Posts

The Error that Betrays Insufficient Attention to the Obstruction Standard in the January 6 Eastman Filing

There’s a telling error in the January 6 Committee’s filing aiming to overcome John Eastman’s claims his emails are covered by Attorney-Client privilege. In the section asserting that Trump had probably violated 118 USC 1512(c)(2) — the same obstruction statute used to charge over 200 of the other January 6 defendants — the filing asserts that six judges “to date” have “refused to dismiss charges against defendants under the section.”

That number is incorrect. As of March 2, at least ten judges had upheld DOJ’s application of 18 USC 1512(c)(2), and a few more have as much as said they would.

  1. Dabney Friedrich, December 10, 2021, Sandlin*
  2. Amit Mehta, December 20, 2021, Caldwell*
  3. James Boasberg, December 21, 2021, Mostofsky
  4. Tim Kelly, December 28, 2021, Nordean*
  5. Randolph Moss, December 28, 2021, Montgomery
  6. Beryl Howell, January 21, 2022, DeCarlo
  7. John Bates, February 1, 2022, McHugh
  8. Colleen Kollar-Kotelly, February 9, 2022, Grider
  9. Richard Leon (by minute order), February 24, 2022, Costianes
  10. Christopher Cooper, February 25, 2022, Robertson

When I first made this observation, I thought I was being a bit churlish in making it. But on reflection (and after reading the quotes from lawyers in this Charlie Savage article), I think it’s an important point. All the more so given how TV lawyers have claimed that, because the January 6 Committee has claimed Trump could be charged with obstruction, then damnit DOJ should already have done so.

The fact that the Jan 6 Committee isn’t even aware of all the obstruction rulings suggests they’ve been insufficiently attentive to what the rulings actually say, aside from the baseline holding of all of them that the vote certification was an official proceeding.

While ten judges have upheld the application, there are some differences between these opinions, particularly with regards to their formulation of the corrupt mens rea required by the statute. The most important differences from my review (but I’m not a constitutional lawyer and so I should not be the one doing this analysis!!!!!), are:

  • Whether “corrupt” intent requires otherwise illegal action
  • Whether such corruption would be transitive (an attempt to get someone else to act improperly) or intransitive (whether it would require only corruption of oneself)

Dabney Friedrich argued (and I laid out briefly here) — and has repeatedly warned in pretrial hearings for Guy Reffitt — that as she understand this application it must involve otherwise illegal actions. Amit Mehta ruled (as I wrote up here) that, at least for the Oath Keepers, this corruption may be just intransitive.

On both these issues, the Jan 6 Committee’s argument is a bit muddled. Here’s how they argue that Trump’s actions (and, less aggressively, Eastman’s) demonstrate that corrupt intent.

The Electoral Count Act of 1887 provides for objections by House and Senate members, and a process to resolve such objections through votes in each separate chamber. 3 U.S.C. §§ 5, 6, 15. Nothing in the Twelfth Amendment or the Electoral Count Act provides a basis for the presiding officer of the Senate to unilaterally refuse to count electoral votes — for any reason. Any such effort by the presiding officer would violate hte law. This is exactly what the Vice President’s counsel explained at length to Plaintiff and President Trump before January 6. Plaintiff acknowledge that the Supreme Court would reject such an effort 9-0. And the Vice President made this crystal clear in writing on January 6: [1] any attempt by the Vice President to take the course of action the President insisted he take would have been illegal

Nevertheless, pursuant to the Plaintiff’s plan, the President repeatedly asked the Vice President to exercise unilateral authority illegally, as presiding officer of the Joint Session of Congress, to refuse to count electoral votes. See supra at 11-13. In service of this effort, he and Plaintiff met with the Vice President and his staff several times to advocate that he universally reject and refuse to count or prevent the counting of certified electoral votes, and both also engaged in a public campaign to pressure the Vice President. See supra at 3-17.

The President and Plaintiff also took steps to alter the certification of electors from various states.

[snip]

The evidence supports an inference that President Trump and members of his campaign knew he had not won enough legitimate state electoral votes to be declared the winner of the 2020 Presidential election during the January 6 Joint Session of Congress, but [2] the President nevertheless sought to use the Vice President to manipulate the results in his favor.

[snip]

[T]he President and the Plaintiff engaged in an extensive public and private campaign to convince the Vice President to reject certain Biden electors or delay the proceedings, without basis, so that the President and his associates would have additional time to manipulate the results. [3] Had this effort succeeded, the electoral count would have been obstructed, impeded, influenced, and (at the very least) delayed, all without any genuine legal justification and based on the false pretense that the election had been stolen. There is no genuine question that the President and Plaintiff attempted to accomplish this specific illegal result. [numbering and bold mine]

As I said, I think this is a bit of a muddle. For starters, the Jan 6 Committee is not arguing that the delay actually caused by Trump’s mob amounted to obstruction. Rather, they’re arguing (at [3]) that had Eastman’s efforts to get Pence to himself impose a delay would be obstruction.

They make that argument even though they have evidence to more closely align their argument to the fact pattern ten judges have already approved. The emails included with this filing show Pence Counsel Greg Jacob twice accusing Eastman of convincing Trump of a theory that Trump then shared with his followers, which in turn caused the riot.

[T]hanks to your bullshit, we are now under siege.

[snip]

[I]t was gravely, gravely irresponsible of you to entice the President of with an academic theory that had no legal viability, and that you well know we would lose before any judge who heard and decided the case. And if the courts declined to hear it, I suppose it could only be decided in the streets. The knowing amplification of that theory through numerous surrogates, whipping large numbers of people into a frenzy over something with no chance of ever attaining legal force through actual process of law, has led us to where we are.

That is, Jacob argued, in real time, that Eastman’s knowingly impossible theory, amplified by the President, caused the riot that ended up putting Pence’s life at risk and delaying the vote certification. But the Jan 6 Committee argues instead that the attempted persuasion of Pence the was the obstructive act.

Perhaps as a result, the agency (transitive versus intransitive) involved in this obstructive act is likewise muddled. In one place (at [1]), the Jan 6 Committee argues that the obstructive act was a failed attempt to persuade Pence to take an illegal action. I’m not sure any of the failed attempts to persuade people to do something illegal (to persuade Pence to do something he couldn’t do, to persuade members of Congress to challenge the vote with either good faith or cynical challenges, to persuade Jeffrey Clark to serve as Acting Attorney General) would sustain legal challenges.

If the Commander in Chief ordered his Vice President to take an illegal act, that would be a bit different, but that’s not what the Jan 6 Committee argues happened here.

Elsewhere, this filing (and other attempts to apply obstruction to Trump) point to Trump’s awareness (at [2]) that he lost the election, and so his attempts to win anyway exhibit an intransitive corrupt intent.

As Charlie Savage noted in his story and a thread on same, to some degree the Jan 6 Committee doesn’t need to do any better. They’re not indicting Trump, they’re just trying to get emails they will likely get via other means anyway (and as such, the inclusion of this argument is significantly PR).

But to the extent that this filing — and not, say, the opinion issued by Judge Mehta after he had approved obstruction, in which he both ruled it was plausible that Trump had conspired with two militias and, more importantly (and to me, at least, shockingly), said it was also plausible that Trump may be liable under an aid and abet standard — is being used as the model for applying obstruction to Trump, it is encouraging a lot of unicorn thinking and, more importantly, a lot of really sloppy thinking. There are so many ways to charge Trump with obstruction that don’t require an inquiry into his beliefs about losing the election, and those are the ones DOJ has laid a groundwork for.

Plus, there are a few more realities that TV lawyers who want to talk about obstruction should consider.

First, it is virtually guaranteed that Friedrich’s opinion — the one that holds that “corrupt” must involve otherwise illegal actions — will be the first one appealed. That’s because whatever happens with the Guy Reffitt trial this week and next, it’s likely it will be appealed. And Reffitt has been building in an appeal of Friedrich’s obstruction decision from the start. First trial, first appeal. So TV lawyers need to study up what she has said about otherwise illegal action and lay out some rebuttals if their theory of Trump’s liability involves mere persuasion.

Second, while ultimately all 22 judges are likely to weigh in on this obstruction application (and there are only two or three judges remaining who might conceivably rule differently than their colleagues), there are just a handful of judges who might face this obstruction application with Trump or a close associate like Roger Stone or Rudy Giuliani. Judge Mehta (by dint of presiding over the Oath Keeper cases) or Judge Kelly (by dint of ruling over the most important Proud Boy cases) might see charges against Roger Stone, Rudy Giuliani, or Alex Jones. Chief Judge Howell might take a higher profile case herself. Or she might give it to either Mehta (who is already presiding over closely related cases, including the January 6 lawsuits of Trump) or one of the two judges who has dealt with issues of Presidential accountability, either former OLC head Moss or Carl Nichols. Notably, Judge Nichols, who might also get related cases based on presiding over the Steve Bannon case, has not yet (as far as I’m aware) issued a ruling upholding 1512(c)(2); I imagine he would uphold it, but don’t know how his opinion might differ from his colleagues.

The application of 18 USC 1512(c)(2) to January 6 is not, as the TV lawyers only now discovering it, an abstract concept. It is something that has been heavily litigated already. There are eight substantive opinions out there, with some nuances between them. The universe of judges who might preside over a Trump case is likewise finite and with the notable exception of Judge Nichols, the two groups largely overlap.

So if TV lawyers with time on their hands want to understand how obstruction would apply to Trump, it’d do well — and it is long overdue — to look at what the judges have actually said and how those opinions differ from the theory of liability being thrown around on TV.

I’m convinced not just that Trump could be prosecuted for obstruction, but that DOJ has been working towards that for some time. But I’m not convinced the current January 6 Committee theory would survive.

The Half of Trump’s Conspiracy to Obstruct JustSecurity Left Out: Inciting an Insurrection

Two days after Judge Amit Mehta ruled that it was plausible that Trump conspired with the Oath Keepers and Proud Boys, JustSecurity has posted an imagined prosecutor’s memo laying out the case that Trump, John Eastman, and Rudy Giuliani (and others known and unknown) conspired to obstruct the vote count that almost entirely leaves out the militias.

It has gotten a lot of attention among the TV lawyer set, who imagine that it would save Merrick Garland time.

With this obnoxious tweet, Laurence Tribe betrays (yet again) that he has completely missed what DOJ has been doing for the past year. What Barb McQuade did is lay out the theory of prosecution that DOJ has long been working on — as I laid out in August. Except that McQuade (of whom I’m a great fan both personally and professionally) misses great swaths of public evidence, and in so doing, makes her case far weaker than it would need to be to prosecute a former President.

Start with McQuade’s argument substantiating that Trump corruptly tried to obstruct the vote count.

Here, attempting to prevent the certification of the votes for president is illegal only it is wrongful or for an improper purpose. It would be wrongful or improper for Trump to seek to retain the presidency if he knew that he had been defeated in the November election. His public statements suggest that he genuinely believed that he had won the election, but, as discussed above, by Jan. 6, it was apparent that there was a complete absence of any evidence whatsoever to support his belief, which at this point had become merely a wish. The statements from Krebs, Barr, Rosen, Donoghue, Ratcliffe, and Raffensperger, and the memo from his own campaign team all permit a fair inference that Trump knew that there was no election fraud, and that his efforts to obstruct the certification was therefore corrupt.

Independently, regardless of his knowledge or belief in election fraud, it was an improper purpose to hold into power after the 50 states had certified their election results, the Electoral College had voted, and litigation had been exhausted after an across-the-board rejection by the federal courts.

This is the theory of prosecution where an obstruction case against Trump would succeed or fail. And I’m not sure it meets the understanding of obstruction already laid out by the judges who would preside over the case.

Defendants have been challenging DOJ’s application of 18 USC 1512(c)(2) to the vote certification since at least April, and so there’s a great deal of background and seven written, one oral, and one minute opinions on the topic:

  1. Dabney Friedrich (my post on it and the obstruction application generally)
  2. Amit Mehta (my post on his intransitive application of it to the Oath Keepers)
  3. Tim Kelly (my post on its application to the Proud Boys)
  4. Randolph Moss (my post situating his application with his past OLC opinion on charging a President)
  5. John Bates
  6. James Boasberg
  7. My livetweet of Beryl Howell’s oral opinion
  8. Colleen Kollar-Kotelly
  9. Richard Leon by minute order
  10. Christopher Cooper

One of the central issues addressed in these — and something any prosecution of Trump under 18 USC 1512(c)(2) would need to address — is how you establish that the effort to obstruct the vote count is “corrupt.” While thus far all judges have upheld the application, there’s some differentiation in their understanding of corruption (something that a site like JustSecurity might productively lay out).

Two key issues are whether corruption, under 18 USC 1512(c)(2) must be transitive (meaning someone tried to coerce another to do something improper) or intransitive (meaning someone exhibited corruption with their own actions), and the extent to which corruption is proven by doing acts that are otherwise illegal.

Importantly, Judge Friedrich’s opinion, and so the first jury instructions, only extends to illegal actions. In a recent hearing, she warned the Guy Reffitt prosecutors (both of whom also happen to be prosecuting cases charged as a conspiracy) that they will not prove him guilty of obstruction without first proving him guilty of other crimes at the riot.

Trump acted both transitively and intransitively corruptly

McQuade’s formulation is unnecessarily weak on the transitive/intransitive issue. There are at least two things that are missing.

