How the White House’s Tolerance for Wife-Beaters Exposed That It Was Harboring Counterintelligence Threats

There are a lot of important lessons about the White House’s protection and promotion of Rob Porter even after the FBI informed the White House about his serial wife beating: about White House’s tolerance for conflicts, about John Kelly’s overblown competence. If you haven’t read Dahlia Lithwick’s piece on what it says about society’s response to domestic abuse more generally, absolutely do.

There are also multiple theories about how this all came to light, whether the recent girlfriend who learned of the abuse after talking to the ex-wives about Porter’s philandering made it happen, or whether the FBI did so in the wake of White House involvement in the Devin Nunes saga.

Whatever the answers to those issues, it’s now clear what just or is about to happen.

Last night, the WaPo answered a question that should have been answered at yesterday’s presser. There are dozens of people working in the White House who, like Porter, have not yet received clearance. Starting with the son-in-law that has been remapping the world while under active counterintelligence investigation for shaping policy in a way that may stave off familial bankruptcy.

Dozens of White House employees are awaiting permanent security clearances and have been working for months with temporary approvals to handle sensitive information while the FBI continues to probe their backgrounds, according to U.S. officials.

People familiar with the security-clearance process said one of those White House officials with an interim approval is Jared Kushner — the president’s son-in-law and one of his most influential advisers.

Then Politico provided the other, even more critical piece of this puzzle: FBI already told the White House that Porter and others would not get security clearance. And there are witnesses that Kelly knew about these multiple White House aides and thought they should be fired.

White House chief of staff John Kelly was told several weeks ago that the FBI would deny full security clearances to multiple White House aides who had been working in the West Wing on interim security clearances.

Those aides, according to a senior administration official, included former White House staff secretary Rob Porter, who left the White House on Thursday after reports that he physically and verbally abused his two ex-wives.

The White House chief-of-staff told confidants in recent weeks that he had decided to fire anyone who had been denied a clearance — but had yet to act on that plan before the Porter allegations were first reported this week.

I figure around about noon we’ll learn Jared was one of the others.

Remember: according to Supreme Court precedent, the President has final authority on matters of clearance. So if Trump wants to override the FBI’s determination, he can. Which he might get away with so long as it remained secret, so long as the press didn’t know that a bunch of people were working with the country’s most sensitive information even though the FBI had told the White House it was a very bad idea to let them. And know which ones they were.

But whether through the coincidental timing of a bunch of women refusing to let a serial abuser go on with his life or through orchestration by the Bureau or both, any effort to keep secret that the White House was delaying the obvious counterintelligence choice or even perhaps planning to defy the FBI about it is in the process of being exposed.

Trump is reportedly consulting now with two of the most likely counterintelligence problems, Jared and (on her own right, because of her own dodgy business deals) Ivanka, on a staff shake-up to try to make this problem go away.

Has Hal Martin Finally Gotten the Government to Admit He Didn’t Feed Shadow Brokers?

Hal Martin may finally get a plea deal.

On Tuesday, Martin’s (excellent) public defender James Wyda asked to cancel a guilty plea to one of the 20 charges against him which had been scheduled for next week, stating that continuing negotiations may settle the whole case.

The defense requests a cancellation of the Rule 11 guilty plea hearing currently scheduled for January 22, 2018. The parties are continuing negotiations with the hope of resolving the entire case.

As John Gerstein had previously reported, last month Martin unilaterally moved to plead guilty to retaining one document described as “a March 2014 NSA leadership briefing outlining the development and future plans for a specific NSA organization,” though the government still threatened to ask for the maximum sentence on that one charge. But something changed since then to reinvigorate plea discussions.

I’m particularly interested in the schedule Judge Marvin Garbis had set in response to Martin’s bid to plead to one charge. The plea would have triggered a CIPA review, the process by which judges decide what classified information is necessary for a criminal trial, often in substitute form.

This is to confirm, as stated at the conference held this date:

1. On January 8, 2018, Defendant shall file a letter including its version of the statement of facts as to Count One of the Indictment.

2. Defendant Martin intends to plead guilty to Count One on January 22, 2018 at 10:00 A.M.

3. Defendant Martin expects to file a CIPA § 4 submission on January 26, 2018.

4. The Government shall make an ex parte presentation regarding its contentions and its pending CIPA § 4 motion in an on-the-record sealed proceeding on February 1, 2018 commencing at 10:00 A.M.

5. Defendant Martin shall make an ex parte presentation regarding its contentions and its forthcoming CIPA § 4 submission in an on-the-record sealed proceeding at a time to be scheduled by further Order.

That’s presumably an indication that Martin wanted to use classified evidence to mitigate his sentence. And all of this has happened in a six week extension Martin’s lawyers asked for on December 8, explaining that they had only just gotten access to information seized (back in August 2016) from Martin’s car and home.

On November 28, 2017, we had the opportunity to conduct an evidence review at the Baltimore FBI Field Office’s Sensitive Compartmented Information Facility for the first time of some of the items allegedly seized from Mr. Martin’s car and residence. In light of the volume of material made available for our review, we expect to return to the FBI multiple more times to review the remainder of the items.

All of which suggests the defense saw something in their classified discovery that made them think they can mitigate Martin’s sentence and, possibly, eliminate the government’s interest in trying him for those other 19 retained documents.

So to recap: on December 8, Martin’s lawyers ask for more time. On December 22, he moves to plead guilty. In the last few weeks, the judge set in motion the process to allow Martin to use classified information in his sentencing (and his lawyers submitted their version of what he would plead guilty to). And now a plea deal may be in the offing.

All that happened in the wake of Nghia Hoang Pho pleading guilty on December 1, after some interesting timing delays as well, timing which I laid out here.

The actual plea deal is dated October 11. It states that “if this offer has not been accepted by October 25, 2017, it will be deemed withdrawn.” The information itself was actually signed on November 29. Friday, the actual plea, was December 1.

So while there’s not a substantial cooperation component in the plea deal, certainly a substantial amount of time took place in that window, enough time to cooperate.

And consider the news coverage that has happened during that period. The initial plea offer was made in the week following a big media blitz of stories blaming Pho (and through him Kaspersky) for the Russian theft of NSA tools. In the interim period between the offer and the acceptance of the plea deal, Kaspersky confirmed both verbally and then in a full incident report that his AV had found the files in question, while noting that a third party hacker had compromised Pho’s machine during the period he had TAO’s tools on it.

In other words, after at least an 18 month investigation, Pho finally signed a plea agreement as the media started blaming him for the compromise of these tools.

In that plea deal, the government noted that they could have charged Pho as they had charged Martin, with one count for each retained file (though in reality Martin got charged for a tiny fraction of what he brought home).

