The Government Prepares to Argue that Transmitting Information *To* WikiLeaks Makes the Vault 7 Leak Different

In a long motion in limine yesterday, the government suggested that if Joshua Schulte had just been given a “prestigious desk with a window,” he might not have leaked all of CIA’s hacking tools in retaliation and caused what the government calls “catastrophic” damage to national security.

Schulte grew angrier at what he perceived was his management’s indifference to his claim that Employee-1 had threatened him. Schulte also began to complain about what, according to him, amounted to favoritism toward Employee-1, claiming, for example, that while the investigation was ongoing, Schulte was moved to an “intern desk,” while Employee-1 had been moved to a “prestigious desk with a window.”

[snip]

The Leaks are the largest illegal disclosure of CIA information in the agency’s history and, as noted above, caused catastrophic damage to national security.

Along the way, the motion provides the most detailed description to date about how the government believes Schulte stole the Vault 7 files from CIA. It portrays him as an arrogant racist at the beginning of this process, and describes how he got increasingly belligerent with this colleagues at CIA leading up to his alleged theft of the CIA’s hacking files, leading his supervisors to recognize the threat he might pose, only to bollox up their efforts to restrict his access to CIA’s servers.

The motion, along with several other submitted yesterday, suggests that the government would like to argue that leaking to WikiLeaks heightens the damage that might be expected to the United States.

Along with laying out that it intends to argue that the CIA charges (stealing the files and leaking them to WikiLeaks) are intertwined with the MCC charges (conducting “information war” against the government from a jail cell in the Metropolitan Correction Center; I explained why the government wants to do so here), the government makes the case that cybersecurity expert Paul Rosenzweig should testify as a witness about WikiLeaks.

Rosenzweig will testify about (i) WikiLeaks’s history, technical and organizational structure, goals, and objectives; (ii) in general terms, prior leaks through WikiLeaks, in order to explain WikiLeaks’s typical practices with regard to receiving leaked classified information, its practices or lack thereof regarding the review and redaction of sensitive information contained in classified leaks, and certain well-publicized harms to the United States that have occurred as a result of disclosures by WikiLeaks; and (iii) certain public statements by WikiLeaks regarding the Classified Information at issue in this case.

Rosenzweig’s testimony would come in addition to that of classification experts (probably for both sides) and forensic experts (again, for both sides; Steve Bellovin is Schulte’s expert).

The expert witnesses were allowed to testify as to the background of the organization Wikileaks; how the U.S. Government uses certain markings and designations to identify information that requires special protection in the interests of national security; the meaning of certain computer commands and what they would do; how various computers, servers, and networks work; how data is stored and transferred by various computer programs and commands; and the examination of data that is stored on computers and other electronics.

The only motion in limine Schulte submitted yesterday objected to Rosenzweig’s testimony. Schulte argues that the government’s expert notice neither provides sufficient explanation about Rosenzweig’s intended testimony nor proves he’s an expert on WikiLeaks. More interesting is Schulte’s  argument that Rosenzweig’s testimony would be prejudicial. It insinuates that Rosenzweig’s testimony would serve to substitute for a lack of proof about how Schulte sent the CIA files to WikiLeaks (Schulte is alleged to have used Tor and Tails to transmit the files, which would leave no forensic trace).

In Mr. Schulte’s case, the government has no reliable evidence of how much information was taken from the CIA, how it was taken, or when it was provided to WikiLeaks. The government cannot overcome a lack of relevant evidence by introducing evidence from other cases about how much information was leaked or how information was leaked in unrelated contexts. The practices of WikiLeaks in other contexts and any testimony about alleged damage from other entirely unrelated leaks is completely irrelevant.

Schulte’s claimed lack of evidence regarding transfer notwithstanding, that’s not how the government says they want to use Rosenzweig’s testimony. They say they want to use his testimony to help prove that Schulte intended to injure the US.

The Government is entitled to argue that Schulte intended to harm the United States, by transmitting the stolen information to WikiLeaks, because he knew or had reason to know what WikiLeaks would do with the information. The fact that WikiLeaks’ prior conduct has harmed the United States and has been widely publicized is powerful evidence that Schulte intended or had reason to believe that “injury [to] the United States” was the likely result of his actions—particularly given that the Government will introduce evidence that demonstrates Schulte’s knowledge of earlier WikiLeaks disclosures, including his own statements.

It does so by invoking WikiLeaks’ past leaks and the damage those leaks have done.

Accordingly, proof that it was foreseeable to Schulte that disclosure of classified information to WikiLeaks could cause “injury [to] the United States” is a critical element in this case. Indeed, the Senate Select Committee on Intelligence has explicitly stated “that WikiLeaks and its senior leadership resemble a non-state hostile intelligence service.” S. Rep. 115-151 p. 10. In order to evaluate evidence related to this topic, the jury will need to understand what WikiLeaks is, how it operates, and the fact that WikiLeaks’ previous disclosures have caused injury to the United States. The Government is entitled to argue that Schulte intended to harm the United States, by transmitting the stolen information to WikiLeaks, because he knew or had reason to know what WikiLeaks would do with the information.

