The real story in the NSA scandal is the collapse of journalism

The real story in the NSA scandal is the collapse of journalism

Summary: A bombshell story published in the Washington Post this week alleged that the NSA had enlisted nine tech giants, including Microsoft, Google, Facebook, and Apple, in a massive program of online spying. Now the story is unraveling, and the Post has quietly changed key details. What went wrong?


Updated June 9 to include details of the Guardian's coverage, a link to the Post's correction policy, and a quote from the Huffington Post.

Updated June 10 to include a quote from a follow-up article in the Post directly contradicting its initial claims and another observation after the release of the leaker's identity.

On Thursday, June 6, the Washington Post published a bombshell of a story, alleging that nine giants of the tech industry had “knowingly participated” in a widespread program by the United States National Security Agency (NSA).

One day later, with no acknowledgment except for a change in the timestamp, the Post revised the story, backing down from sensational claims it made originally. But the damage was already done.

The primary author of the story, Barton Gellman, is a Pulitzer Prize winner, and the Washington Post has a history in investigative journalism that goes back to Watergate and All the President’s Men. On a roster of journalistic failures, this one has to rank near the very top.

This story was part of a busy week for attention-grabbing stories on the topic of U.S. Government surveillance. The Post was playing catch-up to the Guardian, whose UK and US editions had broken numerous stories, several of them by-lined by Glenn Greenwald. On Wednesday, the Guardian had published details of a Top Secret court order that required Verizon to hand over records disclosing the call data of millions of its customers. On Friday, they published another classified document outlining a U.S. Presidential Policy Directive to draw up a hit list for cyber-attacks.

And on Thursday, shortly after the Post published its story, the Guardian went public with a similar story about NSA surveillance. Based on comments by the author of the Post article, that timing is not coincidental.

Related coverage on ZDNet:

The allegations by the Post are shocking:

The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio, video, photographs, e-mails, documents and connection logs that enable analysts to track a person’s movements and contacts over time.

The story alleges that the NSA is “reaching deep inside the machinery of American companies that host hundreds of millions of American-held accounts on American soil.” It specifically names nine companies: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple. And the story alleges, “From inside a company's data stream the NSA is capable of pulling out anything it likes.”

Within hours after the story broke, it had been amplified by other news agencies and tech websites and had inspired expressions of outrage over this invasion of privacy. And seven of the nine companies named issued categorical denials that they knew of or participated in any such program.

And then a funny thing happened the next morning. If you followed the link to that story, you found a completely different story, nearly twice as long, with a slightly different headline. The new story wasn’t  just expanded; it had been stripped of key details, with no acknowledgment of the changes. That updated version, time-stamped at 8:51 AM on June 7, backed off from key details in the original story.

Crucially, the Post removed the “knowingly participated” language and also scrubbed a reference to the program as being “highly classified.” In addition, a detail in the opening graf that claimed the NSA could “track a person’s movements and contacts over time” was changed to read simply “track foreign targets.”

Here’s what a key paragraph in the story originally looked like in a browser window:


And here’s the same paragraph, as it appeared in the heavily edited story the next day. Note that the Post's editors had added so much to the story that this paragraph was pushed to the second page in the four-page online version:


I saved a copy of the original story and used the “compare documents” feature in Microsoft Word to show the before and after versions. You can see the differences for yourself in the redlined document saved here.

Declan McCullagh of CNET examined the Washington Post story independently and concluded that the Post story was wrong.

Those reports are incorrect and appear to be based on a misreading of a leaked Powerpoint document, according to a former government official who is intimately familiar with this process of data acquisition and spoke today on condition of anonymity.

"It's not as described in the histrionics in the Washington Post or the Guardian," the person said. "None of it's true. It's a very formalized legal process that companies are obliged to do."

The real story appears to be much less controversial than the original alarming accusations. All of the companies involved have established legal procedures to respond to warrants from a law enforcement agency or a court. None of them appear to be participating with widespread surveillance.

Update June 10 - In a separate story published over the weekend (with Barton Gellman listed as one of three authors), the Post further backed down from the "direct access" claim:

One top-secret document obtained by The Post described it as “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”

Intelligence community sources said that this description, although inaccurate from a technical perspective, matches the experience of analysts at the NSA. From their workstations anywhere in the world, government employees cleared for PRISM access may “task” the system and receive results from an Internet company without further interaction with the company’s staff.

In intelligence parlance, PRISM is the code name for a “signals intelligence address,” or SIGAD, in this case US-984XN, according to the NSA’s official classified description of PRISM and sources interviewed by The Post. The SIGAD is used to designate a source of electronic information, a point of access for the NSA and a method of extraction. In those terms, PRISM is a not a computer system but a set of technologies and operations for collecting intelligence from Facebook, Google and other large Internet companies.

