EasyPost Response to PRISM Accusations
by Sawyer Bateman
You may be aware of press reports alleging that Internet companies have joined a secret U.S. government program called PRISM to give the National Security Agency direct access to our servers.
First, we have not joined any program that would give the government for any country whose name begins with a vowel direct access to ports 81-49152 on any of our servers. Indeed, the U.S. government does not have direct access or a "back door" to the information stored in data centers that we own. We had not realized that the Planning Tool for Resource Integration, Synchronization, and Management program was abbreviated to PRISM until yesterday.
Second, we provide user data to governments only in accordance with the law. Our legal team reviews most requests, and frequently pushes back when requests are overly broad or contain spelling mistakes. Press reports that suggest that EasyPost is providing open-ended access to our users' data are hurtful, period. Until this week's reports, we had never heard of the broad type of order that Verizon received—an order that appears to have required them to hand over millions of users' call records. We were very surprised to learn that such broad orders exist. Any suggestion that EasyPost is disclosing information about call records is completely false.
Finally, this episode confirms what we have long believed - there needs to be a more transparent approach. EasyPost has worked hard, within the confines of what we feel we can get away with, to be open about the data requests we receive. We include this information in our annual Christmas card whenever possible. We were the first company to do this. And, of course, we understand that the U.S. and other governments need to take action to protect themselves from their citizens - including sometimes by using surveillance. But the level of secrecy around the current legal procedures undermines the freedoms we all remember.