Reports: NSA, FBI collecting content from Google, Facebook, other services
Major Internet companies let US agencies probe their servers, the Washington Post and the Guardian eported
IDG News Service - The U.S. National Security Agency and Federal Bureau of Investigation have access to servers at Google, Facebook and other major Internet services, collecting audio, video, email and other content for surveillance, the Washington Post and the Guardian reported on Thursday.
The surveillance is taking place in real time under a classified program called PRISM, which was begun in 2007 to investigate foreign threats to the U.S., the reports said. Most of the major Internet services, including Microsoft, Yahoo, Skype, Apple and AOL as well as Google and Facebook, knowingly participate in PRISM, according to the Post and the Guardian.
"The program facilitates extensive, in-depth surveillance on live communications and stored information," the Guardian reported. The document obtained by the newspapers refers to "strong growth" in the program in recent years, with a specific reference to "exponential" growth in its use on Skype servers, for instance.
The Post report came from a leak by an intelligence officer, who supplied the newspaper with PowerPoint slides about PRISM, the story said. Both newspapers posted some of those slides with their articles. The document is recent, with a date of April 2013.
The story came out just a day after the Guardian newspaper in the U.K. reported that the NSA had been granted broad access to the call records of Verizon Communications customers, also for surveillance purposes.
The NSA is forbidden to investigate U.S. citizens. The PRISM program has procedures to prevent citizens' content from being included in the surveillance, but those procedures aren't strict, according to the reports. The agencies don't try to collect all the content from the Internet services, but PRISM allows agents to search for content and pull it out of the servers, the newspapers said.
Reached late Thursday, an NSA spokeswoman declined to comment, referring questions to the Office of the Director of National Intelligence.
Criticism from civil-liberties activists was swift and scathing.
"This is a completely unwarranted violation of our constitutional rights," John Simpson, a consumer advocate at the group Consumer Watchdog, said via email. "There is no justification for government snooping of this magnitude. The nine companies who acquiesced to this unconstitutional abuse by the government should be ashamed of themselves."
The American Civil Liberties Union called the PRISM allegations and the Verizon news alarming and called for Congressional action.
"The stories published over the last two days make clear that the NSA -- part of the military -- now has direct access to every corner of Americans' digital lives. Unchecked government surveillance presents a grave threat to democratic freedoms," said Jameel Jaffer, the ACLU's deputy legal director, in a written statement.
"The secrecy surrounding the government's extraordinary surveillance powers has stymied our system of checks and balances," wrote Laura Murphy, director of the ACLU Washington Legislative Office. "Congress must initiate an investigation to fully uncover the scope of these powers and their constraints, and it must enact reforms that protect Americans' right to privacy and that enable effective public oversight of our government."
Some Internet companies that allegedly participate in PRISM denied involvement.
Facebook called the allegations inaccurate. "We do not provide any government organization with direct access to Facebook servers," the company said in a statement attributed to Chief Security Officer Joe Sullivan. "When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law."
"Yahoo! takes users' privacy very seriously. We do not provide the government with direct access to our servers, systems, or network," a Yahoo spokeswoman said.
Google also said it reviews all user data requests carefully.
"From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a 'back door' for the government to access private user data," the company said in a statement.A
Apple also denied involvement, saying it had never heard of PRISM, according to news reports.
(Grant Gross in Washington and Zach Miners in San Francisco contributed to this report)
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- SANS: Next-Generation Datacenters = Next-Generation Security
- This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials
- SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Safeguarding the Next-Generation Data Center
- Use of virtual and cloud servers has exploded. Unfortunately, security often lags behind. McAfee recommends looking at innovative solutions in order to erect...
- Aberdeen: Securing the Evolving Datacenter
- This report highlights ways security technologies and services are evolving to provide the visibility and control needed to deploy workloads flexibly in the... All Government IT White Papers
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- All Government IT Webcasts