Skip to Content

NSA Chief Says U.S. Phone, Web Surveillance Sets “Standard for Other Countries”

There are tight controls on the NSA’s access to U.S. phone records and data from U.S. Internet companies, the agency’s director says.
July 31, 2013

The National Security Agency’s collection of phone records and Internet data from U.S. companies provides a model for other nations, the agency’s director, General Keith Alexander, said today at a prominent computer security conference in Las Vegas.

NSA General Keith Alexander
Surveillance chief: As director of the National Security Agency, General Keith Alexander has overseen the development of programs that routinely collect U.S. call records and ease access to data held by Internet companies such as Google, Facebook, and Microsoft.

In his most public appearance since leaked documents revealed the existence of such large-scale surveillance programs, Alexander gave new details about how access to the collected data is controlled within the NSA. Those measures, combined with oversight from Congress and the courts, provide strong protections against abuses, he said. “The assumption is that people are just out there wheeling and dealing, and nothing could be further from the truth,” said Alexander. “I think this is a standard for other countries.” Alexander gave the opening keynote at the Black Hat computer security conference.

Public and political opinion on the NSA’s activities is generally unfavorable after leaks showed how existing laws were being used to enable the collection of data on a previously unimagined scale (see “NSA Surveillance Reflects a Broader Interpretation of the Patriot Act” and “Microsoft’s Surveillance Collaboration”).

Alexander sought to alter that perception a little. Before a particular phone number can be added to a list used to search the NSA’s database of U.S. call records, he said, approval must be given by one of only 22 people inside the agency authorized to give it. Once approval is granted, only 35 analysts at the NSA are authorized to run queries, he added, noting that in 2012, only 300 phone numbers were approved for searches of the call-record database, and 12 reports to the FBI, containing fewer than 500 further numbers for investigation, resulted.

Alexander said less about how access to e-mails and other data collected from Google, Facebook, Microsoft, and other U.S. Internet companies is controlled, but he implied that similar protections are in place. The NSA has “auditing” technology that records everything people with access to the surveillance databases do, he said, so anyone acting suspiciously would be caught. “Our auditing tools would detect them and they would be found accountable, and they know that.”

Alexander mentioned several times that the relevant law allows access to the phone and Internet data troves only in pursuit of foreign intelligence. He made no mention of a leak published today by British newspaper The Guardian about a system called XKeyscore, apparently used to search e-mails and online postings collected worldwide.

Alexander’s claims seem to clash with one made by Edward Snowden, who leaked material about the two surveillance programs in June. After coming forward, Snowden said that although he was not a senior analyst, he could easily “wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal e-mail.”

Alexander repeatedly stated that the NSA’s surveillance efforts were motivated by the need to combat terrorism, and he said his phone and Internet data programs had “disrupted 54 terrorist activities,” 13 of them on U.S. soil.

Against that background, argued Alexander, the NSA’s surveillance programs were necessary, and weakening it in an attempt to defend civil liberties would be counterproductive. “If those attacks were successfully executed, what would that mean for our civil liberties and privacy?” he asked.

Speaking to the media after Alexander’s keynote, Jeff Moss, a hacker and founder of the Black Hat conference, welcomed the NSA director’s willingness to talk publicly and provide some new—if small—details about how the programs operate.

“Because the details of these programs are classified, we need to get as much out of this debate as possible,” while public attention is still focused on the NSA, said Moss, who is also known as the Dark Tangent. The more that can be learned about the NSA’s programs, the more likely it is that better oversights will be developed, he said: “Maybe we can come up with something technologically that can do this but doesn’t compromise privacy.”

Moss caused controversy earlier this month when he reacted to news of the NSA’s large-scale surveillance by suggesting that government workers—“feds”—stay away from the Def Con hackers conference, another event he founded, which takes place in Las Vegas immediately after Black Hat.

That means Alexander is unlikely to show at Def Con this year, despite giving the keynote in 2012 at Moss’s invitation. For that talk, Alexander eschewed the uniform he wore today, sporting a T-shirt and faded jeans as he exhorted the assembled hackers to consider working for the NSA.

Ironically enough, in that 2012 speech Alexander said that the NSA was unable to access enough data on online activity to protect against attacks on financial markets and energy infrastructure (see “NSA Boss Wants More Control Over the Net”), a claim that now appears in a different light. “We do not sit around our country and look in” to the Internet, Alexander said in that speech.

Keep Reading

Most Popular

individual aging affects covid outcomes concept
individual aging affects covid outcomes concept

Anti-aging drugs are being tested as a way to treat covid

Drugs that rejuvenate our immune systems and make us biologically younger could help protect us from the disease’s worst effects.

Europe's AI Act concept
Europe's AI Act concept

A quick guide to the most important AI law you’ve never heard of

The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.

Uber Autonomous Vehicles parked in a lot
Uber Autonomous Vehicles parked in a lot

It will soon be easy for self-driving cars to hide in plain sight. We shouldn’t let them.

If they ever hit our roads for real, other drivers need to know exactly what they are.

crypto winter concept
crypto winter concept

Crypto is weathering a bitter storm. Some still hold on for dear life.

When a cryptocurrency’s value is theoretical, what happens if people quit believing?

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.