Christian Fuchs

PRISM and the Social Media-Surveillance-Industrial Complex
Christian Fuchs

There are some things we already know about the USA’s PRISM surveillance programme:

• According to the leaked documents, the NSA in the PRISM programme obtained direct access to user data from seven online/ICT companies: Aol, Apple, Facebook, Google, Microsoft, Paltalk, Skype, Yahoo. The Powerpoint slides that Edward Snowden leaked talk about collection “directly from the servers of these U.S. Service Providers”.
• The NSA’s Director James Clapper confirmed the existence of PRISM and defended its existence.
• Edward Snowden says that at the NSA “communications are collected and viewed on a daily basis”, including “the content of your communications”.
• In March 2013, the NSA collected 3 billion pieces of data in the USA alone.
• A court order ruled that Verizone has to provide to the NSA information on national and international phone calls on a daily basis.

Yet the details of the electronic surveillance operations are unknown. Those involved have continuously denied and downplayed these operations: Google’s CEO Larry Page said that the NSA has no direct access to Google’s servers. Facebook’s CEO Mark Zuckerberg, Apple, Microsoft and Yahoo made the same claim. AOL denied having any knowledge of the existence of PRISM. Whom should one believe? Claims of Internet companies stand against leaked documents, in which the NSA says it has direct access to user data, and whistleblower Edward Snowden saying that he was in the position to directly spy on every person whose e-mail address he had.

We should remember that Google in 2010 admitted in the Street View surveillance scandal that it had lied about the actual extent of surveillance. It wrote: “we discovered that a statement made in a blog post on April 27 was incorrect. In that blog post, and in a technical note sent to data protection authorities the same day, we said that while Google did collect publicly broadcast SSID information (the WiFi network name) and MAC addresses (the unique number given to a device like a WiFi router) using Street View cars, we did not collect payload data (information sent over the network). But it’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products”. Internet corporations earn money from personal data and as the Google example shows, they are not always keen on revealing the actual extent of surveillance. I therefore do not at all trust what private companies that collaborated with the NSA in spying on citizens say about their knowledge of PRISM. It is rather more feasible to assume that it is correct what the leaked documents and Snowden say, namely that the NSA has direct access to personal user data that large online corporations store.

Microsoft says that in the second half of 2012, it provided the US government access to “between 31,000 and 32,000 consumer accounts […] This only impacts a tiny fraction of Microsoft’s global customer base”. Facebook writes that in the same period it released data for around 19 000 accounts: “With more than 1.1 billion monthly active users worldwide, this means that a tiny fraction of one percent of our user accounts were the subject of any kind of U.S. state, local, or federal U.S. government request (including criminal and national security-related requests) in the past six months”. Apple argues that between December 2012 and May 2013 it released data from around 10 000 accounts to US government institutions. It is interesting that both Microsoft and Facebook use the same terminology (“a tiny fraction”) for downplaying the extent of surveillance. But is it really just a “tiny” form of surveillance?

In the GDR, the Ministry of State Security’s Department 26: Telephone Control, Wiretapping and Video Surveillance (Ministerium für Staatssicherheit: Abteilung 26. Telefonkontrolle, Abhörmaßnahmen und Videoüberwachung) was responsible for the electronic surveillance of citizens (Schmole 2009). One can say that it was the GDR’s equivalent of the NSA’s divisions that conduct electronic surveillance with the help of PRISM and other programmes. We know from statistics that the Stasi’s Department 26 in 1985 monitored 7941 telephone accounts (Schmole 2009, table IV) and 34 telex lines (Schmole 2009, table VIII) in the GDR (excluding East Berlin). The GDR’s telecommunications consisted of around 1.5 million telephone mainlines and 15 000 telex lines in the mid-1980s. The GDR had around 16.5 million inhabitants in the 1980s, of which around 1.3 million (8%) lived in East-Berlin. Given that the available statistics exclude East-Berlin, we can approximate that 90% of the 1.5 million telephone- and 15 000 telex-mainlines were located outside of East-Berlin, which makes 1.35 million telephone lines and 13 500 telex lines. According to the available statistics, 7941 telephone lines and 34 telex lines were monitored in 1985 in the GDR, excluding East-Berlin, which means on average 3970 telephone lines and 17 telex lines during a 6-month period. A calculation shows that we can approximate that in the GDR during a 6-month period in 1985, the Stasi’s Department 26 monitored 0.3% of all telephone lines and 0.1% of all telex lines.

