How Trump Could Install a Mole in the Mueller Inquiry

For six years, I’ve been working to raise attention to a 2002 OLC memo that authorized the sharing of grand jury information with the President with no notice to the district court. In the New Republic, I talk about how Trump might be able to use it to order a DOJ lawyer to spy on the Mueller grand jury.

July 22, 2002, memo from the Justice Department’s Office of Legal Counsel, written by Jay Bybee, the author of the infamous torture memos, held that, under the statute, the president could get grand jury information without the usual notice to the district court. It also found that the president could delegate such sharing without requiring a written order that would memorialize the delegation.

Bybee’s memo relies on and reaffirms several earlier memos. It specifically approves two rationales for sharing grand jury information with the president that would be applicable to the Russian investigation. A 1997 memo imagined that the president might get grand jury information “in a case where the integrity or loyalty of a presidential appointee holding an important and sensitive post was implicated by the grand jury investigation.” And a 2000 memo imagined that the president might need to “obtain grand jury information relevant to the exercise of his pardon authority.”

If you set aside Trump’s own role in obstructing the investigation—including the firing of former FBI Director James Comey—these rationales are defensible in certain cases. In fact, the Justice Department has already shared information (though not from a grand jury) with the White House for one of these very reasons. In January, acting Attorney General Sally Yates warned White House Counsel Don McGahn that Russians might be able to blackmail then-National Security Advisor Mike Flynn. As Yates explained in her congressional testimony in May, after Flynn’s interview with the FBI, “We felt that it was important to get this information to the White House as quickly as possible.” She shared it so the White House could consider firing Flynn: “I remember that Mr. McGahn asked me whether or not General Flynn should be fired, and I told him that that really wasn’t our call, that was up to them, but that we were giving them this information so that they could take action.”

A similar situation might occur now that the investigation has moved to a grand jury investigation, if someone remaining in the White House—the most likely candidate is the president’s son-in-law, Jared Kushner—were found to be compromised by Russian intelligence. In Kushner’s case, there are clear hints that he has been compromised, such as when he asked to set up a back channel with the Russians during the transition.

If Trump were to rely on the memo, he might order a Justice Department lawyer to tell him what evidence Mueller had against Kushner, or whether Mike Flynn or former campaign manager Paul Manafort were preparing to cooperate with Mueller’s prosecutors if they didn’t get an immediate pardon. Unlike Yates, Trump would have an incentive to use such information to undercut the investigation into Russia’s meddling.

I point out that Trump’s partisan nominee to be Assistant Attorney General for Criminal Division, Brian Benczkowski, would be far more likely to share such information than the career prosecutors that currently have visibility onto the investigation (Benczkowski has refused to recuse from the Russian investigation, but has promised to follow ethical guidelines at DOJ).

One thing didn’t make the cut, though it’s a key reason why I think it possible someone is trying to use this precedent to provide Trump with a mole on the investigation.

Viet Dinh was both the key author of the PATRIOT Act as well as the procedures implementing these sharing rules. Dinh is also the Kirkland & Ellis partner who asked Benczkowski to exercise the really poor judgment of overseeing an investigation for Alfa Bank while he was awaiting a likely DOJ appointment. “I’ve known Viet Dinh for twenty years,” Benczkowski explained during his confirmation hearing for why he represented Alfa Bank while potentially up for nomination to DOJ.

Benczkowski certainly said the right things about honoring Mueller’s work. But Dinh, a guy who had a key role in compromising Benczkowski with respect to the investigation just as he got nominated played a key role in the sharing rules that might make it possible.

As I say in the piece, we had better hope DOJ guards recusal concerns a lot more closely than they seem to have been doing.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Latest CNN Scoop Doesn’t Prove What Everyone Says It Does

CNN has a story that reports something the evidence it presents doesn’t support, which others are taking to say things that it supports even less.

It claims that a short email thread it shares and five pages of talking points it doesn’t proves that the June 9, 2016 meeting at Trump Tower between Natalia Veselnitskaya and Don Jr (and others) “not about dirt on Clinton.”

An email exchange and talking points provided to CNN are the latest indication of how some of the meeting participants plan to make their case about why the meeting with Donald Trump Jr. did not amount to collusion between Russian officials and the Trump campaign.

The new information stands in contrast with the initial email pitching the meeting to Trump Jr., which promised damaging information on Clinton.

The “proof” is an email chain — or perhaps, just five emails from a longer chain, out of context with other emails they relate to — that includes one where Veselnitskaya asks Rod Goldstone, who set up the meeting, permission to include Rinat Akhmetshin in the meeting because he “is working to advance these issues with several congressmen.” From that, CNN suggests, we should understand the meeting was primarily about the Magnitsky sanctions.

But even there, Goldstone’s references to the purpose of the meeting are oblique, wishing only that Veselnitskaya “bring[s] whoever you need in order to make the meeting successful.” Moreover, the talking point document that CNN doesn’t share does include “a passing reference to a possible financer of Clinton’s campaign.” The further discussion of the talking points suggest it was more than a passing reference.

As part of her explanation, Veselnitskaya’s talking points accuse the “Ziff brothers” — three billionaire brothers who had run a hedge fund company together — of violating Russian law, as well as their connections to Democratic politics.

“Ziff brothers participated in financing both Obama presidential campaign, American press dubs them as ‘main sponsors of Democrats,’ ” the memo states, according to a translated version. “It’s entirely possible they also take part in financing Hillary Clinton’s campaign.”

Now consider the provenance of the document, which to me is a big part of the story.

It was obtained, CNN explains, by an attorney CNN says represents Aras and Emin Agalarov, and who seems intent on refuting the story publicly told by Rod Goldstone.

The documents were provided by Scott Balber, who represents Aras and Emin Agalarov, the billionaire real estate developer and his pop star son who requested the June 2016 meeting.

Balber, who went to Moscow to obtain the documents from Veselnitskaya, said in an interview with CNN that the emails and talking points show she was focused on repealing the Magnitsky Act, not providing damaging information on Clinton.

The message was muddled, Balber said, when it was passed like a game of telephone from Veselnitskaya through the Agalarovs to Goldstone.

Balber also suggested that Goldstone “probably exaggerated and maybe willfully contorted the facts for the purpose of making the meeting interesting to the Trump people.”

A couple of points about this.

First, in addition to apparently representing the Agalarovs in this matter, and on top of being an early source for details about who attended this meeting, Balber also once represented Trump.

This story comes at a time when we know Akhmetshin has already testified before the grand jury, presumably saying what he said to the FT about Veselnitskaya sharing information developed with the help of corporate intelligence (which is quite likely to be Fusion! which might explain the NDA) on how bad money supported Hillary.

Akhmetshin said he did not read the papers about Hillary Clinton’s campaign funding that Veselnitskaya took to the meeting, but he had seen the Russian version of it before. He says the lawyer developed it with the help of private corporate intelligence and that it was about “how bad money ended up in Manhattan and that money was put into supporting political campaigns”.

