Facebook, Google etc are falling over themselves to deny that they have given the US espionage organisation the NSA direct access to their servers and customer information.
And to put it bluntly, there is simply nothing they can say that would make me believe them.
Why? Three reasons:
Firstly, it is very much in their commercial interest for customers not to take the view that their personal information can be browsed pretty much at will by American civil servants for whatever reason they can contrive.
Secondly, very few people within Facebook and Google would actually be privy to any involvement with PRISM, so much of the shock being expressed will no doubt be genuine (I know some quite highly placed technical people within both Google and Facebook and I would totally believe them if they told me to my face they found this all hard to believe, but then none of them are at board level, so unless they needed to know…).
Thirdly and most importantly, the court orders giving blanket access include threats if they reveal they are cooperating with the court order. In short, they are required by law to lie about their cooperation if asked.
IT IS FURTHER ORDERED that no person shall disclose to any other person that the FBI or NSA has sought or obtained tangible things under this Order, other than to: (a) those persons to whom disclosure is necessary to comply with such Order; (b) an attorney to obtain legal advice or assistance with respect to the production of things in response to the Order; or (c) other persons as permitted by the Director of the FBI or the Director’s designee.
So it really does not matter what Facebook and Google et al says, does it?
UPDATE: This is a very interesting suggestion… in short, once they got Verizon (i.e Tier One) they actually did not need much cooperation from the people downstream. Fascinating stuff. I wonder to what extent that is actually true.
So far there has been no denial from the US Govt. that they are receiving this information, which would be in their interest, so it can be assumed that they are in fact getting information. The crux is whether it’s knowingly given or retrieved covertly.
To retrieve it covertly would require either snooping all the traffic going to a multitude of servers and grabbing a significant proportion, and that level of networking and hardware is unlikely to go unnoticed and unremarked. The other option is to covertly gain access to the companies servers and grab what you need. The problem is the quantity of data needing to be transferred would be immediately obvious to any systems admin, or else it would have to be processed and data mined before hand, again meaning the sysadmins would notice. Anyone should notice probably terabytes of data wandering around unrequested.
In a nutshell, if they’re getting the data, the companies must be knowingly supplying it, any other possibility would mean the companies systems must be compromised to such an extent as to be blindingly obvious to anyone competent. If they’re not noticing, then you don’t want to deal with them anyway.
Nope, absolutely, it doesn’t matter.
Denial of involvement can probably only be taken as further conformation of involvement.
I’m pretty sure they are carefully stating things that are true in detail but which are quite as broad ranging as the audience might think. I’m fairly sure pretty much every US ISP, telco, hosting company and other internet entity has in fact given petabytes of data to the NSA and/or other three letter agencies.
The fundamental problem for the U S “public” right now is that all these “intelligence” facilities are subject to POTENTIAL ABUSE; none of which we are “assured” is occurring (although it might occur “unwittingly” – Clapper, fingering former hairline).
The personnel who are being assigned to direct these functions are political operatives (who have “failed-up”).
This information surfaces to public view at a time when other ADMITTED ABUSES (really, truly do occur – along with serious security failures) by and for political objectives are cascading from their hidden places.
“The country is in the very best of hands” Glen Reynolds
I think you have to be careful about how the Guardian have read this.
If this is “blanket access” (as opposed to being about compliance with a court order), why would Google sign up when lots of other hosting companies and service providers (e.g. Twitter) haven’t? What’s in their interest with this? Where’s the smoking gun of motive for opening up their customers data more than other companies?
Having read the New York Times’ take on Prism, I suspect it’s simply a more streamlined process, doing the same things, but with less wasted effort. In other words, Google are doing all the same things that Twitter and Go Daddy and Just Host and numerous other companies aren’t, but that where Twitter get a faxed subpoena for information, and the request is dealt with more manually, the likes of Google and Microsoft have a more managed process in place. And none of the slides produced by the Guardian are incompatible with what the NYT have written.
