Google Attempts to NSA-Proof Its Data

Google has accelerated its plans to encrypt the data flowing between the company’s various data centers.

NSA’s spying program, dubbed PRISM, has been the subject of several recent media reports detailing the scope of US government spying. Photo: Google Inc.

Google is accelerating a program to encrypt its data, as part of an effort to better mask customer information from U.S. and foreign governments.

Also Friday, Yahoo Inc. released its first  “transparency report,” summarizing the number of government requests for user data during the last six months, while breaking down which requests the company fulfilled and denied. Google has posted similar transparency reports for years, says the LA Times.

The move by Google is among the most concrete signs yet that recent revelations about the National Security Agency’s sweeping surveillance efforts have provoked significant backlash within an American technology industry that U.S. government officials long courted as a potential partner in spying programs.

The company has been on the offense of late trying to combat public opinion that says it cooperated with the NSA on its PRISM program, which was revealed by former NSA contractor Edward Snowden.

The 30-year-old former employee of government contractor Booz Allen Hamilton Holding Corp. faces espionage charges in the U.S. and is in Russia under temporary asylum.

Google has rebuked claims time and time again that it is in bed with the intelligence agency and also joined forces with Microsoft to sue the agency for permission to divulge the full relationship.

Google’s encryption efforts were initially approved last June, but recent reports detailing the previously PRISM program have caused it to prioritize the project. By encrypting information, firms are usually able to make it unintelligible to most anyone who comes across it – unless the encryption is broken.

Encrypting information flowing among data centers will not make it impossible for intelligence agencies to snoop on individual users of Google services, nor will it have any effect on legal requirements that the company comply with court orders or valid national security requests for data.

But company officials and independent security experts said that increasingly widespread use of encryption technology makes mass surveillance more difficult — whether conducted by governments or other sophisticated hackers, reports the Washington Post.

“If the NSA wants to get into your system, they are going to get in . . . . Most of the people in my community are realistic about that,” said Christopher Soghoian, a computer security expert at the American Civil Liberties Union. “This is all about making dragnet surveillance impossible.”

Google already encrypts Gmail and its bread and butter search for most users, but the data flowing between data centers is what is most vulnerable.

The latest revelations about the NSA concern a top-secret project named Bullrun.

According to reports unveiled this week by a team from The New York Times, The Guardian, and ProPublica, the NSA has managed to get a leg up on encryption using a variety of methods: brute force decryption, persuading technology companies to put backdoors into their products for NSA use and, in some cases, lobbying for weaker encryption standards in general.

“These reports, if true, show that the NSA, in its zeal to spy, may be leaving Americans less secure,” Rep. Rush D. Holt (D-N.J.) said in a statement. Holt, a physicist, has proposed the Surveillance State Repeal Act, which would ban the type of monitoring disclosed in the leaked documents.

“It’s as though the NSA had secretly copied the keys to your home. Worse, it’s as though the NSA had prohibited manufacturers from even making secure locks — all while assuring the public that of course their belongings were safe,” Holt said.

Share this article

We welcome comments that advance the story directly or with relevant tangential information. We try to block comments that use offensive language, all capital letters or appear to be spam, and we review comments frequently to ensure they meet our standards. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Coinspeaker Ltd.