Abbe Lowell Reveals the Complete Inadequacy of the Intelligence Committee Russian Investigations

As noted, the press has been focused on the Senate Judiciary Committee’s revelation that Jared Kushner failed to turn over several documents known to exist, which has led to more details about efforts by Aleksander Torshin to meet with people associated with the campaign.

Here are the things identified to be missing from Jared’s production to SJC.

In addition, there are several documents that are known to exist but were not included in your production. For example, other parties have produced September 2016 email communications to Mr. Kushner concerning WikiLeaks, which Mr. Kushner then forwarded to another campaign official. Such documents should have been produced in response to the third request but were not. Likewise, other parties have produced documents concerning a “Russian backdoor overture and dinner invite” which Mr. Kushner also forwarded. And still others have produced communications with Sergei Millian, copied to Mr. Kushner.

In response to the Feinstein letter revealing these details, Jared’s lawyer, the very capable Abbe Lowell, wrote back, scolding Feinstein (though the letter is also addressed to Chuck Grassley) for releasing her letter to the press. But in fact, Lowell’s letter is not responsive to four of the items laid out in Feinstein’s letter. And the way in which Lowell doesn’t respond reveals the complete inadequacy of the Intelligence Committee Russian investigations.

The four things (I noticed that) Lowell doesn’t address are:

  • A request for a copy of Jared’s own copy of his SF-86 applications
  • A privilege log
  • Call records pertaining to some of the requests
  • Communications “about” certain individuals

A request for a copy of Jared’s own copy of his SF-86 applications

Feinstein’s letter notes that Jared should have a copy of his SF-86 applications and asks for them.

However, if Mr. Kushner or his counsel retained copies of the forms, you should produce them. The SF-86 instructions explicitly advise the applicant to “retain a copy of the completed form for your records.” Moreover, with regard to your claim that the documents are confidential, while the Privacy Act limits the government’s authority to release the information provided to it, there is no restriction on your client’s ability to provide that information to Congress.

Lowell simply notes that SJC is pursuing this, and scoffs that Jared’s serially incomplete SF-86 forms might be relevant to the inquiry.

I explained to your staff that documents concerning the SF-86 are deemed government personnel records, and I know the Committee is pursuing these (again with whatever relevance they could possibly have to any real inquiry) from the proper channels.

A privilege log

Feinstein also asked that Jared work with the White House so he could release “certain documents” that might implicate executive privilege, with an eye towards providing a privilege log.

You also raised concerns that certain documents might implicate the President’s Executive Privilege and declined to produce those documents. We ask that you work with White House counsel to resolve any questions of privilege so that you can produce the documents that have been requested or provide a privilege log that describes the documents over which the President is asserting executive privilege.

While Lowell addresses documents that post-date the inauguration; he makes no comment about executive privilege at all.

Call records pertaining to some of the requests

Feinstein’s letter also notes that Jared included no phone records pertaining to some of the requests (she doesn’t say which ones).

You also have not produced any phone records that we presume exist and would relate to Mr. Kushner’s communications regarding several requests.

Lowell does not address that request at all.

Communications “about” certain individuals

Finally, and most interesting to me, even before Feinstein listed the known documents that Jared had failed to turn over, she noted that he had failed to search for communications about certain things.

For example, you limited your production in response to our second request in a manner that eliminates communications about the individuals identified in that request.[1] If, as you suggest, Mr. Kushner was unaware of, for example, any attempts at Russian interference in the 2016 presidential election, then presumably there would be few communications concerning many of the persons identified in our second request, and the corresponding burden of searching would be small.

[1] The Committee requested “[a]ll communications to, form, or copied to you relating to” certain individuals, but you stated that you “found no communications in which these individuals also appear in the to, from, or copy to lines of the communications.”

In fact, the three missing documents all might be considered such “about” communications, as they consist of forwarded emails adding further commentary.

Here’s where Lowell’s response gets really interesting. As with the request for call records, he doesn’t address the failure to search on communications “about” people at all. He doesn’t mention that he has failed to search for documents in the manner directed by the committee.

But for each of the missing documents, he explains why they wouldn’t be relevant in such a way that completely dodges the fact that, as communications “about” the persons in question, they definitely are.

A communication in which he was a copied recipient and was not about Russia contacts by him (or apparently by anyone else) was not responsive to any request about Mr. Kushner’s own contacts.

[snip]

The “Millian” email between Mr. Millian and a reporter, in which Mr. Millian is actually conferring with Michael Cohen and confirming that Mr. Millian has no relationship with the President, is also not one about contacts that Mr. Kushner, or really anyone, had that would be responsive to any relevant request.

