I thought PRISM wasn't covert. Companies were compelled to allow them to install their sniffing hardware, it was all above-board. Snowden even leaked an internal slideshow with a nice timeline of when each tech company joined the program.

Parts of that whole expose were covert. In the case of Google we know by tapping fiber connections that they had between data centers (as sseth mentioned, using foreign intelligence peers to do an end run around legal protections), which was on Google owned fiber, theoretically entirely "in-house", so Google transferred it unencrypted. I believe they called this operation "Muscular". After the fiasco Google started assuming everything was hostile.

PRISM was an overt program (to the data stewards, not to the public) for processing FISA warrants and the like.

Other NSA programs that Snowden revealed were covert hacks. https://en.wikipedia.org/wiki/Global_surveillance_disclosure...

My understanding is that the google tapping was done in UK using British intelligence services, thus bypassing the legal constraints.

The program for tapping data center links had the internal code name MUSCULAR and was a partnership with the British GCHQ, who actually did the intercepting.

PRISM was at first reported as some sort of direct access to the servers of certain American companies, but it turned out to be the code name for a joint program with the FBI for using FISA warrants to request data from those companies.