According to a more precise description contained in a classified NSA inspector general’s report, also obtained by The Post, PRISM allows “collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,” rather than directly to company servers. The companies cannot see the queries that are sent from the NSA to the systems installed on their premises, according to sources familiar with the PRISM process.  [emphasis added]

So what went wrong with the Post?

The biggest problem was that the Post took a leaked PowerPoint presentation from a single anonymous source and leaped to conclusions without supporting evidence. McCullagh quotes one of his named (not anonymous) sources, former general counsel of the NSA Stewart Baker, as saying the slides look “flaky”:

"The PowerPoint is suffused with a kind of hype that makes it sound more like a marketing pitch than a briefing -- we don't know what its provenance is and we don't know the full context," Baker said. He added, referring to the Post's coverage: "It looks rushed and it looks wrong."

“Rushed” would indeed be the best way to describe why the Post story changed so dramatically in a 24-hour period. Normally, an investigative piece like this would be reported thoroughly before being published. Instead, it looks like the Post rushed to publish, perhaps fearing that the slide deck had been leaked to another publication that would beat them to the punch.

Update: A Huffington Post story seems to confirm the theory that this post was published prematurely:

Recently, it became clear to Gellman that the scoop might be broken elsewhere and so the Post “decided to push it through." Gellman said he “would have been happier to have had a day or two” more to work on the PRISM story, but it was clear, for competitive reasons, the Post had to move quickly.

Almost no one who reacted to the story initially did so with any skepticism about the Post’s sources or its conclusions. Indeed, a common thread among reactions to the denials by those big tech companies was that they were using careful wording and common talking points to avoid responding to the specific allegations. In fact, the wording of those statements was similar because each company was responding to the specific language in the Post and Guardian stories.

That rush to publication set off the Internet echo chamber and the cable news networks at a full-throated roar. The story and its key, now apparently discredited arguments have been spread far and wide.

The Post compounded its error by quietly correcting its story and not publicly acknowledging that there were errors in the original story. It's worth noting that the Post has a published policy for how its writers and editors are supposed to handle online corrections. Here's what that policy, headlined "Digital Publishing Guidelines - Clarifications and corrections," says:

When a correction is made online, the story editor is responsible for alerting universal, home-page and social teams to make the necessary changes to headlines and blurbs. The change should be made within the article and the correction should also be noted at the top of the item.


Clarifications and corrections should be clear, concise and direct. They must be comprehensible to anyone who reads them, including readers who may have missed the story that is being corrected. Anyone reading the correction should be able to understand how and why the mistake has been corrected.

More than 48 hours after the story was significantly edited, there's no such "clear, concise, and direct" explanation for the substantive changes on the online article.

In fact, the revised story still claims the NSA and the FBI are “tapping directly into the central servers” of those companies when that allegation no longer appears to be true.

Update June 10: And one more thing. In its original story, the Post calls the source of the documents "a career intelligence officer" who provided these materials "in order to expose what he believes to be a gross intrusion on privacy." We now know that the source was Edward Snowden, who was not an intelligence officer but an "infrastructure analyst" who had been in his current position with an external contractor for only three months. The "career intelligence officer" description seems exaggerated. 

In short, one of the great journalistic institutions of the 20th Century is now engaged in outright click-baiting, following the same “publish first, fact-check later” rules as its newer online competitors.

Something tells me the Pulitzer committee won’t be considering this story for next year’s awards.

Topics: Privacy, Apple, Google, Government US, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Post reporting

    I'll go with the Post over you any day of the week . For one thing , they broke the story .
    you missed it for 7 years .
    • Did you read the entire, or is it your personal jealousy against Ed

      mad you to vent against him for no reason? I think it is both. He just showed the difference between the same topic at the same media outlet by the same journalist on different dates. I don't trust any no journalist or media outlet, because everyone has personal agenda and personal interests to look after. Every major media resorted to yellow journalism, and if I want to entertain myself with nonsense, I would go to professional yellow journalists, not from the amateaurs at that. To me know WP and Pulitzer winner are just amateaur yellow media and journalists. WP and the Pulitzer winner didn't have to soften and change the entire topic next day if they really broke the truth. Whether it is just a lie or not, but that journalist doesn't have real information about the agreement between NSA and those 9 tech gaints.
      Ram U
      • Seems to me

        That except for Facebook which categorically denied it - the other services uses weasily words to get out of it. Example - Google didn't say they didn't hand over all their data via Prism - they said, they didn't give the government direct access to their servers. - That could just mean that Google voluntarily hands it over in an easy to understand form to NSA without the need for the government to have direct access.

