2016 Presidential Election Archives - Page 161 of 178

Mark Warner’s Inconsistent Social Media Law-Mongering

Remember when, three weeks ago, people were shooting off their baby cannons because two reports kind of sort of claimed that Robert Mueller used a criminal search warrant to obtain details on Facebook’s ad sales to the Internet Research Association? I noted at the time that the logic behind those stories — that Facebook would have needed a warrant (as opposed to a 2703(d) order or a 702 directive) to obtain that information — was faulty. I’ve since become more certain that a D order was used in this case.

But since the stories were so dodgy, I assumed then they weren’t actually reporting about the investigation, but rather pressure on the part of Mark Warner to force Facebook to share the same data with Congress, including leaving (rather than just showing) ads.

And it worked! Last week and this week, Facebook did share those ads, with all the more leaks about them.

Unsurprisingly, Mark Warner is back, now insisting that Facebook should release all those ads that he or someone close to him just weeks ago was suggesting could only be released with a criminal search warrant, but now wants released with neither legal process nor a congressional oversight claim to force it.

I get why he wants that to happen. Even on top of informing the public about what happened in last year’s election, Warner would like to embarrass Facebook into accepting more sweeping regulation of political ads, which is a totally respectable goal.

But I find it amusing that the same people who, weeks ago, were certain that such materials were so private they could only be released with a search warrant are now arguing they should be released with no process whatsoever.

And whatever the beneficial goal here, there’s also the precedent of protection for private data. Do we really want it to be possible for (say) Russia to force Facebook to release all the information on the NGOs that target Russian users? Do we want Jeff Sessions’ DOJ to be able to force Facebook to release the details of those who oppose Trump without legal process?

I don’t expect Warner to be bound by those considerations — he’s trying to win a political battle (and doing a remarkably effective job). But I’d expect those reporting on this story to show some awareness of the claims they made about the sensitivity of this data just weeks ago.

It’s Not the Economy, Stupid

September 26, 2017/17 Comments/in 2016 Presidential Election, Football, Racism, Republicans /by Jim White

Despite Bill Clinton’s famous catchphrase that he rode to two terms in the White House, and despite its echo in the 2016 campaign when Trump voters were described as acting out of “economic anxiety”, politics in the United States in my lifetime comes down, first and foremost, to racism. Yes, in Trump’s case and for most Republicans in office, there is a hefty dose of misogyny mixed in, but the animus against those who are not old, rich, white males unites their hatred.

Russia affected the 2016 contest. Clearly. But one of their primary tools was to stoke racial animus. Another huge impact on the actual outcome of the election was the outright suppression of minority votes by Republicans. It now appears that they may well have tipped the Wisconsin vote through suppression. And all those millions of votes for Trump, in the end, amount to nothing more than a huge endorsement of his outright racism. In the end, they came out on top with a little help from Republican policies expressly developed to prevent minorities from voting.

Trump is America’s racism unmasked and he would not be President if there weren’t a huge racist component to American culture today. The primary home for that racism is the Republican party.

The last few days have shown Trump revealing both his deep-seated racism and his cynical understanding that virtually his only support now is rooted in America’s racism. He tried his best to make his response to NFL protests be about the flag and patriotism. But that is most definitely NOT what Colin Kaepernick was protesting when he started this movement in August of 2016:

San Francisco 49ers quarterback Colin Kaepernick has willingly immersed himself into controversy by refusing to stand for the playing of the national anthem in protest of what he deems are wrongdoings against African Americans and minorities in the United States.

His latest refusal to stand for the anthem — he has done this in at least one other preseason game — came before the 49ers’ preseason loss to Green Bay at Levi’s Stadium on Friday night.

“I am not going to stand up to show pride in a flag for a country that oppresses black people and people of color,” Kaepernick told NFL Media in an exclusive interview after the game. “To me, this is bigger than football and it would be selfish on my part to look the other way. There are bodies in the street and people getting paid leave and getting away with murder.”

Making matters even worse, NFL teams and even billionaire NFL owners–the very parties responsible for Kaepernick still not being on a roster despite abysmal quarterback play on several teams–came out with what some folks saw as admirable statements and actions in response to Trump calling for owners to “fire the sons of bitches” who kneel during the national anthem. The best response to that development came from Shannon Sharpe. If you haven’t seen it yet, watch the entire statement, it is a thing of beauty and something that every American needs to hear:

So what are we to do?

First, those of us who carry the advantage of being old, white males who are at least comfortable if not rich must speak up every time there is an instance of racial injustice. Especially at the local level, when the police treat minorities without respect, make it known that this will not stand. Support larger groups that are working to promote racial justice.

But perhaps it is also worth taking look at our own lives. What aspects of our own lives help to perpetuate racial injustice? Even simple actions can accumulate. The next time you reconcile a credit card statement, take a look at your choices. Do you only eat at faceless chain restaurants? When was the last time you had a meal at a locally owned restaurant with a minority owner? Those are likely some of the best eating establishments in your town if you take the time to look around and try some new cuisines.

How about schools? Do you send your kids to private schools, most of which have been established to get around integration? Worse yet, do you send them to charter schools, which are set up expressly to take money away from public schools?

How about your place of worship? Is it integrated? Does it have any activities or programs aimed at racial justice?

One small action that I’ve decided to take is that I won’t watch another down of NFL football until Colin Kaepernick has been signed by a team.