First, citing some tax precedents, defendants wanted the application of obstruction to apply only to those who were obtaining an unfair personal advantage. That’s not the standard adopted in the opinions thus far, but it is a standard that some Justices one day might try to uphold. And while that standard was doable for the charged rioters (because they were attempting to make their own votes count more than the votes of the 81 million people who voted for Biden), it is a slam dunk for Trump. It’s not just that Trump was trying to win an election he knew he lost, he was trying to retain the power of the Presidency for himself. My complaint here, though, is mostly stylistic. McQuade could rewrite this paragraph easily to take advantage of the fact that, for Trump, obstruction of the vote count really was an attempt to gain personal advantage.

It’s in leaving out Trump’s transitive obstruction — even in a piece that focuses closely on the pressure of Pence — where McQuade’s memo could and I think might need to, to pass muster given the existing opinions on it — be vastly improved. That’s because it’s in Trump’s corruption of others where he clearly conspired in illegal acts.

Trump didn’t just do things an ethical President shouldn’t do (intransitive corruption). He carried out an extended campaign to pressure Pence to do something that violated Pence’s Constitutional obligations. That is, he tried to corrupt Pence (transitive corruption).

Trump transitively corrupted by conspiring with people who committed crimes

And it’s in the means by which Trump’s tried to corrupt Pence on the day of the insurrection that McQuade largely leaves out, and in the process forgoes an easy way to meet Friedrich’s current requirement (that those charged with obstruction commit a crime in attempting to obstruct the vote count).

Bizarrely, McQuade’s overt acts on January 6 are focused largely on John Eastman.

T. Trump Speaks at the Ellipse

On Jan. 6, 2021, Trump addressed a crowd of his supporters at approximately 1 p.m. on the Ellipse outside the White House.[129] During his remarks, Trump said, “If Mike Pence does the right thing we win the election.”[130] He explained, “All Vice President Pence has to do is send it back to the states to recertify and we become president and you are the happiest people.”[131] Trump then spoke directly to Pence: “Mike Pence, I hope you’re going to stand up for the good of our Constitution and for the good of our country. And if you’re not, I’m going to be very disappointed in you. I will tell you right now. I’m not hearing good stories.’”[132]

Giuliani, a former United States Attorney, also spoke at the rally. He declared that it would be “perfectly appropriate” for the Vice President to “cast [] aside” the laws governing the counting of electoral votes, and “decide on the validity of these crooked ballots or he can send it back to the state legislators, give them five to ten days to finally finish the work.”[133]

Another speaker at the rally was Eastman. “All we are demanding of Vice President Pence is this afternoon at one o’clock he let the legislatures of the states look into this so that we get to the bottom of it and the American people know whether we have control of the direction of our government or not!” Eastman told the crowd. [134] “We no longer live in a self-governing republic if we can’t get the answer to this question!”[135]

According to reports, Trump was directly involved in planning the speaker lineup.[136]

U. Pence Issues Public Letter Rejecting Eastman’s Theory

On Jan. 6, at 1:02 p.m., Pence posted to Twitter a letter stating that as Vice President, he lacked “unilateral authority to decide which electoral votes should be counted during the Joint Session of Congress.”[137] His duties, the letter stated, were “merely ministerial,” and were limited to counting the votes. The letter further stated that he would instead follow the Electoral Count Act, permitting members of Congress, as “the people’s representatives,” to resolve any disputes.[138] The letter had been drafted with the help of two conservative legal experts — former federal Judge J. Michael Luttig and former Justice Department official John Yoo.[139] Both have confirmed that they advised Pence’s staff and outside counsel that there was no basis for the vice president to intervene in the counting of electoral votes on Jan. 6. “I advised that there was no factual basis for Mike Pence to intervene and overturn the results of the election,” said Yoo, who now teaches law at the University of California at Berkeley. “There are certain limited situations where I thought the Vice President does have a role, for example in the event that a state sends two different electoral results. . . . But none of those were present here.”[140]

Luttig wrote subsequently that “Professor Eastman was incorrect at every turn of the analysis,” including his suggestion that the vice president could delay the electoral vote count.[141]

V. U.S. Capitol Attack Begins

At about 2 p.m., protestors broke a window at the U.S. Capitol and climbed inside.[142] The Senate and House of Representatives soon went into recess and members evacuated the two chambers.[143] At 2:24 p.m., Trump tweeted, “Mike Pence didn’t have the courage to do what should have been done to protect our Country and our Constitution.”[144] The Capitol would not be secured again until about 6 p.m.[145]

Her discussion here doesn’t explicitly mention a single one of the 750 people already being prosecuted for crimes for their actions on January 6. She mentions neither Alex Jones (whom Trump ordered to take the mob on an unpermitted march to the Capitol and two of whose employees are already among those 750 being prosecuted) nor Roger Stone (who has ties to the two militias that orchestrated events that day and who has been a subject in the Oath Keeper investigation from its early days).

It’s not just or even primarily that Trump grasped John Eastman’s crackpot theory and used it to pressure Pence (which is not  itself a crime). It’s that he incited thousands of people to take an unpermitted walk to the Capitol to physically threaten Pence and other members of Congress directly.

As I laid out last month, DOJ has already collected a great deal of evidence that those who did break the law at the Capitol did so in response to Trump’s incitement with the motive of pressuring Pence.

Trump led his mob to believe only Pence could help them, and if Pence did, Trump falsely led many of them to believe, it would amount to following the Constitution (precisely the opposite of what his White House Counsel appears to have had told him).

Pennsylvania has now seen all of this. They didn’t know because it was so quick. They had a vote. They voted. But now they see all this stuff, it’s all come to light. Doesn’t happen that fast. And they want to recertify their votes. They want to recertify. But the only way that can happen is if Mike Pence agrees to send it back. Mike Pence has to agree to send it back.

And many people in Congress want it sent back.

And think of what you’re doing. Let’s say you don’t do it. Somebody says, “Well, we have to obey the Constitution.” And you are, because you’re protecting our country and you’re protecting the Constitution. So you are.

That’s what Trump left his mob with as he falsely promised he would walk to the Capitol with them.

So let’s walk down Pennsylvania Avenue.

Already, at that moment, the Proud Boys had kicked off the attack. Moments later, Pence released his letter stating he would certify the vote. “Four years ago, surrounded by my family, I took an oath to support and defend the Constitution, which ended with the words, ‘So help me God.’”

And Trump’s Tweets and speech had the direct and desired effect. When Trump called out, “I hope Pence is going to do the right thing,” Gina Bisignano responded, “I hope so. He’s a deep state.” When she set off to the Capitol, Bisignano explained, “we are marching to the Capitol to put some pressure on Mike Pence.” After declaring, “I’m going to break into Congress,” Bisignano rallied some of the mobsters by talking about “what Pence has done.” She cheered through a blowhorn as mobsters made a renewed assault on the Capitol. “Break the window! she cheered, as she ultimately helped another break a window, an act amounting to a team act of terrorism.

Josiah Colt and his co-conspirators learned that Pence would not prevent the vote certification as Trump demanded. In response, they aimed to “breach the building.” Colt set out to where Pence was presiding. “We’re making it to the main room. The Senate room.” Where they’re meeting.” His co-conspirators Ronnie Sandlin and Nate DeGrave are accused of assaulting a cop to get into the Senate.

Jacob Chansley mounted the dais where Pence should have been overseeing the vote count and declared, “Mike Pence is a fucking traitor,” and left him a note, “It’s Only A Matter of Time. Justice Is Coming!”

Matthew Greene never went to listen to Trump speak. Instead, he was following orders from top Proud Boys, a bit player in an orchestrated attack to surround and breach the Capitol. His goal in doing so was to pressure Pence.

Greene’s intent in conspiring with others to unlawfully enter the restricted area of the Capitol grounds was to send a message to legislators and Vice President KePence. Greene knew he lawmakers and the Vice President were inside the Capitol building conducting the certification of the Electoral College Vote at the time the riot occurred. Green hoped that his actions and those of his co-conspirators would cause legislators and the Vice President to act differently during the course of the certification of the Electoral Vote than they would have otherwise. Greene believed that by unlawfully entering the Capitol grounds, he and other rioters outside the building would send a stronger message to lawmakers and the Vice President inside the building, than if Green and others had stayed outside the restricted area.

There is a direct line of corrupt intent from the moment where Trump asked Pence, “If these people say you had the power, wouldn’t you want to [exercise it]?” and efforts that his mobsters — both those who planned this in advance and those who reacted to Trump’s incitement — made at the Capitol. Some of the most central players in the attack on the Capitol have testified under oath that they understood their goal to be pressuring Mike Pence. In pursuit of that, they broke into the Capitol, they assaulted cops, they occupied the Mike Pence’s seat.

I would add (because Amit Mehta did in his oral ruling that Stewart Rhodes should be detained pre-trial), in addition to the explicit attempt by Kelly Meggs to hunt down Nancy Pelosi, the other group of Oath Keepers appears to have tried to find those in the Senate, presumably including Mike Pence. If prosecutors can prove that, then, the militia that was checking in with Stone the day of the riot took overt steps to physically threaten Mike Pence.

Importantly, with the exception of QAnoner Chansley, all of the January 6 defendants I’ve laid out here were part of a conspiracy (Colt and Bisignano, because they flipped on co-conspirators, are not charged with one). All of these Jan6ers are accused of conspiring with others to carry out Trump’s will to transitively corrupt Pence by physically pressuring him to violate his Constitutional duty.

And Judge Mehta has now ruled it plausible (though he was careful to note he was addressing the lower standard of a civil suit) that Trump’s incitement amounts to entering into a conspiracy with all of these people who acted on his incitement to pressure and in some cases physically hunt down Pence.

McQuade’s theory of corruption may not meet Judge Friedrich’s standard for corruption (which we should assume as a baseline of one that Brett Kavanaugh might find palatable).

Which is why you cannot ignore the other half of the conspiracy: Trump entering into an agreement with Roger Stone to coordinate with the militias, entering into an agreement with Alex Jones to lead the mob to the Capitol, and Trump entering into an agreement with those he incited to directly pressure Pence to violate his Constitutional duty.

750 people have been charged with committing crimes at the Capitol. And the easy way to demonstrate that Trump employed illegal means in his effort to obstruct the vote certification is to point to the mountains of evidence that he conspired both via his close associates Stone and Jones but more directly via incitement with a vast number of those 750 people who allegedly broke the law.

Update: One thing McQuade does focus on (she’s a Michigander who does a lot of work on voter protection) are the fake electors. That’s another illegal act that probably should be brought in any statement of corrupt intent for the same reason Trump’s ties to the rioters should be.

Update, 2/25: Added link to Kollar-Kotelly’s opinion and noted that Leon and Cooper have now ruled.

Six Data Points about the CIA Dragnet

Last week, Ron Wyden and Martin Heinrich released a declassified letter they wrote last April, describing a CIA bulk program that had not been fully briefed to the Intelligence Committees, which violated the spirit and understanding of efforts to shut down bulk collection.

This history demonstrates Congress’s clear intent, expressed over many years and through multiple pieces of legislation, to limit, and in some cases, prohibit the warrantless collection of Americans’ records, as well as the public’s intense interest in and support for these legislative efforts. And yet, throughout this period, the CIA has secretly conducted it own bulk program [redacted]. It has done so entirely outside the statutory framework that Congress and the public believe govern this collection, and without any of the judicial, congressional or even executive branch oversight that comes with FISA collection.

I’ve been hesitating writing about it. That’s true, because it’s not the least little surprise to me. I’ve written a series of pieces describing how the self-congratulatory pieces claiming legislation passed in the wake of Snowden’s leaks won’t do what they say. I pointed out some of what PCLOB was likely to find when they started this review.

Then there’s bullet 4, which suggests CIA and/or NSA are collecting “within the United States or from U.S. companies.”

With regards collection “within the US,” Mayer’s post is helpful here too, pointing to loopholes for wireless and satellite communication.

The law that results is quite counterintuitive. If a communication is carried by radio waves, and it’s one-end foreign, it falls under Executive Order 12333. If that same communication were carried by a wire, though, it would fall under FISA. (Specifically, the Section 702 upstream program.)

As for how this Executive Order 12333 authority might be used beyond satellite surveillance, I could only speculate. Perhaps intercepting cellphone calls to or from foreign embassies?12 Or along the national borders? At any rate, the FISA-free domestic wireless authority appears to be even broader than the Transit Authority.

As far as collection outside the US, this may simply be a reference to providers voluntarily providing data under 18 U.S.C. § 2511(2)(f), as we know at least some of the telecoms do.

I pointed out that a consideration of the risks of surveillance under EO 12333 to US persons had to consider CIA’s use of it (then got yelled at because I pointed out enormous blindspots in “expert” reports). I noted that when cautioning about the dragnet Donald Trump would wield, you had to consider EO 12333.

I mean, there’s been a whole lot of self-congratulation since Snowden. And it has all been just that, something to brag to donors about. Because EO 12333 was always out there, and it was always possible to do virtually all of what Snowden exposed in the Section 215 program via EO 12333.

Add that to the list of unpopular things I have said over the years that leads “experts” to prefer to ignore me.

So I assume this will be ignored like all those other warnings of precisely this moment.

Here’s where I would propose to go find the CIA dragnet.

CIA always wanted to restore its Stellar Wind component

First, remember there was a CIA component to Stellar Wind, the first dragnet set up for counterterrorism (which this program is). CIA had to do its own IG Report on Stellar Wind.

Remember that one of Bill Binney’s gripes about how NSA repurposed his surveillance was that they eliminated the encryption hiding US person identifiers, effectively making it easy to spy on US persons.

Now consider that on July 20, 2004, the CIA took the lead on pushing for the adoption of “supplemental procedures” allowing the analysis of US person metadata under EO 12333. July 20, 2004 was days after Jack Goldsmith, who had shut down parts of Stellar Wind, resigned, and the agencies immediately moved to start turning all the programs he had shut down (including both surveillance and torture) back on.

