UndieBomb 2.0

The (Other Possibility) Inert UndieBomb 2.0

I’m cleaning up my desk so I wanted to return to something in this transcript from John Brennan’s May 7, 2012 conference call with his predecessors at White House czar in attempt to pre-empt the AP’s reporting on UndieBomb 2.0.

Fran Fragos Townsend suggested something that was clear at the time: the Saudis were leaking about the “thwarted plot.”

TOWNSEND: John, we’ve got a source telling us that the tip, like sort of with the cartridge plot, came from the Saudis. All the statements reference international partners in cooperation. You obviously may not want to confirm that, but it would be an opportunity, if it absolutely wrong, to wave us off it.

Brennan doesn’t so much wave her off it — indeed, he admits that some of our friends watch AQAP very closely — but he emphasizes international partners and services enough that, in retrospect, looks like a possible hint of British involvement too.

BRENNAN: What I will say is that we have nested this within the international cooperation among intelligence and security services, and I’m not going to get more specific than that. But as you can imagine, there are certain services that are involved in watching very carefully what AQAP is doing. This was close cooperation with them. But some of the operational sensitivities are of an international dimension. And so, therefore, I really cannot go into anything specific about which country or which service was involved.

Townsend then presses on why the Administration claimed this was not a threat.

TOWNSEND: Very early stages, which is why you’re all saying that it was never a threat to the United States?

This is where Brennan uses his inside control line, while trying to strike back against the legitimate questions why the Administration mobilized the Air Marshals if the bomb was never a threat.

BRENNAN: The device itself, as I think the FBI statement said quite clearly, never posed a threat to the American public or to the public. And again, this is sort of wrapped up in the way that we became aware of this device, and the way it was managed, so that it was, again, as far as this device was concerned, it was not a threat. As you all know, one of the real struggles we have is what we don’t know, and so, I see that there was, you know, a press piece that just took issue with, well, if this device was never a threat, why did the President direct, you know, Department of Homeland Security and others to take appropriate measures Well, as we well know, al-Qaeda has tried to carry out simultaneous types of attacks, and so we were confident that we had inside control over the — any plot that might have been associated with this device. But again, you don’t know what you don’t know.

Then Townsend floated something remarkable — and it appears she was doing no more than floating it and didn’t really want an answer: the notion that the bomb was inert.

TOWNSEND: I say this not for a response. I mean, look, the other possibility is that you’re confident because it was inert. So I mean, I’m not looking for you to confirm it but I understand what you’re saying about it was not a threat to the U.S. Thanks. Thanks for your help.

Kind of a notable suggestion from the former Homeland Security Czar.

DOJ’s Reaffirmation of Journalist NSLs and the Undiebomb 2.0 and StuxNet Investigations

Given Friday’s news that DOJ’s “new” media guidelines continue to permit FBI to use National Security Letters to obtain journalists’ contact information, I’d like to return to the apparent results of two major leak investigations, those into the UndieBomb 2.0 and StuxNet leaks.

In the former case, the DOJ claims it had no idea that Donald Sachtleben served as a source for Matt Apuzzo and Adam Goldman’s story on UndieBomb 2.0 and no means to get a warrant for a computer they already had in their possession until — months into the investigation — they subpoenaed the phone records for 20 AP lines.

The entire premise of the FBI narrative is that they exercised greater care with a kiddie porn accusee they had dead to rights than they did the 100 or so AP reporters who got sucked up in their overbroad dragnet. They would have you believe that, even after seizing a CD holding a November 2, 2006 SECRET CIA intelligence report at Sachtleben’s house in May 2012 pursuant to a kiddie porn warrant (which they have not produced in the docket), they just sat on his devicesfor almost a year until they obtained the phone records for 20 AP phone lines, in a seizure far more intrusive into journalism than any recent known subpoena.

Sachtleben was identified as a suspect in the case of this unauthorized disclosure only after toll records for phone numbers related to the reporter were obtained through a subpoena and compared to other evidence collected during the leak investigation. This allowed investigators to obtain a search warrant authorizing a more exhaustive search of Sachtleben’s cell phone, computer, and other electronic media, which were in the possession of federal investigators due to the child pornography investigation.

(I may be mistaken, but I don’t think the FBI made this claim in any court document, so I assume it is bullshit, especially since they had had to do extensive forensic searches of Sachtleben’s computer and he had already signed a plea deal forfeiting it.)

In addition, DOJ would have you believe that Sachtleben, who could not have been the most important source for this leak, was the AP’s only source. At his sentencing, he pointed out correctly that’s not true.

“I was neither the sole nor the original source of information to ‘Reporter A’ about the suicide bomb,” Sachtleben said in a statement sent by his law firm. “The information I shared with Reporter A merely confirmed what he already believed to be true. Any implication that I was the direct source of a serious leak is an exaggeration.”

