Last week, I suggested that most commentators were misinterpreting a speech John Brennan made, assuming he intended to implicate just encryption and Edward Snowden in the Paris attack. Given that he repeatedly invoked changes the Europeans have to make, I think he was also complaining about European efforts to reclaim some data (or Internet software) sovereignty, with the effect that US counterterrorism programs are not as comprehensive. For example, to the extent terrorists use non-US based Internet services, they will elude PRISM, with its easy access to metadata and often content. In the wake of the Paris attack, Berlin-based Telegram shut down a bunch of channels ISIS was using, which suggests that may have been what Brennan was complaining about.
Yet that highlights a key issue: before the Snowden revelations, the US (with the UK and other Five Eyes members) largely could claim to exercise counterterrorism hegemony, in part because of our preferential position on the global telecommunications fiber network, in part because our tech companies served much of the world, and in part because many of our allies preferred to have us do the job. Some of the Snowden revelations — and the German investigation into BND’s partnership with NSA — have shown the cost of that: that the US gets European spooks’ help to spy on European targets of interest solely to the US.
It’s probably most effective to have one hegemonic dragnet, but it’s not clear whether it’s healthy (and now that US hegemony is beginning to crack, the dragnet will likely become less effective).
Given the comments of French Finance Minister Sapin today, US dragnet hegemony will continue to crumble. Along with a call to change certain laws on asset seizures and pre-paid bank cards, Sapin called for Europe to develop its own capability to access and analyze SWIFT data.
Sapin said that the SWIFT system had two computer servers, one in Europe and one in the United States, but that Europe currently relied on U.S. authorities to collect and analyze the vast amounts of data flowing through it to detect security issues.
“We Europeans don’t have the capacity to exploit our own data. I don’t think this can carry on this way,” Sapin told a news conference. “Since we do not have the means to analyze the data located in Europe, we transfer all of this data to the Americans, who have the capacity to analyze it.”
As a reminder, access to SWIFT — Society for Worldwide Interbank Financial Telecommunication, the international bank transfer system through which most international transactions take place — has been a contentious issue for some time. Europe tried to demand more equitable access in 2009-2010 when one of the servers for the system got moved to Brussels, only to find the US was cheating on the spirit of the agreement in 2011. What Sapin describes — Europe just sending all its data to the US in bulk — is what came out of that effort to reclaim some control over the data. In the last few years, it has become clear how US control of SWIFT makes it easier to dictate policy, especially regarding sanctions, to allies (I suspect, too, it has been used to collect embarrassing details about EU elite ties to unsavory characters, like Qaddafi). Obviously, having exclusive access to records of who is transferring money to whom can be incredibly valuable for the US, in ways that go well beyond terrorism.
From his comments, it’s unclear whether Sapin says Europe doesn’t have the technical capability or bureaucratic/legal authority to access and analyze this data. Given his explicit comment that the Paris terrorists used pre-paid bank cards to plan their attack (which would probably be adequate to transfer money between Belgium and France), it’s also not clear that the attackers used international transfers that would have shown up on SWIFT. But he’s going to use this opportunity to demand equitable access to the data.
The US would surely love to maintain a monopoly on omniscience. In the name of counterterrorism efficacy, they might be able to make an argument to do so. But either because they’ve already lost that omniscience — or because their dragnet failed to keep France safe — they’re likely to continue to lose that monopoly. It’s not clear that has any benefit for privacy (redundant dragnets are more invasive than single ones). It will likely have consequences for US hegemony more generally.
The policy discussion about the many ways that the Cyber Information Sharing Act not only doesn’t do much to prevent the hacking of public and private networks, but in key ways will make it worse, must be making its mark. Because the Financial Services Roundtable, one of the key corporatist groups backing the bill, released this YouTube full of scary warnings but absolutely zero explanation about what CISA might do to increase cybersecurity.
Indeed, the YouTube is so context free, it doesn’t note that Susan Collins, the first person who appears in the video, has called for mandatory reporting from some sectors (notably, aviation), which is not covered in the bill and might be thwarted by the bill. Nor does it mention that the agency of the second person that appears in the video, Department of Homeland Security Secretary Jeh Johnson, has raised concerns about the complexity of the scheme set up in CISA, not to mention privacy concerns. It doesn’t note that the third person shown, House Homeland Security Chair Michael McCaul, favored an approach that more narrowly targeted the information being shared and reinforced the existing DHS structure with his committee’s bill.
Instead of that discussion … “Death, destruction, and devastation!” “Another organization being hacked!” “Costing jobs!” “One half of America affected!” “What is it going to take to do something?!?!?!”
