ok. i didn't you to vote against this. a have been able to say senate democrats to not agree on the loans and that is creating a lot of frustration among both parties, especially among student advocates. >> the real hurdle is in the senate. you are the players? they put this through. we are back to trying to cobble out some sort of bipartisan agreement. you can look to the senators on that issue. the goal going forward is going to be some sort of bipartisan deal. on the student loan issue, at the house has not taken this approach were say we are not going to do any in until the senate acts.

the onus is on the senate to get to their boat to get over that hurdle and produce something. >> he said he wants to have some reading room. he wants to fold this issue into some sort of higher education reauthorization act. if they got that, realistically, when would they do a reauthorization? what about the midterms coming up? >> it is up for renewal this fall. ended inleft behind 2000 save and. 2000 seven. congress refused to act. there has not been a law goinging federal dollars to elementary and secondary schools since 2000 seven. this is not an issue that gets people excited to get moving on reform. they get excited for things that do not work. pete shrader,t,

thank you both for your time. >> thank you. >> we will look more at student financial aid on monday at a daylong conference hosted by the american enterprise institute. join us live at 9:00 a.m. eastern on c-span3. general keithn, alexander testifies on the data collection programs. then a hearing on security clearances for federal employees and contractors. then mitch mcconnell talks about free speech policies under the obama administration. >> let us not be blinded to our differences. let is also direct attention to our common interest and the means by which those differences

can be resolved. if we cannot end now our differences, at least we can help make the world safe for diversity. >> wherever they may live. citizens. i takere as a free man in these words. >> he learns through the missile crisis. this again.see a real-oviding this for time. fallwas agreed to in the of 1963. it is also time building up defenses and seeking a way toward peace with this american university. >> looking back on the 50th anniversary of the speech.

today at 7:30 p.m.. part of american history television every weekend. general keith alexander testifies on his agency's surveillance and data collection programs. he is joined by other officials including james cole. from the house permanent select committee on intelligence, this is three hours.

>> on short notice.

that is why we turn the microphone off. hold on for technical difficulties. can you hear me?

the committee will come to order. mr. deputy director, i thank you for appearing before us on short notice. the ranking member and i believe it is important to hold an open hearing today, and we do not do a tremendous amount of those to provide this house and the public with an opportunity to hear from you how the government is using the legal authorities that congress has provided to the executive ranch since the terrorist attacks of september 11, 2001. i would like to recognize the hard work of the men and women of the nsa and the rest of the intelligence community who work day in and day out to disrupt threats to our national security. people at the nsa in particular have heard a constant public drumbeat about a laundry list of the things they are alleged to be doing to spy on americans,

all of them wrong. the misperceptions have been great. they keep their heads down and keep working every day to keep us safe. general alexander, convey our thanks to your team for continuing every day despite much misinformation about the quality of their work, and thank them for continuing to work to protect america. i want to take this moment to note general alexander has been extended as national security advisor three different times. that is a patriot. this is a very difficult job and at a very difficult time in our history, and for the general to accept those extensions of his military service to protect this nation, i think with all of the misinformation out there i want to thank you for that. thank you for your patriotism. thank you for continuing to serve to protect the united states again. you have that great burden of

knowing lots of classified information you cannot talk publicly about. i want to thank you for your service to the country. the committee has been briefed on these efforts over a regular basis as a part of our oversight responsibility over the 16 elements of the intelligence community and the national intelligence program. we fully understand programs, most of these briefings and hearings have taken place in classified settings. the collection efforts under the business records provision in section 702, the foreign intelligence surveillance act, are legal, court approved, and subject to extensive oversight. i look forward to hearing from the witnesses about the protections and oversight for these programs.

we look forward to hearing what you are able to discuss in an open forum about how the data nsa has obtained from providers under court order, especially under the business records provision is used, and, mr. cole, we look forward about hearing about the legal authorities about what privacy protections americans have in these business records. one of the frustrating part about being a member of this committee and being challenged is sitting at the intersection of classified programs and transparent democracy as representatives of the american people. the public trusts the government to protect the country from another 9/11 type of attack, but that trust can wane when they're faced with inaccuracies and outright lies about when the programs are being run. one of the more damaging aspects of leaking incomplete information is it paints an inaccurate picture and fosters distrust.

this is so when does of us who have taken the oath to protect information that can damage the national security if released to not publicly provide clarifying information because it remains classified. it is at times like these where our enemies within become almost as damaging as our enemies on the outside. it is critically important to protect sources and methods so we are not giving the enemy our playbook. it is important to talk about how these programs protect us so they continue to be authorized and we highlight the protections and oversight of which these programs operate under. general alexander, we have talked over the last week about the need to be able to publicly elaborate on the success stories these authorities have contributed to without jeopardizing ongoing operations.

i know you will have the opportunity to talk about several of those today. i placed the utmost trust in protecting sources and methods, and that is why you have been so diligent in making sure anything that is disclosed comports with the need to protect sources and methods so that we do not make it easier for the bad guys overseas, terrorists in this case, to do harm to the united states citizens. i respect that. i recognize when we are forced into the position of having so publicly discuss intelligence or groups to do irresponsible criminal behavior we also have to be careful balancing the need protecting secrecy. in maintaining public trust them a we provide more examples of how these authorities have disrupted plots. i appreciate your efforts in this regard. for these authorities to continue, they must continue to be available. without them, i fear we will return to the position where we

were prior to the attacks on 9/11 and that would be unacceptable for all of us. i hope the hearing will help answer lessons that have arisen as a result of the fragmentary and distorted illegal disclosures over the past several days. before recognizing general alexander for his statement, i turn the floor over to the ranking member for any statement he would like to make. >> your leadership at nsa has been outstanding, and i want to acknowledge the people who work there every day. a lot of the people who go to work to protect our country who work hard every day are concerned that the public thinks they are doing something wrong, and that is not the case. the most important thing we can do today is that the public know the true facts. i know the chairman and i have asked you to help declassify what we can and will not hurt our security so the public can understand this is legal, why we're doing this program, and how it protects us. we are here because of the disclosure of article classified information that keeps our country safe.

this leak by an american put our country and allies in danger by giving the terrorists a good look at the playbook that we use to protect our country. the terrorists know many of our sources and methods. there has been a lot in the media about this, some right, a lot wrong. we hold this hearing today so we can set the record straight and the people can hear from the intelligence community as to what is allowed. we need to educate members of congress, also the public, to be clear, that the nsa is prohibited from listening in on phone calls of americans without proper court-approved authorities. we live in a country of laws. they are layered with oversight from three levels of government.

after 9/11 we learned that a group of terrorists who were living in the united states were actively plotting to kill americans on our own soil and we did not have the proper authorities in place to stop them before they could kill almost 3000 people. intelligence is the best defense. there are too many authorities that have been highlighted in the press. the business record provision allows the government to collect meta-data. this authority allows us to close the gap. it enables our community to discover whether foreign terrorists have been in contact with people who may be planning an attack on u.s. soil. the second authority is 702 of the fisa amendment out that allows the government to collect content of e-mail and phone calls of foreigners located outside the united states. this allows the government to get information about terrorists about threats, weapons, and nuclear weapons proliferation that threaten america. this authority prohibits the targeting of citizens or residents without a court order

no matter where they are located. without these they are illegal. congress approved them over the last few years. these authorities have been helping prevent attacks. the fact remains we must figure out how this could have happened, how this administrator was able to access such information about such sensitive matters and how was he able to download it and move it from his workplace undetected. we need to change our systems and practices and employ the latest in technology that will andlatest in technology that will alert superiors. we need to seal this crack in the system. and to repeat something incredibly important, nsa is prohibited from listening to phone calls or reading e-mails americans without a court order. i look forward to your testimony. >> thank you. general alexander, the floor is yours.

it is a privilege to serve as the director of the national security agency and the commander of u.s. cyber command. we have extraordinary people doing great work to protect this country and protect our civil liberties and privacy. over the past few weeks unofficial disclosures of classified information have resulted in considerable debate in the press of these programs. the debate is fueled by incomplete and inaccurate information, with little context provided on the purpose of these programs, their value to our national security, and of our allies and the protections that are in place to preserve our privacy and civil liberties. today we will provide additional detail and context on these two programs to help inform that debate. these programs were approved by the administration, congress,

and the courts. from my perspective, a sound legal process that we all work together as a government to protect our nation and our civil liberties and privacy. ironically, the documents that have been released so far showed the rigorous oversight and compliance our government uses to balance security with civil liberties and privacy. let me start by saying that i would much rather be here today debating this point than trying to explain how we failed to prevent another 9/11. it is a testament to the ongoing teamwork of the central intelligence agency, the federal bureau of investigation, and the nsa, working with allies and industry partners that we have been able to connect the dots and prevent more terrorist attacks.

the events of september 11, 2001, occurred in part because of a failure on the part of our government to connect those dots. some of those were in the united states. the intelligence community was not able to connect those domestic dots, phone calls between operatives in the u.s. and al qaeda terrorists overseas. following the 9/11 commission, which investigated the intelligence community's failure to detect 9/11, congress passed the patriot act. section 215 of that act, as it has been interpreted and applied, helps the government close that gap by enabling the detection of telephone contact between terrorists overseas and operatives within the united states. as director mueller emphasized last week during his testimony to the judiciary committee, if we had had section 215 in place prior to 9/11, we may have known that the 9/11 hijacker was located in san diego and communicating with a known al

qaeda safe house in yemen. in recent years, these programs together with other intelligence have protected the u.s. and our allies from terrorist threats across the globe, to include helping prevent potential terrorist events over 50 times since 9/11. we will actually bring forward to the community tomorrow documents that the interagency has agreed on that in a classified setting gives every one of those cases for your review. we will add to that, but as the chairman noted, if we give all this out, we give all the secrets of how we are tracking

threats. too much is at risk for us and for our allies we would like to make three points. first, these programs are critical to the intelligence community's ability to protect our nation and our allies' security. they can assist the efforts to connect the dots. second, these programs are limited, focused, and subject to rigorous oversight. they have distinct purposes and oversight mechanisms. we have rigorous training programs for our analysts and their supervisors to understand their responsibilities regarding compliance. third, the disciplined operation of these programs protects the privacy and civil liberties of the american people. we will provide important details about each of those.

i would ask the deputy attorney general, mr. cole, to discuss this. >> thank you, general. members of the committee, as general outlander said, and as the chairman and ranking member have said, all of us in the national security area are constantly trying to balance protecting public safety with protecting people's privacy and civil liberties in this government, and it is a constant job balancing this. we think we have done this in these instances. there are statutes that are passed by congress.

this is not a program that is off the books, that has been hidden away. this is part of what government puts together and discusses, statutes are passed, it is overseen by three branches of our government -- legislative, judiciary, and the executive branch. the process of oversight occurs before, during, and after the processes that we are talking about today. i want to talk about how that works, what the legal framework is, and what some of the protections are that are put into it. first of all, what we have seen published in the newspaper concerning 215, the business records provisions of the patriot act, and also a modified fisa order you have seen, one order in the newspaper that is a couple of pages long that just says under that order we are allowed to acquire metadata, telephone records. that is one of two orders. it is the smallest of the two orders, and the other order, which has not been published, goes into in great detail what we can do with that metadata, what we can do with it once a threat is identified and what the conditions are that are placed on us to make sure we protect privacy and civil liberties and at the same time protect public safety. let me go through a few of the features.

first of all, it is metadata, phone records. this is just what you would get in your own phone bill. it is the number that was dialed from the number that was dialed to the date and the length of time. that is all we get under 215. we do not get the identity of any of the parties to this phone call. we do not get any cell site or location information as to where any of these phones were located, and most importantly, and you'll probably hear this 100 times a day, we do not get any content out of this. we do not listen in on anybody's calls under this program at all. this is under section 215. this has been debated and up for reauthorization and reauthorized twice by the united states congress since its inception in 2006 and in 2011. the way it works is there is an application that is made by the fbi under the statute to the fisa court. this is the fisc. they asked for and received permission to get records that are relevant to a national security investigation.

