Blog Post

Are there really two PRISMs, or just one PRISM with NATO involvement?

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

If you thought the PRISM debacle couldn’t get any more convoluted, then listen up. It turns out that there are two PRISM programs… or not, in which case the German government may be heading for a fall. It depends on who you believe: the newspaper Bild or the German government.

As I’ve mentioned a few times, the German federal elections are coming up and PRISM is a major issue. The opposition parties have demanded answers about what Angela Merkel’s administration knew about the Americans spying on German citizens en masse. The government is sticking to its line that only highly-targeted data-sharing takes place, in order to keep the public safe from terrorism, and that it never knew about the wider PRISM program.

On Wednesday Bild published a major scoop, based on a document that was apparently sent by NATO to all the regional commands in Afghanistan back in 2011. This document laid out instructions for cooperation under a program called PRISM, which involved monitoring emails and phone calls, with access regulated by the U.S. Joint Worldwide Intelligence Communications System (JWICS). This document naturally made its way to the Germans, who are somewhat controversially deployed in Afghanistan and, as Bild framed it, this meant the German government is lying about its PRISM ignorance.

Not so, replied the government. Somewhat bizarrely, the administration claimed that the document was referring to a different PRISM program that was “not identical” to the NSA’s big project. Merkel spokesman Steffen Seibert said that – according to the BND, Germany’s NSA equivalent – this PRISM was a NATO/ISAF scheme, specific to the Afghanistan situation and not classified as secret. The Ministry of Defence chipped in with a denial that the Germans had access to this PRISM system anyway.

Then, late on Wednesday night, Bild hit back with a series of counterclaims. First off, the newspaper pointed out that JWICS is designed for transmitting the most highly classified material.

Regarding the claim that only U.S. personnel could access this NATO/ISAF PRISM, Bild quoted its anonymous American sources as saying all regional commands – Germans included – could request monitoring of a specific individual by asking “civilian and military U.S. personnel”, with the term “civilian” supposedly indicating spies. The paper also quoted these sources as saying the techniques employed across the two PRISMs were pretty darn similar.

So there we have it. If Bild got it right, Merkel is up for an electoral hammering and the rest of the world needs to wrap its head around the idea of PRISM being a collaborative scheme at the NATO level. However, if the German spy agencies are being truthful then there are two PRISMs that, by crazy coincidence, both deal in the interception of emails and phone calls. You choose.

2 Responses to “Are there really two PRISMs, or just one PRISM with NATO involvement?”

  1. It’s the same program, but it’s wrong to call PRISM a collaborative scheme within NATO. NATO allies who were part of ISAF were given the ability to request information from American SIGINT programs–one of them being PRISM. Even though PRISM is managed by the NSA, they delegated ‘tasking’ authority to CENTCOM, which runs the parallel USFOR-A presence in Afghanistan. Say you were a German military intelligence officer who discovered that a Taliban commander in Kunduz was using Skype handle X – you’d pass that on to your American liaison, who would get a tasking from CENTCOM and then come back to you with scrubbed transcripts and other data.

    It’s a little surprising that the NSA shared the actual codename within NATO. Given how closely they’ve protected their corporate partners at Microsoft, Google, et al., they probably didn’t give a full list to NATO but I’m sure that NATO intelligence officers must have understood that the Americans had extraordinary access to certain email and VOIP providers.

  2. ryl411

    The “Five Eyes” are watching us all. There is not 2 there is five programs similar to PRISM The UK, the US, Canada, Australia, and New Zealand. They got in trouble a while back for spying on the G20 leaders. You are not being surveilled by one, two, or even three PRISM like agencies but there are at least five. Don’t be joked by politicians saying you are not being watched, the club of Big Brothers is always watching.
    Further more what other agencies from around the world are watching? Encrypt everything make them work for your data.