The Hacker News Logo
Subscribe to Newsletter

NSA's PRISM spy program, mining data from nine biggest Internet companies

The National Security Agency, part of the U.S. military reportedly has a direct line into the systems of some of the world’s biggest Web and tech companies, i.e Microsoft, Google, Facebook, Skype.

The NSA access is part of a previously undisclosed program called PRISM, 6-year-old program which allows officials to collect real-time information and as well as stored material including search history, the content of emails, file transfers and live chats, according to reports in the Washington Post.

Project PRISM may be the first of its kind and also GCHQ, Britain’s equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA.
Later confirmed by the White House and members of Congress as saying that the government routinely seeks information in its fight to thwart domestic and international terrorism.

Other services that are reportedly part of PRISM include PalTalk, Skype, and AOL. Dropbox is listed in the presentation as "coming soon."

According to a separate “User’s Guide for PRISM Skype Collection,” that service can be monitored for audio when one end of the call is a conventional telephone and for any combination of “audio, video, chat, and file transfers” when Skype users connect by computer alone.

Companies including Facebook, Apple and Google denied the company's alleged participation in PRISM. A spokesperson for Apple said "We have never heard of PRISM. We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order."

Also chief security officer for Facebook said "We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law."

The report came on the same day that another newspaper Guardian, revealed that the U.S. government is collecting telephone records of millions of Americans as part of U.S. counterterrorism efforts via Verizon communications.

Verizon continually takes steps to safeguard its customers’ privacy. Nevertheless, the law authorizes the federal courts to order a company to provide information in certain circumstances, and if Verizon were to receive such an order, we would be required to comply,” Randy Milch, Verizon’s general counsel, said in a letter to employees.

Though there is no specific guarantee to privacy under the U.S. Constitution, the fourth amendment is often cited as guaranteeing protection to American citizens against unlawful search and seizure.

UPDATE : President Obama says, "When it comes to telephone calls, nobody is listening to your telephone calls. That is not what this program is about. As was indicated, what the intelligence community is doing is, looking at those numbers, and durations of calls. They are not looking at people’s names and they’re not looking at content. But, by sifting through this so-called metadata they may identify potential leads with respect to folks who might engage in terrorism."

Google Co-Founder Larry Page:

Dear Google users—

You may be aware of press reports alleging that Internet companies have joined a secret U.S. government program called PRISM to give the National Security Agency direct access to our servers. As Google’s CEO and Chief Legal Officer, we wanted you to have the facts.

First, we have not joined any program that would give the U.S. government—or any other government—direct access to our servers. Indeed, the U.S. government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday.

Second, we provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process. Press reports that suggest that Google is providing open-ended access to our users’ data are false, period. Until this week’s reports, we had never heard of the broad type of order that Verizon received—an order that appears to have required them to hand over millions of users’ call records. We were very surprised to learn that such broad orders exist. Any suggestion that Google is disclosing information about our users’ Internet activity on such a scale is completely false.

Finally, this episode confirms what we have long believed—there needs to be a more transparent approach. Google has worked hard, within the confines of the current laws, to be open about the data requests we receive. We post this information on our Transparency Report whenever possible. We were the first company to do this. And, of course, we understand that the U.S. and other governments need to take action to protect their citizens’ safety—including sometimes by using surveillance. But the level of secrecy around the current legal procedures undermines the freedoms we all cherish.

Posted by Larry Page, CEO and David Drummond, Chief Legal Officer
Source


Facebook Founder also posted about PRISM on his facebook wall:

MUST READ : 
Edward Snowden, whistleblower behind the NSA surveillance Program leak

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.