Four Rudy Giuliani-Related Privilege Reviews: DOJ Likely Already Has a Version of Document 4708

As I noted here and here, on Monday, Judge David Carter ordered John Eastman to turn over most documents he had been trying to withhold from the January 6 Committee. That order found that it was likely that Trump and Eastman had conspired to defraud the US. But there was just one document turned over on the basis of crime-fraud exception: a document otherwise privileged under a work product claim that, Judge Carter ruled, could not be withheld because it was sent in the commission of the attempt to obstruct the vote count.

Here’s how Carter described the document:

In this email, a colleague forwards to Dr. Eastman a memo they wrote for one of President Trump’s attorneys.153 The memo sketches a series of events for the days leading up to and following January 6, if Vice President Pence were to delay counting or reject electoral votes. The memo clearly contemplates and plans for litigation: it maps out potential Supreme Court suits and the impact of different judicial outcomes. While this memo was created for both political and litigation purposes, it substantively engages with potential litigation and its consequences for President Trump. The memo likely would have been written substantially differently had the author not expected litigation. The Court therefore finds that this document was created in anticipation of litigation.

[snip]

The eleventh document is a chain forwarding to Dr. Eastman a draft memo written for President Trump’s attorney Rudy Giuliani.274 The memo recommended that Vice President Pence reject electors from contested states on January 6. This may have been the first time members of President Trump’s team transformed a legal interpretation of the Electoral Count Act into a day-by-day plan of action. The draft memo pushed a strategy that knowingly violated the Electoral Count Act, and Dr. Eastman’s later memos closely track its analysis and proposal. The memo is both intimately related to and clearly advanced the plan to obstruct the Joint Session of Congress on January 6, 2021. Because the memo likely furthered the crimes of obstruction of an official proceeding and conspiracy to defraud the United States, it is subject to the crime-fraud exception and the Court ORDERS it to be disclosed.

274 4708. [my emphasis]

Carter’s decision and the release of documents has set off the usual wails about how much more proactive the January 6 Committee is than DOJ, replete with statements of fact — almost always people who haven’t done any work to understand what DOJ is really doing — that DOJ hasn’t taken steps to obtain such documents itself.

I’d like to look at four privilege reviews that implicate Rudy Giuliani and show that it is likely DOJ already has this document or at least ones that are related. Those reviews are:

  • Judge David Carter’s review of 111 documents subpoenaed from John Eastman by the January 6 committee
  • The 11-month long privilege review of materials on 16 devices seized from Rudy Giuliani on April 28, 2021
  • Details released about Robert Costello’s advice to Steve Bannon provided in response to a subpoena from the January 6 Committee
  • The known details about subpoenas served on Sidney Powell’s non-profit, Defending the Republic

John Eastman

As explained here, the David Carter opinion describes the judge’s privilege review of just four days of materials (January 4 to January 7, 2021) responsive to the January 6 Committee subpoena to Eastman. Carter went meticulously through seven categories of materials in Eastman’s possession and determined that just ten documents could be withheld under a work product claim and one — document 4708 — had to be turned over under a crime-fraud exception.

Carter ruled the document — an email chain that forwarded a memo written for Rudy to Eastman — was excepted under a crime-fraud exception because, the judge described, it sought to transform Eastman’s Electoral Count Act scheme “into a day-by-day plan of action.” Eastman didn’t write it. Rather, because the document was created for Rudy, Carter treated it along with four others, “created by or for agents of President Trump or his campaign, including attorneys of record in state cases and President Trump’s personal attorney.” [my emphasis]

References to the document explain that Eastman claimed attorney-client privilege over the document (fn 81, 125) and someone wrote “PRIVILEGED AND CONFIDENTIAL” in email text (fn 101).

Carter’s review of the document is particularly valuable for how he dismisses Eastman’s attorney-client privilege claim: In hundreds of pages of briefing, Eastman provided no evidence that its sender was affiliated with the Trump campaign or was covered by Eastman’s own claim to be representing Trump.

Dr. Eastman claims attorney-client privilege over only nine documents: five emails125 and four attachments.126 None of these documents includes Dr. Eastman’s client, President Trump, as a sender or recipient of the email. Instead, all emails are sent from a third party to Dr. Eastman, and two of the emails blind copy (bcc) a close advisor to President Trump.127

Despite having filed nearly a hundred pages of briefing, Dr. Eastman does not mention this third-party email sender anywhere in his briefs; the person is named only in his privilege log entries. Dr. Eastman’s description in the privilege log is conclusory, describing the sender merely as his “co-counsel.”128 Dr. Eastman failed to provide retainer agreements or a sworn declaration that would prove this third party was an attorney or agent for President Trump. The Court also cannot infer the third party’s affiliation with President Trump from his email, which is a generic, [email protected] email address. Dr. Eastman has not met his burden to show that these communications were with an agent of President Trump or the Trump campaign, and as such, these documents do not warrant the protection of the attorney-client privilege.

In other words, there was someone involved in relaying a memo originally written for Rudy to Eastman that Eastman didn’t want to or couldn’t argue was a Trump lawyer. And that’s why this attorney-client privilege claim failed. That’s an important detail because — as we’ll see — Bannon tried something similar.

Rudy Giuliani

Now let’s turn to Rudy’s phones. As I keep explaining, while the known warrants used to seize Rudy’s phones cover his Ukrainian influence peddling and cover a time period from May 1, 2018 through December 31, 2019, SDNY got Judge Paul Oetken to approve a Special Master review that covered the period from January 1, 2018 through the date of seizure, April 28, 2021. Special Master Barbara Jones’ review is only for privilege claims (including Executive privilege and attorney-client at least), not for responsiveness to any subpoena, so the end result of her review will result in turning over all non-privileged content on Rudy’s devices from that 28-month period.

That means if the person who created the memo forwarded as part of document 4708 sent it to Rudy on one of the devices that were seized, then the underlying memo would be included in the Special Master review.

We don’t know how DOJ has prioritized this review. We know only what is in this and earlier reports, which I’ve captured in this table.

Jones did an initial review, covering the entire timeframe (that is, post-dating January 1, 2018) of 7 devices, from which she found 3 documents about which she had some question, but ultimately deemed them privileged and turned over 2,000 other items.

Then, seemingly in parallel, she did a review of Device 1B05 (a cell phone) and 8 other devices. For the 8 devices, her review covered only the period of Rudy’s Ukrainian influence peddling. But for Device 1B05, Jones’ review covered the full 28-month period, meaning it would include any texts or messages sent on or pertaining to January 6.

I next assigned for review the chats and messages that post-dated January 1, 2018 on Device 1B05, which is a cell phone. There were originally 25,481 such items, which later increased to 25,629 after a technical issue involving document attachments was identified. An initial release of non-designated items was made to the Government’s investigative team on November 11, 2021.1

Of the total documents assigned for review, Mr. Giuliani designated 96 items as privileged and/or highly personal. Of those 96 designated items, I agreed that 40 were privileged, Mr. Giuliani’s counsel withdrew the privilege designation over 19, and I found that 37 were not privileged. I shared these determinations with Mr. Giuliani’s counsel, and they indicated that they would not challenge my determination that the 37 items are not privileged. The 40 privileged documents have been withheld from the Government’s investigative team and the remaining 56 were released on January 19, 2022.

1 Additional non-designated items were released on January 19, 2022.

Device 1B05 was the only one for which Jones disputed the original privilege claims made by Rudy and his attorney Robert Costello. Of 40 items, Jones agreed with their privilege claim. Of 19, Costello withdrew the claim. And of 37, Jones told Costello she disagreed, after which Costello decided not to fight her ruling.

While these discussions were going on, Judge Oetken issued a ruling that, if Rudy wanted to challenge Jones’ rulings, they’d have to make their legal arguments (but not the content of the contested communications) public. During the Michael Cohen privilege review, such a decision led Cohen and Trump to drop privilege claims, probably over the crime-fraud excepted hush payment communications, and that may be what happened here.

Whatever happened, we know that, with the exception of 43 items, any January 6-related communications that were on half of the 16 phones seized from Rudy would have been turned over to the FBI for a scope review. To be clear, investigators wouldn’t be able to access those comms unless they got a separate warrant for them, but we would never know (short of an indictment relying on them) if they had.

None of that guarantees that the memo forwarded with Eastman’s document 4708 is in DOJ possession. If the person who wrote it emailed it, it would not necessarily be on the seized devices. (Though if DOJ had a January 6 warrant for Rudy’s phones, they presumably would have obtained one for his email and iCloud as well, as they did with his Ukraine investigation.) If the person delivered it by hand, it would not be on the devices. And it’s possible that Costello made a more compelling argument than Eastman did that the sender was covered by a privilege claim tied to Trump.

Steve Bannon

We don’t know what kind of wild privilege claims Robert Costello was making as part of the privilege review of Rudy’s devices (which started in earnest in September 2021). But we do know what kind of wild privilege claims Robert Costello was making for another of his clients, Steve Bannon, in discussions of how to respond to a subpoena from the January 6 between October 5 and 19, 2021. He provided those details (including two 302s from interviews at which FBI agents were present) in a bid to claim he — Costello — was unfairly targeted as part of DOJ’s investigation of Bannon’s contempt (see this post for details).

In Costello’s interviews, he was all over the map about whether Bannon could invoke Executive Privilege. He said that according to some OLC opinions, Bannon did not have to be a government employee to receive “protections” under EP, and that “TRUMP had the right to claim it for BANNON.” He said that 10 of the 17 items on the Jan 6 subpoena were covered by EP. He admitted EP did not cover a request for comms involving Scott Perry and “it would take a ‘creative argument’ to apply Executive Privilege to that particular item.” He admitted, too, that comms with the Proud Boys wouldn’t be covered by EP if such communications existed.  He said that EP claims should be worked out between Trump and the Committee. He said he had told Bannon that Bannon could not invoke EP because “that authority belongs to the President.”

Ultimately, though, Costello admitted that Trump’s attorney Justin Clark never reviewed anything Bannon might have claimed privilege over and refused several requests to contact the Committee himself about EP.

COSTELLO did not provide any documents to attorneys representing former President Trump for review to determine if Executive Privilege covered the documents. At the time, COSTELLO did not know what attorneys were representing others who had received Select Committee subpoenas.

COSTELLO asked CLARK to reach out to the Select Committee and to directly express to the Select Committee what COSTELLO and BANNON were confused about in regards to Executive Privilege. COSTELLO estimated he requested this of CLARK approximately two or three times; however, CLARK did not reach out to the Select Committee. COSTELLO did not have prior knowledge of the lawsuit of former President TRUMP.

[snip]

CLARK would not identify for COSTELLO what would be covered under Executive Privilege and that CLARK left that determination up to those who had received the Select Committee subpoena. CLARK also refused to reach out to the Select Committee on behalf of COSTELLO or BANNON.

[snip]

COSTELLO did not provide or offer any documents to attorneys representing former President TRUMP to review for Executive Privilege.

In a follow-up, Costello effectively admitted there was no concrete record that Trump had invoked EP.

Costello stated that Justin Clark (Clark) was trying to be intentionally vague; however, Costello was clear former President Donald Trump (President Trump) asserted executive privilege with regard to Bannon.

When DOJ asked Costello for a letter indicating that Clark had invoked EP for Bannon, he had nothing specific.

Then there was the matter of Bannon’s podcasts. Costello ceded they weren’t covered by privilege, but only because they were public (!!!!), and appears to have just assumed the Committee would go get them on their own.

With regards to responding to the Select Committee’s request for documents, COSTELLO planned to send a link to the website hosting all of BANNON’s publicly accessibly podcasts.

[snip]

The podcasts requested could be obtained by the Select Committee off the internet, and since they were in the public domain, the podcasts also were not covered by Executive Privilege.

