Why Does The NSA Focus So Much On 'TERROR!' When PRISM's Success Story Is About Cybersecurity?
from the odd dept
We've mocked the NSA for the way it always reverts to FUD about "terrorists" to show how "successful" programs like PRISM have been, but then also reverts to talking about cybersecurity
as a focus to make the surveillance seem more like it's about
protecting people, rather than spying on them. However, as some of the
latest revealed documents show, perhaps the NSA has its talking points
all mixed up. There's plenty to discuss concerning the revelations
about the NSA spying on French phone calls, but some people have noticed that, while some of the presentation documents revealed with that story were revealed before, there are a few new ones as well, including this one:
The key thing here is the report that the NSA was able to use its FAA
authority (apparently via both PRISM and "upstream collection" -- which
is tapping directly into the backbone via telcos) to figure out that
someone, perhaps the Chinese, had gotten access to a defense
contractor's network and was either preparing to, or at least had the
ability to get 150 gigs of important data out. The NSA alerted the FBI
which alerted the contractor and they plugged the hole the same day.
While that certainly seems like a good thing, it's not entirely clear
stopping such hacking is really worth giving up a ton of privacy, though
it does show, again, why Keith Alexander keeps demanding access to
pretty much everything. Of course, you'd think that the NSA would be a
bit more forward in promoting this success story, rather than its bogus claims about stopping terrorist attacks, which have fallen apart under scrutiny.
The other interesting slide is this one:
It shows some of the differences between PRISM and the upstream
collections, both of which the NSA believes are authorized under Section
702 of the FISA Amendments Act. PRISM involves being able to collect
specific data from the 9 specific companies which have been named
(Google, Facebook, Microsoft, Yahoo, Apple, Skype, AOL, Paltalk,
YouTube), while "upstream" is what the NSA gets from tapping the
backbone via telcos. "DNR Selectors" are the phone call metadata
collected under a different program (Section 215 of the Patriot Act)
which they apparently can filter the upstream data collection against.
"DNI" is internet data (email addresses and such). Once again, it looks
like tapping the backbone provides a hell of a lot more data, but it
lacks the ability to "access stored communications," which they get via
PRISM.
The other interesting tidbit to me, is the "direct relationship" claim. Note that with PRISM, it says "only through FBI," which suggests a reason why the PRISM companies have insisted that they've never been involved in any NSA program. It looks like they may have only had to deal with FBI requests (and associated FISA court orders). It's just that the data the FBI gets is then shared with the NSA.
The other interesting slide is this one:
The other interesting tidbit to me, is the "direct relationship" claim. Note that with PRISM, it says "only through FBI," which suggests a reason why the PRISM companies have insisted that they've never been involved in any NSA program. It looks like they may have only had to deal with FBI requests (and associated FISA court orders). It's just that the data the FBI gets is then shared with the NSA.
No comments:
Post a Comment