Quote: He said reports about Prism contained "numerous inaccuracies". While admitting the government collected communications from internet firms, he said the policy only targets "non-US persons".

Quote:7 June 2013 Last updated at 03:49 ET

Share this page

• Email
  
• Print
  

1K

• Share
  
• Facebook
  
• Twitter
  
• [/url]
  

[url=http://www.bbc.co.uk/news/world-us-canada-22809541]US spy chief Clapper defends Prism and phone surveillance

COMMENTS
Mr Clapper said there were "numerous inaccuracies" in the report on internet servers being tapped
Continue reading the main story

Related Stories

• What can you learn from people's phone records?
  
• Why for the NSA every call matters
  
• US confirms phone records collection
  

US spy chief James Clapper has strongly defended government surveillance programmes after revelations of phone records being collected and internet servers being tapped.
He said disclosure of a secret court document on phone record collection threatened "irreversible harm".
Revelations of an alleged programme to tap into servers of nine internet firms were "reprehensible", he said.
Internet firms deny giving government agents access to their servers.
The director of US national intelligence issued a strong-worded statement late on Thursday, after the UK's Guardian newspaper said a secret court order had required phone company Verizon to hand over its records to the National Security Agency (NSA) on an "ongoing daily basis".
That report was followed by revelations in both the Washington Postand Guardian that US agencies tapped directly into the servers of nine internet firms to track people in a programme known as Prism.
Continue reading the main story

What the NSA found out

• The numbers of both people on the phone call
  
• How long the call lasts
  
• The time that the call is placed
  

• What can you learn from people's phone records?
  

The reports about Prism will raise fresh questions about how far the US government should encroach on citizens' privacy in the interests of national security.
The NSA confirmed that it had been secretly collecting millions of phone records. But Mr Clapper said the "unauthorized disclosure... threatens potentially long-lasting and irreversible harm to our ability to identify and respond to the many threats facing our nation".
The article omitted "key information" about the use of the records "to prevent terrorist attacks and the numerous safeguards that protect privacy and civil liberties".
He said reports about Prism contained "numerous inaccuracies". While admitting the government collected communications from internet firms, he said the policy only targets "non-US persons".
'Variety of threats'Prism was reportedly developed in 2007 out of a programme of domestic surveillance without warrants that was set up by President George W Bush after the 9/11 attacks.
Continue reading the main story

"Start Quote

If the government has a broader voluntary national security program to gather customer data we don't participate in it"

Microsoft statement
Prism reportedly does not collect user data, but is able to pull out material that matches a set of search terms.
Mr Clapper said the communications-collection programme was "designed to facilitate the acquisition of foreign intelligence information concerning non-US persons located outside the United States".
"It cannot be used to intentionally target any US citizen, any other US person, or anyone located within the United States," he added.
Mr Clapper said the programme, under Section 702 of the Foreign Intelligence Surveillance Act, was recently reauthorised by Congress after hearings and debate.
"Information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats," he added.
Continue reading the main story

I may have been wiretapped

In 2006 I was a plaintiff in an American Civil Liberties Union lawsuit against the government over a domestic spying programme. Other plaintiffs include the late Christopher Hitchens, and James Bamford, the author of a book, The Shadow Factory, about the NSA.
The lawsuit stated that NSA officials may have eavesdropped on us illegally - and that the warrantless wiretapping programme should come to a halt. In 2007 an appeals court said that we could not prove that our calls had been monitored. As a result it did not have standing. The suit was dismissed.
-Tara McKelvey