All that fearmongering and only one mention of the phrase “information sharing,” much less a discussion of what the bill in question really does.
In August, the head of the FSR, Tim Pawlenty, was more honest about what this bill does and why his banks like it so much: because it would help to hide corporate negligence.
“If I think you’ve attacked me and I turn that information over to the government, is that going to be subject to the Freedom of Information Act?” he said, highlighting a major issue for senators concerned about privacy.
“If so, are the trial lawyers going to get it and sue my company for negligent maintenance of data or cyber defenses?” Pawlenty continued. “Are my regulators going to get it and come back and throw me in jail, or fine me or sanction me? Is the public going to have access to it? Are my competitors going to have access to it? Are they going to be able to see my proprietary cyber systems in a way that will give up competitive advantage?”
That is, the banks want to share information with the government so it can help those private corporations protect themselves (without paying for it, really, since banks do so well at dodging taxes), without any responsibility or consequences in return. “Are my regulators going to get [information about how banks got attacked] and come back and throw me in jail, or fine me, or sanction me?” the banks’ paid lobbyist worries. As the author of this bill confirmed last week, this bill will undercut regulators’ authority in case of corporate neglect.
The example of banks dodging responsibility in the past — possibly aided by a similar (albeit more rigorous) information sharing regime under the Bank Secrecy Act — provides all the evidence for how stupid this bill would be. We need corporations to start bearing liability for outright negligence. And this bill provides several ways for them to avoid such liability.
Don’t succumb to bankster inciting fear. America will be less safe if you do.
Last week, the Senate Judiciary Committee had a hearing on Electronic Communication Privacy Act reform, the main goal of which is to provide protection for content served on a third party’s server. Because reform is looking more inevitable in Congress (the House version of the bill has more sponsors than any other), government agencies used the hearing as an opportunity to present their wish list for the bill. That includes asking for an expansion of the status quo for civil agencies, with witnesses from SEC, DOJ, and FTC testifying (DOJ also made some other requests that I hope to return to).
Effectively, the civil agencies want to create some kind of court order that will provide them access to stored content. A number of the agencies’ witnesses — especially SEC’s Andrew Ceresney — claimed that a warrant is the same as an order, which culminated in Sheldon Whitehouse arguing (after 45:30) that an order requiring court review is actually less intrusive than a warrant because the latter is conducted ex parte.
It took until CDT policy counsel (and former ACLU lawyer) Chris Calabrese to explain why that’s not true (after 2:08):
We have conflated two really different and very different things in this committee today. One is a court, some kind of court based on a subpoena and one is a probable cause warrant. These are not the same thing. A subpoena gives you access to all information that is relevant. As pursuant, relevant to a civil investigation, a civil infraction. So if you make a mistake on your taxes, that’s a potential civil infraction. Nothing that has been put forward by the SEC would do anything but be a dramatic expansion of their authority to get at ordinary people’s in-boxes. Not just the subjects of investigation, but ordinary folks who may be witnesses. Those people would have the–everything in their in-boxes that was relevant to an investigation, so a dramatic amount of information, as opposed to probable cause of evidence of a crime. That’s a really troubling privacy invasion.
I’m utterly sympathetic with Calabrese’s (and the EFF’s) argument that the bid for some kind of civil investigative order is a power grab designed to bypass probable cause.
But I wonder whether there isn’t another kind of power grab going on as well — a bid to force banks to be investigated in a certain kind of fashion.
It was really hard, to begin with, to have former and (presumably) future Debevoise & Plimpton white collar defense attorney Andrew Ceresney to talk about how seriously SEC takes it job of “the swift and vigorous pursuit of those who have broken the securities laws through the use of all lawful tools available to us,” as he said in his testimony and during the hearing. There’s just been no evidence of it.
Moreover, as Ceresney admitted, SEC hasn’t tried to obtain email records via an order since the US v. Warshak decision required a warrant in the 6th Circuit, even though SEC believes its approach — getting an order but also providing notice to the target — isn’t governed by Warshak. As SEC Chair Mary Jo White (another revolving door Debevoise & Plimpton white collar defense attorney) said earlier this year,
“We’ve not, to date, to my knowledge, proceeded to subpoena the ISPs,” White said. “But that is something that we think is a critical authority to be able to maintain, done in the right way and with sufficient solicitousness.”
For five years, the SEC hasn’t even tried to use this authority, all while insisting they needed it — even while promising they would remain “solicitous,” if there were any worries about that.
Claims that the SEC needed such authority might be more convincing if SEC was actually pursuing crooks, but there’s little evidence of that.
