LAS VEGAS—At the Black Hat security conference today, National Security Agency (NSA) Director Keith Alexander defended the NSA's data collection programs and described at a high level what data is collected and how it's used.
His presentation covered two programs, both revealed by Edward Snowden: telephone metadata collection and a program of collecting from the computer industry data relating to foreign nationals, of which PRISM is a component. According to Alexander, the phone metadata collection, authorized under FISA section 215, was both limited and tightly controlled. The NSA collects only the time and date of a call, the phone numbers involved in a call, the duration of a call, and the service provider that captured the information. Notably, he said that names, address information, and location information were not captured. Nor was any conversation data collected, such as the contents of voice calls or text messages.
While this data was collected, Alexander said that access to the information was tightly restricted. Free-for-all queries weren't permitted. Instead, numbers had to be individually approved by one of 22 people at the NSA, and only 35 analysts within the agency were authorized to run queries on those numbers. In 2012, he said that fewer than 300 numbers were added to the list.