Tech Companies Deny Letting NSA Have Realtime Access To Their Servers, But Choose Their Words Carefully
from the worth-watching dept
We've already talked about James Clapper, the Director of National Intelligence choosing weasel words to pretend they're saying that they weren't spying on Americans when they really were, and now some are arguing that the tech companies are doing the same exact thing. All of the tech companies listed have been denying their involvement, but again, the words are being chosen carefully, and there's a reasonable argument that they're denying certain specific claims while really side-stepping the bigger issue.Note the fine distinction. Giving the NSA a clone of their data wouldn't be giving them "access to our servers." It would be giving copies to the NSA... and then the NSA could "access" its own servers. And you were wondering why the NSA needed so much space in Utah. If they're basically running a replica of every major big tech company datacenter, it suddenly makes a bit more sense. Of course, at this point there's no evidence that this is necessarily the case -- and some are insisting that the denials are legit, and that the Washington Post's story is not entirely accurate. But... the wording here is extra careful, and the government's report really does seem to indicate that these companies are deeply involved.Comparing denials from tech companies, a clear pattern emerges: Apple denied ever hearing of the program and notes they “do not provide any government agency with direct access to our servers and any agency requesting customer data must get a court order;” Facebook claimed they “do not provide any government organisation with direct access to Facebook servers;” Google said it “does not have a ‘back door’ for the government to access private user data”; And Yahoo said they “do not provide the government with direct access to our servers, systems, or network.” Most also note that they only release user information as the law compels them to.
But the PRISM program’s reported access to data and the now repeatedly confirmed widespread access to phone records and other types of digital data appears to be almost exactly what the 2008 Protect America Act (PAA) allows Foreign Intelligence Surveillance Act (FISA) courts to compel tech companies to do — as many warned around the time of its passage. If tech companies are not providing direct access to their servers but are cooperating with the PRISM program, that leaves at least one other option: Companies are providing intelligence agencies with copies of their data.
By the way, if you'd like to dig in on annotating the various tech companies' denials, someone put them all up at RapGenius, the site for annotating text (not just rap songs).
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: nsa, surveillance, tech companies
Companies: aol, apple, google, microsoft, skype, yahoo
Reader Comments
Subscribe: RSS
View by: Time | Thread
Redundancy
But this creates a lot of redundancy. Why continuously clone the same data? And how do you prevent it from falling into the public's hands?
I really think the government is pushing themselves into an indefensible position from a logical perspective. The government believes it doesn't have to follow the Constitution. It doesn't believe that it has to protect the rights of citizens. It can spy on anyone that it wants. It protects the aristocracy in a number of ways. We've seen that these people won't prosecute HSBC or any large scale fraud. They'd rather waste resources going after drugs and societal problems that could be resolved in much better ways.
It's not a government of, by, or for the people. It's a government running scared and not learning from its mistakes. In fact, it's creating even more and causing the public to lose faith in it. That's not disappointing. It's downright tragic. What's the use of a government that protects some of us, but not all of us? What's the point of a government running scared and hiding behind minutiae instead of working with the public?
How is it that our own government has essentially become redundant?
[ link to this | view in thread ]
And why isn't the RIAA/MPAA going after all of these pirates? Hmm? Why isn't the FBI knocking down the NSA's doors for all of this unlicensed copying?
[ link to this | view in thread ]
Each serving the other
The government knows private companies are amassing huge amounts of data on everyone, so the government doesn't stop that because it is useful.
The private companies, on the other hand, want help with security and hand over data to government to allow government to play "cop."
I am skeptical that this kind of massive citizen monitoring (much of it done for commercial reasons) would go on if it weren't in the interests of private companies.
[ link to this | view in thread ]
Facebook
[ link to this | view in thread ]
Court order
[ link to this | view in thread ]
Re: Each serving the other
> (much of it done for commercial reasons) would go on if it
> weren't in the interests of private companies.
Those who would be tyrants and dictators (whether they exist at present or in the future) are happy to let you think that, and blame private companies. It makes them look better.
[ link to this | view in thread ]
Loading
[ link to this | view in thread ]
Whatever data they happen to have at present
In fact, do you think that anyone in government could bring themselves to ever scale back this spying. Some might want to prevent its expansion, but I doubt anyone wants to or would be able to ever scale it back.
Like the federal budget, like politicians' ethics, like an object near a black hole, the size of this spying can move in only one direction.
[ link to this | view in thread ]
Re: Re: Each serving the other
I would say that government is working for private companies.
The idea that private companies have no control over government is what private companies want you to think.
[ link to this | view in thread ]
Re: Whatever data they happen to have at present
I think government will quit. It will just all be done by private contractors who will be less accountable than government.
[ link to this | view in thread ]
HOLY COW! Now Mike is re-writing ME!
Still without explicit mention of Google's weaseling, though.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
DNI Clapper: Tech companies are lying
“ DNI Statement on Activities Authorized Under Section 702 of FISA”, June 06, 2013
Of course, now it seems apparent that DNI Clapper, last March, while under oath, made an intentional misstatement of fact to Senator Wyden.
