[indiefan]

Correct me if I'm wrong, but you left out the step where a judge reviews the request to make sure it's not overly broad or based on flimsy reasoning.

Aside from that I'd say it's a very clear, and it's sad that there seems to be a pervasive inference that these companies are something something beyond what our elected law makers have forced them to do. Why isn't more angst directed at the politicians responsible for this?

[lisper]

A judge does review the request. Whether that judge "makes sure it's not overly broad or based on flimsy reasoning" is far from clear. The judge has been hand-picked by John Roberts and only hears the government's side of the case. The FISA court has rejected 0.03 percent of the government's requests. Now, maybe that's just an indication that 99.97% of the government's requests are reasonable, but here's the problem: we have no way of knowing, because it's all secret. THAT is the problem IMHO, more than the surveillance itself.

[rsingel]

No, a judge does not see an individual request in a 702 order. This is the entire point of the 702 and PRISM -- NSA analysts no longer have to fill out paperwork to get data from Google/Facebook/Etc, so long as they are 51% sure the target is a foreigner. There is one court order per company per year. After that, it's "direct access" - e.g. analyst sends request directly to the company.

[lisper]

First I've heard of this 51% thing. If it's true (and I don't doubt it) then the situation is even worse than I thought. Do you have a reference?

[rsingel]

Sure, it's from the Washington Post's reporting: http://www.washingtonpost.com/wp-srv/special/politics/prism-...

Search for 51.

[lisper]

I see where it says in the caption "The supervisor must endorse the analyst's "reasonable belief," defined as 51 percent confidence, that the specified target is a foreign national who is overseas at the time of collection." But that's a caption written by the Post. What I don't see is any support for that statement in the actual slide itself, nor any of the other slides on that page.

[jeltz]

But these companies do more than what is required by law. They do not by law have to provide API access, only to provide the data in some form. None of the smaller webmail hosts cooperate in PRISM.

And as for warrants, no they do not always need a warrant. They only need that if both parties in the communication are US citizens. If none of them are no warrant is needed at all and if just one party is US then they (according to the Wikipedia article on PRISM) can wiretap for up to a week without getting a warrant.

[pvnick]

Just like a judge reviewed the request compelling Verizon to turn over the details of every single call being made by everyone to everyone?