The Complex

NSA Chief Says He Might Loosen Grip (a Tiny Bit) On Surveillance Dragnet

The Director of the National Security Agency is defending his organization's practice of collecting and storing for several years the phone records of millions of Americans, but he told a panel of lawmakers Tuesday that his agency may be willing to relinquish some control over that massive database.

Gen. Keith Alexander told the House Intelligence Committee that cellphone metadata such as phone numbers and call duration has been used in foiling "a little over" ten "potential" terrorist attacks on U.S soil. But the agency may look at asking phone companies to hold onto their call records and only turn over details on specific accounts being investigated by the government, he said.

Several lawmakers expressed concern at the hearing that the NSA was collecting and storing too much information connected to Americans, the overwhelming majority of whom could not possibly be connected to terrorism. Leaving the metadata with the phone companies, rather than copying it into NSA's databases, could alleviate some of those concerns at a time when the electronic spy is facing renewed scrutiny of its secretive intelligence-gathering efforts.

"FBI, NSA are looking at the architectural framework of how we actually do this program," Alexander said. "If you leave [telephone metadata] at the service providers, you have a separate set of issues in terms of how you actually get the information; how you have go back and get that information [from them] how you follow it down and the legal authority for how you compel them to keep that information for a certain period of time."

But Alexander cautioned that having the data in-hand at NSA allowed the agency to respond quickly to potential threats, and that going to the phone companies with repeated requests might take too long. "The concern is speed in a crisis," he said

Alexander's statement came in response to a question from Rep. Adam Schiff, a Democrat from California, who wanted to know the prospects for changing a section of the Patriot Act such that telecommunications companies would be required to retain the metadata, and only hand it over to the government when they were specifically queried.

Alexander and other officials from the intelligence community noted that while they have collected millions of Americans' phone records, they are kept in a "lockbox," as committee chairman Mike Rogers has described it. Only if NSA has "reasonable, articulable suspicion" that a phone number from outside the United States is talking to someone in the country, are NSA officials allowed to go into that lockbox and see which domestic line the outside number is communicating with. That has only happened about 300 times in the last year and only 22 NSA officials are allowed to look at the information, according to the witnesses at the hearing, which included senior officials from the Justice Department and the FBI.

The NSA is also implementing a buddy system of sorts aimed at preventing unauthorized leaks by  about 1,000 fairly low-level IT systems administrators, the position held by Edward Snowden, who first disclosed a court order connected to the NSA's massive collection of cellphone metadata.

"Working with the Director of National Intelligence, what we're doing is working to come up with a two-person rule and oversight for those [individuals] and ensure we have a way of blocking people from taking information out of our system," Alexander told lawmakers. Basically, systems administrator accessing sensitive information will need someone else there to make sure they don't abscond with it.  

Alexander also disclosed some more details about what kind of information Snowden was able to access on NSA's internal networks. The systems administrator did not have access to specific intelligence that was collected by the NSA, but rather only to documents that "say how we do our business," said Alexander.

"To get to any data like the business records [call-tracking data] that we're talking about, that's in an exceptionally controlled area," said Alexander. "You would have to have specific certificates to get into that. I am not aware that...Snowden, had any access to that."

However, Snowden did obtain a copy of the Foreign Intelligence Surveillance Court order directing Verizon to hand over its metadata. That happened while Snowden was attending a training session at the NSA's headquarters in Ft. Meade, Md., Alexander revealed.

"The FISA warrant was on a web server that he had access to as an analyst coming into the Threat Operations Center," said Alexander. "It was in a special classified section that as he was getting his training he went to."

Snowden found other documents such as the slides on the now famous PRISM Internet surveillance program on "open" internal forums that NSA employees could access, Alexander said. "Those are forums that help people understand how to operate NSA's collection authorities."

Alexander sought to defend the NSA's collection of huge amounts of telephone and Internet data as key tools that the government uses to disrupt or prevent terrorist attacks. All told, he said, NSA's activities have  potentially disrupted more than 50 terrorist events around the globe, including at least ten inside the United States.

In 90-percent of those 50 cases, collection pursuant to section 702 of FISA contributed to the government's efforts, Alexander said. (That section governs the collection and analysis of Internet data associated with the PRISM system.) And in 50-percent of those cases, the collection authority was "critical" to stopping an attack, Alexander said.

