The National Security Agency and FBI are interested in more than just your phone records — they are also interested in your audio, video, photographs, emails, documents, and connection logs, according to a bombshell report from The Washington Post.
Although the massive Internet surveillance program, code-named “PRISM,” reportedly began in 2007, we are only now learning about it because an anonymous intelligence officer apparently leaked the information to the press.
“Firsthand experience with these systems, and horror at their capabilities, is what drove a career intelligence officer to provide PowerPoint slides about PRISM and supporting materials,” the report notes, “in order to expose what he believes to be a gross intrusion on privacy.”
“They quite literally can watch your ideas form as you type,” the officer said.
But how, exactly, are the feds tapping directly into the central servers and getting their hands on online users’ information? With the assistance of major technology companies, of course:
The technology companies, which participate knowingly in PRISM operations, include most of the dominant global players of Silicon Valley. They are listed on a roster that bears their logos in order of entry into the program: “Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”
For some of these companies, they had no choice but to comply with the feds.
“Formally, in exchange for immunity from lawsuits, companies like Yahoo and AOL are obliged accept a ‘directive’ from the attorney general and the director of national intelligence to open their servers to the FBI’s Data Intercept Technology Unit, which handles liaison to U.S. companies from the NSA,” the Post reports.
“In 2008, Congress gave the Justice Department authority … for a secret order from the Foreign Surveillance Intelligence Court to compel a reluctant company ‘to comply,’” it adds.
In short, the feds have strong-armed a few reluctant tech companies into playing along with the program.
“In practice, there is room for a company to maneuver, delay or resist. When a clandestine intelligence program meets a highly regulated industry,” the report continues, “neither side wants to risk a public fight.”
“The engineering problems are so immense, in systems of such complexity and frequent change, that the FBI and NSA would be hard pressed to build in back doors without active help from each company.”
Microsoft became PRISM’s first corporate partner in 2007, according to the leaked 41-slide PowerPoint presentation, followed shortly by Yahoo, Google, and Facebook. Apple didn’t join until after the death of Steve Jobs, five years after the start of PRISM.
Unsurprisingly, spokesmen for the major tech companies deny any knowledge of PRISM.
Here’s what Google said:
Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government “back door” into our systems, but Google does not have a back door for the government to access private user data.
Meanwhile, a spokesman for Apple told The Guardian that he had “never heard” of PRISM.
An official statement released by Facebook claims the social networking sight has never given the feds “direct” access to its servers (the word “direct” may be key here).
The program is so secretive that the members of Congress who do know about it are apparently unable comment on it due to their oaths of office.
Here’s how The Washington Post reports the story:
An internal presentation on the Silicon Valley operation, intended for senior analysts in the NSA’s Signals Intelligence Directorate, described the new tool as the most prolific contributor to the President’s Daily Brief, which cited PRISM data in 1,477 articles last year. According to the briefing slides, obtained by The Washington Post, “NSA reporting increasingly relies on PRISM” as its leading source of raw material, accounting for nearly 1 in 7 intelligence reports.
That is a remarkable figure in an agency that measures annual intake in the trillions of communications. It is all the more striking because the NSA, whose lawful mission is foreign intelligence, is reaching deep inside the machinery of American companies that host hundreds of millions of American-held accounts on American soil.
Under President Obama, the program has allegedly enjoyed “exponential growth” since its founding in 2007 when then-Senator Obama routinely criticized President George W. Bush’s surveillance programs.
“The PRISM program is not a dragnet, exactly. From inside a company’s data stream the NSA is capable of pulling out anything it likes, but under current rules the agency does not try to collect it all,” the report notes.
“Analysts who use the system from a Web portal at Fort Meade key in ‘selectors,’ or search terms, that are designed to produce at least 51 percent confidence in a target’s ‘foreignness.’”
“That is not a very stringent test. Training materials obtained by the Post instruct new analysts to submit accidentally collected U.S. content for a quarterly report, ‘but it’s nothing to worry about,'” it adds.
But here are some really frightening details:
Even when the system works just as advertised, with no American singled out for targeting, the NSA routinely collects a great deal of American content. That is described as “incidental,” and it is inherent in contact chaining, one of the basic tools of the trade. To collect on a suspected spy or foreign terrorist means, at minimum, that everyone in the suspect’s inbox or outbox is swept in. Intelligence analysts are typically taught to chain through contacts two “hops” out from their target, which increases “incidental collection” exponentially.
Follow Becket Adams (@BecketAdams) on Twitter
Featured image screen grab. This post has been updated.