It seems U.S. intelligence officials aren’t the only ones benefiting from a newly revealed eavesdropping program.
Late on Thursday the director of National Intelligence defended a previously secret program that has tapped into American internet activity for six years. The Washington Post and the British newspaper The Guardian detailed the program, code-named PRISM, earlier in the day after a concerned intelligence officer leaked classified documents, including a PowerPoint presentation.
The 41-slide presentation boasted that under PRISM, the National Security Agency and the FBI can access photos, emails, and audio and video files from at least nine U.S. internet services. One document noted the secret program’s broad capabilities: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”
Now, The Guardian reports that the British electronic eavesdropping agency, GCHQ, has also accessed PRISM data, using it to create dozens of intelligence reports. Asked about PRISM, the agency did not directly confirm or deny involvement but told the newspaper it “takes its obligations under the law very seriously. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight.” The Guardian suggests the PRISM program gives British intelligence officials a way to bypass usual channels for obtaining surveillance data from the U.S. Justice Department.
Soon after the PRISM disclosure on Thursday, the Obama administration confirmed the existence of the program, and said it was both legal and necessary to fight terrorism.
“Information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats,” said National Intelligence Director James R. Clapper in a statement. “The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.”
The data collection PRISM employs is authorized by the Foreign Intelligence Surveillance Act, Clapper said, and is only used to target foreign suspects: “It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States.” However, “incidentally acquired information” about Americans is sometimes collected as well.
PRISM was approved by the secretive Foreign Intelligence Surveillance Court, and Congress was also aware of the program, although members were bound by their oaths of office not to publicly discuss the broad surveillance activity.
According to The Washington Post, the intelligence officer who leaked the PRISM documents said the technology the U.S. government uses to eavesdrop on internet activity is so sophisticated, “They quite literally can watch your ideas form as you type.” The PowerPoint slides indicate PRISM began collecting data in 2007 and has become a top source for intelligence briefings. PRISM information made its way into the president’s daily briefing 1,477 times last year, and now accounts for 1 in 7 intelligence reports.
The leaked documents indicate 98 percent of PRISM information is obtained from Yahoo, Google, and Microsoft. “We need to make sure we don’t harm these sources,” wrote the author of the document, whose name was not disclosed.
However, several of the companies have denied any involvement in the program: Microsoft said it only provided data for specific accounts when “we receive a legally binding order or subpoena to do so, and never on a voluntary basis.” Google has a similar policy, and denied having any “back door” system that would allow the government to access user data.
“We have never heard of PRISM,” a spokesman for Apple told The Post. And Facebook said it did not provide the government with direct access to its servers, contrary to what the leaked documents suggested. The reaction from tech companies raises the question of exactly how the government obtains private internet user data, and to what extent internet companies are aware of the snooping.
The revelation about PRISM came soon after The Guardian revealed, on Wednesday, that the U.S. National Security Agency is using a secret court order to collect phone records—including phone numbers, location data, and call duration—for millions of U.S. Verizon customers.