Latest in Security

Image credit: NurPhoto via Getty Images

Mystery internet company challenges NSA’s mass surveillance order

Great gesture. Still forced to comply.
NurPhoto via Getty Images

Thanks to a newly-declassified document, we know that an unnamed tech company refused to comply with NSA orders to let the agency spy on the company's client users. It's the first known case of an organization from the industry outright rejecting such a request.

The document, a Foreign Intelligence Surveillance Court ruling, was wrested from the government thanks to an ACLU FOIA request. But it's so heavily redacted that we cannot identify the tech company who stood up to the NSA.

Specifically, the mysterious company didn't comply with an NSA order under Section 702. That's the legal structure supporting the PRISM domestic spying program, which forces companies to give the NSA access to Americans' international communications.

The company refused because cooperating to grant said access would implicate its First and Fourth Amendment rights. In short, it took the NSA to Constitutional school over the legality of Section 702 itself (to be precise, the company took issue with an "expansion" of Section 702 surveillance, the details of which were redacted), since opening up its users' international communications would eventually and inevitably expose those of domestic citizens. Ergo, if the NSA wanted access, it needed to get a warrant, the company stated.

Ultimately, the court rejected the tech company's claim and ordered it to comply with the NSA request. Judge Rosemary Collyer, who presided over the case, said "the mere fact that there is some potential for error is not a sufficient reason to invalidate the surveillance" -- in other words, prove misconduct or sit down. The document, only now made available to the public, is from 2014, so whatever surveillance may have happened as a result might already have happened.

Section 702 is set to expire at the end of this year, and debate rages on about whether Congress should renew it. The NSA already claimed back in April that it would stop even incidentally collecting domestic American emails in its sweeps, which its analysts were still accidentally doing in 2016. Regardless, this case is a sadly rare illuminating window into an intentionally shadowy world: Back in 2016, for example, the FBI reassured the public that it would be reforming how it accessed data collected by the NSA...but didn't say how, because that's classified.

From around the web

ear iconeye icontext filevr