The Washington Post

Did the NSA Director mislead hackers about NSA compliance problems?

NSA DIrector General Keith B. Alexander (Isaac Brekken/AP)

President Obama isn't the only one whose assurances of proper behavior by the National Security Agency (NSA) were called into question in the wake of the Washington Post's release of a leaked internal NSA audit Thursday night.

Speaking before a room of hackers and security professionals at a Black Hat in Las Vegas this summer, NSA Director Keith B. Alexander denied that there were any problems with the NSA snooping programs and cited oversight by the Senate Select Committee on Intelligence to verify that point:

Congress did a review of this program over a four-year period, the Senate Select Committee on Intelligence. And over that four-year period, they found no willful
or knowledgeable violations of the law or the intent of the law in this program.

More specifically, they found no one at NSA had ever gone outside the boundaries of what we’ve been given. That’s the fact. What you’re hearing, what you’re seeing, what peopleare saying is, well, they could. The fact is they don’t. And if they did, our auditing tools would detect them, and they would be held accountable.

Our colleague Barton Gellman's reporting revealed that in October 2011 the Foreign Intelligence Surveillance Act (FISA) Court ruled an NSA process collecting data from fiber optic cables was “deficient on statutory and constitutional grounds,” according to a top-secret summary of the opinion. It ordered the NSA to comply with standard privacy protections or stop the program. This appears to directly contradict Alexander's claim that "no one at NSA had ever gone outside the boundaries" of their authority.

The Post's reporting on the NSA audit also noted that on at least one occasion a major compliance problem was not reported further up the audit chain. In a separate story, the leader of the FISA Court -- which President Obama has cited as a source of transparency in the surveillance programs -- said it does not have the capacity to verify the contents of the audit reports it receives from the NSA.

Alexander's claim that the Intelligence Committees didn't find any NSA wrongdoing may be technically true. But that's only because Congress appears to not have been fulling briefed on the NSA's compliance record. Senate Intelligence Committee Chairman Dianne Feinstein (D-Calif.) reportedly did not receive a copy of the 2012 NSA audit released by Gellman until The Post asked her staff about it. Upon seeing the audit, a statement from her staff said that the committee “can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate.”

Andrea Peterson covers technology policy for The Washington Post, with an emphasis on cybersecurity, consumer privacy, transparency, surveillance and open government.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Video curated for you.
Next Story
Brian Fung · August 16, 2013

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.