And the transcript of John Brennan’s teleconference to guide this leak makes it clear that the AP had far more information than they published, Sachtleben leaks all appeared in the story. So there obviously were far more sensitive sources DOJ chose not to prosecute.

They got their kiddie porn scapegoat, and their public explanation of how and why they obtained the phone records implicating 100 AP journalists. Which presumably had the additional advantage of making it clear to all Apuzzo and Goldman’s potential sources that DOJ is willing to go after them.

Compare all that to the StuxNet investigation. Reports last year identified Retired General James Cartwright as the suspect in the case.

But, said legal sources, while the probe that Attorney General Eric Holder ordered initially focused on whether the information came from inside the White House, by late last year FBI agents were zeroing in on Cartwright, who had served as one of the president’s “inner circle” of national security advisors.

The investigation focused on Cartwright in spite of evidence the White House was closely involved in the book (though not necessarily involved in leaking the details that particularly angered DC insiders, which may have been the that Israel permitted the virus to escape).

And all this happened — FBI was able to rule out the White House’s sources but still confirm Cartwright’s role — without subpoenaing NYT phone records.

Two sources said prosecutors were able to identify Cartwright as a suspected leaker without resorting to a secret subpoena of the phone records of New York Times reporters.

As it happens, Cartwright was only stripped of his clearance, not charged; there will be no court case in which the government has to show how it collected its evidence against Cartwright.

Of course, it would be a lot easier to pick and choose which sources to prosecute if you can secretly identify, using National Security Letters, those sources before actually obtaining journalist records in a way that requires public notice, as the AP subpoena eventually did. And then, at such time as you do want to make that public, you can get the subpoena showing the evidence you’ve already obtained via NSL.

In addition to being a threat to press freedoms, the explicit use of NSLs to obtain journalist contacts permits the government even more arbitrary power than the record of these two cases show it exercises.

Using NSLs allows DOJ to engage in selective leak prosecutions without that being immediately obvious.

Handy things, these NSLs.

DHS Fear-Mongers Off Apparent Diminishment in Ibrahim al-Asiri’s Skills

The Department of Homeland Security wants you to be afraid of the latest handiwork of AQAP’s bomb-maker, Ibrahim al-Asiri. They’ve issued a warning (and leaked that warning) about new-and-improved shoe bombs.

Senior U.S. officials say that Wednesday’s terror warning about international air travel, first reported by NBC News, is the result of recent chatter about Ibrahim al-Asiri, the al Qaeda bombmaker from Yemen responsible for several high-profile bombing attempts against U.S. targets.

On Wednesday, the Department of Homeland Security warned airlines of new information related to the possibility of bombs or bomb material hidden in shoes, like the device that shoe bomber Richard Reid used to try to take down a plane over the Atlantic in December 2001.

Now, perhaps this is a grave new worry.

But the first thing I thought of when I heard about this warning was the warning DHS issued two years ago, 10 days after they had flown the Saudi-British infiltrator into AQAP out of Yemen with the undiebomb he was allegedly given to use against a US-bound flight.

DIANE SAWYER (ABC NEWS)

(Off-camera) Good evening. As we come on the air, ABC News has learned that US authorities are studying a new terror threat tonight, members of al Qaeda using body bombs, explosives that have been surgically implanted in their bodies to evade security. Tomorrow, it will be the one-year anniversary of Osama bin Laden’s death, making this week a time of heightened concern on the ground and in the sky. And ABC’s chief investigative correspondent Brian Ross is here with these new details. Brian?

BRIAN ROSS (ABC NEWS)

(Off-camera) Diane, well, tonight American and European authorities tell ABC News, they fear al Qaeda will use these so-called body bombs to target Americans overseas and US flights coming in from overseas.

GRAPHICS: SECURITY WATCH

BRIAN ROSS (ABC NEWS)

(Voiceover) As a result, security at several airports in the United Kingdom and elsewhere in Europe and the middle ease has been substantially stepped up, with a focus on US carriers. And additional federal air marshals have been shifted overseas in advance of this week’s anniversary of the bin Laden raid. The plot is not so far fetched. Medical experts say there is plenty of room in the stomach area for surgically implanted explosives.

After that bit of propaganda, I fully expect the White House will roll out a thwarted plot in approximately 8 days. And then, after the initial excitement, we’ll learn the plot (if it was indeed a plot and not a sting) was actually thwarted (if it was indeed a plot and not a sting) back on February 14.

Bonus points: this plot will have been foiled using the phone dragnet.

And aside from the skepticism I have given DHS’ past manipulation of Asiri warnings, there’s one more problem with DHS crying wolf like this.