During much of that period, Harold Martin was in custody and under investigation for a similar crime: bringing a bunch of TAO tools home and putting them on his computer. Only, unlike Pho, Martin got slammed with a 20-count indictment, laying a range of files, and not just files from NSA. Indeed, the Pho plea notes,

This Office and the Defendant agree that the Defendant’s conduct could have been charged as multiple counts. This Office and the Defendant further agree that had the Defendant been convicted of additional counts, … those counts would not group with the count of conviction, and the final offense level would have increased by 5 levels.

That is, the government implicity threatened Pho to treat him as Martin had been, with a separate charge tied to the individual files he took.

Now, perhaps that’s all that Martin’s lawyers were going to note, that a similarly situated defendant in the same district had been able to plead guilty to a single charge.

But I wonder if there’s not more, specifically related to that plea, pertaining to the real source of the Shadow Brokers files. That is, if Pho was permitted to plead guilty after having making the Shadow Brokers files accessible to third party hackers coming in after Kaspersky’s AV got shut down, then why couldn’t Martin, whose files were air gapped from such measures, obtain a similar plea?

Why I Left The Intercept: The Surveillance Story They Let Go Untold for 15 Months

The Intercept has a long, must-read story from James Risen about the government’s targeting of him for his reporting on the war on terror. It’s self-serving in many ways — there are parts of his telling of the Wen Ho Lee, the Valerie Plame, and the Jeffrey Sterling stories he leaves out, which I may return to. But it provides a critical narrative of DOJ’s pursuit of him. He describes how DOJ tracked even his financial transactions with his kids (which I wrote about here).

The government eventually disclosed that they had not subpoenaed my phone records, but had subpoenaed the records of people with whom I was in contact. The government obtained my credit reports, along with my credit card and bank records, and hotel and flight records from my travel. They also monitored my financial transactions with my children, including cash I wired to one of my sons while he was studying in Europe.

He also reveals that DOJ sent him a letter suggesting he might be a subject of the investigation into Stellar Wind.

But in August 2007, I found out that the government hadn’t forgotten about me. Penny called to tell me that a FedEx envelope had arrived from the Justice Department. It was a letter saying the DOJ was conducting a criminal investigation into “the unauthorized disclosure of classified information” in “State of War.” The letter was apparently sent to satisfy the requirements of the Justice Department’s internal guidelines that lay out how prosecutors should proceed before issuing subpoenas to journalists to testify in criminal cases.

[snip]

When my lawyers called the Justice Department about the letter I had received, prosecutors refused to assure them that I was not a “subject” of their investigation. That was bad news. If I were considered a “subject,” rather than simply a witness, it meant the government hadn’t ruled out prosecuting me for publishing classified information or other alleged offenses.

But a key part of the story lays out the NYT’s refusals to report Risen’s Merlin story and its reluctance — until Risen threatened to scoop him with his book — to publish the Stellar Wind one.

Glenn Greenwald is rightly touting the piece, suggesting that the NYT was corrupt for acceding to the government’s wishes to hold the Stellar Wind story. But in doing so he suggests The Intercept would never do the same.

That’s not correct.

One of two reasons I left The Intercept is because John Cook did not want to publish a story I had written — it was drafted in the content management system — about how the government uses Section 702 to track cyberattacks. Given that The Intercept thinks such stories are newsworthy, I’m breaking my silence now to explain why I left The Intercept.

I was recruited to work with First Look before it was publicly announced. The initial discussions pertained to a full time job, with a generous salary. But along the way — after Glenn and Jeremy Scahill had already gotten a number of other people hired and as Pierre Omidyar started hearing from friends that the effort was out of control — the outlet decided that they were going to go in a different direction. They’d have journalists — Glenn and Jeremy counted as that. And they’d have bloggers, who would get paid less.

At that point, the discussion of hiring me turned into a discussion of a temporary part time hire. I should have balked at that point. What distinguishes my reporting from other journalists — that I’m document rather than source-focused (though by no means exclusively), to say nothing of the fact that I was the only journalist who had read both the released Snowden documents and the official government releases — should have been an asset to The Intercept. But I wanted to work on the Snowden documents, and so I agreed to those terms.

There were a lot of other reasons why, at that chaotic time, working at The Intercept was a pain in the ass. But nevertheless I set out to write stories I knew the Snowden documents would support. The most important one, I believed, was to document how the government was using upstream Section 702 for cybersecurity — something it had admitted in its very first releases, but something that it tried to hide as time went on. With Ryan Gallagher’s help, I soon had the proof of that.

The initial hook I wanted to use for the story was how, in testimony to PCLOB, government officials misleadingly suggested it only used upstream to collect on things like email addresses.

Bob Litt:

We then target selectors such as telephone numbers or email addresses that will produce foreign intelligence falling within the scope of the certifications.

[snip]

It is targeted collection based on selectors such as telephone numbers or email addresses where there’s reason to believe that the selector is relevant to a foreign intelligence purpose.

[snip]

It is also however selector-based, i.e. based on particular phone numbers or emails, things like phone numbers or emails.

Raj De:

Selectors are things like phone numbers and email addresses.

[snip]

A term like selector is just an operational term to refer to something like an email or phone number, directive being the legal process by which that’s effectuated, and tasking being the sort of internal government term for how you start the collection on a particular selector.

[snip]

So all collection under 702 is based on specific selectors, things like phone numbers or email addresses.

Brad Wiegmann:

A selector would typically be an email account or a phone number that you are targeting.

[snip]

So that’s when we say selector it’s really an arcane term that people wouldn’t understand, but it’s really phone numbers, email addresses, things like that.

[snip]

So putting those cases aside, in cases where we just kind of get it wrong, we think the email account or the phone is located overseas but it turns out that that’s wrong, or it turns out that we think it’s a non-U.S. person but it is a  U.S. person, we do review every single one to see if that’s the case.

That PCLOB’s witnesses so carefully obscured the fact that 702 is used to collect cybersecurity and other IP-based or other code collection is important for several reasons. First, because collection on a chat room or an encryption key, rather than an email thread, has very different First Amendment implications than collecting on the email of a target. But particularly within the cybersecurity function, identifying foreignness is going to be far more difficult to do because cyberattacks virtually by definition obscure their location, and you risk collecting on victims (whether they are hijacked websites or emails, or actual theft victims) as well as the perpetrator.

Moreover, the distinction was particularly critical because most of the privacy community did not know — many still don’t — how NSA interpreted the word “facility,” and therefore was missing this entire privacy-impacting aspect of the program (though Jameel Jaffer did raise the collection on IP addresses in the hearing).

