In an open letter written published on the web, IBM has confirmed that it does not include any NSA “backdoors” in its products. The letter written by Robert C. Weber, an IBM Senior Vice President, is IBM’s latest assurance to its clients following the months of revelations about the US government’s spying activities. As a result of the documents leaked by Edward Snowden, various US technology companies have come under pressure to reveal if they have been working with the NSA.
The IBM letter states that the technology giant has not provided client data to the NSA or any other government agency. Specifically it states that:
- IBM has not provided client data to the National Security Agency (NSA) or any other government agency under the program known as PRISM.
- IBM has not provided client data to the NSA or any other government agency under any surveillance program involving the bulk collection of content or metadata.
- IBM has not provided client data stored outside the United States to the U.S. government under a national security order, such as a FISA order or a National Security Letter.
- IBM does not put “backdoors” in its products for the NSA or any other government agency, nor does IBM provide software source code or encryption keys to the NSA or any other government agency for the purpose of accessing client data.
- IBM has and will continue to comply with the local laws, including data privacy laws, in all countries in which it operates.
“Given the global discussion about data security and privacy, we wanted to communicate our view on these issues,” wrote Weber. “It has long been our (and our clients’) expectation that if a government did have an interest in our clients’ data, the government would approach that client, not IBM.”
In reiterating its commitment to its customers, the letter states several times that IBM would challenge the any orders served on it by the NSA for data, stored inside or outside the USA, through judicial action or other means.
The letter also calls for the U.S. government to enter into a robust debate on surveillance reforms, including new transparency provisions that would allow the public to better understand the scope of intelligence programs and the data collected. It also goes on to say that no government should subvert commercial technologies, such as encryption, that are intended to protect business data.