they must demonstrate that it will be operated under the guidelines that are set forth by the attorney general under executive order 12333. it is limited to tangible objects. what does that mean? these are like records. like metadata, the phone data i've been describing, but limited to things you could get with a grand jury subpoena,

those kinds of records. it is important to note prosecutors issue subpoenas all the time and do not need any involvement of a court or anybody else to do so. under this program, we need to get permission from the court to issue this ahead of time so there is court involvement with the issuance of these orders from a which is different from a grand jury subpoena, but the type of records, just documents, business records, things like that are limited to those same types of records we could get through a grand jury subpoena. now, the orders that we get last 90 days. so we have to re-up and renew these orders every 90 days in order to do this. there are strict controls over what we can do under the order, and that is the bigger order that has not been published. there is restrictions on who can access it in this order.

it is stored in repositories at nsa that can only be accessed by a limited number of people and the people who are allowed to access it have to have special and rigorous training about the standards under which they can access it. in order to access it, there needs to be a finding that there is reasonable suspicion that you can articulate, that you can put into words, that the person whose phone records you want to query is involved with some sort of terrorist organizations, and they are defined. it is not everyone. they are limited in the statute. there has to be independent evidence aside from these phone records that the person you are targeting is involved with a terrorist organization. if that person is a united states person, a citizen or lawful permanent resident, you have to have something more than

just there on speeches, there on readings, their own first amendment type activity. you have to have additional evidence beyond that that indicates there is reasonable articulable suspicion that these people are associated with specific terrorist organizations. one of the things to keep in mind that under the law the fourth amendment does not apply to these records. there was a case by the supreme court that indicated that toll records, phone records like this that do not include any content are not covered by the fourth amendment, because people do not have a reasonable expectation of privacy in who they called and when they called. that is something you show to the phone company. this something you should too many people within the phone company on a regular basis. once those records are accessed under this process and reasonable, articulable suspicion is found, that is

found by specially trained people, it is reviewed by their supervisors. it is documented in writing at of time so that somebody can take a look at it. any of the accessing that is involved, there are particular restrictions on how any information concerning a u.s. person can be used in this. now, there is extensive oversight and compliance is done with these records and with this process. every now and then there may be a mistake, a wrong phone number

is hit and is targeted because there is a mistake in the phone record, nothing like that. each of those apply to incidents, if and when they occur, have to be reported to the fisa court immediately. the fisa court pushes back on this. they want to find out what the were the procedures and mechanisms allowed this to happen and what have you done to fix it. we also provide the intelligence and judiciary committees with any significant interpretations that the court makes in the 215 statute. we provide those as well as the application to the intelligence committee and to the judiciary committee.

every 30 days, we are filing with the court a report that describes how we implement this program. the number of instances that the query results in containing person information that was shared outside of nsa, and all of this goes to the court. at least once every 90 days and sometimes more frequently, the department of justice, the office of the director of national intelligence and the nsa meet to assess compliance with all of these requirements that are contained in the court order. separately, the department of justice meets with the inspector general for the

national security agency and assesses compliance on a regular basis. finally, there is by statute recording of certain information that goes to congress in semiannual reports we make on top of the periodic reports we make if there is a compliance incident. those include information about the data that was required and how we are performing under this statute. once again, keeping in mind all of this is done with three branches of government involved, oversight, and initiation by the executive branch with review by multiple agencies, statutes that are passed by congress, oversight by congress, and then oversight by the court. the 702 statute under the fisa amendments act is different. under this, we do get content, but there's a big difference. you are only allowed under 702 two target for this purpose non-u.s. persons who are

located outside of the united states. so if you have a u.s. permanent resident who is in madrid, spain, we cannot target them under 702. or if you have a non-u.s. person who is in cleveland, ohio, we cannot target them under 702. in order to target a person, they have to be neither a citizen in nor a permanent u.s. resident and need to be outside the united states while we are targeting them. there's prohibitions in the statute. for example, you cannot reverse target somebody. this is where you target somebody who is out of the country, but your goal is to capture conversations to somebody who is inside the united states. you're trying to do indirectly what you cannot do directly. that is explicitly prohibited by this statute. if there's ever any indication

it is being done, because we report the use that we make of the statute to the court and to the congress, that is seen. you also have to have a valid purpose in order to do any of the targeting on this. so you have to make sure as it was described that is being done for defined categories of weapons of mass destruction, foreign intelligence, things of that nature. these are all done pursuant to an application that is made by the attorney general and the director of national intelligence to the fisc. it allows the targeting to be done for a year. ofhas to be done at the end that year to for it to be re- upped. there is also a requirement that again there is reporting. you cannot under the terms of this statute have had collect

any information on conversations that are wholly within the united states. you're targeting somebody outside the united states. if they make a call to inside the united states, that can be collected, but is only because the target of that call outside the united states initiated that call and went there. if the calls are wholly within the united states, we cannot collect them. if you are targeting a person was outside the united states, and you find that they come into the united states, we have to stop the targeting right away, and if there's any lag and we find out we collected information because we were not aware they were in the united states, we have to take that information, purge it from the systems, and not use it. there's a great deal of minimization procedures that are involved here, particularly concerning any of the acquisition of information that

deals with or comes from u.s. persons. only targeting people outside the united states who are not u.s. persons, but if we do acquire any information that relates to a u.s. person, under limited criteria only can we keep it. if it has to do with foreign intelligence in that conversation or understanding foreign intelligence or evidence of a crime or threat of serious policy injury, you can respond to that. other than that, we have to get rid of it, we have to purge, and we cannot use it. if we inadvertently acquire any of it, not meaning to, again, once that is discovered, he have to get rid of it and purge it. the targeting decisions that are done are again documented ahead of time, reviewed by supervisor before they can take place. the office of director of national intelligence conduct

on-site reviews of each targeting that is done. they look at them to determine and go through the audit to determine that they were done properly. they look at them and determine that they were done properly. this is done at least every 60 days and many time done more quickly than that. if there is any compliance issue it is immediately reported. they push back -- how did this happen? what are the procedures? what mechanisms are you using to fix this? what have you done to remedy it? have you gotten rid of it as you are required? we are providing congress with all of that information if we have compliance programs -- programs. -- problems. there are compliance issues that have arisen during that quarter on top of the immediate reports and what we have done to fix it anonymity the ones that we have reported. -- and fixed any of the ones we

have reported. we accept our compliance with the targeting and minimization besiegers. -- procedures. we also divide the report concerning the implementation of the program. and what we have done and found. we will provide to congress documents that contain how we are dealing with the minimization procedures, any significant legal interpretation concerning statutes, as well as orders and applications that relate to that. on top of all of this, annually the inspector general for the nsa doesn't assessment that he provide -- does an assessment that he provides to congress. the number of targets that were reasonably lead at that time to

be outside the united states and later determined to be in the united states and what was done. in short, there is before, during, and after the involvement of all three branches of the united states government on a robust and fairly intimate way. i would like to make one other observation if i may. we have tried to do this as thorough and protect the and as transparent a way as we possibly can incident it is the gathering of intelligence information. countries and allies of ours all over the world can elect -- collect intelligence. there have recently been studies of how transparent our system is in the united states compared to many of our partners. likein the eu, countries france, germany, the u.k. a report recently issued in may of this year found that the

fisa amendment acts, the statue we are talking about, "imposes if not more due process on intelligence surveillance and other countries." this includes eu countries. the u.s. is much more transparent about its procedures and requires more due process investigations regarding national security and terrorism and foreign intelligence. the balance is always when we seek to strive to achieve, but as i have laid out to you, we have done everything we can to achieve it. wet of the proof of what have done is this report that came out last month indicating our system is as good and better than all of our allies.

thank you, mr. chairman. >> the chairman will switch to the value of the program and talk about statistics put together. as he stated, these programs are immensely valuable for protecting our nation and securing the security of our allies. information gathered on these programs provided the u.s. government with critical leads to help prevent over 50 potential terrorist events in more than 20 countries around the world. faa contributed to over 90% of these cases. at least 10 of these events included homeland based threats. a vast majority, fisa contributed as well. it has a great partnership with the homeland security department. federal lead is the bureau of investigation. it has been our honor and privilege to work with director mueller.

>> thank you, general. thank you, chairman, and members of the committee for the opportunity to be here. nsa and the f b i have a unique relationship. it is one that has been invaluable since 9/11. i want to highlight some instances. in fall 29 -200 -- 2009, the intercepted an e-mail from a terrorist located inside the united states talk about recipe for explosives. that individual was identified. he was located in denver, colorado. the fbi followed him to new york city. later we executed search warrants and found bomb making components in baghdad. he later confessed to a plot to bomb the new york subway system. also working with fisa,

business records. previously to get a unknown number of a co- conspirator. this was the first al qaeda plot since 9/11. withtilized authority monitoring and extremism in yemen. he was in contact with an individual in the united states. he and other individuals that identified through fisa were able to detect a nascent plotting to bomb the new york stock exchange. he had been information and support to the plot. the fbi instructed -- arrested individuals.

a u.s. citizen living in chicago, the fbi received intelligence regarding his possible involvement in the 2008 mumbai attacks. there was a killing over 160 people. there was an all qaeda affiliated her wrist -- terrorist. andting to bomb a day cartoon office -- a danish newspaper office. he and his co-conspirators were arrested for this plot. however, the nsa using the business records fisa get this

off that this individual had indirect contact with a known terrorist overseas. we were able to reopen this investigation and identify additional individuals and were able to disrupt this terrorist activity. thank you. >> so that is four cases total that we have put out publicly. what we are in the process of doing is looking at over 50 cases that are classified and will remain classified. those 50 cases right now has been look that by the fbi and the cia and other partners in the national counterterrorism center so that you know what we have put in there is exactly right. i believe the numbers from those cases are something we

can publicly reveal and publicly talk about. what we are concerned is going into more detail on how we stop some of these cases as we are concerned it will give our adversaries a way to work around those and attack us or our allies. that would be unacceptable. i have concerns that the intentional and irresponsible leak of programs will have a long and a reversible impact on our nations security and on behalf of our allies. this is significant. i want to emphasize that foreign intelligence programs we are talking about is the best tool that we have to go after these guys. we cannot lose those capabilities. one of the issues that has repeatedly come up -- we have the deputy director of the

national security agency becky give some specifics of what we do and how we do it with these programs. >> thank you. i'm pleased to be able to really describe it to programs as use by the national security agency with a focus on the internal control and oversight provided. the two complementary, but distinct programs are focused on foreign intelligence. that is the nsa charge. it authorizes a collection of telephone metadata only. it is the only telephone numbers and the time and date of the call and the duration. this authority does not therefore allow the government to listen in on anyone's telephone calls, even that of a terrorist. information is required with a court order. what you're saying in the course of the conversation and

identities of the people talking -- this program was specifically developed to allow the u.s. government to detecting indications between terrorist operating outside the u.s. or potential operatives inside the u.s. the control and use of this data are specific and rigorous and design to ensure focus on counterterrorism. the metadata required may be queried only when there is a reasonable suspicion they saw specific and documented facts like an identifier such as a telephone phone number. these determinations are referred to as being reasonable, suspicious standards. during 2012, 12 months of 2012, we approved fewer than 300 unique numbers that were used to initiate a query of the data.

the second program authorized under the act authorizes targeted only for communications of foreigners who are not within the united states for foreign intelligence purposes. as i noted earlier, nsa being a foreign intelligence agency, that is information related to activities including foreign governments are organizations or international terrorists. let me be clear -- section 702 cannot be and is not used to potentially target any u.s. citizen for any u.s. person, any person known to be in the united states, a person outside the united states, if the purpose is to acquire information from a person inside the united states. we may not do any of those things using this authority. the program is cain in our counterterrorism efforts. -- the program is part of our counterterrorism efforts.

