Washington, DC – Media reports detailing secret National Security Agency collection of data from companies such as Google and Yahoo from overseas data centers mischaracterize what NSA does, the agency’s director said in an October 31 speech to an audience at the Baltimore Council on Foreign Affairs.
The reporting, which began last week, was based on documents stolen from NSA and periodically leaked to the media beginning this summer by former NSA information technology contractor Edward Snowden.
“There are some recent articles — recent meaning this morning — about our collection operations that mischaracterize exactly what we do and how we do it,” Army Gen. Keith B. Alexander said.
NSA is a global organization, noted the general, who also commands US Cyber Command.
“In order to understand what the terrorists are doing, in order to handle those foreign intelligence issues that we get, we have to have collection,” he said. “But it is not targeted against a company. … These are [data] flows that you would expect our agency to go after and to work with our partners.”
Alexander said that when NSA works with foreign partners, the agency follows US law and the laws of the partner’s country.
“We have to follow both, and where it says to protect a US person’s data, we do that, and [the foreign partner has] to do that too, wherever we partner,” the general said.
“That’s a huge step forward, … and it’s all to collect the data that we need — not targeting specific companies, although some data we do collect from some of those companies, because terrorists are using that and you expect us to get that,” he said.
Alexander said he spoke with a group of chief executive officers last week who told him that “they keep getting spun in the papers with what’s going on, and it’s hurting their business.”
The NSA director also said the companies’ reputations are being hurt unjustly with the public, because they’re being compelled by court orders through what NSA calls the FAA 702 program to produce emails and other records of suspected foreign agents.
The FISA Amendment Act 702, or FAA 702 — FISA refers to the Foreign Intelligence Surveillance Act — authorizes electronic surveillance to collect foreign intelligence information. The act also created the Foreign Intelligence Surveillance Court, which oversees FBI requests for surveillance warrants against suspected foreign intelligence agents inside the United States.
Because such court orders are infrequent, the companies want to be able to make these numbers public “so the American people and the rest of the world know this is a small number analogous to what other countries would do in law-enforcement type programs,” Alexander said.
“These aren’t relationships where industry is coming up and dumping data on our doorstep,” the general added. “It is compelled by a court order, [and] … we need to get that out. We’re working with the companies and the Department of Justice so the American people will know exactly what is shared in volume.”
Another NSA collection effort leaked by Snowden is the business record FISA program, or Section 215 of the Patriot Act, which consists of the bulk collection of US and other phone records into a database overseen by NSA.
“In there we put all our phone numbers — the to-from, the date, time and the duration of the call — and that’s it. No names, no content, no emails. We don’t need that,” Alexander explained.
“We’re looking from the foreign side. Are one of those numbers talking to one of those things that we see in Iraq or Afghanistan or somewhere out there?” he added. “All we need to do is tell the FBI that the number in the States … is talking to something that is a true threat to this country. The FBI uses their authorities to take it from there.”
An example of how the two programs work took place in 2009, Alexander said, when the NSA got insights from some of its collection in Pakistan under FAA 702.
“We lawfully intercepted an email [in which] there were discussions about recipes, weddings and a bomb … so we shared that with the FBI. In that email was a [telephone] number, and the FBI came back and said the number is Najibullah Zazi and is associated with this al-Qaida person,” he said.
“Given that number, and only that number, we were able to look into the business record FISA and see a number in New York and a number in Raleigh, NC, and another number, … and we were able to tell the FBI that number in New York was extremely important,” the general added. “They had insights to parts of that already, but we could tell them that there were terrorist groups associated with these numbers.”
Bosnian immigrant Adis Medunjanin was connected to the number in New York, Alexander said, and he and Najibullah Zazi were planning a mass attack on the New York City subway that would have been the biggest attack since 9/11.
“The great FBI, in a matter of six days, stopped the whole thing, because they had the intelligence and we had the tools and the insights to stop it,” he added.
In October alone, the general said, 2,336 people were killed and 1,510 were injured in Pakistan, Afghanistan, Syria, Iraq and Nigeria in terrorist acts.
“Over the past decade, we’ve had no mass casualties here, and that’s not by accident. That’s not luck, that’s great work, great partnership, and the tools that we need to prevent terrorist acts,” he added.
“We have to have intelligence,” Alexander said. “We have to have partnerships, we have to work together, and we believe we can defend the country and protect our civil liberties and privacy.”