Major US Internet companies, including Google, Facebook and Microsoft, have denied that they are involved in a top-secret program led by the National Security Agency and the FBI after a report on Thursday by the Washington Post unveiled the program, code-named PRISM.
The report says the program gives the NSA and FBI direct access into central servers at nine US Internet companies, and has been ongoing for the past six years. Through the program, authorities have access to audio and video chats, photographs, emails, documents and connection logs.
The program is believed to be the first of its kind, and is focused on foreign communications traffic, which often goes through US-based servers even when sent from one overseas location to another, the Washington Post says. President Obama said that US citizens shouldn’t worry about the program as it does not apply to their data, only foreign data, and that he believes it “strikes the right balance” in a press conference on Friday.
The data is collected directly, and the court “agreed to certify periodically that the government had reasonable procedures in place to minimize collection of ‘US persons’ data without a warrant.”
Director of National Intelligence James R. Clapper claims that information collected through PRISM is used to protect the US from a variety of threats. He also condemned the “unauthorized disclosure of information about this important and entirely legal program” in a statement on Thursday.
Facebook, Microsoft, Apple, Google, Yahoo, Paltalk and AOL have all denied their involvement in the government program, and some have even said they have no idea what the program is, and have never heard of PRISM, in separate statements released on Thursday.
The program is troubling, and if the Internet companies who are allegedly involved are cooperating, it is a huge issue for privacy online and end-user rights. Web hosts don’t hand over data on their servers until proper due diligence is followed, but this program could have a broader impact on those processes as well. The details on what information actually applies in the program is fairly limited, and US authorities have declined to say which parts of the Washington Post report it finds inaccurate.
Whether or not web hosting providers are directly involved in this program, these kinds of steps would impact any service provider on the Internet, as users may choose to move away from US-based service providers in order to protect their data. As the EU works on its new data protection laws, which include enhanced responsibilities for non-EU cloud companies, it could also be problematic for US providers looking to expand in Europe if they don’t meet the privacy criteria.
Last year, when the House passed CISPA, Christian Dawson, COO of ServInt and founder of the Internet Infrastructure Coaliton said that the privacy concerns of users could hurt US hosting providers as their customers would look elsewhere.
What do you make of the PRISM program? Do you believe that a program like this could impact you as a hosting provider? Let us know in a comment.