WikiLeaks and Edward Snowden Champion Sociopathic Liars and Sloppy Thinking

WikiLeaks boosters have embraced a really bizarre new entry in the propaganda case to support Julian Assange this weekend: An article by two Icelandic journalists that purports to prove that, “The veracity of the information contained [in the June 2020 superseding indictment against Julian Assange] is now directly contradicted by the main witness, whose testimony it is based on.” This is an article about Sigurdur Ingi Thordarson, AKA Siggi, the sociopath that Assange chose to hang out with for a period in 2010 to 2011, who does have a role but by no means the “main” role in the case against Assange. The journalists who wrote the article present as credible Siggi’s claim, from someone that everyone agrees is a pathological liar, that he’s telling the truth now, rather than when he testified to US authorities in 2019.

The journalists who wrote the article and all the WikiLeaks boosters who have embraced it are arguing that the article somehow proves that an avowed liar is telling the truth now about lying in the past. Even as WikiLeaks boosters are pointing to the Icelandic legal judgment that Siggi is a sociopath, they are once again welcoming him into the WikiLeaks fold because the avowed liar claims to have lied.

This is what Assange’s boosters are now staking his defense on: convincing you to accept the words of liars as truth.

Except, Siggi retracts nothing substantive that is alleged in the indictment, so this drama is instead a demand that you accept the word of a liar rather than read the documents to show that the liar’s claims are irrelevant to the charges against Assange.

The article proves it doesn’t understand US law

Before I get into how little of what the article presents even relates to the indictment, let me show how badly the authors misunderstand (or misrepresent) US law. The last eight paragraphs of the article insinuate that, because US prosecutors gave Siggi immunity for testimony in 2019, he exploited that immunity to commit new crimes in Iceland. The suggestion starts by claiming that the outdated NYT Problem remained true in 2017 and parroting the WikiLeaks claim that therefore what must have changed was the appointment of Bill Barr (who was confirmed after the initial complaint and first indictment had already been obtained).

Although the Department of Justice had spent extreme resources attempting to build a case against Julian Assange during the Obama presidency, they had decided against indicting Assange. The main concern was what was called “The New York Times Problem”, namely that there was such a difficulty in distinguishing between WikiLeaks publications and NYT publications of the same material that going after one party would pose grave First Amendment concerns.

President Donald Trump’s appointed Attorney general William Barr did not share these concerns, and neither did his Trump-appointed deputy Kellen S. Dwyer. Barr, who faced severe criticism for politicizing the DoJ on behalf of the president, got the ball rolling on the Assange case once again. Their argument was that if they could prove he was a criminal rather than a journalist the charges would stick, and that was where Thordarson’s testimony would be key.

I don’t fault journalists in Iceland from repeating this bit of propaganda. After all, even Pulitzer prize winning NYT journalists do. But the NYT problem was overcome when WikiLeaks did something in 2013 — help Edward Snowden get asylum in Russia — that the journalists involved at the time said was not journalism. What’s novel about this take, however, is the claim that career prosecutor Kellen Dwyer was “Trump-appointed.” Dwyer has been an EDVA prosecutor through four Administrations, since the George W Bush administration.

I assume that the reason why it’s important for this tale to claim that Dwyer was appointed by Barr is to claim the immunity agreement under which Siggi — and several other known witnesses to this prosecution — testified did something it didn’t.

In May 2019 Thordarson was offered an immunity deal, signed by Dwyer, that granted him immunity from prosecution based on any information on wrong doing they had on him. The deal, seen in writing by Stundin, also guarantees that the DoJ would not share any such information to other prosecutorial or law enforcement agencies. That would include Icelandic ones, meaning that the Americans will not share information on crimes he might have committed threatening Icelandic security interests – and the Americans apparently had plenty of those but had over the years failed to share them with their Icelandic counterparts.

All the agreement does is immunize the witness against prosecution for the crimes they admit during interviews with prosecutors they were part of, so as to avoid any Fifth Amendment problem with self-incrimination. This is not about hiding Siggi’s role in WikiLeaks; it has been public for a decade. Moreover the article even described the US sharing just the kind of security threat information this paragraph claims they did not.

Jónasson recalls that when the FBI first contacted Icelandic authorities on June 20th 2011 it was to warn Iceland of an imminent and grave threat of intrusion against government computers. A few days later FBI agents flew to Iceland and offered formally to assist in thwarting this grave danger. The offer was accepted and on July 4th a formal rogatory letter was sent to Iceland to seal the mutual assistance.

All that immunity did was provide DOJ a way to ask Siggi about his role at the time. It didn’t immunize future crime in Iceland, nor did it give him any incentive to claim Assange asked him to hack things he hadn’t.

That’s the extent to which these journalists are spinning wildly: getting the facts about the prosecutors and the law wrong in a piece claiming to assess how Siggi recanting what they assume he told prosecutors in 2019 would affect the indictment.

Siggi’s purportedly retracted claims in several cases don’t conflict with the indictment

And, even beyond claiming Siggi is the “main witness” against Assange, they seem to misunderstand the indictment, in which Siggi’s actions play a role in a limited set of overt acts in a Computer Fraud and Abuse Act charge. Because there are so many ways that Assange allegedly engaged in a long-ranging effort to encourage hackers, jurors could find Assange guilty even if none of the Siggi events were deemed credible, and he is central (though his testimony may not be) to just a portion of the overt acts in the CFAA charge.

In fact, this piece never once cites the indictment directly.

Instead, they cite Judge Vanessa Baraitser’s ruling on Assange’s extradition. They cite fragments though, not the single paragraph about Siggi’s role in the CFAA charge that is relevant (indeed, was key) to her decision:

100. At the same time as these communications, it is alleged, he was encouraging others to hack into computers to obtain information. This activity does not form part of the “Manning” allegations but it took place at exactly the same time and supports the case that Mr. Assange was engaged in a wider scheme, to work with computer hackers and whistle blowers to obtain information for Wikileaks. Ms. Manning was aware of his work with these hacking groups as Mr. Assange messaged her several times about it. For example, it is alleged that, on 5 March 2010 Mr. Assange told Ms. Manning that he had received stolen banking documents from a source (Teenager); on 10 March 2010, Mr. Assange told Ms. Manning that he had given an “intel source” a “list of things we wanted” and the source had provided four months of recordings of all phones in the Parliament of the government of NATO country-1; and, on 17 March 2010, Mr. Assange told Ms. Manning that he used the unauthorised access given to him by a source, to access a government website of NATO country-1 used to track police vehicles. His agreement with Ms. Manning, to decipher the alphanumeric code she gave him, took place on 8 March 2010, in the midst of his efforts to obtain, and to recruit others to obtain, information through computer hacking. [italics and bold mine]

Baraitser includes the overt acts involving Siggi — that Siggi gave Assange “stolen banking documents,” may have been his source for “a list of things he wanted” including recordings from Parliament, and provided Assange access to an Icelandic police website — not for Siggi’s role in the action, but for Assange’s representations to Chelsea Manning about them. “Mr. Assange told Ms. Manning … Mr. Assange told Ms. Manning … Mr. Assange told Ms. Manning” certain things about Siggi, and what mattered most is that Assange made the claims, not whether what Assange claimed to Manning was true or not, because it was part of getting her to leak more documents.

The two times Stundin does cite Baraitser’s judgment, they cite it misleadingly, particularly with regards any claims made about the indictment. The sole citation to the critical paragraph of Baraitser’s ruling I cited above appears this way:

More deceptive language emerges in the aforementioned judgment where it states: “…he [Assange] used the unauthorized access given to him by a source, to access a government website of NATO country-1 used to track police vehicles.”

This depiction leaves out an important element, one that Thordarson clarifies in his interview with Stundin. The login information was in fact his own and not obtained through any nefarious means. In fact, he now admits he had been given this access as a matter of routine due to his work as a first responder while volunteering for a search and rescue team. He also says Assange never asked for any such access.

As noted above in bold, in the critical paragraph pertaining to Siggi of the ruling, this topic matters solely for how it related to Assange’s interactions with Manning. And where she introduces the allegation earlier in her ruling, Baraitser makes no claim that Siggi’s access was unauthorized, only that Assange’s was.

It is alleged that Mr. Assange kept Ms. Manning informed about these hacking activities: on 5 March 2010, he told her that he had received stolen bank documents from a source (Teenager); on 10 March 2010, he told her that, in response to a “list of things we wanted”, a source had provided him with four months of recordings from phones located within the Parliament of a “NATO country 1”; on 17 March 2010, he told her that he had used the access, given to him by a source, to obtain unauthorised access a government website used to track police vehicles, in “NATO country 1”. [italics and bold mine]

No one is claiming that Siggi obtained the access via nefarious means. Rather, Baraitser claims only that Assange’s — who was not an Icelandic first responder — was unauthorized, to which Siggi’s purported retraction is irrelevant.

And the indictment provides further context — context that addresses another of Stundin’s claims.

41. In early 2010, a source provided ASSANGE with credentials to gain unauthorized access into a website that was used by the government of NATO Country-1 to track the location of police and first responder vehicles, and agreed that ASSANGE should use those credentials to gain unauthorized access to the website.

42. On March 17, 2010, ASSANGE told MANNING that ASSANGE used the unauthorized access to the website of the government of NATO Country-1 for tracking police vehicles (provided to ASSANGE by a source) to determine that NATO Country-1 police were monitoring ASSANGE.

43. On March 29, 2010, WikiLeaks posted to its website classified State Department materials regarding officials in the government of NATO Country-1, which Manning had downloaded on February 14, 2010.

Again, what is key here is that the credentials were unauthorized for Assange (which they were), that Assange went on to tell Manning about it, and that those things happened when Manning was leaking documents pertaining to Iceland as well. Nothing in Siggi’s supposed recantation is even relevant to that.

Similarly, Stundin complains that Baraitser referred to a file from an Icelandic bank as “stolen,” when Siggi says that he understood the file to have been leaked by whistleblowers, not stolen.

One is a reference to Icelandic bank documents. The Magistrate court judgement reads: “It is alleged that Mr. Assange and Teenager failed a joint attempt to decrypt a file stolen from a “NATO country 1” bank”.

Thordarson admits to Stundin that this actually refers to a well publicised event in which an encrypted file was leaked from an Icelandic bank and assumed to contain information about defaulted loans provided by the Icelandic Landsbanki. The bank went under in the fall of 2008, along with almost all other financial institutions in Iceland, and plunged the country into a severe economic crisis. The file was at this time, in summer of 2010, shared by many online who attempted to decrypt it for the public interest purpose of revealing what precipitated the financial crisis. Nothing supports the claim that this file was even “stolen” per se, as it was assumed to have been distributed by whistleblowers from inside the failed bank.

As noted above, in the key paragraph in Baraitser’s judgment, she described that, “Mr. Assange was engaged in a wider scheme, to work with computer hackers and whistle blowers to obtain information for Wikileaks.” The inclusion of whistleblowers here makes it clear that she understood some of this to be leaked rather than hacked.

Moreover, in the indictment, the claim is about how Siggi’s actions tie to requests Assange made of Manning and (presumably) David House (both of whom were also given immunity to testify, though Manning refused to do so), both of whom took steps to access Icelandic files.

35. In early 2010, around the same time that ASSANGE was working with Manning to obtain classified information, ASSANGE met a 17-year old in NATO Country-1 (“Teenager”), who provided ASSANGE with data stolen from a bank.

[snip]

39. On March 5, 2010, ASSANGE told MANNING about having received stolen banking documents from a source who, in fact, was Teenager.

[snip]

44. On July 21, 2010, after ASSANGE and Teenager failed in their joint attempt to decrypt a file stolen from a NATO Country-1 bank, Teenager asked a U.S. person to try to do so. In 2011 and 2012, that individual, who had been an acquaintance of Manning since early 2010, became a paid employee of WikiLeaks, and reported to ASSANGE and Teenager.

The indictment doesn’t source the claim that the file was stolen to Siggi (certainly, the FBI has other ways of finding out what happens to financial files, and in many contexts, a whistleblower leaking them would amount to theft). Nor does it say Siggi stole it. Nor does Siggi’s understanding of whether it was leaked or stolen matter to the conspiracy indictment at hand, not least given its import to Assange and Manning’s alleged attempts to hack a password so she could leak documents, just what Siggi claims he believed bank employees had done. What matters, instead, is the joint shared goal of accessing it. Nothing Siggi says in his supposed recantation of this story undermines that claim.

Stundin’s third specific denial — that Siggi didn’t himself hack the phone recordings of MPs, but instead received them from a third party — is the single denial of a specific claim made in the indictment.

