John Brennan’s Parallel “Investigative, Protective, or Intelligence Activity”

Yesterday, Jack Goldsmith defended CIA lawyer Robert Eatinger for referring Senate Intelligence Committee staffers for criminal investigation. Eatinger had no choice but to refer his Agency’s overseers, you see, because EO 12333 required it.

I knew Eatinger a bit when I was at OLC a decade ago, and based on that experience I agree with John Rizzo that “[h]e doesn’t have a political bone in his body” and “[i]f he made this referral, it’s because he felt it was the right and necessary thing to do.”

It might be useful to articulate the standard for the “right and necessary thing to do,” because I think that standard is at the bottom of this corner of the controversy.  The standard comes from Section 6.1(b) of E.O. 12,333, which imposes a duty on the CIA Director to:

Report to the Attorney General possible violations of Federal criminal laws by employees and of specified Federal criminal laws by any other person as provided in procedures agreed upon by the Attorney General and the head of the department, agency, or establishment concerned, in a manner consistent with the protection of intelligence sources and methods, as specified in those procedures;

I believe that the CIA Director delegates this duty to the CIA General Counsel.

Note how low the bar is for the referral—possible violations of federal law.  Think about what that low standard means.  It means that CIA often has a duty to refer a matter to DOJ that it is reasonably confident does not violate federal law, simply because the matter possibly violates federal law.  As John Radsan noted in his study of the CIA General Counsel’s Office, the low standard results in CIA making “several referrals to the Justice Department in a typical month.”  It might seem that these frequent referrals are signs of lawlessness, but in fact they are a mechanism of accountability. The very soft trigger of “possible” as opposed to “likely” or “actual” violations promotes significant over-reporting and allows another Agency, DOJ, to decide the appropriate action in the first instance.” [my emphasis]

Nice try.

But there’s a significant problem with that. In response to Ron Wyden’s question about whether CIA is subject to the Computer Fraud and Abuse Act — a polite way of suggesting CIA hacked the Committee server — John Brennan told Wyden,

The statute does apply. The Act, however, expressly “does not prohibit any lawfully authorized investigative, protective, or intelligence activity … of an intelligence agency of the United States.” 18 U.S.C. § 1030(f).

In other words, Brennan implicitly asserts the CIA snooping on SSCI was legal because CIA was engaged in lawfully authorized “investigative, protective, or intelligence activity.”

Side note: what are the chances that Brennan, who likes to remind that he’s not a lawyer when he gets legally dangerous questions, consulted with CIA’s Acting General Counsel Robert Eatinger in crafting this response to Wyden?

But let’s look at when and how Brennan chose to engage in what he claims is either “investigative, protective, or intelligence activity” and when and how Eatinger found SSCI’s oversight of CIA reached the “low bar” that merited referral.

According to Dianne Feinstein, in 2010, before Brennan was Director and Eatinger Acting General Counsel, a slew of documents disappeared from the server CIA made available for SSCI. Feinstein makes no mention of CIA engaging in “investigative, protective, or intelligence activity” in response. Instead, CIA just made shit up.

In May of 2010, the committee staff noticed that [certain] documents that had been provided for the committee’s review were no longer accessible. Staff approached the CIA personnel at the offsite location, who initially denied that documents had been removed. CIA personnel then blamed information technology personnel, who were almost all contractors, for removing the documents themselves without direction or authority. And then the CIA stated that the removal of the documents was ordered by the White House. When the committee approached the White House, the White House denied giving the CIA any such order.

After a series of meetings, I learned that on two occasions, CIA personnel electronically removed committee access to CIA documents after providing them to the committee. This included roughly 870 documents or pages of documents that were removed in February 2010, and secondly roughly another 50 were removed in mid-May 2010.

Only after denying it, then blaming first the IT contractors, and then the White House (who I believe may well have been to blame), did the CIA admit they had removed the documents. All this occurred, presumably, without launching a security review of the kind so urgent now (though if a security review were done, let’s hear about it, because it would suggest only certain factions were behind the removal of these documents).

Shortly after this incident — again, according to Feinstein — the Panetta Review documents also started disappearing from the servers (SSCI either had printed out copies already or did so in response).

