Just 24 hours after it first exposed how the NSA was secretly tapping phone call metadata from Verizon, The Guardian newspaper and the Washington Post have revealed the existence of a massive, warrantless government surveillance program known as PRISM. The program is reportedly capable of collecting data “directly from the servers” of nine US tech giants, include Apple, Facebook, Google and Yahoo, giving US authorities access to people’s emails, live chats, search history and more.
The newspaper describes PRISM as a system that gives the NSA and the FBI direct access to a vast number of online commercial services, that is capable of “extracting audio, video, photos, emails documents and connection logs” which allow investigators to build up a picture of an individual’s movements and contacts over time.
The extent of PRISM was outlined in a 41-page PowerPoint presentation obtained by The Guardian and later verified by the Washington Post. According to the paper, the slides weren’t supposed to be declassified until 2036.
The documents reveal how US authorities have gained access to the databases of some of the world’s largest internet companies, with Microsoft apparently being the first one to go under surveillance in 2007. Its participation was followed by Yahoo in 2008, then by Facebook, Google and PalTalk in 2009. YouTube ‘signed up’ in 2010, with Skype and AOL joining in 2011, followed by Apple last year. Dropbox, the cloud storage provider, is set to follow suit “soon”.
With all of these companies participating in PRISM, the NSA and the FBI appear to have access to the vast majority of American citizen’s email, video and voice communications, not too mention photos, social network information and more.
The Intrigue Deepens
On Thursday, just hours after the news first broke, Apple, Facebook, Google, Microsoft and Yahoo all came out publicly to deny any involvement in PRISM, saying that they’d never heard of the program nor agreed to provide the government with direct access to their serves.
“We have never heard of PRISM. We do not provide any government agency with direct access to our servers,” stated an Apple spokesperson.
“From time to time, people allege that we have created a ‘back door’ into our systems, but Google does not have a ‘back door’,” insisted a Google representative when speaking to CNBC.
Still, these statements may not carry much significance. Google’s statement doesn’t explicitly deny involvement in PRISM for one thing, and we should note that PRISM doesn’t appear to be illegl under US law. Moreover, Kurt Opsahl of the Electronic Frontier Foundation states in an interview with Ars Technica that the tech company’s denials are basically meaningless anyway:
“Whether they know the code name PRISM, they probably don’t. [code names] are not routinely shared outside the agency, and so saying they've never heard of PRISM doesn't mean much. Generally what we've sen when there have been revelations is something like: 'we can't comment on matters of national security.'"
"The tech companies responses are unusual in that they're not saying 'we can't comment.' They're designed to give the impression that they're not participating in this."
The Role of the NSA
The NSA is officially described as the US's cryptographic agency, and falls under the command of the Department of Defense. It's main job is to intercept and decrypt foreign communications, and to prevent attacks on the US's own communications systems.
But its actual role and the extent of its powers are unclear. One thing we do know is that the NSA's stature has grown in recent years, because it's allowed to operate within the United States itself, something the CIA for example, cannot do. Specifically, according to the FAQ page on the CIA website, the spy agency is "prohibited from collecting intelligence concerning the domestic activities of US citizens".
But due to the international nature of global communications, the NSA has no such constraints. Since 9/11 and the War on Terror, it's quietly assumed a central role in domestic spying operations. It's power and the extent of its operations were greatly increased under the Bush administration, something that Obama's government appears to have stepped up even more.
PRISM: Sacrificing Privacy for National Security?
So what is PRISM all about? From the documents unearthed by the Washington Post, it appears that PRISM is essentially a massive data mining program. The NSA amasses all of this data, then uses complex algorithms to try and find 'patterns' of behavior that might indicate terrorism or some other foreign threat against the United States.
The motivation can certainly be justified – the NSA is rightly concerned with national security - but is it so important as to justify the sacrifice of just about every single US citizen's privacy? PRISM seems to be intended purely to gather communications from foreigners. It probably doesn't gather all of the data from the nine tech companies described in the documents – but it certainly has the ability to access them all and selectively go through specific data sets when it's looking for something. And when this happens, data from communications between two US citizens, located in the US, will almost certainly be 'scooped up' accidentally, and that's clearly not right.