Leak Investigations

1 2 3 19

Government Continues to Freak Out about the Intercept, Raise Its Profile

The Intercept had a story on the content of the government’s terrorist watchlist yesterday — I’ll have more to say about the content later. But the government — largely National Counterterrorism Center — response to it shows the government getting increasingly unhinged about the Intercept and other journalistic models based on leaked documents.

First, in an apparent effort to shift the focus away from the 200,000 people on the terrorist watchlist with no tie to a known terrorist organization and to the fact that the watchlist has ballooned in response to the UndieBomb attempt in December 2009, NCTC gave the scoop to AP’s Eileen Sullivan.

The Associated Press dropped a significant scoop on Tuesday afternoon, reporting that in the last several years the U.S. government’s terrorism watch list has doubled.

A few minutes after the AP story, then consisting of three paragraphs, was posted at 12:32 p.m., The Intercept published a much more comprehensive article.

NCTC even admitted they spoiled the scoop after the Intercept’s John Cook called them on it.

After the AP story ran, The Intercept requested a conference call with the National Counterterrorism Center. A source with knowledge of the call said that the government agency admitted having fed the story to the AP, but didn’t think the reporter would publish before The Intercept did. “That was our bad,” the official said.

Asked by The Intercept editor John Cook if it was the government’s policy to feed one outlet’s scoop to a friendlier outlet, a silence ensued, followed by the explanation: “We had invested some quality time with Eileen,” referring to AP reporter Eileen Sullivan, who the official added had been out to visit the NCTC.

“After seeing you had the docs, and the fact we had been working with Eileen, we did feel compelled to give her a heads up,” the official said, according to the source. “We thought she would publish after you.”

This is bone-headed on several levels. In the future, all government agencies will get less time to comment on the Intercept’s upcoming stories, which — given how much classified information they’re sitting on — could really hurt their interests.

And NCTC burned Sullivan badly; she’s a decent reporter, but NCTC has made it clear they consider her their reporter. (NSA has done this similarly but less obviously with some superb beat reporters, leaking them partial stories then exploiting those partial stories to undercut real attention on the documents.)

Then, the government gave CNN’s Evan Perez an “Exclusive” to trumpet their determination that there’s probably someone else leaking documents to the Intercept.

The federal government has concluded there’s a new leaker exposing national security documents in the aftermath of surveillance disclosures by former NSA contractor Edward Snowden, U.S. officials tell CNN.

Proof of the newest leak comes from national security documents that formed the basis of a news story published Tuesday by the Intercept, the news site launched by Glenn Greenwald, who also published Snowden’s leaks.

The Intercept article focuses on the growth in U.S. government databases of known or suspected terrorist names during the Obama administration.

The article cites documents prepared by the National Counterterrorism Center dated August 2013, which is after Snowden left the United States to avoid criminal charges.

Greenwald has suggested there was another leaker. In July, he said on Twitter “it seems clear at this point” that there was another.

Government officials have been investigating to find out that identity.

Note, there’s almost certainly an error here, presumably on the part of the government. There appears to be a second NSA leaker, leaking to Jacob Appelbaum. But there’s also the person who gave the Intercept the NCTC documents, which is almost certainly an entirely different person.

Of course, there’s not just one new leaker. In DC there are new leakers everyday, even people who share classified documents. What Perez’ sources mean is OMIGOD there’s another person giving That Outlet documents.

The government has chosen to make it a Big Story that at least one more person has decided to leak the Intercept documents.

Ultimately, I think the Known and Suspected Terrorist documents the Intercept got are badly overclassified and also should be released in whole to permit debate and oversight. The documents show some good things (and some areas where NCTC has implemented questionable demands from Congress such as that they biometric everything). They also show the system lacks controls. Absent real discussion, it appears NCTC and the rest of this bureaucracy hasn’t gotten the right balance on watchlisting.

But rather than engaging in that debate, the government first tried to pre-empt it, burning Sullivan in the process, and then screaming so loud as to raise the value of such leaks.

Dumb.

Under Clapper’s Continuous Monitoring CIA Could Continuously Monitor SSCI on CIA Network

As I pointed out the other day, the CIA IG Report on spying on the Senate Intelligence Committee appears to say the egregious spying happened after John Brennan told Dianne Feinstein and Saxby Chambliss on January 15 CIA had been spying on SSCI.

Agency Access to Files on the SSCI RDINet:

Five Agency employees, two attorneys and three information technology (IT) staff members, improperly accessed or caused access to the SSCI Majority staff shared drives on the RDINet.

Agency Crimes Report on Alleged Misconduct by SSCI Staff:

The Agency filed a crimes report with the DOJ, as required by Executive Order 12333 and the 1995 Crimes Reporting Memorandum between the DOJ and the Intelligence Community, reporting that SSCI staff members may have improperly accessed Agency information on the RDINet. However, the factual basis for the referral was not supported, as the author of the referral had been provided inaccurate information on which the letter was based. After review, the DOJ declined to open a criminal investigation of the matter alleged in the crimes report.

Office of Security Review of SSCI Staff Activity:

Subsequent to directive by the D/CIA to halt the Agency review of SSCI staff access to the RDINet, and unaware of the D/CIA’s direction, the Office of Security conducted a limited investigation of SSCI activities on the RDINet. That effort included a keyword search of all and a review of some of the emails of SSCI Majority staff members on the RDINet system.

With that in mind, consider this passage of James Clapper’s July 25, 2014 response to Chuck Grassley and Ron Wyden’s concerns about Clapper’s new ongoing spying on clearance holders.

With respect to your second question about monitoring of Members of Congress and Legislative Branch employees, in general those individuals will not be subject to [User Activity Monitoring] because their classified networks are not included in the definition of national security systems (NSS) for which monitoring is required.

[snip]

Because no internally owned or operated Legislative branch network qualifies as a national security system, UAM by the Executive Branch is accordingly neither required nor conducted. To be clear, however, when Legislative Branch personnel access a national security system used or operated by the Executive Branch, they are of course subject to UAM on that particular system.

CIA’s spying on SSCI took place on CIA’s RDI network, not on the SSCI one. SSCI had originally demanded they be given the documents pertaining to the torture program, but ultimately Leon Panetta required them to work on a CIA network, as Dianne Feinstein explained earlier this year.

The committee’s preference was for the CIA to turn over all responsive documents to the committee’s office, as had been done in previous committee investigations.

Director Panetta proposed an alternative arrangement: to provide literally millions of pages of operational cables, internal emails, memos, and other documents pursuant to the committee’s document requests at a secure location in Northern Virginia. We agreed, but insisted on several conditions and protections to ensure the integrity of this congressional investigation.

Per an exchange of letters in 2009, then-Vice Chairman Bond, then-Director Panetta, and I agreed in an exchange of letters that the CIA was to provide a “stand-alone computer system” with a “network drive” “segregated from CIA networks” for the committee that would only be accessed by information technology personnel at the CIA—who would “not be permitted to” “share information from the system with other [CIA] personnel, except as otherwise authorized by the committee.”

It was this computer network that, notwithstanding our agreement with Director Panetta, was searched by the CIA this past January,

Presumably, those limits on access should have prevented CIA’s IT guys from sharing information about what SSCI was doing on the network. But it’s not clear they would override Clapper’s UAM.

Remember, too, when Brennan first explained how this spying didn’t qualify as a violation of the Computer Fraud and Abuse Act, he said CIA could conduct “lawfully authorized … protective … activity” in the US. Presumably like UAM.

I have no idea whether this explains why CIA’s IG retracted what Feinstein said had been his own criminal referral or not. But I do wonder whether the CIA has self-excused some of its spying on SSCI in the interest of continuous user monitoring?

If so, it would be the height of irony, as UAM did not discover either Chelsea Manning’s or Edward Snowden’s leaks. Imagine if the only leakers the Intelligence Community ever found were their own overseers?

Alan Grayson: Is Keith Alexander Selling Classified Information to the Banks?

I’ve been tracking Keith Alexander’s utterly predictable new gig, getting rich off of having drummed up cybersecurity concerns for the last several years, while at the same time shacking up with the most dubious of shadow bank regulators, Promontory Financial Group.

Apparently, I’m not the only one. Alan Grayson just sent some of the entities that Alexander has been drumming up business with — the Security Industries and Financial Markets Association, Consumer Bankers Association, and Financial Services Roundtable — a letter asking how the former NSA Director can be making a reported $600,000 a month. He cites Bruce Schneier wondering whether part of the deal is that Alexander will share classified information he learned while at NSA.

Security expert Bruce Schneier noted that this fee for Alexander’s services is on its face unreasonable. “Think of how much actual security they could buy with that $600K a month.Unless he’s giving them classified information.” Schneier also quoted Recode.net, which headlined this news as: “For another million, I’ll show you the back door we put in your router.”

[snip]

Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony. I question how Mr. Alexander can provide any of the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods. Without the classified information that he acquired in his former position, he literally would have nothing to offer to you.

Please send me all information related to your negotiations with Mr. Alexander, so that Congress can verify whether or not he is selling military and cybersecurity secrets to the financial services industry for personal gain.

Alexander is just the latest of a long line of people who profit directly off driving up the cybersecurity threat. But — as Recode.net notes — he’s also got the kind of inside information that could be particularly valuable.

As the Intelligence Industrial Complex and the Banking industry hop into bed together, there ought to be some transparency about just what kind of deals are being made. There’s simply too much immunity handed out to this community to let boondoggles like Alexander’s slide.

The intelligence community is subjecting every low level clearance holder to intense scrutiny right now. But thus far, there has not been a peep from those quarters that the former DIRNSA could command these fees for the expertise gained while overseeing the nation’s secrets.

Why Can’t Jason Leopold Have the Information Mike Rogers Already Leaked, and in Less Than Four Months?

131218 Snowden Report
Noted FOIA terrorist Jason Leopold liberated a copy of the Defense Intelligence Agency’s damage assessment about Edward Snowden’s leaks (story, document).

The report, as anticipated, doesn’t appear to talk about actual damage DOD has suffered. Instead, it appears to talk about the damage that might happen if the information that has been “compromised” (that is, accessed by Snowden’s scraper) actually gets released.

But we can’t really tell because the report is heavily redacted (the screen shot here and the top of the first page is the most intact section of the report).

Which is odd, given that — as Shane Harris reported in January (and I noted here) — the Administration declassified some of this report so it could be leaked to discredit Snowden.

A congressional staffer who is familiar with the report’s findings said that the lawmakers chose to make some of its contents public in order to counter what they see as a false impression of Snowden as a principled whistleblower who disclosed abuses of power.

“Snowden has been made out by some people to be a hero. What we need to do is really look at the effect of his leaks and see that what he’s done is really harm our country and put citizens at risk. The purpose [of releasing some findings] is to clear the record and show that he’s not a hero,” the staffer told Foreign Policy.

The staffer said that the administration approved the information that the lawmakers disclosed in advance.

Which makes the timing of this even weirder. It took the Administration no more than 23 days to provide the report to Mike Rogers and Dutch Ruppersberger and then approve the language they went on to blab.

But it has taken DOD around 4 months — and  a lawsuit — for Leopold to get what little he got.

