As you’ve no doubt heard, sniper(s) attacked the police protecting a Black Lives Matter protest in Dallas last night, killing 5 cops. Dallas Police have released the name of one perpetrator, who was killed by police: Micah Johnson. Johnson was apparently an Army veteran; he was what experts deemed “tactically professional” based on review of the attack.

The entire attack was a tragic escalation of racial tensions in this country.

In a press conference today, Dallas Police Chief David Brown revealed this about the stand-off with Johnson:

Let me walk through the stand-off that had occurred–or was occurring–at El Centro on the second floor. The college there in downtown Dallas. We cornered one suspect and we tried to negotiate for several hours. Negotiations broke down. We had an exchange of gunfire with the suspect. We saw no other option but to use our bomb robot and place a device on its extension for it to detonate where the suspect was. Other options would have exposed our officers to grave danger. The suspect is deceased as a result of detonating the bomb. The reporting that the suspect killed himself is not accurate. We’ve confirmed that he’s been deceased because of the detonation of the bomb.

This is the first known killing by a weaponized drone as part of policing in the United States.

The use of the bomb robot in this operation raises several tactical questions. It is possible — though unlikely — that the weaponized drone was present for negotiations, which would raise interesting questions about those discussions (three other people are in custody and they are not cooperating; Johnson claimed, apparently falsely, that he operated alone).

I’m more interested in the tactical question of delivering a lethal bomb rather than something that might have demobilized him — perhaps tear gas?– and permitted police to take him alive.

Those questions about the tactical use of this robot will be answered as the police release more details.

There is, of course, the larger question of what kind of precedent this serves. I’ve long been on the record arguing that a targeted killing in the US would look more like the killing of Luqman Abdullah or Fred Hampton. But the use of a wheeled robot changes that possibility.

Remember, the logic of the Anwar al-Awlaki memos depend on two things: law enforcement precedents authorizing the use of force when officers — or innocent bystanders — lives are at risk.

Even in domestic law enforcement operations, the Court has noted that “[w]here the officer has probable cause to believe that the suspect poses a threat of serious physical harm, either to the officer or to others, it is not constitutionally unreasonable to prevent escape by using deadly force.” Garner, 471 U.S. at II. Thus, “if the suspect threatens the officer with a weapon or there is probable cause to believe that he has committed a crime involving the infliction or threatened infliction of ~erious physical harm, deadly force may be used if necessary to prevent escape and if. where feasible, some warning has been given.” ld. at 11-12.

Given the attacks on other officers and the exchange of gunfire before using the robot, DPD will easily reach the bar of imminent threat (even though they might have been able to use non-lethal means).

The other thing included in the Awlaki memos (though in unredacted form, in Harold Koh’s comments rather than the OLC memos) is language finding that the use of drones don’t make a legal difference in use of force calculations.

Second, some have challenged the very use of advanced weapons systems, such as unmanned aerial vehicles, for lethal operations. But the rules that govern targeting do not turn on the type of weapon system used, and there is no prohibition under the laws of war on the use of technologically advanced weapons systems in armed conflict– such as pilotless aircraft or so-called smart bombs– so long as they are employed in conformity with applicable laws of war. Indeed, using such advanced technologies can ensure both that the best intelligence is available for planning operations, and that civilian casualties are minimized in carrying out such operations.

In other words, there’s little reason to believe this use of force will be legally questionable, at all. Which means there’s little question that it might be used a precedent by other police departments. (And let it be noted that Dallas is considered a far better run police department on such issues than other big cities, much less other less professional offices.) And given the way the Executive has already blurred the line between police usage and intelligence usage, we might expect the same to happen in the future.

There may have been other options available here (and note, in the press conference the mayor thanked the FBI, so it’s not clear whether DPD made this decision on their own), but this will be deemed reasonable.

Which doesn’t mean other, unreasonable uses of this precedent aren’t coming down the pike.

Update: Dallas police have now said that they think Johnson was the only shooter. I’m not sure whether that means the other three suspects were not accomplices at all or helped in some way that did not involve shooting.

Still, consider that Johnson’s military experience was as a mason, not any kind of highly skipped soldier. He managed to do a great deal of damage working off his reserve training.

I write this post reluctantly, because I really wish the Hillary investigations would be good and over. But I don’t think they are.

After having watched five and a half hours of the Clinton investigation hearing today, I’ve got new clarity about what the FBI has been doing for the last year. That leads me to believe that this week’s announcement that DOJ will not charge Clinton is simply a pause in the Clinton investigation(s). I believe an investigation will resume shortly (if one is not already ongoing), though that resumed investigation will also end with no charges — for different reasons than this week’s declination.

First, understand how this all came about. After the existence of Hillary’s server became known, State’s IG Steve Linick started an investigation into it, largely focused on whether Hillary (and other Secretaries of State) complied with Federal Records Act obligations. In parallel, as intelligence agencies came to complain about State’s redactions of emails released in FOIA response, the Intelligence Committee Inspector General Charles McCullough intervened in the redaction process and referred Clinton to the FBI regarding whether any classified information had been improperly handed. As reported, State will now resume investigating the classification habits of Hillary and her aides, which will likely lead to several of them losing clearance.

The FBI investigation that ended yesterday only pertained to that referral about classified information. Indeed, over the course of the hearing, Comey revealed that it was narrowly focused, examining the behavior of only Clinton and four or five of her close aides. And it only pertained to that question about mishandling classified information. That’s what the declination was based on: Comey and others’ determination that when Hillary set up her home-brew server, she did not intend to mishandle classified information.

This caused some consternation, early on in the hearing, because Republicans familiar with Clinton aides’ sworn testimony to the committee investigating the email server and Benghazi were confused how Comey could say that Hillary was not cleared to have her own server, but aides had testified to the contrary. But Comey explained it very clearly, and repeatedly. While FBI considered the statements of Clinton aides, they did not review their sworn statements to Congress for truth.

That’s important because the committee was largely asking a different question: whether Clinton used her server to avoid oversight, Federal Record Act requirements, the Benghazi investigation, and FOIA. That’s a question the FBI did not review at all. This all became crystal clear in the last minutes of the Comey testimony.

Chaffetz: Was there any evidence of Hillary Clinton attempting to avoid compliance with the Freedom of Information Act?

Comey: That was not the subject of our criminal investigation so I can’t answer that sitting here.

Chaffetz: It’s a violation of law, is it not?

Comey: Yes, my understanding is there are civil statutes that apply to that. I don’t know of a crimin–

Chaffetz: Let’s put some boundaries on this a little bit — what you didn’t look at. You didn’t look at whether or not there was an intention or reality of non-compliance with the Freedom of Information Act.

Comey: Correct.

Having started down this path, Chaffetz basically confirms what Comey had said a number of times throughout the hearing, that FBI didn’t scrutinize the veracity of testimony to the committee because the committee did not make a perjury referral.

Chaffetz: You did not look at testimony that Hillary Clinton gave in the United States Congress, both the House and the Senate?

Comey: To see whether it was perjurious in some respect?

Chaffetz: Yes.

Comey: No we did not.

[snip]

Comey: Again, I can confirm this but I don’t think we got a referral from Congressional committees, a perjury referral.

Chaffetz: No. It was the Inspector General that initiated this.

Now, let me jump to the punch and predict that OGR will refer at least Hillary’s aides, and maybe Hillary herself, to FBI for lying to Congress. They might even have merit in doing so, as Comey has already said her public claims about being permitted to have her own email (which she repeated to the committee) were not true. Plus, there’s further evidence that Hillary used her own server precisely to maintain control over them (that is, to avoid FOIA).

That said, there are two reasons why Hillary and her aides won’t be prosecuted for lying to Congress: James Clapper and Scott Bloch.

Clapper you all know about. The Director of National Intelligence — unlike Clinton — was not under oath when he spectacularly lied to Ron Wyden. Nor was he referred to DOJ for prosecution. But that recent lie will make FBI hesitate.

DOJ will hesitate even more given the history of Scott Bloch. bmaz has written a slew of posts about this but the short version is that the former Office of Special Counsel lied to this very committee and wiped his hard drive to obscure that fact. He ultimately pled guilty, but when the magistrate handling the case pointed out that the plea carried a minimum one month sentence, Bloch and DOJ went nuts and tried to withdraw his plea. bmaz and a bunch of whistleblowers who had been poorly treated by Bloch went nuts in turn. All to no avail. After DOJ claimed there were secret facts that no one understood, the court agreed to sentence Bloch to just one day in jail.

