SDNY Will Be Forced to Talk about Crimes Involving the President Today

At 2PM today, in a court room in southern Manhattan, a lawyer someone hired last Wednesday to represent Donald Trump, Joanna Hendon, will push prosecutors from the Southern District of New York to explain that they have probable cause to believe crimes involving the president have been committed. Here’s why.

Last Monday, the FBI served Michael Cohen warrants listing crimes known to pertain to his taxi medallion businesses and his efforts to suppress information about Trump’s embarrassing sexual behavior, though the warrants themselves probably listed bank fraud, wire fraud, and campaign finance violations as the crimes. “[T]he riders to the search warrants – copies of which have been provided to Cohen – identify the federal criminal statutes under which Cohen is being investigated,” the government emphasized in its memo.

The taxi medallion stuff has no known tie to Trump. The hush arrangements clearly do, but at least in the case of Stormy Daniels, Trump and Cohen have both publicly denied an attorney-client role, which the government pointed out. “President Trump has publicly denied knowing that Cohen paid Clifford, and suggested to reporters that they had to ‘ask Michael’ about the payment.” It’s certainly possible Cohen has claimed to have firewalled Trump in other hush payments in the same effort to avoid campaign finance violations; to the extent that Trump has not been a formal party in those agreements, he may have likewise waived privilege.

And then there’s the crime-fraud exception to privilege, which the government invokes four times in its response to Cohen, describing how an investigative team can legally access such materials without approval from Cohen or his client if a judge okays it.

[T]he Filter Team will review them to determine whether the material is: (1) not privileged, (2) potentially privileged, (3) requires redaction, and/or (4) potentially meets an applicable exception (for example, the crime-fraud exception). To be clear, under no circumstances will a potentially privileged document or a document potentially subject to the crime-fraud exception be provided to or described to the Investigative Team without the consent of the privilege holder or his/her counsel, or the court’s approval. If the Filter Team is unable to clarify a document’s category, or if there is an exception to the privilege that applies to particular material, such as the crime-fraud exception, or any waiver of the privilege – the Filter Team will (1) confer with counsel for the privilege holder at the appropriate time and before any such material is shared with the Investigative Team and, if no agreement can be reached, submit the material under seal to an appropriate court for a determination as to whether the material is privileged;

[snip]

In the face of inaccurate and/or overbroad claims of privilege, the USAO-SDNY would be seriously prejudiced if it were not able, through a Filter Team, to evaluate the validity of such claims. As Judge Barbara Jones explained in permitting review by a filter team, “[w]ithout the benefit of such a review, the privilege team would likely be unable to argue, for example, that no attorney-client privilege attached to the communication because of the crime-fraud exception, or that a document should be available for use at trial, regardless of work-product contents, because of necessity and unavailability by other means.” [my emphasis]

Even though the FBI informed Cohen he was raided as the subject of an investigation pertaining to his own business, he fought the memo by invoking the part of the US Attorney’s Manual pertaining to witnesses, not subjects, which SDNY corrected.

Cohen’s reliance on the USAM misplaced, but he invokes the wrong section. Cohen cites to section 9-19.220 of the USAM, which, as Cohen points out, applies to “attorneys who are not suspects” of a criminal investigations. See Br. at 22; USAM § 9-19.220 (noting the procedure to be followed when privileged materials are sought from a “disinterested third party”). Cohen, however, is not the disinterested third party contemplated by the USAM. The applicable provision is that which applies when the attorney is a “suspect, subject or target” of the investigation.

And even though he was told he was being investigated for crimes unrelated to it, his lawyers nevertheless treated the raid as part of the Mueller investigation. Their description of communications with SDNY, for example, begins this way, followed by several redacted lines.

On April 9, 2018, Mr. Cohen’s legal counsel was advised in a telephone call by an Assistant United States Attorney from the Southern District of New York, that the Office of Special Counsel (Robert Mueller) had “referred a portion of” the subject matter of the warrants to the U.S. Attorney’s Office for the Southern District of New York. Id. ¶ 31. Each page of the attachments to the search warrants contains a footer with the date “2017.08.02” (August 2, 2017)—that happens to be the same date that the Office of Special Counsel’s jurisdiction was amended by the Deputy Attorney General. One obvious and credible explanation is that the attachments listing the subject matter of the warrant used by the U.S. Attorney’s Office were drafted by the Office of Special Counsel as earlier as that date. [three lines redacted]

The government, in addition to mocking Cohen’s assumption based off the footer metadata, reveals what that redaction hides: Cohen speculated, “see Br. at 10, that the SCO drafted the search warrants.”

Nevertheless, both sides treat Cohen’s attempt to treat this as a question of the Russia investigation seriously. The government provides three pieces of evidence to describe why Cohen couldn’t be trusted to turn these materials over pursuant to a subpoena — because the crimes themselves involve fraud and deception, because he had, by Friday, already invoked the Fifth in the Stormy Daniels civil suit suggesting he’d withhold documents here as well, and because a tantalizingly redacted passage that suggests Cohen or someone else has already started destroying evidence…

In addition, however, the government does contest Cohen’s claim that he fully cooperated with any of the three Russia investigation his lawyer addresses at length in his declaration, which (having treated this raid as part of the Mueller investigation rather than pertaining to separate crimes) he uses to argue that Cohen could be trusted to turn over documents willingly. For example, the government notes that Cohen himself has said he didn’t cooperate with the Congressional investigations (and wasn’t treated as a target).

It appears that Cohen was not a target of those investigations. Additionally, while Cohen claims in his motion to have been cooperative, he offers no support for this assertion. Publicly, Cohen suggested the opposite, telling Time Magazine that he declined a voluntary request from Congress because it was “too broad.”

Even better, and critically important to the Trump filing submitted last night, is where SDNY fact checks the Cohen claim, backed by his lawyer’s sworn declaration, that he hadn’t fully cooperated with Mueller’s investigation because Mueller asked for everything.

Cohen also states that the SCO “had requested that the Trump Organization produce all of Mr. Cohen’s communications that were within the Trump Organization’s custody, possession, or control,” and that Cohen objected “on the grounds that [the request] called for production of privileged communications, among other things.” (Br. 8-9). Although in the ordinary course, the USAO-SDNY would not comment on investigative requests or demands made to third parties, particularly those from a separate office undertaking its own, independent investigation, in light of the representations made by Cohen’s counsel, USAO-SDNY contacted the SCO about these representations and understands they are not accurate. In particular, the SCO did not request that the Trump Organization produce “all communications” by Cohen in the Trump Organization’s possession or control irrespective of subject matter or privilege. Indeed, the request made by the SCO was considerably narrower, and specifically omitted, among other things, any documents that were protected by privilege or of a purely personal nature. Cohen nonetheless objected to that request for documents and, after discussions between Cohen’s counsel and the SCO, the SCO decided not to seek production at that time. That Cohen sought to preclude the Trump Organization from producing these third party communications belies both (i) his general assertion of cooperation, and (ii) his stated principal interest in protecting attorney-client communications. Indeed, a careful review of Cohen’s motion papers reveals that he does not purport to have personally produced any documents to the SCO.

The intransigence pertaining to Cohen’s documents involving the Trump Organization continued over to last week’s response. While the Trump Organization (which I suspect is really who hired Hendon) did not request to be party to this fight, they did send SDNY a letter last week demanding that it return every document involving Cohen and the Trump Organization.

USAO-SDNY has already received correspondence from counsel for the Trump Organization (Cohen’s former employer), which referenced the searches conducted of Cohen’s premises and claimed:

We consider each and every communication by, between or amongst Mr. Cohen and the Trump Organization and each of its officers, directors and employees, to be subject to and protected by the attorney-client privilege and/or the work-product privilege.

As a reminder: in March, Mueller subpoenaed the Trump Organization for documents, including but not limited to Russia. That’s one reason, I suspect, that Cohen believes this raid is partly about supporting Mueller’s investigation (I wonder whether Trump Org is the entity that has started destroyed documents?). And that’s one reason, I suspect, that Cohen’s team made a bid to review the seized documents for responsiveness (they use the word 13 times in their filing) before SDNY’s taint team gets the documents.

That is, in addition to whatever other crimes Cohen has facilitated for the Trump Organization, he wants to make sure that the government can’t use materials seized in this raid to investigate other crimes, such as those Cohen might be suspected of in relation to the Mueller investigation.

Having failed to cooperate with both the congressional and Mueller investigations, which is one reason SDNY cites for having used a warrant rather than a subpoena, Cohen now wants to reset the clock so he can treat this raid as a subpoena rather than a warrant so he gets to decide what is responsive to the crimes he is being investigated for or even to the demands of the Russia investigation.

Frankly, to the extent that Mueller might use Cohen’s own crimes as an excuse to search his documents (which the FBI seems to have sorted, even to the level of describe specific checks on the search warrant returns) and his devices (which they seized) to find materials relating to the Russian investigation, I’m sympathetic to Cohen’s case. Sure, Mueller can and may already be working on obtaining warrants to search for materials he might use now that the devices are in the government’s possession. But given how advanced the Mueller investigation is, it seems the government should be expected to obtain separate probable cause warrants rather than rely on plain view doctrine to search for materials on Cohen’s devices relating to Russia.

All of which brings us to the letter Hendon submitted last night on behalf of Trump personally. Herndon actually goes several steps further than Cohen’s team did (while he asked to do the first review, he made a concerted case to appoint a Special Master to do it), asking that Cohen get copies of the seized materials, after which Cohen will decide what pertains to Trump, which Trump will then get to review to decide whether he will assert privilege, only after which SDNY will be permitted to object.