Thordarson now admits to Stundin that Assange never asked him to hack or access phone recordings of MPs. His new claim is that he had in fact received some files from a third party who claimed to have recorded MPs and had offered to share them with Assange without having any idea what they actually contained. He claims he never checked the contents of the files or even if they contained audio recordings as his third party source suggested. He further admits the claim, that Assange had instructed or asked him to access computers in order to find any such recordings, is false.

The indictment does claim that Siggi obtained these files after Assange requested that Siggi hack things.

In early 2010, ASSANGE asked Teenager to commit computer intrusions and steal additional information, including audio recordings of phone conversations between high-ranking officials of the government of NATO Country-1, including members of the Parliament of NATO Country-1.

[snip]

On March 10, 2010, after ASSANGE told Manning that ASSANGE had given an “intel source” a “list of things we wanted” and the source had agreed to provide and did provide four months of recordings of all phones in the Parliament of the government of a NATO Country-1, ASSANGE stated, “So that’s what I think the future is like ;),” referring to how he expected WikiLeaks to operate.

Siggi denies he hacked anything to get these files, but he does say he got them. He got them, instead, from a third party, unasked. Even if that’s true (and even if the third party wasn’t the intel source), the key point here is that Assange enticed Manning to keep providing requested documents by claiming he had successfully requested and obtained the recorded calls.

The specific denials in this story, even if true, don’t actually deny anything of substance and in one case is completely consistent with the indictment. More importantly, none of these denials are relevant to the way in which Baraitser used them, which is to discuss how Assange’s interactions with Siggi, Manning, and House were part of a unified effort; that unified effort is the only reason Iceland (but not Siggi alone) is key.

The story is silent about or confirms the more serious allegations about Siggi

And the parts of the indictment where Siggi’s role is key, which pertain to Assange’s alleged entry into a conspiracy with Lulzsec to hack Stratfor and to hack a Wikileaks dissident, are unaddressed in this story. For example, Stundin describes reading chat logs Siggi provided — which is not the full set of chatlogs available to the US government, though Stundin claims they must be comprehensive — and finding no proof in the chatlogs that anyone at Wikieaks ordered him to ask other hackers to hack websites. But their focus is on why Siggi asked other hackers to hack Icelandic sites. There’s no mention of hacking US sites.

The chat logs were gathered by Thordarson himself and give a comprehensive picture of his communications whilst he was volunteering for Wikileaks in 2010 and 11. It entails his talks with WikiLeaks staff as well as unauthorized communications with members of international hacking groups that he got into contact with via his role as a moderator on an open IRC WikiLeaks forum, which is a form of live online chat. There is no indication WikiLeaks staff had any knowledge of Thordarson’s contacts with aforementioned hacking groups, indeed the logs show his clear deception.

The communications there show a pattern where Thordarson is constantly inflating his position within WikiLeaks, describing himself as chief of staff, head of communications, No 2 in the organization or responsible for recruits. In these communications Thordarson frequently asks the hackers to either access material from Icelandic entities or attack Icelandic websites with so-called DDoS attacks. These are designed to disable sites and make them inaccessible but not cause permanent damage to content.

Stundin cannot find any evidence that Thordarson was ever instructed to make those requests by anyone inside WikiLeaks. Thordarson himself is not even claiming that, although he explains this as something Assange was aware of or that he had interpreted it so that this was expected of him. How this supposed non-verbal communication took place he cannot explain. [my emphasis]

More bizarre still, Stundin describes Siggi admitting that “Assange was aware of or that he had interpreted it so that this was expected of him.” This actually confirms the most important key allegation pertaining to Lulzsec, that when Siggi was negotiating all this, he claimed to DOJ and still claims now, Assange knew and approved of it. And in fact the indictment alleges that Siggi proved to Topiary he was working with Assange by filming himself sitting with Assange, a non-verbal communication that — because Siggi deleted it — would not have been included in the chatlogs that Stundin insists had to be comprehensive.

To show Topiary that Teenager spoke for WikiLeaks so that an agreement could be reached between WikiLeaks and LulzSec, Teenager posted to YouTube (and then quickly deleted) a video of his computer screen that showed the conversation that he was then having with Topiary. The video turned from Topiary’s computer screen and showed ASSANGE sitting nearby.

In fact, the only specific denial regarding LulzSec in this piece pertains to Sabu, not any of the people that Siggi is alleged to have spoken with.

Thordarson continued to step up his illicit activities in the summer of 2011 when he established communication with “Sabu”, the online moniker of Hector Xavier Monsegur, a hacker and a member of the rather infamous LulzSec hacker group. In that effort all indications are that Thordarson was acting alone without any authorization, let alone urging, from anyone inside WikiLeaks.

There’s no allegation in the indictment pertaining to Siggi’s conversations with Sabu. It alleges he was part of the conspiracy, but not that he spoke with Siggi.

Finally, the one other key allegation involving Siggi in the indictment — that Assange asked him to hack a WikiLeaks dissident — is actually sourced independently to an Assange comment. Nothing in this article denies it specifically, but it’s not even necessarily sourced to Siggi.

There’s no there there in this article. Moreover, all the claims in it — most notably, that Siggi is a sociopath and a liar — have been long known. What the article misunderstands is where Siggi’s testimony may be important, where it served to explain existing documentary files, and the many ways in which DOJ ensured it didn’t rely on such an easily discredited witness. The article also doesn’t understand how co-conspirator statements — statements that have already been made — get entered at trial.

You go to trial with the sociopaths that a target like Julian Assange has chosen to associate with, not with the Boy Scouts you’d like to have as witnesses. But this indictment relies on that sociopath far less than Stundin would have you believe, and Siggi’s purported retractions do very little to rebut the indictment or Baraitser’s ruling about the case. More importantly, the article claims that the DOJ’s purported reliance on a sociopath is fatal, but their argument is based on the claims of that same sociopath.

WikiLeaks boosters claim it exonerates Julian Assange that someone they claim is a liar claims he lied

Admittedly, this is what WikiLeaks always does with their shoddy propaganda claims. They did it with their misrepresentations about a pardon dangle delivered by suspected Russian asset Dana Rohrabacher, they did it with the admission that former Sputnik employee Cassandra Fairbanks personally ferried non-public information about Assange’s prosecution from Don Jr’s best friend to Assange, and they did it with unsupported allegations about UC Global.

They don’t care what the actual evidence is or supports, so long as they have a shiny object that their army of boosters can point to to claim the indictment says something other than it does.

But this one is particularly remarkable because of shit like this.

Edward Snowden, who explained his theft of vast swaths of secret documents based on a claim that he had the judgment to know what he was seeing was abuse, claims to believe that this article “is the end of the case against Julian Assange.” That is, Ed Snowden has displayed for all the world that his critical reasoning skills are so poor that he doesn’t understand that — even if every single thing Siggi is reported to say in this article were true (including his claim that Assange knew and approved of his efforts to forge ties with LulzSec) — it would do little damage to the indictment against Julian Assange.

It amounts to Ed Snowden putting up a sign saying, “Oh sure, I knew better than the entire NSA, but I have such poor critical thinking skills I can’t read through a misleading headline.”

Worse still, what Ed Snowden is telling you to do is to trust the word of someone that — everyone agrees! — is a lying sociopath!! Ed and the entire WikiLeaks booster community here are endorsing the truth claims of someone they acknowledge in the same breath is a liar and a sociopath. What matters for them is not any critical assessment of whether Siggi could be telling the truth, but that the liar is saying what will help them.

Finally, the craziest thing is that Edward Snowden, who not only is personally named in five of the fifty CFAA overt acts, but whose own book confirms key allegations in those five overt acts, pretends that someone else is the star witness. Snowden’s own book, itself, could result in a guilty verdict on the CFAA claim, and the only way to prevent his book from serving that role is for Ed Snowden to claim he himself is a liar. This indictment could only be “poisoned top-to-bottom with false testimony” if Snowden came out tomorrow and claimed he was lying in his own book.

Ed Snowden’s own claim to be telling the truth distinguishes him as a whistleblower rather than a spy. But here, he affirmatively asks you to believe someone everyone agrees is a liar. And based on the belief that that liar was this time telling the truth, Ed asserts that an indictment that implicates his own truth claims is “poisoned top-to-bottom with false testimony.”

Update: One more thing I didn’t stress enough. This story doesn’t claim that prosecutors lied to the UK. Rather, they claim (without evidence about the full set of witnesses and evidence that DOJ relied on), that Siggi misled DOJ about two claims that don’t affect most of the CFAA charge.

Update: I’ve added language making it clear that the claim that Assange knew Siggi was negotiating ties with Lulzsec is still apparently based on what Siggi told DOJ and what he maintains now. That overt act is not the only one showing Assange entering into an agreement before they hacked Stratfor though.

Update: Subtropolis has convinced me to drop the references to Siggi as a child rapist, as he was underage too at the time.

Update: Corrected that the W administration was four Administrations ago.

How Don McGahn Distracted the NYTimes from the Subpoenas Known To Be Problematic

The NYT just published a story that buried incredibly important details about the HPSCI subpoena in paragraphs 18 and 19.

In that case, the leak investigation appeared to have been primarily focused on Michael Bahar, then a staffer on the House Intelligence Committee. People close to Jeff Sessions and Rod J. Rosenstein, the top two Justice Department officials at the time, have said that neither knew that prosecutors had sought data about the accounts of lawmakers for that investigation.

It remains murky whether agents were pursuing a theory that Mr. Bahar had leaked on his own or whether they suspected him of talking to reporters with the approval of the lawmakers. Either way, it appears they were unable to prove their suspicions that he was the source of any unauthorized disclosures; the case has been closed and no charges were brought.

The details back a hypothesis that I and others have raised about the 2018 subpoena that obtained Adam Schiff’s call records: that Schiff wasn’t targeted at all, but instead someone else — here, Michael Bahar — was the target.

That means that the initial subpoena may have been more stupid — not adequately targeted given the scope of the investigation — than scandalous. It also means that the focus should remain on Bill Barr’s renewed focus on those records in 2020, particularly whether or not he used Schiff records that should have been sealed to investigate a key member of Congress.

But that’s not how the NYT is spending its time. Instead, they are spending 17 paragraphs admitting that they have no idea whether a subpoena obtained by an EDVA grand jury for Don McGahn’s records on February 23, 2018 is newsworthy or not.

They report that Apple got the subpoena for McGahn, implying but not reporting clearly that all Apple provided was subscriber information.

Apple told Donald F. McGahn II, the White House counsel to former President Donald J. Trump, last month that the Justice Department had subpoenaed information about an account that belonged to him in February 2018, and that the government barred the company from telling him at the time, according to two people briefed on the matter.

Mr. McGahn’s wife received a similar notice from Apple, said one of the people, who spoke on the condition of anonymity to discuss a sensitive matter.

It is not clear what F.B.I. agents were scrutinizing, nor whether Mr. McGahn was their specific focus. In investigations, agents sometimes compile a large list of phone numbers and email addresses that were in contact with a subject, and seek to identify all those people by using subpoenas to communications companies for any account information like names, computer addresses and credit card numbers associated with them.

They assume, with no evidence, that the subpoena was obtained because McGahn was Trump’s White House counsel.

Still, the disclosure that agents secretly collected data of a sitting White House counsel is striking as it comes amid a political backlash to revelations about Trump-era seizures of data of reporters and Democrats in Congress for leak investigations. The president’s top lawyer is also a chief point of contact between the White House and the Justice Department.

They then go tick off one after another possible explanation:

  • The Manafort tax investigation, which was conducted in DC, and was completed in, and therefore would have been disclosed in, 2018
  • A tirade Trump launched about McGahn involving a potential leak that would have been investigated in DC
  • The totally unrelated HPSCI subpoena, which also was investigated in DC

They don’t consider a much more likely explanation, especially since Mueller is known to have identified at least three SuperPACs that were coordinating with the Trump campaign, including at least two that were headquartered in VA, but did not pursue charges relating to potential illegal coordination himself. That possibility is that prosecutors were appropriately investigating why the former FEC chairman was letting Trump’s 2016 campaign coordinate with so many supposedly independent PACs, particularly given his knowledge that Trump and Michael Cohen had been investigated for campaign finance laws in 2011, before then FEC Chair Don McGahn bailed them out for it. There’s no evidence Mueller’s investigators asked McGahn about this, even though Roger Stone’s coordination with Steve Bannon and Rick Gates was a subject of considerable interest to Mueller (in part because it implicated the Mercers).

That’s just one possible explanation, but unlike all the speculation included in the NYT story not focusing on Barr’s resuscitation of the HPSCI leak, might actually involve a grand jury in VA.

Until there’s some sense of what this subpoena was, there’s zero reason to assume it’s newsworthy or in any way focused on something McGahn had done as White House Counsel.

One of the only pieces of genuine “news” that came out of McGahn’s testimony the other day is he confessed to being a source for a story that was obviously sourced to someone close to him that nevertheless claimed he, personally, had not responded to requests for comment. “McGahn did not respond to requests for comment.” The man knows how to make journalists run around like puppies chasing his shiny objects.

