9 September 2013
The Cowboy of the NSA Keith Alexander
http://www.foreignpolicy.com/articles/2013/09/08/the_cowboy_of_the_nsa_keith_alexander
Foreign Policy Magazine
The Cowboy of the NSA
Inside Gen. Keith Alexander's all-out, barely-legal drive to build the ultimate
spy machine.
BY SHANE HARRIS
| SEPTEMBER
9, 2013
Shane Harris is a senior writer for Foreign Policy and author of The Watchers:
The Rise of America's Surveillance State.
On Aug. 1, 2005, Lt. Gen. Keith Alexander reported for duty as the 16th director
of the National Security Agency, the United States' largest intelligence
organization. He seemed perfect for the job. Alexander was a decorated Army
intelligence officer and a West Point graduate with
master's
degrees in systems technology and physics. He had run intelligence operations
in combat and had held successive senior-level positions, most recently as
the director of an Army intelligence organization and then as the service's
overall chief of intelligence. He was both a soldier and a spy, and he had
the heart of a tech geek. Many of his peers thought Alexander would make
a perfect NSA director. But one prominent person thought otherwise: the prior
occupant of that office.
Air Force Gen. Michael Hayden had been running the NSA since 1999, through
the 9/11 terrorist attacks and into a new era that found the global eavesdropping
agency increasingly focused on Americans' communications inside the United
States. At times, Hayden had found himself swimming in the murkiest depths
of the law, overseeing programs that other senior officials in government
thought violated the Constitution. Now Hayden of all people was worried that
Alexander didn't understand the legal sensitivities of that new mission.
"Alexander tended to be a bit of a cowboy: 'Let's not worry about the law.
Let's just figure out how to get the job done,'" says a former intelligence
official who has worked with both men. "That caused General Hayden some
heartburn."
The heartburn first flared up not long after the 2001 terrorist attacks.
Alexander was the general in charge of the Army's Intelligence and Security
Command (INSCOM) at Fort Belvoir, Virginia. He began insisting that the NSA
give him raw, unanalyzed data about suspected terrorists from the agency's
massive digital cache, according to three former intelligence officials.
Alexander had been building advanced data-mining software and analytic tools,
and now he wanted to run them against the NSA's intelligence caches to try
to find terrorists who were in the United States or planning attacks on the
homeland.
By law, the NSA had to scrub intercepted communications of most references
to U.S. citizens before those communications can be shared with other agencies.
But Alexander wanted the NSA "to bend the pipe towards him," says one of
the former officials, so that he could siphon off metadata, the digital records
of phone calls and email traffic that can be used to map out a terrorist
organization based on its members' communications patterns.
"Keith wanted his hands on the raw data. And he bridled at the fact that
NSA didn't want to release the information until it was properly reviewed
and in a report," says a former national security official. "He felt that
from a tactical point of view, that was often too late to be useful."
Hayden thought Alexander was out of bounds. INSCOM was supposed to provide
battlefield intelligence for troops and special operations forces overseas,
not use raw intelligence to find terrorists within U.S. borders. But Alexander
had a more expansive view of what military intelligence agencies could do
under the law.
"He said at one point that a lot of things aren't clearly legal, but that
doesn't make them illegal," says a former military intelligence officer who
served under Alexander at INSCOM.
In November 2001, the general in charge of all Army intelligence had informed
his personnel, including Alexander, that the military had broad authority
to collect and share information about Americans, so long as they were
"reasonably believed to be engaged" in terrorist activities, the general
wrote in a
widely
distributed
memo.
The general didn't say how exactly to make this determination, but it was
all the justification Alexander needed. "Hayden's attitude was 'Yes, we have
the technological capability, but should we use it?' Keith's was 'We have
the capability, so let's use it,'" says the former intelligence official
who worked with both men.
Hayden denied Alexander's request for NSA data. And there was some irony
in that decision. At the same time, Hayden was overseeing a highly classified
program to monitor Americans' phone records and Internet communications without
permission from a court. At least one component of that secret domestic spying
program would later prompt senior Justice Department officials to threaten
resignation because they thought it was illegal.
But that was a presidentially authorized program run by a top-tier national
intelligence agency. Alexander was a midlevel general who seemed to want
his own domestic spying operation. Hayden was so troubled that he reported
Alexander to his commanding general, a former colleague says. "He didn't
use that atomic word -- 'insubordination' -- but he danced around it."
