Oct 30, 2013 09:30 PM EDT
According to documents leaked by former NSA contractor Edward Snowden, the National Security Agency has compromised the informational pipelines that companies like Google and Yahoo use to communicate with their data centers. This means the NSA has the capability to intercept entire data flows as they travel along networks of fiber-optic cable.
In a statement to the Washington Post, Google said it was “troubled by allegations of the government intercepting traffic between our data centers, and we are not aware of this activity. We have long been concerned about the possibility of this kind of snooping, which is why we continue to extend encryption across more and more Google services and links.”
A top-secret document dated January 9, 2013 indicates that during a 30-day period, the NSA intercepted some 181,280,466 new records. The government was able to glean metadata from these intercepts, which identify the sender and recipient of an e-mail, as well as the message itself often times, including content like text and video.
A Yahoo spokeswoman said, “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.”
Unfortunately, it is becoming increasingly apparent that the government does not look to companies for permission to access their data centers, nor does it need it in order to collect information.
The leaked documents include memos that explicitly refer to data-mining operations targeting Yahoo and Google. While this would be very much illegal if conducted domestically, the NSA is able to bypass privacy laws by conducting its surveillance overseas, where the intelligence agency is allowed to treat any data as belonging to a foreigner.
“Thirty five years ago, different countries had their own telecommunications infrastructure, so the division between foreign and domestic collection was clear,” Sen. Ron Wyden, a member of the intelligence committee. “Today there’s a global communications infrastructure, so there’s a greater risk of collecting on Americans when the NSA collects overseas.”
While many are hoping that new legislation will eventually address the controversial spying practices employed by the NSA and revealed by Snowden, there’s much to suggest that companies will need to do their own due diligence in protecting data streams. Eric Grosse, vice president for security engineering at Google has described IT security as “an arms race,” with governments playing the role of adversary.