– Washington Post releases four new slides from NSA’s Prism presentation (Guardian, June 30, 2013):
Newly published top-secret documents detail how NSA interfaces with tech giants such as Google, Apple and Microsoft
The Washington Post has released four previously unpublished slides from the NSA’s PowerPoint presentation on Prism, the top-secret programme that collects data on foreign surveillance targets from the systems of nine participating internet companies.
The newly published top-secret documents, which the newspaper has released with some redactions, give further details of how Prism interfaces with the nine companies, which include such giants as Google, Microsoft and Apple. According to annotations to the slides by the Washington Post, the new material shows how the FBI “deploys government equipment on private company property to retrieve matching information from a participating company, such as Microsoft or Yahoo and pass it without further review to the NSA”.
The new slides underline the scale of the Prism operation, recording that on 5 April there were 117,675 active surveillance targets in the programme’s database. They also explain Prism’s ability to gather real-time information on live voice, text, email or internet chat services, as well as to analyse stored data.
The 41-slide PowerPoint was leaked by the former NSA contractor Edward Snowden to the Guardian and Washington Post, with both news organizations publishing a selection of the slides on 6 June. The revelation of a top-secret programme to data-mine digital information obtained with the co-operation of the nine companies added to a storm of controversy surrounding the NSA’s surveillance operations.
Several of the participating companies listed on the third new slide released by the Washington Post – Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL and Apple – denied at the time of the initial publication that they had agreed to giving the NSA direct access to their systems. Google told the Guardian that it did not “have a back door for the government to access private user data”.
The new slides show how Prism interfaces with the internet companies as government agents track a new surveillance target. The process begins, one annotated slide suggests, when an NSA supervisor signs off on search terms – called “selectors” – used for each target. Analysts are tasked with ensuring that the target is by “reasonable belief” of at least 51% confidence likely to be a foreign national who is not within the US at the time of data collection. The internal NSA supervision is the only check of the analysts’ determination; a further layer of supervision is added with stored communications, where the FBI checks against its own database to filter out known Americans.
There is also broad authorization by federal judges in the secret Foreign Intelligence Surveillance Court, which the new slides refer to as “Special FISA Oversight and Processing”. But this is of a generic nature and not made on an individual warrant basis.
The data is intercepted by the FBI’s “Data Intercept Technology Unit”, the new slides suggest. From there it can be analysed by the FBI itself, or can be passed to the CIA “upon request”.
It also automatically passes to various monitoring sections within the NSA. These include, the annotated slides suggest, databases where intercepted content and data is stored: Nucleon for voice, Pinwale for video, Mainway for call records and Marina for internet records.
Once inside the NSA monitoring system there is also a stage called “Fallout”, which the Post interprets as a final layer of filtering to reduce the intake of information about Americans.
One of the areas of greatest concern surrounding Prism and other NSA data-mining programmes has been that although they set their sights on foreign terror suspects, their digital net can catch thousands of unsuspecting Americans on US soil. The slides do not reveal how many US citizens have had their communications gathered “incidentally” in this way.