Latest Privacy Fracas Drops Facebook In The Middle Of Anti-Huawei Hysteria
from the evidence-optional dept
Facebook is under fire yet again for potentially being far too casual in its treatment of private consumer data.
Earlier this week, the New York Times issued a report noting that Facebook had struck deals with more than 60 different hardware vendors since at least 2010, providing them with "vast amounts" of private user data. According to the report, these partnerships allowed some devices to retrieve personal information even from users’ friends who believed they had barred any sharing with third party vendors, potentially violating a 2011 FTC consent decree that banned such sharing without obtaining express customer permission.
To be clear, the partnerships are notably different from the deals struck with companies like Cambridge Analytica, which we now know routinely let app makers hoover up private data under false pretenses, then use that data for other purposes (like oh, riling up partisans ahead of an election). And Facebook was quick to issue a blog post trying to downplay the scope of the revelations:
"This is very different from the public APIs used by third-party developers, like Aleksandr Kogan. These third-party developers were not allowed to offer versions of Facebook to people and, instead, used the Facebook information people shared with them to build completely new experiences."
And while that's all well and good, the problem for Facebook is that nobody trusts that they routinely policed whether this data was being abused. And while the data was all stored locally on user devices, privacy experts were quick to point out that this could still wind up being a problem:
"You might think that Facebook or the device manufacturer is trustworthy,” said Serge Egelman, a privacy researcher at the University of California, Berkeley, who studies the security of mobile apps. “But the problem is that as more and more data is collected on the device — and if it can be accessed by apps on the device — it creates serious privacy and security risks."
These are all legitimate questions that Facebook will need to answer in the wake of the Cambridge scandal.
That said, this story was initially reported on Sunday without too much attention. But things took a turn with additional reports by both the Washington Post and New York Times indicating that some of these partner companies included Chinese gear makers like Huawei.
"The agreements, which date to at least 2010, gave private access to some user data to Huawei, a telecommunications equipment company that has been flagged by American intelligence officials as a national security threat, as well as to Lenovo, Oppo and TCL. The four partnerships remain in effect, but Facebook officials said in an interview that the company would wind down the Huawei deal by the end of the week."
Given that the Trump administration is currently trying to blacklist companies like Huawei amidst allegations of being proxies for the Chinese government, the story's overall tone quickly shifted to one of mass hyperventilation:
This could be a very big problem. If @Facebook granted Huawei special access to social data of Americans this might as well have given it directly to the government of #China https://t.co/5K86CDpjVE
— Marco Rubio (@marcorubio) June 6, 2018
The problem: as we've noted a few times now, the allegations that employee-owned Huawei routinely spies on American consumers for the Chinese government isn't backed up by any publicly-available evidence, something both the Post and Times oddly don't mention.
An 18 month investigation by the White House found no evidence of such spying, and companies like Cisco have been caught routinely fanning such fears among gullible lawmakers in the hopes of thwarting overseas competitors. That hysteria has been notably escalated in recent years thanks to U.S. networking vendors being afraid to compete with cheaper Chinese gear as they jockey for 5G deployment contracts with wireless carriers worldwide.
While it's certainly possible Huawei spies on the U.S., there's just not much evidence for it. And you'd also have to ignore the U.S.' epic hypocrisy on that particular subject. You know, like the time Snowden docs revealed that the NSA was caught hacking into Huawei, stealing the company's source code, and attempting to install backdoors in Huawei gear so they could spy on countries that were avoiding the use of U.S. networking gear. You know, the exact thing we're accusing Huawei of. Except with supporting evidence.
Again, it's certainly plausible that Huawei might spy on U.S. citizens. But you'd think somebody could reveal some public evidence of this nefarious behavior before the Trump FCC pondered blacklisting them, a move that's opposed by NSA bosom buddies AT&T and Verizon. The reality is that the entire Huawei fracas is driven more by protectionism than national security, largely because, as one DC insider told the Washington Post back in 2012, it's extremely easy for U.S. networking makers like Cisco to get gullible lawmakers all hot and bothered on the subject:
"“What happens is you get competitors who are able to gin up lawmakers who are already wound up about China,” said one Hill staffer who was not authorized to speak publicly about the matter. “What they do is pull the string and see where the top spins.”
But some experts say these concerns are exaggerated. These experts note that much of Cisco’s own technology is manufactured in China."
That's not to say Facebook still doesn't need to answer some questions about whether all of these partnerships have been unwound, and how it ensured that the data stored on these vendors' devices wasn't abused in any fashion. That said, the focus should remain on the 60 companies in total that Facebook struck these deals with, without getting too hung up on the CHINA CHINA CHINA aspect of the story. Lax treatment of private data is the norm, not the exception (especially in the telecom sector), and getting too hung up on Huawei alone tends to miss the forrest for the trees.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: data sharing, evidence, hacking, privacy
Companies: facebook, huawei
Reader Comments
The First Word
“And so it goes...
In related news, FoxBook announces its new Coop Protection Service. Just upload your sensitive plucked images to our hastily assembled secure web portal. No need for any more, we already know everything else. FoxBook is pleased to offer the only permanent solution to the problem.In more related news, the New Forest Times reports that FoxBook sold coop preference data to coop OEMs. FB spokesman Muck Foxburger said that this was only before OEMs had incorporated full remote and physical access to coops as is now the case with all modern coops.
Clarifying his earlier statement, Foxburger stated that all coop preference data is now solely in the possession of FoxBook, at least until they find someone else to sell it to. This is off the record right?, Gimme that! *banging, thumping, sudden silence*
Meanwhile, the Cowardly Lion, now King of the Forest, lashes out in a savage series of tweets against left foot on spreading 'false smells'. Refuses to comment on firing sock for recusal from Odor Probe.
Subscribe: RSS
View by: Time | Thread
focus should remain on the 60 companies in total that Facebook s
"focus should be on Facebook"
At issue with these Chinese phones from the minimal information out there appears to be that the apps connect through servers in mainland China.
[ link to this | view in thread ]
Rabble rabble rabble evil
[ link to this | view in thread ]
The U.S. government is so damn hypocritical.
I ask every American who posts here: Would you feel more worried about a foreign government breaching your privacy, or your own government? Before you answer, consider which government has jurisdiction over your lives and where you live.
[ link to this | view in thread ]
Re: Rabble rabble rabble evil
This really isn't complicated.
[ link to this | view in thread ]
Roach hotels
Some of these companies are like roaches: "They consume, infest, destroy, live off the death and destruction of" their customers, but shine a little light and they run for cover.
[ link to this | view in thread ]
[ link to this | view in thread ]
And so it goes...
In more related news, the New Forest Times reports that FoxBook sold coop preference data to coop OEMs. FB spokesman Muck Foxburger said that this was only before OEMs had incorporated full remote and physical access to coops as is now the case with all modern coops.
Clarifying his earlier statement, Foxburger stated that all coop preference data is now solely in the possession of FoxBook, at least until they find someone else to sell it to. This is off the record right?, Gimme that! *banging, thumping, sudden silence*
Meanwhile, the Cowardly Lion, now King of the Forest, lashes out in a savage series of tweets against left foot on spreading 'false smells'. Refuses to comment on firing sock for recusal from Odor Probe.
[ link to this | view in thread ]
Re: Re: Rabble rabble rabble evil
[ link to this | view in thread ]
Re: The U.S. government is so damn hypocritical.
Buy American!
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: focus should remain on the 60 companies in total that Facebook s
I have no proof one way or another that China isn't actively trying to steal people's information for future nefarious purposes. But from the OPM hack and other past data thefts I can infer they are trying and will do whatever it takes to make the collection happen.
The same unfortunately is true of the USA. We all saw the evidence of illegal and nefarious actions on American and foreign citizens by the NSA.
The only plus side I see is that even though everyone is doing it, in the US we have some checks and balances (it's something at least) to protect us while foreign governments like china are not setup the same way.
The threat from another country, like China, stealing and later using your own data against you is present. It might be hyped by US network companies but it is still present nonetheless.
So my advice is assume everyone else is a threat until proven otherwise, build up layers of protection to hopefully weed out and stop as many threats as possible, and minimize any potential digitally vulnerable surfaces I have. Oh and dont use crap like Facebook.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]