Guardian: PRISM "collection directly from the servers"

Well, golly, this might be just a tad inconvenient for the establishment spin on PRISM, if true.  After the Washington Post and then the Guardian exposed the NSA’s Internet snooping program, a few of the named Internet companies denied giving the NSA any access to their servers.  Instead, they told the New York Times that they provided blocks of information pursuant to FISA court orders and placed them in virtual dropboxes for the agency to access.  That would, as Red Alert Politics notes, make the program legal and narrower than originally thought, although still a worrisome development for privacy.

However, now the Guardian says that this is just spin, because new slides from the internal PRISM presentation claim to have direct access to the servers after all.  Oh, and PRISM and BLARNEY weren’t the only NSA programs involved, either:

Some articles have claimed that Prism is not a tool used for the collection of information from US companies, but is instead an internal tool used to analyse such information.

Others have speculated – in the light of denials from technology companies about granting “direct access” to servers – that Prism operates through interception of communication cables.

Both of these theories appear to be contradicted by internal NSA documents.

In the interests of aiding the debate over how Prism works, the Guardian is publishing an additional slide from the 41-slide presentation which details Prism and its operation. We have redacted some program names.

The slide, below, details different methods of data collection under the FISA Amendment Act of 2008 (which was renewed in December 2012). It clearly distinguishes Prism, which involves data collection from servers, as distinct from four different programs involving data collection from “fiber cables and infrastructure as data flows past”.

Here’s the slide:



It is at least possible to square the two accounts.  The language in this slide could refer to the collection of the data directly from the virtual dropboxes on the company servers NSA accesses. Note that the two methods highlighted here are three programs dealing with “upstream” collection through taps on cables and other “infrastructure,” and the other being PRISM for direct collection.  There isn’t a mention of dropboxes, so it’s possible that “Collection directly” refers to the dropboxes.

However, this slide presents another issue.  The explanation last night and this morning was that the Internet companies only provided data to NSA covered under FISA court warrants, and that supposedly guarded against the collection and spying on domestic content.  However, if the NSA has not one but three four different programs doing “upstream” collection from taps on cables and other “infrastructure,” then how can they avoid collecting content created by US citizens intended for domestic use?

Maybe that’s why the NSA “at times” ended up collecting what they claimed they didn’t:

The National Security Agency has at times mistakenly intercepted the private email messages and phone calls of Americans who had no link to terrorism, requiring Justice Department officials to report the errors to a secret national security court and destroy the data, according to two former U.S. intelligence officials.

At least some of the phone calls and emails were pulled from among the hundreds of millions stored by telecommunications companies as part of an NSA surveillance program. James Clapper, the director of national intelligence, Thursday night publicly acknowledged what he called “a sensitive intelligence collection program” after its existence was disclosed by the Guardian newspaper.

Ret. Adm. Dennis Blair, who served as President Obama’s DNI in 2009 and 2010, told NBC News that, in one instance in 2009, analysts entered a phone number into agency computers and “put one digit wrong,” and mined a large volume of information about Americans with no connection to terror. The matter was reported to the Foreign Intelligence Surveillance Court, whose judges required that all the data be destroyed, he said.

Another former senior official, who asked not to be identified, confirmed Blair’s recollection and said the incident created serious problems for the Justice Department, which represents the NSA before the federal judges on the secret court.

The judges “were really upset about this,” said the former official. As a result, Attorney General Eric Holder pledged to the judges that the intelligence agencies would take steps to correct the problem as a condition of renewing the NSA’s surveillance program.

How did the NSA collect “phone calls”? Supposedly, they weren’t tapping phone lines en masse but just going after the metadata.  Perhaps those came from Skype, one of the companies cooperating with the NSA?

Glenn Greenwald doesn’t seem to think that the “collection directly” note refers to dropboxes, either:

Perhaps we’ll get more clarification on this from the NSA and the Obama administration, but it had better improve on “trust us.”

Update: There are four “upstream” collection programs, not three, two of which have code names still unknown.  Fixed the reference above.