Trump is the poster child for American racism, but we could all benefit from spending a little time thinking about our own roles both in how he came to be President and what we can do to make sure his sort never gets there again.

Did President Trump Violate Federal Law With His Alabama Rant?

September 24, 2017/65 Comments/in 2016 Presidential Election, Culture, Department of Justice, Football, Fuckstickery, Galactic Stupidity, Ideas and Ideology, Labor, Law, Trump Administration /by bmaz

I wrote yesterday about the racial, social and football implications of Trump’s rant in the history and home of George Wallace.

But a new, and by all appearances excellent, commenter on that post noted this:

“It occurs to me that his tweets are at least arguably in violation of 18 U.S. Code § 227. That section prohibits the POTUS (among others), from “attempting to influence or interfere” in a private company’s labor matter, to urge a “political” firing. This is especially true where the basis for the POTUS’s urging of the firing of such a private company employee (union covered, collective bargaining agreement governed) — is (as here) centered on protected political first amendment expression.”

So, is that right? Well, it is a LOT closer call than most would dismissively think. Let’s look at the language of the relevant statute, 18 USC §277:

18 U.S. Code § 227 – Wrongfully influencing a private entity’s employment decisions by a Member of Congress or an officer or employee of the legislative or executive branch:

(a) Whoever, being a covered government person, with the intent to influence, solely on the basis of partisan political affiliation, an employment decision or employment practice of any private entity—
(1) takes or withholds, or offers or threatens to take or withhold, an official act, or
(2) influences, or offers or threatens to influence, the official act of another,
shall be fined under this title or imprisoned for not more than 15 years, or both, and may be disqualified from holding any office of honor, trust, or profit under the United States.
(b) In this section, the term “covered government person” means—
(1) a Senator or Representative in, or a Delegate or Resident Commissioner to, the Congress;
(2) an employee of either House of Congress; or
(3) the President, Vice President, an employee of the United States Postal Service or the Postal Regulatory Commission, or any other executive branch employee (as such term is defined under section 2105 of title 5, United States Code).

Read the statute. It is a lot closer call than you think. Will Trump’s own Department of Justice pursue this? No, no chance, nor probably should it be. Is it a viable question, and one that ought be discussed in the public and media, yes, absolutely.

As sports law “experts” would say, let’s break it down. There are elements to a crime. Trump is unequivocally a “covered person” within the ambit of the statute. Also unequivocal is the fact that his words in Alabama were meant to influence “an employment decision or employment practice of any private entity”, in this case, the National Football League.

The problem lies in section (a)(1) of the relevant statute, which requires:

takes or withholds, or offers or threatens to take or withhold, an official act

It is easy to see and admit that Trump would do just that in a heartbeat. But Trump did not do that per se in his Alabama speech.

No. That element cannot be met by Donald J. Trump’s Alabama Song of hate. So, no, there is no exposure to 18 USC §227.

It is a great thought and question though.

And it is a perfect example of the precipice of racism, bigotry and ignorance on which the political discussion in the United States, and our Article II Executive Branch, courtesy of President Trump, nows perilously treads nearly every day.

The events and actions in and from the NFL today, tomorrow, and in the next few weeks pale in comparison. They are a symbol and a voice. But it is so much more and bigger than that.

How to Read the DHS Targeted States Information

September 23, 2017/9 Comments/in 2016 Presidential Election, Cybersecurity /by emptywheel

Yesterday, DHS informed the states that had their registration databases targeted by Russian hackers last year. There has been an outright panic about the news since states started revealing they got notice, so I thought it worthwhile to describe what we should take away from the notice and subsequent reporting:

“Most” of the 21 targeted states were not successfully hacked
Some targeted states were successfully hacked
Not all swing states were targeted, not all targeted states are swing states
These hacks generally do not involve vote tallying
These hacks do not involve hacking voting machines
These hacks do not involve other voter suppression methods — whether by GOP or Russians
Notice needs to improve

The AP has done good work tracking down which states got notice they were targeted, identifying the 21 targeted states. Those targeted states were:

Alabama
Alaska
Arizona
California
Colorado
Connecticut
Delaware
Florida
Illinois
Iowa
Maryland
Minnesota
North Dakota
Ohio
Oklahoma
Oregon
Pennsylvania
Texas
Virginia
Washington
Wisconsin

“Most” of the 21 targeted states were not successfully hacked

This list of 21 states does not mean that Russians successfully hacked 21 states. All it means is Russians probed 21 states. And the AP says “most” were not successful. WI, WA, and MN have said the attacks on them were not successful.

Thus, for “most” of these states, the impact is the same as the reports that Russians were attempting, unsuccessfully, to phish engineers in the energy industry: it is cause for concern, but unless new intelligence becomes available, it means that for those “most” states these probes could not affect the election.

Some targeted states were successfully probed

Of course, by saying that “most” attacks were not successful, you’re admitting that “some” were. We only know IL and AZ to have successfully been breached.

This means this story may not be done yet: reporters, especially state based ones, are going to have to get their voting officials to provide details about the attacks and it may take some FOIA work.

Mind you, a successful hack still doesn’t mean that the election was affected (as I believe to be the understanding with respect to AZ, though there is more dispute about IL). It might be that the hackers just succeeded in getting into the database. It may be that they succeeded only in downloading the voter registration database — which in many states, is readily available, and which is nowhere near the most interesting available data for targeting in any case.