[snip]

[of the Torshin email] Again, this was not any contact, call or meeting in which Mr. Kushner was involved.

[snip]

You can see there would be no reason for us not to provide such a clear expression that Mr. Kushner had no contacts with, nor was in collusion with, nor was pursuing any such relationship with Russia except that it was not responsive.

So not only does he offer disingenuous explanations for each of the missing documents — one after another he explains that these emails don’t involve any contact between Jared and the designated person — but he completely ignores that under the terms of the request, they were obviously responsive.

Of course, the only reason SJC learned of these emails is because the other participants in the email chains turned them over. But there are undoubtedly other emails or documents that are “about” these and presumably other requested individuals that others wouldn’t have been party to. And by ignoring the request for “about” documents, Lowell is basically completely blowing off providing those other documents, which would presumably be even more interesting.

Just as an example, Jared could very well have had 100 other discussions “about” Wikileaks or Julian Assange with some unknown person, and Lowell’s incomplete search would have hidden it.

Now check out Lowell’s more general excuse for not turning over such documents:

With respect to the substance of your letter, let me start with the so-called “Missing Documents.” They are not missing at all. As you will note, after I spoke to your staff, I wrote a cover letter with our production. In that letter, I wrote: “We believe that our prior production [to the intelligence committees] contains the most pertinent documents to your inquiry into the June 9, 2016 meeting at Trump Tower, and related matters, and undercut any notion that there was collusion (or even any extensive interaction) between Mr. Kushner and Russia concerning the 2016 election.” The documents provided to those committees fully responded to their requests. That was why we said we would provide those documents to you first to see if anything else was relevant or new, and try to determine whether those documents satisfy your inquiry as well.

This production, which doesn’t include any documents about designated topics (including the June 9 meeting), satisfied the intelligence committees. That means the intelligence committees could not have asked for “about” documents (which is particularly ironic given that they’re both trying to find a way to help NSA turn “about” 702 collection back on). Which in turn means the intelligence committees likely have huge gaps in their understanding of Jared’s awareness of the Russian discussions.

And in addition to all his other contemptuous non-answers to Feinstein’s letter, Lowell says Jared shouldn’t have to sit for an interview with SJC because he already sat for 6 hours with the other committees, the committees that didn’t ask for “about” documents and therefore don’t have a complete picture of Jared’s involvement.

This is the scam that’s been going on for almost a year (which is probably why Michael Cohen has been dodging an interview with SJC too).

While his letter is otherwise totally unhelpful, it’s nice of Lowell to so clearly make evidence the inadequacies of the other congressional investigations.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Implicit Threat in Julian Assange’s Ambassador Tweet

The other day, I suggested the Twitter Direct Messages between Wikileaks and Don Jr were underwhelming, in that some of the more damning things we might have expected did not show up in those DMs. Since then, several things have become clear. First, there were some time zone inaccuracies behind the timestamps on one of the most inflammatory claims (that Trump immediately tweeted in response to an October 12 DM from Assange; it probably was 75 minutes). And the password Wikileaks shared with Don Jr had been made available to journalists and may have been passed on by Chuck Johnson, who was currying favor with Assange at the time; that minimizes the possibility that such sharing could be deemed a CFAA or other kind of technical violation though puts Johnson more centrally in this picture.

I didn’t say explicitly enough in that post and I should have, though, that I was speaking about Don Jr, not about Wikileaks.

Wikileaks’ contributions do show the organization (and Assange in particular, in those DMs we know involved him) to be self-interested and rabidly anti-Clinton If you haven’t known the latter fact to be true since Hillary did some pretty crazy things in 2010, then you’re new to this rodeo. That said, the tweets did elicit some righteous betrayal from Barrett Brown, which I totally respect given the price he has paid for the claimed idealism of Wikileaks (see also this story).

It’s worth remembering, as Emma Best notes, because they’ve been under unrelenting surveillance since 2010, “WikiLeaks *knew* the DMs were being monitored in real time. It was inevitable that this would leak. Simply calling this dumb misses the point and ignores the tradecraft at play.” Assange, from the refusal of inside information to the demand for an Ambassadorship, was staging a show, and we should remember that.

That said, I’m far more interested in Assange’s subsequent response to the disclosure of the emails, specifically this tweet. In the full DMs released by Don Jr (I think Wikileaks can fairly claim Atlantic took out some context — Atlantic came close to and I think should have just replicated the content of all the DMs, though Brown disagrees), this was the comment Assange made on December 16 asking to be Ambassador.

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM

On Tuesday, Assange posted an ostensible follow-up to that one, renewing his offer to serve as Ambassador.

Note, Assange had originally misspelled Don Jr’s twitter handle, so deleted and reposted it.

