Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Huawei has ongoing oversight deal with CFIUS

Huawei set up a communication channel with the agency after dropping its 3Leaf acquisition

When Huawei Technologies agreed to dissolve its controversial acquisition of some intellectual property from U.S. mainframe software vendor 3Leaf in February, it also negotiated an arrangement with the Committee on Foreign Investment in the United States (CFIUS) for ongoing oversight of Huawei's operations in the U.S., a Huawei executive said Tuesday.

The agreement set up a formal communications channel between Huawei and the investment review agency, which Huawei welcomed as a way to demonstrate its transparency, said Huawei Group Chief Technology Officer Matt Bross. He spoke in an interview during an event celebrating Huawei's tenth anniversary in the U.S. and the grand opening of a research and development center in Santa Clara, California.

Huawei has come under close scrutiny by some regulators and elected officials in the U.S. because of concerns that network equipment made by the Chinese company could be vulnerable to manipulation from China. In particular, some U.S. officials have raised concerns about possible "back door" code in Huawei software that would let the Chinese government or military disrupt or spy on U.S telecommunications. Huawei has said repeatedly that those concerns are unfounded because Huawei has no government or military ownership.

The CFIUS is an inter-agency committee, led by the Secretary of the Treasury, that reviews transactions that could result in control of a U.S. business by a foreign entity. It seeks to determine the impact of such deals on U.S. national security. The CFIUS could not be reached Wednesday for comment

When Huawei's U.S.-based subsidiary FutureWei acquired the intellectual property from 3Leaf for about US$2 million, its legal counsel concluded that the company did not have to submit the deal to CFIUS for review. But later, another FutureWei counsel, in Washington, D.C., concluded that it wasn't clear whether the deal had to undergo the review, Bross said.

FutureWei then submitted the acquisition to CFIUS for review. The situation presented an administrative challenge because it wasn't clear how to craft a mitigation agreement -- an arrangement for offsetting the potential harm to security -- for an acquisition that had already taken place, Bross said. CFIUS eventually recommended that FutureWei divest the property it had bought, though it didn't force the company to do so.

After about three days of negotiations, FutureWei and CFIUS agreed on the deal for ongoing oversight and FutureWei agreed to give up the 3Leaf assets, Bross said.

Shortly after that deal was reached, Huawei published an open letter in which it asked the U.S. government to conduct a full investigation of the company to clear up what it called misperceptions about the company.

In addition to the arrangement with CFIUS, Huawei has taken other steps to help assure regulators outside China that its products don't present a security risk. It has contracted with Electronic Warfare Associates for third-party security audits of its software and hardware products. These reviews ensure that there are no "back doors" or Trojan horse programs that would let the Chinese government or any other entity gain access to Huawei equipment, he said. Huawei makes EWA's reports available to regulators and customers, he said.

Before joining Huawei, Bross was group CTO at British Telecom, which awarded Huawei significant portions of its far-reaching 21st Century Network project. The U.K. government and public were worried about Huawei at first, but Huawei worked with regulators and BT customers to ensure its products were secure, he said. Its software for the network infrastructure was vetted by customers and security agencies, and Huawei ensured that the software was administered by U.K. citizens who also had been vetted, he said.

All other major telecommunications vendors have facilities in China, and Huawei takes greater efforts than they do to ensure its products are safe from intrusions, according to Bross. Huawei says its products are used by 45 out of the 50 largest carriers in the world.

Stephen Lawson covers mobile, storage and networking technologies for The IDG News Service. Follow Stephen on Twitter at @sdlawsonmedia. Stephen's e-mail address is stephen_lawson@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: British Telecom, BT, Electronic Warfare Associates, etwork, Huawei, IDG, Lawson, Technology
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: business issues, government, Huawei Technologies, Mergers / acquisitions, Regulation
Latest Blog Posts
Whitepapers
  • Maximise Software Cost Savings by License Reharvesting, Recycling & Applying Product Use Rights
    Software asset management (SAM) is a complex process that enables organisations to gain control of their software estate from both a license compliance and financial standpoint. In many organisations, SAM represents one of the few remaining ways that substantial IT savings can be realised. McKinsey and Sand-Hill Group estimate that 30% or more of IT budgets are consumed by software license and maintenance costs. By optimising the SAM process, organisations can maximise software utilisation, reduce the risk of non-compliance (audits, fees, penalties), and reduce overall IT costs by as much as 5 to 10% per year. Read on.
    Learn more »
  • Fixing Your Dropbox Problem - How the Right Data Protection Strategy Can Help
    It’s estimated that more than 50 million people have used public cloud storage services such as Dropbox to share and exchange files. Public cloud services are so easy to use that their openness can undermine existing IT policies regarding the transmission of confidential data. With data volumes threatening to overwhelm onsite storage, IT managers are looking to find a solution that’s affordable and secure. This paper details a simple three-step approach to helping users manage access to the public cloud without placing your data or your business at risk. Read on.
    Learn more »
  • Disciplined Agile Delivery: An Introduction
    This evaluation guide is designed to help you choose the best tool to support your current Agile projects, while protecting your investment as your team, needs and agile maturity grow.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments