.png){kind=logo}
We still don't know exactly how data is collected. Slides from the top secret presentation that Snowden leaked to The Guardian and The Washington Post state that the NSA has direct access to the servers of Google, Facebook, Microsoft, Yahoo, Apple, AOL and others. These tech companies have denied that such direct access exist. For example, Yahoo stated publicly: "Yahoo! takes users' privacy very seriously. We do not provide the government with direct access to our servers, systems, or network." The other companies have given similar statements.
Someone must be lying. It doesn't make a lot of sense for a top secret internal presentation to be false. No one was supposed to see it. However, tech companies don't have any reason to lie, either. If they were complicit in the PRISM program, it will likely come out eventually, and their denials will result in extremely bad PR when their cooperation is revealed. Although the government can use FISA warrants to collect data and keep the company quiet, I don't imagine that the company has a legal requirement to actively deny participation in government programs.
What is the truth? Well, one hint is the XKeyscore program revealed by Snowden several weeks ago, which gives us insight into what data is being collected. XKeyscore allows for the collection of emails, web searches, social media data, and other types of data. According to one presentation it collects data on "nearly everything a typical user does on the internet." That still doesn't answer the question of how data is collected, but we can surmise from the type of data collected: this is mostly data that can be collected from internet service providers and major hubs of the Internet.
While tech companies have denied giving direct access to the government, I have not heard such claims from ISPs. Since everyone accesses the Internet through an ISP, it would be a simple matter for the government to create a FISA warrant that allows the NSA to get access to an ISP's data and prevent the ISPs from disclosing that the warrant was ever received. We know that the NSA is collecting phone call metadata from the four major US phone carriers (see MAINWAY). It would follow that the NSA is also collecting Internet data from the major US ISPs.
Even if the NSA isn't directly collecting data from ISPs, they could also collect data from major Internet routers that make up the backbone of the Internet. I'm a little rusty on this, so I may not get this 100% correct, but the Internet is composed of a bunch of networks, which are connected by routers. The only job of these routers is to forward packets of data to their destination. Many of these routers are located in the US. For example, one of the largest Internet networks in the world is Equinix, owned by Equinix, Inc. Equinix has data centers all over the world, including over a dozen in the United States. The NSA could serve Equinix with a FISA warrant, plant surveillance software one or more of their routers, and monitor all data passing through the router. This would allow the NSA to spy on millions of users' Internet activities--and not just Americans, but anyone who was using this American network. If the NSA monitored most of the major Internet routers that were physically located in the US, I imagine they could monitor most of the world's Internet traffic.
This is how I speculate the NSA is obtaining PRISM data. While it does not give the NSA direct access to tech company servers, they can directly access data being sent to and from these companies. I think the presentation perhaps exaggerated the directness of the data access. Perhaps it was intentional on the part of the presentation authors. PRISM users were supposed to think that tech companies were cooperating with the government, so that these NSA analysts would have less questions about the legality of PRISM. Often, in secret facilities, one employee doesn't have the clearance to know what another employee knows.
In any case, I imagine that the NSA is using one or both of these ways to collect PRISM data.
