LAS VEGAS –NSA director Gen. Keith Alexander’s keynote today at Black Hat USA 2013 was a tense confessional, an hour-long emotional and sometimes angry ride that shed some new insight into the spy agency’s two notorious data collection programs, inspired moments of loud applause in support of the NSA, and likewise, profane heckling that called into question the legality and morality of the agency’s practices.
Loud voices from the overflowing crowd called out Alexander on his claims that the NSA stands for freedom while at the same time collecting, storing and analyzing telephone business records, metadata and Internet records on Americans. He also denied lying to Congress about the NSA’s capabilities and activities in the name of protecting Americans from terrorism in response to such a claim from a member of the audience.
For the first 40 minutes of his talk, Alexander made the case for the agency’s authority under Section 215 of the Patriot Act and 702 of the FISA Act, backing that up with specific examples of terrorist plots such as the New York City subway bombings that were disrupted because of intelligence gathered in the two programs. He also talked about the training agents must pass before having access to the databases housing the collected data, as well as the auditing and compliance associated with those requests.
“The tools and things we use are very much the same tools you use in securing networks. The difference is the oversight and compliance that we have in these programs. That part is missing in much of the discussion,” Alexander said. “I believe it’s important for you to hear that, for you to understand what these people have to do to do their job to defend the nation and the oversight regime we have with the courts, Congress and the administration. You need to understand that to get a full understanding of what we do and do not do.”
All of this happened under the backdrop of new revelations from whistleblower Edward Snowden. The Guardian UK disclosed today, some three hours before Alexander took the stage, new details about another of the spy agency’s top secret data collection programs, this one called XKeyscore. The details, provided to the newspaper by Snowden, indicate that analysts have access to databases housing the online activities of millions, including browsing history, email messages and online chats.
U.S. intelligence leaders today also testified before a Senate Judiciary Committee and released previously classified documents on data collection activities.
The Snowden documents, the Guardian report says, back up a claim made by the former Booz Allen contractor that he as an analyst could “wiretap” any individual. Snowden, who reportedly remains in the Moscow airport awaiting asylum somewhere, shared training materials for XKeyscore with the Guardian. The documents instruct analysts how to mine intelligence databases for information on anyone in the U.S. The Guardian report says analysts need only to fill out a short on-screen form requesting the search; the form is not looked at nor approved by a court or NSA officials.
Alexander, meanwhile, said the two programs were birthed in 2007 largely because of the failures of intelligence agencies to connect the dots on information prior to the September 11 terrorist attacks. He reiterated that Internet companies share data only when compelled to do so by a court order. Alexander then shared a screenshot of the business records the NSA has access to through Section 215; the interface showed the date and time a record was collected, the from and to address of the call, length of the call, source and origin of metadata record. He said the NSA does not collect content such as voice or text message, nor does it gather subscriber names, addresses or locational information. If there is a suspicion of a terrorist connection, Alexander said the business record is passed on to the FBI, which then will investigate deeper.
As for PRISM, or Section 702 of the FISA Court, Alexander said this is the United States’ lawful intercept program, under which service providers can be compelled via a court order to hand over data to the intelligence agency. Alexander said agents are not authorized to listen to communications and that a Senate Select Committee review of the program found no “willful or knowledgeable violations of the law under this program,” he said, adding that the agency’s auditing tools would detect unauthorized access to records and the agent would be held accountable.
“There are allegations [the NSA] listen to all our emails; that’s wrong. We don’t,” Alexander said, adding that of 54 different terrorist-related activities identified through PRISM, 42 of which were disrupted, including 13 in the U.S., and 25 in Europe. “And if we did, we would be held accountable. There is 100 percent auditability on what we do.”
Alexander then answered questions from Black Hat general manager Trey Ford, which the conference solicited from its advisory board and select people in the security community. The questions, Ford said, were evaluated and ranked, though Alexander had no knowledge of them, according to Ford. During the Q&A, Alexander said the Snowden leaks had done significant and irreversible damage to the U.S.
“We’re talking about future terror attacks and the success we’ve had the last 10 years. What will we have in the next 10? What if the 42 of 54 were executed, what would that have meant to our civil liberties and privacy?” Alexander said; a response that was met with loud applause.