Wow. Nothing is sacred. The Washington Post has discovered that the NSA and FBI have teamed up to tap into the servers of nine US tech companies—Microsoft, Google, Facebook, Apple, you name it—and have extracted e-mails, photographs, audio, video, documents and connection logs. They basically have free reign to take whatever they want. And they've been doing it since 2007.
The classified program is called PRISM and it's absolutely scary how much reach the NSA and FBI have. And it's all completely legal. The companies who are within PRISM's grasp is basically any service you'd ever use on the Internet: Microsoft, Yahoo, Google, Facebook, AOL, Skype, YouTube, PalTalk and Apple. PalTalk has been used to communicate in the Syrian civil war.
How does PRISM work? It's terrifying, actually. The Washington Post reports that analysts who use PRISM first key in on 'selectors' (search terms) that are designed to produce at least 51 percent confidence in a target's 'foreignness'. That's it, just 51%. And after that they can start collecting data.
And what PRISM can pry from these companies is just ridiculous. It can basically watch your every movement on the Internet. For Facebook, PRISM can obtain full access to Facebook's “extensive search and surveillance capabilities against the variety of online social networking services”. For Skype, PRISM can take "audio, video, chat and file transfers". For Google, PRISM can peek in on "Gmail, voice and video chat, Google Drive files, photo libraries, and live surveillance of search terms." They basically see what you see as you type it.
According to the Guardian, Microsoft first signed up with PRISM back in 2007. Yahoo came around in 2008. Google, Facebook and PalTalk in 2009. YouTube in 2010 and Skype and AOL in 2011. Apple rounded out the nine in 2012. Twitter is a notable holdout. But those nine companies represent pretty much all of the Internet, from search to e-mail to video to any sort of communication.
To be fair, the companies are in a tough spot to be in. If the companies don't comply with PRISM, they can be sued. If they do comply, they can charge the government for their services. It's pretty obvious what most companies would do at that point, right? (Hint: comply) What's fascinating though is how companies like Twitter (and Apple for five years) have managed to hold out from PRISM. If it's possible to hold out, then why sell out its users?
Update: Apple denies it.