It took years to restore that access to US person data (I have a theory that Alberto Gonzales was fired because he refused to reauthorize it). But starting in 2007, expanding  in 2009 (at a time when the Section 215 program was under threat), and then fully implementing in 2011 (after NSA had to shut down the PRTT program knowing full well it violated John Bates upstream order), SPCMA was rolled out.This meant that, so long as data was collected via whatever means overseas, US person metadata could be included in the analysis.

The government has been preserving its ability to use 18 U.S.C. § 2511(2)(f)

Over a series of IG Reports written by Glenn Fine, I honed in a memo that David Barron (the OLC head who, under Obama, played a similar role as John Yoo did for George Bush) wrote seemingly authorizing using 18 U.S.C. § 2511(2)(f) to get “international” data from telecoms provided voluntarily. In 2013, David Kris confirmed that that had been happening.

In March 2021 — so before he wrote the letter just declassified but after he was briefed by PCLOB on the report on the CIA dragnet — the Congressional Research Service wrote a report on 18 U.S.C. § 2511(2)(f) for Senator Wyden. It describes how it works as an exception to FISA and other criminal laws.

Accordingly, Section 2511(2)(f) identifies two broad categories of government activities that are exempt from Title III, the SCA, the Pen Register statute, and section 705 of the Communications Act of 1934:27 (1) the “acquisition by the United States Government of foreign intelligence information from international or foreign communications”; and (2) “foreign intelligence activities conducted in accordance with otherwise applicable Federal law involving a foreign electronic communications system.” These two categories are further qualified so that the exception only applies if: (3) the acquisition or the foreign intelligence activity is not “electronic surveillance” as defined under FISA; and (4) an “exclusivity” clause states that ECPA, the SCA, and FISA shall be the exclusive means by which electronic surveillance and the interception of domestic wire, oral, and electronic communications may be conducted. Each of these clauses is discussed in more detail below.

It describes that some things don’t count as an “acquisition” under FISA, such as something obtained from a telephone instrument being used in the ordinary course of business.

Therefore, some intelligence activities that qualify as “acquisitions” for purposes of Section 2511(2)(f) may not qualify as “electronic surveillance” under FISA because the acquisition is not accomplished through an electronic, mechanical, or other surveillance device. Although FISA does not define this phrase, ECPA provides a definition of “electronic, mechanical, or other device” to mean “any device or apparatus which can be used to intercept a wire, oral, or electronic communication.”46 However, this definition expressly excludes “any telephone or telegraph instrument, equipment or facility, or any component thereof” that is “being used by a provider of wire or electronic communication service in the ordinary course of its business.”47

This is the kind of language that was used to treat bulk metadata as a mere business record under Section 215 after the government stopped relying exclusively on voluntary production. The bulk telephony data of all Americans was just a business record.

The report written for Ron Wyden during the same period he was writing the now unclassified letter also notes that “exclusivity” only applies to “domestic” communications, not stuff acquired overseas.

The exclusivity clause is first directed at interception of domestic communications, which would not appear to be affected by the previous disclaimers regarding acquisition of foreign and international communications or foreign intelligence activities directed at foreign electronic communications systems.

In other words, if telephone companies want to voluntarily give the records they otherwise keep to the IC for the purpose of foreign intelligence, it fits in this loophole. And given the realities of telecommunication, a huge percentage of “domestic” communications can be obtained overseas.

In 2013, NYT reported that AT&T was providing CIA call records

In 2013, as a bunch of different dragnets were being disclosed while everyone was looking exclusively at Section 215 and right after Kris had confirmed this application of 18 U.S.C. § 2511(2)(f),  Charlie Savage described that the CIA had its own dragnet based on telephone records purchased from AT&T.

The C.I.A. is paying AT&T more than $10 million a year to assist with overseas counterterrorism investigations by exploiting the company’s vast database of phone records, which includes Americans’ international calls, according to government officials.

The cooperation is conducted under a voluntary contract, not under subpoenas or court orders compelling the company to participate, according to the officials. The C.I.A. supplies phone numbers of overseas terrorism suspects, and AT&T searches its database and provides records of calls that may help identify foreign associates, the officials said. The company has a huge archive of data on phone calls, both foreign and domestic, that were handled by its network equipment, not just those of its own customers.

Legally, this dragnet would fit solidly in the 18 U.S.C. § 2511(2)(f) loophole.

Obama’s codification of EO 12333 in his final days

Insanely, Obama finished the process of reconstituting the Stellar Wind program in his final days. He did so, I’ve been told, in an effort to put guidelines in place (for example, Loretta Lynch adopted rules that you couldn’t use EO 12333 data for political purposes, as if that would restrain Donald Trump). But I emphasized then precisely what Wyden and Heinrich are emphasizing now. There’s no oversight.

Which brings us to whether the EO sharing procedures, as released, might bind Trump anymore than EO 12333 bound Bush in 2001.

In general, the sharing procedures are not even as stringent as other surveillance documents from the Obama Administration. The utter lack of any reasonable oversight is best embodied, in my opinion, by the oversight built into the procedures. A key cog in that oversight is the Department of National Intelligence’s Privacy and Civil Liberties Officer — long inhabited by a guy, Alex Joel, who had no problem with Stellar Wind. That role will lead reviews of the implementation of this data sharing. In addition to DNI’s PCLO, NSA’s PCLO will have a review role, along with the General Counsels of the agencies in question, and in some limited areas (such as Attorney Client communications), so will DOJ’s National Security Division head.

What the oversight of these new sharing procedures does not include is any statutorily independent position, someone independently confirmed by the Senate who can decide what to investigate on her own. Notably, there is not a single reference to Inspectors General in these procedures, even where other surveillance programs rely heavily on IGs for oversight.

There is abundant reason to believe that the PATRIOT Act phone and Internet dragnets violated the restrictions imposed by the FISA Court for years in part because NSA’s IG’s suggestions were ignored, and it wasn’t until, in 2009, the FISC mandated NSA’s IG review the Internet dragnet that NSA’s GC “discovered” that every single record ingested under the program violated FISC’s rules after having not discovered that fact in 25 previous spot checks. In the past, then, internal oversight of surveillance has primarily come when IGs had the independence to actually review the programs.

Of course, there won’t be any FISC review here, so it’s not even clear whether explicit IG oversight of the sharing would be enough, but it would be far more than what the procedures require.

I’d add that the Privacy and Civil Liberties Oversight Board, which provided key insight into the Section 215 and 702 programs, also has no role — except that PCLOB is for all intents and purposes defunct at this point, and there’s no reason to believe it’ll become operational under Trump.

I guess I was wrong about PCLOB. It did get reconstituted, and seven years after the EO 12333 review started we’re getting dribbles about what it found!

And in fact if this whole discussion didn’t make me crabby, I’d point out details from the PCLOB report that suggest things aren’t as bad as I thought they’d get in 2017, when this dragnet was handed over to Donald Trump.

So I’m not entirely a pessimist!

PCLOB only has authority over counterterrorism programs

The only problem with being proven wrong about PCLOB, however, is even though there were efforts to expand its mandate during the Trump years, those efforts failed.

It can only look at counterterrorism programs.

So there could be a parallel program used for counterintelligence (indeed, the sharing rules make it quite clear there’s a CI purpose for it), and we’d never get oversight over it. So Wyden and Heinrich should be pushing to get a full briefing on the CI version of this, because it’s there, I would bet you a lot of money.

Anyway, if you want to find the CIA dragnet, you can look at my warnings over the last 9 years (or Charlie Savage’s report on it from 2013). Or you can look at the loophole that 18 U.S.C. § 2511(2)(f) creates, Ron Wyden was exploring closely when he was writing this letter. Another place you might look is AT&T’s earnings statements.

The First Mike Flynn-Inspired Insurrectionist Sentenced to 44 Months in Prison

In his (successful) letter to John Bates asking for leniency, QAnoner Nicholas Languerand attributed his involvement in the dangerous cult to prominent people, most notably Mike Flynn.

During this time, I was introduced to what has been dubbed “QAnon.” I cannot deny my involvement with this group or the profound impact it has had on my life. Unfortunately, there is a great deal of misinformation related to the beliefs and motives of this group within the public discourse. In regards to my case, I believe the most important aspect of this controversial topic is the fact that those individuals were consistently encouraged by highly respected members of society such as President Trump, Lt General Michael Flynn, General Flynn’s attorney Sidney Powell, and Lt General Thomas McInerny.

[snip]

There is absolutely no doubt, and I have every intention of showing to the court, that these individuals promoted and in effect facilitated and took responsibility for what I call the Q information network. The evidence of this is substantial to say the least. I think it is only fair that the court and Americans at home understand that this phenomenon went on for 4 years and culminated in the “Stop the Steal” movement between November 2020 and Janaury 6th 2021. It is also important to understand that it was lead [sic] by retired senior military intelligence officers who attained one of the highest possible statuses within the U.S. military.

Languerand pled guilty to assaulting cops, throwing a large orange bollard and some sticks at the officers in the Tunnel on January 6, then stealing a riot shield.

Languerand invoked that Lieutenant General again today at his sentencing. Bates, showing the same deference to other white January 6 defendants he has in the past, gave him a below guidelines sentence, 44 months.

Whatever excuses he made for himself, the key one is that Languerand believes Flynn and others mobilized his best motivations and turned it to violent effect on January 6.

Languerand will not the be the last January 6 defendant who attributes his radicalization to Mike Flynn. But he is the most serious defendant thus far who will spend three years of his life paying for the actions he says Flynn inspired him to take.

Terrorists in the Tunnel: The Omnibus Indictment for Officer Daniel Hodge’s Assault

One of the most spectacular assaults from January 6 was that charged against Patrick McCaughey for crushing Officer Daniel Hodges in a door.

McCaughey was charged early — on January 19. Over time, though, his indictment has become more than that — an indictment incorporating the worst assailants involved in a long brutal fight that took place in the Lower West Terrace entrance to the Capitol, deemed the Tunnel. First Tristan Chandler Stevens was added in March. Christopher Quaglin and David Judd were added in April. Robert Morss and Geoffrey Sills were added in June.

On August 4, the government rolled out a superseding indictment that adds two newly charged defendants, Steven Cappuccio and David Mehaffie, and incorporates Freddie Klein into the existing one; it was unsealed yesterday after Cappuccio and Mehaffie were arrested.

A notice filed in both the McCaughey and Klein dockets on July 29 explains the logic of this indictment.

All nine of these individuals are or will be charged primarily with assaultive conduct on law enforcement officers in and around the first landing of the Lower West Terrace as well as the Lower West Terrace archway, colloquially referred to as “the tunnel,” of the United States Capitol Building on January 6, 2021, between approximately 1:00 p.m. and 4:30 p.m. This tunnel entranceway to the Capitol Building, which is approximately ten feet wide, was the site of a significant physical confrontation with law enforcement for several hours. Each of these defendants was an active participant in the first wave of rioters to enter the tunnel between 2:40 and 3:18 p.m., at which time law enforcement successfully cleared the tunnel of rioters for the first time that day. Moreover, several of the defendants, including Mr. Klein, committed additional crimes on the first landing of the Lower Wester Terrace before reaching the tunnel for the first time. Accordingly, because the primary criminal conduct alleged against these individuals overlaps both temporally and geographically, and the evidence against them will be mutually admissible, including the testimony of witnesses and their victims, the government is preparing to charge this group in a single indictment and to present evidence against them in a single trial.

The same notice says that while there are “dozens” of people who committed crimes along with these defendants, they do “not expect” to add any other defendants to this one.

I’ve tried to lay out which defendants got charged with what crimes using what weapons in this table. Altogether, I think this indictment does four different things.

First, Cappuccio is charged with grabbing Hodges’ gas mask and pulling if off and then stealing his police baton.

McCaughey is the guy whose name is on this indictment and who has, since the days after the riot, been one of the chief focal points because of that assault. But Cappuccio was actually the guy alleged to be doing to the most harm to Hodges (a point that McCaughey nodded to in a successful bid to get pretrial release). Cappuccio has finally been added alongside McCaughey, charged in one of the signature assaults of the attack.

Second, this indictment charges Mehaffie along with a bunch of people he gave instructions to during the hours long assaults, as captured by his Sedition Hunter moniker, Tunnel Commander and explained by HuffPo.

Dave Mehaffie of Dayton, Ohio, was known to online investigators as #TunnelCommander because he was issuing orders to members of the mob who were attacking officers during a brutal battle at the lower western terrace entrance to the Capitol. Mehaffie was 86-AFO on the FBI’s Capitol wanted list, meaning he was wanted for assault on a federal officer.

A judge signed an arrest warrant for Mehaffie on Aug. 4 after he was indicted by a grand jury as part of an existing case.

Mehaffie was involved in one of the toughest battles of the Capitol siege. Members of the mob had stormed past police barriers and ascended the scaffolding set up for President Joe Biden’s inauguration on Jan. 20, and were attempting to break into the building. During the “medieval” battle, members of the pro-Trump mob kidnapped D.C. Metropolitan Police Officer Michael Fanone, who was repeatedly electroshocked. Rosanne Boyland, a pro-Trump member of the mob, was trampled during the brutal clash. The woman’s brother-in-law said that former President Donald Trump “incited a riot” that killed one of his “biggest fans.”

Alone among these nine defendants, Mehaffie is not charged with assault using a dangerous weapon and/or directly striking the officer victim (that’s roughly speaking the difference between the 111(a)(1) charges and the 111(b) charges in the table). Instead, Mehaffie is charged with one count of assault and abetting assault, lasting from 2:40 to 3:18, presumably amounting to his directing the assaults of the others, along with civil disorder and obstruction. But that doesn’t convey the seriousness of his actions, because he had a role in making the other assaults more effective.