again, if you want to target content of the u.s. person anywhere around the world, you cannot use this authority. you must get a specific court warrant. i would like to describe in detail some rigorous oversight from each of these programs. first, a program known as business records fisa, controls how we manage and use the data. it is explicitly defined if approved by the surveillance court. it is segregated from other data sets held by the nsa. everything is documented and audited. only 20 analyst at nsa and their two managers are authorized to approve numbers that might be used to query the database. all of those individuals must be trained in the pacific -- specific procedures to determine what is meant by reasonable suspicion.

tory 30 days, nsa reports the courts the number of queries and dissemination made during that time. every 90 days, the department of justice samples all data queries and especially reviews the basis for every u.s. person or every u.s. identity query made. we do not know the names of the individuals of the queries we might make. only seven senior officials the nsa are authorized that dissemination of any information we believe that might be a too beatable to the u.s. person -- mike beebe attribute will -- might be attributable to the u.s. person. it is necessary to understand. the foreign intelligence survey -- reviews every 90 days. nsa and the department of justice oversight committee on employment of the program, we provide written notification of all significant developments. the justice department provides oversight committees opinions

regarding the programs. turning my attention to another program, the foreign intelligence court annually review certification that is required by law and jointly submitted by the attorney general and and the director of national intelligence. the certifications defined what might be appropriate late targeted. the attorney general and the court both agree are consistent with the law and the fourth amendment of the constitution. these require that a communication regarding a u.s. person must be destroyed if it does not maintain evidence of a crime. a semi annual assessment by the department of justice in the

office of the director of national intelligence regarding compliance with the nation received years -- with the procedures. the number of dissemination is that might occur, the number of targets found in the united states, and whether the communication for such targets are reviewed. an annual director report is required to describe the efforts taken by nsa and adjust the number of u.s. person identities. -- address the number of u.s. person identities. technology relevant to an authorized to the and any noncompliant to include executive branch's plan for remedying that same event. in addition to the procedures i have described, the department of justice conducts on-site reviews to sample nsa targeting decisions every 60 days.

i would conclude with my section to say that july 2012, the senate intelligence committee reported progress over the four years of the law at that time. he said across the four-year history of the program, the committee had identified a single willful effort but executive branch -- nine milli -- >> to wrap up, there are 10 people in the decisions. everyone of those have to be credentialed. i do want to hit a couple of keynotes. under the 702 program, the u.s. government does not use unilateral from servers in u.s. companies.

rather the servers are compelled to provide records using methods that are in strict compliance with the law. attorneythe deputy general noted virtually all countries have lawful national awfully interceptor programs in which providers share data about individuals a believer presented its to their societies. communication providers are required to comply with those programs in the countries in which they operate. the united states is not unique in this capability. the u.s. operates this program under the strict oversight and compliance regime it was noted above with careful oversight by the courts, congress, and the administration. impact this, u.s. companies have put energy in focus and commitment into consistently protecting the privacy other customers around the the world and meeting their obligations under the laws of the u.s. and other countries in which they operate.

i believe they take those seriously. as americans, we value our privacy and civil liberties. as americans, the also value our security and our safety. in the 12 years since the attack on september 11, we have lived in relative safety and security as a nation. that security is a direct result of the intelligent communities by effort to better connect the dots and learn from the mistakes that permitted those attacks to occur. in those 12 years, we have thought long and hard about oversight and compliance and how to minimize the impact on our fellow citizens privacy. we have created and implemented and continue to monitor a comprehensive mission compliance program inside nsa. this program was develop a stun

industry best practices they keep technologies aligned with approved procedures. outside of nsa, the office of the director of national intelligence department of justice and foreign intelligence surveillance court revive robust oversight, as well as this committee. i believe we have that balance right. in summary, these programs are critical to the intelligence community's ability to protect our nation and our allied -- allies. it allows us to connect the dots. these programs are limited, focus, and subject to rigorous oversight. they have distinct or basis and oversight mechanisms. third, the discipline provides -- protects the civil liberties of the american people. the people of nsa takes these response abilities to heart. they protect our nation and our allies as part of a bigger team. they protect our civil liberties.

andas been an honor privilege to lead these great americans. we will turn it back to you. >> members of the committee, i want to speak very briefly and address a couple of additional misconceptions that the public has been said about some programs. the first is the collection under 702 that it is somehow a loosening of tradition standards because it does not require individualized warrants. in fact, exactly the opposite is the case. the kind of collection done under that section 702 is collecting foreign intelligence information from foreigners outside of the united states, it was historically done under his own authority without any kind of supervision whatsoever. act,result of the fisa there are restrictions and

limitations that have been described by the other witnesses. ofs is a tightening standards from what they were before. the second misconception is that the core is a rubber stamp for the executive branch. people point to the fact -- this does not recognize the actual process that we go through. the fisa court appointed from around the country take this on in addition to their other burdens. they are rightly expect it -- experienced and respected judges. they work only on fisa matters. applicationare an for fisa, whether it is one of these programs or traditional fisa, we first of the to the core what is called a read copy. the court staff will review and comment on it. they will almost come back with

questions and concerns and problems that they see. there is a process back and forth between the government and the board to take care of those concerns. at the end of the day, we are confident that we are presenting something that the fisa court will approve. that is hardly a rubber stamp. it is rather extensive and serious judicial oversight of this process. the third point -- misconception i want to make is that the process that we have here is one that simply relies on trust or individual analysts or people at nsa to obey the rules. i will not go into details as to the oversight. it has been adequately described. the point is that there is a multilayered level of oversight within nsa and involving my agency, the office of the director of national intelligence, and the fisa court and congress to ensure that these rules are complied with.

the last point i want to address is that this information should not have been classified. it was classified to conceal it from the american people. the leaks are not damaging. you both made this point. these are extremely important collection programs to protect us not only from terrorists, but other threats to our national security. there is a wide variety. they have produced a huge amount of valuable intelligence over the years. we are faced with an information -- with the situation because this has been made public, we run the risk of losing these collection capabilities. we will know whether these leaks have caused us to lose capabilities. if they do have that effect, there is no doubt that they will cause our national security to be effective.

thank you. >> thank you all very much. i appreciate that. just a few quick questions. members have a lot of questions. for the record, can you describe quickly your civilian role? >> yes, sir. there has a husband senior serving military officers at the national security agency -- there has always been a senior serving military officer at the national security agency. i search for a period of 13 years active-duty on the air force and transferred to that national security agency. >> you rose to the rank of? >> i was general of international guard. >> i just want to get on the record that he had military service as well as civilian service. >> i do.

activeferred from the air force to national security. i retained my filiation i was proud to be able to serve in the national guard. >> thank you. you mentioned wearies of less than 300. what does that mean? -- queries of less than 300. what does that mean? >> a reasonable suspicion. a number of interests, telephone number might be associated with connected plots of a specific plot overseas. there is a desire to see whether there is any connection to the united states. the process they go through is described as one where they make -- >> you do not put in a name? >> no. the only thing we get from providers are numbers. the dataset is numbers themselves. >> no names or addresses affiliated. >> no. >> just phone numbers.

toan analyst would try determine whether there was a describable, there must be written documentation that says there is a suspicion that this is attributed to a foreign plot. after having made that determination, there would be further checked to determine whether it is possible to discern whether it is associated with a u.s. person. you might look at the area code and say it could likely be in the united states. we know within this area that is d.c. 310, that would be maryland. if that were to be the case, it would get for the review to ensure is not a situation or some and is merely expressing their first amendment rights. if that was all it was, however objectionable thomas that is not a basis to for that database.

if he gets further, it must be further approved -- if it gets further, it must be further approved. the query itself would just be a number. they would determine whether that number exist in the database. that is how the query is formed. >> it is not a named or an address. it is a phone number. >> if it were a name or address, there would be no possibility that the database would return any meaningful result. >> just a phone number. >> just a phone number. >> welcomes back when you carry the database? -- what comes back when you query the database? >> just phone numbers. >> there are no names and addresses in that database. >> no.

>> why only less than 300 queries or numbers into that database? >> only less than 300 numbers were approved. those might have been applied both will times. there might be some number greater of -- than that. the reason there are very few, select approve is that the court determined there is a narrow purpose for this use. it cannot be to prosecute a greater understanding of the simply the mistake -- domestic -- there might be very well defined and describable, written determination that this is a suspicion of a connection between a foreign plot a -- foreign plot and a domestic nexus. >> and those are big ported to the -- and those are reported to the court? >> there are a number of queries reported to the court and any time there is a dissemination associated.

>> and there is a court approved process in order to make that query into that information? >> only for numbers -- phone numbers. the department of justice provides a rich oversight auditing. >> thank you. fisa >> thank you. general alexander, is the nsa on private company servers, as defined under these programs? >> we are not. >> does the nsa have the ability to listen to americans' phone calls or read their e-mails under these programs? >> we do not have the authority. >> does the technology exists to flip a switch and have an analyst listen? >> no. >> the technology does not exist for individuals at the nsa to listen to americans' phone calls or read their e-mails? >> that is correct.

>> help us understand that. if you get a piece of a number, there has been some public discussion that there is not a lot of value in what you might get from a program like this, that has this many levels of oversight. can you talk about how that might work into an investigation to help you prevent a terrorist attack in the united states? >> investigating terrorism is not an exact science. it is like a mosaic. we try to take disparate pieces and bring them together to form a turf. there are many different pieces of -- of intelligence. he have assets. we have physical surveillance. we have legal surveillance with legal process for phone records. with additional legal process, financial records. these programs are all valuable pieces to bring that mosaic together and figure out how these individuals are plotting to attack the united states

here, or u.s. interests overseas. we hear the cliché, frequently, after 9/11, about connecting the dots. with the american public, we come together to put the dots together to form the pic chair to allow us to disrupt these activities. >> thank you. given the large number of questions by members, i am going to move along. >> i want to thank all the witnesses for your presentations, especially mr. cole. i think you explained well and in a very sick sink way. it is unfortunate sometimes when we have incidents like this that a lot of negative or false information gets out. whoink that those of us work in this field and the intelligence field every day know what the facts are, and we are trying to now present those

facts through this panel. that is important. but i would say that if i were to listen to the media accounts of what occurred in the beginning, i would be concerned. it is important we get the message out to the american public that what we do is legal. we are doing it to protect our national security from attacks from terrorists. you addressed this, but i think it is important to reemphasize the fisa court. it is unfortunate. when people disagree with you, they attack you. they say things that are not true. we know these are federal judges. they have integrity. they will not approve anything they feel is wrong. we have 90 day periods where the court looks at this issue. general alexander, do you feel in any way that the fisa court is a rubber stamp they stunned the process? our system of government is checks and balances. that is what we do in this country. we follow our constitution. it is unfortunate the federal judges are being attacked.