I had, before writing up the piece, done the same kind of iterative work (one, two, three) I always do; the last of these would have been a worthy story for The Intercept, and did get covered elsewhere. That meant I had put in close to 25 hours working on the hearing before I did other work tied to the story at The Intercept.

I wrote up the story and started talking to John Cook, who had only recently been brought in, about publishing it. He told me that the use of 702 with cyber sounded like a good application (it is!), so why would we want to expose it. I laid out why it would be questionably legal under the 2011 John Bates opinion, but in any case would have very different privacy implications than the terrorism function that the government liked to harp on.

In the end, Cook softened his stance against spiking the story. He told me to keep reporting on it. But in the same conversation, I told him I was no longer willing to work in a part time capacity for the outlet, because it meant The Intercept benefitted from the iterative work that was as much a part of my method as meetings with sources that reveal no big scoop. I told him I was no longer willing to work for The Intercept for free.

Cook’s response to that was to exclude me from the first meeting at which all Intercept reporters would be meeting. The two things together — the refusal to pay me for work and expertise that would be critical to Intercept stories, as well as the reluctance to report what was an important surveillance story, not to mention Cook’s apparent opinion I was not a worthy journalist — are why I left.

And so, in addition to losing the person who could report on both the substance and the policy of the spying that was so central to the Snowden archives, the story didn’t get told until 15 months later, by two journalists with whom I had previously discussed 702’s cybersecurity function specifically with regards to the Snowden archive. In the interim period, the government got approval for the Tor exception (which I remain the only reporter to have covered), an application that might have been scrutinized more closely had the privacy community been discussing the privacy implications of collecting location-obscured data in the interim.

As recently as November, The Intercept asked me questions about how 702 is actually implemented because I am, after all, the expert.

So by all means, read The Intercept’s story about how the NYT refused to report on certain stories. But know that The Intercept has not always been above such things itself. In 2014 it was reluctant to publish a story the NYT thought was newsworthy by the time they got around to publishing it 15 months later.

On Jim Baker’s Non-Prosecution for Leaking

The WaPo provides details on something that right wing propagandists had used to slam FBI General Counsel Jim Baker (who, the article notes, is being reassigned within FBI). The leak investigation into Baker must pertain to the Yahoo scan.

For months, Baker had become caught up in what some law enforcement officials considered a particularly frustrating probe of a leak involving the FBI, the National Security Agency and stories that appeared about a year ago involving surveillance techniques for a particular email provider, according to people familiar with the matter.

Some NSA officials were concerned that too much had been revealed about a classified program in an effort to correct a prior report, these people said.

“Jim was distressed about it but was confident he hadn’t leaked anything’’ and would be cleared, one U.S. official said.

A respected veteran prosecutor was assigned to the case, but people close to the matter said the investigation had petered out recently and charges were not expected to be filed.

The leak probe frustrated some law enforcement officials, who said officials were caught up in it only because they had tried to prevent misinformation about surveillance capabilities from spreading among the public and lawmakers. Others said the very existence of the investigation was mostly due to a disagreement between two agencies, according to people familiar with the matter.

The story that the government had obtained authority to scan all of Yahoo’s emails for some signature tied to either a foreign government or a terrorist organization (or most likely, Iran, which the US considers both) was first broken by Reuters, which claimed the scan happened under Section 702. But as I laid out here, Charlie Savage (who has written an entire billion page book on such matters) reported, more plausibly, that it was done under a targeted FISA order. Not only did the discrepancy in stories raise concerns about how Section 702 was being applied, but it led a lot of surveillance critics who had heretofore not understood things they were lobbying about to newly examine what the term “facility” meant.

From the context, it seems likely that Baker was trying to correct initial reports that the scan occurred under Section 702, which probably had a salutary effect on this year’s debate; no one has raised questions about that Yahoo scan (though surveillance critics have proven that they didn’t internalize the lesson  of the exchange to learn that the government has long interpreted facility more broadly than they understood).

If all that’s right, the spooks should be happy that Baker corrected the record. Heck, Baker could probably point to my work for proof that the definition of “facility” was actually known to people he hasn’t ever spoken with.

[S]tarting in 2004 and expanded in 2010, “facility” — the things targeted under FISA — no longer were required to tie to an individual user or even a location exclusively used by targeted users.

When Kollar-Kotelly authorized the Internet dragnet, she distinguished what she was approving, which did not require probable cause, from content surveillance, where probable cause was required. That is, she tried to imagine that the differing standards of surveillance would prevent her order from being expanded to the collection of content. But in 2007, when FISC was looking for a way to authorize Stellar Wind collection — which was the collection on accounts identified through metadata analysis — Roger Vinson, piggybacking Kollar-Kotelly’s decision on top of the Roving Wiretap provision, did just that. That’s where “upstream” content collection got approved. From this point forward, the probable cause tied to a wiretap target was freed from a known identity, and instead could be tied to probable cause that the facility itself was used by a target.

There are several steps between how we got from there to the Yahoo order that we don’t have full visibility on (which is why PCLOB should have insisted on having that discussion publicly). There’s nothing in the public record that shows John Bates knew NSA was searching on non-email or Internet messaging strings by the time he wrote his 2011 opinion deeming any collection of a communication with a given selector in it to be intentional collection. But he — or FISC institutionally — would have learned that fact within the next year, when NSA and FBI tried to obtain a cyber certificate. (That may be what the 2012 upstream violation pertained to; see this post and this post for some of what Congress may have learned in 2012.) Nor is there anything in the 2012 Congressional debate that shows Congress was told about that fact.

One thing is clear from NSA’s internal cyber certificate discussions: by 2011, NSA was already relying on this broader sense of “facility” to refer to a signature of any kind that could be associated with a targeted user.

The point, however, is that sometime in the wake of the 2011 John Bates opinion on upstream, FISC must have learned more about how NSA was really using the term. It’s not clear how much of Congress has been told.

The leap from that — scanning on telephone switches for a given target’s known “facility” — to the Yahoo scan is not that far. In his 2010 opinion reauthorizing the Internet dragnet, Bates watered down the distinction between content and metadata by stripping protection for content-as-metadata that is also used for routing purposes. There may be some legal language authorizing the progression from packets to actual emails (though there’s nothing that is unredacted in any Bates opinion that leads me to believe he fully understood the distinction). In any case, FISCR has already been blowing up the distinction between content and metadata, so it’s not clear that the Yahoo request was that far out of the norm for what FISC has approved.

Which is not to say that the Yahoo scan would withstand scrutiny in a real court unaware of the FISC precedents (including the ones we haven’t yet seen). It’s just to say we started down this path 12 years ago, and the concept of “facilities” has evolved such that a search for a non-email signature counts as acceptable to the FISC.

