Make us your home page
Instagram

Today’s top headlines delivered to you daily.

(View our Privacy Policy)

NSA, FBI mine Internet firms' data, documents show

Among the PowerPoint slides provided to the Washington Post was this one that shows the Internet companies and the wide range of data the Prism program collects, although the details vary by provider.

Washington Post

Among the PowerPoint slides provided to the Washington Post was this one that shows the Internet companies and the wide range of data the Prism program collects, although the details vary by provider.

The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, emails, documents and connection logs that enable analysts to track one target or trace a whole network of associates, according to a top-secret document obtained by the Washington Post.

The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

Equally unusual is the way the NSA extracts what it wants, according to the document: "Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple."

PRISM was launched after Congress passed the Protect America Act in 2007 and the FISA Amendments Act of 2008, which immunized private companies that cooperated voluntarily with U.S. intelligence collection. PRISM recruited its first partner, Microsoft, and began six years of rapidly growing data collection.

The court-approved program is focused on foreign communications traffic, which often flows through U.S. servers even when sent from one overseas location to another. Between 2004 and 2007, Bush administration lawyers persuaded federal FISA judges to issue surveillance orders in a fundamentally new form. Until then the government had to show probable cause that a particular "target" and "facility" were both connected to terrorism or espionage.

In four new orders, which remain classified, the court defined massive data sets as "facilities" and agreed to occasionally certify that the government had reasonable procedures in place to minimize collection of "U.S. persons" data without a warrant.

Several companies contacted by the Post said they had no knowledge of the program and responded only to individual requests for information.

"We do not provide any government organization with direct access to Facebook servers," said Joe Sullivan, chief security officer for Facebook. "When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law."

An Apple spokesman said the company had never heard of PRISM and requires court orders before providing customer data. A Google spokesman also said the company only discloses user data to government in accordance with the law, and it does not have a "back door'' for the government to access private user data.

Government officials and the document itself made clear that the NSA regarded the identities of its partners as PRISM's most sensitive secret, fearing they would withdraw from the program if exposed. "98 percent of PRISM production is based on Yahoo, Google and Microsoft; we need to make sure we don't harm these sources," the briefing's author wrote in his speaker's notes.

An internal presentation of 41 briefing slides on PRISM, dated April 2013 and intended for senior analysts in the NSA's Signals Intelligence Directorate, described the new tool as the most prolific contributor to the President's Daily Brief, which cited PRISM data in 1,477 articles last year. According to the slides and other supporting materials obtained by the Post, "NSA reporting increasingly relies on PRISM" as its leading source of raw material, accounting for nearly 1 in 7 intelligence reports.

That is a remarkable figure in an agency that measures annual intake in the trillions of communications. It is all the more striking because the NSA, whose lawful mission is foreign intelligence, is reaching deep inside the machinery of American companies that host hundreds of millions of American-held accounts on American soil.

The technology companies that participate in PRISM operations are listed on a roster in the document that bears their logos in order of entry into the program: "Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple." PalTalk, although much smaller, has hosted significant traffic during the Arab Spring and in the Syrian civil war.

Government officials declined to comment for this article.

The PRISM program is not a dragnet. From inside a company's data stream the NSA is capable of pulling out anything it likes, but under current rules the agency does not try to collect it all. Analysts who use the system from a web portal in Fort Meade, Md., key in "selectors," or search terms, that are designed to produce at least 51 percent confidence in a target's "foreignness." That is not a very stringent test. Training materials obtained by the Post instruct new analysts to submit accidentally collected U.S. content for a quarterly report but add that "it's nothing to worry about."

Even when the system works just as advertised, with no American singled out for targeting, the NSA routinely collects a great deal of American content. That is described as "incidental," and it is inherent in contact chaining, one of the basic tools of the trade. To collect on a suspected spy or foreign terrorist means, at minimum, that everyone in the suspect's inbox or outbox is swept in.

Sens. Ron Wyden, D-Ore., and Mark Udall, D-Colo., who had classified knowledge of the program as members of the Senate Intelligence Committee, were unable to speak of it when they warned in a Dec. 27, 2012, floor debate that the FISA Amendments Act had what both of them called a "back-door search loophole" for the content of innocent Americans who were swept up in a search for someone else. "As it is written, there is nothing to prohibit the intelligence community from searching through a pile of communications, which may have been incidentally or accidentally been collected without a warrant, to deliberately search for the phone calls or emails of specific Americans," they said.

Firsthand experience with these systems, and horror at their capabilities, is what drove a career intelligence officer to provide PowerPoint slides about PRISM and supporting materials to the Washington Post in order to expose what he believes to be a gross intrusion on privacy.

NSA, FBI mine Internet firms' data, documents show 06/06/13 [Last modified: Thursday, June 6, 2013 11:48pm]
Photo reprints | Article reprints

© 2017 Tampa Bay Times

    

Join the discussion: Click to view comments, add yours

Loading...
  1. Restaurant review: Features Gastropub in Riverview is fine as movie theater fare, but unimpressive otherwise

    Food & Dining

    By Laura Reiley

    Times Food Critic

    Movies aren't exactly dying. Despite all the sturm und drang of predictions that Netflix and streaming videos would kill the cinema, global box office receipts hit $38.6 billion in 2016, a 1 percent gain over the previous year. But that doesn't mean going to the …

  2. JFK's last birthday: Gifts, champagne and wandering hands on the presidential yacht

    Nation

    It has been 100 years since John F. Kennedy's birth on May 29, 1917, at his parents' home in Brookline, Mass., just outside Boston. Over the course of his life, Kennedy enjoyed lavish birthday celebrations, the most famous being a Democratic fundraising bash at Madison Square Garden on May 19, 1962, when a sequined …

    President John F. Kennedy aboard the Sequoia in 1963 opening birthday presents. [Robert Knudsen | John F. Kennedy Presidential Library and Museum]
  3. 1 in 4 Florida adults aren't registered to vote, according to non-partisan group

    Legislature

    TALLAHASSEE — Five million people in Florida who are eligible to vote aren't registered, according to a nationwide non-partisan group that helps improve the accuracy of state voter rolls.

    Voters line up in front of the Coliseum Ballroom in St. Petersburg on Nov. 8. A non-partisan group estimates that more than a quarter of Florida's adult-age population isn't registered to vote. [SCOTT KEELER | Tampa Bay Times]
  4. Rays morning after: A lot that went into a marathon win

    Blogs

    Rays manager Kevin Cash had a simple strategy when Fox Sports Sun's Alex Corddry asked him how the team would move on from Sunday's marathon win and get ready to face the Rangers tonight in Texas:

    Kevin Kiermaier of the Rays celebrates as teammate Michael Martinez slides safely into home plate to score a run against the Minnesota Twins during the 14th inning.
  5. Navy parachutist dies during demonstration over Hudson River

    Military

    JERSEY CITY, N.J. — In the shadow of the Statue of Liberty, a Navy Seal team member fell to his death Sunday after his parachute failed to open during a Fleet Week demonstration over the Hudson River.

    Officials surround a U.S. Navy Seal's parachute that landed in a parking lot after the parachutist fell into the Hudson River when his parachute failed to open during a Fleet Week demonstration over the river in Jersey City, N.J. The Navy said the parachutist was pronounced dead at Jersey City Medical Center. [Joe Shine | Jersey Journal via AP]