In other words, to keep one of their own out of jail, DOJ made expansive claims about how unimportant lying to Congress is. Even assuming DOJ would ignore their own recent historical claims about the frivolity of lying to Congress, Hillary’s lawyers could use that precedent to argue that lying to Congress has, effectively, been decriminalized (unilaterally by the Executive Branch!).

So FBI will investigate it. Comey might even refer, this time, for prosecution, because the evidence is actually far stronger that Hillary used her own server to avoid oversight (and that she was less than forthcoming about that to Congress). But that, too, won’t be prosecuted because you basically can’t prosecute lying to Congress after the Bloch case.

Which brings me to the funniest part of this exchange with Chaffetz (which, coming as it did in the last minutes of the hearing, has escaped most notice).

Chaffetz: Did you look at the Clinton Foundation?

Comey: I’m not going to comment on the existence or non-existence of any other investigation.

Chaffetz: Was the Clinton Foundation tied into this investigation?

Comey: I’m not going to answer that.

Understand: Comey had already commented on the existence or non-existence of other investigations, commenting at length on the non-investigation of questions pertaining to FOIA and FRA, even describing how many people (four to five) were subjects of this investigation. Comment on non-existence of investigation, comment on non-existence of investigation, comment on non-existence of investigation.

And for what it’s worth, the Clinton Foundation probably couldn’t have been part of the scope of this, given that this was only focused on four to five people (note, a Clinton Foundation investigation would better explain why FBI gave Brian Pagliano immunity, another topic on which Comey would not comment).

But when asked about the Clinton Foundation, he claimed he couldn’t say. All of a sudden, refusal to comment on existence or non-existence of investigation.

Now, I’m just going to say I don’t think anything will come of that, because I doubt FBI would clear Hillary on one issue but not the related one (plus, given SCOTUS’ ruling in the Bob McDonnell case, it probably became impossible to prosecute any Clinton Foundation violations). But Comey’s answer does make it clear that FBI considers questions about improperly handling classified information, avoiding FOIA and other oversight, lying about avoiding FOIA, and deals made with the Clinton Foundation to be different things.

I think that doesn’t change that Hillary won’t be indicted. But I do think she will continue to be investigated in conjunction with questions about what she did and said to avoid FOIA and other oversight.

Update: This post has been tweaked.

You probably heard that Jim Comey testified to the House Oversight Committee for over four hours today. You’ll see far less coverage of the second panel in that hearing, the testimony of Inspector Generals Steve Linick (from State) and Charles McCullough (from the IC).

In addition to OGR Chair Jason Chaffetz suggesting the committee convene a secrecy committee akin to the one Senator Daniel Patrick Moynihan convened back in the 1990s (which would be very exciting), McCullough revealed something rather startling regarding a letter he sent to Congress back in January (this was first reported by Fox). The letter was his official notice to Congress that some of the information in Hillary’s emails was claimed by an agency he didn’t name to be Special Access.

To date, I have received two sworn declarations from one IC element. These declarations cover several dozen emails containing classified information determined by the IC element to be at the CONFIDENTIAL, SECRET, and TOP SECRET/SAP levels. According to the declarant, these documents contain information derived from classified IC element sources. Due to the presence of TOP SECRET/SAP information, I provided these declarations under separate cover to the Intelligence oversight committees and the Senate and House leadership.

By sending the email, McCullough made the SAP information very public, without providing information about whether the claim was very credible.

Shortly after the Fox report, Politico reported that the emails pertained to CIA drone strikes and related fallout in Pakistan.

However, the emails now deemed to contain “top secret, special access program” information are in addition to the messages previously disputed between State and the Director of National Intelligence, according to a spokesperson for McCullough. The official said the intelligence community review group is wrapping up its look into the documents and is putting these documents in the SAP category.

The Central Intelligence Agency is the agency that provided the declarations about the classified programs, another U.S. official familiar with the situation told POLITICO Wednesday.

The official, who spoke on condition of anonymity, said some or all of the emails deemed to implicate “special access programs” related to U.S. drone strikes. Those who sent the emails were not involved in directing or approving the strikes, but responded to the fallout from them, the official said.

The information in the emails “was not obtained through a classified product, but is considered ‘per se’ classified” because it pertains to drones, the official added. The U.S. treats drone operations conducted by the CIA as classified, even though in a 2012 internet chat Presidential Barack Obama acknowledged U.S.-directed drone strikes in Pakistan.

WSJ reported last month that what are presumably the same emails included discussions among State Department officials about upcoming drone strikes.

The vaguely worded messages didn’t mention the “CIA,” “drones” or details about the militant targets, officials said.

The still-secret emails are a key part of the FBI investigation that has long dogged Mrs. Clinton’s campaign, these officials said.

They were written within the often-narrow time frame in which State Department officials had to decide whether or not to object to drone strikes before the CIA pulled the trigger, the officials said.

Law-enforcement and intelligence officials said State Department deliberations about the covert CIA drone program should have been conducted over a more secure government computer system designed to handle classified information.

State Department officials told FBI investigators they communicated via the less-secure system on a few instances, according to congressional and law-enforcement officials. It happened when decisions about imminent strikes had to be relayed fast and the U.S. diplomats in Pakistan or Washington didn’t have ready access to a more-secure system, either because it was night or they were traveling.

In other words, there has been a great deal of reporting on what are almost surely the emails in question, revealing that the key dispute pertains to an issue that CIA likes to pretend we don’t all know about, drone strikes in Pakistan.

In today’s hearing, McCullough reported that these emails — in addition to being a Special Access Program — are also classified Originator Controlled, ORCON, and the CIA (which he still didn’t name) has been refusing to distribute the emails or the statement beyond the original dissemination, the Intel committees and congressional leadership. So, in spite of the fact that numerous members of Congress have asked for more information (including, in today’s hearing, Chaffetz), they’ve been denied it. McCullough explained he had had to get his own staffers read into this, and he has gone back to the CIA (again, which he didn’t name) several times, only to have them refuse further distribution.

It may well be that the actual language used in the most sensitive emails revealed highly classified information — or it may be, as the WSJ reported, that State aides used a kind of code hiding the jist of their conversations.

Or it may be that State discussed a particularly controversial drone strike, such as the time CIA launched a drone strike right after Ray Davis was freed from Pakistani custody, which Jim White wrote about in a longer post suggesting CIA used drone strikes to retaliate against Pakistani action we don’t like.

Drone strikes in Pakistan by the US have occasionally been interrupted by various diplomatic issues. For example, there was a lull of over a month at the height of negotiations over the release of Raymond Davis. One of the most notorious US drone strikes was on March 17, 2011, the day after Raymond Davis was released. This signature strike killed over 40, and despite US claims (was that you, John Brennan?), that those killed “weren’t gathering for a bake sale” it was later determined that the majority of those killed were indeed civilians at a jirga to discuss local mineral rights. Because it was so poorly targeted, this strike always stood out in my mind as the product of an attitude where high-level US personnel demanded a target, no matter how poorly developed, simply to have something to hit since drone strikes had been on hold over the Davis negotiations and there was a need to teach Pakistan a lesson.

One way or another, though, these are topics that Congress (especially the Foreign Affairs Committees, which almost certainly have been denied these details) should be able to review.

But CIA is — as is their wont — playing classification games to ensure that a broader cross-section of Congress can’t assess how egregious this particular classification violation was.

Which, given CIA’s history, tends to mean either it wasn’t — or CIA has something to hide.

The Republicans have reverted to their natural “Benghazi witchhunt” form in the wake of Jim Comey’s announcement Tuesday that Hillary Clinton and her aides should not be charged, with Comey scheduled to testify before the House Oversight Committee at 10 AM.

Paul Ryan wrote a letter asking James Clapper to withhold classified briefings from Hillary. And the House Intelligence Committee is even considering a bill to prevent people who have mishandled classified information from getting clearances.

In light of the FBI’s findings, a congressional staffer told The Daily Beast that the House Intelligence Committee is considering legislation that could block security clearances for people who have been found to have mishandled classified information in the past.

It’s not clear how many of Clinton’s aides still have their government security clearances, but such a measure could make it more difficult for them to be renewed, should they come back to serve in a Clinton administration.

