The National Security Agency and its British counterpart have managed to directly hack into Google (GOOG) and Yahoo (YHOO) data as it flows across foreign territory without the Silicon Valley companies' knowledge, a new report based on documents handed over by Edward Snowden claims.
The Washington Post reported Wednesday morning that the NSA and Britain's equivalent, GCHQ, have managed to intercept millions of records daily as they move between the companies' data centers. A document from early this year showed that they managed to collect, decode and send back 181,280,466 records in just 30 days, including metadata and much more.
The project, dubbed MUSCULAR, avoids laws about spying on Americans by taking place overseas, where both companies have data centers, but the records that move between Google and Yahoo foreign data centers include information about and from American users.
In response, NSA spokeswoman Vanee Vines told the Associated Press that the NSA has "multiple authorities" to accomplish its mission, and she said "the assertion that we collect vast quantities of U.S. persons' data from this type of collection is also not true."
The GCHQ refused to comment, while Google and Yahoo denied they had ever given the governments direct access to such data.
"We have long been concerned about the possibility of this kind of snooping, which is why we continue to extend encryption across more and more Google services and links," the Mountain View search giant said in a statement, adding that it was "troubled" by the report and unaware of such activity.
"We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency," a Yahoo spokeswoman told the Post.
Snowden provided a trove of documents detailing NSA high-tech snooping to The Guardian and the Post months ago, but some of the records the former Booz Allen employee provided are still being publicized for the first time. Snowden is living in Russia to avoid prosecution for stealing and disseminating the documents.
One of the documents provided, a presentation titled "Google Cloud Exploitation," shows the point at which the data is intercepted and decoded, and is marked with a hand-drawn smiley face. When the Post showed the slide to two engineers with close ties to Google, they "exploded in profanity," the newspaper reported.
The Post reported earlier this year that the NSA had "direct access" to Google and Yahoo data, along with other tech giants, an accusation that was immediately and vehemently denied by the companies, which have sued in an attempt to allow public disclosure of government requests for user information.
Contact Jeremy C. Owens at 408-920-5876; follow him at Twitter.com/jowens510.