A top-secret arm of the controversial Stellar Wind program set up in the wake of 9/11 is allowing the National Security Agency and the FBI to tap directly into the central servers of nine major Internet companies to extract audio, video, photos, emails and documents that let analysts track an individual’s communication, CBS News has learned.
The program, called PRISM, was established in 2007, according to The Washington Post, which broke the story Thursday evening. CBS News senior correspondent John Miller said it doesn’t deal with names but was designed as a way for the government to track suspected terrorists. It culls metadata from Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple and will soon include Dropbox.
Apple denied any involvement with the program.
“We have never heard of PRISM. We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order,” a company spokesperson said in a statement.
Google and Facebook also denied providing direct access to their servers and said they disclose user data only after careful scrutiny and in accordance with the law.
“We do not provide any government organization with direct access to Facebook servers,” said a Facebook spokesperson. “When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws and provide information only to the extent required by law.”
A spokesperson for Google said that the company “cares deeply about the security of our users’ data.
“We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data.”
Microsoft issued a similar statement, saying, “We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.”
Read more at CBS NEWS.