What is the NSA's PRISM program? (FAQ)
We now know that the NSA uses something called PRISM to monitor private Web data. Sounds like "1984." What does it really mean?
You've been hearing about a top-secret government program reportedly giving the NSA access to digital consumer information held by large tech companies. But what is it, really, and how does it affect you? Reports are changing fast, so we created this FAQ to let you know what is known so far. We will continue to update it as the facts become clear.
What is PRISM?
PRISM stands for "Planning Tool for Resource Integration, Synchronization, and Management," and is a "data tool" designed to collect and process "foreign intelligence" that passes through American servers. Details about its existence were leaked to The Washington Post and The Guardian by Edward Snowden, a 29-year-old NSA contractor.
PRISM stands for "Planning Tool for Resource Integration, Synchronization, and Management," and is a "data tool" designed to collect and process "foreign intelligence" that passes through American servers. Details about its existence were leaked to The Washington Post and The Guardian by Edward Snowden, a 29-year-old NSA contractor.
It has now been acknowledged by the Obama administration.
In the words of national security reporter Marc Ambinder, "PRISM [is] a kick-ass GUI that allows an analyst to look at, collate, monitor, and cross-check different data types provided to the NSA from Internet companies located inside the United States."
It only targets foreigners?
PRISM "cannot be used to intentionally target any U.S. citizen (PDF), or any other U.S. person, or to intentionally target any person known to be in the United States, according to a statement released by Director Clapper on June 8.
Peeping PRISM
How concerned are you about the NSA snooping on your Web activities?
Totally freaked out.
48%
Kinda anxious. Slippery slope...
36%
I'm OK with it -- I think
6%
Not worried at all.
10%
.
Why would there be foreign intelligence on American servers?
A huge amount of foreign internet traffic is routed through or saved on U.S. servers. For instance, a majority of Facebook and Google users are not from the United States.
So how does this affect an American's data?
The key word is intentional. The NSA can't intentionally target an Americans data. But analysts need only be at least 51 percent confident of a target's "foreignness."
The key word is intentional. The NSA can't intentionally target an Americans data. But analysts need only be at least 51 percent confident of a target's "foreignness."
What is PRISM not?
It is apparently not the name for an overarching secret surveillance program in affiliation with certain large tech companies, as was originally reported by The Washington Post. Director of National Intelligence James Clapper has released a statement saying, "PRISM is not an undisclosed collection or data mining program." Instead, the name PRISM appears to refer to the actual computer program used to collect and analyze data legally requested by the NSA and divulged by Internet companies. This matches reports from CNET and The New York Times.
It is apparently not the name for an overarching secret surveillance program in affiliation with certain large tech companies, as was originally reported by The Washington Post. Director of National Intelligence James Clapper has released a statement saying, "PRISM is not an undisclosed collection or data mining program." Instead, the name PRISM appears to refer to the actual computer program used to collect and analyze data legally requested by the NSA and divulged by Internet companies. This matches reports from CNET and The New York Times.
However, as the New York Times reported late Friday evening, it has come to light that the nine large tech companies first reported to be working with the NSA to divulge information have, in fact, made it easier for the government to access data from their servers.
Which companies are involved?
Microsoft, Yahoo, AOL, Facebook, Google, Apple, PalTalk, YouTube, and Skype. Dropbox is allegedly "coming soon." However, 98 percent of PRISM production is based on just Yahoo, Google, and Microsoft.
Microsoft, Yahoo, AOL, Facebook, Google, Apple, PalTalk, YouTube, and Skype. Dropbox is allegedly "coming soon." However, 98 percent of PRISM production is based on just Yahoo, Google, and Microsoft.
All nine of them have explicitly denied that the government has "direct access" to their servers. Reliable sources have confirmed to CNET that PRISM works on a request-by-request basis, rather than unfettered access, as was originally reported by the Washington Post. Here is a direct quote from our in-depth article on this issue:
Those reports are incorrect and appear to be based on a misreading of a leaked Powerpoint document, according to a former government official who is intimately familiar with this process of data acquisition and spoke today on condition of anonymity.
Still, it appears that though they may have withheld direct access to their servers, many did in fact agree to collaborate with the government on "developing technical methods to more efficiently and securely share the personal data of foreign users in response to lawful government requests."
How?