Of the ten potential attacks in the United States, telephone metadata was used in the "vast majority" of investigations, he said. Administration officials have said the metadata is only used to determine if a foreign terrorism suspect is making contact with individuals in the United States. Alexander said that the number of cases in which metadata played a role stopping a plot was probably more than ten, but he wanted to confirm the estimate with other intelligence officials before nailing down a precise number.

FBI Deputy Director Sean Joyce  described four specific terrorism cases in which officials used information collected through PRISM or the metadata system:

  • An effort to blow up the New York Stock Exchange, which Joyce told lawmakers was foiled by intelligence collected pursuant to Section 702 on a Yemeni terrorist. This program also allowed the FBI to lure potential terrorists to the Untied States so they could be arrested, Joyce claimed.
  • 702 data was also used to capture David Headley, the Pakistani-American who helped scout locations for the 2008 Mumbai attacks and planned to bomb a Danish newspaper that published cartoons of the Prophet Muhammed.
  • In another case, authorities used Section 215 data to reopen an investigation into a terrorist financier that was halted soon after September 11, 2001.

Whether you call him a hero or a traitor, it looks like Edward Snowden's disclosure of the NSA's gathering of phone records in bulk may in fact lead to the practice ending. 

Additional reporting by Shane Harris.

Getty Images

National Security

Questions the NSA Chief Should Be Forced to Answer

National Security Agency chief Gen. Keith Alexander is set to testify before the House intelligence committee Tuesday on the NSA's vast operations to collect the phone and Internet records of millions of people.

Nothing overtly illegal has surfaced - at least not yet -- in the nearly two weeks since NSA's data-collection efforts were leaked to The Guardian and The Washington Post. But there are still all sorts of question marks surrounding the activities that America's digital spies are undertaking on U.S. soil. Here are seven questions we'd like the Representatives to ask tomorrow. 

  • How many times has NSA been granted permission to collect phone and Internet metadata on the entire customer base of American companies? (Or as ACLU lawyer Michelle Richardson put it in an email to Killer Apps: "How the heck did a federal judge agree that literally every phone call in America is ‘relevant' to an investigation? Is there a court opinion discussing this?")
  • The Intelligence Community collects millions of phone records under section 215 of the Patriot Act, which allows the government to ask a Foreign Intelligence Surveillance Act or FISA court to order a business to hand over customer records to federal investigators. What other bulk information does the Intelligence Community collect under section 215? Last week, Sen. Dick Durban revealed that there's been a huge spike in the amount of times U.S. government has requested authority under Section 215 of the Patriot Act to obtain phone records and possibly medical records, tax records, Internet search records and credit card records -- some 212 times last year compared to the 21 such instances in 2009. Furthermore, is it true that you only consider intelligence as being "acquired" if a querey is made about the details of metadata that 215 programs gather ? 
  • What electronic data are collected by intelligence agencies without a warrant on U.S. soil? Does the NSA have "direct access" to tech company servers under the PRISM program, as an official presentation for the system suggested? If so, describe in detail what you mean by "direct access."
  • You said that "dozens" of potential terrorist attacks against the U.S. and its allies have been thwarted by these programs. But the government has only specifically discussed one plot - and that case seemed to be cracked by old-fashioned police work. Which specific terrorist plots on U.S. soil have been foiled by Section 702 (the section of the Patriot Act that allows the government to search content of foreign electronic communications) programs like PRISM? How many have been foiled by the Section 215 surveillance that looks at business records? 
  • Even the government acknowledges that with broad electronic intelligence programs, information on U.S. citizens may be "incidentally" or accidentally collected. How many American's have had the contents of their electronic communications accidentally scooped up?
  • The government is required to minimize information collected about American citizens who are not being investigated for a connection to terrorism. What is done, specifically, with Americans' information that is accidentally collected? What are the minimization procedures and how quickly are they undertaken? 
  • Edward Snowden has claimed that as a fairly low-level contract-employee to NSA he could he could tap into virtually any American's phone call or e-mails. True or false? Who is given access to the electronic intelligence collected under these programs?

While we're at it, we'd like to ask the tech companies like Apple, how on Earth are their legal departments able to quickly analyze through the thousands of government requests to view customer data and determine how to respond? Maybe these tech company CEOs will be the next witnesses as Congress tries to untangle this vast NSA surveillance web.