Notably, the government motion invokes the Senate’s recognition that WikiLeaks resembles “a non-state hostile intelligence service.” That may well backfire in spectacular fashion. That statement didn’t come until over a year after Schulte is alleged to have stolen the files. And the statement was a follow-up to Mike Pompeo’s similar claim, which was a direct response to Schulte’s leak. If I were Schulte, I’d be preparing a subpoena to call Pompeo to testify about why, after the date when Schulte allegedly stole the CIA files, on July 24, 2016, he was still hailing the purported value of WikiLeaks’ releases.

The thing is, showing that the specific nature of the intended recipient of a leak is an element of the offense has never been required in Espionage leak cases before. Indeed, the government’s proposed jury instructions are based off the instruction in the Jeffrey Sterling case. While the government flirted with naming James Risen an unindicted co-conspirator in that case, they did not make any case that leaking to Risen posed unique harm.

Moreover, even before getting into Schulte’s statements about WikiLeaks (most of which have not yet been made public, as far as I’m aware), by arguing the CIA and MCC charges together, the government will have significant evidence not just about Schulte’s understanding of WikiLeaks, but his belief and that they would lie to harm the US. The government also has evidence that Schulte knew that WikiLeaks’ pretense to minimizing harm with the Vault 7 files was false, and that instead WikiLeaks did selective harm in its releases, though it doesn’t want to introduce that evidence at trial.

In other words, this seems unnecessary, superfluous to what the government has done in past Espionage cases, and a dangerous precedent (particularly given the way the government suggested that leaking to The Intercept was especially suspect in the Terry Albury and Reality Winner cases).

That’s effectively what Schulte argues: that the government is trying to argue that leaking to WikiLeaks is particularly harmful, and that if such testimony goes in, it would be forced to call its own witnesses to testify about how past WikiLeaks releases have shown government malfeasance.

This testimony could also suggest that the mere fact that information was released by WikiLeaks necessarily means that it was intended to—and did—cause harm to the United States. These are not valid evidentiary objectives. Instead, this type of testimony would create confusion and force a trial within a trial on the morality of WikiLeaks and the extent of damage caused by prior leaks. If the government is allowed to introduce this evidence, the defense will necessarily have to respond with testimony about how WikiLeaks is a non-profit news organization, that it has previously released information from government whistle-blowers that was vital to the public understanding of government malfeasance, and that any assertion of damages in the press is not reliable evidence.

The government, in a show of reasonableness, anticipates Schulte’s argument about the prejudice this will cause by stating that it will limit its discussion of prior WikiLeaks releases to a select few.

The Government recognizes the need to avoid undue prejudice, and will therefore limit Mr. Rosenzweig’s testimony to prior WikiLeaks leaks that have a direct relationship with particular aspects of the conduct relevant to this case, for example by linking specific harms caused by WikiLeaks in the past to Schulte’s own statements of his intent to cause similar harms to the United States or conduct. Those leaks include (i) the 2010 disclosure of documents provided to WikiLeaks illegally by Chelsea Manning; (ii) the 2010 disclosure of U.S. diplomatic cables; (iii) the 2012 disclosure of files stolen from the intelligence firm Stratfor; and (iv) the 2016 disclosure of emails stolen from a server operated by the Democratic National Committee.

The selected cases are notable, as all of them (with Manning’s leaks seemingly listed twice) involve cases the government either certainly (with the EDVA grand jury seeking Manning and Jeremy Hammond’s testimony) or likely (with ongoing investigations into Roger Stone) currently has ongoing investigations into.

As a reminder: absent an unforeseen delay, this trial will start January 13, 2020 and presumably finish in the weeks leading up to the beginning of Julian Assange’s formal extradition process on February 25. The government has maintained it can add charges up until that point, and US prosecutors told British courts it won’t provide the evidence against Assange until two months before the hearing (so around Christmas).

Schulte’s trial, then, appears to be the opening act for that extradition, an opening act that will undermine the claims WikiLeaks supporters have been making about the journalistic integrity of the organization in an attempt to block Assange’s extradition. Rosenzweig’s testimony seems designed, in part, to heighten that effect.

Which may be why this instruction appears among the government’s proposed instructions.

Some of the people who may have been involved in the events leading to this trial are not on trial. This does not matter. There is no requirement that everyone involved in a crime be charged and prosecuted, or tried together, in the same proceeding.

You may not draw any inference, favorable or unfavorable, towards the Government or the defendant from the fact that certain persons, other than the defendant, were not named as defendants in the Indictment. Do not speculate as to the reasons why other persons were not named. Those matters are wholly outside your concern and have no bearing on your function as jurors.

Whether a person should be named as a co-conspirator, or indicted as a defendant in this case or another separate case, is a matter within the sole discretion of the United States Attorney and the Grand Jury.

As noted, a number of different WikiLeaks supporters have admitted to me that they’re grateful Assange has not (yet) been charged in conjunction with the Vault 7 case, because even before you get to his attempt to extort a pardon with the files, there’s little journalistic justification for what it did, and even more reason to criticize WikiLeaks’ actions as the case against Schulte proceeded.

Yet the obscure proceedings before the EDVA grand jury suggests the government may be pursuing a conspiracy case that starts in 2010 and continues through the Vault 7 releases, with the same variety of Espionage and CFAA charges continuing through that period.

By arguing the CIA and MCC charges in tandem, the government can pretty compellingly make the case that WikiLeaks’ activities went well beyond journalism in this case. But it seems to want to use Rosenzweig’s testimony to make the case more broadly.

DOJ Holds Big Presser to Make It Clear It Will Use Title III Wiretaps to Prosecute Leaks

John Demers, the Assistant Attorney General who did not think Donald Trump’s extortion by using congressionally appropriated security funding to pressure Ukraine into providing him with campaign propaganda merited an investigation, just had a big press conference to announce the arrest of Henry Kyle Frese, a DIA counterterrorism analyst accused of leaking information about a specific country’s weapons systems to two journalists who work at related media outlets (NBC is one outlet that would fit the presumed arrangement, but there are surely others; Update–it appears this is one of the stories). It sounds like a journalist Freese lived with asked him first to help a more senior journalist from the related outlet, then published a story herself, based off the allegedly leaked materials.

The leak doesn’t sound all that serious, in the grand scheme of things.

What was serious is the warning this press conference was meant to send to journalists. Demers bragged about the sentence imposed on Reality Winner, and boasted of the 6 people the Trump DOJ has prosecuted for leaks. He raised the Jeff Sessions’ speech announcing DOJ would target leaks.

When asked if DOJ was considering prosecuting the two journalists, the speakers on the press conference deferred, as they did about any ongoing investigation. That is, they may well be intending to do so.

Perhaps one of the bigger pieces of news about this arrest is not that DOJ arrested an analyst trying to do a favor for his girlfriend. Rather, it’s that DOJ decided to use a Title III wiretap to intercept Freese’s calls to the journalists, something that would be more proportional to the mob, not journalists.

But that’s where the national security priorities of Trump’s DOJ are. Not investigating him, or at least his personal lawyer, for schemes that obviously make our country less safe. But instead to use wiretaps to go after journalism.

Government Confirms that WikiLeaks Didn’t Release All the Vault 7 Files

Accused Vault 7 hacker Joshua Schulte’s lawyers seem really intent on preventing the government from using evidence obtained while he was using a contraband phone at MCC in his trial for the main leak of CIA’s hacking tools to WikiLeaks.

They’ve already challenged warrants obtained using evidence found in notebooks marked as attorney-client privileged information but then released after a wall team review; in my NAL opinion, that challenge is the most likely of any of his motions to succeed. Last week, they also moved to sever the two MCC charges from the main Espionage ones (they’ve already severed the child porn and copyright violation charges from the Espionage ones), explaining that two of his attorneys, including his lead attorney Sabrina Shroff, would testify to something about discussions from May and June 2018 that would address his state of mind when he leaked and tried to leak CIA materials later in 2018.

To defend against the government’s allegations, Mr. Schulte would call two of his attorneys—Matthew B. Larsen and Sabrina P. Shroff—to present favorable testimony bearing on his state of mind.

This pertains, in some way, to the government’s claim that Schulte wrote classified information in his prison notebooks as part of a plan to leak it.

The government has indicated that its evidence on the MCC Counts will include portions of notebooks seized from Mr. Schulte’s cell, in which he allegedly documented his plans to transmit classified information.

[snip]

Defense counsel expects that at trial, the government will seek to introduce excerpts of Mr. Schulte’s writings in his notebooks as evidence of his specific intent to violate the law.

If they succeed at severing count four from the main Espionage charges, it might make it harder to link what Schulte was doing in jail with what he was allegedly doing over two years earlier. As I noted when Schulte’s team first challenged the MCC warrants, it’s clear why they’re doing this: the MCC evidence indicates he had an ongoing relationship with WikiLeaks.

The FBI investigation proceeded from those notebooks to the WordPress site showing him claiming something identical to disinformation he was packaging up to share with WikiLeaks. They also got from those notebooks to ProtonMail accounts where Schulte offered to share what may or may not be classified information with a journalist. The reason why the defense is pushing to suppress this — one of the only challenges they’re making in his prosecution thus far — is because the stuff Schulte did in prison is utterly damning and seems to confirm both his familiarity with WikiLeaks and his belief that he needed to create disinformation to claim to be innocent.

The government, in a fairly scathing response to Schulte’s motion to sever the trials, confirms that it believes the MCC charges include evidence that help support the main charges on leaking the files to WikiLeaks (what the government calls CIA counts). The government had a “reverse proffer” on December 18, 2018 and laid out all the evidence against Schulte, including pointing out that (as I described) the material seized from MCC helped prove the CIA charges.

About six weeks later, on December 18, 2018, the Government met with defense counsel (the “Reverse Attorney Proffer”). At this meeting, the Government described for defense counsel the theory of the Government’s case with respect to the charges in the Second Superseding Indictment, and answered defense counsel’s questions about the charged counts, including the new counts. The Government also explicitly noted during the Reverse Attorney Proffer that it believed that the material recovered pursuant to the MCC Warrants was relevant evidence with respect to not only the MCC Counts, but also the CIA Counts.

