Internet Companies Deny They’re Helping the NSA Collect User Data. Should We Believe Them?

Just the right ingredients for a new media frenzy: USA, internet traffic spying, Too-Powerful-Corporations. Megan McArdle has offered an analysis that is close to our view:

(…snip…) What to make of this? It would be stupid for them to deny this, and then get sued by their customers when it turns out it’s not true.

Last night on Twitter, my husband outlined five possibilities:

1. The companies are lying

2. Only a few people in the company know about this, and they aren’t issuing the statements

3. The Post and the Guardian are wrong and have been duped

4. PRISM was operating without the knowledge of the companies

5. The companies know, and those statements are very carefully worded.

All of these are in some way unbelievable. #1 is asking for a class action suit that destroys your company. #3 involves some very suspicious national security reporters at two different outlets simultaneously getting duped. And #2 strikes me as extremely unlikely. I can imagine one rogue employee doing this without telling his employers. I cannot imagine the exact same thing happening at nine of the biggest internet companies.

The most likely possibilities seem to be #4 or #5: the NSA is filtering this stuff at some point outside the companies, or the companies have issued some very, very carefully worded statements.

I recommend reading Megan’s entire essay, typically well-done. Something isn’t right about the headlined story, but I don’t have any knowledge of what (if anything) has actually been going on. It’s pretty much a non-issue for us as we assume governments have access to any electronic communication we use (including any phone or internet link). Presumably anyone wishing to prevent governments from “reading their mail” uses at least a VPN and, as insurance, robust encryption inside the VPN tunnel.