1. Enjoining the government from using a taint team to conduct an initial privilege review;

2. Directing the government to provide Mr. Cohen and his counsel with a copy of the materials seized from Mr. Cohen by the government on April 9, 2018;

3. Directing Mr. Cohen and his counsel, after the government provides Mr. Cohen and his counsel with a copy of the seized materials, to identify to the President all seized materials that relate to him in any way and to provide a copy of those materials to him and his counsel;

4. Directing the President and his counsel, after they review the materials provided by Mr. Cohen, to identify for the government’s taint team all materials over which the President asserts privilege;

5. Authorizing the government’s taint team to raise any objections to the President’s assertions of privilege with the Court; and

6. Prohibiting the government’s taint team from providing the Investigation Team with (a) any materials over which the President asserts a privilege without objection from the taint team, and (b) any materials that the Court rules are privileged over the taint team’s objection.

This effectively flips the process on its head, turning the seizure back into a subpoena situation. And while Herndon doesn’t make this as obvious as Cohen’s team did, they intend the Cohen and Trump reviews to include a review of responsiveness as well as privilege.

The level of protection provided to the privilege-holder in the familiar context of a grand jury subpoena duces tecum should be accorded to the President here. When a grand jury subpoena for documents is served, the recipient, with the advice of his counsel, reviews the documents in his possession and produces the responsive documents, with one critical exception: with notice to the government, the recipient withholds all responsive documents that he and his counsel conclude are subject to a privilege, identifying such documents in some fashion without disclosing the privileged contents, often by means of a privilege log. [my emphasis]

Curiously, Herndon doesn’t contest that the government has good reason to believe materials have gotten destroyed, but says that now that the government has obtained the documents, any risk of destruction is gone. Here’s the entirety of the section where Herndon addresses the government’s need to seize these documents.

Of course, here, the government chose not to serve a grand jury subpoena, but instead to execute search warrants on an attorney’s office, residences, and effects. The government asserts that this truly extraordinary measure was necessary to prevent the destruction of evidence. (Gov’t Opp. at 14.) But even if that is true, the exigency has dissipated entirely, as the seized materials are now in the government’s control, beyond any of the potential misuses of the materials that motivated the seizure in the first place. Therefore, the fact that the government seized privileged documents rather than subpoenaing them is now irrelevant – except for the profoundly important privilege issues that the government’s unilateral and peremptory action has raised.

The government insists that it is “entitled” to the seized materials. (Id. at 2, 19.) However, to the extent the government seized privileged information, it is not entitled to have that information, much less review it. See, e.g., von Bulow, 828 F.2d at 99 (recognizing the “urgent” “need for timely protection [from disclosure] … where the discovery sought is … blanketed by the absolute attorney-client privilege”). It simply cannot be the case that by acting in such an aggressive, intrusive, and unorthodox manner, the government has somehow created an entitlement on its own part to eliminate the President’s right to a full assertion of every privilege argument available to him. Indeed, if the Court were to endorse the use of a taint team under these circumstances, raids of law offices would likely become more commonplace, as they would permit the government to wrest from the privilege-holder the ability, in the first instance, to assert privilege over documents and rightfully withhold them.

The government has done what it has done, and it has thereby protected against every notional evil it could have articulated in favor of its action. It no longer has any cognizable interest in proceeding by any procedure other than that which is typically employed to ensure that the attorney-client privilege is fully protected.

Note what has fallen out of the discussion of exigency? The crime-fraud exception, which SDNY had made clear it expected to find ample evidence of.

Elsewhere, Herndon does mention SDNY’s expectations of finding materials that fall under the crime-fraud exception, but she suggests that a taint team cannot be trusted to access the documents first because it might provide the investigative team documents that are clearly not privileged, a non sequitur to the point of crime-fraud exception documents.

The government has assured the Court that “under no circumstances will a potentially privileged document or a document potentially subject to the crime-fraud exception be provided to or described to the Investigative Team without the consent of the privilege-holder or his/her counsel, or the court’s approval.” (Gov’t Opp. at 6.) Presumably the government intends by those words to comfort the Court, but the government simply cannot make that guarantee. See, e.g., Lek, 2018 WL 417596, at *1-3. As discussed above, under the government’s proposal, the taint team will turn over to the Investigative Team all materials that the taint team itself deems not privileged. If such materials contain any privileged information that the taint team failed to identify, the President’s privilege will be irremediably violated. The President, the public, and the government have a vital interest in ensuring the integrity of the privilege review process, and the taint team procedure is plainly inadequate to the task. [my emphasis]

Remarkably, Herndon suggests that the public (!!!) has an interest in letting criminal suspect Michael Cohen, who has already proven uncooperative with valid investigations, sort through his materials to decide whether the government should have documents that prove he abused his position as a lawyer to commit fraud on behalf of a client.

As the government has said, it’s not clear Cohen has any clients besides Donald Trump.

Which is why I suspect SDNY is going to provide details in court today of the crimes that it has probable cause to believe were committed. Because, in the face of an otherwise compelling claim that this is an exceptional case, what SDNY is investigating is still that Cohen served not to provide legal advice to Donald Trump, but to provide legal cover for fraud.

I have no idea what Kimba Wood will do in response (and I suspect SDNY will challenge the legal precedents Herndon has invoked).

But I suspect we’re going to hear a lot more about how SDNY has reason to believe that Michael Cohen hasn’t been serving as a lawyer for Trump, he has been serving as a fixer for him.

And Stormy Daniels will be looking on as evidence of that fact.

Update: In their filing laying out the scope of what Michael Cohen considers privileged this morning, his lawyers make their concerns about plain view doctrine even more explicit.

The choice here is between allowing the Government to make an end run around the Fourth Amendment by scooping up and viewing all of the communications seized in the search of a lawyer’s office (in this case, all of the documents and data of the President’s personal attorney) regardless of whether the documents seized were the subject of the judge’s original probable cause determination, or appointing a neutral third party to conduct that review. If the government can obtain a search warrant for particular items but then seize and review everything in an attorney’s office, the protections of the Fourth Amendment are meaningless.

[snip]

In addition, a Special Master should be appointed in the interest of the administration of justice to ensure that the Government does not have access to materials for which they have not yet shown would be obtained through a valid search warrant through a showing of probable cause. In obtaining the search warrant, the Government had to make a showing of probable cause that Mr. Cohen is in possession of evidence of a crime. The search warrant is designed to allow the Government to obtain that material – and that material only.

And they again invite SDNY to lay out evidence that this stuff isn’t covered under the crime-fraud exception.

Moreover, without proffering any evidence of its applicability, the government referred to the “crime-fraud” exception in its opposition brief, (Gov’t Opp. Br. at 6, 10), and during oral argument. 4/13/18 Tr. at 28. The government also referred to its search warrant application – which we have never seen – as including “evidence for the crimes that were set forth in [a] detailed affidavit.” 4/13/18 Tr. at 60. Since there is, according to the government, an “ongoing grand jury investigation” (which is required to remain secret), it would most certainly be embarrassing and “detrimental” to Mr. Cohen’s clients if he were to reveal their identities publicly.

SDNY Doesn’t Think Michael Cohen Is Much of a Lawyer

In this post, I noted that a bunch of what got seized in a raid of Michael Cohen’s home and office on Monday wouldn’t be privileged.

But boy oh boy was I being nice compared to the way the prosecutors from Southern District of New York dismissed the notion that Cohen was much of a lawyer in this filing opposing Cohen (and Trump’s) efforts to prevent FBI from going through Cohen’s seized documents.

Housekeeping

Before I get into that, a few clarifications on questions we’ve had. First, the filing makes it clear that the referral from Mueller’s office came months ago. SDNY has their own taint team.

The FBI agents who seized materials pursuant to the search warrants were filter agents who are not part of the investigative team and have been walled off from those AUSAs or FBI personnel assigned to the investigation (the “Investigative Team”).

The venue in SDNY is primary. Indeed, they mock Cohen’s representation that Mueller’s team wrote this warrant application by pointing out his misunderstood the metadata of it.

Although Cohen accurately states that the Special Counsel’s Office (“SCO”) referred this investigation to the USAO-SDNY, the investigation has proceeded independent from the SCO’s investigation. Cohen’s speculation, see Br. at 10, that the SCO drafted the search warrants is unfounded. The date in the bottom corner of the attachments is the date that the USAO-SDNY’s standard form search warrant rider was most recently updated for use by the office.

Given that Mueller handed off this part of the investigation entirely, then, it’s highly unlikely Mueller thinks there’s evidence of coordination between Wikileaks and the Access Hollywood video, as I laid out here (which is not to say Mueller isn’t happy that SDNY has raided Cohen).

In addition, the filing makes it clear that Geoffrey Berman has recused, with Robert Khuzami acting as US Attorney for this investigation.

The filing also reveals the scope of the search: “Michael Cohen’s residence, hotel room, office, safety deposit box, and electronic devices,” even while noting that they limited their search to certain categories of documents.

Not much of a lawyer

The lawyers from the famously self-important SDNY spend much of their brief not just demonstrating that Cohen was not serving as an attorney in the seized materials, but that he’s not much of a lawyer in any case.

The repeatedly note he has few if any clients besides Trump.

Based on information gathered in the investigation to date, the USAO-SDNY and FBI have reason to believe that Cohen has exceedingly few clients and a low volume of potentially privileged communications.

In a long passage arguing — as I did — that much of what was seized would not be protected by privilege, they sniff about how Cohen differs from a “traditional law office,” mocking the idea that he “holds himself out as a practicing attorney.”

Although Cohen is an attorney, he also has several other business interests and sources of income. The searches are the result of a months-long investigation into Cohen, and seek evidence of crimes, many of which have nothing to do with his work as an attorney, but rather relate to Cohen’s own business dealings. As set forth below, unlike a search of a traditional law office, the information gathered thus far in the investigation suggests that the overwhelming majority of evidence seized during the searches will not be privileged material, but rather will relate to Cohen’s business dealings.