[snip]

COSTELLO admitted he did not have a good answer as to why he didn’t disclose to the Select Committee that the podcasts were in the public domain and BANNON was not required to respond to that particular item. COSTELLO believed the particular requests regarding the podcasts was just a “bad request” by the Select Committee.

The most telling piece of advice given by the lawyer Bannon shares with Rudy — one that goes to the heart of what Costello might have done in discussions taking place at the same time about privilege with SDNY — was that Bannon, who is not a lawyer, could claim attorney-client privilege over items requested in item 17 of the subpoena, which asked for,

Any communications with Rudolph Giuliani, John Eastman, Michael Flynn, Jenna Ellis, or Sydney Powell about any of the foregoing topics.

Costello claimed these such communications, including those with Mike Flynn or Sidney Powell, would be covered by attorney-client or work product privilege.

COSTELLO believed that the request listed as number 17 involved information over which BANNON could assert attorney-client privilege given it included a request for communications between BANNON and RUDOLPH GIULIANI, JENNA ELLIS, and other attorneys who were working for former President Trump.

[snip]

COSTELLO believed item 17 was covered by attorney-client privilege or by attorney work product protections. Even though MICHAEL FLYNN was not an attorney, he was present during attorney-client-protected discussions. Those particular attorneys represented former President TRUMP and CLARK informed COSTELLO not to respond to item 17.

There’s so much crazy-train about this last bit. After stating over and over that Clark refused to invoke EP, Costello then admitted that Clark wanted Bannon to withhold communications involving Rudy, Eastman, Powell, and Mike Flynn. Costello admitted Flynn (like Bannon) was not a lawyer, but was still prepared to claim attorney work product over comms with him anyway. But the thing I can’t get enough of is that Rudy’s lawyer Robert Costello was claiming that Sidney Powell — who, in a written statement issued on November 22, 2020, Trump’s lawyer Rudy Giuliani made very clear did not represent Donald Trump — represented Donald Trump.

Still, all this crazy train amounts to non-lawyer Bannon, advised by the lawyer he shares with Rudy, making the same claim that lawyer John Eastman had made regarding “war” planning leading up to January 6; that such documents were covered by work product privilege. That’s the same claim that Judge Carter just applied a crime-fraud exception for.

I’m guessing Costello attempted to make similar claims with Barbara Jones in SDNY and I’m guessing that Jones pointed out that Bannon and Flynn aren’t lawyers and Rudy was quite clear that Powell was not Trump’s lawyer. In other words, I think it likely that some of the claims Costello withdrew are similar to those that Eastman failed with. If that’s right, it increases the chance Document 4708 would be turned over to DOJ.

Sidney Powell

And then there’s the Kraken lady.

We don’t know the full scope of the grand jury investigation into Powell, aside from the fact that Molly Gaston, who is supervising the Bannon prosecution, is also involved in it (which means she’d have visibility on the overlap between the two, and would know that Trump’s lawyer tried to withhold comms involving Powell without invoking privilege). The subpoena requests, at least, cover the finances of her Defending the Republic “non-profit.”

The federal probe, which has not been previously reported, is examining the finances of Defending the Republic, an organization founded by Powell to fund her “Kraken” lawsuits to overturn the 2020 election, the sources said.According to two of the people familiar with the matter, a grand jury was empaneled, and subpoenas and documents requests have gone out to multiple individuals as recently as September.

The investigation, then, would cover activities that are tangential to the January 6 subpoenas to Bannon and Eastman.

But the fact that there’s a grand jury investigation into Powell makes it exceedingly likely DOJ got a warrant for her emails.

She has a valid privilege claim covering communications with Mike Flynn for some of this period. But thanks to Rudy’s public statement, she has no privilege covering her actions for Trump.

Chances are pretty good she received a copy of the memo for Rudy too (if the memo wasn’t written by someone with closer ties to Powell than Rudy).

I think it’s likely that DOJ has multiple copies of document 4708, probably via Rudy, Bannon, and Powell, if not Eastman himself (getting it from Chapman U would always have been easy to do with a gag, and would be still easier now).

What’s clear, though, is that the lawyer that Rudy and Bannon share is making privilege claims every bit as absurd as the ones Carter just rejected, and with Bannon, there’s no question about privilege claims.

Share this entry

Lisa Monaco Vows, Again, to Hold All January 6 Perpetrators, at Any Level, Accountable

In a press conference releasing DOJ’s FY 2023 budget ask, Deputy Attorney General Lisa Monaco was asked about the January 6 investigation. She vowed, as Merrick Garland has before, to hold perpetrators — at any level — accountable.

So, look, as we have described, the January 6 investigation is among the most wide-ranging, the most complex that this department has ever undertaken. It reaches nearly every US Attorney’s Office, nearly every FBI field office, we’ve charged more than 750 cases and we’ve charged unprecedented conspiracies and the use of rare tools like the seditious conspiracy statute. Regardless of whatever resources we seek, or get, let’s be very, very clear, we are going to continue to do those cases, we are going to hold those perpetrators accountable, no matter where the facts lead us, as the Attorney General has said, no matter what level.

We will do those cases.

But, again, let’s be clear: Doing those cases draws on resources from across the US Attorneys offices, those same resources that are needed to fight violent crime. Those same resources that are needed to investigate corporate crime across the country. Those same resources that are going to help us enforce our civil rights laws.

So this budget, the FY 23 budget would provide as I noted an unprecedented level of funding to our law enforcement components, to US attorneys offices, to really recognize the priority that we’re placing both on the January 6 investigations and all the US Attorneys, all the priorities that the US Attorneys offices have to face in addition.

Share this entry

Before John Durham’s Originator-1, There Was a Claimed BGP Hijack

In this post, I described that “Phil,” the guy I went to the FBI about because I suspected he had a role in the Guccifer 2.0 persona, had a role in the Alfa Bank story. As noted, Phil’s provable role in pushing the Alfa Bank story in October 2016 was minor and would have no effect on the false statement charge — for an alleged lie told in September 2016 — against Michael Sussmann. But because of Durham’s sweeping materiality claims, it might have an impact on discovery.

It has to do with the theory that Alfa Bank has about the DNS anomalies, a theory that Durham seems to share: that the data was faked.

As Alfa laid out in its now abandoned John Doe lawsuits, it claims that the anomalous DNS traffic that Michael Sussmann shared with the FBI in September 2016 was faked. The bank appears to believe not just that the data was faked, but that April Lorenzen is involved in some way. For example, it describes that Tea Leaves and “two accomplices” were sources for Franklin Foer (though elsewhere, the lawsuit claims that Tea Leaves was pointed to the data by the unknown John Doe defendants).

Durham seems even more sure that Lorenzen is the culprit. For example, he always refers to the data as “purported.” He refers to Lorenzen as “Originator-1” rather than “Data Scientist-1” or “Tea Leaves,” insinuating she fabricated the data. And when Sussmann asked for all evidence indicating that Durham had bullied witnesses, Durham provided emails involving Lorenzen’s lawyers.

Alfa Bank might be excused for imagining that Lorenzen is the primary culprit to have fabricated the data. According to Krypt3ia, when Alfa asked him for his communications, he only had one email, with a different journalist, to share. They quite clearly don’t understand that someone else was involved in publicizing these claims.

Durham doesn’t have the same excuse.

That’s because DOJ – of which Durham remains a part – knows at least some of the details about “Phil” that I laid out in my last post. Because they would have checked Twitter to vet some of my most basic claims, they almost certainly obtained the Twitter DMs (or at least the metadata) showing that Phil brokered the tie between Krypt3ia and the NYT.

To be clear: I have no evidence that Phil altered the DNS records. I’m agnostic about what caused the anomaly (though am convinced that the experts involved believe the anomaly is real, even if they offer varying explanations for the cause). But Durham has made the source of the anomaly an issue to bolster his claims about materiality. And, as Sussmann noted in a recent filing, “Much as the Special Counsel may now wish to ignore the allegations in the Indictment, he is bound by them.” So, it seems, Durham’s on the hook for telling Sussmann if DOJ knows of anyone else involved in pushing the Alfa Bank story who could be a possible culprit for fabricating the data, especially if that person was known to have clandestinely signed a comment, “Guccifer 2.0.”

Phil probably faked a BGP hijack

The fact that Phil alerted the NYT to the Russian proxy of Lorenzen’s data matters not just because he had, months earlier, claimed to work for an FSB-led company and, even before that, claimed to have been coerced by Russian intelligence at an overseas meeting before the known DNC operation started.

It also matters because (I believe) Phil faked an Internet routing record in the same month the Alfa/Trump/Spectrum anomalies started.

In May 2016, Phil shared what he claimed was a traceroute of a request to my site, an Internet routing record that is different than but related to the DNS records at the heart of the Alfa Bank story. The screencap he sent me purported to show that a request to my site had been routed through (to the best of my memory) some L3 routers in Chicago, to Australia, back to those L3 switches, to my site. Phil was claiming to show me proof that someone had diverted requests to my site overseas along the way – what is known as a BGP hijack. Phil showed this to me in the wake and context of a DDOS attack that had brought my site down for days, an attack which led me to rebuild my site, change hosts, and add Cloudflare DDOS protection.

May 2016, the month Phil showed me what I believe to be a faked traceroute, is the same month the anomalous traffic involving Alfa Bank, Spectrum Health, and a Trump-related server started.

Phil used that traceroute to claim that the US intelligence community was diverting and spying on traffic to my website.

The claim made no sense. The only thing that diverting my traffic would get spies is access to my readers’ metadata, which would be readily accessible via easier means, including with a subpoena to my host provider. Aside from a bunch of drafts that I’ve decided didn’t merit publication, there’s no non-public content on my site. I was not competent (and did not ask others) to assess the validity of the screencap itself, but I considered it unreliable because it didn’t show the query or originating IP address behind the record, which would be needed to test its provenance.

I don’t have that original traceroute (I replaced my phone not long after he sent it). But in June 2016 he shared a reverse DNS look-up related to my site that wasn’t altered but in which Phil invoked the earlier one.

I corrected him in this case – this IP address was readily explainable; it was Cloudflare (which Phil surely knew). But Phil nevertheless repeated his earlier claim that “they” were hijacking my traffic.

When I said that Phil had been tracking how requests to my site worked for some time before he left a comment signed [email protected] in July 2016, this weeks-long exchange is what I was referring to. He had, effectively, been watching as I added Cloudflare protection to my site.

These screencaps show that Phil, who months later would play a role in pushing the Alfa Bank story, was using DNS records — real and possibly faked — as a prop in a false story.

Phil tracked DOD contracts closely

That’s not the only detail that DOJ may know about that Durham should consider before insinuating that Lorenzen is the most likely culprit if this data was fabricated. DOJ may know that Phil tracked DOD contracts very closely. That’s important because it explains how Phil could have learned researchers would be looking closely at DNS records.

For years, I’ve believed that the Alfa-Trump-Spectrum Health effort was disinformation, because so much of what came out that year was and because I viewed the Spectrum Health stuff to be such a reach. My belief it might be disinformation only grew stronger when I discovered the focus on Spectrum Health, with its link to Erik Prince’s sister’s spouse, came just after Prince had asked Roger Stone about his efforts to reach out to WikiLeaks.

Certainly, Putin exploited the allegations afterwards to his advantage. He used them to push Alfa Bank’s Petr Aven to take a primary role in reaching out to Trump during the transition, at least as recounted in the Mueller Report.

According to Aven, at his Q4 2016 one-on-one meeting with Putin,981 Putin raised the prospect that the United States would impose additional sanctions on Russian interests, including sanctions against Aven and/or Alfa-Bank.982 Putin suggested that Aven needed to take steps to protect himself and Alfa-Bank.983

981 At the time of his Q4 2016 meeting with Putin, Aven was generally aware of the press coverage about Russian interference in the U.S. election. According to Aven, he did not discuss that topic with Putin at any point, and Putin did not mention the rationale behind the threat of new sanctions

Aven even used Richard Burt, one of the people scrutinized by the Fusion and DNS research, to reach out to Trump, effectively pursuing precisely the back channel between Alfa and Trump that Fusion suspected months earlier.

