On Corey Lewandowski’s Big Legal Bills and Mueller’s Deadline from Rosenstein

/167 Comments/in , /by

Quarterly political spending reports are out and they provide some hints about which current or former Trump aides have been spending a lot of time with Mueller’s investigators. The NYT reported the other day that the Trump campaign has paid $173,000 in the past quarter to the law firm representing Corey Lewandowski.

The campaign also paid $173,000 to Mintz Levin, a law firm that has helped Mr. Trump’s first campaign manager, Corey Lewandowski, handle inquiries related to the Russia investigations.

The suggestion that Lewandowski has spent quality time with Mueller’s team of late is particularly interesting, for several reasons. First, Lewandowski had a number of key interactions with George Papadopoulos regarding the outreach from Russia, including drafting Trump’s first foreign policy speech, which Papadopoulos reportedly told Ivan Timofeev was a sign that the campaign was interested in pursuing a Trump-Putin meeting.

April 27: Papadopoulos to Corey Lewandowski

“to discuss Russia’s interest in hosting Mr. Trump. Have been receiving a lot of calls over the last month about Putin wanting to host him and the team when the time is right.”

April 27: Papadopoulos authored speech that he tells Timofeev is “the signal to meet”

[snip]

May 4, Papadopoulos to Lewandowski (forwarding Timofeev email):

“What do you think? Is this something we want to move forward with?”

May 14, Papadopoulos to Lewandowski:

“Russian govemment[] ha[s] also relayed to me that they are interested in hostingMr. Trump.”

[snip]

June 19: Papadopoulos to Lewandowski

“New message from Russia”: “The Russian ministry of foreign affairs messaged and said that if Mr. Trump is unable to make it to Russia, if campaign rep (me or someone else) can make it for meetings? I am willing to make the trip off the record if it’s in the interest of Mr. Trump and the campaign to meet specific people.”

Lewandowski was also the person that the House Intelligence Committee treated most curiously. HPSCI originally interviewed him in January, during the phase when HPSCI seemed to be interviewing key witnesses to be able to pass on to Trump how they would testify. At that point, Mueller had not yet contacted Lewandowski.

Even though Lewandowski never worked in the Administration, in that first appearance with HPSCI, he invoked privilege over parts of his testimony. On March 8, HPSCI brought him back, the very last witness in their so-called investigation. After his three hour appearance, Adam Schiff discussed subpoenaing Lewnadowski to compel him to answer questions he had still refused to answer (Schiff had also demanded HPSCI compel full testimony from Hope Hicks). In the same discussion of compelling Lewandowski to answer questions,  Schiff suggested the committee should subpoena Stephen Miller.

After Lewandowski’s testimony had wrapped, Schiff raised a new name he wanted to speak to: White House aide Stephen Miller.

Which is curious because WSJ reports that the legal defense fund supporting specific former campaign staffers paid Akin Gump $115,000.

The fund directed most of its third-quarter spending to legal consulting, paying nearly $115,000 to the law firm Akin Gump Strauss Hauer & Feld LLP and another $8,500 to Schertler & Onorato LLP. The latter firm has represented Keith Schiller, Mr. Trump’s longtime bodyguard who was interviewed by the House Intelligence Committee as part of its Russia investigation.

It’s not publicly known which former campaign staffer Akin Gump represents, but two of the few key Trump people whose lawyers have not been publicly identified are Brad Parscale (though the campaign would probably pay for his legal defense at this point) and Miller.

Miller is the person whom Papadopoulos has said he would have told about the Russian offer of emails had he actually connected by phone the day he learned of it.

Meanwhile, Bloomberg reports (possibly based on Congressional sources) that Mueller is preparing to offer “reports” on his investigation.

Mueller is close to rendering judgment on two of the most explosive aspects of his inquiry: whether there were clear incidents of collusion between Russia and Donald Trump’s 2016 campaign, and whether the president took any actions that constitute obstruction of justice, according to one of the officials, who asked not to be identified speaking about the investigation.

[snip]

Rosenstein has made it clear that he wants Mueller to wrap up the investigation as expeditiously as possible, another U.S. official said.

This is actually not at all surprising. Trump is going to start firing people after the election, so Mueller’s ability to work unimpeded may be dramatically curtailed shortly after that. If he’s going to bring a big indictment, he has to do so in that time frame. Plus, after securing Paul Manafort and Michael Cohen’s cooperation, he has cooperating witnesses on all the elements of a conspiracy Mueller had identified by last March, not to mention slam dunk obstruction charges tied to floated pardons. Everyone is scheduled to start being sentenced after the election, too. With the hints he has gotten extensive Lewandowski testimony (and reports that he had obtained far more documentation pertaining to Don Jr’s actions), it would suggest that Mueller has at least tracked the game of telephone between Russians offering emails to the candidate anxious to accept that offer.

So this tells us what we might expect: the denouement of the Mueller investigation will happen, unless Trump works to undercut it, just after the election.

Update: In their plan for further investigation released in March, HPSCI Dems described that in his second committee appearance Lewandowski refused, “to answer questions regarding his communication with President Trump regarding former FBI Director Comey, Special Counsel Mueller, and Attorney General Sessions, as well as his communications with certain administration officials pertaining to the June 9, 2016 meeting at Trump Tower.” So it sounds like he’s also got evidence pertaining to the June 9 meeting.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The First Amendment Wall-Splat that Anticipates Any Defense of a Trump Conspiracy or WikiLeaks Charge

/17 Comments/in , , , /by

Last week, lawyers from Jones Day representing the Trump campaign submitted a response to a lawsuit by two Democratic donors and a DNC employee (the case is referred to as Cockrum after donor Roy Cockrum) that presents an interesting, but imperfect, preview of any defense of a Trump conspiracy and/or a WikiLeaks charge in the election hack-and-leak.

Effectively, the Democrats attempt to hold the Trump campaign responsible for having their private information (social security numbers in the case of the donors and more personal conversations in the case of DNC employee Scott Comer) posted in the emails released by WikiLeaks on July 22, 2016. They do so by arguing that the Trump campaign conspired with agents of Russia, agreeing to provide policy considerations in exchange for the assistance presented by the email release, which therefore makes them parties to the injury associated with the hack-and-leak.

The campaign isn’t responsible for information released as part of their conspiracy because the First Amendment protects it

In response, the Trump campaign (represented by Jones Day, and therefore by more competent lawyers than some of the clowns representing the president in the Mueller investigation) only secondarily deny the campaign entered into a conspiracy with the Russians as governed by the laws invoked by plaintiffs (you should not take this emphasis as admission of guilt in a conspiracy, but rather the most efficacious way of defeating the lawsuit). As a primary defense, they point to First Amendment precedent to argue two things: First, the campaign can’t be held responsible for the theft of information because they only sought the dissemination of already stolen documents — they had nothing to do with the theft of the documents, the campaign argues.

In Bartnicki v. Vopper, 532 U.S. 514 (2001), the Supreme Court held that the First Amendment protects a speaker’s right to disclose stolen information if (1) the speaker was “not involved” in the acquisition and (2) the disclosure deals with “a matter of public concern.” Id. at 529, 535. There, union leaders spoke on the phone about using violence against school-board members to influence salary negotiations. Id. at 518–19. An unknown person secretly intercepted the call and shared the illegal recording with a local radio host, who played it on his show. Id. at 519. The Court ruled that the First Amendment protected the radio broadcast, because the host “played no part in the illegal interception” and “the subject matter of the conversation was a matter of public concern.” Id. at 525. The Court reasoned that “state action to punish the publication of truthful information seldom can satisfy constitutional standards.” Id. at 527. The state has an interest in deterring theft of information, but it must pursue that goal by imposing “an appropriate punishment” on “the interceptor”—not by punishing a speaker who was “not involved in the initial illegality.” Id. at 529. The state also has an interest in protecting “privacy of communication,” but “privacy concerns give way when balanced against the interest in publishing matters of public importance.” Id. at 533–34. In short, “a stranger’s illegal conduct does not suffice to remove the First Amendment shield from speech about a matter of public concern.” Id. at 535.

“An opposite rule”—under which a speaker may be punished for truthful disclosures on account of a “defect in the chain of title”—“would be fraught with danger.” Boehner v. McDermott, 484 F.3d 573, 586 (D.C. Cir. 2007) (opinion of Sentelle, J., joined by a majority of the en banc court). “U.S. newspapers publish information stolen via digital means all the time.” Jack L. Goldsmith, Uncomfortable Questions in the Wake of Russia Indictment 2.0 (July 16, 2018).1 Indeed, they “openly solicit such information.” Id. Punishing “conspiracy to publish stolen information” “would certainly narrow protections for ‘mainstream’ journalists.” Id.