This has been taking as trolling, with Assange’s notion that he’d open a hotel in DC, as the Trumps have, with “luxury immunity suites” for whistleblowers.

But even that’s not trolling. It’s a public renewal, more explicit this time, of Assange’s request for a pardon from Trump Sr, though here he drops the “offer” of the claims laundered through Dana Rohrabacher that the emails Assange published to help Trump get elected came from an insider and not Russia. Assange wants the fuck out of his embassy closet, and he’s willing to say that explicitly, now, in a public tweet (as Best noted, making this request visible for all).

Remember, Rohrabacher was always clear that someone (or someones, but Chuck Johnson is clearly one of those people) had made clear that Trump wanted this information. Was Don Jr in on that loop?

It’s the rest of the tweet that got less attention. First, Assange’s promise of “a turbo-charged flow of intel about the latest CIA plots to undermine democracy,” a remarkable reference coming as it does in the wake of Mike Pompeo’s consideration of an alternative narrative for how Wikileaks got emails (as I noted, scheduled even as John Kelly thwarted Rohrabacher’s attempts to meet with Trump directly), not to mention Trump’s screed at John Brennan and others over the weekend.

Assange is agreeing with Trump, even if no one else is, even as the two of them both seek to push an alternative narrative that doesn’t have the Russians orchestrating Assange’s actions for Trump’s benefit, that the CIA is undermining Trump’s presidency.

It’s the hashtag, though, that most observers missed: Vault 8.

Vault 8 is the name Wikileaks has given for its release — started just Friday — of actual source code for CIA’s hacking tools, after long releasing “just” the development notes and manuals for the same tools. I noted then both the way Wikileaks was picking up Shadow Brokers’ narrative about Kaspersky, but also the multiple references to Wikileaks having the same set of NSA files as Shadow Brokers had.

I noted last December that with the December 14 Shadow Brokers release of new NSA tools (just days before Assange joked about being ambassador), the persona seemed to be engaging in extortion: “Nice little NSA here, it’d be shame if anything would happen to it.” Since that time, Shadow Brokers made good on the threat, leading to global cyberattacks. What Assange seems to be doing is similar: no longer a quid pro quo for safety in DC, but now a threat, using CIA, and tools released in CIA’s name, as hostage.

Assange is not offering to release secrets about CIA, but instead weapons leaked or stolen from them. Sure, to the extent the Vault 7 releases haven’t already, that’ll allow others to attribute CIA attacks. But it’ll also devastate the agency and badly undermine US power.

That appears to be where Assange’s request for immunity has gotten.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

At Some Point Trump’s Denials Are about Criminal Defense, Not Just Denial

After hanging out with Vladimir Putin informally in Da Nang, Donald Trump again said he believes Putin’s denials that he interfered with the election.

“He said he didn’t meddle. He said he didn’t meddle. I asked him again. You can only ask so many times,” Trump told reporters aboard Air Force One as he flew from Da Nang to Hanoi in Vietnam. Trump spoke to Putin three times on the sidelines of summit here, where the Russia meddling issue arose.

“Every time he sees me, he says, ‘I didn’t do that,'” Trump said. “And I believe, I really believe, that when he tells me that, he means it.”

“I think he is very insulted by it,” Trump added.

This has the chattering class horrified, again, about what this does for the intelligence community.

That’s all true, but I think this is about more than Trump preferring the analysis of an old KGB spy.

As this NYT story released last night makes clear, the Mueller investigation is closing in on Trump’s close aides, including Stephen Miller and (as I’ll point out later) Jeff Sessions. I have reason to believe something will be announced in the very near future that will blow the investigation wide open, in ways that may directly implicate the President.

But, as I’ve said repeatedly, the Russian operation built in multiple levels of deniability, not just the WikiLeaks cut-out. So it may be that whatever actions personally implicate Trump involve enough deniability he will be able to claim — or try to — that he didn’t know the actions he took involved working directly with the Russians.

In other words, at some point these repeated public claims aren’t about trusting Putin over his intelligence community. They’re about mounting a criminal defense.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

About the Timing of the Binney Meeting

The Intercept is reporting that, on Trump’s orders, Mike Pompeo met with Bill Binney on October 24 to understand his theory arguing that the DNC hack was in fact a leak.

In an interview with The Intercept, Binney said Pompeo told him that President Donald Trump had urged the CIA director to meet with Binney to discuss his assessment that the DNC data theft was an inside job. During their hour-long meeting at CIA headquarters, Pompeo said Trump told him that if Pompeo “want[ed] to know the facts, he should talk to me,” Binney said.

[snip]

Binney said that Pompeo asked whether he would be willing to meet with NSA and FBI officials to further discuss his analysis of the DNC data theft. Binney agreed and said Pompeo said he would contact him when he had arranged the meetings.

