The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The US, as far as I know, doesn't have a specialist Federal privacy regulator; it's handled by the Federal Trade Comission. I suspect this is part of the problem. You don't even have the guys with their feet on the desks. That would be an improvement.

What I meant was, tomorrow morning, every privacy regulator in the world is going to get calls from reporters. They'll ask, 'Is our government doing this?'. We'll say,'No, of course not'. And they'll say, 'Well, how would you know? There could be secret laws!'.

None of us will have a response. I mean, secret court orders. Secret laws. What the goddamn hell.

Apple and Google have issued carefully worded denials.

I suspect the value of the denials may depend on what constitutes ¡°direct access¡± to servers or a ¡°back door¡±. Or they may be straight-out lies.

We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don¡¯t participate in it.

We have never heard of PRISM. We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order.

We¡¯ve seen reports that Dropbox might be asked to participate in a government program called PRISM. We are not part of any such program and remain committed to protecting our users¡¯ privacy.

There has been ¡°continued exponential growth in tasking to Facebook and Skype,¡± according to the PRISM slides. With a few clicks and an affirmation that the subject is believed to be engaged in terrorism, espionage or nuclear proliferation, an analyst obtains full access to Facebook¡¯s ¡°extensive search and surveillance capabilities against the variety of online social networking services.¡±

Firsthand experience with these systems, and horror at their capabilities, is what drove a career intelligence officer to provide PowerPoint slides about PRISM and supporting materials to The Washington Post in order to expose what he believes to be a gross intrusion on privacy. ¡°They quite literally can watch your ideas form as you type,¡± the officer said.

Call me naive, but I really believed in Obama in the beginning.

In a statement issue late Thursday, Director of National Intelligence James R. Clapper said ¡°information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats. The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.¡±

So either 1) the corporations are flat out and blatantly lying, en masse, to save face, 2) the corporations are flat out lying because they are required to by the government's interpretation of the law, or 3) the slides describing PRISM are inaccurate. -- Llama-Lime

Also, given how Bradley Manning is being treated, I'm amazed anyone with knowledge of the PRISM program would ever blow the whistle on it. How long until we get someone's name trotted out and imprisoned for this? -- mathowie

<sub>...SSL is only designed to protect you from a man in the middle, not the man in the White House. Once the data is on the servers, it's wide open.

Kim Dotcom may be at times hilarious, but his notion of browser-based encryption has some merit to it; it can only be decrypted by you and other individuals you share the keys with. Except, you know, that using his site is another frigging flag. "Oh you are encrypting stuff!"

Maybe I misunderstand your point, but unless the site has a lot of legitimate uses and a lot of average joe users and ALSO has some way of transiting content that looks just like legitimate use through hub-side traffic inspection AND is also not corruptible by executive and/or court order then it's not much of an answer. Basically it would have to be a Google-type thing that everyone uses legitimately but also has some other functions that are all but imperceptible to those who don't know about them.</sub> -- seanmpuckett

What judges rule is pretty meaningless, since they don't have any oversight, and in rare cases when they do, are too gutless to assert it, and now that the fourth amendment has been successfully interpreted out of all relevance, it all goes double. But should you somehow be allowed to know you're being investigated, and then should you somehow also be allowed to know the reason why you're being investigated, then it would at least be prudent of them to make up a reason which indicated there was something other than personal cryptography.

Indeed, altought I am not condoning any warantless wiretapping, I don't think any government has the slightest interest into illegally obtaining ANY information about most of you,

delmoi: "What you're saying about any encrypted traffic being a giant 'red flag' is ridiculous. There are a huge number of people connecting to systems that very few other people connect to using either SSH or https. If the NSA were trying to use making an encrypted connection as a red flag, they would basically have 'red-flagged' every single IT person. "

Jane is at 16th & L Street for an hour.
Carla is at 16th & L Street for four hours. She's had a short visit
previously.
James is at 16th & L Street for twenty minutes. He comes back at the
same time every week.
Kris is at 16th & L Street for ten hours.
Rick is at 16th & L Street for eight hours every night.
Samantha has been there for three days and four hours.

16th & L Street is the address of a Planned Parenthood in Washington, DC.

acb: "Why metadata matters:
Jane is at 16th & L Street for an hour. [...]"