In my opinion, the most effective way to affect the outcome of the election via voter registration databases is not to download and use it for targeting, but instead, to alter the database, selectively eliminating or voiding the registration of voters in targeted precincts (which of course means the hackers would need to come in with some notion of targets). Even changing addresses would have the effect of creating lines at the polls.

Altering the database would have the same effect as an existing GOP tactic does. In many states, GOP secretaries of state very aggressively purge infrequent voters. Particularly for transient voters (especially students, but poorer voters are also more likely to move from year to year), a voter may not get notice they’ve been purged. This has the effect of ensuring that the purged voter cannot vote, and also has the effect of slowing the voting process for voters who are registered. In other words, that’s the big risk here — that hackers will do things to make it impossible for some voters to vote, and harder for others to do so.

Not all swing states were targeted, not all targeted states are swing states

The list of targeted states is very curious. Some targeted states are obvious swing states — WI, PA, FL, and VA were four of the five states where the election was decided. But MI is not on there, and NC, another close state, is not either.

In addition, a lot of these states are solidly red, like AL and OK. A lot of them are equally solidly blue, like CA and CT. So if the Russians had a grand scheme here, it was not (just) to flip swing states.

These hacks generally do not involve vote tallying

DHS has said that these hacks do not involve vote tallying. That means these disclosed probes, even assuming they were successful, are not going to explain what may seem to be abnormalities in particular states’ tallies.

These hacks do not involve hacking voting machines

Nor do these hacks involve hacking voting machines (which is covered, in any case, by the denial that it involves vote tallying).

Yes, voting machines are incredibly vulnerable. Yes, it would be child’s play for a hacker — Russian or American — to hack individual voting machines. With limited exceptions, there been no real assessment of whether individual machines got hacked (though it’d generally be easier to affect a local race that way than the presidential).

These hacks do not involve other voter suppression methods — whether by GOP or Russians

This list of 21 targeted states does not represent the known universe of Russian voting-related hacking.

It does not, for example, include the targeting of voting infrastructure contractors, such as VR Systems (which Reality Winner faces prison for disclosing). There’s good reason to at least suspect that the VR Systems hack may have affected NC’s outcome by causing the most Democratic counties to shift to paper voting books, resulting in confusion and delays in those counties that didn’t exist in more Republican ones.

And they don’t include any Russian social media-related support or suppression, which we’re getting closer to having proof of right now.

Importantly, don’t forget that we know Republicans were engaging in all these techniques as well, with far better funding. Russians didn’t need to hack WI and NC given how much organized suppression of voters of color took place. Republican secretaries of state had the power to purge voters on trumped up excuses without engaging in any hacking.

Do not let the focus on Russian tampering distract from the far more effective Republican suppression.

Notice needs to be improved

Finally, the other big story about this is that some states only got notice they were targeted yesterday, some even after having partnered with DHS to assess their voting infrastructure.

DHS has used classification, in part, to justify this silence, which is an issue the Intelligence Committees are trying to address in next year’s authorization. But that’s particularly hard to justify that many of these same states have run elections since.

Mind you, we’re likely to see this debate move to the next level — to demanding that state officials disclose full details about their state’s infrastructure to citizens.

In any case, if we’re to be able to use democratic pressure to ensure the infrastructure of democracy gets better protected, we’re going to need more notice.

Amid Promises to Share Ads with Congress, Some Other Interesting Promises

September 21, 2017/25 Comments/in 2016 Presidential Election, Blogs Internet and New Media, Russian hacks /by emptywheel

DC is atwitter with Facebook’s announcement that it can, after all, voluntarily share the same information it shared with Robert Mueller with Congress. As part of that announcement, it released a statement from their General Counsel, a Q&A addressing some of the questions that had been generating bad PR, and some promises of additional things Facebook will do to support democracy from Mark Zuckerberg.

I’m most interested in two details in Zuck’s statement. For example, this paragraph says Facebook will continue to look at what happened closely.

We will continue our investigation into what happened on Facebook in this election. We may find more, and if we do, we will continue to work with the government. We are looking into foreign actors, including additional Russian groups and other former Soviet states, as well as organizations like the campaigns, to further our understanding of how they used our tools. These investigations will take some time, but we will continue our thorough review. [my emphasis]

While the frenzy responding to this announcement has focused on Russian ads, Zuck just revealed that Facebook is also looking at what the campaigns did.

That would permit Facebook to look for any apparently similar activity from campaigns and Russian actors, as we have reason to believe there was. It also might suggest Facebook is reviewing to see whether Republican dark marketing served to suppress turnout, and if so in coordination with what other actors.

I’d really love to have this information, but note that it is a substantially different thing for Facebook to review Russian actions and for Facebook to review Democratic or Republican actions.

Then there’s the promise to work even more closely with other tech companies.

We will increase sharing of threat information with other tech and security companies. We already share information on bad actors on the internet through programs like ThreatExchange, and now we’re exploring ways we can share more information about anyone attempting to interfere with elections. It is important that tech companies collaborate on this because it’s almost certain that any actor trying to misuse Facebook will also be trying to abuse other internet platforms too.

I think I’m okay with this (and they’re legally permitted to do this in any case). But given my newfound obsession with the fact that with any of these global tech companies, you’re dealing with intelligence resources that might rival nation-state intelligence, I’m interested in Facebook’s efforts to expand the sharing.

