When all the PRISM news broke, it didn't take long for the US Government to fess up. President Obama even made a (bummer of a) statement on it. Now, Director of National Intelligence James Clapper has put out an official fact sheet about what PRISM is and isn't, according to the US Government. Think of it like an official FAQ.
The document echoes a lot of the cold comforts present in the President's statement, specifically: this is legal and Congress is cool with so just chill out everybody, gosh.
Like the tech companies reportedly involved, the document explicitly denies that anyone is out there unilaterally collecting information the servers of service providers. An assurance that directly conflicts a PRISM side leaked earlier today by The Guardian.
- PRISM is not an undisclosed collection or data mining program. It is an internal government computer system used to facilitate the government's statutorily authorised collection of foreign intelligence information from electronic communication service providers under court supervision, as authorised by Section 702 of the Foreign Intelligence Surveillance Act (FISA) (50 U.S.C. § 1881a). This authority was created by the Congress and has been widely known and publicly discussed since its inception in 2008.
- Under Section 702 of FISA, the United States Government does not unilaterally obtain information from the servers of U.S. electronic communication service providers. All such information is obtained with FISA Court approval and with the knowledge of the provider based upon a written directive from the Attorney General and the Director of National Intelligence. In short, Section 702 facilitates the targeted acquisition of foreign intelligence information concerning foreign targets located outside the United States under court oversight. Service providers supply information to the Government when they are lawfully required to do so.
- The Government cannot target anyone under the court-approved procedures for Section 702 collection unless there is an appropriate, and documented, foreign intelligence purpose for the acquisition (such as for the prevention of terrorism, hostile cyber activities, or nuclear proliferation) and the foreign target is reasonably believed to be outside the United States. We cannot target even foreign persons overseas without a valid foreign intelligence purpose.
- In addition, Section 702 cannot be used to intentionally target any U.S. citizen, or any other US person, or to intentionally target any person known to be in the United States. Likewise, Section 702 cannot be used to target a person outside the United States if the purpose is to acquire information from a person inside the United States.
- Finally, the notion that Section 702 activities are not subject to internal and external oversight is similarly incorrect. Collection of intelligence information under Section 702 is subject to an extensive oversight regime, incorporating reviews by the Executive, Legislative and Judicial branch