December 10, 2019 / by 

 

Snowden Needs a Better Public Interest Defense: Disposing of the Journalist Filter

Some weeks ago, I wrote what was meant to be the second part of a three part review of Edward Snowden’s book, Permanent Record, in which I argued that his use of the Bildungsroman genre raised more questions than it answered about the timing of the moment he came to decide to reveal NSA’s files. I argued that the narrative did not present a compelling story that he had the maturity or the knowledge of the NSA’s files needed to sustain a public interest defense before the time he decided to take those files.

I’ve been struggling to write what was meant to be the first part of that review. That first part was meant to assess what I will treat as Snowden’s “cosmopolitan defense,” showing that his leaks have since been judged by neutral authorities to have revealed legal or human rights violations. As that first part has evolved, it has shifted into a more of a reflection on the failures of the surveillance community as a whole (and therefore my own failures) and of limits to an investment in whistleblowing as exposure. That part is not ready yet, but I hope the release of the FISA IG Report tomorrow will serve as a sounding board to pull those thoughts together.

But since this, the intended third part of the review, was mostly done, I wanted to release it to get it out of the way.

In addition to my other reactions about how this book fails to offer what Snowden has always claimed he wanted to do — offer a defense that he leaked the files in the public interest that could withstand cross-examination — this book harms the version of public interest defense Snowden has always offered. Snowden says that by sharing the NSA files with journalists, he made sure he wasn’t imposing his judgment for society. Given how unpersuasive his explanation for picking (especially) Glenn Greenwald as the journalist to make those choices is, which I addressed in my last post, and given Glenn’s much-mocked OpSec failures, there’s only so far Snowden can take that claim, because it’s always possible adversaries will steal the files or already have from journalists. The Intercept, in particular, went through very rigorous efforts to keep those files secure, but it took them some time to implement and that’s just one set of the files that are out there. 

Still, it is a claim that has a great deal of merit. It distinguishes Snowden from WikiLeaks. It mitigates a lot of concerns about the vast quantity of documents he took (or the degree to which they may relate to core national security concerns). I’m a journalist who once lost a battle to release Snowden documents that showed a troubling use of NSA authorities and who a second time chose not to rely on a Snowden document because its demonstrative value did not overcome the security damage releasing it might do. My experience working directly with the Snowden files is really quite limited and rather comical in its frustrations, but I will attest that there was a rigorous process put in place to protect the files and assess whether or not to publish them.

So I’m utterly biased about the value that journalists’ judgment might have served here. But if it ever comes to it, I will happily explain at length how Snowden’s choice to leak to journalists really does distinguish his actions.

Having made that argument, though, Snowden then violates precisely that principle by writing this book. 

There hasn’t been a lot of discussion about the disclosures Snowden makes in this book. They pale in comparison to what got disclosed with his NSA files. Nevertheless, I’m certain that Snowden revealed things that have forced CIA to mitigate risks if they hadn’t already done so before the book came out. In particular, Snowden describes the infrastructure of four different IC facilities, mostly CIA ones, in a way that would be useful for adversaries. Sure, our most skilled adversaries likely already knew what he disclosed in the book, but this book makes those details (if they haven’t already been mitigated) accessible to a wider range of adversaries.

More curious still is what Snowden makes a big show of not disclosing. In the book, Snowden describes how he took the files. While he describes sneaking the NSA’s files out on SD cards, he pointedly doesn’t explain how he transferred the files onto those SD cards.

I’m going to refrain from publishing how exactly I went about my own writing—my own copying and encryption—so that the NSA will still be standing tomorrow.

If Snowden really is withholding this detail out of some belief that sharing it would bring the NSA down tomorrow, he effectively just put a target on his back, walking as that back is around Moscow, to be coerced to answer precisely this question. And if Snowden really believes this detail is that damaging to the NSA, his assurances that he destroyed his encryption key to the files before he left Hong Kong and so could not be coerced, once he arrived in Russia, to share damaging information on the US falls flat. By his own estimation, Snowden did not destroy some of the most valuable knowledge he had that might be of interest, information he claims could bring the NSA down tomorrow. 

I actually doubt that’s why he’s withholding that detail. After all, the HPSCI Report on Snowden has a three page section that describes this process, including this entirely redacted passage (PDF 18) describing a particular vulnerability he used to make copies of the files, one the unredacted part of the HPSCI report suggests may have been unknown to NSA when Snowden exploited it.

Assuming the NSA, focusing all its forensic powers on understanding what had been, to that point, the agency’s worst breach ever, managed to correctly assess the vulnerability Snowden used by October 29, 2014, the date the NSA wrote a report describing “Methods Used by Edward Snowden To Remove Documents from NSA Networks,” then the NSA has presumably already fixed the vulnerability.

I honestly don’t know why, then, Snowden kept that detail secret. It’s possible it’s something banal, an effort to avoid sharing the critical forensic detail that would be used to prosecute him if he ever were to stand trial (though it’s not like there’s any doubt he took the documents). I can think of other possible reasons, but why he withheld this detail is a big question about the choices he made about what to disclose and what not to disclose in this book.

But that’s the challenge for Snowden, after investing much of a public interest defense in using journalists as intermediaries, now making choices personally about what to disclose and what to withhold. It accords Snowden a different kind of responsibility for the choices he makes in this book. And it’s not clear that, having assumed that role, Snowden met his own standards.


Snowden Needs a Better Public Interest Defense, Part I: Bildungsroman

If I were Zachary Terwilliger, the US Attorney for Eastern District of Virginia, where Edward Snowden was indicted, I’d call up Snowden’s lawyer, Ben Wizner, and say, “Bring it on.” 

Since Snowden first went public, he has claimed he’d return to the US for trial if he could mount a public interest defense where he could explain why he did what he did and demonstrate how his leaks benefited society. With his book, Permanent Record, Snowden did just that, albeit in a narrative targeted at the general population, not prosecutors and a jury. And yet, the book falls far short of the kind of argument Snowden would need to make to mount such a legal defense. If Terwilliger were to make an exception to EDVA’s precedents that prohibit defendants from mounting a public interest defense (he won’t, of course), then, this “permanent record” would be available for prosecutors to use to pick apart any public interest defense Snowden tried to make.

Let me be clear, I think Snowden can make such a case — I’ve addressed some of the issues here. I also am well aware of the tremendous debt both domestic and international surveillance activism, to say nothing of my own journalism, owes to Snowden. While I’m agnostic about his true motives and implementation (I’ve got more questions after reading the book than before), he is undeniably a courageous person who sacrificed his comfort and safety to do what he did. Whether he can mount a hypothetical public interest defense or not is not necessarily tied to the lasting value of his releases, something I’ll address in a follow-up. And the book serves other purposes as well, such as alerting non-experts to the privacy dangers of Silicon Valley’s unquenchable thirst for their data.

But the book fails to do adequately what Snowden has been claiming he wanted to do all along, and as such, I found it profoundly disappointing. I’ve been struggling to write up how and why, so will need to break up my reasons into three parts. 

I’m an expert on surveillance. But I also happen to have a PhD in literature. And it was the narrative structure of the book that first triggered my frustration with it.

The book–which Snowden wrote with novelist Joshua Cohen–is a classic Bildungsroman, a narrative that portrays the maturation of its protagonist as he (usually it’s a he) struggles with the conventions of the world. Snowden was pretty much stuck writing his memoir as a Bildungsroman, because he needs to explain why, after enthusiastically pursuing jobs at the center of the Deep State–something he’s now bitterly critical of–he then turned on the Deep State and exposed it. He attributes his prior enthusiasm, bitterly, to naiveté, and the narrative does portray young Snowden as emotionally immature and kind of annoying. People would only voluntarily work in the Deep State because they’re naive, this narrative approach insinuates. 

For the general public, writing a Bildungsroman is a really effective genre because (for the same reason we get assigned Bildungsroman to read in high school), it helps the public vicariously travel the same path of maturation. For lay readers, the genre may help them develop a more mature view on technology and privacy. 

For a guy with legal problems, though, writing one is fraught with danger. That’s because any public interest defense will depend on Snowden arguing about his state of mind and motives for leaking, and in writing this book, he committed to a chronology that maps that out. So the serial moments that, in Bildungsroman you read in high school, are just means to reaching an ethical adulthood, here serve as roadmaps to measure whether, at key moments when Snowden engaged in certain actions related to his leaking (taking a particular job, seeking out certain files), he had the state of mind that might sustain a public interest defense. The genre provides a way to measure whether he had the maturity and pure motive to make the decisions he did at each stage of the process.

From an ethical perspective, if the moment he becomes mature comes too late in the story, then it means he was not mature enough to make the decisions he did to take NSA’s documents, and we should question the judgment he exercised, particularly given how painfully immature he portrays himself at the beginning. From a legal perspective, if that moment comes too early in the story, it means he started the process of taking the documents before he got what he claims (unconvincingly) was a full understanding of what he was taking, so he must have taken them for some other reason than a measured assessment of the problems with the NSA’s programs.

