Wired reports on the latest leak on this week's PRISM story:
A newly leaked NSA document shows that Yahoo began supplying data to the spy agency’s PRISM program after failing a legal fight against a court order it considered too broad, according to a news report.
The internet giant tried to push back against the order some time in 2007 or 2008 and lost, thereby ensuring its entry into the so-called PRISM program the NSA has been using to collect data from internet companies, according to a story published by the New York Times.
PRISM is a classified NSA program, recently exposed by the Guardian and Washington Post, that allows the government to collect and manage data obtained from nine internet companies under secret orders issued by the Foreign Intelligence Surveillance Court.
The news sheds some light on how at least one of nine internet companies came to participate in the PRISM program.
According to news stories, each of the internet companies fell in line with the program at separate times over a number of years. It has been unclear until now what led to their inclusion in the program, but theTimes story now provides some insight into how it occurred with Yahoo.
A PowerPoint slide published by the Guardian and Washington Post pertaining to PRISM showed that Yahoo began supplying data for the program in March 2008. That occurred, the New York Timesasserts, after the company failed a legal fight it mounted against a government request for data.
The Times doesn’t provide much detail about the incident, but the hardy nature of the fight is laid out in a court ruling that until now has remained a bit of a mystery.
On August, 22, 2008, the FISA Court of Review issued an order upholding the ruling to compel Yahoo to cooperate with the order for data. The order was previously published only in redacted form (.pdf), with the petitioner’s name blocked out. But the New York Times has identified the party as Yahoo.
According to the redacted order, it appears that Yahoo first received the warrantless request for data some time in 2007.
It’s not clear the extent of the data the government sought, but the company fought back against it on Fourth Amendment grounds that such a request required a probable-cause warrant and that the surveillance request was too broad and unreasonable and, therefore, violated the Constitution.
Yahoo also felt that warrantless requests placed discretion for data collection “entirely in the hands of the Executive Branch without prior judicial involvement” thereby ceding to the government “overly broad power that invites abuse” and possible errors that would result in scooping up data of U.S. citizens as well.