(U.S. Defense Department graphic illustration by Jessica L. Tozer/Released)
What comes to mind when you see the acronym NSA?
Do you think spies? Protectors of secrets? Information collectors? Privacy violators? You can rarely open up a news website these days without seeing that three letter acronym splashed up somewhere.
But for all the finger-pointing and paranoid ranting, does anyone really know what’s going on here? Is the National Security Agency really capable of the Jafar-like power madness that they’re accused of wielding?
Or are internet rumors and misinformation painting our best cyber security defenders as bad guys?
It is time to get the story straight. To do that, I decided to go right to the top.
Gen. Keith Alexander is the Commander of the United States Cyber Command, Director of the National Security Agency,and the the chief of the Central Security Service. He has been the defender of our silent servants since 2005, and is absolutely dedicated to getting the right information out to the American people.
I sat down with Gen. Alexander to find out how to separate the truth from the rumors. To this, he has a proven one-step process: “First, get the facts,” he says. “You’ll see what’s happened in the first step.”
The path to the facts starts with myth-busting the misinformation. So let’s get started.
Rumors of the National Security Agency’s privacy violations have been greatly exaggerated.
Army Gen. Keith B. Alexander, U.S. Cyber Command commander and National Security Agency director, speaks during an interview at the National Cryptologic Museum in Annapolis Junction, Md., Oct. 21, 2013. (U.S. Defense Department photo by Navy Petty Officer 2nd Class Kayla Jo Finley/ Released)
“We [the NSA] collect foreign intelligence for our country, and we provide information assurance for national security systems,” Gen. Alexander says. “We have two great missions, and those missions provide us with some tremendous capabilities.”
These capabilities and the information that they collect are what enables them to defend the nation. They do not choose between national defense and privacy. It must always be both.
When it comes to what the NSA does for the American people, Gen. Alexander says we first need to look at what NSA does to protect this nation from terrorist attacks.
“When you look at the 9/11 commission, it faulted the intelligence community for not connecting the dots. We didn’t have the tools. These [programs we have now] are tools that help us connect the dots. We have learned that lesson once. We all vowed this would never happen again. We should commit to that course of action.”
The world runs on cyber.
From email to online bank accounts, from smart phones to smart TVs, just about everything in our lives runs on computer networks. And most of those are not as secure as they need to be. But how do we protect ourselves in an ubiquitous and constantly-changing cyber domain?
This is where Cyber Command comes in.
“We see a lot of exploitation of intellectual property,” Gen. Alexander says. “Cyber Command is the organization that would respond to [those threats]. That’s the platform for defending the DoD networks, defending the nation, and responding – as policymakers would ask us to do – if someone were to attack us.”
So let’s take a look at some of the recent foreign intelligence programs that have been getting a lot of attention lately. You know the ones. You may have seen them in the news, often mislabeled as “spying programs”. Gen. Alexander is quick to correct this misnomer.
You keep using that word. I do not think it means what you think it means.
The business records program, or Section 215, is probably the most misunderstood of the two programs. The metadata program takes information and puts it in a data repository. Metadata is the phone number, the date, time, group, and duration of the call.
“That’s all we have,” Gen. Alexander explains. “We don’t have any names or any content.”
The purpose of this collection is to identify the U.S. nexus of a foreign terrorist threat to the homeland. The government cannot conduct substantive queries of the bulk records for any purpose other than counterterrorism.
If a “nexus” is found in the metadata, that information is passed to the FBI. They don’t know who it is. They don’t know the content of the communication. The FBI can then take that information and proceed as necessary.
PRISM logo (National Security Agency courtesy graphic)
The second program is the PRISM program or FISA Amendment Act 702. PRISM is a little bit different. PRISM is a content program. The program legally compels service providers to supply information to the government if there is an appropriate and documented foreign intelligence reason and the subject of interest is believed to be outside the U.S.
It also has to be one end foreign, not on U.S. persons, Gen. Alexander explains. This, of course, requires a lot of management and review. A lot.
“The oversight and compliance on these programs is greater than any other program in our government.”
Oversight. And we’re not talking about a couple of manager signatures on a memo here.
