Here are the tech companies denying involvement with the NSA's PRISM program
"We have never heard of PRISM," says Apple
T
he Washington Post has published a massive investigative report
revealing a secret state-run program called PRISM, which allows the
National Security Agency to legally extract "audio and video chats,
photographs, emails, documents, and connection logs that enable analysts
to track foreign targets" from the servers of nine U.S. internet
companies. According to the document obtained by The Post, the official roster includes Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, and Apple. (Here's everything we know about PRISM so far.)The Post has since backtracked on its original stance that the companies "participated knowingly" in the program, and has added this hedging paragraph:
It is possible that the
conflict between the PRISM slides and the company spokesmen is the
result of imprecision on the part of the NSA author. In another
classified report obtained by The Post, the arrangement is
described as allowing 'collection managers [to send] content tasking
instructions directly to equipment installed at company-controlled
locations,' rather than directly to company servers. [Washington Post]
Here are statements from the firms that have so far denied
involvement with the program. Remember: Skype is owned by Microsoft, and
YouTube is owned by Google. AOL has yet to respond, but we'll update
this list when or if it does:Microsoft:
We provide customer data only
when we receive a legally binding order or subpoena to do so, and never
on a voluntary basis. In addition we only ever comply with orders for
requests about specific accounts or identifiers. If the government has a
broader voluntary national security program to gather customer data we
don't participate in it. [Microsoft]
Yahoo:
Yahoo! takes users privacy
very seriously. We do not provide the government with direct access to
our servers, systems, or network. [TechCrunch]
Google:
Google cares deeply about the
security of our users' data. We disclose user data to government in
accordance with the law, and we review all such requests carefully. From
time to time, people allege that we have created a government 'back
door' into our systems, but Google does not have a backdoor for the
government to access private user data. [TechCrunch]
Facebook:
We do not provide any
government organization with direct access to Facebook servers. When
Facebook is asked for data or information about specific individuals, we
carefully scrutinize any such request for compliance with all
applicable laws, and provide information only to the extent required by
law. [All Things D]
PayTalk:
No comment. [VentureBeat]
Apple:
We have never heard of PRISM.
We do not provide any government agency with direct access to our
servers, and any government agency requesting customer data must get a
court order. [All Things D]
Dropbox:
We've seen reports that
Dropbox might be asked to participate in a government program called
PRISM. We are not part of any such program and remain committed to
protecting our users' privacy. [TechCrunch]
So what's going on? A few early possibilities:1. The Washington Post is wrong. At this point, that doesn't look likely.
2. The companies are being less than forthright. They could be phrasing their denials in such a way that they're technically telling the truth. "Comparing denials from tech companies, a clear pattern emerges," writes Andrea Peterson at ThinkProgress:
Apple denied ever hearing of
the program and notes they "do not provide any government agency with
direct access to our servers and any agency requesting customer data
must get a court order;" Facebook claimed they "do not provide any
government organization with direct access to Facebook servers;" Google
said it "does not have a 'back door' for the government to access
private user data"; And Yahoo said they "do not provide the government
with direct access to our servers, systems, or network." Most also note
that they only release user information as the law compels them to. [ThinkProgress]
3. PRISM is simply a very, very closely guarded secret.
It could be that the NSA's arrangements with the companies "are kept so
tightly compartmentalized that very few people know about it," writes TheWeek.com's Marc Ambinder.
"Those who do probably have security clearances and are bound by law
not to reveal the arrangement." Security expert Robert David Graham puts
it another way:Robert David Graham @ErrataRob
No comments:
Post a Comment