GSM Review

Should you be scared of Prism

Back when AOL was the worlds biggest internet service provider, conspiracy theorists claimed that the whole thing was a front for the CIA or the FBI: every message you sent or GIF that you patiently downloaded would be logged by the Feds, and if you used certain keywords youd find black helicopters hovering over your house.


It looks like they had the right idea - and, if anything, they massively underestimated the security services ambitions.

According to separate reports by the Washington Post and The Guardian, a programme called PRISM is pulling "audio, video, photographs, emails, documents and connection logs" from AOL, Google, Yahoo, Facebook, PalTalk (its a video chat service), YouTube, Skype and Apple, with DropBox "coming soon".
Facebook, Google, Microsoft, Apple and Yahoo have all flatly denied giving the US government access to their users data, but then they would, wouldnt they? It certainly casts the Xbox Ones always-on microphone in a very different light.

Is it tinfoil hat time, or is something genuinely frightening going on?

Should you buy shares in Bacofoil?

Lets assume that the Prism story isnt an elaborate attempt to troll the media, and that the leaked presentation The Washington Post based its story on is genuine. Are the tech firms telling the truth, or choosing their words carefully?

Apple told CNBC that it doesnt let any government agency have "direct access" to its servers. Facebook similarly says theres no "direct access". Yahoo uses the D-word too, and Microsoft denies participation in any "voluntary" national security programme.

Direct? Voluntary? What about indirect and compulsory? The Washington Post reports that the scheme was created under the Protect America Act in 2007 to do exactly what civil libertarians feared the CAA would do: give the government "a green light to seek indiscriminate access to domestic communications".

Dont worry, America! The Director of National Intelligence, James Clapper, told the Associated Press that the articles are "misleading" and that the surveillance is only for foreigners, not Americans. The Washington Post begs to differ, noting that "Prism searches are reportedly "designed to produce at least 51 per cent confidence in a targets foreignness" — the lowest conceivable standard. PRISM training materials reportedly instruct users that if searches happen to turn up the private information of Americans, its nothing to worry about.

Prism clearly exists and peoples data is clearly being intercepted - and if GCHQ isnt doing something similar in the UK, then Ill be amazed if some of the Prism stuff doesnt make its way to the British security services. The big question is, should we be worried about it?

The worry isnt that potential terrorists online activities are being tracked: its whether the rest of us, the non-terrorists, are being adequately protected. The security services have enormously powerful tools at their disposal - if you havent read about Palantir or Riot before, prepare to be scared silly - and ordinary people need equally powerful legislation to ensure those tools arent misused.

The tech may be new, but the questions it raises arent: as Juvenal asked in the first or second century, who watches the watchmen?

Next: Read the latest news from the smartphone world.