The Campaign satisfies the first part of Bartnicki’s test: It “played no part in the illegal interception.” Bartnicki, 532 U.S. at 525. That is clear from Plaintiffs’ factual theory: “Defendants entered into an agreement with other parties, including agents of Russia and WikiLeaks, to have information stolen from the DNC publicly disseminated in a strategic way.” (Am. Compl. ¶ 16) (emphasis added). The complaint reinforces that theory on every page: “the publication of hacked information pursuant to the conspiracy” (id. ¶ 20); “conspiracy … to disseminate information” (id. ¶ 78); “extracting concessions … in exchange for the dissemination of the information” (id. ¶ 149); “an agreement to disseminate the hacked DNC emails”) (id. at 42); “motive to coordinate regarding such dissemination” (id. ¶ 153); “an agreement regarding the publication” (id. ¶ 154); “agreed … to publicly disclose” (id. ¶ 296) (all emphases added).

In a key move, the response points to the chronology (they incorrectly say) the plaintiffs lay out to show that the Campaign didn’t enter into a conspiracy with the Russians until after the theft had already taken place.

That is no surprise. Given Rule 11, Plaintiffs could not have alleged the Campaign’s involvement in the initial hack. According to Plaintiffs’ own account, Russian intelligence hacked the DNC’s networks “in July 2015,” and gained access to email accounts “by March 2016.” (Id. ¶ 86.) But the Campaign supposedly became motivated to work with Russia only in “the spring and summer of 2016” (id. at 25), and supposedly entered into the agreement in “secret meetings” in “April,” “May,” “June,” and “July” 2016 (id. ¶¶ 89–104). In other words, Plaintiffs themselves say that the alleged conspiracy was formed after the hack and after the acquisition of the emails—so that the Campaign could not have participated in the initial theft.

From there, the Campaign shifts to the second part of the First Amendment argument: what they encouraged the Russians (and WikiLeaks) to publish was a matter of public concern.

The Campaign also satisfies the second part of Bartnicki’s test: the disclosure deals with “a matter of public concern.” Bartnicki, 532 U.S. at 525. Whether speech deals with issues of public concern is “a matter of law.” Snyder v. Phelps, 580 F.3d 206, 220 (4th Cir. 2009). “Speech deals with matters of public concern when it can be fairly considered as relating to any matter of political, social, or other concern to the community, or when it is a subject of legitimate news interest.” Snyder v. Phelps, 562 U.S. 443, 453 (2011) (citations and quotation marks omitted). A court applying this test must examine the “content, form, and context” of the speech. Id.

Courts judge the public character of a disclosure in the aggregate, not line by line. Regardless of whether the particular sentence complained about is itself of public concern, the disclosure is constitutionally protected if the disclosure as a whole deals with a matter of public concern. For example, in Bartnicki, leaders of a teachers’ union spoke on the phone about “blow[ing] off [school-board members’] front porches” to influence salary negotiations. 532 U.S. at 519. Even though the threat to “blow off” porches was not itself speech about public issues, the First Amendment protected the disclosure because the host made it while “engaged in debate about” teacher pay—“a matter of public concern.” Id. at 535. The “public concern” test thus turns on the broader context of the disclosure, not the nature of the specific fact disclosed.

To substantiate their “public concern” defense, the response points to (and includes as exhibits) a handful emails out of the tens of thousands dumped in just the DNC release and some bad press coverage, and argues that because WikiLeaks has a policy of not redacting emails, the information that damaged the plaintiffs just came out along with this public concern information.

These emails revealed important information about the Clinton Campaign and Democratic Party. For example:

  • The emails revealed DNC officials’ hostility toward Senator Sanders. DNC figures discussed portraying Senator Sanders as an atheist, because “my Southern Baptist peeps would draw a big difference between a Jew and an atheist.” (Ex. 1.) They suggested pushing a media narrative that Senator Sanders “never ever had his act together, that his campaign was a mess.” (Ex. 2.) They opposed his push for additional debates. (Ex. 3.) They complained that he “has no understanding” of the Democratic Party. (Ex. 4.)
  • According to The New York Times, “thousands of emails” between donors and fundraisers revealed “in rarely seen detail the elaborate, ingratiating and often bluntly transactional exchanges necessary to harvest hundreds of millions of dollars from the party’s wealthy donor class.” These emails “capture[d] a world where seating charts are arranged with dollar totals in mind, where a White House celebration of gay pride is a thinly disguised occasion for rewarding wealthy donors and where physical proximity to the president is the most precious of currencies.” (Ex. 5.)
  • The emails revealed the coziness of the relationship between the DNC and the media. For example, they showed that reporters would ask DNC to pre-approve articles before publication. (Ex. 6.) They also showed DNC staffers talking about giving a CNN reporter “questions to ask us.” (Ex. 7.)
  • The emails revealed the DNC’s attitudes toward Hispanic voters. One memo discussed ways to “acquire the Hispanic consumer,” claiming that “Hispanics are the most brand loyal consumers in the World” and that “Hispanics are the most responsive to ‘story telling.’” (Ex. 8.) Another email pitched “a new video we’d like to use to mop up some more taco bowl engagement.” (Ex. 9.)

WikiLeaks, however, did not redact the emails, so the publication also included details that Plaintiffs describe as private.

In this scenario, even assuming the Trump campaign did enter a conspiracy with the Russians, the plaintiffs in this lawsuit were just collateral damage to disclosures protected by the First Amendment.

The conspiracy to hurt individual Democratic donors defense

As noted, the defense against the claim that the campaign entered into a conspiracy with the Russians is only a secondary part of the defense here. Perhaps that’s because this part of the defense is far weaker than the First Amendment part.

As part of it, the response notes that the plaintiffs would have had to enter into a conspiracy with the goal and the state of mind laid out by the two laws primarily cited by plaintiffs, to intimidate voters and to intentionally inflict harm on plaintiffs. Once again, this part of the argument treats the plaintiffs as collateral damage to the goals of embarrassing the DNC effectuated by the publication of materials by WikiLeaks, which has a policy of not redacting anything in its releases.

Plaintiffs do not plausibly allege these states of mind. For one thing, Plaintiffs allege that the object of the purported conspiracy was to promote the Trump Campaign and to embarrass the DNC and the Clinton Campaign. (Am. Compl. ¶ 190.) They do not allege facts showing that the Campaign even knew of Mr. Comer, Mr. Cockrum, or Mr. Schoenberg, much less that Campaign officials met with Russian agents for the purpose of disclosing these individuals’ social security numbers, gossip, and stomach-flu symptoms.

For another thing, Plaintiffs fail to address (let alone refute) the “obvious alternative explanation” for the disclosure of their emails (Iqbal, 556 U.S. at 682): WikiLeaks’ “accuracy policy,” under which WikiLeaks does not redact or “tamper with” the documents it discloses. (Ex. 10.) The upshot is that Plaintiffs do not plausibly allege that the Campaign acted with the purpose of intimidating Plaintiffs; do not plausibly allege that the Campaign acted with the specific intent to disclose Plaintiffs’ allegedly private emails; and do not plausibly allege that the Campaign acted with knowledge that the WikiLeaks email collection included Plaintiffs’ allegedly private emails.

It’s the other part of the conspiracy defense where the response is dangerously weak, given the possibility that Mueller will roll out another indictment providing more detail on negotiations between the campaign and Russia (which plaintiffs could then add in an amended complaint). Here, the campaign argues only that the plaintiffs haven’t shown proof of a conspiracy because they have not yet pointed to evidence that the campaign sought the DNC emails specifically, including the details that allegedly damaged the plaintiffs.

[T]he Amended Complaint fails to plausibly allege that the Campaign conspired with or aided and abetted the publishers of the DNC emails. Plaintiffs allege a series of meetings between the Campaign and Russian agents in 2016. (Id. ¶ 15.) But Plaintiffs do not allege that any of the meetings in any way concerned the DNC emails, much less the information about Plaintiffs contained in those emails. The allegation that people met to discuss something does not raise a plausible inference that they met to discuss collaborative efforts to release specific emails hacked from the DNC to influence an election, much less to intimidate or embarrass Plaintiffs. Cf. Twombly, 550 U.S. at 567 n.12 (regular meetings do not suggest conspiracy).

This argument may be sufficient for this civil suit, but for a number of reasons, such an argument would be totally insufficient in a criminal case. For starters, there likely is evidence, not least obtained from Paul Manafort’s cooperation, that the campaign had some idea of what they might get in exchange for entering into a quid pro quo with the Russians. As it is, Jones Day is utterly silent about Don Jr’s, “If it’s what you say I love it especially later in the summer” email, which reflects some expectation, already by June 3, 2016, of what the campaign would get for entering into a conspiracy, even though plaintiffs quote it in their complaint.

But also, the conspiracy charged in a criminal indictment would allege a different goal — in part, the embarrassment of the DNC and support of the Trump campaign that the campaign response stops far short of denying. So while with respect to the suit brought by these plaintiffs, the argument that the defendants did not have the mindset of trying to intimidate voters or damage the plaintiffs, if and when Mueller charges a conspiracy, it will argue a different mind set, to defraud the US’ election integrity, in part to obtain a thing of value from the Russians. And that mindset is going to be much easier to prove.