As a reader (with, admittedly, far more training in narrative than virtually all of Snowden’s imagined readers), I found it hard to determine when, in Snowden’s own mind, he graduated from being the emotionally immature and naive person he disdainfully describes himself as at the beginning of his development to being the sophisticated person who could make sound decisions about what is good for humanity he claims to be when he takes the NSA documents. He makes it clear there were several such moments: when he realized how our spying is like China’s, when he read the draft NSA IG Report on Stellar Wind, when he saw the kid of a target and realized it could have been him. The process was iterative. But every one of those moments presents problems for either his ethical or legal claims.

It doesn’t help that there were key gaps in this story. The most discussed one involves what has happened to him since he got to Russia. That gap feels all the more obvious given how much time (3 hours out of 11 in the Audible version of the book) he spends describing his youth. 

What Snowden has done since he got to Russia obviously can’t change the events that happened years ago, while dissident Snowden was being formed and as he carried out his exfiltration of NSA’s documents. But whatever has happened to him in Russia may change the perspective through which Snowden, the narrator, views his own actions.

Just by way of illustration, much of Snowden’s discussion of the law and privacy in the book bears the marks of years of intellectual exchange with Wizner and Glenn Greenwald — both of whom he invokes in his acknowledgments. If Ben and Glenn are a tangible part of the focal point through which Snowden views his own story — and as someone who knows them both, they are — then so must be exile in Russia (as well as his relationship with Lindsey, though he foregrounds that lens throughout the book). The narrator of this book is sitting in exile in Russia, and as such Snowden’s silence about what that means is jarring. 

The other gaps, however, are more problematic for this Bildungsroman of public interest.

A minor example: Snowden doesn’t address how he got sent home from Geneva, an episode that, per HPSCI’s report on Snowden, involved a disciplinary dispute. From the Intelligence Community’s perspective, that’s the moment where Snowden turned on the Deep State, and for petty emotional reasons, not ethical ones. So his silence on the point is notable.

Far more significantly, one of the episodes that Snowden treats as a key developmental moment, a moment where he shifted from repressing the problem of being a key participant in a dragnet to wanting to defeat it, came when, during convalescence after his first bout of epilepsy, he set up a Tor bridge to support Iranian protesters during the Arab Spring. 

I wanted to help, but I didn’t know how. I’d had enough of feeling helpless, of being just an asshole in flannel lying around on a shabby couch eating Cool Ranch Doritos and drinking Diet Coke while the world went up in flames.

[snip]

Ever since I’d been introduced to the Tor Project in Geneva, I’d used its browser and run my own Tor server, wanting to do my professional work from home and my personal Web browsing unmonitored. Now, I shook off my despair, propelled myself off the couch, and staggered over to my home office to set up a bridge relay that would bypass the Iranian Internet blockades. I then distributed its encrypted configuration identity to the Tor core developers.

This was the least I could do. If there was just the slightest chance that even one young kid from Iran who hadn’t been able to get online could now bypass the imposed filters and restrictions and connect to me—connect through me—protected by the Tor system and my server’s anonymity, then it was certainly worth my minimal effort.

[snip]

The guy who started the Arab Spring was almost exactly my age. He was a produce peddler in Tunisia, selling fruits and vegetables out of a cart. In protest against repeated harassment and extortion by the authorities, he stood in the square and set fire to his life, dying a martyr. If burning himself to death was the last free act he could manage in defiance of an illegitimate regime, I could certainly get up off the couch and press a few buttons.

Four paragraphs later, Snowden describes realizing (once on his new job in Hawaii, on his birthday) that his life would take a new direction.

One day that summer—actually, it was my birthday—as I passed through the security checks and proceeded down the tunnel, it struck me: this, in front of me, was my future. I’m not saying that I made any decisions at that instant. The most important decisions in life are never made that way. They’re made subconsciously and only express themselves consciously once fully formed—once you’re finally strong enough to admit to yourself that this is what your conscience has already chosen for you, this is the course that your beliefs have decreed. That was my twenty-ninth birthday present to myself: the awareness that I had entered a tunnel that would narrow my life down toward a single, still-indistinct indistinct act.

As described, this is a dramatic moment, that instant where the protagonist becomes a mature actor. But it’s also (as all story-telling is) narrative manipulation, the narrator’s decision to place the key moment in a tunnel in Hawaii, after he already has the job, and not weeks earlier on a couch in Maryland before he starts looking for a new job. Nevertheless, the proximity narratively links his response to the Arab Spring inseparably to his decision to become a dissident.

Immediately after his response to the Arab Spring, then, he moved to the pineapple field in Hawaii, yet another new job at NSA helping run the dragnet. Immediately upon arriving, he set up a script to obtain certain kinds of documents, Heartbeat. He insists that he first set up the script only to read the files to learn what the NSA was really doing and also claims that that script is where most of the documents he shared with journalists came from (the latter claim would be one of the first things prosecutors would rip to shreds, because the exceptions are important ones). 

Before I go any further, I want to emphasize this: my active searching out of NSA abuses began not with the copying of documents, but with the reading of them. My initial intention was just to confirm the suspicions that I’d first had back in 2009 in Tokyo.

[snip]

Nearly all of the documents that I later disclosed to journalists came to me through Heartbeat. It showed me not just the aims but the abilities of the IC’s mass surveillance system. This is something I want to emphasize: in mid-2012, I was just trying to get a handle on how mass surveillance actually worked.

That’s a crucial step for the public interest defense, because unless he had some basis to determine the NSA was doing stuff egregiously wrong, stealing the documents to expose them would not be based on the public interest. That he could learn more in the six months to a year he spent doing that covertly, part time, than the handful of journalists who’ve spent the better part of five years doing nothing but that is questionable (though Snowden rightly claims he has a better understanding of the technology and infrastructure than most of the journalists who have reported on the files).

But the way the epilepsy narrative immediately precedes his move to Kunia hurts his public interest defense, because it means he had already started thinking in terms of action at the time he sought out a job where he’d have reason to scrape the NSA’s files in bulk.

That’s all the more true given that it would be unlikely he’d be sharing information about Tor bridges during the Arab Spring with core Tor developers and not interact with Jake Appelbaum. I know the Snowden story pretty well, but this is the first that I heard of the possibility that he was interacting with Jake — who already was a fierce critic of the US government and had close ties to WikiLeaks at the time — before he went to Kunia. And if the process by which he became a dissident involved interacting with Jake, then it makes his decision to start a new job at NSA rather than just quit and apply his skills to building privacy tools, far, far more damning. It also makes Snowden’s explanation of why he leaked to Laura Poitras and Glenn (his explanation for the latter of which is already thoroughly unconvincing in the book) far more problematic. To be clear, I don’t know if he did interact with Jake, but Jake had a very central and public role in using Tor to facilitate the Arab Spring, so the gap raises more questions than answers.

There are other, similar gaps in the narrative. I won’t lay them out because the FBI sucks ass at narrative, and there’s no reason for me to help them. Suffice it to say, though, that Snowden’s own story about when and how he became an ethical dissident hurts his legal story far more than it helps.


Surveillance Reform Can No Longer Ignore EO 12333

Yesterday, a bunch of civil liberties groups issued a letter calling for FISA 702 reform as part of the Section 215 reauthorization this year. I agree that the reauthorization this year should address the problems with 702 that weren’t addressed last year, though even on FISA, the letter doesn’t go far enough. DOJ IG will soon issue a report partly addressing the Carter Page FISA application, and that will provide an opportunity to push to make reforms to traditional (individual) FISA, such as making it clear that some defendants must get to review the underlying affidavit. Similarly, it doesn’t make sense reforming Section 215’s subpoena function without, at the same time, reforming the subpoena authority that DEA uses for a similar dragnet that undergoes far less oversight, particularly given that Bill Barr is the guy who first authorized that DEA dragnet in his first go-around as authoritarian Attorney General.

But it’s also the case that the surveillance community could — and arguably has an opportunity to — address EO 12333 as well.

The Executive branch has been exploiting the tension between EO 12333 (foreign surveillance that, because it is “foreign,” is conducted under the exclusive authority of Article II) and FISA (“domestic” surveillance overseen by the FISA court) since Dick Cheney launched Stellar Wind on bogus claims the collection on foreign targets in the US amounted to “foreign” surveillance. From 2004 to 2008, Congress moved parts of that under FISA. But at several points since, the government has reacted to FISA restrictions by moving their surveillance under EO 12333, most notably when it moved much of its collection of Internet metadata under EO 12333 in 2012.

Unfortunately, most of the surveillance community and reporters covering such issues have been woefully unaware of even the limited public disclosures on EO 12333 surveillance (which for a time was branded as SPCMA). That made activism around Section 215 far less effective, as few people understood that Section 215 data was and remains just a small part of a larger, duplicative dragnet, and a lot of the claims made about the need for USA Freedom Act didn’t account for precisely what role the Section 215 dragnet played in the larger whole.

