Privacy

by Karl Bode


Filed Under:
data sharing, evidence, hacking, privacy

Companies:
facebook, huawei



Latest Privacy Fracas Drops Facebook In The Middle Of Anti-Huawei Hysteria

from the evidence-optional dept

Facebook is under fire yet again for potentially being far too casual in its treatment of private consumer data.

Earlier this week, the New York Times issued a report noting that Facebook had struck deals with more than 60 different hardware vendors since at least 2010, providing them with "vast amounts" of private user data. According to the report, these partnerships allowed some devices to retrieve personal information even from users’ friends who believed they had barred any sharing with third party vendors, potentially violating a 2011 FTC consent decree that banned such sharing without obtaining express customer permission.

To be clear, the partnerships are notably different from the deals struck with companies like Cambridge Analytica, which we now know routinely let app makers hoover up private data under false pretenses, then use that data for other purposes (like oh, riling up partisans ahead of an election). And Facebook was quick to issue a blog post trying to downplay the scope of the revelations:

"This is very different from the public APIs used by third-party developers, like Aleksandr Kogan. These third-party developers were not allowed to offer versions of Facebook to people and, instead, used the Facebook information people shared with them to build completely new experiences."

And while that's all well and good, the problem for Facebook is that nobody trusts that they routinely policed whether this data was being abused. And while the data was all stored locally on user devices, privacy experts were quick to point out that this could still wind up being a problem:

"You might think that Facebook or the device manufacturer is trustworthy,” said Serge Egelman, a privacy researcher at the University of California, Berkeley, who studies the security of mobile apps. “But the problem is that as more and more data is collected on the device — and if it can be accessed by apps on the device — it creates serious privacy and security risks."

These are all legitimate questions that Facebook will need to answer in the wake of the Cambridge scandal.

That said, this story was initially reported on Sunday without too much attention. But things took a turn with additional reports by both the Washington Post and New York Times indicating that some of these partner companies included Chinese gear makers like Huawei.

"The agreements, which date to at least 2010, gave private access to some user data to Huawei, a telecommunications equipment company that has been flagged by American intelligence officials as a national security threat, as well as to Lenovo, Oppo and TCL. The four partnerships remain in effect, but Facebook officials said in an interview that the company would wind down the Huawei deal by the end of the week."

Given that the Trump administration is currently trying to blacklist companies like Huawei amidst allegations of being proxies for the Chinese government, the story's overall tone quickly shifted to one of mass hyperventilation:

The problem: as we've noted a few times now, the allegations that employee-owned Huawei routinely spies on American consumers for the Chinese government isn't backed up by any publicly-available evidence, something both the Post and Times oddly don't mention.

An 18 month investigation by the White House found no evidence of such spying, and companies like Cisco have been caught routinely fanning such fears among gullible lawmakers in the hopes of thwarting overseas competitors. That hysteria has been notably escalated in recent years thanks to U.S. networking vendors being afraid to compete with cheaper Chinese gear as they jockey for 5G deployment contracts with wireless carriers worldwide.

While it's certainly possible Huawei spies on the U.S., there's just not much evidence for it. And you'd also have to ignore the U.S.' epic hypocrisy on that particular subject. You know, like the time Snowden docs revealed that the NSA was caught hacking into Huawei, stealing the company's source code, and attempting to install backdoors in Huawei gear so they could spy on countries that were avoiding the use of U.S. networking gear. You know, the exact thing we're accusing Huawei of. Except with supporting evidence.

Again, it's certainly plausible that Huawei might spy on U.S. citizens. But you'd think somebody could reveal some public evidence of this nefarious behavior before the Trump FCC pondered blacklisting them, a move that's opposed by NSA bosom buddies AT&T and Verizon. The reality is that the entire Huawei fracas is driven more by protectionism than national security, largely because, as one DC insider told the Washington Post back in 2012, it's extremely easy for U.S. networking makers like Cisco to get gullible lawmakers all hot and bothered on the subject:

"“What happens is you get competitors who are able to gin up lawmakers who are already wound up about China,” said one Hill staffer who was not authorized to speak publicly about the matter. “What they do is pull the string and see where the top spins.”

But some experts say these concerns are exaggerated. These experts note that much of Cisco’s own technology is manufactured in China."

That's not to say Facebook still doesn't need to answer some questions about whether all of these partnerships have been unwound, and how it ensured that the data stored on these vendors' devices wasn't abused in any fashion. That said, the focus should remain on the 60 companies in total that Facebook struck these deals with, without getting too hung up on the CHINA CHINA CHINA aspect of the story. Lax treatment of private data is the norm, not the exception (especially in the telecom sector), and getting too hung up on Huawei alone tends to miss the forrest for the trees.


