Keith Alexander Archives - Page 7 of 17

The James Clapper Plan to “Change” NSA by Keeping John Inglis in Charge

November 30, 2013/5 Comments/in FISA /by emptywheel

Yesterday, Ellen Nakashima reported that James Clapper supports splitting CyberCommand off of NSA. To understand whether this would represent real change or not, consider that they’re considering John Inglis — currently Keith Alexander’s Deputy — to lead NSA.

At a White House meeting of senior national security officials last week, Director of National Intelligence James R. Clapper Jr. said he was in favor of ending the current policy of having one official in charge of both the National Security Agency and U.S. Cyber Command, said the individuals, who spoke on the condition of anonymity.

Also, officials appear inclined to install a civilian as director of the NSA for the first time in the agency’s 61-year history. Among those said to be potential successors to the current director, Gen. Keith B. Alexander, is his deputy, John C. “Chris” Inglis.

Frankly, I think splitting off Cyber is the wrong solution in any case. The problem, as I see it, is that both the cyberoffensive and the information collecting missions favor a policy of creating vulnerabilities that both US hackers and collectors can exploit in the future. That leaves the third NSA mission — protecting US networks — stuck with an approach of finding those entities that are exploiting vulnerabilities, rather than working on a resilience strategy that not only might work better, but also would provide Americans greater privacy. I think splitting off the defensive side, potentially creating a champion for real security, would do more than splitting off Cyber, which probably only leaves two competing champions for creating and exploiting vulnerabilities.

In any case, though, if John Inglis is in charge of one of those champions of creating vulnerabilities, chances are negligible the NSA will change its approach.

Keith Alexander: The One General Obama Didn’t Fire

November 25, 2013/5 Comments/in FISA /by emptywheel

Obama has developed a reputation for firing Generals (so much so the wingnuts have developed some conspiracy theories about it).

Most famously, of course, he fired Stanley McChrystal for insubordination. He ousted CENTCOM Commander James Mattis early because of dissent on Iran policy (what on retrospect, with the distance and this AP report, might have been opposition to the back channel discussions that led to this weekend’s interim nuclear deal). A slew of Generals have been fired for offenses including drinking, fucking (including sexual abuse), swearing, and cheating at poker, as well as abusing their positions (Hamm, Gaouette, Baker, Roberts, Sinclair, Giardina, Carry, Huntoon). Obama accepted then CIA Director David Petraeus’s resignation, ostensibly for fucking, too, but even before that kept refusing Petraeus the promotions he thought he deserved. Generals Gurganus and Sturdevant got fired for not sufficiently defending a big base in Afghanistan.

It’s that background that makes the premise of this WSJ piece on NSA so unconvincing. It presents the fact that General Keith Alexander offered — but Obama did not accept — his resignation as proof of how significantly the Snowden leaks have affected NSA.

Shortly after former government contractor Edward Snowden revealed himself in June as the source of leaked National Security Agency documents, the agency’s director, Gen. Keith Alexander, offered to resign, according to a senior U.S. official.

The offer, which hasn’t previously been reported, was declined by the Obama administration. But it shows the degree to which Mr. Snowden’s revelations have shaken the NSA’s foundations—unlike any event in its six-decade history, including the blowback against domestic spying in the 1970s.

[snip]

When the leaks began, some top administration officials found their confidence in Gen. Alexander shaken because he presided over a grave security lapse, a former senior defense official said. But the officials also didn’t think his resignation would solve the security problem and were concerned that letting him leave would wrongly hand Mr. Snowden a win, the former defense official said.

Even before Edward Snowden started working for the NSA via Booz, Alexander had presided over — by his own provably exaggerated admission — the plunder of America via cybertheft.

Then, on top of that purportedly catastrophic failure, Snowden served to demonstrate how easy it was to walk away with details on some of NSA’s most sensitive ops.

And yet the guy who left the entire US Internet as well as NSA’s codebreaking exposed — as compared to a single base in Afghanistan — did not get fired for his failures.

