What Is the PRISM Program? NSA, Edward Snowden and Government Surveillance in 2024
Edward Snowden’s information leak is one of the biggest in U.S. history, which revealed a huge amount of data about government surveillance programs, including the PRISM program. In this article, we’ll answer the question, “What is the PRISM program?” and we’ll examine the data leak.
In 2013, NSA contractor Edward Snowden leaked classified information to try and show the world the extent of U.S. government surveillance. Suddenly, the U.S. public began asking, “What is the PRISM program?” and “Is the U.S. government spying on me?” They started wondering if the collection of private data was an oversight or an intentional act.
While the National Security Agency, the tech companies involved and the U.S. government all reassured the public that they adhere to strict security and privacy regulations, the world wasn’t so sure. Many people began seeking ways to protect their personal information effectively, like using a VPN to encrypt their internet connections — see our guide to the 10 best VPN providers.
Our privacy experts at Cloudwards often share information on how to protect your privacy online, so we wanted to take a more in-depth look at surveillance programs (including PRISM).
-
07/31/2024 Facts checked
We rewrote this guide to include updated information and use an easier-to-read format.
National Security Agency: What Is the PRISM Program?
The PRISM program (also known as SIGAD US-984XN) is one of many NSA programs designed to collect internet communications that could threaten national security. The intelligence is collected from U.S. internet companies like Microsoft, Google and Facebook with the intention of targeting foreign communications with the U.S.
PRISM allows agents to send data collection requests to major internet services without getting individual court orders. This can include audio (like VoIP calls), videos, emails, saved documents and photographs.
According to leaked documents obtained by The Washington Post and The Guardian, the PRISM program gives the NSA and other intelligence agencies direct access to the servers of U.S. internet companies.
However, the companies involved and the United States government refute this claim. They state that they can collect a user’s data only by obtaining permission from the FISA court, along with written directives from the director of national intelligence and the attorney general.
Purpose: What Did the PRISM Program Do?
The PRISM program was established to help collect foreign signals intelligence (SIGINT) in the form of internet communications. Drawing from the leaked information, The Washington Post reported that PRISM was the most used program in NSA reporting. At the time of the information leak, 91% of NSA data acquired under FISA was gathered using PRISM. 2
Below, we’ll quickly break down PRISM along with a few other code names and acronyms so you can better understand them.
Important Terms Glossary:
- PRISM: This code name is for the program that the NSA uses to collect information and data from U.S. companies.
- NSA: The National Security Agency is a U.S. intelligence agency responsible for collecting and processing data related to foreign intelligence and counterintelligence. It’s tasked with protecting U.S. communication networks.
- FISA: The Foreign Intelligence Surveillance Act is a U.S. federal law that outlines the processes of collecting and surveilling foreign intelligence.
- FISC: The Foreign Intelligence Surveillance Court oversees, approves and denies requests for surveillance warrants against foreign agents or spies residing within the U.S.
- GCHQ: The Government Communications Headquarters is a U.K. organization that provides signals intelligence and information assurance to the U.K. government and armed forces.
- SIGAD: A Signals Intelligence Activity Designator is an alphanumeric label that identifies a particular facility used for collecting intelligence. For example, this may refer to satellites, data servers or tapped internet cables.
- SIGINT: This stands for signals intelligence and refers to the interception of signals for use in intelligence gathering.
Why Is the PRISM Surveillance Program Important?
The PRISM program is important because it allows the NSA and other agencies to access massive amounts of communications and user data from various large tech companies. Not only does this constitute a massive violation of privacy, it’s also been ruled unconstitutional and in violation of the 4th amendment when used against U.S. citizens.
Project PRISM History: Foreign Intelligence Surveillance Act & More
Created in 2007, the PRISM program is known as a streamlined version of the Terrorist Surveillance Program that was enacted after 9/11. The Terrorist Surveillance Program was widely criticized as it didn’t require warrants to be obtained from the Foreign Intelligence Surveillance Court (FISC). On the other hand, PRISM itself was authorized by the FISC.
PRISM operates under the Foreign Intelligence Surveillance Act of 1978 (FISA), which details the procedures for surveilling foreign targets and collecting information in the U.S.
Specifically, PRISM can collect this information legally under Section 702 of the 2008 FISA Amendments Act. This amendment makes it possible to intentionally target and obtain information from foreign persons who are reasonably believed to reside outside the U.S.
The PRISM Leak: What Did Edward Snowden Do?
In 2013, Edward Snowden leaked PRISM documents and other information to journalists from The Guardian and The Washington Post. He decided to reveal this sensitive information after working with the NSA and the CIA, where he became disillusioned about the way that government surveillance programs operated.
The goal of the leak was to provide the public with transparency and promote debate about NSA surveillance programs. Snowden’s leaks also revealed details of other surveillance programs — such as XKeyscore, Tempora, MUSCULAR and Project 6 — and included an order from the NSA to Verizon to hand over daily telephone records and metadata on all of its customers. 3
Key PRISM Program Dates
Here is a look at some of the key dates in the PRISM program’s history.