“The idea would be to make sure that these rules apply to a very wide range of people in the executive branch,” the staffer said. (Clinton herself would not need a clearance were she to become president.)

It’s nice to see the same Republicans who didn’t make a peep when David Petraeus kept — and still has — his clearance for doing worse than Hillary has finally getting religion on security clearances.

But this circus isn’t really going to make us better governed or safer.

So here are some fixes Congress should consider:

Add some teeth to the Federal/Presidential Records Acts

As I noted on Pacifica, Hillary’s real crime was trying to retain maximal control over her records as Secretary of State — probably best understood as an understandable effort to withhold anything potentially personal combined with a disinterest in full transparency. That effort backfired spectacularly, though, because as a result all of her emails have been released.

Still, every single Administration has had at least a minor email scandal going back to Poppy Bush destroying PROFS notes pertaining to Iran-Contra.

And yet none of those email scandals has ever amounted to anything, and many of them have led to the loss of records that would otherwise be subject to archiving and (for agency employees) FOIA.

So let’s add some teeth to these laws — and lets mandate and fund more rational archiving of covered records. And while we’re at it, let’s ensure that encrypted smart phone apps, like Signal, which diplomats in the field should be using to solve some of the communication problems identified in this Clinton scandal, will actually get archived.

Fix the Espionage Act (and the Computer Fraud and Abuse Act)

Steve Vladeck makes the case for this:

Congress has only amended the Espionage Act in detail on a handful of occasions and not significantly since 1950. All the while, critics have emerged from all corners—the academy, the courts, and within the government—urging Congress to clarify the myriad questions raised by the statute’s vague and overlapping terms, or to simply scrap it and start over. As the CIA’s general counsel told Congress in 1979, the uncertainty surrounding the Espionage Act presented “the worst of both worlds”:

On the one hand the laws stand idle and are not enforced at least in part because their meaning is so obscure, and on the other hand it is likely that the very obscurity of these laws serves to deter perfectly legitimate expression and debate by persons who must be as unsure of their liabilities as I am unsure of their obligations.

In other words, the Espionage Act is at once too broad and not broad enough—and gives the government too much and too little discretion in cases in which individuals mishandle national security secrets, maliciously or otherwise.

To underscore this point, the provision that the government has used to go after those who shared classified information with individuals not entitled to receive it (including Petraeus, Drake, and Manning), codified at 18 U.S.C. § 793(d), makes it a crime if:

Whoever, lawfully having possession of, access to, control over, or being entrusted with any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note relating to the national defense, or information relating to the national defense which information the possessor has reason to believe could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates, delivers, transmits or causes to be communicated, delivered, or transmitted … to any person not entitled to receive it, or willfully retains the same and fails to deliver it on demand to the officer or employee of the United States entitled to receive it …

This provision is stunningly broad, and it’s easy to see how, at least as a matter of statutory interpretation, it covers leaking—when government employees (“lawfully having possession” of classified information) share that information with “any person not entitled to receive it.” But note how this doesn’t easily apply to Clinton’s case, as her communications, however unsecured, were generally with staffers who were“entitled to receive” classified information.

Instead, the provision folks have pointed to in her case is the even more strangely worded § 793(f), which makes it a crime for:

Whoever, being entrusted with or having lawful possession or control of [any of the items mentioned in § 793(d)], (1) through gross negligence permits the same to be removed from its proper place of custody or delivered to anyone in violation of his trust, or to be lost, stolen, abstracted, or destroyed, or (2) having knowledge that the same has been illegally removed from its proper place of custody or delivered to anyone in violation of its trust, or lost, or stolen, abstracted, or destroyed … fails to make prompt report of such loss, theft, abstraction, or destruction to his superior officer …

Obviously, it’s easy to equate Clinton’s “extreme carelessness” with the statute’s “gross negligence.” But look closer: Did Clinton’s carelessness, however extreme, “[permit] … [classified information] to be removed from its proper place of custody or delivered to anyone in violation of [her] trust”? What does that even mean in the context of intangible information discussed over email? The short answer is nobody knows: This provision has virtually never been used at least partly because no one is really sure what it prohibits. It certainly appears to be focused on government employees who dispossess the government of classified material (like a courier who leaves a satchel full of secret documents in a public place). But how much further does it go?

There’s an easy answer here, and it’s to not use Clinton as a test case for an unprecedented prosecution pursuant to an underutilized criminal provision, even if some of us think what she did was a greater sin than the conduct of some who have been charged under the statute. The better way forward is for Congress to do something it’s refused to do for more than 60 years: carefully and comprehensively modernize the Espionage Act, and clarify exactly when it is, and is not, a crime to mishandle classified national security secrets.

Eliminate the arbitrariness of the clearance system

But part of that should also involve eliminating the arbitrary nature of the classification system.

I’ve often pointed to how, in the Jeffrey Sterling case, the only evidence he would mishandle classified information was his retention of 30-year old instructions on how to dial a rotary phone, something far less dangerous than what Hillary did.

Equally outrageous, though, is that four of the witnesses who may have testified against Sterling, probably including Bob S who was the key witness, have also mishandled classified information in the past. Those people not only didn’t get prosecuted, but they were permitted to serve as witnesses against Sterling without their own indiscretions being submitted as evidence. As far as we know, none lost their security clearance. Similarly, David Petraeus hasn’t lost his security clearance. But Ashkan Soltani was denied one and therefore can’t work at the White House countering cyberattacks.

Look, the classification system is broken, both because information is over-classified and because maintaining the boundaries between classified and unclassified is too unwieldy. That broken system is then magnified as people’s access to high-paying jobs are subjected to arbitrary review of security clearances. That’s only getting worse as the Intelligence Community ratchets up the Insider Threat program (rather than, say, technical means) to forestall another Manning or Snowden.

The IC has made some progress in recent years in shrinking the universe of people who have security clearances, and the IC is even making moves toward fixing classification. But the clearance system needs to be more transparent to those within it and more just.

Limit the President’s arbitrary authority over classification

Finally, Congress should try to put bounds to the currently arbitrary and unlimited authority Presidents claim over classified information.

As a reminder, the Executive Branch routinely cites the Navy v. Egan precedent to claim unlimited authority over the classified system. They did so when someone (it’s still unclear whether it was Bush or Cheney) authorized Scooter Libby to leak classified information — probably including Valerie Plame’s identity — to Judy Miller. And they did so when telling Vaughn Walker could not require the government to give al Haramain’s lawyers clearance to review the illegal wiretap log they had already seen before handing it over to the court.

And these claims affect Congress’ ability to do their job. The White House used CIA as cover to withhold a great deal of documents implicating the Bush White House in authorizing torture. Then, the White House backed CIA’s efforts to hide unclassified information, like the already-published identities of its torture-approving lawyers, with the release of the Torture Report summary. In his very last congressional speech, Carl Levin complained that he was never able to declassify a document on the Iraq War claims that Mohammed Atta met with a top Iraqi intelligence official in Prague.

This issue will resurface when Hillary, who I presume will still win this election, nominates some of the people involved in this scandal to serve in her White House. While she can nominate implicated aides — Jake Sullivan, Huma Abedin, and Cheryl Mills — for White House positions that require no confirmation (which is what Obama did with John Brennan, who was at that point still tainted by his role in torture), as soon as she names Sullivan to be National Security Advisor, as expected, Congress will complain that he should not have clearance.

She can do so — George Bush did the equivalent (remember he appointed John Poindexter, whose prosecution in relation to the Iran-Contra scandal was overturned on a technicality, to run the Total Information Awareness program).

There’s a very good question whether she should be permitted to do so. Even ignoring the question of whether Sullivan would appropriately treat classified information, it sets a horrible example for clearance holders who would lose their clearances.

But as far as things stand, she could. And that’s a problem.

To be fair, legislating on this issue is dicey, precisely because it will set off a constitutional challenge. But it should happen, if only because the Executive’s claims about Navy v. Egan go beyond what SCOTUS actually said.

Mandate and fund improved communication system

Update, after I posted MK reminded me I meant to include this.

If Congress is serious about this, then they will mandate and fund State to fix their decades-long communications problems.

But they won’t do that. Even 4 years after the Benghazi attack they’ve done little to improve security at State facilities.