The showdown over bending the NSA's pipes was emblematic of Alexander's approach
to intelligence, one he has honed over the course of a 39-year military career
and deploys today as the director of the country's most powerful spy agency.
Alexander wants as much data as he can get. And he wants to hang on to it
for as long as he can. To prevent the next terrorist attack, he thinks he
needs to be able to see entire networks of communications and also go
"back
in time," as he has said publicly, to study how terrorists and their
networks evolve. To find the needle in the haystack, he needs the entire
haystack.
"Alexander's strategy is the same as Google's: I need to get all of the data,"
says a former administration official who worked with the general. "If he
becomes the repository for all that data, he thinks the resources and authorities
will follow."
That strategy has worked well for Alexander. He has served longer than any
director in the NSA's history, and today he stands atop a U.S. surveillance
empire in which
signals
intelligence, the agency's specialty, is the coin of the realm. In 2010,
he became the first commander of the newly created U.S. Cyber Command, making
him responsible for defending military computer networks against spies, hackers,
and foreign armed forces -- and for fielding a new generation of cyberwarriors
trained to penetrate adversaries' networks. Fueled by a series of relentless
and increasingly revealing leaks from former NSA contractor Edward Snowden,
the full scope of Alexander's master plan is coming to light.
Today, the agency is routinely scooping up and storing Americans'
phone
records. It is
screening
their emails and text messages, even though the spy agency can't always
tell
the difference between an innocent American and a foreign terrorist.
The NSA uses corporate proxies to monitor up to
75
percent of Internet traffic inside the United States. And it has spent
billions of dollars on a secret campaign
to
foil
encryption technologies that individuals, corporations, and governments
around the world had long thought protected the privacy of their communications
from U.S. intelligence agencies.
The NSA was already a data behemoth when Alexander took over. But under his
watch, the breadth, scale, and ambition of its mission have expanded beyond
anything ever contemplated by his predecessors. In 2007, the NSA began collecting
information from Internet and technology companies under the so-called PRISM
program. In essence, it was a pipes-bending operation. The NSA gets access
to the companies' raw data--including e-mails, video chats, and messages
sent through social media--and analysts then mine it for clues about terrorists
and other foreign intelligence subjects. Similar to how Alexander wanted
the NSA to feed him with intelligence at INSCOM, now some of the world's
biggest technology companies -- including Google, Microsoft, Facebook, and
Apple -- are feeding the NSA. But unlike Hayden, the companies cannot refuse
Alexander's advances. The PRISM program operates under a legal regime, put
in place a few years after Alexander arrived at the NSA, that allows the
agency to demand broad categories of information from technology companies.
Never in history has one agency of the U.S. government had the capacity,
as well as the legal authority, to collect and store so much electronic
information. Leaked NSA documents show the agency sucking up data from
approximately
150
collection sites on six continents. The agency estimates that
1.6
percent of all data on the Internet flows through its systems on a given
day -- an amount of information about
50
percent larger than what Google processes in the same period.
When Alexander arrived, the NSA was secretly investing in experimental databases
to store these oceans of electronic signals and give analysts access to it
all in as close to real time as possible. Under his direction, it has helped
pioneer new methods of massive storage and retrieval. That has led to a data
glut. The agency has collected so much information that it ran out of storage
capacity at its 350-acre headquarters at Fort Meade, Maryland, outside
Washington, D.C. At a cost of more than $2 billion, it has built a new processing
facility in the Utah desert, and it recently
broke
ground on a complex in Maryland. There is a line item in the NSA's budget
just for
research
on "coping with information overload."
Yet it's still not enough for Alexander, who has proposed installing the
NSA's surveillance equipment on the networks of defense contractors, banks,
and other organizations deemed essential to the U.S. economy or national
security. Never has this intelligence agency -- whose primary mission is
espionage, stealing secrets from other governments -- proposed to become
the electronic watchman of American businesses.
This kind of radical expansion shouldn't come as a surprise. In fact, it's
a hallmark of Alexander's career. During the Iraq war, for example, he pioneered
a suite of real-time intelligence analysis tools that aimed to scoop up every
phone call, email, and text message in the country in a search for terrorists
and insurgents. Military and intelligence officials say it provided valuable
insights that helped turn the tide of the war. It was also unprecedented
in its scope and scale. He has transferred that architecture to a global
scale now, and with his responsibilities at Cyber Command, he is expanding
his writ into the world of computer network defense and cyber warfare.
