The House Intelligence Committee invited Gen. Keith Alexander, Director of the National Security Agency, to Capitol Hill for a (friendly) discussion of his agency's surveillance tactics. Joined by representatives of the Department of Justice and the FBI, Alexander outlined four plots he claimed were disrupted by their surveillance, including the one involving the New York City subway. On the whole, the one-sided hearing belied the witnesses' frequent claims that the NSA receives robust oversight from Congress.
Alexander returned to Capitol Hill only six days after a Senate hearing on cybersecurity and NSA budgets turned into an unexpectedly strong grilling of his agency's surveillance tactics. The House Intelligence hearing was specifically predicated on those tactics, but with a predisposition. Its title: "How Disclosed NSA Programs Protect Americans, and Why Disclosure Aids Our Adversaries." Joining Alexander were four witnesses sharing his worldview: John Chris Inglis, deputy director of the NSA; James Cole, Deputy Attorney General; Sean Joyce, Deputy Director of the FBI; and Robert Litt, General Counsel for the Director of National Intelligence.
The hearing lived up to its title. Chairman Mike Rogers of Michigan set the tone form the outset, lamenting the "constant public drumbeat about a laundry list of nefarious things [the NSA is] alleged to be doing to spy on Americans — all of them wrong." Such leaks are harmful, Rogers noted. "One of the more damaging aspects of leaking incomplete information is that it fosters distrust in our government." The ranking Democrat, Rep. Dutch Ruppersberger of Maryland, didn't disagree. "The American public think you're doing something wrong. And that's not the case at all." (For what it's worth, the court that authorizes the NSA's behavior found at least one occasion when it did.)
And Alexander began his opening statement appropriately: "Thank you for the kind words." He echoed the members' concerns about the disclosures, and the "failures to connect those dots" before September 11th. As FBI director did last week, Alexander suggested that 9/11 may have been prevented with the NSA's new tools in place, tools that make great effort to shield Americans. In fact, he added: "Ironically, the documents that have been released so far show the rigorous oversight" the government uses to ensure privacy.
Over 50 attacks had been prevented through the surveillance systems enacted after 9/11, Alexander said, using either Section 215 of the Patriot Act (the collection of phone call metadata) or Section 702 of the Foreign Intelligence Surveillance Act (collection of content from non-citizens). Details on all of them will be disclosed to Congress in a secret session tomorrow. Later in the hearing, Alexander broke down the numbers when asked how often the surveillance actually broke up plots.
- Ninety percent of those attacks were disrupted using Section 702. Of those, about 50 percent of the disruptions were "critical" to interrupting a plot.
- "Just over ten" over the more-than-50 plots allowed the use of Section 215, meaning that they involved domestic communications.
- Of those, the "vast majority" had a contribution — albeit not necessarily a critical one.
At today's hearing, the FBI's Joyce loosely described four specific incidents, three of which leveraged Section 702. The first was the example of Najibullah Zazi, who plotted to bomb the New York subway system. The NSA's role in disrupting this plot has been broadly questioned, though Joyce insisted it was critical. He also described three other plots.
- One plot involved the monitored communications of a Yemeni extremist under Section 702, which allowed the FBI to stop a "nascent plot" to bomb the New York Stock Exchange, including "luring" suspects to the United States to be arrested.. Later asked if this was a serious plot, Joyce replied, "I think the jury considered it serious, since they were all convicted."
- The second was the use of 702 to catch David Headley, who was involved in attacks in Mumbai and a plot to bomb a Danish newspaper.
- The third was the use of business records, Section 215, to reopen an investigation that was halted shortly after September 11. Several years after its intitial investigation, the FBI got a new phone number to look at.
