The company wrote a large blog post, specifically related to how IBM handles customer data, and how it deals with government requests for such data.
Says Big Blue (Full Letter):
-IBM has not provided client data to the National Security Agency (NSA) or any other government agency under the program known as PRISM.
-IBM has not provided client data to the NSA or any other government agency under any surveillance program involving the bulk collection of content or metadata.
-IBM has not provided client data stored outside the United States to the U.S. government under a national security order, such as a FISA order or a National Security Letter.
-IBM does not put "backdoors" in its products for the NSA or any other government agency, nor does IBM provide software source code or encryption keys to the NSA or any other government agency for the purpose of accessing client data.
-IBM has and will continue to comply with the local laws, including data privacy laws, in all countries in which it operates.
If the government were to request the data, or was order IBM to not tell an enterprise customer that their data has been requested, the company would find such a request by any means necessary:
-In general, if a government wants access to data held by IBM on behalf of an enterprise client, we would expect that government to deal directly with that client.
-If the U.S. government were to serve a national security order on IBM to obtain data from an enterprise client and impose a gag order that prohibits IBM from notifying that client, IBM will take appropriate steps to challenge the gag order through judicial action or other means.
-For enterprise clients' data stored outside of the United States, IBM believes that any U.S. government effort to obtain such data should go through internationally recognized legal channels, such as requests for assistance under international treaties.
-If the U.S. government instead were to serve a national security order on IBM to obtain data stored outside the United States from an enterprise client, IBM will take appropriate steps to challenge the order through judicial action or other means.
-IBM will continue to invest in world-class security technologies and services, and we will engage governments around the world on behalf of sensible, market-led policies that enable the free flow of data while promoting strong security. IBM will also continue its decades-long tradition of privacy leadership.
Written by: Andre Yoskowitz @ 17 Mar 2014 19:37