Two years ago, anonymous leakers from the very same vicinity as this week’s leakers assured us that Asiri had mastered the process of surgically placing operational bombs inside a person’s stomach cavity Virtually undetectable, even with Michael Chertoff’s best boondoggle machines!

And now, with two more years to perfect his craft, DHS claims that Asiri is making … shoe bombs?

Really? Shoe bombs?

We’re supposed to be panicked that Asiri’s skill has apparently regressed from where — these same anonymous leakers claimed — it was two years ago, that Asiri can no longer make undetectable cavity bombs but has instead returned to a ploy Al Qaeda used 12 years ago?

Again, maybe this threat is real. If it is, it’s too damn bad DHS has already squandered its credibility with past inflammatory warnings about Asiri’s skill.

Dianne Feinstein’s Pre-UndieBomb Thinking

A whole bunch of people have pilloried Dianne Feinstein’s defense of the phone dragnet and related programs.

But one bizarre argument I haven’t seen challenged is the underlying logic of this passage.

The U.S. must remain vigilant against terrorist attacks against the homeland. Al Qaeda in the Arabian Peninsula (AQAP), considered the world’s most capable and dangerous terrorist organization, is determined to attack the United States. As we have seen since the “underwear bomber” attempted to blow up an airliner over Detroit on Christmas Day 2009, AQAP has developed nonmetallic bombs that can elude airport screeners, and the organization’s expert bomb maker, Ibrahim al-Asiri, remains at large.

Asiri is believed to be behind the October 2010 plot to place bombs disguised as printer cartridges onto cargo planes headed for the U.S. He is also a suspect in the May 2012 suicide-bomber plot against an airliner headed for the U.S. that was foiled when U.S. authorities obtained the planned explosive device through good intelligence work.

Earlier this month, Director of National Intelligence James Clapper testified that in the case of the AQAP threat this summer, there were a number of phone numbers or emails “that emerged from our collection overseas that pointed to the United States.” Fortunately, the NSA call-records program was used to check those leads and determined that there was no domestic aspect to the plotting. [my emphasis]

So here’s the logic.

UndieBomb 1.0 proves AQAP wants to attack the US.

UndieBomb 2.0 is further proof of that, although DiFi doesn’t mention that it was a US-Saudi-Brit sting, meaning the intent came from us.

As part of the Legion of Doom investigation, NSA found phone numbers tied to the US that have, on investigation, proved to be unrelated to the actual alleged plot.

It’s that same theory that 36,000 innocent people must be investigated every time a terrorist plots something to keep us “safe.”

But let’s take a step back. UndieBomb 1.0 … UndieBomb 1.0 …

Yes.

I remember now.

UndieBomb 1.0 was the guy who was allegedly plotting out Jihad with Anwar al-Awlaki — whose communications the FBI had two guys reading – over things like chats and calls. That is, Umar Farouk Abdulmutallab was a guy whose plot the NSA and FBI should have thwarted before he got on a plane. (To say nothing of the CIA and NCTC’s fuck-ups.)

And yet, he got on that plane. His own incompetence and the quick work of passengers prevented that explosion, while a number of needles went unnoticed in the NSA’s most closely watched haystacks.

Nevertheless, the lesson DiFi takes is that we need more haystacks.

Shouldn’t the lessons of UndieBomb 1.0 be just as important to this debate as the partial, distorted, lessons of 9/11?

The Kiddie Porn and the UndieBomb

Screen shot 2013-09-26 at 1.22.11 PMI was at a funeral Monday and Tuesday. So when I heard the FBI had busted the guy who leaked the UndieBomb 2.0 story, I assumed they had finally arrested John Brennan.

But, as bmaz emphasized in his post on Donald Sachtleben’s plea agreement, there’s no hint of prosecuting Brennan, who leaked Top Secret details about the British/Saudi double agent into AQAP, even while they’re imprisoning Donald Sachtleben, who is only accused of leaking details he knew to be Secret.

A law enforcement official indicated that the case has not been officially closed but the charges against Sachtleben are the only ones expected.

(Sure, the evidence that Sachtleben was involved with kiddie porn seems solid, but then Brennan drone-killed children, so he’s not above reproach for his treatment of children either.)

But that is by no means the weirdest thing about the government’s treatment of the UndieBomb 2.0 leak investigation.

The entire premise of the FBI narrative is that they exercised greater care with a kiddie porn accusee they had dead to rights than they did the 100 or so AP reporters who got sucked up in their overbroad dragnet. They would have you believe that, even after seizing a CD holding a November 2, 2006 SECRET CIA intelligence report at Sachtleben’s house in May 2012 pursuant to a kiddie porn warrant (which they have not produced in the docket), they just sat on his devices for almost a year until they obtained the phone records for 20 AP phone lines, in a seizure far more intrusive into journalism than any recent known subpoena.