• Read more
  

But while US citizens were not intended to be the targets of surveillance, the Washington Post says large quantities of content from Americans are nevertheless screened in order to track or learn more about the target.
The data gathered through Prism has grown to become a major contributor to the president's daily briefing and accounts for almost one in seven intelligence reports, it adds.
The Washington Post named the nine companies participating in the programme as Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple.
Microsoft said in a statement to the BBC that it only turned over customer data when given a legally binding order, and only complied with orders for specific accounts.
"If the government has a broader voluntary national security program to gather customer data we don't participate in it," Microsoft said.
Meanwhile, Yahoo, Apple and Facebook said they did not give the government direct access to their servers.
In a statement, Google said: "Google does not have a 'back door' for the government to access private user data."
On Wednesday, it emerged that the NSA was collecting the phone records of tens of millions of Americans, after the Guardian published a secret order for the Verizon phone company to hand over its records.
A senior congressman, House intelligence committee chairman Mike Rogers, told reporters that collecting Americans' phone records was legal, authorised by Congress and had not been abused by the Obama administration.
He also said it had prevented a "significant" attack on the US "within the past few years", but declined to offer more information.
The order requires Verizon - one of the largest phone companies in the US - to disclose to the NSA the metadata of all calls it processes, both domestic and international, in which at least one party is in the US.
Such metadata includes telephone numbers, calling card numbers, the serial numbers of phones used and the time and duration of calls. It does not include the content of a call or the callers' addresses or financial information.

Quote:Send lawyers, guns and money, I heard somewhere.....can't recall where nor who said it.

Quote:I don't see anyone out there with this theory, and TPM is my favorite news source, so here goes: "PRISM" is the government's name for a program that uses technology from Palantir. Palantir is a Silicon Valley start-up that's now valued at well over $1B, that focuses on data analysis for the government. Here's how Palantir describes themselves:
"We build software that allows organizations to make sense of massive amounts of disparate data.

We solve the technical problems, so they can solve the human ones. Combating terrorism. Prosecuting crimes. Fighting fraud. Eliminating waste. From Silicon Valley to your doorstep, we deploy our data fusion platforms against the hardest problems we can find, wherever we are needed most." [URL="http://www.palantir.com/what-we-do/"]http://www.palantir.com/what-we-do/

[/URL] They're generally not public about who their clients are, but their first client was famously the CIA, who is also an early investor.

With my theory in mind, re-read the denials from the tech companies in the WSJ (emphasis mine):
Apple: "We do not provide any government agency with direct access to our servers…"
Google: "… does not have a back door' for the government to access private user data…"
Facebook: "… not provide any government organization with direct access to Facebook servers…"
Yahoo: "We do not provide the government with direct access to our servers, systems, or network…"

These denials could all still be technically true if the government is accessing the data through a government contractor, such as Palantir, rather than having direct access.
I just did a quick Google search of "Palantir PRISM" to see if anyone else had this theory, and the top results were these pages:

https://docs.palantir.com/metropolisdev/prism-overview.html
https://docs.palantir.com/metropolisdev/prism-examples.html

Apparently, Palantir has a software package called "Prism": "Prism is a software component that lets you quickly integrate external databases into Palantir." That sounds like exactly the tool you'd want if you were trying to find patterns in data from multiple companies.

So the obvious follow-up questions are of the "am I right?" variety, but if I am, here's what I really want to know: which Palantir clients have access to this data? Just CIA & NSA? FBI? What about municipalities, such as the NYC police department? What about the governments of other countries?

What do you think?

FWIW, I know a guy who works at Palantir. I asked him what he/they did once, and he was more secretive than my friends at Apple.

PS, please don't use my name if you decide to publish any of this it's a small town/industry. Let them Prism me instead.

http://talkingpointsmemo.com/archives/2013/06/is_this_who_runs_prism.php?ref=fpblg

Quote:Clapper admits secret NSA surveillance program to access user data

Obama's director of national intelligence attacks program's disclosure as 'reprehensible' and says it threatens security

Dan Roberts and Spencer Ackerman in Washington and Tania Branigan in Beijing
guardian.co.uk, Friday 7 June 2013 16.03 BST
Jump to comments (222)

Obama's expansion of Bush regime's surveillance weakens his attempt to confront Xi Jinping over cyber-attacks. Photograph: Evan Vucci/AP

The US has admitted using a secret system to mine the systems of the biggest technology companies to spy on millions of people's online activity, overshadowing attempts by Barack Obama to force China to abandon its cyber-espionage program.