Maybe DNI Clapper is lying in this unsworn statement to the press? If he lies to a Senator under oath, why wouldn't he lie to the American people when not under oath?
[ link to this | view in thread ]
PRISM and XBox One
XBox One will have an always-on camera that can see in the dark. And a microphone. And it's tied to your XBox Live account.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: PRISM and XBox One
[ link to this | view in thread ]
The reason for CISPA
At this point, they pretty much know they've fucked up - and they're trying their hardest to keep it a secret while they attempt to put in place a law that saves their asses.
Someday, history books will look back on this as a scandalous time when the U.S. government raped its citizen's privacy for no good reason. I'm sure it will be looked upon as a dark ages of the internet revolution.
[ link to this | view in thread ]
Re: Re: Whatever data they happen to have at present
"Private" is not inherently better than "government."
Pentagon Has No Idea What 108,000 Contractors Are Doing: "According to CRS, there are now 108,000 private workers in Afghanistan, a workforce that dwarfs the 65,700 American troops still stationed there. That means there are 1.6 contractors for every American soldier in Afghanistan. This is an increase from last month, when The Fiscal Times reported that there were 1.4 contractors per American soldier."
[ link to this | view in thread ]
Re: The reason for CISPA
Opinion: The Internet is a surveillance state - CNN.com: "The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we're being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period."
[ link to this | view in thread ]
[ link to this | view in thread ]
Know who is in your computer
If you don't like the idea of the government spying on your computer, then you need to get control of the commercial spying that almost all of us have been allowing to occur.
For those who would like to put a stop to this, but perhaps don't know where to start, step 1 is knowing who is doing the spying. There are many ways to do this, but I suggest some free Nirsoft tools. Network TrafficView will give you are real-time picture of the IP addresses which are communicating with your computer. You can then use DNSDataView to identify the companies that are behind the IP addresses.
Armed with that information, you can start blocking. You can block by domain name, IP address and in some cases by port number.
[ link to this | view in thread ]
A perfect example of 'You scratch my back, I'll scratch yours'
[ link to this | view in thread ]
Google the phrase "compelled certificate creation attack". If the root CAs have been compelled to allow a proxy box to be in the middle of the certs process, then they hold the real cert while the two parties have the "legally" forged/compelled certs. When crypto keys get exchanged, they see all the traffic, so the rest is open-book.
[ link to this | view in thread ]
Re:
That's what companies are doing in the name of profit. They are tracking everything we do so they can figure out how to sell us more stuff or to sell our data to companies that want it. The surveillance is built into all of our high tech gadgets because it benefits private companies.
[ link to this | view in thread ]
Re: PRISM and XBox One
[ link to this | view in thread ]
Re: Know who is in your computer
[ link to this | view in thread ]
Spying is Good!
[ link to this | view in thread ]
Or it could be even more machiavellian...
The administration was prepared for the eventual leak of the telco data. They then pile on a deliberate leak of a much more extreme breach that will grab the headlines. This is eventually shown to be false, the journalists involved are discredited and the telco thing is forgotten as collateral damage.
I don't know how much confirmation the Guardian could have gotten before running with this story - after what happened to Bradley Manning, there can't be too many people willing to blow the lid on something this big. Therefore, it could all come down to something easily forged.
I'm not normally a conspiracy theorist - the twin towers were an act of terrorism, climate change is real, and the only chemicals in the chemtrails are flouride :) - but this story is either true (in which case it's a conspiracy) or it's a distraction (in which case it's a conspiracy).
Either way, this is all seriously messed up.
[ link to this | view in thread ]
What Happens Now?
On an broader scale, this is huge because almost all branches of government were involved, and it seems to be technically legal based on some language trickery.
I'm wondering what we the people can do to fix this. Impeachment might be an overreaction, but perhaps one or many "We The People" petitions?
I think a lot of us are enthusiastic about doing something, but we just don't know what we can do to cause effective change. Virtually every branch of government has been defiling our bill of rights, one amendment at a time.
[ link to this | view in thread ]
Re: Spying is Good!
You do realize that in a way Google is already associated with this. It hired Kurzweil.
Ray Kurzweil - Wikipedia, the free encyclopedia: He believes that with radical life extension will come radical life enhancement. He is confident that within 10 years we will have the option to spend some of our time in 3D virtual environments that appear just as real as real reality, but these will not yet be made possible via direct interaction with our nervous system.
[ link to this | view in thread ]
Re: Know who is in your computer
A better recommendation would be to switch to free software, possibly GNU/Linux. Solves all of your problems with applications phoning home in one fell swoop.
You can be assured that (barring some software bug or cracking) no one else will ever get root access to your machine unless you allow it.
[ link to this | view in thread ]
Re: A perfect example of 'You scratch my back, I'll scratch yours'
The anti-government arguments facilitate dismantling all government programs that some people don't like. And the privatization approach allows whatever tax money that is collected to be funneled to certain corporations.
I continue to believe there is a reason for the anti-government articles without the same people calling out private data collection. It's a way to simultaneously eliminate government interference in private data collection while at the same time paying more government money to private contractors to do it.