And what the NYT just did was take their focus away from subpoenas there’s good reason to believe are newsworthy to instead speculate wildly about one that may not be.

“Target:” A Vocabulary Lesson for Adam Schiff

Most of the people in top DOJ positions under Trump have issued statements claiming they did not know of any subpoena “targeting” Adam Schiff.

Billy Barr told Politico that “while he was Attorney General,” he was not aware of any congressperson’s records, “being sought” “in a leak case.”

Barr said that while he was attorney general, he was “not aware of any congressman’s records being sought in a leak case.” He added that Trump never encouraged him to zero in on the Democratic lawmakers who reportedly became targets of the former president’s push to unmask leakers of classified information.

Trump “was not aware of who we were looking at in any of the cases,” Barr said. “I never discussed the leak cases with Trump. He didn’t really ask me any of the specifics.”

That in no way serves as a denial that he’s aware of the previously collected congressperson’s records being used in an investigation, possibly one not defined as a leak case. Given that the records in question were collected over a year before he became Attorney General, it is, frankly, not a denial in the least.

WaPo includes purported denials from all three potential Attorneys General.

In February 2018, Jeff Sessions was attorney general, though a person familiar with the matter said he has told people he did not recall approving a subpoena for lawmakers’ data in a leak case. Sessions was recused from many Russia-related matters, including special counsel Robert S. Mueller III’s investigation of the Kremlin’s interference in the 2016 election. A person close to Rod J. Rosenstein, Sessions’s deputy attorney general, said he, too, has told people he did not recall hearing about the subpoena until news of it broke publicly.

Two other people said William P. Barr — Trump’s second attorney general — also has told people he did not remember being informed of any subpoenas for lawmakers’ data during his time leading the department.

Barr says he does not remember being informed of “subpoenas for lawmakers’ data.” Jeff Sessions, who may have been recused from the investigation in question (though I’m virtually certain the recusal is not as broad as it is being treated), says “he did not recall approving a subpoena for lawmakers’ leak data.” And Rod Rosenstein, the leak hawk who served as Attorney General for Russia related investigations, says “he did not recall hearing about the subpoena” until it was just revealed.

Every single one of these denials is premised on this being a subpoena for Members of Congress. These denials are denials about targeting Members of Congress.

But Apple’s description of what happened makes it virtually certain none of these denials are relevant to the subpoena in question.

On Feb. 6, 2018, Apple received a grand jury subpoena for the names and phone records connected to 109 email addresses and phone numbers. It was one of the more than 250 data requests that the company received on average from U.S. law enforcement each week at the time. An Apple paralegal complied and provided the information.

[snip]

Without knowing it, Apple said, it had handed over the data of congressional staff members, their families and at least two members of Congress, including Representative Adam B. Schiff of California, then the House Intelligence Committee’s top Democrat and now its chairman. It turned out the subpoena was part of a wide-ranging investigation by the Trump administration into leaks of classified information.

Apple was asked for the names and toll records connected with 109 accounts. That means that investigators didn’t know — or could claim not to know — whose records they were collecting, and didn’t discover until they got the subpoena returns that Adam Schiff, Eric Swalwell, and a child with no conceivable access to classified information had been included. Chances are good that none of these people were the target. Chances are good that a staffer was the target — perhaps the one for whose records Microsoft was subpoenaed in 2017. This sounds like a Community of Interest subpoena — something that gets the calling circle of a target. It was a key part of Stellar Wind and the phone dragnet that Adam Schiff championed over and over again, a request that shows (in this case) two hops removed from a target to figure out whom he called and whom those people called.

The danger of using such requests in leak investigations has been known since a 2010 IG Report revealed that a journalist’s records had been collected as part of a community of interest grand jury subpoena. One plausible explanation for what happened in that instance is that the government targeted a known source for Stellar Wind — perhaps Thomas Tamm — knowing full well that one of the journalists on the story had been in contact with him. By getting two hops of records, though, the known contact with the journalist would (and did) return all the journalists’ contacts as well. The journalist in that case wasn’t the “target” but he may as well have been.

Still, as the phone dragnet championed by Adam Schiff reveals, the government never gave up their interest in such two-hop subpoenas.

All of the descriptions of what happened are consistent with this explanation. It would explain why:

  • Apple didn’t know the identity of the account holders but returned both the identity and the call records in response to the subpoena
  • Apple is now limiting the number of records they’ll return with one subpoena
  • Sessions, Rosenstein, and Barr are all denying knowing that Members of Congress were “targeted”

What it doesn’t explain — though no one has been asked to explain — whether investigators on this case alerted their superiors that they had ended up subpoenaing Adam Schiff’s records, whether or not they [claim they] intended to. Oops, boss, I just subpoenaed the Ranking Member of HPSCI, what do I do now?

In the case of the journalist whose records were seized in a community of interest subpoena in 2006, after it was discovered the FBI sealed the records and they were purged from at least some of the FBI’s investigative databases. That’s what should have happened after a prosecutor discovered they had obtained a Member of Congress’ call records unintentionally: the records should have been sealed.

But by description, that didn’t happen here. Barr never denied having focused on Members of Congress when he resuscitated his investigation in 2020 (nor has he said for sure that it remained a “leak” investigation rather than a “why does this person hate Trump” investigation, like so many others of his investigations. Barr denied telling Trump about it. But he didn’t deny that Members of Congress were investigated in 2020.

That’s why Adam Schiff’s reassurances that Section 702 of FISA doesn’t “target” Americans have always been meaningless. Because once FBI ingests the records, they can go back to those records years later, in an entirely different investigation. And no one has denied such a thing happened here.

Update: Fixed the description of Barr’s denial to WaPo.

Carter Page Believed James Wolfe Was Ellen Nakashima’s Source Disclosing His FISA Application Less than a Month After the Story

According to the Statement of Offense to which James Wolfe — the former Senate Intelligence Committee security official convicted of lying about his contacts with journalists — allocuted, Carter Page suspected Wolfe was the source for Ellen Nakashima’s story revealing Page had been targeted with a FISA order. When the former Trump campaign staffer wrote Nakashima to complain about the story less than four weeks after Washington Post published it, Page BCCed Wolfe. [Nakashima is Reporter #1 and Ali Watkins is Reporter #2.]

On May 8, 2017, MALE-1 emailed REPORTER #1 complaining about REPORTER #1’s reporting of him (MALE-1). According to the metadata recovered during the search of Wolfe’s email, Wolfe was blind-copied on that email by MALE-1.

That unexplained detail is important — albeit mystifying — background to two recent stories on leak investigations.

First, as reported last month, Nakashima was one of three journalists whose call records DOJ obtained last year.

The Trump Justice Department secretly obtained Washington Post journalists’ phone records and tried to obtain their email records over reporting they did in the early months of the Trump administration on Russia’s role in the 2016 election, according to government letters and officials.

In three separate letters dated May 3 and addressed to Post reporters Ellen Nakashima and Greg Miller, and former Post reporter Adam Entous, the Justice Department wrote they were “hereby notified that pursuant to legal process the United States Department of Justice received toll records associated with the following telephone numbers for the period from April 15, 2017 to July 31, 2017.” The letters listed work, home or cellphone numbers covering that three-and-a-half-month period.

The scope of the records obtained on the WaPo journalists last year started four days after the Page story, so while some May 11, 2017 emails between Nakashima and Wolfe would have been included in what got seized last year, any contacts prior to the FISA story would not have. And the public details on the prosecution of Wolfe show no sign that Nakashima’s records were obtained in that investigation (those of Ali Watkins, whom Wolfe was in a relationship, however, were). Indeed, the sentencing memo went out of its way to note that DOJ had not obtained deleted Signal texts from any journalists. “The government did not recover or otherwise obtain from any reporters’ communications devices or related records the content of any of these communications.”

That said, Nakashima’s reporting was targeted in two different leak investigations, covering sequential periods, three years apart.

It’s not clear how quickly the Page investigation focused on Wolfe. But it may have outside help. A CBP Agent unconnected to the FBI investigation grilled Watkins on her ties with Wolfe in June 2017.

The Sentencing Memorandum on Wolfe suggests the FBI came to focus on him — and excused their focus — after having learned of his affair with Watkins. They informed Richard Burr and Mark Warner, and obtained the first of several warrants to access his phone.

At the time the classified national security information about the FISA surveillance was published in the national media, defendant James A. Wolfe was the Director of Security for the SSCI. He was charged with safeguarding information furnished to the SSCI from throughout the United States Intelligence Community (“USIC”) to facilitate the SSCI’s critical oversight function. During the course of the investigation, the FBI learned that Wolfe had been involved in the logistical process for transporting the FISA materials from the Department of Justice for review at the SSCI. The FBI also discovered that Wolfe had been involved in a relationship with a reporter (referred to as REPORTER #2 in the Indictment and herein) that began as early as 2013, when REPORTER #2, then a college intern, published a series of articles containing highly sensitive U.S. government information. Between 2014 and 2017, Wolfe and REPORTER #2 exchanged tens of thousands of telephone calls and electronic messages. Also during this period, REPORTER #2 published dozens of news articles on national security matters that contained sensitive information related to the SSCI.

Upon realizing that Wolfe was engaged in conduct that appeared to the FBI to compromise his ability to fulfill his duties with respect to the handling of Executive Branch classified national security information as SSCI’s Director of Security, the FBI faced a dilemma. The FBI needed to conduct further investigation to determine whether Wolfe had disseminated classified information that had been entrusted to him over the past three decades in his role as SSCI Director of Security. To do that, the FBI would need more time to continue their investigation covertly. Typically, upon learning that an Executive Branch employee and Top Secret clearance holder had potentially been compromised in place – such as by engaging in a clandestine affair with a national security reporter – the FBI would routinely provide a “duty-to-warn” notification to the relevant USIC equity holder in order to allow the intelligence agencies to take mitigation measures to protect their national security equities. Here, given the sensitive separation of powers issue and the fact that the FISA was an FBI classified equity, the FBI determined that it would first conduct substantial additional investigation and monitoring of Wolfe’s activities. The FBI’s executive leadership also took the extraordinary mitigating step of limiting its initial notification of investigative findings to the ranking U.S. Senators who occupy the Chair and Vice Chair of the SSCI.2

The FBI obtained court authority to conduct a delayed-notice search warrant pursuant to 18 U.S.C. § 3103a(b), which allowed the FBI to image Wolfe’s smartphone in October 2017. This was conducted while Wolfe was in a meeting with the FBI in his role as SSCI Director of Security, ostensibly to discuss the FBI’s leak investigation of the classified FISA material that had been shared with the SSCI. That search uncovered additional evidence of Wolfe’s communications with REPORTER #2, but it did not yet reveal his encrypted communications with other reporters.

This process — as described by Jocelyn Ballantine and Tejpal Chawla, prosecutors involved in some of the other controversial subpoenas disclosed in the last month — is a useful lesson of how the government proceeded in a case that likely overlapped with the investigation into HPSCI that ended up seizing Swalwell and Schiff’s records. Given that Swalwell was targeted by a Chinese spy, it also suggests one excuse they may have used to obtain the records: by claiming it was a potential compromise.

Still, by the time FBI first informed Wolfe of the investigation, in October 2017, they had obtained his cell phone content showing that he was chatting up other journalists, in addition to Watkins — and indeed, he continued to share information on Page. By the time the FBI got Wolfe to perjure himself on a questionnaire about contacts with journalists in December 2017, they had presumably already searched Watkins’ emails going back years. Wolfe was removed from his position and stripped of clearance, making his indictment six months later only a matter of time.

All that said, the government never proved that Wolfe was the source for Nakashima. And Ballantine’s subpoena for HPSCI contacts, weeks later after FBI searched Wolfe’s phone, may have reflected a renewed attempt to pin the leak on someone, anyone (though it’s not clear whether investigators looked further than Congress, or even to Paul Ryan, who has been suspected of tipping Page off.

If the James Wolfe investigation reflects how they might have approached the HPSCI side, there’s one other alarming detail of this: The FBI alerted someone in Congress of the search, the Chair and Ranking Member of the Committee. But in HPSCI’s case, Schiff was the Ranking Member. Meaning it’s possible that, by targeting on Schiff, FBI gave itself a way to consult only with the Republican Chair of the Committee.

James Wolfe (and the investigation of Natalie Sours Edwards, who was sentenced to six months in prison last week) are an important lesson in leak investigations that serves as important background for Joe Biden’s promise that reporters won’t be targeted anymore. The way you conduct a leak investigation in this day and age is to seize the source’s phone, in part because that’s the only way to obtain Signal texts.

Timeline

March 2017: Exec Branch provides SSCI “the Classified Document,” which includes both Secret and Top Secret information, with details pertaining to Page classified as Secret.