As one of its last acts, the Obama Administration institutionalized EO 12333 sharing across intelligence agencies, formalizing what Dick Cheney had been aiming for all along, just before Donald Trump took over.  At least as soon as that happened, the FBI (and other agencies, including but not limited to CIA) obtained a source of content that paralleled (and like the metadata dragnet, surely is significantly duplicative with) Section 702 collection.

That means the Section 702 opinion released last week discusses querying methods that may also be applied, in the same systems, to EO 12333 data. Indeed, one aspect of the querying procedures FBI finally adopted — that queries limited “such that it cannot retrieve unminimized section 702-acquired information” — is the kind of setting that NSA used to re-run queries that returned FISA information so as to return, instead, only EO 12333 data that could be shared under different rules with less oversight. Furthermore, the regime set up under EO 12333, which already includes squishy language about queries “for the purpose of targeting” a US person (suggesting other purposes are permissible), has the same kind of internal approval process that the government wanted to adopt with 702.

If FBI is querying both 702 and EO 12333 raw content in the same queries, it means the standards laid out by James Boasberg in his opinion should apply. Notably, Boasberg wrote at some length about what constituted “reasonable” procedures to govern querying, and under a balancing analysis, found that the procedures in place did not comply with the Fourth Amendment.

Whether the balance of interests ultimately tips in favor of finding the procedures to be inconsistent with the Fourth Amendment is a close question. Reasonableness under the Fourth Amendment does not require perfection. See In Re Directives, 551 F.3d at J 015 (“the fact that there is some potential for error is not a sufficient reason to invalidate” surveillances as unreasonable under the Fourth Amendment). Nonetheless, if “the protections that are in place for individual privacy interests are … insufficient to alleviate the risks of government error and abuse, the scales will tip toward a finding of unconstitutionality.” kl at 1012. Here, there are demonstrated risks of serious error and abuse, and the Court has found the government’s procedures do not sufficiently guard against that risk, for reasons explained above in the discussion of statutory minimization requirements.

By contrast, under the EO 12333 procedures, the only reasonableness review takes place when NSA decides whether to share its SIGINT, which doesn’t include risk of error and abuse.

Reasonableness. Whether approving the request is reasonable in light of all the circumstances known at the time of the evaluation of the request, including but not limited to:

[snip]

e. (U) The likelihood that sensitive U.S. person information (USPI) will be found in the information and, if known, the amount of such information;

f. (U) The potential for substantial harm, embarrassment, inconvenience, or unfairness to U.S. persons if the USPI is improperly used or disclosed;

And that’s with the additional minimization procedures under 702 that are stronger than the dissemination rules under the EO 12333 rules.

There are limits to this. Boasberg based his Fourth Amendment review in statutory considerations, statute that doesn’t yet exist with 12333. He did not determine that the act of querying, by itself, warranted Fourth Amendment protection (though the amici pushed him to do so).

But that shouldn’t stop Congress from requiring that FBI adhere to the same practices of querying with EO 12333 collected data as it does with Section 702 collected data, which would in turn limit the value, to FBI, of engaging in surveillance arbitrage by doing things under EO 12333 that it couldn’t do under 702.


How Twelve Years of Warning and Six Years of Plodding Reform Finally Forced FBI to Do Minimal FISA Oversight

Earlier this week, the government released the reauthorization package for the 2018 Section 702 certificates of FISA. With the release, they disclosed significant legal fights about the way FBI was doing queries on raw data, what we often call “back door searches.” Those fights are, rightly, being portrayed as Fourth Amendment abuses. But they are, also, the result of the FISA Court finally discovering in 2018, after 11 years, that back door searches work like some of us have been saying they do all along, a discovery that came about because of procedural changes in the interim.

As such, I think this is wrong to consider “FISA abuse” (and I say that as someone who was very likely personally affected by the practices in question). It was, instead, a case where the court discovered that FBI using 702 as it had been permitted to use it by FISC was a violation of the Fourth Amendment.

As such, this package reflects a number of things:

  • A condemnation of how the government has been using 702 (and its predecessor PAA) for 12 years
  • A (partial — but thus far by far the most significant one) success of the new oversight mechanisms put in place post-Snowden
  • An opportunity to reform FISA — and FBI — more systematically

This post will explain what happened from a FISA standpoint. A follow-up post will explain why this should lead to questions about FBI practices more generally.

The background

This opinion came about because every year the government must obtain new certificates for its 702 collection, the collection “targeted” at foreigners overseas that is, nevertheless, designed to collect content on how those foreigners are interacting with Americans. Last we had public data, there were three certificates: counterterrorism, counterproliferation, and “foreign government,” which is a too-broadly scoped counterintelligence function. As part of that yearly process, the government must get FISC approval to any changes to its certificates, which are a package of rules on how they will use Section 702. In addition, the court conducts a general review of all the violations reported over the previous year.

Originally, those certificates included proposed targeting (governing who you can target) and minimization (governing what you can do once you start collecting) procedures; last year was the first year the agencies were required to submit querying procedures governing the way agencies (to include NSA, CIA, National Counterterrorism Center, and FBI) access raw data using US person identifiers. The submission of those new querying procedures are what led to the court’s discovery that FBI’s practices violated the Fourth Amendment.

In the years leading up to the 2018 certification, the following happened:

  • In 2013, Edward Snowden’s leaks made it clear that those of us raising concerns about Section 702 minimization since 2007 were correct
  • In 2014, the Privacy and Civil Liberties Oversight Board (which had become operational for the first time in its existence almost simultaneously with Snowden’s leaks) recommended that CIA and FBI have to explain why they were querying US person content in raw data
  • In 2015, Congress passed the USA Freedom Act, the most successful reform of which reflected Congress’ intent that the FISA Court start consulting amicus curiae when considering novel legal questions
  • In 2015, amicus Amy Jeffress (who admitted she didn’t know much about 702 when first consulted) raised questions about how queries were conducted, only to have the court make minimal changes to current practice — in part, by not considering what an FBI assessment was
  • In the 2017 opinion authorizing that year’s 702 package, Rosemary Collyer approved an expansion of back door searches without — as Congress intended — appointing an amicus to help her understand the ways the legal solution the government implemented didn’t do what she believed it did; that brought some (though not nearly enough) attention to whether FISC was fulfilling the intent of Congress on amici
  • In the 2017 Reauthorization (which was actually approved in early 2018), Congress newly required agencies accessing raw data to submit querying procedures along with their targeting and minimization procedures in the annual certification process, effectively codifying the record-keeping suggestion PCLOB had made over two years earlier

When reviewing the reauthorization application submitted in March 2018, Judge James Boasberg considered that new 2017 requirement a novel legal question, so appointed Jonathan Cederbaum and Amy Jeffress, the latter of whom also added John Cella, to the amicus team. By appointing those amici to review the querying procedures, Boasberg operationalized five years of reforms, which led him to discover that practices that had been in place for over a decade violated the Fourth Amendment.

When the agencies submitted their querying procedures in March 2018, all of them except FBI complied with the demand to track and explain the foreign intelligence purpose for US person queries separately. FBI, by contrast, said they already kept records of all their queries, covering both US persons and non-US persons, so they didn’t have to make a change. One justification it offered for not keeping US person-specific records as required by the law is that Congress exempted it from the reporting requirements it imposed on other agencies in 2015, even though FBI admitted that it was supposed to keep queries not just for the public reports from which they argued they were exempted, but also for the periodical reviews that DOJ and ODNI make of its queries for oversight purposes. FBI Director Christopher Wray then submitted a supplemental declaration, offering not to fix the technical limitations they built into their repositories, but arguing that complying with the law via other means would have adverse consequences, such as diverting investigative resources. Amici Cedarbaum and Amy Jeffress challenged that interpretation, and Judge James Boasberg agreed.

The FBI’s querying violations

It didn’t help FBI that in the months leading up to this dispute, FBI had reported six major violations to FISC involving US person queries. While the description of those are heavily redacted, they appear to be:

  • March 24-27, 2017: The querying of 70K facilities “associated with” persons who had access to the FBI’s facilities and systems. FBI General Counsel (then run by Jim Baker, who had had these fights in the past) warned against the query, but FBI did it anyway, though did not access the communications. This was likely either a leak or a counterintelligence investigation and appears to have been discovered in a review of existing Insider Threat queries.
  • December 1, 2017: FBI conducted queries on 6,800 social security numbers.
  • December 7-11, 2017, the same entity at FBI also queried 1,600 queries on certain identifiers, though claimed they didn’t mean to access raw data.
  • February 5 and 23, 2018: FBI did approximately 30 queries of potential sources.
  • February 21, 2018: FBI did 45 queries on people being vetted as sources.
  • Before April 13, 2018: an unspecified FBI unit queried FISA acquired metadata using 57,000 identifiers of people who work in some place.

Note, these queries all took place under Trump, and most of them took place under Trump’s hand-picked FBI Director. Contrary to what some Trump apologists have said about this opinion, it is not about Obama abuse (though it reflects practices that likely occurred under him and George Bush, as well).

