How complicit are tech companies in the National Security Agency's massive spying scheme? They certainly bear some responsibility, but the rules under which the surveillance is conducted make it unclear — perhaps deliberately — the extent to which companies have resisted or folded, and also limit the channels available to the more privacy-minded to put up a fight.
News reports make it clear that many companies not only cooperated with the NSA, but even modified their systems to allow government spooks easier access to data. Others are known to have been less willing to make life easy for snoops.
From the New York Times:
SAN FRANCISCO — When government officials came to Silicon Valley to demand easier ways for the world's largest Internet companies to turn over user data as part of a secret surveillance program, the companies bristled. In the end, though, many cooperated at least a bit.
Twitter declined to make it easier for the government. But other companies were more compliant, according to people briefed on the negotiations. They opened discussions with national security officials about developing technical methods to more efficiently and securely share the personal data of foreign users in response to lawful government requests. And in some cases, they changed their computer systems to do so. …
In at least two cases, at Google and Facebook, one of the plans discussed was to build separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some instances on company servers. Through these online rooms, the government would request data, companies would deposit it and the government would retrieve it, people briefed on the discussions said. …
While handing over data in response to a legitimate FISA request is a legal requirement, making it easier for the government to get the information is not, which is why Twitter could decline to do so.
Make no mistake, even the Twitters of the world are required to surrender information about their users when ordered to do so under the Foreign Intelligence Surveillance Act. And, they are forbidden to tell targeted users, civil liberties advocates or the public at large anything about such orders. Resistant companies can appeal, but only through the secretive process allowed them by the law. And we know that the Foreign Intelligence Surveillance Court approved all but one of the 1,856 surveillance requests it received in 2012. One was withdrawn. None were disapproved. So, even the most privacy-minded tech executives have limited options when it comes to protecting their cutomers' information.
U.S. Internet companies that want to resist government demands to hand over customer data for intelligence investigations have few legal options, due to the classified nature of such probes and a court review process shrouded in secrecy.
Google Inc, Facebook Inc and Microsoft Corp are among the big U.S. technology companies that were outed this week as key sources of data for the National Security Agency (NSA), under a surveillance program referred to inside the spy agency as Prism.
While the companies have uniformly denied knowledge of Prism and said they had not given the NSA direct access to their servers, U.S. officials have confirmed the existence of the program, which President Barack Obama defended as "a modest encroachment" on privacy that was necessary to protect national security. …
For electronic service providers, the law says the Foreign Intelligence Surveillance Court in Washington can authorize a company to provide "all information, facilities, or assistance necessary." In return for compliance, the company is compensated for its work and receives immunity from potential lawsuits.
Section 702 is a "broad tool to get the information they are looking for," said Matt Zimmerman, a lawyer at the Electronic Frontier Foundation, a San Francisco civil liberties group critical of the law.
As Reuters adds, companies may be appealing surveillance orders willy-nilly, but we have no way of knowing. Or, they may be folding wholesale.
Any company that objects to a judge's order can appeal to the entire Foreign Intelligence Surveillance Court, but there is no public data on whether they have ever done so. The law allows for further appeals to the Foreign Intelligence Surveillance Court of Review and ultimately the U.S. Supreme Court.
"It's possible there have been challenges, but if so they are still secret," said Alex Abdo, a lawyer with the American Civil Liberties Union, which unsuccessfully tried to overturn the 2008 law as unconstitutional.
So far, the best evidence of resistance is the refusal of Twitter to make surveillance easier for the government, and the publication of surveillance reports by companies including Google and Twitter which reaveal, up to the limits of the law, surveillance demands and at least hint at larger efforts as a warning to the public.
But, for all of the efforts at privacy by some companies and support for increased transparency by some executives, keep in mind that much of the tech industry is happy to pal around with the politicians who administer the security state. As the New York Times pointed out:
Yet since tech companies' cooperation with the government was revealed Thursday, tech executives have been performing a familiar dance, expressing outrage at the extent of the government's power to access personal data and calling for more transparency, while at the same time heaping praise upon the president as he visited Silicon Valley.
Even as the White House scrambled to defend its online surveillance, President Obama was mingling with donors at the Silicon Valley home of Mike McCue, Flipboard's chief, eating dinner at the opulent home of Vinod Khosla, the venture capitalist, and cracking jokes about Mr. Khosla's big, shaggy dogs.
Some of the complaints about government pressure from business executives are, no doubt, sincere. But take them all with a grain of salt.
Follow this story and more at Reason 24/7.
Spice up your blog or Website with Reason 24/7 news and Reason articles. You can get the widgets here. If you have a story that would be of interest to Reason's readers please let us know by emailing the 24/7 crew at firstname.lastname@example.org, or tweet us stories at @reason247.