1st paragraph: we wanted to respond to these claims. 2nd paragraph: never heard of PRISM, don't give direct access. 3rd paragraph: each request goes through legal channels. 4th paragraph: encourage governments to be more transparent.
EDIT: It gets worse. Here's Apple: "We have never heard of PRISM. We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order."
Here's Paltalk: "We have not heard of PRISM. Paltalk exercises extreme care to protect and secure users’ data, only responding to court orders as required to by law. Paltalk does not provide any government agency with direct access to its servers.”
Here's AOL: "We do not have any knowledge of the PRISM program. We do not disclose user information to government agencies without a court order, subpoena or formal legal process, nor do we provide any government agency with access to our servers."
And here's Yahoo: "We do not provide the government with direct access to our servers, systems, or network."
Microsoft refused to issue a direct denial of involvement in PRISM.
It may look impressive that they all say they don't allow "direct access to servers", but it's hardly surprising, since the original Guardian headline was "Top-secret Prism program claims direct access to servers of firms including Google, Apple and Facebook". If they didn't say that exactly, you'd be suspicious.
It may look impressive that they all say they "haven't heard of PRISM," but this is really quite a natural thing to say if it's true, and someone accuses you of being involved in the program.
Moreover, aside from the "direct access" thing, the phrases they all use are actually different. "We have not heard of PRISM" in one case, "We have never heard of PRISM" in another, "We had not heard of a program called PRISM until yesterday," in a third, and so forth. You don't have any case for funny business based on similar wording (because it isn't), and the case for contamination based on similar content would be a whole lot more impressive if that content weren't something common and expected.
On the whole, I think the similarities have plausible mundane explanations. Admittedly, I am no student of accidental plagiarism. I don't have an academic opinion on how similar or dissimilar we should expect the statements to be when ten people try to say the same thing in response to the same accusation. But that is just my point: if you want to persuade me of something so preposterous as that all of these people are following a script, you're going to have to do more than wave your hands and say, "Look, there are similarities."
Please. That's the stuff of superstition. If you want to convince me the probability of this occurring at random is low, you're going to have to do some math.
To us he'd be a hero, to the rest of America he's just helped out terrorists by coming clean.
I wonder what Sergey thinks of all this.
...the tactic of the US government has been to attack and demonize whistleblowers as a means of distracting attention from their own exposed wrongdoing and destroying the credibility of the messenger so that everyone tunes out the message.
According to the same article:
...Obama prosecutes whistlelblowers at double the number of all previous presidents COMBINED
The US government could easily and expertly discredit any whistleblower CEO with trumped-up tax evasion charges.
They couldn't say it louder if they used a bullhorn.
Are you surprised? High profile figures are going to want their statements to say exactly what they mean to say, and no more, no less. This means vetting, and keeping it concise helps when your timeframe is "same day".
It requires that they coordinated with the companies PR departments in the process of setting up the program. The companies asked: what if the shit hits the fan, or this comes out in the public, what do we say? And the government had a simple, boilerplate answer for it.
You wouldn't even have to work with the PR dept, just one single person. Either a special rep in PR for government matters, or just the CEO himself. It would take 5 minutes to put together a generalized script for the CEO to follow in the event this hit the public news.
This (the PR response) would be extraordinarily easy to coordinate, and it would take just one conversation at the point the program was signed on to by the companies.
And when this all became public, the company could also easily then call up the US Government and ask them what to do (and more than likely, the NSA could call them and tell them what to do).
The part that requires incompetence is everything that has happened today. The NSA's job is intelligence. They are the experts in connecting dots, reading between the lines, seeing how random events might be a sign of something bigger, and whatever other cliches you want to throw in here. Yet they are an organization that doesn't know that having people reading from nearly identical scripts will make people think they are reading from nearly identically scripts?
Senator Wyden has openly talked about how he wanted to say something about these programs, and even now he can't reveal details of what's going on because it would violate national security and he'd probably be put in prison or at the least removed from Congress.
The overall fact that the NSA has been reading our email, tracking us on Facebook, tapping our phones, etc. has not been kept quiet. Exact details are far more difficult to come by, even now those are classified. The IRS was talking about their right to read our email four years ago. The IRS has no known infrastructure to pull that off, it's clear they were talking about NSA or FBI programs.
As someone else noted, the government is very frequently both competent and incompetent when performing tasks or running programs. There's nothing unusual about that, you see it throughout the government bureaucracy. Sometimes they pull off impressive feats that you only read about decades later, and other times they're Nixon trying to cover up Watergate.
| The IRS was talking about their right to read our
| email four years ago. The IRS has no known
| infrastructure to pull that off, it's clear they
| were talking about NSA or FBI programs.
Which is complete bullshit of course. Mike Gravel anyone?
Rumors of widespread data collection -- even specifically by the NSA -- from many of the providers at issue have surfaced many times, what was new recently is the same (or substantially similar) bits of documentary evidence substantiating and connecting those rumors.
So, to all appearances, it may not really have been "kept quiet" up until the recent leak, it was just that the information that got out before wasn't as well-supported and therefore hard to dismiss.
Which is exactly what governments are.
Extreme resources, very smart people, and very idiot people, incompetent bureaucrats, messy cover-ups, all co-exist, all the time.
What did you thought they were? Incredibly competent XOR incredibly incompetent? (Only the first would be a conspiracy theory, whereas only the second would be gross underestimation).
>If the NSA was able to keep this project under wraps for so long with the number of people involved, I think they would be smart enough to at least slightly alter the words of their puppets, after all this is supposed to be the area of their expertise.
You've never seen badly (or too fast) done spin work?
Not to mention, why would the NSA care to spend too much effort to how those things were phrased?
If you think it matters, I'm afraid, you give the American public too much credit. It's not like it's gonna get suspicious by such small and peripheral signs. Listening to and accepting bad arguments, BS excuses, fake promises, and shit from politicians if what people are doing all their life.
And it's not even like they're gonna do anything about the core situation with regards to privacy. It's just the "hot topic" of the day, to be forgotten for some BS next week. You surely don't expect some kind of revolt of anything? If that was to be, it would have been at the other 20 similar media expositions or against the horrible laws that have been passed openly.
Not just the American public. This is blanket spying on the people of the world. Now that might sound less problematic for Americans who want to see those pesky terrorists brought to justice, but it also allows the NSA to build up profiles on everyone.
US border security is already a nightmare, god knows what they can do with this kind of information. Ever searched for torrents on Google? Your next trip to the States might be interesting.
It seems also they could be sharing this data with other national security agencies, which is where this gets really scary:
Global Big Brother.
Personally as a user of Gmail, Skydrive, GDrive, Dropbox, Facebook,... I find this incredibly disturbing. I will be doing whatever I can to remove my dependency on any service hosted in the US.
You think Belgium or France or Poland spies on US citizens phone-calls and Google/FB? Inside the US?
As for "Nobody gives a shit if your torrented a movie", first, we're not talking about Joe Average, that downloads GoT in rural Idaho. We're talking about people that matter to society: writers, investigative journalists, dissidents, hackers, activists, etc. They cared very much what A. Swartz did, for example.
Second, even normal people, downloading a "torrented movie" have been hit with huge fines by RIAA.
It isn't chance that their statements look similar: You can be absolutely sure that each looked to the other for some sort of direction, and once that came they followed the leader simply because it makes sense.
Even excluding that, really how many variations could there possibly be? Someone said you did something illegal. Say "no I didn't do something illegal, and everything I have done has been above the board and transparent". Do the same thing to twenty people and you would get remarkably similar statements, because a response can only come in so many forms.
and citing this http://blog.reddit.com/2013/05/get-ready-for-global-reddit-m...
where it shows:
Most addicted city (over 100k visits total)
Eglin Air Force Base, FL
At the moment all there is on the front page are 2 stories on Greenwald and some "collecting anti surveillance arguments thread".
I guess after their role in promoting the anti-SOPA movement they got some "special attention.
Oh come on. We all know that it's Agent Phil Coulson of SHIELD that's doing this. "This isn't my first rodeo," he said.
Isn't that the definition of a government conspiracy?
It's even possible that the companies coordinated their press releases for the very purpose of raising questions. We shouldn't assume they are all isolated from one another. It's far more likely that there is some form of communication going on between them, or at least between the high officials.
In essence, this looks very much like a coordinated effort to rebel against a gag order without actually crossing the line and putting oneself in jeopardy. Read between the lines.
Many people are going to jump to the conclusion that it's because they were following the same broad script, but another possibility is that they want people to notice the similarities and become more upset about PRISM.
Ah, that makes sense, if they are under a gag order, but yet want to subtly convey that they are under a gag order! It would be a brilliant way of circumventing it.
Even if the gov tries to arrest them for leaking classified information, they'd be near-impossible to convict following the inevitable massive public outcry.
OTOH, I'm more skeptical about the implementation side. Have you ever set up a feed between two different organizations that needs to transmit a massive amount of data in real-time? It's an immensely complicated undertaking requiring a whole team on both sides, with managers, engineers, techwriters, QA, and support staff. It seems a little unbelievable to me that one of them wouldn't spill the beans, particularly if asked to participate in a morally-questionable program.
Implementation side would definitely be very difficult, but you could screen the candidates for those who are sympathetic toward it. Ensure they understand how important it is that the program stays secret. Keep retention high, and perhaps even have some ongoing benefits for any employees who do churn but were part of the program. It definitely wouldn't be easy, but I think it is doable.
There's also the issue of how to hide the source code (to my knowledge, both Google and Facebook use one source repository for the whole company, to which virtually everyone has access). This can be gotten around - I'm sure that there are private repositories off to the side that you could use to build a binary - but this is yet another integration point that could be discovered. (Eg. some SRE notices that network bandwidth is high for a DC, traces it to a machine, notices the machine is consuming a large amount of CPU, gets root and runs 'top', and suddenly notices an unknown process siphoning off all data. At this point, how could they not assume their network is being attacked - because that's really what this is, the U.S. government hacking into the company's DCs - and pull the alarm? So all the SREs, abuse teams, internal security, etc. would have to be briefed, which is small compared to the whole company but still a huge surface area for a top-secret project.)
That doesn't actually answer the parents question. What is the likelihood that a bunch of tech leaders would know about this and it wouldn't get out? That any group of people wouldn't let this out?
I agree with the latter half of your comment, but the first sentence is as powerful as saying, "The only way to keep a secret between three people is if two of them are dead."
They both sound like ominous truths, but neither is a particularly compelling argument.
It's not about arresting them. It's about harassing them and their businesses -- which the government can very easily do.
Also, who said those kind of CEOs are champions of public freedom? Google? Microsoft? Facebook? Because they're techies they're supposed to be "on our side"?
Not to mention it's very easy for the government to pamper them, and make them feel very patriotic and whatever for contributing to this cause for the safety of the US, etc etc.
If you receive a national security letter, you are not allowed to tell anyone (not your family, not your lawyer, not anyone).
If you break the life-long gag order, you go to jail for up to 5 years.
Hundreds of thousands of these have been issued, and the above story (about the owner of an ISP) is one of the few cases where someone fought back and won the right to speak about it.
That can't be constitutional. The government has no right to even know whether you told your lawyer or not.
At least sometimes that it is the case, though I don't know if it generally is.
If you have been authorized to have access to classified information, such as (if one accepts the authenticity of the presentation that the Guardian and WaPo have reported on) even the existence of PRISM, on the other hand, there are fairly substantial legal consequences to unauthorized divulgence of that information, and those consequences don't necessarily go away because someone else gave out the information first.
No, that's not Occam's Razor. That's "naive believer in government that's willing to ignore all the facts Razor".
Occam's Razor tells us that when some companies participate in a covert secret services program which is brought to light, then the secret services coordinate damage control and tell them what they are allowed to say to the press and what not.
A conspiracy was just uncovered... and we're concerned about conspiracy-theorizing? The word itself has been dragged through the mud to the point of becoming a dismissing scare tactic, it basically translates to "crazy person, crazy ideas".
Basically, if your story doesn't match the official conspiracy theory given by the government and the companies that work for it, then you must be a conspiracy theorist...
Life is comedy.
No, just one that accepts there is most certainly things going on behind closed doors the public is not privy to, which is all the definition a conspiracy is.
People say, "you are a conspiracy theorist" or a "tin foil hat wearer" in an attempt to discredit what you say. The government doesn't need paid goons to sleuth on the internet to defend them, their are armys of people just waiting to comment on how stupid we all are for challenging the government positions/laws. The battle is already lost in the mind of the average american.
If it's a conspiracy, what's the common goal? There's nothing in in for the companies involved. You might just as well say rape is a conspiracy between the rapist and the victim.
A conspiracy doesn't have to have a common goal between all parties. What kind of bizarro logic did you use to reach that conclusion? People and companies can conspire with others against their will, you know. E.g I blackmail you in order to conspire with me to steal valuable data from your employeer, etc.
The goals are set by the NSA, and the tech companies could not care less about them. The agree to conspire (ie. help the NSA) though, because there would be other consequences if they did not. From prosecution from the government, to under the table blackmail, etc.
That one is definitely optional and would not be part of any scripted response, the fact that a large number of the statements have this exact same optional closing paragraph suggests they are inspired by a common source.
This being said, if you read it more closely what they say is actually quite a bit more damning. Read closely, the denial is actually entirely nonsensical.
Both deny involvement in "PRISM" but both then go on to mistakenly identify PRISM with the Verizon order. Page says he learned about it when Greenwald broke the story (Greenwald broke the Verizon story, the Washington Post broke the PRISM story). Zucherberg similarly talks about metadata significantly.
In essence it is a bait and switch. Sort of like "I wasn't at work yesterday. I can show this because I didn't go on vacation."
The Norwegians have a story called "Good day fellow. Ax handle" which would be a fair summary of what is going on here. The story is about an old deaf ferryman who is deep in debt and left all alone to face the bailiff. So he thinks about all the questions he will face and answers he will give, but when the bailiff comes to ask directions to the inn, he gives answers that are entirely humorous.