These violations made it clear that Congress’ mandate for better record-keeping was merited. Boasberg also used them to prove that existing procedures did not prevent minimization procedure violations because they had not in these instances.

As he was reviewing the violations, Boasberg discovered problems in the oversight of 702 that I had noted before, based off my review of heavily redacted Semiannual Reports (which means they should have been readily apparent to everyone who had direct access to the unredacted reports). For example, Judge Boasberg noted how few of FBI’s queries actually get reviewed during oversight reviews (something I’ve pointed out repeatedly, and which 702 boosters have never acknowledged the public proof of).

As noted above, in 2017 the FBI conducted over three million queries of FISA-acquired information on just one system, [redacted]. See Supplemental FBI Declaration at 6. In contrast, during 2017 NSD conducted oversight of approximately 63,000 queries in [redacted] and 274,000 queries in an FBI system [redacted]. See Gov’t Response at 36.

Personnel from the Office of Intelligence (OI) within the Department of Justice’s National Security Division (NSD) visit about half of the FBI’s field offices for oversight purposes in a given year. Id at 35 & n 42. Moreover OI understandably devotes more resources to offices that use FISA authorities more frequently, so those offices [redacted] are visited annually, id at 35 n. 42, which necessitates that some other offices go for periods of two years or more between oversight visits. The intervals of time between oversight visits at a given location may contribute to lengthy delays in detecting querying violations and reporting them to the FISC. See, e.g., Jan. 18, 2019, Notice [redacted] had been conducting improper queries in a training context since 2011, but the practice was not discovered until 2017).

He also noted that the records on such queries don’t require contemporaneous explanation from the Agent making the query, meaning any review of them will not find problems.

The FBI does not even record whether a query is intended to return foreign-intelligence information or evidence of crime. See July 13, 2018, Proposed Tr. at 14 (DOJ personnel “try to figure out” from FBI query records which queries were run for evidence of crime purposes). DOJ personnel ask the relevant FBI personnel to recall and articulate the bases for selected queries. Sometimes the FBI personnel report they cannot remember. See July 9, 2018, Notice.

Again, I noted this in the past.

In short, as Boasberg was considering Wray’s claim that the FBI didn’t need the record-keeping mandated by Congress, he was discovering that, in fact, FBI needs better oversight of 702 (something that should have been clear to everyone involved, but no one ever listens to my warnings).

FISC rules the querying procedures do not comply with the law or Fourth Amendment

In response to Boasberg’s demand, FBI made several efforts to provide solutions that were not really solutions.

The FBI’s first response to FISC’s objections was to require General Counsel approval before accessing the result of any “bulk” queries like the query that affected 70K people — what it calls “categorical batch queries.”

Queries that are in fact reasonably likely to return foreign-intelligence information are responsive the government’s need to obtain and produce foreign-intelligence information, and ultimately to disseminate such information when warranted. For that reason, queries that comply with the querying standard comport with § 1801 (h), even insofar as they result in the examination of the contents of private communications to or from U.S. persons. On the other hand, queries that lack a sufficient basis are not reasonably related to foreign intelligence needs and any resulting intrusion on U.S. persons’ privacy lacks any justification recognized by§ 1801 (h)(l). Because the FBI procedures, as implemented, have involved a large number of unjustified queries conducted to retrieve information about U.S. persons, they are not reasonably designed, in light of the purpose and technique of Section 702 acquisitions, to minimize the retention and prohibit the dissemination of private U.S. person information.

But Boasberg was unimpressed with that because the people who’d need to consult with counsel would be the most likely not to know they did need to do so.

He also objected to FBI’s attempt to give itself permission to use such queries at the preliminary investigation phase (before then, FBI was doing queries at the assessment stage).

The FBI may open a preliminary investigation with even less of a factual predicate: “on the basis of information or an allegation indicating the existence of a circumstance” described in paragraph a. orb. above. Id. § II.B.4.a.i at 21 (emphasis added). A query using identifiers for persons known to have had contact with any subject of a full or preliminary investigation would not require attorney approval under § IV.A.3, regardless of the factual basis for opening the investigation or how it has progressed since then.

Boasberg’s Fourth Amendment analysis was fairly cautious. Whereas amici pushed for him to treat the queries as separate Fourth Amendment events, on top of the acquisition (which would have had broad ramifications both within FISA practice and outside of it), he instead interpreted the new language in 702 to expand the statutory protection under queries, without finding queries of already collected data a separate Fourth Amendment event.

Similarly, both Boasberg and the amici ultimately didn’t push for a written national security justification in advance of an actual FISA search. Rather, they argued FBI had to formulate such a justification before accessing the query returns (in reality, many of these queries are automated, so it’d be practically impossible to do justifications before the fact).

Boasberg nevertheless required the FBI to at least require foreign intelligence justifications for queries before an FBI employee accessed the results of queries.

The FBI was not happy. Having been told they have to comply with the clear letter of the law, they appealed to the FISA Court of Review, adding apparently new arguments that fulfilling the requirement would not help oversight and that the criminal search requirements were proof that Congress didn’t intend them to comply with the other requirements of the law. Like Boasberg before them, FISCR (in a per curium opinion from the three FISCR judges, José Cabranes, Richard Tallman, and David Sentelle) found that FBI really did need to comply with the clear letter of the law.

The FBI chose not to appeal from there (for reasons that go beyond this dispute, I suspect, as I’ll show in a follow-up). So by sometime in December, they will start tracking their backdoor searches.

FBI tried, but failed, to avoid implementing a tool that will help us learn what we’ve been asking

Here’s the remarkable thing about this. Something like this has been coming for two years, and FBI is only now beginning to comply with the requirement. That’s probably not surprising. Neither the Director of National Intelligence (which treated its intelligence oversight of FBI differently than it did CIA or NSA) nor Congress had demanded that FBI, which can have the most direct impact on someone’s life, adhere to the same standards of oversight that CIA and NSA (and an increasing number of other agencies) do.

Nevertheless, 12 years after this system was first moved under FISA (notably, two key Trump players, White House Associate Counsel John Eisenberg and National Security Division AAG John Demers were involved in the original passage), we’re only now going to start getting real information about the impact on Americans, both in qualitative and quantitative terms. For the first time,

  • We will learn how many queries are done (the FISC opinion revealed that just one FBI system handles 3.1 million queries a year, though that covers both US and non US person queries)
  • We will learn that there are more hits on US persons than previously portrayed, which leads to those US persons to being investigated for national security or — worse — coerced to become national security informants
  • We will learn (even more than we already learned from the two reported queries that this pertained to vetting informants) the degree to which back door searches serve not to find people who are implicated in national security crimes, but instead, people who might be coerced to help the FBI find people who are involved in national security crimes
  • We will learn that the oversight has been inadequate
  • We will finally be able to measure disproportionate impact on Chinese-American, Arab, Iranian, South Asian, and Muslim communities
  • DOJ will be forced to give far more defendants 702 notice

Irrespective of whether back door searches are themselves a Fourth Amendment violation (which we will only now obtain the data to discuss), the other thing this opinion shows is that for twelve years, FISA boosters have been dismissing the concerns those of us who follow closely have raised (and there are multiple other topics not addressed here). And now, after more than a decade, after a big fight from FBI, we’re finally beginning to put the measures in place to show that those concerns were merited all along.


What a Properly Scoped FISA Abuse Inspector General Report Would Look Like

In this piece on the Jim Comey IG Report, I showed that Michael Horowitz’s department received evidence of two violations of DOJ rules. His office first received seven memos that documented that DOJ’s protocols to ensure the integrity of investigations had collapsed under Donald Trump’s efforts to influence investigations. And then, at some later time, his office learned that Comey had (improperly, according to the report) retained those memos even after being fired and that FBI had classified six words in the memos he retained retroactively.

Horowitz’s office has completed an investigation into an act that otherwise might be punished by termination that already happened. But there is zero evidence that Horowitz has conducted an investigation into the subject of the whistleblower complaint, the breakdown of DOJ’s protections against corruption.

In April 2018, Horowitz released a report (which had been hastily completed in February) detailing that Andrew McCabe had been behind a reactive media release during the 2016 election. But his office has not yet released its conclusions regarding the rampant leaks that McCabe was responding to. In other words, Horowitz seems to have once again released a report on a problem that — however urgent or not — has already been remedied, but not released a report on ongoing harm.

Horowitz is reportedly preparing to release a report on what the frothy right calls “FISA abuse.” but given the content of a Lindsey Graham letter calling for declassification of its underlying materials, it’s seems likely that that report, too, is scoped narrowly, focusing just on Carter Page (and any other Trump officials targeted under FISA). There’s no request for backup materials on the other investigation predicated off of hostile opposition research, the investigation into the Clinton Foundation.

I have long said that if Republicans think the FISA order into Carter Page was abusive, then they’re being remiss in their oversight of FISA generally, because whatever abuse happened with Page happens, in far more egregious fashion, on the FISA applications of other people targeted and prosecuted with them.