Which is why I’m interested in this passage, from a letter White sent to Pat Leahy in April 2013 and appended to Ceresney’s testimony, explaining why SEC can’t have DOJ obtain orders for this material.
DOJ only has authority to seek search warrants to advance its own investigations, not SEC investigations. Thus, the Commission cannot request that the DOJ apply for a search warrant on the SEC’s behalf. Second, many SEC investigations of potential civil securities law violations do not involve a parallel criminal investigation, and thus there is no practical potential avenue for obtaining a search warrant in those cases. The large category of cases handled by the SEC without criminal involvement, however, have real investor impact, and are vital to our ability to protect- and, where feasible, make whole – harmed investors.
The only times when SEC would need their fancy new order is if the subject of an investigation refuses to turn information voluntarily, and the threat that they could obtain an order anyway is, according to Ceresney, they key reason SEC wants to maintain this authority (though he didn’t argue the apparent absence of authority has been responsible for SEC’s indolence over the last 5 years). But that act, refusing to cooperate, would get companies more closely into criminal action and — especially under DOJ’s purportedly new policy of demanding that companies offer up their criminal employees — into real risk of forgoing any leniency for cooperation. But White is saying (or was, in 2013, when it was clear Eric Holder’s DOJ wasn’t going to prosecute) that SEC can’t ask DOJ to subpoena something because that would entail a potentially criminal investigation.
Well yeah, that’s the point.
Then add in the presumption here. One problem with prosecuting corporations is they hide their crimes behind attorney-client and trade secret privileges. I presume that’s partly what Sally Yates meant in her new “policy” memo, noting that investigations require a “painstaking review of corporate documents … which may be difficult to collect because of legal restrictions.” SEC’s policy would be designed for maximal privilege claims, because it would involve the subject in the process.
If the legislation were so structured, an individual would have the ability to raise with a court any privilege, relevancy, or other concerns before the communications are provided by an ISP, while civil law enforcement would still maintain a limited avenue to access existing electronic communications in appropriate circumstances from ISPs.
Other criminals don’t get this treatment. Perhaps the problems posed by financial crime — as well as the necessity for broader relevancy based evidence requests — are unique, though I’m not sure I buy that.
But that does seem to be a presumption behind this SEC power grab: retention of the special treatment financial criminals get that has thus far resulted in their impunity.
The NYT had a great editorial that echoes my amazement that the Department of Homeland Security sent an army of agents to take down RentBoy.com this week.
It’s somewhat baffling, though, that taking down a website that operated in plain sight for nearly two decades suddenly became an investigative priority for the Department of Homeland Security and federal prosecutors in Brooklyn. This week, the website’s founder and six employees were charged with violating federal law by facilitating paid sexual encounters.
Kelly Currie, the acting United States attorney for the Eastern District of New York, trumpeted the case against Rentboy.com, calling it an “Internet brothel” that “made millions of dollars from the promotion of illegal prostitution.” The website pulled in $10 million over the past five years, charging escorts for publishing their profiles, according to prosecutors. That’s less revenue than an average McDonald’s franchise generates.
Prosecutors can credibly argue that the site’s operators were breaking the law. But they have provided no reasonable justification for devoting significant resources, particularly from an agency charged with protecting America from terrorists, to shut down a company that provided sex workers with a safer alternative to street walking or relying on pimps. The defendants have not been accused of exploiting sex workers, featuring minors on the website, financial crimes or other serious offenses that would warrant a federal prosecution.
DHS doesn’t seem to know why DHS was involved either. In a statement to the NYT, ICE’s spokesperson, Khaalid Walls, suggests ICE’s jurisdiction arises because this involves the illegitimate movement of people, goods and currency in domestic and foreign transactions, which suggesting the things moved were prostitutes.
Mr. Walls said: “As the investigative arm of the Department of Homeland Security, ICE is responsible for the enforcement of laws that promote the legitimate movement of people, goods and currency in domestic and foreign transactions. Our allegation with this case is that the business and its principals purported itself to be an escort service while promoting criminal acts, namely illegal prostitution.”
I’m rather curious that DHS claims jurisdiction over the movement of goods domestically. But I’m also not sure how a website constitutes moving anything.
But the claim this is about prostitution seems to conflict with ICE’s description of the bust on its website, which claims it’s a financial crime.
As I’ve suggested, I wouldn’t be surprised if ICE used all those hard drives they seized this week to put together the money laundering case they leaked to some outlets. But they haven’t charged it yet. Which would mean they used the prostitution claim to take down an advertising site to be able to get the evidence to charge something that might be more squarely in ICE’s jurisdiction.
