First, we have not joined any program that would give
the U.S. government—or any other government—direct
access to our servers. Indeed, the U.S. government does
not have direct access or a “back door” to the
information stored in our data centers. We had not
heard of a program called PRISM until yesterday.
Second, we provide user data to governments only in
accordance with the law. [...] Press reports that
suggest that Google is providing open-ended access to
our users’ data are false, period.
Until this week’s reports, we had never heard of the broad
type of order that Verizon received—an order that appears
to have required them to hand over millions of users’
IMHO, this points in the direction, that there is FBI equipment in the Google datacenters. This equipment is tapping into the network connections and pipes them to the NSA. So the Guardians allegations  that
"Collection directly from the servers of these US service
providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL,
Skype, YouTube, Apple."
Nobody really cares about the how, yet that's what all the technical denials focused on. What matters is the what.
WaPo and The Guardian have played their hands well to let companies and government entities themselves reveal who is being straight with the public and who is tap dancing.
> We refuse to participate in any program — for national security or other reasons — that requires us to provide governments with access to our systems or to install their equipment on our networks,” he said.
Looking at these slides, I see no proof that companies have FBI equipment on their property. That seems to be a claim made by the WaPo that is supported by other slides or sources. I am just suggesting we wait until more information comes forward before we start taking these accusations as fact.
I really hope that tech company CEOs get their feet held to the fire for misleading statements though and journalists keep (or start) asking them direct and difficult questions to get answers on record before more leaks come out.
There can easily still be no wiretapping equipment upstream of the servers; the companies are already copying the data directly to the collection equipment anyways, so that can be a parallel path. I'm not sure a place like Google or Facebook would ever choose to participate in something like this if their whole business were one misconfigured serial-path wiretap server away from being completely down.
I believe the NYT had mentioned a couple of days after the story broke that 'real-time' collection was possible. Even that is easy technically, you just send a copy of that instant message or video frame to the FBI collection server as it goes out.
Of course maybe it's possible to setup a session and then just forward all traffic from a given company subnet IP:port to a PRSIM case file, but that's getting back into impl details for me.
Statements from Google:
we have not joined any program that would
give the U.S. government—or any other
government—direct access to our servers.
Our legal team reviews each and every request,
and frequently pushes back when requests are overly
broad or don’t follow the correct process. Press
reports that suggest that Google is providing
open-ended access to our users’ data are false, period.
Until this week’s reports, we had never heard of the
broad type of order that Verizon received—an order
that appears to have required them to hand over
millions of users’ call records. We were very surprised
to learn that such broad orders exist. Any suggestion
that Google is disclosing information about our
users’ Internet activity on such a scale is
We cannot say this more clearly -- the government does
not have access to Google servers--not directly, or via
a back door, or a so-called drop box. Nor have we
received blanket orders of the kind being discussed in
the media. It is quite wrong to insinuate otherwise.
Google participates in that allows the kind of access
that the media originally reported. Note that I
say "originally" because you'll see that many of
those original sources corrected their articles after
it became clear that the PRISM slides were not accurate.
There is no free-for-all, no direct access, no
indirect access, no back door, no drop box.
We’re not in the business of lying and we’re absolutely
telling the truth about all of this. Our business
depends on the trust of our users. And I’m an executive
officer of a large publicly traded company, so lying to
the public wouldn’t be the greatest career move.
If by what has now been “revealed” you mean the allegation
that Google is allowing the NSA unfettered access to user
data or that we’re handing over data willy-nilly to the
government, again, that’s just not true. It’s not
rhetoric, it’s just a fact.
QUESTION: Without giving any specifics which might put you
in violation of such an order, are you legally bound to \
lie about anything to the public? (Yes or no is fine)
ANSWER: Nope. No gun to my head.
I’m really troubled if you’ve lost trust in us because of
this idea that we’re collaborating in a broad surveillance
program. We’re not, and that’s why we are pushing back so
hard on these allegations.
There is no free-for-all, no direct access, no
indirect access, no back door, no drop box.
If the media claims turn out to be true nobody is going to think "Oh, Google was telling the truth the whole time!" As I mentioned, there is no practical difference between this statement being "true" in the sense that you creatively "read" it and an outright lie. No reasonable person would read these statements in the way that you have.
You seem to be having a really hard time simultaneously holding the idea that the media reports are correct and the idea that Google/the big tech industry is trustworthy, hence the mental gymnastics. You're going to have to drop one of those two ideas. You will eventually.
So implying something, while actually reporting something different is a lie, but it is a highly specific type of lie. And it is quite often quite interesting to do these mental gymnastics to uncover the sliver of truth in these statements.
"What the ...?"
Posted: Friday, June 07, 2013
Dear Google users—
You may be aware of press reports alleging that Internet companies have joined a secret U.S. government program called PRISM to give the National Security Agency direct access to our servers. As Google’s CEO and Chief Legal Officer, we wanted you to have the facts.
First, we have not joined any program that would give the U.S. government—or any other government—direct access to our servers. Indeed, the U.S. government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday.
Second, we provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process. Press reports that suggest that Google is providing open-ended access to our users’ data are false, period. Until this week’s reports, we had never heard of the broad type of order that Verizon received—an order that appears to have required them to hand over millions of users’ call records. We were very surprised to learn that such broad orders exist. Any suggestion that Google is disclosing information about our users’ Internet activity on such a scale is completely false.