Of course, the better option is to stop playing word games and explain to everyone what facility actually means, and point out that that interpretation has been in place since 2007.

All that said, this is yet another example where a cherished government official can engage in behavior that others go to prison for. As I’ve pointed out, for example, the Jeffrey Sterling case codified the precedent that someone can go to prison for four minutes and 11 seconds of phone conversations during which you provide unclassified tips about classified information they know.

The Fourth Circuit just codified the principle that you can go to prison for four minutes and 11 seconds of phone calls during which you tell a reporter to go find out classified details you know about.

That’s probably pretty close to what Baker got investigated for. Obviously, doing so as a General Counsel is a different function than as a whistleblower. And whatever conversations Baker had probably took place in DC, so outside of the Fourth Circuit where that precedent stands.

I have no doubt that non-prosecution, if I’ve gotten the facts of the case correct, is the correct decision. But so should it be for others in similar situations, others treated differently because they’re not part of the FBI.

More importantly, the government’s so-called transparency should be such that experts like the surveillance critics who didn’t know how facility is used don’t have to get leaks to understand basic facts about the surveillance they discuss.

On the Timing of the Nghia Hoang Pho Plea

Last Friday, the guy responsible for getting a bunch of NSA hacking tools stolen from his home computer, 67-year old Nghia Hoang Pho, pled guilty to willful retention of classified information. His plea hearing was held in secret; according to the NYT which broke the story, “one courtroom official described the charges against Mr. Pho as ‘super-sealed’ before the hearing.”

According to the information supporting his guilty plea, Pho had been bringing NSA files home for 5 years, from 2010 to 2015.

I want to note something about the timing of the plea. The actual plea deal is dated October 11. It states that “if this offer has not been accepted by October 25, 2017, it will be deemed withdrawn.” The information itself was actually signed on November 29. Friday, the actual plea, was December 1.

So while there’s not a substantial cooperation component in the plea deal, certainly a substantial amount of time took place in that window, enough time to cooperate.

And consider the news coverage that has happened during that period. The initial plea offer was made in the week following a big media blitz of stories blaming Pho (and through him Kaspersky) for the Russian theft of NSA tools. In the interim period between the offer and the acceptance of the plea deal, Kaspersky confirmed both verbally and then in a full incident report that his AV had found the files in question, while noting that a third party hacker had compromised Pho’s machine during the period he had TAO’s tools on it.

In other words, after at least an 18 month investigation, Pho finally signed a plea agreement as the media started blaming him for the compromise of these tools.

During much of that period, Harold Martin was in custody and under investigation for a similar crime: bringing a bunch of TAO tools home and putting them on his computer. Only, unlike Pho, Martin got slammed with a 20-count indictment, laying a range of files, and not just files from NSA. Indeed, the Pho plea notes,

This Office and the Defendant agree that the Defendant’s conduct could have been charged as multiple counts. This Office and the Defendant further agree that had the Defendant been convicted of additional counts, … those counts would not group with the count of conviction, and the final offense level would have increased by 5 levels.

That is, the government implicity threatened Pho to treat him as Martin had been, with a separate charge tied to the individual files he took.

Since April, Martin’s docket has featured continuation after continuation that might reflect cooperation with the government.

All this leads me to believe that these two investigations may have worked in tandem. Whereas the government originally insinuated Martin had provided the files that Shadow Brokers started leaking in August 2016, the Martin cooperation may have led the government to understand the Pho compromise differently. That is, it’s possible that Pho was the source for Shadow Brokers’ tools (or rather, that both men were), but the government didn’t come to understand that until Martin started cooperating.

It’s not clear whether, between the two of them, it would account for all the files that Shadow Brokers had (nor is it clear that Shadow Brokers ever had all the files made available by one or the other of them by loading them onto their home machine). For example, it’s not clear either would have had the San Antonio files at the center of the Second Source theory.

Whatever the details, the timing of the Nghia Hoang Pho plea may suggest that the government only belatedly came to understand how, by loading a bunch of TAO tools running on his Kaspersky-running computer, made the tools available to a third party hack. Certainly, that would explain why Kaspersky has a better understanding of the timing of all this than the government does.

10 Years of emptywheel: Key Non-Surveillance Posts 2013-2015

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten today.

To celebrate, over the next few days, the emptywheel team will be sharing some of our favorite work from the last decade. I’ll be doing 4 posts featuring some of my most important or — in my opinion — resilient non-surveillance posts, plus a separate post bringing together some of my most important surveillance work. I think everyone else is teeing up their favorites, too.

Putting together these posts has been a remarkable experience to see where we’ve been and the breadth of what we’ve covered, on top of mainstays like surveillance. I’m really proud of the work I’ve done, and proud of the community we’ve maintained over the years.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2013

What a Targeted Killing in the US Would Look Like

Amid now-abandoned discussions about using the FISA court to review targeted killing, I pointed out that a targeted killing in the US would look just like the October 28, 2009 killing of Imam Luqman Abdullah.

Article II or AUMF? “A High Level Official” (AKA John Brennan) Says CIA Can Murder You

When the second memo (as opposed to the first 7-page version) used to authorize the killing of Anwar al-Awlaki, it became clear that OLC never really decided whether the killing was done under Article II or the AUMF. That’s important because if it’s the latter, it suggests the President can order anyone killed.

John Brennan Sworn in as CIA Director Using Constitution Lacking Bill of Rights

I know in the Trump era we’re supposed to forget that John Brennan sponsored a whole lot of drone killing and surveillance. But I spent a good deal of the Obama Administration pointing that out. Including by pointing out that the Constitution he swore to protect and defend didn’t have the First, Fourth, Fifth, and Sixth amendment in it.

2014

The Day After Government Catalogs Data NSA Collected on Tsarnaevs, DOJ Refuses to Give Dzhokhar Notice

I actually think it’s unreasonable to expect the government’s dragnets to prevent all attacks. But over and over (including with 9/11), NSA gets a pass when we do reviews of why an attack was missed. This post lays out how that happened in the Boston Marathon case. A follow-up continued that analysis.

A Guide to John Rizzo’s Lies, For Lazy Journalists

Former CIA General Counsel John Rizzo lies, a lot. But that doesn’t seem to lead journalists to treat his claims skeptically, nor did it prevent them from taking his memoir as a statement of fact. In this post I summarized all the lies he told in the first 10 pages of it.

Obama to Release OLC Memo after Only 24 Congressional Requests from 31 Members of Congress

Over the year and a half when one after another member of Congress asked for the OLC memos that authorized the drone execution of Anwar al-Awlaki, I tracked all those requests. This was the last post, summarizing all of them.

