Bruce Schneier Speculates On NSA Double Laundering Information It Obtains Via Network Infiltration

from the double-reverse-parallel-construction dept

Bruce Schneier has a worth-reading post about the latest reports on the NSA infiltrating the network connections for Google and Yahoo's datacenter, making a number of good points about that story. We'll discuss a few of the points, but I wanted to focus in on this one first:
In light of this, PRISM is really just insurance: a way for the NSA to get legal cover for information it already has. My guess is that the NSA collects the vast majority of its data surreptitiously, using programs such as these. Then, when it has to share the information with the FBI or other organizations, it gets it again through a more public program like PRISM.
While it's just speculation, there is some reason to suggest it might be the case, and that would show just how far the NSA goes in some cases. After all, until June, PRISM itself was a secret. Yet, now, it's possible that the secret PRISM program was really just a way to put a legal-looking coat of paint on far more invasive activities. After all, it's already been revealed that the NSA and others make use of what they call "parallel construction" to "refind" evidence that they found through means they don't want to be challenged in court. As we said, this is just a way of laundering illegally obtained evidence. If Schneier's suspicion is right, then the NSA was actually probably happy that PRISM info came out first, since it does have at least some claims to being legal under Section 702.

But, if he's correct, it would mean that the NSA has secretly backdoored its way into networks, sucking up pretty much everything -- and then when it finds something useful, it will then use Section 702 under the FAA and the FISA Court to come up with some reasoning why that same info should be "collected" via either PRISM or the upstream telco traps, and then it can do more with it. This might not be true, but layering secret programs on top of secret programs to hide how the info was actually obtained would be something.

Other key points from Schneier are that we cannot assume it was just Google and Yahoo infiltrated this way. It's likely that others have been as well, just under different programs. And, more importantly, this demonstrates how legislative change to fix these things likely won't be enough. If you block the NSA from getting the data from door number 1, they're already in doors numbered 2, 3, 4, 5 and 6. Not only does there need to be a full independent investigation of everything the NSA is doing, but we need to build much more secure systems at the same time.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bruce schneier, infiltration, nsa, nsa surveillance, prism


Reader Comments

Subscribe: RSS

View by: Thread


  1. identicon
    Anonymous Coward, 2 Nov 2013 @ 4:52am

    Re: Re: Anyone else??

    Also if you read the latest, Europes spying agencies were helped by GCHQ to get around the laws and oversight:

    http://www.theguardian.com/uk-news/2013/nov/01/gchq-europe-spy-agencies-mass-surveillance- snowden

    So NSA using the PRISM program to legalize stuff it got anyway through the hacking of Google(done offshore on the basis that the FISA court didn't have jurisdiction and so the FISA ruling could be ignored). That seems like the same thing, finding some way around oversight and pesky laws.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories
.

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.