Facebook, by itself, may not rival the NSA. But when you put together Facebook, Microsoft, Google, Twitter, and others, then you’re beginning to talk really powerful intelligence capabilities.

It’s good, I suppose, that that much technical power is going to hunt down Russians. But it might be worth pausing to imagine what else they might cooperate to hunt down.

Facebook Troll Account Events Happen in Wake of Guccifer 2.0 Released Targeting Data

September 20, 2017/8 Comments/in 2016 Presidential Election, Blogs Internet and New Media /by emptywheel

In this post, I noted that the Russian troll Facebook events identified to date — including an event that drew four people in Idaho — weren’t exactly a smoking gun showing the troll accounts had intervened meaningfully in the election.

The Daily Beast has found an account — which it assumes must be tied to Internet Research Agency because it was shut down the same time as the other IRA accounts were, which seems a fair assumption — that does appear to be more legitimately tied to the election.

The demonstrations—at least one of which was promoted online by local pro-Trump activists— brought dozens of supporters together in real life. They appear to be the first case of Russian provocateurs successfully mobilizing Americans over Facebook in direct support of Donald Trump.

The Aug. 20, 2016, events were collectively called “Florida Goes Trump!” and they were billed as a “patriotic state-wide flash mob,” unfolding simultaneously in 17 different cities and towns in the battleground state. It’s difficult to determine how many of those locations actually witnessed any turnout, in part because Facebook’s recent deletion of hundreds of Russian accounts hid much of the evidence. But videos and photos from two of the locations—Fort Lauderdale and Coral Springs—were reposted to a Facebook page run by the local Trump campaign chair, where they remain to this day.

“On August 20, we want to gather patriots on the streets of Floridian towns and cities and march to unite America and support Donald Trump!” read the Facebook event page for the demonstrations. “Our flash mob will occur in several places at the same time; more details about locations will be added later. Go Donald!”

The Florida flash mob was one of at least four pro-Trump or anti-Hillary Clinton demonstrations conceived and organized over a Facebook page called “Being Patriotic,” and a related Twitter account called “march_for_trump.” (The Daily Beast identified the accounts in a software-assisted review of politically themed social-media profiles.)

Being Patriotic had 200,000 followers and the strongest activist bent of any of the suspected Russian Facebook election pages that have so far emerged.

Unlike the previously reported events, the Florida ones took place in a swing state. And the numbers represent more significant turnout than other reported events.

I’m also interested that these events happened in FL — and happened in late August — for another reason. Florida was the first of the swing states for which Guccifer 2.0 publicly released DCCC data, including targeting information. He released that information via his website on August 15, admittedly too close to the rallies to do much good, but early enough to know they were available before the rallies. But by that point, HelloFLA already had (and had released) documents.

As I have said, we don’t have to prove that Republicans helped the IRA target ads, because we already know that Russians obtained targeting information by stealing it from the Democrats. It just so happens that this first instance where Facebook events might affect the Presidential came in the wake of targeting information for key congressional districts became publicly available (and therefore deniable for entities more closely with with Russia).

Why Did Guccifer 2.0 Keep Harping on VAN?

September 19, 2017/16 Comments/in 2016 Presidential Election, Russian hacks /by emptywheel

One problem with the skeptics’ claims that Guccifer 2.0 is not Russian, but instead a Democrat or Crowdstrike blaming Russia, is they misread how his original post responded to the WaPo article announcing the hack. The assumption at the time was that Guccifer 2.0 was disinformation to disclaim the attack. But it more immediately discredited the claims the Democrats and Crowdstrike made to WaPo.

There’s Shawn Henry’s claim the hackers took just two documents.

The other, which the firm had named Fancy Bear, broke into the network in late April and targeted the opposition research files. It was this breach that set off the alarm. The hackers stole two files, Henry said. And they had access to the computers of the entire research staff — an average of about several dozen on any given day.

In response Guccifer 2.0 posted eleven documents and taunted Crowdstrike.

Shame on CrowdStrike: Do you think I’ve been in the DNC’s networks for almost a year and saved only 2 documents? Do you really believe it?

[snip]

I guess CrowdStrike customers should think twice about company’s competence.

Fuck the Illuminati and their conspiracies!!!!!!!!! Fuck CrowdStrike!!!!!!!!!

There’s the bizarre pitch suggesting that only documents affecting Trump had been stolen, describing it as typical foreign espionage (which APT 29 might have been doing).

the entire database of opposition research on GOP presidential candidate Donald Trump

[snip]

The DNC said that no financial, donor or personal information appears to have been accessed or taken, suggesting that the breach was traditional espionage, not the work of criminal hackers.

[snip]

“It’s the job of every foreign intelligence service to collect intelligence against their adversaries,” said Shawn Henry, president of CrowdStrike, the cyber firm called in to handle the DNC breach and a former head of the FBI’s cyber division.

Guccifer 2.0 did post a Trump document. But the DNC, Hillary, and Crowdstrike should have known that (even if there had been one stolen) it wasn’t the one they had in mind. That was a document stolen from Podesta, not the DNC.

Which would have been a response — one her aides might understand, but the rest of us would not — to this claim by Hillary.

