The Senate Appropriations Committee, which last week raked Attorney General Eric Holder over unlit coals while asking softly if it might get him a lemonade, today turned its sights on Gen. Keith Alexander, the NSA's U.S. Cyber Command Director. The senators were warned that the hearing — the first post-leak appearance by the high-profile head of the heavily criticized agency's online efforts — was not meant to focus on those heavy critiques after a week of cyberspying leaks. This shouldn't be a surprise; two of the foremost defenders of the NSA's behavior, Senators Dianne Feinstein and Lindsey Graham, sit on the commitee with its chair, Senator Barbara Mikulski of Maryland. But some senators weren't feeling at all obliged to be so nice.
It's only fair to note that the hearing wasn't scheduled to be a discussion of the newly detailed NSA surveillance programs. The hearing, titled "Cybersecurity: Preparing for and responding to the enduring threat," was meant to discuss the government's investment in tools to stop cybercrime and cyberattacks. Mikulski, who introduced the topic supposedly at hand, repeatedly came back to this point, saying that the goal was to defend "our dot-mil, dot-gov, and dot-com domains," and to avoid "techno-boondoggles." (She used this last expression three times during the hearing.) The commitee's goal wasn't to look at "every program from the NSA," she said, but cybersecurity, because "we are already under attack… we are in a cyber war every day." Anyway, she announced, Feinstein was holding a hearing on NSA surveillance on Thursday.
Before the hearing started, the press photographers betrayed the real focus, clustering around Alexander and ignoring the senators and the other three witnesses who were scheduled to speak.
They weren't the only ones mostly interested in him. Early on, Senator Patrick Leahy of Vermont ignored Mikulski's admonitions and pressed Alexander for details on how two aspects of the federal law — section 215 of the Patriot Act, which has been interpreted to allow for phone record collection, and section 702 of the Foreign Intelligence Surveillance Act, the rule the NSA apparently uses for PRISM.
James Clapper, the Director of National Intelligence, stated that these tools helped stop a potential terror attack on the New York subway system (a contention that is in dispute). Leahy asked if both of the rules he mentioned were integral to that. Alexander suggested that it relied on Section 702 — but also promised more information to come.
"Over the next week out intent is to get ... figures out," on how many terror incidents had been disrupted, Alexander pledged. He said it had been "dozens," including incidents domestically and internationally. "OK, dozens," Leahy replied, "but we collect millions and millions and millions of records through section 215 and dozens have proved critical." Alexander confirmed that, again pledging more information. "I do think it's important we get this right. I want the American people to know that we're trying to be transparent here." Alexander indicated that he would provide more details either in classified session or publicly. When Leahy was finished, Sen. Thad Cochran of Mississippi asked how people might get jobs fighting cybercrime.
Alexander's responses were very politically astute, depending on the questioner. Later in the hearing, Sen. Tom Udall of New Mexico, undeterred from talking about "the elephant in the room," asked if the NSA would cooperate with investigations. Alexander said they would and had already begun to do so. But, Alexander insisted to one of the few senators who's always opposed expanding surveillance laws, "I think [the policy] does protect civil liberties … but to date, we haven't been able to explain it because it's classified." When Republican Senator Dan Coats of Indiana, who supported the measures each time, asked about the program, Alexander's take on the new revelations was different in tone. "Great harm has already been done," he said. "There is no question in my mind that we will lose capability as a result of this. … If we tell terrorists every way we're going to track them, they will get through, and Americans will die."
Senator Dick Durbin of Illinois asked Alexander about the new revelations, focusing first on Edward Snowden's unusual resume. Did Alexander have concerns about a young GED recipient in charge of so much data? "I do have concerns over that, about the process, Senator," Alexander replied. "I have grave concerns." Durbin also asked about Section 215, to which Alexander confirmed that the NSA used it for "the business records FISA" — as it does with Verizon.
Senator Mike Johanns of Nebraska followed up on those broad sweeps. Could the NSA look at every phone call in Omaha? Alexander said that wasn't really how it worked, because they essentially just have a giant database. "We don't know anything that's in there, we won't search that, unless we have intelligence about terrorist related organizations. If we see that, we have to get authorization." And then you can search, Johanns asked. No, Alexander said, "All you're looking for on that is who he's talking to. But if you didn't collect it, how do you know who he's talking to?" Could the NSA search Google? Alexander said that once it had a suspect, it went to the FBI. But, he implied, it probably could, with a warrant.
Mikulski cut in, implying that the group was a bit far afield, and giving the floor to Feinstein. Feinstein offered some help to Alexander, saying that maybe Johanns could ask if "you'd have to get a court order to get the content of a call." "That is correct," Alexander replied to her. Johanns wrapped up, "I just think you've got to get some information out to the public." To his credit, he was trying.
Later, Feinstein prompted one of the new data points to emerge from the hearing: the NSA purges those phone records after five years. This point of data, apparently, won't provide the terrorists with one of those deadly bits of information about how we track them.
Mikulski transitioned to Senator Jeff Merkley of Oregon, assuring Alexander that they would move on from the topic. Shortly after Merkley held up his Verizon phone, Mikulski jumped in again, asking that the issue be answered in writing. Maine's Susan Collins was next, assuring Mikulski that she would focus on cybersecurity. "Boy!" Mikulski exclaimed in relief.
Alexander's admissions today could have opened up the question of why this differed so much from past statements. If it wanted to, the senators could ask Alexander about his July 2012 comments at an American Enterprise Institute event in light of last week's revelations and the partial declassification of the NSA's surveillance.
Fox News reporter: Will the Utah data center hold the data of American citizens?
Alexander: No. … While I can't go into all the details at the Utah data center, we don't hold data on U.S. Citizens. You know, I think one of the things from my perspective that is grossly misreported that everybody says, you're going to grab all the emails … all the U.S. emails and put them down in some place in the United States. … We don't do that.
There are some questions worth asking about that response. ("What about non-emails? What about some place not in the United States?")
Or the senators could ask about Alexander's appearance at the hacker conference DEFCON last year. In the audio clip at right, found by Forbes, you can hear him again say that the NSA doesn't collect data, outlining the oversight procedures in place to prevent that from happening. He then continues:
I feel like, when I was a kid growing up — and some of you may feel like this, too — you know, you might get in a little trouble, you're supervised a lot, you maybe had to spend time in the hall. Well, that's the way I feel today. We are overseen by everybody.
On this day, based on this hearing, it's safe to say that perhaps Alexander wasn't exaggerating too much.