Update: One thing that came up in today’s Comey hearing is that the FBI does not routinely tape non-custodial interviews (and fudges even with custodial interviews, even though DOJ passed a policy requiring it). That’s one more thing Congress could legislate! They could pass a simple law requiring FBI to start taping interviews.

Since Jim Comey’s showy press conference yesterday, the press has rehashed Jim Comey’s carefully cultivated image as a Boy Scout, with outlet after outlet replaying the story of how he ran up some hospital steps once.

Sadly, even DOJ beat journalists seem unable to point out that that image has been carefully cultivated over years. Comey is a PR master.

But as I have written on several occasions, the story is more complicated. That’s true, first of all, because the 2004 hospital confrontation, in which Comey and a bunch of other DOJ officials threatened to quit and therefore allegedly shut down some illegal wiretap programs, did not end in March 2004. On the contrary, for the main unlawful program we know about — the Internet dragnet — that confrontation ended in July 2004 when, after some serious arm-twisting, DOJ got FISC presiding judge Colleen Kollar-Kotelly to authorize substantially the same Internet dragnet they refused to authorize themselves.  The arguments they used to pull that off are fairly breath-taking.

The hospital confrontation only served to hide illegal surveillance under a new rock

First, they told Kollar-Kotelly she had to reauthorize the dragnet because terrorists wanted to plan an election year plot; as I note below, that claim was largely based on a fabrication.

Then, they argued that the standard for approval of a bulk Pen Register/Trap and Trace order was the same (arguably lower) as any other PRTT order focused on an individual. Kollar-Kotelly, DOJ argued, had no discretion over whether or how to approve this.

DOJ told Kollar-Kotelly she had no authority to do anything but approve their expansive plan to collect Internet data from telecom switches. “[T]he Court ‘shall’ authorize a pen register … if an application brought before it complies with the requirements of the statute.” Even though, by collecting Internet metadata in bulk, the government would take away FISC’s authority to review whether the targets were agents of a foreign power, DOJ argued she had no authority to determine whether this bulk data — which she deemed an “enormous” amount — was “relevant” to the FBI’s investigations into terrorism.

And that meaning — which the government expanded even further in 2006 to claim the phone records of every single American were “relevant” to the FBI’s standing terrorism investigations — “requires no stretching of the ordinary meaning of the terms of the statute at all,” they claimed, in apparent seriousness.

DOJ further argued that’s the way the FISA court — which Congress created in 1978 to provide real judicial review while permitting the executive to keep its foreign spying secret — is supposed to work. Having FISC rubber-stamp the program they themselves had refused to authorize “promotes both of the twin goals of FISA,” DOJ argued, “facilitating the foreign-intelligence collection needed to protect American lives while at the same time providing judicial oversight to safeguard American freedoms.”

Their claim this involved oversight is especially rich given that DOJ and FISC argued then — and continued to argue at least through 2010 when John Bates would reauthorize and expand this dragnet — that the FISC had no authority to impose minimization procedures for bulk collected data, which has historically been the sole way FISC exercises any oversight. Then, during the period of the very first dragnet order, NSA “discovered” it was violating standards Kollar-Kotelly imposed on the collection (effectively, violating the minimization procedures). But in spite of the fact that she then imposed more requirements, including twice quarterly spot checks on the collection, those violations continued unabated until NSA’s Inspector General finally started, on Reggie Walton’s order, an (aborted) real review of the collection in 2009. At that point, OGC all of a sudden “discovered” that their twice-quarterly spot checks had failed to notice that every single record NSA had collected during that 5 year period had violated FISC standards.

In short, the program was never, ever, in legal compliance. That was the solution Comey achieved to the unlawful program he got shut down.

DOJ’s — Jim Comey’s — efforts to undercut FISC not only led to other really problematic FISC decisions based on this precedent (including, but not limited to, the phone dragnet in 2006 and upstream collection in 2007), but also gave illegal collection the patina of legality solely by making someone else authorize a program she couldn’t oversee.

DOJ deliberately bypassed Congress because they knew it wouldn’t approve the surveillance

Along with radically changing the nature of FISC in the wake of the hospital confrontation, DOJ — Jim Comey — affirmatively bypassed Congress because they didn’t want to tell America it was spying on them in bulk.

DOJ pointed to language showing Congress intended pen registers to apply to the Internet; they pointed to the absence of language prohibiting a pen register from being used to collect data from more than a single user, as if that’s the same as collecting from masses of people and as if that proved congressional intent to wiretap everyone.

And then they dismissed any potential constitutional conflict involved in such broad rereadings of statutes passed by Congress. “In almost all cases of potential constitutional conflict, if a statute is construed to restrict the executive, the executive has the option of seeking additional clarifying legislation from Congress,” the heroes of the hospital confrontation admitted. The White House had, in fact, consulted Majority Leader Tom DeLay about doing just that, but he warned it would be too difficult to get new legislation. So two months later, DOJ argued Congress’ prerogative as an independent branch of government would just have to give way to secrecy. “In this case, by contrast, the Government cannot pursue that route because seeking legislation would inevitably compromise the secrecy of the collection program the Government wishes to undertake.”

This was a pretty big assault on separation of powers, and not one justified by the efficacy of the program or the needs of the collection.

While I won’t go into it here, this is all about the best known part of the Stellar Wind program that was not so much “shut down” as “dumped into someone else’s legal lap.” There’s another aspect of Stellar Wind — one I don’t yet fully understand — that Comey reauthorized on his own, one that has gotten no reporting. I hope to return to this.

Comey’s DOJ lets itself be manhandled into reauthorizing torture and surveillance

There’s an intimately related effort Comey gets some credit for which in fact led to fairly horrible conclusions: torture. Jack Goldsmith, with Comey’s backing, also withdrew the shoddy John Yoo memo authorizing waterboarding and other torture (Goldsmith also prevented Yoo from retroactively authorizing more techniques).

But on July 2, 2004 — two weeks before Goldsmith left — the intelligence community found another detainee it just had to torture, Janat Gul, based on already questioned claims he wanted to plan an election year attack. They had a Principal’s Committee meeting to discuss what to do. After Jim Comey and John Bellinger left the meeting, the PC agreed to engage in torture again (though not waterboarding). Five days later Goldsmith wrote to ensure the IC knew this meant they had to follow the guidelines laid out under the original Yoo memo. By September, after Gul and some associates had been tortured extensively — each time with Dan Levin writing what I’m sure he imagined to be a soundly reviewed approval for the torture — Levin had approved waterboarding again, along with the techniques Goldsmith had prevented Yoo from retroactively and unilaterally authorizing. OLC repeatedly promised a more fulsome memo laying out the approval offered, ostensibly in reaction to an immediate need, in 2004. Jim Comey initiated that process in fall and December 2004. But in the end, the technique memos completed by Steven Bradbury in May 2005 authorized both waterboarding, as well as all the other conditions (primarily techniques use in combination) Comey seems to have tried to have set to make them impossible to use again. Comey resigned right before these memos were finalized, so it’s possible he made another — failed — attempt to prevent the illegal program by threatening to quit; he did, however, stick around for another three months before he moved onto his sinecures at Lockheed and Bridgewater.

Here’s the tragic thing about this unsuccessful effort to impose order on the torture program: it, like the Iraq War itself, was based on a fabricator.

CIA came to Comey and others, said, “this guy wants to attack the presidential elections so we need a dragnet and torture,” to which DOJ said okay.

The CIA in March 2004 received reporting from a source the torture report calls “Asset Y,” who said a known Al-Qaeda associate in Pakistan, Janat Gul — whom CIA at the time believed was a key facilitator — had set up a meeting between Asset Y and Al-Qaeda’s finance chief, and was helping plan attacks inside the United States timed to coincide with the November 2004 elections. According to the report, CIA officers immediately expressed doubts about the veracity of the information they’d been given by Asset Y. A senior CIA officer called the report “vague” and “worthless in terms of actionable intelligence.” He noted that Al Qaeda had already issued a statement “emphasizing a lack of desire to strike before the U.S. election” and suggested that since Al-Qaeda was aware that “threat reporting causes panic in Washington” and inevitably results in leaks, planting a false claim of an election season attack would be a good way for the network to test whether Asset Y was working for its enemies. Another officer, assigned to the group hunting Osama bin Laden, also expressed doubts.

