| > I didn't accuse you of being an NSA goon. Sorry, I misinterpreted your tone. > Sorry for the wall of text No worries - I'm about to post my own. :) > How is that? That has nothing to do with whether the US records are correct. I have no idea how Greenwald brought up the issue of Boundless Informant in his book, I just know that I saw slides in his PDF showing the US and Poland (maybe more - I forget). In that series of articles, they seemed to make pretty clear that the program was showing where the collection came from, not where the targets were. So, for example, the numbers from Norway represented communications collected "to support Norwegian military operations in conflict areas abroad, or connected to the fight against terrorism, also abroad". Same with Germany, France, Spain and Italy (I'm probably missing some). When it comes to the US numbers, I don't see that it's that big of a leap to take the same statement that the Norwegian intelligence service made, and replace all instances of "Norway" with "US". > That was the Gellman and the Washington post that claimed that, without question. The Guardian article framed it as a question. Greenwald never had to issue any retractions. From the article published in The Guardian[1]: The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian. ... With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users. With regards to the provider's denials, I don't see anything evasive about them: Google: "I'm not sure what the details of this PRISM program are, but I can tell you that the only way in which Google reveals information about users are when we receive lawful, specific orders about individuals -- things like search warrants. And we continue to stand firm against any attempts to do so broadly or without genuine, individualized suspicion, and publicize the results as much as possible in our Transparency Report. Having seen much of the internals of how we do this, I can tell you that it is a point of pride, both for the company and for many of us, personally, that we stand up to governments that demand people's information." [2] Microsoft: "We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it." [3] Facebook: "Facebook is not and has never been part of any program to give the US or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn't even heard of PRISM before yesterday.
When governments ask Facebook for data, we review each request carefully to make sure they always follow the correct processes and all applicable laws, and then only provide the information if is required by law. We will continue fighting aggressively to keep your information safe and secure."[4] AOL: "We do not have any knowledge of the Prism program. We do not disclose user information to government agencies without a court order, subpoena or formal legal process, nor do we provide any government agency with access to our servers." [5] Every one of them is very clear: the NSA needs a court order to get user's data, and they have only complied with orders for specific users. [1] http://www.theguardian.com/world/2013/jun/06/us-tech-giants-... [2] https://plus.google.com/u/0/+YonatanZunger/posts/huwQsphBron [3] http://www.microsoft.com/en-us/news/press/2013/jun13/06-06st... [4] https://www.facebook.com/zuck/posts/10100828955847631 [5] http://blog.aol.com/2013/06/07/aol-statement-regarding-nsa-p... EDIT: Fixed formatting |
"Direct access," these are the NSA's own words. The Guardian ran the providers statements versus what the NSA documents said. That's a fact. That's why there are no retractions in The Guardian's story, and as Soghoian says they don't actually deny "direct access" in those statements, legally. What's likely is that the companies allow them to run informal searches to narrow the data down.
As for the "court order," they're just talking about a FISA court order which only "allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization," which they readily ignore, and it's more like a general warrant because NSA relies on self-reporting. As Snowden indicated, and LOVEINT showed, analysts can just use bullshit justifications and cover it up. And if they targetted a U.S. citizen, according to their own documents, it's "not a big deal."