In December, Mark Udall and others started invoking the Panetta review and asking for a complete copy of it.

In response, according to a letter (which for a variety of reasons I’m certain was designed to be released) Brennan later sent Dianne Feinstein on January 27, CIA started its “investigative, protective, or intelligence activity.”

Because we were concerned that there may be a breach or vulnerability in the system for housing highly classified documents, CIA conducted a limited review to determine whether these files were located on the SSCI side of the CIA network and reviewed audit data to determine whether anyone had accessed the files, which would have been unauthorized. The technical personnel conducting the audit review were asked to undertake it only if it could be done without searching audit data relating to other files on the SSCI side of CIA’s network. That review by IT personnel determined that the documents that you and Senator Udall were requesting appeared to already be on the SSCI staff side of CIA’s local area network and had been accessed by staff. Only completion of the security review will answer how SSCI staff came into possession of the documents.

Only on January 15, after CIA had completed some of that “investigative, protective, or intelligence activity” and determined, according to them, that SSCI shouldn’t have had the document, did Brennan call an “emergency meeting” to inform Feinstein and Saxby Chambliss of those activities.

I made clear during our meeting that I wanted to conduct this security review with our consent and, furthermore, that I welcomed the participation of the Committee’s Security Director in this effort.


As I noted at our meeting, this is a very serious matter, and it is important that both the CIA and the Committee get to the bottom of what happened.

In response, according to Feinstein, she sent Brennan two letters, one, on January 17, objecting to CIA’s “investigative, protective, or intelligence activity,” and the second, on January 23, asking specific questions about what CIA had done.

Two days after the meeting, on January 17, I wrote a letter to Director Brennan objecting to any further CIA investigation due to the separation of powers constitutional issues that the search raised. I followed this with a second letter on January 23 to the director, asking 12 specific questions about the CIA’s actions—questions that the CIA has refused to answer.

Some of the questions in my letter related to the full scope of the CIA’s search of our computer network. Other questions related to who had authorized and conducted the search, and what legal basis the CIA claimed gave it authority to conduct the search. Again, the CIA has not provided answers to any of my questions.

My letter also laid out my concern about the legal and constitutional implications of the CIA’s actions. Based on what Director Brennan has informed us, I have grave concerns that the CIA’s search may well have violated the separation of powers principles embodied in the United States Constitution, including the Speech and Debate clause. It may have undermined the constitutional framework essential to effective congressional oversight of intelligence activities or any other government function.

The letter Brennan has released (which, as I have said, seems designed for release) did not answer these questions or even acknowledge they had been asked. Instead, Brennan insisted that CIA’s “investigative, protective, or intelligence activity” continue, though invited another, independent inquiry with Committee involvement.

I would welcome an independent review that explores CIA’s actions and how these documents came to reside on the Committee’s side of the CIA facility network. If you are amenable, I will have my Acting General Counsel reach out to the Committee’s Majority and Minority Counsel to discuss options for such an independent review.

However we proceed, the security review must be completed in a timely manner. It is imperative to learn whether or not a breach or vulnerability exists on this network and was exploited. I trust that you share my concerns and that we can work together to carry out a security review that answers these important questions while respecting the important separation of powers concerns of both.

According to both accounts, there had been no mention of involving DOJ up to that point.

Meanwhile, CIA’s Inspector General David Buckley started an investigation and ultimately referred it to DOJ, and then in response, Robert Eatinger referred the SSCI to DOJ.

Days after the meeting with Director Brennan, the CIA inspector general, David Buckley, learned of the CIA search and began an investigation into CIA’s activities. I have been informed that Mr. Buckley has referred the matter to the Department of Justice given the possibility of a criminal violation by CIA personnel.

Let me note: because the CIA has refused to answer the questions in my January 23 letter, and the CIA inspector general review is ongoing, I have limited information about exactly what the CIA did in conducting its search.

Weeks later, I was also told that after the inspector general referred the CIA’s activities to the Department of Justice, the acting general counsel of the CIA filed a crimes report with the Department of Justice concerning the committee staff’s actions. I have not been provided the specifics of these allegations or been told whether the department has initiated a criminal investigation based on the allegations of the CIA’s acting general counsel.