Furthermore Richard Burr, last week, suggested that Veselnitskaya may have already met with SSCI investigators.

Sir, is the Russian lawyer who met Donald Trump, is she coming before you?

[snip]

Is the Russian attorney going to come through, the Russian attorney that met with Donald Trump Jr, she’s offered to come in open committee. Have you reached out to her, is she one of the 25 on your list?

Burr: How do you know we haven’t already heard from her?

So if this is an attempt to change the spin of the story, it may extend no further than changing the spin of the story publicly, not with Robert Mueller or anyone who matters.

But here’s the bigger question. Why would an American lawyer who has previously represented Trump need to fly to Russia to meet with Veselnitskaya personally? This email chain and the talking points could very easily be sent — but weren’t. So why did Balber need to solidify stories with Veselnitskaya in person? And what is the provenance of the emails as presented, stripped of any forensic information?

So while it’s clear Trump’s former lawyer wants to change the spin around this story, it seems to me the takeaway should be,

Breaking: Lawyer with past ties to Trump flew to Russia to coordinate stories with Natalia Veselnitskaya

Furthermore, given all the focus on Fusion and the emphasis in this story on NDAs, I’d suggest it possible they’re trying to hide the fact that Fusion was working both sides, or even providing dirt on Hillary to the initial funder of the Steele dossier to the Republican that originally paid for it.

Update: Compare this effort to rewrite the story with the flip-flop Don Jr made for his congressional testimony. Not only did Don Jr need to incorporate both adoptions and dirt on Hillary to accord with both his published emails but also with what Pops said, but he could not recall things about what Agalarov said in advance of the meeting.

I’m more interesting in the things the forgetful 39 year old could not recall. While his phone records show he spoke to Emin Agalarov, the rock star son of Aras Agalarov, who has been dangling real estate deals in Russia for the Trumps for some time, for example, he doesn’t recall what was discussed.

Three days later, on June 6th, Rob contacted me again about scheduling a time for a call with Emin. My phone records show three very short phone calls between Emin and me between June 6th and 7th. I do not recall speaking to Emin. It is possible that we left each other voice mail messages. I simply do not remember.

This is important, because those conversations probably explained precisely what was going to happen at that meeting (and how it might benefit real estate developer Aras Agalarov), but Jr simply can’t recall even having a conversation (or how long those conversations were).

Don Jr also claimed not to recall that Ahkmetshin attended the meeting. The focus in the CNN spin on the NDAs served to obscure his presence in a way.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Chuck Grassley Finally Shows Concern about Parallel Construction — Affecting Trump

As I’ve said repeatedly, I think Chuck Grassley’s concerns about the Steele dossier — and FBI’s refusal to answer questions about it — generally have merit. That continues with his latest letter to FBI.

Effectively, he’s worried that because Steele shared the dossier with MI6, the FBI might effectively be parallel constructing intelligence that ultimately came from Steele, and so from a oppo research dossier.

There is another concern about Mr. Steele’s and Fusion GPS’s work that the FBI needs to address.  Public reports indicate that the FBI received the dossier and has used it in the Russia investigation.  However, it appears that the FBI, the media, and various Congressional offices were not the only recipients of the dossier prior to its publication.  In court filings by Mr. Steele’s attorneys in London, he admitted that he had passed at least some contents of the dossier to at least one foreign government – the United Kingdom.[1]

Media reports have also claimed that foreign governments passed along information to the United States about purported contacts between Trump associates and Russians.  Given that Mr. Steele also distributed the dossier’s contents to at least one foreign government, it is possible that this political dossier’s collusion allegations, or related allegations originating via Mr. Steele, may have also been surreptitiously funneled into U.S. intelligence streams through foreign intelligence sharing.  If so, that foreign information would likely have ended up within the FBI’s investigation of allegations of collusion between Trump associates and Russia.  However, given that foreign intelligence agencies carefully guard their sources and methods, it may not have been clear to the FBI that the foreign reporting was actually based on the work of Mr. Steele and Fusion GPS.

If this in fact happened, it would be alarming.  Mr. Steele’s dossier allegations might appear to be “confirmed” by foreign intelligence, rather than just an echo of the same “research” that Fusion bought from Steele and that the FBI reportedly also attempted to buy from Steele.  It is even more alarming in light of what we are learning about the allegedly unregistered Russian foreign agents who Fusion GPS and Glenn Simpson were working with to undermine the Magnitsky Act and who met with Trump family and campaign officials last summer.

The Committee must understand what steps the FBI has taken to ensure that any foreign information it received and used in the Russia investigation, beyond the dossier itself, was not ultimately sourced to Mr. Steele, his associates such as Fusion GPS, or his sub-sources.

It’s a fair point — as mentioned, he’s effectively describing parallel construction, which the FBI uses all the time to hide the ultimate source for its evidence on defendants (though usually, that process involves obtaining subpoenas to hide what kind of foreign intelligence it relies on).

So I’m grateful the Chair of the Senate Judiciary Committee has finally decided to turn his focus on a process that is badly abused, to the detriment of due process in this country.

I just wish he expressed the same concern for less famous targets, rather than just the President.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Not Mentioned in Roger Stone’s Straw Rat-Fucker Statement: the Peter Smith Rat-Fuck

Earlier today, legendary rat-fucker Roger Stone had a three hour interview before the House Intelligence Committee. Before the interview, he leaked his testimony, as all of the most implicated Trump officials — save Paul Manafort — have.

The testimony is telling for multiple reasons. Given the recent trouble I got in for saying “rat-fucker” on TV, I’m particularly invested in the way he avoided calling himself one.

As to the substance of the report, it is delightfully, tellingly, squirrelly in two different ways. First, his generalized denial is very specific to colluding with the Russian state to affect the outcome of the 2016 election; this is a point Renato Mariotti makes here.

I have no involvement in the alleged activities that are within the publicly stated scope of this Committee’s investigation  — collusion with the Russian state to affect the outcome of the 2016 election.

I’m even more interested in how he depicts what he claims are the three allegations made against him.

Members of this Committee have made three basic assertions against me which bust be rebutted her today. The charge that I knew in advance about, and predicted, the hacking of the Clinton campaign chairman John Podesta’s email, that I had advanced knowledge of the source or actual content of the WikiLeaks disclosures regarding Hillary Clinton or that, my now public exchange with a persona that our intelligence agencies claim, but cannot prove, is a Russian asset, is anything but innocuous and are entirely false.

In point of fact, this tripartite accusation is actually a misstatement of the allegations against him (though in his rebuttal of them, he is helped immensely by the sloppiness of public statements made by Democrats, especially those on the panel, which I’ve criticized myself). Generally, the accusation is more direct: that in conversing with both Julian Assange (though a cut-out) and Guccifer 2.0, Stone was facilitating or in some way helping the Trump campaign maximally exploit the Russian releases that were coming.

Which is why I find one other silence quite interesting: Stone makes no mention of the Peter Smith operation to find the emails, purportedly related to the Clinton Foundation, deleted from Hillary’s server. As I noted here, along with reaching out to multiple suspected Russian hackers and advising those with emails that might be Foundation emails to share them with WikiLeaks, rat-fucker Smith also pushed GOP operatives like rat-fucker Stone to reach out to Guccifer 2.0.

Instead, Johnson said, he put the word out to a “hidden oppo network” of right-leaning opposition researchers to notify them of the effort. Johnson declined to provide the names of any of the members of this “network,” but he praised Smith’s ambition.

“The magnitude of what he was trying to do was kind of impressive,” Johnson said. “He had people running around Europe, had people talking to Guccifer.” (U.S. intelligence agencies have linked the materials provided by “Guccifer 2.0”—an alias that has taken credit for hacking the Democratic National Committee and communicated with Republicanoperatives, including Trump confidant Roger Stone—to Russian government hackers.)

As I noted, there is much about the events from August to October that suggest Republicans may have believed WikiLeaks had obtained, and might be leaking, the Clinton Foundation emails, only to have the John Podesta ones released in their stead.

If I’m right, it would mean that by pitching everything as pertaining to Podesta, and not to other emails, Stone can more successfully deny his involvement.

And Stone’s timeline obscures some of the key details here, notably leaving out his incorrect predictions not just of an October 5 release, but that they’d be the Foundation emails.

Also note: Stone describes his exchange with Guccifer as starting on August 14. That’s actually not right. It started on August 13 (actually, August 12 East Coast time), with this tweet, which puts it in the context of two offers for files.

It’s definitely true (in the DMs that Stone includes) that Stone ultimately doesn’t response to Guccifer 2.0’s offers of data.

But that timeline also extends matters just to where things were heating up on Smith’s hunt for Clinton Foundation documents.

As noted above, Stone has denied colluding with the Russian state to affect the outcome of the election. But that’s not a denial of colluding with Russian hackers or Russian assets (the latter a rather curious term Stone uses twice to refer to Guccifer 2.0 in his statement, but not in the Breitbart piece in which he claims to have refuted claims he was an “asset”) to “prove Hillary’s corruption” or some such excuse for digging up more dirt on Hillary.

And that’s precisely the kind of thing we know a rat-fucker like Stone would do, and precisely the kind of thing we know other rat-fuckers were doing.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

One Thing Not Mentioned in Mueller Requests from the White House: The Putin Phone Call

Yesterday, three different outlets published versions of the list of stuff Robert Mueller has requested of the White House. The NYT describes Mueller asking for details of the in-person meeting with Russians after Comey’s firing, as well as details of Comey and Flynn’s firing,

Mueller’s office sent a document to the White House that detailed 13 different areas that investigators want more information about. Since then, administration lawyers have been scouring White House emails and asking officials whether they have other documents or notes that may pertain to Mr. Mueller’s requests.

One of the requests is about a meeting Mr. Trump had in May with Russian officials in the Oval Office the day after James B. Comey, the F.B. I director, was fired. That day, Mr. Trump met with the Russian foreign minister, Sergey V. Lavrov, and the Russian ambassador to the United States, Sergey I. Kislyak, along with other Russian officials. The New York Times reported that in the meeting Mr. Trump said that firing Mr. Comey relieved “great pressure” on him.

Mr. Mueller has also requested documents about the circumstances of the firing of Michael T. Flynn, who was Mr. Trump’s first national security adviser. Additionally, the special counsel has asked for documents about how the White House responded to questions from The Times about a June 2016 meeting at Trump Tower. That meeting was set up by Donald Trump Jr., the president’s eldest son, to get derogatory information from Russians about Hillary Clinton.

WaPo adds communications with Paul Manafort to the list and fleshes out the nature of the requests on Flynn and Comey.

Mueller has requested that the White House turn over all internal communications and documents related to the FBI interview of Flynn in January, days after he took office, as well as any document that discusses Flynn’s conversations with then­-Russian Ambassador Sergey Kislyak in December. Mueller has also asked for records about meetings then-Deputy Attorney General Sally Yates held with White House counsel Don McGahn in late January to alert him to Justice Department concerns about Flynn, as well as all documents related to Flynn’s subsequent ouster by the White House.

Regarding Comey, Mueller has asked for all documents related to meetings between Trump and Comey while Comey served at the FBI, records of any discussions regarding Comey’s firing and any documents related to a statement by then-press secretary Sean Spicer made on the night Comey was fired.

Here’s CNN’s mostly derivative version.

There’s one thing that’s not explicitly on this list (though it might be included in the larger request for details on Flynn’s firing): details surrounding the January 28th phone conversation between Trump and Putin, which included a bunch of people who happen to no longer be at the White House.

As a number of Democrats noted in the Sally Yates hearing before Senate Judiciary Committee, the call took place in the immediate wake of Yates’ two conversations with Don McGahn about Flynn’s potential for compromise by the Russians because of his lies about his conversation with Sergey Kislyak.

HIRONO: Others of my colleagues have mentioned, and you yourself, Mr. Clapper, said that RT is a Russian mouthpiece to spread propaganda. And, of course, we know that General Flynn attended a gala hosted by — or a 10th anniversary gala for RT in December, 2015, where he sat next President Putin and got paid over $33,000 for that.

Mr. Clapper, given the conversation that Ms. Yates provided to the White House regarding — and this is during the January 26th and 27th timeframe — regarding General Flynn, should he have sat in on the following discussions?

On January 28th, he participated in an hour-long call, along with President Trump, to President Putin. And on February 11th, he participated in a discussion with Prime Minister Abe and the president at Mar-a-Lago to discuss North Korea’s missile tests.

Should he — given the — the information that had already been provided by Ms. Yates, should he have participated in these two very specific instances?

In comments on Yates’ testimony when it got canceled on March 28, Adam Schiff focused on the possible explanation for why Flynn was kept on, through that meeting and for 18 days total after Yates’ warning to the White House.

In other words, the big question surrounding Flynn’s firing seems to have as much to do with why he wasn’t fired as why he was, eventually, 18 days after getting notice he was in trouble with DOJ. And the import of including him in that phone call with Putin seems to be a part of that.

Again, that may well be included in the universe of documents on Flynn’s firing (I’d love to see Yates’ firing in there as well, as the Muslim ban was used as an excuse to fire her just as she was raising concerns about Flynn). But it seems important to learn why Trump felt the need to keep Flynn on even after his communications with the Russians had gotten him in legal trouble.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Why Was Manafort FISA Tapped Rather than Criminal Tapped?

Congratulations to Donald Trump, who may have finally figured out how to prove his March 4 claim that there was a “tapp” on Trump Tower — by continuing to speak to Paul Manafort after FBI got a second FISA wiretap on him, at least according to the CNN’s report on the tap.

US investigators wiretapped former Trump campaign chairman Paul Manafort under secret court orders before and after the election, sources tell CNN, an extraordinary step involving a high-ranking campaign official now at the center of the Russia meddling probe.

The government snooping continued into early this year, including a period when Manafort was known to talk to President Donald Trump.

[snip]

The conversations between Manafort and Trump continued after the President took office, long after the FBI investigation into Manafort was publicly known, the sources told CNN. They went on until lawyers for the President and Manafort insisted that they stop, according to the sources.

It’s unclear whether Trump himself was picked up on the surveillance.

I mean, if you’re dumb enough to talk to a guy under active investigation, you should expect to be tapped. Trump should know this from his NY mobster buddies.

The CNN report — by the same team that last month revealed Carter Page had actually been wiretapped going back to 2014, too — is maddeningly vague about the dates of all this. Manafort was first targeted under FISA for his (and associated consulting companies, probably including Tony Podesta) Ukrainian influence peddling in 2014. Then the order lapsed, only to have a new one, possibly last fall, approved in association with the Trump investigation.

A secret order authorized by the court that handles the Foreign Intelligence Surveillance Act (FISA) began after Manafort became the subject of an FBI investigation that began in 2014. It centered on work done by a group of Washington consulting firms for Ukraine’s former ruling party, the sources told CNN.

The surveillance was discontinued at some point last year for lack of evidence, according to one of the sources.

The FBI then restarted the surveillance after obtaining a new FISA warrant that extended at least into early this year.

[snip]

The FBI interest deepened last fall because of intercepted communications between Manafort and suspected Russian operatives, and among the Russians themselves, that reignited their interest in Manafort, the sources told CNN. As part of the FISA warrant, CNN has learned that earlier this year, the FBI conducted a search of a storage facility belonging to Manafort. It’s not known what they found.

The gap would presumably have excluded June, given that Mueller reportedly didn’t learn about the June 9 meeting until the usual suspects started turning over records on it (though I may come back to that).

The report of a fall wiretap, based in part on intercepts of Russians, would put it well beyond the time Manafort got booted from the campaign (and might be consistent with the reporting of an earlier application followed by ultimate approval in the fall). The mention of a search of a storage facility suggests that Manafort would have been targeted under both 1805 (data in motion) and 1824 (data at rest, plus physical search like that used with the storage facility).

Here’s some relevant information from last year’s FISC and I Con the Record transparency numbers.

For the same authorities (1805, 1824, 1805/1824, and 1881c), the FISA Court, which uses different and in most cases more informative counting metrics, reports 1,220 orders granted, 313 orders modified, and 26 orders denied in part (which add up to I Con the Record’s 1,559), plus 8 orders denied, which I Con the Record doesn’t mention.

As an improvement this year, I Con the Record has broken down how many of these targets are US persons or not, showing it to be 19.9%. That means the vast majority of targeted FISA orders are targeted at people like Sergey Kislyak, the Russian Ambassador all of Trump’s people talked to.

This is the target number for the original report, not the order number, and it is an estimate (which is curious). This means at least 28 orders target multiple people. Neither ICTR nor FISC reveals how many US persons were approved for 705b, meaning they were spied on when they went overseas.

I include this, especially the FISC numbers (the top ones), to show that for the category that Manafort would have been targeted under, the court outright rejected 8 applications, denied in part — perhaps by approving only some of the facilities in the application — 18, and modified — which can often be minimization procedures — 260. Note, too, that among all the individual orders approved last year, roughly 336 were targeted at Americans like Manafort and Page. I assume there would be more minimization procedures on those targeting Americans, especially those who hang out with political candidates or the President.

All of which is my way of saying that for Manafort, in particular, the FBI may have had to use some kind of clean team to separate the political items from the foreign intelligence ones. The members of Congress that are the most likely sources for this story probably would have known that too, but it wouldn’t serve the point of the leak as well if that detail were included.

One more point.

The CNN piece is clear: FBI had a FISA order targeting Manafort (and probably others, probably the same ones who’ve been asked to testify, including Tony Podesta’s group), then let it lapse. They then got an order focused on election-related issues.

By the point they got the election-related FISA, the FBI was very deep into their investigation of Manafort for money laundering (and in NY, where FBI agents are notoriously gabby).

But at least given all the public reporting thus far, there have been no reported criminal warrants against Manafort, at least not before the no-knock search in VA this summer.

Which is odd, because they sure seem to have probable cause against him for crimes, as well. If Manafort were targeted by a criminal warrant, it’s nowhere near as clear that any minimization would be overseen by a court. That is, it might be more likely that Trump would get picked up in his rash conversations with someone known to be under investigation if that person were targeted with a criminal warrant than if he were targeted under FISA.

One, final, point. Craig Murray, who ferried something (though not emails) to Julian Assange in September 2016 claimed the emails had been picked obtained by American National Security types wiretapping [John] Podesta because of the Podesta Group’s lobbying for Saudi Arabia. As I noted at the time, that didn’t make any sense, partly because Tony would have been the target, not John, but also the FBI wouldn’t be all that interested in lobbying for Saudi Arabia.

Murray claimed the documents came from someone in the national security establishment, and implied they had come from legal monitoring of John Podesta because he (meaning John) is a lobbyist for Saudi Arabia.

Again, the key point to remember, in answering that question, is that the DNC leak and the Podesta leak are two different things and the answer is very probably not going to be the same in both cases. I also want you to consider that John Podesta was a paid lobbyist for the Saudi government — that’s open and declared, it’s not secret or a leak in a sense. John Podesta was paid a very substantial sum every month by the Saudi government to lobby for their interests in Washington. And if the American security services were not watching the communications of the Saudi government paid lobbyist then the American intelligence services would not be doing their job. Of course it’s also true that the Saudis’ man, the Saudis’ lobbyist in Washington, his communications are going to be of interest to a great many other intelligence services as well.

As a threshold matter, no national security agency is going to monitor an American registered to work as an agent for the Saudis. That’s all the more true if the agent has the last name Podesta.

But that brings us to another problem. John Podesta isn’t the lobbyist here. His brother Tony is. So even assuming the FBI was collecting all the emails of registered agent for the Saudis, Tony Podesta, even assuming someone in national security wanted to blow that collection by revealing it via Wikileaks, they would pick up just a tiny fraction of John Podesta’s emails. So this doesn’t explain the source of the emails at all.

They would — and apparently were — interested in tapping all the corrupt people working with corrupt Ukrainians, including Manafort and, maybe, Tony (but not John).