The West’s Ideological Vacuum

With the rise of Trump and the success of Russia intervening in US and European politics, I’ve been talking about how the failures of US neoliberal ideology created a vacuum to allow those things to happen. But I’ve been talking about the failures of our ideology for longer than that, here in a post on ISIS.

KSM Had the CIA Believing in Black Muslim Convert Jihadist Arsonists in Montana for 3 Months

There weren’t a huge number of huge surprises in the SSCI Torture Report for me (indeed, its scope left out some details about the involvement of the White House I had previously covered). But it did include a lot of details that really illustrate the stupidity of the torture program. None was more pathetic than the revelation that KSM had the CIA convinced that he was recruiting black Muslim converts to use arson in Montana.

2015

The Jeffrey Sterling Trial: Merlin Meets Curveball

A big part of the Jeffrey Sterling trial was CIA theater, with far more rigorous protection for 10 year old sources and methods than given to 4 year old Presidential Daily Briefs in the Scooter Libby trial. Both sides seemed aware that the theater was part of an attempt, in part, to help the CIA gets its reputation back after the Iraq War debacle. Except that the actual evidence presented at trial showed CIA was up to the same old tricks. That didn’t help Sterling at all. But neither did it help CIA as much as government prosecutors claimed.

The Real Story Behind 2014 Indictment of Chinese Hackers: Ben Rhodes Moves the IP Theft Goal Posts

I’ve written a lot about the first indictment of nation-state hackers — People’s Liberation Army hackers who compromised some mostly Pittsburgh located entities, including the US Steel Workers. Contrary to virtually all the reporting on the indictment, the indictment pertained to things we nation-state hack for too: predominantly, spying on negotiations. The sole exception involves the theft of some nuclear technology from Westinghouse that might have otherwise been dealt to China as part of a technology transfer arrangement.

Obama’s Terrorism Cancer Speech, Carter’s Malaise Speech

In response to a horrible Obama speech capitulating to Republican demands he treat the San Bernardino attack specially, as Islamic terrorism, I compared the speech to Jimmy Carter’s malaise speech. Along the way, I noted that Carter signed the finding to train the mujahadeen at almost the exactly moment he gave the malaise speech. The trajectory of America has never been the same since.

Other Key Posts Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten today.

To celebrate, over the next few days, the emptywheel team will be sharing some of our favorite work from the last decade. I’ll be doing probably 3 posts featuring some of my most important or — in my opinion — resilient non-surveillance posts, plus a separate post bringing together some of my most important surveillance work. I think everyone else is teeing up their favorites, too.

Putting together these posts has been a remarkable experience to see where we’ve been and the breadth of what we’ve covered, on top of mainstays like surveillance. I’m really proud of the work I’ve done, and proud of the community we’ve maintained over the years.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2008

We Are All Flint, MI Now

During the bailout, I did a post trying to imagine the worst that could happen if GM went bankrupt. One of my biggest worries — that China would start importing Buicks, making it far harder for US manufacturers to compete, has already happened.

This was, of course, before Republican mismanagement poisoned the entire city of Flint, MI. Perhaps the post is even more true now.

2009

Khalid Sheikh Mohammed Was Waterboarded 183 Times in One Month

While most of DC was busily engaged in both sides journalism on the impact of Obama’s decision to release the torture memos in 2009, I (and readers here!) was reading closely. Which is how I noted the reference to the 183 waterboards CIA administered to KSM in one month.

“Affordable” Health Care

Bill Supporters Still Can’t Say “Affordable”

In a series of posts at the end of 2009, I laid out how ObamaCare still required participants to spend too much of their income on health insurance and care, which would lead to lots of people to not use it. That has turned out to be one of the biggest problems with ObamaCare (and one of the reason it wasn’t all that popular until Trump tried to take it away). If Democrats ever wrest control from the Republicans again, this is a problem that still needs to be fixed.

2010

Abu Zubaydah’s Torturers Relied on July 13 Yoo Fax, not Bybee Memo

I found a lot of things (including Gul Rahman’s ID, but I waited on that to protect the identity of the CIA officer who oversaw his killing) in the Office of Professional Management report on John Yoo’s torture memos released in 201. One that remains important — and poorly understood — is that the first torture actually operated under authorization from a freelance fax from Yoo issued weeks before the famous August 1 Bybee memo, rather than the full OLC memo itself.

FDL Book Salon Welcomes Steven Rattner, Author of Overhaul

There were two or three of Bev’s badly missed book salons I hosted that I particularly enjoyed (Bob Woodward is another). But none was better than hosting Steven Rattner, for his very blinkered view of his own role in the auto bailout. The comment thread in it was epic, too, but sadly gone.

Hatfill and Wen Ho Lee and Plame and al-Awlaki and Assange

After a panel on the Scooter Libby case, I meditated on how those with the secrets increasingly use journalists as a stand in for due process. This is not a post I’ve returned to a lot, but particularly given everything that has transpired since, particularly given where Assange has gone since, it strikes a nerve.

The Slow Death of Neoliberalism: Part 2

The Slow Death of Neoliberalism Part 1.

This post focuses on the failings of neoliberal economic theory. Neoliberalism arises out of positivist philosophy, defined in Part 1. Positivism is the theory that the only true knowledge comes from the scientific process.

There are five main principles behind Positivism:

1. The logic of inquiry is the same across all sciences (both social and natural).

2. The goal of inquiry is to explain and predict, and thereby to discover necessary and sufficient conditions for any phenomenon.

3. Research should be empirically observable with human senses, and should use inductive logic to develop statements that can be tested.

4. Science is not the same as common sense, and researchers must be careful not to let common sense bias their research.

5. Science should be judged by logic, and should be as value-free as possible. The ultimate goal of science is to produce knowledge, regardless of politics, morals, values, etc.

Economists created a group of sayings which they put in their introductory textbooks and teach as laws and principles to their students at all levels. For example, N. Gregory Mankiw, economics professor at Harvard, starts his introductory economics textbook Principles of Macroeconomics with a list of ten Principles he claims almost all economists agree are true. Any thoughtful person reading this list will see that these ten statements are either tautological (you can’t do two things at once) or are mere rules of thumb. The idea that you could build a positivist science on this foundation is absurd. But Mankiw disagrees, and so does everyone who took Econ 101 and stopped, and especially so do the elites from our top schools.

It’s not surprising, then, that this version of economics is failing. It cannot perform the basic goal of a scientific theory, making accurate predictions. Economic models have failed and will continue to fail to predict disasters; and there isn’t much hope that they will ever be able to predict anything of interest.