Clinton called the intrusion “troubling” in an interview with Telemundo. She also said, “So far as we know, my campaign has not been hacked into,” and added that cybersecurity is an issue that she “will be absolutely focused on” if she becomes president.

Because it would have been a sign that, indeed, her campaign had been hacked.

Similarly, by posting documents that dated from months earlier, Guccifer 2.0 would have made it clear to DWS that her lie — that the DNC responded quickly — could be exposed.

“The security of our system is critical to our operation and to the confidence of the campaigns and state parties we work with,” said Rep. Debbie Wasserman Schultz (Fla.), the DNC chairwoman. “When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”

Finally, there’s Michael Sussman’s claim that no donor or voter information was stolen.

CrowdStrike is continuing the forensic investigation, said Sussmann, the DNC lawyer. “But at this time, it appears that no financial information or sensitive employee, donor or voter information was accessed by the Russian attackers,” he said.

Guccifer 2.0 proved that wrong by posting a number of financial documents.

In other words, the initial post was designed to discredit anything Crowdstrike and Democrats said. More importantly, it included a number of threats that Hillary and her aides should have recognized: Guccifer 2.0 had more, had more of the stuff closer to Hillary.

This was dick-waving, not obfuscation (which is consistent with what we see in the documents, and consistent with what I understand was left in some of the servers). It’s just that most of the public wouldn’t have seen that dick-waving; just the Democrats and Crowdstrike would.

Which is why I want to return to something that commentators have long been hung up on: Guccifer 2.0’s claim to have gotten in through VAN.

The DNC had NGP VAN software installed on their system so I used the 0-day exploit and then deployed my backdoor.

I suspect his reference to zero-days was actually a further taunt to Dmitri Alperovitch, who had fluffed up the Russians in the original WaPo.

The two crews have “superb operational tradecraft,” he said. They often use previously unknown software bugs — known as “zero-day” vulnerabilities — to compromise applications.

But why did dick-wagging Guccifer 2.0 focus on VAN? One obvious reason is that it invoked the events of December, when a Bernie staffer got fired for having saved Hillary files when the wall between the two campaigns in VAN came down, literally at the moment the Sanders campaign finished their best fundraiser to date. That is, it might be that VAN just invoked a really sore subject between the two sides.

Guccifer 2.0 may have raised it because Crowdstrike was brought in and did a cursory review to endorse the official view. Had Crowdstrike done more at the time, it they might have discovered the Russians.

The reason I ask, though, is that Guccifer 2.0 kept harping on VAN. A big file that has been the focus of recent attention — in the last few days credibly shown to come from the same file set as the documents later released falsely labeled as Clinton Foundation documents — was called NGP VAN, even though the file has nothing to do with VAN.

Notably, too, some of the last files stolen and shared with WikiLeaks included a series providing VAN access to the finance team. That is, one of the last things that happened before Russia got dumped from the system is a new set of VAN passwords got set up.

Amid the discussion of how the Russians got targeting data, I think it worth noting that having VAN access would have provided a lot of the information the Russians would have wanted.

Why Was Manafort FISA Tapped Rather than Criminal Tapped?

September 19, 2017/11 Comments/in 2016 Presidential Election, Mueller Probe, Russian hacks /by emptywheel

Congratulations to Donald Trump, who may have finally figured out how to prove his March 4 claim that there was a “tapp” on Trump Tower — by continuing to speak to Paul Manafort after FBI got a second FISA wiretap on him, at least according to the CNN’s report on the tap.

US investigators wiretapped former Trump campaign chairman Paul Manafort under secret court orders before and after the election, sources tell CNN, an extraordinary step involving a high-ranking campaign official now at the center of the Russia meddling probe.

The government snooping continued into early this year, including a period when Manafort was known to talk to President Donald Trump.

[snip]

The conversations between Manafort and Trump continued after the President took office, long after the FBI investigation into Manafort was publicly known, the sources told CNN. They went on until lawyers for the President and Manafort insisted that they stop, according to the sources.

It’s unclear whether Trump himself was picked up on the surveillance.

I mean, if you’re dumb enough to talk to a guy under active investigation, you should expect to be tapped. Trump should know this from his NY mobster buddies.

The CNN report — by the same team that last month revealed Carter Page had actually been wiretapped going back to 2014, too — is maddeningly vague about the dates of all this. Manafort was first targeted under FISA for his (and associated consulting companies, probably including Tony Podesta) Ukrainian influence peddling in 2014. Then the order lapsed, only to have a new one, possibly last fall, approved in association with the Trump investigation.

A secret order authorized by the court that handles the Foreign Intelligence Surveillance Act (FISA) began after Manafort became the subject of an FBI investigation that began in 2014. It centered on work done by a group of Washington consulting firms for Ukraine’s former ruling party, the sources told CNN.

The surveillance was discontinued at some point last year for lack of evidence, according to one of the sources.

The FBI then restarted the surveillance after obtaining a new FISA warrant that extended at least into early this year.

[snip]

The FBI interest deepened last fall because of intercepted communications between Manafort and suspected Russian operatives, and among the Russians themselves, that reignited their interest in Manafort, the sources told CNN. As part of the FISA warrant, CNN has learned that earlier this year, the FBI conducted a search of a storage facility belonging to Manafort. It’s not known what they found.

The gap would presumably have excluded June, given that Mueller reportedly didn’t learn about the June 9 meeting until the usual suspects started turning over records on it (though I may come back to that).

