Report: NSA broke into Yahoo, Google data centers . Associated Press By LOLITA C. BALDOR 4 hours ago WASHINGTON (AP) — The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, The Washington Post reported Wednesday, citing documents obtained from former NSA contractor Edward Snowden. A secret accounting dated Jan. 9, 2013, indicates that NSA sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agencys Fort Meade, Md., headquarters. In the last 30 days, field collectors had processed and sent back more than 180 million new records — ranging from metadata, which would indicate who sent or received emails and when, to content such as text, audio and video, the Post reported Wednesday on its website. The latest revelations were met with outrage from Google, and triggered legal questions, including whether the NSA may be violating federal wiretap laws. Although theres a diminished standard of legal protection for interception that occurs overseas, the fact that it was directed apparently to Googles cloud and Yahoos cloud, and that there was no legal order as best we can tell to permit the interception, there is a good argument to make that the NSA has engaged in unlawful surveillance, said Marc Rotenberg, executive director of Electronic Privacy Information Center. The reference to clouds refers to sites where the companies collect data. The new details about the NSAs access to Yahoo and Google data centers around the world come at a time when Congress is reconsidering the governments collection practices and authority, and as European governments are responding angrily to revelations that the NSA collected data on millions of communications in their countries. Details about the governments programs have been trickling out since Snowden shared documents with the Post and Guardian newspaper in June. The NSAs principal tool to exploit the Google and Yahoo data links is a project called MUSCULAR, operated jointly with the agencys British counterpart, GCHQ. The Post said NSA and GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants. The NSA has a separate data-gathering program, called PRISM, which uses a court order to compel Yahoo, Google and other Internet companies to provide certain data. It allows the NSA to reach into the companies data streams and grab emails, video chats, pictures and more. U.S. officials have said the program is narrowly focused on foreign targets, and technology companies say they turn over information only if required by court order. In an interview with Bloomberg News Wednesday, NSA Director Gen. Keith Alexander was asked if the NSA has infiltrated Yahoo and Google databases, as detailed in the Post story. Not to my knowledge, said Alexander. We are not authorized to go into a U.S. companys servers and take data. Wed have to go through a court process for doing that. It was not clear, however, whether Alexander had any immediate knowledge of the latest disclosure in the Post report. Instead, he appeared to speak more about the PRISM program and its legal parameters. In a separate statement, NSA spokeswoman Vanee Vines said NSA has multiple authorities to accomplish its mission, and she said the assertion that we collect vast quantities of U.S. persons data from this type of collection is also not true. At no point did the NSA deny the existence of the MUSCULAR program. The GCHQ had no comment on the matter. The Post said the NSA was breaking into data centers worldwide. The NSA has far looser restrictions on what it can collect outside the United States on foreigners and would not need a court order to collected foreigners communications. Cybersecurity expert James Lewis said it is likely that the Google and Yahoo data was part of a larger collection of communications swept up by the NSA program from the fiber-optic pipeline. He said that while the collection was probably legal, because it was done overseas, the question is what the NSA did with the data linked to U.S. citizens. To meet legal requirements, the NSA has to distinguish between foreign and U.S. persons, and must get additional authorization in order to view information linked to Americans, said Lewis, who is with the Center for Strategic and International Studies. He said its not clear from the reports what the NSA did with the U.S. data, and so its difficult to say whether the agency violated the law. David Drummond, Googles chief legal officer said the company has long been concerned about the possibility of this kind of snooping. We do not provide any government, including the U.S. government, with access to our systems, said Drummond. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform. Google, which is known for its data security, noted that it has been trying to extend encryption across more and more Google services and links. Yahoo spokeswoman Sarah Meron said there are strict controls in place to protect the security of the companys data centers. We have not given access to our data centers to the NSA or to any other government agency, she said, adding that it is too early to speculate on whether legal action would be taken. The MUSCULAR project documents state that this collection from Yahoo and Google has led to key intelligence leads, the Post said. Congress members and international leaders have become increasingly angry about the NSAs data collection, as more information about the programs leak out. A delegation from the European Union Parliament came to Washington this week to conduct intense talks about reported U.S. spying on allied leaders, including the collection of phone records. And a German delegation met with U.S. officials over allegations that the NSA was monitoring Chancellor Angela Merkels cellphone. Alexander told lawmakers that the U.S. did not collect European records, and instead the U.S. was given data by NATO partners as part of a program to protect military interests. Congress members, however, are working on plans that would put limits data collection. And Sen. Dianne Feinstein, chairwoman of the Senate Intelligence Committee, has called for a total review of all intelligence programs More broadly, Alexander on Wednesday defended the overall NSA effort to monitor communications. And he said that as Congress considers proposals to scale back the data collection or provide more transparency to some of the programs, its his job to lay out the resulting terrorism risks. Im concerned that we give information out that impacts our ability to stop terrorist attacks. Thats what most of these programs are aimed to do, Alexander said. I believe if you look at this and you go back through everything, none of this shows that NSA is doing something illegal or that its not been asked to do. Pointing to thousands of terror attacks around the world, he said the U.S. has been spared much of that violence because of such programs. Its because you have great people in the military and the intelligence community doing everything they can with law enforcement to protect this country, he said. But they need tools to do it. If we take away the tools, we increase the risk. news.yahoo/report-nsa-broke-yahoo-google-data-centers-171452135--finance.html
Posted on: Thu, 31 Oct 2013 04:15:00 +0000
Trending Topics
Recently Viewed Topics
© 2015