Add in the fact that NY DA Cy Vance — the entity that would have direct jurisdiction over prostitution headquartered in NYC — took his office off this release, and I’m genuinely confused about what DHS is doing.
None of that will mean the RentBoy defendants will be able to challenge this on jurisdictional grounds. But it does raise questions about what DHS is really doing.
Motherboard has an interesting new detail on the Silk Road investigation from a mostly refused FOIA.
The few pages released show the following timeline:
June 1, 2011: Gawker publishes this story describing Silk Road.
The DEA has confirmed they are aware of the site, and while they won’t confirm or deny that an investigation is underway, from my years of experience, I’d bet my bottom dollar in this instance there is one underway,
June 6, 2011: NY Organized Crime Drug Enforcement Strike Force gets tasked with investigating Silk Road.
June 15, 2011: DEA opened a Personal History Report for its investigation into Silk Road
I find the Gawker to Schumer to New York law enforcement to feds very interesting given yesterday’s events.
Yesterday, federal officers (overwhelmingly Department of Homeland Security, not FBI) busted the 7 people who run RentBoy.com, the largest online portal for male escorts. In doing so, they put 10,000 sex workers out of business — or pushed them into more dangerous means of meeting customers.
This is the second time the Feds have taken down a sex worker portal. In June 2014, Feds took down RedBook, which included links to ads but also had a lot of chat rooms. At one level, then, that bust was even more of an assault on First Amendment rights, but the operators were also indicted on money laundering charges (and FBI found profiles of people under 18 posting advertisements, which it used to ratchet up the pressure). Thus far, at least, there’s no indication of additional charges against RentBoy’s operators, even though two outlets yesterday claimed there were money laundering charges involved. Though as I’ll explain, I wouldn’t be surprised to see immigration charges, I bet the government will charge the money laundering they’ve already leaked to the press, and I fully expect once the government wades through the servers they seized yesterday, they’ll come up with a list of advertisers who were also underage.
The bust leaves me with several questions. As Conor Friedersdorf asks, why is this a priority of law enforcement? Aren’t there more pressing crimes — like bank money laundering — to pursue, or more dangerous forms of sex trafficking?
Some potential answers may lie in some observations from the complaint.
RentBoy has been operating happily since 1997. So why did the Feds choose to take it down yesterday?
One hint about where this inquiry may have come from is on page 19-20 of the complaint, after all the salacious descriptions of slang for kinds of sex and discussions of a few escorts’ profiles that have been highlighted in other reporting on this. RentBoy twice applied for an H1B for its accountant, Marco Soto Decker.
In September 2010 and March 2013, EASY RENT SYSTEMS, INC. applied to the United States Department of Homeland Security, Citizenship and Immigration Services for an H1-B non-immigrant work visa on behalf of SOTO DECKER. The application identified that EASY RENT SYSTEMS, INC. runs RENTBOY.COM which “revolutionized the escorting industry by moving it online and away from agencies and disreputable bars.” The application also said that SOTO DECKER had been operating as the accountant from July 2012, a position that reported directly to JEFFREY HURANT and which required him to prepare all financial statements and to strategically analyze, manipulate, and interpret financial data “in order to develop strategies and make recommendations critical for the CEO to utilize in his work to successfully mange and grow the company.”
In connection with the application, EASY RENT SYSTEMS, INC. also submitted a job offer letter addressed to SOTO DECKER dated July 20, 2012, which identified the duties and responsibilities of the position. Among those duties was meeting with market, IT, sales, and customer service staff to review monthly expenses and see revenue and expenses optimization; supervising the company’s daily e-commerce transactions; managing the entire accounting, budgeting and reconciliation process for the company’s events, including the HOOKIES [an awards ceremony RentBoy puts on].
The application also included some of EASY RENT SYSTEM, INC.’s books and records. Among the expenses identified was a listing for “Viagra — Sean.” In addition, the application included numerous articles about RENTBOY.COM. Man of those articles identified unambiguously that the escorts advertising on RENTBOY.COM were having sex with their customers in exchange for money.
In other words, RentBoy’s parent company twice applied to DHS for an H1B visa for its accountant, the more recent application of which DOJ alleges included clear evidence the company was buying Viagra for an employee and reporting on the company made it clear that RentBoy sold sex.
Note, the complaint didn’t tell us what happened with those applications. That there were two of them suggests Soto Decker may have either gotten it renewed (I need to double check but I believe it is still the case you can get two H1Bs for a total of 6 years, then you have to go home to your home country for a period) or been denied in the first application. Assuming he got the H1B would also suggest that immigration authorities not only agreed with Easy Rent that Soto Decker was a skilled employee (there’s no reason to doubt that) but also that the company could find no Americans to do an accounting job. Immigration authorities are very lenient with those H1B determinations, but they almost certainly could have refused that visa back in 2013.
