The Restaurant at the End of the Universe is one of the most extraordinary ventures in the history of catering ... In it guests take their places at table and eat sumptuous meals while watching the whole of creation explode around them. This is, many would say, impossible. - Douglas Adams
Students of modern culture would be forgiven if they felt as one of Adams' diners, reaping the rewards and opportunities of digital technologies and communication tools while preconceptions of privacy and legal facilities explode around them. PRISM - a system the National Security Agency (NSA) uses to gain access to the private communications of nine popular Internet services - is more than a set of tools for data mining and analysis, it is a metaphor for the deranged imagination of socio-cultural life in 2013.
But how does it actually work? As an academic with a background in management and computing science that is an intriguing question. From a management perspective it appears a most remarkably cost-effective innovation if the $20m/year price tag that has been circulated is even ballpark accurate. The proposed UK Government Communications Data Bill had a budget of £1.8b as comparison.
The current reality is of course that we don't know much of anything at all about how PRISM actually works or indeed if almost any of the information available about it is accurate. But imagining the possibilities is a great thought experiment of how one might translate the teasingly amateur powerpoint deck into a functioning product and "extraordinary venture". Like NSA engineers with only one name ("Hi I'm Mike, he's Jim") we need to be creatively ambitious in the spirit of Wyatt in Weird Science and when the smoke clears we might get PRISM emerging from our home computer: "So, what would you little maniacs like to do first?"
The best summary of the possible technical architectures of PRISM I have encountered online is the Taxonomy of PRISM possibilities offered by Alex Stamos at Unhandled Exception. Lets try a more straightforward overview, free of technical jargon, and using Douglas Adams as our guide with a further few 80s film references thrown in to enhance credibility.
- In the Beginning the Universe was created. This has made a lot of people angry and has been widely regarded as a bad move ... The power of digitally-fuelled internetworked communication is created and is widely regarded as a bad move. PRISM data sets are gathered with cooperation of the listed companies through provision of private keys or backdoor access like the one Matthew Broderick used so effectively in War Games to nearly launch WWIII. Everyone is complicit and you basically shouldn't do anything online you wouldn't be comfortable doing with the world looking over your shoulder. This method is probably targeted on-demand for specific individuals or groups for efficiency and ease of data management.
- The Total Perspective Vortex derives its picture of the whole Universe on the principle of extrapolated matter analyses ... Data is gathered indiscriminately with or without the knowledge of the listed companies. One of the more recently released slides from the powerpoint deck indicates PRISM data gathering directly from servers is unique from the more typical 'upstream' methods like off cables or middleware. In contrast another suggests that PRISM benefits from the pathways of the data through the US which suggests it might be lifted 'in-flight'. Either way this enters the murky waters of correlation and specificity in dealing with ominous 'Big Data' sets because after all 'Big Data is the New Oil' when it comes to making films or harvesting all the data about every individual from everywhere. The "extrapolated matter" may not even be the data but metadata about the data. One possible explanation along these lines is PRISM is just an aggregator of data sets borrowed or accumulated by scrapers, spiders, and harvesters from the server farms of some of the world's most powerful digital service companies.
- To summarize the summary of the summary: people are a problem ... The most likely explanation at this stage is that PRISM is just a room full of lawyers and that is what $20m/year buys you. These lawyers enact formalised legal processes obliging companies to hand over specific data sets on specific individuals.
So we don't know much about how PRISM may or may not work, or may or may not exist, at least in the form specified in the leaked slide deck. We also don't know if it targets individual Internet users ('bottom up') or uses the cumulative data from the listed services to identify users in patterns ('top down'). We don't know the role of the listed companies but we do know it is a much more difficult thought experiment if they are unwilling participants. We also don't know if we should be aghast or complacent, cool like Ferris on his day off, or agitated like his pal Cameron. Are we witnessing privacy and the rights of individuals explode around us while we watch Vine videos loop or just the workings of a system that is suitably 'fit for purpose'? In this regard we can return to the erstwhile guidance of Mr Adams: "If life is going to exist in a Universe of this size, then the one thing it cannot afford to have is a sense of proportion".