When whistleblower Edward Snowden revealed America’s massive surveillance apparatus in early 2013, Silicon Valley sought to distance itself from an explosive political issue that harmed its image both at home and abroad.
New emails obtained by Al Jazeera between since-retired National Security Agency Director General Keith Alexander and Google executives Sergey Brin and Eric Schmidt, however, shed light on a close working relationship between the agency and the tech industry.
The first email dates from the morning of June 28, 2012. Alexander asked Schmidt to attend a “classified threat briefing” at a “secure facility in proximity to the San Jose, CA airport.”
The classified briefing was part of an opaque government program known as the Enduring Security Framework (ESF), launched in 2009 to “coordinate government/industry actions on important (generally classified) security issues that couldn’t be solved by individual actors alone.”
“The meeting discussion will be topic-specific, and decision-oriented, with a focus on Mobility Threats and Security,” Alexander wrote in the emails obtained by Al Jazeera. The NSA plans to release “dozens of communications” between Alexander and Silicon Valley executives.
Alexander and tech executives had apparently met earlier in the month, and Alexander was planning another meeting in the summer of 2012 to ask Silicon Valley for help in building and committing to “a set of core security principles” to fight what the NSA saw as grave threats against mobile and cloud computing.
Alexander’s email cited close cooperation between a number of tech giants, including Google, Intel, Hewlett-Packard, Dell, Microsoft, and Apple, and it touched on topics like securing industry computers against adversaries like China.
An earlier email obtained by Al Jazeera thanked Google’s Sergey Brin for the company’s help in the ESF.
“I see ESF’s work as critical to the nation’s progress against the threat in cyberspace and really appreciate Vint Cerf [Google’s vice president and chief Internet evangelist], Eric Grosse [vice president of security engineering] and Adrian Ludwig’s [lead engineer for Android security] contributions to these efforts during the past year,” Alexander wrote in an email, dated Jan. 13, 2012.
Many experts believe that allowing the NSA to be charged with security tasks means that these giant American tech firms may have traded one adversary, the Chinese, for another: the NSA.
“I think the public should be concerned about whether the NSA was really making its best efforts, as the emails claim, to help secure enterprise BIOS [Basic Input/Output System] and mobile devices and not holding the best vulnerabilities close to their chest,” Nate Cardozo, a staff attorney with the Electronic Frontier Foundation’s digital civil liberties team, told Al Jazeera.
In the course of securing American firms up against foreign threats, Cardozo suspects the agency was “looking for weaknesses in the exact same products they’re trying to secure.”
Cardozo’s suspicions are warranted. While the agency was offering the security help, it was simultaneously hacking into back doors at the firms and tapping fiber wires.
Google’s representatives declined to answer specific questions about the emails but stressed that “we always talk to experts—including the U.S. government—so we stay ahead of the game.”
The full text of the emails obtained by Al Jazeera can be read on its website.
Photo by 1/25 Stryker Brigade Combat Team/Flickr (CC By 2.0) | Remix by Fernando Alfonso III