After tech companies staunchly denied giving the National Security Agency direct access to their servers, a report from the New York Times explains how they share a wealth of information with the NSA without giving them "backdoor" access.
News that the NSA was mining data from the servers of nine leading internet companies was reported by Barton Gellman and Laura Poitras of the Washington Post the same week The Guardian reported that the NSA attained a secret court order requiring Verizon to hand over all U.S. call records.
The NSA's highly classified program, PRISM, has been mining data, including emails, photos, audio, video, documents and connection logs, from the central servers of Google, Yahoo, Facebook, Skype, AOL, YouTube, Apple And Microsoft for the past six years. Approved by federal judges working under the Foreign Intelligence Surveillance Act (FISA), PRISM has been collecting data since 2007.
Tech companies, however, flatly denied that they allow the government direct or “backdoor” access to their servers. They claimed the only time they gave private user data to the NSA was when they were under a court order to do so.
“We have never heard of PRISM,” said Steve Dowling, spokesman for Apple.
A report by Claire Cain Miller for the New York Times may finally allow us to reconcile how the data is being shared if companies deny NSA direct access. Internet companies are cooperating with the secret surveillance program by making it easier for the government to collect data and negotiating to develop technical methods to share users’ personal data efficiently. At times, they even changed their computer systems in order to do so. Other times the NSA was given the right to “real-time transmission of data.”
For instance, an NSA agent went to an internet company headquarters and remained there for several weeks while he installed government software onto a server and offloaded data onto a laptop.
People briefed on the negotiations told The New York Times that both Facebook and Google discussed plans to build separate, secure portals for the government to request data, the companies could deposit the information, and then the NSA could retrieve it.
“We do not provide any government organization with direct access to Facebook servers,” said Joe Sullivan, chief security officer for Facebook. “When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws and provide information only to the extent required by law.”
“The U.S. government does not have direct access or a ‘back door’ to the information stored in our data centers,” Google’s chief executive, Larry Page, and its chief legal officer, David Drummond, said in a statement. “We provide user data to governments only in accordance with the law.”
Chairman of the Joint Chiefs of Staff Martin E. Dempsey reportedly travelled in recent months to meet with Facebook, Google, Intel, and Microsoft executives. A source, who attended the meetings, told the New York Times that discussions involved how companies could collaborate with the government on intelligence gathering.