As concern mounted over the sweeping nature of US surveillance, the director of national intelligence, James Clapper, confirmed revelations by the Guardian that the National Security Agency uses companies such as Google, Facebook and Apple to obtain information that includes the content of emails and online files.

Coupled with the acknowledgement that authorities had undertaken a seven-year program to monitor the telephone calls of potentially millions of people in the US, it has become clear that the Obama administration has embraced and expanded the surveillance regime began under President Bush.

Clapper insisted that the internet surveillance program, known as Prism and disclosed by the Guardian and the Washington Post on Thursday, only covered communications with foreigners and did not target US citizens. "Information collected under this program is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats," Clapper said.

He acknowledged that Section 702 of the Foreign Intelligence Surveillance Act was being used to "facilitate the acquisition of foreign intelligence information".

A secret 41-slide PowerPoint presentation obtained by the Guardian says that the information can be collected "directly from the servers" through the Prism system. The technology companies denied that direct access to servers was possible in this way, but they admitted complying with legal orders to turn over information.

Clapper attacked the disclosure as "reprehensible" for risking "important protections for the security of Americans".

More immediately, the admission places the US in an embarrassing position when it confronts Chinese leaders over their alleged use of cyber-espionage during a long-awaited summit in California on Friday.

Experts on US relations in Beijing said the revelations were bound to "weaken the US government's moral position" although they drew distinctions between the two approaches and expected the issue would still be raised. "Obviously the news breaking on the eve of the Sunnylands summit puts Obama in a much weaker position," added Linda Jakobson, east Asia program director at the Lowy Institute.

To push back against the growing scandal, Clapper also declassified aspects of a highly secretive acquisition of all Verizon's phone records first disclosed by the Guardian. Clapper took the extraordinary step late Thursday night to argue that the program operates "within the constraints of law" and "appropriately protect[s] privacy and civil liberties".

"The collection is broad in scope because more narrow collection would limit our ability to screen for and identify terrorism-related communications," Clapper said. Yet Clapper defended the broad, ongoing intelligence collection effort by saying that "only a small fraction" of the phone records such as phone numbers and call are ever scrutinized by intelligence analysts for connections to terrorism. Such scrutiny occurs according to "strict restrictions" overseen by the Justice Department and the special, secretive US surveillance court, he continued.
A slide from the Prism programme The document claims 'collection directly from the servers' of major US service providers.

Clapper reiterated that the content of phone calls is off-limits under the National Security Agency "metadata" collection program while avoiding reference to the Prism system that sweeps up such content from nine participating internet companies. Clapper also repeatedly pointed out that some, but not all, members of Congress "have been fully and repeatedly briefed" on the program.

The secret document obtained by the Guardian shows that the Prism system facilitates extensive, in-depth surveillance on live communications and stored information. The NSA access was enabled by changes to US surveillance law introduced under President Bush and renewed under Obama in December 2012. The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation classified as top secret with no distribution to foreign allies which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.

Technology companies appeared not to be aware of how the NSA characterises the system. Apple said it had "never heard" of Prism. An Apple spokesman said: "We do not provide any government agency with direct access to our servers and any agency requesting customer data must get a court order."

A Google spokesman also said it did not provide officials with direct access. "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a 'back door' for the government to access private user data."

Legislators, particularly those serving on committees that oversee US intelligence, also confirmed the existence of the spy efforts, saying they have been in effect for at least six years and jumped to their defence.

"These activities have led to the successful detection and disruption of at least one terrorist plot on American soil, possibly saving American lives," said the leadership of the House intelligence panel, Represenatives. Mike Rogers, a Republican, and Dutch Ruppersberger, a Democrat, in a joint statement.

