
NSA paid millions to cover Prism compliance costs for tech companies (2013) - teawithcarl
http://www.theguardian.com/world/2013/aug/23/nsa-prism-costs-tech-companies-paid
======
csandreasen
Moderators - Could you please add [2013] to the title?

The article seems to mix up the PRISM and Upstream programs. For more
information, I'd recommend either the Privacy and Civil Liberties Oversight
Board report of Section 702 collection[1] (VERY long) or this post from Top
Level Communications analyzing the PRISM program[2] (much more accessible).

[1]
[http://www.pclob.gov/All%20Documents/Report%20on%20the%20Sec...](http://www.pclob.gov/All%20Documents/Report%20on%20the%20Section%20702%20Program/PCLOB-
Section-702-Report-PRE-RELEASE.pdf)

[2] [http://electrospaces.blogspot.fr/2014/04/what-is-known-
about...](http://electrospaces.blogspot.fr/2014/04/what-is-known-about-nsas-
prism-program.html)

EDIT: corrected link

------
dredmorbius
1\. The compensation is provided for in the surveillance state legislation
which authorized unconstitutional surveillance of American residents, as well
as unlimited surveillance of noncitizens outside the US. To that extent, the
payments are no real surprise, to the small number of people who've paid
attention to this fiasco from the beginning. Yes, awareness has grown post-
Snowden.

2\. The payments are compensation for costs of complying with mandatory legal
orders. To that extent, they likely aren't the reason why Internet companies
are complying, but since they must, their costs are covered.

Of course, they may also be full and willing participants, or could be getting
dragged kicking and screaming into this. I've heard stories of varying levels
of persuasion across the full spectrum.

However both my points are mentioned clearly within the article, if not well
articulated in the headline.

------
dan_bk
Remember all the "act-surprised-and-disgusted" posts of these involved
companies, right after Snowden had started his revelations? Personally, I
remember Zuckerberg's "What the F#ck" post very well.

~~~
csandreasen
They were right to be surprised and deny it. The initial reporting in the
Guardian and Washington Post all said that NSA had "direct access" to the
servers of all of these companies. After a few days, it was revealed that the
NSA did not, in fact, have direct access to their networks, but instead had a
system in place to retrieve data provided by these companies under court
order.[1]

The Washington Post quietly revised its article without issuing a formal
correction[2], but to date Glenn Greenwald has yet to retract his statement
the NSA has direct access to their networks.

[1] [http://thedailybanter.com/2013/06/nsa-story-falling-apart-
un...](http://thedailybanter.com/2013/06/nsa-story-falling-apart-under-
scrutiny-key-facts-turning-out-to-be-inaccurate/)

[2] [http://www.zdnet.com/the-real-story-in-the-nsa-scandal-is-
th...](http://www.zdnet.com/the-real-story-in-the-nsa-scandal-is-the-collapse-
of-journalism-7000016570/)

------
mhurron
Can we stop pretending these companies were not complicit in these programs
now?

~~~
adventured
If we're going to get specific about who is complicit, the _vast majority_ of
all people in the US are complicit. They keep electing the same politicians in
D.C. (Pelosi, Reid, Boehner, Boxer, Graham, Feinstein, McConnell, McCain
etc.), and constantly turn a blind eye to government abuses. Tons of leaders
around the world are complicit.

It stands to reason, and should be unsurprising, that the vast majority of all
relevant US technology companies would be complicit, seeing as they're under
direct forced compliance.

There is broad electorate support for what the NSA does ('keeping America safe
from terrorists' \- Joe Public), which is why it has escaped an incredible
scandal almost entirely un-altered. It's the same reason the Patriot Act still
exists, despite the fact that you're historically more likely to die by
choking on a hotdog than at the hands of a terrorist.

~~~
mikeash
Yes, yes, and yes. We should stop blaming government officials for this. For
all the flaws of American democracy, we still _mostly_ get the government we
(collectively) want.

A lot of techies seem to look around at their fellow techies, see little
support for ubiquitous surveillance and other erosions of civil liberties, and
assume the general population feels the same. They then conclude that the
government is doing this for nefarious reasons against the wishes of the
people, and that the solution is to make government more representative of
popular sentiment.

As far as I can tell, government is already representative of popular
sentiment here. If we want to change these things, we need to convince
_people_ in general that change is a good idea.

------
digitalengineer
Thanks to mr Snowden we now all know the massive influence of the NSA and the
way they can change/delete trends in the online media. HN is a big website
with lots of influence (as is Reddit). Question: Has Ycombinator come forth
with a statement they are not under the spell of the NSA?

~~~
adventured
Given the persistent, and intense criticism on HN of all things NSA since the
original Snowden reveal, to say that your question is absurd would be putting
it gently.

In fact I've seen no other platform that has had more negative + rational +
informed discussion regarding the NSA than Hacker News.

~~~
digitalengineer
It's not so absurd because all NSA articles dive off the front page when about
15 comments (or something of that nature) are reached.

~~~
krapp
To be fair, quite a lot of HN users honestly find NSA related articles to be
more noise than signal, particularly when they lack technical details and can
have the tendency to spiral into political arguments and blind conspiracy
theory. One doesn't need to necessarily invoke the specter of government-
driven censorship to explain that effect, given the way some stories can
overwhelm the site.

~~~
digitalengineer
Thank you for your comment. I Had not thought about it like that.

------
sidcool
The article is from one year ago. Very relevant today, but an year old.

------
leoc
> Since the existence of the program was first revealed by the Guardian and
> the Washington Post on June 6, the companies have repeatedly denied all
> knowledge of it and insisted they only hand over user data in response to
> specific legal requests from the authorities.

How is this statement anything other than a simple untruth on the part of the
_Guardian_?

~~~
frostmatthew
> How is this statement anything other than a simple untruth on the part of
> the Guardian?

This article is from last year - IIRC this was the stance of those companies
at the time.

~~~
mpyne
It was the proper stance too.

These companies wouldn't have known about "PRISM", they would have known about
their _own individual subsystems_ used to tie into some NSA warrant system.

All these companies knew that NSA could get NSLs signed out, or even warrants
issued by FISA before PRISM was made public, and they had all received such
NSLs/warrants before they setup the infrastructure to handle those
NSLs/warrants in a more automated fashion. NSA calls this infrastructure
"PRISM", but each individual company wouldn't have been privy to it, because
none of those companies would have a "need to know" (or a clearance) about the
NSA's own special access programs.

------
frostmatthew
When submitting old[er] content please include the year (2013 in this case) in
the submission's title.

------
allegory
And that is why I host my own shit...

~~~
ejr
This is in no way a guarantee against surveillance or even compromise, really.
We already know blanket persistent monitoring exists so all communication is
already collected between your hosted services and any others outside your
network. All unencrypted data is analysed in near-real-time and encrypted data
is stored for later analysis.

If you're interesting enough to state actors, there's not much you can do.

~~~
mpyne
It's not a guarantee, but on the other hand it does give you stronger Fourth
Amendment rights (if the NSA is what you're worried about as opposed to Russia
or China, at least).

~~~
ejr
That's true. What you spend in time and effort, you do gain in less ambiguous
legal protections.

I'll add that you do get to control the features you're presented with and
your privacy is better shielded from commercial interests. The benefits are
many compared to the relative inconvenience and cost.

------
plicense
Lol seems they left out AMZN.

------
dougb
Old news from Aug 2013.

~~~
aikah
Yet still relevant,even if you dont like it.Because trust me foreign
businesses using US based internet services still care about that huge
scandal.

