PRISM Program: Here is all you need to know about it

Last updated by   Nwachukwu Glory
Disclosure
The post explains the PRISM program in detail to you alongside providing you with some practical ways to escape this mighty spying.

In 2013 the Washington Post revealed the existence of a secret act called the Prism program. This information was leaked by militarization, who was a private contractor for Booz Allen Hamilton.

The leak was a massive shock in the U.S and around the world. Booz Allen compiled slides detailing how the National Security Agency (NSA) body got direct access to tech servers and pulled out information.

Big tech and internet firms such as Microsoft, Apple, Verizon, Yahoo, AT&T, Google, etc. cooperate with the NSA by giving direct access to their servers. The Guardian also published similar news about the National security Agency’s privacy (NSA) intrusion. 

However, the PRISM program’s purpose was not well defined due to the Tech and Internet corporations’ constant denial and contradictions. That has led to the confusion of so many individuals and organizations that really cared about privacy.

Like we said before, the aim of the NSA PRISM program is gathering information from tech organizations. But the tech companies have been vehemently denying it. The actual objective of the Prism program and how the Government collects information is shrouded in secrecy. However, we have dug deep to provide detailed information about the PRISM program.

Some people still think that the NSA can’t wield such powers. Others believe the PRISM program is real. This article would provide you with all the information you need to know about the NSA PRISM Program.

Separating truth from the myths about the Prism Program

The PRISM program aims at gaining direct access to the communication of users. The information includes email communication, voice calls, SMS, social media communications, metadata, video calls, search preference, etc. The constitution governs this unlimited access to information by the NSA through the PRISM program.

Section 702 of the FISA (Foreign Intelligence Surveillance Acts), which became law in 2008, allows the Prism Program to gain direct access to the servers of Tech Companies. Since then, the United States government has drastically increased intelligent bodies’ ability to gain local and foreign information.

The intelligent bodies can investigate the retrieved information targeting terrorist, criminals, and even those not suspected of anything. Formerly the NSA was unable to obtain information from people living outside of the USA.

However, that has changed with the PRISM program formation. It does not matter what you do, where you live, whether you commit a crime or not, the NSA can access your personal information.

Why was PRISM created

Why Was PRISM Created
(Unsplash)

PRISM Act of 2007 is an electronic data collection that aims at protecting the USA according to the NSA. It was a top-secret and advanced surveillance program of the NSA.

The PRISM program had a code-named US-984XN. According to the leak presentation, the NSA claimed that it launched the program to overcome the FISA warrant’s pitfalls. The FISA warrant is in charge of tracking down and prosecuting foreign terrorists.

But court mandates were needed before they can access and investigate the information of suspected criminals. The NSA wanted to overcome this challenge and have the flexibility of tracking down anyone when the body wants. Furthermore, the NSA noted that the USA has advantages in tracking down terrorists because most of the big tech companies reside in the U.S.

Aside from having the biggest tech companies the US also has most of the internet infrastructure. Therefore the NSA took advantage of the US technological might to create the PRISM program. It targets both the sender and receiver, whether based in the US or not.

The NSA disbanded FISA because it protected some people that are not bounded by the FISA law. FISA must go to court and get orders before gaining access to the communications of foreigners. Therefore the PRISM program was formed, which was a significant upgrade to the FISA. No court order is required to gain access to information by the NSA.

The PRISM program act further gives the attorney general and the director of national intelligence the power to prosecute telecommunications companies that fail to comply with PRISM. It also indemnifies Tech and internet organizations any consequences of granting the NSA access to user’s information.

FBI acting as the intermediary

The leaked document states that the FBI is the primary intermediary between tech companies and the various intelligence agencies. In the leaked documents, the National security Agency hailed the PRISM act as one of the most productive, unique, and most valuable assets to the NSA.

It boasts about how the FBI was able to gather information from tech companies. It also boasts about how the number of obtained communications from Skype astronomically rose to 248% as far back as 2012.  The information gathered from Facebook rose by 131%, while Google rose by 63%.

When the NSA gathers information through the FBI, it reviews the communications, and if it warrants further investigations, the NSA will issue a “Report.” According to the leaked document, the NSA generates more than 2000 PRISM program-based reports monthly.

How the NSA PRISM collects data

How NSA PRISM Collects data
(Unsplash)

The PRISM program activities are shrouded in secrecy, which is not also helped by the constant denial of tech companies. But from what we know and also from leaked documents, the PRISM program relies on two aspects for its data collection.

Number one is section 702 of the Foreign Intelligence Surveillance Act (FISA), while the second one is in section 215 of thUS’s e Patriot Act. The PRISM program law authorizes security agencies to retrieve communications and metadata from telecommunication companies like AT&T, Verizon, Google, Yahoo, Facebook, and every other telecommunication and internet company.

