NSA, FBI mining data directly from major Internet companies, report says
Data from Microsoft, Facebook, Google servers is being accessed, Washington Post claims
Computerworld - The FBI and the National Security Agency are tapping directly into servers at Microsoft, Google, Facebook, Skype and other major Internet companies to keep track of the communications and interactions of known and suspected foreign terrorists, the Washington Post reported late Thursday.
The report is based on an allegedly top-secret document that the Post obtained containing information on a classified data collection program code-named PRISM that was launched about six years ago.
The two agencies allegedly accessed audio, video, email, photographs, documents and connection logs purportedly to help counterterrorism analysts track the movements and interactions of foreign nationals thought to pose a threat to the U.S. However, even when the system works as it is supposed to, the NSA routinely gathers a lot of information on Internet users based in the U.S. as well, the story noted.
According to the Post, the document it obtained described PRISM as an increasingly important source of raw material for NSA's intelligence reports, including those prepared for the President's Daily Brief. Data gathered through PRISM is used in one in seven NSA intelligence reports and PRISM data was cited in a total of 1,477 articles in the Daily Brief.
According to the Post's description of the project, PRISM allows analysts from FBI's Data Intercept Technology Unit and the NSA's Special Source Operations group to search for and inspect specific items of interest flowing through the data streams of each of the companies participating in PRISM.
The Post published copies of several slides that it obtained that purport to describe PRISM. One of the slides lists Microsoft, Google, Facebook, Skype and five other Internet companies as "current providers" of PRISM data. According to the Post, another slide describes PRISM data being collected "directly from the servers" of these companies.
A spokesman from Google denied the company's alleged participation in PRISM.
"Google cares deeply about the security of our users' data," he said in an emailed statement. "We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a 'back door' for the government to access private user data."
In a statement on its website, Facebook's Chief Security Officer Joe Sullivan also denied the company was handing over data to the government. "Protecting the privacy of our users and their data is a top priority for Facebook," Sullivan said.
"We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law," Sullivan said.
- NSA defends collecting data from U.S. residents not suspected of terrorist activities
- Groups fear bill would allow free flow of data between private sector and NSA
- Google's move into home automation means even less privacy
- Bill to require warrant for email searches gains ground in House
- Coming soon to a fridge near you -- targeted ads
- Snowden leaks prompt tech firms to tout privacy, transparency policies
- License reader lawsuit can be heard, appeals court rules
- Is EU's 'right to be forgotten' really the 'right to edit the truth'?
- Tails 1.0: A bootable Linux distro that protects your privacy
- Privacy jitters derail controversial K-12 big data initiative
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!