From what we understand the NSA has a trove of pilfered, traded, and collected encryption keys collected in a huge database of such codes called the Key Provisioning Service. Encryption codes that protect international trade and banking systems, sensitive data such as professional and fair information, medical records, e-mails, phone calls and chat logs. The whistleblower documents of Edward J. Snowden possessed by The Guardian and the Washington Post has given a glimpse of how deep the rabbit-hole of NSA spying capability goes. Now they also reveal how the NSA uses it carelessly.

The project Bullrun enabled the NSA to work with companies called the SIGINT Enabling Project. SIGINT stands for Signal Intelligence and means something like digital eavesdropping. The list of data that the NSA was hoping to get through the project in this year looks impressive: an unnamed large online telephone and messaging, an ISP from the Middle East and the communication of at least three foreign powers.

The U.S. computer industry has reacted with concern to the leaking of Edward Snowden about classified information that exposes several intelligence programs dedicated to obtain communications data through emails from Yahoo, Facebook, Google or Microsoft, among others.

Most documents depict U.S. companies as “business partners” or “providers” of information. While carriers have generally refused to comment on their relationship with the monitoring services of government, business technology reacted with outrage after their presentation in the NSA documents published by Snowden.

Google’s reaction to spying

Now in an attempt to prevent spying by the NSA and other U.S. intelligence agencies, the Washington Post reported Google has launched a program to enhance encryption codes of their systems.

Although the initiative was underway since late 2012, Google has decided to accelerate its deployment in data centers around the world with the aim of increasing the protection of consumer privacy. However, it recognizes that these actions may not completely prevent espionage, but it does make it more difficult to access for both hackers and for governmental intelligence agencies.

“It’s an arms race,” said Eric Grosse, vice president for security engineering at Google, “We see these government agencies as among the most skilled players in this game.”

As the intelligence agencies have to essentially convert the encrypted data to make it easy to intercept, it therefore complicates the entire surveillance effort by making it a lengthy and timely process.

New leak reveals

The latest leaks of Snowden in The Guardian and The New York Times revealed new information about how the NSA of the United States and GHCQ intervened in safety standards to make them vulnerable to their technology, in order to facilitate espionage.

According to these data, the NSA would have used all the methods available, from persuasion to collaboration companies forced to encryption keys theft and alteration of software and hardware to access private communications on the web inside and outside the United States.

“The fact that NSA’s mission includes deciphering enciphered communications is not a secret, and is not news,” the statement reads. “Anything that yesterday’s disclosures add to the ongoing public debate is outweighed by the road map they give to our adversaries about the specific techniques we are using.”

The US intelligence has been reeling since Snowden’s documents began revealing the PRISM program about how the government collects, analyzes and disseminates information including e-mails, video chats and phone communications.

Reacting to the Google’s development, The Office of the Director of National Intelligence said to The Washington Post: “Throughout history, nations have used encryption to protect their secrets, and today terrorists, cybercriminals, human traffickers and others also use code to hide their activities. Our intelligence community would not be doing its job if we did not try to counter that.”

Safety of users – Google is more aggressive

When it comes to safety of users, Google is more aggressive than other technology companies in deploying encryption technology. The Gmail service used encryption way back in 2010 and the technology since then has extended to Google searches for most users.

“Yet even as it encrypted much of the data flowing between Google and its users, the information traveling between its data centers offered rare points of vulnerability to potential intruders, especially government surveillance agencies, security officials said. User information – including copies of e-mails, search queries, videos and Web browsing history – typically is stored in several data centers that transmit information to each other on high-speed fiber-optic lines.”

Google officials said that both the servers in the data centers and the information on the fiber-optic lines connecting them will be encrypted using ‘very strong’ technology.

The Washington Post report said that several other companies, including Microsoft, Apple and Facebook, increasingly have begun using encryption for some of their services. They also joined groups of civil liberties by requiring greater transparency and insisting that the information is provided to the government only when required by law, often in the form of a court order.

On Friday, Yahoo released its first “report of government transparency,” saying that it had received 12,444 requests for data from the U.S. government this year, covering the accounts of 40,322 users.

Matthew Green, a cryptography expert, applauded Google’s decision to tighten its defenses against government oversight, but said that recent revelations clearly show many weaknesses in encryption technology used, much of which dates back to the 1990 or earlier. He called for greater efforts from companies and independent researchers to strengthen infrastructure systems.