This response does next to nothing to deny that mindset.

Instead, much later in the response (as part of an argument that plaintiffs can’t claim a conspiracy to violate campaign finance laws because the FEC preempts it), the campaign does address what might be one defense in a criminal indictment charging that the Trump team conspired with Russia with the goal of obtaining illegal campaign donations in the form of dirt on Hillary. The response argues that such released emails do not constitute a thing of value, but are instead protected political speech.

Plaintiffs in all events fail to establish a conspiracy to violate any federal campaign-finance law. Plaintiffs assert that federal law prohibits foreign nationals from making “a contribution or donation of money or other thing of value” in connection with an election, 52 U.S.C. § 30121(a), and that “Defendant’s co-conspirators … contributed a ‘thing of value’ … in the form of the dissemination of hacked private emails” (Am. Compl. ¶ 215). This assertion is incorrect. For one, there is a fundamental difference between contributing a thing of value and engaging in pure political speech. Pure political speech constitutes “direct political expression”; in contrast, “while contributions may result in political expression if spent by a candidate or association to present views to the voters, the transformation of contributions into political debate involves speech by someone other than the contributor.” Buckley v. Valeo, 424 U.S. 1, 21–22 (1976). The disclosure of information about a political party is pure political speech, not a political contribution. The disclosure itself directly expresses political messages; unlike money, it does not need to be transformed into a political message by somebody else.

For another, treating a disclosure of information as a “contribution” would violate the First Amendment. The Supreme Court has held that the First Amendment guarantees Americans the right to receive political speech from foreigners. Lamont v. Postmaster General, 381 U.S. 301, 306 (1965). Yet under Plaintiffs’ theory, it would be illegal to solicit political information from a foreign national, because the provision of such information would amount to a “contribution.” For example, “if the Clinton campaign heard that Mar-a-Lago was employing illegal immigrants in Florida and staffers went down to interview the workers, that would be a crime.” Eugene Volokh, Can it be a crime to do opposition research by asking foreigners for information? (July 27, 2017).2 “Or say that Bernie Sanders’s campaign heard rumors of some misconduct by Clinton on her trips abroad—it wouldn’t be allowed to ask any foreigners about that.” Id. The First Amendment does not tolerate such results.

This claim, if it were substantiated, would have repercussions across Mueller’s work, extending to the Internet Research Agency indictment (indeed, Concord Consulting is trying to make similar arguments, though not as brazenly suggesting that foreigners have a First Amendment right to weigh in on our elections).

Yet, as I’ve noted, Mueller has already collected evidence of how much a similar campaign to the one the Russians conducted would cost a campaign, in the form of the spooked up Psy-Group campaign offered by Israelis and Gulf supporters: $3.31 million. That is, Mueller has the evidence to show that the Russians did not just release the information, but engaged in an entire social media campaign to maximize the value of the information they released, and that information goes beyond simple publication to the stuff that political consultants charge real money for.

The other problems with this defense

There is far more to the campaign’s defense (notably, extensive arguments about whether state or federal law applies to particularly parts of the complaint, and if it’s state law, whether it’s Maryland, New Jersey, and Tennessee as plaintiffs argue, or Virginia and New York as defendants do) than what I’ve laid out, and this suit would be a challenge in any case. But there are other problems with the defense.

In a piece on this response, Floyd Abrams argues that there are key differences between the primary First Amendment precedent on which the defense relies and this case. For example, the Bartnicki case focused on material the entirety of which was in the public interest, whereas the bulk of what the Russians gave WikiLeaks is not.

[T]he entirety of the wiretapped recording in Bartnicki was of undoubted public interest while some portions of the purloined DNC documents had a special claim to being of no sustainable public interest while inflicting substantial potential privacy harm—including social security numbers sent to the DNC which WikiLeaks, as it has repeatedly chosen to do, decided to make public.

Jones Day may well realize this is a weak part of their argument, as they return to WikiLeaks’ failure to redact information that had no public interest in a number of ways. At one point, they argue that if WikiLeaks redacted information some information of public interest might get withheld as part of the process.

To establish public-disclosure liability, a plaintiff must show that the facts at issue are not “of legitimate concern to the public”—in other words, that the facts are not “of the kind customarily regarded as ‘news.’” Second Restatement § 652D & comment g. Like the First Amendment test, the tort-law test requires courts to analyze speech “on an aggregate basis.” Alvarado v. KOB-TV, LLC, 493 F.3d 1210, 1221 (10th Cir. 2007). A publisher does not have to “parse out concededly public interest information” “from allegedly private facts.” Id. That is because redactions would undermine the “credibility” of a disclosure, causing the public to doubt its accuracy. Ross v. Midwest Commc’ns, Inc., 870 F.2d 271, 275 (5th Cir. 1989). Further, requiring publishers to redact—“to sort through an inventory of facts, to deliberate, and to catalogue”—“could cause critical information of legitimate public interest to be withheld until it becomes untimely and worthless to an informed public.” Star-Telegram, Inc. v. Doe, 915 S.W.2d 471, 475 (Tex. 1995).

At another point, they argue (this is one of their most ridiculous arguments) that WikiLeaks is just an intermediary that the Russians used to post injurious messages.

Under section 230 of the Communications Decency Act (47 U.S.C. § 230), a state may impose liability on “the original culpable party who posts [tortious] messages,” but not on “companies that serve as intermediaries for other parties’ potentially injurious messages.” Zeran v. America Online, 129 F.3d 327, 330–31 (4th Cir. 1997). As a result, a website that provides a forum where “third parties can post information” is not liable for the third party’s posted information. Klayman v. Zuckerberg, 753 F.3d 1354, 1358 (D.C. Cir. 2014). Since WikiLeaks provided a forum for a third party (the unnamed “Russian actors”) to publish content developed by that third party (the hacked emails), it cannot be held liable for the publication.

And the insistence that WikiLeaks is known not to redact information may hurt the Trump campaign if it gets that far.

Abrams also points to how entering into a conspiracy might change the legal liability of the Trump campaign.

[T]he Bartnicki defendants were at all times entirely independent of the person who surreptitiously made the wiretapped recording available to it while the Trump campaign is accused in Cockrum of conspiring with its alleged Russian source after the information had been hacked to make the information public.

Even for the purpose of this lawsuit, the claim that the Trump campaign entered into a conspiracy only after the information had been hacked may not be sustainable. After all, George Papadopoulos learned the Russians were going to release emails, of some sort (even if he believed they were Hillary server emails rather than DNC ones), well before the Russians were ejected from the DNC servers a month later. The Russians first contacted the Trump campaign about this conspiracy on April 26, 2016, after they had stolen the Podesta emails in March; but the DNC emails that are the subject of this lawsuit weren’t exfiltrated, at least according to the GRU indictment, until a month later.

Between on or about May 25, 2016 and June 1, 2016, the Conspirators hacked the DNC Microsoft Exchange Server and stole thousands of emails from the work accounts of DNC employees.

So Papadopoulos’ responsiveness might be enough to sustain a claim that the Trump campaign was engaged in this conspiracy before the emails in question were stolen. Indeed, this paragraph from the response (cited above) falsely claims that the plaintiffs suggested the theft ended in March.

Plaintiffs could not have alleged the Campaign’s involvement in the initial hack. According to Plaintiffs’ own account, Russian intelligence hacked the DNC’s networks “in July 2015,” and gained access to email accounts “by March 2016.” (Id. ¶ 86.) But the Campaign supposedly became motivated to work with Russia only in “the spring and summer of 2016” (id. at 25), and supposedly entered into the agreement in “secret meetings” in “April,” “May,” “June,” and “July” 2016 (id. ¶¶ 89–104). In other words, Plaintiffs themselves say that the alleged conspiracy was formed after the hack and after the acquisition of the emails—so that the Campaign could not have participated in the initial theft.

Here’s what the complaint really says:

In order to defeat Secretary Clinton and help elect Mr. Trump, hackers working on behalf of the Russian government broke into computer networks of U.S. political actors involved in the 2016 election, including the DNC and the Clinton Campaign. Elements of Russian intelligence gained unauthorized access to DNC networks in July 2015 and maintained that access until at least June 2016. By March 2016, the Russian General Staff Main Intelligence Directorate (GRU) gained unauthorized access to DNC networks, DCCC networks, and the personal email accounts of Democratic Party officials and political figures.

By May 2016, the GRU had copied large volumes of data from DNC networks, including email accounts of DNC staffers. Much of the GRU’s activity within the DNC networks took place between March and June 2016, at the very same time its agents were intensifying their outreach to and securing meetings with agents of the Trump Campaign.

[snip]

According to the indictment, “in and around April 2016, the Conspirators began to plan the release of materials stolen from the Clinton Campaign, DCCC, and DNC.” And “in or around June 2016,” when the Trump Campaign was taking meetings with Russian agents to “get information on an opponent,” the indicted Russians and their coconspirators began to “stage[] and release[]” the stolen emails.