Still, that application to DHS in March 2013 was almost 30 months ago, and there’s just one sign I saw of active investigation since in the complaint. That detail appears on page 14.
HURANT was present at the 2015 HOOKIES, where he provided an undercover agent a card with the RENTBOY.COM name on one side. On the opposite side the card says “Jeffrey Davids, Principal.” It also lists his email address as “[email protected]” HURANT was asked by the undercover agent how the Hookies awards started. HURANT responded “Have you ever had sex with anyone and it was so good you had to tell someone? That’s what it’s all about!”
In other words, in March 2013, Easy Rent submitted an H1B application that may have given DHS an opening to start this investigation. Two years later, they had an undercover officer attend the Hookies and get RentBoy’s CEO to say some damning things.
That timeline — if it indeed shows the span of the investigation — is interesting for several reasons.
First, it would suggest the investigation was started while Loretta Lynch was still US Attorney in Eastern District of NY (more on that in a sec). If this investigation started in 2013, it means Lynch, now the Attorney General, may well have been the one ultimately overseeing the investigation.
Second, the investigation — with an undercover officer attending awards ceremonies and who knows what else — was active after the time the head of RedBook pled guilty in December 2014. DOJ had a proof of concept in that earlier bust.
Finally, as a reader noted, the investigation had already started before the time, in July, when a RentBoy escort exposed his discussions with Tim Geithner’s brother, David, at Gawker. That is, this investigation is not retaliation for a RentBoy escort embarrassing the family member of a very powerful New Yorker. But the bust did happen after that. (And if I were that escort, I’d be very worried about what evidence that DHS seized yesterday might be used in a blackmail case against me.)
One more note on timing: One of the employees busted yesterday, Diana Milagros Mattos, left Easy Rent in June, in spite of being its highest commissioned sales agent. There’s no explanation of why she left. I find that worth noting.
I always ask this question, but you have to ask it. Why was this charged in the Eastern District of NY, when RentBoy is headquartered in Manhattan, in the Southern District, and only one of the employees appears to live in EDNY (though the complaint reviews three profiles whose owners live in Brooklyn)? When asked yesterday, one of the Feds apparently simply said, “the Internet is everywhere.” But that response raises more questions than it answers.
I raise this not just for the Loretta Lynch connection, but also because by virtue of JFK airport’s location in EDNY, where many defendants get flown into, the district has developed a slew of precedents having to do with asserting a fairly aggressive jurisdiction overseas. Again, it’s possible this whole thing started from an immigration inquiry. But I wonder whether there’s some more to it, especially since RentBoy has facilities in England.
In other words, is this just the first step in a larger, more international crackdown?
As noted, someone leaked to several outlets yesterday this case involved money laundering, but there’s no hint of that in this complaint or even that they used investigative methods to prove it. While RentBoy’s ISP, Cogent Communications, is mentioned in an aside — in the context of how communications with the ISP described Soto Decker’s responsibilities — there’s no mention of any orders for traffic logs or other electronic service provider records. Still, it’s fairly clear the Feds do have some records from Cogent they aren’t yet telling us about.
Then there’s the means by which the agent who wrote this, Susan Ruiz, identified aliases of some of the employees. In footnote after footnote, she says she compared the defendant’s driver’s license picture with an online picture and decided they were the same person. Neither those aliases nor the means by which she identified them are critical at this point. But I would suggest she almost certainly used more reliable means to connect the identities of these people. That could just be an insider’s testimony, but it could also include traffic logs connecting certain computers with the online profiles using those aliases.
In other words, I suspect they’ve got electronic records they don’t want to tell us about, even as simply as records obtained from Cogent using a subpoena.
As the complaint makes clear, RentBoy has clear warnings against advertising sex and prices (which will be one of the defenses the accused will use). It bills itself as an escort site that will not permit the selling of sex.
To prove that the profiles the complaint describes in depth involve prostitution, it relies heavily on DaddysReviews.com, which is a review site that not only describes completed acts of sex, but the price paid for that sex.
I’m going to ask people who know the industry better than I about this. But I do wonder why DHS and DOJ chose to bust the site that doesn’t explicitly tie sex to payment, but didn’t bust the one that does.
Update: One suggestion on this question is that DaddysReviews wouldn’t be prosecuted because they don’t take money.