In Part 1 I pointed out that the positivist program can’t be easily adapted to the social sciences. David Andolfatto of the St. Louis Fed agrees, and tells us what we can expect from economics:

But seriously, the delivery of precise time-dated forecasts of events is a mug’s game. If this is your goal, then you probably can’t beat theory-free statistical forecasting techniques. But this is not what economics is about. The goal, instead, is to develop theories that can be used to organize our thinking about various aspects of the way an economy functions. Most of these theories are “partial” in nature, designed to address a specific set of phenomena (there is no “grand unifying theory” so many theories coexist). These theories can also be used to make conditional forecasts: IF a set of circumstances hold, THEN a number of events are likely to follow. The models based on these theories can be used as laboratories to test and measure the effect, and desirability, of alternative hypothetical policy interventions (something not possible with purely statistical forecasting models).

This obvious straw man at the beginning of this quote is typical of the arrogant economist described by Marion Fourcade. But let’s see how well the economist business does at the weak test of effectiveness offered by Andolfatto.

For decades economists taught the Kuznets Curve which they said shows that as industrialization proceeds, economic inequality first rises and then falls.
Thomas Piketty takes up this theory in Capital In The Twenty-First Century, and extends the data forwards and backwards from the early 1950s. Here’s a graph of top decile income share from 1910 to 2010 from Wikipedia.

Looking at that graph through the time Kuznets wrote, the early 50s, it might be read to support that hypothesis. The sudden rise, starting under Reagan and continuing ever since, completely contradicts the hypothesis. That didn’t stop people from teaching it.

The Phillips Curve asserts that there is a connection between inflation and unemployment: as the unemployment rate drops, inflation increases. It’s one of Mankiw’s 10 principles; and it’s deeply embedded in the models used by the Fed to decide interest rates. It’s mostly wrong. Here’s a recent debunking from the Philadelphia Fed, concluding that the Phillips Curve might help forecast inflation in a weak economy, but does not work in an expanding economy.

The Wikipedia Page for Phillips Curve says that:

The original Phillips curve literature was not based on the unaided application of economic theory. Instead, it was based on empirical generalizations. After that, economists tried to develop theories that fit the data.

A 2008 paper, The History of the Phillips Curve: Consensus and Bifurcation, Economica (2008), P. 10, lays out the history in detail. Roughly speaking, it begins with the observation by William Phillips that in the UK there was a stable relation between the rate of wage growth and inflation over a substantial period of time, and deviations could be explained reasonably. This paper was picked up by Paul Samuelson and Robert Solow and turned into the earliest mathematical formula in 1958. Since then there have been a number of occasions where the Phillips Curve failed, and each time economists just grab some more of their existing tools and try to fix it or explain the failure, in each case after policy-makers have gone on as if it were right and forced bad results on the economy and especially the wages of workers.

Here’s a third example. Economists say that the reason wages are stagnant is that productivity is flat, as if there were a relation between wages and productivity. Anyone who looks at this chart and reads this article from the Economic Policy Institute will have a huge question about that.

And that isn’t just the right-wing. Plenty of centrist Democrats make the same argument. And by the way, what does this say about the central theory of free market economics that supply and demand for labor set prices?

As I say here and here, neoliberal economists used their ideology of free markets to influence policy and to change the entire way we think about society without having the slightest idea of the consequences of their meddling because their models aren’t designed to deal with changes in societies or economies. As my examples show, they just keep on regardless of the success or failure of their predictions, and politicians and rich people ignore the failings and continue to follow their foolish advice.

Neoliberal economics obviously fails to measure up to the standards of positivism. It can’t predict anything useful, and it barely is able to explain itself coherently. That’s a problem with positivism too. People are slowly, slowly coming to grips with these failures and the damage they have done. It’s adherents are dying off, and their replacements are into it for the money and the power. Stupid ideas never die, but maybe they will lose their influence.

Updated to correct link to EPI article and chart.

702 Reauthorization: The Anti-Leak Package

As part of the draft Section 702 Reauthorization released this week, the House Judiciary Committee included what I’ll call the anti-leak package. They’re not actually presented in the same Title, but I want to consider them as a group as a way to consider whether they’ll do anything to make leaking less useful than internal whistleblowing.

The package consists of three things:

  • Increased penalties for improperly handling classified information
  • New protections for FBI whistleblowers and contractor whistleblowers
  • A GAO report on whether classification works

Increased penalties for improperly handling classified information

The first part of the package changes 18 USC 1924, which criminalizes unauthorized retention of classified documents, to make knowingly retaining classified information a felony, while creating a new misdemeanor for negligently retaining classified information.

SEC. 302. PENALTIES FOR UNAUTHORIZED REMOVAL AND RETENTION OF CLASSIFIED DOCUMENTS OR MATERIAL.

Section 1924 of title 18, United States Code, is amended—

(1) in subsection (a), by striking ‘‘one year’’ and inserting ‘‘five years’’;

(2) by redesignating subsections (b) and (c) as subsections (c) and (d), respectively; and 13 (3) by inserting after subsection (a) the following new subsection (b):

(b) Whoever, being an officer, employee, contractor, or consultant of the United States, and, by virtue of his office, employment, position, or contract, becomes possessed of documents or materials containing classified information of the United States, negligently removes such documents or materials without authority and knowingly retains such documents or materials at an unauthorized location shall be fined under this title or imprisoned for not more than one year, or both.

I think this was done to make what Hillary Clinton did a clear felony, so Republicans can squawk about it, rather than solving any real problem.

Which is a pity. Because those who want to write new laws criminalizing the retention and leaking of classified information (something I’m not advocating, but I understand the sentiment), it might be useful to write laws that address the problems we’re actually seeing.

For example, the Espionage Act should be rewritten to make it clear it only applies to real Espionage — the secret sharing of “national defense information” (which should be better defined) with an adversary for some kind of personal benefit. By all means, create something else that applies to the Edward Snowdens and Chelsea Mannings of the world, if you feel the need to. But in that law, do something to ensure that the David Petraeuses of the world — who leaked information to get laid and tell nice stories about himself — don’t get a wrist slap, while people who at least believe their acts to be benefitting the country face life imprisonment.

The degree to which the Espionage statute specifically, and leak prosecutions generally, have become the means to pursue arbitrary retaliation against people who don’t hew a party line undermines the legitimacy of the classification system, which (in my opinion, as someone who has covered most recent leak prosecutions) just leads to more leaking.

In related news, one of the reasons why magistrate Brian Epps Cobb denied Reality Winner bail yesterday is because she admires Snowden and Assange.

In addition, this week’s news that an NSA TAO hacker brought files home and used them on his machine running Kaspersky, thereby alerting Russia to them, suggests the need to consider the impact of even negligent improper handling, because it can have an impact akin to that of Snowden if it is compromised.