Having laid out the interconnectedness of these charges, the government then explains at some length why having different attorneys defend Schulte in the CIA and MCC counts would cause delays in both, because replacement counsel would need to familiarize themselves with both sets of charges. Now, as I noted, there’s unclassified information that Schulte clearly shared with WikiLeaks both before and while he was in jail. But right there in the middle of this passage is the revelation that Schulte identified classified information in his prison notebooks that he shared with WikiLeaks but that WikiLeaks has not yet published.

Regardless, Schulte’s proposal—further severed trials and new counsel for the MCC Counts—would neither prevent trial delay nor resolve the ethical issue. Rather, it is likely to exacerbate both. First, appointing new counsel on the MCC Counts is likely to cause, rather than prevent, further trial delay and would complicate Schulte’s defense across all counts. Because of the interconnectedness of the MCC Counts and the CIA Counts, as well as the child pornography and copyright counts, new counsel would need to become familiar with the evidence as to all counts in order to appropriately advise and defend Schulte. Indeed, new counsel might determine that the best course with respect to the MCC Counts would be to seek to negotiate a plea that resolves those charges along with some combination of the CIA Counts, child pornography counts, and/or copyright count. Those negotiations could not occur until new counsel was fully familiar with all aspects of the case. This would take a substantial amount of time given that new counsel would have to be cleared and that a substantial portion of the evidence is classified and, thus, must be reviewed in sensitive compartmented information facilities. Moreover, even after new counsel became familiar with the case, it is possible that new counsel might have different views than current counsel concerning a variety of trial strategy decisions, including, among others, the desirability of Schulte testifying, which could impact one or all of the severed trials and would need to be coordinated among all of Schulte’s attorneys. As a result, trial on the CIA Counts could not proceed until new counsel for the MCC Counts was familiar with the entire case. In short, the appointment of new counsel would likely further complicate this case and lead to substantial delays.

Second, severing the CIA Counts from the MCC Counts also would not resolve the purported ethical issue. Even if the trials were severed, evidence of Schulte’s prison conduct, including the Schulte Cell Documents, would still be admissible at the trial addressing the CIA Counts as both direct evidence and Rule 404(b) evidence of those crimes. For example, in the Schulte Cell Documents, Schulte specifically identifies certain classified information that was provided to WikiLeaks but which WikiLeaks has not yet published, which is direct evidence that Schulte transmitted classified information to WikiLeaks as charged in the WikiLeaks Counts. Similarly, Schulte’s prison conduct is also admissible as to the WikiLeaks Counts for a variety of Rule 404(b) purposes including to show, among other things, consciousness of guilt, motive, opportunity, intent, absence of mistake, and modus operandi.5

5 Similarly, during a trial addressing the MCC Counts, the Government would introduce evidence relating to the CIA Counts as direct evidence to complete the story of the crime and, in the alternative, as Rule 404(b) evidence. For example, evidence related to the CIA Counts would establish Schulte’s motive for committing and ability to commit the MCC Counts, as well as his knowledge that the information he unlawfully transmitted was classified national defense information. As a result, even a trial on the MCC Counts would entail introduction of much of the evidence from the Espionage Trial. [my emphasis]

The government doesn’t say whether it knows that WikiLeaks received this information because it found it after seizing Julian Assange’s computers or some other way.

The detail that Schulte referred to information that the government apparently knows WikiLeaks received — but that WikiLeaks has never published — is interesting for an entirely different reason.

On top of asking to sever two more charges, Schulte is also asking for a delay in trial, from November to January. The government says it’s cool with that delay, so long as there won’t be any further delay.

The Government understands that the defendant is seeking to adjourn the Espionage Trial until January 13, 2020. Although the Government is prepared to start trial as scheduled on November 4, 2019, the Government does not oppose the defendant’s adjournment request with the understanding that the defendant will not seek another adjournment of the Espionage Trial absent exceptional and unforeseen circumstances[.]

This story on Jeremy Hammond’s subpoena in EDVA clarifies something about which there has been a great deal of confusion. The US can still add charges against Julian Assange at least until his extradition hearing, which starts on February 25.

Nick Vamos, former head of extradition at the Crown Prosecution Service in England, said the treaty between the two countries still allows for the U.S. to add charges to the Assange case, but that will become more difficult and problematic for the American prosecutors as they get closer to the scheduled extradition hearing in February.

The discussion today has focused on the Stratfor hacks that Hammond is serving time for. Because the five year statute of limitations for CFAA would normally have tolled by now, they are likely pursuing some kind of conspiracy charges, for a conspiracy that continued past 2012.

But given the seeming cooperation while Schulte was in jail and the knowledge that WikiLeaks sat on — or used — one of the other files provided by Schulte, if the government is planning on more conspiracy charges, chances are good that Vault 7 will eventually be included in them.