The report of a fall wiretap, based in part on intercepts of Russians, would put it well beyond the time Manafort got booted from the campaign (and might be consistent with the reporting of an earlier application followed by ultimate approval in the fall). The mention of a search of a storage facility suggests that Manafort would have been targeted under both 1805 (data in motion) and 1824 (data at rest, plus physical search like that used with the storage facility).

Here’s some relevant information from last year’s FISC and I Con the Record transparency numbers.

For the same authorities (1805, 1824, 1805/1824, and 1881c), the FISA Court, which uses different and in most cases more informative counting metrics, reports 1,220 orders granted, 313 orders modified, and 26 orders denied in part (which add up to I Con the Record’s 1,559), plus 8 orders denied, which I Con the Record doesn’t mention.

As an improvement this year, I Con the Record has broken down how many of these targets are US persons or not, showing it to be 19.9%. That means the vast majority of targeted FISA orders are targeted at people like Sergey Kislyak, the Russian Ambassador all of Trump’s people talked to.

This is the target number for the original report, not the order number, and it is an estimate (which is curious). This means at least 28 orders target multiple people. Neither ICTR nor FISC reveals how many US persons were approved for 705b, meaning they were spied on when they went overseas.

I include this, especially the FISC numbers (the top ones), to show that for the category that Manafort would have been targeted under, the court outright rejected 8 applications, denied in part — perhaps by approving only some of the facilities in the application — 18, and modified — which can often be minimization procedures — 260. Note, too, that among all the individual orders approved last year, roughly 336 were targeted at Americans like Manafort and Page. I assume there would be more minimization procedures on those targeting Americans, especially those who hang out with political candidates or the President.

All of which is my way of saying that for Manafort, in particular, the FBI may have had to use some kind of clean team to separate the political items from the foreign intelligence ones. The members of Congress that are the most likely sources for this story probably would have known that too, but it wouldn’t serve the point of the leak as well if that detail were included.

One more point.

The CNN piece is clear: FBI had a FISA order targeting Manafort (and probably others, probably the same ones who’ve been asked to testify, including Tony Podesta’s group), then let it lapse. They then got an order focused on election-related issues.

By the point they got the election-related FISA, the FBI was very deep into their investigation of Manafort for money laundering (and in NY, where FBI agents are notoriously gabby).

But at least given all the public reporting thus far, there have been no reported criminal warrants against Manafort, at least not before the no-knock search in VA this summer.

Which is odd, because they sure seem to have probable cause against him for crimes, as well. If Manafort were targeted by a criminal warrant, it’s nowhere near as clear that any minimization would be overseen by a court. That is, it might be more likely that Trump would get picked up in his rash conversations with someone known to be under investigation if that person were targeted with a criminal warrant than if he were targeted under FISA.

One, final, point. Craig Murray, who ferried something (though not emails) to Julian Assange in September 2016 claimed the emails had been picked obtained by American National Security types wiretapping [John] Podesta because of the Podesta Group’s lobbying for Saudi Arabia. As I noted at the time, that didn’t make any sense, partly because Tony would have been the target, not John, but also the FBI wouldn’t be all that interested in lobbying for Saudi Arabia.

Murray claimed the documents came from someone in the national security establishment, and implied they had come from legal monitoring of John Podesta because he (meaning John) is a lobbyist for Saudi Arabia.

Again, the key point to remember, in answering that question, is that the DNC leak and the Podesta leak are two different things and the answer is very probably not going to be the same in both cases. I also want you to consider that John Podesta was a paid lobbyist for the Saudi government — that’s open and declared, it’s not secret or a leak in a sense. John Podesta was paid a very substantial sum every month by the Saudi government to lobby for their interests in Washington. And if the American security services were not watching the communications of the Saudi government paid lobbyist then the American intelligence services would not be doing their job. Of course it’s also true that the Saudis’ man, the Saudis’ lobbyist in Washington, his communications are going to be of interest to a great many other intelligence services as well.

As a threshold matter, no national security agency is going to monitor an American registered to work as an agent for the Saudis. That’s all the more true if the agent has the last name Podesta.

But that brings us to another problem. John Podesta isn’t the lobbyist here. His brother Tony is. So even assuming the FBI was collecting all the emails of registered agent for the Saudis, Tony Podesta, even assuming someone in national security wanted to blow that collection by revealing it via Wikileaks, they would pick up just a tiny fraction of John Podesta’s emails. So this doesn’t explain the source of the emails at all.

They would — and apparently were — interested in tapping all the corrupt people working with corrupt Ukrainians, including Manafort and, maybe, Tony (but not John).

This in no way confirms Murray’s explanation — his story still makes no sense for the reasons I laid out when I first wrote the post. But I find it particularly interesting that Tony Podesta may well have been wiretapped along with Manafort, for his Ukrainian influence peddling, not his Saudi influence peddling, earlier in the year last year.

SSCI Plays Hardball with Michael Cohen’s Attempt to Distract from Trump Tower Deal

September 19, 2017/3 Comments/in 2016 Presidential Election, Leak Investigations, Mueller Probe /by emptywheel

Just before it was supposed to start, SSCI canceled Michael Cohen’s private interview with the committee. They did so, per a statement from Richard Burr and Mark Warner, because Cohen broke an agreement not to talk to the press by releasing what has generally been described as “his statement” to the press beforehand.