Finally, there should be some controls over abuse of Original Classification Authority, both in Prepublication Reviews, to prevent the selective censorship of important stories. And there should be some recognition that OCAs are often not the only source of information (which is one of the problems with the Hillary emails — her staffers were reporting widely known facts that the CIA later claimed a monopoly on, thereby making the information “classified”).

Perhaps the GAO review, below, can go some distance to making this happen.

New protections for contractor whistleblowers

There’s a section that extends the (still inadequate) whistleblower protections of the National Security Act to contractors, while adding protection (just for contractors!) for the reporting of “evidence of another employee or contractor employee accessing or sharing classified information without authorization.” It also adds additional reporting vehicles for FBI contractors (to DOJ or FBI’s Office of Professional Responsibility, to FBI’s Inspection Division, or to the Office of Special Counsel).

The bill also adds contractors to those you can’t retaliate against by stripping of security clearance if they’ve made a protected disclosure.

Contractor is defined as “an employee of a contractor, subcontractor, grantee, subgrantee, or personal services contractor, of a covered intelligence community element.”

As I said, this is just the protection extended to intelligence community employees, with enforcement by the President, the same guy who orders up the illegal activities (such as torture or domestic spying) of the IC.

Plus, I’m not sure the language protects against two other problems that have happened with contractors. First, the loss of a contract, which doesn’t seem to be included in the definition of personnel decisions. So an agency could retaliate not by denying a promotion, but simply denying a contract. And, for similar reasons, I’m not sure the language prevents a contractor from retaliating against one of their employees directly, particularly if they’re threatened with losing work.

As I said, I’m not sure on this. I await analysis from the people who work whistleblower issues all the time.

That said, while this is an important improvement that will extend the same inadequate protection that IC employees get to IC contractors, I think it doesn’t necessarily protect against some known kinds of retaliation.

A GAO report on whether classification works

Perhaps most interestingly, the bill asks GAO to conduct on a story on why we’re having so much leakage.

SEC. 303. COMPTROLLER GENERAL STUDY ON UNAUTHORIZED DISCLOSURES AND THE CLASSIFICATION SYSTEM.

(a) STUDY.—The Comptroller General of the United States shall conduct a study of the unauthorized disclosure of classified information and the classification system of the United States.

(b) MATTERS INCLUDED.—The study under subsection (a) shall address the following:

(1) Insider threat risks to the unauthorized disclosure of classified information.

(2) The effect of modern technology on the unauthorized disclosure of classified information, including with respect to—

(A) using cloud storage for classified information; and

(B) any technological means to prevent or detect such unauthorized disclosure.

(3) The effect of overclassification on the unauthorized disclosure of classified information.

(4) Any ways to improve the classification system of the United States, including with respect to changing the levels of classification used in such system.

(5) How to improve the authorized sharing of classified information, including with respect to sensitive compartmented information.

(6) The value of polygraph tests in determining who is authorized to access classified information.

(7) Whether each element of the intelligence community (as defined in section (4) of the National Security Act of 1947 (50 U.S.C. 3003(4))—

(A) applies uniform standards in determining who is authorized to access classified information; and

(B) provides proper training with respect to the handling of classified information.

(c) COOPERATION.—The heads of the intelligence community shall provide to the Comptroller General information the Comptroller General determines necessary to carry out the study under subsection (a).

(d) REPORT.—Not later than 180 days after the date of the enactment of this Act, the Comptroller General shall submit to the Committee on the Judiciary and the Permanent Select Committee on Intelligence of the House of Representatives and the Committee on the Judiciary and the Select Committee on Intelligence of the Senate a report containing the study under subsection (a). (e) FORM.—The report under subsection (d) shall be submitted in unclassified form, but may include a classified annex.

I really like the idea of doing such a report (though am not sure GAO can get it done in just 6 months, especially since I’m sure some agencies will filibuster any cooperation). And what a novelty, to finally consider whether polygraphs actually do what they’re claimed to do (rather than get people to confess to dirt that can later be used against them or leaked to China in an OPM hack).

As mentioned above, a really thorough such study should also look specifically at the Prepublication Review process, which is one of the most notorious forms of arbitrary use of classification.

It should also try to quantify how much classification does (abusively) hide mismanagement or law-breaking, especially in the FOIA process.

A truly thorough study would have to include leaks by members of Congress, up to and including the Gang of Four — but that’s never going to happen and so that means of leakage will remain untouched.

A study should also not only review recent leak prosecutions, with a particularly focus on the selectivity with which they’ve been taken, but compare leak prosecutions with the efficacy of internal measures (like stripping someone of clearance), which ODNI has been using more in recent years, at least before Reality Winner.

And a study should do a macro review of the initiatives put in place since Chelsea Manning’s leaks, to review overall compliance (we know NSA and CIA had not fully complied as of last year), and to measure whether those initiatives have done any good.

Finally, for the classified version, the report should include a full measure of how much internal spying is being targeted at government employees and contractors in various CI programs, and whether those are overseen adequately (they’re absolutely not).

Will this all do any good?

As I said, I’m the one lumping these together into a package, not the bill’s authors. I did so, though, to better weigh whether this will do any good — whether we’ll move the balance on necessary discussions for democracy being weighed against genuine need to protect secrets. I think an actual assessment is worthwhile.

But ultimately, I suspect our leak problem stems, in large part, from the degree to which classification (and clearances and leak prosecutions) have all been designed to give the Executive Branch unfettered ability to run an arbitrary system of secrets that does as much to serve nexuses of power as it does to keep the country safe.  Secrets, in DC, have become the coin of power, not the necessary tool to ensure a vibrant and secure democracy.

And I’m not sure this effort will do much to change that.

In Reality Winner Case, Government Warns of Recruitment by Media Outlets that “Procure the Unauthorized Disclosure of Classified Info”

As I’ve reported recently Reality Winner has claimed both that her interview with the FBI was not consensual and that she should be released on bail like people who’ve leaked more sensitive documents, including David Petraeus. Significantly, Winner made claims about her interview and DOJ’s lack of related accusations to suggest the leak of the single document to the Intercept is all they’ve got on her.

The government responded to Winner’s claims — in their response to her request for bail — with a whole new set of claims not included in other documents (on top of making fairly ridiculous claims to suggest Winner should be detained when those who had access — and in the case of David Petraeus, leaked — far more classified information were not).

In the response itself, they raise issues that are fair and significant. But they all seem designed to suggest that Winner must be treated more harshly than Petraeus because she’s more likely to be “recruited” by “non-governmental organizations and media outlets that advocate and procure the unauthorized disclosure of classified information.”