As a result, the NSA has never been more powerful, more pervasive, and more
politically imperiled. The same philosophy that turned Alexander into a giant
-- acquire as much data from as many sources as possible -- is now threatening
to undo him. Alexander today finds himself in the unusual position of having
to publicly defend once-secret programs and reassure Americans that the
growth
of his agency, which employs more than 35,000 people, is not a cause for
alarm. In July, the House of Representatives almost approved a law to constrain
the NSA's authorities -- the closest Congress has come to reining in the
agency since the 9/11 attacks. That narrow defeat for surveillance opponents
has set the stage for a Supreme Court ruling on whether metadata -- the
information Alexander has most often sought about Americans -- should be
afforded protection under the
Fourth
Amendment's prohibition against "unreasonable searches and seizures,"
which would make metadata harder for the government to acquire.
Alexander declined Foreign Policy's request for
an interview, but in response to questions about his leadership, his respect
for civil liberties, and the Snowden leaks, he provided a written statement.
"The missions of NSA and USCYBERCOM are conducted in a manner that is lawful,
appropriate, and effective, and under the oversight of all three branches
of the U.S. government," Alexander stated. "Our mission is to protect our
people and defend the nation within the authorities granted by Congress,
the courts and the president. There is an ongoing investigation into
the damage sustained by our nation and our allies because of the recent
unauthorized disclosure of classified material. Based on what we know to
date, we believe these disclosures have caused significant and irreversible
harm to the security of the nation."
In lieu of an interview about his career, Alexander's spokesperson recommended
a laudatory profile about him that appeared in West Point magazine. It begins:
"At key moments throughout its history, the United States has been fortunate
to have the right leader -- someone with an ideal combination of rare talent
and strong character -- rise to a position of great responsibility in public
service. With General Keith B. Alexander ... Americans are again experiencing
this auspicious state of affairs."
Lawmakers and the public are increasingly taking a different view. They are
skeptical about what Alexander has been doing with all the data he's collecting
-- and why he's been willing to push the bounds of the law to get it. If
he's going to preserve his empire, he'll have to mount the biggest charm
offensive of his career. Fortunately for him, Alexander has spent as much
time building a political base of power as a technological one.
* * *
Those who know Alexander say he is introspective, self-effacing, and even
folksy. He's fond of corny jokes and puns and likes to play pool, golf, and
Bejeweled
Blitz, the addictive puzzle game, on which he says he routinely scores
more than 1 million points.
Alexander is also as skilled a Washington knife fighter as they come. To
get the NSA job, he allied himself with the Pentagon brass, most notably
Donald Rumsfeld, who distrusted Hayden and thought he had been trying to
buck the Pentagon's control of the NSA. Alexander also called on all the
right committee members on Capitol Hill, the overseers and appropriators
who hold the NSA's future in their hands.
When he was running the Army's Intelligence and Security Command, Alexander
brought many of his future allies down to Fort Belvoir for a tour of his
base of operations, a facility known as the Information Dominance Center.
It had been designed by a Hollywood set designer to mimic the
bridge
of the starship
Enterprise
from Star Trek, complete with chrome panels, computer stations, a huge TV
monitor on the forward wall, and doors that made a "whoosh" sound when they
slid open and closed. Lawmakers and other important officials took turns
sitting in a leather
"captain's
chair" in the center of the room and watched as Alexander, a lover of
science-fiction movies, showed off his data tools on the big screen.
"Everybody wanted to sit in the chair at least once to pretend he was
Jean-Luc
Picard," says a retired officer in charge of VIP visits.
Alexander wowed members of Congress with his eye-popping command center.
And he took time to sit with them in their offices and explain the intricacies
of modern technology in simple, plain-spoken language. He demonstrated a
command of the subject without intimidating those who had none.
"Alexander is 10 times the political general as David Petraeus," says the
former administration official, comparing the NSA director to a man who was
once considered a White House contender. "He could charm the paint off a
wall."
