8 de junho de 2013

Tech Companies Concede to Surveillance Program in the U.S.

The New York Times.8/6/2013


Connie Zhou/Google, via Associated Press
A Google data center in Council Bluffs, Iowa. Google says it scrutinizes each government request and notifies users if it is allowed.


SAN FRANCISCO — When government officials came to Silicon Valley to demand easier ways for the world’s largest Internet companies to turn over user data as part of a secret surveillance program, the companies bristled. In the end, though, many cooperated at least a bit.


Twitter declined to make it easier for the government. But other companies were more compliant, according to people briefed on the negotiations. They opened discussions with national security officials about developing technical methods to more efficiently and securely share the personal data of foreign users in response to lawful government requests. And in some cases, they changed their computer systems to do so.
The negotiations shed a light on how Internet companies, increasingly at the center of people’s personal lives, interact with the spy agencies that look to their vast trove of information — e-mails, videos, online chats, photos and search queries — for intelligence. They illustrate how intricately the government and tech companies work together, and the depth of their behind-the-scenes transactions.
The companies that negotiated with the government include Google, which owns YouTube; Microsoft, which owns Hotmail and Skype; Yahoo; FacebookAOLApple; and Paltalk, according to one of the people briefed on the discussions. The companies were legally required to share the data under the Foreign Intelligence Surveillance Act. People briefed on the discussions spoke on the condition of anonymity because they are prohibited by law from discussing the content of FISA requests or even acknowledging their existence.
In at least two cases, at Google and Facebook, one of the plans discussed was to build separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some instances on company servers. Through these online rooms, the government would request data, companies would deposit it and the government would retrieve it, people briefed on the discussions said.
The negotiations have continued in recent months, as Martin E. Dempsey, chairman of the Joint Chiefs of Staff, traveled to Silicon Valley to meet with executives including those at Facebook, Microsoft, Google and Intel. Though the official purpose of those meetings was to discuss the future of the Internet, the conversations also touched on how the companies would collaborate with the government in its intelligence-gathering efforts, said a person who attended.
While handing over data in response to a legitimate FISA request is a legal requirement, making it easier for the government to get the information is not, which is why Twitter could decline to do so.
Details on the discussions help explain the disparity between initial descriptions of the government program and the companies’ responses.
Each of the nine companies said it had no knowledge of a government program providing officials with access to its servers, and drew a bright line between giving the government wholesale access to its servers to collect user data and giving them specific data in response to individual court orders. Each said it did not provide the government with full, indiscriminate access to its servers.
The companies said they do, however, comply with individual court orders, including under FISA. The negotiations, and the technical systems for sharing data with the government, fit in that category because they involve access to data under individual FISA requests. And in some cases, the data is transmitted to the government electronically, using a company’s servers.
“The U.S. government does not have direct access or a ‘back door’ to the information stored in our data centers,” Google’s chief executive, Larry Page, and its chief legal officer, David Drummond, said in a statement on Friday. “We provide user data to governments only in accordance with the law.”
Statements from Microsoft, Yahoo, Facebook, Apple, AOL and Paltalk made the same distinction.
But instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key, people briefed on the negotiations said. Facebook, for instance, built such a system for requesting and sharing the information, they said.
The data shared in these ways, the people said, is shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers. Instead, they said, it is a more secure and efficient way to hand over the data.
Tech companies might have also denied knowledge of the full scope of cooperation with national security officials because employees whose job it is to comply with FISA requests are not allowed to discuss the details even with others at the company, and in some cases have national security clearance, according to both a former senior government official and a lawyer representing a technology company.
FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms, lawyers who work with the orders said. There were 1,856 such requests last year, an increase of 6 percent from the year before.
In one recent instance, the National Security Agency sent an agent to a tech company’s headquarters to monitor a suspect in a cyberattack, a lawyer representing the company said. The agent installed government-developed software on the company’s server and remained at the site for several weeks to download data to an agency laptop.
In other instances, the lawyer said, the agency seeks real-time transmission of data, which companies send digitally.
Twitter spokesmen did not respond to questions about the government requests, but said in general of the company’s philosophy toward information requests: Users “have a right to fight invalid government requests, and we stand with them in that fight.”
Twitter, Google and other companies have typically fought aggressivelyagainst requests they believe reach too far. GoogleMicrosoft andTwitter publish transparency reports detailing government requests for information, but these reports do not include FISA requests because they are not allowed to acknowledge them.
Yet since tech companies’ cooperation with the government was revealed Thursday, tech executives have been performing a familiar dance, expressing outrage at the extent of the government’s power to access personal data and calling for more transparency, while at the same time heaping praise upon the president as he visited Silicon Valley.
Even as the White House scrambled to defend its online surveillance, President Obama was mingling with donors at the Silicon Valley home of Mike McCue, Flipboard’s chief, eating dinner at the opulent home of Vinod Khosla, the venture capitalist, and cracking jokes about Mr. Khosla’s big, shaggy dogs.
On Friday, Mark Zuckerberg, Facebook’s chief executive, posted on Facebook a call for more government transparency. “It’s the only way to protect everyone’s civil liberties and create the safe and free society we all want over the long term,” he wrote.
Reporting was contributed by Nick Bilton, Vindu Goel, Nicole Perlroth and Somini Sengupta in San Francisco; Edward Wyatt in Washington; Brian X. Chen and Leslie Kaufman in New York; and Nick Wingfield in Seattle.