>> as you have stated, the federal judges on the court are superb. our nation can be proud of the way they make sure we do this exactly right. every time we make a mistake, they work with us to make sure it is done correctly to protect our civil liberties, write essay, and go through the court process. they have been extremely professional. there is no rubber stamp. it is kind of interesting. it is like saying you just ran a 26 mile marathon, and somebody says, that was just a job. the details and specifics go months through the fbi, the department of justice, and through the court on each of those orders. there is tremendous oversight, compliance, and work, and i think the court has done a

superb job. but we worked hard to do is to bring all these under court supervision for just this reason. we have done the right thing, i think, for our country. >> the second thing i want to get into -- the public are saying, how did this happen? we have rules. we have regulations. we have individuals who work on this, and yet here we have a technical person who had lost a job, who had a background that would not always be considered the best. we have to learn from mistakes, how they occur. what system are you or the director of the national intelligence administration putting in effect now to make sure what happened in this situation -- that if another person were to turn against his or her country, that we would have an alarm system that would not put us in this position right now? >> this is a difficult

question, especially when that person is a system administrator, and they get great access. a system administrator is one that actually helps operate, run, set the conditions and stuff on a system or portion of the network. when one of those persons misuses their authorities, this is a huge problem. working with the director of national intelligence, what we are doing is working to come up with a 2-person rule and oversight for those, and ensure that we have a way of blocking people from taking information out of our system. this is work in progress. we are working with the fbi. we do not have all the facts yet. as we are getting those facts, we are working through our system. the director has asked us to do that and provide that feedback to the rest of the community. >> thank you. i yield back. >> thank you, mr. chairman, and thank you all for being here

and for making some additional information available to the public. i know it is frustrating for you, as it is for us, to have these targeted, narrowly, and not be able to talk about the bigger picture. general alexander, you mentioned you are going to send us tomorrow 50 cases that have been stopped because of these programs, basically. 4 have made public to this point, and i think there are 2 new ones that you are talking about today. but i would invite you to explain to us both of those 2 new cases, it including the operation wi-fi case. one of them starts with a 215. one starts with a 702. i think it is important for you to provide information about how

these programs stopped those terrorist attacks. >> i am going to do for this, because the actual guys who did all the work was the fbi. and they did it exactly right. previously,ioned the nsa -- it was out of kansas city. that was the example i referred to earlier. the nsa, utilizing 702 authority, identified an extremist located in yemen. this extremist was talking with an individual located inside the united states, in kansas city, missouri. that individual was identified. the fbi immediately served legal process to identify him. we went up on electronic surveillance and identified his co-conspirators. this was the plot that was in the initial stages of plotting to bomb the new york stock exchange. we were able to disrupt the

plot. we were able to lure some individuals to the united states and affect there are rest, and they were convicted for the terrorist activity. >> on that plot, it was under the 702, targeted against foreigners. some communication from this person in yemen back to the united states was picked up, and then they turned it over to you, the fbi, to serve legal process on this person in the united states? >> that is correct. on a 702, it has to be a non- u.s. person, outside the united states, and linked to terrorism. >> would you say their intention to blow up the new york stock

exchange was a serious plot? or is this something they kind of dreamed about, talking among their buddies? >> i think the jury considered it serious, as they were all convicted. >> what about the plot in october of 2007, that started, i think, with a 215? >> it was an investigation 9-11 -- after 9/11 that the fbi conducted. we did not find any connection to terrorist activity. several years later, under the business record provision, the nsa provided us a telephone number only in san diego that had indirect contact with an extremist outside the united states. toserved legal process identify who was the subscriber to this telephone number. we identified that individual. we were able to, under further investigation and electronic surveillance we applied specifically for the u.s. person with the fisa court -- we

were able to identify co- conspirators, and we were able to disrupt this terrorist activity. >> repeat for me again what they were plotting to do? >> actually, he was providing the financial support to an overseas terrorist group that was a designated terrorist group by the united states. >> but there was some connection to suicide bombings, correct? >> not in the example that i am citing here. >> i am sorry. the group in somalia which he was financing -- that is what they do in somalia. wax correct. as you know as part of our classified hearings regarding the american presence in that area of the world. >> thank you. >> if i could hit a couple key points. it is over 50 cases. the reason i am not giving a

specific number is, we want the rest of the community to make sure everything we have there is exactly right. if somebody says, not this 1 -- what we are finding out is, there are more. they will say, you missed these three or four. on the top of that packet, we will have a summary of all of these and a listing of those. i believe those numbers are things we can make public. we will try to give you the numbers that apply to europe, as well as the ones that had a nexus in the united states. releasing more on the specific overseas cases, it is our concern that some of those, going into further detail with exactly what we did and how we did it, may prevent us with disrupting a future plot. that is a work in progress. our intent is to get that to the committee tomorrow, both for the senate and house. >> thank you. mr. thompson? >> thank you all for being

here, for your testimony and your service to our country. the foregoing to hearing, has the fisa court ever rejected a case that has been brought before it? >> i believe the answer to that is yes, but i would defer that to the deputy attorney general. >> not often, but it does happen. >> mr. cole, what kinds of records and data collected under the business records provision? >> there are a couple of different kinds. the shorthand required under the statute is the kind of records you could get with a grand jury subpoena. that are business records already exist. it could be a contract. it could be something like that. in this instance, for this program, these are telephone records. it is just like your telephone bill. it will show a date the number

was called, how long the call occurred, a number that called back to you. that is all it is, not even identifying who the people are. >> have you previously collected anything else under that authority? >> under the 215 authority? i am not sure, the long the -- beyond the 215 and the 702 that answers about what has and has not and declassified can be talked about all stop -- about. >> you have said there were cases where there was data inadvertently or mistakenly collected, and subsequently destroyed. >> that is correct. >> and there actually has been data that has been inadvertently collect it, and it was destroyed? nothing else was done with it?

>> that is correct. this is a very strict process. andou dial a phone number collect a wrong number, when that is discovered, that is taking care of in that way. >> who does the checking? who determines if something has been inadvertently collected and decides it needs to be destroyed? >> i will refer to the nsa in the first instance, because they do a robust and vigorous check internally themselves. after the fact, the department of justice, oh dni -- odni, and the inspector general make sure we understand all the uses. compliance problems are identified. court,e given to the given to the congress, and fixed. >> i do not think i need

anything more than that. general alexander, can you tell us what snowden meant during this chat thing he did when he said nsa provides congress with a special immunity to it surveillance? >> i have no idea. >> anybody else? >> i am not sure i understand the context of the special immunity. >> i do not either. >> we treat you with special respect. [laughter] >> he said with a special immunity to it surveillance. >> i have no idea. it may be in terms of disseminating any information not in this program, that in any program we have. if we have to disseminate data to a u.s. member of congress, we are not allowed to say a name, unless it is valuable to one of the investigations. we cannot put out names of stuff. part of the minimization procedure protects you.

>> i would simply say your status as u.s. persons gives gives you a special status, as we have described throughout this hearing. >> if you do figure that out, you will get that information to us? also, the president kind of suggested, i guess, in his television interview the other night, that the new york subway bomber could not have been or would not have been caught without resume. is that true? >> yes, that is accurate. without the 702 tool, we would not have identified him. >> thank you. i have no further questions. i yield back the balance of my time. >> general alexander, which agency actually presents the package to the pfizer court for them to make their decision? >> it is the fbi.

>> the fbi is part of the process. it goes over to the department of justice. thehe formal aspect of statute allows the director of the fbi to make an application to the court. the justice department handles that process. we put all the paperwork together. and it must be signed off on before it goes to the court by the attorney general, myself, or if we have a confirmed assistant attorney general in terms of the national security division, that person is authorized. but it has to be one of the three of us before it goes. singlethe court is a judge? inthe judges sit kind of rotation in the court, presiding over it. these are all article three judges with lifetime appointments. they have districts they deal

with. they are selected by the chief justice to sit on the pfizer court for a. of time -- the fisa court for a period of time. >> i guess the crux of my question -- would there be a way that if you did not get the answer you wanted from a certain judge, could you go to another fisa court judge and ask for another opinion? verythink that would be difficult to do, because the staff does a great deal of the prep work, and they are going to recognize when they have thrown something back. if you have not made changes to correct the deficiencies that cause them to throw it out, i guess is they will throw it back again. >> one of the things a lot of people do not understand, that i think you have also discussed, is the rita had -- the rita had document. a lot of focus has been made on

the fact that, as my colleague mr. thompson said, the court is a rubber stamp, but they do have an opportunity to review the documents prior to rendering a decision. >> they do. it is by no means as a rubber stamp. they push back a lot. these are very thick applications that have a lot in them. and when they see anything that raises an issue, they will push back and say, we need more information about this area, about that legal issue, about your facts in certain areas. this is by no means a rubber stamp. there is an enormous amount of work, and they are the ones to make sure that the privacy and civil liberties interests of united states citizens are honored. they are that bulwark in this process. they have to be satisfied. >> there has been some discussion this morning on the inadvertent violation of a court order, where data has been collected and then destroyed.

has there ever been any disciplinary action taken on somebody who inadvertently violated an order? >> not that i am aware of. i think one of the statistics included in earlier comments was that in the history of this, there has never been found and intentional violation of any of the provisions of a court order, or any of the collection in that regard. so the nature of the kinds of anomalies that have existed were technical errors or typographical errors, things of that nature, as opposed to anything remotely intentional. there would be, in those instances, no reason for discipline. there may be reason to make sure our systems are fixed so that a technical violation or technical error does not exist again, because we have identified it, but nothing intentional. >> an important part of the oversight process at the department of justice and the odni is, when compliance

problems are identified, and the vast majority were self- identified by msa -- we go and look at it and say, are there changes that need to be made in the system so this kind of mistake does not happen again? it is a constantly improving process to prevent mistakes from occurring. >> thank you. yield back. >> thank you, mr. chairman. feelal alexander, do you that this opening -- open hearing today in any way jeopardizes our national security? >> i do not think the hearing itself jeopardizes it. i think the damage was done in the release of the information. today, what we have the opportunity is, to where it makes sense, to provide additional information on the oversight, compliance, and statistics, without jeopardizing it.

we are being careful to do that, and i appreciate what the committee has done on that. >> how many people were in the same position as snowden was as a systems manager, to have access to this information that could be damaging if released? and all our complexes around the world. there is on the order of 1000 system administrators, people who actually run the networks, that have, in certain sections, that level of authority and ability to interface through the system. >> how many of those are outside contractors? >> the majority are contractors. as you may recall, about 12 or 13 years ago, as we tried to downsize our government workforce, we pushed more of our information technology workforce or system administrators to the contract

arena. that is consistent across the intelligence community. >> i would argue that this conversation we are having now could have happened, unlike what you said, and perhaps we disagree also, general alexander that the erosion of trust, the misconceptions and misunderstandings that resulted, and why one would assume that, when there is a thousand -- are there any more than a thousand, do you think? >> we are counting all those positions. accurateet you an number. >> some of this information would not have become public. the effort that has to convince the american public of the necessity of this program i think would suggest that we would have been better off

having a discussion of the oversights, the legal framework, etc., up front, and how this could present -- prevent another 9/11, and in fact 50 or so attacks. let me ask you this, mr. cole. you were talking about transparency, saying essentially that while the verizon phone records order looked bad on its face, there are court documents that talk about the legal rationale of what we are doing. will you release those court opinions with the necessary reductions? if not, why? >> i am going to refer that over, because the classifying authority would be dni. >> we have been working for some time in trying to declassify opinions of the pfizer court. it has been a very difficult task. like most legal opinions, you have facts intermingled with legal discussions, and the facts frequently involve sensitive sources and methods, information. we have been discovering that when you remove all the information that needs to be classified, you are left with

something that looks like swiss cheese and is not very comprehensible. having said that, i think as general alexander said, there information in the public now.n the director of national intelligence declassified certain information about these programs last week. as a result, we are taking another look at these opinions to see whether there is now -- we can make a more comprehensible release of the opinions. the answer to that is, we are looking at that and would like to release into the public domain as much of this as we can without compromising national security. >> i think general alexander. what kinds of records are

collected? >> for nsa, the only records that are collected under business records 215 is this telephone the data. -- telephony data. >> will you collect more? >> this is the only thing we do. this gets into other authorities, but that is not ours. you are asking me now outside of nsa. >> 215 is a general provision that allows the acquisition of business records if it is relevant to a national security investigation. that showing has to be made to the court to allow that subpoena to issue, that there is relevance and a connection. that could be any number of different kinds of records a business might maintain --

customer records, purchase orders, things of that nature. somebody buys materials that they could make an explosive out of, you could go to a company that sells those and get records of the purchase. kings of that nature. e-mails would not be covered by business records in that regard. you would have to, under the electronic communications privacy act, get specific court authorization for e-mails that stored content. if you are going to be looking at them in real time while they are going, you are going to have a separate fisa court order. it would not be covered by the business records. >> i will make sure one clear part on the system administrator. what you get access to is helping to run the network and the web servers on the network that are publicly available. to get to data, like the business records data we are talking about -- that is in an exceptionally controlled area. you would have to have specific certificates to get into that. i am not what -- not aware that snowden had any access to that.