The relevant part of Aven’s interview is redacted, so it’s not clear whether Aven mentioned that Alfa Bank had been a key focus of the interference allegations. But that’s the presumptive subtext: along with the Steele dossier, the DNS anomaly – both of which, in several lawsuits since, Aven or Alfa have claimed were “gravely damaging” – raised suspicions about Alfa Bank and made it more likely the bank would be sanctioned than had been the case previously.

And before the bank did get sanctioned last month, Alfa was using the DNS anomaly to conduct a lawfare campaign to learn how the US uses DNS tracking to thwart hacks (one wonders if Putin ordered that campaign, like he personally ordered Aven to reach out to Trump). That campaign even got a bunch of frothy right-wingers to decry efforts to prevent and detect nation-state hacks on the US. So at the very least, Russia has exploited the Alfa-Trump allegations to great benefit, one measure of whether something could be deliberate disinformation.

But as I’ve talked to people who’ve tried to figure out what the anomaly was – including experts who believed it did reflect real communication as well as some who didn’t – they always explained that seeding disinformation in such a fashion would be useless. That’s because you couldn’t ensure that any disinformation you planted would be seen. That is, unlike the Steele dossier, which was being collected by an Oleg Deripaska associate and shared with the press (and for which there’s far more evidence Russia used it to plant disinformation), you could never expect the disinformation to be noisy enough to attract the desired attention.

In the years since the original story, how researchers who found the anomalous data obtained the DNS data has driven a lot of the hostility behind it. The researchers have tried to hide where they got the data for proprietary and cybersecurity reasons. John Durham has alleged there was some legal impropriety behind using it, even when used (as the researchers understood they were doing) to research ongoing nation-state hacks. And Alfa Bank was using lawfare to try to find out as much about the means by which this DNS traffic was observed by cybersecurity experts as possible. The full story of how the researchers accessed the data has yet to be reported, but as I understand it, there’s more complexity to the question than initially made out or than has made it into Durham’s court filings. That complexity would make it even harder to anticipate where DNS researchers were looking. So, multiple experts told me, it would be crazy to imagine anyone would have thought to seed disinformation in DNS records expecting it’d get picked up via those collection points in 2016, because no one would have expected anyone was observing all those collection points.

If a Fancy Bear shits in the DNS woods but there’s no one there to see it, did it really happen?

But there was, in fact, a way to anticipate it might get seen.

As the Sussmann indictment vaguely alluded to and this NYT story laid out in detail, researchers found the DNS anomalies in the context of preparing a bid for a DARPA research contract.

The involvement of the researchers traces back to the spring of 2016. DARPA, the Pentagon’s research funding agency, wanted to commission data scientists to develop the use of so-called DNS logs, records of when servers have prepared to communicate with other servers over the internet, as a tool for hacking investigations.

DARPA identified Georgia Tech as a potential recipient of funding and encouraged researchers there to develop examples. Mr. Antonakakis and Mr. Dagon reached out to Mr. Joffe to gain access to Neustar’s repository of DNS logs, people familiar with the matter said, and began sifting them.

Separately, when the news broke in June 2016 that Russia had hacked the Democratic National Committee’s servers, Mr. Dagon and Ms. Lorenzen began talking at a conference about whether such data might uncover other election-related hacking.

The DOD bidding process provided public notice that DARPA was asking researchers to explore multiple ways, including DNS traffic, to attribute persistent hacking campaigns in real time.

The initial DARPA RFP was posted on April 22, 2016, ten days before the anomalous traffic started but well after the Russian hacking campaign had launched (documents FOIAed by the frothers reveal that the project was under discussion for months before that). This RFP provided a way for anyone who tracked DOD contracts closely to know that people would be looking and the announcement itself included DNS records and network infrastructure among its desired measurements. Depending on the means by which DARPA communicated about the contract, it might also provide a way to find out who would be looking and how and where they would be looking, though as I understand it, the team at Georgia Tech would have been an obvious choice in any case.

Phil tracked DOD contracts very closely. In September 2016, for example, he sent me a text alerting me to a new Dataminr contract just 66 minutes after I published a post about the company (I later wrote up the contract).

Phil also told me, verbally, he was checking what contracts DOD had with one of the US tech companies for which a back door was exposed in summer 2016. He claimed he was doing so to see how badly the government had fucked itself with its failure to disclose the vulnerability. By memory (though I am not certain), I believe it was Juniper Networks, in the wake of the Shadow Brokers release of an NSA exploit targeting the company.

And even on top of Phil’s efforts to convince me that the DNC hack wasn’t done by APT 28, DOJ has other evidence that Phil tracked APT attribution efforts closely, even using official government resources to do so. So it would be unsurprising if he had taken an interest in a contract on APT attribution in real time.

Durham may have access to some or all of this

Durham insinuates the DNS records are faked and he appears to want to blame Lorenzen for faking them. But he may be ignoring evidence in DOJ’s possession that someone else who, I’ve now confirmed, played at least a minor role in pushing the Alfa Bank story was using Internet routing records, possibly faked, to support a false story in May 2016.

To be sure: while I know the investigation into Phil continued at least the better part of a year after my FBI interview about him, any feedback I’ve gotten about that investigation has been deliberately vague. So aside from the obvious things – like the Twitter records that would show Phil’s DMs with Krypt3ia and Nicole Perloth – I can’t be sure what is in DOJ’s possession.

I don’t even know whether the 302 from my FBI interview would mention Phil’s pitch of the Alfa Bank story to me. It was on a list of the things I had intended to describe in that interview. But I didn’t work from the list in the interview itself and I have no affirmative memory of having mentioned it. If I did, it would have amounted to me saying little more than, “he also was pushing the Alfa Bank story.”

That said, unless the FBI agents were epically incompetent, my 302 should mention Alfa Bank, because I’m absolutely certain I raised this post and its emphasis on the inclusion of Alfa Bank in an alarming April 2017 BGP hijack.

And in fact, there’s a way Durham could have found out about Phil’s role in the Alfa Bank story independent of my FBI interview. Of just two people in the US government with whom I shared some of the Alfa Bank-related texts I exchanged with Phil (both were Republicans), one was centrally involved in the investigations that fed into the Durham investigation. If this stuff matters, Durham should ask why several of his key source investigations didn’t focus on it.

Durham should know that Phil had a role in the Alfa Bank story.

And given his insinuations in the indictment that Lorenzen fabricated DNS data in May 2016, making the insinuation part of his materiality claims, Durham may be obligated to tell Michael Sussmann that DOJ already knows of someone who was pushing the Alfa Bank story who used DNS data to tell a false story in May and June 2016.

Share this entry

Judge David Carter Confirms Trump Could Be Prosecuted for [A Lower Standard of] Obstruction

As you’ve no doubt heard, Judge David Carter issued an order releasing 91 documents from the days before and the day of the insurrection to the January 6 Committee. Chapman University professor John Eastman had attempted to withhold them from the 6 Committee under privilege claims. Judge Carter allowed Eastman to withhold just ten documents, most pertaining to then-ongoing lawsuits.

The headline finding from his opinion is that Judge Carter found it more likely than not that Trump committed the crime hundreds of other insurrectionists have been charged with — obstruction of an official proceeding — and Eastman and Trump (and others) entered into a conspiracy to do so.

On August 19, I laid out that if Trump were to be prosecuted, it would be for conspiring to obstruct the vote count. At the the time, TV lawyers ignored me, thinking they knew better. In December, after Liz Cheney argued that Trump had obstructed an official proceeding, those same TV lawyers started adopting the theory as if they had come up with it. Now a judge has agreed that it is likely that Trump did commit that crime that I laid out back in August.

Sometimes I hate to say I told the TV lawyers so. This is not one of those times.

Especially since, of the three kinds of overt acts that Carter cites to substantiate his decision, two — Trump’s pressure on Mike Pence and his mobilization of his mob to march on the Capitol — are Trump actions about which DOJ has been accumulating piles of evidence. In my opinion, by including the mobilization of the mob in his opinion, Carter showed a better understanding of Trump’s legal exposure than the Committee.

There are five elements Carter needed to establish to make his finding. First, to find Trump may have obstructed a vote count, Carter pointed to:

  • Proof the vote certification was an official proceeding
  • The actions Trump took to obstruct that official proceeding
  • Proof of Trump’s corrupt intent

Then, to show that Trump and Eastman (and others) entered into a conspiracy to obstruct the vote count, he pointed to:

  • An agreement to defraud the US
  • Eastman’s own dishonest actions

Carter didn’t spend much time on the official proceeding prong. Instead he relied on the ten existing DC rulings on the issue finding the vote certification was an official proceeding cited in the committee brief (there are now at least 13 opinions finding it to be an official proceeding, though Carter did not address the issue on which Judge Carl Nichols had differed from his colleagues, whether obstruction required destroying of documents).

Carter pointed to three kinds of acts that amounted to Trump’s effort to obstruct the election: two meetings before January 6 where they discussed pressuring Pence, several appeals on the morning of January 6 to Pence (including on Twitter), and “galvanizing the crowed to join him in enacting the plan,” by walking to the Capitol.

President Trump facilitated two meetings in the days before January 6 that were explicitly tied to persuading Vice President Pence to disrupt the Joint Session of Congress. On January 4, President Trump and Dr. Eastman hosted a meeting in the Oval Office with Vice President Pence, the Vice President’s counsel Greg Jacob, and the Vice President’s Chief of Staff Marc Short.209 At that meeting, Dr. Eastman presented his plan to Vice President Pence, focusing on either rejecting electors or delaying the count.210 When Vice President Pence was unpersuaded, President Trump sent Dr. Eastman to review the plan in depth with the Vice President’s counsel on January 5.211 Vice President Pence’s counsel interpreted Dr. Eastman’s presentation as being on behalf of the President.212

On the morning of January 6, President Trump made several last-minute “revised appeal[s] to the Vice President” to pressure him into carrying out the plan.213 At 1:00 am, President Trump tweeted: “If Vice President @Mike_Pence comes through for us, we will win the Presidency . . . Mike can send it back!”214 At 8:17 am, President Trump tweeted: “All Mike Pence has to do is send them back to the States, AND WE WIN. Do it Mike, this is a time for extreme courage!”215 Shortly after, President Trump rang Vice President Pence and once again urged him “to make the call” and enact the plan.216 Just before the Joint Session of Congress began, President Trump gave a speech to a large crowd on the Ellipse in which he warned, “[a]nd Mike Pence, I hope you’re going to stand up for the good of our Constitution and for the good of our country. And if you’re not, I’m going to be very disappointed in you. I will tell you right now.”217 President Trump ended his speech by galvanizing the crowd to join him in enacting the plan: “[L]et’s walk down Pennsylvania Avenue” to give Vice President Pence and Congress “the kind of pride and boldness that they need to take back our country.”218

Together, these actions more likely than not constitute attempts to obstruct an official proceeding. [my emphasis]

It is public that DOJ has spent months focusing on the second (pressure on Pence) and third (mobilizing his mob) actions. Indeed, as I have shown, DOJ has laid out proof that many of the conspiracies had the specific goal of pressuring Pence.

To show that this met obstruction’s requirement of corrupt intent, Carter relied on a Ninth Circuit precedent that, for where he is in California, adopts a lower threshold for corrupt intent than the one adopted by the DC District judges so far.

The Ninth Circuit has not defined “corruptly” for purposes of this statute.222 However, the court has made clear that the threshold for acting “corruptly” is lower than “consciousness of wrongdoing,”223 meaning a person does not need to know their actions are wrong to break the law. Because President Trump likely knew that the plan to disrupt the electoral count was wrongful, his mindset exceeds the threshold for acting “corruptly” under § 1512(c).

