PRISM

Prism is a covert surveillance program operated by the National Security Agency (NSA). In 2007, after being authorized under the Protect America Act of 2007, the NSA was given the go-ahead to collect foreign intelligence information by tapping into communications of individuals outside the U.S., particularly those using American internet services.

The program was renewed and expanded under the FISA Amendments Act of 2008, allowing the NSA broader powers to collect data without requiring individualized warrants for foreign targets.

Prism remained a secret until 2013 when Edward Snowden revealed it through leaked NSA documents. A leaked court order provided by Snowden showed that Verizon handed over all its customers’ calling records and telephone metadata to the NSA on an “ongoing, daily basis.”

The program was designed to collect and monitor internet communications, targeting foreign individuals outside the U.S., and some domesticated data. 

The program continues today and plays a central role in U.S. intelligence gathering but remains highly controversial for its mass data collection methods and involvement with tech companies.

PRISM allows the NSA to collect communications from major tech companies like Google, Facebook, Microsoft, Apple, YouTube, AOL, Dropbox, and others. This includes emails, media posts, search histories, video and voice chats, photos, stored data, file transfers, video conferencing, and social networking details.

The program relies on voluntary cooperation from the tech companies. The companies provide access to the servers, allowing the NSA to collect communications directly. Some companies deny their involvement or claim they only comply when obligated. Companies are legally bound to respond to FISA requests, although Google and Facebook claim they only provide data when a valid court order is present. Some reports suggested that the NSA could access the data in real-time or pull historical data from server logs.

The leaked documents showed that the NSA accessed vast amounts of personal information from these platforms. It also suggests that some companies were more cooperative than others and that data-sharing had been extensive. Although PRISM’s stated goal was foreign intelligence, the extent of the data collected raised concerns about U.S. citizens’ privacy.

Through Snowden, we’ve learned that the information PRISM gathers is shared with the United Kingdom’s Government Communications Headquarters. The Five Eyes intelligence-sharing treaty established during WWII allows confidential intelligence to flow freely between five countries: The U.S., Canada, the U.K., Australia, and New Zealand. All of these countries have similar surveillance operations in effect. Snowden claimed it was a “Supra-national intelligence organization that does not answer to the known laws of its own countries.” If you can read the data gathered from one of the Five Eyes, you can spy on your own citizens and claim to technically not be doing so. 

The revelation of PRISM sparked debates over privacy rights, government overreach, and the balance between security and civil liberties. The NSA justified this extraordinary power grab of information, claiming it necessary for national security, operating under the Patriot Act and FISA Amendments, passed in the aftermath of 9/11 to combat terrorism. The broad scope of data collection led to accusations of unconstitutional surveillance.

With significant public backlash regarding privacy and these companies enabling such widespread data collection, the response was varied. Some tech companies increased transparency by giving reports detailing how many government requests for user data they received and complied with. Many began encrypting user data more robustly to protect it from unwarranted access. The involvement of these companies remains unclear, but PRISM exposed the relationship between private corporations and government surveillance efforts. 

The program raised diplomatic tensions, as world leaders and foreign citizens were also subject to surveillance. Several countries were outraged, which heightened tensions between the U.S. and its allies. Germany wasn’t thrilled to learn their Chancellor, Angela Merkel’s cellphone, was being monitored by the NSA. Brazil was furious to learn that the NSA had intercepted communications from Brazilian President Dilma Rousseff and Brazilian companies, including the oil company Petrobras. France was not happy to find that the NSA monitored millions of French phone calls and summoned the U.S. Ambassador to explain the revelations. The Mexican government demanded an investigation after they learned the NSA had spied on former President Felipe Calderon. The European Union (EU) was livid learning that many of its offices and diplomats were targeted. Spain was also angered by reports that the NSA tapped millions of phone calls within the country. The global fallout led to many countries calling for greater regulation of internet privacy and international agreements on intelligence sharing. https://www.cia.gov/readingroom/document/cia-rdp33-02415a000200160005-6

According to Richard Lempert, who served as chief scientist in the Human Factors/Behavioral Sciences Division of the Science and Technology Directorate in the U.S. Department of Homeland Security (DHS) from 2008-2011, states, “These capacities, along with increasingly ubiquitous surveillance cameras, photo recognition software, the ongoing development of rapid recognition DNA analysis, drones that can spy or kill and DNA, fingerprint, photo, and other searchable digital databases together create what I have called the infrastructure of tyranny.” “Enabling small groups of people to control and restrict the freedom of large numbers.”

A special thank you to: https://www.privacyjournal.net/edward-snowden-nsa-prism/,https://hide.me/en/blog/what-the-nsas-prism-program-means-for-your-privacy/ https://www.cnet.com/tech/tech-industry/new-slides-reveal-greater-detail-about-prism-data-collection/, and Chatgpt.