Close

25 September 2013

NSA Legal Grounds for Accessing Data Held by Google and Facebook

NSA Data PRISM

It is now common knowledge that the NSA can access the personal data held by Google, Facebook and seven other major internet companies through a program called PRISM. This information was revealed in The Washington Post on Thursday 6th June 2013. The Director of National intelligence stated that PRISM was specifically used to access the data of non-citizens living outside of the United States.

However what is the legal basis behind the investigations? It is provided through the Foreign Investigation Surveillance Act or FISA. The act was established by the FISA amendments act of 2008.

NSA Data Requests Facebook & GoogleThe back story behind the act is as follows. FISA was originally written in 1978. It was designed to establish legal procedures for the U.S. surveillance of exchanges between U.S. agents and foreign countries. Subsequently the FISA was extended as part of the U.S. Patriot Act of 2011. These changes expanded FISA to include non-state terrorist groups. This was pivotal in the subsequent months following the terrorist attacks of 9/11.

The act was again amended in 2007. This time the Protect America Act removed the FISA warrant requirement for surveillance of targets “reasonably believed” to be outside the U.S. It was under the FISA amendments act of 2008 where drastic changes were introduced. It is these changes which now enable the NSA collaboration with social media platforms.

The key article is title VII, Section 702. The official statement by DNI James Clapper specifically pointed to Section 702 for the legal basis for PRISM’s activities. Clapper stated: “Section 702 is designed to facilitate the acquisition of foreign intelligence information concerning non U.S. persons outside the United States.” He continued: “It cannot be used to intentionally target any U.S. citizen, any other U.S. person, or anyone located in the United States.” Despite this Clapper did reveal the possibility of “incidentally acquired information”, about American citizens under Section 702. However he did conclude that the “acquisition, retention or dissemination” of this data was kept to a “minimum.”

Clapper’s statements about Section 702 hold true with documents released by the American Civil Liberties union relating to Section 702. These documents are available here.

The document reads, “Section 702 of this new Title VII of FISA permits the Director of National Intelligence (DNI) and the Attorney General (AG) to authorize jointly the acquisition of foreign intelligence information by targeting Non-U.S. Persons (NON-USPERs) reasonably believed to be located outside the United States.” The document proceeds to describe USPERS as United States citizens, permanent resident aliens, non-foreign corporations incorporated in the United States, and an “unincorporated group substantially composed of U.S. Citizens and/or Permanent Resident Aliens.”

The ACLU’s documents list the limitations of Section 702:

  • They “may not intentionally target any person known at the time of acquisition to be located in the United States.”
  • They “may not intentionally target a person reasonably believed to be located outside the United States, if the purpose of such acquisition is to target a particular, known person reasonably believed to be in the United States.”
  • They “may not intentionally target an USPER reasonably believed to be located outside the United States.”
  • They “may not intentionally acquire any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States.”
  • They “shalt be conducted in a manner consistent with the Fourth Amendment to the Constitution of the United States.”