[governance] (Tangential) "You Should Use Both" - How America's Internet Companies Are Handing Over Your Data To Uncle Sam

Riaz K Tayob riaz.tayob at gmail.com
Sun Jun 9 05:07:48 EDT 2013 

  "You Should Use Both" - How America's Internet Companies Are Handing
  Over Your Data To Uncle Sam

Tyler Durden's picture <http://www.zerohedge.com/users/tyler-durden>
Submitted by Tyler Durden <http://www.zerohedge.com/users/tyler-durden> 
on 06/08/2013 13:58 -0400


In the aftermath of the PRISM spying scandal, the first and logical 
response was an expected one: *lie*. The president did it 
<http://www.zerohedge.com/news/2013-06-07/obama-lying-about-big-brother>, and 
so did the various companies implicated in the biggest US surveillance 
scandal ever exposed. To wit:

  * Zuckerberg: "*Facebook is not and has never been part of any program
    to give the US or any other government direct access to our servers*."
  * Google CEO Larry Page: "*We have not joined any program that would
    give the US government -- or any other government -- direct access
    to our servers."*
  * Yahoo: "*We do not provide the government with direct access to our
    servers, systems, or network*."

One small problem: /*they are all lying.*/

The NYT explains 
<http://www.nytimes.com/2013/06/08/technology/tech-companies-bristling-concede-to-government-surveillance-efforts.html>just 
how the explicit handover of private customer data from Corporate Server 
X to NSA Server Y takes place.

    The companies that negotiated with the government include Google,
    which owns YouTube; Microsoft, which owns Hotmail and Skype; Yahoo;
    Facebook; AOL; Apple; and Paltalk, according to one of the people
    briefed on the discussions. *The companies were legally required to
    share the data under the Foreign Intelligence Surveillance Act.
    People briefed on the discussions spoke on the condition of
    anonymity because they are prohibited by law from discussing the
    content of FISA requests or even acknowledging their existence.*

    *In at least two cases, at Google and Facebook, one of the plans
    discussed was to build separate, secure portals, like a digital
    version of the secure physical rooms that have long existed for
    classified information, in some instances on company servers*.
    Through these online rooms, the government would request data,
    companies would deposit it and the government would retrieve it,
    people briefed on the discussions said.

    ...

    Each of the nine companies said it had no knowledge of a government
    program providing officials with access to its servers, and drew a
    bright line between giving the government wholesale access to its
    servers to collect user data and giving them specific data in
    response to individual court orders. Each said it did not provide
    the government with full, indiscriminate access to its servers.

    The companies said they do, however, comply with individual court
    orders, including under FISA. The negotiations, and the technical
    systems for sharing data with the government, fit in that category
    because they involve access to data under individual FISA requests.
    And in some cases, the data is transmitted to the government
    electronically, using a company's servers.

    "*The U.S. government does not have direct access or a 'back door'
    to the information stored in our data centers*," Google's chief
    executive, Larry Page, and its chief legal officer, David Drummond,
    said in a statement on Friday. "We provide user data to governments
    only in accordance with the law." Statements from Microsoft, Yahoo,
    Facebook, Apple, AOL and Paltalk made the same distinction.

    But instead of adding a back door to their servers, *the companies
    were essentially asked to erect a locked mailbox and give the
    government the key, *people briefed on the negotiations said.
    *Facebook, for instance, built such a system for requesting and
    sharing the information, they said.*

    The data shared in these ways, the people said, is shared after
    company lawyers have reviewed the FISA request according to company
    practice. It is not sent automatically or in bulk, and the
    government does not have full access to company servers. Instead,
    they said, it is a more secure and efficient way to hand over the data.

    Tech companies might have also denied knowledge of the full scope of
    cooperation with national security officials because *employees
    whose job it is to comply with FISA requests are not allowed to
    discuss the details even with others at the company, *and in some
    cases have national security clearance, according to both a former
    senior government official and a lawyer representing a technology
    company.

And there you have it: backdoors, locked (and not so locked mailboxes), 
and internal corporate firewalls in which some employees know everything 
that is going on and are used as a Chinese Wall scapegoat by everyone 
else who was shocked there is snooping going on here, SHOCKED.

Oh, and if that was not enough, here it is straight from the horse's 
mouth. Via the Guardian 
<http://www.guardian.co.uk/world/2013/jun/08/nsa-surveillance-prism-obama-live?guni=Network%20front:network-front%20full-width-1%20bento-box:Bento%20box:Position2#block-51b36893e4b0cc6424372292>:

    The slide, below, details different methods of data collection under
    the FISA Amendment Act of 2008 (which was renewed in December 2012).
    It clearly distinguishes Prism, which involves data collection from
    servers, as distinct from four different programs involving data
    collection from "fiber cables and infrastructure as data flows past".

    <http://www.zerohedge.com/sites/default/files/images/user5/imageroot/2013/06/PRISM%20use%20both.jpg>

    Essentially, the slide suggests that the NSA also collects some
    information under FAA702 from cable intercepts, but that process is
    distinct from Prism.

    Analysts are encouraged to use both techniques of data gathering.

*"You Should Use Both**."* You know: just in case only one is 
insufficient to make a mocker of all personal rights and civil liberties.

<http://www.zerohedge.com/sites/default/files/images/user5/imageroot/2013/06/NSA%20dark%20knight.jpg>

Average:
5
Your rating: None Average: 5 (12 votes)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20130609/305d68e2/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: picture-5.jpg
Type: image/jpeg
Size: 18993 bytes
Desc: not available
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20130609/305d68e2/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PRISM use both.jpg
Type: image/jpeg
Size: 51920 bytes
Desc: not available
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20130609/305d68e2/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NSA dark knight.jpg
Type: image/jpeg
Size: 67036 bytes
Desc: not available
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20130609/305d68e2/attachment-0002.jpg>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list