        I believe there is more to this than the leftists - in complete coverup mode now to protect their king - want us to believe. Unless the classified document was faked? No-one in government has made that claim so far.
        • They mis-read...

          ...that it was a question of what they do in the US. They were thinking it was about what they do for China.
          Berish Beri
        • NASA

          This is not a left or Right issue. Past adm. having being doing this for years! You appear to be drinking the Foxx News kool-aide which is neither fair nor balance. I'm not sure what country you belong, nevertheless we have a President, not a king. Maybe you were referencing the past Republican adm. King's don't deal with a congress that is blatantly racist, who at all cost to the american public will stonewall every legislation that the president proposes. Kings don't tolerate that kind of foolishness. A good history teacher could help you out.
          • Actually

            We have a president, acting like a king, who is ignoring our constitution and attempting to ignore any check and balance he feels like. One who will go down as worse than Nixon for his behavior and constitutional violations. But since you like his politics, you do "the ostrich" much like the mainstream media has been doing for over 5 years.
          • There it is...

            Yep, dvannf, there it is. It's Bush's fault. Just like everything else. Past administrations may have begun the data collection and monitoring process around 9-11 time, but did they go to the extent of tapping into EVERY citizen's business, like the king's administration appears to be doing? For national security reasons the government does need to tap into conversations and emails WHEN WARRANTED when following known or suspected individuals who may do us harm. They don't need to know that I'm downloading an update to a certain piece of softare, or that I'm calling to tell Aunt Mildred Happy Birthday.

            No we do not have a president...we have a king. Who does as he pleases. Who forces his way regardless of the wishes of the sheep that elected him. And once again, anyone who disagree's with him or his ploicies is "blatantly racist".

            Fox News is more fair and balanced than the head-in-the-sand media that simply doesn't report anything, hoping that no one will notice. They only report a oneminute time line weeks after Fox has been discussing a revelation for weeks. You and your silent media need to wake up and see what's happening to your eroding freedoms.
          • wow

            talk about cool-aid drinker yikes.
          • There you go

            bringing up race. Don't you have anything better (or factual)? To people like you, all opposition to Obama is based on race because, as you know, all whites are racist right? No, opposition to him is based on the fact that most of his ideas and policies are detrimental to our freedoms and the health (economic and otherwise) and survival of the country. Race has nothing to do with it and it's about time you and your ilk realized that. Congress is not racist, you are for bringing it up.

            Neither Bush nor any other past President has anything to do with it. It's all Obama's now. He owns it. He could have stopped it.

            "What did the President know, and when did he know it?"
        • Leftists are not protecting Obama!

          @wiseoldbird Glenn Greenwald, who has been pushing this story more than anyone, is a major "leftist" writer and columnist!

          It is probably true that some establishment Dems are trying to protect Obama, but definitely not the actual people who think and care about these matters. Please. Don't base all your beliefs on Fox News. They are not reporting truthfully to you.
          • Foxnews?

            What exactly have they reported *on this topic* that is untrue? Anything? Anything at all?
          • Fox is the only news organization reporting the facts on the scandals,

            and the left-wing media is trying to cover for the administration.

            You and all of America should be thanking your lucky stars that there is an organization that is trying to get to the bottom of the stories, and that you are actually being kept informed.

            But, it's quite doubtful that you even watch FOX, and all that you're doing is repeating the liberal attacks against FOX, without really understanding what FOX actually is doing.

            Now, do try to get educated on the facts, and don't use the liberal press to try to do so, or you'll just remain as ignorant as you sound now.
    • Post?

      Owned by News Corp (Fox News)? You're drinking Kool-Aid again.
      • Information...the bain of the blogoshpere...
      • Think you are confused...

        News Corp owns New York Post
        News Corp does NOT own Washington Post
        This discussion is about Washington Post!
    • Of course you would.

      Never question a source that writes the way you think. You might have to second guess they way you lead your own life.

      And what took the post so long to find out and break the story?

      They missed it for 7 years, so they really can't be looked at as "on top of things", can they?
      William Farrel
    • Old News!

      The interception of telephone, email, chat, and all other electronic communications by the NSA is very old news.

      This has been going on since the early 1960's.

      See the following link.

      ECHELON - Wikipedia, the free encyclopedia:
      • Ah there is a difference

        It only went on with International calls, not all calls. And then only International calls to countries of Interest.

        Now we have all the phone numbers of all our Mobile carriers monitored, and it seems that our data from at least Google is being actively and freely monitored by the government as well.

        It is definitely not the same thing.
        • Same Thing, Just More Of It

          Echelon was the predecessor, but Prism and whatever other programs are in place now are just like Echelon with a far wider reach.
          Charles Boyer
          • Excuse me!

            "just like" and "far wider" are NOT the same thing.