Latest NSA leak details PRISM's bigger picture

Latest NSA leak details PRISM's bigger picture

Summary: Another leaked batch of top secret slides relating to the U.S. National Security Agency's PRISM data collection program sheds further light on how non-U.S. data is collected from various tech firms, and how under law, U.S. data is filtered out — albeit not always.

(Image: The Washington Post)

New "top secret" slides released by The Washington Post on Saturday shed further light on the U.S. National Security Agency's (NSA) PRISM program, which was first publicly disclosed through a series of leaks by former government contractor turned whistleblower Edward Snowden earlier this month.

The additional four slides expand on the original leaks released by the publication The Guardian. They further back claims of widespread borderline illegal mass surveillance by Snowden, whose airside location at a Moscow airport caused a stand-off between the two former Cold War superpowers on a new diplomatic front.

Read this

PRISM: Here's how the NSA wiretapped the Internet

PRISM: Here's how the NSA wiretapped the Internet

The National Security Agency's "PRISM" program is able to collect, in realtime, intelligence not limited to social networks and email accounts. But the seven tech companies accused of opening 'back doors' to the spy agency could well be proven innocent.

The original disclosure blew the lid on government surveillance and the scope in which the U.S. government worked with the U.K. intelligence network, and stirred further anger over alleged secret interpretations of the Patriot Act and the Foreign Intelligence Surveillance Act (FISA).

Further leaks by The Guardian showed that the program is court approved by the secret Foreign Intelligence Surveillance Court (FISC), set up under FISA in 1978, but individual warrants are not necessary, even for requesting full access to a person's collected data.

While this latest disclosure expands what is known about the PRISM program, only eight of the total 40 or more slides have been published so far.

Over the weekend, the Post published further details of the mass collection of email, video and voice chat, photos, file transfers, and other online social networking content on foreign nationals by the NSA in conjunction with the Federal Bureau of Investigation (FBI).

According to one freshly leaked slide, there were 117,675 "active surveillance targets" in PRISM's database, but this figure does not detail which kinds of users these were, or among them how many Americans had their data collected inadvertently by the program.

Another slide detailed the PRISM "tasking process," which shows how an NSA analyst would acquire and search for new intelligence on a surveillance target.

These tasking requests are initiated by the NSA analyst, who will determine a new target and have this authorized by their supervisor, which under Section 702 of FISA will seek to ensure there is a 51 percent likelihood that the target is not a U.S. person, and are overseas at the time of data collection.

Annotations by the Post suggest that PRINTAURA "sorts and dispatches the data stream" into different categories of data from the FBI's Data Interception Technology Unit (DITU) — understood to be the Tier 1 company wiretaps.

The data collected from these wiretaps are then sorted into data types for further analysis by SCISSORS and Protocol Exploitation. The NSA is then able to determine what is U.S. citizen data, in line with the leaked "minimization procedures," which then filters through two further systems — FALLOUT system for metadata, and CONVEYANCE for voice content — to reduce the intake of intelligence on Americans.

Once this has been completed, foreign intelligence that filtered as much U.S. persons only data out as possible will pass into databased dubbed NUCLEON for voice, PINWALE for video, MAINWAY for call data, and MARINA for Internet records.

While the slides annotated by the Post claim that the FBI "uses government equipment on private company property" to receive such data, in another infographic-like post, the publication specifically states that a tasking request "is routed to equipment installed at each company."

The FBI's DITU is understood to maintain this equipment, in which the data it collects is then passed to the NSA.

In a ZDNet article earlier in June, we suggested that the aforementioned companies were likely not actively working or engaged with the NSA as was suggested — and subsequently rolled back on by the media. But the "private company property" were likely the Tier 1 network companies that provide the high-bandwidth lines behind the named seven technology companies' datacenter operations.

This also ties in with the Upstream program, in which, as later leaks pointed out, physical prism-like "beam splitters" would be used to split the fiber optic beams, where one stream would go to the destination while the other was copied and sent to an NSA datacenter.

This data copying and snatching would prove that the named seven technology companies were not in fact handing data over to the NSA, voluntarily or forcibly, without an appropriate warrant.

The named seven companies — AOL, Apple, Facebook, Google (and YouTube), Microsoft (and Skype), Paltalk, and Yahoo — scrambled immediately after the first disclosure to counter the claims mistakenly made by some that they gave the NSA "direct access" to their systems.

Many of those companies are also currently engaged with the Obama administration in a bid to lift the lid on the exact number of National Security Letters, or so-called "gagging orders," they receive from the U.S. government under Section 505 of the Patriot Act — a statute expanded under the new 2001 provisions.

The Post's earlier claim that the NSA had "direct access" to the companies was not repeated in the latest disclosure, and instead erred on the side of caution.

The publication also notes that a tasking request can be sent to "an NSA access point that taps into the Internet's main gateway switches."

