After media outlets published "top secret" court orders which allow the U.S. National Security Agency (NSA) to vacuum up millions of Verizon customer details and mine data from top technology firms, the U.S. Director of National Intelligence has hit back, claiming the reports have "numerous inaccuracies" and everything is perfectly legal.
First obtained by The Guardian, the original report documented a court order which forced U.S. carrier Verizon to hand over call system data to the U.S. National Security Agency (NSA) on an "ongoing, daily basis." This metadata includes the originating and recipient phone number, the IMEI unique phone identifier, the IMSI number used to identify calls on cellular networks, trunk identifiers, phone calling cards, and the time, date, and duration of the call.
The leaked document states that under the Foreign Intelligence Surveillance Act (FISA) court, the FBI was granted the order on April 25, and it expires on July 19, granting the U.S. government the wealth of information acquired during this period.
In response to allegations of ignoring citizen privacy and secret data mining, U.S. Director of National Intelligence James Clapper has released a statement stating that the U.S. government is authorized to collect communications data relating to Section 702 of the Foreign Intelligence Surveillance Act.
Under FISA, Clapper says that Section 702, which is designed to gather data on non-U.S. persons residing outside of the United States, was "recently reauthorized by Congress after extensive hearings and debate." The defense chief says that the order "cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States."
However, the use of Section 702 is subject to oversight by the Foreign Intelligence Surveillance Court, the Executive Branch, and Congress, which involves approved procedures to minimize the acquisition, retention and dissemination of incidentally acquired information about U.S. persons, Clapper says.
Following The Guardian's disclosure, The Washington Post released a presentation that alleged both the NSA and FBI have been secretly mining data from the servers of roughly nine technology firms. The presentation, intended only for senior analysts within the NSA's Signals Intelligence Directorate, says that data mining has occurred since 2007 under a program dubbed "PRISM."
Microsoft, Yahoo, Google, Facebook, AOL, Skype, YouTube, Apple and PalTalk were all allegedly involved. Dropbox was apparently due to be next on the slate. A number of the companies have contradicted the Post's report, saying that they do not provide federal agencies "direct access" to servers containing customer data including audio, video, commentary, emails and connection logs.
The leaked presentation suggests that data extraction takes place in order to allow analysts to track an individual's movements and contacts.
The director comments that data collected under the program is "among the most important and valuable foreign intelligence information" federal agencies are able to collect, and is used to combat threats to national security. Considering the latter, Clapper believes that publishing such information is unacceptable, stating:
"The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans."