The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) are tapping directly into the central servers of nine leading US internet companies, the Washington Post has reported.
According to the newspaper, this has allowed investigators to examine emails, photos and other documents of tens of millions of Americans that can be used to track people and their contacts over time.
The highly classified anti-terrorism programme, code-named PRISM, had not been disclosed publicly before.
A US government source who was not authorised to comment publicly on the programme confirmed its existence to the Reuters news agency late on Thursday.
The programme’s participants, the Post said, include most of the dominant global players of Silicon Valley: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple.
The report came on the same day that another newspaper, Britain’s Guardian, revealed that the US government is collecting telephone records of millions of Americans as part of US counterterrorism efforts.
In Washington, the Guardian report fuelled an ongoing debate over whether the US government is violating citizens’ privacy rights while trying to protect them from attacks.
That debate is sure to escalate with the Post‘s report, which said the NSA and FBI are extracting audio, video, photographs, e-mails, documents and connection logs to build a database involving trillions of communications by Americans.
James Clapper, director of US National Intelligence, said in a statement on Thursday that the media reports “contain numerous inaccuracies”.
“The unauthorised disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans,” Clapper said.
In statements released late on Thursday, Google, Apple, Yahoo and Facebook denied that the government had “direct access” to their central servers.
“Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully.
“From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data,” the company said in a statement.
In a statement, Facebook’s Chief Security Officer Joe Sullivan said: “Protecting the privacy of our users and their data is a top priority for Facebook,”
“We do not provide any government organisation with direct access to Facebook servers,”
US Attorney General Eric Holder said on Thursday that members of Congress were fully briefed on the intelligence-gathering programme that included the daily collection of telephone records from Verizon Communications.