Facebook admitted Tuesday that it allowed Huawei, a Chinese telecom company with alleged ties to the country’s government, to have special access to data about the social site’s users, an arrangement that could stoke fears that consumers’ personal information is at risk.
For years, lawmakers in Congress and top U.S. national security officials have raised red flags about the security of Huawei products, fearing that the Chinese government could demand access to communications stored on their devices or servers. The company has denied the charges, but the Pentagon took the rare step this year of banning sales of Huawei smartphones on U.S. military bases.
Another telecommunications company with suspected close ties to the Chinese government, ZTE, is not believed to have had a relationship with Facebook, said a person familiar with the matter who spoke on the condition of anonymity to talk publicly.
It does not appear that Facebook data was stored on Huawei servers, only directly on devices, Facebook said.
A spokesman for Huawei did not immediately respond to a request for comment.
Facebook late Tuesday confirmed that it had worked with Huawei, as well as three other Chinese firms, Lenovo, OPPO and TCL. Facebook said those arrangements were “controlled from the get go — and we approved the Facebook experiences these companies built.”
Facebook's statement followed a day of silence about its relationships with Chinese firms, which drew a sharp rebuke from Sen. Mark R. Warner (D-Va.). Warner said in a statement Tuesday that Facebook's relationships with Huawei and others raise “legitimate concerns, and I look forward to learning more about how Facebook ensured that information about their users was not sent to Chinese servers.”
In total, Facebook has said it struck special data-sharing deals with roughly 60 device makers, including more recognizable names such as Apple, HTC and Samsung. Through legal agreements and Facebook-supplied code, these manufacturers could directly access Facebook data so that their customers could more seamlessly perform tasks such as syncing their contacts or accessing their message histories on devices ranging from smartphones to smart televisions.
In Facebook’s eyes, the partnerships were merely an extension of services it already offered. In a blog post Monday, company executives said the arrangements were necessary in the early days of the mobile ecosystem, when not every smartphone company offered an app store. Facebook also stressed that many of the 60 device makers — which it did not name in full — didn’t store the data on their own servers.
The social giant quietly began unwinding the program in April, but it said it had no indication any Facebook data had been misused.
To privacy experts, however, Facebook’s behind-the-scenes arrangements are problematic if they happened without users’ full knowledge or consent. Some seized on a report from the New York Times that found at least one of Facebook’s device partners, BlackBerry, had an older smartphone that could access Facebook data about device owners as well as their friends, and their friends’ friends, seemingly even in cases where Facebook users had barred such sharing. In response, BlackBerry stressed in a statement: “At no time did BlackBerry collect or mine the Facebook data of our customers.”
Facebook’s partnerships with device makers could ultimately spell more trouble for the tech giant at the Federal Trade Commission, which is already investigating the company for a series of privacy mishaps. Because Facebook has misled consumers on its data-use policies in the past — and previously been punished by the FTC — the company could face sky-high fines if the agency finds it has erred again.
A spokesman for the FTC has declined to indicate if it is investigating Facebook’s arrangements with device makers.