Nevertheless, because Cohen holds himself out as a practicing attorney, each of the search warrants contains the following provision: Additionally, review of the items described in this Attachment shall be conducted pursuant to established procedures designed to collect evidence in a manner reasonably designed to protect any attorney-client or other applicable privilege.

When appropriate, the procedures shall include use of a designated “filter team,” separate and apart from the investigative team, in order to address potential privileges.

In one redaction, they suggest something about Cohen’s recent behavior suggests he couldn’t be practicing much law.

Cohen’s discussion in his own memo of the Strategic Partnership between him and Patton Boggs is entirely redacted (it may be included in the significant redaction on page 3), but in the government’s memo much of it remains unredacted. Which means this redaction might state, in more damning terms, what is described elsewhere — that they cut him off on March 2, in part because he had brought in only 5 clients for the $500,000 a year he got paid.

SDNY goes on at more length about how weak Cohen’s claim that his marketing relationship with Patton Boggs creates a great risk of privilege in the materials that got seized.

Second, Cohen’s claim to have privileged communicatons through a law firm that he describes as “Law Firm-1” omits facts about his relationship with Law Firm-1 that render it unlikely that a significant volume of attorney-client privileged material – if any – was seized in connection with Cohen’s relationship with that law firm. Specifically, on or about March 1, 2017, Cohen—through his wholly-owned entity, Michael D. Cohen & Associates P.C.—entered into a “Strategic Alliance Agreement” with the law firm (the “Agreement”).6 Among other things, the Agreement provided that Cohen would receive a $500,000 annual “strategic alliance fee” from the law firm. Under certain circumstances, Cohen would also receive a percentage of the fees charged by the law firm for clients introduced to the law firm by Cohen. The Agreement also spelled out other aspects of the relationship between Cohen and the law firm, including: (1) Cohen would be given an office at the law firm; (2) Cohen would maintain his own computer server system not connected to the law firm’s computer server system; and (3) the law firm would not have a key to Cohen’s office. In addition, based upon conversations with a representative of the law firm, the USAO-SDNY understands as follows, in substance and in part: (1) Cohen did not have an email address associated with the firm; (2) Cohen did not have access to the firm’s shared drives or document systems—and vice versa; (3) Cohen’s documents were to be kept in a locked filing cabinet; and (4) Cohen did not have access to any of the firm’s client files.

What is left (and what I’ll deal with in a follow-up) is the way Cohen wields his relationship with the President to try to shield his files.

How Yevgeniy Nikulin Might Play into the Mueller Investigation

For three reasons, Yevgeniy Nikulin, the Russian hacker alleged to be behind massive breaches of the LinkedIn and MySpace hacks, is in the news of late.

  • The report that Michael Cohen was tracked traveling from Germany to Czech Republic in 2016 has raised questions about whether both Cohen and Nikulin were in Prague at the same time, Mohammed Atta-like
  • Nikulin was suddenly extradited from Prague some weeks ago
  • His (Russian-provided) lawyer says he’ll entertain a plea deal

All of which provides a good opportunity to lay out what role he may have (or may be said to have) played in the DNC hack-and-leak.

The Michael Cohen in Prague story

The McClatchy report describing Robert Mueller receiving evidence of Cohen traveling from Germany to Czech Republic and some unknown date in 2016 seems to derive from outside investigators who have shared information with Mueller, not from Mueller’s team itself (which is consistent with his locked down shop). As such, it falls far short of being a confirmation of a meeting, or even validation that Mueller has confirmed any intelligence shared with his investigators. Moreover, the report has little detail as to timing, either of the visit or when Mueller actually got this intelligence.

And while it took a bit of time (Cohen can be forgiven for the delay because he apparently has very urgent business hanging with his homies smoking cigars), he did deny this report, offering the same partial story he offered last year.

That said, given the claimed timing, any coincidental presence in Prague by both Cohen and Nikulin is unlikely. Cohen’s presence in Prague is said to have roughly aligned with that reported in the dossier, so August or September. According to the FBI’s arrest affidavit for Nikulin he passed from Belarus into Poland on October 1, 2016, and probably was still there when posting from Warsaw on October 3; Nikulin was arrested in Prague on October 5. So unless Cohen went to Prague during his known October 2016 trip to England (definitely a possibility, but inconsistent with the dossier reporting), then they would no more have met in Prague (or planned to) than Mohammed Atta and Iraq’s Ahmad Samir al-Ani did.

The sudden Nikulin extradition

That said, I do think the sudden Nikulin extradition, even as pro-Russian Czech President Milos Zeman fought with Czech Justice Minister Robert Pelikan over it — even to the point of threatening to replace him — is worth noting. That’s true, first of all, because it appears Paul Ryan — purportedly on vacation with his family, but making appearances with everyone but Zeman — had a hand in it.

During a visit to the Czech Republic, U.S. House Speaker Paul Ryan said on March 27 that “we have every reason to believe and expect that Mr. Nikulin will be extradited to America.”

“The United States has the case to prevail on having him extradited, whether it’s the severity of the crime, which is clearly on the side of U.S., or the timing of the request for the extradition,” he told reporters.

In an interview with RFE/RL in Prague on March 26, Ryan said that the “case for extraditing [Nikulin] to America versus Russia is extremely clear.”

Ryan, who met with Prime Minister Andrej Babis and other Czech officials during his visit, told RFE/RL that he would raise the issue in those talks.

“He did violate our laws, he did hack these companies…. So the extradition claim is very legitimate,” he said. “And I just expect that the Czech system will go through its process, and at the end of that process, I am hopeful and expecting that he’ll be extradited.”

Nikulin was extradited just days later, even as the decision looked like it would be reviewed.

Zeman has since made very bizarre comments criticizing Ryan for his involvement.

Zeman said he had a different view of the Nikulin case than Justice Minister Robert Pelikan (ANO), who had given consent to the extradition of this Russian citizen to the USA, but that he fully respected the minister’s right to decide on this matter.

Apart from the United States, Russia was seeking Nikulin’s extradition, too, based on a suspected online theft.

“When Donald Trump was elected American president, (U.S. House of Representatives Speaker Paul) Ryan wore a black tie. The same Mr Ryan arrived in the Czech Republic (last week). He publicly stated that he had arrived basically in order to get Mr Nikulin to the United States, in which he succeeded. Well, one of the versions is that Mr Nikulin may in some way serve as a tool of the internal American political fight – to which the black tie served as well,” Zeman said.

“I do not consider this a very good solution if Czechs were to meddle in the American political situation,” Zeman added.

Ryan, who appreciated the Czech government for the extradition of Nikulin, did not meet Zeman during his recent visit to Prague without citing the reasons.

It may be that Ryan was doing the bidding of Trump. Or, more likely, Ryan may have made the move in what appears to be fairly unified NATO response to the attempted Sergei Skripal assassination.

Nikulin’s Russian-provided lawyer makes it clear they will negotiate

That said, I find it very interesting that Nikulin’s lawyer, whom the Russians asked to get involved, is explicitly already talking about a plea deal.

The legal team for Yevgeniy Nikulin, the Russian hacker accused of stealing data from LinkedIn and other American tech firms, will explore a plea deal with the U.S. government, according to Nikulin’s lawyer, Arkady Bukh.

“The likelihood of a trial is not very high,” Bukh said. The U.S. District Court for the Northern District of California, where Nikulin’s trial would occur, “has over a 99 percent conviction rate. We are not throwing clients under the bus,” Bukh said.

[snip]

Bukh was first contacted by the Russian consulate and asked to help on the case. He  was approved on Wednesday to act as a lawyer for Nikulin by the court. Although Bukh has been in regular and sustained contact with both Nikulin’s family and the Russian consulate, he had yet to speak with his client as of Wednesday night.

The Russian consulate has expressed concerns about Nikulin’s mental condition, and Bukh said he “appears to be depressed.”

Perhaps Bukh is taking this route because the Feds have Nikulin dead to rights and a plea is the most logical approach. Perhaps Russia has learned its lesson from Roman Seleznev, the son of a prominent Duma member, who has been shipped around to different jurisdictions to have additional onerous sentences added to his prison term; I’m fairly certain there are other sealed indictments against Nikulin besides the one he was charged under that DOJ could use similarly.

Or perhaps Russia has reason to want to bury any public airing of evidence regarding what Nikulin has done or could be said to have done.

How Nikulin might be involved in the 2016 operation

I’ve long suggested that Nikulin may have had a facilitating role in the 2016 operation. That’s because credentials from his LinkedIn hack were publicly sold for a ridiculously small amount just before May 18, 2016, rather inexplicably making them available outside the tight-knit group of Russians who had been using the stolen credentials up to that point.

Almost all of the people whose email boxes were sent to Wikileaks were affected by the LinkedIn (and/or MySpace) breach, meaning passwords and emails they had used became publicly available in the middle of the Russian operation. And those emails were exfiltrated in the days immediately following, probably May 19-25, the public release of those credentials.

In other words, it is possible that stolen credentials, and not GRU hacks, obtained the emails that were shared with WikiLeaks.

None of that is to say that Russia didn’t steal the emails shared with Wikileaks or arrange that handoff.

Rather, it’s to say that there is a counter-narrative that would provide convenient plausible deniability to both the Russians and Wikileaks that may or may not actually be how those emails were obtained, but also may be all wrapped up ready to offer as a narrative to undercut the claim that GRU itself handed off the emails.

Note, too, how that timing coincides with the public claims Konstantin Kozlovsky made last year, which I laid out here.

April 28, 2015: FSB accesses Lurk servers with Kaspersky’s help.

May 18, 2016: LinkedIn credentials allegedly stolen by Yevgeniy Nikulin made widely available.

May 18, 2016: Kozlovsky arrest.

May 19-25, 2016: DNC emails shared with WikiLeaks likely exfiltrated.

October 5, 2016: Yevgeniy Nikulin arrest in Prague.

October 20, 2016: Nikulin indictment.

November 1, 2016: Date of Kozlovsky confession.

December 5, 2016: Arrest, for treason, of FSB officers Dmitry Dokuchaev and Sergey Mikhailov.

February 28, 2017: Indictment (under seal) of FSB officers, including Dmitry Dokuchaev, Alexey Belan, and Karim Bartov for Yahoo hack.

March 15, 2017: Yahoo indictment unsealed.

August 14, 2017: Kozlovsky posts November 1 confession of hacking DNC on Facebook.

November 28, 2017: Karim Baratov (co-defendant of FSB handlers) plea agreement.

December 2, 2017: Kozlovsky’s claims posted on his Facebook page.

March 30, 2018: Extradition of Nikulin.

April 2, 2018: Report that Dokuchaev accepted a plea deal.

April 17, 2018: Scheduled court appearance for Nikulin.

With each new hacker delivered into US custody, something happens in Russia that may provide an alternate narrative.

And consider that in the wake of Nikulin’s extradition, Dmitry Dokuchaev and another of the people accused of treason in Russia have made a partial confession that will, like any Nikulin plea, serve to bury much of the claimed evidence against them.

Two of the four suspects in a Russian treason case, including a former agent in the FSB’s Information Security Center, have reportedly signed plea bargains where they confess to transferring data to foreign intelligence agencies. Three sources have confirmed to the magazine RBC that former FSB agent Dmitry Dokuchaev and entrepreneur Georgy Fomchenkov reached deals with prosecutors.

One of RBC’s sources says the two suspects claim to have shared information with foreign intelligence agencies “informally,” denying that there was anything criminal about the exchange. Dokuchaev and Fomchenkov say they were only trying to help punish cyber-criminals operating outside Russia and therefore outside their jurisdiction. Lawyers for the two suspects refused to comment on the story.

As a result of the plea bargains, the two men’s trials will be fast-tracked in a special procedure where the evidence collected against them isn’t reviewed. Dokuchaev and Fomchenkov will also face lighter sentences — no more than two-thirds of Russia’s maximum 20-year sentence for treason, says one of RBC’s sources.

The other two suspects in the treason case, former FSB Information Security Center agent Sergey Mikhailov and former Kaspersky Lab computer incidents investigations head Ruslan Stoyanov, have reportedly turned down plea bargains, insisting on their innocence.

All of which is to say that Nikulin offers at least a plausible counter-explanation for the DNC hack-and-leak, one that might shift blame for the operation to non-state actors rather than GRU, which is something Vladimir Putin has been doing since Nikulin’s extradition first became likely, even if he has changed his mind about whether such non-state Russians will be celebrated or demonized upon their roll-out.

Rolling out plea deals here and in Russia may be an effort to try to sell that counter-narrative, before Robert Mueller rolls out whatever he will about the hack-and-leak in coming days.

Update: A reader notes correctly that all the dossier’s reporting on Cohen, especially that describing a meeting in Prague, post-dates the Nikulin arrest. See this post for more on the timing of the Cohen reporting, piggy-backing off of PiNC’s analysis.

The Access Hollywood Search Doesn’t Mean Trump Coordinated with Assange

As I noted, yesterday several outlets reported that among the things included in the FBI warrant for Michael Cohen’s premises was communications between Trump, Cohen, and others (whom I suspect to include Steve Bannon and Marc Kasowitz) “regarding the infamous ‘Access Hollywood'” video.

FBI agents who raided the home, office and hotel of Donald Trump’s personal lawyer sought communications that Trump had with attorney Michael Cohen and others regarding the infamous “Access Hollywood” tape that captured Trump making lewd remarks about women a month before the election, according to sources familiar with the matter.

[snip]

The search warrant also sought communications between then-candidate Trump and his associates regarding efforts to prevent disclosure of the tape, according to one of the sources. In addition, investigators wanted records and communications concerning other potential negative information about the candidate that the campaign would have wanted to contain ahead of the election. The source said the warrant was not specific about what this additional information would be.

From that, people on both the right and the left have assumed, without presenting hard evidence, that this means there must be a tie to Russia. Most often, people assume this must mean Trump somehow managed the events of October 7, when the Intelligence Committee report blaming Russia for the DNC hack, the Access Hollywood video, and the first Podesta emails all came out in quick succession.

That’s certainly possible, but thus far there’s no reason to believe that’s the case.

Mueller and Rosenstein referred this

That’s true, first of all, because after consulting with Rod Rosenstein, Robert Mueller referred this to the Southern District of New York for execution and prosecution, rather than dealing with it himself. He did that surely knowing what a sieve for leaks SDNY is, and therefore knowing that doing so would undercut his remarkably silent teamwork thus far.

In spite of a lot of reporting on this raid this week, we don’t yet have a clear understanding of why the two chose to refer it (or, tangentially, why interim SDNY US Attorney Geoffrey Berman recused himself from this matter).

There are two options. The first is that Rosenstein believed hush payments and taxi medallion money laundering sufficiently attenuated to the Russian investigation that it should properly be referred. In which case, the fact that it was referred is itself reason to believe that Mueller — even while he had abundant evidence supporting the search warrant — has no reason to believe those releases were orchestrated with Wikileaks, and therefore have no direct interest to his investigation (though they may cough up one to three witnesses who will be more willing to cooperate when faced with their own fraud indictments). In which case, the Access Hollywood video would be just another example, like the Stormy Daniels and the Karen McDougal payoffs, of Trump’s efforts to bury embarrassing news, using whatever means necessary.

The other option is that Mueller does have evidence that Trump in some way managed the October 7 events, which would be one of the most inflammatory pieces of evidence we would have heard of so far, but that there was some other reason to refer the matter.

Michael Cohen wasn’t serving as an attorney for much of the reported documents

The really good reason to refer the warrant would be so that SDNY would serve as a natural clean team, sorting through seized items for privileged communications, only to hand them back to Mueller’s team in DC once they’ve sorted through them. It’s an idea Preet Bharara and Matt Miller, among others, have floated.

Before we conclude that SDNY is only serving as a clean team for Mueller’s team here, consider that coverage has vastly overstated the degree to which the items being searched will fall under attorney-client privilege.

The search also sought information on Cohen’s taxi medallions, a business in which he has had really corrupt partners, some Russian, with their own legal problems, and one that has reportedly left Cohen with some debt problems that make his purported personal payment to Stormy Daniels all the more sketchy.

In addition, as soon as Trump claimed to know nothing of the hush payment to Daniels last Friday, the government could credibly claim that either Cohen was not representing Trump when paying off Daniels, or involved in fraud.

The NYT has reported that the raid also sought all communications between Cohen and National Enquirer’s top brass, communications that would in no way be privileged.

Even the reported communications about the Access Hollywood video may not be privileged. If they involved four people, then the only way they’d be covered by privilege is if they counted as campaign emails and Marc Kasowitz, not Cohen, was the attorney providing privileged advice in question. In that case, Cohen would have been playing the press contact role he often did during the campaign.

Still, just because Cohen was not playing the role of an attorney during most of the activities the FBI is interested in doesn’t mean the FBI won’t be really careful to make sure they don’t violate privilege, and I’m sure they’ll still use a taint team.

Mueller has already dealt with (at least) two sensitive attorney-client relationships in his investigation

Even on top of the eight members of the White House Counsel’s office who have spoken with the Special Counsel, Mueller’s team has dealt with (at least) two other sensitive attorney-client relationships.

The first was Melissa Laurenza, a lawyer for Paul Manafort whom he had write false declarations for FARA registry. Judge Amy Berman Jackson permitted Mueller’s team to ask her seven of eight proposed question after proving Manafort had used her services to engage in fraud.

More recently, we’ve gotten hints — but only hints — of what must be extensive cooperation from Skadden Arps and its partner Greg Craig, describing how Manafort and Gates laundered money to pay the firm loads of money to write a report they hoped would exonerate Ukraine’s persecution of Yulia Tymoshenko. While the cooperation of Skadden itself was probably effusive in its voluntary nature (the firm seems determined to avoid the taint that Tony Podesta’s firm has acquired in this process), Mueller did subpoena Alex Van der Zwaan and it’s unclear what methods the FBI used to obtain some of the materials he tried to hide from prosecutors.

Neither of those exchanges involves a search warrant. But they do show that Mueller is willing to take on the tricky issue of attorney testimony first-hand. Using SDNY as a clean team still may be the easiest option in the Cohen case, but Mueller clearly isn’t shying away from managing all such issues in-house in other cases.

The other possible explanations for the Access Hollywood search and the October 7 timing

Which brings us finally to the other possibilities behind the Access Hollywood search.

It’s certainly possible that the coincidental release of all these things was coordination, entirely orchestrated by the Trump campaign. But there are a number of reasons — on top of the fact that Mueller isn’t keeping this search far tighter under his own control — I think that’s not the most likely explanation.

Consider this story, arguing that the real story of Access Hollywood isn’t that it leaked on October 7 — the piece notes that David Farenthold had only received it that day — but that it didn’t leak earlier in the process, when it might have led Trump to lose the primary.

t is just impossible to believe that the tape not coming out at the start of Trump’s campaign, when logic dictates that it would have blown Trump instantly out of the water (before he was in a position where Republicans had no choice other than to keep backing him against the evil Hillary Clinton), was anything but a highly unethical political decision by someone at NBC. The fact that no one has ever even gotten an answer from NBC about how this could have happened is equally unfathomable and yet, given the news media’s overall incompetence, kind of expected.

