U.S. technology providers from Apple Inc. to Yahoo! Inc. said they don’t give the U.S. government direct access to their systems, responding to newspaper reports of a top-secret electronic surveillance program.
The National Security Agency and the Federal Bureau of Investigation access the central servers of nine U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents and connection logs, the Washington Post and the U.K.-based Guardian reported late yesterday, citing documents they obtained.
Code-named PRISM, the program traces its roots to warrantless domestic surveillance efforts under former President George W. Bush. The nine companies include Microsoft Corp., Google Inc., Facebook Inc. as well as Apple and Yahoo, the Post report said, citing a slide presentation dated April 2013.
“We have never heard of PRISM,” said Steve Dowling, a spokesman for Cupertino, California-based Apple. “We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order.”
The news emerged a day after the Guardian reported that the NSA was culling millions of telephone records from Verizon Communications Inc. under a clandestine court order. The disclosure of Verizon data collection stirred protests from privacy-rights advocates and renewed questions about the regard President Barack Obama’s administration has for civil liberties.
The American Civil Liberties Union condemned the Internet surveillance efforts described by the Post as an abuse of government power and called on U.S. lawmakers to investigate.
“Unchecked government surveillance presents a grave threat to democratic freedoms,” ACLU Deputy Legal Director Jameel Jaffer said in an e-mailed statement. “These revelations are a reminder that Congress has given the executive branch far too much power to invade individual privacy.”
Obama didn’t mention the surveillance reports during a fundraising dinner last night at the Portola Valley, California, estate of Sun Microsystems Inc. co-founder Vinod Khosla. Today, the president defended the collection of data on U.S. residents’ telephone calls and foreign nationals’ Internet activity, calling the efforts a “modest encroachment” on privacy that’s been legally authorized by Congress.
“You can’t have 100 percent security and also then have 100 percent privacy and zero inconvenience,” Obama said in San Jose. “We’re going to have to make some choices as a society.”
U.S. Director of National Intelligence James Clapper defended the program as crucial and said procedures ensure only foreign nationals outside the U.S. are targeted.
“Information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats,” he said in a statement circulated via e-mail by the White House.
Clapper also said that any telephone data collected is subject to court restrictions.
“The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization,” he said. The program “cannot be used to intentionally target any U.S. citizen” or anyone located within the U.S., Clapper said.
The Post said the NSA operation, which began in 2007, has grown exponentially and become the most prolific contributor to the president’s daily intelligence briefing, providing raw material for almost one in seven intelligence reports. The NSA runs computer centers for analyzing huge databases.
An earlier version of the Post report said the companies, “knowingly participate in PRISM operations.” Later versions on the newspaper’s website omitted that language and added new text indicating the companies were unaware of the program.
Acknowledging the companies’ denials, the Post said it’s “possible that the conflict between the PRISM slides and the company spokesmen is the result of imprecision on the part of the NSA author.”
U.S. agencies have vastly expanded surveillance efforts since 2001 in a bid to avoid a repeat of the Sept. 11 terrorist attacks on New York and the Pentagon. The Bush administration started the so-called Terrorist Surveillance Program under which agencies began secret electronic surveillance on U.S. phone calls and e-mails without court warrants.
In 2008, Congress passed a law codifying parts of the program and authorizing intelligence agencies to get broad electronic surveillance orders from the Foreign Intelligence Surveillance Court.
That law, updating the more than three-decade-old Foreign Intelligence Surveillance Act, lets intelligence agencies monitor the e-mail, Internet activity and phone calls of non-U.S. citizens reasonably believed to be located outside the U.S. and involved in terrorist activities or other crimes. Congress voted last year to extend it until the end of 2017.
The telephone surveillance, reported by the Guardian, was sought by the FBI and approved by the court on April 25. It requires Verizon to provide the NSA with information about calls inside the U.S. and between the U.S. and other countries on a daily and “ongoing” basis.
While Clapper didn’t deny the Post reports that the NSA and FBI operate a separate initiative tapping into Internet companies’ servers, he criticized the release of previously secret information.
“The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans,” he said.
In response to the Post report, Microsoft, based in Redmond, Washington, said it provides customer data only when it receives “a legally binding order or subpoena to do so.”
Facebook co-founder and Chief Executive Officer Mark Zuckerberg said the operator of the world’s largest social-network hadn’t heard of PRISM before yesterday and has never been part of any program that gives the government “direct access” to its servers.
“We have never received a blanket request or court order from any government agency asking for information or metadata in bulk,” Zuckerberg said in a statement today. “If we did, we would fight it aggressively.”
Google “cares deeply about the security” of its users’ data, Leslie Miller, a representative for the Mountain View, California-based company, said in a statement. “From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data.”
The company elaborated today in a statement entitled “What the ...?”
“We have not joined any program that would give the U.S. government -- or any other government -- direct access to our servers,” according to the statement, signed by Google Chief Executive Officer Larry Page and the company’s chief legal officer, David Drummond. “Press reports that suggest that Google is providing open-ended access to our users’ data are false, period.”
Yahoo also denied providing direct access to the government.
“We do not provide the government with direct access to our servers, systems or network,” said Sara Gorman, a spokeswoman for the Sunnyvale, California-based company.