Two weeks after floating a story to the NYT the Obama asked for some creative ways to retaliate against China for the OPM hack, the NYT reported (in both English and a prominently linked Chinese translation) that “in recent weeks” the US told agents trying to chase down Chinese nationals accused of corruption to get out.
The Obama administration has delivered a warning to Beijing about the presence of Chinese government agents operating secretly in the United States to pressure prominent expatriates — some wanted in China on charges of corruption — to return home immediately, according to American officials.
The American officials said that Chinese law enforcement agents covertly in this country are part of Beijing’s global campaign to hunt down and repatriate Chinese fugitives and, in some cases, recover allegedly ill-gotten gains.
The Chinese government has officially named the effort Operation Fox Hunt.
The American warning, which was delivered to Chinese officials in recent weeks and demanded a halt to the activities, reflects escalating anger in Washington about intimidation tactics used by the agents. And it comes at a time of growing tension between Washington and Beijing on a number of issues: from the computer theft of millions of government personnel files that American officials suspect was directed by China, to China’s crackdown on civil liberties, to the devaluation of its currency.
Operation Fox Hunt is not new — or secret. It has been covered before by the US press, including updates on how many people official Chinese sources claim they have gotten to return for prosecution. The NYT follow-up admits — though the original didn’t provide the same level of detail — that DHS agreed in April to prosecute Chinese economic fugitives (which would extend the US habit of asserting jurisdiction where none exists) if provided real evidence of corruption.
But in April, the Department of Homeland Security worked out a new arrangement with China’s Ministry of Public Security, which oversees Operation Fox Hunt, to assist Beijing’s efforts to prosecute economic fugitives according to United States law. American officials, however, say China has so far failed to provide the necessary evidence.
Both NYT articles mention what the WSJ reports in more depth, including details of how these operatives are working: Among the economic fugitives in the US China is aggressively pursuing is Ling Wangcheng, the brother of a former top Hu Jintao aide
Mr. Ling’s brother was a top aide to China’s previous president, Hu Jintao, but was placed under investigation by the Communist Party in December and formally accused in July of bribe-taking, adultery and illegally obtaining state secrets.
For much of 2014, Mr. Ling was living under an alias in a mansion in a gated community in Loomis, Calif., near Sacramento, with Mr. Yuan’s ex-wife, neighbors said. The couple hasn’t been seen there since around October.
Mr. Ling is now the focus of political intrigue that could overshadow a visit to the U.S. in September by China’s leader, Xi Jinping.
Diplomats and analysts said Mr. Ling might have had access through this brother to sensitive information about Chinese leaders. If he sought political asylum, Mr. Ling would be the most significant Chinese defector in decades.
It isn’t clear why Mr. Ling, 55 years old, moved to the U.S. in 2013 or 2014. He lost touch with many friends in China around last fall, a family acquaintance said, but later reassured friends he was safe in the U.S.
The implication from this — and other recent reporting on Ling — is that he did get asylum in October, and has been cooperating with US authorities.
All that is probably only tangentially related to the US leak of its earlier decision — taken precisely as the US tries to find a way to retaliate for the OPM hack — to start cracking down on this Chinese effort.
There are two things I haven’t seen mentioned in coverage of this. First, remember that the US has engaged in a similar effort, using an offer of amnesty for rich tax cheats who had stashed their money in Swiss banks (though there have been what I believe to be similar efforts on the part of the US to expose tax cheats that have mostly focused on non-US citizens).
And don’t forget the lengths to which the US went to get someone who had top secrets to come back to the US, including when it had Austria ground Evo Morales’ plane so it could search for Edward Snowden.
In any case, I suspect the US used Operation Fox Hunt as an opportunity to let China know it knew of these admitted agents. Sort of a way for the US to tell China we know where its operatives in the US are, just as it knows where our operatives are in China, thanks to the OPM hack.
For its part, China’s Xinhua paper has scolded the US for harboring crooks (and provided slightly different details of the agreement pertaining to Fox Hunt).
Corruption is not only a serious problem in China, but also in the rest of the world. And in a world which is more and more connected, countries should take coordinated efforts in fighting corruption.
Although there is no extradition agreement between the United States and China, the two countries actually have already agreed on anti-corruption cooperation.
In April 2015, U.S. Homeland Security Secretary Jeh Johnson met Chinese Public Security Minister Guo Shengkun in Beijing, and they agreed to strengthen cooperation in law enforcement.
They agreed not to provide shelter for the other side’s fugitives and would try to repatriate them in accordance with law. Specifically, Johnson also promised to actively support China’s “Sky Net” and “Fox Hunt” operations, which aim to bring back corrupt officials.