Sachtleben was identified as a suspect in the case of this unauthorized disclosure only after toll records for phone numbers related to the reporter were obtained through a subpoena and compared to other evidence collected during the leak investigation. This allowed investigators to obtain a search warrant authorizing a more exhaustive search of Sachtleben’s cell phone, computer, and other electronic media, which were in the possession of federal investigators due to the child pornography investigation.

(I may be mistaken, but I don’t think the FBI made this claim in any court document, so I assume it is bullshit, especially since they had had to do extensive forensic searches of Sachtleben’s computer and he had already signed a plea deal forfeiting it.)

They would also have you believe the AP had no inkling of the UndieBomb plot until ABC reported inflammatory claims about cavity bombs on April 30, 2012, even in spite of ABC’s reference to TSA head John Pistole’s earlier fear-mongering about it and in spite of additional reporting about broad Air Marshall mobilization. DOJ goes to great lengths to make you believe AP first texted Sachtleben on April 30 and not, say, on April 28 (which would mean the kiddie porn investigation accelerated after such contact), though there’s no reason to believe that’s true and the AP call records DOJ obtained apparently go back to well before April 30. They also suggest AP was asking Sachtleben about an Asiri bomb, though the first text they include is an assertion — not a question — that Asiri has been busy.

They would have you believe that two Pulitzer Prize winners would defy White House and CIA wishes with a story sourced to a single source who, just a day earlier, had provided a mistaken guess about the excitement. Continue reading

If Only DOJ Hadn’t Burned AP’s Sources …

The State Department announced a broad but vague warning today.

The Department of State alerts U.S. citizens to the continued potential for terrorist attacks, particularly in the Middle East and North Africa, and possibly occurring in or emanating from the Arabian Peninsula.  Current information suggests that al-Qa’ida and affiliated organizations continue to plan terrorist attacks both in the region and beyond, and that they may focus efforts to conduct attacks in the period between now and the end of August.  This Travel Alert expires on August 31, 2013.

Terrorists may elect to use a variety of means and weapons and target both official and private interests. U.S. citizens are reminded of the potential for terrorists to attack public transportation systems and other tourist infrastructure.  Terrorists have targeted and attacked subway and rail systems, as well as aviation and maritime services.  U.S. citizens should take every precaution to be aware of their surroundings and to adopt appropriate safety measures to protect themselves when traveling.

We continue to work closely with other nations on the threat from international terrorism, including from al-Qa’ida.  Information is routinely shared between the U.S. and our key partners in order to disrupt terrorist plotting, identify and take action against potential operatives, and strengthen our defenses against potential threats.

There’s a part of me that thinks this might be credible and serious.

After all, between Iraq, Pakistan, and Libya, up to 1,750 men have just escaped prison, and extremists claim responsibility for the first two prison breaks. That’s a lot of men running around who might make mischief (though you’d think it would take a bit of time to organize after the breaks).

That said, there are aspects of this that remind me of the politicized alert surrounding the April 2012 thwarting of our own plot in Yemen (which was rolled out in May 2012, well after any threat had subsided). There’s John Pistole’s ostentatious boosting of AQAP bomb-maker Ibrahim al-Asiri as “our greatest threat.”

The use of a new explosive has been previously reported, but Pistole continued with less familiar details about Underwear 2 that reflect the growing sophistication of Asiri’s sinister craftsmanship. He said the device included redundancy, by mean of two different syringes to mix liquid explosive compounds–”a double initiation system,” apparently a response to a failure of Abdulmutallab’s initiation process. In essence, Pistole said, “they made two devices.”

Finally, Pistole said, the new bomb was encased in simple household caulk in an effort to trap vapors that might alert any bomb-sniffing machines or dogs that did happen to be capable of identifying the explosive.

“So you really have a twisted genius in Yemen,” Ross observed. “That is our greatest threat,” Pistole replied. “All the intel folks here [at the forum] know that is a clear and present danger.”

Similar sensationalized reporting preceded and followed the exposure of the UndieBomb 2.0 plot last year.

There’s the increased drone activity in Yemen. Who knows! Maybe, like last year, the plot has already been rolled up and we’re just waiting to confirm one of the several recent drone strikes have taken out our target?

And there’s the apparent disparate treatment of the threat, with the US issuing a broad alert across the Middle East but with the Brits focusing thus far only on their Yemeni Embassy.

The State Department just happened to announce its support for Yemen in conjunction with President Hadi’s visit this morning, of which security aid remains the largest part, not long before this alert went out. Last year the thwarted plot was designed to coincide with the approval of signature strikes in Yemen.

