The New York Times' Clair Cain Miller has the best report yet, which reconciles the initial reports about PRISM (a way for the government to monitor internet traffic) and the tech company claims that the government has no "direct access" to their servers.
To recap real quickly, on Thursday evening, both the Washington Post and The Guardian reported on the existence of PRISM, an NSA program that allowed the government to peer directly into the servers of 9 big tech companies (Facebook, Google, Yahoo, Apple et. al) and collect information. Every single company denied awareness of such a plan or that such direct access exists. They all did say, however, that they respond to various legal requests for data.
According to Miller, the government does not have direct access, but through negotiations, companies have agreed to set up more efficient systems for sharing data with the government.
Here's the key bit:
...instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key, people briefed on the negotiations said. Facebook, for instance, built such a system for requesting and sharing the information, they said.
The data shared in these ways, the people said, is shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers. Instead, they said, it is a more secure and efficient way to hand over the data.
An interesting sidenote is that Twitter has not agreed to to make it easier to share data with the government, implying a level of voluntariness about the program.
At first blush, the idea of tech companies building dedicated infrastructure for sharing data with the government does not look great. But in their defense, given the legal requirement to share digital data all the time, a digital dropbox specifically for that purpose does make sense. Furthermore, the implications of such a dropbox, where data is shares aver company lawyers review FISA requests, is different than en masse, unfettered peering into company servers.
Read the whole story here --->