And, as he mentions in his story, he hasn’t even gotten the information that must be among the information okayed for blabbing

Here’s the information (italicized) that must have been okayed for blabbing.

A Pentagon review has concluded that the disclosure of classified documents taken by former NSA contractor Edward Snowden could “gravely impact” America’s national security and risk the lives of U.S. military personnel, and that leaks to journalists have already revealed sources and methods of intelligence operations to America’s adversaries. At least, that’s how two members of Congress who have read the classified report are characterizing its findings. But the lawmakers — who are working in coordination with the Obama administration and are trying to counter the narrative that Snowden is a heroic whistleblower – offered no specific examples to substantiate their claims.

In harsh language that all but accused Snowden of treason, the top members of the House Intelligence Committee said the report shows that Snowden downloaded “1.7 million intelligence files,” which they described as “the single largest theft of secrets in the history of the United States.”

While the phrase “will have a GRAVE impact on U.S. national defense” [caps original] is unredacted in the report, neither the number — 1.7 million intelligence files” — nor the superlative claim — “the single largest theft of secrets in the history of the US” — appears unredacted in Leopold’s version of the report.

That is, either Rogers and Ruppersberger made that shit up. Or the Obama Administration is selectively declassifying again.

And taking their sweet time to do so.

Selective Leak to Michael Isikoff Proves the Undoing of Otherwise Successful Selective Leak Campaign on Drone Killing

The 2nd Circuit has just ruled that the government must release a redacted version of the targeted killing memo to the NYT and ACLU, as well as Vaughn documents listing the documents pertaining to the Anwar al-Awlaki killing.

The central jist of the argument, written by Jon Newman, is that the White Paper first leaked selectively to Michael Isikoff and then released, under FOIA, to Jason Leopold (Leopold FOIAed after reading about it in this post I wrote), amounts to official disclosure of the information in the OLC memo which, in conjunction with all the other public statements, amounts to a waiver of the government’s claim that the OLC memo amounted to pre-decisional deliberations.

This argument starts on page 23, in footnote 10, where the opinion notes that the White Paper leaked to Mike Isikoff was not marked draft, while the one officially released to Leopold was.

The document disclosed to [Leopold] is marked “draft”; the document leaked to Isikoff is not marked “draft” and is dated November 8, 2011. The texts of the two documents are identical, except that the document leaked to Isikoff is not dated and not marked “draft.”

The opinion strongly suggests the government should have released the Mike Isikoff — that is, the one not pretending to be a draft — version to ACLU.

The Government offers no explanation as to why the identical text of the DOJ White Paper, not marked “draft,” obtained by Isikoff, was not disclosed to ACLU, nor explain the discrepancy between the description of document number 60 and the title of the DOJ White Paper.

Then, having established that the document leaked to Isikoff is the same as the document released to Leopold, which was officially released, the opinion describes the DOD opinion at issue, a 41 page classified document dated July 16, 2010 signed by David Barron.

An almost entirely redacted paragraph describes the content of the memo.

The OLC-DOD Memorandum has several parts. After two introductory paragraphs, Part I(A) reports [redacted]. Parts I(B) and I(C) describe [redacted]. Part II(A) considers [redacted]. Part II(B) explains [redacted]. Part III(A) explains [redacted], and Part III(B) explains [redacted]. Part IV explains [redacted]. Part V explains [redacted]. Part VI explains [redacted].

A subsequent passage explains that parts II through VI provide the legal reasoning.

FOIA provides that “[a]ny reasonably segregable portion of a record shall be provided to any person requesting such record after deletion of the portions which are exempt under this subsection.” 5 U.S.C. § 552b. The Government’s waiver applies only to the portions of the OLC-DOD Memorandum that explain legal reasoning. These are Parts II, III, IV, V, and VI of the document, and only these portions will be disclosed.

And a still later passage reveals that the remaining section — part I — discusses intelligence gathering activities, presumably as part of a discussion of the evidence against Anwar al-Awlaki.

Aware of that possibility, we have redacted, as explained above, the entire section of the OLC-DOD Memorandum that includes any mention of intelligence gathering activities.

So while the paragraph describing the content of the Memo is redacted, we know the first section lays out the evidence against Awlaki, followed by 5 sections of legal reasoning.

The redacted paragraph I included above, describing the content of the Memo, is followed immediately by a paragraph addressing the content of the White Paper.

The 16-page, single-spaced DOJ White Paper [redacted] in its analysis of the lawfulness of targeted killings. [redacted]

The first redaction here probably states that the White Paper parallels the OLC memo. The second probably describes the key differences (besides length and the absence of the underlying evidence against Awlaki in the White Paper). And that second redaction is followed by a discussion describing the White Paper’s extensive passage on 18 US 1119, and lack of any discussion of 18 USC 956, a law prohibiting conspiracies to kill, maim, or kidnap outside the US.

The DOJ White Paper explains why targeted killings do not violate 18 U.S.C. §§ 1119 or 2441, or the Fourth and Fifth Amendments to the Constitution, and includes an analysis of why section 1119 encompasses the public authority justification. Even though the DOJ White Paper does not discuss 18 U.S.C. § 956(a)[redacted].

In other words, the big difference in the legal reasoning is that the still-secret Memo argues that the US plot against Awlaki was not an illegal conspiracy to kill him, in addition to not being a murder of an American overseas.

Conspiracies to conduct extralegal killings of terrorists are not the same as conspiracies by terrorists to kill, apparently.

Having laid out that the non-draft Isikoff memo is the same as the officially-released Leopold memo, and the officially-released Leopold memo lays out the same legal reasoning as the OLC Memo, the opinion basically says the government’s claims it hasn’t already released the memo are implausible.

