Black Hat: NSA boss Keith Alexander claims PRISM only gathers terrorist data

LAS VEGAS: The head of the US National Security Agenchy (NSA) spoke in front of an audience of thousands of security professionals to explain his agency's controverisal surveillance programmes.

 

General Keith Alexander told attendees at the 2013 Black Hat conference that the agency's Foreign Intelligence Surveillance Act (FISA) and PRISM procedures are being carried out with far more discretion and oversight than commonly believed and are solely used for the purpose of gathering data on known or suspected terrorists.

“Their intention is not to go after our communications, their intention is to find the terrorists that walk among us,” Alexander said of the NSA. “We comply with court orders and do this exactly right, and if we make a mistake we hold ourselves accountable and report it.”

According to Alexander, the NSA operates under a strict set of limitations and is subject to regular audits over all collected data, much of which is highly anonymised. According to screenshots provided by the NSA, phone data is limited to dates and times, origin and destination numbers, and means of collection. No audio, SMS or account information is harvested at any point in the process.

The number of people in charge of the surveillance information is limited as well. Alexander said that just 22 inividuals within the NSA are allowed to authorise data collection, and just 35 analysts are authorised to view phone data collected through the FISA programme.

Alexander also talked up the strict judicial regulations that govern the programme and require the NSA to obtain authorisation from federal courts for all surveillance activities. Contrary to popular belief, says Alexander, the NSA often finds itself with a skeptical audience when it seeks judiciary approval.

“They want to make sure that what we are doing comports with the constitution and federal law, and they are dead serious about it,” Alexander told attendees. “These are tremendous judges, they are not a rubber stamp.”

The NSA boss was not without his detractors, however. Sporadic heckling from the crowd roasted Alexander for issues ranging from the constitutionality of the programme to the US policies behind its activities in the Middle East.

Ultimately, however, Alexander would reach out to the audience, inviting security professionals to submit their questions and comments with the administration and help it to revise and improve its policies.

“We need to hear from you because the tools and the things we use are very much the same as the tools you use in securing your networks,” he said. “The difference is the oversight and compliance we have in these programmes, that part is missing in much of the discussion.”