If Michael Horowitz is concerned that the information from paid informants is not properly vetted before being used as the basis for a FISA application, they would be better to focus on any number of terrorism defendants. Adel Daoud appears to have been targeted under FISA based off a referral — probably, like Christopher Steele, a paid consultant — claiming he said something in a forum that the government later stopped claiming; Daoud remains in prison right now after having been set up in an FBI sting.

If Michael Horowitz is concerned that the FBI is misusing press reports in FISA applications, they would be better to focus on the case against Keith Gartenlaub. The FBI based its FISA applications partly off a Wired article that was totally unrelated to anything Gartenlaub was involved with. Gartenlaub will forever be branded as a sex criminal because, after finding no evidence that he was a spy, the government found 10 year old child porn they had no evidence he had ever accessed.

If Michael Horowitz is concerned that information underlying a FISA application included errors — such as that there are no Russian consulates in Miami — he should probably review how Xiaoxing Xi got targeted under FISA because the FBI didn’t understand what normal scholarship about semiconductors involves. While DOJ dropped its prosecution of Xi once it became clear how badly they had screwed up, he was charged and arrested.

And if Michael Horowitz is concerned about FISA abuse, then he should examine why zero defendants have ever gotten able to review their applications, even though that was the intent of Congress. Both Daoud and Gartenlaub should have been able to review their files, but both were denied at the appellate level.

The point being, the eventual report on “FISA abuse” will not be about FISA abuse. It will, once again, be about the President’s grievances. It will, at least according to public reporting, not treat far more significant problems, including cases where the injury against the targets was far greater than it was for Carter Page.

I don’t believe Michael Horowitz believes he is serving as an instrument of the President’s grievances. But by scoping his work to include only the evidence that stems from the President’s grievances and leaving out matters that involve ongoing harm, that’s what he is doing.

Note: I have or had a legal relationship with attorneys involved in these cases, though not when writing the underlying posts.


Admitted Former Foreign Agent Mike Flynn Demands More Classified Information

According to Mike Flynn’s Fox News lawyer, Sidney Powell, to “defend” himself in a guilty plea he has already sworn to twice under oath, he needs to obtain unredacted versions of a Comey memo showing he was not targeted with a FISA warrant and a FISA order showing that people who were targeted with FISA warrants might have been improperly scrutinized while they were overseas.

That’s just part of the batshittery included in a request for Brady material submitted to Emmet Sullivan last Friday.

The motion is 19 pages, most of which speaks in gross generalities about Brady obligations or repeats Ted Stevens Ted Stevens Ted Stevens over and over again, apparently a bid to convince Judge Emmet Sullivan that this case has been subject to the same kind of abuse that the late Senator’s was.

After several readings, I’ve discovered that Powell does make an argument in the motion: that if the government had provided Flynn with every damning detail it has on Peter Strzok, Flynn might not have pled guilty to lying to Strzok about his conversations with Russian Ambassador Sergey Kislyak or admitted that he used a kickback system to hide that he was a paid agent of Turkey while getting Top Secret briefings with candidate Trump.

They affirmatively suppressed evidence (hiding Brady material) that destroyed the credibility of their primary witness, impugned their entire case against Mr. Flynn, while at the same time putting excruciating pressure on him to enter his guilty plea and manipulating or controlling the press to their advantage to extort that plea. They continued to hide that exculpatory information for months—in direct contravention of this Court’s Order—and they continue to suppress exculpatory information to this day.

One of the things Powell argues Flynn should have received is unredacted copies of every text Strzok sent Lisa Page.

The government’s most stunning suppression of evidence is perhaps the text messages of Peter Srzok and Lisa Page. In July of 2017, (now over two years ago), the Inspector General of the Department of Justice advised Special Counsel of the extreme bias in the now infamous text messages of these two FBI employees. Mr. Van Grack did not produce a single text messages to the defense until March 13, 2018, when he gave them a link to then-publicly available messages. 14

Mr. Van Grack and Ms. Ahmad, among other things, did not disclose that FBI Agent Strzok had been fired from the Special Counsel team as its lead agent almost six months earlier because of his relationship with Deputy Director McCabe’s Counsel—who had also been on the Special Counsel team—and because of their text messages and conduct. One would think that more than a significant subset of those messages had to have been shared by the Inspector General of the Department of Justice with Special Counsel to warrant such a high-level and immediate personnel change. Indeed, Ms. Page left the Department of Justice because of her conduct, and Agent Strzok was terminated from the FBI because of it.

14 There have been additional belated productions. Each time more text messages are found, produced, or unredacted, there is more evidence of the corruption of those two agents. John Bowden, FBI Agent in Texts: ‘We’ll Stop’ Trump From Becoming President, THE HILL (June 14, 2018), https://thehill.com/policy/national-security/392284-fbi-agent-in-texts-well-stop-trumpfrom-becoming-president; see also U.S. Dept. of Justice, Office of the Inspector General, A Review of Various Actions by the Federal Bureau of Investigation and Department of Justice in Advance of the 2016 Election. Redacted Ed. Washington, D.C. (2018) (https://www.justice.gov/file/1071991/download). But the situation is even worse. After being notified by the Inspector General of the Department of Justice of the extraordinary text communications between Strzok and Page (more than 50,000 texts) and of their personal relationship, which further compromised them, Special Counsel and DOJ destroyed their cell phones. U.S. Dept. of Justice, Office of the Inspector General, Report of Investigation: Recovery of Text Messages From Certain FBI Mobile Devices, Redacted Ed. Washington, D.C. (2018), https://www.justice.gov/file/1071991/download. This is why our Motion also requests a preservation order like the one this Court entered in the Stevens case.

As is true of most of this filing, Powell gets some facts wrong here. The public record says that as soon as Mueller got the warning from Michael Horowitz about the texts, he started moving Strzok off the team. He didn’t need to see the texts, that they were there was issue enough. And Lisa Page remained at FBI until May 2018, even after the texts were released to the public.

And while, if Sullivan had taken Flynn’s initial guilty plea rather than Rudy Contreras, one might argue that Van Grack should have alerted Flynn’s lawyer Rob Kelner of the existence of the Strzok-Page texts, DOJ was not required to turn them over before Flynn’s guilty plea. Moreover, the problem with claiming that withholding the Strzok-Page texts prevented Flynn from taking them into account, is that they were made public the say day Emmet Sullivan issued his Brady order and Flynn effectively pled guilty again a year after they were released, in sworn statements where he also reiterated his satisfaction with his attorney, Kelner. Any texts suggesting bias had long been released; what remains redacted surely pertains either to their genuine privacy or to other counterintelligence investigations.

Finally, at least as far as public evidence goes, Strzok was, if anything, favorable to Flynn for the period he was part of the investigation. He found Flynn credible in the interview, and four months later didn’t think anything would come of the Mueller investigation. So the available evidence, at least, shows that Flynn was treated well by Strzok.

The filing also complains about information just turned over on August 16.

For example, just two weeks ago, Mr. Van Grack, Ms. Curtis, and Ms. Ballantine produced 330 pages of documents with an abject denial the production included any Brady material.6 Yet that production reveals significant Brady evidence that we include and discuss in our accompanying Motion (filed under seal because the prosecutors produced it under the Protective Order).

6 “[T]he government makes this production to you as a courtesy and not because production of this information is required by either Brady v. Maryland, 373 U.S. 83 (1963), or the Court’s Standing Order dated February 16, 2018.” Letter from Mr. Brandon Van Grack to Sidney K. Powell, Aug. 16, 2019.

Given the timing, it may well consist of the unclassified materials showing that Turkey (and possibly Russia) believed Flynn to be an easy mark and expected to be able to manipulate Trump through him. I await either the unsealing of Powell’s sealed filing or the government response to see if her complaints are any more worthy than this filing.

That’s unlikely. Because the rest of her memo makes a slew of claims that suggest she’s either so badly stuck inside the Fox bubble she doesn’t understand what the documents in question actually say, or doesn’t care. In her demand for other documents that won’t help Flynn she,

  • Misstates the seniority of Bruce Ohr
  • Falsely claims Bruce Ohr continued to serve as a back channel for Steele intelligence when in fact he was providing evidence to Bill Priestap about its shortcomings (whom the filing also impugns)
  • Suggests the Ohr memos pertain to Flynn; none of the ones released so far have the slightest bit to do with Flynn
  • Falsely suggests that Andrew Weissmann was in charge of the Flynn prosecution
  • Claims that Weissman and Zainab Ahmad had multiple meetings with Ohr when the only known meeting with him took place in fall 2016, before Flynn committed the crimes he pled guilty to; the meeting likely pertained to Paul Manafort, not Flynn
  • Includes a complaint from a Flynn associate that pertains to alleged DOD misconduct (under Trump) to suggest DOJ prosecutors are corrupt

In short, Powell takes all the random conspiracy theories about the investigation and throws them in a legal filing without even fact-checking them against the official documents, or even, at times, the frothy right propaganda outlets that first made the allegations.