All that said, if the plaintiffs are relying on the June 9 meeting to establish the conspiracy, or even Don Jr’s June 3 email enthusiastically responding to Rob Goldstone’s offer, the campaign can argue in this suit that the actual theft of the emails in question — the DNC emails revealing the donors social security numbers and Comer’s embarrassing comments — were, according to the public record, already stolen by the time the campaign entered into the conspiracy.

But that’s not going to work if Mueller charges a criminal conspiracy. That’s true, in part, because the criminal conspiracy would include the social media part of the Russian assistance, which continued well after the June 9 meeting (the plaintiffs here couldn’t argue the social media exploitation hurt them because the emails including the information damaging to them wasn’t promoted by Russian social media actors). It would also include the DCCC releases, which led to the provision of opposition research to Republican operatives.

Indeed, even the hacking continued after the June 9 meeting. As the plaintiffs pointed out, on July 27, Russian hackers even seemed to respond directly to Trump’s request for assistance.

191. On July 27, 2016, during the Democratic National Convention, Mr. Trump held a press conference in Florida. During his remarks, Mr. Trump called on Russia to continue its cyberattacks, stating, “Russia, if you’re listening, I hope you’re able to find the 30,000 [Secretary Clinton] emails that are missing.” Although the Trump Campaign—and later, then-White House press secretary Sean Spicer—claimed that Mr. Trump was “joking,” when Mr. Trump was asked at the time to clarify his remark and whether he was serious, Mr. Trump stated: “If Russia or China or any other country has those emails, I mean, to be honest with you, I’d love to see them.”

192. According to the July 13, 2018 indictment of twelve Russian nationals filed by the Special Counsel, agents of the Russian government attempted that same day—July 27, 2016— “to spearfish for the first time email accounts at a domain hosted by a third-party provider and used by Clinton’s personal office.” In other words, on the day that Mr. Trump publicly said that he hoped Russia would be able to find missing emails related to Secretary Clinton, Russian intelligence for the first time attempted to hack email accounts on Secretary Clinton’s own server.

That particular hack was not successful, but a hack of the Democrats’ AWS hosted analytics program in September was; see ¶34. As I understand it, the targeting of Hillary’s campaign went on in a series of waves, and those waves might be shown to correlate to Trump’s requests for assistance.

So, absent proof that someone in the campaign encouraged Papadopoulos after having learned about the emails in April, the plaintiffs in this suit will struggle to show that Russian hacking of the emails that injured them took place after Trump’s campaign entered into the conspiracy. But Mueller won’t have that problem. And all that’s before the Peter Smith operation, which asked for assistance from Guccifer 2.0 and reached out to presumed Russian hackers to obtain information from Hillary’s home server. Plus, that’s all separate from the social media campaign which continued to benefit the Trump campaign up to the election.

The ironies of a First Amendment defense

There’s a detail about this response, however, that (relying as it does on a strong First Amendment defense) deserves more attention. The response claims that the entire purpose of this suit suit is to obtain discovery on the President on a number of topics — notably his tax returns and business relationships — that Democrats have been unable to fully pursue elsewhere.

The object of this lawsuit is to launch a private investigation into the President of the United States. The Amended Complaint already foreshadows discovery into the President’s “tax returns” (Am. Compl. ¶ 238), his “business relationships” (id.), his conversations with “Director Comey” (id. ¶ 251), and on and on.

Much later, in the conspiracy section, in an argument that seems designed for Brett Kavanaugh’s review, the response argues that plaintiffs need a more plausible claim to be able to get discovery from the President.

Rule 8 requires a complaint to state a “plausible” claim for relief. Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009). A complaint satisfies this standard if its “factual content” raises a “reasonable inference” that the defendant engaged in the misconduct alleged. Id. at 678. This requirement protects defendants against “costly and protracted discovery” on a “largely groundless claim.” Bell Atlantic Corp. v. Twombly, 550 U.S. 544, 558 (2007). This protection is essential here, where Plaintiffs’ explicit goal is to burden the President with discovery. The President’s “unique position in the constitutional scheme” requires him to “devote his undivided time and attention to his public duties.” Clinton v. Jones, 520 U.S. 681, 697–98 (1997). Courts must thus ensure that plaintiffs do not use “civil discovery” on “meritless claims” to interfere with his responsibilities. Cheney v. U.S. District Court, 542 U.S. 367, 386 (2004).

It’s only after making the claim that this suit is all about obtaining public interest information such as the President’s tax returns that the campaign makes an argument justifying the release of all this information in the name of public interest.

According to the logic Jones Day lays out here, the Democrats’ mistake was in not finding foreign hackers to steal and then publish Trump’s tax returns.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Guccifer 2.0 Cleaned Up His “Collusion” Three Months after the Fact

/11 Comments/in , /by

I discovered something curious when I was working on a timeline recently.

Most posts on the Guccifer 2.0 site appear to have been modified only in the immediate timeframe after publishing (though, significantly, the first post was modified after the some of the first documents were recorded as being tweaked). But one post was modified, very slightly, months after it was posted.

That’s the Guccifer FAQ post. When it was first published on June 30, 2016 and as late as September 27 of that year, a paragraph on Hillary in the post read this way:

As for me, I see great differences between Hillary Clinton and Donald Trump. Hillary seems so much false to me, she got all her money from political activities and lobbying, she is a slave of moguls, she is bought and sold. She never had to work hard and never risked everything she had. Her words don’t meet her actions. And her collision with the DNC turned the primaries into farce. [my emphasis]

On October 2, 2016, that paragraph was corrected to read like this:

As for me, I see great differences between Hillary Clinton and Donald Trump. Hillary seems so much false to me, she got all her money from political activities and lobbying, she is a slave of moguls, she is bought and sold. She never had to work hard and never risked everything she had. Her words don’t meet her actions. And her collusion with the DNC turned the primaries into farce. [my emphasis]

That is, over three months after the post was originally posted, someone went back in and changed “collision” into the word that has taken on such loaded meaning since, “collusion.” Probably, “collusion” was the word intended from the start; perhaps either a keyboard fat-finger (on an English language keyboard, with the “u” and the “i” adjacent) or an autocorrect produced “collision” instead. While the paragraph and the post are rife with the linguistic inaccuracies — such as the use of “mogul” in the same paragraph — seen in other Guccifer 2.0 posts, in context “collusion” is the word that makes sense.

To be clear: I’m not making a big deal about any likely explanations for the incorrect word in the first place, nor am I making a big deal that that word — “collusion” — is the one thing that someone cared enough about to correct months later. “Collusion” is not a word Guccifer 2.0 used elsewhere, not even in posts where it might have been easy to do so. I’m not ascribing any grand significance to this change. I just find it curious.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Homeland Security Chair Ron Johnson Thinks It Scandalous that Lawyer of Hacking Victim Talks to FBI about Hack

/50 Comments/in , /by

In the never-ending scandal industry of Republican members of Congress trying to make a huge deal out of the fucking Steele dossier, Senate Homeland Security Chair Ron Johnson is demanding that Christopher Wray provide more information (including on the John Doe investigations into Scott Walker’s corruption in WI). Johnson never went to such lengths to obtain information from the FBI during the investigation of the Boston Marathon bombing, but I guess he has different priorities.

Among the things he’s demanding are details of a conversation that Perkins Coie attorney Michael Sussmann had with then FBI General Counsel James Baker.

According to public reports, former FBI General Counsel James Baker met with Michael Sussman, [sic] an attorney with the Perkins Coie law firm, which retained Fusion GPS in 2016 to research allegations about then-candidate Donald Trump. Fusion GPS hired Christopher Steele, author of the Steele dossier–and Mr. Sussman allegedly provided the FBI with information “related to Russian interference in the election, hacking and possible Trump connections.”

The John Solomon piece that has gotten Ron Johnson all hot and bothered about this contact says that Sussmann gave Baker some materials on Russian hacking and possible Trump connections with it.

Baker identified lawyer Michael Sussman, [sic] a former DOJ lawyer, as the Perkins Coie attorney who reached out to him and said the firm gave him documents and a thumb drive related to Russian interference in the election, hacking and possible Trump connections.

Michael Sussmann has been publicly identified as the person that helped the DNC respond to the Russian hack since June 14, 2016, the day the hack first became public.

Chief executive Amy Dacey got a call from her operations chief saying that their information technology team had noticed some unusual network activity.

“It’s never a call any executive wants to get, but the IT team knew something was awry,” ­Dacey said. And they knew it was serious enough that they wanted experts to investigate.

That evening, she spoke with Michael Sussmann, a DNC lawyer who is a partner with Perkins Coie in Washington. Soon after, Sussmann, a former federal prosecutor who handled computer crime cases, called Henry, whom he has known for many years.

His role in helping the DNC help respond to the hack was further described by the NYT’s magnum opus on it.

No one knew just how bad the breach was — but it was clear that a lot more than a single filing cabinet worth of materials might have been taken. A secret committee was immediately created, including Ms. Dacey, Ms. Wasserman Schultz, Mr. Brown and Michael Sussmann, a former cybercrimes prosecutor at the Department of Justice who now works at Perkins Coie, the Washington law firm that handles D.N.C. political matters.

“Three most important questions,” Mr. Sussmann wrote to his clients the night the break-in was confirmed. “1) What data was accessed? 2) How was it done? 3) How do we stop it?”

Mr. Sussmann instructed his clients not to use D.N.C. email because they had just one opportunity to lock the hackers out — an effort that could be foiled if the hackers knew that the D.N.C. was on to them.

“You only get one chance to raise the drawbridge,” Mr. Sussmann said. “If the adversaries know you are aware of their presence, they will take steps to burrow in, or erase the logs that show they were present.”

The D.N.C. immediately hired CrowdStrike, a cybersecurity firm, to scan its computers, identify the intruders and build a new computer and telephone system from scratch. Within a day, CrowdStrike confirmed that the intrusion had originated in Russia, Mr. Sussmann said.

The NYT even describes Sussmann and DNC executives meeting with “senior F.B.I. officials” — a description that would fit the FBI’s General Counsel, Baker, whom Sussman would have known from when they worked on national security cases at DOJ together.

The D.N.C. executives and their lawyer had their first formal meeting with senior F.B.I. officials in mid-June, nine months after the bureau’s first call to the tech-support contractor. Among the early requests at that meeting, according to participants: that the federal government make a quick “attribution” formally blaming actors with ties to Russian government for the attack to make clear that it was not routine hacking but foreign espionage.

“You have a presidential election underway here and you know that the Russians have hacked into the D.N.C.,” Mr. Sussmann said, recalling the message to the F.B.I. “We need to tell the American public that. And soon.”

In other words, there has been public reporting for years that Sussmann spoke to the FBI, reporting that even explains why he was involved — because he was the guy with experience working on cybersecurity. But in spite of that, the Chair of one of the committees most centrally involved in cybersecurity is now suggesting that victims of nation-state hacking and their lawyers should not talk to the FBI about that hacking.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

That Ongoing Grand Jury Investigation that Michael Cohen’s Loot Is Feeding

/40 Comments/in /by

On Thursday, the NYT asked for the judge in the Michael Cohen case to unseal the warrant materials for the things seized on April 9, as well as the email accounts that had been searched prior to that. In their request, NYT attorney David McCraw asserted,

First, any risk of impairing law enforcement interests is minimal because the Government’s investigation of Mr. Cohen has concluded. … More to the point, Mr. Cohen has pleaded guilty to all the charges against him. And to the extent there are any ongoing investigations related to Mr. Cohen’s, any sensitive law enforcement information in the documents can be redacted.

As noted by the NYT, both Cohen and the government opposed the request.

A day later, the prosecution team wrote the judge, asking for three weeks to respond and permission to file part of its objection in sealed form

The Government intends to file an opposition to this request, and seeks permission to do so no later than November 2, 2018. In addition, because responding to this request requires describing, inter alia, the effect that unsealing would have on an ongoing grand jury investigation, the Government requests permission to file a portion of its response ex parte and under seal.

The government got two weeks, and the permission to file some of this under seal.

In response to this, I’ve seen a lot of people who assume the ongoing investigation is into Cohen — and it may well be. But the prosecution letter doesn’t say that, and given the way Cohen pled guilty in a rush to beat the campaign season and promptly started begging all prosecutors to start asking him questions, there’s no reason to believe that’s the case.

The reporting on the scope of the warrants against Cohen was always very vague, focusing on the Stormy Daniels part to the exclusion of the taxi medallion and fraud part. Just the taxi stuff was included in his guilty plea. So there’s still fraud (which is probably why Cohen pled guilty so quickly).

Some of the other crimes that might have been covered in Cohen’s warrant — such as the pay to play associated with the Inauguration — would overlap with Mueller’s investigation (and Cohen has spent some days chatting with Mueller’s prosecutors). But it’s certainly possible that (as I’ve suspected), that pay to play has already gotten spun off from Mueller’s investigation and is being led out of NY.

And, of course, there are the Trump Organization people — Executive 1 and Executive 2 (one of whom may well be a spawn) mentioned in Cohen’s plea who might also be targeting. Or, of course, Individual 1, Trump himself.

Trump’s Open Book Test Still Poses a Big Perjury Risk

/50 Comments/in , /by

In spite of a great deal of encouragement to do so on Twitter, I can’t muster a victory lap from the news that the Mueller team has agreed that Trump’s first round of open book test will focus only on conspiracy with Russia.

President Donald Trump’s legal team is preparing answers to written questions provided by special counsel Robert Mueller, according to sources familiar with the matter.

The move represents a major development after months of negotiations and signals that the Mueller investigation could be entering a final phase with regard to the President.

The questions are focused on matters related to the investigation of possible collusion between Trump associates and Russians seeking to meddle in the 2016 election, the sources said. Trump’s lawyers are preparing written responses, in part relying on documents previously provided to the special counsel, the sources said.

[snip]

Negotiations for Trump’s testimony lasted for the better part of a year. The two sides nearly reached a deal in January for Trump to be questioned at the presidential retreat in rural Maryland, Camp David, only for talks to break down at the last minute. What followed was a series of letters and meetings — some hostile — in which Trump’s lawyers raised objections and sought to limit any potential testimony.

For months, Mueller told Trump’s lawyers that he needed to hear from the President to determine his intent on key events in the obstruction inquiry.

While I find it significant that this report came first from Evan Perez and (?!?!) Dana Bash, not Maggie and Mike (suggesting it may come from different sources than the people who fed the NYT the line that Mueller was primarily interested in obstruction), this report seems to suggest that after letting Trump stall for almost a year, Mueller has decided to finally get him on the record on the key crimes.

While CNN has not said anything about timing — that is, how long Trump’s lawyers will stall over an open book test that they claim they’ve already written many of the answers to — this agreement may have as much to do with preparation for the post-election period in which Mueller can roll out any indictments he has been working on and Trump can start firing people. That is, before he makes any big moves in the case in chief, he has to get Trump on the record in some form or other. Better to get him on the record in sworn written statements than launch a subpoena fight that will last past that post-election period.

So I don’t think this says much about the relative legal exposure Mueller thinks Trump has for obstruction versus conspiracy (though, again, if you’ve got the conspiracy charges, the obstruction charges will be minor by comparison). It says that Mueller has decided it’s time to get Trump committed to one story, under penalty of perjury.

That said, consider two details about obstruction.

First, Mueller has gotten both of the men Trump reportedly dangled pardons to, Mike Flynn and Paul Manafort, to enter cooperation agreements. That means he’s got both men — possibly along with the non-felon lawyers who passed on the offer — describing that they were offered pardons if they protected the President. That, to my mind, is the most slam dunk instance of obstruction even considered. So by obtaining Manafort’s cooperation, Mueller may have already obtained the most compelling evidence of obstruction possible.

Also, it’s not at all clear that Trump can avoid perjury exposure even on an open book test. We’ve already seen that some of the written responses the Trump team has provided Mueller — such as the two versions of their explanation for the Flynn firing — obscure key details (including Trump’s own role in ordering Flynn to tell Russia not to worry about sanctions). Plus, Trump’s lawyers have recently come to realize they not only don’t know as much as they thought they did about what other “friendly” witnesses had to say (Bill Burck seems to have reconfirmed last week that his clients — which include, at a minimum, Don McGahn, Steve Bannon, and Reince Priebus — don’t have Joint Defense Agreements with Trump), but that they don’t actually know everything they need to know from Trump. Trump is unmanageable as a client, so it’s likely he continues to lie to his own lawyers.

Most importantly, on all of the key conspiracy questions Mueller posed to Trump last March (the first two were also in his first set of questions in January), Mueller has at least one and sometimes several cooperating witnesses.

  • What did you know about phone calls that Mr. Flynn made with the Russian ambassador, Sergey I. Kislyak, in late December 2016? [Flynn]
  • When did you become aware of the Trump Tower meeting? [Manafort]
  • During a 2013 trip to Russia, what communication and relationships did you have with the Agalarovs and Russian government officials? [Cohen, Goldstone, Kaveladze]
  • What communication did you have with Michael D. Cohen, Felix Sater and others, including foreign nationals, about Russian real estate developments during the campaign? [Cohen, Sater]
  • What discussions did you have during the campaign regarding any meeting with Mr. Putin? Did you discuss it with others? [Manafort, Gates, Cohen]
  • What discussions did you have during the campaign regarding Russian sanctions? [Manafort, Flynn]
  • What involvement did you have concerning platform changes regarding arming Ukraine? [Manafort, Gates]
  • During the campaign, what did you know about Russian hacking, use of social media or other acts aimed at the campaign? [Stone’s associates, Gates, Manafort]
  • What knowledge did you have of any outreach by your campaign, including by Paul Manafort, to Russia about potential assistance to the campaign? [Manafort]
  • What did you know about communication between Roger Stone, his associates, Julian Assange or WikiLeaks? [Stone’s associates, Manafort]
  • What did you know during the transition about an attempt to establish back-channel communication to Russia, and Jared Kushner’s efforts? [Flynn]
  • What do you know about a 2017 meeting in Seychelles involving Erik Prince? [Flynn]
  • What do you know about a Ukrainian peace proposal provided to Mr. Cohen in 2017? [Cohen]

The one area where that’s not true is with Roger Stone (though Rick Gates, at least, seems to have been in the loop on some of that), but then Mueller has spent the last 10 months collecting every imaginable piece of evidence pertaining to Stone.

Between Trump’s lawyers’ incomplete grasp of what their client did and the witnesses and other evidence regarding these activities, Mueller has a much better idea of what happened than Trump’s lawyers do. Which means they may not be able to help their client avoid lying.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Mueller Juggles Plea Agreement Housekeeping

/15 Comments/in , /by

In the last two days, both Rick Gates’ and Paul Manafort’s plea deals have made news.

In Gates’ case, his lawyers have filed an unopposed motion to liberate him from his GPS device and curfew, arguing that the leverage of the plea deal itself is enough to keep him on the straight and narrow.

The plea agreement contains very serious consequences for Mr. Gates should he violate any of its terms or conditions. The advantages that attach to strict compliance with that agreement, and the extraordinary disincentives to violating that agreement, alone guarantee Mr. Gates’s appearance at any scheduled Court proceeding. Over a substantial period of time, now approaching one year, Mr. Gates has demonstrated his resolve to comply with all conditions of his release. Removing the GPS monitor and allowing Mr. Gates to travel within the Eastern District of Virginia and District of Columbia without restriction will surely not increase the risk of flight or make it less likely that Mr. Gates will appear in Court when required to do so.

The more interesting bit comes when, in a bid to talk up Gates’ cooperation, his attorneys reveal he’s been meeting with other prosecutors.

Both before the entry of the plea, and for many weeks thereafter, Mr. Gates, whenever requested, traveled to Washington, D.C., to appear at the Office of Special Counsel to be interviewed as part of his cooperation agreement. Those sessions have been numerous and they continue to this day.

[snip]

These meetings with the Office of Special Counsel continued during the weeks preceding the trial of co-defendant Paul Manafort in the United States District Court for the Eastern District of Virginia.

[snip]

Following that trial, Mr. Gates has continued to cooperate with the Special Counsel and with other federal investigators by attending current meetings at which he provides additional information. [my emphasis]

Rick Gates met in March and he met in July and he met in September, Thomas Green says. It’s the “other federal investigators” that’s of interest, as it suggests his cooperation extends beyond Mueller’s case in chief.

But that may not mean all that much. After all, Gates’ cooperation would be useful for the three cases Mueller referred to SDNY (involving Tony Podesta, Vin Weber, and Greg Craig), as well as for Stephen Calk, the Chicago banker who gave Manafort a loan in hopes of getting an appointment with the Trump Administration. Gates would surely also have information that might corroborate Sam Patten’s cooperation.

Still, it’s possible those “other federal investigators” include some of the “garden variety” Trump corruption I keep suggesting might also get spun off, such as the non-Russian Inauguration pay-to-play.

Meanwhile, in EDVA, TS Ellis is being TS Ellis. Yesterday, he filed an order saying that the parties in Manafort’s EDVA prosecution can’t just defer resolution of the ten hung counts against him until after Mueller is done with his cooperation. He scheduled a hearing for a week from Friday, on October 19, so the process of sentencing can begin. At that hearing, Ellis expects the parties to “address dismissal of the outstanding counts on which the jury deadlocked.”

Dismissing the charges may be no big deal. Manafort is on the hook for 210 – 262 months if he breaches his plea agreement in DC, before any state charges, and some of the charges that Ellis would dismiss could be charged in VA, aided by Manafort’s admission of guilt in them in the plea. As Popehat notes, cleaning up these charges is consistent with good docket management.

The push for the government to move forward on cooperation is more interesting as it may require the government to weigh in on the value of Manafort’s cooperation while he’s still discussing things with Mueller’s team. Of particular interest, any discussion on cooperation may reveal how much Manafort has cooperated against the President.

I’m also interested in timing. Manafort’s lawyers submitted their notice that they won’t challenge anything that happened in that trial right on schedule, on September 20. The government filed their response just under the week later that they had under Ellis’ schedule, on September 26. But Ellis took two weeks before he issued this hurry up and wait order, setting a hearing for October 19, at which any sentencing schedule is likely to be after Manafort’s next status hearing in DC.

In any case, it’s not clear that Ellis’ haste will help Manafort much. Even if Ellis is perturbed that Mueller used his courtroom to flip a witness against Trump, the PSR will show that Manafort is an admitted criminal in the DC charges, meaning his sentence should be harsher than it would with any kind of cooperation assistance. And prosecutors can just defer any 5K statement, and instead account for cooperation with a Rule 35 motion submitted after the fact. In any case, the plea envisions concurrent sentencing, and if Manafort does’t cooperate willingly, he’ll face 10 years in the DC plea, which is longer than Ellis is likely to have sentenced him on anyway.

So it seems like Mueller can still retain the breathtaking upper hand they have with Manafort, and defer any public statement on cooperation until later.

Offering John Podesta Emails While Selling Deleted Hillary Emails

/20 Comments/in , , /by

Back in April 2017, I noted something problematic with Democratic theories about the advance knowledge of Roger Stone — and by association, the Trump camp — of Russia’s hack and leak plans: Democrats have largely focused on Stone’s warning, on August 21, 2016, that “it would soon be the Podesta’s time in the barrel,” arguing it reflected foreknowledge of the October 2016 dump of John Podesta’s emails. Stone has said he was talking about blaming Tony Podesta for his corruption, and while that does appear to be a projection-focused defense of Paul Manafort as his own corruption posed problems for the Trump campaign, none of that explains how Stone implicated John in his brother’s sleaze.

That one comment aside, virtually every time Stone predicted a WikiLeaks October Surprise, he implied it would be Clinton Foundation documents or other ones she deleted from her home server, not Podesta emails. That is, while Stone appears to have known the general timing of the October dump, Stone didn’t predict the Podesta emails. He predicted emails deleted from Hillary’s home server, emails that never got published. Here’s how it looks in a timeline (partly lifted from this CNN timeline).

August 12, 2016: Roger Stone says, “I believe Julian Assange — who I think is a hero, fighting the police state — has all of the emails that Huma and Cheryl Mills, the two Clinton aides thought that they had erased. Now, if there’s nothing damning or problematic in those emails, I assure you the Clintonites wouldn’t have erased them and taken the public heat for doing so. When the case is I don’t think they are erased. I think Assange has them. I know he has them. And I believe he will expose the American people to this information you know in the next 90 days.”

August 15, 2016: Stone tells WorldNetDaily that, “’In the next series of emails Assange plans to release, I have reason to believe the Clinton Foundation scandals will surface to keep Bill and Hillary from returning to the White House,’ … The next batch, Stone said, include Clinton’s communications with State Department aides Cheryl Mills and Huma Abedin.”

August 26, 2016: Stone tells Breitbart Radio that “I’m almost confident Mr. Assange has virtually every one of the emails that the Clinton henchwomen, Huma Abedin and Cheryl Mills, thought that they had deleted, and I suspect that he’s going to drop them at strategic times in the run up to this race.”

August 29, 2016: Stone suggests Clinton Foundation information might lead to prison. “Perhaps he has the smoking gun that will make this handcuff time.”

September 16, 2016: Stone says that “a payload of new documents” that Wikileaks will drop “on a weekly basis fairly soon … will answer the question of exactly what was erased on that email server.”

September 18, 2016 and following: Stone asks Randy Credico to get from Assange any emails pertaining to disrupting a peace deal in Libya, making it clear he believes Assange has emails that WikiLeaks has not yet released.

In a Sept. 18, 2016, message, Mr. Stone urged an acquaintance who knew Mr. Assange to ask the WikiLeaks founder for emails related to Mrs. Clinton’s alleged role in disrupting a purported Libyan peace deal in 2011 when she was secretary of state, referring to her by her initials.

“Please ask Assange for any State or HRC e-mail from August 10 to August 30–particularly on August 20, 2011,” Mr. Stone wrote to Randy Credico, a New York radio personality who had interviewed Mr. Assange several weeks earlier. Mr. Stone, a longtime confidant of Donald Trump, had no formal role in his campaign at the time.

Mr. Credico initially responded to Mr. Stone that what he was requesting would be on WikiLeaks’ website if it existed, according to an email reviewed by the Journal. Mr. Stone, the emails show, replied: “Why do we assume WikiLeaks has released everything they have ???”

In another email, Mr. Credico then asked Mr. Stone to give him a “little bit of time,” saying he thought Mr. Assange might appear on his radio show the next day. A few hours later, Mr. Credico wrote: “That batch probably coming out in the next drop…I can’t ask them favors every other day .I asked one of his lawyers…they have major legal headaches riggt now..relax.”