Joshua Schulte Keeps Digging: His Defensible Legal Defense Continues to Make a Public Case He’s Guilty

To defend him against charges of leaking the CIA’s hacking tools to WikiLeaks, Sabrina Shroff has made it clear that Joshua Schulte is the author of the CIA’s lies about its own hacking.

In a motion to suppress all the earliest warrants against Schulte submitted yesterday, Shroff makes an unintentionally ironic argument. In general, Shroff (unpersuasively) argues some things the government admitted in a Brady letter sent last September are evidence of recklessness on the part of the affiant on those earliest warrants, FBI Agent Jeff Donaldson. She includes most of the items corrected in the Brady letter, including an assertion Donaldson made, on March 13, 2017, that Schulte’s name did not appear among those published by WikiLeaks: “The username used by the defendant was published by WikiLeaks,” the prosecutors corrected the record in September 2018. To support a claim of recklessness, Schroff asserted in the motion that someone would just have to search on that username on the WikiLeaks site to disprove the initial claim.

Finally, the Brady letter explained that a key aspect of the affidavit’s narrative—that Mr. Schulte was the likely culprit because WikiLeaks suspiciously did not publicly disclose his identity—was false. Mr. Schulte’s identity (specifically, his computer username “SchulJo”) was mentioned numerous times by WikiLeaks, as a simple word-search of the WikiLeaks publication would have shown. See Shroff Decl. Exh. F at 7

If you do that search on his username — SchulJo — it only readily shows up in one file, the Marble Framework source code.

That file was not released until March 31, 2017. So the claim that Schulte’s name did not appear in the WikiLeaks releases was correct when Donaldson made it on March 13. That claim — like most of the ones in the Brady letter — reflect the incomplete knowledge of an ongoing investigation, not recklessness or incompetence (Schulte has written elsewhere that he believed the FBI acted rashly to prevent him from traveling to Mexico, which given other details of this case — including that he hadn’t returned his CIA diplomatic passport and snuck it out of his apartment when the FBI searched his place, they were right to do).

By sending her reader to discover that Schulte’s name appears as the author of the Marble Framework, she makes his “signature” that of obfuscation — hiding who actually did a hack.

Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.

Marble does this by hiding (“obfuscating”) text fragments used in CIA malware from visual inspection.

[snip]

The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, — but there are other possibilities, such as hiding fake error messages.

Marble was one of the files WikiLeaks — and DNC hack denialists — would point to to suggest that CIA had done hacks (including the DNC one) and then blamed them on Russia. In other words, in her attempt (again, it is unpersuasive) to claim that FBI’s initial suspicions did not reach probable cause, she identifies Schulte publicly not just with obfuscation about a breach’s true culprits, but with the way in which the Vault 7 leak — ostensibly done out of a whistleblower’s concern for CIA’s proliferation of weapons — instead has served as one prong of the propaganda covering Russia’s role in the election year hack.

That’s just an ironic effect of Shroff’s argument, not one of the details in yesterday’s releases that — while they may legally serve to undermine parts of the case against her client — nevertheless add to the public evidence that he’s not only very likely indeed the Vault 7 culprit, but not a terribly sympathetic one at that.

Back when FBI first got a warrant on Schulte on March 13, 2017, they had — based on whatever advanced notice they got from Julian Assange’s efforts to use the files to extort a pardon from the US government and the week of time since WikiLeaks had released the first and to that date only set of files on March 7 — developed a theory that he was the culprit. The government still maintains these core details of that theory to be true (this Bill of Particulars Schulte’s team released yesterday gives a summary of the government’s theory of the case as of April 29):

  • The files shared with WikiLeaks likely came from the server backing up the CIA’s hacking tools, given that the files included multiple versions, by date, of the files WikiLeaks released
  • Not that many people had access to that server
  • Schulte did have access
  • Not only had Schulte left the CIA in a huff six months before the WikiLeaks release — the only  person known to have had access to the backup server at the time who had since left — but he had been caught during the period the files were likely stolen restoring his own administrator privileges to part of the server after they had been removed

But, after it conducted further investigation and WikiLeaks published more stolen files, the government came to understand that several other things that incriminated Schulte were not true.

[T]he government appears to have abandoned the central themes of the March 13 affidavit: namely, that the CIA information was likely stolen on March 7–8, 2016, that Mr. Schulte was essentially “one of only three people” across the entire CIA who could have taken it, and that WikiLeaks’s supposed effort to conceal his identity was telltale evidence of his culpability

There’s no indication, however, that Donaldson was wrong to believe what he did when he first obtained the affidavit; Shroff claims recklessness, but never deals with the fact that the FBI obtained new evidence. Moreover, for two of the allegations that the government later corrected — the date the files were stolen and the number of people who had access to the server, Donaldson admitted those were preliminary conclusions in his initial affidavit (which Shroff doesn’t acknowledge):

It is of course possible that the Classified Information was copied later than March 8, 2016, even though the creation/modification dates associated with it appear to end on March 7, 2016.

[snip]

Because the most recent timestamp on the Classified Information reflects a date of March 7, 2016, preliminary analysis indicates that the Classified Information was likely copied between the end of the day on March 7 and the end of the day on March 8.