What Kind of Data Does the NSA Collect?
The NSA collects two kinds of data: content and metadata. We will explore each type in more detail below.
Content
Content refers to information that is contained within communications. For example, when you send a text using WhatsApp, any written messages, recorded voice clips, attached photos or inserted GIFs are all considered “content.” Content is typically much more protected than metadata as it’s regarded as personal information, which is invasive to obtain.
If you want to learn how to get the most out of WhatsApp — such as changing your privacy settings, deleting messages and media, and more — check out our guide on 26 WhatsApp tips and tricks.
Metadata
Metadata is the information related to content that doesn’t describe the content itself. For example, the metadata of an email includes the date and time that it was sent or received, as well as the email addresses of the sender and recipient. However, it doesn’t include the email’s contents.
How Does the NSA Collect Data?
Very broadly, the NSA collects data in two ways: “upstream” collection and programs like PRISM. The ability to collect data relies on two key statutes — Section 702 of the FISA Amendments Act (using programs like PRISM) and Section 215 of the Patriot Act (using upstream collection). We’ll break down upstream data collection and the PRISM program below.
Upstream Collection
Upstream data collection occurs when communications are intercepted and collected as they travel along internet infrastructure and data cables. The NSA partners with communications companies like AT&T, which can access high-capacity fiber-optic cables to collect the internet data that travels along them.
The issue with this electronic surveillance method is that it doesn’t collect only foreign communications (between the U.S. and other countries) but also domestic communications within the U.S. This means that the average U.S. citizen risks having their communications collected and stored by the government.
Programs Like PRISM
Programs like PRISM use downstream data collection, which involves the NSA contacting tech companies like Google, Facebook or Apple and requesting data via subpoena. This communication data should be between the United States and foreigners overseas, but domestic communications have also been collected (supposedly inadvertently).
What Changed After Edward Snowden’s Leak?
In the wake of Snowden’s revelations, public discourse around private data and surveillance activities was booming. Organizations like the ACLU (American Civil Liberties Union) condemned the program, calling for an end to “warrantless mass surveillance.” 7
After the Patriot Act expired, the Freedom Act was proposed, with modifications and limitations regarding the collection of telecommunication metadata of U.S. citizens. The Freedom Act was designed to assure the public that the federal government wasn’t interested in the data of U.S. citizens (even though they collected and retained it). You can learn more in our “what is the USA Freedom Act” article.
Tech companies also lost a considerable amount of public trust and business, particularly due to claims that the NSA could tap into cloud-based storage. Other companies took the initiative to create more secure technology, including online storage and smartphones. If you’re looking for secure online storage, see our roundup of the best cloud-based storage providers.
Is the PRISM Program Still Active?
It’s impossible to know to what extent the PRISM program is still operational, and to what capacity it’s changed since Edward Snowden revealed his information.
In 2020, an appeals court found that the program violated constitutional rights when used to indiscriminately collect information on U.S. citizens without a warrant. This should mean that now, intelligence agencies must send individual warrants or data requests to technology companies on a case-by-case basis if they need to access information.
However, PRISM is still allowed to operate as part of section 702 of the Foreign Intelligence Surveillance Act (or FISA), which allows intelligence agencies to collect data on foreigners. Since PRISM was never legally allowed to indiscriminately collect data from U.S. citizens in the first place, it’s impossible to know whether or not this is still taking place, even with the court ruling.
Final Thoughts
It’s clear that the U.S. government has the capacity to monitor almost all communications for the average U.S. citizen. Whether through phone companies or tech giants, innocent bystanders could be swept up in collection programs — the leaked PRISM documents revealed exactly that.
Fortunately, there are some simple ways to improve your security and privacy. You can use a high-quality VPN, or check out our guides on how to encrypt text messages and the 99 best free privacy tools to help protect yourself. By being aware of how you communicate, store information online and interact with the internet, you can keep your personal data as safe as possible.
What do you think about government surveillance programs? Do you think anything has changed since Edward Snowden blew the whistle? What measures do you take to maintain your personal security and privacy online? Let us know in the comments below, and thank you for reading!
FAQ: PRISM NSA
The PRISM program collected targeted communications information from various U.S. companies (like Google, Apple and Facebook) without requiring national intelligence agencies to obtain court orders prior to collection.
PRISM is a “front-end” or software program that allows NSA agents to search and retrieve data that’s considered significant to national security.
The PRISM program was legal, but it was ruled unconstitutional in 2020 by the U.S. Ninth Circuit Court of Appeals and no longer operates in the same capacity.
Sources:
- Edward Snowden: the whistleblower behind the NSA surveillance revelations — The Guardian
- United States Foreign Intelligence Surveillance Court — EFF
- NSA collecting phone records of millions of Verizon customers daily — The Guardian
- US intelligence chief asks public to blindly trust that the government respects civil liberties — The Verge
- Obama Surveillance Speech — SB Nation
- President Obama on NSA spying: Congress has known about it and approved for years — The Verge
- Five Things to Know About NSA Mass Surveillance and the Coming Fight in Congress — ACLU