As the District of Columbia Circuit has noted, “Ultimately, an agency’s justification for invoking a FOIA exemption is sufficient if it appears ‘logical’ or ‘plausible.’” Wolf v. CIA, 473 F.3d 370, 374-75 (D.C. Cir. 2007) (quoting Gardels v. CIA, 689 F.2d 1100, 1105 (D.C. Cir. 1982)). But Gardels made it clear that the justification must be “logical” and “plausible” “in protecting our intelligence sources and methods from foreign discovery.”

[snip]

With the redactions and public disclosures discussed above, it is no longer either “logical” or “plausible” to maintain that disclosure of the legal analysis in the OLC-DOD Memorandum risks disclosing any aspect of “military plans, intelligence activities, sources and methods, and foreign relations.” The release of the DOJ White Paper, discussing why the targeted killing of al-Awlaki would not violate several statutes, makes this clear. [redacted] in the OLC-DOD Memorandum adds nothing to the risk. Whatever protection the legal analysis might once have had has been lost by virtue of public statements of public officials at the highest levels and official disclosure of the DOJ White Paper.

Clearly, throughout its treatment of the Awlaki killing, the Obama Administration has attempted to be able to justify its killing of an American citizen publicly without bearing the risk of defending that justification legally.

And they almost got away with it. Until they got a little too loosey goosey with the selective leaks when they (someone) leaked the White Paper to Isikoff.

Ultimately, though, their selective leaking was the undoing of their selective leaking plan.

 

Henceforth All Published IC Comment Should Be Considered Propaganda

Steve Aftergood reports that James Clapper has done what Congress refused to do: forbid any unauthorized contact between Intelligence Community staffers and any member of an unbelievably broadly defined media. The order requires IC employees to obtain authorization for contacts with the media, and report any unplanned contacts.

3. Contact by IC employees with the media on covered matters must be authorized by their IC element.
a. Within the IC, only the head or deputy head of an IC element, the designated public affairs official, and other persons designated in agency policy or authorized by that public affairs official are authorized to have contact with the media on covered matters, except as provided below.
b. IC employees, as defined in EO 12333, Section 3.5(d), not designated in accordance with Section D.3.a, must obtain authorization for contacts with the media on covered matters through the office responsible for public affairs for their IC element, and must also report to that office unplanned or unintentional contact with the media on covered matters.
4. No substantive information should be provided to the media regarding covered matters in the case of unplanned or unintentional contacts. Authorization for a particular contact on covered matters does not constitute authorization for additional media engagement.

And here’s the definition of “media,” which would include civil rights organizations and some attorneys.

4. For purposes of this Directive, media is any person, organization, or entity (other than Federal, State, local, tribal and territorial governments):
a. primarily engaged in the collection, production, or dissemination to the public of information in any form, which includes print, broadcast, film and Internet; or
b. otherwise engaged in the collection, production, or dissemination to the public of information in any form related to topics of national security, which includes print, broadcast, film and Internet.

Employees found to have violated this policy may lose their security clearance and/or their employment.

I guess James Clapper, whose credibility is already shot to shit for lying to Congress and spending 10 months uttering transparent lies, wants to doom the IC’s credibility entirely.

After all, from this point forward, we can assume that any statement citing an IC source is approved propaganda. Thanks for clearing that up, Clapper.

 

Is This the Missing WikiLeaks PayPal Order?

As I noted in this post, the declaration submitted in EFF’s FOIA for Section 215 by ODNI’s Jennifer Hudson is remarkably revealing. I’m particularly intrigued by these comments about the financial dragnet order released on March 28.

A FISC Supplemental Order in BR 10-82, dated November 23, 2010 and consisting of two pages, has been withheld in part to protect certain classified and law enforcement sensitive information. The case underlying BR 10-82 is an FBI counterterrorism investigation of a specific target. That investigation is still pending. Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain financial records, under the FISA’s business records provision, pertaining to the target of the investigation and in fact obtained such authorization.

[snip]

Here, in the course of a pending counterterrorism investigation, the FBI sought authorization under the FISA to obtain certain financial records. The FISC Supplemental Order, which was issued in relation to its authorization for such collection, was thus compiled for law enforcement purposes, in furtherance of a national security investigation within the FBI’s authorized law enforcement duties.

[snip]

Here, the FBI has determined that the release of the final paragraph of the order, which describes certain requirements reflecting the FBI’s particular implementation of the authority granted by the FISC, could reasonably be expected to adversely impact the pending investigation and any resulting prosecutions. Release of this paragraph would reveal the specific and unique implementation requirements imposed on the FBI under this FISA-authorized collection during a particular time period. It is unclear what and how much the target might already know about the FBI’s investigation. However, as more fully explained in my classified ex parte, in camera declaration, there is reason to believe that the target or others knowledgeable about the nature and timing of the investigation could piece together this information, the docket number, the dates of the collection, and other information which has already been released or deduced to assemble a picture that would reveal to the target that the target was the subject of a particular type of intelligence collection during a specific time period, and by extension, that the target’s associates during that period may have been subject to similar intelligence collections. This could lead the target to deduce the scope, focus, and direction of the FBI’s investigative efforts, and potentially any gaps in the collections, from which the target could deduce times when the target’s activities were “safe.” [my emphasis]

The bolded section says that certain people — the target, but also “others knowledgeable about the nature and timing of the investigation” — could put the financial dragnet request together with other information released or deduced to figure out that the target and his associates had had their financial data collected.

Gosh, that’s like waving a flag at anyone who might be “knowledgeable about the nature of the investigation.”

