Deep Inside PRISM and the NSA

PRISM is the top secret electronic security surveillance program of the US National Security Agency (NSA). It began operations in 2007 with the supervision and collaboration of the US Foreign Intelligence Surveillance Court pursuant to the Foreign Intelligence Surveillance Act (FISA).

After the leak given by NSA contractor Edward Snowden, PRISM is no longer in stealth mode as various countries, organizations and government agencies and even private citizens react to the red signals it created. Snowden disclosed that the public claim about the mass data collection activity of PRISM is not even close to what it can do. Snowden’s statement was initially released last June 6, 2013 by The Washington Post and The Guardian.

PRISM Activity

According to the slides released from NSA and published by The Washington Post, PRISM collects mass data of foreign targets and interfaces them from nine participating internet companies. These companies that joined within the last 6 years include: Microsoft (2010), Yahoo (2008), Google (2009), Facebook (2009), PalTalk (2009), YouTube (2010), Skype (2011), AOL (2011) and Apple (2012).

The massive data collection as recorded on April 5 showed that about 117,675 active investigation targets were recovered from the nine participating companies. These were retrieved from real-time live voice, email, SMS, stored data, or internet chat services. These seemingly data mine aroused a storm of red flags and controversies around NSA’s secret operations.

The Washington Post PRISM report said it, “uses government equipment on private company property to retrieve matching information from a participating company, such as Microsoft or Yahoo and pass it without further review to the NSA”.

The nine participating companies, however, denied that they have given permission for direct access to NSA.

The PRISM Process

The process of PRISM interface begins as an NSA supervisor gives the go signal for the called “selectors”. Selectors are based on the criteria that each target is at least 51% under “reasonable belief” to be likely a foreigner who is not within the US territory at the time of data gathering. After the first layer of supervision, the FBI then analyzes stored communications to ensure that Americans are filtered out of the database collection.

The next step is the Foreign Intelligence Surveillance Act (FISA) Court’s supervision of the data where a generic “Special FISA Oversight and Processing” is done. Then it goes back to FBI’s “Data Intercept Technology Unit” where a thorough analysis is performed, and is passed on to CIA or FBI upon their request.

The different layers of monitoring are placed in sections and stored as Pinwale for video, Nucleon for voice, Marina for internet records and Mainway for call records. Finally, the last layer of filtering takes place and is called the “Fallout,” this ensures that no data from Americans are included on the database for surveillance.

PRISM allows real-time notifications to NSA whenever a target logs on to send an email, to make a voice call, to send a text message or voice chat. The notifications depend highly on the provider setting.

The slides that were presented by Snowden to The Washington Post and The Guardian seem to contradict the claims of the nine participating companies for non-access to their systems. Although, CNET disclosed that server direct access to these companies is not true.

As a response to this controversy, Google and Microsoft currently requested a petition to a US surveillance court to lift an order that prohibit them from data disclosure as requested by the US government. To date, all participating companies have provided information to NSA that are only related to surveillance and criminal targets whose cases are involved with kidnapping, homicide or fraud.

What’s Next?

Businesses and organizations now have a major decision to make whether migration to the cloud is the answer for their data storage, financial issue and security problems; as this move may “incidentally” place unsuspecting customers and users in a privacy issue dilemma.

In fact, another revelation surfaced that the UK-based news company, The Guardian reported that the PRISM is infiltrating on European Union diplomatic missions. The 38 targets that Snowden disclosed included surveillance cameras and bugs implanted on communication cables and equipment.

Caspar Bowden, an independent data security consultant debated that the UK is “extremely exposed” as a result of the close connections it has with the US’ NSA agency.

The reports about data infiltration became full blown as reports from The Guardian UK came out that Britain’s national Government Communications Headquarters (GCHQ) have also been tapping communications cable traffic and data in their surveillance program called Tempora. This could mean that with PRISM and Tempora having close ties, massive amounts of data from innocent people may be tapped together with terrorists and criminals.

Bowden said, “The best bet is to keep your cloud data close, keep it local and don’t really let it out to anybody else’s jurisdiction because, once you do, secret laws can get at that data from the inside.”

One comment

  1. There appears to be a slight error in the article. The first sentance of the third paragraph reads, “According to the slides released from NSA and published by The
    Washington Post, PRISM collects mass data of foreign targets and
    interfaces them from nine participating internet companies.”

    Should be amended to read, “According to the slides released from NSA and published by The
    Washington Post, PRISM collects mass data of US citizens and foreign targets and
    interfaces them from nine participating internet companies.”

    – S

Leave a Reply

Your email address will not be published. Required fields are marked *