The NSA slide that tech experts say Glenn Greenwald misinterpreted. (The Guardian/NSA, US Federal Government.)
Glenn Greenwald has posted a response to his critics today, including myself, titled “On PRISM, Partisanship, and Propaganda”: “In a Nation post yesterday,” he writes, “Rick Perlstein falsely accuses me of not having addressed the questions about the PRISM story.” Actually I didn’t accuse him of not having addressed “the questions,” but instead a single question, which he still does not address: whether, in his claim that corporations have allowed the National Security Agency direct access to their servers, he misunderstands the meaning of the word “server” in an NSA slide to imply “all their data,” when it probably means “places to store a highly delimited amount of secured data the companies have agreed to provide to the government after consultation with their lawyers in response to government requests made through legal channels.” (By the way, you can still hold that those “legal channels” are ghastly, invasive and immoral, as I suspect they may well be, and stimultaneously believe that Greenwald may have made a grave and self-defeating error both in terms of accuracy and in terms of advocacy.)
My interpretation comes from someone I deeply respect and trust, Karl Fogel, whose professional integrity dwarfs just about anyone else’s I know. Karl explains a bit more about his qualifications to speak below; you can learn more about those at this link. I asked him to respond to Greenwald’s response, which I publish below. Further discussion of the technical issues can be carried out at his personal site, Rants.org. Later, I’ll weigh in with further reflections of my own on questions raised by Greenwald in which I am more expert: on partisanship and propaganda; on the mores, methods and motivations of journalism and journalists; and on best practices, as I understand them from my study of American political history, for bending the arc of history toward justice when the powerful would prefer to just shut the justice-seekers down.
For now, though, here’s Karl:
Greenwald seems to be responding to a different point than the actually one at issue. As I said before, the important question is this:
Do any documents in the PRISM leak claim that the NSA has direct, unfettered access to the servers where major Internet companies store their users’ data? The kind of access where the NSA can roam at will, searching and copying anything it wants, without interference from the company’s lawyers?
In other words, are the humans still in the chain? Do the companies retain control of their users’ data until they decide to hand something over, or do they give up control pre-emptively?
So far, it looks like they retain control—the humans are in the chain. Nothing leaked so far indicates the removal of human safeguards.
Greenwald quotes Bart Gellman, another reporter (i.e., not a primary source), writing “From their workstations anywhere in the world, government employees cleared for PRISM access may ‘task’ the system and receive results from an Internet company without further interaction with the company’s staff.”
This misses the point. If I go online to my credit card company to dispute a charge, and a while later I get an automated response, and then I provide the supporting documents, and then I get another response saying the charge has been reversed, have I had “interaction with the company’s staff”? No, not directly. I never talked to another human. But was a human in the chain on the other side? Sure. The company retained control of the process.
So what are these “servers” the famous NSA slide refers to? The explanation that is most consistent with everything we’ve seen so far is that they are servers that exist for the purpose of requesting and transferring data. They probably have a user interface whereby the NSA submits a request, the company sees the request, the company handles it (and accesses their servers to do so, except in the presumably rare cases where they push back on the request), and the requested information goes back to the NSA. The NSA staffer never speaks directly to a human at the company, consistent with what Bart Gellman reported, but that has nothing to do with Greenwald’s misinterpretation of “direct collection,” which is what this is about.
Greenwald himself agrees that the question hinges on the interpretation of the phrase “collection directly from the servers”:
“…we did not claim that the NSA document alleging direct collection from the servers was true; we reported—accurately—that the NSA document claims that the program allows direct collection from the companies’ servers. Before publishing, we went to the internet companies named in the documents and asked about these claims. When they denied it, we purposely presented the story as one of a major discrepancy between what the NSA document claims and what the internet companies claim. … The NSA document says exactly what we reported. Just read it and judge for yourself (PRISM is ‘collection directly from the servers of these US service provers’).”
I am looking at that exact same slide, just as Greenwald asks, and as a technologist with twenty years of experience (and, full disclaimer, a former employee of Google, though I resigned in 2006 and have had no financial interest in the company since then) it is pretty clear to me that it does not mean what Greenwald says it means. Its most likely meaning is that the companies set up special, restricted servers to make the mechanical prcoess of requesting and providing data less onerous on themselves and perhaps on the NSA. That increase in efficiency itself could be a major step forward for the NSA, which is why the program would have its own name, but again, it does not have anything to do with direct (i.e., unmediated) collection from the company’s regular servers where user data is stored for normal business.
I’m not depending on my knowledge of Google’s infrastructure to come to that conclusion. It’s just the natural conclusion to come to if one knows computer networking terminology and interprets the available evidence using that knowledge.
When Glenn Greenwald does a Google search, he is doing “collection directly from the servers” of Google. Does that mean he also has full access to roam through other people’s private Gmail accounts and pull anything down he wants? Of course not. The slide simply does not claim what Greenwald thinks it claims; thus, so far, there is no contradiction between the NSA says and what the companies say. The contradiction is only between what Glenn Greenwald says the NSA says, and what the companies say.
This is more than just some technical detail. Tapping into the wires that connect (say) Google’s data centers to the outside world is not nearly as useful, for the purposes of searching and for programmatic data analysis, as having programs running directly on Google’s servers would be. They’re two different universes. In one, you can see real-time data as it flows by, and even then much of it is SSL-encrypted. In the other, you can see everything, including a historical archive into the past for every user. That’s just not the same thing—not the same level of intrusion, not the same level of surveillance. Again, just to be clear: I’m not saying there’s no issue with NSA surveillance. But, to apply an approximate metaphor, we’re talking about tapping someone’s phone line versus going into everyone’s houses and going through all their files and all their possessions, page by page and item by item. One is worse than the other.