Pressed for more information on this plot — the only cited example of the use of the Patriot Act to break up a terror plot — Joyce explained what terror activity was broken up: The suspect was "providing financial support" to terrorists. The questioning congressman, Rep. Mac Thornberry of Texas, asked if there wasn't some involvement with suicide bombings. Joyce, flummoxed, said, "Uh, not in this particular case." The microphones in the room picked up whispers, after which Thornberry clarified his question: But the financing went to groups in Somalia that conduct suicide attacks? With relief, Joyce replied in the affirmative.
Rogers asked several specific questions of Alexander, aimed at responding to rumors about NSA activity.
Rogers: Is the NSA on private company servers?
Alexander: It is not.
Rogers: Is the NSA able to listen to phone calls or read Americans' emails?
Rogers: … So the technology does not exist for anyone at the NSA to flip a switch and listen to any American's phone calls or emails?
Alexander: That is correct.
Rep. Michele Bachmann of Minnesota was later more direct. Does the government have a database of surevillance video? Of the content of calls? Of everyone's emails? Of our text messages? No, no, no, no, replied Alexander — at least, not at the NSA.
During his opening statement, deputy attorney general Cole outlined broadly how the tools work. They've been reviewed by Congress multiple times, he pointed out, then explaining the rigor with which the use of the tools is overseen. Cole raised an important point on the collection of phone metadata under Section 215 of the Patriot Act: It isn't covered by the Fourth Amendment, due to the Supreme Court's ruling on wiretapping. His description of the real-time checks on analyst use of the data didn't differ much from Edward Snowden's description, though Snowden explained how those lines are stretched. Later, in response to a question from Rep. Adam Schiff of California, Cole confirmed one of Snowden's claims: Analysts can query the database without further judicial approval, they determine what's "reasonably suspicious."
The only check is court review. Cole explained how those work for the Patriot Act. Every 30 days, the NSA files a report with the Foreign Intelligence Surveillance Court, which authorizes its surveillance. That includes the number of queries of the database and the number that include "US person information." (Inglis later noted that only 20 analysts and two managers were authorized to run such queries, and only 300 numbers were included in those searches.) They also meet regularly with the FISC and an inspector general to assess compliance. "Let me tell you," he said, "the FISA Court pushes back" on the data collection. Some reports, it's worth noting, suggest otherwise. Section 702 has its own overview systems, Cole said, including purges of any accidental inclusion of data involving American citizens anywhere in the world.
Cole concluded by noting a report suggesting that the U.S. is "much more transparent" about its intelligence-gathering and assessment tools than other countries, including the European Union. Alexander echoed this argument, that other countries similarly collect information.
Litt, of the DNI, was given the role of debunker. He suggested that the policies allowed under Section 702 were actually a "tightening" of what the government was already allowed to do. The role of the FISA Court (FISC) in approving requests, he argued, was "hardly a rubber stamp." The Court only rules following a back-and-forth involving the government sending an initial request for feedback. (At no point in the process is any opposing voice heard, including during the final authorization hearing.) Asked later if the government would push for the release of FISC opinions, Litt said they were "looking at it" and "would like to."
As for claims (as from Snowden) that the revelations wouldn't do any harm, he suggested that the government "risk[ed] losing these collection capabilities." If that happened, there's "no question" it would reduce the government's effectiveness. He specifically suggested that Snowden's picture of the NSA's work was limited. "This is what happens when someone who sees a tiny corner of things thinks it gives him insight into the whole program."
The name "Snowden" didn't come up often, though the person it refers to did. Several times, the access of contract systems administrators to data was questioned. Rep. Jan Schakowsky of Illinois asked how many people did similar work, with Alexander replying there were about a 1,000, "the majority" contractors, thanks to a downsizing push about a decade ago. Rep. Mike Thompson of California asked Alexander to explain Snowden's comment that "NSA provides Congress with a special immunity to its surveillance." Alexander said he couldn't, but that "we treat you with special respect!" There was laughter.
Two hours into the hearing, almost no dissenting voices asked questions. The Electronic Frontier Foundation, which recently won a surprising victory in its push for more transparency, is also live-tweeting its thoughts on today's hearing.