[snip]

It has always struck me as EXTREMELY odd that it was the Washington Post, not NBC, who first released the tape on Friday Oct. 7, 2016, barely beating NBC which, it should be noted, was clearly ready to go with it immediately after the Post did. I presumed that perhaps NBC wanted this to be the case because it might take some of the focus off why they had not released it during the primaries (and thus chose not to prematurely kill off the media’s Golden Goose which was Trump’s ratings-friendly campaign).

However, there is another aspect of the Post being the outlet which got the big scoop that has always struck me as potentially very significant. The Post’s reporter, David Fahrenthold, has said that he was only made aware of the tape, via an unnamed source, THAT day — which is a clear indication that whomever was trying to get the Post to release it had decided to do so in tremendous haste. After all, if the source had planned it sooner they would have made contact with Fahrenthold well before then because he might have been out of pocket that day.

[snip]

For instance, what if it was actually someone from the TRUMP team who leaked the tape. At first glance, this seems ludicrous because no one thought that Trump would be anything but greatly harmed by the tape (though he clearly was not). But what if someone in Trump World got wind that the tape was about to be released and decided that stepping all over the Russia news (which would normally have dominated the narrative for the remainder of the campaign) would at least create the least bad outcome for them?

I don’t agree that the release was released when it was to distract from the Russia announcement that day. As I’ve long noted, in reality, the Access Hollywood distracted from the Podesta emails, effectively burying the most damning release in the bunch, the excerpts of Hillary’s speeches that even Democrats had been demanding she release since the primary. And while the Trump team might claim they didn’t control the release of the Podesta emails directly — and Roger Stone’s predictions that Wikileaks would release Clinton Foundation rather than Podesta emails were dead wrong — the Trump team at least knew something was coming (indeed, Wikileaks had made that clear themselves). So there’s little reason they would stomp on what they had long welcomed with the Access Hollywood tape. As this post alludes, I also think the Trump team and Russians or Wikileaks may have been squabbling over whether Wikileaks would release possibly faked Clinton Foundation emails that week, only to scramble when Wikileaks refused to release whatever the Peter Smith effort had gotten dealt to them.

Like the Mediate piece, I’m interested in the way that Steve Bannon had Clinton accusers all lined up to go that weekend (indeed, I noted how quickly Stone moved to that after having raised expectations for a Clinton Foundation release). But I also think there are some reasons to believe that attack was in the works for other reasons (though I agree it might reflect advance knowledge that the video might come out, or even that Stormy Daniels might come forward).  Finally, I don’t think the release came from Trump because of all the reports of Republicans trying to convince Trump to step down (though it’s possible the GOP dropped the video in one last bid to get him to do so).

One alternative narrative, then, is that the real story about the Access Hollywood suppression goes back months or years earlier, as one of the things Trump managed to suppress throughout the campaign, but something happened internally to breach that agreement. And, separately, that either Assange by himself, with Russian help, or with Trump assistance, timed the Podesta emails to come out as the Russian attribution was coming out. That is, it could be that the real story remains that whoever orchestrated the Wikileaks release did so in an attempt to bury the Russian attribution, but that the coincidental release of the Access Hollywood video in turn buried the Podesta emails.

Finally, it’s possible that Democrats got ahold of the Access Hollywood video and they released it to (successfully) drown out the Podesta emails, which they (and the intelligence community) also would have known were coming, but by doing so, they also drowned out the all-important Russian attribution in the process.

The point is, we don’t know. And nothing we know thus far about the process leading to this warrant or about the suppression and release of either the video or the women’s stories suggest it all took place that week of October. Trump’s usual m.o. is about suppression, not timing.

That said, I’m curious if this raid will reveal details about one other item Trump probably tried to suppress: the nude Melania photos that NYPost released on July 31, 2016, just as campaign season got going in earnest.

Manafort Wants DOJ to Return Some of the Information Seized in His No-Knock Search

Paul Manafort has submitted two motions to suppress information collected pursuant to two warrants. The first, to suppress the fruits of a May 27, 2017 search of a storage facility in Alexandria, was submitted in timely fashion on April 6. The second, to suppress the fruits of the widely publicized no-knock search of his Alexandria condo on July 27, 2017, was submitted late, though Judge Amy Jackson Berman let him do so even though he only asked permission to do so hours before the deadline.

While I don’t think these motions, particularly as submitted, will succeed, I think they’re interesting because in addition to seeking to suppress evidence in the ConFraudUs prosecution he has already been charged with, appears to seek to suppress any evidence obtained relating to the election tampering conspiracy.

The storage unit search feeds the base but misrepresents the facts

For reasons I don’t understand, Manafort has argued these two motions in nested fashion. He argues the storage unit search was improper and collected data outside the scope of the warrant, meaning any fruit of that search should also be suppressed (though that may aim to suppress other searches not at issue here).

The storage unit search is one that online conspirators have talked a lot about, suggesting the search was done pursuant to FISA order, or in other ways done improperly. So by seeking to suppress this search, Manafort is doing what is expected of him by Trump’s frothy base.

That said, the motion itself makes a number of claims that the exhibits submitted to support the motion don’t support. The motion argues that:

  • The person who voluntarily let the FBI into the storage unit, Alexander Trusko, was a former employee (and may not have been acting voluntarily), and so no longer entitled entry to the storage unit
  • That person was otherwise not authorized to have access to the storage unit
  • The FBI took virtually everything in the storage unit

That’s not backed by the exhibits. For example, the affidavit notes that, while Trusko showed the FBI the storage facility was a former employee of Davis Manafort (the allegation in the motion), he was still an employee of Paul Manafort, just another company Manafort ran.

On May 26, 2017, your Affiant met with [redacted], a former employee of Davis Manafort Partners, and a current employee of Steam Mountain, LLC, which is a business currently operated by Paul Manafort. [redacted] advised that he is a salaried employee of Manafort’s company, and that he performs a variety of functions for Manafort and his companies as directed by Manafort.

The storage facility lease clearly shows Trusko to be the occupant, with Rick Gates listed as an alternate contact and Manafort just as an Authorized Access Person.

Manafort’s going to have a tough time arguing that the person on the lease is not a person with the authority to enter the facility.

Finally, the FBI agent who did the search counted “approximately 21 bankers’ boxes that could contain documents, as well as a five-drawer metal filing cabinet.” But the return of the search warrant appears to show just nine boxes of documents, meaning the FBI took just a fraction of what was in the storage unit.

While this application asks for records on the Podesta Group (but not, curiously, Vin Weber or his Mercury group, the other lobbying company Manafort got to work for the Party of Regions), it doesn’t ask for anything specifically related to the election conspiracy.

Even before you consider the fact that FBI got this warrant without hiding any of the details that Manafort claims makes the search suspect, those claims seem misleading at best. This motion is almost certainly going nowhere, except to feed the frothing conspiracists.

The condo search focuses on the Ukraine crimes but asks for June 9 meeting materials

I’m more interested in the motion to suppress the condo search and its fruits.

As a threshold matter, between May and July 2017, the scope of crimes being investigated mushroomed, to include both the fraudulent loans obtained during the election and afterwards, as well as foreign national contributions to an election, with a broad conspiracy charge built in.

Compare the list of crimes in the storage unit affidavit:

  • 31 USC 5314, 5322 (failure to file a report of foreign bank and financial amounts)
  • 22 USC 618 (Violation of FARA)
  • 26 USC 7206(a) (filing a false tax return)

With the list in the residence affidavit:

  • 31 USC 5314, 5322
  • 22 USC 611 et seq (a broader invocation of FARA)
  • 26 USC 7206
  • 18 USC 1014 (fraud in connection with the extension of credit)
  • 18 USC 1341, 1343, 1349 (mail fraud and conspiracy to commit mail fraud)
  • 18 USC 1956 and 1957 (money laundering)
  • 52 USC 30121 (foreign national contributions to an election)
  • 18 USC 371 and 372 (conspiracy to defraud the US, aiding and abetting, and attempt to commit such offenses)

So this motion to suppress would suppress both evidence used to prosecute Manafort in the EDVA case, as well as the eventual hack-and-leak conspiracy.

And in addition to records on Manafort, Gates’, and (another addition from the storage unit warrant), the warrant permits the seizure of records tied to the June 9 meeting and Manafort’s state of mind during all the enumerated crimes (but that bullet appears right after the June 9 meeting one).

It also includes an authorization to take anything relating to Manafort’s work for the foreign governments, including but not limited to the Ukrainians that have already been charged, which would seem to be a catchall that would cover any broader conspiracies with Russia.

This makes sense. The June 9 story broke in July 2017 based off documents that Jared Kushner and Manafort had provided to Congress in June — though I do wonder whether there were any records relating to the meeting in the storage unit.

To be fair, this motion is not much stronger than the first one. Manafort doesn’t even present as much reason to throw out this search as he did for the storage unit. He basically just argues the warrant is overbroad, agents exceeded the scope of it, and DOJ improperly has held on to things not covered by the scope of the warrant. He does claim the warrant doesn’t incorporate the affidavit that lays out what can be searched, which I don’t understand because the application does say to refer to the affidavit. Curiously, while in the aftermath of the search, stories reported that the search had improperly seized privileged materials, he doesn’t complain about that in this motion (the docketed materials make it clear that FBI separated out any potentially privileged materials).

That said, I think some of the claim that the warrant was overbroad will need a careful response.

Three specific complaints may suggest what Manafort’s really worried about

Amid the larger argument about overbroad search, Manafort says several things that I find of particular interest. For example, the motion complains that by asking for Manafort’s “state of mind” (either specifically as it relates to the June 9 meeting more broadly).

a warrant directing agents to seize all evidence of the subject’s “state of mind” does not restrict
the agent’s discretion at all. Indeed, the warrant may just as well have told agents to search for
and seize any evidence that the subject committed the subject offenses – all of which require
knowledge and intent.

