Technology giants struggle to maintain credibility over NSA Prism surveillance
Strongly-worded denials issued by Apple, Facebook and Google about their co-operation are followed by further revelations
Dominic Rushe in New York
guardian.co.uk, Sunday 9 June 2013 15.37 EDT
Apple, along with Facebook and Google, have issued strongly-worded denials that they knowingly participated in Prism. Photograph: Andrew Gombert/EPA
Technology giants battled to maintain their credibility on privacy issues over the weekend as further details emerged of their co-operation with US spy agencies.
Apple, Facebook and Google issued strongly-worded denials that they had knowingly participated in Prism, a top-secret system at the National Security Agency that collects emails, documents, photos and other material for agents to review.
All said that they did not allow the government direct access to their systems and had never heard of the Prism programme. Facebook’s founder, Mark Zuckerberg, called press reports about Prism “outrageous”.
But after the publication by the Guardian of another slide from a top-secret NSA presentation and reports in the Washington Post and the New York Times, it was becoming clear that some major technology companies have, at the very least, taken steps to make it easier for intelligence agencies to access the information they want.
Tech companies are legally required to share information under the Foreign Intelligence Surveillance Act (Fisa). Those requests have to be made via a Fisa court and almost none are rejected. The companies are not obliged to make the process easier for the NSA.
The New York Times said the companies named in the Prism documents had co-operated to some degree with the US authorities. Twitter was a notable exception to the list and has reportedly declined to co-operate. Amazon, which offers back office services to a huge number of web companies, is also missing.
The tech companies’ denials have concentrated on suggestions that they had given the NSA “direct access” to their servers. The phrase comes from a Prism presentation slide that states: “Collection directly from the servers of these US service providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”
According to the New York Times, some companies, including Google and Facebook, discussed setting up secure online “rooms” where requested information could be sent and accessed by the NSA. Such systems would allow them to dispute the idea of direct access.
According to a report in the Washington Post on Sunday, Prism was created after extensive negotiations between the tech companies and federal authorities “who had pressed for easier access to data they were entitled to under previous orders granted by the secret Fisa court”.
On Saturday, the director of national intelligence, James Clapper, acknowledged the existence of Prism but insisted it was only used under court supervision. He said: “The United States government does not unilaterally obtain information from the servers of US electronic communication service providers. All such information is obtained with Fisa court approval and with the knowledge of the provider based upon a written directive from the attorney general and the director of national intelligence.”
But the Washington Post reported that the secret court orders, made under section 702 of Fisa, served as “one-time blanket approvals for data acquisition and surveillance on selected foreign targets for periods of as long as a year”.
The Prism system allows agents at the NSA to send queries “directly to equipment installed at company-controlled locations”, rather than directly to company servers. Sources told the Washington Post that companies cannot see the queries sent from the NSA to the systems installed on their premises.
Holmes Wilson, the co-founder of the online rights group Fight for the Future said it was clear that the systems set up with the tech companies presented huge privacy issues. “These companies are denying that they give direct access to their servers, but what they have created is a complex legal and technological mechanism that amounts to the same thing. God knows what other government agencies have access to this information.
“This makes it too easy for the government agencies. There is tremendous potential for abuse here. We are still only seeing glimpses of what is going on. It is only a matter of time before some employee goes rogue here,” he said. Wilson called for a congressional investigation. “Things can not go on like this,” he said.
The disclosure of Prism followed the Guardian’s revelation that Verizon was giving the NSA access to the metadata of millions of its US customers.
On Sunday senator Mark Udall, a Senate intelligence committee member, told ABC’s This Week: “My main concern is that Americans don’t know the extent to which they are being surveilled.”
He said: “We here this term metadata which has to do with where you make calls, when you make calls, who you are talking to. I think that’s private information.”
Udall called for greater transparency: “Let’s have the debate, let’s be transparent. Let’s open this up.”