Centre for Internet & Society

Internet firms deny existence of PRISM

Nothing is private anymore. According to a leak in the US, which revealed the wide reach of a mass surveillance programme by intelligence agencies, messages, posts, chats on your computer or phone are all vulnerable to interception, thanks to direct access to servers of major tech companies.

The article by Javed Anwer and Ishan Srivastava was published in the Times of India on June 8, 2013. Sunil Abraham and Pranesh Prakash are quoted.

The existence of the programme, called Prism, was first reported by the Washington Post and the Guardian newspaper after they received a tip-off from a whistleblower in National Security Agency in the US. The whistleblower claimed that NSA has direct access to all the data that flows through the servers of Google, Facebook, Microsoft, Apple, Sykpe, Youtube, AOL and Paltalk.

Later, the NSA reportedly acknowledged the existence of the programme but said that it collected data only from foreign nationals. While it may come as a relief to the US citizens, it underscores the fact that people not residing in the US, including Indians, are fair game. What is even more alarming is the fact that US authorities are using the technology companies headquartered in the country to spy on the rest of the world.

All companies named in the leaks have denied the existence of Prism. A Yahoo spokesperson said on Friday, ""Yahoo! takes users' privacy very seriously. We do not provide the government with direct access to our servers, systems, or network."

Privacy International, a privacy watchdog organisation, said it is possible that companies would not be aware of the government tapping into their servers. "Until we know whether this information was obtained through filters, interception, or some another method, it is difficult to know how the breadth of access the NSA has."

However, Indian users would seem to have no way to defend themselves if the US government wants to access their data. Pavan Duggal, a specialist in cyber law, said, "Indian users don't have any protection against the US authorities seeking their data from the US companies."

Technology companies said they comply with local laws while dealing with issues related to personal data of a user. In response to queries from TOI, both Google and Facebook said that they used "mutual legal assistance treaty" to handle international requests for data.

Mutual legal assistance treaty is understood to have governed by actual treaties that two nations may have between them for sharing of user data. A Facebook official said that if a US agency wanted to access the data belonging to an Indian citizen, the sleuths would have to follow the diplomatic channels and get the data only when Indian authorities have approved it.

Google too talked "mutual legal assistance treaty" but it didn't clarify how it worked. Google officials pointed out the company guidelines which noted that any non-US government agency would have to use mutual legal assistance treaty to access user data. But the company public guidelines don't make any mention of the procedure followed in the cases where a US agency requests data on non-US users.

Microsoft directed TOI to its official statement denying the existence of Prism. It refused to discuss how it handled the requests from US authorities seeking data of foreigners.

Pranesh Prakash, a policy director with Centre for Internet and Society (CIS), said that it was high time the Indian government stood up for its citizens.

"Indian government needs to come with a strong and clear law to protect the privacy of Indian users. The law has to make it clear to companies operating in India that they need to respect the privacy of Indian users, even when they are dealing with the governments outside India," he said.

However, providing direct access to servers to an agency like NSA may not necessarily be a breach of agreement between the users of websites like Google and Facebook and its owners. Sunil Abraham, executive director at CIS said, "I have not studied end-user agreements carefully, but usually they have provisions for communication interception and data access in accordance with legal procedure."

"But more importantly, this is a violation of US data access and interception law. The US government has been going around the world preaching Internet freedom to authoritarian regimes. And now it turns out that their practices are worse that many of the regimes they have been criticizing. That is why it is a complete scandal," Abraham said.

Besides, the surveillance may run contrary to a whole range of international legal instruments. For example, the ICCPR, ratified by the USA, says that "no one shall be subject to arbitrary or unlawful interference with his private life, family, home or correspondence," said Joe McNamee, executive director of European Digital Rights, a privacy watchdog based in Europe.

Filed under:

banner

Funded by

 

Offices

Bengaluru: #32, 1st Floor, 2nd Block, Austin Town, Viveka Nagar, Bengaluru, Karnataka 560047.

 

null

 

Support Us

Please help us defend citizen and user rights on the Internet!

You may donate online via Instamojo. Or, write a cheque in favour of ‘The Centre for Internet and Society’ and mail it to us at Ground Floor, No 173, 9th Cross, 2nd Stage, Indiranagar, Bangalore 560038. These charitable contributions will be towards the Institutional Corpus Fund of the Centre for Internet and Society.

Follow our Works

Newsletter: Subscribe

researchers@work blog: medium.com/rawblog

Twitter (CIS): @cis_india

Twitter (CIS-A2K): @cisa2k

Instagram: @cis.india

Youtube: Centre for Internet and Society

Request for Collaboration

We invite researchers, practitioners, artists, and theoreticians, both organisationally and as individuals, to engage with us on topics related internet and society, and improve our collective understanding of this field. To discuss such possibilities, please write to us at communications[at]cis-india[dot]org with an indication of the form and the content of the collaboration you might be interested in.

In general, we offer financial support for collaborative/invited works only through public calls.

About Us

The Centre for Internet and Society (CIS) is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. The areas of focus include digital accessibility for persons with disabilities, access to knowledge, intellectual property rights, openness (including open data, free and open source software, open standards, open access, open educational resources, and open video), internet governance, telecommunication reform, digital privacy, and cyber-security. The research at CIS seeks to understand the reconfiguration of social processes and structures through the internet and digital media technologies, and vice versa.

Through its diverse initiatives, CIS explores, intervenes in, and advances contemporary discourse and regulatory practices around internet, technology, and society in India, and elsewhere.

© Centre for Internet & Society

Unless otherwise specified, content licensed under Creative Commons — Attribution 3.0 Unported.