It's how the military-industrial complex has been operated. Call for smaller government, then get into office and funnel lots of money to private contractors.
[ link to this | view in thread ]
Re: Re: Know who is in your computer
As to Linux, BSD and the like, yes, I run those too. You are kidding yourself however if you think you aren't being watched when you use a browser on a Linux machine. Using Linux only decreases the extent to which you are being spied upon. It does not eliminate it.
[ link to this | view in thread ]
Re: Re: Re: Know who is in your computer
So your first step should be to install an OS that you can trust, and use safe applications.
Then the web spying can be easily thwarted: use tor.
[ link to this | view in thread ]
Re: Re: Re: Know who is in your computer
I use TOR for all my browsing, including posting, I do not post anything anywhere, that forces you to use javascript or the like.
I use secure VoIP(i.e. Jitsi)
https://en.wikipedia.org/wiki/Comparison_of_VoIP_software
On top of that I toyed with the idea of getting a Facebook account but instead of using plaintext I just encrypted all the text, so if you want to read it you need a key, don't upload images because there is no scrambling image protocol available that is easy to use or secure enough.
And I try opportunistic encryption anywhere I can.
[ link to this | view in thread ]
Re: Re: Know who is in your computer
[ link to this | view in thread ]
So...
"Your honor I didn't steal the property in question. It was given to me by a third party who stole it. So, the charge of theft is not applicable."
We need a federal possession of unlawful data law just like our possession of stolen property laws.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: So...
"Your honor I didn't steal the property in question. It was given to me by a third party who stole it. So, the charge of theft is not applicable."
Here's how to get around it. The government just buys the data like any other company doing business with the data collection companies. As long as private companies can gather and sell data, the government can buy it too. No theft involved on the government's part. You have to go after the private companies gathering data if you really want to stop it. And too many companies want to collect that data for it to stop. They want the freedom to collect as much data on everyone as technology will allow. And they don't want laws to force them to disclose anything.
Essentially private companies want the freedom to do whatever they want without government interference. That's the bigger issue.
[ link to this | view in thread ]
Re: PRISM and XBox One
[ link to this | view in thread ]
Re: Re: The reason for CISPA
[ link to this | view in thread ]
Re: Re: Re: Know who is in your computer
[ link to this | view in thread ]
But big tech knows better
But Google, Facebook, and other companies seem to assume that they can collect all of the world's data and use it because they know what's best for us.
Whether you have government officials who think they know what's best for the world or whether you have private companies that know what's best for the world, you end up with similar thinking.
I've been coming down hard on big tech because of what those involved in big tech say about their worldview. I'm wary of concentration of power in anyone's hands. I don't believe gigantic tech companies are inherently preferable to giant government operations.
[ link to this | view in thread ]
Re: Re: The reason for CISPA
Given the additional information since that post, I am not longer on the fence about my feelings. It has solidified and I now believe that the only way going forward that we will be able to retain any form of freedom is for us to live in a secret (thus privacy) free state. This means no state secrets, no personal secrets, nothing is private (I'll give you the bathroom but nothing else). It should all out there legally for any one to see. The only time it becomes illegal is when someone, or something, tries to hide it.
I do not stated this lightly. American principles have been ingrained in me since birth, some 41 years ago. But technology has rendered this concept unless and to go on living like it is an enshrined right of all Americans (I only say Americans because at some point it was decided that if you weren't born here that you don't get our rights), is not only stupid but dangerous. At this point it no longer protects the average citizen, it only protects those have the resources to hide stuff.
[ link to this | view in thread ]
I live in Utah
Get the hell off my lawn.
Dag nabbit. Didn't do any good. The good for nothing shits are still there...
[ link to this | view in thread ]
Re: Re: So...
[ link to this | view in thread ]
So...
"Your honor I didn't steal the property in question. It was given to me by a third party who stole it. So, the charge of theft is not applicable."
We need a federal possession of unlawful data law just like our possession of stolen property laws.
[ link to this | view in thread ]
Re: Re: Re: The reason for CISPA
Which is probably the most realistic solution. And a number of the sharing companies are hoping to develop a reputation/trust gauge so you know who you can trust to share stuff with.
What I want are better systems to protect against ID theft. So when technology can prevent or limit theft, that will be good.
And can you imagine what it will be like when we know just how much money the very wealthy have and what they are doing with it? Total global transparency will be very interesting. Imagine when we all know everything about everyone. No secrets at all.
[ link to this | view in thread ]
Re: Re: Re: The reason for CISPA
By fighting for privacy we're making the problem worse.
[ link to this | view in thread ]
Re:
Read the whole page, hell the whole site, tons of useful info.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Protection technologies
That's what I've been working on. A system to create anonymous identities. http://eccentric-authentication.org/
Check out if you run Linux: http://eccentric-authentication.org/blog/2013/06/07/run-it-yourself.html
[ link to this | view in thread ]
Re: What Happens Now?
https://petitions.whitehouse.gov/petition/pardon-edward-snowden/Dp03vGYD
26,102 signatures already! Need 100,000 to get a White House response.
[ link to this | view in thread ]