The US National Security Agency has tapped into key communications links from Yahoo and Google data centres around the world, the Washington Post reported Wednesday.
The Post, citing documents obtained from former NSA contractor Edward Snowden and interviews with officials, said the program can collect data at will from hundreds of millions of user accounts, including from Americans.
The report said the program dubbed MUSCULAR, operated jointly with NSA’s British counterpart GCHQ, indicated that the agencies can intercept data flows from the fibre-optic cables used by US Internet giants.
The Post report suggests this is a secret program that is unlike Prism, which relies on court orders to obtain data from technology firms.
According to a top secret document cited by the newspaper dated Jan 9, 2013, some 181 million records were collected in the prior 30 days, ranging from metadata on emails to content such as text, audio and video.
The document shown by the Post indicates that the NSA intercept takes place outside the United States, and that an unnamed telecommunications provider allowed the secret access.
A graphic in the document suggested that the interception at Google came at a point between the public Internet and Google “cloud” servers. The hand-drawn graphic depicted an image of the two Google servers and a smiley face with a note saying, “SSL added and removed here”. SSL refers to secure sockets layer, a cryptographic protocol.
Acting outside US territory would give the NSA more latitude than within the United States, where it would require court orders, the Post noted.
NSA chief General Keith Alexander, when asked about the allegations during a Washington conference, said he was unaware of the report but argued that the allegations appeared to be inaccurate.
“That (activity) to my knowledge, this never happened,” he said at the conference sponsored by Bloomberg Television.
“In fact, there was this allegation in June that the NSA was tapping into the servers of Yahoo or Google, that is factually incorrect.”
He added that the NSA gains access to data “by court order” and that it would not be “breaking into any databases”.
Google’s chief legal officer David Drummond said the Internet giant was not involved in any such activity.
“We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links, especially the links in the slide,” Drummond said in a statement.
“We do not provide any government, including the US government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fibre networks, and it underscores the need for urgent reform.”
Yahoo said in a statement to AFP that “we have strict controls in place to protect the security of our data centres, and we have not given access to our data centres to the NSA or to any other government agency”.
The report comes amid a storm of protest about NSA surveillance both within the United States and overseas of phone and Internet communications.
On Tuesday, US officials said reports that American spy agencies snooped on millions of Europeans were false.
Alexander told lawmakers that in many cases European spy agencies had turned over phone call records and shared them with US intelligence.