At Black Hat, U.S. general offers a modest glimpse into NSA protocols

U.S. Gen. Keith Alexander took to the keynote podium today at Black Hat 2013 to shed some light on the government’s maligned surveillance program, arguing that they aren’t used as broadly as privacy advocates fear, undergo strict checks and balances, and have helped to thwart dozens of potential terrorist threats in the United States, Europe, Asia, and Africa.

Whether Alexander’s address — combined with newly declassified documents about some of the programs — will quell critics’ concerns remains to be seen. Aside from a couple of outbursts from audience members during the speech, attendees listened quietly, even offering a smattering of applause when the general spoke to how the programs have helped to disrupt attacks.

“[The programs’] reputations are tarnished because all the facts aren’t on the table. I believe it’s important for you to understand what [agents] have to do in order to do their jobs to defend this nation and the oversight regime that we have with the courts, with Congress, and with the [Obama] administration. I think you need to understand that in order to get the full understanding of what we do and what we do not do.”

Alexander spoke about two specific programs: Section 215 of the Patriot Act, and Section 702 of FISA, the Foreign Intelligence Surveillance Act. Section 215, he said, is a counterterrorism program designed to identify the communication of people suspected to be associated with terrorist organizations and who are communicating with individuals inside the United States.

Through the program, the NSA can obtain the date and time calls are made, the calling number, the number of the recipient, the duration of the call, and the origin of the metadata record. He said the NSA does not receive the actual voice communications, email or text messages, or subscriber info like names, address, credit card numbers, or location information.

Section 702 of FISA lets the feds monitor communications between foreign powers and “agents of foreign powers.” That may include American citizens or residents suspected of espionage or terrorism. The program is “for foreign intelligence purposes. This is not targeting U.S. persons; this is targeting threats overseas. This is our lawful intercept program, which is analogous to many other countries’ around the world.”

Obtaining a court order is no easy task, according to Alexander; each request isn’t simply rubber-stamped. “I am on the other end of that table with federal judges … these are people with tremendous legal experience that don’t take any — I am trying to think of a word here — from even a four-star general,” he said.

Alexander said the NSA does not collect and store every email, phone call, and other communication passing through the Internet or over phone lines. “What comes out is we’re collecting everything. That is not true. Think about netflow and amount of information out there. You can’t afford to collect everything and don’t want to collect everything,” he said.

To provide numerical context, Alexander said that fewer than 300 phone numbers were approved for queries for 2012. The queries resulted in 12 reports to the FBI, which in turn contained fewer than 500 numbers. Additionally, he said that only 35 analysts at the NSA are authorized to run queries in the first place. As to how the NSA works with the communications industry to obtain data, Alexander stressed that “the industry doesn’t just dump stuff to us and tell us, ‘Hey, here are some interesting facts.’ “They are compelled by a court order to comply.”

Alexander acknowledged it would be technically possible for agents to misuse the system, such as to obtain data or email from individuals without going through the proper channels. However, he said that just as in the corporate world, the NSA’s systems have auditing capabilities in place such that every query an agent makes is trackable, and agents who can’t justify certain queries face consequences.

“If they did [misuse the system], our auditing tools would detect them, and they would be held accountable, and they know that from the courses they take and the pledge they’ve made to this nation,” he said. “We get all these allegations of what they could be doing, but when people check, like the Senate Intelligence Committee, they found zero times this has happened. And that’s no bulls**t. Those are facts.”

All told, according to Alexander, the programs have helped to thwart 54 terrorist-related activities: 13 in the United States, 25 in Europe, 11 in Asia, and five in Africa. Among them was the plot to bomb the New York City subway system. “We had some insights on [an Al Qaeda operative’s] communications and what he was doing. We took his name to a 702 court and compelled a service provider to give us his emails. In those emails, we saw him working with an individual unknown to us discussing an imminent terrorist attack,” he said.

Though Alexander insisted that the programs are essential for protecting the county, he called on the security community to offer the NSA guidance as to how the programs could be improved. “Terrorists use our communications. They live among us. How do we come up with a program to stop terrorism and to protect our civil liberties and privacy?” he said. “We need to hear from you, because the tools we use are very much the same as the tools you use to secure networks.”

Alexander specifically called on critics of the surveillance programs to provide feedback, resulting in the following exchange with an audience member. “If you disagree with what we’re doing, tell us what we should be doing,” Alexander said to the crowd.

“Read the Constitution!” yelled an attendee.

Without missing a beat, Alexander replied, “I have. You should too.”

This story, “At Black Hat, U.S. general offers a modest glimpse into NSA protocols,” was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.