PricewaterhouseCoopers, a government-approved privacy monitor, discovered Facebook's failure to keep a close eye on its hardware partners way back in 2013. The auditor's report was never disclosed in full to the public, though, and the lack of data oversight on Facebook's part was only revealed in a letter to Senator Ron Wyden in October.
In the letter, which Wyden shared with NYT, Facebook VP of US Public Policy Kevin Martin revealed that PricewaterhouseCoopers tested the company's partnership with Microsoft and Blackberry-maker Research in Motion as part of its assessment. The consulting group came to the conclusion that "there is limited evidence" that "Facebook monitored or assessed [the device makers'] compliance with Facebook's Data Use policies." It added that the "[l]ack of comprehensive monitoring makes it more difficult to detect inappropriately implemented privacy settings within these third-party developed applications."
Wyde said in a statement:
"Facebook claimed that its data-sharing partnerships with smartphone manufacturers were on the up and up. But Facebook's own, handpicked auditors said the company wasn't monitoring what smartphone manufacturers did with Americans' personal information, or making sure these manufacturers were following Facebook's own policies."
A Facebook spokesperson said that the social network takes the FTC's consent decree seriously and remains "strongly committed to the consent order and to protecting people's information."
NYT says the company started winding down its partnership program after the Cambridge Analytica scandal blew up. Before that, though, the social network shared user information with over 50 tech companies, including Huawei. It's no secret that the US doesn't trust the tech giant, and lawmakers found that particular partnership especially troubling. Specifically, they're worried that the Chinese government could ask Huawei for access to the user data Facebook had provided as part of their agreement.