Black Hat USA: NSA director opens up about PRISM and other surveillance

With the global spotlight on the US surveillance programme PRISM, there was bound to be an interesting discussion when National Security Agency (NSA) director General Keith Alexander took stage to discuss the agency’s workings.

During his talk, Alexander spoke about how the NSA collected data through the phone tapping and the PRISM programmes. The phone surveillance was restricted to the US territory where the NSA had access to metadata of callers, while PRISM’s extent was more far-reaching and helped the NSA spy on the internet activity of all non-US citizens around the world. In his talk, Ars Technica says, the four-star general told terrorist Najibullah Zazi’s story and how the NSA used PRISM to foil a plan masterminded by him to attack the New York subway system.

The NSA director General Keith Alexander speaking at Black Hat (Image credit: ZDNet)

While Alexander stressed that both programmes have helped thwart many such attempted terrorist attacks, the audience was more than sceptical about the NSA’s intentions with exclamations like ‘Bullshit’ and ‘How do we know you are not lying to us now?’ being thrown around liberally. Alexander reportedly maintained composure through the accusations, but there was good reason for the crowd to be doubtful. Like ZDNet reports, Alexander denied any PRISM-like NSA surveillance after the Black Hat event last year. But the Edward Snowden-led revelations of PRISM showed it was a plain lie.

More from News & Analysis

What is the US HIRE Bill and why is India’s $250-billion IT sector worried? Is the internet dead? What's this theory that OpenAI's Sam Altman says might be true?

It’s not only the PRISM expose that has been the bane of Alexander’s directorship at NSA. Alexander’s talk came at a time when another NSA surveillance tactic, XKeyscore is under attention. XKeyscore, also revealed by The Guardian using information provided by Snowden, is allegedly an NSA programme that collects almost everything a user does online and has a ‘wider-reaching’ net than PRISM. Ominously, this data can be collected by NSA analysts without a court order and only requires a simple form to be filled giving broad justification for the tap. In addition, multiple Wikileaks revelations and the Bradley Manning saga, which seemingly ended this week, have given the NSA a nasty reputation. And due to this very reason, the general showed the audience of security experts and journalists slides about the extent of surveillance and the people in the NSA who have access to data acquired thus. Due to the heavy criticism faced by NSA in recent times, Alexander’s talk was in equal parts a public relations exercise and an attempt to be transparent.

The basic structure and reach of PRISM (Image credit: ZDNet)

As for whether the PRISM programme is lawful, Alexander said there were no doubts. “We have the courts, Congress and lawmakers looking at what we do. (…) We have 100% auditability on every query we make. We worked with committees in Congress for a directorate of compliance.”

The court that Alexander reffered to is the FISA court, which sanctions most of the NSA snooping. The director says it’s no rubber stamping operation, and there are stringent measures to see data was not being misused. Alexander stressed that systems were “100 percent auditable” and also claimed there have been zero abuses of PRISM. What is ominous is that the NSA director never said that his agency cannot access this so-called impertinent user data, but simply that the agency does not do it. Despite the supposed safeguards in place, this fact will not assure most internet users.

Cover image: Getty Images