IBM: No, we did not help NSA spy on customers
IBM has categorically denied any involvement with the NSA's spying spree, and insists it has never handed over client data in the name of surveillance.
IBM has denied any involvement with the US National Security Agency's surveillance programs, and the company claims it has never handed over any client data to governmental bodies.
In response to allegations concerning the NSA's PRISM surveillance program, Big Blue has posted a response in the form of a blog post written by Robert C. Weber, IBM's senior vice president of Legal and Regulatory Affairs. Weber writes that IBM has never handed over client data to any third party, and would send the US agency to the client rather than assist the governmental body:
IBM is fundamentally an enterprise company, meaning our customers are typically other companies and organizations rather than individual consumers. We serve some of the world's most successful global corporations, helping them achieve their business goals.
IBM has not provided client data to the National Security Agency or any other government agency under the program known as PRISM."
PRISM, which stands for "Planning Tool for Resource Integration, Synchronization, and Management," is designed to collect and process "foreign intelligence" that passes through American servers. Due to documents leaked by ex-NSA contractor Edward Snowden, IBM is reportedly being probed by China over security issues, as so many of the country's systems are dominated by IBM, Oracle, and EMC. The document leak alleges that the NSA hacked into Chinese telecommunications companies in order to steal text messages and attack Chinese university servers for spying purposes.
IBM says that while it complies with local laws in the countries in which it operates, it has not provided client data to "the NSA or any other government agency under any surveillance program involving the bulk collection of content or metadata," and "has not provided client data stored outside the United States to the US government under a national security order, such as a FISA order or a National Security Letter."
Furthermore, the tech giant says that you won't find any "backdoor" entry within its products, and nothing has been put in place to help government agencies spy on consumers -- and IBM also claims it does not provide source code or encryption keys to governments.
"In general, if a government wants access to data held by IBM on behalf of an enterprise client, we would expect that government to deal directly with that client," the company added. "If the US government were to serve a national security order on IBM to obtain data from an enterprise client and impose a gag order that prohibits IBM from notifying that client, IBM will take appropriate steps to challenge the gag order through judicial action or other means."
The company took the opportunity to make recommendations to surveillance-happy governmental bodies, stating that such entities need to "act to restore trust," and should "not subvert commercial technologies, such as encryption, that are intended to protect business data."
This story originally appeared as "IBM denies assisting NSA in customer spying" on ZDNet.