Tuesday, June 11, 2013

PRISM raises more questions than answers

In the last week The Guardian revealed that the NSA, the United States's National Security Agency, has been involved in the widespread surveillance of Internet users' data. Through a programme called PRISM the NSA are said to have had access to the servers of many Internet companies including Google, Apple, Microsoft, Facebook and Skype.


The Obama administration have justified the operation by saying it is necessary to prevent terrorism, to aid law enforcement in preventing or solving crime as well as defending America's core interests and for maintaining national security.

The revelations have shocked many observers, especially privacy campaigners who say the methods used to protect the public and state go too far. But US President Barack Obama has defended the US surveillance practices saying, "You can't have 100% security and also then have 100% privacy and zero inconvenience."

In Britain Sir Malcolm Rifkind, the head of the Intelligence and Security Committee, which scrutinises Britain's spies, said there had to be some level of "intrusion" into private life to keep people safe from terrorism. Nonetheless his comments were tempered by the Prime Minister David Cameron who insisted that British intelligence agents always operated in way that is "proper and fitting".

"I want to reassure people as Prime Minister, as the minister for the intelligence services, that I see every day the vital work they do to keep us safe, but it is vital work that is done under a legal framework, within the law, and subject to proper scrutiny by an Intelligence and Security Committee," Cameron said [Telegraph / Daily Mail].


For some, the revelations are little surprise, even if true. The US and several other signatories have, for a long time, been involved in secretly monitoring public and private communications under the umbrella of ECHELON, a system that according to a report compiled by the European Union was capable of interception and content inspection of telephone calls, fax, e-mail and other data traffic globally through the interception of communication bearers including satellite transmission, public switched telephone networks (which once carried most Internet traffic) and microwave links.

ECHELON has been referred to extensively in books and films. In the film Enemy of the State a group of rogue NSA agents kill a US Congressman attempting to block legislation that dramatically expands the surveillance powers of intelligence agencies. They try to cover up the murder and use ECHELON to track down lawyer Robert Clayton Dean [played by Will Smith] who risks making the details public.

An episode of PBS' Nova titled "Spy Factory" reported that the film's portrayal of the NSA's capabilities were fiction, and that although the agency can intercept transmissions, connecting the dots was difficult. But from what has been revealed this last week, PRISM may have been able to bridge such gaps.

Claims "exaggerated"

Fears expressed by some suggest that PRISM allows almost unfettered access to almost all Internet users' data, storing it and filtering through the information. Other suggest such fears are unfounded and that some of the claims are exaggerated with experts questioning its true power. Digital forensics professor Peter Sommer says PRISM's access might be more akin to a "catflap" than a "backdoor".

"The spooks may be allowed to use these firms' servers but only in respect of a named target," he told the BBC. "Or they may get a court order and the firm will provide them with material on a hard-drive or similar."

For their part Internet companies have denied they are actively offering information to the NSA, providing backdoor access or are in any way breaching the trust and privacy of their users.


In a blogpost, one of Google's founders and CEO Larry Page dismissed the reports and insisted that Google had not joined PRISM. "We have not joined any program that would give the U.S. government—or any other government—direct access to our servers," Page said in a statement made jointly with David Drummond, Google's Chief Legal Officer.

In a further clarification, Page went on to say that Google provides "user data to governments only in accordance with the law."

"Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don't follow the correct process. Press reports that suggest that Google is providing open-ended access to our users' data are false, period."

Facebook also denied it was complicit in provide NSA access to its servers. "We do not provide any government organization with direct access to Facebook servers," the company's Chief Security Officer Joe Sullivan said.

Facebook's founder Mark Zuckerberg also refuted the allegations published in the Guardian newspaper. "I want to respond personally to the outrageous press reports about PRISM," he wrote.

"Facebook is not and has never been part of any program to give the US or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn't even heard of PRISM before yesterday."

"When governments ask Facebook for data, we review each request carefully to make sure they always follow the correct processes and all applicable laws, and then only provide the information if it is required by law. We will continue fighting aggressively to keep your information safe and secure."

Microsoft also insisted it had not been a party to providing the NSA with access to its servers. "We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis," the company said in a statement. "In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don't participate in it."

Like many other Apple said they had not even heard of PRISM until last week's reports surfaced. "We have never heard of PRISM," they said, adding, "We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order." [Sky News / Guardian].

"Damage control"

Of course, the more cynically minded might think these companies are merely covering their back and are engaged in damage control. If it were proved without a shadow of doubt that Google, Facebook et al., were complicit in breaching the privacy of its users and providing the US government with user data, both their reputations and business might be severely affected.

Indeed some have already suggested that people seriously consider boycotting the use of such companies. Writing for Wired Professor Tim Wu of Columbia Law School suggested that consumers had a responsibility to leave social networks found to be collaborating secretly with intelligence services such as the US National Security Agency.

"Quit Facebook and use another search engine. It's simple." He added, "It's nice to keep in touch with your friends. But I think if you find out if it's true that these companies are involved in these surveillance programs you should just quit."