In other words, Eatinger didn’t refer this case when CIA first started worrying about possible violations of Federal law (nor, as far as we know, did Stephen Preston make a referral in 2010 when documents started disappearing from the server). He didn’t refer the case after CIA’s initial “investigative, protective, or intelligence activity” — at that point, Brennan still wanted CIA to continue its “investigative, protective, or intelligence activity” itself.

It was only after CIA got referred for its “investigative, protective, or intelligence activity” that Eatinger decided the matter had reached what Goldsmith claims is a very low bar for referral.

Now, I might entertain the possibility that after things started spinning out of control, Eatinger got the brilliant idea that it was not a good idea for CIA to conduct “investigative, protective, or intelligence activity” targeted at their overseers. It’s possible, too, that Brennan envisioned the “independent investigation” mentioned in his letter to Feinstein would be conducted by DOJ, though he didn’t say that in his letter that I believe was designed to be publicly released.

But certainly, Eatinger let things get far beyond the “low bar” before he referred the issue to DOJ. He certainly didn’t let another Agency “decide the appropriate action in the first instance.” CIA got to decide that.

Which brings me to the even more troubling aspect of this.

Given Brennan’s response to Wyden (which may or may not have been written after consultation with Eatinger), the CIA Director believes the limits on EO 12333 do not prevent the CIA from conducting its own parallel “investigative, protective, or intelligence activity” outside the realm of normal law enforcement, not even if CIA was directly involved.

Say, did you notice that Brennan didn’t specify for Wyden whether he believed CIA had been engaged in “investigative” or “protective” or “intelligence” activity?

CIA’s not supposed to be in charge of intelligence activities targeted at Americans — FBI is, the same investigative agency only now being involved in this, in spite of the “low bar” on referrals under EO 12333.

Suffice it to say it might have behooved Brennan, given that he edited the citation from 18 U.S.C. § 1030(f), to specify what kind of authorized activity CIA was engaged in when it snooped on its overseers.

Because the impression I get from all this is that the Director of the CIA thinks it’s perfectly okay for CIA to conduct its own “investigative, protective, or intelligence activity” in parallel with more appropriate means of investigating events involving CIA. (Think, for example, of the potentially parallel investigation it might conduct of Gitmo detainees and their lawyers as they discuss torture using bugs in the smoke alarms and a kill switch on the white noise machine?) And this was targeted at its overseers! Imagine the extent of “investigative, protective, or intelligence activity” CIA might engage in if it was someone without the purported protections of Separation of Powers.

24 replies
  1. lefty665 says:

    “It was only after CIA got referred for its “investigative, protective, or intelligence activity” that Eatinger decided the matter had reached what Goldsmith claims is a very low bar for referral.”
    Thank you. I missed that the IG referral of CIA for illegal activities preceded Eatinger’s referral of SSCI staff. That sequence makes a difference. With that information Brennan/Eatinger’s actions resemble a disinformation operation that distracts attention (look over here), confuses the issue (competing allegations, who can tell what’s real), and attempts to discredit and smear the other guys.
    That is the CIA’s stock in trade when it is not torturing or droning. Seems pretty clearly in violation of the prohibition on domestic operations.

  2. Greg Bean (@GregLBean) says:

    Haha, the phrase, “Nice try”, may go down in history with other memorable quotes like, “Go ahead, make my day” and with the analysis that follows it in this surgical take-down will in future probably evoke the same spine-crushing terror in those it is directed at.

    Nice one Marcy, the birth of a new meme!

  3. chronicle says:

    I love it. The USG cockroach’s eating the USG pond scum. Fortunately, the stench from this debacle is beginning to out-do the stench of the cesspool known as WDC. Pretty soon it will explode from a massive methane build-up in the halls of Congress. I can’t wait. Having seen the Iran-Contra hearings, Church hearings, Watergate hearings and everything that’s happened since, I believe this one will rival Ringling Brothers Greatest Show on Earth. Gotta go get some popcorn and peanuts.

  4. orionATL says:

    what does “doesn’t have a political bone in his body” have to do with this controversy?

    for eatinger the concern assuredly isn’t dem v repub, it’s protecting the cia at all costs from a serious over-stepping of its legal/operational boundaries.

    both rizzo and goldsmith surely understand this.