Reader Comments

The First Word

Subscribe: RSS

View by: Time | Thread


  • identicon
    SortOf, 7 Jun 2018 @ 1:30pm

    focus should remain on the 60 companies in total that Facebook s

    I'd restate that just a tad,

    "focus should be on Facebook"

    At issue with these Chinese phones from the minimal information out there appears to be that the apps connect through servers in mainland China.

    reply to this | link to this | view in chronology ]

    • identicon
      bob, 7 Jun 2018 @ 7:33pm

      Re: focus should remain on the 60 companies in total that Facebook s

      It's very possible that Huawei is complicit in stealing data from customers, just like its possible the company has nothing to do with it. The fact is the data travels over servers located in another country whose past shows it has malice towards the US.

      I have no proof one way or another that China isn't actively trying to steal people's information for future nefarious purposes. But from the OPM hack and other past data thefts I can infer they are trying and will do whatever it takes to make the collection happen.

      The same unfortunately is true of the USA. We all saw the evidence of illegal and nefarious actions on American and foreign citizens by the NSA.

      The only plus side I see is that even though everyone is doing it, in the US we have some checks and balances (it's something at least) to protect us while foreign governments like china are not setup the same way.

      The threat from another country, like China, stealing and later using your own data against you is present. It might be hyped by US network companies but it is still present nonetheless.

      So my advice is assume everyone else is a threat until proven otherwise, build up layers of protection to hopefully weed out and stop as many threats as possible, and minimize any potential digitally vulnerable surfaces I have. Oh and dont use crap like Facebook.

      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 7 Jun 2018 @ 1:54pm

    Rabble rabble rabble evil

    Maybe instead of recycling the same 6+ year old argument with the exact same article link every time this comes up you could provide some more recent references or at the very least different articles against Cisco every time you talk about this? Kind of boring to read the same thing over and over again.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Jun 2018 @ 3:13pm

      Re: Rabble rabble rabble evil

      You're reading an article about a new development in an old story. Some of the information is new. Some of the information is old. The background and history remain the same.

      This really isn't complicated.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Jun 2018 @ 2:19pm

    The U.S. government is so damn hypocritical.

    They want us to be afraid of Chinese-made phones because their info might end up in the hands of the Chinese government, whereas the U.S. government has been spying on its own people through all kinds of technology. There are cases of Americans who have found keyboards they ordered off Amazon have been intercepted by the NSA to have keyloggers installed inside of them. All it takes is one "security letter" and they can threaten any corporation into assisting with surveilling you without your knowledge.

    I ask every American who posts here: Would you feel more worried about a foreign government breaching your privacy, or your own government? Before you answer, consider which government has jurisdiction over your lives and where you live.

    reply to this | link to this | view in chronology ]

    • icon
      Bergman (profile), 7 Jun 2018 @ 5:47pm

      Re: The U.S. government is so damn hypocritical.

      Well of course they do. They want our information to end up in the hands of the US government, not the Chinese government.

      Buy American!

      reply to this | link to this | view in chronology ]

  • icon
    Coyne Tibbets (profile), 7 Jun 2018 @ 3:26pm

    Roach hotels

    I wonder how long it would have taken Facebook to wind down the Huawei deal if it hadn't been for the sudden media attention. Probably only a few more decades...

    Some of these companies are like roaches: "They consume, infest, destroy, live off the death and destruction of" their customers, but shine a little light and they run for cover.

    reply to this | link to this | view in chronology ]

  • identicon
    Docrailgun, 7 Jun 2018 @ 3:42pm

    Does China pay you, Karl

    reply to this | link to this | view in chronology ]

  • identicon
    kaybee, 7 Jun 2018 @ 4:34pm

    And so it goes...

    In related news, FoxBook announces its new Coop Protection Service. Just upload your sensitive plucked images to our hastily assembled secure web portal. No need for any more, we already know everything else. FoxBook is pleased to offer the only permanent solution to the problem.

    In more related news, the New Forest Times reports that FoxBook sold coop preference data to coop OEMs. FB spokesman Muck Foxburger said that this was only before OEMs had incorporated full remote and physical access to coops as is now the case with all modern coops.

    Clarifying his earlier statement, Foxburger stated that all coop preference data is now solely in the possession of FoxBook, at least until they find someone else to sell it to. This is off the record right?, Gimme that! *banging, thumping, sudden silence*

    Meanwhile, the Cowardly Lion, now King of the Forest, lashes out in a savage series of tweets against left foot on spreading 'false smells'. Refuses to comment on firing sock for recusal from Odor Probe.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.