That’s why including him on this omnibus indictment will be important. By charging all nine men together, DOJ will be able to show how these men, who aren’t alleged to have known each other before the assault and aren’t charged with conspiracy, nevertheless worked in concert, always ensuring there were people at the front to press the assault, with Mehaffie playing a key role in making it all work (Morss, too, had a key role in directing traffic in the tunnel, which will also become clearer at trial with all charged together). In isolation, these men’s assaults can be minimized. In concert, their actions had a devastating effect.

Finally, Klein’s inclusion does more than just get him added to what will be a very powerful trial. He was originally indicted, on March 19, with just one count of assault. By April 5, in a detention memo, DOJ described three different assaults. So DOJ was bound to supersede his initial indictment in any case. This superseding indictment charges him in six different assaults (I think I’ve bolded the ones that appeared in the April detention memo), the culmination of seven months of video review to understand his role.

It also might get Klein detained. Of the seven men who had already been charged, Stevens was released on arrest, McCaughey got released with a huge bond payment, and Judd was released after review. The government successfully fought to keep Quaglin and Morss detained, sustaining Quaglin’s detention on appeal.

Klein also fought successfully for release. Along the way, his attorneys pointed to the conduct of McCaughey and two other of his now co-defendants, claiming they were more dangerous.

Contrast these cases, and the allegations against Mr. Klein, with others detained pretrial and alleged to have engaged in far more egregious conduct including having pinned an officer between a door and a riot shield (McCaughey – 21-cr-00040); violently assaulting an officer in the side of the neck with a riot shield and spraying chemical irritant directly into the eyes of an officer (Quaglin – 21-mj-00355); repeatedly throwing objects, including a pole, a desk drawer, some type of pipe/metal rod, and a flagpole at officers (Jenkins – 21-cr-00245); lighting and throwing fireworks at officers (Judd – 21-mj-00334), and striking an officer so violently with a pole that it shatters on his riot shield (Palmer – 21-mj-00301).

John Bates released Klein (in an opinion that significantly lowered the bar on releasing violent assault defendants). And while the release itself was a defensible decision, Bates’ logic (in my opinion) was not. Bates treated Klein’s assault on the Capitol, as a State Department official, as a breach of trust, but also credited him with having held a security clearance, as if having a cleared individual attack his own government isn’t particularly dangerous (as the government successfully argued in Timothy Hale-Cusanelli’s case). Crazier still, Bates said that Klein’s assaults weren’t as bad as others because his objective was not to injure the police but instead to occupy the tunnel, the use of violence for political end.

The government’s contention that Klein engaged in “what can only be described as hand-to-hand combat” for “approximately thirty minutes” also overstates what occurred. See Gov’t’s Br. at 6. Klein consistently positioned himself face-to-face with multiple officers and also repeatedly pressed a stolen riot shield against their bodies and shields. His objective, as far as the Court can tell, however, appeared to be to advance, or at times maintain, the mob’s position in the tunnel, and not to inflict injury. He is not charged with injuring anyone and, unlike with other defendants, the government does not submit that Klein intended to injure officers. Compare Hr’g Tr. 57:12–18 (government conceding that the evidence does not establish Klein intended to injure anyone, only that “there was a disregard of care whether he would injure anyone or not” in his attempt to enter the Capitol), with Gov’t’s Opp’n to Def.’s Mot. to Reopen Detention Hearing & For Release on Conditions, ECF No. 30 (“Gov’t’s Opp’n to McCaughey’s Release”), United States v. McCaughey, III, 21-CR-040-1, at 11 (D.D.C. Apr. 7, 2021) (government emphasizing defendant’s “intent to injure” an officer who he had pinned against a door using a stolen riot shield as grounds for pretrial detention). And during the time period before Klein obtained the riot shield, he made no attempts to “battle” or “fight” the officers with his bare hands or other objects, such as the flagpole he retrieved. That does not mean that Klein could not have caused serious injury— particularly given the chaotic and cramped atmosphere inside the tunnel. But his actions are distinguishable from other detained defendants charged under § 111(b) who clearly sought to incapacitate and injure members of law enforcement by striking them with fists, batons, baseball bats, poles, or other dangerous weapons.

[snip]

Klein’s conduct was forceful, relentless, and defiant, but his confrontations with law enforcement were considerably less violent than many others that day, and the record does not establish that he intended to injure others. [my emphasis]

Klein is now the co-defendant of McCaughey, Judd, and Quaglin, charged in more assaults than McCaughey and Judd, which might make his own prior comparison with them backfire. More importantly, Klein’s inclusion in this larger indictment makes it clear how his actions cannot be viewed — as Bates did — as isolation actions, but were instead an integral part of some of the worst clashes of the day.

I have no idea whether DOJ will use this superseding indictment to move to get Klein’s release revoked. But he’s on the edge anyway: since his release, he has had several release violations for things like drinking enough wine at dinner with his mom that he decided to just stay over the night in violation of curfew. Thus far, John Bates hasn’t deemed Klein’s disrespect for the authority of the Court to be worth detaining him over. Trevor McFadden, under whom Klein’s case will be moved, has similarly been reluctant to revoke bail (though the most notable January 6 defendant where he did revoke bail, Brandon Fellows, is only charged with obstruction and may have mental health issues contributing to his refusal to follow release conditions). But he has far less patience with defendants who openly disdain the Court’s authority, as Klein has.

Last week, I noted that the government had made a record that they are entitled to invoke a terrorist enhancement for Scott Fairlamb at sentencing (his sentencing has been bumped to November to give the probation office time to finish the presentencing memo).

Like Fairlamb, all these defendants are also charged with obstruction. If proven at trial, that would mean a jury found there was an intent behind their serial, extended, coordinated assaults: to occupy the Capitol (as even Judge Bates described it) and in so doing to halt the vote count. These men are accused of violence in the service of preventing the peaceful transfer of power. And as such, I would be shocked if on this most spectacular of assault trials, DOJ didn’t also go after a terrorism enhancement.

In his testimony before the January 6 Commission, Jamie Raskin asked Hodges why he referred to terrorism or terrorists 15 times. Hodges read the legal definition of domestic terrorism:

Activities that involve acts dangerous to human life that are a violation of the criminal laws of the United States or of any state, and, b, appear to be intended to intimidate or coerce a civilian population, or, to influence the policy of a government by intimidation or coercion.

If this omnibus case goes to trial it will demonstrate how all these assaults worked in concert to sustain an assault on our democracy for thirty-eight minutes. Officer Hodges may have his vindication at labeling these men terrorists.

Former Presiding FISA Judge John Bates’ Curious Treatment of White Person Terrorism

By chance of logistics, the men and women who have presided over a two decade war on Islamic terrorism are now presiding over the trials of those charged in January 6.

To deal with the flood of defendants, the Senior Judges in the DC District have agreed to pick up some cases. And because FISA mandates that at least three of the eleven FISA judges presiding at any given time come from the DC area, and because the presiding judge has traditionally been from among those three, it means a disproportionate number of DC’s Senior Judges have served on the FISA Court, often on terms as presiding judge or at the very least ruling over programmatic decisions that have subjected millions of Americans to collection in the name of the war on terror. Between those and several other still-active DC judges, over 60 January 6 cases will be adjudicated by a current or former FISA judge.

Current and former FISA judges have taken a range of cases with a range of complexity and notoriety:

  • Royce Lamberth served as FISC’s presiding judge from 1995 until 2002 and failed in his effort to limit the effect of the elimination of the wall between intelligence and criminal collection passed in the PATRIOT Act. And during a stint as DC’s Chief Judge he dealt with the aftermath of the Boumediene decision and fought to make the hard won detention reviews won by Gitmo detainees more than a rubber stamp. Lamberth is presiding over 10 cases with 14 defendants. A number of those are high profile cases, like that of Jacob Chansley (the Q Shaman), Zip Tie Guy Eric Munchel and his mother, bullhorn lady and mask refusenik Rachel Powell, and Proud Boy assault defendant Christopher Worrell.
  • Colleen Kollar-Kotelly is still an active DC District judge, but she served as FISC presiding judge starting way back in 2002, inheriting the difficulties created by Stellar Wind from Lamberth. She’s the one who redefined “relevant to” in an effort to bring the Internet dragnet back under court review. She is presiding over ten January 6 cases with 12 defendants. That includes Lonnie Coffman, who showed up to the insurrection with a truck full of Molotov cocktails, as well as some other assault cases.
  • John Bates took over as presiding judge of FISC on May 19, 2009. In 2010, he redefined “metadata” so as to permit the government to continue to use the Internet dragnet; the government ultimately failed to make that program work but FISC has retained that twisted definition of “metadata” nevertheless. In 2011, he authorized the use of “back door searches” on content collected under FISA’s Section 702. In 2013, Bates appears to have ruled that for Islamic terrorists, the FBI can get around restrictions prohibiting surveillance solely for First Amendment reasons by pointing to the conduct of an American citizen suspect’s associates, rather than his or her own. And while not a FISA case, Bates also dismissed Anwar al-Awlaki’s effort to require the government to give him some due process before executing him by drone strike; at the time, the government had presented no public evidence that Awlaki had done more than incite violence. Bates has eight January 6 cases with nine defendants (as well as some unrelated cases), but he is presiding over several high profile ones, including the other Zip Tie Guy, Larry Brock, the scion of a right wing activist family, Leo Bozell IV, and former State Department official Freddie Klein.
  • Reggie Walton, who took over as presiding judge in 2013 but who, even before that, oversaw key programmatic decisions starting in 2008, showed a willingness both on FISC and overseeing the Scooter Libby trial to stand up to the Executive. That includes his extended effort to clean up the phone and Internet dragnet after Bush left in 2009, during which he even shut down part or all of the two dragnets temporarily. Walton is presiding over six cases with eight defendants, most for MAGA tourism.
  • Thomas Hogan was DC District’s head judge in the 2000s. In that role, he presided over the initial Gitmo detainees’ challenges to their detention (though many of the key precedential decisions on those cases were made by other judges who have since retired). Hogan then joined FISC and ultimately took over the presiding role in 2014 and in that role, affirmatively authorized the use of Section 702 back door searches for FBI assessments. Hogan is presiding over 13 cases with 18 defendants, a number of cases involving multiple defendants (including another set of mother-son defendants, the Sandovals). The most important is the case against alleged Brian Sicknick assailants, Julian Khater and George Tanios.
  • James Boasberg, who took over the presiding position on FISC on January 1, 2020 but had started making initial efforts to rein in back door searches even before that, is presiding over about eight cases with ten defendants, the most interesting of which is the case of Aaron Mostofsky, who is himself the son of a judge.
  • Rudolph Contreras, who like Kollar-Kotelly and Boasberg is not a senior judge, is currently a FISC judge. He has six January 6 cases with seven defendants, most MAGA tourists accused of trespassing. There’s a decent chance he’ll take over as presiding judge when Boasberg’s term on FISC expires next month.

Of the most important FISA judges since 9/11, then, just Rosemary Collyer is not presiding over any January 6 cases.

Mind you, it’s not a bad thing that FISA judges will preside over January 6 cases. These are highly experienced judges with a long established history of presiding over other cases, ranging the gamut and including other politically charged high profile cases, as DC District judges do.

That said, in their role as FISA judges — particularly when reviewing programmatic applications — most of these judges have been placed in a fairly unique role on two fronts. First, most of these judges have been forced to weigh fairly dramatic legal questions, in secret, in a context in which the Executive Branch routinely threatens to move entire programs under EO 12333, thereby shielding those programs from any oversight by a judge. These judges responded to such situations with a range of deference, with Royce Lamberth and Reggie Walton raising real stinks and — the latter case — hand-holding on oversight over the course of most of a year, to John Bates and to a lesser degree Thomas Hogan, who often complained at length about abuses before expanding the same programs being abused. Several — perhaps most notably Kollar-Kotelly when she was asked to bring parts of Stellar Wind under FISA — have likewise had to fight to affirm the authority of the entire Article III branch, all in secret.

Ruling on these programmatic FISA applications also involved hearing expansive government claims about the threat of terrorism, the difficulty and necessity of identifying potential terrorists before they attack, and the efficacy of the secret programs devised to do that (the judges who also presided over Gitmo challenges, which includes several on this list, also fielded similar secret claims about the risk of terrorism). Some of those claims — most notably, about the efficacy of the Section 215 phone dragnet — were wildly overblown. In other words, to a degree unmatched by most other judges, these men and women were asked to balance the rights of Americans against secret government claims about the risks of terrorism.

Now these same judges are part of a group being asked to weigh similar questions, but about a huge number of predominantly white, sometimes extremist Christian, defendants, but to do so in public, with defense attorneys challenging their every decision. Here, the balance between extremist affiliation and First Amendment rights will play out in public, but against the background of a two decade war on terror where similar affiliation was criminalized, often in secret.

Generally, the District judges in these cases have not done much on the cases yet, as either Magistrates (on initial pre-indictment appearances) or Chief Judge Beryl Howell (on initial detention disputes) have handled some of the more controversial issues, and in a few cases, Ketanji Brown Jackson presided over arraignments before she started handing off cases in anticipation of her Circuit confirmation process.

But several of the judges have written key opinions on detention, opinions that embody how differently the conduct of January 6 defendants looks to different people.

