[RWeaver]

Could it be both? Most network monitoring systems specifically don't want to modify the network data, so "direct access" is undesirable anyway. It seems Google, FB and others are compelled to duplicate all data (including real time data) specified in the FISA, which is basically everything, into these special portals. Then the agencies can access whatever they want carte blanche from the duplicate environments without alerting sysadmins on the production servers. And the CEOs can say they don't have direct access and haven't heard the word PRISM before.