IBM calls for surveillance reforms, says they've given the NSA nothing

IBM said on Friday that they've given nothing to the NSA under the PRISM program, and that governments need to clean-up their act.

The letter has odd timing. While IBM is a workhorse, and certainly one of the world's largest IT firms, there hasn't been much mention of them with regard to the NSA's expansive surveillance programs.

However, that didn't stop their top lawyer from offering a soothing letter of assurance to the public, and more importantly, their existing and potential customer base.

"Our business model sets us apart from many of the companies that have been associated with the surveillance programs that have been disclosed. Unlike those companies, IBM’s primary business does not involve providing telephone or Internet-based communication services to the general public. Rather, because the vast majority of our customers are other companies and organizations, we deal mainly with business data.

"Our client relationships are governed by contract, with clear roles and responsibilities assigned and clearly understood by all parties. To the extent our clients provide us access within their infrastructure to the type of individual communications that reportedly have been the target of the disclosed intelligence programs, such information belongs to our clients."

Among the facts presented in the letter, IBM has not given any client data to the NSA, or any other government agency for that matter, "under any surveillance program involving the bulk collection of content or metadata."

Likewise, none of the data related to clients outside of the U.S. has been given to the government under a national security letter (NSL) or FISA order. The subject of backdoors was raised as well, to which Big Blue says that no such thing exists in their products.

So what happens if IBM does see such requests?

"In general, if a government wants access to data held by IBM on behalf of an enterprise client, we would expect that government to deal directly with that client...

"For enterprise clients’ data stored outside of the United States, IBM believes that any U.S. government effort to obtain such data should go through internationally recognized legal channels, such as requests for assistance under international treaties."

Big Blue also said that if the government presented a NSL or FISA request, including gag orders, the company would fight it though all available means.

Furthermore, Weber wrote that governments shouldn't subvert commercial technologies, such as encryption, "that are intended to protect business data."

"The U.S. government should have a robust debate on surveillance reforms, including new transparency provisions that would allow the public to better understand the scope of intelligence programs and the data collected."

Header Image: Kansir/Flickr

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Related:
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.