Over the past few days, PRISM, a government surveillance program, has become a hot button issue within the tech community. After National Security Agency whistleblower Edward Snowden executed “one of the largest leaks in US political history,” major tech industry players including Facebook, Google, Apple, Yahoo!, and Microsoft were accused of giving the federal government “back door” access to user data. Here’s what we know so far:

What is PRISM?

According to The Washington Post, PRISM is “a top-secret government data surveillance program.” James R. Clapper, Director of National Intelligence, went on to explain it as “an internal government computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers under court supervision.” The program allows the government to access documents, emails, photos, and more leveraging Section 702, Title VII of the Foreign Intelligence Surveillance Act, or FISA. According to internal bylines, PRISM persons of interest must be non-citizens of the United States and “reasonably believed” to currently be outside of the country.

How does PRISM work?

PRISM makes the process of extracting companies’ data easier for federal agents. These companies have “already been compelled by a secret court” to turn over said data, says Mashable; so at the most basic level, they’re simply complying with the law. Any requested information pulled for the PRISM program must be pre-approved by the federal government, similar to a wiretapping setup. “The United States Government does not unilaterally obtain information from the servers of U.S. electronic communication service providers,” explains Clapper. “All such information is obtained with FISA Court approval and with the knowledge of the provider based upon a written directive from the Attorney General and the Director of National Intelligence.” Guidelines of the program legally prevent the government from intentionally collecting citizen or resident data – however, if a target happens to be involved in conversations with a United States citizen, their data would then be included in any information request.

So, what’s the big deal?

As previously explained, all of these tech companies are mandated to turn their data over – that’s a fact. However, corporations involved in this situation, including Facebook and Google, have been accused of “build(ing) separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some instances on company servers,” reports The New York Times. In short, some tech giants were thought to be giving special access to their internal data servers. However, The Washington Post reports that “companies have publicly denied any knowledge of PRISM or any system that allows the government to directly query their central servers.”

Although a classified PRISM document uncovered by The Washington Post stated officials have been pulling data “directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple,” this may simply be due to a lack of tech-savvy jargon on the government’s part. The Post also obtained another classified document, which they feel is “more precise,” explaining PRISM permits “collection managers [to send] content tasking instructions directly to equipment installed at company controlled locations,” not actual servers. “The companies cannot see the queries that are sent from the NSA,” the Post reports. The New York Times elaborates: “Instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key.”

Additionally, as companies claim unawareness, they may indeed be telling the truth. The New York Times says that given the highly secretive nature of PRISM and other NSA initiatives, just a small handful of employees would even be aware of its existence, let alone authorized to talk about it.

Details of PRISM – and tech companies’ involvement – are shaky at best, and public perception depends largely on initial trust in the powers that be. Does the government truly sift through data with a fine-toothed comb to ensure minimal citizen information is reviewed? Do Facebook, Google, and the others really have no knowledge of PRISM and its involvement with their data? Which classified PRISM documents accurately describe the program – the more extreme, or the more benign? Tell us what you think.

Sources

Cain Miller, Claire. “Tech Companies Concede to Surveillance Program.” nytimes.com. N.p., 7 June 2013. Web. 10 June 2013.

Fitzpatrick, Alex. “PRISM Not as Evil as Once Thought.” mashable.com. N.p., 9 June 2013. Web. 10 June 2013.

Franceschi-Bicchierai, Lorenzo. “PRISM: Does the NSA Really Get Direct Access to Your Data? .” mashable.com. N.p., 8 June 2013. Web. 10 June 2013.

O’Harrow, Robert Jr., Ellen Nakashima, and Barton Gellman. “U.S., company officials: Internet surveillance does not indiscriminately mine data.” washingtonpost.com. N.p., 8 June 2013. Web. 10 June 2013.