[snip]

It is, of course, possible that an employee who was not a designated Systems Administrator could find a way to gain access to the Back-Up Server. For example, such an employee could steal and use–without legitimate authorization–the username and password of a designated Systems Administrator. Or an employee lacking Systems Administrator access could, at least theoretically, gain access to the Back-Up Server by finding a “back- door” into the Back-Up Server.

Between the two corrections, the revised information increases the number of possible suspects from two to five, out of 200 people who would have regular access to the files. A footnote to a later affidavit (PDF 138) describes that on April 5, 2017, FBI received information that suggested the number might be higher or lower. (I suspect Schulte argued in a classified filing submitted yesterday that even more people could have accessed it, not least because he has been arguing that in his various writings posted to dockets and other things,)

But, even though the Brady letter corrects the dates on which Schulte reinstated his administrator privileges for the Back-Up server slightly (he restored his own access on April 11, not April 14, which is when his managers discovered he had done so), Shroff only addresses his loss of privileges as innocent, without addressing that he got that access back on his own improperly.

More importantly, the motion doesn’t address, at all, that Schulte kicked everyone else off one of his programs, the Brutal Kangaroo tool used to hack air gapped networks using thumb drives. Nor does it address allegations against Schulte made in August 2016 as part of his clearance review, including that his demeanor changed for the worse around February 2016, he might be “subject to outside coercion,” and he tended not to abide by “guidelines concerning when and what kinds of media or data (such as external drives) could be connected or uploaded to CIA computer systems.” There are other details in the affidavit — such as Schulte’s attempt to learn what his former colleagues knew of the investigation — that support probable cause too (these may be among the things Shroff addresses in a classified filing).

That is, the probable cause that Schulte was the culprit was pretty strong even with the errors in the original affidavit, and none of the errors suggests malice or incompetence or even the recklessness Shroff alleges.

Shroff is right that the March 13 affidavit doesn’t offer as much probable cause to tie Schulte’s home to the crime; but that’s the magistrate’s fault and fairly standard for computer crimes, not the FBI’s. Shroff obscures the effect of FBI obtaining a second warrant to actually search the 150 storage media and computer devices they found in his home (a list of what they seized starts on PDF 116), as well as a second warrant to obtain child porn.

It is also true, as the defense argues, that the evidence to search for child porn was thin. But given that the government had a warrant to search the computer in question, and given precedents about child porn, that may not matter (though I think it is more likely to succeed than the rest of this). In any case, by the time of the main searches on child porn, three different magistrates had signed off on these searches.

This is a totally understandable attempt to get some of this evidence suppressed. But along the way the affidavits released yesterday provide a slew of damaging new details such as:

  • Schulte conducted a ton of searches on Google in April 2016 about detecting USB insertion, copying big files, deleting files, preventing other admins from seeing what someone was doing on a LAN
  • Schulte made a snapshot of (part of?) the LAN on April 20, 2016
  • In early May, Schulte researched how to use Tor and Tails, which the government alleges he used to send the files
  • On August 4, 2016 — the day after Snowden sent this tweet — Schulte did a Google search for WikiLeaks for the first time ever (note, I believe the Snowden tweet may have been preparation for the misleading IG report on him released the following month)

  • Between then and March 7, Schulte searched on WikiLeaks over 20 more times, reading hundreds of articles on it; but he didn’t visit WikiLeaks for the first time until March 7, 2017, the first day the files posted; he also searched for that Snowden tweet

In short, just Schulte’s Google searches alone provide very strong evidence that he’s the Vault 7 leaker. Which explains why his attorneys are making what will probably be an unsuccessful attempt to claim the Google searches were overly broad and lacked probable cause (something Schulte wrote elsewhere seems to reflect that he has been told this will be treated under a Good Faith exception).

Schulte has been trying to disclose all these materials for over a year. But they really don’t help his case.

On Joshua Schulte and Julian Assange’s 10 Year Old Charges

The WaPo has confirmed what Natasha Bertrand earlier reported: the extradition package for Julian Assange will only include the 10 year old charges related to the publication of Chelsea Manning’s leaks, not any of WikiLeaks more controversially handled charges. I’ve been meaning to write a post on how this is the stupidest available approach, which will satisfy neither those who regard him as a villain, will expose other journalists to similarly dangerous charges, and possibly even fuck up the security establishment’s entire effort to exact some revenge against Assange. I hope to return to that when I get some deadlines and travel done, but suffice it to say this is a big hot mess.

To be clear, I actually think it’s not eleven-dimensional chess on the part of Bill Barr to save Trump some embarrassment once Roger Stone’s trial reveals the extent to which Trump’s campaign tried to “collude” with WikiLeaks (though it will not only have that effect, but make it harder for DNC to sustain its lawsuit against the GOP and WikiLeaks for their actions in the 2016 election). Rather, I think this is an attempt to prosecute Assange with the least cost on the security establishment, being run by people who are utterly tone deaf to the costs it will incur elsewhere.

But I do want to say several things about why and how DOJ is not charging Assange in the Vault 7 leak.

