[bestbits] FW: [IP] Tech Companies Concede to Surveillance Program - NYTimes.com

Sat Jun 8 08:00:55 EDT 2013

-----Original Message-----
From: David Farber [mailto:dave at farber.net] 
Sent: Saturday, June 08, 2013 7:30 AM
To: ip
Subject: [IP] Tech Companies Concede to Surveillance Program - NYTimes.com

http://www.nytimes.com/2013/06/08/technology/tech-companies-bristling-conced
e-to-government-surveillance-efforts.html?ref=global-home&_r=0&pagewanted=al
l&pagewanted=print

Tech Companies Concede to Surveillance Program

SAN FRANCISCO - When government officials came to Silicon Valley to demand
easier ways for the world's largest Internet companies to turn over user
data as part of a secret surveillance program, the companies bristled. In
the end, though, many cooperated at least a bit.

Twitter declined to make it easier for the government. But other companies
were more compliant, according to people briefed on the negotiations. They
opened discussions with national security officials about developing
technical methods to more efficiently and securely share the personal data
of foreign users in response to lawful government requests. And in some
cases, they changed their computer systems to do so.

The negotiations shed a light on how Internet companies, increasingly at the
center of people's personal lives, interact with the spy agencies that look
to their vast trove of information - e-mails, videos, online chats, photos
and search queries - for intelligence. They illustrate how intricately the
government and tech companies work together, and the depth of their
behind-the-scenes transactions.

The companies that negotiated with the government include Google, which owns
YouTube; Microsoft, which owns Hotmail and Skype; Yahoo; Facebook; AOL;
Apple; and Paltalk, according to one of the people briefed on the
discussions. The companies were legally required to share the data under the
Foreign Intelligence Surveillance Act. People briefed on the discussions
spoke on the condition of anonymity because they are prohibited by law from
discussing the content of FISA requests or even acknowledging their
existence.

In at least two cases, at Google and Facebook, one of the plans discussed
was to build separate, secure portals, like a digital version of the secure
physical rooms that have long existed for classified information, in some
instances on company servers. Through these online rooms, the government
would request data, companies would deposit it and the government would
retrieve it, people briefed on the discussions said.

The negotiations have continued in recent months, as Martin E. Dempsey,
chairman of the Joint Chiefs of Staff, traveled to Silicon Valley to meet
with executives including those at Facebook, Microsoft, Google and Intel.
Though the official purpose of those meetings was to discuss the future of
the Internet, the conversations also touched on how the companies would
collaborate with the government in its intelligence-gathering efforts, said
a person who attended.

While handing over data in response to a legitimate FISA request is a legal
requirement, making it easier for the government to get the information is
not, which is why Twitter could decline to do so.

Details on the discussions help explain the disparity between initial
descriptions of the government program and the companies' responses.

Each of the nine companies said it had no knowledge of a government program
providing officials with access to its servers, and drew a bright line
between giving the government wholesale access to its servers to collect
user data and giving them specific data in response to individual court
orders. Each said it did not provide the government with full,
indiscriminate access to its servers.

The companies said they do, however, comply with individual court orders,
including under FISA. The negotiations, and the technical systems for
sharing data with the government, fit in that category because they involve
access to data under individual FISA requests. And in some cases, the data
is transmitted to the government electronically, using a company's servers.

"The U.S. government does not have direct access or a 'back door' to the
information stored in our data centers," Google's chief executive, Larry
Page, and its chief legal officer, David Drummond, said in a statement on
Friday. "We provide user data to governments only in accordance with the
law."

Statements from Microsoft, Yahoo, Facebook, Apple, AOL and Paltalk made the
same distinction.

But instead of adding a back door to their servers, the companies were
essentially asked to erect a locked mailbox and give the government the key,
people briefed on the negotiations said. Facebook, for instance, built such
a system for requesting and sharing the information, they said.

The data shared in these ways, the people said, is shared after company
lawyers have reviewed the FISA request according to company practice. It is
not sent automatically or in bulk, and the government does not have full
access to company servers. Instead, they said, it is a more secure and
efficient way to hand over the data.

Tech companies might have also denied knowledge of the full scope of
cooperation with national security officials because employees whose job it
is to comply with FISA requests are not allowed to discuss the details even
with others at the company, and in some cases have national security
clearance, according to both a former senior government official and a
lawyer representing a technology company.

FISA orders can range from inquiries about specific people to a broad sweep
for intelligence, like logs of certain search terms, lawyers who work with
the orders said. There were 1,856 such requests last year, an increase of 6
percent from the year before.

In one recent instance, the National Security Agency sent an agent to a tech
company's headquarters to monitor a suspect in a cyberattack, a lawyer
representing the company said. The agent installed government-developed
software on the company's server and remained at the site for several weeks
to download data to an agency laptop.

In other instances, the lawyer said, the agency seeks real-time transmission
of data, which companies send digitally.

Twitter spokesmen did not respond to questions about the government
requests, but said in general of the company's philosophy toward information
requests: Users "have a right to fight invalid government requests, and we
stand with them in that fight."

Twitter, Google and other companies have typically fought aggressively
against requests they believe reach too far. Google, Microsoft and Twitter
publish transparency reports detailing government requests for information,
but these reports do not include FISA requests because they are not allowed
to acknowledge them.

Yet since tech companies' cooperation with the government was revealed
Thursday, tech executives have been performing a familiar dance, expressing
outrage at the extent of the government's power to access personal data and
calling for more transparency, while at the same time heaping praise upon
the president as he visited Silicon Valley.

Even as the White House scrambled to defend its online surveillance,
President Obama was mingling with donors at the Silicon Valley home of Mike
McCue, Flipboard's chief, eating dinner at the opulent home of Vinod Khosla,
the venture capitalist, and cracking jokes about Mr. Khosla's big, shaggy
dogs.

On Friday, Mark Zuckerberg, Facebook's chief executive, posted on Facebook a
call for more government transparency. "It's the only way to protect
everyone's civil liberties and create the safe and free society we all want
over the long term," he wrote.

Reporting was contributed by Nick Bilton, Vindu Goel, Nicole Perlroth and
Somini Sengupta in San Francisco; Edward Wyatt in Washington; Brian X. Chen
and Leslie Kaufman in New York; and Nick Wingfield in Seattle.

-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/22720195-c2c7cbd3
Modify Your Subscription:
https://www.listbox.com/member/?member_id=22720195&id_secret=22720195-8fdd43
08
Unsubscribe Now:
https://www.listbox.com/unsubscribe/?member_id=22720195&id_secret=22720195-9
7c5b007&post_id=20130608073012:C6A4997C-D02E-11E2-917C-C471030EBDDA
Powered by Listbox: http://www.listbox.com