Lamberth, for example, authored the original detention order for “Zip Tie Guy” Eric Munchel and his mom, Lisa Eisenhart. Even while admitting that Munchel made efforts to limit any vandalization during the riot, Lamberth nevertheless deemed Munchel’s actions a threat to our constitutional government.

The grand jury charged Munchel with grave offenses. In charging Munchel with “forcibly enter[ing] and remain[ing] in the Capitol to stop, delay, and hinder Congress’s certification of the Electoral College vote,” Indictment 1, ECF No. 21, the grand jury alleged that Munchel used force to subvert a democratic election and arrest the peaceful transfer of power. Such conduct threatens the republic itself. See George Washington, Farewell Address (Sept. 19, 1796) (“The very idea of the power and the right of the people to establish government presupposes the duty of every individual to obey the established government. All obstructions to the execution of the laws, all combinations and associations, under whatever plausible character, with the real design to direct, control, counteract, or awe the regular deliberation and action of the constituted authorities, are destructive of this fundamental principle, and of fatal tendency.”). Indeed, few offenses are more threatening to our way of life.

Munchel ‘s alleged conduct demonstrates a flagrant disregard for the rule of law. Munchel is alleged to have taken part in a mob, which displaced the elected legislature in an effort to subvert our constitutional government and the will of more than 81 million voters. Munchel’ s alleged conduct indicates that he is willing to use force to promote his political ends. Such conduct poses a clear risk to the community.

Defense counsel’s portrayal of the alleged offenses as mere trespassing or civil disobedience is both unpersuasive and detached from reality. First, Munchel’s alleged conduct carried great potential for violence. Munchel went into the Capitol armed with a taser. He carried plastic handcuffs. He threatened to “break” anyone who vandalized the Capitol.3 These were not peaceful acts. Second, Munchel ‘s alleged conduct occurred while Congress was finalizing the results of a Presidential election. Storming the Capitol to disrupt the counting of electoral votes is not the akin to a peaceful sit-in.

For those reasons, the nature and circumstances of the charged offenses strongly support a finding that no conditions of release would protect the community.

[snip]

Munchel gleefully entered the Capitol in the midst of a riot. He did so, the grand jury alleges, to stop or delay the peaceful transfer of power. And he did so carrying a dangerous weapon. Munchel took these actions in front of hundreds of police officers, indicating that he cannot be deterred easily.

Moreover, after the riots, Munchel indicated that he was willing to undertake such actions again. He compared himself-and the other insurrectionists-to the revolutionaries of 1776, indicating that he believes that violent revolt is appropriate. See Pullman, supra. And he said “[t]he point of getting inside the building is to show them that we can, and we will.” Id. That statement, particularly its final clause, connotes a willingness to engage in such behavior again.

By word and deed, Munchel has supported the violent overthrow of the United States government. He poses a clear danger to our republic.

This is the opinion that the DC Circuit remanded, finding that Lamberth had not sufficiently considered whether Munchel and his mother would pose a grave future threat absent the specific circumstances present on January 6. They contrasted the mother and son with those who engaged in violence or planned in advance.

[W]e conclude that the District Court did not demonstrate that it adequately considered, in light of all the record evidence, whether Munchel and Eisenhart present an identified and articulable threat to the community. Accordingly, we remand for further factfinding. Cf. Nwokoro, 651 F.3d at 111–12.

[snip]

Here, the District Court did not adequately demonstrate that it considered whether Munchel and Eisenhart posed an articulable threat to the community in view of their conduct on January 6, and the particular circumstances of January 6. The District Court based its dangerousness determination on a finding that “Munchel’s alleged conduct indicates that he is willing to use force to promote his political ends,” and that “[s]uch conduct poses a clear risk to the community.” Munchel, 2021 WL 620236, at *6. In making this determination, however, the Court did not explain how it reached that conclusion notwithstanding the countervailing finding that “the record contains no evidence indicating that, while inside the Capitol, Munchel or Eisenhart vandalized any property or physically harmed any person,” id. at *3, and the absence of any record evidence that either Munchel or Eisenhart committed any violence on January 6. That Munchel and Eisenhart assaulted no one on January 6; that they did not enter the Capitol by force; and that they vandalized no property are all factors that weigh against a finding that either pose a threat of “using force to promote [their] political ends,” and that the District Court should consider on remand. If, in light of the lack of evidence that Munchel or Eisenhart committed violence on January 6, the District Court finds that they do not in fact pose a threat of committing violence in the future, the District Court should consider this finding in making its dangerousness determination. In our view, those who actually assaulted police officers and broke through windows, doors, and barricades, and those who aided, conspired with, planned, or coordinated such actions, are in a different category of dangerousness than those who cheered on the violence or entered the Capitol after others cleared the way. See Simpkins, 826 F.2d at 96 (“[W]here the future misconduct that is anticipated concerns violent criminal activity, no issue arises concerning the outer limits of the meaning of ‘danger to the community,’ an issue that would otherwise require a legal interpretation of the applicable standard.” (internal quotation and alteration omitted)). And while the District Court stated that it was not satisfied that either appellant would comply with release conditions, that finding, as noted above, does not obviate a proper dangerousness determination to justify detention.

The District Court also failed to demonstrate that it considered the specific circumstances that made it possible, on January 6, for Munchel and Eisenhart to threaten the peaceful transfer of power. The appellants had a unique opportunity to obstruct democracy on January 6 because of the electoral college vote tally taking place that day, and the concurrently scheduled rallies and protests. Thus, Munchel and Eisenhart were able to attempt to obstruct the electoral college vote by entering the Capitol together with a large group of people who had gathered at the Capitol in protest that day. Because Munchel and Eisenhart did not vandalize any property or commit violence, the presence of the group was critical to their ability to obstruct the vote and to cause danger to the community. Without it, Munchel and Eisenhart—two individuals who did not engage in any violence and who were not involved in planning or coordinating the activities— seemingly would have posed little threat. The District Court found that appellants were a danger to “act against Congress” in the future, but there was no explanation of how the appellants would be capable of doing so now that the specific circumstances of January 6 have passed. This, too, is a factor that the District Court should consider on remand. [my emphasis]

The DC Circuit opinion (joined by Judith Rogers, who ruled for Gitmo detainees in Bahlul and a Boumediene dissent) was absolutely a fair decision. But it is also arguably inconsistent with the way that the federal government treated Islamic terrorism, in which every time the government identified someone who might engage in terrorism (often using one of the secret programs approved by this handful of FISA judges, and often based off far less than waltzing into the Senate hoping to prevent the certification of an election while wielding zip ties and a taser), the FBI would continue to pursue those people as intolerably dangerous threats. Again, that’s not the way it’s supposed to work, but that is how it did work, in significant part with the approval of FISA judges.

That is, with Islamic terrorism, the government treated potential threats as threats, whereas here CADC required Lamberth to look more closely at what could make an individual predisposed to an assault on our government — a potential threat — as dangerous going forward. Again, particularly given the numbers involved, that’s a better application of due process than what has been used for the last twenty years, but it’s not what happened during the War on Terror (and in weeks ahead, this will be relitigated with consideration of whether Trump’s continued incitement makes these defendants an ongoing threat).

Now compare Lamberth’s order to an order John Bates issued in the wake of and specifically citing the CADC ruling, releasing former State Department official Freddie Klein from pretrial detention. Klein is accused of fighting with cops in the Lower West Terrace over the course of half an hour.

Bates found that Klein, in using a stolen riot shield to push against cops in an attempt to breach the Capitol, was eligible for pre-trial detention, though he expressed skepticism of the government’s argument that Klein had wielded the shield as a dangerous weapon).

The Court finds that Klein is eligible for pretrial detention based on Count 3. Under the BRA, a “crime of violence” includes “an offense that has as an element of the offense the use, attempted use, or threatened use of physical force against the person or property of another.” 18 U.S.C. § 3156(a)(4)(A). The Supreme Court in Johnson v. United States defined “physical force” as “force capable of causing physical pain or injury to another person.” 559 U.S. 133, 140 (2010); see also Def.’s Br. at 9.

[snip]

6 The Court has some doubts about whether Klein “used” the stolen riot shield as a dangerous weapon. The BRA does not define the term, but at least for purposes of § 111(b), courts have held that a dangerous weapon is any “object that is either inherently dangerous or is used in a way that is likely to endanger life or inflict great bodily harm.” See United States v. Chansley, 2021 WL 861079, at *7 (D.D.C. Mar. 8, 2021) (Lamberth, J.) (collecting cases). A plastic riot shield is not an “inherently dangerous” weapon, and therefore the question is whether Klein used it in a way “that is likely to endanger life or inflict great bodily harm.” The standard riot shield “is approximately forty-eight inches tall and twenty-four inches wide,” see Gov’t’s Br. at 13, and the Court disagrees with defense counsel’s suggestion that a riot shield might never qualify as a dangerous weapon, even if swung at an officer’s head, Hr’g Tr. 18:18–25, 19:1–11. See, e.g., United States v. Johnson, 324 F.2d 264, 266 (4th Cir. 1963) (finding that metal and plastic chair qualified as a dangerous weapon when “wielded from an upright (overhead) position and brought down upon the victim’s head”). But it is a close call whether Klein’s efforts to press the shield against officers’ bodies and shields were “likely to endanger life or inflict great bodily harm.” See Chansley, 2021 WL 861079, at *7.

But Bates ruled that there were certain things about the case against Klein — that he didn’t come prepared for combat, that he didn’t bring a weapon with him and instead just made use of what he found there, that any coordination he did involved ad hoc cooperation with other rioters rather than leadership throughout the event — that distinguished him from other defendants who (he suggested) should be detained, thereby limiting the guidelines laid out by CDC.

Bates’ decision on those points is absolutely fair. He has distinguished Klein from other January 6 defendants who, he judges, contributed more to the violence.

But there are two aspects of Bates’ decision I find shocking, especially from the guy who consistently deferred to Executive Authority on matters of national security and who sacrificed all of our communicative privacy in the service of finding hidden terrorist threats to the country. First, Bates dismissed the import of Klein’s sustained fight against cops because — he judged — Klein was only using force to advance the position of the mob, not trying to injure anyone.

The government’s contention that Klein engaged in “what can only be described as hand-to-hand combat” for “approximately thirty minutes” also overstates what occurred. See Gov’t’s Br. at 6. Klein consistently positioned himself face-to-face with multiple officers and also repeatedly pressed a stolen riot shield against their bodies and shields. His objective, as far as the Court can tell, however, appeared to be to advance, or at times maintain, the mob’s position in the tunnel, and not to inflict injury. He is not charged with injuring anyone and, unlike with other defendants, the government does not submit that Klein intended to injure officers. Compare Hr’g Tr. 57:12–18 (government conceding that the evidence does not establish Klein intended to injure anyone, only that “there was a disregard of care whether he would injure anyone or not” in his attempt to enter the Capitol), with Gov’t’s Opp’n to Def.’s Mot. to Reopen Detention Hearing & For Release on Conditions, ECF No. 30 (“Gov’t’s Opp’n to McCaughey’s Release”), United States v. McCaughey, III, 21-CR-040-1, at 11 (D.D.C. Apr. 7, 2021) (government emphasizing defendant’s “intent to injure” an officer who he had pinned against a door using a stolen riot shield as grounds for pretrial detention). And during the time period before Klein obtained the riot shield, he made no attempts to “battle” or “fight” the officers with his bare hands or other objects, such as the flagpole he retrieved. That does not mean that Klein could not have caused serious injury— particularly given the chaotic and cramped atmosphere inside the tunnel. But his actions are distinguishable from other detained defendants charged under § 111(b) who clearly sought to incapacitate and injure members of law enforcement by striking them with fists, batons, baseball bats, poles, or other dangerous weapons.

[snip]

Klein’s conduct was forceful, relentless, and defiant, but his confrontations with law enforcement were considerably less violent than many others that day, and the record does not establish that he intended to injure others. [my emphasis]

Bates describes that Klein wanted to use force in the service of occupying the building, not harming individual cops.

Of course, using force to occupy a building in service of halting the vote count is terrorism, but Bates doesn’t treat it as such.

Even more alarmingly, Bates flips how Magistrate Zia Faruqui viewed a government employee like Klein turning on his own government. The government had argued — and Faruqui agreed — that when a federal employee with Top Secret clearance attacks his own government, it is not just a crime but a violation of the Constitutional oath he swore to protect the country against enemies foreign and domestic.

Bates — after simply dismissing the import of Klein’s admittedly limited criminal history that under any other Administration might have disqualified him from retaining clearance — describes what Klein did as a “deeply concerning breach of trust.”

The government also argues that “Klein abdicated his responsibilities to the country and the Constitution” on January 6 by violating his oath of office as a federal employee to “support and defend the Constitution of the United States against all enemies, foreign and domestic.” Id. at 24–25 (quoting 5 U.S.C. § 3331). The fact that, as a federal employee, Klein actively participated in an assault on our democracy to thwart the peaceful transfer of power constitutes a substantial and deeply concerning breach of trust. More so, too, because he had been entrusted by this country to handle “top secret” classified information to protect the United States’ most sensitive interests. In light of his background, Klein had, as Magistrate Judge Faruqui put it, every “reason to know the acts he committed” on January 6 “were wrong,” and yet he took them anyway. Order of Detention Pending Trial at 4. Klein’s position as a federal employee thus may render him highly culpable for his conduct on January 6. But it is less clear that his now-former employment at the State Department heightens his “prospective” threat to the community. See Munchel, 2021 WL 1149196, at *4. Klein no longer works for or is affiliated with the federal government, and there is no suggestion that he might misuse previously obtained classified information to the detriment of the United States. Nor, importantly, is he alleged to have any contacts—past or present—with individuals who might wish to take action against this country. [my emphasis]

Bates then argues that Klein’s ability to obtain clearance proves not that he violates oaths he takes (the government argument adopted by Faruqui), but that he has the potential to live a law-abiding life.