March 2, 2017: James Comey briefs HPSCI on counterintelligence investigations, with a briefing to SSCI at almost the same time.

March 17, 2017: 82 text messages between Wolfe and Watkins.

April 3, 2017: Watkins confirms that Carter Page is Male-1.

April 11, 2017: WaPo reports FBI obtained FISA order on Carter Page.

June 2017: End date of five communications with Reporter #1 via Wolfe’s SSCI email.

June 2017: Using pretext of serving as a source, CBP agent Jeffrey Rambo grills Watkins about her travel with Wolfe.

October 2017: Wolfe offers up to be anonymous source for Reporter #4 on Signal.

October 16, 2017: Wolfe Signals Reporter #3 about Page’s subpoena.

October 17, 2017: NBC reports Carter Page subpoena.

October 24, 2017: Wolfe informs Reporter #3 of timing of Page’s testimony.

October 30, 2017: FBI informs James Wolfe of investigation.

November 15, 2017: 90 days before DOJ informs Ali Watkins they’ve seized her call records.

December 14, 2017: FBI approaches Watkins about Wolfe.

Prior to December 15, 2017 interview: Wolfe writes text message to Watkins about his support for her career.

December 15, 2017: FBI interviews Wolfe.

January 11, 2018: Second interview with Wolfe, after which FBI executes a Rule 41 warrant on his phone, discovering deleted Signal texts with other journalists.

February 6, 2018: Subpoena targeting Adam Schiff and others.

February 13, 2018: DOJ informs Watkins they’ve seized her call records.

June 6, 2018: Senate votes to make official records available to DOJ.

That the Chairman and Vice Chairman of the Senate Select Committee on Intelligence, acting jointly, are authorized to provide to the United States Department of Justice copies of Committee records sought in connection with a pending investigation arising out of allegations of the unauthorized disclosure of information, except concerning matters for which a privilege should be asserted.

June 7, 2018: Grand jury indicts Wolfe.

June 7, 2018: Richard Burr and Mark Warner release a statement:

We are troubled to hear of the charges filed against a former member of the Committee staff. While the charges do not appear to include anything related to the mishandling of classified information, the Committee takes this matter extremely seriously. We were made aware of the investigation late last year, and have fully cooperated with the Federal Bureau of Investigation and the Department of Justice since then. Working through Senate Legal Counsel, and as noted in a Senate Resolution, the Committee has made certain official records available to the Justice Department.

June 13, 2018: Wolfe arraigned in DC. His lawyers move to prohibit claims he leaked classified information.

Some Perspective on the Politicized Leak Investigation Targeting Adam Schiff

The NYT reported the other day that DOJ obtained phone records of Adam Schiff, Eric Swalwell, and a bunch of House Intelligence Committee staffers in the guise of what it reports is a leak investigation (though given the specific form of Bill Barr’s prevarications about his knowledge, may have been repackaged as something else when the investigation was resuscitated in 2020).

Prosecutors subpoenaed Apple for data from the accounts of at least two Democrats on the House Intelligence Committee, aides and family members. One was a minor.

All told, the records of at least a dozen people tied to the committee were seized in 2017 and early 2018, including those of Representative Adam B. Schiff of California, then the panel’s top Democrat and now its chairman, according to committee officials and two other people briefed on the inquiry. Representative Eric Swalwell of California said in an interview Thursday night that he had also been notified that his data had subpoenaed.

Prosecutors, under the beleaguered attorney general, Jeff Sessions, were hunting for the sources behind news media reports about contacts between Trump associates and Russia. Ultimately, the data and other evidence did not tie the committee to the leaks, and investigators debated whether they had hit a dead end and some even discussed closing the inquiry.

But William P. Barr revived languishing leak investigations after he became attorney general a year later. He moved a trusted prosecutor from New Jersey with little relevant experience to the main Justice Department to work on the Schiff-related case and about a half-dozen others, according to three people with knowledge of his work who did not want to be identified discussing federal investigations.

The initial collection and especially the subsequent treatment were clearly politicized — and more importantly, stupid, from an investigative standpoint. But, especially because this involves Adam Schiff, some exactitude about what went on really is required.

This is not spying

First, this is not “spying.” If the use of informants to investigate members of the Trump campaign and Hillary Clinton’s Foundation during a political campaign is not spying, if the use of a lawful FISA to conduct both physical and electronic surveillance on recently departed campaign volunteer Carter Page is not spying — and Adam Schiff said they were not, and I agree — then neither is the use of a subpoena to collect the phone records of Democrats who had knowledge of information that subsequently leaked in a fully predicated (and very serious) leak investigation.

This is “just” metadata

According to all reports, the government obtained the iPhone metadata records of 73 phone numbers and 36 email addresses. Apple suggests other tech companies probably got subpoenas, too, which means that some of those email addresses probably weren’t Apple emails.

But it was — as Adam Schiff said many times when defending a program that aspired to collect “all” the phone records in the United States — “just” metadata.

I don’t mean to belittle the impact of that. As I and others argued (against Schiff), metadata is actually profoundly revealing.

But if this is a problem (it is!), then people like Adam Schiff should lead a conversation about whether the standard on collection of metadata — currently, it only needs to be “relevant to” an investigation — is what it should be, as well as the rules imposed on future access to the data once collected prevent abuse.

Apple (and other tech companies) wouldn’t have known this was Adam Schiff

Even people who understand surveillance seem to believe that Apple would have known these requests targeted Adam Schiff in a leak investigation and therefore should have done more to fight it, as if the actual subpoena would be accompanied with an affidavit with shiny flags saying “HPSCI Ranking Member.”

They wouldn’t have. They would have gotten a list of selectors (some of which, by its description, it probably did not service), a description of the crime being investigated (a leak), and a gag order. The one thing that should have triggered closer review from Apple was the number of selectors. But apparently it did not, and once Apple complied, the data was swept up into the FBI’s servers where it presumably remains.

The subpoena was overly broad and not tailored to limit damage to Schiff

All that said, there were aspects of the subpoena that suggest it was written without any consideration for limiting the damage to Congressional equities or reasonable investigative targets. Focusing on these details are important because they distinguish what is really problematic about this (and who is to blame). According to reports, the subpoena:

  • Obtained information from a minor, who would have had no access to classified information
  • Included a series of year-long gags
  • Obtained all the toll records from date of creation
  • May have focused exclusively on Democratic members and staffers

It’s conceivable that, after years of investigation, DOJ would have reason to believe someone was laundering leaks through a child. But given how broad this subpoena is, it’s virtually impossible the affidavit included that kind of specific knowledge.

With journalists, DOJ is supposed to use shorter gags–three months. The series of year-long gags suggests that DOJ was trying to hide the existence of these subpoenas not just to hide an investigation, but to delay the political embarrassment of it.

There’s no reason to believe that Adam Schiff leaked a FISA application targeting Carter Page first obtained in 2016 in 2009 (or whenever the Californian lawmaker first set up his Apple account). It’s a physical impossibility. So it is completely unreasonable to imagine that years-old toll records would be “relevant to” a leak investigation predicated off a leak in 2017. Mind you, obtaining all records since the inception of the account is totally normal! It’s what DOJ did, for example, with Antionne Brodnax, a January 6 defendant who got notice of subpoenas served on him, but whose attempt to limit the subpoena failed because those whose records are subpoenaed have no authority to do that. There are two appropriate responses to the unreasonable breadth of this request: both a focus on the failure to use special caution with Congressional targets, but also some discussion about how such broad requests are unreasonable regardless of the target.

Given the number of these selectors, it seems unlikely DOJ did more than ID the people who had access to the leaked information in question. Except if they only obtained selectors for Democrats, it would suggest investigators went into the investigation with the assumption that the leak was political, and that such a political leak would necessarily be partisan. That’s simply not backed by exhibited reality, and if that’s what happened, it should force some scrutiny on who made those assumptions. That’s all the more true given hints that Republicans like Paul Ryan may have tipped Page off that he had been targeted.

These kinds of limiting factors are where the most good can come out of this shit-show, because they would have a real impact and if applied broadly would help not just Schiff.

Barr continued to appoint unqualified prosecutors to do his political dirty work

I think it would be useful to separate the initial records request — after all, the leak of a FISA intercept and the target of a FISA order are virtually unprecedented — from the continued use of the records in 2020, under Billy Barr.

The NYT explains that the initial investigators believed that charges were unlikely, but Barr redoubled efforts in 2020.

As the years wore on, some officials argued in meetings that charges were becoming less realistic, former Justice Department officials said: They lacked strong evidence, and a jury might not care about information reported years earlier.

[snip]

Mr. Barr directed prosecutors to continue investigating, contending that the Justice Department’s National Security Division had allowed the cases to languish, according to three people briefed on the cases. Some cases had nothing to do with leaks about Mr. Trump and involved sensitive national security information, one of the people said. But Mr. Barr’s overall view of leaks led some people in the department to eventually see the inquiries as politically motivated.

[snip]

After the records provided no proof of leaks, prosecutors in the U.S. attorney’s office in Washington discussed ending that piece of their investigation. But Mr. Barr’s decision to bring in an outside prosecutor helped keep the case alive.

[snip]

In February 2020, Mr. Barr placed the prosecutor from New Jersey, Osmar Benvenuto, into the National Security Division. His background was in gang and health care fraud prosecutions.

Barr used this ploy — finding AUSAs who were unqualified to work on a case that others had found no merit to — on at least three different occasions. Every document John Durham’s team submitted in conjunction with the Kevin Clinesmith prosecution, for example, betrayed that investigators running it didn’t understand the scope of the Crossfire Hurricane investigation (and thereby also strongly suggested investigators had no business scrutinizing a counterintelligence investigation at all). The questions that Jeffrey Jensen’s team, appointed by Barr to review the DOJ IG investigation and the John Durham investigation to find conclusions they didn’t draw, asked Bill Barnett betrayed that the gun crimes prosecutors running it didn’t know fuckall about what they were doing (why Barnett answered as he did is another thing, one that DOJ IG should investigate). And now here, he appointed a health care fraud prosecutor to conduct a leak investigation after unbelievably aggressive leak investigators found nothing.

DOJ IG should include all of those investigations in its investigation, because they all reflect Barr’s efforts to force prosecutors to come to conclusions that the evidence did not merit (and because the Jensen investigation, at least, appears to have altered records intentionally).

FBI never deletes evidence

In an attempt to disclaim responsibility for yet more political abuse, Billy Barr issued a very interestingly worded disavowal.

Barr said that while he was attorney general, he was “not aware of any congressman’s records being sought in a leak case.” He added that Trump never encouraged him to zero in on the Democratic lawmakers who reportedly became targets of the former president’s push to unmask leakers of classified information.

There are two parts to this: One, that “while he was attorney general,” Congresspersons’ records were not sought, and two, sought in a leak case. The original subpoena for these records was in February 2018, so not during Barr’s tenure as Attorney General. He doesn’t deny asking for those previously-sought records to be reviewed anew while Attorney General.

But he also limits his disavowal to leak cases. Under Barr’s fervent imagination, however, these investigations may well have morphed into something else, what he may have imagined were political abuse or spying violation cases. DOJ can and often does obtain new legal process for already obtained records (which would be unnecessary anyway for toll records), so it is not outside the realm of possibility that Barr directed his unqualified prosecutor to use those already-seized records to snoop into some other question.

It’s a pity for Adam Schiff that no one in charge of surveillance in Congress imposed better trackability requirements on FBI’s access of its investigative collections.

Both an IG investigation and a Special Counsel are inadequate to this investigation

Lisa Monaco asked Michael Horowitz to investigate this investigation. And that’s fine: he can access the records of the investigation, and the affidavits. He can interview the line prosecutors who were tasked with this investigation.

But he can’t require Barr or Jeff Sessions or any of the other Trump appointees who ordered up this investigation to sit for an interview (he could move quickly and ask John Demers to sit for an interview).

Because of that, a lot of people are asking for a Special Counsel to be appointed. That would be nice, except thus far, there’s no evidence that a crime was committed, so there is no regulatory basis to appoint a Special Counsel. The standard for accessing records is very low, any special treatment accorded journalists or members of Congress are not written into law, and prosecutorial discretion at DOJ is nearly sacrosanct. The scandal is that this may all be entirely legal.

Mind you, there’s good reason to believe there was a crime committed in the Jeffrey Jensen investigation, the same crime (altering documents) that Barr used to predicate the Durham Special Counsel appointment. So maybe people should revisit that?

Luckily, Swalwell and Schiff know some members of Congress who can limit such abuses

If I learned that DOJ engaged in unreasonable surveillance on me [wink], I’d have no recourse, largely because of laws that Adam Schiff has championed for years.

