12 Comments

Summary:

In the second half of an interview with the Guardian, former CIA contractor Edward Snowden repeats allegations that PRISM provides “direct access” to servers at Google, Facebook, Microsoft and others — claims those companies have repeatedly denied.

Snowden

Ever since The Guardian and the Washington Post first revealed the existence of a top-secret NSA surveillance program known as PRISM in June, there has been a glaring question mark at the center of the documents leaked by former CIA contractor Edward Snowden: namely, how much access the spy agency has to the servers and systems of companies like Facebook, Google, Yahoo and Microsoft.

All of these companies have strenuously denied that they provide any access at all, direct or indirect — but in the second half of an interview with the Guardian, released by the newspaper on Monday, Snowden maintains that PRISM gives the NSA “direct access” to company servers.

In the interview, which he did in early June with Guardian writer Glenn Greenwald and independent documentary film-maker Laura Poitras from his hideout in Hong Kong, the former CIA staffer repeats the allegations contained in the PRISM slides about tech companies willingly providing direct access to their servers — and doing so in an automated way so that they can deny any involvement:

“Companies like Google, Facebook, Apple, Microsoft — they all get together with the NSA and provide the NSA with direct access to the backends to all of the systems you use to communicate, to store your data, to put things in the cloud, and even just to send birthday wishes and keep a record of your life. And they give the NSA direct access that they don’t need to oversee, so they can’t be held liable for it.”

Identical denials from every tech company

The slides that were originally published by the Post and Guardian describe how government agents could get “data collected directly from the servers” of what the presentation called “partner” companies such as Google and Facebook. This triggered a series of almost identical denials from the companies implicated in the story, all of which maintained that there was no such “direct access” provided — and that any NSA requests or orders to provide information on users were routinely resisted and handled via other methods.

A New York Times follow-up story, based on anonymous sources — including those at companies named in the PRISM presentation — said that several of these tech giants had set up secure “lock box” or “drop box” style servers or locations where they could send data requested by the NSA, as a way of automating the process of responding to court orders under the Foreign Intelligence Surveillance Act.

This seemed to explain the denials from Apple, Facebook and others about providing “direct access,” while still fitting the general description of the PRISM system contained in the NSA slides — suggesting that the argument over the meaning of the term “direct access” was mostly semantic. But that was before Google doubled-down on its earlier denials, both in a Wall Street Journal story and in a public question-and-answer session that Google’s chief counsel David Drummond did with The Guardian.

Someone is not telling the truth

Surveillance

In the Journal story, the company said that it provided data primarily via a secure FTP program, and refused to participate in any program that required it “to provide governments with access to our systems or to install their equipment on our networks.” In the Q&A session, meanwhile, Drummond said that Google was not “in cahoots” with the NSA or any other government agency, and strenuously denied that the company provided any kind of access — direct or otherwise — to its equipment, saying:

“There is no government program that Google participates in that allows the kind of access that the media originally reported… there is no free-for-all, no direct access, no indirect access, no back door, no drop-box.”

The inescapable fact is that there’s no way of squaring Drummond’s statements and Google’s other denials with Snowden’s specific claims in the video interview the Guardian just released. And it’s not just Snowden reiterating that the program involves “direct access” to servers: in annotations to several new slides from the NSA presentation, Washington Post reporter Barton Gellman said they confirmed the existence of a program that allows security agencies to tap directly into FBI-operated equipment installed on company premises.

Either Snowden and those whom Gellman has spoken to in the course of his reporting — not to mention the sources that the New York Times used for its “lock box” story — are lying about what kind of access the NSA gets to company servers, or the companies involved have repeatedly lied about their participation in the program. There is no other explanation.

Thumbnail image courtesy of Shutterstock / Lightspring

  1. “Either Snowden and those whom Gellman has spoken to in the course of his reporting — not to mention the sources that the New York Times used for its “lock box” story — are lying about what kind of access the NSA gets to company servers, or the companies involved have repeatedly lied about their participation in the program. There is no other explanation”

    There are other explanations. Powerpoints are not that definitive. I would guess that in a trial, the “evidence” suggested by the presentations would be dismissed as hearsay. It’s possible Snowden doesn’t fully understand the slides (they don’t provide that much detail). Also, there is the possibility that the slides themselves are misinformation, designed to identify leakers.

    That the NSA is monitoring all communications is not news. This was revealed in 2006 by a PacBell technician. Congress passed a law indemnifying telcos for giving the government access to all the data that passed through their switches.

    I just don’t see all of those internet companies rolling over and giving the NSA access so easily, without any public dissent.

    Share
    1. That’s a fair point – except that it’s not just the slides and it’s not just Snowden’s interpretation we are relying on. The NYT and others presumably have different sources, and yet their version doesn’t jibe with the denials from Google and others either.

      Share
      1. But the NYT sources aren’t providing any documentation. So I’m skeptical of that, even though I believe the NSA is still monitoring the internet.

        Share
  2. Yes, that’s the inescapable conclusion. As an outsider, the best I can do is ask, who has the strongest incentive to lie? (Besides, of course, the NSA, FBI, etc., who presumably lie incessantly.) The answer would seem to be Google et al., who stand to suffer big losses if the public comes to believe they’re patsies for the spooks. If indeed Google et al. are lying, however, they’re playing a fool’s game, because eventually, some disgruntled employee is practically certain to come forward with damning photos, email messages, or other proof.

