The Complex

Top Intelligence Lawyer: 'I Don’t Know What’s In Every NSA Database'

The intelligence community's top lawyer mounted a full-throated defense of the National Security Agency's global surveillance programs in a speech on Friday, insisting that the agency goes to great lengths -- unique among most nations -- to ensure that it's not inappropriately monitoring the communications of Americans. But after the prepared remarks were over, Robert Litt undermined his own case a bit when he admitted that he wasn't completely sure how, technically, the NSA kept Americans out of the surveillance dragnet.

In a speech at the Brookings Insitution in Washington, Litt said that when the NSA wants to monitor an individual's email account under a program he described as one of the most valuable tools for detecting terrorist plots,  analysts first determine whether the sender is a U.S. citizen or legal resident, and whether he is located inside the United States. If he meets either of those criteria, the government is supposed to obtain a warrant before reading the email.

But this is no easy task. The NSA has a very difficult time knowing whether an email sender is, in fact, a U.S. person, and therefore afforded additional privacy protection under the law. Asked to elaborate on how the NSA makes this determination, Litt acknowledged that the process is "technically very difficult." But he said he was not at liberty to divulge "NSA analytic tradecraft."

Litt did offer that analysts have a variety of other databases that they can consult, separate from those that contain data collected through the PRISM system and the bulk collection of telephone records, the two programs that Litt addressed in his remarks.  

But when asked what information that was, Litt said the he didn't know. "I do not know what's in every one of NSA's databases."

The acknowledgement by the intelligence community's top lawyer that he doesn't know what data the NSA is using to make a crucial legal determination undermines assurances that the agency's spying is robustly monitored and that privacy abuses hadn't occurred.

Exactly what's in the NSA's many electronic repositories -- most of which are still classified -- is at the heart of the debate over whether the agency has gone too far in collecting and storing unprecedented amounts of personal details on millions of people.

Yes, Litt is a lawyer, and not a technical expert. But he's the lawyer who's supposed to oversee the NSA's surveillance work. He's one of the lawyers who defended that surveillance in front of Congress. Previously a senior official at the Justice Department, his office is today partly responsible overseeing applications to the Foreign Intelligence Surveillance Court, which authorizes the NSA's collection of electronic communications. Those applications are approved by the Director of National Intelligence, Litt's boss, and the Attorney General.

Litt spent the bulk of his address defending what he described as rigorous internal controls over what NSA can and can't do with Americans' electronic communications. He stressed repeatedly that the collection of email and bulk phone data had been approved and is routinely overseen by all three branches of government, which "have determined that this collection is lawful and reasonable."

Litt said that the public disclosure of these programs by former NSA contractor Edward Snowden had caused "long lasting and perhaps irreversible harm" to U.S. national security. He criticized the leaks and subsequent press coverage as "reckless" and "sensationalized."

"Our adversaries have noticed these revelations," Litt said, implying, without offering specific details, that terrorists are adjusting their communications tactics to avoid detection. "There's no question they have sat up and taken notice."

Citing President Obama's comments that he welcomes a debate on the proper balance between security and personal privacy, Litt said, "These discussions should have taken place without these disclosures." But two administrations have chosen to classify almost all the details of intelligence gathering by the NSA and other agencies, a decision that even Litt acknowledged made it difficult to discuss or defend what the spy agencies are doing.

Litt also indicated in congressional testimony this week that the government had no intention of ever disclosing the details of these surveillance programs before they were exposed in the press.

"Do you think a program of this magnitude...could be indefinitely kept secret from the American people?" Litt was asked by House Judiciary Committee Chairman Bob Goodlatte, a Republican from Virginia.

"Well, we tried," Litt replied.


National Security

NSA is Locking Server Room Doors to Prevent Another Snowden Affair

ASPEN, CO. -- NSA chief Gen. Keith Alexander today said that his agency is piloting the Defense Department's security reforms aimed at preventing systems administrators from stealing large volumes of classified data. What's that involve? In addition to requiring systems administrators to operate in pairs when accessing highly classified information, NSA will limit the number of people who can download classified data onto removable disc drives and will lock server rooms.

"Instead of allowing all systems administrators [to write data to thumb drives], drop it down to a few and use a two person rule," said Alexander during a talk at the Aspen Security Forum in Colorado this evening. "We'll close and lock server rooms so it takes two people to get in there."

"Since this happened in our place, on our watch, we're piloting that for DOD and for the IC [Intelligence Community], we will fix this on our stuff and we have a responsibility to do that," said Alexander.

The Army four-star general was expanding on Deputy Defense Secretary Ashton Carter's comments earlier today about the security measures DOD is putting in place in the wake of NSA leaker Edward Snowden's disclosure of secret U.S. electronic intelligence efforts.

Still, Alexander the Snowden affair can't be allowed to put a freeze on the rapid sharing of actionable intelligence between intelligence agencies that has emerged in the post 9/11 era.

"We also have to ensure that we make sure that people who need information to do their job have access to information," said Alexander. "We've got to figure out how to balance this."

Doing this means NSA and other DOD agencies will need to look at limiting systems administrators' access to classified information while ensuring that analysts have rapid access to the intelligence they need, according to Alexander.

"After 9/11 we had this need to share, I think there's goodness in sharing, we've got to make sure we do it right," said Alexander.

Earlier today, Carter said that part of the reason that Snowden was successful was that too many people had access to top secret information, alluding to the culture of information sharing that has cropped up in the Intelligence Community since 9/11.

Alexander is also open to allowing tech companies to reveal the number of requests by the government to access their customer information for intelligence and law enforcement investigations.

"I think there's some logic in doing that," said Alexander. "The FBI and we are trying to figure out how to do that without hurting any of the ongoing investigations."

Alexander also said that he has seen adversaries of the U.S. changing tactics to evade NSA's intelligence-gathering techinques that were revealed by Snowden.

His comments come the same day that a number of tech companies including Google, Apple and Facebook wrote a letter to the White House asking to release more information about the number of times law enforcement or intelligence agencies ask for customer information.