[snip]

Nevertheless, the CIA took seriously Asset Y’s claim that Gul was involved in an election plot and moved quickly to gain custody of him after his arrest by Pakistan in June 2004. Even before CIA rendered Gul to its custody, Tenet started lobbying to get torture techniques reapproved for his interrogation.

On June 29, Tenet wrote National Security Adviser Condoleezza Rice seeking approval to once again use some of the techniques whose use he suspended less than four weeks earlier, in the hope of gathering information on the election season plot. “Given the magnitude of the danger posed by the pre-election plot and Gul’s almost certain knowledge of any intelligence about that plot” Tenet wrote, relying on Asset Y’s claims, “I request the fastest possible resolution of the above issues.”

[snip]

Soon after the reauthorization of the torture and the Internet dragnet, the CIA realized ASSET Y’s story wasn’t true. By September, an officer involved in Janat Gul’s interrogation observed, “we lack credible information that ties him to pre-election threat information or direct operational planning against the United States, at home or abroad.” In October, CIA reassessed ASSET Y, and found him to be deceptive. When pressured, ASSET Y admitted had had made up the story of a meeting set up by Gul. ASSET Y blamed his CIA handler for pressuring him for intelligence, leading him to lie about the meeting.

By 2005, CIA had concluded that ASSET Y was a fabricator, and Janat Gul was a “rather poorly educated village man [who is] quite lazy [who] was looking to make some easy money for little work and he was easily persuaded to move people and run errands for folks on our target list” (though the Agency wasn’t always forthright about the judgment to DOJ).

During Comey’s entire effort — to put order to the dragnet, to put order to the torture — he was in fact being led by the nose by the CIA, once again using the report of a fabricator to authorize actions the US had no business engaging in.

If that were all, I’d consider this a tragic story: poor Jim Comey trying to ensure the US does good, only to be undermined by the dishonest folks at the CIA, using asymmetric information again to ensure their ass gets covered legally.

Jim Comey refuses to review what he did in 2004 and 2005

But here’s the part that, in my opinion, makes being snookered by the CIA unforgivable. Thus far, Comey has refused to read the full Torture Report to learn how badly he got snookered, even though he promised Dianne Feinstein to do so in his confirmation process.

I am specifically intrigued by Comey’s apparent lack of curiosity about the full report because of his actions in 2005.

As these posts lay out (one, two), Comey was involved in the drafting of 2 new OLC memos in May 2005 (though he may have been ignorant about the third). The lies CIA told OLC in 2004 and then told OLC again in 2005 covering the same torture were among the worst, according to Mark Udall. Comey even tried to hold up the memo long enough to do fact gathering that would allow them to tie the Combined memo more closely to the detainee whose treatment the memo was apparently supposed to retroactively reauthorize. But Alberto Gonzales’ Chief of Staff Ted Ullyot told him that would not be possible.

Pat [Philbin] explained to me (as he had to [Steven Bradbury and Ted Ullyot]) that we couldn’t make the change I thought necessary by Friday [April 29]. I told him to go back to them and reiterate that fact and the fact that I would oppose any opinion that was not significantly reshaped (which would involve fact gathering that we could not complete by Friday).

[snip]

[Ullyot] mentioned at one point that OLC didn’t feel like it would accede to my request to make the opinion focused on one person because they don’t give retrospective advice. I said I understood that, but that the treatment of that person had been the subject of oral advice, which OLC would simply be confirming in writing, something they do quite often.

At the end, he said that he just wanted me to know that it appeared the second opinion would go [Friday] and that he wanted to make sure I knew that and wanted to confirm that I felt I had been heard.

Presuming that memo really was meant to codify the oral authorization DOJ had given CIA (which might pertain to Hassan Ghul or another detainee tortured in 2004), then further details of the detainee’s torture would be available in the full report. Wouldn’t Comey be interested in those details now?

But then, so would details of Janat Gul’s torture, whose torture was retroactively authorized in an OLC memo Comey himself bought off on. Maybe Comey has good reason not to want to know what else is in the report.

Sure, he may be doing so to prevent Jason Leopold from liberating the report via FOIA. But in doing so, he is also refusing to examine his own actions, his own willingness to reauthorize the dragnet and torture he had just shut down in the service of a lie. He is refusing to consider whether the deals he made with the devil in 2004 were unsound.

Even here, I might just consider this a tragic story, of a morally just man bested by bureaucratic forces both more sinister and dishonest than Comey.

Except for Comey’s Manichean view of the world.

His world is separated into the Good Guys who should have access to encryption and the Bad Guys who should not, the loyal people like Hillary who can be “extremely careless in their handling of very sensitive, highly classified information” with no legal consequences and the disloyal people like Thomas Drake who get prosecuted for doing the very same things.

That’s not the world where self-proclaimed Boy Scout Jim Comey assents to the reauthorization of torture and dragnets based on a fabrication with no repercussions or even soul-searching.

I mean, I get it. There is no place for Boy Scouts in the top ranks of our national security state. I get that you’re going to lose bureaucratic fights to really immoral causes and manipulative spooks. I get you’re sometimes going to get the so-called trade-off between liberty and security wrong, especially when you get lied to.

But given that reality, there is no place for pretend Boy Scouts. There is no place to pretend your world is as easy as running up some hospital steps, victory!, we’ve vanquished presidential abuses so let’s go dismantle separation of powers! That’s just naive, but in the service of the FBI Director, it legitimizes a really unjust — morally-rather-than-legally-based — method of policing.

Comey seems to believe his self-created myth at this point, and that’s a very dangerous spot for a guy deigning to be the investigator and prosecutor of who is loyal and who disloyal.

Update: Matthew Miller wrote up his criticism of Comey’s abuse of power here.

Update: Here’s an interview I did for Pacifica on the email question generally.

As you’ve no doubt heard, earlier today Jim Comey had a press conference where he said Hillary and her aides were “extremely careless in their handling of very sensitive, highly classified information” but went on to say no reasonable prosecutor would prosecute any of them for storing over 100 emails with classified information on a server in Hillary’s basement. Comey actually claimed to have reviewed “investigations into mishandling or removal of classified information” and found no “case that would support bringing criminal charges on these facts.”

Our investigation looked at whether there is evidence classified information was improperly stored or transmitted on that personal system, in violation of a federal statute making it a felony to mishandle classified information either intentionally or in a grossly negligent way, or a second statute making it a misdemeanor to knowingly remove classified information from appropriate systems or storage facilities.

[snip]

Although there is evidence of potential violations of the statutes regarding the handling of classified information, our judgment is that no reasonable prosecutor would bring such a case. Prosecutors necessarily weigh a number of factors before bringing charges. There are obvious considerations, like the strength of the evidence, especially regarding intent. Responsible decisions also consider the context of a person’s actions, and how similar situations have been handled in the past.

In looking back at our investigations into mishandling or removal of classified information, we cannot find a case that would support bringing criminal charges on these facts. All the cases prosecuted involved some combination of: clearly intentional and willful mishandling of classified information; or vast quantities of materials exposed in such a way as to support an inference of intentional misconduct; or indications of disloyalty to the United States; or efforts to obstruct justice. We do not see those things here.

To be clear, this is not to suggest that in similar circumstances, a person who engaged in this activity would face no consequences. To the contrary, those individuals are often subject to security or administrative sanctions. But that is not what we are deciding now.

Before we get into his argument, consider a more basic point: It is not Jim Comey’s job to make prosecutorial decisions. Someone else — whichever US Attorney oversaw the prosecutors on this case, Deputy Attorney General Sally Yates, or Loretta Lynch — makes that decision. By overstepping the proper role of the FBI here, Comey surely gave Lynch cover — now she can back his decision without looking like Bill Clinton convinced her to do so on the tarmac. But he has no business making this decision, and even less business making it public in the way he did (the latter of which points former DOJ public affairs director Matthew Miller was bitching about).

But let’s look at his judgment.

Given that Jeffrey Sterling has been in prison for a year based off a slew of metadata (albeit showing only 4:11 seconds of conversation between James Risen and Sterling) and three, thirty year old documents, classified Secret, describing how to dial a phone, documents which were presented to prove Sterling had the “intent” to retain a document FBI never showed him retaining, I’m particularly interested in Comey’s judgment that no reasonable prosecutor would bring charges based on the facts found against Hillary. Similarly, given the history of the Thomas Drake prosecution, in which he was charged with Espionage because he kept a bunch of documents on NSA’s fraud, at the direction of the Inspector General, which the FBI found in his basement.