This in no way confirms Murray’s explanation — his story still makes no sense for the reasons I laid out when I first wrote the post. But I find it particularly interesting that Tony Podesta may well have been wiretapped along with Manafort, for his Ukrainian influence peddling, not his Saudi influence peddling, earlier in the year last year.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

SSCI Plays Hardball with Michael Cohen’s Attempt to Distract from Trump Tower Deal

Just before it was supposed to start, SSCI canceled Michael Cohen’s private interview with the committee. They did so, per a statement from Richard Burr and Mark Warner, because Cohen broke an agreement not to talk to the press by releasing what has generally been described as “his statement” to the press beforehand.

We were disappointed that Mr. Cohen decided to pre-empt today’s interview by releasing a public statement prior to his engagement with Committee staff, in spite of the Committee’s requests that he refrain from public comment. As a result, we declined to move forward with today’s interview and will reschedule Mr. Cohen’s appearance before the Committee in open session at a date in the near future. The Committee expects witnesses in this investigation to work in good faith with the Senate.

But in point of fact, what got published as his “statement” was not the entirety of it. Close to the end of the “statement” is this paragraph, alluding to a further two page statement on the Trump Tower deal that somehow didn’t get leaked.

I assume we will discuss the rejected proposal to build a Trump property in Moscow that was terminated in January of 2016; which occurred before the Iowa caucus and months before the very first primary. This was solely a real estate deal and nothing more. I was doing my job. I would ask that the two-page statement about the Moscow proposal that I sent to the Committee in August be incorporated into and attached to this transcript.

Other than that paragraph, mind you, Cohen’s statement closely parallels the letter to HPSCI Cohen released last month after spending a week distracting from and pre-empting the Trump Tower story. Both deny the allegations in the Christopher Steele dossier, and try to suggest that if he is found innocent of those allegations, then HPSCI and/or SSCI must issue a statement exonerating him.

In other words, with both committees, Cohen has manipulated the press so as to set a narrative about his testimony, a narrative that treats the Steele dossier as the entirety of his expose, rather than the now far more interesting (and interestingly time) real estate deal.

Four days ago, Michael Cohen (or the Trump Organization) pre-empted revelations that would leak as soon as he turned over a third tranche of documents to the House Intelligence Committee by revealing a seemingly damning detail from it: along with Trump’s associate Felix Sater, Cohen was pursuing a Trump Tower deal in Moscow well after Trump’s campaign was in full swing. Sure enough, more damning information was still to come: Sater somehow imagined the deal — whatever it was — would get Trump elected. Then still more damning information: in January 2016, Cohen reached out to trusted Putin aide Dmitry Peskov to push for help on the deal. That’s when Cohen began to not recall precisely what happened, and also ignore questions about why he hadn’t told Trump about this call, unlike the other actions he took on this deal.

[snip]

All that said, the way in which Cohen has orchestrated this disclosure — up to and including his failures to recall and answer obvious questions — is either great lawyering and/or sign that this earlier deal making is a real problem.

Of course, Burr and Warner were having none of this narrative scene setting and so now will force Cohen to testify publicly.

Cohen is sure spending a lot of time orchestrating distractions from this property deal. A pity for him his second attempt didn’t work as well as the first one.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Can Congress — or Robert Mueller — Order Facebook to Direct Its Machine Learning?

The other day I pointed out that two articles (WSJ, CNN) — both of which infer that Robert Mueller obtained a probable cause search warrant on Facebook based off an interpretation that under Facebook’s privacy policy a warrant would be required — actually ignored two other possibilities. Without something stronger than inference, then, these articles do not prove Mueller got a search warrant (particularly given that both miss the logical step of proving that the things Facebook shared with Mueller count as content and not business records).

In response to that and to this column arguing that Facebook should provide more information, some of the smartest surveillance lawyers in the country discussed what kind of legal process would be required, but were unable to come to any conclusions.

Last night, WaPo published a story that made it clear Congress wanted far more than WSJ and CNN had suggested (which largely fell under the category of business records and the ads posted to targets, the latter of which Congress had been able to see but not keep). What Congress is really after is details about the machine learning Facebook used to identify the malicious activity identified in April and the ads described in its most recent report, to test whether Facebook’s study was thorough enough.

A 13-page “white paper” that Facebook published in April drew from this fuller internal report but left out critical details about how the Russian operation worked and how Facebook discovered it, according to people briefed on its contents.

Investigators believe the company has not fully examined all potential ways that Russians could have manipulated Facebook’s sprawling social media platform.

[snip]

Congressional investigators are questioning whether the Facebook review that yielded those findings was sufficiently thorough.

They said some of the ad purchases that Facebook has unearthed so far had obvious Russian fingerprints, including Russian addresses and payments made in rubles, the Russian currency.

Investigators are pushing Facebook to use its powerful data-crunching ability to track relationships among accounts and ad purchases that may not be as obvious, with the goal of potentially detecting subtle patterns of behavior and content shared by several Facebook users or advertisers.

Such connections — if they exist and can be discovered — might make clear the nature and reach of the Russian propaganda campaign and whether there was collusion between foreign and domestic political actors. Investigators also are pushing for fuller answers from Google and Twitter, both of which may have been targets of Russian propaganda efforts during the 2016 campaign, according to several independent researchers and Hill investigators.

“The internal analysis Facebook has done [on Russian ads] has been very helpful, but we need to know if it’s complete,” Schiff said. “I don’t think Facebook fully knows the answer yet.”

[snip]

In the white paper, Facebook noted new techniques the company had adopted to trace propaganda and disinformation.

Facebook said it was using a data-mining technique known as machine learning to detect patterns of suspicious behavior. The company said its systems could detect “repeated posting of the same content” or huge spikes in the volume of content created as signals of attempts to manipulate the platform.

The push to do more — led largely by Adam Schiff and Mark Warner (both of whom have gotten ahead of the evidence at times in their respective studies) — is totally understandable. We need to know how malicious foreign actors manipulate the social media headquartered in Schiff’s home state to sway elections. That’s presumably why Facebook voluntarily conducted the study of ads in response to cajoling from Warner.

But the demands they’re making are also fairly breathtaking. They’re demanding that Facebook use its own intelligence resources to respond to the questions posed by Congress. They’re also demanding that Facebook reveal those resources to the public.

Now, I’d be surprised (pleasantly) if either Schiff or Warner made such detailed demands of the NSA. Hell, Congress can’t even get NSA to count how many Americans are swept up under Section 702, and that takes far less bulk analysis than Facebook appears to have conducted. And Schiff and Warner surely would never demand that NSA reveal the extent of machine learning techniques that it uses on bulk data, even though that, too, has implications for privacy and democracy (America’s and other countries’). And yet they’re asking Facebook to do just that.

And consider how two laws might offer guidelines, but (in my opinion) fall far short of authorizing such a request.

There’s Section 702, which permits the government to oblige providers to provide certain data on foreign intelligence targets. Section 702’s minimization procedures even permit Congress to obtain data collected by the NSA for their oversight purposes.