Because that might wrongly hand Snowden a win, apparently.

That’s the real tell. The article provides new details on an effort to weigh the value of wiretapping elite targets. But the rest of the article quotes hawks like Dutch Ruppersberger and Mike Rogers complaining about the risk of big new controls that might end the Golden Age of SIGINT while — again — focusing almost exclusively on the wiretapping of elites (the article includes one paragraph predicting a compromise on the dragnet programs, not noting, of course, how much of the dragnet has already moved overseas).

Broad new controls, though, run the risk of overcorrecting, leaving the agency unable to respond to a future crisis, critics of the expected changes warn.

[snip]

Another change under consideration is placing a civilian in charge of the NSA for the first time after Gen. Alexander leaves next spring, as he has been planning to do. Deputy Defense Secretary Ashton Carter is advocating internally for the change, according to current and former officials. Mr. Carter declined to comment.

“We’re getting clobbered, and we want a better story to tell than: ‘It’s under review, and everybody does it,’ ” the senior administration official said, speaking of the U.S. belief that other governments routinely electronic eavesdrop on foreign leaders.

There’s one more odd part of this story. It claims that after 9/11, the NSA was pilloried for its lapses leading up to the attack.

After the 2001 terrorist attacks, the NSA was pilloried for missing clues of the plot. It reinvented itself as a terrorist-hunting machine, channeling its computing power to zero in on suspects any time they communicated.

That’s not what happened. The National Security establishment has repeatedly, falsely portrayed NSA’s failure to realize Khalid al-Mihdhar was calling an Al Qaeda line in Yemen and CIA’s failure to share information about Mihdhar’s travel. And none of the 9/11 Commission’s recommendations address NSA (by the time of the report, the “wall” between intelligence and FBI, which otherwise would have been a recommendation, had been down for almost 3 years). But beyond that, no one has scrutinized NSA’s collections (in part because they include damning intercepts implicating the Saudis).

Moreover, the claim that this dragnet exists solely to “zero in on suspects any time they communicated” ignores the shift from terrorism to cybersecurity.

In short, while WSJ’s sources seem to be claiming catastrophe, the story they’re telling is business as usual.

Obama has fired Generals for failure to protect a single base, not to mention cheating at poker. He seems intent on keeping Alexander — at least to get through this scandal — precisely because he’s so good at cheating at (metaphorical) poker.

8 Years Later, NSA Still Using Same PR Strategy to Hide Illegal Wiretap Program

November 21, 2013/18 Comments/in FISA, Press and Media /by emptywheel

[youtube]kfbHbht081E[/youtube]

Between these two posts (one, two), I’ve shown that the Executive Branch never stopped illegally wiretapping Americans, even after the worst part of it got “shut down” after the March 2004 hospital confrontation. Instead, they got FISC to approve collection with certain rules, then violated the rules consistently. When that scheme was exposed with the transition between the Bush and Obama Administrations, the Executive adopted two new strategies to hide the illegal wiretapping. First, simply not counting how many Americans they were illegally wiretapping, thus avoiding explicit violation of 50 USC 1809(a)(2). And, starting just as the Executive was confessing to its illegal wiretapping, moving — and expanding it — overseas. Given that they’re collecting content, that is a violation in spirit, at least, of Section 704 of FISA Amendments Act, which requires a warrant for wiretapping an American overseas (the government probably says this doesn’t apply because GCHQ does much of the wiretapping).

One big discovery the Snowden leaks have shown us, then, is that the government has never really stopped Bush’s illegal wiretapping program.

That actually shows in the PR response the government has adopted, which has consisted of an affirmative and a negative approach. The affirmative approach emphasizes the programs — PATRIOT Act Section 215 and Section 702 of FAA — that paralleled the illegal wiretap program (I’m not conceding either is constitutional, but only the upstream collection under 702 has been deemed an explicit violation of the law). This has allowed the government to release a blizzard of documents — Transparency!™ — that reveals some shocking disclosures, without revealing the bigger illegal programs. But note how, when the revelations touched on the Internet dragnet (which should be no more revelatory than the phone dragnet), ODNI tried to obscure basic details by hiding dates (even if they left those dates in one URL).