It seems DOJ may have more specific concerns about Manafort’s state of mind when dealing with Russians, because it goes to his many mixed motivations tying to the election.

Then, Manafort argues, curiously, that the FBI took devices that could not conceivably include evidence like some iPods.

For example, the search warrant inventory of electronic devices seized or imaged includes things such as an Apple iPod music device and some Apple iPod Touch music and video devices.

Except that’s not right: you can use Signal on iPods, so these might have stored communication. Which would be precisely the kind of thing that would be of most interest: devices that could be used for encrypted comms that would not show up on cell records.

Finally, Manafort complains, at length, that DOJ hasn’t given any of this back.

To date, the government has not represented that the materials seized were subject to any process or procedure to insure the government only retained materials within the scope of the search warrant. The government has only represented that the materials have been subject to a privilege review. The government is required to review seized materials and “identify and return those materials not covered by the warrant.”

They do so citing longer periods of review, so it’s unlikely this complaint will go anywhere.

But as I’ve said, Manafort has a great incentive, in his likely futile suppression motions, to try to force DOJ to cough up more information about the case in chief. And by demanding that DOJ start giving stuff back, he may force them to show what they consider valuable or at least still can’t make sense of.

Ultimately, this suppression motion may be more about trying to prevent the government from keeping stuff supporting even more charges while it pursues the two classes of charged crimes and the soon to be charged crimes named in the affidavit.

bmaz was proved fucking right

Finally, just to prove that bmaz was right all along, I’ll note that this search warrant permits the FBI to take things relating to Manafort’s wife Kathleen.

bmaz has long been wondering why DOJ didn’t also charge her, which might provide more leverage to get Manafort to flip than charging Gates would. References in the affidavit to them reorganizing their lives suggests Kathleen might not have been as persuasive as she once would have been.

Why Are Republicans Still Squealing about FISA Applications If HPSCI Report Cedes Carter Page Concerns?

Republicans in Congress continue to make fairly breath-taking demands on Rod Rosenstein and Christopher Wray in what seems to be an attempt to create a bogus claim of non-responsiveness that Trump can use to fire one or both of them.

First there was the demand that the House Intelligence Committee get all of FBI’s non-grand jury records on the Mueller investigation, a demand Paul Ryan backed. Then there was the push to publish the Nunes memo over DOJ’s objections. More recently, after Wray’s doubling the number of FBI staffers (to 54) in an attempt to meet a Bob Goodlatte document deadline for FISA, Hillary investigation, and McCabe firing materials proved insufficient, Jeff Sessions has put Chicago’s US Attorney, John Lausch, in charge of the response. As with Sessions’ selection of Utah US Attorney John Huber to review other GOP demands, Sessions seems to be giving himself and his deputies cover from fairly ridiculous GOP demands.

Nevertheless, such concessions have not entirely sheltered Trump’s main targets from the kinds of complaints that might expose Robert Mueller’s investigation below them. Mark Meadows, one of the lead attack dogs in this congressional obstruction effort, even suggested Congress might impeach Rosenstein for failing to meet a 2-week deadline on a Bob Goodlatte subpoena.

Through it all, the complaints that FBI used the Steele dossier as one piece of evidence in Carter Page’s FISA application, persist. This, in spite of the fact that Page had been under FISA surveillance years before, and in spite of the fact that all sides agree that the counterintelligence investigation into Trump’s aides started in response to the George Papadopoulos tip from Australia.

This, in spite of the passage from the Schiff memo (including one redacted sentence) that seems to assert that FBI considered Page an on-going counterintelligence concern.

DOJ cited multiple sources to support the case for surveillance Page — but made only narrow use of information from Steele’s sources about Page’s specific activities in 2016, chiefly his suspected July 2016 meetings in Moscow with Russian officials. [entire short sentence redacted] In fact, the FBI interviewed Page in March 2016 about his contact with Russian intelligence, the very month candidate Donald Trump named hi a foreign policy advisor.

And the Schiff memo is consistent with what Sheldon Whitehouse (among the few other people who had read the application at the time) said.

Whitehouse: I’ve got to be careful because some of this is still classified. But the conclusion that I’ve reached is that there was abundant evidence outside of the Steele dossier that would have provoked any responsible FBI with a counterintelligence concern to look at whether Carter Page was an undisclosed foreign agent. And to this day the FBI continues to assert that he was a undisclosed Russian foreign agent.

Importantly, however, it’s no longer just former prosecutors in the Democratic party who seem to confirm that Page was a real counterintelligence concern, and therefore legitimately a FISA target. At least, that’s what these two passages from the GOP House Intelligence Report suggest.

If you’re complaining that the Intelligence Community didn’t inform Trump about that members of his campaign team were “assessed to be potential counterintelligence concerns,” (and this likely includes Paul Manafort, as well as Page), then you can’t very well complain if FBI obtained a FISA warrant once those counterintelligence concerns left the campaign team. Hell, you’re practically inviting the FBI to obtain such a warrant while the counterintelligence concern is on the campaign, to help warn the candidate.

I know this is a bit to ask, but the GOP should not be able to have it both ways, to try to discredit the Trump investigation by pointing to the use of the Steele dossier in targeting Page, even while demanding FBI should have shared what it knew about Page because he posed a risk to Trump.

There Are Almost Certainly Other DAG Rosenstein Memos

As I noted in this post, Robert Mueller’s team of “Attorneys for the United States of America” responded to Paul Manafort’s claim that Rod Rosenstein’s grant of authority to the Special Counsel did not extend to the money laundering he is currently being prosecuted for by revealing an August 2, 2017 memo from Rosenstein authorizing Mueller to investigate, along with a bunch of redacted stuff,

Allegations that Paul Manafort:

  • Committed a crime or crimes by colluding with Russian government officials with respect to the Russian government’s efforts to interfere with the 2016 election for President of the United States, in violation of United States law;
  • Committed a crime or crimes arising out of payments he received from the Ukrainian government before and during the tenure of President Viktor Yanukovych.

As the filing notes, this memo has not been revealed before, neither to us nor to Manafort.

That’s all very interesting (and has the DC press corps running around claiming this is a big scoop, when it is instead predictable). More interesting, however, is the date, which strongly suggests that there are more of these memos out there.

Mueller is unlikely to have waited two and a half months to memorialize his scope

I say that, first of all, because Rosenstein wrote the August 2 memo two and a half months after he appointed Mueller. Given Trump’s raging attacks on the investigation, it’d be imprudent not to get memorialization of the scope of the investigation at each step. Indeed, as I’ve noted, in the filing Mueller points to the Libby precedent, arguing that this memo “has the same legal significance” as the two memos Jim Comey used to (publicly) memorialize the scope of Patrick Fitzgerald’s investigation.

The August 2 Scope Memorandum is precisely the type of material that has previously been considered in evaluating a Special Counsel’s jurisdiction. United States v. Libby, 429 F. Supp. 2d 27 (D.D.C. 2006), involved a statutory and constitutional challenge to the authority of a Special Counsel who was appointed outside the framework of 28 C.F.R. Part 600. In rejecting that challenge, Judge Walton considered similar materials that defined the scope of the Special Counsel’s authority. See id. at 28-29, 31-32, 39 (considering the Acting Attorney General’s letter of appointment and clarification of jurisdiction as “concrete evidence * * * that delineates the Special Counsel’s authority,” and “conclud[ing] that the Special Counsel’s delegated authority is described within the four corners of the December 30, 2003 and February 6, 2004 letters”). The August 2 Scope Memorandum has the same legal significance as the original Appointment Order on the question of scope.

The first of those Comey letters, dated December 30, 2003, authorized Fitz to investigate the leak of Valerie Plame’s identity. The second of those, dated February 6, 2004, memorialized that Fitz could also investigate,

federal crimes committed in the course of, and with intent to interfere with, your investigation, such as perjury, obstruction of justice, destruction of evidence, and intimidation of witnesses; to conduct appeals arising out of the matter being investigated and/or prosecuted; and to pursue administrative remedies and civil sanctions (such as civil contempt) that are within the Attorney General’s authority to impose or pursue.

It’s the second memo that memorialized Fitz’ authority to prosecute Scooter Libby for protecting Dick Cheney’s role in outing Valerie Plame.

Mueller, then the acting FBI Director, would presumably have been in the loop of the Fitz investigation (as Christopher Wray is in Mueller’s) and would have known how these two letters proceeded. So it would stand to reason he’d ask for a memo from the start, particularly given that the investigation already included multiple known targets and that Trump is even more hostile to this investigation than George Bush and Dick Cheney were to Fitz’s.

Admittedly, unlike the Comey memo, which was designed for public release, there’s no obvious, unredacted reference to a prior memo. Though something that might imply a prior memo is redacted at the top of the released memo (though this is probably a classification marking).

And, given that this memo was designed to be secret, Rosenstein may have written the memo to obscure whether there are prior ones and if so how many.

The memo closely follows two key dates

That said, the date of the memo, August 2, is mighty curious. It is six days after the July 27 Papadopoulos arrest at Dulles airport. And seven days after the July 26 no knock search of Paul Manafort’s Alexandria home.

That timing might suggest any of several things. It’s certainly possible (though unlikely) the timing is unrelated.

It’s possible that Rosenstein wrote the memo to ensure those two recent steps were covered by his grant. That wouldn’t mean that the search and arrest wouldn’t have been authorized. The memo itself notes that Mueller would be obliged to inform Rosenstein before each major investigative step.

