Josh Constine has a good piece at TechCrunch on how the PRISM system actually works, and how the tech companies accused by Glenn Greenwald of handing over your data to the NSA are actually building safeguards to protect their users’ privacy: Tech Giants Built Segregated Systems for NSA Instead of Firehoses to Protect Innocent Users From PRISM.

The NSA may have wanted full firehoses of data from Google, Facebook and other tech giants, but the companies attempted to protect innocent users from monitoring via compliance systems that created segregated data before securely handing it over as required by law, according to individuals familiar with the systems used by the tech companies targeted by PRISM.

The widely criticized corroboration with the NSA therefore may have benefited citizens rather than being to their detriment.

My sources confirm that the NSA did not have direct access or any special instant access to data or servers at the PRISM targets, but instead had to send requests to the companies for the data. These requests must be complied with by law, but only if the government narrowly defines what it’s looking for. The government may have initially requested a firehose of data, and was happy to take this full data dump from the tech companies and sort it itself. Had the tech giants simply accepted these requests at the minimum level required by law, many innocent citizens’ data could have been monitored.

By working to create “a locked mailbox and give the government the key” which the New York Times reported, rather than allowing widespread monitoring, the firehose is restricted to a trickle of specific requests. When the NSA has specific people they want to data about, they make a specific, legal request for that data that the tech companies are required to comply with. Google or Facebook then puts the specific requested data into the locked mailbox where the government can access it. This keeps requested data about suspected terrorists or other people who are threats to national security segregated from that of innocent users.