According to an article in the New York Times, at least three people with detailed knowledge of Google’s and Yahoo’s network and data infrastructure claim that the internet service provider Level 3 communications is responsible for the NSA tapping of the data between the tech companies’ data centers.
It was originally believed that the NSA had direct access to the data inside of the various technology companies and that they had infiltrated the datacenters through some crafty system. It was eventually discovered that this was not the case, and that the NSA had not broken into the tech companies data centers, but rather tapped their fiber lines in order to be able to monitor the traffic coming in and out of the data centers. These companies, unaware of such activities (so they say) transmitted the data between their datacenters in an unencrypted form because they trusted the security of Level 3 communications’ backbone.
Level 3 communications is an absolutely humongous company and is responsible for a lot of what we consider the internet today. In fact, many Time Warner Cable customers are currently benefiting from Level 3 communications’ own fiber lines since they had signed a deal with Time Warner to provide them with additional fiber backbone and network infrastructure.
A map of Level 3 Communications’ fiber backbones across the US
As you can tell, Level 3 communications’ role in the interconnected nature of the web is absolutely pivotal. They provide internet services to so many companies in so many locations that it seems absolutely mad that they would violate their own customers’ security in order to allow the NSA to tap into the fiber lines. Many people believe that this is also how the NSA was able to implement PRISM and do it in such a manner that nobody was aware other than maybe a few ISPs like AT&T and Level 3.
Level 3 even responded to the NYT’s request for comment about the allegations and they indirectly stated that, ?It is our policy and our practice to comply with laws in every country where we operate, and to provide government agencies access to customer data only when we are compelled to do so by the laws in the country where the data is located.?
These sorts of things are unfortunately not limited to just Level 3 communications as companies like AT&T and Verizon are also forced to comply by law with any requests the DoJ forces upon them. Surely they can fight those requests, but that question remains to be answered. How hard are these tech companies trying to resist the governments’ intrusion into our lives and gathering of information on us?