According to Facebook’s statistics, it released data of 0.002% of its accounts to the NSA during a 6-months period in 2012. Apple had in 2012 around 500 million registered iTunes users, which is a good approximation of the overall number of its customers. Given that it says that during a 6-month period it recently released data of 10 000 customers to US government institutions, the share of monitored accounts is 0.002%. Microsoft’s communication platform Outlook had 400 million users in 2013. If we assume that the 32 000 surveillance operations conducted during a 6-month in 2012 relate to this user base, then the surveillance share is 0.008%. If we assume that the ICT companies underplay the extent of surveillance and that the actual surveillance is a manifold of what they say it is, then it is reasonable to assume that the actual extent of electronic surveillance conducted by US government institutions together with private ICT companies is not massively lower than the one conducted in the GDR that is generally considered to have taken place at a large scale. One can therefore under no circumstances say that the conducted electronic surveillance was “tiny”. We in fact do not know how large it exactly was, but there are indications that the NSA can get direct access to all data of all users of the seven ICT companies mentioned in the leaked documents. PRISM is not, as Facebook, Apple and Microsoft want to make us believe, a small surveillance operation, but rather a massive and large-scale global surveillance project. Given that in 3 cases in absolute terms around 60 000 accounts were monitored during a 6-month period, it is likely that the total number for all 7 companies is around 150 000 user accounts. Compared to electronic surveillance in the GDR, the absolute scope is manifold.

The concept of the military-industrial complex stresses the existence of collaborations between private corporations and the state’s institutions of internal and external defence in the security realm. C. Wright Mills argued in 1956 that there is a power elite that connects economic, political and military power: “There is no longer, on the one hand, an economy, and, on the other hand, a political order containing a military establishment unimportant to politics and to money-making. There is a political economy linked, in a thousand ways, with military institutions and decisions. […] there is an ever-increasing interlocking of economic, militart, and political structures” (pp. 7f).

PRISM shows that the military-industrial complex contains a surveillance-industrial complex, into which social media are entangled: Facebook and Google both have more than 1 billion users and are probably the largest holders of personal data in the world. They and other private social media companies are first and foremost advertising companies that appropriate and commodify data on users’ interests, communications, locations, online behaviour and social networks. They make profit out of data that users’ online activities generate. They constantly monitor usage behaviour for this economic purpose. Since 9/11 there has been intensification and extension of surveillance that is based on the naïve technological-deterministic surveillance ideology that monitoring technologies, big data analysis and predictive algorithms can prevent terrorism. The reality of Woolwich shows that terrorists can use low-tech tools such as machetes for targeted killings. High-tech surveillance will never be able to stop terrorism because most terrorists are smart enough not to announce their intentions on the Internet. It is precisely this surveillance ideology that has created intelligence agency’s interest in the big data held by social media corporations. Recent evidence has shown that social media surveillance not just targets terrorists, but has also been directed at protestors and civil society activists. State institutions and private corporations have long collaborated in intelligence, but the access to social media has taken the surveillance-industrial complex to a new dimension: it is now possible to obtain detailed access to a multitude of citizens’ activities in converging social roles conducted in converging social spaces.

Yet the profits made by social media corporations are not the only economic dimension of the contemporary surveillance-industrial complex: The NSA has subcontracted and outsourced surveillance tasks to around 2000 private security companies that make profits by spying on citizens. Booz Allen Hamilton, the private security company that Edward Snowden worked for until recently, is just one of these firms that follow the strategy of accumulation-by-surveillance. According to financial data, it had 24 500 employees in 2012 and its profits increased from US$ 25 million in 2010 to 84 million in 2011, 239 million in 2012 and 219 million in 2013. Surveillance is big business, both for online companies and those conducting the online spying for intelligence agencies.

The social media surveillance-industrial complex shows that a negative dialectic of the enlightenment is at play in contemporary society: the military-industrial complex constantly undermines the very liberal values of the enlightenment, such as the freedoms of thought, speech, press and assembly as well as the security of the people’s persons, houses, papers and effects. PRISM shows how in supposedly liberal democracies totalitarian forms of political-economic power negate enlightenment values.

References

Mills, C. Wright. 1956. The power elite. Oxford: Oxford University Press.

Schmole, Angela. 2009. Abteilung 26. Telefonkontrolle, Abhörmaßnahmen und Videoüberwachung (MfS-Handbuch). Berlin: BStU. http://www.nbn-resolving.org/urn:nbn:de:0292-97839421301962

Christian Fuchs is Professor of Social Media at the University of Westminster’s Communication and Media Research Institute and the Centre for Social Media Research.

Image sources:

http://upload.wikimedia.org/wikipedia/commons/b/b1/PRISM_logo.jpg
By NSA, US federal Government [Public domain], via Wikimedia Commons

http://upload.wikimedia.org/wikipedia/commons/c/c7/Prism_slide_5.jpg
By US National Security Agency (Washington Post) [Public domain], via Wikimedia Commons

http://upload.wikimedia.org/wikipedia/commons/a/a1/Upstream_slide_of_the_PRISM_presentation.jpg
By NSA, US Federal Government [Public domain], via Wikimedia Commons