Skip the navigation

Emails shed light on Google's work with NSA

Exchanges between NSA director and Google execs suggest cooperation on data security

May 6, 2014 04:15 PM ET

Computerworld - Two sets of emails obtained by Al Jazeera America under a Freedom of Information Act request suggest that Google's cooperation with the National Security Agency (NSA) may have been less coerced than the company has let on.

The emails date back to June 2012 and chronicle communications between NSA director General Keith Alexander and Google executives Eric Schmidt and Sergey Brin.

In one email, Alexander refers to a previous meeting between NSA and Google officials and then invites Schmidt to a four-hour "topic-specific" and "decision-oriented" classified briefing on mobile threats and security.

"Google's participation in refinement, engineering and deployment of the solutions will be essential," Alexander said in the missive.

In response, Schmidt professes his delight at meeting Alexander recently while noting his inability to attend the meeting because of a prior engagement. "Would love to see you another time," Schmidt says in an email.

Alexander's email refers to a government/industry information sharing initiative called the Enduring Security Framework (ESF), which was launched in 2009 by the Department of Homeland Security, U.S. Department of Defense and the CEOs of 18 technology companies.

Alexander notes in the email that under the ESF initiative, the NSA worked with several top tech companies, including Intel, AMD, Dell, HP and Microsoft, to address a security threat in the BIOS of several enterprise systems.

In an interview on the television news program 60 Minutes last December, NSA cyber defense director Debora Plunkett outlined details of the BIOS threat referred to in the letter. Plunkett said a state-sponsored group in China created a BIOS plot to "brick", or destroy, systems in the U.S. and the NSA joined with top tech firms to address the threat.

In the email to Schmidt, Alexander also sought Google's help in addressing mobile security threats. "A group (primarily Google, Apple and Microsoft) recently came to agreement on a set of core security practices," Alexander wrote.

The classified meeting was to provide the CEOs of these companies with information on how they could mitigate specific threats to their mobile technologies, he said.

In an email addressed to Brin, Alexander expresses his appreciation for the contributions to the ESF effort made by several top Google technologists, including Vint Cerf, vice president and Chief Internet Evangelist, and Eric Grosse, vice president of security engineering. "You insights as a key member of the Defense Industrial Base are valuable to ensure that ESF's efforts have a measurable impact," Alexander aid.

A Google spokeswoman today said the company worked with a range of experts, including those from the government, to protect users from cyberattacks. "We work really hard to protect our users from cyberattacks and we talk to outside experts, including occasionally in the US government, to ensure we stay ahead of the game."

Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!