EDITORIAL

Congress Can Stop Privacy Abuse


Over the last three years, several measures were introduced in Congress that would have helped reduce or eliminate the abuses of communications surveillance revealed this week. Every one of them was voted down.


Most members of Congress, it turns out, had received the usual bland assurances from counterterrorism officials that the authority granted to the government under the Patriot Act and related laws were absolutely necessary to prevent an attack on the United States, and that domestic spying activities must remain top secret. Proposals to bring greater transparency to these activities, or to limit their scope, were vigorously opposed by the Obama administration. (The Justice Departmentargued in a court filing in April that there must be no public disclosure of the extent of domestic data collection.)
Except for a few leaders and members of the intelligence committees, most lawmakers did not know the government was collecting records on almost every phone call made in the United States or was able to collect anyone’s e-mail messages and Internet chats. And most important, since the public did not know about the extent of the surveillance, it was in no position to bring popular pressure against elected representatives.
But now we know. It may be that only a small portion of domestic intelligence gathering has come to light, but this week’s revelations provided a chilling glimpse of what President Obama’s National Security Agency has been up to. We now know what Senator Mark Udall of Colorado was talking about when he warned in 2011 that the “intelligence community can target individuals who have no connection to terrorist organizations.” He added, “They can collect business records on law-abiding Americans,” though he was prevented by legal constraints as a member of the Select Committee on Intelligence from explaining that meant records on every single call.
Now that this practice has been disclosed, it’s time for Congress to take action. The first step has to be ending the secrecy that makes it impossible for lawmakers or other officials to discuss, even in general terms, what the government is doing.
Last December, Senator Jeff Merkley of Oregon introduced a measurethat would require the secret Foreign Intelligence Surveillance Court to make public the summaries of its opinions on domestic spying activities. The measure did not pass, but afterward Senator Dianne Feinstein of California, the Intelligence Committee chairwoman, wrote a letter to the court with Mr. Merkley, Mr. Udall and Senator Ron Wyden of Oregon, asking it to provide such summaries. The presiding judge, Reggie Walton, wrote back, saying that summaries could result in confusion and reveal too much information. Congress should override this resistance and require the court to be more public about its decisions.
The second step is legislation to limit the collection of call records and the monitoring of Internet traffic to that of people suspected of terrorism, ending the mass warehousing of everyone’s data. Officialshave never demonstrated that mining all calls and messages really prevents terrorism, and the cost in lost privacy for all citizens is far too high. A bill proposed last year by Mr. Merkley and Mr. Wyden would ban the secret court from approving the collection of data unless it is clearly linked to terrorism. To preserve the nation’s civil liberties, the bill should be reintroduced and passed right awa
y

Nenhum comentário:

Postar um comentário