The Special Counsel has an explicit notification obligation to the Attorney General: he “shall notify the Attorney General of events in the course of his or her investigation in conformity with the Departmental guidelines with respect to Urgent Reports.” 28 C.F.R. § 600.8(b). Those reports cover “[m]ajor developments in significant investigations and litigation,” which may include commencing an investigation; filing criminal charges; executing a search warrant; interviewing an important witness; and arresting a defendant.

Both Papadopoulos’ arrest and that dramatic search would fit this criteria. So it’s virtually certain Rosenstein reviewed Urgent Memos on both these events before they happened. Plus, his memo makes it clear that the allegations included in his memo “were within the scope of the Investigation at the time of your appointment and are within the scope of the Order,” meaning that the inclusion of them in the memo would retroactively authorize any activities that had already taken place, such as the collection of evidence at Manafort’s home outside the scope of the election inquiry.

As I noted, the memo also asserts that Special Counsels’ investigative authority, generally, extends to investigating obstruction and crimes the prosecutor might use to flip witnesses.

The filing is perhaps most interesting for the other authorities casually asserted, which are not necessarily directly relevant in this prosecution, but are for others. First, Mueller includes this footnote, making it clear his authority includes obstruction, including witness tampering.

The Special Counsel also has “the authority to investigate and prosecute federal crimes committed in the course of, and with intent to interfere with, the Special Counsel’s investigation, such as perjury, obstruction of justice, destruction of evidence, and intimidation of witnesses” and has the authority “to conduct appeals arising out of the matter being investigated and/or prosecuted.” 28 C.F.R. § 600.4(a). Those authorities are not at issue here.

Those authorities are not at issue here, but they are for the Flynn, Papadopoulos, Gates, and Van der Zwaan prosecutions, and for any obstruction the White House has been engaging in. But because it is relevant for the Gates and Van der Zwaan prosecutions, that mention should preempt any Manafort attempt to discredit their pleas for the way they expose him.

The filing includes a quotation from DOJ’s discussion of special counsels making it clear that it’s normal to investigate crimes that might lead someone to flip.

[I]n deciding when additional jurisdiction is needed, the Special Counsel can draw guidance from the Department’s discussion accompanying the issuance of the Special Counsel regulations. That discussion illustrated the type of “adjustments to jurisdiction” that fall within Section 600.4(b). “For example,” the discussion stated, “a Special Counsel assigned responsibility for an alleged false statement about a government program may request additional jurisdiction to investigate allegations of misconduct with respect to the administration of that program; [or] a Special Counsel may conclude that investigating otherwise unrelated allegations against a central witness in the matter is necessary to obtain cooperation.”

That one is technically relevant here — one thing Mueller is doing with the Manafort prosecution (and successfully did with the Gates one) is to flip witnesses against Trump. But it also makes it clear that Mueller could do so more generally.

Mueller used the false statements charges against Papadopoulos to flip him. He surely hopes to use the money laundering charges against Manafort to flip him, too. Both issues may have been at issue in any memo written to newly cover the events of late July.

Mueller may not have revealed the scope of the Manafort investigation at that time

Now consider this detail: the second bullet describing the extent of the investigation into Manafort has a semi-colon, not a period.

It’s possible Mueller used semi-colons after all these bullets (of which Manafort’s is the second or third entry). But that, plus the resumption of the redaction without a double space suggests there may be another bulleted allegation in the Manafort allegation.

There are two other (known) things that might merit a special bullet. First, while it would seem to fall under the general election collusion bullet, Rosenstein may have included a bullet describing collusion with Aras Agalarov and friends in the wake of learning about the June 9 Trump Tower meeting with his employees. More likely, Rosenstein may have included a bullet specifically authorizing an investigation of Manafort’s ties with Oleg Deripaska and Konstantin Kilimnik.

The Mueller memo actually includes a specific reference to that, which as I’ve noted I will return to.

Open-source reporting also has described business arrangements between Manafort and “a Russian oligarch, Oleg Deripaska, a close ally of President Vladimir V. Putin.”

The latter might be of particular import, given that we know a bunch of fall 2017 interviews focused on Manafort’s ties to Deripaska and the ongoing cover-up with Kilimnik regarding the Skadden Arps report on the Yulia Tymoshenko prosecution.

All of which is to say that this memo may reflect a new expansion of the Manafort investigation, perhaps pursuant to whatever the FBI discovered in that raid on Manafort’s home. If so, that should be apparent to him, as he and his lawyers know what was seized.

Still, I wouldn’t be surprised if he inquired about what authorized that July 26 raid, if for no other reason than to sustain his effort to make more information on Mueller’s investigation public.

The redactions almost certainly hide two expansions to the investigation as it existed in October 2016

Now let’s turn to what else (besides another possible Manafort bullet) the redactions might show, and what may have been added since.

The unredacted description of the Manafort investigation takes up very roughly about one fifth of the section describing allegations Mueller was pursuing.

The Schiff Memo revealed that DOJ had sub-investigations into four individuals in October 2016.

Endnote 7 made it clear that, in addition to Page, this included Flynn and Papadopoulos, probably not Rick Gates, and one other person, possibly Roger Stone.

In August 2017, all four of those would have been included in a Rosenstein memo, possibly with a bullet dedicated to Gates alone added. That said, not all of these would require two or more bullets (and therefore as much space as the Manafort description). Papadopoulos’ description might include two, one dedicated to the collusion and one to the lying about collusion, or just one encompassing both the collusion and the lying. Flynn’s might include three, one dedicated to the collusion, one to the lying about it, and one to the unregistered foreign agent work, including with Turkey, that we know Mueller to have been investigating; or, as with Papadopoulos, the lying about the collusion might be incorporated into that bullet. Stone’s bullet would likely have only reflected the collusion, an investigation that is currently very active. Carter Page’s suspected role as a foreign agent might be one bullet or two.

That suggests, though doesn’t confirm, that there are a few other things included in those redacted bullets, things not included in the investigation in October 2016 as reflected in the Schiff memo.

Indeed, we should expect two more things to be included in the bullet points: First, the name of any suspect, including the President, associated with the obstruction of justice. Rosenstein himself had already been interviewed with respect to that aspect of the investigation by August 2, so surely Rosenstein had already authorized that aspect of the investigation.

The redactions most likely also include the names of Don Jr and Jared Kushner (and Paul Manafort), for their suspected collusion with Russia as reflected in the June 9 meeting. At least according to public reporting, Mueller may have first learned of this in June when Manafort and Kushner confirmed it in turning over evidence to Congress and Mueller. The first revelations that Mueller was obtaining subpoenas from a dedicated grand jury were on August 3, just one day after this memo. That same day, reports described Mueller issuing subpoenas related to the June 9 meeting.

Indeed, it’s quite possible Rosenstein issued this memo to memorialize the inclusion of the President’s spawn among the suspects of the investigation.

Rosenstein has almost certainly updated this memo since August 2

All that said, there’s not enough redacted space to include the known expanded current scope of the investigation, and given that the newly expanded scope gets closer to the President, Rosenstein has surely issued an update to this memo since then. These things are all definitively included in the current scope of the investigation and might warrant special mention in any update to Rosenstein’s authorizing memo:

Many of these — particularly the ones that affect only Russians — might be included under a generic “collusion with Russia” bullet. The closer scrutiny on Jared, however, surely would get an update, as would any special focus on the Attorney General.

More importantly, to the extent Mueller really is investigating Trump’s business interests (whether that investigation is limited just to Russian business, or more broadly) — the red line the NYT helpfully set for the President — that would necessarily be included in the most up-to-date memo authorizing Mueller’s activities. There is no way Mueller would take actions involving the President personally without having the authorization to do so in writing.

Which is why we can be virtually certain the August 2 memo is not the last memo Rosenstein has written to authorize Mueller’s actions.

Mind you, Mueller probably wouldn’t want to release a memo with several pages of redacted allegations. Which may be why we’re looking at the redacted version of an almost certainly superseded memo.

Updated: Later today Mueller’s team asked to file a copy of an exhibit–which given Judge Berman Jackson’s description of it as released in redacted form, has to be the Rosenstein memo–under seal. Which suggests they’re going to show Manafort what else they’re investigating (which I bet is the Deripaska stuff).

The Papadopoulos Interfax Interview and Another Syria Data Point

The other day, the WaPo had a story reviewing the larger role in the Trump campaign George Papadopoulos had than the Trump folks admit. Much of this work has appeared elsewhere, but I’m particularly interested in the WaPo’s account of the direction Deputy Comms Director Brian Lanza gave to George Papadopoulos regarding an Interfax interview he would do. He emphasized that the campaign wanted the message that it wanted a partnership with Russia on Syria.

When a Russian news agency reached out to George Papadopoulos to request an interview shortly before the 2016 election, the young adviser to then-
candidate Donald Trump made sure to seek approval from campaign headquarters.

“You should do it,” deputy communications director Bryan Lanza urged Papadopoulos in a September 2016 email, emphasizing the benefits of a U.S. “partnership with Russia.”

[snip]

“Received a request from Interfax Russian News Agency with Ksenia Baygarova on U.S.-Russia ties under a President Trump. What do you think?” he wrote to Lanza on Sept. 9, 2016. “If the campaign wants me to do it, can answer similar to the answers I gave in April while in Israel.”

Lanza gave the go-ahead, citing the conflict in Syria as a reason to work with the Russians. Papadopoulos then offered to send the campaign a copy of the interview after it was published.

“You’re the best. Thank you!” Lanza responded.

Lanza declined to comment.

In the interview, published Sept. 30, 2016, Papadopoulos told the Russian media outlet that Trump had been “open about his willingness to usher in a new chapter in U.S.-Russia ties,” specifically citing the need for cooperation in Syria.

