US security agency intercepts Google, Yahoo traffic overseas - reportThursday 31 October 2013 06.50
The US National Security Agency has tapped directly into communications links used by Google and Yahoo to move huge amounts of email and other user information among overseas data centres, the Washington Post has reported.
It was unclear how the NSA accessed the links.
The report, based on secret NSA documents leaked by former contractor Edward Snowden, appears to show that the agency has used weak restrictions on its overseas activities to exploit even major US companies' data to a far greater extent than previously realised.
Previously reported programs included those that allowed easy searches of Google's, Yahoo's and other Internet giants' material based on court orders.
But because the interception in the newly disclosed effort, code named MUSCULAR, occurs outside the US, there is no oversight by the secret intelligence court.
Google, which recently said it is speeding its efforts to encrypt internal traffic, said: "We're troubled by allegations of the government intercepting traffic between our data centres, and we are not aware of this activity."
Like other major companies, Google and Yahoo constantly send data over leased and shared or exclusive international fibre-optic telecommunication lines as they sync information.
The newly disclosed program, operated jointly with the UK's Government Communications Headquarters, amassed 181 million records in one recent 30-day span, according to one document reported by the Washington Post.
It could not be learned how much of that included material from US residents, how the agency redacted data on them or how much of the information was retained.
An NSA spokesperson said in a statement that the suggestion in the article that the agency relies on a presidential order on foreign intelligence gathering to skirt domestic restrictions imposed by the Foreign Intelligence Surveillance Act and other laws "is not true."
A Yahoo spokeswoman said: "We have strict controls in place to protect the security of our data centres, and we have not given access to our data centres to the NSA or to any other government agency."
The report is likely to add to growing tensions between the US intelligence establishment and the tech companies, which have been struggling to assure customers overseas that they need not fear US spying.
US joins lawsuit against firm that vetted Snowden
Meanwhile, the US Justice Department has joined a lawsuit filed by a whistle blower against the firm that vetted Edward Snowden who leaked documents about US spying efforts.
While the lawsuit is not about the firm's review of Mr Snowden, it alleges that United States Investigations Services failed to perform quality control reviews in connection with its background investigations.
The lawsuit adds to the pressure on the firm, which also cleared government contractor Aaron Alexis, who killed 12 people at the Navy Yard last month.
The firm has had a contract since 1996 to vet individuals seeking employment with federal agencies.
Such background checks include investigative fieldwork on each application.
But since 2008, the firm used software to release investigations that were not yet complete in order to meet revenue targets, the government said.
The firm concealed the practice, known as "dumping," and improperly billed the federal Office of Personnel Management for the work, the DOJ said.
The lawsuit was filed by a former employee of the firm, Blake Percival, under the False Claims Act, which lets people collect rewards for blowing the whistle on fraud against the government.
A representative of the firm did not immediately respond to a request for comment.
The news of the lawsuit came the day before a Senate hearing scheduled to examine government clearances and background checks.