Ultimately, Klein’s history—including his ability to obtain a top-level security clearance—shows his potential to live a law-abiding life. His actions on January 6, of course, stand in direct conflict with that narrative. Klein has not—unlike some other defendants who have been released pending trial for conduct in connection with the events of January 6—exhibited remorse for his actions. See, e.g., United States v. Cua, 2021 WL 918255, at *7–8 (D.D.C. Mar. 10, 2021) (Moss, J.) (weighing defendant’s deep remorse and regret in favor of pretrial release). But nor has he made any public statements celebrating his misconduct or suggesting that he would participate in similar actions again. And it is Klein’s constitutional right to challenge the allegations against him and hold the government to its burden of proof without incriminating himself at this stage of the proceedings. See United States v. Lawrence, 662 F.3d 551, 562 (D.C. Cir. 2011) (“[A] district court may not pressure a defendant into expressing remorse such that the failure to express remorse is met with punishment.”). Hence, despite his very troubling conduct on January 6, the Court finds on balance that Klein’s history and characteristics point slightly toward release.

In short, Bates takes the fact that Klein turned on the government he had sworn to protect and finds that that act weighs in favor of release.

Bates judges that this man, whom he described as having committed violence to advance the goal of undermining an election, nevertheless finds that — having already done that — Klein does not pose an unmanageable prospective threat.

Therefore, although it is a close call, the Court ultimately does not find that Klein poses a substantial prospective threat to the community or any other person. He does not pose no continuing danger, as he contends, given his demonstrated willingness to use force to advance his personal beliefs over legitimate government objectives. But what future risk he does present can be mitigated with supervision and other strict conditions on his release.

Again, it’s not the decision itself that is troubling. It’s the thought process Bates used, both for the way Bates flips Klein’s betrayal of his oath on its head, and for the way that Bates views the threat posed by a man who already used force in an attempt to coerce a political end. And it’s all the more troubling knowing how Bates has deferred to the Executive’s claims about the nascent threat posed even by people who have not, yet, engaged in violence to coerce a political end.

Bates similarly showed no deference to the government’s argument that Larry Brock, a retired Lieutenant Colonel who also brought zip ties into the Senate chamber, should have no access to the Internet given really inflammatory statements on social media, including a call for “fire and blood” as early as November. Bates decided on his own that Probation could sufficiently monitor Brock’s Internet use, comparing Brock to (in my opinion) two unlike defendants to justify the decision. Again, the decision itself is absolutely reasonable, but for the guy who decided the government could monitor significant swaths of transnational Internet traffic out of a necessity to identify potential terrorists, for a guy who okayed the access of US person’s content with no warrant, it’s fairly remarkable that he hasn’t deferred to the government about the danger Brock poses on the Internet (to say nothing of Brock’s likely sophistication at evading surveillance).

Again, I’m not complaining about any of these opinions. The outcomes are all reasonable. It is genuinely difficult to fit the events of January 6 into our existing framework (and perhaps that’s a good thing). Plus, there is such a range of fact patterns that even in the Munchel opinion give force to the mob even while trying to adjudicate individuals’ actions.

But either because these discussions are public, or because we simply think about white person terrorism differently, less foreign, perhaps, than we do Islamic terrorism, the very same judges who’ve grappled with these questions for the past two decades don’t necessarily have the ready answers they had in the past.

FISA Judges January 6 cases

Lamberth:

Kollar-Kotelly:

Bates:

Walton:

Hogan:

Boasberg:

Contreras:

Last Month, Baked Alaska Got to Ditch His Ankle Bracelet

While I am probably missing a few examples, I can think of just two defendants that DOJ has voluntarily loosened release conditions for without some kind of purpose tied to employment: Jon Schaffer, when he entered into a cooperation agreement with the government, and far right propagandist Baked Alaska, AKA Anthime Gionet, last month.

A warrant for Gionet’s arrest was obtained on January 7 and he was arrested on January 15 on misdemeanor charges of trespassing. He was released on personal recognizance but, unlike many other trespassing defendants, he was outfitted with a GPS monitor to make sure he stayed in AZ.

He was sent away and has never since been charged via Information.

On March 23, DOJ added a second attorney to this simple trespassing case, Christopher Brown. On March 26, Gionet asked to lose the ankle bracelet, based (in part) on a claim that he is media and (in part) on a claim that other misdemeanors he faces in AZ won’t likely go to trial. On March 29, DOJ asked for a consent motion to continue the case for another month past March 29 saying they’re trying to “resolve” this issue; this is the same kind of motion to continue they used in the Schaffer case (as opposed to unopposed motions to continue, as they’ve used in most other January 6 cases). And on March 31, the government said that, while it doesn’t agree with Gionet’s claim to be media, they don’t mind if he ditches his ankle bracelet because he’s been a good little Nazi sympathizer while out on release.

The defendant has asked this Court to remove Global Positioning System (GPS) monitoring from his release conditions. In his motion, the defendant argues that he is a member of the news media. The government disagrees. Nevertheless, because the defendant has been compliant with his release conditions to-date, the government does not oppose the instant motion.

On its face, it was an inexplicable move, particularly given the way the January 6 defendants have pointed to each other’s release conditions like 400 children complaining about unfair treatment to their mother.

When Larry Brock, also (currently) facing just trespass charges asked to change his release conditions, the government objected both to permitting Brock to travel freely in TX as well as access to the Internet. “The Defendant has not provided a change in circumstances to justify a change in release conditions,” the government argued. (John Bates overruled the government on the latter point.)

And when Felicia Konold, accused in a more serious Proud Boy conspiracy, made a similar argument about good behavior in a bid to lose her GPS monitor, the government argued that good behavior was insufficient reason to change release conditions. Indeed, in that case they pointed to her pending DUI case (like Gionet’s misdemeanor charges, in AZ), to suggest her behavior wasn’t all that great. “In sum, the defendant has not raised any novel issue that merits any meaningful change of her release conditions,” the government explained in opposing her request.

When Nicholas DeCarlo, functionally equivalent to Gionet as a right wing propagandist (albeit charged, in addition to trespassing, with conspiracy, obstruction, and for damaging the Capitol), asked to have his GPS removed, the government said nothing had changed to justify the change. “Finally, there have been no change in circumstances, other than the passage of time, that would justify these instant modifications.”

But in Gionet’s case, with no visible change in circumstances, and with pending state charges just like Konold, he ditched the ankle bracelet.

It’s certainly possible that the government, in the wake of the Eric Munchel decision (released the same day Gionet made his request), didn’t want to bother fighting this more aggressively. It’s possible they’re more sensitive to the claim that Gionet is a journalist than they let on — except that in the wake of this exchange, they’ve continued to arrest people making similar claims.

Or it’s possible something more interesting is going on. Ordinarily, a Nazi sympathizer facing a trespass charge wouldn’t have anything to deal to the government; nor would a trespass charge incent a defendant to make a deal.

Except that’s not the only exposure Gionet has or had.

On January 22, between the time Gionet was first charged and when he was arraigned, Federal prosecutors in Brooklyn charged Douglas Mackey in a conspiracy to interfere with others’ right to vote, based off Mackey’s social media campaign encouraging Hillary voters to vote by hashtag rather than casting a legal vote. Mackey was the only of the co-conspirators charged, but according to Luke O’Brien — who first broke Mackey’s true identity — Gionet was one of the four other co-conspirators described in the complaint.

Another of Mackey’s co-conspirators is Anthime “Baked Alaska” Gionet, a pro-Trump white nationalist who was arrested on Jan. 16 for his involvement in storming the Capitol on Jan. 6. Gionet also participated in the deadly white nationalist “Unite the Right” rally in Charlottesville, Virginia, in 2017. (A New York Times story reported Wednesday afternoon that Gionet was a co-conspirator, citing a source close to the investigation, and HuffPost can confirm that reporting based on the Twitter ID cited in the complaint.)

HuffPost was able to link the Twitter IDs in the complaint to Gionet and Microchip through previously collected Twitter data, interviews and evidence left by both extremists on other websites. In direct messages with this reporter last year, Microchip also confirmed that he was using the Twitter account associated with the user ID listed in the complaint.

In the time that nothing has been happening in Gionet’s January 6 charge, Mackey has been indicted and his team has been reviewing evidence. On March 29 — just after DOJ added a second attorney to the Gionet case — DOJ added a third attorney to Mackey’s case.

With five prosecutors between the two cases, things are clearly more complex than the filings suggest.

And that may be the change in circumstances that allowed Gionet to ditch his ankle bracelet.

Update: Michael Daughtry, accused of trespassing, also got to ditch his ankle bracelet after wearing it for a week.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Jack Goldsmith and Susan Hennessey Run Cover for Those Giving Jeff Sessions Unreviewable Authority to Criminalize Dissent

I’m used to Susan Hennessey partnering with Ben Wittes to write apologies for NSA and FBI that ignore known facts. I’m a bit surprised that Jack Goldsmith did so in this defense of Democrats — like Adam Schiff and Nancy Pelosi and nineteen Democratic Senators — who have voted to give Jeff Sessions unreviewable authority to criminalize dissent using certain privacy tools.

NSA did not fix “abouts” problems before the issues became public

There are numerous problems with this post. The one that irks me the most, however, is the claim that the “system itself” identified and addressed problems with “abouts” collection before they became public.

We acknowledge that the program has raised hard legal questions as well as difficult compliance issues, primarily involving “abouts” collection. But these problems were identified by the system itself, long before the issues became public, and the practices were fixed or terminated.

This claim, one I’ve corrected Hennessey for on numerous occasions on Twitter, is false, and should be retracted.

I say that with great confidence, because I wrote about the problems on August 11, 2016, well before NSA failed to disclose the full extent of the problems in an October 4, 2016 hearing, which led the worst FISC judge ever, Rosemary Collyer, to complain about NSA’s institutional “lack of candor.”

At the October 26, 2016 hearing, the Court ascribed the government’s failure to disclose those IG and OCO reviews at the October 4, 2016 hearing to an institutional “lack of candor” on NSA’s part and emphasized that “this is a very serious Fourth Amendment issue.”

As a reminder, the problem (the FISC has) with “abouts” collection is not so much that it collected entirely domestic communications — that’s the complaint of the rest of us. It’s that NSA never ever complied with John Bates’ 2011 requirement that NSA not conduct back door searches on upstream collection, because it might result in searches of those entirely domestic communications. In my August 2016 post, I noted that reviewers kept discovering that NSA continued to do back door searches on upstream data in violation of that prohibition, and kept refusing to implement technical fixes to avoid them.

I also raised concerns about the oversight of 704/705(b), which is how the NSA first realized how badly non-compliant their upstream searches were, on May 13, 2016, That’s about when NSA first reported to DOJ “in May and June 2016” that “approximately eighty-five percent of” queries using a tool the NSA employs with 704/705b queries “were not compliant with the applicable minimization procedures.”

I’ll grant that I’m remarkably attentive to documents that get declassified years after the fact. But I’m nevertheless “the public.” If I’m identifying these problems — and NSA’s refusal to make the technical fixes to avoid them — before they get fully briefed to DOJ or FISC, then it is absolutely false to claim that “the system” fixed or terminated the problem long before they became public.

Again, Lawfare should issue a retraction for that claim.

Update, January 19: On Twitter yesterday, Hennessey claimed I misread this quote, and that her proof that the system works was that the NSA had gotten away with ignoring Bates’ orders for five years, but finally shut it down before the public learned that NSA had been ignoring FISC’s orders.

This is still factually false — as I responded to her, the NSA was still identifying problems for eight months after I wrote about the problems, even assuming it had found all of them by April 2017, which was the last declassified reporting on it. But her explanation actually makes the comment downright damning for the NSA. It suggests a lawyer who was at NSA during the period it was not in compliance believes that getting away with violating the Fourth Amendment for five years, but fixing it before documents released on a three year delay (and only because of Snowden) is a sign of a law-abiding agency.

A portrait of a guy who doesn’t know key details as a rigorous overseer

The fact that I was harping on the “abouts” problems before any overseers of the program managed to fully investigate and fix them by itself disproves the claims that Hennessey and Goldsmith make in their hagiography of Adam Schiff.

He is the ranking Democrat on the House intelligence committee and one of the most knowledgeable and informed members of Congress on intelligence matters. Schiff has not hesitated to be  when he sees fit. He has watched the 702 program up close over many years in classified settings in his oversight role. He knows well its virtues and its warts. We suppose it is possible that Schiff would vote to give the president, whose integrity he so obviously worries about, vast powers to spy on Americans in an abusive way. Given everything Schiff has publicly said and done over the last year, however, a much more plausible inference is that he knows not only how valuable the 702 program is but also how law-constrained and carefully controlled and monitored it is.

Plus, I’m not sure why they think that Schiff’s attempt to fix the Section 215 phone dragnet only after Edward Snowden made it public proves that Schiff “never hesitated to be critical of intelligence community practices.” On the contrary, it proves that he did hesitate to do so before excessive programs became public.

The distinction is utterly critical given something I’ve pointed out about this bill. The bill itself is an admission that the intelligence community is out of control, and that congressional overseers can’t get information they need to adequately oversee the program without demanding it in legislation. That’s because it requires the IC to provide information on two practices that Congress cannot be deemed competent to legislate on without having answers about first.

For example, the bill requires an IG Report on how FBI queries raw data.