There is no such precedent in DC and, as I’ve argued, Judge Dabney Friedrich’s adopted standard is actually higher than this, finding corrupt intent in the commission of otherwise illegal actions. So Carter’s opinion, on top of meeting a lower standard than DOJ would need to charge, dodged two legal issues already before the DC District judges, whether obstruction required the destruction of evidence and whether it required otherwise illegal actions. It’s not clear that the actions that he lays out would, by themselves, meet Friedrich’s standard.

Carter pointed to two kinds of proof that Trump knew the plan to obstruct the vote count was wrong. He pointed to the 60 court losses as proof that their claims of voter fraud were false. He also pointed to Trump’s demand from Brad Raffensperger for exactly the number of votes he needed to win, which Carter presented as proof that Trump cared about winning, not voter fraud (As I have repeated over and over, this is one Trump action that is otherwise illegal).

President Trump and Dr. Eastman justified the plan with allegations of election fraud— but President Trump likely knew the justification was baseless, and therefore that the entire plan was unlawful. Although Dr. Eastman argues that President Trump was advised several state elections were fraudulent,224 the Select Committee points to numerous executive branch officials who publicly stated225 and privately stressed to President Trump226 that there was no evidence of fraud. By early January, more than sixty courts dismissed cases alleging fraud due to lack of standing or lack of evidence,227 noting that they made “strained legal arguments without merit and speculative accusations”228 and that “there is no evidence to support accusations of voter fraud.”229 President Trump’s repeated pleas230 for Georgia Secretary of State Raffensperger clearly demonstrate that his justification was not to investigate fraud, but to win the election: “So what are we going to do here, folks? I only need 11,000 votes. Fellas, I need 11,000 votes. Give me a break.”231 Taken together, this evidence demonstrates that President Trump likely knew the electoral count plan had no factual justification.

Carter then points to the two meetings (bolded above) as the moment when Eastman and Trump — and others — entered into a conspiracy to obstruct the vote count. Notably, this may put everyone else who was in that meeting on the hook for the conspiracy as well, members of an enormous conspiracy already charged against sixty people, including some seditionists.

He then pointed to Eastman’s awareness that his theories were bullshit and Pence’s repetitive insistence they were to find Eastman acted dishonestly.

The plan not only lacked factual basis but also legal justification. Dr. Eastman’s memo noted that the plan was “BOLD, Certainly.”232 The memo declared Dr. Eastman’s intent to step outside the bounds of normal legal practice: “we’re no longer playing by Queensbury Rules.”233 In addition, Vice President Pence “very consistent[ly]” made clear to President Trump that the plan was unlawful, refusing “many times” to unilaterally reject electors or return them to the states.234

[snip]

The evidence shows that Dr. Eastman was aware that his plan violated the Electoral Count Act. Dr. Eastman likely acted deceitfully and dishonestly each time he pushed an outcome-driven plan that he knew was unsupported by the law.

So on top of getting some documents, this opinion lays out a framework that envisions Trump being charged for the same crimes that DOJ has been working towards charging him and others on for over a year.

In several ways, though (the standard of proof and two legal standards he adopted on obstruction), Carter has only found Trump may have obstructed the vote count at a much lower standard than DOJ would need.

Share this entry

Derrick Bell’s Parable Of Afrolantica

Introduction And Posts In This Series

Chapter 3 of Derrick Bell’s Faces At The Bottom Of The Well tells the parable of Afrolantica. Out in the Atlantic Ocean a new continent suddenly begins to emerge from the water 900 miles off the coast of South Carolina. Months later when it emerges from the boiling waters and steam that surrounded its birth, it is revealed as a land mass the size of the New England States, with mountains, forests, rivers, and meadows; with plants, animals, fish; and with a whole lot of gold and silver. Nations vie for control, but the US gets a head start and tries to put people there. They are immediately sickened by a strange heavy air pressure which they cannot breathe.

It turns out that only American Black people, and not even Black people from other nations, could breathe the air just fine. A group of Black explorers reported:

… they needed neither their space suits nor special breathing equipment. In fact, the party felt exhilarated and euphoric—feelings they explained upon their reluctant return … as unlike any alcohol- or drug-induced sensations of escape. Rather, it was an invigorating experience of heightened self-esteem, of liberation, of waking up. All four agreed that, while exploring what the media were now referring to as “Afrolantica,” they felt free.

Black people begin to think of Afrolantica as the Promised Land. One minister likened it to the story of the Israelites in the land of Egypt. The Israelites, emancipated from Egyptian slavery, wandered in the wilderness for 40 years. Black people lived this for hundreds of years. He urged Black people to emigrate to this Promised Land.

The arguments began. Some Black people, Remainers, argued that life in the US wasn’t as bad as the Israelite had it in their 40 years. They said Black people of today were better off than their parents and grandparents. This is our land, they said, and we don’t want to leave.

A pro-emigration group introduced a bill in Congress to give each emigrant $20K to cover expenses and start-up costs, to be repaid if the emigrant returned within 10 years. Opponents attacked it as unconstitutional because it created a race-based benefit without showing a compelling state interest as a justification.

The Remainers argued that things were definitely getting better and it would be dumb to leave just as the dream of equality was in sight. The pro-emigration people, Leavers, pointed out that the dream always favored white people, and was always hedged for Black people.

Each side quoted historical authorities. Leavers cited Abraham Lincoln who backed resettlement of freed Blacks throughout his life. Remainers cited Frederick Douglas who asserted that Black people belonged in America as much as any other immigrant.

Non-Black Americans were troubled by these events. Some saw the new confidence and pride of Blacks as arrogance or “uppity”. Racists were furious. Others were merely envious. Conservatives feared the possibility of another Cuba, a rallying point for third-world peoples who might identify more with Afrolanticans than US capitalists backed by US military and political pressure. The US government worked to undermine the Leavers, seeing them as a threat to world stability. Agents of the government tried to find Black leaders or academics to back up their conspiracy theories about this invented plot, but none were willing to sign on, which was surprising.

Meanwhile, Black people organized to leave. Even Blacks who didn’t want to go supported this movement with money and services. That frightened many white people. Governments and corporations set up barriers. Visas were denied. Threats were made of loss of citizenship. The right to return even to visit relatives. Criminal charges and civil litigation followed.

Black people banded together to fight off these attacks. A large flotilla left on July 4, in search of Black Independence.

But. As they neared Afrolantica, the mists rose, and the island began to sink back into the Atlantic. They watched it disappear. They realized they were not feeling grief or despair, but a deep satisfaction in having accomplished so much together. They spoke of the words of Frederick Douglass:

“We are Americans. We are not aliens. We are a component part of the nation. We have no disposition to renounce our nationality.”

This spirit inspired a huge number of Black people to renewed efforts to achieve their place in their America.

Discussion

1. The image of the pressure Black people feel in America just trying to live their lives, and the freedom they felt in Afrolantica is striking. It’s reflected in the coverage of the confirmation hearings for Judge Ketanji Brown Jackson. The hearings featured the New Racist Stylings of the Republican Party. Ted Cruz brought in posters of a baby playing with blocks to illustrate something he didn’t like about Critical Race Theory, and asked Judge Jackson whether babies are racists. Elie Mystal explains what happened next:

Jackson started to answer. She said, “Senator.” And then she sighed. And then she paused. For a long time. As the silence filled the room, I felt like I could see Jackson make the same calculation nearly every Black person and ancestor has made at some point while living in the New World. It’s the calculation enslaved people made before trying to escape to freedom, or activists made before sitting down at the white lunch counter. But it’s also the calculation a woman makes before responding to the e-mail of the failson who was just promoted ahead of her, or the calculation I make when a white executive comments on my Twitter feed but not my published columns. It’s the calculation when black people try to decide: “Am I gonna risk it all for this?”

This is what Jeneé Osterheldt, writing for the Boston Globe, saw:

Black women are familiar with the weight of white supremacy even when it cloaks itself in a polite veneer.

The GOP repeatedly has said Jackson’s Supreme Court confirmation hearings are to be fair and respectful. They tell her how “intelligent” and “articulate” she is, affirming how proud Jackson should be as they look for ways to lay pressure on her in hopes of making her chin reach her neck in shame.

Black people in, say. Kenya don’t feel the pressure Mystal and Osterheldt describe, pressure not mentioned in other coverage. That’s just for American Black people.

2. As with any parable, we have to ignore the parts that don’t match up well with reality. (Do not get me started on the Parable of the Prodigal Son.) Bell ignores the practical difficulties of living in a land with no electricity or other form of power, the problems of capitalism generally and many others not central to his concerns. We should ignore them too if we want to learn anything useful.

Taking the parable at face value, we see one of Bell’s central concerns. He believes that racism is so deeply entrenched in US society that it can not be eradicated. Black people will only make progress by working together. As I noted in my introduction to this series, he believe that the effort has to be the goal, it has to be its own satisfaction and justification.

3. As with any good parable, there are layers of meaning, and different lessons for different people. We might ask White people how they would react to the situation. I’m not at all sure how I’d react.

My first thought was that it would be great for the people who wanted to go, and I’d be delighted to help. Then I thought that I’d feel terrible that so many Black people would want to go. I’d take it too personally, as them saying I have failed to treat them right, even if #NotAllWhitePeople. But that gets really complicated. It isn’t just my fault, and I don’t know what I personally could or should have done differently. How do we even allocate fault in the situations we are born into, and only escape with the help of others? Communities of every nationality and race in our country are dysfunctional. I would gladly support any plausible effort to fix them as best I can, but I have no ideas about what to do.

Maybe Bell is asking us to think about how we get people to work together to solve common problems. Isn’t that what’s supposed to happen in a real Democracy?

Share this entry

Jeffrey Rosen Targeted Project Veritas’ Office Manager Long before Merrick Garland Targeted James O’Keefe

According to a recent NYT story, Project Veritas paid $50,000 to a former Mike Pence lawyer and House staffer, Mark Paoletta, to get members of Congress to push back against the criminal investigation into the rat-fucking organization.

After the criminal investigation into Project Veritas became public last fall, a prominent Republican lawyer who was lobbying on behalf of the organization and Mr. O’Keefe briefed a group of congressional Republicans on the case, to urge them to try to persuade the Justice Department to back off the investigation because the group did nothing wrong, according to a person briefed on the matter.

[snip]

Lobbying filings show that Mr. Paoletta was paid $50,000 during the last two months of last year to inform members of Congress about the F.B.I. raid on Mr. O’Keefe.

That’s really telling. After Project Veritas won a fight to get a Special Master appointed to review records seized in a raid on James O’Keefe and others last year, they balked at DOJ’s effort to make them foot the entire bill, telling a tale about their gritty “upstart journalism.”

The government argues that an upstart journalism organization with a current annual budget that recently hovers around $22 million is better suited to fund Special Master proceedings than a goliath arm of the U.S. government featuring a long-standing bloated budget, currently at $31.1 billion.2 The government’s demand that a press entity bear considerable financial burdens to defend against the government’s unconstitutional attack on a free press is corrosive to the First Amendment. The exercise of First Amendment rights is a guaranteed right, not a luxury subject to taxation at the government’s whim. Imposing daunting costs during the pendency of an investigation meant to resolve important First Amendment questions inflicts its own kind of abridgement. When exorbitant costs may be levied against the media simply for acting in accord with settled First Amendment precedent, the process becomes the punishment.

[snip]

For Project Veritas, an upstart journalism organization, each dollar spent on Special Master fees and expenses is a dollar not spent publishing news stories or investigating leads.

They won that fight and thus far, Special Master Barbara Jones has billed almost $40,000, which will be split 50-50.

It turns out, though, that PV’s claim that they would spend every cent saved on Special Master fees on what they euphemistically call “news stories,” was false. Instead, they were spending it to get Chuck Grassley (whose former top staffer Barbara Ledeen used to have close ties to PV), Jim Jordan, and other of the most corrupt Republicans to write letters to Merrick Garland complaining about “brazen and inconsistent standards” and “partisan or other improper motive.” (As we’ll see, it turns out they should have been complaining to Jeffrey Rosen.)

What’s interesting is those letters that Barbara Ledeen’s former boss and Jim Jordan and Ron Johnson signed all suggest they took their understanding of PV’s actions entirely from the public record. They cite news articles.

Congress was told that Don Jr was involved before the stupidest Republicans wrote to complain

Not so, as reported by the NYT. Paoletta apparently knew — and shared — details that had not yet been reported by the press. Paoletta knew of a September 6, 2020 fundraiser held by Elizabeth Fago and attended by Don Jr where Ashley Biden’s diary — allegedly stolen — was passed around.

In August, Ms. Harris reached out to Robert Kurlander, a friend who had been sentenced to 40 months in prison in the 1990s on a federal fraud charge and had expressed anti-Biden sentiments online, to say she had found the diary. The two believed they could sell it, allowing Ms. Harris to help pay for the lawyers representing her in the custody dispute.

New details from interviews and documents have further fleshed out what happened next. Mr. Kurlander contacted Elizabeth Fago, the Trump donor who would host the fund-raiser attended by Donald Trump Jr. When first told of the diary, Ms. Fago said she thought it would help Mr. Trump’s chances of winning the election, according to two people familiar with the matter.

Richard G. Lubin, a lawyer for Ms. Fago, declined to comment.

On Sept. 3, Ms. Fago’s daughter alerted Project Veritas about the diary through its tip line.

Three days later, Ms. Harris and Mr. Kurlander — with the diary in hand — attended the fund-raiser attended by Donald Trump Jr. at Ms. Fago’s house in Jupiter, Fla., to see whether the president’s re-election campaign might be interested in it. While there, Mr. Kurlander showed others the diary. It is unclear who saw it.

It appears that Paoletta had originally been told — and told members of Congress — that Don Jr advocated calling the FBI, only to follow up to express uncertainty about that point.

The lawyer, Mark Paoletta, said that upon learning about the diary at the fund-raiser, Donald Trump Jr. showed no interest in it and said that whoever was in possession of it should report it to the F.B.I. But shortly thereafter Mr. Paoletta, who had served as Vice President Mike Pence’s top lawyer in the White House, called back the congressional Republicans to say he was unsure whether the account about Donald Trump Jr.’s reaction was accurate.

We know from past history, Don Jr doesn’t call the FBI when offered dirt on an opponent. Instead, he says “If it’s what you say, I love it, especially closer to the election.”

Project Veritas was willing to pay $50,000 to tell members of Congress that this crime might impact powerful fundraisers (Fago was named on the PV warrants) and the former President’s son, but didn’t want to foot the full bill for a Special Master.

SDNY always gets emails before they do an overt search

The fact that PV told members of Congress that this involved the former President’s son explains why PV is so pissed upon discovering what has been obvious to me from the start: That before obtaining warrants to seize James O’Keefe’s phones, DOJ had first obtained emails that provided the evidence to get the warrants for his phones.

The Government disclosed many of its covert investigative steps in the ex parte context of the Affidavit, including each email search warrant it had obtained pursuant to the SCA in this investigation.

This is precisely what SDNY did with Michael Cohen and Rudy Giuliani, and it’s what Magistrate Judge Sarah Cave was talking about when she referred to the “considerable detail” in the affidavit.

Third, the Court has reviewed the Materials in camera and observes that they contain considerable detail about individuals who may have already provided information to the Government—voluntarily or involuntarily—such that unsealing of the Materials “could subject [them] to witness tampering, harassment, or retaliation.”

PV revealed that in a motion asking Judge Analisa Torres to claw back this information.

The government apparently disdains the free press, and candor to the Court and opposing counsel. In light of the government’s violations of Project Veritas’s First Amendment, journalistic, and attorney-client privileges, as well as the government’s attendant failure to disclose these matters before or during the litigation of our motion for appointment of a Special Master, Project Veritas requests that this Court, pursuant to its supervisory powers, inherent authority, and Fed. R. Crim. P. 41(g), enter an Order requiring the government to:

(1) immediately halt access, review, and investigative use of Project Veritas materials that the government obtained from Microsoft (cf. November 12, 2021 Order acknowledging pause in government extraction and review of James O’Keefe’s mobile devices);

(2) inform this Court and counsel whether the government used a filter team to conduct a review of the data it seized from Microsoft on the basis of both attorney-client and journalistic privileges;

(3) inform this Court and counsel of the identities of any prosecutors, agents, or other members of the investigative team who have reviewed any data seized from Microsoft, what data they reviewed, and when they reviewed it; and

(4) disclose to the Court and counsel the identity of any other third party to which the government issued demands for Project Veritas data under the Electronic Communications Privacy Act (“ECPA”) with or without a non-disclosure order.

This interim relief is necessary to avoid compounding the harm to Project Veritas caused by the government’s violations of law and principles of candor and to enable Project Veritas to seek appropriate further relief.

I’ve put the dates of these warrants below; those dates and targets totally undermine everything PV has been complaining about.

PV has been complaining about “journalists” when DOJ first found evidence of a crime from their office manager

That’s because the first person targeted at PV was their “human resources” manager; that may be a reference to Jennifer Kiyak, who is named in the warrant targeting O’Keefe but listed on Project Veritas Exposed as PV’s Office Manager.

An office manager would have been the one to arrange payment of $40,000, and by getting her emails and — given that the FBI first targeted her in a subscriber record, may have been traced backwards from contacts with Ms. Biden — DOJ probably obtained plenty of evidence that the “journalists” had done far more than journalism.

Moreover, the first warrant to get “journalists'” emails was obtained while Jeffrey Rosen was Acting Attorney General, and all but one of these warrants for email (the one against O’Keefe) were obtained before Merrick Garland was confirmed. All of these email warrants were obtained before Garland imposed his new media guidelines, guidelines that Billy Barr’s DOJ never adhered to.

In other words, PV has been complaining for months that Merrick Garland targeted “journalists” when in fact they should be complaining that Jeffrey Rosen targeted someone who would, in no way, under any administration, be covered by media guidelines.

DOJ tells PV to hold their complaints until they are indicted

DOJ’s response to PV’s wails (which I wrote up in more detail here) is genuinely hysterical. They say, over and over, that PV can wait until they’re indicted to challenge these warrants.

Movants can raise these issues if there is an indictment filed charging them in connection with the investigation,

[snip]

The materials referenced by the Movants were obtained pursuant to duly authorized legal process that are not subject to challenge by the Movants in this pre-indictment stage.

[snip]

Second, the Movants seek pre-indictment discovery regarding the process used to review the materials referenced by the Movants, the identities of those who participated in that process, and the identities of third parties on which other legal process may have been served in the course of the investigation.

[snip]

To the extent the Movants may potentially be entitled at some point to the disclosures that they seek, any such entitlement would only be triggered, if at all, by the filing of an indictment charging them in connection with the investigation, and not before.2 In the event of a criminal proceeding, as Judge Oetken noted, they would have the opportunity to litigate any privilege or suppression issues, but they cannot do so during the pre-indictment phase of an ongoing grand jury investigation.

They acknowledge that PV would love to know who or what else has been investigated.

Of course, the Movants, like any subjects of a federal grand jury investigation, would like to know about every investigative step the Government is taking during the course of a criminal investigation, but that is not the law, for good reason.

No doubt so would Don Jr.

It also suggested there are other aspects of this investigation that DOJ is keeping secret.

The Government refrained from publicly disclosing details of the investigation, and continues to do so, for the same reasons that this Court denied production to the Movants of the affidavit (the “Affidavit”) submitted in support of the issuance of the search warrant dated November 5, 2021 that is the focus of this Part I matter and that Judge Cave ruled should remain sealed: to protect the ongoing grand jury investigation.

Keep in mind, there are necessarily other warrants out there that list other crimes, such as ones involving Harris and Kurlander that would name theft itself. In fact, the first order targeting PV mentions 18 USC 873 — blackmail.

Which means we can’t rule out that the nomination of Fago to the National Cancer Advisory Board a month after the election might be under investigation too.

These events are covered by three SDNY dockets: 21-mc-813 for James O’Keefe21-mc-819 for Eric Cochran, and 21-mc-825 for Spencer Meads.

2020

June: Ashley Biden moves to Philadelphia.

July: Aimee Harris moves into space formerly occupied by Ms. Biden.

August: Harris reaches out to fraudster Robert Kurlander, who contacts Elizabeth Fago.

September 3: Stephanie Walczak offers diary to PV.

September 6: Diary is shared at a fundraiser attended by Jr.

Mid-September: Kurlander and Harris fly to NY with the diary.  Spencer Meads travels to Florida and Harris shows more of Ms. Biden’s belongings.

Early October: A PV operative calls Ms. Biden and claims he wants to return the diary; PV takes her agreement as confirmation the diary is hers.

October 12: O’Keefe sends email, not mentioning Ms. Biden by name (but clearly referring to her) explaining his decision not to publish “Sting Ray” Story.

October 16: PV calls Joe Biden to extort an interview.

Late October: PV pays $40,000 for the diary.

October 25: National File publishes pages from Ashely Biden’s diary, linking parallel New York Post campaign targeting Hunter. It explains the provenance of the diary this way:

National File also knows the reported precise location of the physical diary, and has been told by a whistleblower that there exists an audio recording of Ashley Biden admitting this is her diary.

[snip]

National File obtained this document from a whistleblower who was concerned the media organization that employs him would not publish this potential critical story in the final 10 days before the 2020 presidential election. National File’s whistleblower also has a recording of Ashley Biden admitting the diary is hers, and employed a handwriting expert who verified the pages were all written by Ashley. National File has in its posession a recording of this whistleblower detailing the work his media outlet did in preparation of releasing these documents. In the recording, the whistleblower explains that the media organization he works for chose not to release the documents after receiving pressure from a competing media organization.

November 3: PV provides the diary to local law enforcement in FL.

November 22: DOJ uses subpoena for subscriber information of PV’s Human Resources Manager.

November 24: DOJ obtains 2703(d) order for HR manager’s email headers from 9/1/2020 to present.

December 8: Fago appointed to National Cancer Advisory Board.

2021

January 14: DOJ obtains warrant for emails of Eric Cochran, Spencer Meads, and HR manager from 1/1/20 through present.

January 26: DOJ obtains warrant for emails from another PV “journalist” from 1/1/20 through present.

March 5: DOJ obtains warrant for emails of three other PV “journalists” from 1/1/20 through 12/1/20.

March 9: DOJ obtains email headers for additional PV “journalist” from 9/1/20 through 12/1/20.

April 9: DOJ obtains warrant for O’Keefe’s emails from 9/1/20 through 12/1/20.

October 26: Paul Calli call DOJ, asks for AUSA Mitzi Steiner, and asked to speak about the PV investigation; Steiner asked how Calli had obtained her name, what else he had obtained, and declined to speak with Calli.

October 27: Lawyers for Project Veritas inform the DOJ that they will accept service for a subpoena relating to the investigation

November 3, 3:49 PM: Search warrants for Eric Cochran and Spencer Meads approved.

November 4, AM: FBI executes search warrants on former PV employees, Cochran and Spencer Meads.

November 4: PV lawyers accept service of subpoena.

November 4, one hour after the search: Mike Schmidt reaches out to Cochran and O’Keefe for comment about the investigation.

November 5, 11:18 AM: Warrant for O’Keefe authorized

November 5: NYT publishes story on investigation including language that PV would later baseless claim had to have come from the FBI.