I’ve got a few comments about this.

First, I’m particularly intrigued in the timing. on Twitter, Jim Sciutto said Trump had been pushing for Pompeo to meet with Binney for several weeks.

Pompeo took the meeting at the urging of President Trump over weeks. Pompeo told Binney: “The president told me I should talk to you”

I’ve been told the meeting was set up by October 14, which means Trump has been pushing for this meeting for over a month. That dates it to around the same time as reports that Chief of Staff John Kelly was preventing Dana Rohrabacher from meeting Trump to pass on Julian Assange’s claims explaining how the emails he received didn’t come from Russia, though that scheme went back further, to mid-August.

Effectively, though, that means Trump has been trying to find some way to magnify theories that argue culprits besides Russia did the hack. The guy who begged Russia to hack Hillary’s emails in the middle of last summer is looking for some alternative narrative to push, and it’s not clear whether he cares what that narrative is.

Though, as I noted in my post on these theories, now that we know the files Guccifer 2.0 leaked were from Podesta and as-yet unidentified sources, it makes all the arguments focusing on Guccifer beside the point (and disrupts Craig Murray’s claims).

On top of a lot of other implications of this, it shifts the entire debate about whether Guccifer 2.0 was WikiLeaks’ source, which has always focused on whether the documents leaked on July 22 came from Guccifer 2.0. Regardless of what you might conclude about that, it shifts the question to whether the Podesta emails WikiLeaks posted came from Guccifer 2.0, because those are the ones where there’s clear overlap. Russia’s role in hacking Podesta has always been easier to show than its role in hacking the DNC.

It also shifts the focus away from whether FBI obtained enough details from the DNC server via the forensic image it received from Crowdstrike to adequately assess the culprit. Both the DNC and Hillary (as well as the DCCC) servers are important. Though those that squawk about this always seem to miss that FBI, via FireEyedisagreed with Crowdstrike on a key point: the degree to which the two separate sets of hackers coordinated in targeted servers; I’ve been told by someone with independent knowledge that the FBI read is the correct one, so FBI certainly did their own assessment of the forensics and may have obtained more accurate results than Crowdstrike (I’ve noted elsewhere that public IC statements make it clear that not all public reports on the Russian hacks are correct).

In other words, given that the files that Guccifer 2.0 first leaked actually preempted WikiLeaks’ release of those files by four months, what you’d need to show about the DNC file leaks is something entirely different than what has been shown.

Binney and the other skeptics aren’t even arguing the right issue anymore.

Moreover, there’s a newly public detail that may moot two key strands of the argument. Last week the WSJ (here’s the Reuters version) reported that DOJ is thinking of charging 6 Russian officials in the hack of the DNC. I get it. People are skeptical that the FBI has any better data than the NSA (though I know others, outside of the FBI, believe they’ve pinpointed hackers by name). But as part of that story,  they described the four districts where the investigation into the hack (as distinct from Mueller’s investigation into the election tampering) live.

The U.S. Justice Department has gathered enough evidence to charge six members of the Russian government in the hacking of Democratic National Committee computers before the 2016 U.S. presidential election, the Wall Street Journal reported on Thursday, citing people familiar with the investigation.

Federal agents and prosecutors in Washington, Philadelphia, Pittsburgh and San Francisco have been cooperating on the DNC investigation and prosecutors could bring the case to court next year, it said.

[snip]

The hacking investigation, conducted by cybersecurity experts, predates the appointment in May of federal special counsel Robert Mueller to oversee the probe of alleged Russian meddling in the 2016 election and possible collusion with President Donald Trump’s campaign.

Mueller and the Justice Department agreed to allow the technical cyber investigation to continue under the original team of agents and prosecutors, the Journal said.

I’m not sure the report is 100% accurate; for example, I know of a non-political witness in the election-related hack being interviewed by Mueller’s people.

But it includes a little-noticed detail that I know to be accurate — and important to rebut the claim that the copying speed claimed by Forensicator requires a conclusion incompatible with Russia carrying out the hack. Part of the investigation is in Philadelphia.

When Reuters first reported a tripartite structure of the investigation in February, it included San Francisco (the Guccifer 2.0 investigation), Pittsburgh (the Russian side, probably focused on known APTs), and DC (the counterintelligence side — though that would significantly be Mueller’s investigation).

Philadelphia was not included. I only know a bit about the Philadelphia side of the investigation, but I do know that part of the investigation is located there because of a server in the district. So one way or another, we know that the FBI is conducting an investigation in an Eastern city as part of the hacking investigation based on the use of a server in the district. That doesn’t necessarily mean they’re investigating Russians. But it means even if you account for a server in the eastern time zone, you still have FBI preparing to charge Russians for the hack.

