Europeans have reacted angrily to revelations that US authorities had tapped the servers of internet companies for personal data, saying such activity confirmed their fears about American Web giants' reach and showed that tighter regulations were needed just as the EU and US are about to launch transatlantic trade talks.


The Washington Post and the Guardian newspapers on Friday (7 June) caused an international stir with reports that the National Security Agency (NSA) and the FBI had accessed the central servers of Google, Facebook and other big internet companies and gathered millions of phone users' data.

Europe has long yearned to contain the power of the United States titans that dominate the internet, and privacy-focused Germany was quick to condemn the companies' co-operation with the US security services.

"The US government must provide clarity regarding these monstrous allegations of total monitoring of various telecommunications and Internet services," said Peter Schaar, German data protection and freedom of information commissioner.

"Statements from the US government that the monitoring was not aimed at US citizens but only against persons outside the United States do not reassure me at all," he said.

The Washington Post said the secret programme involving the internet companies - code-named PRISM and established under President George W. Bush - had seen "exponential growth" during the past few years under Barack Obama.

Some of the companies named in the article have denied the government had "direct access" to their central servers.

On Friday, two of Silicon Valley's elite chief executives spoke out against the potentially damaging allegations, defending their companies' track records.

Google's Larry Page and Facebook's Mark Zuckerberg, in separate blog posts on their company blogs, strenuously objected to the reports and said they had never heard of a programme called PRISM before Thursday.

"Press reports that suggest that Google is providing open-ended access to our users' data are false, period", Page wrote in a post, entitled "What the...?", co-authored with the company's Chief Legal Officer David Drummond.

Zuckerberg denied that Facebook was part of any programme allowing the US government direct access to its servers and that it had never received a "blanket request or court order" from any government agency asking for information or "metadata" in bulk.


Nevertheless, the justice minister for the German state of Hesse, Joerg-Uwe Hahn, called for a boycott of the companies involved.

"I am amazed at the flippant way in which companies such as Google and Microsoft seem to treat their users' data," he told the Handelsblatt newspaper. "Anyone who doesn't want that to happen should switch providers."

The European Union has struggled to assert its citizens' right to internet privacy in the US for nearly a decade.

Transatlantic agreements on sharing the financial and travel data of European citizens have taken years to complete, and the EU is now trying to modernise an almost 20-year-old privacy law to strengthen Europeans' rights.

Fears about the security of data held on US servers have already delayed European adoption of "cloud computing" services, in which computing-intensive applications are done by independent service providers in large data stoarge farms accessed over the internet.

The US Patriot Act, made law after the 11 September 2001 terrorist attacks, gave US intelligence agencies significant new powers of data surveillance and have been a focal point of resistance.

"You hear more concerns in Europe than in the US about the Patriot Act in particular. PRISM just enhances those concerns," said Mark Watts, a partner in London law firm Bristows specialising in privacy and data compliance.

"The main players that are mentioned are much more on the consumer cloud end ... but it may be that emotionally it adds to the concerns about US cloud providers," said Watts, whose clients include several large US internet firms.