Alexander has had to muster every ounce of that political savvy since the
Snowden leaks started coming in June. In closed-door briefings, members of
Congress have accused him of deceiving them about how much information he
has been collecting on Americans. Even when lawmakers have screamed at him
from across the table, Alexander has remained "unflappable," says a congressional
staffer who has sat in on numerous private briefings since the Snowden leaks.
Instead of screaming back, he reminds lawmakers about all the terrorism plots
that the NSA has claimed to help foil.
"He is well aware that he will be criticized if there's another attack,"
the staffer says. "He has said many times, 'My job is to protect the American
people. And I have to be perfect.'"
There's an implied threat in that statement. If Alexander doesn't get all
the information he wants, he cannot do his job. "He never says it explicitly,
but the message is, 'You don't want to be the one to make me miss,'" says
the former administration official. "You don't want to be the one that denied
me these capabilities before the next attack."
Alexander has a distinct advantage over most, if not all, intelligence chiefs
in the government today: He actually understands the multibillion-dollar
technical systems that he's running.
"When he would talk to our engineers, he would get down in the weeds as far
as they were. And he'd understand what they were talking about," says a former
NSA official. In that respect, he had a leg up on Hayden, who colleagues
say is a good big-picture thinker but lacks the geek gene that Alexander
was apparently born with.
"He looked at the technical aspects of the agency more so than any director
I've known," says Richard "Dickie" George, who spent 41 years at the NSA
and retired as the technical director of the Information Assurance Directorate.
"I get the impression he would have been happy being one of those guys working
down in the noise," George said, referring to the front-line technicians
and analysts working to pluck signals out of the network.
Alexander, 61, has been a techno-spy since the beginning of his military
career. After graduating from West Point in 1974, he went to West Germany,
where he was initiated in the dark arts of signals intelligence. Alexander
spent his time eavesdropping on military communications emanating from East
Germany and Czechoslovakia. He was interested in the mechanics that supported
this brand of espionage. He rose quickly through the ranks.
"It's rare to get a commander who understands technology," says a former
Army officer who served with Alexander in 1995, when Alexander was in charge
of the 525th Military Intelligence Brigade at Fort Bragg, North Carolina.
"Even then he was into big data. You think of the wizards as the guys who
are in their 20s." Alexander was 42 at the time.
At the turn of the century, Alexander took the
big-data
approach to counterterrorism. How well that method worked continues to
be a matter of intense debate. Surely discrete interceptions of terrorists'
phone calls and emails have helped disrupt plots and prevent attacks. But
huge volumes of data don't always help catch potential plotters. Sometimes,
the drive for more data just means capturing more ordinary people in the
surveillance driftnet.
When he ran INSCOM and was horning in on the NSA's turf, Alexander was fond
of building charts that showed how a suspected terrorist was connected to
a much broader network of people via his communications or the contacts in
his phone or email account.
"He had all these diagrams showing how this guy was connected to that guy
and to that guy," says a former NSA official who heard Alexander give briefings
on the floor of the Information Dominance Center. "Some of my colleagues
and I were skeptical. Later, we had a chance to review the information. It
turns out that all [that] those guys were connected to were pizza shops."
A retired military officer who worked with Alexander also describes a "massive
network chart" that was purportedly about al Qaeda and its connections in
Afghanistan. Upon closer examination, the retired officer says, "We found
there was no data behind the links. No verifiable sources. We later found
out that a quarter of the guys named on the chart had already been killed
in Afghanistan."
Those network charts have become more massive now that Alexander is running
the NSA. When analysts try to determine if a particular person is engaged
in terrorist activity, they may look at the communications of people who
are as many as
three
steps, or "hops," removed from the original target. This means that even
when the NSA is focused on just one individual, the number of people who
are being caught up in the agency's electronic nets could easily be in the
tens of millions.
According to an internal
audit,
the agency's surveillance operations have been beset by human
error
and fooled by moving targets. After the NSA's legal authorities were expanded
and the PRISM program was implemented, the agency inadvertently collected
Americans' communications thousands of times each year, between 2008 and
2012, in violation of privacy rules and the law.
Yet the NSA still pursued a counterterrorism strategy that relies on ever-bigger
data sets. Under Alexander's leadership, one of the agency's signature analysis
tools was a digital graph that showed how hundreds, sometimes thousands,
of people, places, and events were connected to each other. They were displayed
as a tangle of dots and lines. Critics called it the BAG -- for "big ass
graph" -- and said it produced very few useful leads. CIA officials in charge
of tracking overseas terrorist cells were particularly unimpressed by it.