Meanwhile, the I Con has invested energy in trying to undermine every story that touches on the larger illegal wiretapping programs. Read more →

John Bates’ TWO Wiretapping Warnings: Why the Government Took Its Internet Dragnet Collection Overseas

November 20, 2013/12 Comments/in FISA /by emptywheel

A couple of us were joking on Twitter the other day that the June-July 2010 John Bates opinion released the other day — in which he yelled mightily about illegal collection that had persisted for 5 years but then rubber stamped the government’s plan to vastly expand metadata collection — ought to lead to the term “Bates stamp” to take on new meaning, a rubber stamp by a FISC judge.

(I’m working on a separate post that shows the timing of all this, but for the moment, you’ll have to trust me that Bates’ opinion was written some time around July 2010.)

Bates did, however, sort of kind of rein in the government’s actions, spending the last 17 pages of his opinion explaining how 50 USC 1809(a) prohibited him from allowing the government to use metadata it had collected for years in violation of the court’s rules.

Basically, Bates argued that the government would be guilty of illegal wiretaps under FISA if it used the illegally collected information. I believe the illegal collection involved taking metadata that counted as content and/or didn’t count as addressing information.

The government, in a submission and a reply to him, argued that was not the case. It made several arguments: first, it claimed their collection wasn’t “intentional” and therefore distributing it would not count as an illegal wiretap.

Insofar as the government contends that Section 1809(a)(2) reaches only “intentional violations of the Court’s orders,” or “willful” as opposed to intentional conduct, see Memorandum of Law at 74 n. 37, the Court disagrees. The plain language of the statute requires proof that the person in question “intentionally” disclosed or used information “knowing or with reason to know” the information was obtained in the manner described.

It also argued that the Pen Register statute allowed the Court to override the wiretap prohibitions.

The government argues that the opening phrase of 50 U.S.C. § 1842(a) vests the Court with authority to enter an order rendering Section 1809(a)(2) inapplicable. See Memorandum of Law at 74 n. 37.

It argued that because the Court could limit what the government could do with the data, it could also expand it.

The government next contends that because the Court has, in its prior orders, regulated access to and use of previously accumulated metadata, it follows that the Court may not authorize NSA to access and use all previously collected information, including information that was acquired outside the scope of prior authorizations, so long as the information “is within the scope of the [PR/TT] statute and the Constitution.” Memorandum of Law at 73.

It then argued that the Court’s own rules allowed it to authorize access to the data.

The government further contends that Rule 10(c) of the Rules of this Court gives the Court discretion to authorize access to and use of the overcollected information. Memorandum of Law at 73.

Finally, Article II argued that Article III had inherent authority to ignore the law. (!)

Finally, insofar as the government suggests that the Court has an inherent authority to permit the use and disclosure of all unauthorized collection without regard to Section 1809, see Memorandum of Law at 73-74 & n.37, the Court again must disagree.

In Which Ben Wittes Proves Ben Wittes Is NAKED

November 13, 2013/12 Comments/in FISA, PATRIOT /by emptywheel

160 days ago, Jim Sensenbrenner released a letter to Eric Holder expressing concern about the way DOJ had interpreted Section 215. In it, he did some creative editing to hide that he had had an opportunity to learn about that interpretation before he voted to reauthorize the PATRIOT Act.

160 days ago, I was (I believe) the first person to point out that obfuscation.