I can only imagine Comey came to his improper public prosecutorial opinion via one of two mental tricks. Either he — again, not the prosecutor — decided the only crime at issue was mishandling classified information (elsewhere in his statement he describes having no evidence that thousands of work emails were withheld from DOJ with ill intent, which dismisses another possible crime), and from there he decided either that it’d be a lot harder to prosecute Hillary Clinton (or David Petraeus) than it would be someone DOJ spent years maligning like Sterling or Drake. Or maybe he decided that there are no indications that Hillary is disloyal to the US.

Understand, though: with Sterling and Drake, DOJ decided they were disloyal to the US, and then used their alleged mishandling of classified information as proof that they were disloyal to the US (Drake ultimately plead to Exceeding Authorized Use of a Computer).

Ultimately, it involves arbitrary decisions about who is disloyal to the US, and from that a determination that the crime of mishandling classified information occurred.

For what its worth, I think most of these cases should involve losing security clearances rather than criminal prosecution (though Petraeus also lied to FBI). But we know, even there, the system is totally arbitrary; DOJ has already refused to answer whether any of Hillary’s aides will be disciplined for their careless handling of classified information and Petraeus never did lose his clearance. Nor did the multiple witnesses who testified against Sterling who themselves mishandled classified information lose their security clearance.

Which is another way of saying our classification system is largely a way to arbitrarily label people you dislike disloyal.

The NYT has an article describing how a bunch of apparently moronic Hillary aides believe they will govern when she becomes President. I say moronic not just because — in a week when Hillary’s spouse scored an enormous own goal by chatting up Attorney General Loretta Lynch on the tarmack in Phoenix — numerous Hillary aides said Hillary might keep Lynch as AG.

Democrats close to Mrs. Clinton say she may decide to retain Ms. Lynch, the nation’s first black woman to be attorney general, who took office in April 2015.

No, I say moronic because the people behind this article apparently believe the following things will help Hillary — a candidate with historically high negatives — overcome historic partisanship.

Lots and lots of booze

This article reads almost more like a screenplay than news article, especially with its repeated portrayals of Georgetown-like cocktail parties in the White House lubricating political deals.

Mrs. Clinton would even schmooze differently than the past few presidents have. Not one to do business over golf or basketball, she would bring back the intimate style of former Presidents Ronald Reagan and Lyndon B. Johnson, negotiating over adult beverages. Picture a steady stream of senators, congressmen and other leaders raising a glass and talking policy in the Oval Office with her and her likely chief of staff, John D. Podesta, as her husband pops in with a quick thought or a disarming compliment.

[snip]

Her greatest strength is that she really listens to people, she understands what their political and policy needs are, and she tries to find that space where you can compromise,” said Neera Tanden, a former top domestic policy adviser to Mrs. Clinton who is now the president of the Center for American Progress, a left-leaning policy institute.

“To be crystal clear: She has led many battles where you can’t compromise on principle,” Ms. Tanden added. “But she also loves socializing, loves having people and spouses over, and really loves talking over drinks.”

[snip]

Mrs. Clinton’s ability to use alcohol as a political lubricant came up repeatedly when allies and advisers were asked how she might work with Republicans. Her tale about a drinking contest with Senator John McCain of Arizona is now a Washington legend. (She said they called it quits before things got out of hand.) She believes that a relaxed, frank discussion is more authentic than trying to bond awkwardly with adversaries over sports — and more productive than keeping them at arm’s length, as Mr. Obama has often done.

“She likes to cajole, she likes to make deals, and she likes to make friends,” said Richard Socarides, a former policy adviser to Bill Clinton and a longtime supporter of Mrs. Clinton. “And she knows it’s much harder to go after someone who you basically like, who you’ve had a drink with.”

Sure, this is how things used to work. But I’m not sure cocktail parties can bridge the last two decades of increased partisanship, much of which has been targeted directly at the Clintons. I’m not even sure that many politicians drink as much anymore.

Lots of X chromosomes

Hillary also appears to believe merely increasing the number of women in the cabinet will lead to more hopey changey.

In her first 100 days, she would also tap women to make up half of her cabinet in hopes of bringing a new tone and collaborative sensibility to Washington, while also looking past Wall Street to places like Silicon Valley for talent — perhaps wooing Sheryl Sandberg from Facebook, and maybe asking Tim Cook from Apple to become the first openly gay cabinet secretary.

[snip]

“There’s that old saying, ‘Nothing about us without us,’” said Jennifer Granholm, a former Democratic governor of Michigan who supports Mrs. Clinton. “I mean, a woman as chief of staff, Treasury secretary, a woman at Defense — it would be incredible.” (Ms. Granholm is often mentioned as a possible cabinet pick for the Energy Department or another post, but she waved off a question about her interest.)

Look, having the first female Presidents will be one of the big highlights of an (expected) Hillary presidency for me. But there is no reason to believe that women — especially those that have achieved cabinet level success — are any less cutthroat than men.

Moreover, Hillary will face the same problem Obama did: the bench simply isn’t that deep. While there are a number of likely cabinet officials, like Granholm, who aren’t currently engaged, to achieve 50% cabinet positions, you’d be cherry picking governors and members of Congress without the assurances they’d be replaced by more women. I’m far more interested in increasing the number of long term members of Congress who are women, for the near future, than achieving some magic 50% number. That will, in turn, ensure that another woman is ready to step up when it comes time for Hillary to retire.

Silencing Bill

Then there’s the question about what to do about First Gentleman Bill. For some reason, even in the week of tarmackgate, Hillary’s aides seem to think they can prevent him from stepping in it.

Clinton advisers say they do not expect Mr. Clinton to be constantly visible in the early months beyond whatever duties Mrs. Clinton gives him on economic policy and foreign affairs. The Clintons’ priority is that he does not do anything that distracts from her agenda or overshadows her as the country gets used to having a former president (and a man) in the role of first spouse.

One role he will be welcome to play is as an icebreaker at the Oval Office happy hour.

Look, even aside from Bill’s constitutional inability to avoid own goals, the notion that you could give him a big economic and/or foreign policy portfolio and at the same time have him keep a low profile is fantasy. Either you relegate him, exclusively, to running the never-ending cocktail party, or he will make some gaffes. You can’t pick and choose with Bill.

Forging deals on the issue that will be especially raw given Trump’s expected campaign

Finally, there’s the belief that after a year of having Trump rile up Republican nativists, the drunken Republicans frequenting the White House cocktail hour will rush to compromise on immigration reform.

Her calculation is that she will be dealing with a Republican Party that is deeply fractured and demoralized after the defeat of Mr. Trump, whose leaders will be searching for ways to show they can govern and to court Hispanics if Mr. Trump loses badly with them. Mrs. Clinton also thinks a huge Democratic turnout this fall would put the Senate back in her party’s hands, while Speaker Paul D. Ryan and the Republicans would have a reduced majority in the House.

[snip]

Given how deeply immigration has divided the Republican Party, no other issue would probably reveal more about the ability of a President Hillary Clinton and a Republican-led House to work together.

On this, Hillary’s aides might be right — but not so long as you imagine Hillary does anything to keep a viable GOP in place. Yes, the neocons who have already backed Hillary support immigration reform and other kinds of globalization. But after the campaign immigration is going to be far more volatile and raw than it was when Obama failed to pass immigration reform.

It could happen, but not without a significant realignment, one that would require far more ruthless punishment and far fewer martinis than Hillary seems to have in mind.

Last week, the cybersecurity firm FireEye released a report largely declaring victory over Chinese cyberspying. The report itself is suspect. It spends two pages talking about internal issues — such as Xi Jinpeng’s efforts to consolidate power in China — then throws in a timeline designed to suggest actions the US has done has led to a decline in spying.

The timeline itself is problematic as it suggests both indictments — of some People’s Liberation Army hackers targeting industrial companies and one union, and of Chinese businessman Su Bin — as IP hacks.

In May 2014, the U.S. Department of Justice indicted five PLA officers, marking the first time that the U.S. Government has charged foreign government personnel with crimes related to commercial cyber espionage. Although China warned that the move “jeopardizes China U.S. cooperation,” the Department of Justice indicted another Chinese national, Su Bin, the following August for allegedly orchestrating a cyber-enabled economic espionage operation targeting U.S. defense companies.

Neither should be classified so easily (though the press has irresponsibly done so, especially with respect to the PLA indictment). As I have laid out, with one exception the PLA indictment treated the theft of information pertaining to ongoing trade negotiations — something the US engages in aggressively — with the exception being the theft of trade information that China might have gotten anyone as part of a long-standing nuclear technology transfer deal with the target, Westinghouse. And while Su personally profited off his spying (or that’s what he said as part of pleading guilty), the targeted items all have a military purpose.

Without any internal evidence to back the case, FireEye declares that these indictments (the former of which, at least, relies on intelligence shared by FireEye division Mandiant) had an effect in China.

In 2014, the U.S. Government began taking punitive measures against China, from indicting members of the PLA to raising the possibility of sanctions. These unprecedented measures, though met with skepticism in the U.S., have probably been taken much more seriously in Beijing.

[snip]

In 2013, when we released the APT1 report exposing a PLA cyber espionage operation, it seemed like a quixotic effort to impede a persistent, well-resourced military operation targeting global corporations. Three years later, we see a threat that is less voluminous but more focused, calculated, and still successful in compromising corporate networks. Rather than viewing the Xi-Obama agreement as a watershed moment, we conclude that the agreement was one point amongst dramatic changes that had been taking place for years. We attribute the changes we have observed among China-based groups to factors including President Xi’s military and political initiatives, the widespread exposure of Chinese cyber operations, and mounting pressure from the U.S. Government.

The report then shows an impressive decline of perceived attacks. But even there, there’s no granularity given about where FireEye is seeing the decline (or whether these numbers might rise as it response to attacks on companies that will call FireEye in for hacks that started months or years ago). Again, in its description of the ongoing attacks, FireEye includes a lot of things that every country but the US would consider to be clear national defense hacks.

In the wake of the report, there has been some even more overheated victory laps about the success of the US-Chinese agreement in 2015, as well as this utterly absurd piece insisting that the US doesn’t engage in economic espionage. The piece is particularly nonsensical for how it uses evidence from Snowden.

More importantly, the U.S. does not steal information to give to its companies, as a rule. That none of the documents released from the vast trove of material pilfered by Edward Snowden points to this kind of commercial espionage is indicative. Those who control the Snowden documents are eager to release anything that would harm the U.S., yet they have not yet produced an example of information being given to a U.S. company.

[snip]

What we know of American espionage against foreign companies (thanks to Snowden) is that the intent of the espionage against commercial targets is to support other American policies: non-proliferation, sanctions compliance, trade negotiations, foreign corrupt practices, and perhaps to gain insight into foreign military technologies.  The U.S. as well as other nations who care about such things regard these as legitimate targets for spying—legitimate in the sense that this kind of espionage would be consistent with international law and practice.  This spying supports foreign policy goals shared by many countries, in theory if not always in practice.

I say that because there’s no evidence from most domestic companies that NSA interacts with — not the Defense contractor targeted in a cyber powerpoint, and certainly not any of the telecoms that partner with the government. You would, by definition, not see evidence of what you’re claiming. Moreover, ultimately, this is retreat back to a fetish, the description of certain things to be a national good (like the trade negotiations we’ve indicted China for), but not others.

Ultimately, American commentators on cybersecurity continue to misunderstand the degree to which our corporations — especially out federal partners — cannot and are not in practice separated from a vision of national good. Though discussions about the degree to which tech companies should be wiling to risk overseas customers to spy without bound is one area where that’s assumed, even to the detriment of the tech company bottom lines.

Here’s what all this misses. There is spying of the old sort: spying on official government figures. And then there are decisions supporting national well-being (largely economics) that all countries engage in, pushing the set of rules that help them the most.

Discussions of China’s cyberspying have always been too isolated for discussions of China’s other national economic decisions. China steals just as much from US corporations located in China, but no one seems to care about that as a national security issue. And China buys a great deal, and has been buying a lot more of the things that it used to steal. The outcome is the same, yet we fetishize the method.

Which is why I find this so ironic.

A Chinese billionaire with party connections last year purchased the company, Wright USA, that insures a lot of national security officials in case they get sued or criminally investigated.

The company, Wright USA, was quietly acquired late last year by Fosun Group, a Shanghai-based conglomerate led by Guo Guangchang, a billionaire known as “China’s Warren Buffett” who has high-level Communist Party connections.

The links between Guo and Wright USA came under scrutiny by the Treasury Department’s Committee on Foreign Investment in the United States, as well as the Office of Director of National Intelligence, the coordinating body of all U.S. spy agencies, soon after Fosun announced the purchase of Wright’s parent company last November. The FBI has also launched a criminal probe into whether the company made “unauthorized disclosures of government data to outsiders,” according to a well-placed source, who like others, spoke to Newsweek on condition of anonymity because the information was sensitive.

(The FBI declined to comment, and Fosun denies the FBI has asked it for any documents.)

U.S. officials are concerned that the deal gave Chinese spy agencies a pipeline into the names, job titles, addresses and phone numbers of tens of thousands of American intelligence and counterterrorism officials—many working undercover—going back decades.

This happened after the Chinese acquired via the kind of cybertheft everyone seems to agree is old-fashioned spying the medical records and clearance records of most of Americans cleared personnel. And yet a Chinese firm was able to buy something equally compromising right out from underneath the spooks who oversee such things.

China will get what it wants via a variety of means: stealing domestically when Americans come to visit, stealing via hack, or simply buying. That we treat these differently is just a fetish, and one that seems to blind us to the multiple avenues of threat.

ODNI (update–and now I Con the Record) has released its report on the number of drone deaths. The overview is that the US intelligence community is reporting (more on that in a second) far, far fewer drone deaths than credible outside researchers do. (TBIJ, New American, Long War Journal)

The IC numbers are for strikes occurring outside areas of active hostilities, which currently includes Afghanistan, Iraq, and Syria, but might have — the report doesn’t say one way or another — included other places, like Pakistani tribal lands, when these drone strikes happened.

The report acknowledges that this number differs dramatically from these of outside researchers, though it doesn’t include a footnote to permit those who don’t already know the players to compare, which betrays a real lack of confidence in its own analysis. A footnote would also permit readers to see the degree to which NGOs have done granular analysis, as compared to ODNI’s 3 line table.

Plus, it doesn’t acknowledge this discrepancy until after it suggests these other numbers — which I believe are actually more consistent with each other than the IC’s numbers are with them — come from terrorist propaganda, a claim it repeats a second time before the end of the 3-page report.

The large volume of pre- and post-strike data available to the U.S. Government can enable analysts to distinguish combatants from non-combatants, conduct detailed battle damage assessments, and separate reliable reporting from terrorist propaganda or from media reports that may be based on inaccurate information.

In releasing these figures, the U.S. Government acknowledges that there are differences between U.S. Government assessments and reporting from non-governmental organizations. Reports from non-governmental organizations can include both aggregate data regarding non-combatant deaths as well as case studies addressing particular strikes, and generally rely on a combination of media reporting and, in some instances, field research conducted in areas of reported strikes. Although these organizations’ reports of non-combatant deaths resulting from U.S strikes against terrorist targets outside areas of active hostilities vary widely, such reporting generally estimates significantly higher figures for non-combatant deaths than is indicated by U.S. Government information. For instance, for the period between January 20, 2009 and December 31, 2015, non-governmental organizations’ estimates range from more than 200 to slightly more than 900 possible non-combatant deaths outside areas of active hostilities.

[snip]

Finally, non-governmental organizations’ reports of counterterrorism strikes attributed to the U.S. Government—particularly their identification of non-combatant deaths—may be further complicated by the deliberate spread of misinformation by some actors, including terrorist organizations, in local media reports on which some non-governmental estimates rely.

The IC report also suggests that it derives such a low civilian casualty figure by defining belligerent broadly, to include people like drivers and cooks — but don’t you worry, that doesn’t mean that every single military aged male counts as a belligerent (I will check but I suspect the IC’s numbers likely could not be so low without counting some women as belligerents, which might happen if they do things like cook).

Non-combatants are individuals who may not be made the object of attack under applicable international law. The term “non-combatant” does not include an individual who is part of a belligerent party to an armed conflict, an individual who is taking a direct part in hostilities, or an individual who is targetable in the exercise of U.S. national self-defense. Males of military age may be non-combatants; it is not the case that all military-aged males in the vicinity of a target are deemed to be combatants.