(b) MATTERS INCLUDED.—The report under subsection (a) shall include, at a minimum, an assessment of the following:

(1) The interpretations by the Federal Bureau of Investigation and the National Security Division of the Department of Justice, respectively, relating to the querying procedures adopted under subsection (f) of section 702 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1881a(f)), as added by section 101.

[snip]

(6) The scope of access by the criminal division of the Federal Bureau of Investigation to information obtained pursuant to the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.), including with respect to information acquired under subsection (a) of such section 702 based on queries conducted by the criminal division.

(7) The frequency and nature of the reviews conducted by the National Security Division of the Department of Justice and the Office of the Director of National Intelligence relating to the compliance by the Federal Bureau of Investigation with such querying procedures.

I have explained (and I know Hennessey regards this as a problem too) that since 2012, FBI has devolved its access to raw 702 data to field offices. The FBI already conducted far, far less oversight of the back door searches it conducts than NSA does. But because the DOJ/DNI 702 review teams visit only a fraction of the FBI field offices with each review, and because FBI’s querying system doesn’t collect enough information to do oversight remotely, it is possible that the offices that are least familiar with 702 requirements are — for the smaller number of 702 queries they conduct — getting the least oversight.

You can’t pass a bill that effectively blesses FBI’s use of back door searches on Americans about whom it has no evidence of any wrongdoing, while admitting you don’t know how FBI conducts those back door searches, and make any claim to conduct adequate oversight. Rather, the bill permits FBI to continue practices it has stubbornly refused to brief Congress on, rather than demanding that FBI brief Congress first, so Congress can impose any restrictions that might be necessary to adequately protect Americans.

The bill also requires a briefing within six months to explain how DOJ complies with FISA’s legally mandated notice requirements (because notice under 702 is treated as notice under 106(c), this covers 702 surveillance as well).

Not later than 180 days after the date of the enactment of this Act, the Attorney General, in consultation with the Director of National Intelligence, shall provide to the Committee on the Judiciary and the Permanent Select Committee on Intelligence of the House of Representatives and the Committee on the Judiciary and the Select 10 Committee on Intelligence of the Senate a briefing with respect to how the Department of Justice interprets the requirements under sections 106(c), 305(d), and 405(c) of the Foreign Intelligence Surveillance Act of 1978 (50 14 U.S.C. 1806(c), 1825(d), and 1845(c)) to notify an aggrieved person under such sections of the use of information obtained or derived from electronic surveillance, physical search, or the use of a pen register or trap and trace device. The briefing shall focus on how the Department interprets the phrase ‘‘obtained or derived from’’ in such sections.

The public treatment of DOJ’s serial, obvious failures to give notice to defendants is a nifty trick. When DOJ fails to give notice, it clearly violates the law, but notice is not included in minimization procedure review, so therefore is not reviewed by the FISC. When surveillance boosters like Hennessey and Goldsmith say there have never been any willful violations of the law, they manage to ignore the notice violations that have allowed some pretty problematic practices to avoid judicial oversight only because by breaking the law DOJ ensures no court will find them to be breaking the law.

Catch 22: Heads legal violations never get reviewed by a court, tails surveillance boosters can claim the surveillance has a clean bill of health.

Again, this is a known, egregious problem with the implementation of 702.

But rather than do the obvious thing as part of what this post dubs “robust democratic deliberation,” which is to demand answers about how notice is (not) given and require DOJ to fix it as part of the bill, the bill instead simply requires DOJ to provide the information that Congress needs to do basic oversight six months after reauthorization, which effectively punts fixing the problem six years down the road.

How many Chinese-American scientists will be improperly prosecuted because FBI is technically inane in those 6 years, because a bunch of California legislators like Nancy Pelosi, Adam Schiff, and Dianne Feinstein chose to punt on basic oversight?

The most egregious example of this, however, involves the government’s obstinate refusal to explain how many US persons are affected by 702. This bill also did not incorporate an HJC proposal requiring a count of how many Americans got referred for criminal prosecution off of 702 collection.

Letting Jeff Sessions criminalize dissent

That refusal — the refusal to even legislatively require the government to report on the impact of 702 surveillance on Americans, via incidental collection and/or criminal referral — brings us to the problem with this bill that opponents are all raising, but about which Hennessey and Goldsmith are inexcusably silent: the codification of giving Jeff Sessions unreviewable authority to determine what counts as a “criminal proceeding [that] affects, involves, or is related to the national security of the United States.”

Here’s how Hennessey and Goldsmith describe the impact of this program on Americans.

As Lawfare readers know, Section 702 authorizes the intelligence community to target the communications of non-U.S. persons located outside the United States for foreign intelligence purposes. It does not permit the intelligence community to target a U.S. person anywhere in the world. But it does permit incidental collection on U.S. persons, subject to strict rules about minimization and use.

Their silence about how the bill doesn’t deal with back door searches is problematic enough.

But they predictably, but problematically, make no mention of the way the bill codifies the use of 702 in domestic law enforcement under the Tor/VPN exception.

As I have laid out, in 2014 FISC created an exception to the rule that NSA must detask from a facility as soon as they learn that Americans are also using that facility. That exception applies to Tor and (though I understand this part even less) VPN servers — basically the kinds of privacy tools that criminals, spies, journalists, and dissidents might use to hide their online activities. NSA has to sort through what they collect on the back end, but along the way, they get to decide to keep any entirely domestic traffic they find has significant foreign intelligence purpose or is evidence of a crime, among other reasons. The bill even codifies 8 enumerated crimes under which they can keep such data. Some of those crimes — child porn and murder — make sense, but others — like transnational crime (including local drug dealers selling imported drugs) and CFAA (with its well-known propensity for abuse) pose more potential for abuse.

But it’s the unreviewable authority for Jeff Sessions bit that is the real problem.

We know, for example, that painting Black Lives Matter as a national security threat is key to the Trump-Sessions effort to criminalize race. We also know that Trump has accused his opponents of treason, all for making critical comments about Trump.

This bill gives Sessions unreviewable authority to decide that a BLM protest organized using or whistleblowing relying on Tor, discovered by collection done in the name of hunting Russian spies, can be referred for prosecution. The fact that the underlying data predicating any prosecution was obtained without a warrant under 702 would — in part because this bill doesn’t add teeth to FISA notice — ensure that courts would never learn the genesis of the prosecution. Even if a court somehow managed to do so, however, it could never deem the domestic surveillance unlawful because the bill gives Jeff Sessions the unreviewable authority to treat dissent as a national security threat.

This is such an obviously bad idea, and it is being supported by people who talk incessantly about the threat that Trump and Sessions present. Yet, rather than addressing the issue head on (which I doubt Hennessey could legally do in any case), they simply remain silent about what is the biggest complaint from privacy activists, that this gives a racist, vindictive Attorney General far more authority than he should have, and does so without fixing the inadequate protections for criminal defendants along the way.

I mean, I get that surveillance boosters who recognize the threat Trump and Sessions pose want to absolve themselves for giving Trump tools that can so obviously be abused.

But this attempt does so precisely by dodging the most obvious reasons for which boosters should be held to account.

Update: Changed post to note that just Trump has accused FBI Agents of treason, not Sessions, and not (yet) journalists.

Update: Here’s the roll call of the 65-34 vote passage of the bill. Democrats who voted in favor are:

  1. Carper
  2. Casey
  3. Cortez Masto
  4. Donnelly
  5. Duckworth
  6. Feinstein
  7. Hassan
  8. Heitkamp
  9. Jones
  10. Klobuchar
  11. Manchin
  12. McCaskill
  13. Nelson
  14. Peters
  15. Reed
  16. Schumer
  17. Shaheen
  18. Stabenow
  19. Warner
  20. Whitehouse

 

A Dragnet of emptywheel’s Most Important Posts on Surveillance, 2007 to 2017

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten this week.

To celebrate, the emptywheel team has been sharing some of our favorite work from the last decade. This is my massive dragnet of surveillance posts.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2007

Whitehouse Reveals Smoking Gun of White House Claiming Not to Be Bound by Any Law

Just days after opening the new digs, I noticed Sheldon Whitehouse entering important details into the Senate record — notably, that John Yoo had pixie dusted EO 12333 to permit George Bush to authorize the Stellar Wind dragnet. In the ten years since, both parties worked to gradually expand spying on Americans under EO 12333, only to have Obama permit the sharing of raw EO 12333 data in its last days in office, completing the years long project of restoring Stellar Wind’s functionalities. This post, from 2016, analyzes a version of the underlying memo permitting the President to change EO 12333 without providing public notice he had done so.

2008

McConnell and Mukasey Tell Half Truths

In the wake of the Protect America Act, I started to track surveillance legislation as it was written, rather than figure out after the fact how the intelligence community snookered us. In this post, I examined the veto threats Mike McConnell and Michael Mukasey issued in response to some Russ Feingold amendments to the FISA Amendments Act and showed that the government intended to use that authority to access Americans’ communication via both what we now call back door searches and reverse targeting. “That is, one of the main purposes is to collect communications in the United States.”

9 years later, we’re still litigating this (though, since then FISC has permitted the NSA to collect entirely domestic communications under the 2014 exception).

2009

FISA + EO 12333 + [redacted] procedures = No Fourth Amendment

The Government Sez: We Don’t Have a Database of All Your Communication

After the FISCR opinion on what we now know to be the Yahoo challenge to Protect American Act first got declassified, I identified several issues that we now have much more visibility on. First, PAA permitted spying on Americans overseas under EO 12333. And it didn’t achieve particularity through the PAA, but instead through what we know to be targeting procedures, including contact chaining. Since then we’ve learned the role of SPCMA in this.

In addition, to avoid problems with back door searches, the government claimed it didn’t have a database of all our communication — a claim that, narrowly parsed might be true, but as to the intent of the question was deeply misleading. That claim is one of the reasons we’ve never had a real legal review of back door searches.

Bush’s Illegal Domestic Surveillance Program and Section 215

On PATRIOTs and JUSTICE: Feingold Aims for Justice

During the 2009 PATRIOT Act reauthorization, I continued to track what the government hated most as a way of understanding what Congress was really authorizing. I understood that Stellar Wind got replaced not just by PAA and FAA, but also by the PATRIOT authorities.

All of which is a very vague way to say we probably ought to be thinking of four programs–Bush’s illegal domestic surveillance program and the PAA/FAA program that replaced it, NSLs, Section 215 orders, and trap and trace devices–as one whole. As the authorities of one program got shut down by exposure or court rulings or internal dissent, it would migrate to another program. That might explain, for example, why Senators who opposed fishing expeditions in 2005 would come to embrace broadened use of Section 215 orders in 2009.

I guessed, for example, that the government was bulk collecting data and mining it to identify targets for surveillance.

We probably know what this is: the bulk collection and data mining of information to select targets under FISA. Feingold introduced a bajillion amendments that would have made data mining impossible, and each time Mike McConnell and Michael Mukasey would invent reasons why Feingold’s amendments would have dire consequences if they passed. And the legal information Feingold refers to is probably the way in which the Administration used EO 12333 and redacted procedures to authorize the use of data mining to select FISA targets.

Sadly, I allowed myself to get distracted by my parallel attempts to understand how the government used Section 215 to obtain TATP precursors. As more and more people confirmed that, I stopped pursuing the PATRIOT Act ties to 702 as aggressively.

2010

Throwing our PATRIOT at Assange

This may be controversial, given everything that has transpired since, but it is often forgotten what measures the US used against Wikileaks in 2010. The funding boycott is one thing (which is what led Wikileaks to embrace Bitcoin, which means it is now in great financial shape). But there’s a lot of reason to believe that the government used PATRIOT authorities to target not just Wikileaks, but its supporters and readers; this was one hint of that in real time.

2011

The March–and April or May–2004 Changes to the Illegal Wiretap Program

When the first iteration of the May 2004 Jack Goldsmith OLC memo first got released, I identified that there were multiple changes made and unpacked what some of them were. The observation that Goldsmith newly limited Stellar Wind to terrorist conversations is one another reporter would claim credit for “scooping” years later (and get the change wrong in the process). We’re now seeing the scope of targeting morph again, to include a range of domestic crimes.

Using Domestic Surveillance to Get Rapists to Spy for America

Something that is still not widely known about 702 and our other dragnets is how they are used to identify potential informants. This post, in which I note Ted Olson’s 2002 defense of using (traditional) FISA to find rapists whom FBI can then coerce to cooperate in investigations was the beginning of my focus on the topic.

2012

FISA Amendments Act: “Targeting” and “Querying” and “Searching” Are Different Things

During the 2012 702 reauthorization fight, Ron Wyden and Mark Udall tried to stop back door searches. They didn’t succeed, but their efforts to do so revealed that the government was doing so. Even back in 2012, Dianne Feinstein was using the same strategy the NSA currently uses — repeating the word “target” over and over — to deny the impact on Americans.

Sheldon Whitehouse Confirms FISA Amendments Act Permits Unwarranted Access to US Person Content

As part of the 2012 702 reauthorization, Sheldon Whitehouse said that requiring warrants to access the US person content collected incidentally would “kill the program.” I took that as confirmation of what Wyden was saying: the government was doing what we now call back door searches.

2013

20 Questions: Mike Rogers’ Vaunted Section 215 Briefings

After the Snowden leaks started, I spent a lot of time tracking bogus claims about oversight. After having pointed out that, contrary to Administration claims, Congress did not have the opportunity to be briefed on the phone dragnet before reauthorizing the PATRIOT Act in 2011, I then noted that in one of the only briefings available to non-HPSCI House members, FBI had lied by saying there had been no abuses of 215.

