Report: NSA paid tech companies to comply with surveillance

The National Security Agency paid Silicon Valley companies millions of dollars to cover the cost of complying with surveillance requests, according to the latest report from The Guardian.

Former NSA contractor Edward Snowden provided The Guardian with a December 2012 document stating that the agency's "Special Source Operations" paid the companies millions of dollars to cover costs associated with legal certifications under the agency's Internet surveillance program, PRISM.

Google, Facebook, Yahoo and Microsoft were all involved in the NSA surveillance, according to the report.

ADVERTISEMENT

The companies have all insisted that they comply only with specific legal requests for information and that they work hard to protect their users' privacy rights.

The government is required to reimburse companies for surveillance compliance costs, but privacy advocates worry about communications providers profiting from allowing the government to spy on their users.

"Federal law requires the U.S. government to reimburse providers for costs incurred to respond to compulsory legal process imposed by the government. We have requested reimbursement consistent with this law," a Yahoo spokeswoman said.

Google and Microsoft have both sued for the right to reveal more information about how many of their users are affected by national security surveillance.

A Google spokeswoman insisted that the company has "not joined PRISM or any government surveillance programs."

"We do not provide any government with access to our systems and we provide user data to governments only in accordance with the law," Google said.

A Microsoft spokeswoman said the company only "complies with court orders because it is legally ordered to, not because it is reimbursed for the work." 

"We could have a more informed discussion of these issues if providers could share additional information, including aggregate statistics on the number of any national security orders they may receive,” the spokeswoman added.

A Facebook spokeswoman denied that the company has ever received any compensation for responding to surveillance requests.

"We are not and have never been part of any program to give the U.S. or any other government direct access to servers," the Facebook official said.

Michelle Richardson, a legislative counsel for the American Civil Liberties Union, noted that covering surveillance costs for communications providers is a standard practice, even for local law enforcement agencies.

But she explained that privacy advocates are wary of companies profiting from allowing the government to spy on their customers.

"The line you have to watch for ... is the difference between reimbursement for complying with a lawful order and actually a profit-making enterprise that would incentivize the companies to support government surveillance," she said.

The NSA's PRISM program is based on Section 702 of the Foreign Intelligence Surveillance Act (FISA), which allows the NSA to obtain, with a court’s approval, the contents of phone and email conversations if there is a "foreign intelligence purpose" and the target is "reasonably believed" to be outside of the country. The provision does not allow the NSA to spy on wholly domestic communications.

The document obtained by The Guardian came after a 2011 FISA Court ruling that the agency had been illegally collecting wholly domestic emails. The compliance costs described in the document resulted from additional certification standards that the court required the NSA to meet in the wake of the ruling.

— This story was last updated at 12:41 p.m.