Silicon Valley companies including Google, Facebook, Yahoo and Apple are allowing federal government intelligence agencies to tap into their servers to glean reams of customer data, the Washington Post reported today.
Among the types of data the Federal Bureau of Investigation and the National Security Agency are gleaning from the tech companies are emails, pictures, documents, videos and audio recordings, according to the Post. The data is being gleaned under a previously undisclosed program called PRISM that was established in 2007 but has expanded exponentially under the Obama administration.
In fact, the program now is the leading source of raw data for the secretive NSA and for the president’s daily security briefings, according to the Post. As the article notes, that’s a remarkable statistic given the vast amounts of data the NSA collects and the fact that much of the information accessible to the NSA under PRISM is stored in accounts owned by American citizens that are held by American companies operating on American soil. By law, the NSA is supposed to focus on foreign intelligence.
At least three other tech companies are participating in the program and allowing the government agencies to tap directly into their servers: Microsoft, PalTalk and AOL. Also listed as participants are Skype and YouTube, which are owned by Microsoft and Google, respectively. Dropbox is expected to “soon” be a participant also.
According to the article, Microsoft was the first participant in the program. Apple resisted participating until last year. Notably, Twitter is not a part of the program.
Update: My colleague Brandon Bailey has been contacting the tech companies named in the Washington Post’s report (the Guardian has published its own report documenting the same program). He’s gotten the following reactions from those companies:
- Google: “Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data.”
- Apple: “We have never heard of PRISM. We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order.”
- Facebook: “At least as it pertains to Facebook, the assertion is inaccurate,” a company representative said. Joe Sullivan, Facebook’s Chief Security Officer, added in a statement: ‘Protecting the privacy of our users and their data is a top priority for Facebook. We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law.’”
- Yahoo: “Yahoo! takes users’ privacy very seriously. We do not provide the government with direct access to our servers, systems, or network.”
- Microsoft: “We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.”
Tags: AOL, Apple, dropbox, facebook, fbi, federal bureau of investigation, Google, guardian, Microsoft, national security agency, nsa, paltalk, Skype, spying, Surveillance, Verizon, washington post, wiretapping, Yahoo, youtube