What counterterrorism investigation has generated sufficient attention such that not only the target, but outsiders, would recognize this order pertains the investigation in question? The investigation would be:

  • A counterterrorism investigation
  • In relatively early stages on November 23, 2010
  • Used financial records in a potentially novel way, perhaps to identify affiliates of the target
  • Still going on

The CIA & etc. Money Order Orders

One obvious possibility is the generalized CIA investigation into Western Union and international money transfers reported by WSJ and NYT last year. While both stories said the CIA got these orders, I suggested it likely that FBI submitted the orders and disseminated the information as broadly as FBI’s information sharing rules allowed, not least because CIA has no analytical advantage on such orders, as NSA would have for the phone dragnet.

There are two reasons this is unlikely. First, there’s the timing. The WSJ version of the story, at least, suggested this had been going on some time, before 2010. If that’s the case, then there’s no reason to believe a new order in 2010 reviewed this issue. And while I don’t think the 2010 order necessarily indicates the first financial 215 order (after all, it took 2.5 years before FISC weighed the equivalent question in the phone dragnet), it is unlikely that this order comes from an existing program.

That’s true, too, because this seems to be tied to a specific investigation, rather than the enterprise counterterrorism investigation that underlies the phone dragnet (and presumably the CIA program). So while this practice generated enough attention to be the investigation, I doubt it is.

The Scary Car Broker Plot

Then there’s what I call the Scary Car Broker Plot, which I wrote about here. Basically, it’s a giant investigation into drug trafficking from Colombia through Western Africa that contributes some money to Hezbollah and therefore has been treated as a terror terror terror investigation when in reality it is a drug investigation. Treasury named Ayman Joumaa, the ultimate target of that investigation, a Specially Designated Trafficker in February 2011, so presumably the investigation was very active in November 2010, when FISC issued the order. The case’s domestic component involves the car broker businesses of a slew of (probably completely innocent) Lebanese-Americans, who did business with the larger network via wire transfers.

The Car Buyers also received wire transfers for the purpose of buying and shipping used cars from other account holders at the Lebanese Banks (“Additional Transferors”), including the OFAC-designated Phenicia Shipping (Offshore); Ali Salhab and Yasmin Shipping & Trading; Fadi Star and its owners, Mohammad Hammoud and Fadi Hammoudi Fakih for General Trade, Khodor Fakih, and Ali Fakih; and Youssef Nehme.

Perhaps most interesting, the government got at these businessmen by suing them, rather than charging them, which raised significant Fifth Amendment Issues. So between that tactic and Joumaa’s rather celebrated status, I believe this is a possible case. And the timing — from 2007 until 2011, when Joumaa got listed — would certainly make sense.

All that said, this aspect of the investigation was made public in the suit naming the car brokers, so FBI would be hard-pressed to claim that providing more details would compromise the investigation.

HSBC’s Material Support for Terrorism

Then there’s a very enticing possibility: that this is an investigation into HSBC for its material support for terrorism, in the form of providing cash dollars to the al Rajhi bank which went on to support terrorist attacks (including 9/11).

HSBC’s wrist slap for money laundering is one of the most noted legal atrocities in recent memory, but most people focus on the bank’s role laundering money for drug cartels. Yet as I’ve always emphasized, HSBC also played a key role in providing money to al Qaeda-related terrorists.

As the Permanent Subcommittee on Investigations’ report made clear, HSBC’s material support for terror continued until 2010.

After the 9-11 terrorist attack in 2001, evidence began to emerge that Al Rajhi Bank and some of its owners had links to financing organizations associated with terrorism, including evidence that the bank’s key founder was an early financial benefactor of al Qaeda. In 2005, HSBC announced internally that its affiliates should sever ties with Al Rajhi Bank, but then reversed itself four months later, leaving the decision up to each affiliate. HSBC Middle East, among other HSBC affiliates, continued to do business with the bank.

Due to terrorist financing concerns, HBUS closed the correspondent banking and banknotes accounts it had provided to Al Rajhi Bank. For nearly two years, HBUS Compliance personnel resisted pressure from HSBC personnel in the Middle East and United States to resume business ties with Al Rajhi Bank. In December 2006, however, after Al Rajhi Bank threatened to pull all of its business from HSBC unless it regained access to HBUS’ U.S. banknotes program, HBUS agreed to resume supplying Al Rajhi Bank with shipments of U.S. dollars. Despite ongoing troubling information, HBUS provided nearly $1 billion in U.S. dollars to Al Rajhi Bank until 2010, when HSBC decided, on a global basis, to exit the U.S. banknotes business. HBUS also supplied U.S. dollars to two other banks, Islami Bank Bangladesh Ltd. and Social Islami Bank, despite evidence of links to terrorist financing. Each of these specific cases shows how a global bank can pressure its U.S. affiliate to provide banks in countries at high risk of terrorist financing with access to U.S. dollars and the U.S. financial system. [my emphasis]

Now, the timing may match up here, and I’d really love for a bankster to be busted for supporting terrorism. Plus, an ongoing investigation into this part of HSBC’s crimes might explain why Lanny Breuer said nothing about it when he announced the settlement with HSBC. But I doubt this is the investigation. That’s because former Treasury Undersecretary for Terrorism and Financial Intelligence Stuart Levey moved to HSBC after this point in time, in large part in a thus-far futile attempt to try to clean up the bank. And I can’t imagine a lawyer could ethically take on this role while (presumably) knowing about such seizures. Moreover, as the PSI report made clear, there are abundant other ways to get at the kind of data at issue in the HSBC investigation without Section 215 orders.

Who am I kidding? This DOJ won’t ever really investigate a bank!