on reasonable suspicion numbers and what we are seeing -- i do not know of any inaccurate numbers that have occurred since 2009. there are rigorous controls we have from a technical perspective. once a number is considered approved, you put that number in and cannot make a mistake, because the system helps correct that. that is a technical control we put in there. >> i yield back. >> thank you, gentlemen. mr. cole and mr. english went through a very extensive array of the oversight and internal controls associated with what is going on. in a business environment, sarbanes-oxley requires that companies go through their entire system to make sure that

not only the details, the trees, work, but that the forest works as well. is there anybody who steps back and says, the goal is to protect privacy and our civil liberties, and we are doing the best we can? is there an internal control audit, so to speak, that looks at the system and says, we have got the waterfront covered? >> there are periodic reviews that i have described that audit everything that is done under both of these programs by both nsa and the department of justice, and the office of the director of national intelligence, and we report to the court and we report to congress. all of that is done looking at the whole program at the same time. >> i understand that the various pieces work well and are designed to create that process, but is there an overall look at everything that is done, to say, we have got it all

covered? and if we do not, where do those suggestions get embedded? have we had suggestions where we have said, we do not need to do that? >> there are at least two levels at which that takes place. by statute, within the office of the director of national intelligence, there is a civil liberties protection officer named alex joel, whose job it is to take exactly that kind of look at our programs, and make suggestions for the protection of civil liberties. outside of the intelligence community -- >> and that person would have the requisite clearances? >> he is part of this audit process, his office. intelligencee community, the president's civil liberties oversight board, which has five confirmed members, is also charged with looking at the impact of our programs on privacy and civil liberties. they also have full variances. they have the ability to get

full visibility to the program. onave recently been briefed these programs and are looking to make this kind of assessment. >> is that report public? it is the president's board. i suspect that since they are making a classified report, it would not be public. if it is unclassified, it is up to them. >> you mentioned minimization and a rolling five year window of destruction on the business records. you used the word purge, get rid of, destroy. whatou help us understand that means? when i shredded piece piece of paper, that is one thing, but given the number of times you backup data -- can a citizen is an -- citizen figure that we have deleted all of these things we are supposed to delete? >> i believe they can. we have a fairly comprehensive system at the nsa. whenever we collect anything, under this authority or some other, we bind to that

communication how we got it, where we got it, what authority we got it under, so we know whether we can retain it. if it is fisa data we talked about, after the expiration of five years, it is automatically taken out of the system, literally deleted from the system. mechanically overwritten, and backup copies are done away with? >> yes, sir. it gets fairly complicated very quickly, will we have systems of record our architecture, and if the data aliment has the right to exist, it is attributable to one of those. if it does not have the right to exist, you cannot find it in there, and we have specific lists that determine what the provenance of data is, how long that data can be retained. we have purge lists, if we were

required to purge something. that item would show up explicitly on that list, and we regularly run that against our data sets to make sure we have double checked that things that should be purged have been purged. >> any indication that the fisa court has the resources necessary to run its oversight piece? >> obviously, the courts are suffering under sequestration like everybody else, so i do not know what is going to hit them as we go forward. >> gentlemen, i want to thank you all for your testimony here today, and for your service to our country. as a member of the committee, i have been briefed on the program, and i know the extent of digital agents -- due diligence you have gone through to make sure this is done right. i think it is important this discussion is being had this morning, and hopefully it will

give greater confidence to the american people that all the agencies involved have dotted their eyes and cross their tees. it is helpful that we had a discussion about the fisa court today, and how detailed the requests have to be before they get approval. i think it is made clear that these are not just one page documents presented to a fisa judge and rubberstamped. it goes through excessive due diligence, before it even gets to the point the judge sees it. obviously, if all criteria have been met, it gets approved. if the criteria have not been met, it will be rejected. i will not belabor that point. that has been a fruitful discussion. but can you talk further about the role of the ig, and go into that process a little more,

been met, it gets approved. so that the amount of report the ig does once a query has been made, in terms of the range of queries that have been made -- i think that would be important to clarify. >> i will start with that and then defer to the odni and deputy attorney general for some follow-up will stop any analyst who wants to perform a query, this authority or any other, essentially has a two- person control. they would determine whether this query should be applied, and there is somebody who applies oversight will stop under the metadata records captured by the program, there is a very special court-defined process by which that is done. those are all subject to the ig, the inspector general, review on a general basis, such that we can look at the procedures as defined, the procedures as executed, reconcile the two, and make sure that is done exactly right. there are periodic reports the ig has to produce, and they are faithfully reported. i think the real checks and balances have been between nsa, the department of justice, the director of national

intelligence. the department of defense enters that as well. they have intelligence oversight mechanisms. between those components, rigorous oversight varies in what they look for. the fisa is a particularly rigorous authority, but they all have checks and balances that transcend nsa. if i can add to that, i refer you to a recent review by the doj inspector general on the 702 program that was highly complementary of the checks and balances that were in place. >> let me turn my attention now to programs that primarily target non-u.s. persons. this is probably a question for mr. joyce.

you have said that if a ig u.s. person overseas, or a non-u.s. person living in the united states -- if we become aware that they may be involved in terrorist activity, they are served process. could you go into detail about how that happens, and how a court is involved if we become aware a u.s. person is involved? >> i think either maybe i misspoke or you misspoke. we are not looking at all at u.s. persons. the 702 is anyone outside the united states. even a u.s. person outside the united states is not included in the coverage. it is a non-u.s. person outside the united states, and three different criteria go through. one of those links is terrorism. specifically, only certain individuals are targeted. those linked to terrorism.

on numerous occasions, as i have outlined in some examples, individuals outside of the united states were discovered communicating with someone inside the united states. that is being tipped from the nsa. we then go through the legal process here, the fbi does, regarding that u.s. person. we have to serve what is called a national security letter, much like a subpoena. if we want to pursue electronic surveillance, we have to make a specific application regarding that person with the fisa court here. >> thank you very much. i yield back. >> just to follow on and to clarify, because i want to make sure everything we say is exactly right -- as sean said, the nsa may not target phone calls or e-mails of any u.s. person anywhere in the world without individualized court

orders. >> thank you. >> that is unimportant point we cannot make enough. >> thank you, mr. chairman. general -- general alexander and steam, thank you for helping closedrstand in so many sessions, and hopefully helping the nation understand, what we are doing, why we are doing it, and how we are doing it. i want to focus more on 702, if we could. general alexander, could you explain what happens if a target of surveillance is communicating with a u.s. person in the united states? >> under 702, i think the best case is someone that sean joyce made.

if we are tracking a known terrorist in another country -- pakistan, yemen, or someplace -- and we see them communicating with someone in the united states, focused on doing something in the united states, we tipped that to the fbi. our job is to identify that, see the nexus of it. it could be in another country. sometimes, we would see somebody in one of those countries planning something in europe or elsewhere. we would share that. when it comes into the united states, our job and this -- our job ends. we are outside, and we provide it to the inside fbi, and they go from there. they will get the process for getting additional information to see if this is a lead worth following. >> what does the government have to do if it wants to target when. person under fisa, they are located abroad, when

they are not here? what would be the process for the government? fullat would be the package, going to the fisa court, identifying that person, identifying the probable cause to believe that person is involved in terrorism or foreign intelligence activities, and indicating that we have the request to the court to allow theirintercept communications, because we have made the showing that they are involved in terrorist or foreign intelligence activities. we have to make a formal application, targeting that person specifically, what are they are inside or outside the united states. >> if i might add, that could not be done under 702. there is a separate section of

the foreign intelligence surveillance attack that would allow that, that it would not be doable under 702. >> what if you want to monitor the within the united states? >> again, a different provision of pfizer, but we would have to show that person is, was probable cause, involved in foreign terrorist activities or foreign intelligence activities on behalf of a foreign power. we have to lay out to the court all those facts, to get court permission to target that person. >> i want to reemphasize that. you have to specifically go to the pfizer court and make your case as to why this information is necessary to be accessed? >> that is correct. >> and without that, you have no authority and cannot do it and do not do it? >> that is correct. >> thank you. i yield back, mr. chairman. >> thank you very much, mr. schiff. andhank you, mr. chairman, thank you gentlemen for your work. on the business records program, the general pfizer court order allows you to get from theata

communications providers. reasonablethere are facts, you can go and see if one of the numbers has a match in the metadata. on those 300 or so occasions when you do that, does that require separate court approval, or does the general pfizer court order allowing you, when your analysts have the facts, to make that query? in other words, every time you make the query, does that have to be approved by the court? >> we do not have to get separate court appearance for each query. the court sets out the standard that must be met in order to

make the query in its order, and that is in the primary order. that is what we ought it in a very robust way, in number of different facets through the executive branch, and give it to the court and give it to the congress. we are given the 90 days with these parameters and restrictions to access it. we do not go back to the court each time. >> and does the court scrutinize, after you present back to the court, these are the occasions where we found these facts? do they scrutinize your basis for conducting those queries? >> yes, they do. >> general alexander, i raised this in closed session, but would like to raise it publicly as well. what are the prospects for changing the program, such that rather than the government acquiring the vast amounts of metadata, the telecommunications companies retain the metadata, and only on the 300 or so occasions where it needs to be queried, you are

querying the telecommunications whether it they have those business records related to a reasonable, articulate double -- articulable connection to a foreign intelligence agency? there looking at architectural framework of how we do this program, and the advantages and disadvantages of doing each one. each case, if you leave it at the service providers, you have a separate set of issues in terms of how you get the information and how you go back and follow it on. and the legal authority for them to compel them to keep these records for a certain time. what we are doing is, we are going to look at that, come back to the director of national intelligence, the administration, and you all, and give you recommendations for both the house and the senate. i do think that is something we

have agreed to look at and will do, but it will take some time. we want to do it right. i think, just to set expectations, the concern is speed in crisis. how do we do this? that is what we need to bring back to you, and have this discussion here, and let people know where we are on it. >> i would strongly encourage us to investigate that potential restructuring, even though there may be attendant inefficiencies with it. i think the american people may be much more comfortable with the telecommunications companies retaining those business records, that metadata, even though the government does not query it except on very rare occasions. >> it may be something like that that we bring back and look at. we are going to look at that. we have already committed to doing that, and we will do that and go through all the details of that. >> this week, i am going to be introducing the house companion to the bipartisan markley bill that would require disclosure certain fisa court opinions,

a form that does not impair our national security. i recognize the difficulty that you described earlier in making sure those opinions are generated in a way that does not compromise the programs. you mentioned that you are doing a review, and i know one has been going on for some time, in light of how much of the programs have now been declassified. how soon do you think you will be able to get back to us about when you can declassify some court opinions? >> i am hesitant to answer any question that begins how soon, partly because there are a lot of agencies with equities in this. there is a lot else going on in this area. my time has not been quite as free to address this topic as i would like to over the last

week and a half. i can tell you that i have asked my staff to work with the other agencies involved to try to track this along as quickly as possible. we are trying to identify opinions where we think there is the greatest public interest in having them declassified. we would like to push the process through as quickly as possible at this point. >> i am encouraged that, beyond the two programs at issue here, to the degree you can declassify other fisa court opinions, i think it is in the public interest. >> that is part of what we are doing. >> i wanted to correct a little bit one of the things i said. this does not review every reasonable articulable suspicion determination. they are given reports every 30 days in the aggregate, and if there are compliance issues, and we find that was not complied properly, that is reported separately to the court. >> is there a follow-up? >> thank you. i want to make sure i understood what you just said. a prior court approval is not necessary for a specific query,

