When Huawei Technologies agreed to dissolve its controversial acquisition of some intellectual property from U.S. mainframe software vendor 3Leaf in February, it also negotiated an arrangement with the Committee on Foreign Investment in the United States (CFIUS) for ongoing oversight of Huawei's operations in the U.S., a Huawei executive said Tuesday.
The agreement set up a formal communications channel between Huawei and the investment review agency, which Huawei welcomed as a way to demonstrate its transparency, said Huawei Group Chief Technology Officer Matt Bross. He spoke in an interview during an event celebrating Huawei's tenth anniversary in the U.S. and the grand opening of a research and development center in Santa Clara, California.
Huawei has come under close scrutiny by some regulators and elected officials in the U.S. because of concerns that network equipment made by the Chinese company could be vulnerable to manipulation from China. In particular, some U.S. officials have raised concerns about possible "back door" code in Huawei software that would let the Chinese government or military disrupt or spy on U.S telecommunications. Huawei has said repeatedly that those concerns are unfounded because Huawei has no government or military ownership.
The CFIUS is an inter-agency committee, led by the Secretary of the Treasury, that reviews transactions that could result in control of a U.S. business by a foreign entity. It seeks to determine the impact of such deals on U.S. national security. The CFIUS could not be reached Wednesday for comment
When Huawei's U.S.-based subsidiary FutureWei acquired the intellectual property from 3Leaf for about US$2 million, its legal counsel concluded that the company did not have to submit the deal to CFIUS for review. But later, another FutureWei counsel, in Washington, D.C., concluded that it wasn't clear whether the deal had to undergo the review, Bross said.
FutureWei then submitted the acquisition to CFIUS for review. The situation presented an administrative challenge because it wasn't clear how to craft a mitigation agreement -- an arrangement for offsetting the potential harm to security -- for an acquisition that had already taken place, Bross said. CFIUS eventually recommended that FutureWei divest the property it had bought, though it didn't force the company to do so.
After about three days of negotiations, FutureWei and CFIUS agreed on the deal for ongoing oversight and FutureWei agreed to give up the 3Leaf assets, Bross said.
Shortly after that deal was reached, Huawei published an open letter in which it asked the U.S. government to conduct a full investigation of the company to clear up what it called misperceptions about the company.
In addition to the arrangement with CFIUS, Huawei has taken other steps to help assure regulators outside China that its products don't present a security risk. It has contracted with Electronic Warfare Associates for third-party security audits of its software and hardware products. These reviews ensure that there are no "back doors" or Trojan horse programs that would let the Chinese government or any other entity gain access to Huawei equipment, he said. Huawei makes EWA's reports available to regulators and customers, he said.
Before joining Huawei, Bross was group CTO at British Telecom, which awarded Huawei significant portions of its far-reaching 21st Century Network project. The U.K. government and public were worried about Huawei at first, but Huawei worked with regulators and BT customers to ensure its products were secure, he said. Its software for the network infrastructure was vetted by customers and security agencies, and Huawei ensured that the software was administered by U.K. citizens who also had been vetted, he said.
All other major telecommunications vendors have facilities in China, and Huawei takes greater efforts than they do to ensure its products are safe from intrusions, according to Bross. Huawei says its products are used by 45 out of the 50 largest carriers in the world.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.