But as it happens, Schiff and Swalwell both know some members of Congress who could pass some laws limiting the ability to do some of the things used against them that affect thousands of Americans investigated by the FBI.

Now that Adam Schiff has discovered, years after we tried to reason with him on this point, that “it’s just metadata” doesn’t fly in this day and age, maybe we can talk about how the FBI should be using metadata given how powerful it has become?

The renewed focus on Schiff’s metadata would have come after Schiff disclosed Nunes’ ties to Rudy Giuliani’s grift

Another factor of timing hasn’t gotten enough attention. In late December, Schiff released the Democrats’ impeachment report. Because Schiff obtained subpoenas (almost certainly targeting Lev Parnas and Rudy Giuliani), he included call records of calls implicating Devin Nunes and his staffer Derek

Over the course of the four days following the April 7 article, phone records show contacts between Mr. Giuliani, Mr. Parnas, Representative Devin Nunes, and Mr. Solomon. Specifically, Mr. Giuliani and Mr. Parnas were in contact with one another, as well as with Mr. Solomon.76 Phone records also show contacts on April 10 between Mr. Giuliani and Rep. Nunes, consisting of three short calls in rapid succession, followed by a text message, and ending with a nearly three minute call.77 Later that same day, Mr. Parnas and Mr. Solomon had a four minute, 39 second call.78

[snip]

On the morning of May 8, Mr. Giuliani called the White House Switchboard and connected for six minutes and 26 seconds with someone at the White House.158 That same day, Mr. Giuliani also connected with Mr. Solomon for almost six minutes, with Mr. Parnas, and with Derek Harvey, a member of Representative Nunes’ staff on the Intelligence Committee.159

69 AT&T Document Production, Bates ATTHPSCI _20190930_00848-ATTHPSCI_20190930_00884. Mr. Parnas also had an aborted call that lasted 5 seconds on April 5, 2019 with an aide to Rep. Devin Nunes on the Intelligence Committee, Derek Harvey. AT&T Document Production, Bates ATTHPSCI_20190930_00876. Call records obtained by the Committees show that Mr. Parnas and Mr. Harvey had connected previously, including a four minute 42 second call on February 1, 2019, a one minute 7 second call on February 4, and a one minute 37 second call on February 7, 2019. AT&T Document Production, Bates ATTHPSCI_20190930_00617, ATTHPSCI_20190930_00630, ATTHPSCI_20190930_00641. As explained later in this Chapter, Rep. Nunes would connect separately by phone on April 10, 11, and 12 with Mr. Parnas and Mr. Giuliani. AT&T Document Production, Bates ATTHPSCI_20190930_00913- ATTHPSCI_20190930_00914; ATTHPSCI_20190930-02125.

76 Specifically, between April 8 and April 11, phone records show the following phone contacts:

  • six calls between Mr. Giuliani and Mr. Parnas (longest duration approximately five minutes), AT&T Document Production, Bates ATTHPSCI_20190930-02115-ATTHPSCI_20190930-02131;
  • four calls between Mr. Giuliani and Mr. Solomon (all on April 8, longest duration approximately one minute, 30 seconds) AT&T Document Production, Bates ATTHPSCI_20190930-02114- ATTHPSCI_20190930-02115;
  • nine calls between Mr. Parnas and Mr. Solomon (longest duration four minutes, 39 seconds) AT&T Document Production, Bates ATTHPSCI_20190930-00885- ATTHPSCI_20190930- 00906; and
  • three calls between Mr. Parnas and Ms. Toensing (longest duration approximately six minutes), AT&T Document Production, Bates ATTHPSCI_20190930-00885- ATTHPSCI_20190930- 00905.

77 AT&T Document Production, Bates ATTHPSCI_20190930-02125, ATTHPSCI_20190930-03236.

78 AT&T Document Production, Bates ATTHPSCI_20190930-00902.

[snip]

158 AT&T Document Production, Bates ATTHPSCI_20190930_02313.

159 AT&T Document Production, Bates ATTHPSCI_20190930_02314; ATTHPSCI_20190930_02316; ATTHPSCI_20190930_02318; ATTHPSCI 20190930 01000.

Because Nunes doesn’t understand how phone records work, he — and most other Republicans in Congress — accused Schiff of subpoenaing the record of his colleagues. That’s not what happened. Instead, Nunes and a key staffer got involved in with Rudy’s efforts to solicit dirt from Russian assets and as a result they showed up in Rudy’s phone records.

But it’s the kind of thing that might lead Barr to intensify his focus on Schiff.

The last section of this was an update.

Snowden

Insurance File: Glenn Greenwald’s Anger Is of More Use to Vladimir Putin than Edward Snowden’s Freedom

Glenn Greenwald risks making his own anger more valuable to Vladimir Putin than Edward Snowden’s freedom.

When WikiLeaks helped Snowden flee Hong Kong eight years ago, both WikiLeaks and Snowden had the explicit goal of using Snowden’s successful flight from prosecution to entice more leakers.

In his book, Snowden described that Sarah Harrison and Julian Assange’s goal in helping him flee Hong Kong was to provide a counterexample to the draconian sentence of Chelsea Manning.

People have long ascribed selfish motives to Assange’s desire to give me aid, but I believe he was genuinely invested in one thing above all—helping me evade capture. That doing so involved tweaking the US government was just a bonus for him, an ancillary benefit, not the goal. It’s true that Assange can be self-interested and vain, moody, and even bullying—after a sharp disagreement just a month after our first, text-based conversation, I never communicated with him again—but he also sincerely conceives of himself as a fighter in a historic battle for the public’s right to know, a battle he will do anything to win. It’s for this reason that I regard it as too reductive to interpret his assistance as merely an instance of scheming or self-promotion. More important to him, I believe, was the opportunity to establish a counterexample to the case of the organization’s most famous source, US Army Private Chelsea Manning, whose thirty-five-year prison sentence was historically unprecedented and a monstrous deterrent to whistleblowers everywhere. Though I never was, and never would be, a source for Assange, my situation gave him a chance to right a wrong. There was nothing he could have done to save Manning, but he seemed, through Sarah, determined to do everything he could to save me. That said, I was initially wary of Sarah’s involvement. But Laura told me that she was serious, competent, and, most important, independent: one of the few at WikiLeaks who dared to openly disagree with Assange. Despite my caution, I was in a difficult position, and as Hemingway once wrote, the way to make people trustworthy is to trust them.

[snip]

It was only once we’d entered Chinese airspace that I realized I wouldn’t be able to get any rest until I asked Sarah this question explicitly: “Why are you helping me?”

She flattened out her voice, as if trying to tamp down her passions, and told me that she wanted me to have a better outcome. She never said better than what outcome or whose, and I could only take that answer as a sign of her discretion and respect.

It’s not just Snowden’s impression, though, that WikiLeaks intended to make an example of him. The superseding indictment against Assange cites several times when Assange invoked WikiLeaks’ role in Snowden’s successful escape to encourage others (including CIA Systems Administrators like Joshua Schulte, who had a ticket to Mexico when the FBI first interviewed him and seized his passports) to go do what Snowden did. British Judge Vanessa Baraitser even included one of those speeches in paragraphs distinguishing what Assange is accused of from legal journalism. And as early as 2017, public reporting said that WikiLeaks’ assistance to Snowden was what changed how DOJ understood WikiLeaks and why it began to consider prosecuting Assange. It wasn’t Trump that led DOJ to stop treating Assange as a journalist, it was Snowden.

According to Snowden’s own words, he shared WikiLeaks’ goal of setting an example to inspire others. In an email that Snowden must have sent Bart Gellman weeks before the exchange between him and Harrison above, Snowden described steps he took to give other leakers (this may be Gellman’s paraphrase), “hope for a happy ending.”

In the Saturday night email, Snowden spelled it out. He had chosen to risk his freedom, he wrote, but he was not resigned to life in prison or worse. He preferred to set an example for “an entire class of potential whistleblowers” who might follow his lead. Ordinary citizens would not take impossible risks. They had to have some hope for a happy ending.

To effect this, I intend to apply for asylum (preferably somewhere with strong internet and press freedoms, e.g. Iceland, though the strength of the reaction will determine how choosy I can be). Given how tightly the U.S. surveils diplomatic outposts (I should know, I used to work in our U.N. spying shop), I cannot risk this until you have already gone to press, as it would immediately tip our hand. It would also be futile without proof of my claims—they’d have me committed—and I have no desire to provide raw source material to a foreign government. Post publication, the source document and cryptographic signature will allow me to immediately substantiate both the truth of my claim and the danger I am in without having to give anything up. . . . Give me the bottom line: when do you expect to go to print?

Citizenfour also quotes Snowden describing how he hoped that proof that his “methods work[]” would encourage others to leak.

If all ends well, perhaps the demonstration that our methods worked will embolden more to come forward.

Snowden’s “methods” don’t work — they certainly haven’t for Daniel Hale, Reality Winner, or Joshua Schulte. But for each, Snowden played at least some role (there is ambiguity about how Schulte really felt about Snowden) in inspiring them to ruin their lives with magical thinking and inadequate operational security.

One of Snowden’s “methods” appears to entail quitting an existing job and then picking another at an Intelligence Community contractor with the intent of obtaining documents to leak. Snowden did this at Booz Allen Hamilton, and his book at least suggests the possibility he did that with his earlier job in Hawaii.

The government justified the draconian sentence that it had negotiated with Winner’s lawyers, in part, by claiming that she premeditated her leak.

Around the same time the defendant took a job with Pluribus requiring a security clearance in February 2017, she was expressing contempt for the United States, mocking compromises of our national security, and making preparations to leak intelligence information

Along with evidence Winner researched The Intercept’s SecureDrop before starting at her new job, the government supported this claim by pointing to three references Winner made to Snowden as or shortly after she started at Pluribus, including texts in which Winner told her sister she was on Assange and Snowden’s side the day the Vault 7 leak was revealed. That was still two months before she took the files she would send to The Intercept.

Had Hale gone to trial, the government would have shown that Hale discussed serving as a source for Jeremy Scahill by May 30, 2013, the day before he left NSA, and discussed Snowden — and hanging out with the journalists reporting on him — the day Snowden came forward on June 9. Then, on July 25, Hale sent Scahill a resume showing he was looking for counterterrorism or counterintelligence jobs. In December, Hale started the the job at Leidos where he would print out the files he sent to The Intercept.

You can think these leaks were valuable and ethical without thinking it a good idea to leave a months-long trail of evidence showing premeditation on unencrypted texts and social media.

Similarly, one of Snowden’s “methods” was to claim he had expressed concerns internally, but was ignored, a wannabe whistleblower stymied by America’s admittedly failed support for whistleblowers, especially those at contractors.

In the weeks before Snowden left NSA, he made a stink about some legal issues and NSA’s training programs (about how FISA Section 702 interacted with EO 12333) that he subsequently pointed to as his basis for claiming to be a whistleblower. The complaint was legit, and one NSA department actually did take notice, but it was not a formal complaint; indeed, it was more a complaint about US law. But his complaint had nothing to do with the vast majority of the documents that have been published based off his files, to say nothing of the far greater set of documents he took. And he made the complaint long after having prepared for months to steal vast amounts of files.

Similarly, Joshua Schulte wrote two emails documenting purported concerns about CIA security, one to a colleague less than a month before he left, which he didn’t send, and then, on his final day, one to CIA’s Inspector General that he falsely claimed was unclassified, a copy of which he was seen taking with him when he packed up. In the first search warrant for Schulte’s house obtained on March 13, 2017, less than a week after the initial Vault 7 release, the FBI had already found those emails and deemed Schulte’s treatment of them as suspect. And when they found a copy of the classified letter to the IG stashed in his headboard, it gave them cause to seize Schulte’s passports on threat of arrest. Snowden’s “methods” didn’t deliver Schulte a “happy ending;” they made Schulte’s apprehension easier.

To the extent Schulte could be shown to be following Snowden’s “methods” (again, that question was not resolved at his first trial) it would be a fairly damning indictment of those methods, since this effort to create a paper trail as a whistleblower was such an obvious attempt to retroactively invent cover for leaks for which there was abundant evidence Schulte’s motivation was spite and revenge. Maybe that’s why someone close to Assange explicitly asked me to stop covering Schulte’s case.

Had Daniel Hale gone to trial, the government undoubtedly would have used the exhibits showing that Hale had never made any whistleblower claims in any of the series of government jobs where he had clearance as a way to push back on his claim of being a whistleblower, though Hale was outspoken about his criticisms of the drone program before he took most of the files he shared with The Intercept. Indeed, given the success of Hale’s earlier anti-drone activism, his case raises real questions about whether leaking was more effective than Hale’s frank, overt witness to the problems of the drone program.

