His statement implicitly acknowledged that this was not necessarily watertight, however, as Clapper also said measures were taken to minimize the collection or distribution of any information about “U.S. persons” that may be “incidentally acquired.”
Responding to reports in the Washington Post and Britain’s Guardian about the National Security Agency and FBI accessing information from the U.S. Internet giants, Clapper said the activity was “important and entirely legal.”
The newspapers cited a top-secret document saying that the agencies were collecting data “directly from the servers” of nine top companies including Microsoft, Facebook, Yahoo, Google, YouTube and Apple. The companies have denied the claims, or knowledge of any such program.
The reports came on the heels of an earlier one, also by the Guardian, disclosing that the NSA has been collecting data about regular phone calls made by millions of Americans.
White House spokesman Josh Earnest told reporters on Thursday afternoon that the phone program was “a critical tool,” allowing agencies “to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities, particularly people located inside the United States.”
In his later statement, Clapper was at pains to emphasize that, in the case of the Internet data collection program at least, Americans were not being targeted.
He said the legal basis for the data collection, section 702 of the Foreign Intelligence Surveillance Act (FISA), “is designed to facilitate the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States.”
“It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located within the United States.”
Clapper went on to say that the activities were subject to oversight by the FISA Court, executive branch and Congress.
“They involve extensive procedures, specifically approved by the court, to ensure that only non-U.S. persons outside the U.S. are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about U.S. persons.”
Clapper said there were “numerous inaccuracies” in the Washington Post and Guardian reports, but did not elaborate.
“Information collected under this program is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats,” he said.
“The unauthorized disclosure of information about this important and entirely legal program is reprehensible and risks important protections for the security of Americans.”
The disclosure that U.S. agencies are covertly accessing data of foreigners who use the world’s most popular websites did not draw much immediate response from abroad.
Australia’s opposition spokesman on communications, Malcolm Turnbull did react, saying Australians would be “very troubled” by the claims and that he had “sought clarification” on the matter from U.S. diplomats in Australia.
“These reports have potentially very significant commercial implications,” Turnbull said. “There is a massive global trend to cloud services. The vast majority of the cloud service providers are U.S. companies.”
“These companies have, with U.S. government support and endorsement, been promoting their services globally, and have sought to allay concerns that data hosted by them would have less privacy protection than it would in Australia.
“Today’s reports elevate those concerns to an even higher level especially since it has been alleged that foreign-owned data hosted by U.S. Internet companies has lesser protection than data belonging to US citizens,” he said.