in particular.
According to Bloomberg, the Senate Intelligence Committee calls the CEO’s of Facebook Inc., Alphabet Inc.’s Google and Twitter Inc. to talk about their platforms security and relationships with Chinese companies over a public hearing.
As of now at least two Senate Committees are calling Facebook to account. If Mr. Zuckerberg’s previous visit to the Capitol Hill looked like a tough one, this time the situation might entail a much more severe reaction than a series of awkward questions.
Facebook’s Excuse Comes Down to “We’ve Been Doing It For Years, the Data Should Be Fine”
At the moment there is no comprehensive response from Facebook representatives to most of the questions brought up by lawmakers and Senate Committees. Of course, the company still has time until the deadline on June 18th. But considering the enthusiasm Facebook expressed when addressing hundreds of written questions asked by members of Congress after Mark Zuckerberg’s testimony related to Cambridge Analytica case, it might take a while.
However, Facebook did offer several points attempting to clarify the situation. According to the company’s statement:
“The arrangements in question had been highly visible for years — with many manufacturers advertising these features. But with fewer and fewer people relying on them, we proactively announced this spring we’d begin winding them down.”
Francisco Varela, vice president of mobile partnerships at Facebook, stated that the data in question were stored locally on users’ devices, and not on servers owned by Huawei.
“Facebook along with many other U.S. tech companies have worked with them and other Chinese manufacturers to integrate their services onto these phones,” said Mr. Varela, “Facebook‘s integrations with Huawei, Lenovo, OPPO and TCL were controlled from the get-go — and we approved the Facebook experiences these companies built.”
In the aforementioned response to NYT the company also noted that contracts with smartphone manufacturers, akin to the one Facebook concluded with Huawei, aren’t uncommon since the dawn of smartphones and were necessary to enable access to the social network on the devices before its own application worked well on mobile devices.
Unsurprisingly, the Internet Community Is Outraged
The picture of the situation would be incomplete without the community opinions on the matter.
Louie Christensen, a Facebook user said people should remember that not only Facebook is responsible for all:
“It is important to remember that the only reason Facebook has data on you is that YOU gave it permission to do so […] Yes, Facebook has mishandled our information. But, we were the ones who handed it over in the first place. We have to take responsibility for our side of the carelessness.”
Another user, John-Henry Scherck, wrote about his disappointment in the social network and prompted his followers to contact him via Twitter:
“Hey Folks. Facebook is bad and I am deleting all my info off of it. I rely on messenger, but I am deleting all personal information from FB and blocking all trackers on all devices/browsers. Find me on Twitter.”
Chris “Cal” Carnahan posted a statement, citing an article telling about the innovations that tightened security and privacy for everyone after Ed Snowden sounded the alarm:
And all of those innovations were for nothing because now the Russians and the Chinese have all of our data because @facebook gave them access to more than the NSA could ever get, and not just for their users but anyone their users connect with – while our eyes were on @Snowden. https://t.co/eR4FCxOiNc
— Chris “Cal” Carnahan (@xtrixcyclex) June 7, 2018
Other reactions sounds more radically. Tom Smith encourages authorities to close Facebook and send Mark Zuckerberg to jail:
Time to shutdown Facebook for good! Silencing conservatives, suppressed free speech, gave users data to Chinese firm! Put Zuckerberg in prison!
— Tom Smith (@tasmith0013) June 6, 2018
Notably, Marco Rubio, the U.S. Senator for Florida, tweeted:
This could be a very big problem. If @Facebook granted Huawei special access to social data of Americans this might as well have given it directly to the government of #China https://t.co/5K86CDpjVE
— Marco Rubio (@marcorubio) June 6, 2018
Peter Dahlin (彼得·达林) responded to Mr. Rubio’s tweet:
There is not "IF" here. Any access to Huawei, or any other similar corporation, is made available, without delay or judicial process, to the Chinese police and Ministry of State Security. Well done @facebook
— Peter Dahlin (彼得·达林) (@Peterinexile) June 6, 2018
Unsurprisingly, many users reacted negatively and many of the opinions out there can’t be cited due to obscene language.
Except for the lawmaker’s concerns about the U.S. national security, the situation isn’t clear enough to make an unequivocal conclusion at the moment. Apparently, Facebook has been doing the things it should’ve been doing in company’s interests, without any intentions to threaten national security.
Yet, the data-sharing with Huawei and other Chinese companies creates more questions than answers: it is unclear if the data was really stored only on users’ devices or was it stored elsewhere as well; it is unclear if Huawei has said strong ties to the Chinese government and special services, and if it gave them access to Facebook users’ data.
Evidently, there will be more governmental pressure put on Facebook to get the answers needed. Until then, it’s reasonable to wait for Facebook’s official response to the U.S. senators questions. And maybe another awkward session at Capitol Hill for Mr. Zuckerberg.
Follow us on Twitter to stay tuned on the recent developments in regulation of new technologies, and be the first to read expert opinions.