But that’s exactly the problem! This has streamlined the process to the point the feds can simply go on fishing expeditions with the push of a button after getting incredibly wide reaching generally worded court orders to look for nothing in particular. Yup, that sure is “streamlined”
Doug,
“incredibly wide reaching generally worded court orders”? Where?
Follow that link. All it really says is “all your datas are belong to us”. It’s not a court order to spy on one of their customers, it’s an open court order to spy on all of them.
Doug,
Again… speculation.
I’m not putting it past governments to be evil bastards, but at the moment, it doesn’t all fit.
Not sure what you think Doug is ‘speculating’ about, Stigler. The court order gives the Feds access to all Verizon customer’s data. What exactly ‘does not fit’?
I’m mostly surprised that anyone is surprised at any of this, as I had pretty much assumed that all this had been going on the whole time anyway.
I’m even more surprised that anyone is surprised at Google, since their entire business model is based on datamining their users and selling the results to third parties.
Perry,
So, where’s the application (required under FISA)? Where’s the date by when the information must be provided? The Graun has the “Secondary Order”. Where’s the “Primary Order”?
If this is a trawl, it would also be breaking the FISA laws, which don’t allow FISC to carry out surveillance of foreign citizens.
It might be that a US court is breaking US law. It might be that the Graun is deliberately bashing the US. It might be that they’ve just jumped on what they think is a smoking gun without thinking too hard about it. I don’t know, but right now, I’m not making up my mind when so much seems to be missing.
Volokh Conspiracy has more on this: http://www.volokh.com/2013/06/05/is-verizon-turning-over-records-of-every-domestic-call-to-the-nsa/
Ask the secret courts for that information, Stigler.
Ted,
But we already have a whistleblower who has released information from the FISC, so where’s the rest of it?
It’s possible that Obama is evil, and that another branch of the US government and 12 judges are willing to support him, including breaking the rules of their own court. And that a large company is fully co-operating with an illegal order. But what’s more likely? That, or that a journalist working for a paper that’s going down the pan with a history of anti-Americanism is sexing up a story?
Personally, I haven’t entirely made up my mind, but the omissions don’t fill me with confidence in the Guardian’s story.
No! Really? 😀
How can any judge in their right mind have ok’d this abuse? To paraphrase some clown in a movie I saw, “This isn’t going to look good on your resume!”
@ wh00ps at June 9, 2013 at 7:26 pm
Everyone is all hot and bothered about the 4th Amendment privacy issues. Here’s a thought for you: If the Feds want all this data-mined information, much like a private-enterprise corporation would, and are willing to engage in a commercial transaction for it– what stops them? Isn’t there also a 5th Amendment “eminent domain” (if you’ll pardon the expression) question? How can the Feds just commandeer the information? (*innocent face*) Is there some sort of provision in the communications law that provides for the authority to be allowed to just go in and get the stuff without having to pay for it, and if so, why? There’s all kinds of Federal law that says that the police, if they have not done the actual unwarranted search, and it was not done by others at the police’s behest as a circumvention, can still use the evidence uncovered in order to make a case. (Simply as a path-of-least-resistance, they could probably do this, but the line-item in the budget for “Purchase of information from Internet companies” might attract a bit of notice, you’d reckon– it would have to be black-budget, which opens up its own can of worms.)
The software suites running operations like Google and Facebook are so big and so fragmented it’s possible that nobody knows exactly what they are doing. And then there’s the nerd factor, the kind of people who’d say “Hey we’re going to be sharing data with NSA, KOOL!” and never think of the ethical implications.
I never believe anything until it has been officially denied…
Obama is a servant of the NSA and the various military industrial political complex mandarins and spongers (otherwise known as “contractors” and “staff”. Blaming the brown man for the nefarious Mega Government created by the Nazi-sympathizing Dulles Brothers seems rather dim-witted to me.
Its no coincidence that Microsoft is releasing its “Stasi Box” and just so happens to be an eager partner of the NSA. Why, the Stasi Box is the kind of games console Mussolini and Stalin would have designed.
Funny how the Japanese companies are the ones who are not interested in spying on people.