Last year, the many people the US deployed to prevent a threat that had already been rolled up may have been one of the sources that revealed the threat had already been rolled up. If this is kabuki, then perhaps the same thing would happen again: some guy sent to protect flights in the Middle East might complain that it’s just show. Perhaps someone like the AP could report that the threat has been thwarted and we can go back to worrying about climate change as the most urgent threat to “the homeland.”

Except for one thing. Since last year, DOJ went positively nuclear on the AP, which exposed the kabuki last year. Without warning, DOJ obtained records of 20 AP phone lines, identifying the sources of up to 100 journalists, for at least a 2 week period. We’ve heard not one peep about DOJ prosecuting anyone in the UndieBomb 2.0 leak (especially not CIA Director John Brennan, who made the leak far worse). But DOJ did make sure sources are going to be far warier about speaking with the guys who undermined the White House kabuki last year.

So as you wonder about the seriousness of a plot that feels like a lot of the vague warnings the Bush White House used to release, remember how useful it was back when reporters were allowed to do their jobs.

Well, at Least DOJ Promised Not to Mine Journalists’ Metadata Going Forward

When I read this passage from DOJ’s new News Media Policy, it caused me as much concern as relief.

The Department’s policies will be revised to provide formal safeguards regarding the proper use and handling of communications records of members of the news media. Among other things, the revisions will provide that with respect to information obtained pursuant to the Department’s news media policy: (i) access to records will be limited to Department personnel who are working on the investigation and have a need to know the information; (ii) the records will be used solely in connection with the investigation and related judicial proceedings; (iii) the records will not be shared with any other organization or individual inside or outside of the government, except as part of the investigation or as required in the course of judicial proceedings; and(iv) at the conclusion of all proceedings related to or arising from the investigation, other than information disclosed in the course of judicial proceedings or as required by law, only one copy of records will be maintained in a secure, segregated repository that is not searchable.

It is nice for the subset of journalists treated as members of news media whose calls get treated under these new policies and not — as still seems possible — under the apparently more permissive guidelines in the FBI’s Domestic Investigations and Operations Guide that when their call and other business records are collected, some of that information will ultimately be segregated in a non-searchable collection. Though why not destroy it entirely, given that the information used for the investigation and court proceedings will not be segregated?

Moreover, this passage represents a revision of previous existing policy.

Which means data from members of the news media may not have been segregated in the past.

When you consider that one of the abuses that led to these new policies included the collection of 20 phone lines worth of data from the AP — far, far more than would be warranted by the investigation at hand — it raises the possibility that DOJ used to do more with the data it had grabbed from journalists than just try to find isolated sources.

Like the two to three hop analysis they conduct on the Section 215 dragnet data.

It’s with that in mind that I’ve been reading the reports that Kiwi troops were wandering around Kabul with records of McClatchy freelancer Jon Stephenson’s phone metadata.

The Sunday Star-Times has learned that New Zealand Defence Force personnel had copies of intercepted phone “metadata” for Stephenson, the type of intelligence publicised by US intelligence whistleblower Edward Snowden. The intelligence reports showed who Stephenson had phoned and then who those people had phoned, creating what the sources called a “tree” of the journalist’s associates.

New Zealand SAS troops in Kabul had access to the reports and were using them in active investigations into Stephenson.

The sources believed the phone monitoring was being done to try to identify Stephenson’s journalistic contacts and sources. They drew a picture of a metadata tree the Defence Force had obtained, which included Stephenson and named contacts in the Afghan government and military.

The sources who described the monitoring of Stephenson’s phone calls in Afghanistan said that the NZSIS has an officer based in Kabul who was known to be involved in the Stephenson investigations.

Last year, when this happened, Stephenson was on the Green-on-Blue beat, He published a story that a massacre in Pashtun lands had been retaliation for the killing of Taliban. He reported on another NATO massacre of civilians. He reported that a minister accused of torture and other abuses would be named Hamid Karzai’s intelligence chief. Earlier last year he had reported on the negotiations over prisoner transfers from the US to Afghan custody.

Now, the original report made a both a credibility and factual error when it said Stephenson’s metadata had been “intercepted.” That has provided the Kiwi military with a talking point on which to hang a non-denial denial — a point Jonathan Landay notes in his coverage of the claims.

Maj. Gen. Tim Keating, the acting chief of New Zealand’s military, said in a statement that no military personnel had undertaken “unlawful interception of private communications.”

“I have asked the officers responsible for our operations in Afghanistan whether they have conducted monitoring of Mr Stephenson . . . and they have assured me that they have not.”