But senator Ron Wyden, who for at least two years has warned about secret government interpretations of the Patriot Act authorising much larger surveillance efforts than the Obama administration has described, suggested the spying has not disrupted any such plots. "Based on several years of oversight, I believe that its value and effectiveness remain unclear," said Wyden, a Democratic member of the Senate intelligence committee.

Quote:In a statement to the Guardian, GCHQ, insisted it "takes its obligations under the law very seriously".

Quote:UK gathering secret intelligence via covert NSA operation

Exclusive: UK security agency GCHQ gaining information from world's biggest internet firms through US-run Prism programme

Nick Hopkins
guardian.co.uk, Friday 7 June 2013 14.27 BST

Documents show GCHQ (above) has had access to the NSA's Prism programme since at least June 2010. Photograph: David Goddard/Getty Images

The UK's electronic eavesdropping and security agency, GCHQ, has been secretly gathering intelligence from the world's biggest internet companies through a covertly run operation set up by America's top spy agency, documents obtained by the Guardian reveal.

The documents show that GCHQ, based in Cheltenham, has had access to the system since at least June 2010, and generated 197 intelligence reports from it last year.

The US-run programme, called Prism, would appear to allow GCHQ to circumvent the formal legal process required to seek personal material such as emails, photos and videos from an internet company based outside the UK.

The use of Prism raises ethical and legal issues about such direct access to potentially millions of internet users, as well as questions about which British ministers knew of the programme.

In a statement to the Guardian, GCHQ, insisted it "takes its obligations under the law very seriously".

The details of GCHQ's use of Prism are set out in documents prepared for senior analysts working at America's National Security Agency, the biggest eavesdropping organisation in the world.

Dated April this year, the papers describe the remarkable scope of a previously undisclosed "snooping" operation which gave the NSA and the FBI easy access to the systems of nine of the world's biggest internet companies. The group includes Google, Facebook, Microsoft, Apple, Yahoo and Skype.

The documents, which appear in the form of a 41-page PowerPoint presentation, suggest the firms co-operated with the Prism programme. Technology companies denied knowledge of Prism, with Google insisting it "does not have a back door for the government to access private user data". But the companies acknowledged that they complied with legal orders.

The existence of Prism, though, is not in doubt.

Thanks to changes to US surveillance law introduced under President George W Bush and renewed under Barack Obama in December 2012, Prism was established in December 2007 to provide in-depth surveillance on live communications and stored information about foreigners overseas.

The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

The documents make clear the NSA has been able to obtain unilaterally both stored communications as well as real-time collection of raw data for the last six years, without the knowledge of users, who would assume their correspondence was private.

The NSA describes Prism as "one of the most valuable, unique and productive accesses" of intelligence, and boasts the service has been made available to spy organisations from other countries, including GCHQ.

It says the British agency generated 197 intelligence reports from Prism in the year to May 2012 marking a 137% increase in the number of reports generated from the year before. Intelligence reports from GCHQ are normally passed to MI5 and MI6.

The documents underline that "special programmes for GCHQ exist for focused Prism processing", suggesting the agency has been able to receive material from a bespoke part of the programme to suit British interests.

Unless GCHQ has stopped using Prism, the agency has accessed information from the programme for at least three years. It is not mentioned in the latest report from the Interception of Communications Commissioner Office, which scrutinises the way the UK's three security agencies use the laws covering the interception and retention of data.

Asked to comment on its use of Prism, GCHQ said it "takes its obligations under the law very seriously. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the intelligence and security committee".

The agency refused to be drawn on how long it had been using Prism, how many intelligence reports it had gleaned from it, or which ministers knew it was being used.

A GCHQ spokesperson added: "We do not comment on intelligence matters."

The existence and use of Prism reflects concern within the intelligence community about access it has to material held by internet service providers.

Many of the web giants are based in the US and are beyond the jurisdiction of British laws. Very often, the UK agencies have to go through a formal legal process to request information from service providers.

Because the UK has a mutual legal assistance treaty with America, GCHQ can make an application through the US department of justice, which will make the approach on its behalf.