We were disappointed that Mr. Cohen decided to pre-empt today’s interview by releasing a public statement prior to his engagement with Committee staff, in spite of the Committee’s requests that he refrain from public comment. As a result, we declined to move forward with today’s interview and will reschedule Mr. Cohen’s appearance before the Committee in open session at a date in the near future. The Committee expects witnesses in this investigation to work in good faith with the Senate.

But in point of fact, what got published as his “statement” was not the entirety of it. Close to the end of the “statement” is this paragraph, alluding to a further two page statement on the Trump Tower deal that somehow didn’t get leaked.

I assume we will discuss the rejected proposal to build a Trump property in Moscow that was terminated in January of 2016; which occurred before the Iowa caucus and months before the very first primary. This was solely a real estate deal and nothing more. I was doing my job. I would ask that the two-page statement about the Moscow proposal that I sent to the Committee in August be incorporated into and attached to this transcript.

Other than that paragraph, mind you, Cohen’s statement closely parallels the letter to HPSCI Cohen released last month after spending a week distracting from and pre-empting the Trump Tower story. Both deny the allegations in the Christopher Steele dossier, and try to suggest that if he is found innocent of those allegations, then HPSCI and/or SSCI must issue a statement exonerating him.

In other words, with both committees, Cohen has manipulated the press so as to set a narrative about his testimony, a narrative that treats the Steele dossier as the entirety of his expose, rather than the now far more interesting (and interestingly time) real estate deal.

Four days ago, Michael Cohen (or the Trump Organization) pre-empted revelations that would leak as soon as he turned over a third tranche of documents to the House Intelligence Committee by revealing a seemingly damning detail from it: along with Trump’s associate Felix Sater, Cohen was pursuing a Trump Tower deal in Moscow well after Trump’s campaign was in full swing. Sure enough, more damning information was still to come: Sater somehow imagined the deal — whatever it was — would get Trump elected. Then still more damning information: in January 2016, Cohen reached out to trusted Putin aide Dmitry Peskov to push for help on the deal. That’s when Cohen began to not recall precisely what happened, and also ignore questions about why he hadn’t told Trump about this call, unlike the other actions he took on this deal.

[snip]

All that said, the way in which Cohen has orchestrated this disclosure — up to and including his failures to recall and answer obvious questions — is either great lawyering and/or sign that this earlier deal making is a real problem.

Of course, Burr and Warner were having none of this narrative scene setting and so now will force Cohen to testify publicly.

Cohen is sure spending a lot of time orchestrating distractions from this property deal. A pity for him his second attempt didn’t work as well as the first one.

The (Thus Far) Flimsy Case for Republican Cooperation on Russian Targeting

September 16, 2017/27 Comments/in 2016 Presidential Election, Blogs Internet and New Media, Cybersecurity, Mueller Probe, Russian hacks /by emptywheel

A number of credulous people are reading this article this morning and sharing it, claiming it is a smoking gun supporting the case that Republicans helped the Russians target their social media, in spite of this line, six paragraphs in.

No evidence has emerged to link Kushner, Cambridge Analytica, or Manafort to the Russian election-meddling enterprise;

Not only is there not yet evidence supporting the claim that Republican party apparatchiks helped Russians target their social media activity, not only does the evidence thus far raise real questions about the efficacy of what Russia did (though that will likely change, especially once we learn more about other platforms), but folks arguing for assistance are ignoring already-public evidence and far more obvious means by which assistance might be obtained.

Don’t get me wrong. I’m acutely interested in the role of Cambridge Analytica, the micro-targeting company that melds Robert Mercer’s money with Facebook’s privatized spying (and was before it was fashionable). I first focused on Jared Kushner’s role in that process, which people are gleefully discovering now, back in May. I have repeatedly said that Facebook — which has been forthcoming about analyzing and sharing (small parts) of its data — and Twitter — which has been less forthcoming — and Google — which is still channeling Sargent Schultz — should be more transparent and have independent experts review their methodology. I’ve also been pointing out, longer than most, of the import of concentration among social media giants as a key vulnerability Russia exploited. I’m particularly interested in whether Russian operatives manipulated influencers — on Twitter, but especially in 4Chan — to magnify anti-Hillary hostility. We may find a lot of evidence that Russia had a big impact on the US election via social media.

But we don’t have that yet and people shooting off their baby cannons over the evidence before us and over mistaken interpretations about how Robert Mueller might get Facebook data are simply degrading the entire concept of evidence.

The first problem with these arguments is an issue of scale. I know a slew of articles have been written about how far $100K spent on Facebook ads go. Only one I saw dealt with scale, and even that didn’t do so by examining the full scale of what got spent in the election.

Hillary Clinton spent a billion dollars on losing last year. Of that billion, she spent tens of millions paying a 100-person digital media team and another $1 million to pay David Brock to harass people attacking Hillary on social media (see this and this for more on her digital team). And while you can — and I do, vociferously — argue she spent that money very poorly, paying pricey ineffective consultants and spending on ads in CA instead of MI, even the money she spent wisely drowns out the (thus far identified) Russian investment in fake Facebook ads. Sure, it’s possible we’ll learn Russians exploited the void in advertising left in WI and MI to sow Hillary loathing (though this is something Trump’s people have explicitly taken credit for), but we don’t have that yet.