Certainly, the Russian (and now Macedonian and Belarus) troll farms Congress wants investigated fall squarely under the definition of permissible targets under the Foreign Government certificate. But there’s no public record of NSA making a request as breathtaking as this one, that Facebook (or any other provider) use its own intelligence resources to answer questions the government wants answered. While the NSA does draw from far more data than most people understand (including, probably, providers’ own algorithms about individually targeted accounts), the most sweeping request we know of involves Yahoo scanning all its email servers for a signature.

Then there’s CISA, which permits providers to voluntarily share cyber threat indicators with the federal government, using these definitions:

(A) IN GENERAL.—Except as provided in subparagraph (B), the term “cybersecurity threat” means an action, not protected by the First Amendment to the Constitution of the United States, on or through an information system that may result in an unauthorized effort to adversely impact the security, availability, confidentiality, or integrity of an information system or information that is stored on, processed by, or transiting an information system.

(B) EXCLUSION.—The term “cybersecurity threat” does not include any action that solely involves a violation of a consumer term of service or a consumer licensing agreement.

(6) CYBER THREAT INDICATOR.—The term “cyber threat indicator” means information that is necessary to describe or identify—

(A) malicious reconnaissance, including anomalous patterns of communications that appear to be transmitted for the purpose of gathering technical information related to a cybersecurity threat or security vulnerability;

(B) a method of defeating a security control or exploitation of a security vulnerability;

(C) a security vulnerability, including anomalous activity that appears to indicate the existence of a security vulnerability;

(D) a method of causing a user with legitimate access to an information system or information that is stored on, processed by, or transiting an information system to unwittingly enable the defeat of a security control or exploitation of a security vulnerability;

(E) malicious cyber command and control;

(F) the actual or potential harm caused by an incident, including a description of the information exfiltrated as a result of a particular cybersecurity threat;

(G) any other attribute of a cybersecurity threat, if disclosure of such attribute is not otherwise prohibited by law; or

(H) any combination thereof.

Since January, discussions of Russian tampering have certainly collapsed Russia’s efforts on social media with their various hacks. Certainly, Russian abuse of social media has been treated as exploiting a vulnerability. But none of this language defining a cyber threat indicator envisions the malicious use of legitimate ad systems.

Plus, CISA is entirely voluntary. While Facebook thus far has seemed willing to be cajoled into doing these studies, that willingness might change quickly if they had to expose their sources and methods, just as NSA clams up every time you ask about their sources and methods.

Moreover, unlike the sharing provisions in 702 minimization procedures, I’m aware of no language in CISA that permits sharing of this information with Congress.

Mind you, part of the problem may be that we’ve got global companies that have sources and methods that are as sophisticated as those of most nation-states. And, inadequate as they are, Facebook is hypothetically subject to more controls than nation-state intelligence agencies because of Europe’s data privacy laws.

All that said, let’s be aware of what Schiff and Warner are asking for, however justified it may be from a investigative standpoint. They’re asking for things from Facebook that they, NSA’s overseers, have been unable to ask from NSA.

If we’re going to demand transparency on sources and methods, perhaps we should demand it all around?

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The (Thus Far) Flimsy Case for Republican Cooperation on Russian Targeting

A number of credulous people are reading this article this morning and sharing it, claiming it is a smoking gun supporting the case that Republicans helped the Russians target their social media, in spite of this line, six paragraphs in.

No evidence has emerged to link Kushner, Cambridge Analytica, or Manafort to the Russian election-meddling enterprise;

Not only is there not yet evidence supporting the claim that Republican party apparatchiks helped Russians target their social media activity, not only does the evidence thus far raise real questions about the efficacy of what Russia did (though that will likely change, especially once we learn more about other platforms), but folks arguing for assistance are ignoring already-public evidence and far more obvious means by which assistance might be obtained.

Don’t get me wrong. I’m acutely interested in the role of Cambridge Analytica, the micro-targeting company that melds Robert Mercer’s money with Facebook’s privatized spying (and was before it was fashionable). I first focused on Jared Kushner’s role in that process, which people are gleefully discovering now, back in May. I have repeatedly said that Facebook — which has been forthcoming about analyzing and sharing (small parts) of its data — and Twitter — which has been less forthcoming — and Google — which is still channeling Sargent Schultz — should be more transparent and have independent experts review their methodology. I’ve also been pointing out, longer than most, of the import of concentration among social media giants as a key vulnerability Russia exploited. I’m particularly interested in whether Russian operatives manipulated influencers — on Twitter, but especially in 4Chan — to magnify anti-Hillary hostility. We may find a lot of evidence that Russia had a big impact on the US election via social media.

But we don’t have that yet and people shooting off their baby cannons over the evidence before us and over mistaken interpretations about how Robert Mueller might get Facebook data are simply degrading the entire concept of evidence.

The first problem with these arguments is an issue of scale. I know a slew of articles have been written about how far $100K spent on Facebook ads go. Only one I saw dealt with scale, and even that didn’t do so by examining the full scale of what got spent in the election.

Hillary Clinton spent a billion dollars on losing last year. Of that billion, she spent tens of millions paying a 100-person digital media team and another $1 million to pay David Brock to harass people attacking Hillary on social media (see this and this for more on her digital team). And while you can — and I do, vociferously — argue she spent that money very poorly, paying pricey ineffective consultants and spending on ads in CA instead of MI, even the money she spent wisely drowns out the (thus far identified) Russian investment in fake Facebook ads. Sure, it’s possible we’ll learn Russians exploited the void in advertising left in WI and MI to sow Hillary loathing (though this is something Trump’s people have explicitly taken credit for), but we don’t have that yet.

The same is true on the other side, even accounting for all the free advertising the sensationalist press gave Trump. Sheldon Adelson spent $82 million last year, and it’s not like that money came free of demands about policy outcomes involving a foreign country. The Mercers spent millions too (and $25 million total for the election, though a lot of that got spent on Ted Cruz), even before you consider their long-term investments in Breitbart and Cambridge Analytica, the former of which is probably the most important media story from last year. Could $100K have an effect among all this money sloshing about? Sure. But by comparison it’d be tiny, particularly given the efficacy of the already established right wing noise machine backed by funding orders of magnitude larger than Russia’s spending.

Then there’s what we know thus far about how Russia spent that money. Facebook tells us (having done the kind of analysis that even the intelligence community can’t do) that these obviously fake ads weren’t actually focused primarily on the Presidential election.

  • The vast majority of ads run by these accounts didn’t specifically reference the US presidential election, voting or a particular candidate.
  • Rather, the ads and accounts appeared to focus on amplifying divisive social and political messages across the ideological spectrum — touching on topics from LGBT matters to race issues to immigration to gun rights.
  • About one-quarter of these ads were geographically targeted, and of those, more ran in 2015 than 2016.

