Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

David Talbot

A View from David Talbot

NSA Takes Huge Amounts of Data from Google and Yahoo

America’s spy agency has been tapping links between global data centers of the Internet giants.

  • October 30, 2013

The National Security Agency has gained access to Google and Yahoo’s cloud networks and downloaded massive amounts of data including from Americans, according to the latest revelation on leaks from Edward Snowden, this time in the Washington Post.

The project involved, known as MUSCULAR, is operated jointly with the British intelligence agency known as GCHQ, and engages in copying data from an undisclosed interception point outside of the United States from fiber-optic cables that carry information between the companies’ data centers.

Circumventing a court-approved process that allows intelligence agencies to make requests directly from companies, the NSA inhales data as it moves between data centers around the world. Data is shuttled around this as part of regular backup processes at the companies, and to enable you to quickly access your data from anywhere in the world. Google and Yahoo run their own private networks, often passing data between countries and making it vulnerable to NSA taps.

Some of this was already implied to have been happening, given that Google said early last month that it was working to encrypt the torrents of information that flow among its data centers (see “Circumventing Encryption Free’s NSA’s Hands Online”). According to the report, none of Yahoo’s inter-server traffic is encrypted, and not all of Google’s is, though the companies are working to change that.

The scale of the NSA data-grab is staggering. The Post reported that “according to a top secret accounting dated Jan. 9, 2013, NSA’s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agency’s Fort Meade headquarters. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — ranging from “metadata,” which would indicate who sent or received e-mails and when, to content such as text, audio and video.”

Those kinds of numbers dwarf what the companies themselves have been saying they are compelled to hand over. For instance, last week Yahoo issued an earnest “government transparency report,” in which it said it had received 12,444 requests for data from the U.S. government this year, covering the accounts of 40,322 users.

Although Google already encrypts much of the data sent between you and its servers, weaknesses exist in between its own data centers. And that compromises user information including e-mails, search queries, videos and Web browsing history (see “Bruce Schneier: NSA Spying is Making Us Less Safe.”)

The latest Insider Conversation is live! Listen to the story behind the story.

Subscribe today
Already a Premium subscriber? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.