“It’s from within NSA by the general counsel, the inspector general, the oversight and compliance directorate; from the DNI’s general counsel and inspector general and civil liberties and privacy officer; by DoD’s inspector general and general counsel; by Department of Justice; by the White House; and by Congress, both committees.”
That’s a lot of oversight. Even by the government’s standards.
So this is a secret program that’s not really so secret. It’s one that Congress, the administration, and the Courts have all approved.
“People say they’re spying on America. That is absolutely wrong,” Gen. Alexander says. “We’re going after terrorists with those programs. We protect civil liberties and privacy.”
So if this isn’t a secret, then why keep these programs from the American people?
“If we could only give it to the good guys and tell them to keep it secret, then yeah, give it to all the good guys. The problem is that the bad guys are amongst us. They will figure it out. This happened in 1998 after the East Africa Embassy bombings. Somebody revealed publicly that the way we track Bin Laden was through satellite communications, or SATCOM. Within two days, we never saw Bin Laden in communications again.”
Sometimes, it’s silence that saves lives.
“My concern is the revealing of these programs allows terrorists to know the best weapons that we have against them,” Gen. Alexander says. “It will cause irreversible and significant damage.”
Speaking of accountability, a lot of the misdirection in these stories and these programs comes from fast spreading, half-baked information. Like the story recently that bemoaned the recording of seventy million phone calls being intercepted in Paris over a one-month time period.
Think about that. Seventy million phone calls.
Army Gen. Keith B. Alexander, U.S. Cyber Command commander and National Security Agency director, speaks with Armed with Science blogger Jessica L. Tozer during an interview at the National Cryptologic Museum in Annapolis Junction, Md., Oct. 21, 2013. (U.S. Defense Department photo by Navy Petty Officer 2nd Class Kayla Jo Finley/ Released)
“Now, I don’t know how many phone calls you get a day, but let’s say thirty. Now you’ll need French linguists, because French people speak French. The average analyst might be able to do one call every fifteen minutes,” Gen. Alexander points out. “So that’s four an hour times eight is thirty-two, divide thirty-two into today, and you’re going to need a little bit less than one hundred thousand people, just for France. And France is an ally. It’s absurd.”
But even in the face of facts, checks and balances, people still cry protest. Some are still not convinced. Some people claim that there must be a different, more private way to go about monitoring for terrorist plots. While keeping Americans informed. While still thwarting the bad guys.
The NSA asks: Have you got a better idea?
“I do believe if we can find a better way, we ought to put it on the table and take those steps,” Gen. Alexander proposes. “So anybody who’s got a better idea, let’s put it on the table. But to say ‘stop’ ignores the lessons that we learned in 9/11.”
The bottom line is that these programs help the NSA to take care of our people, our information, and our nation. We should improve our programs, not negate their utility. Even, and especially, in the face of Internet scrutiny.
“I liken this to holding a hornet’s nest,” Gen. Alexander says. “Now I would like to give it to somebody else and say, ‘You protect the nation with this dataset.’ Everybody’s looking around and saying, ‘I don’t want to hold that. You hold it.’ But somebody’s got to hold it for the good of the nation.”
When it comes to supporting his people, Gen. Alexander holds them in the highest regard. “They’re the heroes,” he says. “It should never be a question in anyone’s mind.”
Some people would rather believe a dramatic, convenient lie than a real, uncomplicated truth. Don’t be that person. Don’t give credence to speculation, rumor, or hyperbole. Simply put, don’t give into the hype. When it comes down it, a nation without the NSA would be a nation left undefended.
And that, dear readers, is no lie.
Still not convinced? Watch the whole interview here:
Jessica L. Tozer is a blogger for DoDLive and Armed with Science. She is an Army veteran and an avid science fiction fan, both of which contribute to her enthusiasm for technology in the military.
Disclaimer: The appearance of hyperlinks does not constitute endorsement by the Department of Defense of this website or the information, products or services contained therein. For other than authorized activities such as military exchanges and Morale, Welfare and Recreation sites, the Department of Defense does not exercise any editorial control over the information you may find at these locations. Such links are provided consistent with the stated purpose of this DOD website.