NSA top lawyer says tech giants knew about data collection

Nevermind the vociferous denials from tech titans like Google, Microsoft, and Apple. They knew the government was collecting their user data, the NSA's general counsel says.

Seth Rosenblatt
Seth Rosenblatt Former Senior Writer / News
Senior writer Seth Rosenblatt covered Google and security for CNET News, with occasional forays into tech and pop culture. Formerly a CNET Reviews senior editor for software, he has written about nearly every category of software and app available.
2 min read
NSA slide listing current participants in the PRISM data collection program and what type of content may be available for review.

The top lawyer for the National Security Agency and others from the Obama administration made it clear to the US government's independent oversight board that tech titans knew about government surveillance while it was going on.

NSA general counsel Rajesh De told the Privacy and Civil Liberties Oversight Board on Wednesday that tech titans were aware that the NSA was collecting communications and related metadata both for the NSA's "PRISM" program and for "upstream" communications crossing the Internet. PRISM is a surveillance program designed to collect and process "foreign intelligence" that passes through American servers.

The law that authorized the program was 2008's Section 702 of the FISA Amendments Act. The Guardian reported that when asked if collection of communications and associated metadata occurred with the "full knowledge and assistance of any company from which information is obtained," De said, "Yes."

De explained to the board that "PRISM was an internal government term that as the result of leaks became the public term." Data collection under PRISM, he said, was a "compulsory legal process, that any recipient company would receive."

De and his colleagues also rejected the board's suggestion to limit searches inside 702 databases.

"If you have to go back to court every time you look at the information in your custody, you can imagine that would be quite burdensome," testified Brad Wiegmann, deputy assistant attorney general.

"That information is at the government's disposal to review in the first instance," De added.

However, De cited privacy risks when explaining why the agency does not search the communication data of American citizens "taken directly" from the Internet, the Guardian said.

Tech firms consistently have denied participating in PRISM, sometimes vehemently so, since Edward Snowden leaked documents to the press last year. Apple said that it had "never heard" of PRISM. Facebook said that it "[does] not provide any government organization with direct access to Facebook servers." Microsoft said that it only provides data when legally mandated to do so, and "never on a voluntary basis."

Google CEO Larry Page echoed those statements, and added, "[W]e had never heard of the broad type of order that Verizon received -- an order that appears to have required them to hand over millions of users' call records."

De's comments contradict public statements by tech firms on their knowledge of data collection under Section 702 of the FISA Amendments Act. CNET contacted companies cited in the documents leaked by Snowden, including Apple, AOL, Facebook, Google, Microsoft, and Paltalk, to comment on De's testimony. We will update the story when we hear from them.