Dan Sinker: Wait, so Palantir, gov contractor and company named after the seeing stones of LOTR, has software called Prism? http://t.co/fajYGgI9M7

(Anonymous source notes that Palantir's offering of a product called Prism might add a layer of plausible deniability to back up the provider denials)

While I agree with the sentiment, that's not "metadata". It's just data.

...or the (GPS / cell tower / local network) derived location info that your mobile provider is logging about you at high resolution all day long.

The Washington Post published an investigative report uncovering the government-run PRISM program, which allegedly monitored US citizen¡¯s Internet activity illegally, but now the paper is stepping away from its initial claim that nine tech firms knowingly provided data to the government.

So we're back to sousveillance, really. They're going to watch us. We have to watch them back.

Dear Google users¡ª

You may be aware of press reports alleging that Internet companies have joined a secret U.S. government program called PRISM to give the National Security Agency direct access to our servers. As Google¡¯s CEO and Chief Legal Officer, we wanted you to have the facts.

First, we have not joined any program that would give the U.S. government¡ªor any other government¡ªdirect access to our servers. Indeed, the U.S. government does not have direct access or a ¡°back door¡± to the information stored in our data centers. We had not heard of a program called PRISM until yesterday.

Second, we provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don¡¯t follow the correct process. Press reports that suggest that Google is providing open-ended access to our users¡¯ data are false, period. Until this week¡¯s reports, we had never heard of the broad type of order that Verizon received¡ªan order that appears to have required them to hand over millions of users¡¯ call records. We were very surprised to learn that such broad orders exist. Any suggestion that Google is disclosing information about our users¡¯ Internet activity on such a scale is completely false.

Finally, this episode confirms what we have long believed¡ªthere needs to be a more transparent approach. Google has worked hard, within the confines of the current laws, to be open about the data requests we receive. We post this information on our Transparency Report whenever possible. We were the first company to do this. And, of course, we understand that the U.S. and other governments need to take action to protect their citizens¡¯ safety¡ªincluding sometimes by using surveillance. But the level of secrecy around the current legal procedures undermines the freedoms we all cherish.

Posted by Larry Page, CEO and David Drummond, Chief Legal Officer

The program, called PRISM, was established in 2007, according to The Washington Post, which broke the story Thursday evening. CBS News senior correspondent John Miller said it doesn¡¯t deal with names but was designed as a way for the government to track suspected terrorists. It culls metadata from Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple and will soon include Dropbox.

Miller said one of the terror cases solved by using this cellphone data led investigators right to Colorado and to former Aurora resident Najibullah Zazi.

¡°You know the plot they¡¯re talking about Scott is the Najibullah Zazi plot to place 16 backpacks in the subways of New York City filled with explosives a few years back. That was a long dormant email account that was used by a terrorist affiliate al-Qaida overseas that suddenly they found communicating with an IP address that resolved to Denver. That set off alarms. They still didn¡¯t have the name, but they forwarded that to the FBI that did the investigation and said ¡®This is who this is.¡¯ They started the surveillance and they followed him right to New York City and the plot.¡±

Until this week¡¯s reports, we had never heard of the broad type of order that Verizon received¡ªan order that appears to have required them to hand over millions of users¡¯ call records. We were very surprised to learn that such broad orders exist. Any suggestion that Google is disclosing information about our users¡¯ Internet activity on such a scale is completely false.

"It's creepy that the first email from the White House after the Verizon news broke is about 'bringing America's students into digital age.'"

It's a bit confusing, because if it's being done without their knowledge, 1) why did each company show up at a different time, and 2) why not Twitter?

All he said was that Google still makes governments come and ask them for the information and that they comply with the law. And, of course, that's precisely what they're being accused of: Handing over information when the US government comes and asks them and the request is legal (because a secret court declared it secretly legal). He didn't even bother to deny anything. -- IAmUnaware

Until this week¡¯s reports, we had never heard of the broad type of order that Verizon received¡ªan order that appears to have required them to hand over millions of users¡¯ call records. We were very surprised to learn that such broad orders exist. Any suggestion that Google is disclosing information about our users¡¯ Internet activity on such a scale is completely false.

The companies I'd be really curious to see 'links' to the NSA would be things like McAfee and Network Solutions, or any of the other SSL cert providers. Because, you know, part of accessing those SSL and TLS sessions would mean cracking SSL. But if the government is doing it, it's not illegal, is it? Though realistically, they probably just have the keys to those certs anyway, so even if you are using a "secure" session, it won't matter, since they have the certs themselves. They don't even have to be man-in-the-middle for that, either, if they've logged all the packets. They can reconstruct it from the recorded session and simply open the packet contents as if they were the originating server. Yadda yadda.