The secret law further allows security agencies to collect information and analyze them for up to five years. The program uses a lot of sophisticated tools for information gathering. One of them is the NUCLEON, which gathers information that is related to telephone conversations and SMS.

Another one is MARINA, which stores metadata from the internet. And lastly, PRISM has another tool known as the Signals intelligence Activity Designation (SIGADs), which gathers information from every other system. The PRISM further targets a targeted person’s mobile contact, which can cause an unjustified investigation of innocent people. 

What do the telecommunication and internet companies say about PRISM?

All the companies that partake in the PRISM program have vehemently denied the accusation. But no one really expects them to come in public and agree that they share user’s information with the FBI, CIA, and other intelligent bodies anyway. In the past, Larry Page publicly said that any claim that Google compromises its user’s privacy is entirely not valid.

Google’s chief architect Yonatan Zunger has also stated that the only time Google can provide users with information to security authority is when the organization receives specific and lawful orders about the agencies.

He said Google couldn’t disclose user’s information to the PRISM program on such a magnitude. He further stated that he would have quit his role as the Chief Architect of Google if such ever happened.

What about Yahoo? Yahoo’s Ron Bell wrote that the assertion that yahoo compromises its users’ privacy and gives out information to security agencies is false. He said Yahoo does not give users information and communications to any federal agencies. It does not also provide any platform for federal agencies to have access to unfiltered communication.

What did Facebook founder Mark Zuckerberg say?

What did Facebook Founder Mark Zuckerberg say
(Unsplash)

He said the PRISM program report is outrageous and that Facebook has not and would not participate in any program that would grant federal agencies direct access to its servers.

According to him, Facebook only complies with lawful orders for requests about specific identifiers or orders.

Microsoft stance?

Microsoft has vehemently denied that they participated in the PRISM program.

In a statement, the organization said they never have and would not compromise user’s information irrespective of the body demanding for such information.

They will not comply if any US agency has a broad program to retrieve information from its servers. Steve Dowling further stated that Microsoft has never heard of the PRISM program and does not directly access its servers to the Government. They will only provide customer’s records through court orders according to him.

Are the telecommunication/internet companies telling the truth?

It is evident that the internet and telecommunication companies are telling lies. Firstly no organization would come out publicly to agree that they shared user’s information with any intelligence agency.

Accepting they share user’s information would lead to boycott, which would be devastating to their organizations. Initially, many people believe that these internet communication companies were sincere. But the leak came out and made everyone understand how powerful the PRISM program is.

There have also been a lot of controversies here and there, which further proves that the tech companies are not sincere. In a statement by Google’s current CEO, Sundar Pichai, he said that Google only responds to orders about some individuals. This statement proves to some extent that Google participates in the PRISM program.

Yahoo’s Bell has also stated in the past that they send only a tiny percentage of customer’s information to security agencies. This statement sounds like a damage control mechanism, and it really proves that Yahoo also participates in the PRISM program.

How big was the leak?

Never in the NSA’s history has there been a leak as massive as the PRISM program leak. The leak documents first sufficed in April 2013, and such a leak is uncommon in the history of the NSA.

The NSA is the world’s largest surveillance organization, and it prides itself on maintaining the highest form of secrecy. Therefore the leak was a massive shock to everyone. This program allowed them to obtain information from tech companies without court orders.

Should we be worried that the NSA gets unfiltered access to the user’s information?

Should we be worried that the NSA gets unfiltered access to the user's information
(Unsplash)

Many internet and telecommunication corporations have systems that give access to intelligence agencies. This information can also be electronically transmitted to other Government institutions through the company servers.

Companies are obliged to provide information due to the constitutional backing of PRISM. The program has left many American’s confused, concerned, and feeling a great lack of control over their privacy.

The majority of people think that their personal data is no more secure. Although data collection through PRISM has its benefits, especially in the investigation of crimes.

But the disadvantages clearly outweigh the advantages, and many people also believe that it is impossible to live daily without any form of tracking. This view is shared by at least 6 in every 10 American citizens. Americans no longer feel confident in the manner tech companies handle and transmit their personal information.

What about the privacy policy?

Most people do not read privacies before creating online accounts. Most adults would simply accept privacy policy while creating accounts. However, reading a privacy policy would not do much in ensuring your data remains confidential.

The privacy policies do not, in any way, guarantee that the Government authorities will not get access to your personal information through the PRISM program. Data privacy laws have a lot of loopholes for tech companies to exploit. Moreover, a lot of adults do not understand data privacy policy laws and regulations.

The NSA PRISM has unfiltered access to telecom servers, and there are lots of questions to be asked. Is the information subject to the appropriate judicial procedure?  They don’t because the PRISM information gathering is not a search warrant under the Constitution’s Fourth Amendment.

Also, the amendment does not require intelligence agencies to show that a target is either a criminal or not. This implies that the PRISM data collection system can target anybody irrespective of who you are. This is a great concern for the public because it can be used for political and business advantages by corrupt officials.

Which companies are involved?

Google, Yahoo, AOL, Apple, Skype, Vodacom, AT&T, YouTube, PalTalk, Dropbox (a popular US-based file hosting service) are among the most prominent companies involved in PRISM. However, all telecommunication and IT companies in the USA must cooperate with PRISM.  But the leaked documents state that 98% of the information gathered through PRISM comes from Google, Microsoft, and Yahoo.

All the major companies involved in PRISM have publicly denied the allegations stating that no external or Government agencies have access to their servers. However, it is clear from the leak that the NSA gains direct access to tech company servers to pull out information anytime.

What do the defenders of PRISM say?

PRISM Defendants have stated that the program targets foreign users, and PRISM doesn’t gain access until they make a request. The New York times said in the last two instances of the PRISM data request, organizations created a secure dropbox storage where they electronically deposit specific information for the intelligence agencies.

In the past, Google also wrote a letter to the Department of Justice, seeking permission to disclose how PRISM works. Facebook also wanted permission to provide transparency on how the PRISM program works to enable people to see the true picture.

They got the approval, and Google discussed with Wired Magazine the different ways it passes legal information to the Government. Google insisted that it never gave intelligence body direct access to its servers for information gathering.

Why is Twitter not mentioned?

Why is Twitter not mentioned
(Unsplash)

No one has been able to answer if twitter corporates with the PRISM program because the leak did not make mention of twitter in any way.

It seems to some that Twitter said no and refused to corporate with the NSA PRISM program.

However, the PRISM program is backed by the constitution, which means twitter and other tech companies are obliged to corporate.

All companies in the USA are obligated to comply with federal laws, and Twitter must comply if the Government request of data. But twitter is under no legal obligation to make the process of information gathering easy for any Government organization. 

From all indication, it seems twitter made the process of information gathering from their servers complicated for NSA. While other companies changed their system to transmit data to government agencies effectively and also discussed technical methods of information gathering, twitter held their grounds and made the process very difficult. Twitter refused to join the bandwagon in steamrolling the information gathering process.

What type of data does the PRISM monitor?

According to the leak slides and other supporting documents published by the Washington Post and the Guardian alongside all other trusted sources till date, the monitored data include the following. 

  • Emails
  • Photos
  • Chats
  • Videos
  • VoIP
  • Social network details
  • Social media chats
  • SMS
  • Video
  • Notifications
  • Video conferences
  • Any other means of communication

Additionally, data that Google and Microsoft share include Drive files, live surveillance, entire photo library, video chat, voice chats, metadata, information about who is talking to who, search terms, etc.

What about the information on private servers and the cloud?

It does not matter if your information is on shared, dedicated, or private servers; it is not safe if it is online. Simple.

Aside from the fact that Google, Bing, and other search engines crawl users’ emails and other data to target their ads, the PRISM program can have access to your email for use by the NSA.

This means third parties may have read your emails. The NSA and other intelligence bodies may have also read your iCloud emails and other third party system emails.

What is the difference between the PRISM program and the data Verizon gives to the NSA?

According to the constitution, every telecommunication and internet company must provide information to federal agencies. However, the data Verizon gives to the NSA is different from the PRISM program.

Verizon gives only metadata to Government security agencies, which means they can see who you call and how long the call lasts, but they do not listen to your communication. They don’t listen to your voice mails as well. But this is a separate NSA program, and the PRISM program is more robust.

Has the PRISM program affected the USA’s freedom ranking?

Has the PRISM program affected the USA Freedom ranking
(Unsplash)

According to freedom ranking, the USA ranked second most internet free country on earth before the PRISM program leak. But the U.S. position has drastically changed after the leak.

Freedom ranking started in 2015 by Civil liberties. It is an independent body run by Germany’s Liberales Institute, the U.S. Cato Institute, and Canada Fraser Institute. The index measures freedom of speech, freedom of religion, freedom of association, freedom of movement, etc.

It’s rating measures from a scale of 10 to 0. In the last rating done in 2019, the U.S. dropped down to number 15 on the list. People thought that the PRISM program significantly contributed to pushing down the United States.

Is there a way to avoid the PRISM program?

There is no way you can avoid the PRISM program, whether you are an American citizen or not. That is the hard truth.

It is because American companies own the biggest tech companies. Organizations like Google, Facebook, Yahoo, Microsoft, and other major tech giants all have their servers resident in the US even though they have servers in other locations.

This means intelligence bodies can target your information whether you are a US citizen or not. Almost everyone around the world has an account with one or more of the above-listed tech companies. So technically, no one can avoid the PRISM program.  

Ironically Microsoft ran an advertisement program with the catchphrase “Your Privacy is our Priority.” They were still the first organization to grant the NSA direct access to their servers through the PRISM program. Microsoft began giving direct access to their servers as far back as 2007.

Yahoo was next in line and gave the NSA direct access in 2008. Next were PalTalk, Facebook, and Google in 2009. YouTube gave access in 2010, AOL, and Skype in 2011. Finally, Apple obliged in 2012. The PRISM program keeps expanding as each day goes by, and many other medium-sized and multinational tech companies have joined the bandwagon.

So, one cannot get away from the PRISM program completely. But you can minimize the likelihood of Five Eyes, NSA, and other organizations tracking your voice traffic and internet activities.

The best thing you can do to escape PRISM is masking your IP address with a Virtual Private Network (VPN). However, the infamous free anonymizing tool Tor also lets you achieve that, but VPN is the safest and most reliable way of doing it.

A VPN client will encrypt your internet traffic and send it to another location where it would get decrypted. When you have a quality VPN service on, the NSA could see some traffic traveling through the tunnel, but it won’t be able to separate your internet traffic from others.

It would help if you also considered ditching tech giants to avoid the PRISM program. That can be harder for many, as most of us rely on Apple, Google, Microsoft, and Facebook in our daily lives.

What you can do here is, try using secure alternatives to the services offered by those tech giants. For example, instead of using Gmail, you should better use some secure email providers.

Concerning searching online, you can live without Google. Yes, that is true. Few people apprehend that plenty of exceptional secure alternative search engines exist out there. If you ask us, at the top of our list is the intelligently dubbed DuckDuckGo.

Encrypting your data is another useful way of minimizing data exposure to the PRISM program. TrueCrypt alternatives available in the market will do this task for you.

Who do you blame for the PRISM program?

Who do you blame for the PRISM program
(Unsplash)

People frown at data breach because it puts their private information in the hands of third parties. They see what you read, what you say, your videos, your search, your mails, and much other information about you.

However, the Government claims that the PRISM program targets criminals, but the negatives far outweigh the positives. People no longer have freedom on the internet because of fear of data breach.

So who should be blamed for the PRISM program? First of all, blame it on the congress for legislating such powers to the intelligence agencies.

Secondly, blame it on the FISA court that passed the PRISM act to law and, lastly, blames it on the Government for discarding the true values of the American society. 

What did the Government do about the leak?

There were diplomatic rows after the leak, which led to the prosecution of the people responsible for the leak. However, the Government cannot retrieve the information contained in the slide. Edward Snowden was one of the major sources of the leak, but he fled to Hong Kong.

In an interview with the Guardian, he stated that he fled to Hong Kong because of its perceived freedom. Hong Kong ranks number one on the Freedom index list with an impressive score of 8.91. The Freedom index measures a scale from 10 most free to 0 least free nations worldwide. He said people had the freedom of speech over in Hong Kong, and he intends to exercise that.

Although the United States has a bilateral agreement with Hong Kong on extradition. However, extraditing someone based on political grounds should more likely be vetoed by either Beijing or Hong Kong.

Final notes

The PRISM program is the National security Agency tool used in obtaining information directly from tech companies. Companies such as Facebook, Apple, Google, Microsoft, and other Tech/information communication giants are all obliged to grant access to the NSA through the PRISM program.

It was was a top-secret before it got leaked and reported. The NSA gained access to information such as emails, calls, SMS, video, search history, chats, metadata, and just about a communication type through the PRISM program. According to the leaked document, it gets direct access to the servers of tech companies.

However, all the tech companies have denied this allegation even though the leaked documents expose the huge data privacy issue. Defenders of the PRISM program would always say that the act facilitates surveillance and protects the US. However, the PRISM program clearly violates the user’s privacy and poses a significant risk.

The program also targets people who live outside the USA. This means that it can spy on almost everyone. It is an unprecedented militarization of international and local communication infrastructure that significantly threatens freedom of the internet.

The PRISM program troubles anyone concerned about their privacy. But the reality is you cannot do much as an internet user rather than only minimizing your exposure to it. Taking care of your digital privacy by using a VPN, a private search engine, and encrypting your computer data are your best defenses in a continuous tussle against the PRISM program.

Share this article

About the author

Nwachukwu Glory
Nwachukwu Glory

Nwachukwu Glory is a writer, blogger, and tech nerd. She loves trying new gadgets that make life more fun ( and easier). Glory is passionate about digital security and privacy alongside browsing the World Wide Web without any limitations.

Comments

No comments.

Got Something to Say?

Leave a reply

Your email address will not be published.