Yet even as they take measures against government collection of personal information, their business models rely on collecting that same data, largely to sell personalized ads. So no matter the steps they take, as long as they remain ad companies, they will be gathering a trove of information that will prove tempting to law enforcement and spies.
When reports of surveillance by the National Security Agency surfaced in June, the companies were frustrated at the exposure of their cooperation with the government in complying with lawful requests for the data of foreign users, and they scrambled to explain to customers that they had no choice but to obey the requests.
More from The New York Times:
When Insurers Drop Policies: Three Stories
Time Warner Left Bruised in Fee Battle With CBS
Poland,Wedded to Coal, Spurns Europe on Clean Energy Targets
But as details of the scope of spying emerge, frustration has turned to outrage, and cooperation has turned to war.
The industry has learned that it knew of only a fraction of the spying, and it is grappling with the risks of being viewed as an enabler of surveillance of foreigners and American citizens.
Lawmakers in Brazil, for instance, are considering legislation requiring online services to store the data of local users in the country. European lawmakers last week proposed a measure to require American Internet companies to receive permission from European officials before complying with lawful government requests for data.
"The companies, some more than others, are taking steps to make sure that surveillance without their consent is difficult," said Christopher Soghoian, a senior analyst at the American Civil Liberties Union. "But what they can't do is design services that truly keep the government out because of their ad-supported business model, and they're not willing to give up that business model."
Even before June, Google executives worried about infiltration of their networks. The Washington Post reported on Wednesday that the N.S.A. was tapping into the links between data centers, the beating heart of tech companies housing user information, confirming that their suspicions were not just paranoia.
In response, David Drummond, Google's chief legal officer, issued a statement that went further than any tech company had publicly gone in condemning government spying. "We have long been concerned about the possibility of this kind of snooping," he said. "We are outraged at the lengths to which the government seems to have gone."
(Read more: NSA said to tap Google and Yahoo)
A tech industry executive who spoke only on the condition of anonymity because of the sensitivities around the surveillance, said, "Just based on the revelations yesterday, it's outright theft," adding, "These are discussions the tech companies are not even aware of, and we find out from a newspaper."
Though tech companies encrypt much of the data that travels between their servers and users' computers, they do not generally encrypt their internal data because they believe it is safe and because encryption is expensive and time-consuming and slows down a network.
But Google decided those risks were worth it. And this summer, as it grew more suspicious, it sped up a project to encrypt internal systems. Google is also building many of its own fiber-optic lines through which the data flows; if it controls them, they are harder for outsiders to tap.
Tech companies' security teams often feel as if they are playing a game of Whac-a-Mole with intruders like the government, trying to stay one step ahead.
Google, for instance, changes its security keys, which unlock encrypted digital data so it is readable, every few weeks. Google, Facebook and Yahoo have said they are increasing the length of these keys to make them more difficult to crack.
Facebook also said it was adding the encryption method of so-called perfect forward secrecy, which Google did in 2011. This means that even if someone gets access to a secret key, that person cannot decrypt past messages and traffic.
"A lot of the things everybody knew they should do but just weren't getting around to are now a much higher priority," said Paul Kocher, president and chief scientist of Cryptography Research, which makes security technologies.