The system the NYTimes article outlines is still quite different from what the original leak suggested. According to the Times article, the requested data isn't placed into the locked mailbox until the FISA request is reviewed by somebody at the company. This is nowhere near the same level of access as what the PRISM leak suggested. So if what the Times article says is true, Zuckerberg and Page's statements weren't misleading at all. They really do "review each and every request."
The fact that they've built special systems for giving the government the data is not too surprising or scandalous. If I ran a site getting the same number of FISA requests that Google and Facebook presumably get, I'd probably also design a special system to make the process more convenient and secure. Short of openly challenging the NSA in court, this is probably the best response we could hope for. It gives the company control over what data is released and is much more secure than a back door which could be compromised.
But what if the FISA request is 'everything'. Yes they're complying, someone gives it a look over then adds everything and keeps it updated in real time.
They don't have direct access to the servers, they're complying with the law, they have everyone's data.
The worst bit is that this is all kept secret. If it's all so acceptable then why didn't the public at least get told.
You're confusing the two leaks (I did too, it's deliberately confusing). The PRISM project does not even require FISA approval. The reason it exists is to not require FISA approval. The analyst just has to check a box saying that they reasonably believe that there is a 51% chance that the target is foreign.
Did you even read the NYT article? They said requests can be very broad, like logs for certain search terms and people staying in the company building for weeks with all the data being gathered in government laptops. That is pretty much realtime and "direct access".
> In one recent instance, the National Security Agency sent an agent to a tech company’s headquarters to monitor a suspect in a cyberattack, a lawyer representing the company said. The agent installed government-developed software on the company’s server and remained at the site for several weeks to download data to an agency laptop.
Where in that paragraph or the ones surrounding it does it say that Google or Facebook was the company involved? Don't you think that if these incidents involved either company, that they would be named here?
The fact that they've built special systems for giving the government the data is not too surprising or scandalous. If I ran a site getting the same number of FISA requests that Google and Facebook presumably get, I'd probably also design a special system to make the process more convenient and secure. Short of openly challenging the NSA in court, this is probably the best response we could hope for. It gives the company control over what data is released and is much more secure than a back door which could be compromised.