but when you report back to the court about how the order has been implemented, you do set out those cases where you found reasonable articulable facts and made a query. do you set those out with specificity, or do you just say, on 15 occasions, we made a query? >> it is more the latter, the aggregate number where we have made a query. if there are problems that have been discovered, we report with specificity those problems. >> it might be worth providing the basis of the reasonable facts, and having the court review those as a further check and balance. >> my understanding is that every access is already preapproved. the way you get into the system is court approved. >> that is correct. the court sets out the standards which have to be

allow us to make the query in the first place. the implementation of that standard is reviewed by nsa internally at several levels before the actual implementation is done. it is reviewed by the department of justice. it is reviewed by the office of the director of national intelligence. inspectorewed by the general for the national security agency. there are numerous levels of review of the application of this. if there are any problems with those reviews, those are then reported to the court. >> if they do not follow the court-approved process, that would be a variation that would have to be reported to the court? >> that is correct. >> but you are meeting the court-approved process with every query? >> that is correct. >> every one of those queries is audited. those are all reviewed by the department of justice. those are the reviews we spoke about at 30 and 90 days. there is a very specific focus

on those we believe are attributable to u.s. persons, despite the fact that we do not know the identities of those persons. the court gets all of those reports. >> all of those internal checks are valuable, but they are still internal checks, and it might be worthwhile having the court at least after-the-fact review those determinations. tank you, mr. chairman. >> thank you, mr. chairman. what has happened here is that the totality of many problems within the executive branch has now tarnished the fine folks at the nsa and the cia. i made a short list here. right after benghazi, there were lies. fast and periods, missing documents, dead americans, and dead mexican citizens. you at least have to into or got phone records from ap reporters, fox news reporters, including from the house gallery within this building. last week, as you know, ag oh is being accused by the judiciary committee a possibly lying to the committee.

-- ag holder is being accused by the judiciary committee of possibly lying. and on friday, they tried to release documents to make this go away, the release of personal data from u.s. citizens from the irs. now, i understand when my constituents ask me, if the irs is leaking personal data -- general alexander, this question is for you. how do i know for sure that the nsa and people trying to protect this country are not leaking data? mr. rogers asked the question about -- how do we know that someone from the white house cannot turn a switch and begin to listen to their phone conversations?

general, i think if you could clarify the difference in what the people that are trying to protect this country are doing, and what they go through, the rigorous standards, i think it would help fix this mess for the american people. >> thank you, congressman. i think the key facts are -- when we disseminate data, everything we disseminate, and all the queries made into the database, are 100% auditable. they are audited by not only the analyst doing the job, but the overseers that look and see, did he do that right, or did she do that right? in every case we have seen so far, we have not seen one of our analysts will fully do something wrong, like you just said. that is where disciplinary action would come in. what i have to underwrite is when somebody makes an honest mistake. these are good people. if they transpose 2 letters in typing something in, that is an honest mistake. we go back and say, how can we

fix it? aretechnical controls we adding in help fix that. it is our intent to do this exactly right. in that, one of the things we have is tremendous training programs for our people that they go through, how to protect u.s. data, how to interface with the business records of fisa. the records under 702. everyone, including myself, at nsa, has to go through that training to ensure we do that right, and we take that very seriously. i believe we are the best in the world in terms of protecting privacy. another thing that is sometimes confused here is that, then they are getting everybody else in the world? but our approach is foreign intelligence. it is the same thing in europe. we are not interested in -- for one, we do not have the time. and ours is to protect our country and our allies.

i think we do that better than anybody else. anything you want to add to that? >> i think that is exactly right. people at the nsa take an oath to the constitution, not to some particular mission, but to the entirety of the constitution. it covers national security and the protection of civil liberties. there is no distinction for us. they are all important. >> i want to switch gears, and perhaps this is a good question for mr. joyce. i find it really odd that right before the chinese president comes to this country, all these leaks happen and this guy has fled to hong kong, snowden. i am concerned with the information you presented last week, that this is going to be the largest lake in american history, and there is probably more to come out. seriousnessain the

of this leak? said said earlier that it damaged national security. can you go into a few of the specifics? >> no. really, i can comment very little. it is an ongoing criminal investigation. as we have all seen, these are egregious leaks. it has affected -- we are revealing, in front of you today, methods and techniques. i have told you the examples i gave you, how important they have been. the first core al qaeda plot to attack the united states post- 9/11, we used one of these programs. a plot to bomb the new york stock exchange -- we used one of these programs. here we are now, talking about this in front of the world. i think these leaks affect us. >> it also affects our partnership with our allies. and with industry. industry is trying to do the right thing, and they are compelled by the courts to do

it, and we use this to also protect our allies and interests abroad. i think the way it has come out and the way it looks is that we are willfully doing something wrong, when in fact we are using the courts, congress, and the administration to make sure everything we do is exactly right. as chris noted, we all take an oath to do that, and we take that oath seriously. >> just in closing, we know from the report that came out that other governments are busy doing this and expanding their cyber warfare techniques. so, think fee-for-service. i yield back. fact that dispute the other governments do it in any way, shape, or form close to

having anything close to their intelligence gathering programs. >> thank you, mr. chairman. i also want to thank all of our witnesses today for your services to the country and helping to maintain our national security. theuld like to talk about national security practices, you spent about time explaining to the american people of various levels of complexity in which you have judicial oversight and congressional oversight. how does this happen? ofs relatively low level mr., this systems administrator, i think you said, have classified information. is it an acceptable risk? i get that you have 1000 or so system administrators. it is extremely frightening that you would go through such measures to do the balancing act

internally. internally by our own control there are system administrators that can go road. -- is it an acceptable risk? is there oversight for the minister raiders? >> there is oversight, we are looking at where that broke down. that will be part of the investigation. toi would just come back 9/11. going from the need to know to the need to share. in this case what they have adapted to is what they would that thepublic forums nsa operates. nor does it necessarily given me insight that the training or

other issues or certification processes that our folks go through to do this. requiree programs that other certificates to get into. you may recall the intelligence community looking into an information technology environment that reduces the number of administrators. if we could jump to that immediately, that would give us a much more secure environment. the dni ishing that leading across the community and that is vital to get to. there are mechanisms that we can use their. did not clear, snowden necessarily have the certificates available to lead that public forum. >> each piece of data that we

would have, let's say business records in this case, you would need specific things where it would beasts -- extremely difficult. requireould certificates for you to work in this area to have that. you would have to get one of those certificates to enter the area. does that make sense? in other words, key. >> i would encourage us to figure out a way to declassify more information. thank you for giving us additional examples of terrorist attacks that we have thwarted because of these programs, but i think that providing us with as much information as you can with court opinions and how that would help the american public demystify what we're doing here, i think that the additional examples you gave today were

great. we i am also concerned that have contractors doing -- i get that we cannot -- that there was a move at some point to not have as many government employees, so we sort of out sourced it, but given the sensitivity of the information and the access for relatively low-level employees, do you see that as being a problem? how do we go about -- >> we do have specific concerns in this area and it is something that we need to look at. the mistakes of one contractor should not turn us all off to contractors, they do great work for the nation as well. we have to be careful not to throw everyone under the bus because of one person. but you do raise two great point of view will look at. i have spoken to our technology director about two person

control. changes will be implemented. i think that in terms of what we released to the public, i am for releasing as much as we can, but national security, that is what to expect. to join thee i need debate on this side. we minimizeke how data and run this program, those kinds of things i think we can -- that is why chris went through those great details. those are things that the american people should know. what they find out is -- shoot, look at the oversight, compliance, and training our people are going through. this is huge. this is not some rogue operation being run by the guys at nsa, this has oversight from the committee, the courts, the administration, with a 100%

audit of both process. uditable -- all th process. that is what we agreed to do and it is tremendous. >> i agree and a flawed, but given the nature of the sleek, you know, we do not want our efforts to be for naught if in fact what happens is the leaks get the american people so that we roll back on these programs and, therefore, increase our vulnerability as a nation. that is not in anyone's interest. going back to the difference between private contractors and government employees, is there a difference in the level of security clearance? >> same processes. >> thank you, i yield back the

rest of my time. >> thank you, mr. chairman. mentionedas mr. nunez about the things mentioned about leaks and so forth, my constituents ask me the difference, and maybe what the attorney general did, by going to the courts on the rosen case, saying that he was an unindicted co-conspirator, that was actually about a leak also. process or internal review did you all go through before you ask for those phones to be taxed? and to make it perfectly clear that that was not a fisa court? >> number one, that was not a fisa court and there were no

phones being capped, it was just to acquire a couple of e-mails. robust systemy set out in the department of regulations at the time of scrubbing review that must be done before a subpoena like that can be issued. you must make sure that you have exhausted all the reasonable avenues of investigation. that is done before you even get to the decision about whether or not a process should be used. you have to make sure that the information that you are looking at is very tailored and necessary, truly necessary to be able to move the investigation forward in a significant way. there are restrictions on what can be done with the information and it goes through a very long process of review from the u.s. attorney's office through the

united states attorney's office into usually the criminal division of the justice department if you are the assistant attorney general of the criminal division through the deputy attorney general's office and ultimately to the attorney general signing it it gets a lot of review before that is done under the criteria in the guidelines. >> so, the department of justice leakot allow in a security and contact the fbi and the nsa and there was no connection with that and the department of justice criminal investigation? >> the fbi does criminal investigations with the department of justice but it was not part of the fisa process. >> i think that that is what we need to be clear on. that it was absolutely not a part of that fisa process and that that is a lot more detailed and scrutinized as far as

getting information about what this was, correct? >> they are both very detailed and scrutinized processes. they have different aspects to them. they are both unusually, frankly, detailed and scrutinize. >> thank you. general, going back to what had been asked about the difference by and clearance with a contractor or with a government employee, when you have 1000 different contractors -- i mean, i know from my experience on having one of my staff go through a security clearance, it is a fairly detailed operation. i know that this gentleman had previously worked for the cia. was any further clearance given to this individual when he became a contractor after he

left the employ of the cia? >> no additional clearance. he had what was needed to work at one of our facilities of top- secret special intelligence. that goes through a series of processes and reviews. the director of national intelligence looks at those processes to make sure that those are correct. we do support that objective. to work at the nsa, contract, government, civilian, you have to have that level of clearance. >> does it bother you that this gentleman had only been there for a short period of time? is there any other oversight or review of the individuals carrying out this work? or kind of other time anything? it seems that he was only there for a short period of time.