Worse still, Snowden’s boasts about his “methods” appear to have made prosecutions more likely. An early, mostly-sealed filing in Hale’s case, reveals that the government set out to investigate whether Hale was The Intercept’s source because they were trying to figure out whom Snowden had “inspired” to leak.

Specifically, the FBI repeatedly characterized its investigation in this case as an attempt to identify leakers who had been “inspired” by a specific individual – one whose activity was designed to criticize the government by shedding light on perceived illegalities on the part of the Intelligence Community.

That explains why the government required Hale to allocute to being the author of an essay in a collection of Hale’s leaked documents involving Snowden: by doing so, they obtained sworn proof that Hale is the person Snowden and Glenn Greenwald were discussing, while the two were sitting in Moscow, in the closing sequence of Citizenfour. In the scene, Glenn flamboyantly wrote for Snowden how this new leaker and The Intercept’s journalist were communicating, what appears to be J-A-B-B-E-R. That stunt for the camera would have tipped the government off, in cinema release just two months after they had raided Hale’s home, to look for and reconstruct Hale’s Jabber communications with Jeremy Scahill, which they partly succeeded in doing.

Rather than being means to a “happy ending,” then, prosecutors have found Snowden’s “methods” useful to pursuing increasingly draconian prosecutions of people inspired by him.

And now, after Snowden and Greenwald failed to persuade Trump to pardon Snowden, Assange — and in a secondary effort — The Intercept’s sources (perhaps, like Assange, they find the association with Schulte counterproductive, because they didn’t even try to get him pardoned, even though Trump himself almost bolloxed that prosecution), Snowden is left demanding pardons on Twitter for the people he set out to convince leaking could have a “happy ending.”

By associating these leaks with someone being protected by Russia so that — in Snowden’s own words — he could encourage more leaks, Snowden only puts a target on these people’s back, making a justifiable commutation of Winner’s sentence less likely (Winner is due to get out on November 23, two days before the most likely time for Joe Biden to even consider commuting her sentence).

I’m grateful for Snowden’s sacrifices to release the NSA files, but his efforts to lead others to believe that leaking would be easy was bound to, and has, ended badly.

If Vladimir Putin agreed to protect Snowden in hopes that he would inspire more leakers to release files that help Russia evade US spying (as Schulte’s leak did, at a time when the US was trying to understand the full scope of what Russia had done in 2016), the US prosecutorial focus on Snowden-related leakers undermines his value to Putin, probably by design. As that happens, Snowden might reach the moment that observers of his case have long been dreading, the moment when Putin’s utilitarian protection of Snowden will give way to some other equally utilitarian goal.

This is all happening as Putin adjusts to dealing with Joe Biden rather than someone he could manipulate by (at the very least) feeding his narcissism, Donald Trump. It is happening in the wake of new sanctions on Russia, in response to which Putin put US Ambassador John Sullivan on a plane to deliver some message, in person, to Biden. It is happening as Biden’s response to the Colonial Pipeline attack, in which ransomware criminals harbored by Putin shut down US critical infrastructure for fun and profit, includes noting that he and Putin will meet in person soon, followed by the unexplained disabling of the perpetrators in the wake of the attack.

Meanwhile, even as Snowden is of less and less use to Putin, Glenn Greenwald’s utility continues to grow. Snowden, for example, continues to speak out about topics inconvenient to Putin, like privacy. The presence in Russia of someone like Snowden with his own platform and international credibility may become increasingly risky for Putin given the success of protests around Alexei Navalny.

Greenwald, by contrast, seems to have dropped all interest in surveillance and has instead turned many of his grievances — even his complaint that former NSA lawyer Susan Hennessey will get a job in DOJ’s National Security Division, against whom one can make a strong case on privacy grounds — into a defense of Russia. Greenwald spends most of his time arguing that a caricature that he labels “liberals” and another caricature that he labels “the [American] Deep State,” followed closely by another caricature he calls “the  [non-right wing propaganda] Media,” are the most malignant forces in American life. In his rush to attack “liberals,” “the Deep State,” and “the Media,” Greenwald has coddled the political forces that Putin has found useful, including outright racists and other right wing extremists. By the end of the Trump presidency, Greenwald was excusing virtually everything Trump did, up to and including his attempted coup based on the utter denigration of democratic processes. In short, Greenwald has become a loud and important voice in support of the illiberalism Putin favors, to say nothing of Greenwald’s use of a rhetoric unbound by facts.

That Greenwald spends most of his days deliberately inciting Twitter mobs is just an added benefit, to those who want to weaken America, to Greenwald’s defense of fascists.

Most of us who used to know Greenwald attribute his Russian denialism and his apologies for Trump at least partly to his desire to free Snowden from exile. Yet Greenwald’s tantrums, because of their value to Putin, may have the opposite effect.

Stoking Greenwald’s irrational furor over what he calls “liberals” and “the Deep State” and “the Media” would actually be a huge incentive for Putin to deal Snowden to the US, in maximally symbolic fashion. There is nothing that could light up Greenwald’s fury like Putin bringing Snowden to a summit with Biden, wrapped up like a present, to send back on Air Force One. (That’s an exaggerated scenario, but you get my point.)

Plus, if Putin played it right, such a ceremonial delivery of Snowden might just achieve the completion of the Snowden operation, the public release of all of the files Snowden stole, not just those that one or another journalist found to have news value.

The Intelligence Community has, over the years, said a bunch of things about Snowden that were outright bullshit or, at least, for which they did not yet have evidence. But one true thing they’ve said is that Snowden took a great many files that had no imaginable privacy value. Even from a brief period working in the full archive aiming to answer three very discrete questions about FISA, I believe that to be true. While some (including Assange) pressured Snowden and others to release all these files, Snowden instead ensured that journalists would serve a vetting role, and after some initial fumbling, The Intercept did a laudable job of keeping those files safe. So up to now, the fact that Snowden took far more files than any privacy concern — even privacy concerns divorced from all question of nationality — could justify may not have mattered.

But as far as I know there are still full copies out there and Russia would love to spin up Glenn Greenwald’s fury so much he would attempt to burn down his caricature of “The Deep State” in retaliation — much like Schulte succeeded in badly damaging the CIA — by releasing his set.

I believe Russia has been trying to do this since at least 2016.

To be very clear, I’m not claiming that Greenwald is taking money from or is any way controlled by Russia. I am very much not claiming that, in part because it wouldn’t be necessary. Why pay Greenwald for what you can get him to do for free?

And while I assume Greenwald would respect Snowden’s stated wishes and protect the files, like Trump, Greenwald’s narcissism and resentment are very, very easy buttons to push. Greenwald has been heading in this direction without pushing. It would be child’s play to have people friendly to Russia’s illiberal goals (people like Steve Bannon or Tucker Carlson) exacerbate Greenwald’s anger at “the Deep State” to turn it into the frenzy it has become.

Meanwhile, custody of Edward Snowden would be a very enticing dangle for Putin to offer Biden as a way to reset Russia’s relationship with the US. One cannot negotiate with Putin, one can only adjust the points of leverage over each other and hope to come to some stable place, and Snowden has always been at risk of becoming a bargaining chip in such a relationship. By turning Snowden over to the US to be martyred in a high profile trial, Putin might wring the last bit of value out of Snowden. All the better, from Putin’s standpoint, if Greenwald were to respond by releasing the full Snowden set.

For the past four years, Greenwald seems to have believed that if he sucked up to Putin and Trump, he’d win Snowden’s freedom, as if either man would ever deal in good faith. Instead, I think, that process has had the effect of making Greenwald more useful to Russia than Snowden is anymore. And at this point, Greenwald seems to have lost sight of the likelihood that his belligerent rants may well make Snowden less safe, not more.

Update: According to the government sentencing memo for Hale, they didn’t write up the statement of offense, Hale did.

Hale pled guilty without any plea agreement, and submitted his own Statement of Facts. Def.’s Statement of Facts, Dkt. 197 (“SOF”).

Did John Durham Seize Journalists’ Call Records?

The WaPo has revealed that DOJ obtained toll records on three journalists, covering a 3.5 month period in 2017, in 2020.

The Trump Justice Department secretly obtained Washington Post journalists’ phone records and tried to obtain their email records over reporting they did in the early months of the Trump administration on Russia’s role in the 2016 election, according to government letters and officials.

In three separate letters dated May 3 and addressed to Post reporters Ellen Nakashima and Greg Miller, and former Post reporter Adam Entous, the Justice Department wrote they were “hereby notified that pursuant to legal process the United States Department of Justice received toll records associated with the following telephone numbers for the period from April 15, 2017 to July 31, 2017.” The letters listed work, home or cellphone numbers covering that three-and-a-half-month period.

[snip]

The letters do not say when Justice Department leadership approved the decision to seek the reporters’ records, but a department spokesman said it happened in 2020, during the Trump administration. William P. Barr, who served as Trump’s attorney general for nearly all of that year, before departing Dec. 23, declined to comment.

The WaPo cites two stories it think might be culprits:

But it misses a key story on which Ellen Nakashima — whose mobile phone and home numbers were seized — was the first byline.

There’s also one on which Nakashima was not the first byline that might be relevant.

Notably, the request goes through the time when Peter Strzok was on the Mueller team.

In August 2020, NYT reported that John Durham was investigating media leaks. As reported, that was focused on the original leak to David Ignatius that led Mike Flynn to respond. But it reported that it wasn’t clear whether the investigation included other leaks, such as the two stories based on leak intercepts from the period under subpoena.

This report looks like what you’d expect if Durham’s investigation was broader than that, covering the period through when Strzok was removed from Mueller’s team.

Update: Billy Barr told the AP that he had made Durham Special Counsel on December 1, just over 6 months before WaPo got notice that DOJ had seized their records. He did so, it’s now clear, so that whatever providers they were trying to obtain records for would know that he had the authority of Attorney General.

Update: What Durham is clearly pursuing is charging someone under 18 USC 798 for leaking signals intercepts that seeded three stories:

  • The David Ignatius story revealing Mike Flynn’s calls with Sergei Kislyak had been discovered
  • The WaPo story revealing that Jared Kushner’s effort to set up a back channel with Russia had been discovered
  • The WaPo story revealing that Jeff Sessions had lied when he said he hadn’t spoken to any Russians in his confirmation hearing

Update: To be quite clear: I have no reason to believe Durham has any evidence about Strzok. What I have is a bunch of evidence that 1) Durham doesn’t understand what he’s looking at and 2) he was hired to take out a couple of FBI people, starting with Strzok.

The George Nader Problem: NSA Removes the Child Exploitation Content from Its Servers

When Lebanese-American dual citizen George Nader was stopped at Dulles after arriving on a flight from Dubai on January 17, 2018, he had at least 12 videos on his phone depicting boys as young as two years old being sexually abused, often with the involvement of farm animals. In the days before a Mueller prosecutor obtained the contents of the three phones Nader had with him, Nader sat for at least four interviews with Mueller’s prosecutors and told a story (which may not have been entirely forthright) about how he brokered a meeting in the Seychelles between Russia and Erik Prince a year earlier. Nader exploited Prince’s interest in work with Nader’s own employer — Mohammed bin Zayed — to set up the back channel meeting, and as such was a very effective broker in the service of two foreign countries, one hostile to the US. As such, I assume, Nader became a key counterintelligence interest, on top of whatever evidence he provided implicating Trump and his flunkies.

Mueller’s team got the returns on Nader’s phones back on March 16. An FBI Agent in EDVA in turn got a warrant for the child porn. But two days after the agent got the warrant return, Nader skipped town and remained out of the country until days after Mueller shut down his investigation, at which point he returned to the US and was promptly arrested for his abuse of children. Even without the other influence peddling that Nader had done on behalf of the Emirates, he would have remained a key counterintelligence interest for the entire 14 months he remained outside the country. After all, Nader had been making key connections since at least the time he introduced Ahmed Chalabi to Dick Cheney, and probably going back to the Clinton Administration.

So it is quite possible that for the entire period Nader was out of the country, he was surveilled. If that happened, it almost certainly would have happened with the assistance of NSA. As an agent of Dubai, he would be targetable under FISA, but as a US citizen, targeting him under FISA would require an individualized FISA warrant, and the surveillance overseas would take place under 705b.

If the surveillance did happen, Nader’s sexual abuse of boys would have had foreign intelligence value. It would be of interest, for example, to know who knew of his abuse and whether they used it as leverage over Nader. The source of the videos showing the children being exploited would be of interest. So, too, would any arrangements Nader made to procure the actual boys he abused, particularly if that involved high powered people in Middle Eastern countries.

Understanding how George Nader fit in international efforts to intervene in US affairs would involve understanding his sexual abuse of boys.

And that poses a problem for the NSA, because it means that really horrible content — such as Nader’s videos showing young boys being abused with goats for the object of an adult’s sexual pleasure — is among the things the NSA might need to collect and analyze.

