Compliance Management, Privacy

Black Hat: Alexander defends surveillance programs in keynote


The director of the National Security Agency spent most of his hourlong keynote at the Black Hat conference in Las Vegas justifying the agency's mass surveillance and bulk data collection programs in an attempt to assure the public that its intentions are justified, legal and noble.

The morning address from Gen. Keith Alexander was highly anticipated, both because Alexander, who also runs the U.S. Cyber Command, rarely speaks publicly but mostly because of interest over how the privacy-conscious crowd that attends Black Hat would respond.

Alexander was one year removed from delivering the keynote at DefCon – a talk that focused on encouraging skilled hackers to consider working for the U.S. government – but this year he swapped a T-shirt and jeans for formal military attire as he spoke to the crowd of several thousand.

Alexander was deliberate and equanimous as he spoke, seemingly aware of the growing outrage that has resulted in the wake of NSA leaks by whistleblower Edward Snowden. The general was interrupted several times, mostly by the same person, but remained in control of the talk throughout and seemed to have the support of a large majority of the room.

"Our job is defending this country," he said. "Saving lives.

Throughout, Alexander leaned heavily on the wars in Iraq and Afghanistan, 9/11 and ensuing terrorism investigations to justify the agency's use of an expansive surveillance apparatus that monitors both call information (known as metadata) and online communications and content. He said the programs have helped bust would-be terrorists, including someone plotting to blow up the New York subway system in 2009, though reports have argued this may not be the case.

He specifically addressed Patriot Act Section 215, which authorizes the collection of call records, including the data and time of the call, the number calling and called, duration of the call and the origin of the metadata record –but not the content of the call. Some have found this information being potentially in the hands of the U.S. government to be very troubling. The program is designed, Alexander said, to intercept the communications of suspected terror associates communicating with someone inside the U.S. 

Later, he addressed, FISA Amendments Act Section 702, which enables the so-called Prism program. He defended any technology companies that provide information to NSA under the program: "They are compelled by a court order to comply," Alexander said. And he said its goal is for foreign intelligence, not to target U.S. citizens. 

But Glenn Greenwald, The Guardian journalist who has broken many of the NSA stories, has written: "The decisions about who has [the] emails and telephone calls intercepted by the NSA is made by the NSA itself, not by the FISA court, except where the NSA itself concludes the person is a US citizen and/or the communication is exclusively domestic. But even in such cases, the NSA often ends up intercepting those communications of Americans without individualized warrants, and all of this is left to the discretion of the NSA analysts with no real judicial oversight."

Alexander said the programs have received Congressional support and have retained judicial oversight. He shot back against contentions that the FISA court simply "rubber stamps" requests it receives, saying the court isn't one to be bulldozed, "even from a four-star general." 

Some, however, believe the problem with FISA goes beyond a rubber-stamp mentality. The ACLU and EFF, for example, have filed lawsuits challenging FISA amendments to learn whether the NSA's surveillance efforts are constitutional, but they have so far been rebuffed because FISA rulings are kept in secret.

The Black Hat crowd was largely supportive of Alexander, though there were some disruptions.

"We stand for freedom," Alexander said at one point. "Bullsh*t," an audience member responded. There was some applause, but not nearly as much as when Alexander answered an audience member at the end of his talk, when questioned on the general's allegiance to the U.S. Constitution: "I read the Constitution. You should too," 
Alexander said.

Afterward, noted privacy researcher Moxie Marlinspike, who briefly disrupted the talk by asking Alexander "why he lied to Congress," said he found the largely receptive, if not welcoming, reaction from the crowd to be "disgusting" but predictable.

"A lot of people here work in the defense industry, and that's where they get their paycheck from," Marlinspike told SCMagazine.com. He added that Alexander used the "same talking points" as the government has before to describe the surveillance programs, and the points were meant to justify their existence. There remains many more questions than answers due to the immense secrecy shrouding the NSA's work, Marlinspike said.

Alexander's keynote came hours after The Guardian dropped a new exclusive that the NSA is operating a program known as XKeyscore.

"...XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst," according to the story.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds