NSA Chief Speaks in Princeton

Posted on by
Mike Rogers, NSA, military

Adm. Mike Rogers (photo: wikipedia)

Admiral Mike Rogers—Director, National Security Agency, and Commander, U.S. Cyber Command (the military’s centralized operational command for cyberspace operations)—spoke at Princeton University yesterday, part of an ongoing effort to establish greater understanding of the NSA mission and encourage private sector partnerships .

He kept his own remarks short, describing the missions of the two agencies he heads, in order to maximize time for audience questions. A key challenge he noted is assuring that efforts to manage the nation’s cyber-threats and foreign intelligence-gathering are appropriately balanced against “the inherent right to privacy” of the American people. In the late 1960s and early 1970s (the Watergate era), revelations of government spying on U.S. citizens led to two new mechanisms for privacy protection: FISA courts (authorized under the Foreign Intelligence Surveillance Act) and congressional oversight. Unfortunately, Rogers said, the public has lost confidence in both those approaches at a time when threats have rapidly escalated.

“Would we even be having this conversation if it weren’t for the whistleblowers?” an audience member asked.

Rogers responded, “I don’t know any whistleblowers. I only know of thieves who stole government information.” He went on to say that he wished he had that information back, because the loss of it has imperiled troops overseas and many other individuals and activities, as well as entailed considerable costs. He tells his staff that, if they see any information or process of gathering it that they consider illegal, immoral, or unethical, they should raise it within the chain of command, and it isn’t up to each individual person to pick and choose which laws to obey.

In deciding how to respond to a cyber-attack, his command uses the same principle of proportionality that the military does in general. The exact means of retaliation is a policy decision, not his alone. In North Korea’s hacking attack against Sony last November, for example, he urged the President to “think more broadly,” beyond just cyber-methods, and the U.S. government response to date includes economic sanctions against Pyongyang.

A questioner asked what happens when information amassed on foreigners includes information about Americans (“incidental” information). Rogers wouldn’t speak to whether the FBI or CIA access such information but said the NSA treats it differently, as to whether and how long it is kept, than it does information on foreigners.

Another controversy raised was the NSA’s practice of bulk data storage. Rogers said that at least some bulk data storage is necessary because the agency does not know now what may be useful down the road. There are limits on how long information is retained, but these are currently “more of an art than a science,” he said. A January report by an expert panel convened by the National Academy of Sciences concluded that, at present, there are no screening methods that are a viable alternative to bulk data collection, although privacy protections can be strengthened.