    Share
  3. Uh, the interview was on June 6th. Snowden isn’t “reiterating” anything, even though it feels like that because the interview was just released recently.

    Share
    1. Yes, I just meant that his comments were consistent with the original descriptions given in the NSA slides about how PRISM operates.

      Share
  4. its really strange that no one is mentioning internet service providers..they are the ones that have our entire internet history..and the nsa can simply tap on that just like they did with verizon.

    Share
  5. Technically he’s not ‘maintaining’ anything, it’s a newly released clip from the same original interview.

    Snowden had the opportunity to clarify “direct access” in a Q&A conducted after that interview had taken place and he punted:

    http://www.guardian.co.uk/world/2013/jun/17/edward-snowden-nsa-files-whistleblower#block-51bf2ac1e4b05a46aeeb319b

    ” Define in as much detail as you can what “direct access” means.

    More detail on how direct NSA’s accesses are is coming, but in general, the reality is this: if an NSA, FBI, CIA, DIA, etc analyst has access to query raw SIGINT databases, they can enter and get results for anything they want. Phone number, email, user id, cell phone handset id (IMEI), and so on – it’s all the same. The restrictions against this are policy based, not technically based, and can change at any time. Additionally, audits are cursory, incomplete, and easily fooled by fake justifications. For at least GCHQ, the number of audited queries is only 5% of those performed.”

    Compare that to Drummond’s answer:

    http://www.guardian.co.uk/technology/blog/2013/jun/19/google-chief-legal-officer-david-drummond-live-q-and-a

    “I’m not sure I can say this more clearly: we’re not in cahoots with the NSA and there’s is no government program that Google participates in that allows the kind of access that the media originally reported. Note that I say “originally” because you’ll see that many of those original sources corrected their articles after it became clear that the PRISM slides were not accurate. Now, what does happen is that we get specific requests from the government for user data. We review each of those requests and push back when the request is overly broad or doesn’t follow the correct process. There is no free-for-all, no direct access, no indirect access, no back door, no drop box.”

    I don’t think it’s a question of “who is lying?” just that there are still many unknowns.

    Share
    1. I agree there are many unknowns — I just don’t see how the description given by Snowden or any of the other sources for stories in the NYT and elsewhere can be true at the same time as Drummond’s denial is also true.

      Share
  6. I do think this is a matter of semantics. For instance, could an internet user like myself technically be considered to have direct access to the servers of a website I visit, or am I submitting a request for a website, and the server is automatically filling that request. Generally, a request for information from a server is not necessarily considered direct access to the server itself. It’s likely that the NSA has been granted special privileges giving it more access than your average internet user, but less than full administrative rights.

    Snowden’s claims would imply a direct, physical, always-on connection between the NSA and these companies with full administrative rights to access this data however and whenever they please. This is almost certainly not true, though the NSA may be able to make regular indirect automated requests for mass dumps of whatever data they can request.

    The companies could legitimately deny a direct link in such circumstances, or if a direct link were made to a private NSA contractor instead of the NSA directly.

    Either way, my guess is that both Snowden and the companies involved are probably telling the truth as they understand it, and it is the press who is making a mountain out of this semantic molehill. This is a shame, because there are much more important issues to discuss regarding this situation.

    Share
  7. That’s a fair point – except that it’s not just the slides and it’s not just Snowden’s interpretation we are relying on. The NYT and others presumably have different sources, and yet their version doesn’t jibe with the denials from Google and others either.

    Share
  8. Richard Steven Hack Tuesday, July 9, 2013

    The New York Times article states:

    “In at least two cases, at Google and Facebook, one of the plans discussed was to build separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some instances on company servers. Through these online rooms, the government would request data, companies would deposit it and the government would retrieve it, people briefed on the discussions said. ”

    Google and Facebook are relying on the notion that having a separate portal in which data is “deposited” is NOT “direct access.” Only in the case of the “portal” being “on company servers” would that be considered “direct access” – at least for PR purposes.

    The term “direct access” is useless because it can be interpreted multiple ways. Snowden is using the term because to him – and the NSA – it basically IS all “direct access”. But technically it might or might not be.

    What matters is that the information IS being provided by the companies cited, despite their denials about THAT. It needs to be less about “direct access” or the technical details of the process by which the information is acquired and more about HOW MUCH information is being provided either with or without a “special request”.

    Yes, someone is lying – or at least spinning. It’s not Snowden who’s making a general statement that everything is being collected. Google and the other companies are spinning HOW MUCH data is being provided to the intelligence systems.

    OTOH, once these collection systems are in place, I wouldn’t be surprised if the companies DO NOT EVEN KNOW how much data is being collected. Do they know whether the intelligence agency came in with one sort of collection method and then enhanced it without their knowledge to collect even more? In this respect, further technical detail WOULD be useful, but I suspect we won’t get it from Snowden. A whistle blower from Google or the NSA who maintains these portals would have to come forward.

    Share

Comments have been disabled for this post