¡°The source believes that exposure is inevitable and was prepared to face that consequence,¡± Gellman said in this Post in-house video interview. ¡°The source does not believe that it is possible to stay masked together, and I don¡¯t even think wants to stay masked forever.¡±

One of them saying 'direct access' is an odd word choice. Two is a heck of a co-incidence. But all four?

From +David Drummond, Chief Legal Officer: We cannot say this more clearly¡ªthe government does not have access to Google servers¡ªnot directly, or via a back door, or a so-called drop box. Nor have we received blanket orders of the kind being discussed in the media. It is quite wrong to insinuate otherwise. We provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don¡¯t follow the correct process. And we have taken the lead in being as transparent as possible about government requests for user information.

SAN FRANCISCO ¡ª When government officials came to Silicon Valley to demand easier ways for the world¡¯s largest Internet companies to turn over user data as part of a secret surveillance program, the companies bristled. In the end, though, many cooperated at least a bit.

Twitter declined to make it easier for the government.

...

The companies that negotiated with the government include Google, which owns YouTube; Microsoft, which owns Hotmail and Skype; Yahoo; Facebook; AOL; Apple; and Paltalk, according to one of the people briefed on the discussions. The companies were legally required to share the data under the Foreign Intelligence Surveillance Act.

Imagine if it had come out in the 1980s that Japanese intelligence agencies were tracking the location of ever Toyota and Honda vehicle, and then the big response from the Japanese government was to reassure people that Japanese citizens weren't being spied upon this way. There would have been¡ªlegitimately¡ªmassive political pressure to get Japanese cars out of foreign markets.

Yeah, Google's statements are about as unambiguous as you can get. If this is happening it is without Google's knowledge or cooperation. That doesn't mean it isn't happening but it does mean they're either blatantly lying or that it isn't their fault in any way.

Boundless Informant: the NSA's secret tool to track global surveillance data

David Simon, the former reporter behind the television drama ¡°The Wire,¡± which President Obama calls ¡°one of the greatest shows of all time,¡± came to the defense of his embattled fan on Friday, suggesting in a long post on his blog that ¡°the national eruption over the rather inevitable and understandable collection of all raw data involving telephonic and Internet traffic by Americans¡± was misguided.

The Guardian, after several days of interviews, is revealing his identity at his request. From the moment he decided to disclose numerous top-secret documents to the public, he was determined not to opt for the protection of anonymity. "I have no intention of hiding who I am because I know I have done nothing wrong," he said.

But the kind of listening involved in PRISM surveillance--and in neoliberal modes of audition and subjectivity more generally--isn¡¯t about content, and it isn¡¯t about interpretation. It¡¯s not about form or structure either. The point is that form/content or medium/message distinctions are no longer relevant. This sort of listening isn¡¯t about form or content; rather, it¡¯s the economy, stupid-- ¡°economy¡± in the sense of a practice of moderation, of minding the oikos, keeping everything in the black. As Glenn Greenwald put it in his Guardian article, this sort of listening focuses on ¡°transactional information rather than communications¡± (emphasis mine). The economy is not an objective property (like form or content)--it¡¯s a process, a practice, in which the form and the content are emergent properties. We don¡¯t interpret these processes, we (at)tune them. Listening is attunement.

The CIA and our intelligence community partners must be able to swim in the ocean of 'Big Data.' Indeed, we must be world class swimmers -- the best, in fact," the CIA director continued

When politicians and spokespeople choose their words with exquisite care, then it¡¯s time to examine them with extra care. Let¡¯s talk a little bit about the realities of how one might monitor a data center, shall we?

In an exclusive interview carried out from a secret location in the city, the former Central Intelligence Agency analyst also made explosive claims that the US government had been hacking into computers in Hong Kong and on the mainland for years.

At Snowden¡¯s request we cannot divulge details about how the interview was conducted.

A week since revelations that the US has been secretly collecting phone and online data of its citizens, he said he will stay in the city ¡°until I am asked to leave¡±, adding: ¡°I have had many opportunities to flee HK, but I would rather stay and fight the US government in the courts, because I have faith in HK¡¯s rule of law.¡±

JHarris: "Do people really send rasterized images when communicating on the internet? That aren't LOLCats?"