Which brings us to the last line of the Intercept article.

Binney said that since their meeting, he has not heard from Pompeo about scheduling follow-up meetings with the NSA and FBI.

Granted, it has only been two weeks. But in that time, not even Pompeo’s prodding has made the FBI (more likely) or the NSA (which still has bad blood with Binney) remotely curious about these theories.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

On Metadata and Manipulation: the First Guccifer 2.0 Documents

In the AP’s (very worthwhile) coverage of the data it obtained from Secureworks it reveals at least the fifth piece of deception pertaining to the first documents released by Guccifer 2.0 on June 15, 2016. It revealed that Guccifer 2.0 added the word “confidential” (possibly as both the watermark shown on the front page and in the footer) to this document.

But there were signs of dishonesty from the start. The first document Guccifer 2.0 published on June 15 came not from the DNC as advertised but from Podesta’s inbox, according to a former DNC official who spoke on condition of anonymity because he was not authorized to speak to the press.

The official said the word “CONFIDENTIAL” was not in the original document.

Guccifer 2.0 had airbrushed it to catch reporters’ attention.

Here’s that watermark, which would have made reporters obtaining the document to ascribe it more value than it had.

On top of that change, we know that Guccifer 2.0 deliberately used the name Felix Edmundovich, invoking Iron Felix, the founder of the KGB (though another document invoked Che Guevaro in the same way) in the metadata of the document.

This analysis and this analysis compellingly shows, in my opinion, that the other Russian metadata in the documents was also deliberately placed there.

Finally, I believe that the addition of Warren Flood as author was also deliberate.

In addition, Guccifer 2.0 released these documents as DNC documents when in fact they are either Podesta documents or have not yet been sourced.

Now, Guccifer 2.0 in fact didn’t hide some of these alterations. Some were identified the same day the documents were released. But at the time they were interpreted as OpSec failures, rather than intentional deception. To this day, skeptics try to argue that the intentional deception of the rest of the metadata is somehow different than the tribute to Iron Felix (which is a mirror to the assumption in the early days that the Iron Felix was deliberate but the other Russian metadata was not, which I criticized here), without explaining why that would be the case.

In this post, I talked about how some of the other deception — pitching these Podesta (and other) documents as DNC documents — would have been a way to taunt the DNC and Crowdstrike for their false claims downplaying the hack. (Note, in the post, I ask why Guccifer 2.0 harped on VAN so much; the AP piece reveals that VAN officials and those working on voter registration were targeted, which suggests maybe the Russians did get VAN data and we simply don’t know about it.)

So contrary to the belief of some commentators, it has long been known that Guccifer 2.0 altered these documents. But I don’t think there has been a full accounting of all the ways that it worked (it’s not even clear we know the full extent of the deception).

For now, I’m going to leave these multiple layers of deception laid out (I’d add, that whatever cutout led Julian Assange to believe — or at least to claim — the documents were sourced to Americans is another layer of deception, a different kind of metadata.)

There were multiple layers of deception built into these first documents, alternately taunting the Democrats who would have known them to be deception, the analysts who mistook them as mistakes, and the press who took them to indicate real value. I suspect there are at least two more layers of deception here.

But it’s worth noting that no one was immune from this deception, and it’s likely there are still a few layers that we’re missing here.

Update: As Thomas Rid notes on Twitter, one of the first five documents Guccifer 2.0 released is a version of one that Guccifer 1.0 had released.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

In Discussion of Unmasking Admiral Rogers Gets Closer to Admitting Types of Section 702 Cybersecurity Use

Last Friday, Director of National Intelligence Dan Coats, Director of NSA Mike Rogers, and FBI Director Christopher Wray did an event at Heritage Foundation explaining why we need Section 702 and pretending that we need it without reasonable reforms. I attended Wray’s talk — and even got my question on cybersecurity asked, which he largely dodged (I’ll have more about two troubling things Wray said later). But I missed Rogers’ talk and am just now catching up on it.

In it, he describes a use of Section 702 that goes further than NSA usually does to describe how the authority is used in cybersecurity.

So what are some examples where we’ll unmask? Companies. Cybersecurity. So we’ll report that US company 1 was hacked by the following country, here’s how they got in, here’s where they are, here’s what they’re doing. Part of our responsibility on the US government side is the duty to warn. So how do you warn US company 1 if you don’t even know who US company 1 is? So one of the reasons we do unmasking is, so for example we can take protective to ensure this information is provided to the appropriate individuals.