It's not entirely clear, but according to the New York Times, in at least two cases the companies discussed creating secure digital dropboxes where information sought by the NSA could be electronically deposited. Facebook reportedly actually built such a system.
It's not entirely clear, but according to the New York Times, in at least two cases the companies discussed creating secure digital dropboxes where information sought by the NSA could be electronically deposited. Facebook reportedly actually built such a system.
Why isn't Twitter a part of PRISM?
That's a very good question that at first no one was able to answer.
That's a very good question that at first no one was able to answer.
It now appears as though the answer is: Twitter simply said no.
Companies are legally obligated to comply with any legitimate government request for user data, but they are under no legal obligation to make that process easier. Twitter apparently refused to join the other nine in steam rolling the process.
On Friday, June 7, the New York Times wrote:
Twitter declined to make it easier for the government. But other companies were more compliant, according to people briefed on the negotiations. They opened discussions with national security officials about developing technical methods to more efficiently and securely share the personal data of foreign users in response to lawful government requests. And in some cases, they changed their computer systems to do so.
Is this the same as the data Verizon is giving to the NSA?
No. This is separate. The data Verizon gives to the NSA is merely metadata, so although the government can see who you call and how long you talk to them, they are not listening in on your voice mails and phone calls. But again, that's a separate NSA program. For more information on it, read this.
What type of data is monitored?
According to "slides and other supporting materials" obtained by The Washington Post: "e-mail, chat, videos, photos, stored data, VoIP, file transfers, video conferencing, notifications of target activity...log-ins, etc., online social networking details" -- so, everything.
According to "slides and other supporting materials" obtained by The Washington Post: "e-mail, chat, videos, photos, stored data, VoIP, file transfers, video conferencing, notifications of target activity...log-ins, etc., online social networking details" -- so, everything.
For instance, Google data includes "Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms."
The original report suggests that "NSA reporting increasingly relies on PRISM" as its leading source of raw material, accounting for nearly one in seven intelligence reports.
Can they read my iMessage?
Theoretically, yes. That is the kind of data the program has access to.
Theoretically, yes. That is the kind of data the program has access to.
So someone has read my e-mail?
Aside from the fact that Google's algorithms crawl your e-mail all the time to target ads at you, "someone" within the NSA may have read your e-mails.
Aside from the fact that Google's algorithms crawl your e-mail all the time to target ads at you, "someone" within the NSA may have read your e-mails.
Should I be outraged?
Probably! But maybe not. President Obama addressed PRISM on Friday and essentially said, "Don't worry. You can trust us."
Probably! But maybe not. President Obama addressed PRISM on Friday and essentially said, "Don't worry. You can trust us."
Who is to blame for this?
Well, let's let Anthony Romero of the American Civil Liberties Union sum it up. He is quoted by The New York Times as saying, "A pox on all the three houses of government. On Congress, for legislating such powers, on the FISA court for being such a paper tiger and rubber stamp, and on the Obama administration for not being true to its values."
Well, let's let Anthony Romero of the American Civil Liberties Union sum it up. He is quoted by The New York Times as saying, "A pox on all the three houses of government. On Congress, for legislating such powers, on the FISA court for being such a paper tiger and rubber stamp, and on the Obama administration for not being true to its values."
Is it even legal?
Yes, under Section 702 of the Foreign Intelligence Surveillance Act (FISA) of 2008 and the Protect America Act of 2007. Director of National Intelligence James Clapper released a statement Thursday night saying that "Section 702 is a provision of FISA that is designed to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States. It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States." FISA was renewed last year by Congress.
Yes, under Section 702 of the Foreign Intelligence Surveillance Act (FISA) of 2008 and the Protect America Act of 2007. Director of National Intelligence James Clapper released a statement Thursday night saying that "Section 702 is a provision of FISA that is designed to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States. It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States." FISA was renewed last year by Congress.
According to the Post, "Late last year, when critics in Congress sought changes in the FISA Amendments Act, the only lawmakers who knew about PRISM were bound by oaths of office to hold their tongues." When the story broke, Ron Wyden (D-Ore.) and Mark Udall (D-Colo.) released a letter they cowrote to the Justice Department expressing their concerns relating to the program.
Those reports are incorrect and appear to be based on a misreading, thanks for sharing, it's very useful, I will visit this blog again, permit bookmarks
ReplyDeletevisit pulpen parker