On Thursday, the Washington Post published classified documents from the NSA that outlined PRISM, a surveillance program authorized by federal judges to gain access to "servers of nine Internet companies for a wide range of digital data," including tech giants like Google and Microsoft.
Tech companies responded to the leak by denying knowledge of PRISM, and assured the public that "we provide user data to governments only in accordance with the law," as Google chair Larry Page said in a statement on Friday.
However, a recent report in the New York Times clarifies that tech companies are, indeed, aware of some surveillance program and have been negotiating over it with the government:
The companies that negotiated with the government include Google, which owns YouTube; Microsoft, which owns Hotmail and Skype; Yahoo; Facebook; AOL; Apple; and Paltalk, according to one of the people briefed on the discussions. The companies were legally required to share the data under the Foreign Intelligence Surveillance Act. People briefed on the discussions spoke on the condition of anonymity because they are prohibited by law from discussing the content of FISA requests or even acknowledging their existence.
In some cases, like Google and Facebook, discussions involved plans to create "separate, secure portals" for more convenient government access.
This cooperation, along with the public's knowledge of PRISM, appears to conflict with statements made by Google, Microsoft, Yahoo, Facebook, Apple, AOL and Paltalk, but the Times explains the discrepancy:
Each of the nine companies said it had no knowledge of a government program providing officials with access to its servers, and drew a bright line between giving the government wholesale access to its servers to collect user data and giving them specific data in response to individual court orders. Each said it did not provide the government with full, indiscriminate access to its servers.
The companies said they do, however, comply with individual court orders, including under FISA. The negotiations, and the technical systems for sharing data with the government, fit in that category because they involve access to data under individual FISA requests. And in some cases, the data is transmitted to the government electronically, using a company’s servers.
Another reason for the discrepancy, the Times notes, is that companies are not allowed to acknowledge FISA requests:
Twitter, Google and other companies have typically fought aggressively against requests they believe reach too far. Google, Microsoft and Twitter publish transparency reports detailing government requests for information, but these reports do not include FISA requests because they are not allowed to acknowledge them.