"I don't need this," a senior CIA officer working on the agency's drone program
once told an NSA analyst who showed up with a big, nebulous graph. "I just
need you to tell me whose ass to put a Hellfire missile on."
Given his pedigree, it's unsurprising that Alexander is a devotee of big
data. "It was taken as a given for him, as a career intelligence officer,
that more information is better," says another retired military officer.
"That was ingrained."
But Alexander was never alone in his obsession. An obscure civilian engineer
named James Heath has been a constant companion for a significant portion
of Alexander's career. More than any one person, Heath influenced how the
general went about building an information empire.
Several former intelligence officials who worked with Heath described him
as Alexander's "mad scientist." Another called him the NSA director's "evil
genius." For years, Heath, a brilliant but abrasive technologist, has been
in charge of making Alexander's most ambitious ideas a reality; many of the
controversial data-mining tools that Alexander wanted to use against the
NSA's raw intelligence were developed by Heath, for example. "He's smart,
crazy, and dangerous. He'll push the technology to the limits to get it to
do what he wants," says a former intelligence official.
Heath has followed Alexander from post to post, but he almost always stays
in the shadows. Heath recently retired from government service as the senior
science advisor to the NSA director -- Alexander's personal tech guru. "The
general really looked to him for advice," says George, the former technical
director. "Jim didn't mind breaking some eggs to make an omelet. He couldn't
do that on his own, but General Alexander could. They brought a sense of
needing to get things done. They were a dynamic duo."
Precisely where Alexander met Heath is unclear. They have worked together
since at least 1995, when Alexander commanded the 525th Military Intelligence
Brigade and Heath was his scientific sidekick. "That's where Heath took his
first runs at what he called 'data visualization,' which is now called 'big
data,'" says a retired military intelligence officer. Heath was building
tools that helped commanders on the field integrate information from different
sensors -- reconnaissance planes, satellites, signals intercepts -- and "see"
it on their screens. Later, Heath would work with tools that showed how words
in a document or pages on the Internet were linked together, displaying those
connections in the form of three-dimensional maps and graphs.
At the Information Dominance Center, Heath built a program called the "automatic
ingestion manager." It was a search engine for massive sets of data, and
in 1999, he started taking it for test runs on the Internet.
In one experiment, the retired officer says, the ingestion manager searched
for all web pages linked to the website of the Defense Intelligence Agency
(DIA). Those included every page on the DIA's site, and the tool scoured
and copied them so aggressively that it was mistaken for a hostile cyberattack.
The site's automated defenses kicked in and shut it down.
On another occasion, the searching tool landed on an anti-war website while
searching for information about the conflict in Kosovo. "We immediately got
a letter from the owner of the site wanting to know why was the military
spying on him," the retired officer says. As far as he knows, the owner took
no legal action against the Army, and the test run was stopped.
Those experiments with "bleeding-edge" technology, as the denizens of the
Information Dominance Center liked to call it, shaped Heath and Alexander's
approach to technology in spy craft. And when they ascended to the NSA in
2005, their influence was broad and profound. "These guys have propelled
the intelligence community into big data," says the retired officer.
Heath was at Alexander's side for the expansion of Internet surveillance
under the PRISM program. Colleagues say it fell largely to him to design
technologies that tried to make sense of all the new information the NSA
was gobbling up. But Heath had developed a reputation for building expensive
systems that never really work as promised and then leaving them half-baked
in order to follow Alexander on to some new mission.
"He moved fairly fast and loose with money and spent a lot of it," the retired
officer says. "He doubled the size of the Information Dominance Center and
then built another facility right next door to it. They didn't need it. It's
just what Heath and Alexander wanted to do." The Information Operations Center,
as it was called, was underused and spent too much money, says the retired
officer. "It's a center in search of a customer."
Heath's reputation followed him to the NSA. In early 2010, weeks after a
young al Qaeda terrorist with a bomb sewn into his underwear tried to bring
down a U.S. airliner over Detroit on Christmas Day, the director of national
intelligence, Dennis Blair, called for a new tool that would help the disparate
intelligence agencies better connect the dots about terrorism plots. The
NSA, the State Department, and the CIA each had possessed fragments of
information about the so-called underwear bomber's intentions, but there
had been no dependable mechanism for integrating them all and providing what
one former national security official described as "a quick-reaction capability"
so that U.S. security agencies would be warned about the bomber before he
got on the plane.