Things get far weirder when it comes to her demands relating to FISA information. In a bid to claim this is all very pressing, Powell demands she get an unredacted version of the Comey IG Report.

Since our initial request to the Department by confidential letter dated June 6, 2019, we have identified additional documents that we specify in our Motion. Now, with the impending and just-released reports of the Inspector General, there may be more. The Report of the Inspector General regarding James Comey’s memos and leaks is replete with references to Mr. Flynn, and some information is redacted. There may also be a separate classified section relevant to Mr. Flynn. U.S. Dept. of Justice, Office of the Inspector General, Report of Investigation of Former Federal Bureau of Investigation Director James Comey’s Disclosure of Sensitive Investigative Information and Handling of Certain Memoranda, Oversight and Review Division Report 19-02 (Aug. 29, 2019), https://oig.justice.gov/reports/2019/o1902.pdf

The only redacted bits in the report are in Comey’s memos themselves — the stuff that the frothy right is currently claiming was so classified that Comey should have been prosecuted for leaving them in a SCIF at work. Along with unclassified sections quoting Trump saying he has “serious reservations about Mike Flynn’s judgment” (the redacted bit explains that the President was pissed that Flynn didn’t tell him about Putin’s congratulatory call right away) and “he had other concerns about Flynn,” there’s this section that redacts the answer to Reince Priebus’ question about whether the FBI has a FISA order on Flynn (PDF 74).

The answer, though, is almost certainly no. Even if the FBI obtained one later, there was no way that Comey would have told Priebus that Flynn was targeted; the FBI became more concerned about Flynn after this February 8 conversation, in part because of his continued lies about his work with Turkey.

Flynn’s team also demands an unredacted copy of this 2017 FISA 702 Rosemary Collyer opinion, though Powell’s understanding of it seems to based off Sara Carter’s egregiously erroneous reporting on it (here’s my analysis of the opinion).

Judge Rosemary Collyer, Chief Judge of the FISA court, has already found serious Fourth Amendment violations by the FBI in areas that likely also involve their actions against Mr. Flynn. Much of the NSA’s activity is in direct violation of the Fourth Amendment. Not only did the last administration—especially from late 2015 to 2016—dramatically increase its use and abuse of “about queries” in the NSA database, which Judge Collyer has noted was “a very serious Fourth Amendment issue,” it also expanded the distribution of the illegally obtained information among federal agencies.10 Judge Collyer determined that former FBI Director Comey gave illegal unsupervised access to raw NSA data to multiple private contractors. The court also noted that “the improper access granted the [redacted] contractors was apparently in place [redacted] and seems to have been the result of deliberate decision making” including by lawyers.11, 12

10 See also Charlie Savage, NSA Gets More Latitude to Share Intercepted Communications, THE N.Y. TIMES (Jan. 12, 2017) (reporting that Attorney General Loretta Lynch signed new rules for the NSA that permitted the agency to share raw intelligence with sixteen other agencies, thereby increasing the likelihood that personal information would be improperly disclosed), https://www.nytimes.com/2017/01/12/us/politics/nsa-gets-more-latitude-to-share-interceptedcommunications.html; See also Exec. Order No. 12,333, 3 C.F.R. 200 (1982), as amended by Exec. Order No. 13,284, 68 Fed. Reg. 4075 (Jan. 23, 2003).

11 FISC Mem. and Order, p. 19, 87 (Apr. 26, 2017) www.dni.gov/files/documents/icotr/51117/2016_Cert_FISC_Memo_Opin_Order_Apr_2017.pdf (noting that 85% of the queries targeting American citizens were unauthorized and illegal).

12 This classified and heavily redacted opinion is one of the documents for which defense counsel requests a security clearance and access.

As a threshold matter, Powell gets virtually everything about the Collyer memo wrong. Collyer didn’t track any increase in “about” searches (it was one of the problems with her memo, that she didn’t demand new numbers on what NSA was doing). It tracked a greater number of certain kinds of violations than previously known. The violation resulting in the 85% number she cited was on US persons targeted between November 2015 and May 2016, but the violation problem existed going back to 2012, when Flynn was still part of the Deep State. What Collyer called a Fourth Amendment violation involved problems with 704/705b targeting under FISA, which are individualized warrants usually tied to individualized warrants under Title I (that is, the kind of order we know targeted Carter Page), and probably a limited set of terrorism targets. Given that the Comey memo almost certainly hides evidence that Flynn was not targeted under FISA as of February 8, 2017, it means Flynn would have had to be a suspected terrorist to otherwise be affected. Moreover, the NSA claimed to have already fixed the behavioral problem by October 4, 2016, even before Carter Page was targeted. I had raised concerns that the problems might have led to problems with Page’s targeting, but since I’ve raised those concerns with Republicans and we haven’t heard about them, I’m now fairly convinced that didn’t happen.

At least some of the FBI violation — letting contractors access raw FISA information — was discontinued in April 2016, before the opening of the investigation into Trump’s flunkies, and probably all was discontinued by October 4, 2016, when it was reported. One specific violation that Powell references, however, pertains to 702 data, which could not have targeted Flynn.

Crazier still, some of the problems described in the opinion (such as that NSA at first only mitigated the problem on the tool most frequently used to conduct back door searches) cover things that happened on days in late January 2017 when a guy named Mike Flynn was National Security Advisor (see PDF 21).

Powell should take up her complaints with the guy running National Security at the time.

Craziest still, Powell describes data collected under EO 12333 as “illegally obtained information” (Powell correctly notes that the Obama Administration permitted sharing from NSA to other agencies, but that EO would not affect the sharing of FISA information at all). If EO 12333 data, which lifetime intelligence officer Mike Flynn used through his entire career, is illegally obtained, then it means lifetime intelligence officer Mike Flynn broke the law through his entire government career.

Sidney Powell is effectively accusing her client (incorrectly) of violating the law in a motion that attempts to argue he shouldn’t be punished for the laws he has already admitted breaking.

In short, most of the stuff we can check in this motion doesn’t help Flynn, at all.

And at least before Powell submitted this, Emmet Sullivan seemed unimpressed with her claims of abuse.

The government and Flynn also submitted a status report earlier on Friday. In the status report, the government was pretty circumspect. Flynn’s cooperation is done (which is what they said almost a year ago), they’d like to schedule sentencing for October or November, and they’ve complied with everything covered by Brady. Anything classified, like Powell is demanding, would be governed by CIPA and only then discoverable if it is helpful to the defense.

Powell made more demands in the status report, renewing her demand for a security clearance and insisting there are other versions of the Flynn 302.

To sort this out, the government suggested a hearing in early September, but Powell said such a hearing shouldn’t take place for another month (during which time some of the IG reports she’s sure will be helpful will come out).

The parties are unable to reach a joint response on the above topics. Accordingly, our respective responses are set forth separately below. Considering these disagreements, the government respectfully requests that the Court schedule a status conference. Defense counsel suggests that a status conference before 30 days would be too soon, but leaves the scheduling of such, if any, to the discretion of the Court. The government is available on September 4th, 5th, 9th or 10th of 2019, or thereafter as the Court may order. Defense counsel are not available on those specific dates.

Judge Sullivan apparently sided with the government (and scheduled the hearing for a date when Flynn’s attorneys claim to be unable to attend).

Every time Flynn has tried to get cute thus far, it has blown up in his face. And while Sullivan likely doesn’t know this, the timing of this status hearing could be particularly beneficial for the government, as they’ll know whether Judge Anthony Trenga will have thrown out Bijan Kian’s conviction because of the way it was charged before the hearing, something that would make it far more likely for the government to say Flynn’s flip-flop on flipping doesn’t amount to full cooperation.

And this filing isn’t even all that cute, as far as transparent bullshit goes.


John Ratcliffe’s Lies about His Time at DOJ Raise New Questions about His Claim to Have Used Warrantless Searches

Both NBC and ABC have stories laying out how two key claims about his work at DOJ that John Ratcliffe has used to get elected three times are lies. Less important for this post, when Ratcliffe repeatedly took credit for “arresting over 300 illegal [sic] aliens in a single day,” he was actually taking credit for a poultry worker bust that was led by ICE and involved four other US Attorneys offices and a slew of other investigative agencies.

This is an ICE-led investigation with support from the U.S. Attorneys’ Offices in the Eastern District of Texas, the Eastern District of Arkansas, the Eastern District of Tennessee, the Middle District of Florida, and the Northern District of West Virginia. Also aiding in the investigation are the DOL-OIG; the Social Security Administration’s Office of Inspector General; the U.S. Department of Agriculture’s Office of Inspector General; U.S. Customs and Border Protection; the U.S. Postal Service; the U.S. Marshals Service; the West Virginia State Police; and numerous other state and local agencies.

