WASHINGTON – The US government’s clandestine PRISM Internet program exposed by Edward Snowden targets suspect email addresses and phone numbers but does not search for keywords like terrorism, officials said Wednesday.
Top lawyers of the country’s intelligence apparatus including the National Security Agency and Federal Bureau of Investigation participated Wednesday in a public hearing on the controversial US data-mining operations that intercept emails and other Internet communications including on social media networks like Facebook, Google or Skype.
They told the hearing hosted by the Privacy and Civil Liberties Oversight Board (PCLOB) that the NSA did not aim to scoop up all web transmissions, but that the surveillance was narrowly tailored to track or uncover terror suspects and other threats.
“We figure out what we want and we get that specifically, that’s why it’s targeted collection rather than bulk collection,” Robert Litt, general counsel at the Office of the Director of National Intelligence, told the hearing.
PRISM, which focuses on foreign suspects outside the United States, is subject to less virulent criticism than the other main clandestine operation disclosed by Snowden last year, the NSA’s huge telephone metadata program that gathers information on phone calls by most Americans.
In a damning report in January, the PCLOB, an independent body set up under the executive branch to create safeguards for privacy and civil liberties, concluded that the phone metadata program provides little or no value to the fight against terrorism and should be halted.
The board is conducting a similar review of PRISM and other NSA programs, which can draw “upstream” information directly off the Internet’s backbone.
The NSA argued that such programs come under a “compulsory legal” umbrella and that untargeted data is not kept.
“Any time there is not foreign intelligence value to collection, by definition it will be purged,” said NSA general counsel Rajesh De.
Under authority of the Foreign Intelligence Surveillance Act, the NSA asks Internet service providers to hand over messages sent from or received by certain accounts such as “[email protected], the Justice Department’s Brad Wiegmann said, using a hypothetical example.
The terms used in targeting, known as “selectors” in intelligence jargon, “are things like phone numbers and email addresses” and not generic terminology, De said.
The default retention period for PRISM data collected from Internet firms is five years. Upstream data is stored for two years, De said.
The data collection from Internet companies like Apple, Google and Microsoft is done with the companies’ knowledge, according to James Baker, general counsel for the FBI.