WikiLeaks the Aider of Al Qaeda 

I realize these three possibilities do not exhaust the list of sufficiently significant and sufficiently old terrorism investigations that might be the target named in the order. So I’m happy to hear other possibilities.

But there is one other investigation that is a near perfect fit for almost all the description provided by Hudson: WikiLeaks.

As I’ve reported, EPIC sued to enforce a FOIA for records the FBI has on investigations into WikiLeaks supporters. The FOIA asked for and FBI did not deny having, among other things, financial records.

All records of any agency communications with financial services companies including, but not limited to Visa, MasterCard, and PayPal, regarding lists of individuals who have demonstrated, through monetary donations or other means, support or interest in WikiLeaks.

In addition to withholding information that they apparently have because of an ongoing investigation (though the Judge has required the government to confirm it is still ongoing by April 25), the government also claimed exemption under a statute that they bizarrely refused to name. I speculated four months before Edward Snowden’s leaks that that statute was Section 215.

And the timing on this investigation is a perfect fit. On November 3, 2010, Joint Terrorism Task Force Officer Darin Louck seized David House’s computer as he came across the border from Mexico. While House refused to give the government his encryption passwords, the seizure makes it clear FBI was targeting WikiLeaks supporters. Then, according Alexa O’Brien, on November 21, 2010, a report on the upcoming Cablegate release was included in President Obama’s Daily Brief. The government spent the weeks leading up to the first releases in Cablegate on November 28, 2010 scrambling to understand what might be in them. On December 4, PayPal started refusing donations to WikiLeaks. And on December 6, Eric Holder stated publicly he had authorized extraordinary investigative measures “just last week.”

Nor would he say whether the actions involved search warrants, requests under the Foreign Intelligence Surveillance Act, which authorizes wiretaps or other means, describing them only as “significant.”

“I authorized just last week a number of things to be done so that we can, hopefully, get to the bottom of this and hold people accountable as they should be,” he said.

December 6 was a Monday and technically Tuesday, November 23 would have been 2 weeks earlier, just 2 days before Thanksgiving. But a Section 215 order doesn’t require AG approval, and indeed, dragnet orders often generate leads for more intrusive kinds of surveillance.

Moreover, according to Hudson’s declaration, this order did precisely what EPIC’s FOIA seems to confirm FBI did, investigate not just Julian Assange, but also his associates (also known as supporters), including WikiLeaks donors.

The only thing — and it is a significant thing — that would suggest this guess is wrong is Hudson’s description of this as a “counterterrorism” investigation and not a “counterespionage” investigation (which is how Holder was discussing it in December 2010).

But that doesn’t necessarily rule WikiLeaks out. As noted above, already by early November 2010, the FBI had JTTF agents involved in the investigation. And central to the government’s failed claim that Chelsea Manning had aided the enemy was that she had made the Afghan war logs available knowing (from the DIA report she accessed) that the government worried about al Qaeda accessing such things, and that some Afghan war logs were found at Osama bin Laden’s compound. So the government clearly has treated its WikiLeaks investigation as a counterterrorism investigation.

Moreover, all Hudson’s declaration claims is that the government currently considers this a counterterrorism investigation. Section 215 can be used for counterintelligence investigations (as I’ve noted over and over). Since the Osama bin Laden raid revealed al Qaeda had accessed cables, the government has maintained that it does involve al Qaeda. So it may be that Hudson’s reference to the investigation as a counterterrorism investigation only refers to its current status, and not the status used to obtain the order in 2010.

That said, Hudson also provided a classified version of her statement to Judge Yvonne Gonzales Rogers, and I can’t imagine she’d try to pitch the WikiLeaks case as a counterterrorism one if a judge actually got to check her work. But you never know!

It’s likely that I’m forgetting a very obviously publicly known counterterrorism investigation.

But I think it possible that either the Scary Car Broker plot or WikiLeaks is the target named in the order.

Dangerous Censored Documents, in Soviet Russia and War on Terror America

Yesterday, in announcing the public release of documents relating to CIA’s publication of a Russian edition of Dr. Zhivago, the CIA bragged (justifiably) about its Cold War success in making books Warsaw Pact governments had banned available within those countries.

In a memo dated April 24, 1958 a senior CIA officer wrote: “We have the opportunity to make Soviet citizens wonder what is wrong with their government when a fine literary work by the man acknowledged to be the greatest living Russian writer is not even available in his own country [and] in his own language for his people to read.”

[snip]

Obtaining, publishing, and distributing banned books like Doctor Zhivago was an important Cold War-era success story for the CIA.

Even as CIA was declassifying the documents underlying Peter Finn’s book on this topic, the 9/11 Gitmo trial was being stalled, once again, by issues arising from the Court’s fragile Constitutional foundation.

The issue, this time, makes for ironic comparison with CIA’s boasts of making banned texts available to societies where the government was too fragile to release such texts.

On Monday, the 9/11 defense lawyers revealed that their Defense Security Officer had been recruited as an informant by the FBI as part of an investigation into how an unclassified 36-page tract written by Khalid Sheikh Mohammed became available to the HuffPo.

The Gitmo prosecutors claim to have no knowledge of the FBI investigation.

At Monday’s hearing, the judge pointedly asked the prosecutor, Army Brig. Gen. Mark Martins, if his prosecution team was “aware of this visit” by two agents to the bin al Shibh team member’s house on Sunday, April 6, to question him after church. At issue, in part, was how the Huffington Post and Britain’s Channel 4 television got a copy of the Mohammed commentary.

“No, we were not,” Martins replied — even before the judge had finished his question.