In those 160 days, I have also documented the serial lies and obfuscations of people like Keith Alexander, James Clapper, Robert Mueller, Mike Rogers, Valerie Caproni, Dianne Feinstein, Raj De, and Robert Litt. (one, two, three, four, five, six, seven, eight, nine, ten, eleven, twelve, thirteen, fourteen, fifteen, sixteen, seventeen, eighteen, nineteen, twenty, twenty-one, twenty-two, twenty-three, twenty-four, twenty-five, twenty-six, twenty-seven, twenty-eight, twenty-nine, thirty, thirty-one, thirty-two, thirty-three; trust me, this is just a quick survey). The most recent of these lies came last week when Raj De and Robert Litt claimed Congress had been fully informed about the authorities they were voting on, a claim which the Executive Branch’s own record proves to be false.

In spite of the clear imbalance between the lies NSA critics have told and those NSA apologists have told, Ben Wittes has made it a bit of a hobby to use Sensenbrenner’s single (egregious) lie to try to discredit NSA critics (without, of course, pointing out the serial, at times even more egregious, lies NSA apologists were telling). Of late, Wittes has harangued that, because he told a lie 160 days ago, Sensenbrenner is operating in bad faith when he criticizes NSA’s programs now. (See also this post.)

I have never questioned the good faith of Senators Patrick Leahy, Ron Wyden, or Rand Paul. They are legislators with a perspective. That’s how Congress works.

Rep. James Sensenbrenner is a different matter.

Since the bulk metadata program broke, the former chairman of the House Judiciary Committee has been on a campaign of denunciation of both agency activity under the Patriot Act—the law he helped write. And he has been denouncing the administration for having misled him about how Section 215 is being used too. He has done so with a breathtaking dishonesty that puts him in a different category from those members who have a policy dispute with the administration. [my emphasis]

Mind you, Wittes did not examine the content of Sensenbrenner’s more recent claims. Had he done so, he might have realized that the record supports Sensenbrenner’s complaints, even if the messenger for those complaints might be less than perfect.

It ignored restrictions painstakingly crafted by lawmakers and assumed a plenary authority never imagined by Congress. Worse, the NSA has cloaked its operations behind such a thick cloud of secrecy that, even if our trust was restored, Congress and the American people would lack the ability to verify it.

Note, we’re still learning the full extent of how the Executive Branch blew off limits placed on the PATRIOT authorities.

Wittes might even have noted Sensenbrenner’s apparent commitment to do his own job better.

“I hope that we have learned our lesson and that oversight will be a lot more vigorous,” Sensenbrenner said.

Even ignoring Wittes’ remarkable double standard, in which he suggests Sensenbrenner’s one lie should disqualify him from speaking on this topic forever while Clapper and Alexander’s seeming addiction to lies apparently shouldn’t even be mentioned in polite company, a highly regarded expert recently laid out new evidence for why Sensenbrenner has good reason to be angry, regardless of his role in passing PATRIOT in 2001 or 2006 or 2010 or even 2011.

The expert?

Ben Wittes.

The Leahy-Sensenbrenner Language on Back Door Searches Improves But Doesn’t Eliminate the Back Door

November 8, 2013/8 Comments/in FISA, Unitary Executive /by emptywheel

As the top Intelligence Community lawyers have made clear, the IC maintains it can search US person data incidentally collected under Section 702 without any suspicion, as well as for the purposes of making algorithms, cracking encryption, and to protect property.

The Leahy-Sensenbrenner bill tries to rein in this problem. And its fix is far better than what we’ve got now. But it almost certainly won’t fix the underlying problem.

Here’s what the law would do to the “Limitations” section of Section 702. The underlined language is new.

(b) Limitations

(1) IN GENERAL.—An acquisition

(A) may not intentionally target any person known at the time of acquisition to be located in the United States;

(B) may not intentionally target a person reasonably believed to be located outside the United States if a significant purpose of such acquisition is to target a particular, known person reasonably believed to be in the United States;

(C) may not intentionally target a United States person reasonably believed to be located outside the United States;

(D) may not intentionally acquire any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States; and

(E) shall be conducted in a manner consistent with the fourth amendment to the Constitution of the United States.