The statement, however, did not address whether metadata, which includes the location from where a call is made, the number and location of the person who is being called and the duration of the call, was collected for Stephenson’s phones. Such data are generally considered business records of a cell phone provider and are obtained without intercepting or real-time monitoring of calls. In the United States, for example, the Foreign Intelligence Surveillance Court has ordered Verizon to deliver such records of all its customers to the National Security Agency on a daily basis.

While under contract to McClatchy, Stephenson used McClatchy cell phones and was in frequent contact with McClatchy editors and other reporters and correspondents. [my emphasis]

Indeed, higher ranking New Zealand politicians are trying to insinuate that Stephenson’s call records would only be collected if he was communicating with terrorists — even while admitting the government did have a document treating investigative journalists like terrorists.

Prime Minister John Key said it’s theoretically possible that reporters could get caught in surveillance nets when the U.S. spies on enemy combatants.

[snip]

Also Monday, New Zealand Defense Minister Jonathan Coleman acknowledged the existence of an embarrassing confidential order that lists investigative journalists alongside spies and terrorists as potential threats to New Zealand’s military. That document was leaked to Hager, who provided a copy to The Associated Press. Coleman said the order will be modified to remove references to journalists.

Finally, New Zealand officials seem to be getting close to blaming this on the US.

“The collection of metadata on behalf of the NZDF by the U.S. would not be a legitimate practice, when practiced on a New Zealand citizen,” Coleman said. “It wouldn’t be something I would support as the minister, and I’d be very concerned if that had actually been the case.”

Thus far, the coverage of the Stephenson tracking has focused on the Kiwi role in all of it. But as Landay notes, Stephenson would have been using McClatchy-provided cell phones at the time, suggesting the US got the records themselves, not by intercepting anything, but simply by asking the carrier, as they did with the AP.

Ultimately, no one is issuing a direct denial that some entity tied to ISAF — whether that be American or New Zealand forces — collected the phone records of a journalist reporting for a US-based outlet to try to identify his non-friendly sources.

So what other journalists have US allies likened to terrorists because they actually reported using both friendly and unfriendly sources?

Was Inspire a British-Made Product?

Amid a longer story about one-time Brits stripped of their citizenship and handled according to the Administration Disposition Matrix, Ian Cobain fills out the story of Minh Quang Pham (whose identity in the UK is protected under a legal gag and so is referred to as B2). Among other things, Cobain answers the question I raised here: how Pham materially supported Al Qaeda in the Arabian Peninsula by (we infer) helping to produce Inspire between the time he was arrested upon returning from Yemen in July 2011 and the time the British Home Secretary Theresa May tried to strip him of citizenship in December of that year (see my timelines here): he was out on bail.

On arrival back at Heathrow airport, the Vietnamese-born man was searched by police and arrested when a live bullet was found in his rucksack. A few months later, while he was free on bail, May signed an order revoking his British citizenship.

But that would mean Pham was materially contributing to Inspire at a time when he was in the UK. The Brits have much stronger laws against even possessing Inspire. If we (and by association they) had evidence he was producing Inspire while out on bail, it should be easy to try him there.

Which is part of Pham’s current complaint, as he tries to avoid extradition to the US: he could have and should have been charged in the UK.

Within minutes of SIAC announcing its decision and granting B2 unconditional bail, he was rearrested while sitting in the cells at the SIAC building. The warrant had been issued by magistrates five weeks earlier, at the request of the US Justice Department. Moments after that, the FBI announced that B2 had been charged with five terrorism offences and faced up to 40 years in jail. He was driven straight from SIAC to Westminster magistrates’ court, where he faced extradition proceedings.

B2 continues to resist his removal to the US, with his lawyers arguing that he could have been charged in the UK. Indeed, the allegations made by the US authorities, if true, would appear to represent multiple breaches of several UK laws: the Terrorism Act 2000, the Terrorism Act 2006 and the Firearms Act 1968. Asked why B2 was not being prosecuted in the English courts – why, in other words, the Americans were having this particular headache, and not the British – a Crown Prosecution Service spokesperson said: “As this is a live case and the issue of forum may be raised by the defence in court, it would be inappropriate for us to discuss this in advance of the extradition hearing.”

One of the charges against Pham is that he conspired to obtain military training. Which would seem to rely on Ahmed Warsame’s testimony. But it’s not clear how much of the material support charges Warsame could support, given that Pham’s material support period extends a number of months beyond Warsame’s arrest.

Note, however, that there may be overlap between the UndieBomb 2.0 mole working with AQAP (who may have arrived in AQAP 2 months before Pham left) and the tail end of the charge. In which case they may be shipping Pham to the US to better hide the mole’s role in all this.

Of course, all these charges may primarily be about protecting the mole.