    • GKJames says:

      And also indicative of what I see as a critical problem: If Eatinger was found to have committed fraud on the court, why does he still have a license to practice?

  5. orionATL says:

    and from on 3-12-2014, we learn that eatinger spends much of his day advising john brennan:

    “… In a talk before the American Bar Association in Washington in October, Eatinger sketched out the thorny nature of his sensitive legal job and described his chief role as advising the CIA director “on the potential consequences of choosing one road over another.”

    Eatinger said he spent 50 percent of his day briefing Brennan with legal options for every major action “so that he makes a witting decision and if it’s sufficiently controversial, he can go to the president, he can go to the National Security Council, go to the (Director of National Intelligence) and make sure that the others make the balance along with us on what to pursue and what not to pursue…”

  6. M says:

    It is interesting that the defense suggests they fear being called “political” (i.e. favoring D’s vs. R’s) rather than being called “wrong,” “illegal,” or “morally suspect.” If anything that tells you a great deal about the culture of Washington and of insiders like Goldsmith who see an apolitical assault on governance as being ok.

  7. GKJames says:

    Odd, though I suppose consistent, is Goldsmith’s defense of Eatinger. To say that the latter “had no choice but to refer his Agency’s overseers” not only contradicts the subsequent assertion that Eatinger had “felt it was the right thing to do,” but suggests that there is zero discretion about referrals. Obviously, given the narrative laid out here, he exercised that discretion only after Feinstein blew the whistle.

    And at that point, the Pavlovian response to protect the institution he works for kicked in. Which has always been the core of the apparatus’s ethos: the best defense is a robust offense, especially when it comes to squishy politicians on the Hill. And also why Goldsmith’s Eatinger “doesn’t have a political bone in his body,” aside from being nonsense on a human level, is beside the point.

  8. Anonsters says:

    Unlike a commenter above, I do not find Goldsmith’s defense of Eatinger odd. I find it to be par for the course. Goldsmith, like Eatinger, is a member of the inner circle of Very Serious National Security People. They all protect each other; they all take each other Very Seriously; and they look askance at anyone (from the outside) who doesn’t agree to conform to the National Security State as they have envisaged it. The cliquishness of nat. sec. law is what I hate most about it.

  9. P J Evans says:

    And, not quite OT, the government is telling the UN that it is no longer holding any minors from the GWOT. [Agencie France-Press, via Raw Story]

    “We are not currently detaining anyone under the age of 18 in an armed conflict,” Brigadier General Richard Gross, legal counsel at the Department of Defense, told the committee.

    The US delegation told the committee that approximately 2,500 individuals under the age of 18 at the time of their capture have been held in Iraq, Afghanistan and at Guantanamo Bay.

    • orionATL says:

      and did usgov make clear to the u.n. that the reason they are no longer holding anyone under 19 in guantanamo is because all the kids they stuffed in guantanamo in 2003+ have either grown up there or been suicided there.

      • P J Evans says:

        I sure wouldn’t want to bet on that. (And then there are the kids that were last seen in US custody, and have never been seen since. And some of their mothers.)

  10. What Constitution? says:

    Be careful what you wish for, Mr. Goldsmith. The provision of EO 12333 invoked by Mr. Goldsmith to “require” referrals on the basis of “possible” criminal conduct is contained in Section 1.6(b) of Part I of the EO, and applies to “heads of departments of the Intelligence Community.” If Goldsmith is to be believed about how this principle is applied, then I’d really like to read the referrals already made with regard to Clapper’s lies to the oversight committees in Congress or, for that matter, to Brennan’s choreographed leaks of classified information that he “feels like leaking….” There’s no doubt whatsoever that each type of conduct presents, at a minimum, “possible” criminal conduct — so I guess those referrals are still being considered by the DOJ, right? Bottom line, it’s just transparently deemed momentarily convenient to point out that provisions exist to foster the salutary principle that crime is bad and people should watch out for that — but it’s one hell of a stretch the way Goldsmith is trying to manipulate that principle to provide cover for Brennan here.

