Roundup: Feds Have Direct Access to User Data From Google, Facebook, Yahoo, and Others
Last night (Wed), news broke that Verizon has been providing the U.S. government access to phone records (metadata) from Verizon.
This afternoon the ALA shared their views on Verizon story.
Internet Data Providers and the NSA
Tonight, reports from The Guardian (they broke the Verizon story) and the Washington Post about the NSA (National Security Agency) having direct access to user data via the servers of Google, Facebook, Yahoo, Microsoft, and others via a secret project named PRISM.
From The Guardian:
The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.
The NSA access is part of a previously undisclosed program called PRISM, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.
Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.
In a statement, Google said: “Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data.”
Some of the world’s largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007. Microsoft – which is currently running an advertising campaign with the slogan “Your privacy is our priority” – was the first, with collection beginning in December 2007.
From The Washington Post:
The technology companies, which participate knowingly in PRISM operations, include most of the dominant global players of Silicon Valley. They are listed on a roster that bears their logos in order of entry into the program: “Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.” PalTalk, although much smaller, has hosted significant traffic during the Arab Spring and in the ongoing Syrian civil war.
Analysts who use the system from a Web portal at Fort Meade key in “selectors,” or search terms, that are designed to produce at least 51 percent confidence in a target’s “foreignness.” That is not a very stringent test. Training materials obtained by the Post instruct new analysts to submit accidentally collected U.S. content for a quarterly report, “but it’s nothing to worry about.”
Firsthand experience with these systems, and horror at their capabilities, is what drove a career intelligence officer to provide PowerPoint slides about PRISM and supporting materials to The Washington Post in order to expose what he believes to be a gross intrusion on privacy. “They quite literally can watch your ideas form as you type,” the officer said.
The Washington Post article says that direct access by the NSA to Dropbox material is “coming soon.”
See Also: Slides from the Presentation Mentioned in Both Articles (via WAPO)
See Also: US Secretly Mines Data From Internet Companies
NBC News has confirmed from two sources that the PRISM program exists, but a government official says it is a data collection program rather than a data mining program.
Also includes brief comments from Apple and Facebook
UPDATES from June 9, 2013
- U.S., company officials: Internet surveillance does not indiscriminately mine data (via Washington Post)
UPDATES from June 8, 2013
UPDATES from June 7, 2013
- U.S. Collects Vast Data Trove (via WSJ)
Note: Points out that credit card data is also being captured.
Updates from June 6, 2013
Senior officials with knowledge of the situation within the tech giants admitted to being confused by the NSA revelations, and said if such data collection was taking place, it was without companies’ knowledge.
Executives said they were “confused” by the NSA claims. “We operate under what we are required to do by law,” said one. “We receive requests for information all the time. Say about a potential terrorist threat or after the Boston bombing. But we have systems in place for that.” The executive claimed, as did others, that the most senior figures in their organisation had never heard of PRISM or any scheme like it.
We plan to update this post as more info becomes available.
About Gary Price
Gary Price (firstname.lastname@example.org) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com.