We have been following the NSA scandal over PRISM, including the denial from various companies about direct involvement. Now, Apple is officially releasing some details about the information requested as part of the program. However, they still deny any knowledge of the PRISM program itself.
In a public release on their website today, Apple said that they have been complying with agency requests from various agencies as they were required to do. This includes the usual law enforcement petitions that make up the bulk of what they have received, for missing children and persons, robberies, criminal cases and other needs from both state and federal legal organizations.
Some were for national security risks, they say. However, details on these requests were not forthcoming, as the NSA has been strict about what can and cannot be shared. All we know is that there have been 4,000 to 5,000 requests between December 1, 2012 and May 31, 2013, encompassing 9,000 to 10,000 devices. We don’t know how many of those were part of the government surveillance. We also have no data for dates prior to that point.
Apple has been adamant about two things: one, that they did not know about the PRISM program until news agencies contacted them with the leaked story on June 6; and two, that they have never allowed direct server access to any agency, including the NSA. They also state that they do not keep much data from customers for any period of time, and that encryption programs built into their operating systems and apps keep them from gathering much of it in the first place.
“For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data,” they said in their press release.
Apple is the latest high tech company that was accused of being part of PRISM to come forward. Last week, Facebook released their own statement saying that they had received 9,000 to 10,000 government requests based around 18,000 to 19,000 accounts in the last six months of 2012. They complied with 79%, denying the others due to inconsistencies or potential legal problems with those petitions.
Giving the companies the benefit of the doubt and accepting that they knew nothing of PRISM, it still raises ethical and legal questions about their compliance with government interference. With the law so often behind the development of new technology, none of us should be surprised by what we are learning about PRISM. We should be surprised that it isn’t happening more.