(2) CLARIFICATION ON PROHIBITION ON SEARCHING OF COLLECTIONS OF COMMUNICATIONS OF UNITED STATES PERSONS.—

(A) IN GENERAL.—Except as provided in subparagraph (B), no officer or employee of the United States may conduct a search of a collection of communications acquired under this section in an effort to find communications of a particular United States person (other than a corporation).

Read more →

Leahy-Sensenbrenner Would Shut the Section 702 Cybersecurity Loophole

November 7, 2013/4 Comments/in Cybersecurity, FISA /by emptywheel

I’m going to have a few posts on the Leahy-Sensenbrenner bill, which is the most likely way we’ll be able to rein in NSA spying. In addition to several sections stopping bulk collection, it has a section on collection of US person data under FISA Amendments Act (I’ll return to the back-door loophole later).

But I’m particularly interested in what it does with upstream collection. It basically adds a paragraph to section d of Section 702 that limits upstream collection to two uses: international terrorism or WMD proliferation.

(C) limit the acquisition of the contents of any communication to those communications—

(i) to which any party is a target of the acquisition; or

(ii) that contain an account identifier of a target of an acquisition, only if such communications are acquired to protect against international terrorism or the international proliferation of weapons of mass destruction.;

And adds a definition for “account identifier” limiting it to identifiers of people.

(1) ACCOUNT IDENTIFIER.—The term ‘account identifier’ means a telephone or instrument number, other subscriber number, email address, or username used to uniquely identify an account.

I believe the effect of this is to prevent NSA from using Section 702 to conduct cyberdefense in the US.

As I have noted, there are reasons to believe that NSA uses Section 702 for just 3 kinds of targets:

International terrorism
WMD proliferation
Cybersecurity

There are many reasons to believe one primary use of Section 702 for cybersecurity involves upstream collection targeted on actual pieces of code (that is, the identifier for a cyberattack, rather than the identifier of a user). As an example, the slide above, which I discuss in more detail here, explains that one of the biggest Section 702 successes involves preventing an attacker from exfiltrating 150 Gigs of data from a defense contractor. The success involved both PRISM and STORMBREW, the latter of which is upstream collection in the US.

In other words, the government has been conducting upstream collection within the US to search for malicious code (I’m not sure how they determine whether the code originated in a foreign country though given that they refuse to count domestic communications collected via upstream collection, I doubt they care).

So what these two sections of Leahy-Sensenbrenner would do is 1) limit the use of upstream collection to terrorists and proliferators, thereby prohibiting its use for cybersecurity, and 2) define “account identifier” to exclude something like malicious code.

There’s one more interesting aspect of this fix. Unlike many other sections of the bill, it doesn’t go into effect right away.

EFFECTIVE DATE.—The amendments made by subsections (a) and (b) shall take effect on the date that is 180 days after the date of the enactment of this Act.

The bill gives the Executive 6 months to find an alternative to this use of Section 702 — presumably, to pass a cybersecurity bill explicitly labeled as such.

Keith Alexander and others have long talked about the need to scan domestic traffic to protect against cyberattacks. But it appears — especially given the 6 month effective date on these changes — they’re already doing that, all in the name of foreign intelligence.

Robert Litt: Isn’t Weakening Encryption Our Job?

November 1, 2013/2 Comments/in Cybersecurity /by emptywheel

Office of the Director of National Intelligence General Counsel Robert Litt gave a speech to the American Bar Association’s National Security Law conference yesterday. It’s full of lots of patent bullshit, as you might expect, including misrepresenting what Keith Alexander said to Congress the other day.

But it does do something the I Con has not done thus far: try to rationalize NSA’s weakening of encryption standards.

For example, there have been stories claiming that NSA is able to crack encryption or break into private networks, and charges that this compromises everyone’s privacy.

I’m not going to comment on whether or not these stories were accurate.

But isn’t cracking encryption, or breaking into private networks, exactly what we want an intelligence agency to be able to do?

How else are we going to collect the communications of people who want to harm us and our allies, and who use those tools to try to hide their communications, or to provide policy makers the intelligence they need to protect the nation?

