Former NSA Official Disputes Claims by NSA Chief

Eugen Leitl eugen at leitl.org
Tue Jul 31 02:23:13 PDT 2012


http://www.wired.com/threatlevel/2012/07/binney-on-alexander-and-nsa/

Former NSA Official Disputes Claims by NSA Chief

By Kim Zetter July 29, 2012 | 2:25 pm | Categories: National Security,
NSA, privacy, Surveillance

Follow @KimZetter

Gen. Keith Alexander, head of the NSA and U.S. Cyber Command appearing at the
2012 DefCon hacker conference in Las Vegas on Friday. Photo: Kim Zetter/Wired

LAS VEGAS b A former NSA official has accused the NSAbs director of deception
during a speech he gave at the DefCon hacker conference on Friday when he
asserted that the agency does not collect files on Americans.

William Binney, a former technical director at the NSA, said during a panel
discussion that NSA Director Gen. Keith Alexander was playing a bword gameb
and that the NSA was indeed collecting e-mails, Twitter writings, internet
searches and other data belonging to Americans and indexing it.

bUnfortunately, once the software takes in data, it will build profiles on
everyone in that data,b he said. bYou can simply call it up by the attributes
of anyone you want and itbs in place for people to look at.b

He said the NSA began building its data collection system to spy on Americans
prior to 9/11, and then used the terrorist attacks that occurred that year as
the excuse to launch the data collection project.

bIt started in February 2001 when they started asking telecoms for data,b
Binney said. bThat to me tells me that the real plan was to spy on Americans
from the beginning.b

Binney is referring to assertions that former Qwest CEO James Nacchio made in
court documents in 2007 that the NSA had asked Qwest, AT&T, Verizon and
Bellsouth in early 2001 for customer calling records and that all of the
other companies complied with the request, but Nacchio declined to
participate until served with a proper legal order.

bThe reason I left the NSA was because they started spying on everybody in
the country. Thatbs the reason I left,b said Binney, who resigned from the
agency in late 2001.

Binney was contradicting statements made on Friday by Alexander, who told the
crowd of hackers and security professionals that his agency babsolutelyb does
not maintain files on Americans.

bAnd anybody who would tell you that webre keeping files or dossiers on the
American people,b Alexander continued, bknows thatbs not true.b

Alexander also told the audience that the NSA targets only foreign entities
and that if it bincidentallyb picked up the data of Americans in the process,
the agency was required to bminimizeb the data, bwhich means nobody else can
see it unless therebs a crime thatbs been committed.b Minimization refers to
legal restrictions under the United states Signals Intelligence Directive 18
on how data pertaining to U.S. citizens can be handled, distributed or
retained.

Following the panel discussion, a former attorney for the NSA elaborated on
this to Threat Level.

bYoubre looking at a data stream that originates in a foreign country. It
just happens to be transiting the United States,b said Richard Marshall,
former associate general counsel for information assurance at the NSA.
bYoubre authorized by law to collect that data and to analyze that data. Even
though it was captured on U.S. soil, itbs against a foreign target. Now in
the process of doing that, yes, there is a possibility, more than a
possibility I guess, that there will be some U.S. person who is involved in a
conversation with a foreign entity, a foreign person. So what? If youbre not
collecting data against that U.S. person, whatbs the harm?b

But ACLU staff attorney Alex Abdo, who was also on the panel, noted that a
gaping loophole in the laws governing the NSA allows the agency to do dragnet
surveillance of non-Americans and, in the process sweep up the data of
Americans they may be communicating with, and hold onto that data even though
the Americans arenbt the target. The NSA can then btarget [the Americans]
after-the-fact.b If, for example, new information came to light involving an
American whose information is in the database, the NSA can sift through the
bminimizedb data and at that point bget the info that they couldnbt target
from the outset.b

Earlier this month, the Office of the Director of National Intelligence
admitted in a letter sent to Senator Ron Wyden that on at least one occasion
the NSA had violated the Constitutional prohibitions on unlawful search and
seizure.

According to the letter, the Foreign Intelligence Surveillance Court found
that bminimization proceduresb used by the government while it was collecting
intelligence were bunreasonable under the Fourth Amendment.b

Author James Bamford, speaking with Abdo and Binney, said that the NSA could
also get around the law against targeting Americans by targeting a call
center for a U.S. company that is based overseas, perhaps in India. When
Americans then called the center to obtain information about their bank
account or some other transaction, the NSA would be able to pick up that
communication.

Finally, Binney contradicted Alexanderbs earlier claims that the agency could
not violate the law even if it wanted to do so because the NSA is monitored
by Congress, both intel committees and their congressional members and their
staffs. bSo everything we do is auditable by them, by the FISA court b& and by
the administration. And everything we do is accountable to themb&. We are
overseen by everybody,b Alexander had said.

But these assertions are disingenuous since, Binney said, ball the oversight
is totally dependent on what the NSA tells them. They have no way of knowing
what [the NSA is] really doing unless theybre told.b

Kim Zetter

Kim Zetter is a senior reporter at Wired covering cybercrime, privacy,
security and civil liberties.





More information about the cypherpunks-legacy mailing list