NSA, PRISM, and CISPA: The conspiracy behind the conspiracy

Remember CISPA? The NSA and PRISM disclosures shed new light on that terrible piece of cyber security legislation

One of the best things to come out of the Snowden affair is the media's rediscovery of journalism, at least when it comes to the national security state.

Not all, of course -- many are still serving up E!-style coverage of the missing Snowden, his pole-dancing girlfriend, and whether he is a traitor or patriot or something in between. But others are busy trying to unravel the Gordian knot that binds the industrial surveillance complex to the keepers of our data.

[ Your online privacy was doomed long before the NSA came around. | For a humorous take on the tech industry's shenanigans, subscribe to Robert X. Cringely's Notes from the Underground newsletter and follow Cringely on Twitter. | Get the latest insight on the tech news that matters from InfoWorld's Tech Watch blog. ]

In yesterday's New York Times, for example, reporter Claire Cain Miller serves up an illustration of how big tech companies like Google and Yahoo find themselves in a no-win situation when the NSA comes a-callin'. In 2008, Yahoo challenged a secret FISA court order to hand over all information about certain foreign users, arguing that it violated Fourth Amendment strictures against unreasonable search and seizure.

Of course Yahoo lost. Because organizations attempting to fight the industrial surveillance complex almost always come up empty. It's like betting against the house in Vegas: Every small pile of chips you manage to rake in is matched by a mountain of losses. In that case, the anonymous court called Yahoo's concerns "overblown." Per the Times:

"Notwithstanding the parade of horribles trotted out by the petitioner, it has presented no evidence of any actual harm, any egregious risk of error, or any broad potential for abuse," the court said, adding that the government's "efforts to protect national security should not be frustrated by the courts."

It's a like being ordered to hand a can of gas and a lighter to a guy with a history of arson. When you object, the judge replies, "He hasn't burned your house down yet, so there's no harm." The time to stop these things is before the house is in cinders, which the FISA court apparently fails to understand.

Bigger than Big Brother

But a far bigger and more chilling story comes to us by way of Michael Riley at Bloomberg, who writes of how "thousands" of companies, including big-name firms like Microsoft and Intel, are secretly sharing information with the spooks. These arrangements are often known only to the CEO and a handful of "cleared" employees, and these "trusted partners" are typically granted immunity from lawsuits that might arise from its sharing that data. Riley writes:

Microsoft Corp. ... provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes....

Microsoft ... and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn't ask and can't be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.

1 2 Page 1
Page 1 of 2