Yahoo, the Law-Abiding Free Email Provider

[NSA presentation, PRISM collection dates, via Washington Post]The FISA Court has officially agreed to declassify that Yahoo was the company that challenged a Protect Amendment Act order in 2007.

Once this PRISM slide was published, it was always pretty likely that Yahoo — or maybe Google — was the company in question. Yahoo started complying around the time the FISC decision was reached; Google joined in after the FISCR decision was unsealed.

Which leaves … Microsoft, which started cooperating before the law and then the FISA Court forced it to (though collection may not have begun until after PAA passed and, as Rayne has pointed out, Microsoft’s code was being exploited by the government for entirely different purposes in precisely that timeframe).

Now might be a good time to review what happened with the 7 companies the government asked to participate in an illegal wiretap program based solely on the President’s say-so. Per the 2009 NSA Draft IG Report, the companies are:

  • Telecoms A, B, and C (probably AT&T, Verizon, and — definitely– MCI, respectively, since they were the 3 telecoms working onsite at FBI’s direct access office under another program). These companies were approached by people from NSA’s Special Source Operations unit as soon as the program was approved, and they agreed to participate “voluntarily.” In 2003, MCI got cold feet and demanded a letter from John Ashcroft stating that the request was lawful, in which he “directed” them to comply with NSA’s requests.
  • Telecom E (Qwest). It was approached by SSO personnel in 2002, purportedly for collections related to the Olympics. After some discussion, Qwest’s General Counsel decided to not support the operation.
  • Internet Provider D (probably Microsoft). This company was approached by “NSA legal and operational personnel” (not SSO) in September 2002. In response, this company provided “minimal” support, spanning roughly from October 9, 2002 through just after September 11, 2003. No person at this company was ever cleared to store letters from the NSA.
  • Internet Provider F (probably Yahoo). This company was approached in October 2002 by NSA legal and operational personnel. In response to NSA’s request, Internet Provider F asked for a letter from Attorney General Ashcroft certifying the legality of the program. While in December 2002, NSA’s Commercial Technologies Group through Internet Provider F was participating, NSA’s GC says they did not because of corporate liability concerns.
  • Private Sector Company G. This company was approached in April 2003 by NSA legal and operational personnel. This company’s GC said he or she wanted to consult outside counsel. NSA chose to drop the request. I have no idea what company this would be (CISCO?); any thoughts?

Here’s what these companies provided:

Screen shot 2013-06-29 at 3.33.46 PM

This table tells us a great deal about the program–and also the legal problems behind it.

Internet provider D — the one of two that cooperated — only did so for 7 months in 2003, and only provided Internet content (probably primarily Hotmail emails), not metadata.

Which left the government to get the other Internet data off of AT&T and Verizon’s switches (we know C is MCI because February 2005 is when Verizon bought it, which explains why it started handing over Internet content and metadata then). As the IG Report explains,

A, B, and C provided access to the content of Al Qaeda and Al Qaeda-affiliate email from communication links they owned and operated.

[snip]

The last category of private sector assistance was access to Internet Protocol (IP) metadata associated with communications of al Qaeda (and affiliates) from data links owned or operated by COMPANIES A, B, and C.

In other words, Microsoft and Yahoo, the biggest free email providers, were not crazy about providing content (though one, probably Microsoft, did for a period). And they were completely unwilling to provide IP metadata.

So the government just went to AT&T and Verizon’s switches and took it there.

Even the 2004 kluge to keep the Internet metadata program going after Jack Goldsmith and Jim Comey objected was a stretch, as the FISC Pen Register/Trap & Trace (PR/TT) solution was getting Internet metadata not from the Internet companies, but from the phone companies through whose networks the Internet providers’ data traveled. Before that, they were basically just stealing the Internet companies data.

Remember, in 2008 during the FISA Amendments Act debate, the trade group for tech companies including Microsoft, Yahoo, and Google, issued a letter stating,

The Computer & Communications Industry Association (CCIA) strongly opposes S. 2248, the “FISA Amendments Act of 2007,” as passed by the Senate on February 12, 2008. CCIA believes that this bill should not provide retroactive immunity to corporations that may have participated in violations of federal law. [my emphasis]

Basically, they wanted the telecoms to get busted for stealing their (customers’) stuff.

Tweet about this on Twitter21Share on Reddit0Share on Facebook11Google+0Email to someone

34 Responses to Yahoo, the Law-Abiding Free Email Provider

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34

Emptywheel Twitterverse
emptywheel Jack Goldsmith Declares Victory … for Osama bin Laden http://t.co/S1zvR1d5Fg
6mreplyretweetfavorite
JimWhiteGNV RT @iMusing: Fuck this shit: Boys get chemistry, engineering & astronomy. Girls get science with a sparkle http://t.co/8Bd1aKcO0b Via @abso
34mreplyretweetfavorite
JimWhiteGNV RT @arunindy: Things more likely to kill Americans than Ebola: Obama's drones George Zimmerman Prescription drugs Working 3 jobs Toddler w…
35mreplyretweetfavorite
JimWhiteGNV RT @ArekSarkissian: Overheard on the @GainesvillePD scanner: "I have no idea what I'm going to do with that goat." #FreshfromFlorida
35mreplyretweetfavorite
JimWhiteGNV RT @marynmck: key to controlling Ebola as it comes to the US: simple stuff. good patient interviews, good infection control. http://t.co/L8
46mreplyretweetfavorite
JimWhiteGNV RT @JamesRisen: Press can't talk to people at political rallies? http://t.co/cZqCOLUwym
51mreplyretweetfavorite
JimWhiteGNV @SCOTUSblog @ColMorrisDavis So the insane-sex marriage lobby is happy?
53mreplyretweetfavorite
JimWhiteGNV CDC Director: “Zero Risk” to Passengers on Flights With Dallas Ebola Patient http://t.co/vZUrf0yrSk
1hreplyretweetfavorite
bmaz @Will_Bunch Why does a cop get a level of ultimate detail in presentation NO other defendant ever gets, even by McCulloch's own admission?
1hreplyretweetfavorite
bmaz @Will_Bunch Any other case in the world, with identical facts, and the grand jury would take 2-3 hrs, day at the most. This is just insane.
1hreplyretweetfavorite
bmaz @TimothyS Apparently the oh so attentive @AmbassadorPower cares more about China than the far worse oppression in Ferguson and Occupy in US.
1hreplyretweetfavorite
bmaz @Will_Bunch I'm absolutely stunned there has been so little pushback on how McCulloch is throwing the grand jury. What he is doing is absurd
1hreplyretweetfavorite
June 2013
S M T W T F S
« May   Jul »
 1
2345678
9101112131415
16171819202122
23242526272829
30