That’s not to say sowing discord in the US has no effect, or even no effect on the election. But thus far, we don’t have evidence showing that Russia’s Facebook trolls were (primarily) affirmatively pushing for Trump (though their Twitter trolls assuredly were) or that the discord they fostered happened in states that decided the election.

Now consider what a lot of breathless reporting on actual Facebook ads have shown. There was the article showing Russia bought ads supporting an anti-immigrant rally in Twin Falls, ID. The ad in question showed that just four people claimed to attend this rally in the third most Republican state. Another article focused on ads touting events in Texas. While the numbers of attendees are larger, and Texas will go Democratic long before Idaho does, we’re still talking relatively modest events in a state that was not going to decide the election.

To show Russia’s Facebook spending had a measurable impact on last year’s election, you’d want to focus on MI, WI, PA, and other close states. There were surely closely targeted ads that, particularly in rural areas where the local press is defunct and in MI where there was little advertising (WI had little presidential advertising, but tons tied to the Senate race) where such social media had an important impact; thus far it’s not clear who paid for them, though (again, Trump’s campaign has boasted about doing just that).

Additionally, empiricalerror showed that a number of the identifiably Russian ads simply repurposed existing, American ads.

That’s not surprising, as the ads appear to follow (not lead) activities that happened on far right outlets, including both Breitbart and Infowars. As with the Gizmo that tracks what it claims are Russian linked accounts and thereby gets credulous journalists to claim campaigns obviously pushed by Americans are actually Russian plots, it seems Russian propaganda is following, not leading, the right wing noise machine.

So thus far what we’re seeing is the equivalent of throwing a few matches on top of the raging bonfire that is the well established, vicious, American-funded inferno of far right media. That’s likely to change, but that’s what we have thus far.

But as I said, all this ignores one other key point: We already have evidence of assistance on the election.

Except, it went the opposite direction from where everyone is looking, hunting for instances where Republicans helped Russians decide to buy ads in Idaho that riled up 4 people.

As I reminded a few weeks back, at a time when Roger Stone and (we now know) a whole bunch of other long-standing GOP rat-fuckers were reaching out to presumed Russian hackers in hopes of finding Hillary’s long lost hacked Clinton Foundation emails, Guccifer 2.0 was reaching out to journalists and others with close ties to Republicans to push the circulation of stolen DCCC documents.

That is, the persona believed to be a front for Russia was distributing documents on House races in swing states such that they might be used by Republican opponents. Some of that data could be used for targeting.

Now, I have no idea whether Russia would risk doing more without some figure like Guccifer 2.0 to provide deniability. That is, I have no idea whether Russia would go so far as take more timely and granular data about Democrats’ targeting decisions and share that with Republicans covertly (in any case, we are led to believe that data would be old, no fresher than mid-June). But we do know they were living in the Democrats’ respective underwear drawers for almost a year.

And Russia surely wouldn’t need a persona like Guccifer 2.0 if they were sharing stolen data within Russia. If the FSB stole targeting data during the 11 months they were in the DNC servers, they could easily share that data with the Internet Research Association (the troll farm the IC believes has ties to Russian intelligence) so IRA can target more effectively than supporting immigration rallies in Idaho Falls.

Which is a mistake made by many of the sources in the Vanity Fair article everyone keeps sharing, the assumption that the only possible source of targeting help had to be Republicans.

We already know the Russians had help: they got it by helping themselves to campaign data in Democratic servers. It’s not clear they would need any more. Nor, absent proof of more effective targeting, is there any reason to believe that the dated information they stole from the Democrats wouldn’t suffice to what we’ve seen them do. Plus, we’ve never had clear answers whether or not Russians weren’t burrowed into far more useful data in Democratic servers. (Again, I think Russia’s actions with influencers on social media, particularly via 4Chan, was far more extensive, but that has more to do with HUMINT than with targeting.)

So, again, I certainly think it’s possible we’ll learn, down the road, that Republicans helped Russians figure out where to place their ads. But we’re well short of having proof of that right now, and we do have proof that some targeting data was flowing in the opposite direction.

Update: This post deals with DB’s exposure of a FB campaign organizing events in FL, which gets us far closer to something of interest. Those events came in the wake of Guccifer 2.0 releasing FL-based campaign information.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Facebook Doesn’t Need a Probable Cause Search Warrant to Turn Over Ad Data to Robert Mueller

People are shooting off their baby cannons in excitement with the news that Facebook turned over information to Robert Mueller that they didn’t turn over to Congress. The excitement comes, apparently, from the perception that if Mueller got more stuff than Congress, he must have gotten a probable cause search warrant, something implied — but not at all stated affirmatively — in this WSJ article.

Facebook Inc.  has handed over to special counsel Robert Mueller detailed records about the Russian ad purchases on its platform that go beyond what it shared with Congress last week, according to people familiar with the matter.

The information Facebook shared with Mr. Mueller included copies of the ads and details about the accounts that bought them and the targeting criteria they used, the people familiar with the matter said. Facebook policy dictates that it would only turn over “the stored contents of any account,” including messages and location information, in response to a search warrant, some of them said.

A search warrant from Mr. Mueller would mean the special counsel now has a powerful tool in his arsenal to probe the details of how social media was used as part of a campaign of Russian meddling in the U.S. presidential election. Facebook hasn’t shared the same information with Congress in part because of concerns about disrupting the Mueller probe, and possibly running afoul of U.S. privacy laws, people familiar with the matter said.

CNN similarly asserts that Mueller would need a warrant, without actually reporting any confirmation from Facebook that that’s what has happened.

Facebook gave Mueller and his team copies of ads and related information it discovered on its site linked to a Russian troll farm, as well as detailed information about the accounts that bought the ads and the way the ads were targeted at American Facebook users, a source with knowledge of the matter told CNN.

The disclosure, first reported by the Wall Street Journal, may give Mueller’s office a fuller picture of who was behind the ad buys and how the ads may have influenced voter sentiment during the 2016 election.

Facebook did not give copies of the ads to members of the Senate and House intelligence committees when it met with them last week on the grounds that doing so would violate their privacy policy, sources with knowledge of the briefings said. Facebook’s policy states that, in accordance with the federal Stored Communications Act, it can only turn over the stored contents of an account in response to a search warrant.

“We continue to work with the appropriate investigative authorities,” Facebook said in a statement to CNN.

Even in the criminal context, it’s not at all clear Mueller would need a probable cause search warrant. Here’s what WSJ and CNN said Facebook gave Mueller:

  • Copies of ads (which according to some reports, Facebook showed, but did not leave, with Congress)
  • Details about the accounts that bought them
  • Targeting criteria used to buy them

Both WSJ and CNN take from these details that Facebook treats these things — which are what the Internet Research Association and other fake subscribers included in their communications conducting an advertising transaction with Facebook — as “stored contents of an account” or “messages and location information.”