As I further noted, when WikiLeaks started dumping Podesta emails in October (including excerpts of Hillary’s private speeches), Stone focused more on accusing Bill Clinton of rape, another projection-based defense of Donald Trump (especially in light of the Access Hollywood tape) than he focused on the Podesta emails.

In other words, Stone may not have exhibited foreknowledge of the Podesta dump. By all appearances, he seemed to expect that WikiLeaks would publish emails obtained via the Peter Smith efforts — efforts that involved soliciting Russian hackers for assistance. That actually makes Stone’s foreknowledge more damning, as it suggests he was part of the conspiracy to pay Russian hackers for emails they had purportedly already hacked from Hillary’s server and that he expected WikiLeaks would be an outlet for the emails, as opposed to just learning that Podesta’s emails had been hacked some months after they had been.

It was Guccifer 2.0, not Assange, who claimed anyone had Clinton server documents (including in a tweet responding to my observation he was falsely billing documents as Clinton Foundation ones).

And Guccifer 2.0 was (according to Politico, not WSJ) in the loop of this effort, so may have been trying to pressure WikiLeaks to publish sets of files already sent, as he had tried to do with DCCC files earlier in August.

[Chuck] Johnson said he and [Peter] Smith stayed in touch, discussing “tactics and research” regularly throughout the presidential campaign, and that Smith sought his help tracking down Clinton’s emails. “He wanted me to introduce to him to Bannon, to a few others, and I sort of demurred on some of that,” Johnson said. “I didn’t think his operation was as sophisticated as it needed to be, and I thought it was good to keep the campaign as insulated as possible.”

Instead, Johnson said, he put the word out to a “hidden oppo network” of right-leaning opposition researchers to notify them of the effort. Johnson declined to provide the names of any of the members of this “network,” but he praised Smith’s ambition.

“The magnitude of what he was trying to do was kind of impressive,” Johnson said. “He had people running around Europe, had people talking to Guccifer.” (U.S. intelligence agencies have linked the materials provided by “Guccifer 2.0”—an alias that has taken credit for hacking the Democratic National Committee and communicated with Republican operatives, including Trump confidant Roger Stone—to Russian government hackers.)

Johnson said he also suggested that Smith get in touch with Andrew Auernheimer, a hacker who goes by the alias “Weev” and has collaborated with Johnson in the past. Auernheimer—who was released from federal prison in 2014 after having a conviction for fraud and hacking offenses vacated and subsequently moved to Ukraine—declined to say whether Smith contacted him, citing conditions of his employment that bar him from speaking to the press.

Two interesting issues of timing arise out of that, then.

First, to the extent that Stone’s tweets during the week of October 7 (the ones that exhibited foreknowledge of timing, if not content) predicted the timing of the next leak, they would seem to reflect an expectation that deleted emails were coming, not necessarily that Podesta ones were.

[O]n Saturday October 1 (or early morning on October 2 in GMT; the Twitter times in this post have been calculated off the unix time in the source code), Stone said that on Wednesday (October 5), Hillary Clinton is done.

Fewer of these timelines note that Wikileaks didn’t release anything that Wednesday. It did, however, call out Guccifer 2.0’s purported release of Clinton Foundation documents (though the documents were real, they were almost certainly mislabeled Democratic Party documents) on October 5. The fact that Guccifer 2.0 chose to mislabel those documents is worth further consideration, especially given public focus on the Foundation documents rather than other Democratic ones. I’ll come back to that.

Throughout the week — both before and after the Guccifer 2.0 release — Stone kept tweeting that he trusted the Wikileaks dump was still coming.

Monday, October 3:

Wednesday, October 5 (though this would have been middle of the night ET):

Thursday, October 6 (again, this would have been nighttime ET, after it was clear Wikileaks had not released on Wednesday):

But it also makes the October 11 email — which was shared with still unidentified recipients via foldering, not sent — reported by WSJ the other day all the more interesting. The email seems to suggest that on October 11, the “students” who were really pleased with email releases they had seen so far were talking about the Podesta emails.

“[A]n email in the ‘Robert Tyler’ [foldering] account [showing] Mr. Smith obtained $100,000 from at least four financiers as well as a $50,000 contribution from Mr. Smith himself.” The email was dated October 11, 2016 and has the subject line, “Wire Instructions—Clinton Email Reconnaissance Initiative.” It came from someone calling himself “ROB,” describing the funding as supporting “the Washington Scholarship Fund for the Russian students.” The email also notes, “The students are very pleased with the email releases they have seen, and are thrilled with their educational advancement opportunities.”

In a follow-up, WSJ confirmed the identities of three of the four alleged donors (they’re still trying to track down the real ID of the fourth).

He reached out to businessmen as financial backers, including Maine real-estate developer Michael Liberty, Florida-based investor John “Jack” Purcell and Chicago financier Patrick Haynes. They were named in an email reviewed by the Journal as among a group of people who pledged to contribute $100,000 to the effort, along with $50,000 of Mr. Smith’s own money.

If the Smith conspirators were referring to the Podesta emails stolen by GRU in the same breath as a funding solicitation for Clinton Foundation ones, it suggests that whoever Smith’s co-conspirators were, as late as October 11, they were referring to the Podesta emails in the same breath as the Clinton server ones they were still hunting for.

As I said in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The Psy-Group Proposal: A Way to Measure the Value that Russian Hackers Provided the Trump Campaign

/90 Comments/in , /by

On April 15, 2016, Russian hackers searched in DCCC and DNC networks for information on (among other things) Ted Cruz and the Democrats’ field plan.

The Conspirators searched for and identified computers within the DCCC and DNC networks that stored information related to the 2016 U.S. presidential election. For example, on or about April 15, 2016, the Conspirators searched one hacked DCCC computer for terms that included “hillary,” “cruz,” and “trump.” The Conspirators also copied select DCCC folders, including “Benghazi Investigations.” The Conspirators targeted computers containing information such as opposition research and field operation plans for the 2016 elections.

That’s an important detail with which to assess the recent NYT story that, in March, Rick Gates asked Israeli intelligence firm Psy-Group for a proposal on influence operations targeting both Ted Cruz and Hillary Clinton. As the NYT story notes, Gates wasn’t actually all that interested in the Psy-Group proposal and there’s no indication anyone in the Trump camp was either.

There is no evidence that the Trump campaign acted on the proposals, and Mr. Gates ultimately was uninterested in Psy-Group’s work, a person with knowledge of the discussions said, in part because other campaign aides were developing a social media strategy.

But he was interested in the services Psy-Group offered, including intelligence gathering and influence operations.

According to Mr. Birnbaum, Mr. Gates expressed interest during that meeting in using social media influence and manipulation as a campaign tool, most immediately to try to sway Republican delegates toward Mr. Trump.

“He was interested in finding the technology to achieve what they were looking for,” Mr. Birnbaum said in an interview. Through a lawyer, Mr. Gates declined to comment.

[snip]

The proposal to gather information about Mrs. Clinton and her aides has elements of traditional opposition research, but it also contains cryptic language that suggests using clandestine means to build “intelligence dossiers.” [I’ve switched the order of these passages]

So aside from context for the meeting Psy-Group owner Joel Zamel had with Don Jr (and any downstream arrangement the two had), it’s not clear what the report itself means for Mueller’s investigation, with regards to Psy-Group, particularly given claims that the group closely vetted their programs for legal compliance (though NYT was unable to learn whether Covington & Burling had given a green light for this campaign).

But the report that Gates was seeking proposals in March 2016 and the guts of the report are interesting for what they say about the mindset that Gates and Manafort brought to, first, the Convention and after that managing the entire campaign.

The materials Psy-Group provided in response to a Gates request provide at least three things that may be useful for a Mueller prosecution. First, they show that the Russian hackers were working on the same schedule that Gates and Manafort were, with initial data collection slotted for April.

The report also shows what kind of targets the Trump team knew would be resistant to messaging directly from Trump, and so should be targeted by unaffiliated online assets, including fictional avatars.

These groups — especially minority and swing voters — were precisely the groups that Russian trolls and Cambridge Analytica’s dark marketing targeted.

Likewise, Russian hackers may well have shared what amounted to intelligence dossiers with Trump.

Finally, the Psy-Group proposal also provides a dollar figure for the value of these kinds of services. That provides Mueller with a way to show the kind of financial benefit Trump received from both the Russian efforts and whatever efforts Cambridge Analytica gave to Trump for free (or coordinated on illegally): $3.31 million dollars.

The above proposed activity will cost $3,210,000. This does not include the cost of media, which will be billed at cost + 20% management fee and pre-approved with the client in advance prior to committing and spending. We estimate media cost at around $100,000 at this point (mostly social / online media).

One charge we know (from Manafort’s warrant applications) that Mueller is considering is receiving a thing of value from a foreigner. This proposal measures what kind of value Trump’s campaign received from the Russians.

