You have to understand that in the intelligence world they worry about the provenance (source) of the data.
In this case the data comes directly from the company holding the data. There is no wiretap, no cypher breaking, no MITM attack, no bugs planted on suspect computers, no TEMPEST intercepts, no HUMINT concerns, none of that.
The data gets delivered by a secure channel over a point-to-point connection straight to an NSA server, where PRISM goes and makes magic happen from there.
But! Although the data's provenance is direct, there is still the intermediary that delivers it (or not): the company itself, which gets to determine whether or not they will make that SFTP (or equivalent) transfer occur. So the companies can all claim that NSA is not tromping around in their datacenters because the NSA is not. The NSA is asking the company to do the tromping for them.
I realize that sounds disingenuous, but that's the time-honored technique that's also used in OOP: Wrap access to data members around a getter function as part of a defined interface, to allow for modifying the getter later.
NSA may still be able to ask for information on anyone if a FISA warrant is only required after 7 days, and it's not as if many FISA warrants have been disapproved, so that's not to say that there are inherent limits to PRISM's ability to capture data on someone.
But at the same time it's also not like NSA has the ability to do rsync facebook.com:/users nsa.gov:/"$(date)", which is essentially what Greenwald has been claiming this whole time, and what Greenwald refuses to acknowledge even the possibility he might be wrong on.
In this case the data comes directly from the company holding the data. There is no wiretap, no cypher breaking, no MITM attack, no bugs planted on suspect computers, no TEMPEST intercepts, no HUMINT concerns, none of that.
The data gets delivered by a secure channel over a point-to-point connection straight to an NSA server, where PRISM goes and makes magic happen from there.
But! Although the data's provenance is direct, there is still the intermediary that delivers it (or not): the company itself, which gets to determine whether or not they will make that SFTP (or equivalent) transfer occur. So the companies can all claim that NSA is not tromping around in their datacenters because the NSA is not. The NSA is asking the company to do the tromping for them.
I realize that sounds disingenuous, but that's the time-honored technique that's also used in OOP: Wrap access to data members around a getter function as part of a defined interface, to allow for modifying the getter later.
NSA may still be able to ask for information on anyone if a FISA warrant is only required after 7 days, and it's not as if many FISA warrants have been disapproved, so that's not to say that there are inherent limits to PRISM's ability to capture data on someone.
But at the same time it's also not like NSA has the ability to do rsync facebook.com:/users nsa.gov:/"$(date)", which is essentially what Greenwald has been claiming this whole time, and what Greenwald refuses to acknowledge even the possibility he might be wrong on.