Given that these are communications with Facebook, not with the fake subscribers’ fake friends, it’s not at all clear that’s this would count as content. Here’s what Facebook gets asked for (and presumably delivers) in response to a 2703(d) order on an average real American, like Reality Winner.

A. The following information about the customers or subscribers of the Account:
1. Names (including subscriber names, user names, and screen names);
2. Addresses (including mailing addresses, residential addresses, business addresses, and e-mail addresses);
3. Local and long distance telephone connection records;
4. Records of session times and durations, and the temporarily assigned network addresses (such as Intemet Protocol (“IP”) addresses) associated with those sessions;
5. Length of service (including start date) and types of service utilized;
6. Telephone or instrument numbers (including MAC addresses);
7. Other subscriber numbers or identities (including temporarily assigned network addresses and registration Intemet Protocol (“IP”) addresses (including carrier grade natting addresses or ports)); and
8. Means and source of payment for such service (including any credit card or bank account number) and billing records.

B. All records and other information (not including the contents of communications) relating to the Account, including:
1. Records of user activity for each connection made to or from the Account, including log files; messaging logs; the date, time, length, and method of connections; data transfer volume; user names; and source and destination Intemet Protocol addresses;
2. Information about each communication sent or received by tbe Account, including tbe date and time of the communication, the method of communication, and the source and destination of the communication (such as source and destination email addresses, IP addresses, and telephone numbers). Records of any accounts registered with the same email address, phone number(s), method(s) of payment, or IP address as either of the accounts listed in Part I; and
3. Records of any accounts that are linked to either of the accounts listed in Part I by machine cookies (meaning all Facebook/Instagram user IDs that logged into any Facebook/Instagram account by the same machine as either of the accounts in Part I).

What would “all records and other information” relating to the account entail for an ad purchaser? After all, the fake account is not posting the ad, Facebook is. The fake account is using Facebook targeting criteria — again, communicating with Facebook, not its fake friends.

And if this is how Mueller got the Facebook data, it would be available with approval from a grand jury (and we know he’s got several grand juries lying around), with a relevance — not a probable cause — standard.

And that’s only if you’re talking criminal context. WSJ and CNN refer to Facebook’s privacy policy, which for legal reasons doesn’t cite all the ways they turn over data. In assuming that Mueller had to use a search warrant, both outlets are ignoring another obvious authority: Section 702.

We’re talking accounts believed (by both Facebook and the government) to be run by the Internet Research Association. The Intelligence Community Assessment on Russian tampering states, even in the unclassified version, that they believe IRA has ties to Russian intelligence.

  • The likely financier of the so-called Internet Research Agency of professional trolls located in Saint Petersburg is a close Putin ally with ties to Russian intelligence.

But even without that, we’re talking a foreign corporation engaging in activity that everyone involved agrees has foreign intelligence value, with most people claiming that they knowingly took part in an intelligence influence operation run by Russian spooks.

That’s solidly in the realm of what gets tasked, all the time, under Section 702’s Foreign Government certificate. Hell, using 702, Mueller could get the contents of the messages sent by the fake accounts to their fake friends, as well as anything else private in their accounts (and a whole lot more).

And the standard for 702 is not probable cause, it is foreigner (including foreign corporation) located overseas of foreign intelligence purpose.

I know everyone badly wants to assume Mueller has indictments in his back pocket, and so therefore are seeing criminal probable cause where there may be none (and where none is required). But both of these articles make certain assumptions about how Facebook treats ad transactions and, making those assumptions, rule out the 2703(d) order. And both of these articles are ignoring the availability of everything in IRA’s accounts — content or no — under Section 702.

Update: I believe these misleading leaks are coming from Congress, rather than from Facebook or Mueller. Note, for example, this WSJ explanation for why Facebook gave Mueller more than they gave Congress:

Facebook hasn’t shared the same information with Congress in part because of concerns about disrupting the Mueller probe, and possibly running afoul of U.S. privacy laws, people familiar with the matter said.

The concern about disrupting the Mueller probe would not be Facebook’s. It’d be Mueller and Congress’.

With that in mind, consider this article, from Bloomberg, which I also found sketchy. It claims that Mueller’s investigation has a “red-hot” focus on social media.

Russia’s effort to influence U.S. voters through Facebook and other social media is a “red-hot” focus of special counsel Robert Mueller’s investigation into the 2016 election and possible links to President Donald Trump’s associates, according to U.S. officials familiar with the matter.

Mueller’s team of prosecutors and FBI agents is zeroing in on how Russia spread fake and damaging information through social media and are seeking additional evidence from companies like Facebook and Twitter about what happened on their networks, said one of the officials, who asked not to be identified discussing the ongoing investigation.

It relies on two US officials, a common moniker for members of Congress or their staffers. And the article goes on to quote both Richard Burr and Mark Warner.

Intelligence Committee Chairman Richard Burr, a North Carolina Republican, said Tuesday that it’s “probably more a question of when” than if there will be a hearing with Facebook officials as part of his panel’s probe. Mark Warner, the committee’s top Democrat and a former telecommunications company founder, said Facebook’s revelation appears to be “the tip of the iceberg. I think there’s going to be much more.”

“This is the Wild, Wild West,” Warner said.

Warner has made no secret, for weeks, he wants more focus on the social media side of this. But Burr, here, seems to be reflecting the same considerations he does elsewhere: timing, which for him has been driven by ensuring the committee collects enough evidence to prepare before speaking to witnesses, and deference to Mueller’s investigation.

But consider the rest of the article, which suggests that Mueller’s investigation is going full steam after social media.

That’s pretty hard to square with the fact that Twitter hadn’t even considered doing a report until Facebook delivered theirs, which was provided voluntarily. And Google has done nothing yet, in spite of concerns about Russians exploiting YouTube.

Twitter Inc. is also expected to speak to congressional investigators in the coming weeks about Russian activity on its platform, said Sen. Mark Warner of Virginia, the top Democrat on the Senate Intelligence Committee last week. A spokeswoman for Twitter declined to comment on whether the company had received any warrants or handed anything over related to possible Russian ad buys.

Alphabet Inc.’s Google unit said in a statement, “We’re always monitoring for abuse or violations of our policies and we’ve seen no evidence this type of ad campaign was run on our platforms.” A person familiar with the matter said the company hasn’t been called to testify on the topic.

In other words, if Mueller is interested in social media, that interest is no longer than 10 days old, and did not drive Facebook’s reporting (though Mueller would have intelligence from the intelligence community, on top of whatever Facebook provided).

I think Warner wants Burr’s agreement to subpoena these providers now, which would permit SSCI to obtain the same stuff Mueller did. And if, in an effort to apply that pressure, Warner or his minions are telling journalists that Mueller got more because he used legal process, it would leave it to journalists to interpret what kind of (legally gagged, probably) process Mueller used. Which might result in precisely the kind of story we got: journalists reporting it involved a warrant based on their interpretation of how Facebook treats ad purchases.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.