"Where is your wife?" asked the bailiff (hoping to find someone less confused).
"I am going to tar her. She's lying down on the beach, cracked up at both ends." Replied the ferryman (thinking he was being asked about his boat).
Google: "we have not joined any program that would give the U.S. government—or any other government—direct access to our servers"
FB: "Facebook is not and has never been part of any program to give the US or any other government direct access to our servers."
Google: "We had not heard of a program called PRISM until yesterday."
FB: "We hadn't even heard of PRISM before yesterday."
Google: "there needs to be a more transparent approach."
FB: "governments to be much more transparent about all programs"
Call me nutty, but this can't be coincidence.
Participating with government requests doesn't make these companies any money. It must be a major drag, actually. It involves lawyers, tech people, and trying to strike an uncomfortable balance between user trust and trying to persuade a court that a request should be denied.
This might be because they've been given a script, but it might also be because they chose to copy each other. They could copy each other out of not wanting to be "the odd one out." Any company that puts out a statement much different from the others risks being trusted less than the others. They could copy each other because they want people to jump to the conclusion that the government gave them a script (even if they didn't) so that people get more pissed than they already are.
As others have pointed out, the similarity could also be because the PR/lawyer response to this is so cookie cutter. I think the "not wanting to be the odd one out" would be the #1 mundane reason, though.
The collusion/double speak/poppeteering or game theoretic layered messaging within a secretly orchestrated gag conspiracy are plausible but I'd prefer to wait for more evidence before I accept Facebook and Google are complicit or prisoners to that. That doesn't mean I think they are either of them blindingly righteous beacons of morality (or even chipped and dulled pyrite morality for that matter), just that the implications of the scenario (democracy canceled xor executives willfully distorting the donut of truth into a mug) are hard to believe.
1) The heads of these companies had a conference call this morning and agreed on a 4-paragraph format, with specific points for each paragraph.
Or 2) The federal government instructed each company to respond today, with a 4-paragraph point-by-point, and then Larry and Mark obediently complied.
What's ludicruous is thinking the Feds are tapping every major telecom provider, but wouldn't do the same to Facebook / Google / Apple / Microsoft. These companies are collectively vastly more important than AT&T and Verizon, worth about a cool trillion dollars, and now make-up a huge portion of the data infrastructure for American consumers.
A spy is given instructions in case of interrogation by the enemy. Why wouldn't a $250 billion corporation be given instruction in case one of the largest spying systems in history hits the public news? It's absurd to think they wouldn't be.
Are you kidding me?
In any case of accidental exposure of a covert government operation involving many such parties, there would be instructions how to handle the media.
Those could be known in advance (at least for some cases), or they would get a call in case of emergency with instructions on what they are allowed to reveal and how to say it.
It's not different than what would happen at a multinational if there was some embarrassing incident related to one branch (e.g a costly in human lives accident). The legal/marketing team would reach to each branch pronto, with instructions what to say to the media. So, if the media get the manager of the, say, Canadian, branch, he would say more or less what the manager of the German branch would tell to his media.
The only "ludicrous" thing is your misplaced scepticism -- as if things thing isn't both obvious and something that's standard practice to media handling from entities of any scale...
I think that explanation strikes an appropriate balance of competence and incompetence.
what could go wrong? http://s3.amazonaws.com/dk-production/images/14030/large/Occ...
-priceless. Of course they wouldn't participate in such a thing voluntarily, can you imagine how expensive that would be...
An NSA program like this would not be voluntary.
The value of the data inside Facebook would actually go down if it was transfer out of Facebook. Its much better if Facebook themselves would run the query (like they normally do with advertisement), and provide the NSA with either a summery or webbugs/custom code in form of targeted images (advertisement) sent to those NSA is interested about.
Copying massive data would not just be logistically hard, it would need to be constantly updated. The simplest answer is that "direct access" simply mean NSA provided queries that google/facebook run at "request". No need for backdoors.
You could even argue that an API would not be 'direct access'
First thing I noticed was really the fact that it took these companies so long to put these statements out there, in Mark's case less than an hour ago as of the time of this posting.
Personally, if someone accused my company of giving customer data to the government, and a large segment of my users believed these claims, then I would switch to damage control mode and send a statement out within 6 hours at the most.
Then again, I suppose if you sent out a statement too soon, then people might think that you knew in advance about the leak.
Well, anyway, the weirdness I observed pales in comparison to the odd coincidence you discovered.
I wish somebody had the guts to be a hero. We need more of them.
I feel these statements are for the fans of these companies that want to hear it to believe it and quick to dismiss it.
Personally: I got in trouble with Google in 08' and yet I still use their products even assuming that I am probably monitored or easily creating a gov profile that can easily be subpoenaed (or given just b/c they may not like me).
The sad truth is most people dont even care ...