NSA Chief Says Data Collection Targeted, Obeys Constitutional Limits

A program used to investigate 54 cases related to terrorism follows strict rules, the head of the National Security Agency tells Black Hat attendees.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

LAS VEGAS—The National Security Agency's controversial data-collection programs have aided the investigation of 54 "terrorism-related activities" in the past six years, while following strict rules and being subject to intense scrutiny by all three branches of government, the head of the U.S. spy agency told attendees in a keynote kicking off the first day of the Black Hat security conference here on July 31.

Standing in front of a packed ballroom, Gen. Keith B. Alexander, commander of the U.S. Cyber Command (USCYBERCOM) and director of the National Security Agency, spoke for nearly an hour on the two programs that the NSA uses to gather information on possible terrorists. The two initiatives, authorized under sections 215 and 702 of the Foreign Intelligence Surveillance Act (FISA), bring together data on calls and communications between U.S. residents and allows the agency to wiretap communications between non-U.S. citizens, respectively.

The agency's efforts are limited, with only 22 people allowed to query the database of metadata and detailed auditing of any request or access to the database, Alexander said.

"It is focused," he said. "If you think about net flow and the amount of information generated, you could not afford nor want to collect everything. It makes analysis harder."

The National Security Agency and Alexander have come under sharp scrutiny over the government's widespread collection of data on U.S. citizens. In June, former government contractor Edward Snowden leaked information on a variety of NSA programs and operations, including documentation on the daily handover of user call data from phone carrier Verizon. The revelations have raised questions over whether the government has given the National Security Agency too much power to monitor citizens’ communications without effective oversight.

Under the business records collection rules of the Foreign Intelligence Surveillance Act, known as Section 215, the agency can only provide information about a communications initiated to or from a specific number, he said. Under Section 702 of FISA, the agency is only allowed to monitor the communications of a foreign citizen who is abroad.

In 2007, for example, the NSA's analysis revealed a phone number in California connected to a suspected terrorist. The NSA passed that information to the FBI, which used national security letters to identify who had been called and then executed a search warrant, resulting in evidence against a U.S. resident for material support of terrorists. That is a success, Alexander said.

"Our job is not to complicate the life (of the FBI) by giving them as many numbers as we can," he said. "Our job is to help them focus on the right number."

Alexander repeatedly underscored that the NSA is working to help the nation and that the employees of the NSA are some of the most dedicated people. In addition, he underscored that companies do not have any choice but to cooperate under U.S. law with both the NSA and with the National Security Letters used by the FBI.

Yet, the NSA is not given a blank check to do as it pleases, he stressed. The foreign intelligence surveillance court (FISC) is not a group of like-minded individuals that rubber stamps any request that the NSA makes, Alexander said.

"Anyone here that has been up against a federal judge knows that they don't take any…I'm trying to think of a word here—even from a four-star general," he said.

In the past six years, the NSA has helped investigations into 54 terrorist-related activities across the world, including 13 in the United States and 25 in Europe.

Alexander was not given a free pass at Black Hat. A handful of hecklers accused him of lying to Congress and questioned whether the NSA was working within the U.S. constitution. Prior to Alexander taking the stage, a dozen eggs were confiscated from a member of the audience as well.

Robert Lemos

Robert Lemos

Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's...