>> he had just moved into the booz allen position in march. an he had worked in information technology position for the months preceding that. so, he had been there for 15 months and had moved from one contract to another. >> would he have been familiar with these programs from his previous job? >> i believe so. going out into what we would call the public the classified wed series that helps you to understand parts of the nsa to gain some information, he took some of that. i cannot go into more detail. >> the one point here when you say -- would he have become familiar with these programs and that that is part of the problem we're having these days, he is not as familiar as he portrayed himself to be, someone who sees a tiny corner of something things that they get insight

into the entire program. >> thank you, i yield back. >> thank you, mr. chairman. i would also like to thank the panel for appearing here today. i have told each of you that in my limited time in this committee i have been heartened by the competence of the agencies within which to work. i have seen nothing in the last we and a half that suggests that these programs being discussed are operating outside of the law. i would say that the controls in place seems solid. i would also say that i do not know if there is any way that there can be oversight without a posture of skepticism on the side of the overseers. i hope to take lacerations in that spirit. i would like to limit them purely to 315. the trouble me

because of the breadth and scope of the information collection. this is historically unprecedented in the extent of the data that is being collected on potentially all american citizens and the controls that you laid out for us not withstanding, we know that when a capability exists there is a potential for abuse. we ran through current issues going back to j. edgar hoover, martin luther king jr., nixon, concerns around the irs, from time to time it will be abused. it would seem, unlikely he would get an unpaid internships in my office. he had access to some of our most sensitive information. perhaps someone like him could have chosen a different path. but we spent a lot of time on

the fact that you do not get names -- with a phone number and google you could get a name pretty quickly. he could have chosen a point of making -- showing someone making 2:00 a.m. phone calls of washington. any information that we hold to be private. two questions. where do we draw the line? so long as the information is not information to which i have a reasonable expectation of privacy under section 215 powers, where do we draw the line? if i walk around washington i suppose you could probably reconstruct my day with video captured on third-party cameras. would you keep that in a way that is analogous to what you are doing with phone numbers? could you not reconstruct my day because i do not have a

reasonable expectation of privacy around? i am trying to identify where the line is. quacks i think that the real issue here is how it is accessed. how it can be used. >> i am stipulating that that system, as we know it is not perfect, that that system is perfect. i am asking what the limit is to what you can keep in the tank. >> i think that some of it is a matter for the united states congress to decide surrounding where you may draw those lines. certainly the courts have looked at this and determined that under the statutes that we have there is irrelevance requirement and they are not just saying that out of whole cloth you are allowed to get these things, you have to look at it altogether. they are saying that you have to gather this volume under these circumstances and restrictions

with these controls. without those circumstances and controls and restrictions the court may well have not approved the orders under 215 to allow that question to take place. you cannot separate them from the other. saying just the acquisition, what can we do? >> it those restrictions and controls are adequate there is theoretically no restriction on your ability to store information on anything right do not have a reasonable expectation of privacy. >> i will refer back to the nsa. >> i do have a much more specific question. >> i will ask for more time. i think what you have asked is very important. your question is can someone go get your phone number to see if you were at a bar last night and the answer is no because the first in our system someone would have had to approve and

there are only 22 people who can approve reasonable suspicion on the phone number. first that has to get input. only those the can be proved get queried. you have to have one of those 22 break a law. then you have to have someone go in and break a law. the system is 100% audit of all, they cannot be caught. so, on that system whoever did that would have broken the law. that would have been willful and that person would have been found in court to be in violation of a court order. >> thank you, i appreciate that. i think it is important that we explore these bright lines about which can and cannot keep. one last quick question for the chairman. something that i ask you in closed session, we are

obviously weighing security against privacy, and i think it is important that we understand exactly the national security benefits. episodes, i do not think it is adequate to say that 702 and two under 15 authorities 50tributed to our preventing episodes. i think it is essential that you graze the importance of the contribution. get intoeally like to this. how many of those episodes would have occurred but for your ability to use section to under 15 authorities as in the verizon situation? how essential are these authorities to stopping these terrorist attacks? over 50ng for clarity, and i and 90% of those cases, 50% contributed and were

critical. >> 7 of 2? >> shifting, i will do the jet here, not sure which i am, it was just over 10 that was domestic. >> 10 of the 50 were section two? >> how many were critical? >> did i get it wrong? >> you did. >> slightly over 10. i do not want to pin that until the community verify is it. just over 10 hit the domestic nexus. business records to only apply to those. the ones in other countries in could not apply to. that, the vastat majority of those have a contribution. we have to be careful that you do not try to take the whole world and say the only did those in the united states and a large

majority of that. i do think that going back to 9/11 we did not have the ability to connect the dots. this adds one more capability to help us do that. are my perspective what we doing in bringing these together helps to connect those dots. >> i am out of time but at this point i think it is important that if my constituents are more representative of the broader american public they are more concerned with gathering american data than foreign data. i hope you go through for us case by case how many stopped terrorist attacks were those essential to? >> i would add to the general's comments, you are asking an almost impossible question to say -- how important was each one?

not recognizedo the fbi that we came into 25 years ago. our mission is to prevent terrorist attacks before they happen in the united states. every tool is essential and vital. tools outlined today have been vital in stopping some of those plots. you ask how we can put a value on an american life? i tell you that it is priceless. >> thank you, mr. chairman. >> thank you, mr. chairman, for holding this important hearing today. my first question is that earlier you mentioned bad data must be destroyed after five years of acquisition. that is true? >> it is destroyed when it reaches five years of age. >> how long to the phone companies maintain the data on their own? >> that varies.

they do not hold it for the benefit of the government, they hold it for their own processes. i think it ranges from six months to eight months. it is useful for their purposes, not the government's. >> do these orders give the united states companies a choice in whether to participate in the prison program or business records? was this voluntary compliance on the part of these companies? >> no, these are court orders that require compliance. >> for the record, let me stay -- is the nsa spying today or have used by the american citizens? >> we do not target u.s. persons anywhere in the world without a specific court warrant. >> that the nsa listen to the phone calls of american citizens?

>> we do not target or listen to the telephone calls of u.s. participants without a specific order. >> do they read the e-mails of american system -- american citizens? >> an answer. >> text messages? >> again, we do not target any specific communications without a warrant anywhere on any political enemies of the administration, whether it is a republican administration or democrat administration? you said you are 100% auditable, so you would know the answer to this question. have you ever tracked the political enemies of an administration? >> in my time at the n.s.a., no ma'am. >> does the government keep the data? does the government have a data base with video data tracking the movements of the american people? >> no, ma'am.

>> i am sorry. the microphone is not on. >> n.s.a. does not hold such data. >> i think those are held by individuals in boston. >> does the federal government have a video data base tracking the where abouts of the american people? >> the f.b.i. does not have such a data base, nor am i aware of one. >> does the american government have a data base that has the g.p.s. location where abouts of americans, whether by our cell phones or other tracking device? is there a known data base? >> n.s.a. does not hold such a data base. >> does the n.s.a. have a data base that you maintain that holds the con tent of american phone calls? do you have recordings of all of our calls?

so if we're making phone calls is there a national data base that has the content of our calls? >> we're not allowed to do that, nor do we do that unless we have a court order to do that. and it would be only in specific cases, and almost always that would be an f.b.i. leak, not ours. >> do we maintain a data base of all e-mails that have ever been sent by the american people? >> no. no, we do not. >> is there a data base that maintains the text messages of all americans? >> none that i know of, and none at n.s.a. >> and i think what you have told this committee today is that the problem is not with the n.s.a., that it's trying to keep the american people safe. you told us you have a 100% auditable system with oversight from its n.s.a. and congress, it seems to me that a person that worked within the system, that broke laws, and who chose to declassify highly sensitive classified information, it seems to me that's where our focus should be on how there could be a betrayal of trust, and how a

traitor could do something like this to the american people. it seems to me that's where our focus must be in how we can prevent something like that from ever happening again. let me ask you a question. how damaging is this to the security of the american people that this trust was violated? >> i think it was significant and irreversible damage to this nation. >> has it helped our enemies? >> i believe it has, and i believe it will hurt us and our allies. >> i yield back, mr. chairman. >> thank you, mr. chairman. i want to thank the panel. one of the things about being so low on the totem pole here is, all the questions i would like to ask have been asked. i am fortunate in that a lot of the questions were very poignant.

i hope the american people and those in the room have learned a lot about what happened here and learned a lot about the people on the panel. i can specifically say, general alexander, in my time on the intelligence committee, i have more respect for you. i am glad you are the one up there testifying to the -- testifying, so that the american people can see despite what is being portrayed that there is no one is better to articulate what is happening. and i will ask a couple basic questions that might help clear some things up. mr. cole you talked about how

the patriot act, maryland v. smith, et cetera and then we heard how to look at the data under 215 there has to be smesk -- specific suspicion that is presented to a court, and that court is not a rubber stamp in allowing us to basically look at data which is strictly phone records. one of the problems i think people have out there is that when it is so specific and only a number of people are able to articulate who we should be looking at, and you hear this number of "millions" from verizon, can you help clear that up?

>> certainly. as we said, we don't give the reasonable suspicion to the court ahead of time. they set out the standards for us to use. but the analogy, and i have heard it used several times, if you are looking for a needle in the haystack, you have to get the haystack first. that's why we have the ability under court order to acquire all of that data. we don't get to use all of that data necessarily. that is the next step. which you have to be able to determine that there is reasonable, articulable suspicion to actually use that data. so if we want to find there's a phone number we believe is connected with terrorist organizations and terrorist activity, we need to have the rest of the haystack, all the other numbers, to find out which one it was in contact with. and as you heard mr. enqvist say, it is difficult toll do this

because we do have standards that have to be met before we can make use of that data. so while it is collected, it is used sparingly. >> did you or anyone you know break the law to obtain this data? >> i am aware of no one who has broken the law in obtaining this data. there are other issues with the leaks that have gone on here. >> based on everything we have heard today, do you see any problems with 702 or 215 that you think should be changed by this body? >> not right now. but this is something we agreed we would look at, especially the structure of how we would do that. we are looking at all of the key points. what we have to bring back to you is the agility. how we do it in the oversight. are there other ways we can do this? but at the end of the day, we need these tools, and we have to figure out the right way, from

my perspectiving -- perspective, this court and the body do oversight. i think the american people would agree, that what we are doing is the right way. so those are the steps that we will go back and look at the architecture. that is a commitment that n.s.a. has made to this administration and this committee. >> final question, what's next for mr. snowden that we can expect? >> justice. >> i yield back, mr. chairman, thank you. >> thank you, mr. chairman. thank you all for being here today. this has been a great hearing. i think the american people are happy to have a chance to hear from you and believe you or a man who told american secrets and fled to communist china. but for the soldiers fighting overseas and others, do you think these programs are just as in

need today as they were in the aftermath of 911? >> i do. and i would add that i think the environment has become more challenging. i think the more tools you have to be able to fight terrorism, the more we are going to be able to protect the american people. >> thank you. >> we're talking a lot about the statchtri -- statutory ability of 215 and 702. we have plain old article 3 judges in the sense of lifetime tenure, nominated by the president, confirmed by the

united states senate. they have the same power and authority as all article 3 judges do. is that correct? >> yes, that's correct. >> we have article 2 here before us today and we have article 1 oversight taking place today. i want to talk about article 1's involvement. there have been members that talkled about the fact that they didn't know about these programs p general alexander or maybe mr. english, can you talk about the briefings you provided for members of congress both recently and when this set of laws were developed? >> 702 has recently reauthorized at the end of 2012 in the run-up of that n.s.a. companionship with the department of justice, f.b.i., d.n.i. made a series of presentations across the hill some number of times and talked in very specific details about the controls on those programs and the success of those programs. the reauthorization of section 215 of the patriot act came after that, but there was a set of briefings along those lines.

at the same time we continue to welcome all congress persons or senators to come down and we can come to you and classify all briefs. some members have taken us up on that offer. >> that's right. any time any place we can talk, we will do that. >> i have been on the committee only a short time. i learned about these programs a short time, so i know members outside of the committee had access to these programs, and i think it is important. as committee oversight members, i think it is important, but i think it is important for all members of congress to appreciate the scope of this. i appreciate that you have offered that assistance to all of us. a couple clean-up details. i want to make sure i have this right. general alexander, from the data collected, can you determine the location of a person who made a particular phone call? >> not beyond the area code.

