The big US internet technology companies protested loudly that the mass spying by the NSA on the people using their systems was done without their knowledge or consent. One could be excused for being skeptical of their claims of innocence and now a top lawyer for the NSA confirms our doubts, saying on Wednesday that Silicon Valley companies knew all along that the NSA was spying on their systems.
Rajesh De, the NSA general counsel, said all communications content and associated metadata harvested by the NSA under a 2008 surveillance law occurred with the knowledge of the companies – both for the internet collection program known as Prism and for the so-called “upstream” collection of communications moving across the internet.
Asked during a Wednesday hearing of the US governments institutional privacy watchdog if collection under the law, known as Section 702 or the Fisa Amendments Act, occurred with the “full knowledge and assistance of any company from which information is obtained,” De replied: “Yes.”
When the Guardian and the Washington Post broke the Prism story in June, thanks to documents leaked by whistleblower Edward Snowden, nearly all the companies listed as participating in the program – Yahoo, Apple, Google, Microsoft, Facebook and AOL – claimed they did not know about a surveillance practice described as giving NSA vast access to their customers’ data. Some, like Apple, said they had “never heard” the term Prism.
De explained: “Prism was an internal government term that as the result of leaks became the public term,” De said. “Collection under this program was a compulsory legal process, that any recipient company would receive.”
After the hearing, De added that service providers also know and receive legal compulsions surrounding NSA’s harvesting of communications data not from companies but directly in transit across the internet under 702 authority.
The disclosure of Prism resulted in a cataclysm in technology circles, with tech giants launching extensive PR campaigns to reassure their customers of data security and successfully pressing the Obama administration to allow them greater leeway to disclose the volume and type of data requests served to them by the government.
Last week, Facebook founder Mark Zuckerberg said he had called US president Barack Obama to voice concern about “the damage the government is creating for all our future.” There was no immediate response from the tech companies to De’s comments on Wednesday.
De’s comments directly contradicts what Google co-founder Larry Page said the same day:
Google co-founder Larry Page on Wednesday condemned US government snooping on the Internet as a threat to democracy.
“It is tremendously disappointing that the government sort of secretly did all this stuff and didn’t tell us,” Page said.
Google’s announcement the very next day that they have started to encrypt Gmail may be a sign that they are trying to repair the damage.
Google said Thursday its popular Gmail service would use encryption to thwart snooping, in the latest move by the tech sector reassuring customers following revelations about US surveillance programs.
“Your email is important to you, and making sure it stays safe and always available is important to us,” Gmail engineering security chief Nicolas Lidzborski said in a blog post.
“Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email.
“Today’s change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers — no matter if you’re using public WiFi or logging in from your computer, phone or tablet.”
Google has already begun scrambling most of the traffic at its websites as technology firms grapple with moves by US intelligence agencies to spy on what people are doing and sharing online.
And similar moves have been announced by Yahoo, Microsoft and Facebook to use encryption that limits the ability of a third party to read messages or emails.
I am not enough of a tech expert to know if the measures taken by these companies are sufficient to thwart mass spying by the NSA. There of course remain the problems of the companies secretly providing backdoor access to the NSA by giving them the encryption keys, not to mention the fact that NIST weakened the standards by which these keys are generated in order to enable the NSA, when it could not gain backdoor aces, to break the encryption.
Influential world-wide web pioneers like Tim Berners-Lee have called for a bill of rights for the internet and the setting up of structures that would have fewer controls on the web. He has praised Edward Snowden for making his revelations, joining the growing number of tech people who see him as having performed a valuable service. This alliance is important because tech people, like Berners-Lee Snowden, are the backbone of the internet and the people who can serve as its watchdogs.
Snowden has endorsed Berners-Lee’s idea of creating some sort of equivalent of the Magna Carta for the internet.
Snowden also dropped some intriguing hints of what’s to come, saying that, “There are absolutely more revelations to come. Some of the most important reporting to be done is yet to come.”
He must be giving president Obama, James Clapper, Keith Alexander, and the rest of the spying gang sleepless nights, wondering what shoes are going to drop next. Serves them right.