Internet Companies Deny Offering Government Access to Customer Data
ABC News' Abby Phillip, Luis Martinez and Joanna Stern report:
The National Security Agency and the Federal Bureau of Investigation have been tapping into the servers of major Internet companies to collect audio, video, photographs, e-mails and other documents under a program code-named PRISM, the Washington Post reported.
However, James R. Clapper, the director of national intelligence, said in a written statement that the Post report and another on phone surveillance by The Guardian contained "numerous inaccuracies," and that the data collection only targets non-Americans outside the United States.
What's more, companies reportedly tied to PRISM told ABC News they did not routinely give the government direct access to private data.
"We have never heard of PRISM," read an emailed statement from Apple. "We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order."
According to the Post, intelligence analysts use PRISM to collect information on the movement and contacts of "targets" that they have at least 51 percent confidence are foreign, but it "accidentally" collects U.S. content.
"An internal presentation on the Silicon Valley operation, intended for senior analysts in the NSA's Signals Intelligence Directorate, described the new tool as the most prolific contributor to the President's Daily Brief, which cited PRISM data in 1,477 articles last year," according to the report. "According to the briefing slides, obtained by The Washington Post, 'NSA reporting increasingly relies on PRISM' as its leading source of raw material, accounting for nearly 1 in 7 intelligence reports."
The Post's report came after another report in The Guardian, a British newspaper, detailed a court order that gave the NSA the ability to collect telephone records from Verizon customers, a program that lawmakers suggested has been ongoing since 2006.
According to the Post's story, a career intelligence officer provided the newspaper with Powerpoint slides about the PRISM program to expose "what he believes to be a gross intrusion on privacy."
However, a statement attributed to Clapper defended the "collection of communication" referred to in the Washington Post and Guardian reports, and added, "The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.
"The Guardian and Washington Post articles refer to collection of communications pursuant to Section 702 of the Foreign Intelligence Surveillance Act," the statement read. "They contain numerous inaccuracies.
"Section 702 … is designed to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States," the statement added. "It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States.
"Activities authorized by Section 702 are subject to oversight by the Foreign Intelligence Surveillance Court, the Executive Branch, and Congress. They involve extensive procedures, specifically approved by the court, to ensure that only non-U.S. persons outside the U.S. are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about U.S. persons.
"Section 702 was recently reauthorized by Congress after extensive hearings and debate," the statement said. "Information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats."
Besides Apple, according to the Post, PRISM also sweeps up data from companies including Google, Facebook, Microsoft, Yahoo, PalTalk, Skype, YouTube and AOL.
In addition to any data that flows through any of those Internet service providers, the Post reported, the government can monitor "notifications of target activity" such as log-ins, file transfers and stored data.
A Google spokesman said the company does not have "a 'back door" for the government to access user data.
"Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully," a spokesman said in a statement. "From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a 'back door' for the government to access private user data."
Microsoft, Facebook and Yahoo also denied participating in a broad program to collect data.
"We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis," Microsoft said. "In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don't participate in it."
"Protecting the privacy of our users and their data is a top priority for Facebook," the social network said in a statement. "We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law."
"Yahoo takes users' privacy very seriously," Yahoo said. "We do not provide the government with direct access to our servers, systems, or network."
ABC News' Michael S. James and Steven Portnoy contributed to this report.