I’ve been thinking about George Nader as I’ve been trying to understand one detail of the recent FISA 702 reauthorization. In January 2020, the NSA got permission to — in the name of lawful oversight — scan its holdings for child exploitation, stuff like videos of adults using goats to sexually abuse very young boys.

In a notice filed on January 22, 2020, the government informed the Court that NSA had developed a method, [redacted] of known or suspected child-exploitation material (including child pornography), to identify and remove such material from NSA systems. To test this methodology, NSA ran the [redacted] against a same of FISA-acquired information in NSA systems. The government concedes that queries conducted for such purposes do not meet generally applicable querying standard; nor do they fall within one of the lawful oversight functions enumerated in the existing NSA querying procedures. Nevertheless, NSD/ODNI opined that “the identification and removal of child exploitation material … from NSA systems that is a lawful oversight function under section IV.C.6,” and that the deviation from the querying procedures was “necessary to perform this lawful oversight function of NSA systems.” Notice of Deviation from Querying Procedures, January 22, 2020, at 3; see Oct. 19, 2020, Memorandum at 10.

NSA anticipates using such queries going forward, likely on a recurring basis, to proactively identify and remove child-exploitation material from its systems. The government submits that doing so is necessary to “prevent [NSA] personnel from unneeded exposure to highly disturbing, illegal material.” October 19, 2020, Memorandum at 10. The Court credits this suggestion and likewise finds that performance of these queries qualifies as a lawful oversight function for NSA systems. But the Court encouraged the government to memorialize this oversight activity in § IV.C.6, among the other enumerated lawful oversight functions that are recognized exceptions to the generally acceptable querying standards.

The government has done so. Section IV.C.6 now includes a new provision for “identify[ing] and remov[ing] child exploitation material, including child pornography, from NSA systems.” NSA Querying Procedures § IV.C.6.f. The Court finds that the addition of this narrow exception has no material impact on the sufficiency of the querying procedures taken as a whole.

At first, I thought they were doing this to protect the children. Indeed, my initial concern was that NSA was using these scans to expand the use of NSA queries for what wound up being law enforcement action, such that they could ask to do similar scans for the seven other crimes they’ve authorized sharing FISA data on (though of the other crimes, only snuff videos would be as easy to automate as child porn, which has a well-developed technology thanks to Facebook and Google). I thought that, once they scanned their holdings, they would alert whatever authority might be able to rescue the children involved that they had been victimized. After all, under all existing minimization procedures, the NSA can share proof of a crime with the FBI or other relevant law enforcement agency. Indeed, in 2017, FISC even authorized NSA and FBI to share such evidence of child exploitation with the National Center for Missing and Exploited Children, so they could attempt to identify the victims, help bring the perpetrators to justice, and track more instances of such abuse.

But that doesn’t appear to be what’s happening.

Indeed, as described, “saving the victims” is not the purpose of these scans. Rather, preventing NSA personnel from having to look at George Nader’s pictures showing goats sexually abusing small boys is the goal. When I asked the government about this, NSA’s Director for Civil Liberties, Privacy and Transparency, Rebecca Richards, distinguished finding child exploitation material in the course of intelligence analysis — in which case it’ll get reported as a crime — from this, which just removes the content.

NSA does not query collected foreign intelligence information to identify individuals who may be in possession of child exploitation material. This particular provision allows NSA to identify and remove known or suspected child-exploitation material (including child pornography) from NSA systems.

The Court agreed that this was appropriate lawful oversight to “prevent [NSA] personnel from unneeded exposure to highly distributing, illegal material.” The point of the query is not to surface the material for foreign intelligence analysis, the function of the query is to remove the material. If NSA finds such information in the course of its analytic process to identify and report on foreign intelligence, it will review and follow necessary crimes reporting.

The Court credits the suggestion to conduct this activity as part of NSA’s lawful oversight function. [my emphasis]

I asked NSA a bunch of other questions about this, but got no further response.

First, isn’t the NSA required to (and permitted to, under the minimization procedures) alert the FBI to all such instances they find? So wouldn’t this be no different from a law enforcement search, since if found it will lead to the FBI finding out about it?

Second, as offensive as this stuff is, isn’t it also of value from a foreign intelligence perspective? Ignoring that George Nader is a US person, if a high profile advisor to MbZ was known to exploit boys, wouldn’t that be of interest in explaining his position in MbZ’s court and his preference for living in Dubai instead of VA? Wouldn’t it be of interest in understanding the counterintelligence threat he posed?

If it is of FI interest (I seem to recall a Snowden revelation where similar discoveries were used against a extremist cleric, for example), then how is it recorded to capture the FI use before it is destroyed? And in recording it, aren’t there NSA and/or FBI personnel who would have to look more closely at it? Wouldn’t that increase the amount of child exploitation viewed (presumably with the benefit of finding more predators, even if they are outside US LE reach)?

Finally, can you tell me whether NCMEC is involved in this? Do they receive copies of the material for their databases?

Are you saying that if the NSA finds evidence of child exploitation via these searches, it does not refer the evidence to FBI, even if it implicates victims in the United States?

Another question I have given Richards’ response is, why would NSA personnel be accessing collections that happen to include child exploitation except for analytic purposes?

But maybe that’s the real answer here: NSA employees would access child exploitation 1) for analytical purposes (in which case, per Richards, it would get reported as a crime) or 2) inappropriately, perhaps after learning of its presence via accessing it for analytic purposes (something that is not inconsistent with claims Edward Snowden has made).

After all, there have been two really high profile examples of national security personnel accused of critical leaks in the last decade who also have been accused of possessing child pornography: Donald Sachtleben, who after he was busted for (amazingly) bringing child porn on his laptop into Quantico, he later became the scapegoat for a high profile leak about Yemen, and Joshua Schulte, on whose computer the government claims to have found child porn on when it searched the computer for evidence that he stole all of CIA’s hacking tools.

So perhaps the NSA is just removing evidence of child exploitation from its servers — which it spent a lot of resources to collect as foreign intelligence — to avoid tempting NSA employees from accessing it and further victimizing the children?

If that’s correct, then it seems that NSA has taken a totally backwards approach to mitigating this risk.

If you’re going to scan all of NSA’s holdings to ID child exploitation, why not do so on intake, and once found, hash and encrypt it immediately. Some of what analysts would be interested in — tracking the dissemination of known child porn or the trafficking of known victims by transnational organized crime, for example — could be done without ever viewing it, solely after those existing hashes. If there were some other need — such as identifying a previously unidentified victim — then the file in question can be decrypted as it is sent along to FBI. That would have the added benefit of ensuring that if NSA personnel were choosing to expose themselves to George Nader’s videos of young boys being abused with farm animals, then the NSA would have a record of who was doing so, so they could be fired.

I get why the NSA doesn’t want to host the world’s biggest collection of child abuse, particularly given its difficulties in securing its systems. I don’t have any answers as to why they’re using this approach to purge their systems.

Joshua Schulte Undermines the WikiLeaks Claim to Publish “Whistleblowers”

In this post, I noted that The Intercept — including Micah Lee — had fairly systematically ignored the most recent superseding indictment against Julian Assange, and as such had ignored the overt acts in it tied to helping Edward Snowden flee. I think the outlet has real ethical responsibility to actually report the truth of that detail — which they should do in any case to address the legally suspect aspects of some of the claims made about Snowden.

I’d like to look at an earlier Micah Lee post, not because of anything it (necessarily) says about The Intercept, but as background for a larger post about WikiLeaks I hope to move towards. In an article subtitled, “The Trump Administration Is Using the Full Power of the U.S. Surveillance State Against Whistleblowers,” Micah laid out how (according to his read of what he claimed were the court filings) the government had found a bunch of “whistleblowers.” Before he gets there, though, he describes the subjects of his post to be “government whistleblowers” who, only after they see something wrong, do they reach out to journalists and share information.

GOVERNMENT WHISTLEBLOWERS ARE increasingly being charged under laws such as the Espionage Act, but they aren’t spies.

They’re ordinary Americans and, like most of us, they carry smartphones that automatically get backed up to the cloud. When they want to talk to someone, they send them a text or call them on the phone. They use Gmail and share memes and talk politics on Facebook. Sometimes they even log in to these accounts from their work computers.

Then, during the course of their work, they see something disturbing. Maybe it’s that the government often has no idea if the people it kills in drone strikes are civilians. Or that the NSA witnessed a cyberattack against local election officials in 2016 that U.S. intelligence believes was orchestrated by Russia, even though the president is always on TV saying the opposite. Or that the FBI uses hidden loopholes to bypass its own rules against infiltrating political and religious groups. Or that Donald Trump’s associates are implicated in sketchy financial transactions.

So they search government databases for more information and maybe print some of the documents they find. They search for related information using Google. Maybe they even send a text message to a friend about how insane this is while they consider possible next steps. Should they contact a journalist? They look up the tips pages of news organizations they like and start researching how to use Tor Browser. All of this happens before they’ve reached out to a journalist for the first time.

Having laid out certain assumptions not just that all these people are whistleblowers, but also about what whistleblowing entails (and made certain claims about motive that don’t necessarily match the claimed motive of some of the subjects of the story, though some of that has become public since Micah wrote this), Micah explains that Joshua Schulte is an exception with regards to how he was caught.

Of the four Espionage Act cases based on alleged leaks in the Trump era, the most unusual concerned Joshua Schulte, a former CIA software developer accused of leaking CIA documents and hacking tools known as the Vault 7 disclosures to WikiLeaks. Schulte’s case is different from the others because, after the FBI confiscated his desktop computer, phone, and other devices in a March 2017 raid, the government allegedly discovered over 10,000 images depicting child sexual abuse on his computer, as well as a file and chat server he ran that included logs of him discussing child sexual abuse images and screenshots of him using racist slurs. Prosecutors initially charged Schulte with several counts related to child pornography and later with sexual assault in a separate case, based on evidence from his phone. Only in June 2018, in a superseding indictment, did the government finally charge him under the Espionage Act for leaking the hacking tools. He has pleaded not guilty to all charges.

He doesn’t return to Schulte’s case for the rest of the piece.

About the rest of the subjects of the story, Micah describes how, whether the subject took some measure to protect himself (such as with Terry Albury and James Wolfe) or did not (such as Reality Winner), they all got caught. What they all have in common is that they were among a very limited circle of people who had access to the stuff that got leaked, and therefore could be ultimately identified with more investigation.

I think Micah’s comment was meant to suggest that Schulte wasn’t identified that same way, but was instead identified only after he was busted for child porn. I texted Micah at the time and let him know that’s not what the court records reflect (he had not, in fact, reviewed the affidavits in the court docket). By that point, a slew of the warrants in the case had been revealed, including the first ones, which showed that Schulte was identified as a suspect almost immediately, in part the same way the others were — because he was one of three people who had access to the files believed to have been leaked. (It would later become clear that at least a few more people had access to the server and that the files were copied on a different, more incriminating date than FBI originally suspected.)

Micah never corrected his post.

Of note, however, even that initial warrant raised real questions about any claim that Schulte was a whistleblower — a claim WikiLeaks made it its first Vault 7 post.

In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.

That first warrant revealed that Schulte,

  • Had already restored his access to the exact files in question without authorization once (FBI would later discover he did this at least two more times)
  • Was pissy about something that had nothing to do with the hacking CIA did with the tools that Schulte wrote, basically a juvenile work dispute with a colleague
  • Had laid a paper trail in the weeks before he left CIA, making a claim to be a whistleblower, but the claim was not backed by any prior record of concern (per the FBI agent who admittedly should not be trusted on face value)

That is, even that first affidavit suggested that Schulte had used the claim to be a whistleblower as cover.

Schulte declined to present much of a defense at his first trial, a decision that (given the hung jury) absolutely was the right decision. So we can’t claim to have fully assessed all his claims to be a whistleblower, claims he made in pro se filings and deceitful Tweets he intended to post from jail. He chose not to make that case personally and he didn’t need to make the case to avoid a guilty verdict.

That said, all the evidence presented at trial strongly backs the initial FBI assessment that he was just an angry shithole who thought he was god, aiming to get back at people at the CIA he thought had dissed him. Indeed, two pieces of evidence submitted seriously undermine his claim to be a whistleblower, because they show he acted in ways that would be inconsistent from someone who genuinely had the concerns Schulte claimed to have — both a concern about the role of contractors and about security.

First, at one point when he was pissy because the CIA had contracted with a consultant to finish off a project that had been taking too long under him, Schulte actually considered become a contractor. Yes, he was pissy that a contractor could take away his project. But considering a job as a contractor is inconsistent with his claims about the use of them. It makes the claims translated into the WikiLeaks statement yet another cover for Schulte’s own resentment.

Then, at trial, the government showed that Schulte himself was responsible for setting up a root password that he allegedly used to steal the files. That is, to the extent the files were totally insecure from someone like Schulte, they were insecure because Schulte set them up to be. So not only was he not complaining to anyone else about the insecurity of these files, he was the one making them insecure.

Again, maybe Schulte could make a persuasive case he leaked these files to expose wrong-doing. But thus far, every piece of evidence suggests not only that Schulte was not a whistleblower, that every time he wrote up a claim to be one he otherwise told identifiable lies, and that he’s mostly just a rage-driven dude who decided to burn the CIA to the ground for spite.

Now, if WikiLeaks is a publisher, as it claims, that doesn’t necessarily matter. Journalists get information from sources operating out of a variety of motives, and personal pique is a common one. Except it raises the stakes on the newsworthiness of the files published. And on that front, WikiLeaks (on Twitter especially) vastly oversold the newsworthiness of the CIA files it published. Yes, it was useful for security firms to have CIA’s files identified publicly. But there was never anything published showing that CIA was operating outside of its mandate, and much of what was published showed tools that would be narrowly targeted. Just as importantly, CIA wasn’t actually doing anything particularly exotic with its hacking files. Spies were spying, news at 11.

I’ve written before about how a close associate of Assange’s sternly asked me to downplay Schulte because he hurt the public case for Julian Assange. I think that’s partly the allegations of child porn, racism, and sexual assault against him. People associated with WikiLeaks also knew before it was public that there was evidence involving Schulte implicating Russia (though the record on what the import of various pieces of evidence about Schulte pertaining to Russia mean is very mixed; Sabrina Shroff argued fairly convincingly that some of what is there stems from work Schulte was doing for his cellmate). Still, that may be another reason WikiLeaks boosters don’t want anyone to talk seriously about Schulte, because in the wake of Julian Assange working with Russia to get harm Hillary, their next big source also had some tie, of uncertain nature, to Russia.

But the existing record on Schulte, at least, not only undermines WikiLeaks’ claim to facilitate whistleblowers. On the contrary, WikiLeaks gave a disgruntled spook an easy way to burn the place down. More importantly, somewhere along the way, Schulte decided to cloak his bitter revenge plot inside a false claim to be a whistleblower.

People can certainly still defend WikiLeaks as an outlet permitting disgruntled spooks to burn their agencies to the ground out of spite. Certainly, if you believe the CIA is inherently, uniquely evil, you might still champion this leak. But on the Vault 7 leak, WikiLeaks boosters should be clear that’s what they’re doing.

From Failed Whistleblower to Journalistic Source: Natalie Sours Edwards Mounts a Credible Public Interest Defense

Natalie Sours Edwards, one of the sources for a series of BuzzFeed stories on Treasury and a larger, global series on Suspicious Activity Reports, submitted her sentencing memorandum last night. It is probably the most convincing example of a whistleblower-turned-leaker telling her story to explain why she did what she did. And while she was charged under a different statute than the Espionage Act — there’s a specific law prohibiting the leaking of SARs — it is a laudable effort to make a public interest defense.

She spends much of her submission (as most do) describing her background — her Native American upbringing, the series of jobs she had after obtaining a PhD in national security decision-making, first at ATF, then at CIA, and then at Treasury’s FinCEN. Not long after she moved to Treasury, she grew concerned about a number of things she was seeing: She believed Treasury was making some organizational changes without first getting congressional approval.

By April of 2016, TFI was considering a proposal to move several employees from FinCEN to OIA. May Sours Edwards and other members of FinCEN’s upper management questioned the legality of the proposed realignment. In an email to John Farley, Acting Director of Executive Office for Asset Forfeiture (TEOAF), Dr. Edwards raised concerns about whether the transfers would be consistent with Congressional appropriations and whether OIA was moving forward in spite of a direction from the Senate Select Committee on Intelligence not to proceed until the Committee had reviewed the plans for the reallocation of funds.

She was concerned — as was the Privacy and Civil Liberties Oversight Board — that Treasury had never instituted guidelines protecting Americans’ privacy when accessing records under 12333. (I had written about this problem before this period.)

Did OIA, as a member of the intelligence community, have the authority to collect and retain data domestically. Under Executive Order 12333 (“E.O. 12333”) IC entities, which OIA is, are permitted to collect information on “United States persons” only if the organization has promulgated guidelines for doing so and had them reviewed and approved by the Attorney General.11 Dr. Edwards questioned whether OIA had signed guidelines. Counsel for OIA hostilely, in Dr. Edwards’ estimation, disagreed with her interpretation of EO 12333. She believed he deliberately denigrated her during the meeting in front of the other participants in an attempt to bully her into agreeing with his position. She did not acquiesce.

11Executive Order 12333 provides in pertinent part as follows. “2:3 Collection of Information. Agencies within the Intelligence Community are authorized to collect, retain or disseminate information concerning United States persons only in accordance with procedures established by the head of the agency concerned and approved by the Attorney General, consistent with the authorities provided in Part 1 of this Order.”

After she had shared these concerns with Congress, she believed that Jacob Lew had knowingly lied to Congress about whether there were whistleblowers at Treasury.

On September 22, 2016, Treasury Secretary Jacob Lew testified before the House Financial Services Committee. https://www.c-span.org/video/?415661- 1/secretary-jack-lew-testifies-financial-stability-report&start=9046. Representative Fitzpatrick specifically asked him whether the proposed realignment was consistent with the existing budget, the issue Dr. Edwards had been raising. He also the Secretary whether there were any whistleblowers at Treasury. Representatives Jeb Hensarling and Sean Duffy later sent a follow-up congressional letter to Secretary Lew, expressing concern that the proposed “changes may violate appropriations requirements, civil service rules, and constraints on gathering and use of financial intelligence data.” They also noted that it was “troubling that Treasury is moving forward with the proposed reallocation with the intention to complete the process before a new Administration takes over in January 2017 and despite bipartisan requests to process at a more deliberate pace.” Id.

Something else of significance happened during the hearing. In response to a question from Representative Fitzpatrick, Secretary Lew stated that he was unaware of any whistleblowers in the Treasury Department. Dr. Edwards was taken aback and concerned. She was a whistleblower, a fact well known to Treasury OIG.

In the wake of that hearing, she believed that her clearance was pulled, briefly, as retaliation.

On September 27, 2016, a week after the contentious OIA-FinCEN meeting, someone at OIA ordered that Dr. Edward’s SCI (Sensitive Compartmentalized Information) clearance and her access to the SCIF (Sensitive Compartmentalized Information Facility) be revoked. Dr. Edwards questioned the basis for the action. Her clearance was reinstated the following day. Email of September 28, 2016, from May Edwards to Elizabeth Ortiz, attached hereto as Exhibit XX

She submitted two whistleblower complaints — to Treasury IG and to OSC. The latter found that she had engaged in protected activity (meaning that she had been a whistleblower), but ruled against her claims of retaliation on narrow grounds.

By letter dated May 21, 2018, OSC informed Dr. Edwards that they were closing her file. OSC concluded that Dr. Edwards’ reports to her “leadership, OIG, Congress and OSC all likely constitute ‘protected activity’ or whistleblowing under the law.” May 21, 2018, letter from OSC to Dr. Edwards, attached hereto as Exhibit HHH at 4. Further, Dr. Edwards could establish that her “management knew about [her] whistleblowing regarding, at a minimum, the issues [she] raised directly to them.” However, OSC made several findings that it concluded were fatal to Dr. Edwards’ claim that she had been retaliated against as a whistleblower. OSC could not find that there was a substantial likelihood that Treasury Secretary Lew knew of Dr. Edwards’ allegations when he testified before Congress that there were no whistleblowers in Treasury. Id. at 3. The email that outlined OMB’s direction to Treasury on communicating with Congress about the FinCEN/TSI realignment was not improper because it appeared to be directing Treasury officials not to discuss the issue in their official capacities as opposed to directing them in their individual capacities on their rights to report suspected wrongdoing to Congress

A Treasury IG Report ruled against her based on an alternative explanation provided for why the PKI of FinCEN employees had been pulled.

While finding that the problem with the IC PKI certificates was solely the result of inadvertence, the author of the audit did note that “the present working relationship between OIA and FinCEN related to the IC PKI process is strained.” Id. at 3. The two Treasury components had a “fundamental disagreement” about FinCEN’s need for access to the IC PKIs and more broadly about FinCEN’s autonomy.

She even explains how — after she started working with Jason Leopold — Ron Wyden complained that FinCEN was withholding information on Russian interference and its ties with Donald Trump.

In addition to her concern about OIA’s handling of realignment and the PKIs issue, Dr. Edwards grew to question whether FinCEN was providing complete information in response to Congressional requests for information. She was not alone in that belief. On May 10, 2017, Senator Ron Wyden made a floor statement placing a hold on the nomination of Sigal Mandelker for the position of Under Secretary of TFI. His office issued a statement explaining the Senator’s reasoning:

Senator Ron Wyden, D-Ore., today placed a hold on the nomination of Sigal Mandelker to be Under Secretary of the Treasury for Terrorism and Financial Intelligence. Wyden said he will maintain that hold until the Treasury Department provides the Senate Intelligence Committee and Senate Finance Committee information and documents related to Russia and its financial dealings with President Trump and his associates.

On Tuesday, May 9, Senate Intelligence Committee Vice Chairman Mark Warner announced that the Committee had made a request to the Treasury Department’s Financial Crimes Enforcement Network (FinCEN). https://www.wyden.senate.gov/news/press-releases/wyden-announces-hold-ontreasury-nominee-until-administration-produces-documents-on-russian-dealingswith-trump-associates. On September 22, 2017, Senator Wyden put a hold on another Treasury Assistant Secretary nominee, Isabelle Patelunas, again because of Treasury’s “refusal to provide documents related to Russia.” https:// www.wyden.senate.gov/news/press-releases/wyden-announces-hold-ontreasury-nominee-over-agencys-refusal-to-provide-documents-related-to-russia.

It’s in that context that — she described — she started working with Leopold to get Congress to return its attention to misconduct at Treasury.

When Congress’ attention to the issues May believed vitally affected the security of this country flagged, she began communicating with Jason Leopold, a reporter with the online publication BuzzFeed News. He told her that he shared her concern for national security. He assured her that the only way to revive Congressional interest was through media attention. He promised to – and did – introduce her to additional Congressional staffers. At his encouragement, she provided him with Suspicious Activity Reports (“SARs”) and other internal Treasury Department documents. He wrote articles that disclosed that information. She was arrested. He was not.

[snip]

Although Congress by then had done little to curb Treasury’s behavior, Dr. Edwards continued to believe that the only way to ensure that those responsible for the improper behavior were held accountable was through Congress. Leopold encouraged this belief: By writing articles, he could get the proper attention for the issues she believed were of vital importance to national security. This was a theme he returned to more than once when he sought information from Dr. Edwards: He could use what she gave him to write stories that would force Congress to investigate her allegations. (September 27, 2017: “We do need to keep momentum going so this story is crucial.” October 16, 2017: “We are going for the next story – keep momentum going with 12333.” January 11, 2018: “Listen, I am going to make a case that we need to leak something and report it. I am going to reach out to some of your colleagues. But this is getting ridiculous and I need to get their attention…By their attention I mean Congress).

Importantly, given the way she was charged (with a conspiracy to leak these SARs, with Leopold identified as a co-conspirator would be) she describes how hard Leopold worked to champion her efforts in Congress.

Throughout 2017 and 2018, Leopold told Dr. Edwards in their WhatsApp conversations that he was committed to her cause of uncovering and remedying corruption in the Treasury Department. He told her at times that he was acting on behalf of Congressional staff members in seeking information from her. He sought to arrange meetings for Dr. Edwards with members of Congress or their staff. Such meetings did take place. Leopold attended meetings with Dr. Edwards. Staffers encouraged Dr. Edwards to provide information they sought about the inner workings of the Treasury Department, including whether the requirements of the Bank Secrecy Act were being enforced by financial institutions as required to assist U.S. government agencies.

Remember: Before the global SARs reporting effort came out, Treasury issued a statement that can only be viewed as an attempt at prior restraint, a threat against Leopold.

Edwards’ sentencing memorandum says that the Probation office recommended two years of probation.

Dr. Sours Edwards faces no mandatory minimum term of incarceration. As discussed above, the relevant range under the United States Sentencing Guidelines, both as stipulated in the plea agreement and as determined by United States Probation, is zero to six months. PSR at ¶4, p. 28. Probation has recommended that the Court sentence Dr. Sours Edwards to a two-year term of Probation.

It is unclear whether this will work — whether Edwards will get probation. It is equally unclear whether Leopold’s laudable efforts to double down on his reporting, to raise global attention to the issue, will bring about reform at banks or in the US.

But this is what every other leaker I’ve covered has tried to do, far less persuasively: an attempt to make a public interest defense for leaking to a journalist.

image_print