What Rogers describes is an active hack, by a nation-state (which suggests that rule may not have changed since the 2015 report based off 2012 Snowden documents that said NSA could only use 702 against nation-state hackers). The description is not necessarily limited to emails, the type of data NSA likes to pretend it collects in upstream (though it could involve phishing). And the description even includes what is going on at the victim company.

Rogers explains that the NSA would unmask that information so as to be able to warn the victim — something that (via the FBI) happened with the DNC, but something which didn’t happen with a number of other election related hacks.

Of course, Reality Winner is facing prison for having made this clear. The FISA-derived report she is accused of leaking shows how the masking works in practice.

In the case of VR Systems, the targeted company described, it’s not entirely clear whether NSA (though FBI) warned them directly or simply warned the states that used it. But warnings, complete with their name, were issued. And then leaked to the press, presumably by people who aren’t facing prison time.

In any case, this is a thin description of NSA’s use of 702 on cybersecurity investigations. But more detail in unclassified public than has previously been released.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Latest CNN Scoop Doesn’t Prove What Everyone Says It Does

CNN has a story that reports something the evidence it presents doesn’t support, which others are taking to say things that it supports even less.

It claims that a short email thread it shares and five pages of talking points it doesn’t proves that the June 9, 2016 meeting at Trump Tower between Natalia Veselnitskaya and Don Jr (and others) “not about dirt on Clinton.”

An email exchange and talking points provided to CNN are the latest indication of how some of the meeting participants plan to make their case about why the meeting with Donald Trump Jr. did not amount to collusion between Russian officials and the Trump campaign.

The new information stands in contrast with the initial email pitching the meeting to Trump Jr., which promised damaging information on Clinton.

The “proof” is an email chain — or perhaps, just five emails from a longer chain, out of context with other emails they relate to — that includes one where Veselnitskaya asks Rod Goldstone, who set up the meeting, permission to include Rinat Akhmetshin in the meeting because he “is working to advance these issues with several congressmen.” From that, CNN suggests, we should understand the meeting was primarily about the Magnitsky sanctions.

But even there, Goldstone’s references to the purpose of the meeting are oblique, wishing only that Veselnitskaya “bring[s] whoever you need in order to make the meeting successful.” Moreover, the talking point document that CNN doesn’t share does include “a passing reference to a possible financer of Clinton’s campaign.” The further discussion of the talking points suggest it was more than a passing reference.

As part of her explanation, Veselnitskaya’s talking points accuse the “Ziff brothers” — three billionaire brothers who had run a hedge fund company together — of violating Russian law, as well as their connections to Democratic politics.

“Ziff brothers participated in financing both Obama presidential campaign, American press dubs them as ‘main sponsors of Democrats,’ ” the memo states, according to a translated version. “It’s entirely possible they also take part in financing Hillary Clinton’s campaign.”

Now consider the provenance of the document, which to me is a big part of the story.

It was obtained, CNN explains, by an attorney CNN says represents Aras and Emin Agalarov, and who seems intent on refuting the story publicly told by Rod Goldstone.

The documents were provided by Scott Balber, who represents Aras and Emin Agalarov, the billionaire real estate developer and his pop star son who requested the June 2016 meeting.

Balber, who went to Moscow to obtain the documents from Veselnitskaya, said in an interview with CNN that the emails and talking points show she was focused on repealing the Magnitsky Act, not providing damaging information on Clinton.

The message was muddled, Balber said, when it was passed like a game of telephone from Veselnitskaya through the Agalarovs to Goldstone.

Balber also suggested that Goldstone “probably exaggerated and maybe willfully contorted the facts for the purpose of making the meeting interesting to the Trump people.”

A couple of points about this.

First, in addition to apparently representing the Agalarovs in this matter, and on top of being an early source for details about who attended this meeting, Balber also once represented Trump.

This story comes at a time when we know Akhmetshin has already testified before the grand jury, presumably saying what he said to the FT about Veselnitskaya sharing information developed with the help of corporate intelligence (which is quite likely to be Fusion! which might explain the NDA) on how bad money supported Hillary.

Akhmetshin said he did not read the papers about Hillary Clinton’s campaign funding that Veselnitskaya took to the meeting, but he had seen the Russian version of it before. He says the lawyer developed it with the help of private corporate intelligence and that it was about “how bad money ended up in Manhattan and that money was put into supporting political campaigns”.

Furthermore Richard Burr, last week, suggested that Veselnitskaya may have already met with SSCI investigators.

Sir, is the Russian lawyer who met Donald Trump, is she coming before you?

[snip]

Is the Russian attorney going to come through, the Russian attorney that met with Donald Trump Jr, she’s offered to come in open committee. Have you reached out to her, is she one of the 25 on your list?

Burr: How do you know we haven’t already heard from her?

So if this is an attempt to change the spin of the story, it may extend no further than changing the spin of the story publicly, not with Robert Mueller or anyone who matters.

But here’s the bigger question. Why would an American lawyer who has previously represented Trump need to fly to Russia to meet with Veselnitskaya personally? This email chain and the talking points could very easily be sent — but weren’t. So why did Balber need to solidify stories with Veselnitskaya in person? And what is the provenance of the emails as presented, stripped of any forensic information?

So while it’s clear Trump’s former lawyer wants to change the spin around this story, it seems to me the takeaway should be,

Breaking: Lawyer with past ties to Trump flew to Russia to coordinate stories with Natalia Veselnitskaya

Furthermore, given all the focus on Fusion and the emphasis in this story on NDAs, I’d suggest it possible they’re trying to hide the fact that Fusion was working both sides, or even providing dirt on Hillary to the initial funder of the Steele dossier to the Republican that originally paid for it.

Update: Compare this effort to rewrite the story with the flip-flop Don Jr made for his congressional testimony. Not only did Don Jr need to incorporate both adoptions and dirt on Hillary to accord with both his published emails but also with what Pops said, but he could not recall things about what Agalarov said in advance of the meeting.

I’m more interesting in the things the forgetful 39 year old could not recall. While his phone records show he spoke to Emin Agalarov, the rock star son of Aras Agalarov, who has been dangling real estate deals in Russia for the Trumps for some time, for example, he doesn’t recall what was discussed.

Three days later, on June 6th, Rob contacted me again about scheduling a time for a call with Emin. My phone records show three very short phone calls between Emin and me between June 6th and 7th. I do not recall speaking to Emin. It is possible that we left each other voice mail messages. I simply do not remember.

This is important, because those conversations probably explained precisely what was going to happen at that meeting (and how it might benefit real estate developer Aras Agalarov), but Jr simply can’t recall even having a conversation (or how long those conversations were).

Don Jr also claimed not to recall that Ahkmetshin attended the meeting. The focus in the CNN spin on the NDAs served to obscure his presence in a way.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Senator Feinstein Confirms the Public Steele Dossier Is Not the Whole Thing

For something else, I’m rewatching the confirmation hearing for Brian Benczkowski to be Assistant Attorney General of the Criminal Division. (at 1:55)

Feinstein: Before you go on, do you have the whole dossier?

Benczkowski: I read the dossier online as it was published on BuzzFeed [raises two fingers]

Feinstein: The whole dossier is not online.

Benczkowski: The only thing that I have done, Senator, in that regard, was read the two pages as to Alfa Bank.

Feinstein: You have not seen the whole dossier?

Benczkowski: I have not.

The Senate Judiciary Committee had, by this point, been investigating the Steele Dossier for months (though this question preceded the Glenn Simpson testimony by a month). This is the classic Feinstein hearing disclosure, and past history suggests it would be accurate.

Which is to say what we’re seeing is just a fraction of the dossier — which is a point I’ve been making from the start (it also means the balance of the dossier may be more sensitive). It also means that someone made cherry picked the reports to first brief and then ultimately to leak to the press, which itself should be an issue for inquiry.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Richard Burr Accuses the Obama Administration of Running Out the Clock on Election Interference

At the end of yesterday’s press conference, Richard Burr made a startling accusation. In response to a question about whether the Trump Administration hasn’t done enough to respond to Russia’s interference, Burr instead addressed DHS’ delayed notice to states about election intrusions, as if that constituted an adequate response from the Trump Administration.

In doing so, Burr accused the Obama Administration of “running out the clock” (apparently, on notifying states).

Listen, I think the Vice Chairman alluded to the fact that though it was slow, getting DHS to recognize [that states needed notice of attempted hacks on their election infrastructure], it didn’t take as long as it did for the last Administration to run the clock on it. So we’re not trying to look back and point to things that were done wrong. Everybody’s done things wrong.

The accusation is particularly galling, given Lisa Monaco’s description of her efforts to get the Gang of Eight to write a letter warning states of the thread.

In the briefings, the C.I.A. said there was intelligence indicating not only that the Russians were trying to get Mr. Trump elected but that they had gained computer access to multiple state and local election boards in the United States since 2014, officials said.

Although the breached systems were not involved in actual vote-tallying operations, Obama administration officials proposed that the eight senior lawmakers write a letter to state election officials warning them of the possible threat posed by Russian hacking, officials said.

But Senator Mitch McConnell of Kentucky, the Republican majority leader, resisted, questioning the underpinnings of the intelligence, according to officials with knowledge of the discussions. Mr. McConnell ultimately agreed to a softer version of the letter, which did not mention the Russians but warned of unnamed “malefactors” who might seek to disrupt the elections through online intrusion. The letter, dated Sept. 28, was signed by Mr. McConnell, Mr. Reid, Speaker Paul D. Ryan and Representative Nancy Pelosi, the ranking Democrat.