Michael Hayden, Troll Extraordinaire

“Intelligence agencies often act on the edges of executive prerogative and move forward based on a narrow base of lawfulness and limited congressional notification,” says Michael Hayden, the guy who oversaw Bush’s illegal wiretap for 2.5 years before the full Gang of Eight first got adequately briefed, and who never briefed Congress on CIA’s assassination program.

In the same piece, Hayden hails media editors who ceded to his requests to hold or adjust a story.

So, how do we limit the damage? Well, journalists will have to expand the kind of sensitivities to the national welfare that some already show. In those calls I made to slow, scotch or amend a pending story, most on the other end of the line were open to reasonable arguments. In one case a writer willingly changed a reference that had read “based on intercepts” to “based on intelligence reports,” somewhat amazed that that change made much of a difference. (It did.)

But then insists the UndieBomb 2.0 story — for which AP editors had made precisely those kinds of concessions — was right to be investigated because John Brennan’s push back to it exposed a mole.

The two prominent cases being debated were indeed serious leaks, because they touched upon sources, not just information.

In the case of the Associated Press report on a Yemen-based bomb plot, the source had apparently penetrated an al Qaeda network and there were hopes that he could continue to be exploited.

[snip]

And, since the Yemen source appears to have actually been recruited by a liaison partner, the impact of a leak goes far beyond our own service. In that same talk with bureau chiefs, I pointed out that several years before 9/11, one chief of station reported that a press leak of liaison intelligence had “put us out of the (Osama) bin Laden reporting business”.

In both stories, investigations were in order. Journalists, of all people, should understand the need to protect sources and relationships.

As the LAT story Hayden links to says clearly, “The AP did not mention the informant in its report.” And, as I laid out some weeks back, to believe our mole was going to return, the former head of the CIA would have to believe that AQAP shows great tolerance for recruits who fuck up and then return right after high ranking operatives get drone killed.

Because to maintain that claim, you’d have to explain how an AQAP operative who had been entrusted with the latest version of Ibrahim al-Asiri’s UndieBomb sometime in early April, had left (at least as far as Sanaa), had not apparently succeeded in his mission (which was, after all, meant to be a suicide bombing), could return to AQAP without the UndieBomb and infiltrate even further than he had the first time.

“Oh, hi, AQAP gatekeeper” — their story must imagine the mole saying as he returned to AQAP — “I’ve both failed in my mission and somehow lost the bomb you gave me, but based on that would you be willing to let me spend some quality time with even higher-ranking AQAP operatives?”

In short, Hayden appears to have decided it’d be a good idea to ignore the facts, good sense, and his own history so as to suggest that the Obama Administration is worse than the reasonable old Bush Administration.

But the investigations have been very aggressive and the acquisition of journalists’ communications records has been broad, invasive, secret and—one suspects—unnecessary.

A quick survey of former Bush administration colleagues confirmed my belief that a proposal to sweep up a trove of AP phone records or James Rosen’s e-mails would have had a half-life of about 30 seconds in that administration.

Just ignore the fact that the government was asking people questions about James Risen‘s phone contacts — indicating they had probably doing just what the Obama Administration did to the AP reporters, only without telling him — before Obama took over.

But here’s my favorite part:

The government may also want to adjust its approach to enforcement. The current tsunami of leak prosecutions is based largely on the Espionage Act, a blunt World War I statute designed to punish aiding the enemy. It’s sometimes a tough fit. The leak case against former National Security Agency employee Thomas Drake collapsed of its own overreach in 2011.

Perhaps in many of these cases the best approach is not through the courts or the Department of Justice.

Remember, Drake was investigated for telling a journalist about Hayden’s own boondoggle that cost many times what NSA’s existing better solution cost. There is virtually no way the investigation against him didn’t rely, in part, on Hayden’s own testimony.

And now, 6 years after the investigation into Drake started in earnest, Hayden suggests Drake shouldn’t have been criminally investigated at all.

Hayden can afford that very belated generosity, of course. He’s been profiting off the same kind of boondoggles Drake tried to expose for years now.

I mean, sure, the main jist of what Hayden says is true: the Administration is pursuing leaks far too aggressively. But coming from a guy who has long benefitted from the Executive Branch asymmetric abuse of secrecy, he’s not exactly the right person to be making the point.

The Reason Holder Recused in UndieBomb 2.0 Probably Relates to Reasons He Thinks It’s So Bad

A lot of people are responding furiously with what should not be news: that Eric Holder approved the warrants in the investigation into Fox report James Rosen’s story.

Attorney General Eric Holder signed off on a controversial search warrant that identified Fox News reporter James Rosen as a “possible co-conspirator” in violations of the Espionage Act and authorized seizure of his private emails, a law enforcement official told NBC News on Thursday.