The same is true on the other side, even accounting for all the free advertising the sensationalist press gave Trump. Sheldon Adelson spent $82 million last year, and it’s not like that money came free of demands about policy outcomes involving a foreign country. The Mercers spent millions too (and $25 million total for the election, though a lot of that got spent on Ted Cruz), even before you consider their long-term investments in Breitbart and Cambridge Analytica, the former of which is probably the most important media story from last year. Could $100K have an effect among all this money sloshing about? Sure. But by comparison it’d be tiny, particularly given the efficacy of the already established right wing noise machine backed by funding orders of magnitude larger than Russia’s spending.

Then there’s what we know thus far about how Russia spent that money. Facebook tells us (having done the kind of analysis that even the intelligence community can’t do) that these obviously fake ads weren’t actually focused primarily on the Presidential election.

The vast majority of ads run by these accounts didn’t specifically reference the US presidential election, voting or a particular candidate.

Rather, the ads and accounts appeared to focus on amplifying divisive social and political messages across the ideological spectrum — touching on topics from LGBT matters to race issues to immigration to gun rights.

About one-quarter of these ads were geographically targeted, and of those, more ran in 2015 than 2016.

That’s not to say sowing discord in the US has no effect, or even no effect on the election. But thus far, we don’t have evidence showing that Russia’s Facebook trolls were (primarily) affirmatively pushing for Trump (though their Twitter trolls assuredly were) or that the discord they fostered happened in states that decided the election.

Now consider what a lot of breathless reporting on actual Facebook ads have shown. There was the article showing Russia bought ads supporting an anti-immigrant rally in Twin Falls, ID. The ad in question showed that just four people claimed to attend this rally in the third most Republican state. Another article focused on ads touting events in Texas. While the numbers of attendees are larger, and Texas will go Democratic long before Idaho does, we’re still talking relatively modest events in a state that was not going to decide the election.

To show Russia’s Facebook spending had a measurable impact on last year’s election, you’d want to focus on MI, WI, PA, and other close states. There were surely closely targeted ads that, particularly in rural areas where the local press is defunct and in MI where there was little advertising (WI had little presidential advertising, but tons tied to the Senate race) where such social media had an important impact; thus far it’s not clear who paid for them, though (again, Trump’s campaign has boasted about doing just that).

Additionally, empiricalerror showed that a number of the identifiably Russian ads simply repurposed existing, American ads.

That’s not surprising, as the ads appear to follow (not lead) activities that happened on far right outlets, including both Breitbart and Infowars. As with the Gizmo that tracks what it claims are Russian linked accounts and thereby gets credulous journalists to claim campaigns obviously pushed by Americans are actually Russian plots, it seems Russian propaganda is following, not leading, the right wing noise machine.

So thus far what we’re seeing is the equivalent of throwing a few matches on top of the raging bonfire that is the well established, vicious, American-funded inferno of far right media. That’s likely to change, but that’s what we have thus far.

But as I said, all this ignores one other key point: We already have evidence of assistance on the election.

Except, it went the opposite direction from where everyone is looking, hunting for instances where Republicans helped Russians decide to buy ads in Idaho that riled up 4 people.

As I reminded a few weeks back, at a time when Roger Stone and (we now know) a whole bunch of other long-standing GOP rat-fuckers were reaching out to presumed Russian hackers in hopes of finding Hillary’s long lost hacked Clinton Foundation emails, Guccifer 2.0 was reaching out to journalists and others with close ties to Republicans to push the circulation of stolen DCCC documents.

That is, the persona believed to be a front for Russia was distributing documents on House races in swing states such that they might be used by Republican opponents. Some of that data could be used for targeting.

Now, I have no idea whether Russia would risk doing more without some figure like Guccifer 2.0 to provide deniability. That is, I have no idea whether Russia would go so far as take more timely and granular data about Democrats’ targeting decisions and share that with Republicans covertly (in any case, we are led to believe that data would be old, no fresher than mid-June). But we do know they were living in the Democrats’ respective underwear drawers for almost a year.

And Russia surely wouldn’t need a persona like Guccifer 2.0 if they were sharing stolen data within Russia. If the FSB stole targeting data during the 11 months they were in the DNC servers, they could easily share that data with the Internet Research Association (the troll farm the IC believes has ties to Russian intelligence) so IRA can target more effectively than supporting immigration rallies in Idaho Falls.

Which is a mistake made by many of the sources in the Vanity Fair article everyone keeps sharing, the assumption that the only possible source of targeting help had to be Republicans.

We already know the Russians had help: they got it by helping themselves to campaign data in Democratic servers. It’s not clear they would need any more. Nor, absent proof of more effective targeting, is there any reason to believe that the dated information they stole from the Democrats wouldn’t suffice to what we’ve seen them do. Plus, we’ve never had clear answers whether or not Russians weren’t burrowed into far more useful data in Democratic servers. (Again, I think Russia’s actions with influencers on social media, particularly via 4Chan, was far more extensive, but that has more to do with HUMINT than with targeting.)

So, again, I certainly think it’s possible we’ll learn, down the road, that Republicans helped Russians figure out where to place their ads. But we’re well short of having proof of that right now, and we do have proof that some targeting data was flowing in the opposite direction.

Update: This post deals with DB’s exposure of a FB campaign organizing events in FL, which gets us far closer to something of interest. Those events came in the wake of Guccifer 2.0 releasing FL-based campaign information.