Few alternatives

Of course it's not quite as simple as Wu suggests. Many people have vast amounts of data stored on Internet company servers. Pulling off all of one's data stored on Google would not only be time consuming but users would also face a dilemma as to where to store this information, whether it be photographs or documents.

There may be alternatives to cloud storage, but those companies may too be implicated in the recent revelations. Yahoo, Microsoft and Google have all been named in the Guardian reports, thus there are few options open should users wish to move from one company to another.

There are companies around the world which offer similar Internet services, though the standards of quality and indeed privacy could be easily questioned. China's Baidu has its own Internet search engine, though it is heavily censored and it is highly likely that it is required to store IP addresses along with search data which in turn is handed over to Chinese authorities.

Even if the NSA are snooping, for most people the threat to their freedom is minimal. Incorrectly joining the dots could lead to false accusations, though most law abiding citizens are likely to remain untouched by anything found by US authorities' trawling of their data.

The same is not true of countries like China and Iran, where even a simple call for greater democracy can land one in jail, such as Liu Xiaobo who found himself incarcerated for 18 years.

Past complicity

It is not the first time Internet companies have been accused of working hand in hand with government. Yahoo were criticised for handing over user data to Chinese authorities.

Yahoo!, as well as other search engines, cooperated with the Chinese government in censoring search results. In April 2005, dissident Shi Tao was sentenced to 10 years in prison for "providing state secrets to foreign entities" as a result of being identified by IP address by Yahoo! The extent of Yahoo!'s foreknowledge of Shi's fate was disputed by the company's General Counsel and human rights organizations. Human rights groups also accuse Yahoo! of aiding authorities in the arrest of dissidents Li Zhi and Jiang Lijun.

In September 2003, dissident Wang Xiaoning was convicted of charges of "incitement to subvert state power" and was sentenced to ten years in prison. Yahoo! Hong Kong connected Wang's group to a specific Yahoo! e-mail address. Both Xiaoning's wife and the World Organization for Human Rights sued Yahoo! under human rights laws on behalf of Wang and Shi [Wikipedia]. 

Regards PRISM, Yahoo said, ""Yahoo! takes users' privacy very seriously. We do not provide the government with direct access to our servers, systems, or network." However, given their previous track record with other governments, one might question their integrity concerning such statements.

Minor concerns

But as said, even if the NSA is gathering data on everyone, sifting through such vast amounts of information makes any real threat to any one individual's privacy a minor concern.

Investigative journalist Russ Baker speaking on Russia Today dismissed claims that the NSA were not spying on Americans, as well as foreign nationals.

"Claims that the NSA is not spying on Americans are absurd because anybody could potentially commit a terrorist act. The reality is they're looking at all of us."

"They're trying to establish networks of communication but it's kind of ridiculous because you're looking for a needle in a haystack. You're looking at virtually the entire world trying to find just a handful of plots and, as we know, many of these plots turn out to be more complicated."

So what does all this mean for the average Internet user. In Britain, Foreign Secretary William Hague insisted that law-abiding citizens had nothing to worry about, and there was no legal way of "opting out" of monitoring activity carried out in the name of national or global security.

Campaign group Privacy International said the reported existence of Prism confirmed its "worst fears and suspicions".

"Since many of the world's leading technology companies are based in the US, essentially anyone who participates in our interconnected world and uses popular services like Google or Skype can have their privacy violated through the Prism programme," the group said on its website.

Edward Snowden, the source of the leaked documents, said he had acted over concerns about privacy. "I don't want to live in a society that does these sort of things… I do not want to live in a world where everything I do and say is recorded," he told the Guardian. Ironically he has effectively destroyed any chance of privacy for himself, now and in the future.


The timing of the leak, coming at the same moment that China's president Xi Jinping touched down in the US, was seen as somewhat suspicious by some.

"It is hard to believe that the timing of this disclosure, on the opening day of the Obama-Summit, is a coincidence," journalist Bill Bishop noted on his daily blog, asking, "Is someone leaking ahead of the summit with the goal of giving the Chinese more ammunition to claim US hypocrisy? If so, why are they doing it, and why through Glenn Greenwald and The Guardian?"

In fact coming at the same time as reports also emerged that Obama was drawing up a target list for cyberattacks, the leak was doubly suspicious [Guardian].

It is also interesting to note that Snowdon, who made the disclosure about PRISM, had taken refuge in Hong Kong, a Chinese protectorate, and from where extradition is virtually impossible.

The disclosure of PRISM invokes more questions than answers. How true is the report? Were, or are, the big Internet giants like Google Apple and Yahoo involved? Is is a false flag, or mere distraction from other issues? And is there something more sinister involved here, especially given the timing of events? After all the release of information this last week is a propaganda coup for China, given its continued accusation that the US are just as responsible for cyberattacks and cyberespionage as they themselves are accused!

tvnewswatch, Yunnan, China

No comments: