PRISM and websites

[ysabel]

If you still haven't heard of this: NSA slides explain the PRISM data-collection program - The Washington Post

The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets, according to a top-secret document obtained by The Washington Post.

The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”

London’s Guardian newspaper reported Friday that GCHQ, Britain’s equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA.

According to documents obtained by The Guardian, PRISM would appear to allow GCHQ to circumvent the formal legal process required in Britain to seek personal material such as emails, photos and videos from an internet company based outside of the country.

PRISM was launched from the ashes of President George W. Bush’s secret program of warrantless domestic surveillance in 2007, after news media disclosures, lawsuits and the Foreign Intelligence Surveillance Court forced the president to look for new authority.

Congress obliged with the Protect America Act in 2007 and the FISA Amendments Act of 2008, which immunized private companies that cooperated voluntarily with U.S. intelligence collection. PRISM recruited its first partner, Microsoft, and began six years of rapidly growing data collection beneath the surface of a roiling national debate on surveillance and privacy. Late last year, when critics in Congress sought changes in the FISA Amendments Act, the only lawmakers who knew about PRISM were bound by oaths of office to hold their tongues. More on this: U.S., British intelligence mining data from nine U.S. Internet companies in broad secret program - The Washington Post

Is this surprising to you? We've always heard of Big Brother before but it seems to be reserved for suspicious people we hardly feel we're target of that. But looking at this report, they're supposed to be collaborating with websites we use regularly. It doesn't help that Verizon admitted to something like this (see related thread).


Gmail
Facebook
Microsoft (Hotmail)
Yahoo
Google
PalTalk
Skype
Aol
Youtube
Apple

Hmm :hmm: no Twitter?


Has it or will it change the way you use these sites from now on? Or you wouldn't change a thing because it has been there for years and hasn't bothered you anyway?

Of course FB denies involvement: http://mashable.com/2013/06/07/zuckerberg-facebook-prism/


Also, in case you missed it, UK intelligence agency supposedly mines data too from these websites through the help of NSA. Who knows what other government agencies out there are involved?

 

[Wade8813]

This bothers me, but doesn't surprise me. Governments have been doing this sort of thing for forever. What I'm curious about, is what will happen next.

 

[Hilander]

Now that they have their foot in the door with the patriot act who knows what they will do next. None of this surprises me the PA gave them the authority to do it. Never thought once they wouldn't use it.

Bet they watch Twitter too and forums.

 

[ysabel]

So as long as the website is hosted in the US servers then this can be considered as within legal limits, regardless of the international make up of the users? But with this US also practically gave the "same" access to foreign governments. I don't know the laws in the UK, but if say here in FR, we don't have the PA and if the government was collaborating with the US to access our information via websites hosted in US servers, then it's pretty much a betrayal for us.

 

[Wade8813]

I'm not sure how much the "US servers" thing matters.

That would be an interesting angle on this, if it also became an international uproar.