    The CIA mindset that got them into this particular bind is, in fact, precisely the mindset that has the NSA and CIA clandestinely seeking to “collect everything” in the electronic metadata aspect of this clusterfuck: specifically, “we can, technically, do it”, without regard for whether “we may/should, legally, do it”. The CIA creates a database for congressional review and then — “because the information is there”, the CIA surreptitiously retraces congressional footsteps in the database and, no doubt, figures “hey, they used it, it’s our data, they have nothing to fear if they have nothing to hide so we can do this”. Congress goes ballistic why? Because Congress didn’t expect the data of “their” use to be looked at? Wait — you mean it’s not always true that anything you do in the electronic world is devoid of any expectation of privacy? Let’s review: bulk collection is a “general warrant” and is unconstitutional. The little pissing match going on now under the guise of “a frontal attack on the Separation of Powers” is fundamentally a subset, a case study, a microcosm of the principle that our “intelligence agencies” so plainly don’t get — that “because we can” is not the same thing as “it’s legal”. It’s a very important specific example, to be sure, but the implications don’t stop with who is reporting whom for leaking what. And if it is to be about “who is reporting whom” and EO 12333 is, as Goldsmith facetiously reassures us, integral to that, let’s get Brennan and Clapper before the DOJ right damn quick.

  11. lefty665 says:

    “Days after the meeting with Director Brennan, the CIA inspector general, David Buckley, learned of the CIA search and began an investigation into CIA’s activities.”
    Wonder how that happened? SSCI complaint maybe? Regardless, he apparently found at least “possible criminal conduct” on the part of the CIA. Bet that makes him not very popular with Brennan, Eatinger, et al. There is a story there. Be interesting to see his referral to DOJ.

  12. chronicle says:

    I’ve grown tired of “analysis” of who tortured human beings. It happened. People are responsible. Let us stop being part of the repression of knowledge who did it. Our primary responsibility to hold our representatives of this debacle is simple. Kill them.

    • chronicle says:

      ps…I in retrospect, I need to qualify and modify my last statement..found here.

      “Our primary responsibility to hold our representatives of this debacle is simple. Kill them.”

      In that light…think Nuremberg.

  13. Frank33 says:

    In response to Ron Wyden’s question about whether CIA is subject to the Computer Fraud and Abuse Act — a polite way of suggesting CIA hacked the Committee server — John Brennan told Wyden,

    The statute does apply. The Act, however, expressly “does not prohibit any lawfully authorized investigative, protective, or intelligence activity … of an intelligence agency of the United States.”

    Criminal Fraud and Abuse is getting popular. Of course that is what the Irak and Afghan and Global War on Terror and War against the American people is all about. The Secret Spy organizations, 16 or more of them are involved in massive corruption.

    War, what is it good for? It is good for making the spymasters and Generals and military contractors, rich beyond their wildest dreams. That is why Breannan and Hayden and Alexander and the rest of the Secret Government do not want Congressional oversight. It would impair their unaccountable theft from secret accounts and secret conspiracies.

    Some other Generals or spymaster have another computer conspiracy to steal more money and abuse more victims. And they are successfully avoiding annoying and awkward Congress kritters messing with their war profiteering. The victims are employees of the US Government. Is that clever or what?

    This conspiracy is known as “phisihing”, where fraudulent emails are used to obtain confidential and usually financial information from victims. A secret unit of cyber commandos attacked the retirement accounts of Pentagon employees.

    An ominous e-mail message landed in the inboxes of a small group of U.S. Army employees last month, warning of a security breach in their federal retirement plans and urging them to log in and check their accounts.

    The e-mail was a fake — a classic spear phishing expedition looking for unwitting victims willing to share their personal financial information.

    But the perpetrator was not a criminal hacker. It was an Army combat commander, acting on his own authority to test whether anyone on his staff would fall for the trick. In the process of sussing out internal vulnerabilities, though, the commander sowed panic across the government: Employees forwarded the e-mail to thousands of friends and colleagues at the Defense Department, the FBI, Customs and Border Protection, the Labor Department and other agencies…

    The Defense Department still hasn’t revealed to savings plan officials which unit sent the e-mail. They’ve asked for the name in writing, to share with account holders, Weaver said.

    An anonynous spokesliar said it was a well intentioned exercise. Money for nothing and chicks for free.

Comments are closed.