Controls keep NSA spy programs legal, director tells Black Hat audience

Fears that spy agencies are eavesdropping on all phone calls, email messages are unfounded, NSA Director Alexander insists

LAS VEGAS -- A skeptical but mostly respectful crowd of Black Hat security attendees Wednesday listened intently as National Security Agency Director Keith Alexander defended controversial U.S. surveillance programs in a keynote address.

The nearly hour-long address was interrupted a couple of times by what appeared to be a single heckler as Alexander argued that NSA spy programs exposed by fugitive document leaker Edward Snowden were legal and vital to national security.

Alexander insisted that the widespread fears that the NSA is snooping on domestics phone calls and collecting data on innocent Americans are misplaced, contending that critics don't understand how the spy programs function.

He also said that the secret Foreign Intelligence Surveillance Court that authorizes specific NSA data collection activities is no rubber stamp, as the critics have widely alleged.

Alexander used the bulk of his keynote to describe the controls in place to ensure that NSA surveillance activities focus solely on counter-terrorism.

"What comes out is that we are collecting everything. That is not true," Alexander insisted.

"The assumption is that people are just out there wheeling and dealing. Nothing could be further from the truth," he added, citing controls in place that prevent NSA searches not specifically tied terrorism related activities or terrorist suspects.

The genesis of the NSA phone metadata records collection program, and the PRISM program under which it collects data directly from major Internet service providers, is the World Trade Center bombings of 1993, Alexander said.

Since then, U.S. intelligence agencies have been under tremendous pressure to collect data that can "connect the dots" of terrorist activity, he said. Over the years, the NSA has combined the PRISM program with the collection of phone metadata records such as the originating and dialed number, call time and duration and location data to identify potential terrorist plots in the U.S. and elsewhere.

Alexander contended that such data collection activities have helped the NSA identify and stop 54 terrorist plots including 13 in the United States, 25 in Europe and 11 in Asia in recent years.

The NSA does not as a matter of routine, listen in on phone calls, monitor email content or collect personal data, Alexander maintained. Only 22 NSA officials can authorize such searches and only 35 NSA analysts have the ability to run queries on the data collected. Every query needs to be specifically related to an anti-terror investigation and is fully auditable, he said.

Alexander also noted that U.S. spy programs are overseen by all three branches of government along with the Foreign Intelligence Surveillance Court, he said. The detailed queries that the NSA has run against the information it has collected involves only 500 or so phone numbers, Alexander said.

"The intent of the programs are to find terrorist actors and report that to the FBI," he said.

One audience member briefly heckled Alexander and characterized his descriptions of the spy programs as "bullshit." For the most part, though, the capacity crowd appeared to appreciate Alexander's efforts to explain the program.

At one point the crowd broke into broad applause when he asked the heckler to read up the Constitution after being urged to do the same by the heckler.

He also described as "bullshit" suggestions that the NSA might be exceeding legal limits in its use of phone metadata and data collected under the PRISM program. Congressional investigations have found that the program is operating legally, he said.

Concerns about audience reaction to an NSA presence had earlier prompted organizers of the DEFCON hacker conference to disinvite government employees.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is

Read more about security in Computerworld's Security Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Gov't Legislation/RegulationCybercrime and HackingNational Security Agencysecurityregulationnsagovernmentintel

More about FBINational Security AgencyNSATopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts