Tech

New Emails Reveal Cozy Relationship Between Google And NSA

Giuseppe Macri Tech Editor

Newly unveiled email exchanges between Google executives Sergey Brin, Eric Schmidt and former National Security Agency Director Gen. Keith Alexander reveal a much closer relationship with the government than Google and other Silicon Valley giants let on after the Snowden leaks began last year.

Two sets of emails obtained by al Jazeera America reveal a close level of contact between the two parties, one mere weeks after the first NSA story detailing the bulk Internet surveillance PRISM program made global headlines.

On June 28, 2012, Alexander invited Schmidt, Google’s executive chairman, to attend a “classified threat briefing” on Aug. 8 of that year at a “secure facility in proximity to the San Jose, CA airport.”

“The meeting discussion will be topic-specific, and decision-oriented, with a focus on Mobility Threats and Security,” Alexander wrote in the email.

According to the report, the emails were obtained via a Freedom of Information Act request, and is only one among dozens of communications between the NSA and executives of multiple tech companies the agency is being forced to disclose.

The email reveals Alexander, Schmidt and other tech execs met earlier in June, but Alexander wanted to arrange a follow-up meeting with “a small group of CEOs” to solicit their help with a government project.

“About six months ago, we began focusing on the security of mobility devices,” Alexander wrote. “A group (primarily Google, Apple and Microsoft) recently came to agreement on a set of core security principles. When we reach this point in our projects we schedule a classified briefing for the CEOs of key companies to provide them a brief on the specific threats we believe can be mitigated and to seek their commitment for their organization to move ahead … Google’s participation in refinement, engineering and deployment of the solutions will be essential.”

The project Alexander described, known as the Enduring Security Framework (EFF), is a joint initiative undertaken by the Departments of Defense, Homeland Security and “18 U.S. CEOs” to “coordinate government/industry actions on important (generally classified) security issues that couldn’t be solved by individual actors alone.”

In one example of the initiative, the NSA, along with Intel, AMD, HP, Dell and Microsoft foiled a Chinese cyberattack that threatened to inflict serious damage on the U.S. economy, according to NSA cyberdefense chief Debora Plunkett.

However, some cybersecurity experts like the Electronic Frontier Foundation’s Nate Cardozo question the agency’s story and the project’s real purpose.

“I think the public should be concerned about whether the NSA was really making its best efforts, as the emails claim, to help secure enterprise BIOS and mobile devices and not holding the best vulnerabilities close to their chest,” Cardozo told al-Jazeera while explaining the agency was “looking for weaknesses in the exact same products they’re trying to secure.”

“[The NSA] has no business helping Google secure its facilities from the Chinese and at the same time hacking in through the back doors and tapping the fiber connections between Google base centers,” Cardozo said. “The fact that it’s the same agency doing both of those things is in obvious contradiction and ridiculous.”

Weeks after the Chinese cyberattack story broke, Der Spiegel claimed the NSA used the opportunity to insert back-door access into the servers they were claiming to protect, and cited leaked Snowden documents as their source.

“General Keith.. so great to see you.. !” Schmidt responded back. “I’m unlikely to be in California that week so I’m sorry I can’t attend (will be on the east coast). Would love to see you another time. Thank you !”

Although Brin, who co-founded Google with Larry Page, was also unable to attend the Aug. 8 meeting, Alexander emailed him on Jan. 13, 2012 about Google and ESF.

“You recently received an invitation to the ESF Executive Steering Group meeting, which will be held on January 19, 2012,” Alexander wrote. “We will be discussing ESF’s goals and specific targets for 2012. We will also discuss some of the threats we see and what we are doing to mitigate those threats … Your insights, as a key member of the Defense Industrial Base, are valuable to ensure ESF’s efforts have measurable impact.”

“Hi Keith, looking forward to seeing you next week. FYI, my best email address to use is [redacted],” Brin responded. “The one your email went to — sergey.brin@google.com — I don’t really check.”

The emails appear to show a level of cordial contact nowhere near forced, as Google and other Silicon Valley companies have insisted their relationships with the NSA have always been.

They also add evidence to the claim born out of the Snowden leaks that tech companies were aware of the NSA’s bulk surveillance programs and in some cases assisted the agency, which the agency’s general legal counsel stated during a hearing in March.

Follow Giuseppe on Twitter and Facebook.