Do you have any link describing this backdoor and the procedures to use it (grandparent's claim "without judicial oversight" is the critical bit here)? Schneier just mentions it without reference.

I think it is fair to assume that the US Intelligence Community is likely to work pretty hard to conceal or obfuscate their best methods of open source intelligence gathering. Public documentation of such extrajudicial operations is likely to be heavily discouraged, and through the patriot act tools like NSL's are available to enforce that.

Consider the warrantless wiretapping program that went on for 5+ years. We know that tools for court ordered intercepts were in place through CALEA and others. We also know that the telcos were told and accepted that FISA warrants were not needed for this monitoring. Similarly, we know that facebook obviously has tools in place for responding to warrants, and that it is probably true that facebook can legally reveal much/all of your account if they want to without a warrant. Facebook is quite likely to view building a friendly relationship with the IC to be beneficial.

Another way to think about it: Intelligence agencies strongly discourage the use of social networking applications both by their own employees and other federal agents.

I find it completely credible that any number of friendly and hostile intelligence agencies and security services have widespread access to facebook data and other social networking sites through a variety of means. It's unlikely to be as ham handed as the https://dni.facebook.com/ you might imagine, but it's most assuredly there. It's simply too attractive to not be.

Reading this, I realize it would be fairly trivial for a foreign government to have an operative working at Facebook as a developer with widespread data access.

Facebook doesn't yet require security clearance for employment.

I don't know how I could prove that one way or the other. The overall trend seems to be towards relaxing the need for warrants, although there are important exceptions.

If law enforcement have their own backdoor, that seems to suggest less judicial oversight. I personally trust Schneier to depict the state of affairs accurately, probably using public and non-public information.

We all know services like Gmail can be subpoenaed by court to provide information. Google is big enough for this to happen to them on a daily basis, so it's very likely they have a an automated procedure. For all we know, Schneier may be talking about this.

FYI Schneier later admitted he had no evidence for those claims and now believes them to be untrue: http://www.schneier.com/blog/archives/2010/02/more_details_o...

Damn. I just saw the link similarly refuted on Reddit, and came here to post an apology.

Welcome to citations in the Google age. I remembered the original story but never saw his followup. I wish he had amended the first blog post.

Google and Facebook are different companies. This story is about Facebook.