For several of the biggest U.S. technology and Web companies, sharing has been a buzzword for years. It turns out to be standard practice in dealing with requests from federal agents for access to massive amounts of user data, according to reports in the Washington Post and the Guardian published on Thursday evening, including e-mails, social-media updates, photos, video, and other personal information.
The latest revelations about the U.S. National Security Agency’s surveillance comes just on the heels of the Guardian report late Wednesday that Verizon has been routinely sharing call records with the nation’s largest intelligence agency. Now, according to presentation slides obtained by the two newspapers, it appears that Microsoft, Yahoo!, Google, Facebook, PalTalk (a smaller online-chat company) AOL, Skype, YouTube, and Apple have allowed the NSA to tap directly into their servers in order to harvest user data and monitor individuals over time. This data, gathered as part of a program called PRISM, accounts for nearly one in seven intelligence reports, according to the Post.
The earliest participating company, according the reports, was Microsoft, in 2007. Apple was the last join, in 2012. A few quick reactions:
• There’s little daylight on domestic surveillance between Obama and Bush. PRISM sounds a lot like the centralized database that the Bush administration pursued with programs such as its Total Information Awareness. Since Sept. 11, 2001, the U.S. government has adopted increasingly computer-centric methods of surveillance. There have been several public bumps in the road, but Washington has remained consistent in its pursuit of big-data programs—from airline passenger records. to a room in San Francisco (PDF) where AT&T’s data is sent directly to the N.S.A., to PRISM—regardless of which political party controls the White House. This fall, the NSA will open an enormous data center in Utah, nicknamed Bumblehive, to “turn the huge volume of incoming data into an asset to be exploited, for the good of the nation.” Despite staking out marginally opposite sides in the debate over civil liberties and terrorism, there seems to be little disagreement along party lines as to whether this is a course worth pursuing. That might make public debate over the issue an unusually—and perhaps even refreshingly—nonpartisan one.
• More is being shared than what was initially reported, and tech companies appear to be sharing far more than telecoms. Thursday’s reports describe a situation that goes far beyond the telecom industry, which has been suspected of piping call data to Washington for years. What is being shared is also vastly different. Verizon has been sharing so-called transactional data, which includes information about phone calls—but not what was actually being said. The PRISM program, by contrast, is described as including the content of personal communications, be they over e-mail, video chat, or search-engine query. This isn’t to say that transactional data turned over by a telecom such as Verizon isn’t powerful stuff: Some big data experts note that information gets more useful the more of it there is, while content just becomes overwhelming for analysts trying to make sense of it. But the PRISM revelation is likely to pack a much larger emotional punch for users who have closely interwoven their personal lives and identities within the products of these tech giants.
• Almost every big player appear equally implicated … On one hand, this potentially gives the lie to the technology companies’ insistence that they are as concerned about their customers’ privacy as customers are. But even if the American people get up in arms about this NSA program, there’s a good chance that the companies involved will avoid major damage to their places in the market: There’s no competitive disadvantage if the entire market is involved. Verizon’s stock, to take one example, rose on Thursday, even when it stood as the only company named in the Guardian‘s initial report. Maybe that isn’t terribly surprising, given the cynicism surrounding the telecoms, which have been implicated in government surveillance programs for a decade. It will be interesting to see how consumers react to companies to which they have much closer emotional connections.
• … except maybe Twitter? As the Washington Post notes, Twitter goes unnamed in the leaked slide that lists “current providers”—or private-sector tech companies—involved in PRISM. While the extent of Twitter’s role remains unclear, it would fit with the pattern of the social-media company’s past behavior if it had indeed decided not to work with federal officials. Early last year, for example, Twitter fought a subpoena from New York prosecutors seeking all the information associated with the Twitter account of Malcolm Harris, a protestor arrested during an Occupy Wall Street march on the Brooklyn Bridge. Twitter unsuccessfully argued that the account information belonged to the individual user, not the company, and it even took steps to inform Harris of the subpoena, in keeping with its terms of service guidelines at the time.
• For users, there’s no easy way out. One counter-argument to people raising privacy concerns about companies such as Facebook and Google is that no one is forcing you to use their products. If you don’t like how a company is treating your data, stop dealing with it. But the companies involved in this program are responsible for the lion’s share of technology services in the United States. For this one, there is no clear way to opt out.