By Joseph Menn
LAS VEGAS (Reuters) – National Security Agency Director Keith Alexander jousted with a few hecklers as he defended the U.S. spy agency's surveillance programs at the Black Hat security conference on Wednesday, but largely kept the crowd of cybersecurity experts and hackers on his side.
Recent Stories in National Security
"Read the Constitution!" one heckler shouted at the 61-year-old four-star general as he responded to polite but tough questions selected in advance by conference organizers.
"I have. So should you," Alexander shot back, triggering sustained applause.
The four-star general, who wore uniform shirt sleeves, was the opening keynote speaker at the annual convention in Las Vegas, which drew about 7,000 cybersecurity experts and hackers from the private and public sectors.
Alexander has been under fire from many civil liberties advocates and lawmakers since former NSA contractor Edward Snowden leaked documents revealing previously secret telephone and internet surveillance programs run by the U.S. government.
Snowden, facing U.S. criminal charges and holed up in Russia, disclosed details on how the NSA gathers and stores telephone calling records of virtually all Americans, and works closely with Google Inc, Microsoft Corp and other technology companies to obtain communications from users in other countries.
The NSA is the U.S. spy agency that monitors foreign electronic communications.
The NSA protects some of the companies represented at the conference and hires some of their best employees. At the same time, many security experts have profound enthusiasm for the causes of internet freedom and privacy.
Alexander's comments in Las Vegas did not go beyond those he previously gave before Congress and at other public appearances in the past two months. He argued that the NSA surveillance programs helped disrupt more than 50 "terrorist-related" plots but said he supported wider discussions on how to balance national security priorities with privacy rights.
Alexander, who is also in charge of the U.S. Cyber Command that handles military cyberspace operations, said the NSA initially examined only several hundred phone numbers, then looked outward to see who else those people had spoken to.
His tone was mostly conciliatory, though he asserted that allegations of indiscriminate eavesdropping by the NSA had not been borne out by a Senate committee investigation, internal audits or reviews by administration officials.
"We get all these allegations of what they could be doing, but when people check, like the intelligence committee, they found no times" that NSA internet surveillance had been willfully abused, he said.
The furor over the NSA surveillance programs threatens the overseas business of some U.S. companies, as technology buyers look to local alternatives to replace U.S. services that can be intercepted.
The first question from the audience for Alexander after his conference speech was whether he believes the NSA is hurting the ability of U.S. technology companies to compete for foreign customers. He said that companies should be able to disclose how little they actually turn over, as the industry is asking to do.
Alexander also said the vast majority of countries have similar "lawful intercept" programs and the NSA's version was an unusually good model because it was subject to U.S. court review, albeit in secret.
Though not as critical as Congress and the courts, the security professionals at Black Hat still represent a key audience for Alexander. "This is the greatest center of technical gravity in the world," he said of his audience. "It is important that we put the facts on the table."
Black Hat conferences bring together corporate, government and independent cybersecurity experts including some hackers.
Because information on so many Americans is subject to collection without any suspicion of wrongdoing, Snowden's revelations have provoked a large privacy outcry.
"I've never sensed this level of tension or apprehension in the community," said Black Hat founder Jeff Moss. He recalled the debate over U.S. restrictions on cryptography exports in the 1990s but said that "pales in comparison" to the fight about mass communications interception now underway.
The U.S. House of Representatives voted last week not to cut funding for the NSA's calling-records program.
The U.S. government on Wednesday released some declassified documents on the NSA's mass collection of telephone data.
The documents included an April order by the U.S. Foreign Intelligence Surveillance Court that directed Verizon to hand over data from millions of Americans' telephone calls and described how the data should be stored and accessed.