November 6: FBI executes a search warrant on James O’Keefe

November 6: Schmidt contacts O’Keefe for comment.

November 6: Lawyers for Project Veritas ask the FBI to sequester material from the phone.

November 7: DOJ declines PV’s request and states the FBI has complied with all media guidelines.

November 8, 6:11PM: DOJ emails PV and tells them the extraction may start as soon as the next day.

November 8: After PV says it’ll file a legal challenge, FBI says it’ll only stop extraction after PV files such a challenge.

November 10: On behalf of PV, Calli Law moves to appoint a Special Master.

November 11, 12:51-12:53AM: Calli asks for confirmation that DOJ stopped extraction and review on O’Keefe’s phone on November 8.

November 11, 7:57AM: DOJ responds that the substantive review of O’Keefe’s phone was paused upon filing of motion on November 10.

November 11; 2:13PM: Judge Analisa Torres sets initial briefing schedule; in response to Torres order, DOJ stops extraction of O’Keefe phone.

November 12: In response to DOJ request, Torres extends briefing schedule.

November 12: Greenberg Traurig lawyer Adam Hoffinger, representing Eric Cochran, asks for Special Master to apply to materials seized from him, as well.

November 12: Letter signed by FL attorney Brian Dickerson but apparently docketed by NY lawyer Eric Franz asks for Special Master to apply to Spencer Meads

November 12, 3:49PM: Calli asks for clarification on review and extraction.

November 12, 3:59PM: DOJ responds that, “upon the filing of your motion, the Government paused the review of all material obtained from the search of your  client’s residence.”

November 14: Calli submits clarification letter regarding extraction and review.

November 15: Torres sets schedule in Cochran docket.

November 15: DOJ requests permission to reply to PV on November 19.

November 15: Calli requests inquiry into government leaks to NYT.

November 16: Torres grants permission to respond on November 19.

November 16: Ian H. Marcus Amelkin asks to delete initials of PV source, A.H., from docket.

November 17: Torres denies Amelkin request without prejudice.

November 17: Cochran motion to appoint Special Master.

November 18: For Meads, Dickerson formally moves for Special Master (and also complains that FBI seized dated devices).

November 19: Calli requests extension on response deadline for PV subpoena.

November 19: Government files opposition to request for Special Master and inquiry into purported leaks.

November 19: DOJ requests permission to respond to motion for extension on subpoena. Torres grants request.

November 21: DOJ opposition to extend subpoena deadline.

November 21: Government motion to oppose unsealing affidavits.

November 22: Torres denies motion for extension on subpoena.

November 22: PV reply to government opposition to Special Master.

November 23: Torres denies motion (including from RCFP) to unseal affidavits.

November 23: Cochran reply to government opposition to unseal affidavits.

November 24: Meads reply to refusal to unseal affidavits, including letters from House and Senate complaining to DOJ.

Share this entry

John Durham’s Top Prosecutor, Andrew DeFilippis, Allegedly Miffed that DARPA Investigated Guccifer 2.0

Vladimir Putin’s invasion of Ukraine and the sanctions imposed as a result has led lawyers in the US to drop the now-sanctioned Alfa Bank and its owners, leading to the dismissal of the John Doe, BuzzFeed, and Fusion GPS lawsuits filed by Alfa Bank or its owners. That has, for now, brought an end to a sustained Russian effort to use lawfare to discover “U.S. cybersecurity methods and means” (as some of Alfa’s targets described the effort).

But the dismissal of the Alfa Bank suits hasn’t halted the effort to expose US cybersecurity efforts in the guise of pursuing right wing conspiracy theories. Both Federalist Faceplant Margot Cleveland and “online sleuths” goaded, in part, by Sergei Millian have picked up where Alfa Bank left off. In recent days, for example, documents obtained via a Federalist FOIA to Georgia Tech exposed the members of a cybersecurity sharing group, including a bunch at Three-Letter Agencies, which has little news value but plenty of intelligence value to America’s adversaries (these names were released even while someone — either Georgia Tech or the Federalist — chose to redact the contact information for Durham’s investigators, some of which is otherwise public).

Even while doing her part to make America less safe (raising the perennial question of who funds the Federalist), Cleveland has continued to do astounding work misrepresenting Durham’s investigation. From the same FOIA release, she published a document in which research scientist Manos Antonakakis described that chief Durham AUSA Andrew DeFilippis insinuated to him that it was abusive for DARPA to try to discover the network behind the Guccifer 2.0 persona.

Finally, I will leave you with an anecdote and a thought. During one of my interviews with the Special Counsel prosecutor, I was asked point blank by Mr. DeFilippis, “Do you believe that DARPA should be instructing you to investigate the origins of a hacker (Guccifer_2.0) that hacked a political entity (DNC)?” Let that sync for a moment, folks. Someone hacked a political party (DNC, in this case), in the middle of an election year (2016), and the lead investigator of DoJ’s special council would question whether US researchers working for DARPA should conduct investigations in this matter is “acceptable”! While I was tempted to say back to him “What if this hacker hacked GOP? Would you want me to investigate him then?”, I kept my cool and I told him that this is a question for DARPA’s director, and not for me to answer.

Assuming this is an accurate description, this is a shocking anecdote, a betrayal of US national security.

It suggests that Durham’s lead prosecutor doesn’t believe the government should throw its most innovative research at a hostile nation-state attack while that nation-state is attempting to influence an election. Sadly, though, it’s not surprising.

It is consistent with things we’ve seen from Durham’s team throughout. It’s consistent with Durham’s treatment of a loose tie between an indirect and unwitting Steele dossier source and the Hillary campaign as a bigger threat than multiple ties to Russian intelligence (or Dmitry Peskov’s office, which knew that Michael Cohen and Donald Trump were lying about the former’s secret communications with Peskov’s office). It is consistent with Durham’s more recent suggestion that the victim of such a nation-state attack must wait until after an election to report a tip that might implicate her opponent.

I almost feel like DeFilippis will eventually say Hillary should have just laid back and enjoyed being hacked in 2016.

DeFilippis, and Durham generally, have consistently treated Hillary as a far graver threat than Russia, even now, even as Russia conducts a barbaric invasion of a peaceful democracy.

But Antonakakis’ anecdote is all the more troubling because it suggests that DeFilippis seems to misunderstand what happened with the DARPA contract in question in 2016. The Enhanced Attribution RFP’s description of the hacking campaigns it was targeting — “multiple concurrent independent malicious cyber campaigns, each involving several operators” — pretty obviously aims to tackle Advanced Persistent Threats, of which APT 28 and 29 (both of which targeted the DNC) were among the most pressing in 2016. DARPA presumably didn’t ask Antonakakis to focus on Guccifer 2.0 — a persona which didn’t exist when the contract was put up for bid in April 2016, much less in the months earlier when it was originally conceived. Rather, by description, they were asking bidders to look at APTs, and looking at APT 28 would have happened to include looking at Guccifer 2.0, the DNC hack, and a number of hacks elsewhere in the US and the world.  The reason DARPA would ask Georgia Tech to look at APT 28 is because APT 28 was hacking a lot of targets in the time period, all of which provided learning sets for a researcher like Antonakakis. DeFilippis, then, seems miffed that the APT that DARPA wanted to combat happened to be one of two that targeted Hillary.

That’s a choice Russia made, not DARPA.

While I think Cleveland did serious damage with some of her releases, I’m glad she released this document because it provides a way for Michael Sussmann to make DeFilippis’ troubling views on national security a central issue at trial, something that normally is difficult to do.

It also provided Cleveland another opportunity to faceplant in spectacular trademark Federalist fashion. Cleveland used this document to rile up the frothers by suggesting this is proof that Durham is investigating the DNC attribution.

Exclusive: Special Counsel’s Office Is Investigating The 2016 DNC Server Hack

The U.S. Department of Defense tasked the same Georgia Tech researcher embroiled in the Alfa Bank hoax with investigating the “origins” of the Democratic National Committee hacker, according to an email first obtained by The Federalist on Wednesday. That email also indicates the special counsel’s office is investigating the investigation into the DNC hack and that prosecutors harbor concerns about the DOD’s decision to involve the Georgia Tech researcher in its probe.

[snip]

The public storyline until now had been that CrowdStrike, the cybersecurity firm Sussmann hired in April 2016, had concluded Russians had hacked the DNC server, and that the FBI, which never examined the server, concurred in that conclusion. Intelligence agencies and former Special Counsel Robert Mueller likewise concluded that Russian agents were behind the DNC hack, but with little public details provided.

It now appears that DARPA had some role in that assessment, or rather Antonakakis did on behalf of DARPA, which leads to a whole host of other questions, including whether DARPA had access to the DNC server and data and, if so, from whom did the DOD’s research arm get that access? Was it Sussmann?

There’s no reason to believe this and every reason to believe that — as I said — DeFilippis is pissed that DARPA prioritized their research on a target that was badly affecting national security (and not just in US, but also in allied countries) in 2016, one that happened to attempt to help Trump get elected.

But look how many errors Faceplant’s Cleveland made in the process:

Cleveland repeats the Single Server Fallacy, imagining that the DNC, DCCC, and Hillary had just one server between them to be hacked and all the servers that got hacked were in the possession of one of those victims. That’s, of course, ridiculous. The server that GRU hacked to get John Podesta’s emails belonged to Google. The server that GRU hacked to get Hillary’s analytics belonged to AWS. There was a staging server in AZ; I have been told that the FBI seized at least one US-based server that did not belong to the DNC (that server is why the frothy right’s focus on what Shawn Henry testified to HPSCI is so painfully ignorant — because it ignores that the FBI had access to servers that Henry did not that did show exfiltration).

Cleveland apparently doesn’t know that FBI knew who was hacking the DNC when they warned them starting in September 2015 they were being hacked. The FBI’s awareness of that not only explains why APT 29 and 28 would have been included in DARPA’s targets for EA, but proves that the government was tracking these hacking groups above and beyond the attack on Hillary. This was never just a reaction to the election year hack.

Cleveland claims Mueller’s attribution of the DNC hack to the GRU provided “little public details,” when in fact the Mueller Report showed 29 sources other than CrowdStrike, including:

  • Gmail
  • Linked-In
  • Microsoft
  • Facebook
  • Twitter
  • WordPress
  • ActBlue
  • AWS
  • AOL
  • Smartech Corporation
  • URL shortening service
  • Bitcoin exchanges
  • VPN services

According to Mueller’s report, all these sources also corroborated the GRU attribution. And Mueller’s list doesn’t include a number of other known entities that corroborated the attribution, including NSA and Dutch intelligence, which couldn’t be named in a public DOJ document. Mueller’s list doesn’t include Georgia Tech either, but it wouldn’t need to, because there was so much other evidence.

The Mueller Report described obtaining almost 500 warrants, but the released list — from which FBI’s Cyber Division successfully withheld those pertaining to the GRU investigation — only includes around 370-400 warrants (based on an 156 pages of warrants with roughly three per page), suggesting there may be 100 warrants tied to the GRU attribution alone.

By the time Antonakakis started looking at the DNC hack as part of EA, multiple entities, including several Infosec contractors, non-US intelligence services, and non-governmental entities like tech giants (including at least three of the ones on Mueller’s list), had plenty of evidence that the Guccifer 2.0 campaign was run by the APT 28. Including Guccifer 2.0 as part of the research set would simply be part of the existing targeting of a dangerous APT.

But apparently neither DeFilippis nor Cleveland understand that 2016 was part of an ongoing identified threat to US national security.

One thing Putin did in 2016 was to use disinformation to train the frothy right to favor Russia more than fellow Americans from the opposing party. Even as Russia attacks Ukraine, that still seems to be true.

Share this entry

DOJ Unseals 18-Month Old Indictment against Lev Parnas’ Financial Backer

Yesterday, SDNY unsealed an indictment against Andrey Muraviev, the Russian national who gave Lev Parnas and Igor Fruman $1 million to spend on pro-cannabis Republican politicians.

