iSpy not: Internet firms deny involvement in NSA PRISM data mining program

Not sides on this PRISM

TODO alt text

Update: Yahoo has also denied having any involvement with PRISM, issuing a statement that said: "Yahoo! takes users' privacy very seriously. We do not provide the government with direct access to our servers, systems or networks."

Meanwhile, US director of National Intelligence James Clapper has outright defended government surveillance programmes, saying that leaking of the information risks "irreversible harm".

Original article...

The National Security Agency is having a hell of a week.

Just one day after news surfaced claiming the agency has been collecting the call logs of millions of Verizon customers, new reports out today say it along with the FBI have been secretly gathering data from internet companies for the last six years.

The Washington Post and The Guardian separately reported on the the program, codenamed PRISM, which is said to tap directly into the central servers of nine of the U.S.'s biggest internet firms. The companies are Microsoft, Google, Yahoo, Facebook, PalTalk, YouTube, Skype, AOL and Apple. Dropbox isn't on the list but is said to be "coming soon."

The agencies pull "audio, video, photographs, emails, documents and connection logs" from the servers allowing analysts "to track foreign targets," according to the Post's report.

The Post and Guardian obtained an internal PowerPoint presentation meant for senior NSA Signals Intelligence Directorate analysts, and briefing slides noted that the agency's "reporting increasingly relies on PRISM, accounting for nearly 1 in 7 intelligence reports."

No, no, no and no

The WP asserted the companies in the program participate knowingly in PRISM, though the accused have weighed in with denials.

"Protecting the privacy of our users and their data is a top priority for Facebook," Joe Sullivan, the company's chief security officer, said in a statement sent to TechRadar.

"We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law."

A Google spokesperson shared a similar though less direct sentiment.

"Google cares deeply about the security of our users' data," the spokesperson said.

"We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a 'back door' for the government to access private user data."

Microsoft, which the Post reported was PRISM's first partner company, had this to say:

"We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don't participate in it."

We're waiting to hear from Yahoo, but an Apple spokesman denied any participation to AllThingsD.

"We have never heard of PRISM," said Steve Dowling. "We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order."