How surveillance programme PRISM works and how Twitter denies it

Twitter logo blue on grey

twitter logo blue

What would you think if all the data you produce online (and specifically on social networks) was just a click of a button away from the government’s eyes, should they wish to see it?

This is, and isn’t, PRISM — the electronic surveillance program run by the United States National Security Agency (NSA) — that, according to former NSA contractor Edward Snowden, monitors “live communications and stored information.”

It is because the US government, through PRISM, can request from the largest tech companies in the world: Google, Facebook, Microsoft, Twitter, Yahoo, AOL, and Apple access to emails, videos, photos, voice chats, login notifications et al under an approved FISA Court warrant.

It isn’t, because the access is not what many think it is, and not what certain reports have stated it might be: real-time access to what many regard as sensitive information. How PRISM actually works was detailed by the New York Times in a recent report. The newspaper clarified:

…instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key, people briefed on the negotiations said. Facebook, for instance, built such a system for requesting and sharing the information, they said.

The data shared in these ways, the people said, is shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers. Instead, they said, it is a more secure and efficient way to hand over the data.

What this means is that the NSA isn’t getting direct access to all of a company’s servers, but rather sending a request, and getting the company to set up a dedicated server that it can monitor and extract information from.

Most companies have complied with the programme, including Google and Microsoft, but not Twitter. The social media platform has refused to set up a dedicated server or system that the government can peruse as its leisure. This is not to say that Twitter does not hand over data to the government, but it’s certainly not going to make it easy for the NSA.

The exposure on PRISM has revealed the nature of the government’s relationship with Internet companies, and the precarious edge upon which privacy and data rests. Perhaps the most worrying aspect is the kind of information the FISA Court approves:

FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms, lawyers who work with the orders said. There were 1,856 such requests last year, an increase of 6 percent from the year before.

This screams for more transparency from both the government and internet companies alike, but also highlights the bold move from Twitter who clearly sees itself as having a responsibility to protect user’s information. Hopefully other companies will be inspired to follow suit.

More

News

Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Memeburn

Sign up to our newsletter to get the latest in digital insights.