SDNY presented the indictment as part of an effort to protect US politics, and it was.

Damian Williams, the United States Attorney for the Southern District of New York, and Michael J. Driscoll, the Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced the unsealing of an indictment against ANDREY MURAVIEV, a/k/a “Andrey Muravyov,” a Russian citizen, charging him with making illegal political contributions as a foreign national, and conspiring to make illegal political contributions as a foreign national in the names of straw donors. Muraviev is charged with conspiring with Lev Parnas, Andrey Kukushkin, and Igor Fruman, and others, who were convicted at trial or have pleaded guilty to these crimes.

U.S. Attorney Damian Williams said: “As alleged, Andrey Muraviev, a Russian national, attempted to influence the 2018 elections by conspiring to push a million dollars of his foreign funds to candidates and campaigns. He attempted to corrupt our political system to advance his business interests. The Southern District of New York is committed to rooting out efforts by foreigners to interfere with our elections.”

FBI Assistant Director-in-Charge Michael J. Driscoll said: “As alleged, Muraviev, a Russian foreign national, made illegal political contributions and conspired with Parnas, Kukushkin and Fruman to obscure their true source. The money Muraviev injected into our political system, as alleged, was directed to politicians with views favorable to his business interests and those of his co-conspirators. As today’s action demonstrates, we will continue to aggressively pursue all those who seek to illegally effect [sic] our nation’s elections.”

But I’m still not sure what explains the unsealing of the indictment yesterday. It’s actually exactly the same as S1 — obtained the same day on September 17, 2020 — only with Muraviev charged rather than described as Foreign National-1.

Indictment: October 9, 2019

S1 Indictment: September 17, 2020

S2 Indictment: September 17, 2020 (unsealed March 14, 2022)

s3 Indictment: August 26, 2021

It may be just part of the effort to roll out charges against as many people — along with Jack Hanick and Elena Branson — for Russian influence peddling as possible right now. It may relate to Lev Parnas’ plans to plead guilty to the remaining charged charge against him (the Marie Yovanovitch related charge from the original indictment was removed in S1 to await Rudy’s inclusion).

Or perhaps DOJ unsealed it to make it easier to share with some other entity, such as Federal prosecutors in Florida who are investigating some of the pro-cannabis politicians who received Muraviev’s laundered campaign money.

Share this entry

A White Board of the Sedition-Curious

Contrary to what a lot of people imagine, I don’t keep visual representations — like some cork board with a bunch of strings attached — of the investigations I follow, not even the sprawling January 6 investigation. Instead, I just try to capture important developments here, where I can refer back to them. There are several such relationships unpacked in recent weeks.

Roger Stone and Stewart Rhodes bug out at the same time after insurrection

For example, a bunch of people have asked me what I make of the WaPo report based on video taken by some Danish journalists who were filming a documentary of Roger Stone on January 6.

As you read it, keep in mind that the Get Me Roger Stone video team was following Roger Stone during key periods of 2016, including at the RNC.

Mueller at least attempted — as Stone feared Mueller would in real time — to mine the video for clues about Stone’s activities. For example, in one of the same email chains where Stone told Randy Credico to “do a [Frank] Panta[n]gel[i],” he and Credico were panicking about what Get Me Roger Stone writer Morgan Pehme was saying about 2016.

So even assuming Roger Stone wasn’t engaged in his everyday type of performance when being filmed for these film-makers, he would be acutely aware of the legal hazards of having a documentary team following around while crimes were being committed.

That’s why the report is most interesting for the times when Stone made sure to ditch the camera team: at precisely the time of a key Proud Boy planning meeting, during a meeting that Joshua James may have reported in on, and as the riot unfolded at the Capitol.

For example, the videographers did not track Stone when he left the hotel at 9PM on January 5 with Sal Greco.

At about 8:50 p.m. on Jan. 5, after the Danish filmmakers had left him, Stone exited the Willard again with his bodyguard, off-duty New York City police officer Sal Greco, a live-stream video shows. Their destination was unclear, though Stone had said he had a 9 p.m. appointment to have his hair dyed.

Just minutes after that — just before 9:17 PM — Joe Biggs and Ethan Nordean were meeting with as-yet unidentified people putting together their plan for the riot.

Then there was a meeting with Bernie Kerik at 10AM at the Willard; hotel staff prevented videographers from watching that meeting.

The filmmakers told The Post that Stone appeared to change his plans after an encounter in the Willard lobby around 10 a.m. with Bernard Kerik, a former New York City police commissioner working in Giuliani’s command center at the hotel. The filmmakers began recording their conversation but were forced to leave by hotel staff. It is unclear what was said.

There’s good evidence that Joshua James checked in with Michael Simmons before and after that meeting.

Finally, Stone blew off the videographers from just before the Proud Boys kicked off a riot until almost the moment both Stone-related militias stood down.

At about 12:40 p.m., some ofStone’s guests left his suite. Stone’s team and the filmmakers agreed to separate for lunch and then reconvene two hours later. Stone planned to speak at a smaller rally near the Capitol later that afternoon.

But as the filmmakers ate in their hotel room, they saw news footage of a riot escalating at the Capitol. Around 2:30 p.m., Guldbrandsen headed out to capture the scene while Frederik Marbell, the director of photography, rushed to Stone’s room.

“Kristin Davis opened the door and said that Roger was taking a nap, so I couldn’t film,” Marbelltold The Post.

Outside the room, Marbell attempted to reach Stone by text message starting at 3:03 p.m. The messages went unanswered for 24 minutes, when Stone responded and offered to go to Marbell’s room.

By about 4 p.m., with the Capitol in chaos, Stone had still not arrived at Marbell’s room. Marbell returned to Stone’s room and began knocking. About five minutes later, room service arrived and Marbell snuck inside, he said.

“Roger was not taking a nap. He was on the phone with someone,” Marbell said.

Stone condemned the riot to the filmmakers at 4:18 p.m., saying: “I think it’s really bad for the movement. It hurts, it doesn’t help. I’m not sure what they thought they were going to achieve.

These are like Stone’s July 2016 meeting with Nigel Farage at the RNC: The stuff he knew well to and did hide from the camera. That’s where the sweet spot of Stone’s interactions are.

All that said, the report shows that key Stone actions the camera team captured exactly map the known central events of the planning for the insurrection.

For example, Stone put together a Friends of Stone Signal list, including Enrique Tarrio, once it became clear Trump had lost. That fed Flynn’s efforts.

He told them to monitor a group chat on the app Signal titled “F.O.S.” — friends of Stone. Tarrio of the Proud Boys was among the group’s members, a later shot of Stone’s phone showed.

[snip]

On Nov. 5, Stone drew up a Stop the Steal action plan that was visible on Alejandro’s laptop in footage captured by the filmmakers. As protesters were mobilized, the plan said, state lawmakers would be lobbied to reject official results. That tactic later proved central to Trump’s efforts.

Also that day, Stone had a 15-minute call with Flynn, the video shows. He told Flynn they could “document an overwhelming and compelling fraud” in each battleground state and urged him to spread the word on social media. That day, Flynn, Trump’s campaign and his sons Donald Jr. and Eric began using #StopTheSteal on Twitter.

Just after this mobilization, both Tarrio and Biggs started calling for civil war.

Later that month, Stone was coordinating with Mike Flynn and Ali Alexander.

Stone moved quickly after Trump’s defeat to help mobilize the protest movement that drew thousands to the nation’s capital on Jan. 6, 2021, The Post found. He privately strategized with former national security adviser Michael Flynn and rally organizer Ali Alexander, who visited Stone’s home in Fort Lauderdale, Fla., in late November 2020 for a dinner where Stone served pasta and martinis.

In the days and weeks leading up to Thanksgiving (when Flynn would be pardoned and Sidney Powell would, like Stone, start grifting off claims of a stolen election), Flynn and Powell were at Lin Wood’s properties in South Carolina, plotting away.

I was most struck, however, by the unsurprising news that in addition to Tarrio, Stone also used Signal messages with Stewart Rhodes.

Stone used an encrypted messaging app later in January to communicate with Oath Keepers leader Stewart Rhodes, who is also charged with seditious conspiracy, and Proud Boys leader Enrique Tarrio, the footage shows.

When I saw the description in James’ statement of offense of the way Rhodes bugged out of town immediately after the riot, I suspected that someone had instructed Rhodes that they were going to be hunted.

At Rhodes’s instruction, James, Vallejo, and others met Rhodes that evening at a restaurant in Vienna, Virginia. Rhodes discussed saving “the Republic” by stopping the transfer of presidential power and began to make plans to oppose the Inauguration on January 20, 2021, including by having people open-carry firearms at state capitols around the country.

While at the restaurant, Rhodes and James came to believe that law enforcement was searching for Rhodes and others after their attack on the Capitol. The group immediately returned to their hotel, collected their belongings, and met at a nearby gas station. There, James saw what he estimated to be thousands of dollars’ worth of firearms, ammunition, and related equipment in Rhodes’s vehicle. Rhodes divvied up various firearms and other gear among James and others who occupied a total of three cars. Rhodes left his mobile phone with one person and departed with another person in that person’s car so that law enforcement could not locate and arrest him. The three cars departed in separate directions.

James returned to Alabama with some of Rhodes’s gear, including firearms and other tactical equipment.

According to the videographers, Stone bugged out at about the same time and in the same frantic manner as Rhodes did.

As a mob ransacked the Capitol on Jan. 6, 2021, Roger Stone, Donald Trump’s longest-serving political adviser, hurried to pack a suitcase inside his elegant suite on the fifth floor of the Willard hotel. He wrapped his tailored suits in trash bags, reversed his black face mask so its “Free Roger Stone” logo was hidden, then slipped out of town for a hastily arranged private flight from Dulles International Airport.

“I really want to get out of here,” Stone told an aide, as they were filmed at the hotel by a Danish camera crew for a documentary on the veteran Republican operative. Stone said he feared prosecution by the incoming attorney general, Merrick Garland. “He is not a friend,” Stone said.

I would, at this point, be shocked if Rhodes and Stone hadn’t communally decided they needed to bolt. The remaining question I have, though, is whether someone in government — like Mark Meadows — alerted Stone or someone close to him that the FBI had switched immediately into investigative mode.

Sidney Powell springs for the sedition gaslight defense

In the same way that the Danish videographers confirm that Roger Stone and Mike Flynn were conspiring early in the post-election process, a recent BuzzFeed report reveals that Sidney Powell is now using her hard-won grift to pay for the defense of some Oath Keepers.

Since October, the organization, Defending the Republic, has been making monthly payments to the defense attorney for Kelly Meggs, a member of the militant group the Oath Keepers who is charged with seditious conspiracy for his role in the Jan. 6 Capitol riot. In an interview, the attorney, Jonathon Moseley, said he was aware of “at least three or four other defendants who have that arrangement” as well. The Oath Keepers’ general counsel, Kellye SoRelle, said that one of those others is the group’s founder, Stewart Rhodes. Offered the chance to deny that, his lawyers said they don’t discuss funding.

The revelation, which has not been previously reported, sheds new light on the activities of Powell’s organization, which was incorporated in December 2020 “to defend the constitutional rights of all Americans.” By last August, the group had raised nearly $15 million, according to its audited financial statements, and since then has raked in untold cash in donations and sales of merchandise, including T-shirts, drink coasters, and highball glasses adorned with the organization’s logo. Yet despite mounting legal scrutiny from federal and state investigators, Defending the Republic has disclosed almost nothing about where that money has been going.