Blair put the NSA in charge of building this new capability, and the task
eventually fell to Heath. "It was a complete disaster," says the former national
security official, who was briefed on the project. "Heath's approach was
all based on signals intelligence [the kind the NSA routinely collects] rather
than taking into account all the other data coming in from the CIA and other
sources. That's typical of Heath. He's got a very narrow viewpoint to solve
a problem."
Like other projects of Heath's, the former official says, this one was never
fully implemented. As a result, the intelligence community still didn't have
a way to stitch together clues from different databases in time to stop the
next would-be bomber. Heath -- and Alexander -- moved on to the next big
project.
"There's two ways of looking at these guys," the retired military officer
says. "Two visionaries who took risks and pushed the intelligence community
forward. Or as two guys who blew a monumental amount of money."
As immense as the NSA's mission has become -- patrolling the world's data
fields in search of terrorists, spies, and computer hackers -- it is merely
one phase of Alexander's plan. The NSA's primary mission is to protect government
systems and information. But under his leadership, the agency is also extending
its reach into the private sector in unprecedented ways.
Toward the end of George W. Bush's administration, Alexander helped persuade
Defense Department officials to set up a computer network defense project
to prevent foreign intelligence agencies --mainly China's -- from stealing
weapons plans and other national secrets from government contractors' computers.
Under the Defense Industrial Base initiative, also known as the DIB, the
NSA provides the companies with intelligence about the cyberthreats it's
tracking. In return, the companies report back about what they see on their
networks and share intelligence with each other.
Pentagon officials say the program has helped stop some cyber-espionage.
But many corporate participants say Alexander's primary motive has not been
to share what the NSA knows about hackers. It's to get intelligence from
the companies -- to make them the NSA's digital scouts. What is billed as
an information-sharing arrangement has sometimes seemed more like a one-way
street, leading straight to the NSA's headquarters at Fort Meade.
"We wanted companies to be able to share information with each other," says
the former administration official, "to create a picture about the threats
against them. The NSA wanted the picture."
After the DIB was up and running, Alexander proposed going further. "He wanted
to create a wall around other sensitive institutions in America, to include
financial institutions, and to install equipment to monitor their networks,"
says the former administration official. "He wanted this to be running in
every Wall Street bank."
That aspect of the plan has never been fully implemented, largely due to
legal concerns. If a company allowed the government to install monitoring
equipment on its systems, a court could decide that the company was acting
as an agent of the government. And if surveillance were conducted without
a warrant or legitimate connection to an investigation, the company could
be accused of violating the Fourth Amendment. Warrantless surveillance can
be unconstitutional regardless of whether the NSA or Google or Goldman Sachs
is doing it.
"That's a subtle point, and that subtlety was often lost on NSA," says the
former administration official. "Alexander has ignored that Fourth Amendment
concern."
The DIB experiment was a first step toward Alexander's taking more control
over the country's cyberdefenses, and it was illustrative of his assertive
approach to the problem. "He was always challenging us on the defensive side
to be more aware and to try and find and counter the threat," says Tony Sager,
who was the chief operating officer for the NSA's Information Assurance
Directorate, which protects classified government information and computers.
"He wanted to know, 'Who are the bad guys? How do we go after them?'"
While it's a given that the NSA cannot monitor the entire Internet on its
own and that it needs intelligence from companies, Alexander has questioned
whether companies have the capacity to protect themselves. "What we see is
an increasing level of activity on the networks,"
he
said recently at a security conference in Canada. "I am concerned that
this is going to break a threshold where the private sector can no longer
handle it and the government is going to have to step in."
* * *
Now, for the first time in Alexander's career, Congress and the general public
are expressing deep misgivings about sharing information with the NSA or
letting it install surveillance equipment. A Rasmussen poll of likely voters
taken in June found that
68
percent believe it's likely the government is listening to their
communications, despite repeated assurances from Alexander and President
Barack Obama that the NSA is only collecting anonymous metadata about Americans'
phone calls. In another Rasmussen poll,
57
percent of respondents said they think it's likely that the government
will use NSA intelligence "to harass political opponents."