As WaPo notes, the resulting interview is one Papadopoulos made sure Ivan Timofeev saw, in what may be part of a signaling process to Russia on Trump policy questions. In it, Papadopoulos specifically came out against regime change, one of the US policies Putin especially loathes.

Q.: Do you share the opinion that the Assad regime should be immediately removed from power in Syria?

A.: We do not support aggressive changes of regimes anywhere including Syria. Look what had happened in Lybia and Iraq. We all remember this. However, it does not mean that we support Assad either.

Syria was key in other signaling — and in Jared’s top policy priorities immediately after the election.

The focus on Syria is key: remember that Jared Kushner explained his request to Sergei Kislyak for a Russian-run secure back challenge as an effort to cooperate on Syria.

The Ambassador expressed similar sentiments about relations, and then said he especially wanted to address U.S. policy in Syria, and that he wanted to convey information from what he called his “generals.” He said he wanted to provide information that would help inform the new administration. He said the generals could not easily come to the U.S. to convey this information and he asked if there was a secure line in the transition office to conduct a conversation. General Flynn or I explained that there were no such lines. I believed developing a thoughtful approach on Syria was a very high priority given the ongoing humanitarian crisis, and I asked if they had an existing communications channel at his embassy we could use where they would be comfortable transmitting the information they wanted to relay to General Flynn.

So it’s possible the attacks on Hillary’s Syria policy were a signal — as the earlier speech’s call for engagement with Russia apparently was — to Timofeev.

The Papadopoulos interview was published on September 30, just 11 days before Don Jr. flew to Paris to meet with some pro-Russian Syrians.

One meeting that Donald Trump Jr. has not fully explained is a speech in Paris on October 11, 2016, just weeks before the election.

In his capacity as a key member of the Trump campaign, Trump Jr. spoke at the meeting at the request of a French think tank, The Center of Political and Foreign Affairs. Trump Jr. was likely paid about $50,000 for the speech, according to the speaking fees listed by talent booking agency that represents him.

The CFPR has a reputation in the French press as being “openly connected to the Russians.” It is difficult, however, to track just how connected they are, as France does not require it’s nonprofit organizations to disclose their finances.

The founders of the center have worked closely with the Russian government to end the conflict in Syria and in 2016, nominated Russian President Vladimir for the Nobel Peace Prize. The center’s director, Fabien Baussart, has been described as “a former lobbyist for Russian oligarchs in France.” He cited Putin’s “peace-making efforts” as reason for his nomination. One of the founders, Baussart’s wife Randa Kassis, heads a political party called the Movement for a Pluralistic Society, which is in part endorsed by Russia in support of Syrian president Bashar al-Asssad.

Now we know, then, that even at the level of flacks, the emphasis in this period was on publicizing (to Russians, in a Russian outlet) the Trump willingness to work together on Syria, and specifically to depart from US efforts to remove Assad.

 

The Daily Beast Guccifer Scoop and Those GRU Officers Sanctioned Last Week

The Daily Beast has a story reporting (in addition to the already reported news that the DNC hack got moved under Robert Mueller) that the person behind the Guccifer 2.0 persona “slipped up” once and failed to use the VPN hiding his location in the GRU headquarters in Moscow.

[O]n one occasion, The Daily Beast has learned, Guccifer failed to activate the VPN client before logging on. As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation.

The US identified which particular officer was behind the Guccifer persona.

Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow.

And then, according to TDB, the Guccifer persona was handed off to a more experienced GRU officer, with better English skills.

Sometime after its hasty launch, the Guccifer persona was handed off to a more experienced GRU officer, according to a source familiar with the matter. The timing of that handoff is unclear, but Guccifer 2.0’s last blog post, from Jan. 12, 2017, evinced a far greater command of English that the persona’s earlier efforts.

TDB’s sources did not reveal the name of the officer identified from the VPN “slip up.”

The Daily Beast’s sources did not disclose which particular officer worked as Guccifer.

But we may already know the name or names of the GRU officers involved. As I noted last week, Treasury added two names to the list of GRU officers sanctioned in conjunction with the DNC hack: Sergei Afanasyev and Grigoriy Viktorovich Molchanov. Both would actually be (very) experienced officers — they are 55 and 62. And both include very interesting “as of” dates identifying the last point when our intelligence officials identified their positions: February 2017 and April 2016, respectively.

The latter is of particular interest, as it came during the period when Guccifer 2.0 was setting up his infrastructure. But the government doesn’t know a ton about this guy — they know his birth year, but not his birth date, and possibly not even his passport information.

In any case, last week, the government revealed two new people it blames (and therefore sanctioned) for the DNC hack.

As TDB notes, the revelation that the government has tied Guccifer 2.0 to a known GRU officer is utterly damning for Roger Stone, who has admitted talking to him. But they don’t lay out how squirrelly Stone was in early March when trying to deny he was in trouble for his dalliances with Guccifer 2.0 and Wikileaks, which I laid out here.

In his response he does the following:

  • Raises doubts that he was actually talking to Guccifer 2.0 (even though Guccifer 2.0’s only identity was virtual, so Stone’s online interactions with any entity running the Guccifer Twitter account would by definition be communication with Guccifer 2.0)
  • Repeats his earlier doubts that Guccifer 2.0 is a Russian operative
  • Emphasizes that he couldn’t have couldn’t have been involved in any hack of the DNC Guccifer 2.0 had done because he first spoke to him six weeks after the email release (in reality, he was speaking to him three weeks after the Wikileaks release)
  • Admits he once believed Guccifer 2.0 did the hack but (pointing to the Bill Binney analysis, and giving it a slightly different focus than he had in September) claims he no longer believes that
  • Invents something about a WaPo report that’s not true, thereby shifting the focus to receiving documents (as opposed to, say, information)
  • Denies he received documents from anyone but not that he saw documents (other than the Wikileaks ones) before they were released

This denial stops well short of explaining why he reached out to Guccifer. And it does nothing to change the record — one backed by his own writing — that Stone reached out because he believed Guccifer, whoever he might be, had hacked the DNC.

At the time Stone reached out to Guccifer (as I pointed out, he misrepresented the timing of this somewhat in his testimony), he believed Guccifer had violated the law by hacking the DNC.

He never does explain to Todd why he did reach out.

Guccifer 2.0 never comes back in the remainder of the interview.

Just weeks ago, when his buddy Sam Nunberg was giving (potentially immunized) testimony to the grand jury, Stone was really really squirrelly about whether his conversations with Guccifer 2.0 put him at legal jeopardy. The confirmation of the GRU tie may provide one reason why he’s so squirrelly.

Update: As Kaspersky’s Aleks Gostev notes, Treasury should know far more on Sergei Afanasyev. RT publicly described him as Deputy Chief of GRU in April 2016. And Molchanov is, at least now, head of GRU’s academy.

Duty of Candor: The Timing of the Sessions News

Since Jeff Sessions fired Andy McCabe Friday night and Trump started ratcheting up his attacks on Robert Mueller, few Republicans have vocally supported Mueller (Jeff Flake, Trey Gowdy, and John McCain are exceptions; all are retiring).

There was, however, this story, reporting that three sources say Jeff Sessions was not as dismissive of George Papadopoulos’ plan to reach out to Russians as JD Gordon has claimed.

Three people who attended the March campaign meeting told Reuters they gave their version of events to FBI agents or congressional investigators probing Russian interference in the 2016 election. Although the accounts they provided to Reuters differed in certain respects, all three, who declined to be identified, said Sessions had expressed no objections to Papadopoulos’ idea.

One person said Sessions was courteous to Papadopoulos and said something to the effect of “okay, interesting.”

The other two recalled a similar response.

“It was almost like, ‘Well, thank you and let’s move on to the next person,’” one said.

As the story notes, this conflicts with Jeff Sessions’ November 14 sworn testimony to the House Judiciary Committee.

So in the wake of the Attorney General firing McCabe for violating his duty of candor, three current or former Trump associates leaked that he lied to the House.

The thing is, there can’t be that many people who these sources could be. I’m not sure the annotations from Seth Abramson (above) are all correct, but here’s what it looks like.

Sessions and Gordon are on the record stating Sessions pushed back. Trump hasn’t testified yet.

One may well be Papadopoulos.

That leaves, starting with Abramson’s guesses (here’s a later list of Trump’s national security advisors, which should round out Abramson’s):

  • Joseph Schmitz, who left his job as DOD IG amid some scandal
  • Bert Mizusawa, who is running for VA Senate and presumably wants some national help, but he is himself a lawyer
  • Jim Hoskins, who’s career military (including a lot of time working in intelligence)
  • Walid Phares, appears to still be pitching Trump’s foreign policy adventurism
  • Gary Harrell, who is career special operations
  • Charles Kubic, who even contemporaneously was raising legal concerns about such outreach (and who would be a likely candidate to have been interviewed by Mueller since he showed up in email chains raising such concerns)
  • James Carafano may be the balding man in the foreground (though he’s not in Trump’s list of advisors) — he’s still running interference for Trump’s crazy foreign policy
  • Sam Clovis, who is not identifiable in the picture, raised concerns about legal issues and NATO concerns, but elsewhere was clearly involved in the effort to reach out to Russia, even per Carter Page; he’s in the news because of the potential conflict Joe Di Genova’s reported representation of Trump poses
  • Keith Kellogg is another possible candidate; he remains part of Trump’s foreign policy team and has been interviewed
  • James Woolsey is another candidate — we know he has spoken with Mueller and has been critical of the tension between the White House, Congress, and FBI of late
  • Stephen Miller was at the meeting and interviewed with Mueller last year; I would think he would be a Sessions loyalist, though

I raise all this because, while Republicans in Congress are largely dodging the issue of protecting Mueller from Trump, some people closer to the investigation are calling Sessions on his hypocrisy. That might be far more dangerous to the Trump administration in the near term.