Business Standard

Tech titans shared online data with US officials

Firms deposited data in online vaults that govt had access to

Image

Claire Cain Miller San Francisco
When government officials came to Silicon Valley to demand easier ways for the world's largest internet companies to turn over user data as part of a secret surveillance programme, the companies bristled. In the end, though, many co-operated at least a bit.

Twitter declined to make it easier for the government. But other companies were more compliant, according to people briefed on the negotiations. They opened discussions with national security officials about developing technical methods to more efficiently and securely share the personal data of foreign users in response to lawful government requests. In some cases, they changed computer systems to do so.

The companies were essentially asked to erect a locked mailbox and give the government the key, people briefed on the negotiations said. Facebook, for instance, built such a system for requesting and sharing the information, they said. The data shared in these ways, the people said, is shared after company lawyers have reviewed the Foreign Intelligence Surveillance Act (FISA) request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers.

The companies that negotiated with the government include Google, which owns YouTube; Microsoft, which owns Hotmail and Skype; Yahoo; Facebook; AOL; Apple; and Paltalk, according to one of the people briefed on the discussions.

The companies were legally required to share the data under FISA.

While handing over data in response to a legitimate FISA request is a legal requirement, making it easier for the government to get the information is not.Details on the discussions help explain the disparity between initial descriptions of the government programme and the companies' responses.

Each of the nine companies drew a bright line between giving the government wholesale access to its servers to collect user data and giving them specific data in response to individual court orders. Each said it did not provide the government with full, indiscriminate access to its servers. The companies said they do, however, comply with individual court orders, including under FISA.

"The US government does not have direct access or a 'back door' to the information stored in our data centres," Google's chief executive, Larry Page, and its chief legal officer, David Drummond, said in a statement on Friday. "We provide user data to governments only in accordance with the law."

Statements from Microsoft, Yahoo, Facebook, Apple, AOL and Paltalk made the same distinction.

The negotiations, and the technical systems for sharing data with the government, fit in that category because they involve access to data under individual FISA requests. And in some cases, the data is transmitted to the government electronically, using a company's servers.

"The US government does not have direct access or a 'back door' to the information stored in our data centres," Google's chief executive, Larry Page, and its chief legal officer, David Drummond, said in a statement on Friday. "We provide user data to governments only in accordance with the law."

But instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key, people briefed on the negotiations said. Facebook, for instance, built such a system for requesting and sharing the information, they said.

The data shared in these ways, the people said, is shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers. Instead, they said, it is a more secure and efficient way to hand over the data.

Tech companies might have also denied knowledge of the full scope of cooperation with national security officials because employees whose job it is to comply with FISA requests are not allowed to discuss the details even with others at the company, and in some cases have national security clearance, according to both a former senior government official and a lawyer representing a technology company.

FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms, lawyers who work with the orders said. There were 1,856 such requests last year, an increase of 6 percent from the year before.

In one recent instance, the National Security Agency sent an agent to a tech company's headquarters to monitor a suspect in a cyberattack, a lawyer representing the company said. The agent installed government-developed software on the company's server and remained at the site for several weeks to download data to an agency laptop.

In other instances, the lawyer said, the agency seeks real-time transmission of data, which companies send digitally.

Twitter spokesmen did not respond to questions about the government requests, but said in general of the company's philosophy toward information requests: Users "have a right to fight invalid government requests, and we stand with them in that fight."

Twitter, Google and other companies have typically fought aggressively against requests they believe reach too far. Google, Microsoft and Twitter publish transparency reports detailing government requests for information, but these reports do not include FISA requests because they are not allowed to acknowledge them.

Yet since tech companies' cooperation with the government was revealed on Thursday, tech executives have been performing a familiar dance, expressing outrage at the extent of the government's power to access personal data and calling for more transparency, while at the same time heaping praise upon the president as he visited Silicon Valley.

Even as the White House scrambled to defend its online surveillance, President Obama was mingling with donors at the Silicon Valley home of Mike McCue, Flipboard's chief, eating dinner at the opulent home of Vinod Khosla, the venture capitalist, and cracking jokes about Mr. Khosla's big, shaggy dogs.

On Friday, Mark Zuckerberg, Facebook's chief executive, posted on Facebook a call for more government transparency. "It's the only way to protect everyone's civil liberties and create the safe and free society we all want over the long term," he wrote.

©2013 The New York Times News Service
 



UNCLE SAM’S WATCH
History of mass surveillance in the US
  • 1919 The State Department approves the creation of the Cipher Bureau, also known as the Black Chamber, a precursor to the modern-day National Security Agency
  • 1952 President Harry Truman secretly issues a directive to create the National Security Agency
  • 1972 A case establishes the precedent that warrants are needed to authorise electronic spying
  • 1978 After the Watergate scandal, Foreign Intelligence Surveillance Court set up to consider requests for secret warrants for domestic spying
  • 2001 After September 11 attacks, PATRIOT Act passed, a sweeping law designed to bolster counterterrorism efforts that expands domestic surveillance capabilities
  • 2005-06 The New York Times, USA Today reports on warrantless tapping and telecom companies secretly helping government collect phone records
  • 2007 Congress lowers warrant requirements for evesdropping
  • 2008 Bush gives telecommunication companies immunity if they co-operate with NSA wiretapping
  • 2012 Procedures of surveillance programme found "unreasonable under the Fourth Amendment" at least once
  • 2013 US President Barack Obama defends surveillance programmes following media reports that federal authorities gained access to personal emails

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Jun 08 2013 | 11:01 PM IST

Explore News