On Sept. 22, two other members of the Gang of Eight — Senator Dianne Feinstein and Representative Adam B. Schiff, both of California and the ranking Democrats on the Senate and House intelligence committees — released their own statement about the Russian interference that did not mention Mr. Trump or his campaign by name.

Do the math here: McConnell, Reid, Ryan, and Pelosi signed a letter saying that malefactors might try to disrupt the elections. Then Feinstein (then Burr’s counterpart on SSCI) and Schiff (Nunes’ counterpart on HPSCI) released a stronger letter blaming Russia.

Based on briefings we have received, we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the U.S. election.

At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes of the election—we can see no other rationale for the behavior of the Russians.

We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government.

We call on President Putin to immediately order a halt to this activity. Americans will not stand for any foreign government trying to influence our election. We hope all Americans will stand together and reject the Russian effort.

None of these are the precise letter that Monaco has said she was after — a letter emphasizing the risk to the polls.

Still, just two people signed no letter: Nunes (who would go on to serve in Trump’s transition team) and Burr (who not only was serving on Trump’s national security advisory committee, but was in a close race in one of the states most likely to have had the outcome affected by known Russian hacking).

And he has the gall to call out the Obama Administration?

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Richard Burr’s Tacit Warning to Christopher Steele

I’m just now catching up to Richard Burr and Mark Warner’s press conference on the Russia investigation yesterday. I saw some folks questioning why they did the presser, which surprises me. The answer seems obvious. They did the presser to release and apply pressure from specific areas of the investigation. For example, Burr exonerated those involved in the Mayflower Hotel meetings on April 2016 and further argued that the GOP platform was not changed to let Russia off the hook for Ukraine (I think the latter conclusion, in any case, is correct; I’m less persuaded about the first). Warner used the presser to push for Facebook to release the ads sold to Russia.

A particularly instance of this — one that I believe has been misunderstood by those who’ve reported it thus far — pertains to the Steele dossier. Here’s what Burr said about it, working off of prepared remarks (meaning issuing this tacit warning was one purpose of the presser; after 16:00):

As it relates to the Steele dossier: unfortunately the committee has hit a wall. We have on several occasions made attempts to contact Mr. Steele, to meet with Mr. Steele, to include, personally, the Vice Chairman and myself as two individuals, of making that connection. Those offers have gone unaccepted. The committee cannot really decide the credibility of the dossier without understanding things like who paid for it? who are your sources and sub-sources? We’re investigating a very expansive Russian network of interference in US elections. And though we have been incredibly enlightened at our ability to rebuild backwards, the Steele dossier up to a certain date, getting past that point has been somewhat impossible. And I say this because I don’t think we’re going to find any intelligence products that unlock that key to pre-June of ’16. My hope is that Mr. Steele will make a decision to meet with either Mark and I or the committee or both, so that we can hear his side of it, versus for us to depict in our findings what his intent or what his actions were. And I say that to you but I also say that to Chris Steele.

People seem to interpret this to mean SSCI hasn’t been able to corroborate the dossier — a point on which Burr is ambiguous. He references intelligence products that might unlock secrets of the dossier, which might suggest the committee has found intelligence products from later in the process that either confirms or doesn’t the events as the dossier as produced.

More important, however, is his reference to June 2016. While it seems like Burr might be suggesting the committee has found no evidence on collusion dating to before that date, that would seem to be inconsistent with the committee having received information on Michael Cohen’s discussions of financial dealings from before June (though given Burr’s exoneration of the Mayflower attendees, he may deem the earlier activities to be inconclusive).

So it seems more likely Burr raised the June 2016, along with his question about how paid for the report, to suggest he has real questions about whether its findings served as a partisan effort to taint Trump, paid for by a still undisclosed Hillary backer.

If Christopher Steele won’t talk about what intelligence he had on Trump before the time when, in June 2016, he reported on Russia providing kompromat (though not, at that point, hacked emails) on Hillary to Trump’s team, Burr seems to be saying, then it will be far easier to question his motivations and the conclusions of the report. And frankly, given some of the details on the Steele dossier — especially Steele’s briefings to journalists and his claim that the customers for the brief never read it — Burr is right to question that.

In other words, one point of the presser, it seems to me, was for Burr to warn Steele that his dossier will not be treated as a credible piece of work unless and until the committee gets more details about the background to it.

Update: Apparently, Steele responded to Burr’s comments by informing the committee he is willing to meet with Burr and Warner.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.