VENERABLE ENTERPRISE VENDOR IBM has denied involvement with the US National Security Agency (NSA) and PRISM surveillance and claimed it has never given any data to anyone.
IBM has posted its response to PRISM revelations as a letter to its clients in which the firm said that it does not share client data with anyone, and would send the NSA to its client before giving it any assistance.
"IBM has not provided client data to the National Security Agency (NSA) or any other government agency under the program known as PRISM," it said.
"IBM has not provided client data to the NSA or any other government agency under any surveillance program involving the bulk collection of content or metadata."
In fact there are a lot of mentions of "IBM has not" and the firm also said that it has never fulfilled a national security order for data, from a FISA court or otherwise, and does not put backdoors in software.
"Nor does IBM provide software source code or encryption keys to the NSA or any other government agency for the purpose of accessing client data," it added. "IBM has and will continue to comply with the local laws, including data privacy laws, in all countries in which it operates."
The statement reminds us that IBM is an enterprise company that deals with enterprise data and issues. It said that any requests for that data would either be challenged by it, or referred to the client.
"In general, if a government wants access to data held by IBM on behalf of an enterprise client, we would expect that government to deal directly with that client," it added.
"If the US government were to serve a national security order on IBM to obtain data from an enterprise client and impose a gag order that prohibits IBM from notifying that client, IBM will take appropriate steps to challenge the gag order through judicial action or other means."
The same rules would apply to data stored outside the US, and IBM said that it would challenge those orders too.
While it had everyone's attention, IBM took the opportunity to make some recommendations to government about restoring trust.
It said that governments would be well advised to stop "subverting commercial technologies'. IBM reminded governments that encryption is supposed to "protect" data.
"The US government should have a robust debate on surveillance reforms, including new transparency provisions that would allow the public to better understand the scope of intelligence programs and the data collected," it said.
"Data is the next great natural resource, with the potential to improve lives and transform institutions for the better. However, establishing and maintaining the public's trust in new technologies is essential."
IBM has been pulled into the PRISM scandal already, and last summer Chinese authorities were concerned about whether it was putting the glorious nation at risk.
Later IBM's shareholders filed a lawsuit about an alleged hidden PRISM agenda. IBM denied the allegations and said that it would fight the lawsuit in court.
"IBM [has] learned of a lawsuit pushing a wild conspiracy theory. This lawsuit seeks to confuse IBM's support for a US cybersecurity legislative proposal -- which has yet to be enacted -- with the completely unrelated NSA surveillance program called PRISM," it said.
"Even a cursory reading of the legislative proposal, known as CISPA, makes clear that it has nothing to do with the recently disclosed NSA surveillance program." µ
Think happy thoughts
IE zero-day is being actively exploited, Redmond warns
Crapsicab firm's application for a full licence gets rejected
Subscriptions for everyone!