Siobahn Gorman and Jennifer Valentino-DeVries report for the Wall Street Journal:
"The National Security Agency - which possesses only limited legal authority to spy on U.S. citizens - has built a surveillance network that covers more Americans' Internet communications than officials have publicly disclosed, current and former officials say. The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence.... The programs, code-named Blarney, Fairview, Oakstar, Lithium and Stormbrew, among others, filter and gather information at major telecommunications companies. Blarney, for instance, was established with AT&T Inc., T -0.92%former officials say."
So I called AT&T today, introduced myself as a customer and asked if my data had been passed on to the NSA. My call was forwarded to the president's office and customer service.
"Customer service has no way of finding this out," responded the young man. "This is way beyond the scope of customer service." He added it was his understanding that the company was complying to "a legal request" of a government agency. "The company has no choice but to participate and we can't share with you the level of participation."
As explained in previous blog entries, a mystery author who researches and writes about Afghanistan and terrorism and women's rights has reason to be concerned about compromised data and content. Notably, the new contract with my publisher prohibits submission of manuscripts by email and requests submission by physical disk and mail. Authors, business owners and anyone who prepares creative content can no longer trust that their trade and creative secrets are safe from government prying or abuse of unscrupulous government employees.
We may provide Personal Information to non-AT&T companies or other third parties for purposes such as:
- Responding to 911 calls and other emergencies;
- Complying with court orders and other legal process;
- To assist with identity verification, and to prevent fraud and identity theft;
- Enforcing our agreements and property rights; and
- Obtaining payment for products and services that appear on your AT&T billing statements
- We collect some information on an anonymous basis. We also may anonymize the personal information we collect about you.
- We obtain aggregate data by combining anonymous data that meet certain criteria into groups.
- When we employ non-AT&T companies to anonymize or aggregate data on our behalf, the requirements for sharing Personal Information with non-AT&T companies apply.
- We may share aggregate or anonymous information in various formats with trusted non-AT&T entities, and may work with those entities to do research and provide products and services.
The policy also allows the company to keep "information about you in our business records while you are a customer, or until it is no longer needed for business, tax, or legal purposes." We cannot say we weren't warned, and we deserve as much for years of ignoring terms of agreement for software and services.
One contradictory aspect of the policy, though, is under the section on Customer Privacy Controls and Choices: "You can review and correct your Personal Information collected by us." But how can we manage that if the company is prohibited from telling us what is being collected and how it is interpreted?
In calling AT&T corporate offices, the phone message responds: "Our vision is to connect people with their world and to do it better than anyone else."
AT&T: Your World Delivered. To the NSA?