[snip]

At the prison, spokesman Navy Cmdr. John Filostrat on Monday night replied to a question of whether the prison staff asked the FBI to investigate the document this way: “I am unaware of any investigation and won’t get into ongoing legal proceedings, anyway.”

Tuesday, a Pentagon spokesman said that while Martins did give the FBI the copy of the Mohammed document neither the chief prosecutor “nor the prosecution team had any idea that an investigation was launched.”

“He gave it to the FBI to maintain as evidence in event that there could at some point be an investigation,” said Army Lt. Col. Todd Breasseale, “and in the event that it is determined that releasing [Mohammed’s 36-page commentary] was unlawful.”

Nevertheless, it appears someone requested an investigation into the disclosure. And DOJ’s part of the prosecution team suggests the judge would infringe on Executive Branch privileges if he investigates the FBI investigation.

Separately, a lead case prosecutor, Ed Ryan of the Justice Department warned the judge against asking to question the FBI agents who visited a defense team member.

“Your Honor is suggesting that you want to investigate an ongoing investigation. There are numerous government privileges that would be at stake,” Ryan said at the hearing. “I think the commission would be greatly mistaken to go down a road of trying to look inside an ongoing investigation being conducted by the Federal Bureau of Investigation if, in fact, one exists.”

Defense Attorneys also complained that a (perhaps now former) member of the Prosecution team is the Chief of Staff to FBI Deputy Director Mark Giuliano.

And then finally, there’s a member of the trial team, Ms. Baltes, who is also — who also serves as the Chief of Staff to the Deputy Director of the FBI. And I appreciate counsel’s unequivocal statement that the prosecution was not aware of this investigation, did not know — did not know that an investigation was taking place and did not direct FBI agents to go and try to penetrate Mr. Harrington’s team, but somebody did, and somebody at the FBI did. And I don’t think it’s too much of a leap to imagine that when a member of the trial team has a dual role as the Chief of Staff to the Deputy Director of the FBI, that there could be an interface there, and I think it would be appropriate to examine Ms. Baltes as well.

Joanna Baltes happens to have been the lawyer who, in January, refused to admit in public that the CIA had installed a means to censor Gitmo proceedings, unbeknownst to the Judge. Is she, once again, answering to the CIA above and beyond her obligations to a court purportedly delivering independent justice?

So our attempt to hold the perpetrators for 9/11 responsible for their crimes has once again ground to a halt as the Judge investigates whether and why (and at whose behest) the FBI is investigating the release of KSM’s unclassified writings.

Americans might ask, like Russians before them, “wonder what is wrong with their government” that we must delay justice in the 9/11 attack because someone made a shitty tract from KSM publicly available.

Don’t get me wrong. Unlike Boris Pasternak’s novel, KSM’s tract is not literature, not even close. Continue reading

Chuck Grassley: Insider Threat Program Poses Threat to Whistleblowers

Chuck Grassley rarely gets the credit he deserves for championing whistleblowers. But, while there have been notable exceptions, Grassley has long defended both generalized protections for whistleblowers, as well as whistleblowers themselves.

Yesterday, he gave a long speech on the Whistleblower Protection Act. As part of it, he laid out a number of ways President Obama’s Insider Threat detection program threatened whistleblowers.

He described how the FBI has refused to explain whether Insider Threat Program training adequately distinguishes between whistleblowers and inside threats. Just last week, FBI walked out in the middle of a briefing for Grassley and Pat Leahy!

Meanwhile, the FBI fiercely resists any efforts at Congressional oversight, especially on whistleblower matters.  For example, four months ago I sent a letter to the FBI requesting its training materials on the Insider Threat Program.  This program was announced by the Obama Administration in October 2011.  It was intended to train federal employees to watch out for insider threats among their colleagues.  Public news reports indicated that this program might not do enough to distinguish between true insider threats and legitimate whistleblowers.  I relayed these concerns in my letter.  I also asked for copies of the training materials.  I said I wanted to examine whether they adequately distinguished between insider threats and whistleblowers.

In response, an FBI legislative affairs official told my staff that a briefing might be the best way to answer my questions.  It was scheduled for last week.  Staff for both Chairman Leahy and I attended, and the FBI brought the head of their Insider Threat Program.  Yet the FBI didn’t bring the Insider Threat training materials as we had requested.  However, the head of the Insider Threat Program told the staff that there was no need to worry about whistleblower communications.  He said whistleblowers had to register in order to be protected, and the Insider Threat Program would know to just avoid those people.

Now I have never heard of whistleblowers being required to “register” in order to be protected.  The idea of such a requirement should be pretty alarming to all Americans.  Sometimes confidentiality is the best protection a whistleblower has.  Unfortunately, neither my staff nor Chairman Leahy’s staff was able to learn more, because only about ten minutes into the briefing, the FBI abruptly walked out.  FBI officials simply refused to discuss any whistleblower implications in its Insider Threat Program and left the room.  These are clearly not the actions of an agency that is genuinely open to whistleblowers or whistleblower protection.

Grassley raises concerns that the monitoring of intelligence community employees will help the IC track whistleblowers who communicate properly to Congress.

Like the FBI, the intelligence community has to confront the same issue of distinguishing a true insider threat from a legitimate whistleblower.  This issue could be impacted by both the House- and Senate-passed versions of the intelligence authorization.  Both include language about continuous monitoring of security clearance holders, particularly the House version.

Director of National Intelligence James Clapper seems to have talked about such procedures when he appeared before the Senate Armed Services Committee on February 11, 2014.  In his testimony, he said:

We are going to proliferate deployment of auditing and monitoring capabilities to enhance our insider threat detection.  We’re going to need to change our security clearance process to a system of continuous evaluation. . . .  What we need is . . . a system of continuous evaluation, where . . . we have a way of monitoring their behavior, both their electronic behavior on the job as well as off the job, to see if there is a potential clearance issue. . . .

