[rasterizer]

Interesting. Some insight, some contradiction and confusion especially when compared to earlier reportings on the first slides:

- The "direct access" claim is replaced with "FBI interception unit" which is "government equipment on private company property to retrieve matching information from a participating company" that detail isn't mentioned in slides but provided in annotations.

- The case format notation points to "real-time notification" when a target logs in or sends emails/IM/VOIP etc:

"Depending on the provider, the NSA may receive live notifications when a target logs on or sends an e-mail, or may monitor a voice, text or voice chat as it happens (noted on the first slide as "Surveillance").

The "Depending on the provider" bit is interesting as it suggests that there are potentially different levels of "participation".

- "On April 5, according to this slide, there were 117,675 active surveillance targets in PRISM's counterterrorism database." can a FISA order cover a target across service providers or each provider requires its own order? the number of targets could dramatically be revises downwards depending on that.

[ics]

I would imagine that the "depending on the provider" bit has more to do with their existing infrastructure than participation per se. A live notification for when someone is on Facebook or even Google would probably be much easier to get (and more useful I suppose) than their iCloud sync.

Edit: Also note that Apple is a late addition on their graph and Microsoft is the first. Don't mean I think that says much about one versus the other, but if MS has been a provider since '07 they probably have much better access either through influence or better understanding than they do at Apple at the time this was presented.

[NoPiece]

Re: apple vs microsoft. Almost certainly Microsoft was added early because of MSN messenger and Hotmail. MSN Messenger was pretty big internationally, notably in China. It would be interesting to know if all Chinese messages were routed through US based servers. Apple wasn't as significant a player in the email and instant messaging space until more recently.

[rasterizer]

Obviously there is plenty of room for speculation but what seems to emerge, at least as I see it, is that even the worst case scenario doesn't entail actual "direct access".

In the case of activity timestamps (which I'm sure legally don't get the same protection as content) they would be sent by the companies to the FBI/NSA not have their actual servers monitored by them.

[Spearchucker]

There's a line between the provider and the FBI. That linesis explained as pull, rather than push. That nuance notwithstanding, how is this not direct access?

[rasterizer]

You want me to speculate about arrow direction?! alright, generally speaking the access is not "direct" because the "boxes" act as buffers. I can't say if they "pull" the boxes or they just serve subpoenas to them and get the data pushed back.

[Spearchucker]

Quite the opposite - no speculation is required. The NSA has direct access. Any discussion that focuses on how is a discussion of semantics, and as such is of anecdotal interest.