AT&T and Verizon didn't have to deny it: what were their users going to do, switch to Quest?
Facebook, Google, etc stand to loose a lot if the allegations are true or are believed to be. If what is alleged is true, they have a massive financial motivation to lie and lie blatantly.
That doesn't mean they are lying, but the fact that AT&T and Verizon didn't lie doesn't tell us one way or the other.
One thing I've seen on HN and elsewhere is the accusation, and I'm not saying you said this, that goes something like this: "Of course Larry and Mark are lying! They'd be required to lie because of <handwave> government secretsauce."
This naturally extremely well-written article demonstrates that AT&T and Verizon never actually lied. And that AT&T and Verizon acted in basically the opposite way that the Internet companies are today. So it casts doubt on the <handwave> forced-to-lie-secretsauce allegations.
An update to the story includes some more detail on AT&T's participation.
One other thing I saw is the claim that the denials were not evidence because it would be denied either way. Which is in complete contradiction to Bayesian statistics (denial probability is ~100% if they aren't surveilling us, and <100% if they are, see: http://lesswrong.com/lw/ih/absence_of_evidence_is_evidence_o..., specifically the discussion of the supposed "5th column").
That <handwave government secretsauce> actually exists. National Security Letters come with a gag order. You are told not to tell anyone, not your spouse, not your lawyer, not anyone, and they last forever. Presumably, if someone asks if you've ever been served a NSL, you're supposed to lie and say "no."
One of the few that we know about is describe here, where a ISP provider broke the gag order to speak with his attorney, and the ACLU, and eventually the order was lifted.
1. "Presumably, if someone asks if you've ever been served a NSL, you're supposed to lie and say "no.""
This is an awful large presumption. You could simply say nothing, and not answer.
2. the only courts to ever confront the NSL's compelled silence have ruled it unconstitutional.
There are zero courts that have ever okay'd this.
3. The "not your lawyer" part is now explicitly wrong, as the law now states (and has since 2006), "shall disclose to any person (other than those to whom such disclosure is necessary to comply with the request or an attorney to obtain legal advice or legal assistance with respect to the request)".
4. Judicial review of any NSL may now be had (again, since Mar 9, 2006), in a normal district court. See "18 USC § 3511 - Judicial review of requests for information"
There are plenty of reasons to generate large amounts of righteous indignation about NSL's, but it would be nice if you actually got the law right in the hyperbole.
Thanks for the correction, I'm glad to hear the law was modified. I went back to the story in Wired and I see they did make note of the change to the law.
First, by citing NSLs, you're unintentionally proving the point of the article. Google recently began disclosing how many NSLs it received. NSLs do not require the recipient to lie.
Second, two courts have ruled that NSL gag orders are unconstitutional (this is before the Ninth Circuit now with a summer briefing schedule). The <secretsauce> lie order you speculate, with any evidence, exists would be extra doubleplusungood unconstitutional.
(BTW, I was the first to disclose less than two weeks ago that Google is litigating two different NSL cases. I daresay I'm familiar with the topic...)
> Facebook, Google, etc stand to loose a lot if the allegations are true or are believed to be.
Do they? If they had come out and said "yes, the Government has <x, y, z> access because as US companies we are required to comply with their requests", how many people (outside of HN readers) would do anything about it? I'm not saying people wouldn't care, and I'd hope (and do hope, with the current situation) that the reaction would cause changes, I just don't see those changes being "let's move away from Google to... some other company that offers comparable services and that can't be forced by governments to reveal data".
Verizon's official response [0] effectively confirmed the allegations. I'm not sure why Verizon "never denying" it is noteworthy in light of their tacit admission:
You may have seen stories in the news about a top secret order Verizon allegedly received to produce certain calling information to the U.S. government.
We have no comment on the accuracy of The Guardian newspaper story or the documents referenced, but a few items in these stories are important. The alleged court order that The Guardian published on its website contains languages that:
- compels Verizon to respond;
- forbids Verizon from revealing the order's existence; and
- excludes from production the "content of any communication . . . or the name, address, or financial information of a subscriber or customer."
Verizon continually takes steps to safeguard its customers' privacy. Nevertheless, the law authorizes the federal courts to order a company to provide information in certain circumstances, and if Verizon were to receive such an order, we would be required to comply.
You're confusing Verizon's response in the last week with Verizon's response in 2006.
The article talks about the 2006-era responses from AT&T and Verizon. The one in the last week isn't especially interesting when you have the NSA director and multiple senators confirming the phone log collection exists.
isn't this consistent with the conclusion that they're using "metadata" from ISPs to do network analysis and then, from the results of that, requesting targeted information from web companies? i thought that was the consensus take on all this? or am i just imagining a consensus? if so, is the above likely wrong?
[we know telecom companies cooperate (at&t, what happens to qwest when you don't). we know that the nsa is collecting metdata on everyone because they've had to redefine "collecting"[1]. we also know prism isn't rocket science because it's only $20m. and we know there's no "direct access" to servers because that was so carefully scripted in all the denials. hence network analysis of (all) calls, then targeted "legal" requests.
Every ISP in the world already has an infrastructure for collecting this kind of metadata (albeit using some degree of sampling); some ISPs even have provisions for sharing signatures generated from that metadata. So yeah, this sounds credible.
ok - i don't have any specific source in mind; it could be that i am just making assumptions there. i will pay more attention and see if i notice anything.
[oh, this was in response to a reply, now deleted, saying that they had only seen "telephony metadata" mentioned - if you're the original author and you realised that telecomms metadata has been mentioned, email me at andrew@acooke.org and i'll delete this, but otherwise i'll leave it as it seems like a reasonable point.]
Watching old people stumble over so much jargon is rough. Not because it makes them sound ignorant, but because I know that it muddles the message for people who need to get it.
Facebook, Google, etc stand to loose a lot if the allegations are true or are believed to be. If what is alleged is true, they have a massive financial motivation to lie and lie blatantly.
That doesn't mean they are lying, but the fact that AT&T and Verizon didn't lie doesn't tell us one way or the other.