Director Clapper’s testimony gives me major pause.  It sounds as though this type of monitoring would likely capture the activity of whistleblowers communicating with Congress.

Continue reading

Happy Birthday to Me, Mike Rogers Edition

I’m going to level with you all. Today is my birthday.

And in honor of my birthday, apparently, two of my nemeses will shift their careers. At 3PM, Keith Alexander retires as Director of the NSA.

And in an entirely unexpected announcement, Congressman Mike Rogers announced he will not run for reelection this year.

Happy Birthday to me — and by extension, to all of you!

Now, Mike Rogers’ excuse for retiring — that he’s been offered a national radio show on Cumulus Radio — doesn’t make sense. Less than a year ago, when he decided not to run for Carl Levin’s seat, he said he felt he could still do a lot of good in the House. A key part of that, though, was that unlike other House Committees, the Republicans don’t term limit the Intelligence Committee Chair position (the Democrats don’t term limit anything). So a key reason Rogers gave was that he’d remain HPSCI Chair.

So I can’t help but wonder whether his departure has something to do with his Chairmanship of the Intelligence Community (the original announcement last night from The Hill was that he was resigning the Chairmanship, with the even more horrible Mike Pompeo to take his place, with no mention of him retiring from Congress).

And I honestly wonder whether Rogers got caught revealing information so sensitive that he was told, by the Intelligence Community, to take a hike. Remember that after Richard Shelby leaked news that the NSA had overheard warnings of the 9/11 attack before it happened, he not only stepped down as Ranking Member (he had been Chair) of the Senate Intelligence Committee, he left the Committee entirely. No one ever said that was the reason, but I’ve long assumed that’s what happens when you step over the line of acceptable leaking as a Gang of Four member — you quietly walk away at the end of the term.

Pete Hoekstra leaked very damaging information in his last term as House Intel Chair — that we had a real-time intercept on Anwar al-Awlaki — though he had already announced he was leaving the House to run for Governor.

Mind you, most of the high volume of classified information Mike Rogers leaks, he does so with the blessing of the Intelligence Committee, as Gang of Four members are increasingly expected to serve as cut-outs for the Intelligence Community. Plus, much of what he “leaks” is in fact disinformation. Still, there are a number of stories that reveal NSA intercepts, many placed with conservative journalists, that could very easily have come from him. Some of them have been deemed more immediately damaging than all of Snowden’s leaks. Rogers would be legally protected under the Speech and Debate Clause, but there’d be good reason to remove him from his sensitive position, if he had been discovered to be the source for those stories.

If that happened, I can imagine that facing the prospect of staying in the House without his powerful Intelligence gavel might persuade Rogers he’d rather froth up wingnuts for war on AM radio then while away with much less power in the House. Also, if he compromised intelligence, it’d explain why he’s not moving on to a sinecure with an Intelligence Contractor, as had been floated at different times in the last year or so.

Meanwhile, Rogers’ departure opens up a pretty decent opportunity for Democrats in a district they were otherwise (inexplicably) not going to seriously contest. The Clerk who married the first same sex couple last weekend, Barb Byrum, is among the potential Democratic candidates.

Anyway, at 3PM I shall raise a toast to the departure of Keith Alexander. And hope for better things in MI’s 8th CD.

1 2 3 19

Emptywheel Twitterverse
bmaz @JustADCohen Graves is successor. It will never end.
3mreplyretweetfavorite
bmaz @JustADCohen I worked on a piece of Hart v Hill when I first started as a lawyer. That was nearly 30 yrs ago and case was already 10 yrs old
4mreplyretweetfavorite
bmaz If true RT @JGreenDC Whoa @imillhiser @TPM
8mreplyretweetfavorite
bmaz Wherein @ScottGreenfield takes a sartorial, yet unquestionably positive, look at @DavidLat's book "Supreme Ambitions" http://t.co/dXJiOaG5JS
9mreplyretweetfavorite
emptywheel RT @ggreenwald: From Bagram & Gitmo to UK, War on Terror critic @Moazzam_Begg has spent 3.5 years in detention- convicted of nothing https:…
9mreplyretweetfavorite
emptywheel Congratulations to Roger Goodell, who lasted long enough to start slathering over NFL's treatment of domestic abuse with pink ribbons.
11mreplyretweetfavorite
emptywheel Proposed bill: Declare foreverwar that'll indefinitely place Const & any ability to fund domestic progs on hold http://t.co/ZoL27MW2V0
24mreplyretweetfavorite
bmaz Interesting take by @jacklgoldsmith on Koh's defense of Obama Forever War. All now agree protecting war more impt than prtcting Constitution
35mreplyretweetfavorite
bmaz RT @ddayen: FHA rules allow lenders to buy defaulted loans and flip them, gaining $428 million on the sale in 2013 http://t.co/zPcDSXTbXV
51mreplyretweetfavorite
emptywheel @VindalooTitan If they altered taxation, tho, it would make these trade-offs visible. It'd end the fiction of the free war. @DavidCUnger
53mreplyretweetfavorite
bmaz @anneapplebaum @BradMossEsq If only the FSB, IRGC, ISIS etc were one quarter the threat that warmonger security shills claim they are.
58mreplyretweetfavorite
JimWhiteGNV Any truth to the rumor Fareed Zakaria is opening a new website with sports content? #Re2pectCopy
1hreplyretweetfavorite
October 2014
S M T W T F S
« Sep    
 1234
567891011
12131415161718
19202122232425
262728293031