Advertisement
World & Nation

Google stepped up encryption amid reports of NSA surveillance

This undated photo made available by Google shows the campus-network room at a data center in Council Bluffs, Iowa. Routers and switches allow Google's data centers to talk to each other.
This undated photo made available by Google shows the campus-network room at a data center in Council Bluffs, Iowa. Routers and switches allow Google’s data centers to talk to each other.
(Connie Zhou / Associated Press)
By Matt Hamilton
Share

Amid reports this summer of the National Security Agency’s accessing troves of private communications, technology companies have sought to distance themselves from allegations of cooperation with government authorities, while reassuring users that their information is safe.

The latest chapter in the face-off between the government intelligence apparatus and technology companies emerged last week with reports that the NSA was working, often successfully, to undermine encryption technology. Encryption is a security feature that muddles digital information to the point that it is unintelligible.

News surfaced Friday that when NSA surveillance activity made waves in June, Google accelerated plans to encrypt information flowing among its various data centers, covering up a hole in its security strategy, according to a report by the Washington Post.

Advertisement

Also Friday, Yahoo Inc. released its first “transparency report,” summarizing the number of government requests for user data during the last six months, while breaking down which requests the company fulfilled and denied. Google has posted similar transparency reports for years.

Earlier this summer, tech companies had taken other steps in response to revelations about the NSA’s activities.

In June, Google co-founder Larry Page and the company’s top lawyer denied that the company gave the U.S. government access to its servers. Days later, the general counsel for Yahoo denied that the company voluntarily disclosed user information. Microsoft’s legal brass followed suit.

Facebook announced in late July that it had made secure browsing the norm and that the company was gradually rolling out “perfect forward secrecy,” which better protects encrypted data, the company said in a statement.

The latest revelations about the NSA concern a top-secret project named Bullrun.

Through this program, the NSA has decoded troves of Internet traffic, including banking information and private communication that users believe to be otherwise secure, according to reports published by ProPublica, The New York Times and the Guardian newspaper in England using documents leaked by former intelligence contractor Edward Snowden.

According to the reports, the multibillion-dollar project essentially encouraged the development of cryptographic technology with built-in weak points — vulnerabilities the agency could exploit later. The government agency can automatically decipher information transmitted on a variety of commercial products using its Key Provisioning Service, an active database of encryption keys, according to the reports.

Advertisement

“These reports, if true, show that the NSA, in its zeal to spy, may be leaving Americans less secure,” Rep. Rush D. Holt (D-N.J.) said in a statement. Holt, a physicist, has proposed the Surveillance State Repeal Act, which would ban the type of monitoring disclosed in the leaked documents.

“It’s as though the NSA had secretly copied the keys to your home. Worse, it’s as though the NSA had prohibited manufacturers from even making secure locks — all while assuring the public that of course their belongings were safe,” Holt said.

Tech companies have previously collaborated in government surveillance practices, according to leaked documents. Although the companies remain unidentified, it hasn’t stopped some Silicon Valley giants from trying to absolve themselves of involvement.

Companies have sought to be more transparent by disclosing the number of requests for information made by the government under the Foreign Intelligence Surveillance Act, or FISA. The problem is, federal law prohibits such disclosures.

Google and Microsoft launched a legal battle with the government in June on 1st Amendment grounds, arguing that revealing the number of FISA-related requests was a matter of free speech. Negotiations broke down in late August, according to a blog post by Microsoft’s chief legal officer.

In a separate matter, Yahoo has asked the Foreign Intelligence Surveillance Court to declassify documents from a 2008 case, when the tech giant opposed alleged government efforts to gain user information. The court ordered the Justice Department to review documents related to the case, and some could be released as early as Thursday.

Advertisement

ALSO:

Drunk driver admits in viral online video: ‘I killed a man’

Student from California gives birth in dorm room, bleeds to death

Survey: 42% of incoming Harvard freshmen cheated on homework

matt.hamilton@latimes.com

More to Read

World & Nation
Matt Hamilton

Matt Hamilton is a reporter for the Los Angeles Times. He won the 2019 Pulitzer Prize for investigative reporting with colleagues Harriet Ryan and Paul Pringle and was part of the team of reporters that won a Pulitzer Prize for its coverage of the San Bernardino terrorist attack. A graduate of Boston College and the University of Southern California, he joined The Times in 2013.

More From the Los Angeles Times

Advertisement