What we know about the National Security Agency's PRISM Internet surveillance program is in flux, seemingly changing by the hour. If you're just tuning in Sunday and you're looking for our latest understanding of PRISM, this post is for you.

1. Does PRISM really allow the NSA unfettered access to technology company's servers?

This was certainly the impression given by the first reports about PRISM, but it's becoming increasingly clear that it isn't the case. Instead, PRISM now seems to be a system granting intelligence analysts easier access to companies' data when those companies have already been compelled by a secret court to give access to that data.

SEE ALSO: PRISM: Does the NSA Really Get Direct Access to Your Data?

"These executives said PRISM was created after much negotiation with federal authorities, who had pressed for easier access to data they were entitled to under previous orders granted by the secret FISA court," reports the Washington Post in a story adding clarity and context to its original PRISM reporting.

"The legal process, the person said, is akin to how law enforcement requests information in criminal investigations: the government delivers an order to obtain account details about someone who's specifically identified as a non-U.S. individual, with a specific finding that they're involved in an activity related to international terrorism," reported CNET's Declan McCullagh in a rebuttal of the original reports about PRISM.

2. Is the NSA spying on my Gmail or Facebook accounts?

The best answer we have so far is "not directly." The NSA's Internet surveillance program is authorized under Section 702, Title VII of the Foreign Intelligence Surveillance Act (FISA). As the Director of National Intelligence said, that section lays out specific rules mandating that surveillance targets must be non-citizens and reasonably believed to be outside the country.

That does, however, present a problem: What if an intelligence target is conversing with an American citizen? In that case, it would be difficult for the NSA not to collect data from that citizen. The NSA is supposed to "minimize" such incidentally collected data, but we're not sure how scrupulous a process that actually is.

Either way, The New York Times' latest report about PRISM throws a cold bucket of water on the whole situation. "Nothing revealed in recent days suggests that N.S.A. eavesdroppers have violated the law by targeting ordinary Americans," claims the paper.

3. So, controversy over?

Far from it. While PRISM doesn't seem to be as nefarious as originally thought, it still poises myriad privacy and civil liberty concerns:

A secret FISA court approves targets for data collection. The court approves the vast majority of government requests. Government officials say it's subject to oversight from all three branches, which are all briefed regularly on the program. However, because the whole process is so secretive, we have no way to verify the government's claims. We need to know more about how the NSA minimizes data incidentally collected from American citizens. It's simply not enough to take the government's word for it that minimization is happening at a satisfactory level. While PRISM might not be targeted at United States citizens, that's far from reassuring for non-Americans who use Google, Facebook, Yahoo and so on. The United States government is reportedly sharing information with the United Kingdom — it's not difficult to imagine a rules-bending international data swap happening without the public's knowledge. Plenty of other excellent unaswered questions have been poised by the Center for Democracy and Technology's Leslie Harris.

There's undoubtedly more to be learned about PRISM. However, it increasingly seems the more alarming of recent surveillance-related leaks is the NSA's collection of communications "metadata" from American telecoms.

Do you have questions about PRISM? Share them in the comments below, and we'll do our best to answer.

Image via Paul J. Richards/AFP/Getty Images