PRISM: Is it for real? And what if it is?

We currently have a thread about the NSA collecting phone call metadata for some years now, information about who is calling who and things of that nature.

But we also have a story breaking about a program called “PRISM”, The Atlantic, The Washington Post and other credible media sources are now revealing that there has been a program in place since 2007 in which the NSA has direct and persistent access to the IT infrastructure of several major American tech companies (Microsoft, Facebook, Google, Yahoo, Apple etc) and uses this access to conduct a clandestine system of monitoring.

This is materially different from the recent news about phone metadata, for a few reasons. For one, while it seems objectionable collecting metadata about phone calls appears to be quite legal, and is subject to periodic FISA review. So far it seems like PRISM was specifically structured in the wake of the warrantless wiretapping scandal of the Bush Administration to bypass the “intent” of FISA. Ostensibly PRISM only keeps data that is flagged as “foreign” (with very loose criteria for determining what is foreign and what isn’t), claiming they are just bypassing a bureaucratic barrier that was preventing what amounted to “overseas surveillance” simply because some of the data is routed through U.S. servers.

I’m not one to normally get that up in arms about security measures and the warrantless wiretapping program actually did not concern me at the time. But this seems different in some way, if the government really has a persistent level of access to IT infrastructure of basically all the major players in the American tech industry then we’ve crossed a major boundary in my mind into the surveillance state.

I should also mention, while musing about this, the slide shows and other documents I’ve seen released to support this story look fake to me. They look like evidence someone manufactured to create a story and all the tech companies involved are denying involvement. So I’m highly skeptical that this program even exists, but I’m interested in the implications if it does.

Thoughts?

I’m not sure that I’d say the graphics look fake, but for me the problem is that this comes close to being a conspiracy theory in that it would seem to require the knowledge and cooperation and silence of a lot of employees within those companies.

The Verizon thing is different in that phone call metadata is presumably much more centralized and access to it wouldn’t require the knowledge of all that many people.

Of course I could easily be wrong.

Why would you be skeptical? The slides look pretty clearly real. The government lives by PowerPoint. The Washington Post notes some detail about the leaker, saying:

http://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_print.html

Finally, Sens. Wyden and Udall also warned about the program in December.

the existence of the program has been confirmed by the administration.

I have a question for dopers.
If a federal employee (or a contractor, say working for NSA), clicks on the Skype button in Prism for someone and observes something illegal, is that person obligated to report it to law enforcement? In general, is someone working for the government required to report knowledge of a suspected crime?

No cite, but I assume that anyone in the intelligence community who has access to sensitive information is subject to very strict regulations prohibiting disclosure outside the prescribed reporting structure for their agency. So there may be rules requiring that such information be passed up the chain of command, and then someone with decision-making authority would have to decide whether to report it to law enforcement.

As for why I thought it was fake, I don’t know. The Power Points look unprofessional and goofy with cheap corporate logos that look like they were pulled off a google image search pasted into the slides. I haven’t seen where the administration has confirmed PRISM yet, but some of the follow up articles today definitely seem to be strengthening the case that this is real.

And that’s a great question rbroome, I don’t believe the NSA uses “incidental” American communication captures to assist law enforcement primarily because it would have opened up too much of the program to public scrutiny and the NSA largely doesn’t care about ordinary criminal activity. But you have to wonder what the implications would be if the government did start to use this data in ordinary criminal prosecutions.

What’s concerning to me, is that this whole system was approved by a court that meets in secret and whose proceedings are classified. It appears they gave blanket approval for a vast digital surveillance program back in 2007, and that there is little to no oversight other than that. There is no accountability or review of the “incidental” communications of Americans that get swept up in the “foreign” surveillance program. It appears the “incidentals” get compiled into a quarterly report that apparently has no real meaning, and since it’s all done in secret we have no real idea what is done with the “incidental” information. We certainly know it is private communications of American citizens that was obtained by the government with no probable cause and no requirement to demonstrate any evidence of that person being involved in any criminal activity before hand.

I assume that no such reporting would ever be done because the lawyers on the other side would demand to know the source of the information and how it was acquired.

No, they definitely can’t report it unless the crime is related to an authorized investigation and they probably aren’t supposed to even look at it if the data belongs to a US citizen. They are supposed to be using all this information to monitor foreign nationals and espionage suspects. If they look at data and realize it belongs to an American citizen, they are probably obligated to immediately stop looking at that data. Reporting something like you suggest would prove they’re not following their own rules.

This article has some explanations of how the process is supposed to work.

Of course the tech companies are denying, if involved that’s what they’re required to do, the program is secret, so secret that when exposed you still can’t acknowledge that you’re a part of it.

Isn’t the government above the law?

I am one who has long gotten up in arms about security measures and warrantless wiretapping. Have been for some time.

But I responded to this report - and those of recent weeks, with a big “Meh.” Nothing that wasn’t 12 years in themaking. Exactly the type of behavior that was the reason so many post 9/11 measures should have been defeated/sunset/more narrowly tailored. And when powers get expanded under one administration, it is extremely rare to see them significantly stepped back by subsequent admins.

This is exactly the type of government an overwhelming majority asked for. Hope everyone feels nice and safe! Of course, as long as you aren’t doing anything wrong… :rolleyes:

Where’s Twitter? Something called Paltalk, which I’ve never even heard of, is on the list, but not Twitter? Weird.

Did anyone really believe that America’s intelligence agencies didn’t have secret top-level access to the country’s electronic data? Awhile back I was asking if all our computer chips had secret back door codes built in:

And now there’s this:

And this:

So we have two anonymous sources, the original and now this one cnet says it spoke with, and they contradict each other; and the Washington Post now seems to be quietly dialing back on some of its claims.

Who to believe?

Was the original story true and are the denials from the companies and the apparent backing off by the Post occurring under government pressure?

Was the original story a sensationalized misrepresentation of the truth?

Are we in the midst of some sort of incompetent psyop campaign that’s turning into a giant clusterfuck?

And I ask again, where is Twitter? They’re an obvious target, yet there’s been no mention of them as far as I’ve seen. That seems like an important question to me.

The companies that have issued denials have all stated that the NSA does not have direct access to their servers. I think that qualifier is important. It would seem to imply that they turn over specific information in response to specific requests (which hopefully are accompanied by proper warrants).

If that’s true then wouldn’t Twitter be just as subject to such warrants as the rest? On the other hand if the NSA really does have direct access to servers, how is it that Twitter has been able to resist this, but the others haven’t?

It’s all very strange.

They already have access to everything posted on Twitter. It would be like trying to put a wire tap on a radio transmitter.

Do they have access to the posters’ IP addresses? Locations? Email addresses?

Twitter is probably not that important to the NSA. They’re obviously interested primarily in major vehicles for private communication, which Facebook, Microsoft (especially Skype), Google and Yahoo handle quite a bit. Note they zeroed in as well on a small company called PalTalk simply because it was a popular vehicle for dissidents involved in the various Arab Spring uprisings to use for private communications.

Does Twitter even have a private messaging feature?

Everything posted to Twitter is already archived by the Library of Congress.

Which ignores my point about the location and identity of the posters.

http://www.digitaltrends.com/social-media/online-hate-statistics-up-by-30-percent-

Twitter is used for all sorts of political speech and that speech can be anonymous if you don’t have access to identifying information about the user. Yes, what’s said is publicly available. Who said it isn’t.

It does.

The whistleblower has gone public: