Google, Facebook and Microsoft Ask to Reveal U.S. Data Requests

Google, Facebook and Microsoft on Tuesday asked the government for permission to reveal details about the classified requests they receive for the personal information of foreign users, Claire Cain Miller reports in The New York Times.
They made the request after revelations about the National Security Agency’s secret Internet surveillance program, known as Prism, for collecting data from technology companies like e-mail messages, photos, stored documents, videos and online chats. The collection is legally authorized by the Foreign Intelligence Surveillance Act, which forbids companies from acknowledging the existence of requests or revealing any details about them.
Google for the first time publicly acknowledged it had received FISA requests and said it had complied with far fewer of the requests than it received. Facebook and Microsoft did not go as far as discussing requests they had received but, like Google, said it wanted to be able to publish information on the volume and scope of the government requests.
Many questions remain unanswered after the leak of N.S.A. documents about Prism, including precisely how the tech companies and the government cooperated. Prism refers to an automated system for electronically exchanging information regarding FISA requests, according to people briefed on how it works. On Tuesday, David Drummond, Google’s chief legal officer, said in an interview on British television that Google hands over the information to the government in person or by using a file-transferring technology called secure FTP.
But the companies say they are frustrated that they are unable, because of a government gag order, to give more details of sharing user data with the government. That gap in information has fed speculation that is untrue, Mr. Drummond wrote in a letter on Tuesday to Eric H. Holder Jr., the attorney general, and Robert S. Mueller, the director of the F.B.I.

Google Says It Has Uncovered Iranian Spy Campaign

 

 

Google said on Wednesday that it had uncovered a vast Iranian spy campaign that had been targeting tens of thousands of Iranian citizens over the last three weeks.
“These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region,” the company said in a blog post. “The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday.”
The company said that thousands of its users inside Iran had been the targets of a sophisticated e-mail phishing campaign in which attackers send users a link that, when clicked, sent them to a fake Google sign-in page where the attackers could steal login credentials.
The surveillance campaign is just the latest evidence that political groups are increasingly using digital means to keep tabs on their opposition. During elections last April in Malaysia, security researchers at the University of Toronto’s Citizen Lab found evidence that servers in Malaysia were running FinSpy, a surveillance tool sold to governments by the British surveillance firm Gamma Group. According to security researchers, the targets appeared to be members of Malaysia’s opposition party.
Google would not say how it had traced the current spy campaign to Iran because it did not want to tip off attackers. It did say, however, that it was confident the attackers were the same ones behind a sophisticated attack in 2011 on DigiNotar, a Dutch company that sells certificates that validate the security of a Web site. By compromising the certificate authority, the attackers were able to intercept users’ Web traffic and compromise their computers.
Security researchers who analyzed the DigiNotar attack believe the company was compromised by Iran or hackers working on its behalf. By tying the latest Iranian phishing campaign to Iran, Google’s findings on Wednesday seemed to confirm that Iran was also behind the DigiNotar attack.
Of the DigiNotar attack, Phil Zimmermann, a pioneer of encryption software, said, “There are thousands of Iranian dissidents in prison today because of that.”
Compared with the public uproar that followed Iran’s 2009 elections, the run-up to this week’s elections has been tightly controlled. Many leaders of the 2009 opposition have fled the country, been silenced or jailed. The two main presidential challengers in those elections, Hussein Moussavi and Mehdi Karroubi, remain under house arrest.

Google Offers Some Detail About How It Transfers Data to the Government

Google has offered a few more details about how it shares user data with the government, including in response to national security requests.
As The New York Times reported on Tuesday, when Google is legally required to hand over data about its users, it usually delivers it using a file-transferring technology called secure FTP, David Drummond, Google’s chief legal officer, said in an interview on British television.
FTP is a simple way to upload and download files sent between parties — like an online file folder. Either party can operate the secure FTP server that the files flow through. In an interview on PBS NewsHour, Mr. Drummond indicated that the secure FTP server is on the government’s machines and not on Google’s.
“We deliver it to them, we push it out to them,” said Mr. Drummond, who was speaking from Amsterdam. “They don’t come access it through any machines at Google.”

Daniel Rosenbaum for The New York Times David Drummond, Google’s chief legal officer, in April. Mr. Drummond published a letter Tuesday asking the government for permission to reveal more information about the number and scope of national security requests.

The New York Times reported on Friday that the National Security Agency‘s secret Internet surveillance program, Prism, involved electronically transmitting data — though not automatically or in bulk — in compliance with the Foreign Intelligence Surveillance Act. While the government asked the companies to make a secure lockbox, the article said, the companies responded in different ways.
Mr. Drummond’s statement on Tuesday provides some clarity on how Google electronically transfers data in response to government requests, including national security requests.
Some lawyers who respond to national security requests for tech companies described the systems as nothing more than a 21st-century way to transfer files. Every government request is reviewed by a person, they said, but once it is time to hand over the data, it is more efficient to use the Internet than to print pages and mail them or burn a CD, for instance. (FTP, however, is hardly new, having existed in some form for about four decades.)
Mr. Drummond spoke publicly about the issue for the first time as part of a day of damage control to quell the criticisms after the Prism revelations.
Though Google and the other tech companies have repeatedly said they do not provide the government with direct access to their servers and only comply with lawful government requests, many questions remain about how the government surveillance program works.The companies have said they are restricted from saying more by government gag orders.
“There are a lot of misimpressions that are out there,” Mr. Drummond said on British television. “We feel very strongly that we’ve got to set the record straight.”
He also published a letter on Tuesday asking the government for permission to reveal more information about the number and scope of national security requests, and Microsoft and Facebook followed suit.
The delivery mechanism, people at tech companies have said, is not as important as the data that governments ask the companies to turn over, which is why they asked to reveal more information about the data requests.