The Washington Post published an investigative report uncovering the government-run PRISM program, which allegedly monitored US citizen’s Internet activity illegally, but now the paper is stepping away from its initial claim that nine tech firms knowingly provided data to the government.

Early reports of PRISM left two key allegations unanswered: Did the US government illegally monitor its citizens online, and did the tech companies involved work with authorities complicity. Predictably the government denied the first question. For the second, the initial answer seemed to be yes.

The Post previously claimed that Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL and Apple “participate knowingly”. The phrase that stood out in the report (it has been repurposed by numerous tech blogs and news sites across the Web) since it suggested that US firms willingly agreed to a process that — at best — could violate the rights of millions in the US if their data is accidentally monitored by the NSA.

Hours after the news broke, and every company bar PalTalk and AOL denied any knowledge of the program and allegations of their involvement, the Post has changed its stance. The phrase “participate knowingly” has been removed from the article, a new passage suggests the firms were unaware of PRISM:

It is possible that the conflict between the PRISM slides and the company spokesmen is the result of imprecision on the part of the NSA author. In another classified report obtained by The Post, the arrangement is described as allowing “collection managers [to send] content tasking instructions directly to equipment installed at company-controlled locations,” rather than directly to company servers.

This new text, added to the denials from Google, Apple, Microsoft, Yahoo and others, suggests that the NSA did not have direct access to the data systems. That initial suggestion was an assumption that the Post made based on the contents of the leaked slides.

Nonetheless, the paper’s new stance is a huge admission. For one thing, it adds to the growing claim that the agency instead accessed the information indirectly. In such a case, the most likely method would be via ISPs or mobile operators, but that remains unconfirmed.

Coming hot on the heels of another leak, showing that the NSA collected phone records belonging to Verizon customers, it would cast US service providers in a very poor light.

The move is an embarrassing one for the Post, particularly given that its new update appears driven by the responses of the companies, the very same companies that it says it got responses from before publishing its story.

The Post story says that “several companies [that it] contacted” denied knowledge of the program, and “asserted that they responded only to targeted requests for information”, but it cites only quotes from Google and Facebook.

TNW, like other media, received responses from seven companies, each of which was quick to respond after the initial reports went live. If the Post’s update is driven by the companies, questions must asked as to why it made the direct accusation against the companies in the first place.

Hat tip to Andy Baio

Headline image via Thinkstock

Read next: PRISM: Here's what you need to know about the US Internet monitoring scandal