But just because we try to develop the capability to intercept and decrypt communications of adversaries and terrorists does not mean that we can or do use those capabilities against ordinary U.S. citizens, or French citizens, or Belgians, etc.

Granted, Litt misrepresents the extent of the revelations. It’s not just that the NSA has been trying to crack Tor. It’s also that they have deliberately weakened more general encryption standards so as to make it easier for them to access communications or launch hacks in the future.

Nevertheless, he blithely dismisses any concerns about this activity by insisting that is the Intelligence Community’s job. “But isn’t cracking encryption exactly what we want an intelligence agency to be able to do?”

This is why the defensive mandate needs to be broken off from NSA and put somewhere where people like Litt can’t touch it. Because Litt isn’t even aware that weakening encryption is, by its nature, an attack on “US citizens, or French citizens, or Belgians, etc.” (And all that’s before you get into the NSA keeping encrypted conversations of entirely innocent US and French and Belgian citizens indefinitely.)

A General Counsel making legal decisions for the entire intelligence community who misunderstands this basic fact is a menace to all of us.

What’s the Relationship Database About?

October 31, 2013/23 Comments/in Cybersecurity, FISA /by emptywheel

Atrios asks what the whole dragnet is about.

It’s actually a serious question. Maybe it’s just a full employment program for spooks. Maybe they just do it because they can. But the only “real” point to such an extensive surveillance system is to abuse that surveillance (the surveillance itself is already an abuse of course).

At best it’s a colossal fucking waste of money. At worst?

I actually think there are understandable answers for much of this.

Since Michael Hayden took over the NSA, contractors have assumed an increasingly dominant role in the agency, meaning you’ve got a former DIRNSA at Booz Allen Hamilton pitching future Booz VPs on solutions to keep the country safe that just happen to make them fabulously profitable and don’t happen to foreground privacy. As Thomas Drake showed, we’re pursuing the biggest and most privacy invasive solutions because contractors are embedded with the agency.

I think there’s the One Percent approach we got from Dick Cheney, that endorses maximal solutions to hunt terrorists even while avoiding any real accountability (both for past failures and to review efficacy) because of secrecy. We’re slowly beginning to wean ourselves from this Cheney hangover, but it is taking time (and boosters for his approach are well-funded and publicized).

And, at the same time, criminals and other countries have attacked our weak network security underbelly, targeting the companies that have the most political sway, DOD contractors and, increasingly, financial companies, which is setting off panic that is somewhat divorced from the average American’s security. The accountability for cybersecurity is measured in entirely different ways than it is for terrorism (otherwise Keith Alexander, who claims the country is being plundered like a colony, would have been fired years ago). In particular, there is no punishment or even assessment of past rash decisions like StuxNet. But here, as with terrorism, the notion of cost-benefit assessment doesn’t exist. And this panicked effort to prevent attacks even while clinging to offensive cyberweapons increasingly drives the overaggressive collection, even though no one wants to admit that.

Meanwhile, I think we grab everything we can overseas out of hubris we got while we were the uncontested world power, and only accelerated now that we’re losing that uncontested position. If we’re going to sustain power through coercion — and we developed a nasty habit of doing so, especially under Bush — then we need to know enough to coerce successfully. So we collect. Everything. Even if doing so makes us stupider and more reliant on coercion.

So I can explain a lot of it without resorting to bad faith, even while much of that explanation underscores just how counterproductive it all is.

But then there’s the phone dragnet, the database recording all US phone-based relationships in the US for the last 5 years. Read more →

In Which the I Con Uses Top Secret Spy Weapon, the “Conjunction,” Against Journalists

October 29, 2013/26 Comments/in FISA /by emptywheel

Man, it looks Mike Rogers and Keith Alexander conducted one hell of an InfoOp against the nation’s NatSec journalists today. Congratulations, spooks, you’ve finally managed successful propaganda.

