Denying PRISM

I’m really not much of a conspiracy theorist, but “Triangulating on truth – the totalitarian state” (by Michael Arrington for Uncrunched) presents a good one:
On the Washington Post story [about the NSA spy program PRISM], that means one of these things must be true [emphasis is mine]:
  1. The NSA presentation is fake and the Washington Post got duped, or
  2. Microsoft, Yahoo, Google, Facebook, Apple, etc. are lying, or
  3. The presentation is real, and the companies are carefully drafting responses so that they aren’t technically lying.
I believe the third option above is truth.

The denials

The following subsections contain the official denials by Facebook, Google and Apple. Read them and judge for yourselves. I’ve typeset words in bold that I found interesting and/or passages that are similar between documents. I’ve also numbered paragraphs that are similar.

Mark Zuckerberg’s post on Facebook

I want to respond personally to the outrageous press reports about PRISM:

(1) Facebook is not and has never been part of any program to give the US or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn't even heard of PRISM before yesterday.

(2) When governments ask Facebook for data, we review each request carefully to make sure they always follow the correct processes and all applicable laws, and then only provide the information if is required by law. We will continue fighting aggressively to keep your information safe and secure.

(3) We strongly encourage all governments to be much more transparent about all programs aimed at keeping the public safe. It's the only way to protect everyone's civil liberties and create the safe and free society we all want over the long term.

What the ...? (by Google’s Larry Page)

Dear Google users—

You may be aware of press reports alleging that Internet companies have joined a secret U.S. government program called PRISM to give the National Security Agency direct access to our servers. As Google’s CEO and Chief Legal Officer, we wanted you to have the facts.

(1) First, we have not joined any program that would give the U.S. government—or any other government—direct access to our servers. Indeed, the U.S. government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday.

(2) Second, we provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process. Press reports that suggest that Google is providing open-ended access to our users’ data are false, period. Until this week’s reports, we had never heard of the broad type of order that Verizon received—an order that appears to have required them to hand over millions of users’ call records. We were very surprised to learn that such broad orders exist. Any suggestion that Google is disclosing information about our users’ Internet activity on such a scale is completely false.

(3) Finally, this episode confirms what we have long believed—there needs to be a more transparent approach. Google has worked hard, within the confines of the current laws, to be open about the data requests we receive. We post this information on our Transparency Report whenever possible. We were the first company to do this. And, of course, we understand that the U.S. and other governments need to take action to protect their citizens’ safety—including sometimes by using surveillance. But the level of secrecy around the current legal procedures undermines the freedoms we all cherish.

Posted by Larry Page, CEO and David Drummond, Chief Legal Officer


[Quoting the article “Apple to Yahoo Deny Providing Direct Access to Spy Agency” by Brian Womack & Michael Shepard for Bloomberg.]

“(1) We have never heard of PRISM,” said Steve Dowling, a spokesman for Cupertino, California-based Apple. “(1) We do not provide any government agency with direct access to our servers, and (2) any government agency requesting customer data must get a court order.”


[Quoting “PRISM scandal: tech giants flatly deny allowing NSA direct access to servers” by Dominic Rushe and James Ball for The Guardian.]

A Yahoo spokesman said: "(2) Yahoo! takes users' privacy very seriously. (1) We do not provide the government with direct access to our servers, systems, or network.


It’s interesting to take a look at the companies that are supposedly involved in PRISM (again quoting Arrington):
These are the huge repositories of user information from Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple. Dropbox, we’re told, is “coming soon.” Twitter is noticeably absent.

More material on the web

Each of the following articles examines the loopholes of the denials: Other related material: