But Google said it denies taking part in PRISM...that denial could be a lie, but nothing so far has substantiated that.
The NYT article that so incensed Michael Arrington, for example, exclusively refers to the FISA procedure, which Google has more or less already admitted that they comply with (lawyered requests for specific individual/groups data).
The only part of the NYT article that sounds like the alarming scenario outlined in the PowerPoint slides is this:
> In one recent instance, the National Security Agency sent an agent to a tech company’s headquarters to monitor a suspect in a cyberattack, a lawyer representing the company said. The agent installed government-developed software on the company’s server and remained at the site for several weeks to download data to an agency laptop
There's no mention that the company here is Google and there's really no reason to believe that it is Google (in this instance)...I mean, because if it was, then the procedure described here has vast implications about Google's software stack that would seem untenable for a company with Google's kind of infrastructure
(It's possible that the procedure described here is inaccurate, as it is third hand, but that only underscores the vagueness of this whole thing)
Did it really? It seems that PRISM is the software support etc. to semi-automate the FISA procedure at the Internet companies. Google claimed never to have heard the term 'PRISM' but that could easily be true-but-insignificant.
(It's possible that the "PRISM" name is also being used by the NSA to cover old-fashioned wiretapping of emails etc., but that wouldn't involve the Internet companies as opposed to ISPs.)
Well, yes, really, insomuch as can be expressed in typical human language:
> > First, we have not joined any program that would give the U.S. government—or any other government—direct access to our servers. Indeed, the U.S. government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday.
That's a broad flat out denial. And in my opinion, it includes such options as reserving an omni-admin account for the government, and if such an arrangement exists, then Larry Page should be pilloried for issuing a lie. But until such an arrangement can be shown (and why couldn't it? If there's a NSA official who can leak about it successfully, why is it impossible to imagine that google has at least one such conscientious objector?), it seems a little unfair and counter productive to judge Google with inescapable circular logic.
But that's perfectly compatible with them being in PRISM. It seems PRISM is indeed not a backdoor or a means of direct access for the US Government, but is a conduit for FISA requests to be approved by Google's (and other firms') lawyers. They hadn't heard the term "PRISM" but that's because the US "intelligence community" hadn't used it to them when discussing the system.
They could be regularly piping filtered information to serve the US's Government's interests, as part of project they know by another name but happens to have the code name "PRISM".
There; no "back door", no "direct access", no "PRISM", not "broad", as said elsewhere in the release.
The NYT article that so incensed Michael Arrington, for example, exclusively refers to the FISA procedure, which Google has more or less already admitted that they comply with (lawyered requests for specific individual/groups data).
The only part of the NYT article that sounds like the alarming scenario outlined in the PowerPoint slides is this:
http://www.nytimes.com/2013/06/08/technology/tech-companies-...
> In one recent instance, the National Security Agency sent an agent to a tech company’s headquarters to monitor a suspect in a cyberattack, a lawyer representing the company said. The agent installed government-developed software on the company’s server and remained at the site for several weeks to download data to an agency laptop
There's no mention that the company here is Google and there's really no reason to believe that it is Google (in this instance)...I mean, because if it was, then the procedure described here has vast implications about Google's software stack that would seem untenable for a company with Google's kind of infrastructure
(It's possible that the procedure described here is inaccurate, as it is third hand, but that only underscores the vagueness of this whole thing)