Prism is probably no more than a mail-merge program that will take your (i.e. NSA agent's) signed court order and convert it into whatever format each company requires. Then it will make the request quickly and easily - Say Google requires a PGP encrypted email, Microsoft wants a HTTPS PUT request, Facebook needs you to upload to SFTP server etc.
Have you read the full WashPo article (all four pages)[1] ? - it goes into extensive detail of how it's used including "live surveillance of [Google] search terms" and access to Skype audio streams. It's obviously far more extensive than a request uploader.
Google have also specifically stated that they don't provide a "drop box" facility for FISA requests.
Further more the fact that slide 2 of the deck is about network traffic routing implies that it isn't just about FISA requests for which such information would be irrelevant.
The WashPo has backed away [1] from the key claim of tech companies "knowingly" participating in PRISM. In addition, there's this paragraph that was added to the article after publication on page 2:
It is possible that the conflict between the PRISM slides and the company
spokesmen is the result of imprecision on the part of the NSA author.
In another classified report obtained by The Post, the arrangement
is described as allowing “collection managers [to send] content
tasking instructions directly to equipment installed at company-
controlled locations,” rather than directly to company servers.
I don't think slide 2 is relevant, though. The whole deck sounds like a presentation to senior govt officials who are not tech savvy at all, and is just introductory slide that reminds the audience, "The Internet is big and lots of the data flows through the US where we have legal powers." However, there are likely many more slides that were not been disclosed.
Also probably the same in reverse, takes the data back and sends it back in a useful format.
The other side though is this -- if you let such requests be quick and easy, you will get more of them. If you want to take a position against such surveillance you should make the process as long and drawn out as you legally can. Insist on hard copies hand-delivered. Insist on manual review by lawyers of hard copies, and the like.
But if you make it easy to get information you will get more requests for them.
The NSA doesn't require a signed court order for it's activities though. They're not allowed to spy on Americans (unless that American is communicating with a foreign person) at all. The FBI needs court orders, and is focused on Americans.
NSA is part of the Dept. of Defense, and there are lots of laws/rules/etc. that limit what it can do with US citizens.
> They're not allowed to spy on Americans...
> NSA is part of the Dept. of Defense, and there are lots of laws/rules/etc. that limit what it can do with US citizens.
Wrong. They limit what it can legally do. This really reminds me of Dr. Strangelove: "How could this happen (nuclear strike order)?" "Well, I don't want to jump to any conclusions before all the facts are in, but it appears that General Ripper exceeded his authority."
Sure they aren't allowed to do these things. But since no one is allowed to check up on them, they aren't prevented from doing those things.
The issue is the lack of transparency of the laws/rules/etc. and the review and checks and balances problem.
This NSA infrastructure is sufficient for an extremely effective domestic spying network and the only thing stopping them from starting up such a program is the FISA court, where EVERYTHING IS COMPARTMENTALIZED. Do you see a problem with that?
You misunderstand. I was merely pointing out that the existence, or lack thereof, of a court order, was completely beside the point as far as the National Security Agency is concerned.
The NSA is chartered and bound to not do domestic spying.
The only thing stopping anybody from doing anything is the law, and the threat of potentially violent enforcement of that law upon them. It's no different for the Agency.
This article itself says otherwise, that PRISM is a front-end to the data itself, providing a unified interface for searching through all the data types from the many sources they're coming in from.
Prism is probably no more than a mail-merge program that will take your (i.e. NSA agent's) signed court order and convert it into whatever format each company requires. Then it will make the request quickly and easily - Say Google requires a PGP encrypted email, Microsoft wants a HTTPS PUT request, Facebook needs you to upload to SFTP server etc.