>> do you have information about signal strength or tower direction? i have seen articles that talk about you having this information. i want to see if we have that right. >> we don't have that in the data base. >> you made a reference to 702. you talked about it being a restriction on article 32, not an expansion. that is article 702. that is, people believed they had authority long before it was granted. is it true you view 702 as a restriction, article 2? >> yes. >> great. thank you, mr. chairman. i reeled yield back. >> thank you, mr. chairman. i want to first of all thank all the witnesses for their testimony, for their service, and for all you have done to strengthen and maintain this program. my question, general alexander, is several times in your testimony, you referenced 911

and how -- i recall september 11 there was a loud challenge to the intelligence community to do a better job of connecting the dots, be more aggressive, be more forward thinking, try to anticipate what's going to happen, think outside the box. as i see it, this is a very legitimate and lem response to that request. i would ask that you reference the case after september 11, when there was a phone interception from yemen which enabled you to foil the new york stock exchange plot. it is also my understanding that there were phone messages from yemen that you did not have the option to follow through on that could have perhaps prevented the 9/11 attack. can you explain low that could have been prevented if you

believe it could have been prevented. >> i don't know if it could have been prevented. what i can tell you is it is a tool that was not available to us prior to 9/11. so when there was a call made to a terrorist in san diego, we did not have the capability to track that call. now, things may have been different, and we will never know that unfortunately. that is -- the tools that we are talking about today that we did not have at the time of 9/11. moflinge forward, as you mentioned, about the stock exchange. here we have a similar thing, except this was under the 702 program where n.s.a. tipped to us that a known extremist in yemen was conversing with an individual inside the united states we later identified as khalid huajani. then we were able to go up with our legal authority here in the united states and in kansas city we were able to identify two additional co-conspiritors.

we found they were in the initial stages of planning to bomb the new york stock exchange. to really summarize, as i mentioned before, all of these tools are important. as congressman shiff mentioned, we should have this dialogue. we should all be thinking outside the box of how to do our business. i sit before you today humbly and say that these tools have helped us. >> if i could, i think in the midar case, that was the terrorist from the 9/11 plot in california that was on the flight that crashed into the pentagon. what we don't know, going back in time, is the phone call between yemen and midar, if we would have had reasonable suspicions to enter.

so we would have to look at that. assuming that we did, if we had the data base that we have now and we searched on that yemen number and saw it was talking to someone in california, we could have tipped that to the f.b.i. another step, and this is an assumption, but let me play this out, because we will never be able to go back and redo all the figures from 9/11, but this is why some of these figures were put in in order to do that, going from midar, we would have been able to find the other three teams in the united states and/or one in germany. so the ability to use the metta data would have allowed us, we believe, to see something. so it is hypothetical. there are a lot of conditions that we can put on there. you would have to this have this right, but we didn't have that ability. we couldn't kekt connect the dots, because we didn't have the dots.

so i think what we have here is one more additional capability to help us work together as a team to help us prevent are future attacks. you look at this, the new york city and others, i think from my perspective, those would have been zant significant events for our nation. so i think what we have jointly done with congress is help set this program up correctly. >> in your opening statement you said you would rather be testifying here today on this issue rather than explaining why another 9/11 happened. so thank you for your service, and for preventing another 9/11 from happening. i want to thank all you have

done to presprent attacks. mr. chairman, i yield back. >> just a couple things to wrap it up. mr. joyce, you have been in the f.b.i. for 20 years. you have conducted criminal investigations as well. sometimes you get a simple tip that leads to a broader investigation. is that correct? >> that is correct. >> so without that initial tip, you might not have found the other weighty evidence scent to that tip? >> absolutely. >> so in a case of mulola, in 2007, the very fact that under the 215 records there was a simple tip that was, we have someone who is known to have ties with al-qaeda's east african network calling a phone number in san diego. that's really all you got was a phone number in san diego. is that correct? >> that is correct. >> and according to the unclassified report, that tip ultimately led to a full investigation that led to the february 13 conviction. is that correct? >> yes. >> so without that first tip -- you weren't up on his electronics communications, he was not the subject of any investigation prior to that tip from the national security

agency? >> no, actually he was the subject to our prior investigation seven years earlier. that was closed because we could not find any connection to terrorism. then, if we did not have the tip from n.s.a., we would not have been able to reopen the case. >> but at the time you were not investigating the case? >> that is right. >> and when they dip that number into the business records, the preserved business records from the court order, they dip a phone number in and a phone number came out in san diego, did you know who that person was when they gave you that phone number? >> no, we did not. we had to serve legal process to identify this person and corroborate it. then we later had electronic surveillance. >> when you went up on electronic surveillance, you used a court order, a warrant, a subpoena? >> that is correct. >> what did you use? >> a fisa court order.

>> so you had to prove probable cause to go up on this individual's phone number. that is right? >> that's right. and it has been mentioned several times today, anyone inside the united states, whether they are inside or outside the united states, we need a specific court order regarding that person. >> mr. cole, just for purposes of explanation, if you were going to have an -- an f.b.i. agent came to you for an order to preserve business records, do they need a court order or a warrant for that in a criminal investigation? >> no, they do not. you can just get a grand jury's subpoena. separate from preserving it, you can acquire it with a grand jury subpoena, and you don't need to go to a court to do that. >> so that is a lower legal standard in order to obtain information on a u.s. legal criminal mat per. >> that is correct. >> and i think this is an important point to make. the system is set up on this foreign collection.

and i argue this -- we need this high standard because it is in a classified sess setting. you need to have this high standard. can you describe the difference? if i were getting the information, the legal standard would be much lower if i were working an embezzlment case in chicago and trying to stop a terrorist operating overseas trying to get back into the united states to conduct a plot. >> some of the standards might be similar, but the standard you have to go through is much greater in the fisa context. you have to go to the fisa court ahead of time and set out facts thr that will explain to the court why this information is relevant to the investigation that you are doing, why it is a limited type of investigation that is allowed to be donend the statute and under the rules, and then the court has to approve that ahead of tisme, along with all of the rules and restrictions, how you can use it, how you can access it, and who you can disseminate it to.

you have ricks on who you -- you have restrictions on who you can disseminate it to. but those would be broader, and you don't need a court ahead of time. >> so in total, this is a much more oversighting scene, and on an embezzlment case, you wouldn't brief that to congress would you? >> no, not as normal course. >> so you would have a whole different layer of oversight. and i argue that because of necessity, it used to be a classified program of which you want additional oversight. you want members of the legislature making sure that you don't necessarily need in a criminal matter domestically?

>> that's correct. in a normal criminal embezzlment case you would have the f.b.i. and the justice department involved and that's about it. in this you have the national security agency, you have the odni, you have the inspectors general, you have the department of justice. you have the court monitoring what you are doing, if there were any mistakes made. you have congress briefed on a regular basis. there is an enormous amount of oversight compared to a grand jury situation. yet the records that can be obtained are of the same kind. >> does china have an adversarial relationship with the united states? >> yes, they do. >> do they perform economic espionage farthered at companies in the united states? >> yes, they do. >> do they conduct espian -- espionage to our military in the united states and abroad? >> yes, they do.

>> do they target policymakers that might engage in foreign affairs when it comes to the united states? >> yes. >> how would you rate them as an adversarial intelligence service, compared to other adversries, the russians, the reins, others. >> they are one of our top adversaries. >> if i understand it, there have been economic as well as military efforts. so they have been very aggressive in their espionage activities toward the united states. is that a fair statement? >> i think they have been aggressive to united states' interests. >> general alexander, how would you describe in an unclassified way the chinese cyber-efforts for both espionage and their

military capability to conduct disruptive attacks toward the united states? >> very carefully. with a lot of legal oversight. i think one of the things that is important about the cyber-activities that we are seeing, and i also think what is missing perhaps in this conversation with the chinese, is what is acksementable practices here acceptable practices here. i think the president has discussed 14 some of that with the new president of china, and i think that's some of what we have to have. this need not be an adversarial relationship. our country does a lot of business with china, and we need to look at how can we improve the relationship with china in such a way that both our countries benefit.

because we can, and i think that's good for everybody. what concerns me is, now this program and what we're talking about with china, i think we have to solve this issue with china and look at ways to move forward. i think we do have to have that discussion on cyber-, what are the right standards and have that discussion both privately and publicly. and it is not just our country, it is all the countries of the world as well as china. >> i appreciate you drawing the line, but would you say that china engages in cyber-economic espionage to steal economic property in the united states? >> yes. >> would you agree they engage in trying to steal military and business secrets of the united states? >> yes. >> i think this is important that we put it in the context of what americans want to know about the relationship between mr. snowden and where he finds a home today, and know that we are

doing a full investigation into possible connections with any nation state who might take advantage of this activity. the one thing i degree with mr. today, is they haven't seen any changes, and i would dispute that based on what i've seen yesterday. do you believe al-qaeda elements just historically, when issues have been disclosed, change the way they operate to target both soldiers abroad and their terrorist plotting activities, movements, financing, weaponization? >> to be fair, what i intended to say, we know they have seen it, we know they have commented on it.

what we don't know is over the long term what impact it will have on our collection capability. but you are right. they watch us, and they modify their behavior based on what they learn. >> and we also know in some cases in certain countries they have modified their behavior, including, the way the they target u.s. troops based on certain communications. is that correct? >> i guarantee it is absolutely correct. that's what is so concerning about this. >> i appreciate you being here. i know how difficult it is to come and talk -- zpwhren general, did you want to say something? >> yes, i did want to say a couple things. thank ts to the committee and the administration and others. in the summer of 2009 we set the up the director of compliance and put some of our best people in it to ensure that what we are doing is exactly right, and this zphee committee was instrumental in helping us set that up. that's one point. when we talk about oversight and compliance, people think it is just once in a while, but there was rigorous actions by you and this committee that set that up. the second is in the open pressers there is a discussion about pattern analysis.

they are out there doing pattern analysis on this. that is absolutely incorrect. we are not authorized to go into the data nor are we data mining or doing anything with the data other than those queeries that we zpussed -- discussed period. we are not authorized to do it. there are no automated processes trying to figure out networks. the only time you can do pattern analysis is once you start that querrey and go forward. you can't -- you know, i have four daughters and 15 grandchildren. i cannot supervise nem with this data base. it is not authorized, and our folks do not do it. so that oversight applies too you and ools. i think it is important for the american people to know it is limited.

in this case of 2012, less than 300 selectors were looked at it and they had an impact in helping us prevent potential attacks. when you look at that and you balance those two, that's pretty good. >> and i do breeshate it. and the folks at the n.s.a. -- we have never had an issue with subpoena. all that information has readily been provided by you. you meet with us, and we have an open dialogue. when problems happen, we deal with them in a classified way and in a way that i think americans would be proud that their elected representatives deal with issues. i'm not saying there are some hidden issues out there. there are not. i know it has been difficult to talk about sensitive issues in a public way. in order to preserve your good work on behalf of all the patriots defending america, i still think it is important -- it was important to reassure the level of oversight on a program

that we all recognize needed an extra care and attention and a lot of sets of eyes. i hope today in this hearing we have been able to do that. i do believe that america has the responsibility to keep some things secret as we have served to protect this country. you all do that well. and the darndest thing is we may have found it is easier for a systems administrator to steal the information than it is for us to access the program in order to prevent a terrorist attack in the united states. we'll be working more on those issues. we have had great dialogue about what's coming on some of those oversight issues. thank you very much. thank you all for your service, and i wish you all well today. >> thank you. [captioning performed by national captioning institute] [captions copyright national cable satellite corp. 2013]

>> a hearing on security clearances for federal employees and contractors. mitch mcconnell talks about free speech under the obama administration. later, federal reserve chair ben bernanke. tomorrow on washington journal, jonathan alter talks about the president's second term agenda in his book. then, a discussion on the affordable care act and the so- called safety net hospitals that treat a larger percentage of uninsured patients. and later, a look at the witness protection program with its founder. >> this is a challenging time for conservatives.

we have a quite liberal democratic resident who has not only been in elected, but reelected, putting into place some ideas and programs and projects that i think are very wrongheaded. the public had a chance to think about that, and they did reelect him. it is a challenging time. it is also an exciting time if what you are trying to do -- what i and many others are trying to do is modernize conservatism, bring it into line with challenges the country faces now, to help conservatives and the country think about the challenges of the 21st century. neither party is doing a good job. there is a lot of opportunity for thinking about what america in the 20th -- 21st century needs to change to get back to economic growth, to get back to prosperity, to get back to the kind of cultural revival we need. it is challenging, but it is