[snip]

Holder previously said he recused himself from the AP subpoena because he had been questioned as a witness in the underlying investigation into a leak about a foiled bomb plot in Yemen. His role in personally approving the Rosen search warrant had not been previously reported.

DOJ policy requires Attorney General sign-off on such warrants and subpoenas, Holder has no apparent reason to recuse in this case, so we should have all expected he signed off on them.

To be clear, I don’t defend the warrant to get Rosen’s emails; the claims he conspired in a leak are terribly dangerous. So I won’t defend Holder for having approved the warrant in the least.

But people seem to be suggesting that because Holder approved the Rosen warrant, he could have approved the UndieBomb 2.0 subpoena, so must be dodging some issue by recusing.

Consider a few basic details. First, the UndieBomber 2.0 mole reportedly infiltrated AQAP up to a year in advance, which would put him in Yemen, at least, if not AQAP, before Anwar al-Awlaki was killed September 30, 2011. And UndieBomber 2.0 was eventually working with Fahd al-Quso, who had a role — perhaps a more dominant role — in some of the attacks used to justify Awlaki’s killing, including UndieBomb 1.0 and the toner cartridge plot.

As I noted, for some reason DOJ did not implicate Fahd al-Quso in Umar Farouk Abdulmutallab’s sentencing memo 2 months before the UndieBomb 2.0 “plot” was “thwarted,” even though he clearly had a role in the earlier UndieBomb plot. But to the extent that sentencing memo was about providing a public justification for the Awlaki killing (and it was billed as such when it was rolled out), then it would have gone through review if not have been developed in the Attorney General’s office, as that’s where everything else on transparency on the Awlaki killing went (and probably still goes, up to Wednesday’s letter on the topic).

In other words, to the extent that an operation to get either Ibrahim al-Asiri or Quso would be tied up with the at that point recent killing of Awlaki, the AG’s office would be involved (and all that assumes things went down generally as the government claims it does; the AG’s office could be far far more involved, and therefore exposed by the leak, in a number of other scenarios).

Then there’s the question of the security theater rolled out for the Osama bin Laden anniversary, the “scores” of Air Marshals sent to Europe to prevent a threat that had already been rolled up. While the implementation of such security would be directed primarily out of Department of Homeland Security, the decision to deploy it likely involved discussions of the President’s entire national security team, including Eric Holder.

And all this makes sense. The only way the UndieBomb 2.0 leak could have anywhere near the gravity Eric Holder claims it does (even though the claimed reasons for its seriousness appear totally bogus) is if this kind of high level operation and deception were going on.

Which really ought to raise more questions about why the Administration (or Holder) panicked so much about the leak in the first place.

Emptywheel Twitterverse
emptywheel @OKnox It's supposed to be capitalized? #WasAlwaysBadWithStyleGuides
13mreplyretweetfavorite
emptywheel Isn't part of reason the Saudis are beheading so much of late bc they didn't have proper swordsman for a while? http://t.co/4w4zNIkTW8
14mreplyretweetfavorite
JimWhiteGNV @laRosalind I have a really bad feeling about that one. It's so sad.
15mreplyretweetfavorite
emptywheel @CreepyRepRogers They weren't killed. They were issued. @charlie_savage @Krhawkins5
25mreplyretweetfavorite
JimWhiteGNV Goodell gives him a high five! RT @McClatchyDC: Biden praises disgraced senator in DNC speech http://t.co/3tYDfPaeLX
29mreplyretweetfavorite
JimWhiteGNV Second "neighbor" today in front of the house to pick up some of the wood stacked at curb from yesterday's tree trimming. County pickup Mon
31mreplyretweetfavorite
emptywheel @charlie_savage AGG is what technically fulfills 12333 tho, right? @Krhawkins5
35mreplyretweetfavorite
emptywheel @charlie_savage Thanks. That's what I was trying to say, but misstated. @Krhawkins5
36mreplyretweetfavorite
emptywheel @Thomas_Drake1 But you saw Hayden wrote new classified annex on March 11, 2004? http://t.co/bjXULklJM0
37mreplyretweetfavorite
emptywheel @dangillmor But certain members of society seem to be relatively immune to them, no? @ddayen @Thomas_Drake1
39mreplyretweetfavorite
emptywheel @Krhawkins5 I hate days when CompLit PhD feels like perfect training for what we do & it is happening more & more of late @brettmaxkaufman
56mreplyretweetfavorite
emptywheel @brettmaxkaufman I'm imagining a giant server full of nothing but correspondence about wedding RSVPs and registries. @Krhawkins5
58mreplyretweetfavorite
September 2014
S M T W T F S
« Aug    
 123456
78910111213
14151617181920
21222324252627
282930