More interesting, however, is Ratcliffe’s claim that, “There are individuals that currently sit in prison because I prosecuted them for funneling money to terrorist groups.” As both NBC and ABC note, there’s not a shred of evidence that Ratcliffe ever prosecuted a terrorism case. His own campaign press release botches the timing and titles of this, seemingly conflating his time as (an unconfirmed) US Attorney with his role as chief of the anti-terrorism section for the US Attorney office he’d eventually run.

In 2008, Ratcliffe served by special appointment as the prosecutor in U.S. v. Holy Land Foundation, one of the nation’s largest terrorism financing cases.  During his tenure as the Chief of the Anti-Terrorism and National Security Section for the Eastern District of Texas he personally managed dozens of international and domestic terrorism investigations.

The statement his office gave ABC, which explains that the reference pertained to his appointment as Special Counsel investigating why the Holy Land Foundation case resulted in a mistrial, conflates those two roles even worse.

Ratcliffe’s office clarified that his status regarding the case was instead related to investigating issues surrounding what led to the mistrial in the first case.

“Because the investigation did not result in any charges, it would not be in accordance with Department of Justice policies to make further details public,” Rachel Stephens, a spokesperson for Ratcliffe, said. “However, Department of Justice records will confirm that as both Chief of Anti-Terrorism and National Security for the Eastern District of Texas from 2004-2008, John Ratcliffe opened, managed and supervised numerous domestic and international terrorism related cases.”

The timing here is critical, for reasons I’ll get into in a second. Ratcliffe was appointed Acting US Attorney sometime between May 20 and June 20, 2007; prior to that, he had been the First AUSA and the chief of the anti-terrorism and national security division in a division that didn’t see many national security cases (though in his campaigns, Ratcliffe would take credit for a big meth bust he mostly oversaw the sentencing of).

The mistrial of the first Holy Land Foundation trial was on October 23, 2007.

Ratcliffe was appointed US Attorney by Michael Mukasey sometime after he was confirmed as Attorney General on November 8, 2007.

Ratcliffe’s tenure as US Attorney ended after his replacement was confirmed on April 29, 2008. It’s unclear whether he stayed on after that; he joined a law firm leveraging John Ashcroft’s name the next April.

I’m interested in those dates because, in a 2015 debate over whether to prohibit back door searches of data collected using Section 702 of FISA, Ratcliffe claimed he had used warrantless searches as a terrorism prosecutor.

In full disclosure to everyone, I am a former terrorism prosecutor that has used warrantless searches, and frankly have benefitted from them in a number of international and domestic terrorism cases.

The implication was that he had done back door searches, but (as I noted at the time) he could only have done back door searches of Section 702 content if he stuck around after being replaced as US Attorney, because the FISA Amendments Act did not become law until July 10, 2008, after he was replaced as US Attorney. It’s true that Protect America Act was in place during part of the time he was US Attorney and during the time he would have been investigating the Holy Land Foundation case, but that remained in flux until February 2008 and DOJ was claiming, in the Yahoo challenge, not to permit back door searches.

If, as Ratcliffe suggests, his big terrorism “prosecution” was on the Holy Land case, it suggests he was using data from Protect America Act. Any back door searches in conjunction with that would be particularly controversial given that a bunch of Muslim groups were improperly named in a list of unindicted co-conspirators in a filing in the case, and some of them (such as CAIR’s Executive Director Nihad Awad) was under FISA surveillance through that period. In other words, if he used back door searches in the wake of the Holy Land mistrial, there’s a good chance he was engaged in what Carter Page insists in FISA abuse. This was also a period when there were a slew of violations with the Section 215 phone dragnet, which was almost certainly used to map out all of CAIR during the period.

One possible alternative is still worse. Ratcliffe started his anti-terrorism position in 2004. At the time, the George Bush warrantless wiretap program Stellar Wind — on which the back door searches of FAA were modeled — remained active (though in somewhat constrained form in the wake of the hospital confrontation). If Ratcliffe did back door searches on Stellar Wind data, he was part of Bush’s illegal surveillance program, and not just involved in “FISA abuse” but in crimes under FISA.

Given the number of lies he has already been caught in, and given his obvious confusion in any number of public hearings since, it’s quite possible he was just pretending to be an expert on a national security issue to fluff up his credibility. Perhaps he didn’t really understand the subject of the debate, and mistook normal criminal process for FISA surveillance.

That said, there’s frankly no good answer for this claim: the least damning explanation is confusion or puffery, the most damning is that he was involved in criminal surveillance.

But it’s a specific detail that demands an answer if Ratcliffe wants to supervise the entire intelligence community.


The Irony of Glenn Greenwald Cuddling Up with Bill Barr, the Grandfather of Ed Snowden’s Phone Dragnet

Glenn Greenwald, who has written two books about the abuse of Presidential power, continues to dig in on his factually ignorant claims about the Mueller report. For days, he and the denialists said that if Mueller’s report was being misrepresented by Bill Barr, Mueller would speak up. Now that Mueller’s team has done so, Glenn complains that these are anonymous leaks and nevertheless only address obstruction, not a conspiracy with Russia on the election.

Glenn and his lackeys in the denialist crowd who continue to willfully misrepresent the public evidence have yet to deal with the fact that Mueller has already presented evidence that Paul Manafort conspired with Russian Konstantin Kilimnik on the election, but that they weren’t able to substantiate and charge it because Manafort lied. Mueller’s team say they believe Manafort did so in hopes and expectation that if he helped Trump and denialists like Glenn sustain a “no collusion” line, he might get a pardon. That is, we know that Trump’s offers of pardons — his obstruction — specifically prevented Mueller from pursuing a fairly smoking gun incident where Trump’s campaign manager coordinated with Russians on the hack-and-leak.

As Glenn once professed to know with respect to Scooter Libby’s obstruction, if someone successfully obstructs an investigation, that may mean the ultimate culprit in that investigation escapes criminal charge.

Glenn’s denialism is all the more remarkable, though, given that this same guy who wrote two books on abuse of presidential power is choosing to trust a memo from Bill Barr that was obviously playing legalistic games over what the public record says. As Glenn must know well, Barr has a history of engaging in precisely the kind of cover-up of presidential abuses Glenn once professed to oppose, fairly epically on Iran-Contra. The cover-up that Barr facilitated on that earlier scandal was the model that Dick Cheney used in getting away with leaking Valerie Plame’s identity and torture and illegal wiretapping, the kinds of presidential abuses that Glenn once professed to oppose.

I find Glenn’s trust of Bill Barr, one of the most authoritarian Attorneys General in the last half century, all the more ironic, coming as it does the same week that DOJ IG released this IG report on several DEA dragnets.

That’s because Glenn’s more recent opposition to abuse of power comes in the form of shepherding Edward Snowden’s leaks. Glenn’s recent fame stems in significant degree to the fact that on June 5, 2013, he published a document ordering Verizon to turn over all its phone records to the government.

The dragnet Snowden revealed with that document was actually just the second such dragnet. The first one targeted the phone calls from the US to a bunch of foreign countries claimed, with no court review, to have a drug nexus. Only, that term “drug nexus”  came to include countries with no significant drug ties but instead a claimed tie between drug money and financing terrorism, and which further came to be used in totally unrelated investigations. That earlier dragnet became the model for Stellar Wind, which became the model for the Section 215 dragnet that Glenn is now famous for having helped Edward Snowden expose.

Here’s what the IG Report released the same week that Glenn spent hours cuddling up to Bill Barr says about the original dragnet.

Bill Barr, the guy Glenn has spent 10 days nuzzling up to, is the grandfather of the dragnet system of surveillance.

The IG Report also shows that Bill Barr — the guy Glenn has spent 10 days trusting implicitly — didn’t brief Congress at all; the program wasn’t first briefed to Congress until years after Barr left office the first time.

This is the man that former critic of abusive presidential power Glenn Greenwald has chosen to trust over the public record.

This is, it seems, the strange plight of the denialist left, cozying up to the kind of authoritarians that their entire career, at least to this point, have vigorously opposed.

As I disclosed last July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 


Keith Gartenlaub Challenges the Destroyed FISA Wall

Keith Gartenlaub is appealing his conviction on possession of child porn to the Supreme Court, based on a FISA challenge. And while any petition for cert before SCOTUS faces long odds, I believe this one is interestingly situated in that its challenge to the plain view doctrine, in conjunction with the use of FISA evidence in a prosecution having nothing to do with national security, may present a way for SCOTUS to reconsider the wall between national security investigations and criminal prosecutions.

As a reminder, the FBI decided to investigate Gartenlaub (at a time when they were making other bone-headed investigative decisions involving Chinese-Americans) because he had access to files the Chinese government was seeking and a naturalized Chinese-American wife.

FBI switched back and forth from criminal to FISA access at least once (and probably twice), and in the process did a physical search of three Gartenlaub hard drives using the more expansive search regime available under FISA, only to then repeat the same search to obtain the same evidence of child porn to use for prosecution.