Bertrand noted that I thought that the EDVA charges would be related to Vault 7.

Still, just several months ago, numerous experts felt confident that prosecutors would also hit Assange with charges over Vault 7. Prominent national security journalist Marcy Wheeler predicted in Februarythat DOJ would “very clearly go after Assange” for the Vault 7 disclosure, and that a sealed indictment against him in the Eastern District of Virginia was likely related to that leak — the CIA is, after all, headquartered in Virginia, as ABC noted. Assange himselfreportedly expressed concern that prosecutors would charge him with crimes related to Vault 7.

She didn’t provide even the full context of my tweet, much less my post, arguing that Assange’s efforts to extort a pardon using the Vault 7 files would be something obviously unconnected to journalism. The superseding indictment does mention Assange’s use of “insurance files” to ensure his ability to publish documents in his possession, but no charges were attached to that, which later uses of the tactic and the Vault 7 pardon effort would have supported.

Which is to say the government could have charged Assange for something specifically excluded from Bartnicki’s protection of the publication of stolen materials, but did not. Again, the government has chosen to go about this in the stupidest way possible.

That said, I’m not surprised they’re not going after Assange for the Vault 7 leak itself.

As it is, the CIA has been inexcusably uncooperative with Joshua Schulte’s discovery efforts. At times. some pretty aggressive prosecutors have seemed almost apologetic about it. Schulte has staked a lot on trying to expose details of his initial warrants, and while his later behavior seems to suggest there was something to their targeting of him (or, at the very least, his post-indictment behavior has been self-destructive), at the very least the CIA may have participated in some epically bad parallel construction. They may be trying to hide that as much as the actual details of CIA’s hacking program.

Meanwhile, the government and Schulte have been discussing severing his charges from last year — which include one charge of contempt and a charge of attempted leak of classified information — from everything else.

As the Court is aware, trial in this matter is currently set for April 8, 2019. (See Minute Entry for August 8, 2018 Conference). To afford the parties sufficient time to prepare the necessary pretrial motions, including suppression motions and motions pursuant to the Classified Information Procedures Act (“CIPA”), the parties respectfully request that the Court adjourn the trial until November 4, 2019. The parties are also discussing a potential agreement concerning severance, as well as the order of the potentially severed trials. The parties will update the Court on severance and a pretrial motion schedule at or before the conference scheduled for April 10, 2019.

That might be something they tried to base a plea off of: they’d have video evidence to back their case, so it might avoid the CIPA process CIA is unwilling to engage in.

Back in May, Schulte’s team submitted a motion to vacate his SAMs (Special Administrative Measures limit a prisoner’s communication with others). It was based off the case the government made prior to his superseding indictment and left out all the allegations the government made about the 13 email and social media accounts Schulte was allegedly running from his jail cell, and as such deliberately understated why the government wanted the SAMs. The government asked for and got an extension to respond until Monday — notably, after all decisions about Assange would have had to have been made. Any response (unless it’s sealed) will have to provide more details about what happened last fall, so if they’re trying to get a plea deal, it might come this week in lieu of that SAMs response.

But the question would be what that plea agreement would look like.

Finally, the government is going to have to provide some explanation for why Chelsea Manning remains in jail for contempt. Unless they can claim they’re going after other people related to WikiLeaks, they should not be able to keep her jailed.

The Three Theories of Prosecution for Julian Assange

In this post, I laid out what the 17 new charges against Julian Assange are. In this, I’ll look more closely at three theories of criminalization here:

  • Theory One: Charging Assange for causing Chelsea Manning to leak classified information by soliciting it generally or specifically (and/or discussing its value before she obtained it)
  • Theory Two: Charging Assange for offering to help crack a password and attempting to obtain the documents that would have been available using it
  • Theory Three: Charging Assange for leaking the identities of US government informants in three different databases

Theory One: Obtaining and disclosing documents that were solicited (Counts 2-4 and 6-14)

Effectively, for three sets of documents, they’ve charged Assange for causing Chelsea Manning to obtain (Charges 2 through 4), Assange obtaining himself (Charges 6 through 8), causing Manning to disclose documents she did not have authorized possession of (Charges 9 through 11), and  causing Manning to disclose legally obtained documents (Charges 12 through 13) for three sets of documents: The Gitmo Detainee Assessment Briefs, the State Department Cables, and the Iraq Rules of Engagement.

Assange is not being charged for publishing anything under this theory (that’s not true under Theory Three). He’s being charged with causing Manning to obtain and disclose them to him.

To accuse Assange of causing Manning to do these things, they show how a Most Wanted Leaks list posted on WikiLeaks until September 2010 resembles what Manning looked for on DOD’s networks and what she sent to Assange.

In addition, they show that Manning and Assange discussed some of these leaks before she obtained them.

For example, on March 7, 2010, Manning asked ASSANGE how valuable the Guantanamo Bay detainee assessment briefs would be. After confirming that ASSANGE thought they had value, on March 8, 2010, Manning told ASSANGE that she was “throwing everything [she had] on JTF GTMO [Joint Task Force, Guantanamo] at [Assange] now.” ASSANGE responded, “ok, great!”