Finally, this episode confirms what we have long believed—there needs to be a more transparent approach. Google has worked hard, within the confines of the current laws, to be open about the data requests we receive. We post this information on our Transparency Report whenever possible. We were the first company to do this. And, of course, we understand that the U.S. and other governments need to take action to protect their citizens’ safety—including sometimes by using surveillance. But the level of secrecy around the current legal procedures undermines the freedoms we all cherish.
Posted by Larry Page, CEO and David Drummond, Chief Legal Officer
A huge corporation? Lying? About doing stuff that's harmful to their image -- stuff that they would have been pressured to lie about and deny them anyway?
Please. Next thing you'll tell us that there's no Santa Claus!
Even today there are NSA analysts who have tried to lookup their ex-wives, and been caught and terminated. And that's just leaving it to NSA's own accountability measures, imagine what we could do if we actually added real oversight!
A sophisticated NSA analyst could make many trades with inside information and avoid raising alarm by making off-the-radar trades.
And their ticket into prison.
Whenever you want to know the truth, just go to original sources instead of someone's 'interpretation' of it.
The questions I have are whether they are indeed doing it wholesale, e.g. widespread "phrase monitoring" and whether they are archiving (particularly, wholesale) the content  without a target/content specific search warrant in place.
P.S. Also, whether they are doing it to political and/or economic ends.
 We already know about the disposition of the so-called "metadata".
Well, let's say I would have no problems with it, if I wouldn't worry about the chilling effects it would have on others.
It would be nice if the politicians were required to hear complaints, but that only works if you're rich enough to make a difference in the Game.
Being caught spying on others = super embarrassing, being spied on = hilarious. But then again, I never had anything used against me, I would sing a different tune real quick in that case. So I don't mean to belittle it in general. But if anyone can get a kick out of it while being against it and vocal about that, more power to them, right?
And they won't -- until it begins gravely-affecting their normal life (eg. food, water, shelter, Kim Kardashian baby news). That's how oppressive regimes maintain control (I am not explicitly saying Obama is an oppressive regime).
We have more knowledge and therefor more responsibility.
It is up to each and everyone of us to educate our families and friends and to effectively migrate them towards complete encryption, on every level.
- OpenPGP for Email
- RetroShare for Chat/Messages/File sharing/etc.
- Hard drive encryption
Then you seriously need to expand your horizons on information intake, because human rights orgs are pissed off, Ecuador and Hong Kong are pissed off. Germany, and the EU as a whole are considering a wide range of actions, and so on.
Ecuador and Hong Kong are pissed off...
"Security experts and democracy proponents say that mainland China’s domestic surveillance operations in Hong Kong are far more extensive than the American effort. But those operations have largely disappeared from public discussion as attention has focused on the many details released by Mr. Snowden."
So it would appear there's some outrage elsewhere too.
I personally am not okay with the alleged surveillance of practically everyone in the world who uses a phone or the web. That's just not okay. But is that really what's happening? What I'm seeing in the actual documents that have leaked is that the NSA has the ability to surveil anyone using most services but I'm not seeing anything that shows that they actually are just collecting these vast swaths of data and aimlessly looking for incriminating things. What I do see is that they use this ability to target certain individuals and that they're allowed to do this because of a rubber stamp process in secret courts. I also see that sometimes in the process of targeting on person or a group of people, other innocent parties get caught in that net. This is what I've seen in the evidence. Now the editorial that goes along with it, which is what everyone is loving to eat up right now paints a darker picture.
Is what we really know scary? It certainly can be but I'm of two minds about it. On the one hand I see law enforcement doing its job and doing it without breaking the law and, for the most part, ethically. I'm talking about capturing the data of known terrorists and such. Then there's the egotistical, kind of immature, smarter-than-everyone-else side of me who hates this and thinks its the devil. This power can be abused in so many ways its not even funny. But how narcissistic can I be to think that anything I do is being watched by the NSA. Even if I were an activist, would they really care? There are so many other ways to target free speech and stamp out political dissent that are already in use today that you don't even need the NSA's prism to do it.
What I guess I'm getting at is that I don't think either view is right. Those who think this is just fine and no big deal are naive and those who think this is a grand government conspiracy to create a police state are also naive. It's hard to take either group seriously. The truth is somewhere in the middle where PRISM can be a useful tool but at the same time needs to be just open enough to where citizens can have an intelligent discussion of where to draw certain lines and what kind of oversight is needed.
As for Snowden, he now comes off as a narcissist who got played by a reporter for a huge story. Is there an element of giving a shit to Greenwald's reporting? Of course. But to think Greenwald ran with this out of pure love of democracy or some other equally trite reason is hard to believe. And for Snowden to take so fucking many top secret documents then fly off to, so far, two countries who would absolutely love to get their hands on them for their own purposes only looks bad for him. Being a whistleblower would qualify him as heroic but taking all that classified info then flying to Hong Kong (regardless of how close their government is or isn't with China) and Russia would qualify him as a traitor.
I know this isn't the big bad government conspiracy story we all like to jump in on around here but I think its closer to reality than either of the other two ends of the spectrum that we normally hear the vast majority of the time.
PRISM is an inconsequential piece of the puzzle, and truthfully one of the most innocuous. Nobody is really disputing that it collects information on only a small number of people. However, other NSA programs very clearly do not - they collect everything on everyone, then look at the interesting parts.
As of right now, the NSA has a blank check to collect any data they want and can retroactively obtain warrants for accessing that data. You can argue about the merits of what they are doing, but I see very little basis in arguing that they aren't actually collecting vast amounts of communications.
Personally, I think there is absolutely no way to stuff this genie back in the bottle.
Never give 1 cent to these companies, again.
Our only vote with them is our dollars.