/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsPrasanto K Roy, Advisor CyberMedia
What is PRISM?
An internal code-name for a top-secret surveillance program run by the USA's National Security Agency. It has real-time access to user data (from Google, Facebook and seven others). It needs no wire-tap requests, nor court orders for individual user data.
If it's secret, how do we know?
Edward Snowden, a 29-year-old NSA contractor and former CIA employee, leaked it out to the Guardian and Washington Post. He was charged with espionage. Snowden hid in Hong Kong, and went to Russia, headed for asylum in Ecuador, Venezuela or Cuba.
What did Google, Facebook and others say?
"We've never heard of PRISM. We don't give direct access to any agency. We work within the law. There is no back door." (Google.) The others' statements were similar.
Are they lying?
Their answers may be technically correct, while not fully honest. They didn't hear of PRISM -internal code-names aren't used externally. NSA doesn't have "direct" access to servers, but two parties can talk through an API, or a querying system. The NSA could still get every piece of user data instantly.
Who intercepts phone calls and mails in India?
Nine agencies are permitted by the Telegraph Act, Rule 419A (Indian Telegraph Rules, 1951), Supreme Court guidelines, and the IT Act of 2008 to "e-spy" in India. These are the IB, the CBI, EIB, DRI, CBDT, Military Intelligence, NCB, NIA and RAW. The newer NTRO also tried hard to hack servers of service providers, succeeding with Indian ones (Rediffmail, Sify) but failing with USbased providers (Google, Yahoo).
Does India have a program like PRISM?
Now it does. The C-DoT's new Central Monitoring System - with up to 800 crore for equipment. The CMS will pull user data in real time from states to its central facility in Delhi. The ICT Ministry says it's just phone-records. The Hindu reports documents showing that CMS aims to monitor in real time all mobiles and fixed lines, plus all 160 million Internet users.
Do Indian agencies need a warrant to snoop?
A central agency wanting to snoop on a call or SMS records once needed a warrant seeking calls details. In 2007 a change in licensing conditions required telcos to deliver call records and other data on demand. Post-CMS, call records would be delivered in realtime to the CMS station in South Delhi: no warrant will be required. For intercepting entire phone calls, as of now, a warrant is still required.
Can anyone snoop without a warrant?
A linesman could add a recording device on your landline: calls are not encrypted. A digital mobile network is tougher to "tap". But intelligence agencies, army and now the NTRO all use off-the-air mobile interceptors, to directly access mobile voice traffic. No special permission is taken: these are difficult to detect anyway.