So the U.S. government’s decision to force China’s law enforcement stuff to leave the country obviously reveals that Washington lacks sincerity and has failed to translate its words into action.
Some analysts even say that the United States is reluctant to repatriate those corrupt officials for the sake of their money of course.
Therefore, the United States, as a country that often stresses the rule of law, should clarify the issue and by no means become a safe haven for Chinese criminal suspects.
The US may have decided this would be an easy way to push back on China, but that won’t prevent China from scoring points from it.
When Michael Chertoff made the case against back doors, he noted that if the government moved to require back doors, it would leave just the bad guys with encrypted communications.
The second thing is that the really bad people are going to find apps and tools that are going to allow them to encrypt everything without a back door. These apps are multiplying all the time. The idea that you’re going to be able to stop this, particularly given the global environment, I think is a pipe dream. So what would wind up happening is people who are legitimate actors will be taking somewhat less secure communications and the bad guys will still not be able to be decrypted.
I doubt he had the Transnational Crime Organizations on Wall Street in mind when he talked about the bad guys “still not be able to be decrypted.”
But HSBC, JP Morgan Chase, Citi, Deutsche Bank, Goldman Sachs and the other big banks supporting Symphony Communications — a secure cloud based communications system about to roll out — are surely among the world’s most hard-core recidivists, and their crime does untold amount of damage to ordinary people around the globe.
Which is why I’m so amused that Elizabeth Warren has made a stink about the imminent rollout of Symphony and whether it will affect banks’ ability to evade what scant law enforcement might be thrown their way.
I have  concerns about how the biggest banks use of this new communications tool will impact compliance and enforcement by the Department of Justice [Warren sent versions of the letter to 6 regulators] at the federal level.
My concerns are exacerbated by Symphony’s publicly available descriptions of the new communications system, which appear to put companies on notice — with a wink and a nod — that they can use Symphony to reduce compliance and enforcement concerns. Symphony claims that “[i]n the past, communication tools designed for the financial services sector were limited in reach and effectiveness by strict regulatory compliance … We’re changing the communications paradigm” The company’s website boasts that it has special tools to “prevent government spying,” and “there are no backdoors,” and that “Symphony has designed a specific set of procedures to guarantee that data deletion is permanent.”
Warren is right to be concerned. These are serial conspiracists on a global scale, and (as Warren notes elsewhere) they’ve only been caught — to the extent that hand slaps count as being caught — when DOJ found the chat rooms in which they’ve colluded.
That said, the banks, too, have real reason to be concerned. The stated reason they give for pushing this project is Bloomberg’s spying on them — when they were using Bloomberg chat — for reporting reasons, which was revealed two years ago. The reference to government spying goes beyond US adversaries, though I’m sure both real adversaries, like China, and competitors, like the EU, are keeping watch on the banks to the extent they can. But the US has spied on the banks, too. As the spy agency did with Google, the NSA spied on SWIFT even though it also had a legal means to get that data. I wouldn’t be surprised if the rise in bank sanctions violations in recent years stemmed from completely necessary spying if you’re going to impose sanctions, but spying that would compromise the banks, too. Remember, too, that the Treasury Department has, at least as of recently, never complied with EO 12333’s requirement for minimization procedures to protect US persons, which would include banks.
And there have even been cases of hacker-insider trader schemes of late.
So banks are right to want secure communications. And while these banks are proven crooks — and should be every bit the worry to Jim Comey as ISIS’s crappier encryption program, if Comey believes in hunting crime — the banks should be reined in via other means, not by making them insecure.
If we’re going to pretend — and it is no more than make-believe — that the banks operate with integrity, then they need to have secure communications. But without that make-believe, a lot of the important fictions America tells itself about capitalism start to fall apart.
Which is my way of saying that the 6 regulators need to think through how they can continue to regulate recidivist crooks who have their own secure messaging system, but that the recidivist crooks probably need a secure messaging system (though having their own might be a stretch).
If Jim Comey is going to bitch and moan about criminals potentially exploiting access to encrypted communications, then he should start his conversation with the banks, not Apple. If he remains silent about this gang and their secure communications, then he needs to concede, once and for all, that actual humans need to have access to the same privilege of secure communications.
On this topic, see also District Sentinel’s piece on this.
I’ve written a lot about how neoliberalism has been counterproductive for any soft war we’re waging against ISIS, Russia, or China. We keep forcing allies and client states — including post Arab Spring Egypt and, especially, Ukraine — to adopt neoliberal policies. That creates more instability at precisely the time the new regime (like it or not) is trying to consolidate.