Before I explain what I understand to have happened, let me be clear: I don’t claim to know what the slides and Q&A from Boundless Informant mean. It may well be that the truth lies between what a bunch of reporters are now reporting and what a series of papers around the world have reported. What I am focusing on here is what the I Con has said as compared to how it has been reported.

As I noted last week, James Clapper used a poor translation of a French article which clearly talked about collecting metadata, denied that the NSA was collecting call content, and based on that gimmick claimed Le Monde had made an error.

Then, in remarkable timing that has been replicated several times during this scandal, the WSJ reported just before the hearing on a topic that both Mike Rogers and Keith Alexander had rehearsed answers for during the hearing. I believe the original lede of the WSJ story (it has been updated) read the same as the current article does,

Millions of phone records at the center of a firestorm in Europe over spying by the National Security Agency were secretly supplied to the U.S. by European intelligence services—not collected by the NSA, upending a furor that cast a pall over trans-Atlantic relations

I don’t think the story ever said all the records were collected by Europeans, just that millions were. But in any case, I have zero doubt that WSJ’s secret sources told them something like this, that Europeans gave us data, which got reported in a way to suggest the Europeans collected all of it.

At the end of a long sequence in the hearing itself, in a comment not read from prepared statement, Alexander said this (all transcriptions here my own — please let me know of any errors):

Those screen shots that show–or at least, lead people to believe that we, NSA, or the United States, collected that information is false. And it’s false that it was collected on European citizens. It was neither.

And that statement, which did not accord with what Alexander had just said (including a long passage read from a prepared statement), resulted in headlines like this:

NSA Chief Says Phone Records Given to Agency by Cooperating European Intelligence Services, Not Intercepted by NSA

Or, from the WSJ’s update, making this conclusion:

In a congressional hearing Tuesday, the National Security Agency director, Gen. Keith Alexander, confirmed the broad outlines of the Journal report, saying that the specific documents released by Mr. Snowden didn’t represent data collected by the NSA or any other U.S. agency and didn’t include records from calls within those countries.

I think one of the reasons this InfoOp worked so well is that reporters had almost no time between the hearing and their filing deadline to review what actually got said (I tweeted immediately that Alexander’s statement actually didn’t confirm the WSJ’s early report, but am only now getting this all down).

So let’s look carefully at what Alexander really said (this starts at 41:14).

Rogers starts by asking Alexander to elaborate, specifically with regards to the US and NSA (he may be invoking the WSJ story, but he doesn’t say so).

Rogers: And to that end, if I can, Mr. Alexander, there was some reporting that the story about French citizens being spied on by a particular slide that was leaked on a slide deck concluded that French citizens were being spied on. Can you expound on that a little bit? By the United States, by the way, specifically the National Security Agency.

Reading from a document of some sort, Alexander repeats the gimmick Clapper used last week, suggesting that the reports said the NSA had collected phone calls (content), then “corrects” their report to say Boundless Informant actually tracks metadata (which is actually what the reports had said).

Alexander: Chairman, the assertions by reporters in France, Le Monde, Spain, El Mundo, and Italy, L’Espresso, that NSA collected tens of millions of phone calls are completely false. They cite as evidence screen shots of the results of a web tool used for data management purposes but both they and the person who stole the classified data did not understand what they were looking at. The web tool counts metadata records from around the world and displays the totals in several different formats. [my emphasis]

Alexander then adds to last week’s gimmick of claiming the Europeans reported these as calls, not metadata, by denying we, alone, collected this data.

The sources of the metadata include data legally collected by NSA under its various authorities as well as data provided to NSA by foreign partners. To be perfectly clear, this is not information that we collected on European citizens. It represents information that we and our NATO allies have collected in defense of our countries and in support of military operations.

This is not information “we” collected (on European citizens, but I’ll come back to that), it’s data “collected by NSA … as well as data provided … by foreign partners.” It’s data “we and our NATO allies have collected.”

Those conjunctions — “as well as” … “and” — which in Alexander’s written statement make it clear that both the Europeans and US collect this intelligence, disappeared from much of the reporting on this.

Posts