At the same time, the Defendant is an attractive candidate for recruitment by well-funded foreign intelligence services and non-governmental organizations and media outlets that advocate and procure the unauthorized disclosure of classified information.

Consider how the government treats different media outlets.

The Washington Post

First, the government’s description of Winner’s phone searches suggest Winner sent the document to a “print news outlet” in addition to the Intercept, and kept looking at both to see if they published the document.

  • On May 9, the Defendant searched for the secure mailing address of a Print News Outlet, viewed a document called “How to Share Documents and News Tips with [Print News Outlet] Journalists” on the Print News Outlet’s website, searched for an Online News Outlet and “secure drop,” and viewed the Online News Outlet’s page containing instructions for the anonymous transmission of leaked information.
  • On May 12, a few days after she mailed the leaked document, the Defendant searched online for the Print News Outlet referenced on May 9, as well as the Online News Outlet to which she transmitted the leaked document, and viewed the homepages of both publications.
  • On May 13, the Defendant searched for the Print News Outlet, viewed its homepage, and then searched “[IC component] leak” and “[IC component] leak [Foreign Country]” on multiple occasions.
  • On May 14, the Defendant searched for and viewed the Print News Outlet’s homepage, and then searched within the Print News Outlet’s website for the name of the relevant IC component. She also searched for and viewed the Online News Outlet’s homepage.
  • On May 22, the Defendant viewed both the Print News and Online News Outlets’ websites, and she searched for the name of the relevant IC component within both websites.

The Washington Post’s “confidential tips” page comes up on a search for “How to Share Documents and News Tips” (though the page does not now have that name). That suggests Winner shared a copy of this document with the WaPo as well as the Intercept. But the focus in these materials on a completed crime is exclusively focused on the Intercept (which also is not named).

The interview transcript released with this filing does not, apparently, discuss Winner’s leak to what appears to be the WaPo, aside from asking if she sent the leaked document anywhere else, to which she said “no.” The agents interviewing her tipped her that the document had been sent to an online news source that she “subscribes” to. So FBI may not have mentioned WaPo because WaPo did nothing with the story — or at least nothing with a source who then informed the government, which is how the Intercept got exposed — meaning the FBI did not yet know about it. Or perhaps the FBI was just far more interested in the fact that Winner leaked to the Intercept.

Wikileaks and Anonymous

The filing does its most significant damage in repeating Winner’s support for WikiLeaks, Edward Snowden, and Anonymous. According to the filing, at the same time she was looking for clearance jobs in November 2016 (at the end of her deployment), she was researching anonymous and Wikileaks.

The Defendant’s duplicity is starkly illustrated by the fact that she researched opportunities to access classified information (multiple searches for jobs requiring a security clearance on ClearanceJobs.com) at the same time in November 2016 that she searched for information about anti-secrecy organizations (Anonymous and Wikileaks).

And in March, she told her sister she was “on Assange’s [and Snowden’s] side.”

On March 7, 2017, the Defendant searched for online information about Vault 7, Wikileaks’s alleged compromise of classified government information. Later on March 7, 2017, the Defendant engaged in the following Facebook chat with her sister in which she expressed her delight at the impact of the alleged compromise reported by Wikileaks:

SISTER: OMG that Vault 7 stuff is scary too

WINNER: It’s so awesome though. They just crippled the program.

SISTER: So you’re on Assange’s side

WINNER: Yes. And Snowden

It’s not just that Winner is reading Wikileaks and Snowden-leaked documents (which the government would be happy to use to villainize a leaker in any case). She’s cheering the destruction of CIA (and by association, NSA) capabilities. Which is not something the more prolific leaker David Petraeus did.

The curious declassification of an FBI interview about leaking

Before I get into how these materials treat the Intercept, let me take a detour to talk about the declassification of Winner’s interview which, because it discusses her work at NSA, includes a lot of information that must be classified.

As a number of outlets noted (I believe Politico reported it first), when the transcript of her FBI interview was first released, it included Winner’s social security number and date of birth — a no-no for PACER documents. It included her home computer password. It also revealed Winner worked on collection targeting Iranian Aerospace Forces Group, a remarkable disclosure given that the government says Winner can’t be released because she’ll be targeted by foreign governments (in addition to “non-governmental organizations and media outlets that advocate and procure the unauthorized disclosure of classified information”); they’ve just put a bullseye on her back for Iran. It also reveals she used to work for a drone mission. It includes the code name and the street name of her NSA location.

For either privacy and security reasons, those are remarkable disclosures.

Now consider what they did redact.

There’s a reference to Russian hacking (or the election), and Winner’s description of something akin to that. There’s a few more references, perhaps on the election, again redacted.

Perhaps the most interesting (and understandable) redaction is her explanation for why she thought the collection points on Russian hackers were already compromised.

[sigh] I had figured that, uhm, [half line redacted] that it didn’t matter anyway. Uhm honestly, uh, I just figured that whatever we were using had already been compromised, and this report was just going to be like a – one drop in the bucket.

All of which is to say the classification decisions here are pretty random.

Which is all the more interesting given the fact that the document has no declassification notes, describing who declassified it and for what purpose. If I’m Winner’s lawyers, I’m on the phone with former ISOO head Bill Leonard (who has served as an expert witness in past leak cases), asking him to testify that in a case about mishandling classified information, the government didn’t handle this document in rigorous fashion.

The Intercept: hiding the name, the motive, and a few more details

Which brings me to the decisions about redactions on parts of the transcript that pertain to the Intercept.

It hides the Intercept’s name, but also several references to her motive, including one very long description (on PDF 69)

More interesting, it redacts details about how she mailed it to the Intercept.

And redacts another passage where she describes how she found the address to send it to the Intercept — the actual details of which are included in the passage on her phone searches, above.

It redacts another passage asking whether she included anything in the envelope to the Intercept.

All of which is to say that in submissions that claim Winner is a particular risk because she might be “recruited” by NGOs and “media outlets that advocate and procure the unauthorized disclosure of classified information,” it is still hiding key details about Winner’s descriptions of her actions with respect to the Intercept.

After reading this transcript, I’m actually surprised the government hasn’t (yet) taken a harsher approach, perhaps charging her for a leak to the WaPo or for lying, initially, to the FBI (not charging her for lying to the FBI is one way, I guess, where she is getting the treatment David Petraeus got).

That may suggest they’re entertaining going after the Intercept here, for “recruiting” Reality Winner — a replay of the tactic they tried with Chelsea Manning years ago, only this time with an Attorney General and a Congress rushing to invent new categories of non-state hostile intelligence services to criminalize some kinds of publishing.

image_print