Podcast 408 has a nice description of Steve Gibson's theory that the PRISM program involves a fiberoptic splitting device, essentially a light splitter akin to a prism that sits directly upstream of the connections to a number of major technology companies giving the NSA a copy of the entire signal going into these companies, most of which is unencrypted email traffic, which can then subsequently be analyzed without knowledge of the companies themselves.
While in theory the major internet companies did not know about this, the publicity associated with PRISM certainly damaged their reputations. There's some further description in subsequent podcasts on what one can do to still have privacy while using gmail, skydrive, etc. Basically, the "tinfoil' proposed is pre-internet encryption (PIE) -- using PGP or the like to encrypt files before they're stored in dropbox or emailed around.
How Much Tinfoil?
July 17 2013
The State of Surveillance
June 12 2013