Neoliberalism doesn’t offer much benefit for many of the hearts and minds we’d like to win over.
But it has helped someone.
According to this fascinating WaPo analysis (and underlying study), the reason Syrian elites and their banks have been able to withstand sanctions is because Bashar al-Assad adopted (mixed) neoliberal policies when he assumed control. It created an interconnected elite whose ties with were Assad more inextricably linked than they had previously been, such that people doing business with sanction targets have too much invested in the regime itself to stop doing business with the sanctioned entities.
Bashar aimed to revamp the three decades of populist structure in an ‘authoritarian upgrading’ to pursue neoliberal economic policies, eventuallyshifting public assets to a network of crony capitalists close to the regime. The abandonment of socialist policies in a post-populist era culminated with the establishment of the Damascus Securities Exchange (DSE) in 2009. The number of firms listed on the exchange has since grown, even after 2011, and currently comprises 23 companies spanning sectors such as transport, media, industry, agriculture, banking and insurance.
The newly established Syrian private banking system redistributed the monopolistic market share of public banks with private lenders, while maintaining a degree of protectionism so the state-owned banks preserved their banking services monopoly. This arrangement was part of what Raymond Hinnebusch termed a ‘middle way’ of allowing the expansion of the private sector while ostensibly reforming state owned enterprises.
The booming private banks attracted politically connected businessmen, including many former politicians and senior security officials, natural partners for foreign institutional investors for whom a 49 percent Syrian ownership was required for an operating license until 2010.
Thorough review of disclosures made by publicly listed private banks on the DSE indicate a similar trend, in which prominent Syrian businessmen— some of whom have been sanctioned for their support to the regime— own a substantial number of shares and even sit on the board of directors in multiple banks. As my research shows, there are at least 23 individual investors whose shareholdings exceed 1 million shares. With more than 36 million shares in aggregate, these individuals make up at least 4.5 percent of overall shares of private banks and 11 percent of total retail investors’ stock ownership.
This is symptomatic of the emergence of a new generation of ‘regime businessmen,’ whose relationship with the state transformed from a de facto alliance since Bashar al-Assad came to power to the central backbone of the regime now. Through joint business ventures and inter-family marriages, this alliance translated into the regime businessmen’s dominance of profitable sectors, including energy, banking and finance, construction, and tourism, and has in turn ensured the regime’s economic survival.
Most of these businessmen have substantial investments in the country that outweighed their overseas assets and commercial interests. Their inextricable connections with the ruling political elite have made them highly invested in the survival of the regime.
I suspect the same is true of Russia.
That’s not all that surprising. With the exception of the largest banks, our business elite is pretty committed to the US regime, largely as a result of the cronyist benefits that those ties afford.
Indeed, the analysis raises more general questions about whether neoliberalism makes dangerous regimes more resilient.
But I also note the irony.
The other day I dismissed US disdain for Mexico at its inability to keep Chapo Guzmán jailed. After all, I pointed out, we don’t even try to imprison our Transnational Crime Organization bosses.
At the Intercept yesterday, DDay pointed out another example. After JP Morgan Chase and Citigroup pled guilty to forex fraud, the Department of Housing and Urban Development “changed their form” for FHA insurance, so as to permit those TCOs to continue to have taxpayers insure their customers’ loans.
On May 20 of this year, JPMorgan Chase and Citigroup both entered a guilty plea on one felony count of conspiring to rig foreign currency exchange trades, the largest market on the globe.
Five days earlier, on May 15, HUD slipped a notice into the Federal Register, seeking to alter its standard loan-level certification form, known as HUD-92900-A. This form must be filled out for lenders to receive FHA insurance, which reimburses them if the homeowner falls into foreclosure.
On the current HUD-92900-A form, lenders must certify that their firm and its principals “have not, within a three-year period … been convicted of or had a civil judgment rendered against them” for a variety of crimes, including “commission of fraud … violation of Federal or State antitrust statutes or commission of embezzlement, theft, forgery, bribery, falsification or destruction of records, making false statements or receiving stolen property.”
JPMorgan and Citi’s guilty plea would fall under the antitrust statute, and according to Brown, Warren and Waters’ reading of the certification, that would make them ineligible to obtain FHA insurance on their loans.
On the updated form, this language has been excised.
As Senators Sherrod Brown and Elizabeth Warren and Congresswoman Maxine Waters read it, this will eliminate what should have been one of the biggest impacts of the TCOs’ guilty plea.
Again, Jamie Dimon’s tunnel may not be so spectacular as Guzmán’s. But that’s partly because even more parts of government are helping him to escape any punishment for his TCO’s crimes.