[snip]

The U.S. Government draws on all available information (including sensitive intelligence) to determine whether an individual is part of a belligerent party fighting against the United States in an armed conflict; taking a direct part in hostilities against the United States; or otherwise targetable in the exercise of national self-defense. Thus, the U.S. Government may have reliable information that certain individuals are combatants, but are being counted as non-combatants by nongovernmental organizations. For example, further analysis of an individual’s possible membership in an organized armed group may include, among other things: the extent to which an individual performs functions for the benefit of the group that are analogous to those traditionally performed by members of a country’s armed forces; whether that person is carrying out or giving orders to others within the group; or whether that person has undertaken certain acts that reliably connote meaningful integration into the group.

The ACLU is due to get more documents from the precipitating FOIA that may explain better how broadly the government has defined belligerent (remember–these strikes are all in areas outside of active hostilities).

Perhaps the most interesting part of the report is this repeated language:

a summary of information provided to the DNI

The assessed range of non-combatant deaths provided to the DNI

The information that was provided to the DNI

based on the information provided to the DNI

according to information provided to the DNI

That is, the ODNI may be releasing this information. But they’re sure as hell not vouching for it. I find that particularly interesting given that, in May, I had to explain to ODNI that the National Security Letter numbers they were getting (and publishing in transparency reports) from FBI were probably unreliable.

These numbers don’t even, apparently, reflect the kind of rigor that would involve an outside agency reviewing the CIA’s numbers. Instead, the CIA (and presumably, in more limited cases, DOD) provided numbers to ODNI, and ODNI is — as ordered by the President — passing those numbers on.

At least you can be sure this isn’t terrorist propaganda.

Update: Micah Zenko gets at what I find to be the most striking aspect of this: the disparity between the number of strikes. Averaging the 3 main trackers, Zenko figures there were 578 strikes, as compared to the claimed ODNI number of 473. This is a huge discrepancy (the government only counts 82% of what the NGOs collectively count as strikes).

Such a big discrepancy may come from various places, two obvious ones being strikes considered to be in areas of active hostilities (say, the Pakistani border) not being counted in the ODNI tally, or strikes conducted by the home country (chiefly, Pakistan or Yemen, but I’d include Saudi Arabia in there). Given how low the civilian casualties are, then, it’s possible ODNI is counting as domestic the most lethal strikes.

At the Intercept earlier this week, Peter Maass described an interview he had with a former NSA hacker he calls Lamb of God — this is the guy who did the presentation boasting “I hunt SysAdmins.” On the interview, I agree with Bruce Schneier that it would have been nice to hear more from Lamb of God’s side of things.

But the Intercept posted a number of documents that should have been posted long, long ago, covering how the NSA “shapes” Internet traffic and how it identifies those using Tor and other anonymizers.

I’m particularly interested in the presentations on shaping traffic — which is summarized in the hand-written document to the right and laid out in more detail in this presentation.

Both describe how the NSA will force Internet traffic to cross switches where it has collection capabilities. We’ve known they do this. Beyond just the logic of it, some descriptions of NSA’s hacking include descriptions of tracking traffic to places where a particular account can be hacked.

But the acknowledgement that they do this and discussions of how they do so is worth closer attention.

That’s true, first of all, because of wider discussions of cable maps. In discussing the various ways to make Internet traffic cross switches to which the NSA has access, Lamb of God facetiously (as is his style) suggests you could bomb or cut all the cable lines that feed links to which the NSA doesn’t have access.

Lamb of God dismisses this possibility as “fun to think about, but not very reasonable.”

But we know that cable lines do get cut. Back in 2008, for example, there were a slew of cables coming into the Middle East that got cut at one time (though that may have been designed to cut Internet communication more generally). Then there’s the time in 2012 when NSA tried to insert an exploit into a Syrian route, only to knock out almost all of the country’s Internet traffic.

One day an intelligence officer told him that TAO—a division of NSA hackers—had attempted in 2012 to remotely install an exploit in one of the core routers at a major Internet service provider in Syria, which was in the midst of a prolonged civil war. This would have given the NSA access to email and other Internet traffic from much of the country. But something went wrong, and the router was bricked instead—rendered totally inoperable. The failure of this router caused Syria to suddenly lose all connection to the Internet—although the public didn’t know that the US government was responsible. (This is the first time the claim has been revealed.)

Inside the TAO operations center, the panicked government hackers had what Snowden calls an “oh shit” moment. They raced to remotely repair the router, desperate to cover their tracks and prevent the Syrians from discovering the sophisticated infiltration software used to access the network. But because the router was bricked, they were powerless to fix the problem.

Fortunately for the NSA, the Syrians were apparently more focused on restoring the nation’s Internet than on tracking down the cause of the outage. Back at TAO’s operations center, the tension was broken with a joke that contained more than a little truth: “If we get caught, we can always point the finger at Israel.”

Again, we’ve known this happened, which is why it would have been nice to have this presentation three years ago, if only to explain the concept to those who don’t factor it into considerations of how the NSA works.

The other reason this is important is because of the possibility the NSA could deliberately shape traffic to take it out of FISA-controlled domestic space and into EO 12333-governed international space, a possibility envisioned in a 2015 paper. The slides from the paper present the same techniques laid out in the NSA presentation as hypothetical. And, as their more accessible write up explains, the NSA’s denials about this practice don’t actually address their underlying argument, which is that 1) the technology would make this easy, 2) the legal regime is outdated and thereby tolerates such loopholes, and 3) the parts of declassified versions of USSID-18 that might address it are all redacted.

In the paper, we reveal known and new legal and technical loopholes that enable internet traffic shaping by intelligence authorities to circumvent constitutional safeguards for Americans. The paper is in some ways a classic exercise in threat modeling, but what’s rather new is our combination of descriptive legal analysis with methods from computer science. Thus, we’re able to identify interdependent legal and technical loopholes, mostly in internet routing. We’ll definitely be pursuing similar projects in the future and hope we get other folks to adopt such multidisciplinary methods too.

As to the media coverage, the CBS News piece contains some outstanding reporting and an official NSA statement that seeks – but fails – to debunk our analysis:

However, an NSA spokesperson denied that either EO 12333 or USSID 18 “authorizes targeting of U.S. persons for electronic surveillance by routing their communications outside of the U.S.,” in an emailed statement to CBS News.

“Absent limited exception (for example, in an emergency), the Foreign Intelligence Surveillance Act requires that we get a court order to target any U.S. person anywhere in the world for electronic surveillance. In order to get such an order, we have to establish, to the satisfaction of a federal judge, probable cause to believe that the U.S. person is an agent of a foreign power,” the spokesperson said.

The NSA statement sidetracks our analysis by re-framing the issue to construct a legal situation that conveniently evades the main argument of our paper. Notice how the NSA concentrates on the legality of targeting U.S. persons, while we argue that these loopholes exist when i) surveillance is conducted abroad and ii) when the authorities do not “intentionally target a U.S. person.” The NSA statement, however, only talks about situations in which U.S. persons are “targeted” in the legal sense.

As we describe at length in our paper, there are several situations in which authorities don’t intentionally target a U.S. person according to the legal definition, but the internet traffic of many Americans can in fact be affected.

Once you’re collecting in bulk overseas, you have access to US person communications with a far lower bar than you do under the FISA regime (which is what John Napier Tye strongly suggested he had seen).

This is one of the reasons I think the NSA’s decision not to answer obvious questions about where FISA ends and EO 12333 begins, in the context of concerns Snowden raised at precisely the time he was learning about this traffic shaping, to be very newsworthy. Using traffic shaping to access US person content even if it’s only in bulk (in the same way that hacking Google cables overseas) clearly bypasses the FISA regime. We don’t know that they do this intentionally for US traffic. But we do know it would be technically trivial for the NSA to pull off, and we do know that multiple NSA documents make it clear they were playing in that gray area at least until 2013 (and probably 2014, when Tye came forward).

The traffic shaping paper ultimately tries to point out how our legal regime fails to account for obvious technical possibilities, technical possibilities we know NSA exploits, at least overseas. Particularly as ODNI threatens to permit the sharing EO 12333 data more broadly — along with access to back door searches — this possibility needs to be more broadly discussed.