Some who know Alexander say he doesn't appreciate the depth of public mistrust
and cynicism about the NSA's mission. "People in the intelligence community
in general, and certainly Alexander, don't understand the strategic value
of having a largely unified country and a long-term trust in the intelligence
business," says a former intelligence official, who has worked with Alexander.
Another adds, "There's a feeling within the NSA that they're all patriotic
citizens interested in protecting privacy, but they lose sight of the fact
that people don't trust the government."
Even Alexander's strongest critics don't doubt his good intentions. "He's
not a nefarious guy," says the former administration official. "I really
do feel like he believes he's doing this for the right reasons." Two of the
retired military officers who have worked with him say Alexander was seared
by the bombing of the USS Cole in 2000 and later the 9/11 attacks, a pair
of major intelligence failures that occurred while he was serving in senior-level
positions in military intelligence. They said he vowed to do all he could
to prevent another attack that could take the lives of Americans and military
service members.
But those who've worked closely with Alexander say he has become blinded
by the power of technology. "He believes they have enough technical safeguards
in place at the NSA to protect civil liberties and perform their mission,"
the former administration official says. "They do have a very robust capability
-- probably better than any other agency. But he doesn't get that this power
can still be abused. Americans want introspection. Transparency is a good
thing. He doesn't understand that. In his mind it's 'You should trust me,
and in exchange, I give you protection.'"
On July 30 in Las Vegas, Alexander sat down for dinner with a group of civil
liberties activists and Internet security researchers. He was in town to
give a keynote address the next day at the
Black Hat security
conference. The mood at the table was chilly, according to people who
were in attendance. In 2012, Alexander had won plaudits for his speech at
Black Hat's sister conference,
Def Con, in which he'd
implored the assembled community of experts to join him in their mutual cause:
protecting the Internet as a safe space for speech, communications, and commerce.
Now, however, nearly two months after the first leaks from Snowden, the people
around the table wondered whether they could still trust the NSA director.
His dinner companions questioned Alexander about the NSA's legal authority
to conduct massive electronic surveillance. Two guests had recently written
a
New York Times op-ed calling the NSA's activities "criminal." Alexander
was quick to debate the finer points of the law and defend his agency's programs
-- at least the ones that have been revealed -- as closely monitored and
focused solely on terrorists' information.
But he also tried to convince his audience that they should help keep the
NSA's surveillance system running. In so many words, Alexander told them:
The terrorists only have to succeed once to kill thousands of people. And
if they do, all of the rules we have in place to protect people's privacy
will go out the window.
Alexander cast himself as the ultimate defender of civil liberties, as a
man who needs to spy on some people in order to protect everyone. He knows
that in the wake of another major terrorist attack on U.S. soil, the NSA
will be unleashed to find the perpetrators and stop the next assault. Random
searches of metadata, broad surveillance of purely domestic communications,
warrantless seizure of stored communications -- presumably these and other
extraordinary measures would be on the table. Alexander may not have spelled
out just what the NSA would do after another homeland strike, but the message
was clear: We don't want to find out.
Alexander was asking his dinner companions to trust him. But his credibility
has been badly damaged. Alexander was heckled at his speech the next day
at Black Hat. He had been slated to talk at Def Con too, but the organizers
rescinded their invitation after the Snowden leaks. And even among Alexander's
cohort, trust is flagging.
"You'll never find evidence that Keith sits in his office at lunch listening
to tapes of U.S. conversations," says a former NSA official. "But I think
he has a little bit of naiveté about this controversy. He thinks,
'What's the problem? I wouldn't abuse this power. Aren't we all honorable
people?' People get into these insular worlds out there at NSA. I think Keith
fits right in."
One of the retired military officers, who worked with Alexander on several
big-data projects, said he was shaken by revelations that the agency is
collecting all Americans' phone records and examining enormous amounts of
Internet traffic. "I've not changed my opinion on the right balance between
security versus privacy, but what the NSA is doing bothers me," he says.
"It's the massive amount of information they're collecting. I know they're
not listening to everyone's phone calls. No one has time for that. But speaking
as an analyst who has used metadata, I do not sleep well at night knowing
these guys can see everything. That trust has been lost."
|