[snip]

Powell’s involvement in the Oath Keepers case helps explain how some of the defendants, most of whom are far from wealthy, have been able to work with private attorneys who charge hundreds of dollars an hour rather than court-appointed lawyers. But it also raises questions as to who is dictating their defense strategy. In recent months, defense attorneys have raised many of the same far-flung conspiracies about COVID-19, antifa, and the deep state that appeared in lawsuits against the federal government filed by Powell herself.

As Ken Bensinger notes and I have traced, Jonathon Moseley has chosen to use court filings to engage in conspiracy theorizing rather than a more typical defense.

But on top of the futility of such an approach to actually obtain an optimal outcome, it serves to undermine rule of law more generally. Moseley’s approach is not all that different from the one that Powell herself used with Mike Flynn in attempting to blow up his prosecution by inventing false claims about the government. There was no evidence to support it, but it fed the frothers.

Tellingly, Powell’s efforts did nothing but make Flynn’s outcome worse. Thus, the defense plan, such as it existed, served to undermine rule of law and then make it all go away with a Presidential pardon. I’ve long assumed that that was the hope for Kelly Meggs and Kenneth Harrelson (who has adopted a similarly conspiratorial defense approach): that they could stall through 2025 in hopes a Republican would pardon them for their alleged sedition.

On March 4, Judge Amit Mehta appointed Andrew Wise of Miller Chevalier as conflict counsel to inquire into conflicts between Moseley’s representation of Meggs and (at least in the civil suit) Stewart Rhodes). That’s likely to bring a review of compensation arrangements, which may lead to inquiries about what Powell is paying Moseley to do.

Interestingly, BuzzFeed suggests that Juli Haller, who represents Meggs’ wife Connie, but also Ryan Samsel, may be on this dole. There was a time when Samsel looked like he might have considered flipping but that time is long gone.

Roger Stone’s pardon grift

And now, having covered Roger Stone’s Stop the Steal grift and Sidney Powell’s Defending the Republic grift, we come to Stone’s pardon-selling.

The Daily Beast adds to the earlier WaPo report (the first item here) that addressed all the pardons Roger Stone pitched Trump to make in the days between when he bolted from DC quickly and the day any such power expired. It notes that in mid-January 2021, Stone was playing all sides of the Florida scandal that engulfs Matt Gaetz.

It’s already known that Stone lobbied for pardons for both Gaetz and Greenberg in the waning days of the Trump administration. But it wasn’t known that Stone also advocated for a pardon for this third man connected to Gaetz and Greenberg: Stephen Alford, a serial fraudster from the Florida panhandle.

That development was first revealed by The Washington Post in a draft memo published earlier this month. But the Post report didn’t mention Alford—his name only appears in a document the Post obtained and uploaded online—and the link hasn’t been explored.

Two months after Stone advocated for Alford’s absolution, that allegiance dissolved when Alford became Gaetz’s scapegoat for the investigation. (Stone also eventually blasted Alford as part of the “deep state.”)

Just weeks before, however, Stone was in Alford’s corner, lobbying for a pardon.

Much of this is just scammy Florida politics. I’m interested in two details of this.

First, one of the ties TDB did find between Alford — the guy who attempted to extort Gaetz’s dad — and Stone goes through Oleg Deripaska.

According to a person with direct knowledge of the events, however, Alford had one powerful friend: A Republican lobbyist close to Stone.

Weeks after Alford’s pardon request was declined, that lobbyist shared some more information: Matt Gaetz was in trouble. And the lobbyist, this person said, had the details, including images of Gaetz with young women at a sex party.

While it’s unclear how the lobbyist—an associate of Oleg Deripaska—came into this information, Stone had by that time known about the Gaetz allegations for months; Greenberg had told Stone all about their involvement with a 17-year-old, both over text messages and in a confession he drafted at Stone’s request, as part of the pardon process.

It didn’t take long for Alford to cobble together a plan—and it was a doozy: He would secure Gaetz a presidential pardon in exchange for $25 million, which Alford would supposedly use to repatriate an FBI agent taken hostage in Iran who has long been considered dead.

TDB then describes how this plan, involving a lobbyist with ties to Deripaska, was behind the campaign against the NYT story on Gaetz’ legal woes.

When The New York Times broke the investigation in late March last year, Gaetz used Alford’s ploy as ammo. He fired off a tweetstorm, claiming the Times report was a “planted leak” designed to torpedo an investigation into “criminal extortion” plot “to smear my name.”

The central figure in Gaetz’s narrative, however, wasn’t Alford; it was Alford’s lawyer, whose role was limited to holding the money in an escrow account while Alford negotiated the release.

That lawyer had one special characteristic: Three decades ago, he served as a DOJ prosecutor. And that fact equipped the narrative with a “deep state” hook—a Roger Stone special.

Gaetz doubled down that night on Tucker Carlson’s late-night Fox News talk show, explaining the convoluted “leaking” and “smearing” plot to a befuddled Carlson, who remarked that it was “one of the weirdest interviews I’ve ever conducted.”

The next day, Stone piped up to defend Gaetz, using the same language.

And I’m interested in that because Glenn Greenwald was another key player in this anti-NYT campaign, including as recently as December.

Click through for the details on Gaetz paying Stone until he stopped paying Stone.

Update: One more note about Stone’s plan for pardons. Unsurprisingly he pushed for pardons for Assange and Stone, and unsurprisingly he did so in the same terms that Greenwald did — as the best way to get back at the Deep State.

Hell yes ,I would pardon Julian Assange and Edward Snowden- they are persecuted because they exposed the same people who attempted the Russia Collusion Hoax, the Ukraine hoax the last phony impeachment and are now pushing you’re their new phony impeachment.

The plan is a telling document of how Stone exploited Trump’s narcissism and grievances to get things done. The UK Supreme Court just rejected Assange’s bid to appeal, so the initial extradition request will go to Priti Patel for approval (though he still has several avenues of appeal).

Share this entry

Questions about the Proud Boys Superseding Indictment

As noted here, DOJ charged Enrique Tarrio, along with the existing leadership conspiracy defendants and Dominic Pezzola, This is just the second superseding indictment against the key Proud Boys. And while it’s good that Tarrio was finally included and there are hints of interesting coordination, unlike with the Oath Keepers conspiracy, where each superseding indictment pointed to a relentless march in one direction, where the Proud Boy investigation is heading is far less clear to me.

For now, I’ll assume that’s simply because they’re holding their cards close.

Who is missing

My first question pertains to the non-inclusion of certain people in this indictment.

The first is William Pepe, who had been charged with Dominic Pezzola on the indictment that got consolidated with this one. He has either flipped (which would be especially noteworthy given that he is represented by John Pierce), or he’s just sitting out there in a conspiracy with himself.

Another person not included here is Ron Loerkhe. With Jimmy Haffner, he was instrumental in breaching the East side of the Capitol and seems to have provided military structure to the attack. The two of them remain charged only by complaint and in February DOJ got a 3 month continuance on their case.

A third is Aaron Whallon-Wolkind, a close associate of Zach Rehl’s who kibbitzed the attack from Philadelphia that day. He was raided back in October, seemingly suggesting he too might get charged. The indictment doesn’t charge him. It also leaves out some of his statements that were in earlier court filings.

Who is cooperating and who is not

Thus far, there is only one overt cooperator in the Proud Boy cases: Matthew Greene, the former co-defendant of Dominic Pezzola (who has been moved onto this indictment) and Pepe (who has disappeared).

There are three senior Proud Boys — named as Person 1, Person 2, and Person 3 — whose status remains unknown. All three had key leadership positions. And they presumably were involved in a video chat Tarrio scheduled for December 20 to discuss Person 3’s comment that, “most of the protest will be at the capital building given what’s going on inside.” Person 1 is almost certainly Jeremy Bertino, who lives in SC; a number of well-informed people believe Person 2 is Wolkind. [h/t CH]

There are other Proud Boys who could be included in this indictment but who aren’t. Dan “Milkshake” Scott got a continuance in February for 120 days; that filing stated that he and the government had not yet even started plea negotiations. Joe Biggs’ co-travelers on the Arthur Jackman indictment are all still charged individually, even though two of them were literally touching Biggs at key moments during the day; the government is only now sorting through conflicts posed by John Pierce’s representation of three of them that would have to precede any plea discussions. Zach Rehl’s co-travelers also remain charged by complaint (and just misdemeanors, too); in February the government got a continuance until April. Jeff Finley, who also with Rehl and the others for part of the day, got a continuance in February until late March, to allow for “continued discussions about the case.” [Corrected to note Finley is a PB] Gabriel Garcia, who seemed to be one of the most useful people reporting back so others could coordinate from outside the riot, seems headed for trial by himself.

Father Jeremy and son Jeffrey Grace remain in uncertain status, too. After dad got busted for paling around with Proud Boys last summer, they’ve been in flux but still just charged (not even with each other!) with trespassing. In February Jeffrey’s case got continued until St. Patricks Day and Jeremy’s got continued to April.

Meanwhile, on Friday, Ricky Willden set a change of plea hearing for April 7, pretty far in advance as these things go. Because he was charged directly with indictment, it’s not clear what the government knows, but he has ties to the Proud Boys and others.

The inconsistent references

In addition to the three Person-Numbers, this indictment refers to people by all manner of convention.

It names Stewart Rhodes in describing the meeting he had with Tarrio in a parking garage after Tarrio was released from jail on January 5.

Then there are multiple people described as “an individual whose identity is known to the grand jury,” the most interesting of whom is the person who shared a 9-page document about occupying key buildings in DC.

But that’s also the way the indictment describes Ryan Samsel before explaining that he, “put one arm around BIGGS’s shoulder and spoke to him” before be broke through the first barrier in front of the Capitol. On Friday, Jia Cobb (who took over the Samsel case from Tim Kelly when several people were added), ordered Samsel transported from the State Jail in Pennsylvania he had been in to a the Federal jail where DC jail residents had been moved to. Since Samsel has been charged, there’s no reason not to name him, just as Rhodes is named.

Where is Trump

As I noted earlier, there’s no mention of Enrique Tarrio’s visit to the White House in December. The White House claimed that was no big deal, and maybe it is.

But this indictment also leaves out all mention of Proud Boys, including Tarrio, playing on Trump’s Stand Back and Stand By comment.

Where is the obstruction charge?

In some ways, this indictment charges more aggressively than the earlier one. As other indictments have, it swaps the 18 USC 371 conspiracy (with a maximum sentence of 5 years) for an 18 USC 1512(k) conspiracy (with a maximum sentence of 20 years).

It charges all the men for the assaults originally charged just against Donohoe and Pezzola.

But it doesn’t include an obstruction charge for Tarrio, in spite of his explicit efforts to prevent others from cooperating, recordings of which were publicly released.

Where does this go from here?

I’ve been expecting and predicting this indictment since December 28. But for the life of me, I’m not sure where DOJ expects to go from here.

This indictment describes the numbers of people massed at several stages of the operation. 65 members on the Ministry of Self Defense (MOSD) Members Group. 90 people in the New MOSD members group created on January 4. Approximately 100 Proud Boys who met at the Washington Memorial the morning of the attack. Donohoe bragging at 12:00PM on January 6 that “WE ARE WITH 200-300 PBS,” just before they kicked off the riot.

Perhaps this framework is meant to provide a way to implicate all those others, 300 people who agreed, by signing up, that they were following a plan that DOJ has now shown (and that Matthew Greene’s cooperation was designed to show) was a plan to occupy buildings from the start.

But otherwise, this still feels really dispersed, and the prosecution team (which consists of three visible members for the leadership conspiracy, including Erik Kenerson, Jason McCullough, and Luke Jones, and about four detailees from other offices for satellite cases; a fourth prosecutor who had been on the core cases, Christopher Berridge, left immediately after Greene pled) has a far harder caseload than the significantly larger team on the Oath Keepers.

Perhaps something will really start to crystalize as some of these continuances end in April. Or perhaps DOJ will be serially prosecuting Proud Boys for the foreseeable future.

Share this entry