The top lawyer for the United States’ vast system of intelligence agencies on Monday pushed back against a European legal argument that could prove disastrous for Facebook, Google and other top tech companies.
It would be a grave mistake to punish Silicon Valley for misconceptions about National Security Agency’s (NSA) vast data-gathering operations, Robert Litt, the general counsel at the Office of the Director of National Intelligence, wrote in a Financial Times op-ed.
Instead, Litt wrote, the NSA’s “PRISM” program is far more regulated, limited and protective of people’s privacy than reports make out.
“The decisions of judicial bodies should be informed by accurate information,” Litt wrote. “Prism is focused and reasonable.”
“This programme helps protect Americans as well as our partners and allies,” he added. “But it can be used only when authorised by law, in a manner that protects the privacy of all persons, and with extensive oversight from all three branches of our government.”
The op-ed comes amid an escalating U.S. effort to protect American tech companies from additional legal fallout from Edward Snowden’s leaks, and represents one of the most public efforts yet of intelligence officials to protect U.S. companies in the ongoing battle in Europe.
Litt’s comments are in response to a non-binding legal opinion from an advocate general for the European Court of Justice, (ECJ), which last month called to overturn a legal mechanism allowing more than 4,400 tech firms to transmit data seamlessly across the Atlantic.
In the opinion, Yves Bot wrote that the “Safe Harbor” data privacy regime is invalid.
“Because the surveillance carried out by the U.S. is mass, indiscriminate surveillance … in those circumstances, a third country cannot in any event be regarded as ensuring an adequate level of protection,” Bot wrote.
If upheld, the allegation threatens to dismantle the legal framework that tech companies rely on to operate between Europe and the U.S. The 15-year-old “Safe Harbor” regime allows companies to declare that their data privacy protections are equivalent to those in Europe, which are more stringent.
American tech firms have suffered some of the biggest blows from Snowden’s revelations overseas, with consumers’ lingering skepticism about their security practices costing them billions of dollars.
The NSA’s “PRISM” program allows the spy agency to collect emails, chat histories and other information “directly” from the servers of Microsoft, Facebook, Google and other major companies. U.S. officials can use the program to search for a wide variety of foreign “selectors,” such as an email address.
The government claims that the program is authorized under Section 702 of a 2008 update to the Foreign Intelligence Surveillance Act.
A decision in the ECJ is expected on Tuesday.