Topics: Security, Government US, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion

    Given that the FBI has direct access to PRISM there can be no doubt now that American citizens are one of the deliberate targets of PRISM and that accessing domestic data is not inadvertent as the NSA has been claiming.
    • Not Quite

      Who do you think investigates foreign nationals and their affairs? FBI.
      • Re:Not Quite

        The FBI investigates affairs internal to the US (like counterfeiting money and other things). The CIA investigates international "incidents."
        • FBI investigating counterfeit money?

          Not that it's pertinent to this article, but the F.B.I. does NOT invest counterfeit money. That's one of the jobs given to the Secret Service.

    • PRISM

      What do you mean, "there cdan be no doubt now"? I have plenty of doubt about your claim trying to tie FBI access to Americans becoming "deliberate" targets or targets of any kind.
    • Amusing

      If Prism is used to only spy on foreign nationals then the US government has really big Cajonnes to demand China and Russia assist them in returning Snowden. "We spy on you. Uh could you help us return our errant spy?" "So sorry sir but this is not Chinese laundry. Clean your own mess."
  • how do we know if these are genuine?

    Is there any way to verify their authenticity?
    • My thoughts exactly

    • Who's denying them?

    • Verify

      Every time another slide is leaked there is a statement rushing to its defense, not its denial.
      Owen King
    • Exactly.

      These could be (and likely are) intentional leaks which are designed to downplay the actual activities occurring by supposedly "leaking" a contrived and far less shocking version of reality. In my mind, the full picture of what's happening is likely far worse than even these slides portray.
      • You have a point

        I would guess that the internal consistency of the entire set in context of everything else we know (and those who have been monitoring this for decades know quite a lot), a pretty clear assessment as to their accuracy can be made.

        However, the creation of internally consistent lies is something that they do very well and damage-control is second nature. This lends credence to BillDem’s position – especially in context of the fact that I can say that what we have seen doesn’t even begin to scratch the surface.

        The art of focusing the public on a small subset of the bigger picture is a generally successful form of damage control, as is critical that the real good stuff is always kept several layers away from the point of conversation.

        With all that said, however, I believe that nothing is going stop full disclosure.
      • Likely propaganda

        Obama and everyone else involved in this sorry mess no longer has any credibility. What we are seeing now is a disinformation campaign just like the one conducted by the Martin Scheme Team, except that this one is on a much grander scale.

        Both Democrats and Republicans are lackeys for big business interests and both parties deserve to be sidelined by independents, this is especially true of anyone in leadership positions.

        It is long past time that the public starts taking political scalps.
  • Who believes that?

    The NSA bugged diplomatic representations of allied nations and actively engaged in hacking from within Europe against European administrations. Anyone who believes that they actually respect the law would also buy a plot of land on the moon.
  • Another scandal this morning...

    NBC Report: NSA bugged European Union offices, computer networks

    BOY are the Europeans mad! One day, very soon, the Europeans will give the NSA leaker the Nobel Peace Prize. Probably take Obama's unwarranted one back and give it to him...
    Tony Burzio
    • Smile

      Just the next step in and orchestrated slow release of a vast amount of pending disclosures.

      It has to be this way to give people adequate time to adapt and assimilate.
    • The 4th Amendment doesn't apply to non-citizens...

      Not to mention that every other country is wiretapping, bugging and in every other way spying on our embassies abroad. They all do it to each other. The only reason anyone is outraged about the embassy spying is that it's the first time there has been a real public admission of it.

      Plus, legally, U.S. embassies in foreign country are on U.S. soil, and other countries' embassies in our country are legally part of that other country.
      Jacob VanWagoner
      • US Soil

        Sorry, but US embassies in foreign countries are not on US soil. They are simply renting space. The only US soil in the UK is the Kennedy memorial at Runnymede, a special grant by the UK government. It is, however, normal to respect the sanctity of an embassy as if it were in its home country.
        • Re: US Soil

          It is more than "normal" or a courtesy. It is by legal treaty agreement as per the Vienna Convention On Diplomatic Relations. It became UK law in 1961 with the signing of the treaty. There are exceptions mostly having to do with extradition, but in general, the laws of the foreign nation apply within the embassy and the host nation's law does not apply.
        • Sorry, but by International Treaty a recognised embassy of a recognised

          country is allowed to obtain the use of land for the embassy and while it's recognised by the government the grounds are seen as being the land of the country the embassy is from, this applies only to an embassy and usually only the one location per represented country in the country it's located. The other facilities are known as consulate and do not have the same protections as an embassy. If the country ceases to be recognised then the land reverts to the government of the country it's in or is sold as private land.

          However, as regards communications no radio communications are protected against interception and the moment a land line communication leaves the embassy grounds it crosses an international border and thus open to interception. Only the contents of a diplomatic pouch are protected communications that leave an embassy.
          Deadly Ernest