Technology companies may be hiding behind legal jargon to avoid being more forthcoming in their responses to new documents on government surveillance that were disclosed Friday, some experts say.
Internet and software companies including Microsoft, Yahoo, Google and Facebook "are legally compelled to lie," said security expert Bruce Schneier, citing national security letters that companies are prohibited from disclosing.
Some similar statements were made in interviews with the IDG News Service following a report published Friday in The Guardian alleging that the National Security Agency paid millions of dollars to companies such as Google and Facebook to cover costs involved in surveillance.
The tech companies incurred these costs in fulfilling tighter certification requirements after a 2011 court ruling said the government's data collection was unconstitutional, according to documents obtained by The Guardian.
That ruling, which was handed down by the Foreign Intelligence Surveillance Court and was made public on Wednesday, said that the way the NSA collected data violated the Fourth Amendment because the agency did not effectively design its collection efforts to target only foreigners of interest to national security.
The NSA was "misusing its authority" by collecting the digital communications of U.S. citizens for years, the ruling said.
The documents revealed Friday describe the problems that the agency experienced after that ruling and the resulting efforts required to bring companies into compliance, according to The Guardian. The list of involved companies includes Google, Yahoo, Microsoft and Facebook, its report said.
The documents were passed on to The Guardian by former NSA contractor Edward Snowden, the man behind the original leaks of various government surveillance programs such as Prism. The documents provide the first evidence of a financial relationship between technology companies and the NSA, the Guardian report said.
The FISA court is required to sign annual certifications that provide the legal framework for surveillance operations, the report said. After the 2011 ruling, those certifications were only being renewed on a temporary basis as the NSA worked to fix its data collection methods that the court deemed unconstitutional.
This adjustment process entailed huge costs, according to a 2012 NSA newsletter entry, excerpts of which were published by The Guardian. "Last year's problems resulted in multiple extensions to the certifications' expiration dates which cost millions of dollars for Prism providers to implement each successive extension," the newsletter said.
The Guardian did not give an exact figure for the costs.
The latest disclosure raises serious questions around the use of taxpayer money to finance government surveillance, the Guardian said. But another issue is the growing discrepancy between the information contained in leaked government documents and technology companies' responses to it.
Sign up for Computerworld eNewsletters.