John Bates’ TWO Wiretapping Warnings: Why the Government Took Its Internet Dragnet Collection Overseas

Among the many posts I wrote on released FISA orders, this is among the most important (and least widely understood). It was a first glimpse into what now clearly appears to be 7 years of FISA violation by the PRTT Internet dragnet. It explains why they government moved much of that dragnet to SPCMA collection. And it laid out how John Bates used FISA clause 1809(a)(2) to force the government to destroy improperly collected data.

Federated Queries and EO 12333 FISC Workaround

In neither NSA nor FBI do the authorities work in isolation. That means you can conduct a query on federated databases and obtain redundant results in which the same data point might be obtained via two different authorities. For example, a call between Michigan and Yemen might be collected via bulk collection off a switch in or near Yemen (or any of the switches between there and the US), as well as in upstream collection from a switch entering the US (and all that’s assuming the American is not targeted). The NSA uses such redundancy to apply the optimal authority to a data point. With metadata, for example, it trained analysts to use SPCMA rather than PATRIOT authorities because they could disseminate it more easily and for more purposes. With content, NSA appears to default to PRISM where available, probably to bury the far more creative collection under EO 12333 for the same data, and also because that data comes in structured form.

Also not widely understood: the NSA can query across metadata types, returning both Internet and phone connection in the same query (which is probably all the more important now given how mobile phones collapse the distinction between telephony and Internet).

This post described how this worked with the metadata dragnets.

The Purpose(s) of the Dragnet, Revisited

The government likes to pretend it uses its dragnet only to find terrorists. But it does far more, as this analysis of some court filings lays out.

2014

The Corporate Store: Where NSA Goes to Shop Your Content and Your Lifestyle

There’s something poorly understood about the metadata dragnets NSA conducts. The contact-chaining isn’t the point. Rather, the contact-chaining serves as a kind of nomination process that puts individuals’ selectors, indefinitely, into the “corporate store,” where your identity can start attracting other related datapoints like a magnet. The contact-chaining is just a way of identifying which people are sufficiently interesting to submit them to that constant, ongoing data collection.

SPCMA: The Other NSA Dragnet Sucking In Americans

I’ve done a lot of work on SPCMA — the authorization that, starting in 2008, permitted the NSA to contact chain on and through Americans with EO 12333 data, which was one key building block to restoring access to EO 12333 analysis on Americans that had been partly ended by the hospital confrontation, and which is where much of the metadata analysis affecting Americans has long happened. This was my first comprehensive post on it.

The August 20, 2008 Correlations Opinion

A big part of both FBI and NSA’s surveillance involves correlating identities — basically, tracking all the known identities a person uses on telephony and the Internet (and financially, though we see fewer details of that), so as to be able to pull up all activities in one profile (what Bill Binney once called “dossiers”). It turns out the FISC opinion authorizing such correlations is among the documents the government still refuses to release under FOIA. Even as I was writing the post Snowden was explaining how it works with XKeyscore.

A Yahoo! Lesson for USA Freedom Act: Mission Creep

This is another post I refer back to constantly. It shows that, between the time Yahoo first discussed the kinds of information they’d have to hand over under PRISM in August 2007 and the time they got directives during their challenge, the kinds of information they were asked for expanded into all four of its business areas. This is concrete proof that it’s not just emails that Yahoo and other PRISM providers turn over — it’s also things like searches, location data, stored documents, photos, and cookies.

FISCR Used an Outdated Version of EO 12333 to Rule Protect America Act Legal

Confession: I have an entire chapter of the start of a book on the Yahoo challenge to PRISM. That’s because so much about it embodied the kind of dodgy practices the government has, at the most important times, used with the FISA Court. In this post, I showed that the documents that the government provided the FISCR hid the fact that the then-current versions of the documents had recently been modified. Using the active documents would have shown that Yahoo’s key argument — that the government could change the rules protecting Americans anytime, in secret — was correct.

2015

Is CISA the Upstream Cyber Certificate NSA Wanted But Didn’t Really Get?

Among the posts I wrote on CISA, I noted that because the main upstream 702 providers have a lot of federal business, they’ll “voluntarily” scan on any known cybersecurity signatures as part of protecting the federal government. Effectively, it gives the government the certificate it wanted, but without any of the FISA oversight or sharing restrictions. The government has repeatedly moved collection to new authorities when FISC proved too watchful of its practices.

The FISA Court’s Uncelebrated Good Points

Many civil libertarians are very critical of the FISC. Not me. In this post I point out that it has policed minimization procedures, conducted real First Amendment reviews, taken notice of magistrate decisions and, in some cases, adopted the highest common denominator, and limited dissemination.

How the Government Uses Location Data from Mobile Apps

Following up on a Ron Wyden breadcrumb, I figured out that the government — under both FISA and criminal law — obtain location data from mobile apps. While the government still has to adhere to the collection standard in any given jurisdiction, obtaining the data gives the government enhanced location data tied to social media, which can implicate associates of targets as well as the target himself.

The NSA (Said It) Ate Its Illegal Domestic Content Homework before Having to Turn It in to John Bates

I’m close to being able to show that even after John Bates reauthorized the Internet metadata dragnet in 2010, it remained out of compliance (meaning NSA was always violating FISA in obtaining Internet metadata from 2002 to 2011, with a brief lapse). That case was significantly bolstered when it became clear NSA hastily replaced the Internet dragnet with obtaining metadata from upstream collection after the October 2011 upstream opinion. NSA hid the evidence of problems on intake from its IG.

FBI Asks for at Least Eight Correlations with a Single NSL

As part of my ongoing effort to catalog the collection and impact of correlations, I showed that the NSL Nick Merrill started fighting in 2004 asked for eight different kinds of correlations before even asking for location data. Ultimately, it’s these correlations as much as any specific call records that the government appears to be obtaining with NSLs.

2016

What We Know about the Section 215 Phone Dragnet and Location Data

During the lead-up to the USA Freedom Debate, the government leaked stories about receiving a fraction of US phone records, reportedly because of location concerns. The leaks were ridiculously misleading, in part because they ignored that the US got redundant collection of many of exactly the same calls they were looking for from EO 12333 collection. Yet in spite of these leaks, the few figured out that the need to be able to force Verizon and other cell carriers to strip location data was a far bigger reason to pass USAF than anything Snowden had done. This post laid out what was known about location data and the phone dragnet.

While It Is Reauthorizing FISA Amendments Act, Congress Should Reform Section 704

When Congress passed FISA Amendments Act, it made a show of providing protections to Americans overseas. One authority, Section 703, was for spying on people overseas with help of US providers, and another was for spying on Americans overseas without that help. By May 2016, I had spent some time laying out that only the second, which has less FISC oversight, was used. And I was seeing problems with its use in reporting. So I suggested maybe Congress should look into that?

It turns out that at precisely that moment, NSA was wildly scrambling to get a hold on its 704 collection, having had an IG report earlier in the year showing they couldn’t audit it, find it all, or keep it within legal boundaries. This would be the source of the delay in the 702 reauthorization in 2016, which led to the prohibition on about searches.

The Yahoo Scan: On Facilities and FISA

The discussion last year of a scan the government asked Yahoo to do of all of its users was muddled because so few people, even within the privacy community, understand how broadly the NSA has interpreted the term “selector” or “facility” that it can target for collection. The confusion remains to this day, as some in the privacy community claim HPSCI’s use of facility based language in its 702 reauthorization bill reflects new practice. This post attempts to explain what we knew about the terms in 2016 (though the various 702 reauthorization bills have offered some new clarity about the distinctions between the language the government uses).

2017

Ron Wyden’s History of Bogus Excuses for Not Counting 702 US Person Collection

Ron Wyden has been asking for a count of how many Americans get swept up under 702 for years. The IC has been inventing bogus explanations for why they can’t do that for years. This post chronicles that process and explains why the debate is so important.

The Kelihos Pen Register: Codifying an Expansive Definition of DRAS?

When DOJ used its new Rule 41 hacking warrant against the Kelihos botnet this year, most of the attention focused on that first-known usage. But I was at least as interested in the accompanying Pen Register order, which I believe may serve to codify an expansion of the dialing, routing, addressing, and signaling information the government can obtain with a PRTT. A similar codification of an expansion exists in the HJC and Lee-Leahy bills reauthorizing 702.

The Problems with Rosemary Collyer’s Shitty Upstream 702 Opinion

The title speaks for itself. I don’t even consider Rosemary Collyer’s 2017 approval of 702 certificates her worst FISA opinion ever. But it is part of the reason why I consider her the worst FISC judge.

It Is False that Downstream 702 Collection Consists Only of To and From Communications

I pointed out a number of things not raised in a panel on 702, not least that the authorization of EO 12333 sharing this year probably replaces some of the “about” collection function. Most of all, though, I reminded that in spite of what often gets claimed, PRISM is far more than just communications to and from a target.

UNITEDRAKE and Hacking under FISA Orders

A document leaked by Shadow Brokers reveals a bit about how NSA uses hacking on FISA targets. Perhaps most alarmingly, the same tools that conduct such hacks can be used to impersonate a user. While that might be very useful for collection purposes, it also invites very serious abuse that might create a really nasty poisonous tree.

A Better Example of Article III FISA Oversight: Reaz Qadir Khan

In response to Glenn Gerstell’s claims that Article III courts have exercised oversight by approving FISA practices (though the reality on back door searches is not so cut and dry), I point to the case of Reaz Qadir Khan where, as Michael Mosman (who happens to serve on FISC) moved towards providing a CIPA review for surveillance techniques, Khan got a plea deal.

The NSA’s 5-Page Entirely Redacted Definition of Metadata

In 2010, John Bates redefined metadata. That five page entirely redacted definition became codified in 2011. Yet even as Congress moves to reauthorize 702, we don’t know what’s included in that definition (note: location would be included).

FISA and the Space-Time Continuum

This post talks about how NSA uses its various authorities to get around geographical and time restrictions on its spying.

The Senate Intelligence Committee 702 Bill Is a Domestic Spying Bill

This is one of the most important posts on FISA I’ve ever written. It explains how in 2014, to close an intelligence gap, the NSA got an exception to the rule it has to detask from a facility as soon as it identifies Americans using the facility. The government uses it to collect on Tor and, probably VPN, data. Because the government can keep entirely domestic communications that the DIRNSA has deemed evidence of a crime, the exception means that 702 has become a domestic spying authority for use with a broad range of crimes, not to mention anything the Attorney General deems a threat to national security.

“Hype:” How FBI Decided Searching 702 Content Was the Least Intrusive Means

In a response to a rare good faith defense of FBI’s back door searches, I pointed out that the FBI is obliged to consider the least intrusive means of investigation. Yet, even while it admits that accessing content like that obtained via 702 is extremely intrusive, it nevertheless uses the technique routinely at the assessment level.

Other Key Posts Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

10 Years of emptywheel: Key Non-Surveillance Posts 2013-2015

10 Years of emptywheel: Key Non-Surveillance Posts 2016-2017

10 Years of emptywheel: Jim’s Dimestore

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The NSA’s 5-Page Entirely Redacted Definition of Metadata

In my post on Rosemary Collyer’s shitty upstream 702 opinion, I noted that the only known (but entirely redacted) discussions of what constituted metadata were part of the 2004 and 2010 authorizations for the Internet dragnet.

The documents liberated by Charlie Savage (starting at PDF 184) reveal the topic was actually discussed during the resolution of the 2011 upstream fight. In response to a Bates question to “fully describe what constitutes ‘metadata'” that can be extracted from Internet transactions, the government defined the term in a footnote that is substantially redacted.

That discussion is followed by five entirely redacted pages describing the three (also entirely redacted) categories of metadata.

So I apologize to the government for suggesting they’ve never defined the difference between content and metadata in the context of upstream content collection (the discussion probably closely follows the Internet dragnet discussion, which Bates had had with the government roughly 18 months earlier; that discussion allowed some dialing, routing, addressing, or signaling information that counted as content but didn’t convey the message of the communication to be treated as metadata).

That said, what the fuck are you thinking?!?!?

I mean, first of all, Congress is about to reauthorize 702, possibly trying to codify the prohibition on about searches. But most of Congress won’t go through the trouble to read this five page definition, much less consult with technical experts to understand if the definition is meaningful and how any draft bill would interact with this language. So it’s unclear how closely tested this has been.

As noted, even by the 2010 discussion, it was clear Bates was creating a middle ground for stuff that was technically content but which served a DRAS function — probably something akin to Steve Bellovin et al’s definition of architectural content. Given the way NSA asked to and did nuke the existing PRTT data at precisely this time (though without letting the Inspector General review their destruction of intake data) it’s highly likely they were violating those limits, at least through the processing stage. But legally, using this definition of metadata would all of a sudden be kosher, because the metadata would have been collected under a content standard, so the distinction of it being metadata would matter primarily for the privacy considerations (not least because Americans’ metadata collected off this upstream collection could and can be disseminated with a much lower standard than the one in place in the Internet dragnet, and can be disseminated for non-terrorism purposes), not legal ones. In other words, by collecting its domestic metadata using a content collection statute, the legal distinction between metadata and content would no longer matter, after 7 years of mattering.

Except now it does.

If the NSA’s five page definition of metadata includes stuff that is legally content, then the promise to avoid “about” collection is probably bogus, because it’d incorporate these definitions of metadata and thereby permit using metadata that actually counts as content as a selector.

Which is probably also why the government is so keen to avoid a prohibition on about searches — because what they’re doing, even today, amounts legally to about collection.

I’ll have to put some thought to the privacy implications of this (I suspect this explains the utility of upstream collection for cybersecurity purposes).

But if I’m right, there’s no way this should be classified, at least not entirely classified, not if the government has claimed to have gotten out of the business of searching for selectors in content.