Google has had a closer relationship with the U.S.National Security Agency (NSA) than its previous protests of government surveillance might indicate.
That’s the picture indicated by a new batch of emails, made public today by the Al Jazeera news network.
Under a Freedom of Information (FOIA) request, the network obtained two groups of emails from 2012, a year before ex-NSA contractor Edward Snowden leaked secret documents from the agency. The Snowden documents showed that the NSA was capturing massive amounts of data about telephone and Internet communications.
While the emails indicate that Google has been involved in meetings with the NSA on security matters, there is no evidence from the correspondence so far that the tech giant knew or participated in efforts by the NSA to secretly capture data about Google services users. Al Jazeera said that it expects to receive dozens more emails under its FOIA request.
“Apart from SEC [Securities and Exchange Commission] filings, companies are under no real obligation to tell the truth, the whole truth, and nothing but the truth, unless in sworn testimony,” John Pike told VentureBeat. He’s the director and founder of Global Security.org, which tracks intelligence, military, and homeland security issues.
“The large telecom companies, including Internet companies, have an extremely intimate relationship with the NSA,” he told us. “How could it be otherwise?”
The correspondence between NSA Director General Keith Alexander and company execs Sergey Brin and Eric Schmidt refer to previous briefings under a secret government program known as the Enduring Security Framework (ESF). The initiative, launched in 2009, coordinated actions between companies and government on security issues.
‘Classified Threat Briefing’
One email from NSA Director General Keith Alexander, dated June 28, 2012, requested Schmidt to attend a half-day “classified threat briefing” the following month at a “secure facility” near the San Jose, Calif., airport. The meeting was to be focused on “mobility threats and security.” The email indicated the two had met, along with other industry execs, earlier in June.
A cordial email reply from Schmidt declined to attend the August meeting because of a conflict. Brin was also unable to attend the August briefing, although he did apparently attend earlier ESF meetings. One email from Alexander to Brin thanked him for ESF participation.
Alexander’s email correspondence also indicates that other tech giants had been regularly meeting with the NSA:
“A group (primarily Google, Apple and Microsoft) recently came to agreement on a set of core security principles. When we reach this point in our projects we schedule a classified briefing for the CEOs of key companies to provide them a brief on the specific threats we believe can be mitigated and to seek their commitment for their organization to move ahead … Google’s participation in refinement, engineering, and deployment of the solutions will be essential.”
The email goes on to say that Intel, AMD, HP, Dell and Microsoft worked with the NSA to foil a BIOS threat from China. The alleged plot was covered in a 60 Minutes story on the NSA, but has been the subject of skepticism. Some have suggested that, instead of securing BIOS in computers against foreign threat, the NSA was actually looking for BIOS weaknesses it could employ.
Google’s statement on the emails:
“We work really hard to protect our users from cyberattacks, and we always talk to experts — including in the U.S. government — so we stay ahead of the game. It’s why Sergey attended this NSA conference.”
Via Al Jazeera
You can't solo security COVID-19 game security report: Learn the latest attack trends in gaming. Access here