Asked during a Wednesday hearing of the US government’s institutional privacy watchdog if collection under the law, known as Section 702 or the Fisa Amendments Act, occurred with the “full knowledge and assistance of any company from which information is obtained,” De replied: “Yes.”
When the Guardian and the Washington Post broke the Prism story in June, thanks to documents leaked by whistleblower Edward Snowden, nearly all the companies listed as participating in the program – Yahoo, Apple, Google, Microsoft, Facebook and AOL – claimed they did not know about a surveillance practice described as giving NSA vast access to their customers’ data. Some, like Apple, said they had “never heard” the term Prism.
So, the companies most likely lied. What a surprise.
There’s a difference between FISA Section 702 requests and what is claimed to be the capabilities of the PRISM program.
FISA Section 702 information requests are obviously known to the companies from whom the information is being requested. And several of the companies in question pushed back and got greater permission to report on those requests.
(Additionally, Apple has created a “warrant canary” to cover Patriot Act Section 215 requests which are supposed to be kept secret.)
Knowledge of FISA Section 702 requests is not new nor does it have anything to do with complicity in the PRISM program. None of the companies involved have denied that the NSA or other agencies have requested data under FISA Section 702 from them and that they have complied.
This article is bad reporting, confused, or is specifically aimed to create disinformation. I find nothing new in it. It merely appears that the NSA rep is trying to obfuscate PRISM as permitted by Section 702 and to claim that untargeted collection and continued ability to sift through the data is legal and to shift some blame through complicity. But there seems to be a major disconnect between companies being aware of data requested of them under Section 702 and the vast capabilities that the NSA may be capable of under PRISM and other programs. The fact that De points out this disconnect but then attributes everything that may fall under the rubric of “PRISM” is permitted under FISA Section 702 and that there was full participation from companies is interesting and problematic. It’s immensely transparent that a leap is being made but it’s not clear what that leap is since they are unwilling to discuss their full capabilities. This may be compounded by bad reporting but this is unclear: is it just the NSA being nefarious and obfuscatory or is there also bad reporting involved? I can’t tell at the moment.
Edited 2014-03-20 20:48 UTC