Entries in Spying (2)


Dissecting Tech Companies' Denial of Involvement in NSA's Spying Program 

(WASHINGTON) -- The National Security Agency and the FBI have been tapping into the servers of nine technology companies, including Microsoft, Apple, Google, Yahoo, to collect audio, video, photographs, e-mails and other documents under a program code-named PRISM, according to a report in the Washington Post. But the tech companies named have responded to questions about the story with statements that may leave out as much as they say.

All the major technology companies named in the Post's report have adamantly denied that they have given the government full access to their servers in similar prepared statements.

President Obama said Friday that members of Congress have repeatedly been informed of these programs. "The relevant intelligence committees are fully briefed on these programs. These are programs that have been authorized by broad, bipartisan majorities repeatedly since 2006. And so I think at the outset, it's important to understand that your duly elected representatives have been consistently informed on exactly what we're doing," he said.

Still, while Obama says that data being collected on emails and Internet activity is targeted at foreign nationals and not U.S. citizens, the tech companies have all released similar prepared statements to the media denying involvement in this program.

The Statements

Apple: "We have never heard of PRISM. We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order."

Microsoft: "We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don't participate in it."

Google: "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a 'back door' for the government to access private user data."

Facebook: "Protecting the privacy of our users and their data is a top priority for Facebook. We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law."

Yahoo: "Yahoo! takes users' privacy very seriously. We do not provide the government with direct access to our servers, systems, or network."

Paltalk: "We have not heard of PRISM. Paltalk exercises extreme care to protect and secure users' data, only responding to court orders as required to by law. Paltalk does not provide any government agency with direct access to its servers."

AOL: "We do not have any knowledge of the Prism program. We do not disclose user information to government agencies without a court order, subpoena or formal legal process, nor do we provide any government agency with access to our servers."

Dissecting The Wording and What They Can't Say

The similarity in all the statements is clear. All mention that they would only comply with orders for requests about access to information if forced to do so under the law and that they do not provide "back door" or "direct" access to their servers and to user account information.

Experts believe that commonality in statements could mean a few things. The first is that the companies simply can't talk about this to begin with.

"If these companies received an order under the FISA amendments act, they are forbidden by law from disclosing having received the order and disclosing any information about the order at all," Mark Rumold, staff attorney at the Electronic Frontier Foundation, told ABC News.

John Black, an assistant professor of Computer Science at the University of Colorado, shared a similar opinion. "Many times these laws say they have to comply and they can't disclose their compliance," Black said.

However, the companies are talking about it, they aren't simply saying "no comment." Apple and Paltalk are even specifically saying they have never heard of PRISM.

Rumold says that could be a technicality. "Apple might have had no idea of the government's codename for the program, which was PRISM. What Apple didn't say is that we have never given the NSA access to our data." Rumold went to Berkeley Law and is involved with lawsuits with the NSA and the Department of Justice about some of the other wiretapping cases.

Google, on the other hand, said there was no back door to its servers. "Back door at Google might have one meaning, but what they didn't say is they aren't giving the NSA widespread access to data, which they could potentially say if they had not received an order and given the NSA access to their data," Rumold said.

Black echoed the same thought. "They seem consistently careful in saying we don't give back-door access to the government servers. That's not the same thing as saying the government has no way to access any of our data." Black explained that maybe the NSA doesn't have access to the servers, but the companies don't deny that the government can get whatever information it may want.

James R. Clapper, the director of national intelligence, said in a written statement that the Post report and another on phone surveillance by The Guardian contained "numerous inaccuracies," and that the data collection only targets non-Americans outside the United States.

President Obama stressed that members of Congress have repeatedly been informed of these programs."The programs that have been discussed over the last couple days in the press are secret in the sense that they're classified, but they're not secret in the sense that when it comes to telephone calls, every member of Congress has been briefed on this program," he said.

Still, both Black and Rumold say it is highly unlikely that the technology companies wouldn't have been informed of these programs.

"Google is probably the biggest collection of information on Earth. It would be shocking to me that the NSA wasn't attempting with all its power to get access to Google," Rumold said. "Google might have very well fought a valiant and difficult fight to keep the NSA away from it, but there is only so much it can do as an American company if you get a valid United States court order."

Copyright 2013 ABC News Radio


US Takes Hard Line on Chinese Economic Cyberspying

iStockPhoto/Thinkstock(WASHINGTON) -- The U.S. intelligence community has taken a hard line against economic espionage by alerting U.S. business and industry to vast cyber-espionage operations emanating from China.

U.S. intelligence officials estimate that U.S. companies suffered losses of about $50 billion in 2009 from their research and development efforts. This loss represents trade secrets and intellectual property that have been seized through cyber-attacks, piracy and company insider thefts.

American businesses and their intellectual property are aggressively being targeted by Chinese and Russian intelligence entities, resulting in the loss of billions of dollars, according to a report released Thursday entitled, “Foreign Spies Stealing US Economic Secrets in Cyberspace.”

The outreach campaign by the DNI’s National Counterintelligence Executive and the report to Congress on the issue are designed to raise awareness and protect American ingenuity and businesses in tough economic times from foreign economic and industrial espionage.

The report also cites Russia as a sophisticated adversary trying to move away from an economy dependent on natural resources: “Moscow’s highly capable intelligence services are using HUMINT [human intelligence], cyber and other operations to collect economic information and technology to support Russia’s economic development and security.”

The report references a finding by McAfee where a computer intrusion labeled “Night Dragon” traced to China indicated that individuals were attempting to obtain sensitive data from oil and gas companies.

Although the senior intelligence official declined to discuss specific cases, other U.S. officials have confirmed that China has been involved in a vast array of computer attacks.

Officials are trying to generate awareness among U.S. firms  to tackle the growing problem. “Lots of companies are the victims and they don’t even know it,” a senior intelligence official said.

“There is not a silver bullet here. We need to get this issue under control.”

While the report singles out China and Russia, it also notes that some U.S. allies target and acquire economic and high-tech information for their countries’ benefit.

Copyright 2011 ABC News Radio

ABC News Radio