It may be that Psy-Group poses a risk to Trump’s people directly, perhaps as a way to understand Israel’s role as a cut-out for Russia, or as a way to prove that Don Jr lied under oath about his willingness to accept gifts from foreigners. But even without that, the Psy-Group proposal provides a real time measure of how Trump’s campaign under Manafort planned to run their campaign.

 As I said in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Alfa-Trump Redux: Full Spectrum Circumstance

/40 Comments/in , /by

The Trump Tower – Alfa Bank story is back!

Back in October 2016, Franklin Foer wrote about some metadata analysis showing that a marketing server paid for by Trump Organization was messaging with a server at Russia’s Alfa Bank. The story, as Foer presented it, was quickly challenged. I myself focused on a side angle to the story: that in addition to communications with Alfa Bank, the Trump marketing server was also communicating with Grand Rapids’ Spectrum Health, which (the original public pitch of the story suggested) might show a tie between the DeVos family — or maybe Erik Prince — and Trump. From the vantage of October 2016, that didn’t make sense, as the DeVoses (as distinct from Betsy’s brother Erik) were actually remarkably hesitant to support Trump until after the DNS lookups ended.

Dexter Filkins has now reexamined the story. It concludes — via a proliferating set of academics and cybersecurity experts departing from the norm in both those fields and insisting on hiding their identities — that there must be some kind of communication going on.

(Max and his colleagues did not see any D.N.S. evidence that the Trump Organization was attempting to access the server; they speculated that the organization was using a virtual private network, or V.P.N., a common security measure that obscures users’ digital footprints.)

If this was a communications mechanism, it appeared to have been relatively simple, suggesting that it had been set up spontaneously and refined over time. Because the Trump Organization did not have administrative control of the server, Paul and Leto theorized that any such system would have incorporated software that one of the parties was already using. “The likely scenario is not that the people using the server were incredibly sophisticated networking geniuses doing something obscure and special,” Max said. “The likely scenario is that they adapted a server and vender already available to them, which they felt was away from prying eyes.” Leto told me that he envisioned “something like a bulletin-board system.” Or it could have been an instant-messaging system that was part of software already in use on the server.

Kramer, of Listrak, insisted that his company’s servers were used exclusively for mass marketing. “We only do one thing here,” he told me. But Listrak’s services can be integrated with numerous Cendyn software packages, some of which allow instant messaging. One possibility is Metron, used to manage events at hotels. In fact, the Trump Organization’s October, 2016, statement, blaming the unusual traffic on a “banking customer” of Cendyn, suggested that the communications had gone through Metron, which supports both messaging and e-mail.

The parties might also have been using Webmail—e-mail that leaves few digital traces, other than D.N.S. lookups. Or, Paul and Leto said, they could have been communicating through software used to compose marketing e-mails. They might have used a method called foldering, in which messages are written but not sent; instead, they are saved in a drafts folder, where an accomplice who also has access to the account can read them. “This is a very common way for people to communicate with each other who don’t want to be detected,” Leto told me.

I hope to return to some of the moves Filkins makes in his story generally after I come home from this trip. But for now, I just want to look at how Filkins deals with the Spectrum Health tie, which Filkins focuses on even more than Foer. Here’s how he introduces the connection:

Only one other entity seemed to be reaching out to the Trump Organization’s domain with any frequency: Spectrum Health, of Grand Rapids, Michigan. Spectrum Health is closely linked to the DeVos family; Richard DeVos, Jr., is the chairman of the board, and one of its hospitals is named after his mother. His wife, Betsy DeVos, was appointed Secretary of Education by Donald Trump. Her brother, Erik Prince, is a Trump associate who has attracted the scrutiny of Robert Mueller, the special counsel investigating Trump’s ties to Russia. Mueller has been looking into Prince’s meeting, following the election, with a Russian official in the Seychelles, at which he reportedly discussed setting up a back channel between Trump and the Russian President, Vladimir Putin. (Prince maintains that the meeting was “incidental.”) In the summer of 2016, Max and the others weren’t aware of any of this. “We didn’t know who DeVos was,” Max said.

This is a remarkable paragraph, repeating a lot of the shitty link analysis that people always do when they try to explain the Spectrum tie. In it, a children’s hospital named after Dick DeVos’ mother is the smoking gun in an international spy plot. Then, having utterly ignored the status of the relationship between the DeVoses and Trump at the time of the DNS lookups, Filkins looks at what has happened since: the appointment of close Mike Pence ally and leading GOP education ideologue Betsy to be Education Secretary, and Erik Prince’s covert meeting with an entirely different — and far more suspect — bank, using means that are precisely the kinds of means you’d expect Erik Prince to use (and not using the network of a hospital that his brother-in-law chairs but doesn’t run, because why the fuck would a Navy Seal use more covert methods that Navy Seals know well instead of using a server with an easily subpoenaed footprint in the US??).

The paragraph misses some other details of note. For example, after Dick got on a commercial puddle jumper to fly to interview with Trump, he was appointed to the FAA Advisory Board, another position for which he is an obvious and arguably well-qualified pick. It also doesn’t note that Prince — who is a separate political entity from his sister and brother-in-law — was threatening anti-Trump Republicans both before and after the election, something that might support this theory except for all the other more obvious ways Prince accomplished such efforts.

Which is to say that, while the piece acknowledges that to conclude the Trump – Alfa Bank records are suspect, you also have to explain why the Spectrum ones would be, it does no reporting to discern why that would be the case.

Later in the piece, after trying to explain DNC lookups involving a third entity that had previously only been alluded to (and only alluded to because without explanation, it would have and did problematize past claims), Filkins strains further to suggest the ties between Spectrum and Trump have been proven by events that have taken place since.

In one tranche of data that he gave them, they noticed that a third entity, in addition to Alfa Bank and Spectrum Health, had been looking up the Trump domain: Heartland Payment Systems, a payments processor based in Princeton. Of the thirty-five hundred D.N.S. queries seen for the Trump domain, Heartland made only seventy-six—but no other visible entity made more than two. Heartland had a link to Alfa Bank, but a tenuous one. It had recently been acquired by Global Payments, which, in 2009, had paid seventy-five million dollars for United Card Services, Russia’s leading credit-card-processing company; two years later, United Card Services bought Alfa Bank’s credit-card-processing unit. (A spokesperson for Global Payments said that her company had never had any relationship with the Trump Organization or with Alfa Bank, and that its U.S. and Russia operations functioned entirely independently.)

Spectrum Health has a similarly indirect business tie to Alfa Bank. Richard DeVos’ father co-founded Amway, and his brother, Doug, has served as the company’s president since 2002. In 2014, Amway joined with Alfa Bank to create an “Alfa-Amway” loyalty-card program in Russia. But such connections are circumstantial at best; the DeVos family seems far more clearly linked to Trump than to Russia.

It’s this sentence — “the DeVos family seems far more clearly linked to Trump than to Russia” — that exemplifies this story, and its epistemology, for me. It treats the DeVos family — Dick, his wife Betsy Prince DeVos, his brother Doug, his charitable mother Helen, and his brother-in-law Erik Prince, to say nothing of the hospital administrators that actually run Spectrum — as a monolith they’re simply not, reads their current varied relationships with Trump back into a history where only Erik’s relationship resembled his current one, and then concludes that a link with Dick through Helen-Betsy-Erik is all you need to explain why these presumed conspirators would use a hospital rather than any of the many entities the DeVoses privately hold (and therefore more directly manage) or the Prince entities that already have built-in covert channels with a proven past ability to reach out to oligarchs discretely.

I mean, I absolutely think there’s a place for more journalism on what Erik was doing during the election, his role as a cut-out to Trump, and how he has helped to discipline the Republican party since. Or, if you want to pursue some theory of nefarious plot explaining how the originally reluctant DeVoses came to become close Trump associates, you’d explore far more about Mike Pence’s obvious role in it all (to say nothing of Pence’s frequent meetings with the DeVoses since), something Jean Camp is well situated to do from Indiana.

But one thing any such journalism would show is that Prince has the ability to conduct convert communications via much more effective channels, and Betsy and Dick DeVos have the network to achieve their political goals via means that don’t require hijacking a hospital server they don’t directly control.

Meanwhile, the story doesn’t explore the tangential role of Alfa Bank, via Alex van der Zwaan, in the Skadden Arps part of the Paul Manafort story, and doesn’t explain that any focus on Alfa Bank prior to Trump’s inauguration might have distracted from the sanctioned Russian banks that, at least as far as is currently known, are the actual key players in the Trump Russia story. It also doesn’t explain that key events in any conspiracy between Trump and Russia were communicated via insecure Trump Organization hosted email, often (in Manafort’s case, for long after he had been indicted) backed up to the iCloud.

This Trump Tower – Alfa Bank story continues to spin journalists, not to mention academics and infosec experts, into uncharacteristic habits that don’t appear to be leading to any real clarity about the topic at hand.

image_print