The government never presented evidence the child porn had been accessed since 2005, and Gartenlaub presented an alternate explanation for how it had gotten on his computer. In fact, the record suggests the FBI didn’t want to prosecute Gartenlaub for child porn; they wanted to flip him, so he would spy on his well-connected in-laws. It didn’t happen and now, even after his release from prison, he’s trying to challenge the genesis of his prosecution from that FISA search.

The reason why the case is interesting is because the FBI was seeking something very specific: materials relating to Boeing’s C-17 program. A criminal forensic search for such materials, conducted under a Rule 41 warrant, would start by turning off the forensic search for items — most notably, videos — that would not return the suspected evidence of crime (which would be engineering documents).

Because of typical games the FBI plays with forensics, this was not established in the District court. But the appeal points to the government’s claims that under FISA they don’t have to use such forensic narrowing. It goes on to establish that they did not use such forensic narrowing tools, and, not having done that, found no evidence to support the FISA allegations but instead finding evidence that led to the child porn charges.

In its Opposition Brief before the Ninth Circuit, the government acknowledges that there were no limitations to its secret search of Gartenlaub’s hard drives, saying in a header: “The Government Was Permitted to Search Every File on Defendant’s Computers . . . .”17 And nothing in the record indicates that the government used any standard forensic techniques routinely used to particularize computer searches like: date limitations; targeted key word searches; image recognition scans; taint teams, or other routine, well established techniques to limit a digital search to its target and screen out privileged, confidential, and irrelevant information.

Despite its unlimited search, the FBI found no evidence that Gartenlaub had provided C-17 data to China, or otherwise acted as a spy for China. But the FBI did allegedly find, among the tens of thousands of files on the hard drives, a handful of files containing child pornography. Dropping its fantasy that Gartenlaub was a Chinese spy, the FBI turned to the theory he collected child pornography.

The appeal then argues that using FISA to get to criminal evidence is an end run around criminal procedure, in part because Gartenlaub had no way to challenge the criminal warrant after the evidence had already been found via FISA warrant.

Gartenlaub’s case demonstrates how easy it is to bypass the Constitution’s criminal procedure guarantees by getting a secret FISA search warrant and using it to prosecute regular crimes. And it is impossible for a criminal defendant to challenge a secret FISA warrant because the defendant cannot access any of the information underlying the FISA warrant due to its secrecy. This thwarts a criminal defendant’s Due Process right to test the government’s case in adversarial proceedings. For these reasons alone the Court should grant certiorari to clarify the use of non-responsive FISA evidence in regular criminal proceedings.

Ultimately, one of Gartenlaub’s requests for cert (and most his requests parallel this closely) argues that the government should not be permitted to use FISA warrants unless it submits those FISA warrants for court review.

Gartenlaub’s case is an example of how the government can abuse a national security investigation under FISA to prosecute unrelated non-national security crimes. Because of this risk, the government should not be permitted to use secret national security warrants to prosecute regular crimes if it won’t submit those warrants and supporting materials to investigation and the adversarial process the criminal procedure amendments require. This Court should grant certiorari to analyze and clarify the scope of the 1978 FISA’s encroachment upon the fundamental, centuries old, criminal procedure protections of the Fourth, Fifth, and Sixth Amendments.

On its face, it’s a fairly modest request. And, as the appeal notes, a fairly modest one, given that there is only one other case where FISA is known to be used in a pure criminal case. The appeal distinguishes this case from the past one, Isa, in a way that appeals directly to the Court’s recent narrowing of digitally-based searches.

The 27 year old FISA case of United States v. Isa appears to be one of the few instances where a prosecutor used the non-responsive fruits of a FISA search for an unrelated regular criminal prosecution.70 Isa upheld the use of a FISA surveillance recording, in a state prosecution, of the surveillance target’s murder of his 16-year-old daughter.71 During the course of the surveillance the murder occurred and was incidentally recorded. Unlike Gartenlaub’s case, the evidence was not obtained via the methodical rummaging over the course of months through the target’s computers.

In other words, on its face, it presents a case where there is no question of standing, where the reach of the questions presented may seem narrow, and on topics that fit nicely with recent court decisions recognizing the greater invasiveness of digital searches.

Except the impact of putting FISA review on the table for a purely criminal case (the appeal raises the Carter Page example) would have significant, probably overdue impact on the complete elimination of the wall between intelligence and criminal investigations after 9/11.

None of that says it will work, of course. But it’s a neat formulation that, if it did, might finally push FISA back towards being closer to what it was first envisioned as.


Surveillance Whack-a-Mole, Section 215 to Section 702 Edition

As it happens, I and others covered the report that NSA purportedly has not restarted its use of the Section 215 CDR program in the wake of finding serious over-collection on the same day that I Con the Record released another Semiannual report on 702, the one completed in October 2018, which covers December 2016 to May 2017.

In my post on the Section 215 CDR claim, I suggested that function probably hasn’t shut down, but likely moved instead to a different authority, probably EO 12333.

The NSA almost never gives up a function they like. Instead, they make sure they don’t have any adverse court rulings telling them they’ve broken the law, and move the function some place else. Given that the government withdrew several applications last year after FISC threatened to appoint an amicus, and given that the government now has broadened 12333 sharing, they may have just moved something legally problematic somewhere else.

In Ellen Nakashima’s report on the 215 CDR shutdown, she suggested that NSA may not longer need the 215 CDR function because “terrorists” (this program was never just about terrorists) increasingly use secure apps which “don’t always create metadata.”

But these days, terrorists generally are not coordinating via phone calls or standard text messages, but communicate by using secure apps that don’t always create metadata trails, analysts said.

That is, the suggestion is that because “terrorists” are using encrypted apps like Signal and WhatsApp rather than AT&T or Verizon’s own SMS apps, getting the latter via the CDR program is not as useful.

But perhaps that explains the over-collection issue behind all this.

From the start of the USA Freedom Act debate, I have noted that the definition used in the law — session identifier — did not match the intent of most members of Congress: that is, to track telephony contacts. Telephony contacts are just an increasingly minimal subset of the session identifiers than any mobile phone user will generate. And in the age of super-cookies, providers increasingly track these other session identifiers. If providers collect it, spooks and law enforcement will try to use it, and the expanded universe of session identifiers is no exception.

One of several likely explanations for the over-collection that led the government to destroy all its records last year is that the FISA Court wrote something that distinguished between the two (basically, establishing a precedent that made fudging the issue legally problematic), leading NSA to “discover” the over-collection and quickly start deleting records before any overseer found the proof that it was no accident.

At least, that same pattern has happened numerous times before.

Anyway, back to surveillance whack-a-mole.

When this has happened in the past, the NSA didn’t actually shut down the function. It instead moved it to another authority, preferably one with less court oversight. Of particular note, when NSA shut down the PRTT dragnet in 2011, it moved some of that function to EO 12333 (NSA had resumed a practice shut down during the Stellar Wind shutdown allowing the agency to chain on Americans) and Section 702.

That’s why I want to point to something in the most recent Section 702 Semiannual Report (which, remember, reflects really dated reviews of Section 702 use. On top of being really dated, the report is, as all of these are, heavily redacted and largely boilerplate. Nevertheless, a close read of it (I do think I’m the only one who actually reads these!) can point to trends that can sometimes help identify problems on the same timeline that NSA’s Inspector General does.

And this most recent Semiannual report, from the period mid-way into implementation of the new USAF CDR function, has this passage (which — I believe — includes a typo).

This passage is not reporting a decrease, as the last clause of the paragraph claims; it is reporting an increase in the number of times Section 702 data appears in serialized (that is, finished) reports. The typo appears to be the result of retaining the claim that this is “the first and only decrease of for these ten reporting periods” from the prior report.

What is likely true of this passage, however, is that it is reporting a new trend: “expanded use of Section 702” for some function.

There are several likely candidates for the time period (early 2017). The increasing use of the 2014 exception, the ongoing shift of the old PRTT function (obtaining email metadata) are two.

But another would be to use 702 — such that it is technically feasible — to obtain what metadata exists for encrypted apps. Notably, during precisely this period, Facebook was moving to more closely integrate WhatsApp with its platform generally. And this would give it access (but not content) of chats. Since then, it has probably become easier for Verizon and AT&T to identify who is using Signal by matching the individual keys generated for each contact (just as an example, you can set Verizon to show this or not, meaning they’ve got visibility onto it one way or another). Using 702 to get encrypted app metadata would only give you one degree of separation from a foreign target. But you’d get it with far less oversight than NSA undergoes with Section 215.

Here’s the dirty secret about FISA. It is far easier for NSA to use Section 702 to get content and metadata than it is for NSA to use Section 215 to get just session identifiers.

Section 702 couldn’t replace all of what Section 215 — if it were collecting on the session identifiers associated with encrypted chat apps — gets. But what it could get might be far more voluminous than the 500 million session identifiers collected in 2017.

Update: Bobby Chesney — who seems to know more than he’s letting on — weighs in on the news here.

Copyright © 2018 emptywheel. All rights reserved.
Originally Posted @ https://www.emptywheel.net/fisa/