Though the process is used extensively almost 3,000 requests were made to Google alone last year it is time consuming. Prism would appear to give GCHQ a chance to bypass the procedure.

In its statement about Prism, Google said it "cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a back door for the government to access private user data".

Several senior tech executives insisted they had no knowledge of Prism or of any similar scheme. They said they would never have been involved in such a programme.

"If they are doing this, they are doing it without our knowledge," one said. An Apple spokesman said it had "never heard" of Prism.

In a statement confirming the existence of Prism, James Clapper, the director of national intelligence in the US, said: "Information collected under this programme is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats."

A senior US administration official said: "The programme is subject to oversight by the foreign intelligence surveillance court, the executive branch, and Congress. It involves extensive procedures, specifically approved by the court, to ensure that only non-US persons outside the US are targeted, and that minimise the acquisition, retention and dissemination of incidentally acquired information about US persons."

Top-Secret NSA Internet Spying Program PRISM' Uncovered

PRISM spy program harvests Internet information
The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

Top secret PRISM program claims direct access to servers of firms including Google, Facebook and Apple

The NSA access is part of a previously undisclosed program called PRISM, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.
The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation classified as top secret with no distribution to foreign allies which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.
Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.
In a statement, Google said: "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government back door' into our systems, but Google does not have a back door for the government to access private user data."
Several senior tech executives insisted that they had no knowledge of PRISM or of any similar scheme. They said they would never have been involved in such a program. "If they are doing this, they are doing it without our knowledge," one said.
An Apple spokesman said it had "never heard" of PRISM. The NSA access was enabled by changes to US surveillance law introduced under President Bush and renewed under Obama in December 2012.
The program facilitates extensive, in-depth surveillance on live communications and stored information. The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.
It also opens the possibility of communications made entirely within the US being collected without warrants.
Disclosure of the PRISM program follows a leak to the Guardian on Wednesday of a top-secret court order compelling telecoms provider Verizon to turn over the telephone records of millions of US customers.

"It's shocking enough just that the NSA is asking companies to do this," he said. "The NSA is part of the military. The military has been granted unprecedented access to civilian communications. "This is unprecedented militarisation of domestic communications infrastructure. That's profoundly troubling to anyone who is concerned about that separation."

The participation of the internet companies in PRISM will add to the debate, ignited by the Verizon revelation, about the scale of surveillance by the intelligence services. Unlike the collection of those call records, this surveillance can include the content of communications and not just the metadata.
Some of the world's largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007
Microsoft which is currently running an advertising campaign with the slogan "Your privacy is our priority" was the first, with collection beginning in December 2007.
It was followed by Yahoo in 2008; Google, Facebook and PalTalk in 2009; YouTube in 2010; Skype and AOL in 2011; and finally Apple, which joined the program in 2012. The program is continuing to expand, with other providers due to come online.
Collectively, the companies cover the vast majority of online email, search, video and communications networks.

David Guyatt Wrote:

Quote:

Revelations of an alleged programme to tap into servers of nine internet firms were "reprehensible", he said.
....
The director of US national intelligence issued a strong-worded statement late on Thursday, after the UK's Guardian newspaper said a secret court order had required phone company Verizon to hand over its records to the National Security Agency (NSA) on an "ongoing daily basis".

Anonymous Releases NSA Docs Related to Global Spy Network

• 2010 EA Conf_RA Track Presentation_20100506.ppt
  
• 3170_01.pdf
  
• 514401Doddirectoritenetworks.pdf
  
• 6212_01.pdf
  
• 800001pDirectoriteDodinfoenterprise.pdf
  
• DT-12-COI-Glossary.pdf
  
• DoDAF-DM2_CMP_v1-0_FINAL_2011-10-03r1.docx
  
• DoD_NetOps_Strategic_Vision.pdf
  
• EATransitionStrategy.pdf
  
• NSI_EE.pdf
  
• insa-spies.pdf
  
• netcentric_jfc-1.pdf
  
• security_clearance.pdf