I suspect as always, the truth lies somewhere in the middle. There’s a few facts that are public, as well as some facts about the technology in question that to me could easily lead to a PRISM like program where Google, Apple, Facebook, etc really don’t have any idea that they are being monitored.

From a legal standpoint:
1. We know that the Verizon court order that was issued by the FISA court for call meta-data included a gag order provision.

2. Its equally possible that any other related order to Verizon/ISPs also includes a similar provision.

Here’s where a background in the technology world comes in handy…
What many of the largest companies buy today from a service provider isn’t what many consumers would consider an “internet connection.” A lot of times its actually a private link between two datacenters. Or an entire Virtual Private Network between their offices globally, etc. Or a combination of services. None (or the bulk) of this traffic ever passes into whats commonly considered “the internet” at large. This matters because…

Encryption is expensive. It has additional costs, additional overhead, its hard to do right, etc. So while your connection to Facebook across the public internet is encrypted, across these private networks internally in many, many cases they are not encrypted. Which is totally fine. The PCI DSS standards, which outline how credit card data must be handled have certified these private networks from someone like Verizon as being equivalent to encrypted in terms of the data protection offered.

Except the equipment on Verizons end has the functionality to duplicate any or very specific data to a third party. This is all mandated by laws like CALEA ( Communications Assistance for Law Enforcement Act).

So its entirely possible (in fact I suspect its almost likely) that the government could issue a court order requiring someone like Verizon or another backhaul provider to duplicate all data being exchanged in clear text between the Facebook messaging servers. And Facebook would have no idea this was ever occurring. From there its just a matter of figuring what Facebooks wire format is, and storing the messages for later analysis.

Thoughts?