•
Top-secret files show first evidence of financial relationship
• Prism
companies include Google and Yahoo, says NSA
• Costs
were incurred after 2011 Fisa court ruling
 |
The material provides the first evidence of a financial relationship between
the tech companies and the NSA.
|
The National Security Agency paid millions of dollars to cover the costs of major internet companies involved in the Prism surveillance program after a court ruled that some of the agency's activities were unconstitutional, according to top-secret material passed to the Guardian.
The
technology companies, which the NSA says includes Google, Yahoo, Microsoft and
Facebook, incurred the costs to meet new certification demands in the wake of
the ruling from the Foreign Intelligence Surveillance (Fisa) court.
The October 2011 judgment, which was declassified on Wednesday by the Obama administration,
found that the NSA's inability to separate purely domestic communications from
foreign traffic violated the fourth amendment.
While the
ruling did not concern the Prism program directly, documents passed to the
Guardian by whistleblower Edward Snowden describe the problems the decision
created for the agency and the efforts required to bring operations into
compliance. The material provides the first evidence of a financial
relationship between the tech companies and the NSA.
The
intelligence agency requires the Fisa court to sign annual
"certifications" that provide the legal framework for surveillance
operations. But in the wake of the court judgment these were only being renewed
on a temporary basis while the agency worked on a solution to the processes
that had been ruled illegal.
An NSA
newsletter entry, marked top secret and dated December 2012, discloses the huge
costs this entailed. "Last year's problems resulted in multiple extensions
to the certifications' expiration dates which cost millions of dollars for
Prism providers to implement each successive extension – costs covered by
Special Source Operations," it says.
 |
| An NSA newsletter entry dated December 2012 disclosing the costs of new certification demands. Photograph: guardian.co.uk |
Special
Source Operations, described by Snowden as the "crown jewel" of the
NSA, handles all surveillance programs, such as Prism, that rely on
"corporate partnerships" with telecoms and internet providers to
access communications data.
The
disclosure that taxpayers' money was used to cover the companies' compliance
costs raises new questions over the relationship between Silicon Valley and the
NSA. Since the existence of the program was first revealed by the Guardian and
the Washington Post on June 6, the companies have repeatedly denied all
knowledge of it and insisted they only hand over user data in response to
specific legal requests from the authorities.
An earlier
newsletter, which is undated, states that the Prism providers were all given
new certifications within days of the Fisa court ruling. "All Prism
providers, except Yahoo and Google, were successfully transitioned to the new
certifications. We expect Yahoo and Google to complete transitioning by Friday
6 October."
 |
| An earlier undated newsletter after the Fisa court ruling on certifications. Photograph: guardian.co.uk |
The
Guardian invited the companies to respond to the new material and asked each one
specific questions about the scale of the costs they incurred, the form of the
reimbursement and whether they had received any other payments from the NSA in
relation to the Prism program.
A Yahoo
spokesperson said: "Federal law requires the US government to reimburse
providers for costs incurred to respond to compulsory legal process imposed by
the government. We have requested reimbursement consistent with this law."
Asked about
the reimbursement of costs relating to compliance with Fisa court certifications,
Facebook responded by saying it had "never received any compensation in
connection with responding to a government data request".
Google did
not answer any of the specific questions put to it, and provided only a general
statement denying it had joined Prism or any other surveillance program. It
added: "We await the US government's response to our petition to publish
more national security request data, which will show that our compliance with
American national security laws falls far short of the wild claims still being
made in the press today."
Microsoft
declined to give a response on the record.
The
responses further expose the gap between how the NSA describes the operation of
its Prism collection program and what the companies themselves say.
Prism
operates under section 702 of the Fisa Amendments Act, which authorises the NSA
to target without a warrant the communications of foreign nationals believed to
be not on US soil.
But
Snowden's revelations have shown that US emails and calls are collected in
large quantities in the course of these 702 operations, either deliberately
because the individual has been in contact with a foreign intelligence target
or inadvertently because the NSA is unable to separate out purely domestic
communications.
Last week,
the Washington Post revealed documents from Snowden that showed the NSA
breached privacy rules thousands of times a year, in the face of repeated
assurances from Barack Obama and other senior intelligence figures that there
was no evidence of unauthorised surveillance of Americans.
The newly
declassified court ruling, by then chief Fisa judge John Bates, also revealed
serious issues with how the NSA handled the US communications it was sweeping
up under its foreign intelligence authorisations.
The
judgment revealed that the NSA was collecting up to 56,000 wholly US internet
communications per year in the three years until the court intervened. Bates
also rebuked the agency for misrepresenting the true scope of a major
collection program for the third time in three years.
The NSA
newsletters say the agency's response to the ruling was to work on a
"conservative solution in which higher-risk collection would be
sequestered". At the same time, one entry states, the NSA's general
counsel was considering filing an appeal.
The
Guardian informed the White House, the NSA and the office of the director of
national intelligence that it planned to publish the documents and asked
whether the spy agency routinely covered all the costs of the Prism providers
and what the annual cost was to the US.
The NSA
declined to comment beyond requesting the redaction of the name of an
individual staffer in one of the documents.
UPDATE:
After publication, Microsoft issued a statement to the Guardian on Friday
afternoon.
A
spokesperson for Microsoft, which seeks reimbursement from the government on a
case-by-case basis, said: "Microsoft only complies with court orders
because it is legally ordered to, not because it is reimbursed for the work. We
could have a more informed discussion of these issues if providers could share
additional information, including aggregate statistics on the number of any
national security orders they may receive."
No comments:
Post a Comment