[snip]

Manning later told ASSANGE in reference to the Guantanamo Bay detainee assessment briefs that “after this upload, thats all i really have got left.” I

It argued that Manning downloaded the State Department cables in response to the request for bulk databases on the Wish List.

Further, following ASSANGE’s “curious eyes never run dry” comment, and consistent with WikiLeaks’s solicitation of bulk databases and classified materials of diplomatic significance, as described in paragraphs 2,4-5, between on or about March 28, 2010, and April 9, 2010, Manning used a United States Department of Defense computer to download over 250,000 U.S. Department of State cables, which were classified up to the SECRET level. Manning subsequently uploaded these cables to ASSANGE and WikiLeaks through an SFTP connection to a cloud drop box operated by WikiLeaks, with an X directory that WikiLeaks had designated for Marining’s use. ASSANGE and WikiLeaks later disclosed them to the public.

And it showed that the Iraq Rules of Engagement were on the Wish List.

As of November 2009, WikiLeaks’s “Most Wanted Leaks” for the United States included the following:

[snip]

b. “Military and Intelligence” documents, including documents that the list described as classified up to the SECRET level, for example, “Iraq and Afghanistan Rules of Engagement 2007-2009 (SECRET);”

[snip]

Following ASSANGE’s “curious eyes never run dry” comment, on or about March 22,2010, consistent with WikiLeaks’s “Most Wanted Leaks” solicitation of “Iraq and Afghanistan US Army Rules of Engagement 2007-2009 (SECRET),” as described in paragraphs 4-5, Manning downloaded multiple Iraq rules of engagement files from her Secret Internet Protocol Network computer and burned these files to a CD, and provided them to ASSANGE and WikiLeaks.

Thus, for each of these, the government is saying that soliciting specific classified (or protected) materials amounts to Espionage. This is the theory of prosecution I argued would criminalize people like Jason Leopold, who was clearly engaged in journalism when he specifically asked about a specific Suspicious Activity Report from a source.

Theory Two: Attempted hacking to attempt to obtain the documents available via the hack (Counts 5 and 18)

For one vaguely defined set of documents, DOJ has charged Assange for attempting to help Manning crack a password (which was the single previous charge, which is now Charge 18) in order to attempt to obtain unidentified documents on SIPRNet.

15. In furtherance of this scheme, ASSANGE agreed to assist Manning in cracking a password hash stored on United States Department of Defense computers connected to the Secret Internet Protocol Network, a United States government network used for classified documents and communications, as designated according to Executive Order No. 13526 or its predecessor orders.

I believe (though am not certain) that that’s what the documents charged in Count 5 are about.

Between in or about November 2009 and in or about May 2010, in an offense begun and committed outside of the jurisdiction of any particular state or district of the United States, the defendant, JULIAN PAUL ASSANGE, who will be first brought to the Eastern District of Virginia, and others unknown to the Grand Jury, knowingly and unlawfully attempted to receive and obtain documents, writings, and notes connected with the national defense—^namely, information stored on the Secret Internet Protocol Network classified up to the SECRET level— for the purpose of obtaining information respecting the national defense, knowing and having reason to believe, at the time that he attempted to receive and obtain them, that such materials would be obtained, taken, made, and disposed of by a person contrary to the provisions of Chapter 37 of Title 18 of the United States Code.

This theory also doesn’t charge Assange with publishing information. Rather than charging him for soliciting leaks (Theory One), it charges him with helping to obtain documents Manning was not authorized to obtain by attempting to crack a password to get Administrators privileges.

Releasing the names of informants (Counts 15-17)

For each of three sets of US government informants, there’s also a charge tied to the informants’ identities disclosed in bulk databases.

35. Also following Manning’s arrest, during 2010 and 2011, ASSANGE published via the WikiLeaks website the documents classified up to the SECRET level that he had obtained from Manning, as described in paragraphs 12, 21, and 27, including approximately 75,000 Afghanistan war-related significant activity reports, 400,000 Iraq war-related significant activities reports, 800 Guantanamo Bay detainee assessment briefs, £ind 250,000 U.S. Department of State cables.

36. The significant activity reports from the Afghanistan and Iraq wars that ASSANGE published included names of local Afghans and Iraqis who had provided information to U.S. and coalition forces. The State Department cables that WikiLeaks published included names of persons throughout the world who provided information to the U.S. government in circumstances in which they could reasonably expect that their identities would be kept confidential. These sources included journalists, religious leaders, human rights advocates, and political dissidents who were living in repressive regimes and reported to the United States the abuses of their own government, and the political conditions within their countries, at great risk to their own safety. By publishing these documents without redacting the human sources’ names or other identifying information, ASSANGE created a grave and imminent risk that the innocent people he named would suffer serious physical harm and/or arbitrary detention.

For each database, the indictment looks at several instances of the individuals whose identities were released. It then lays out evidence that Assange knew and did not care that by publishing these identities he would be endangering people.

This is the theory of prosecution that does criminalize the publication of true information. And it criminalizes something that journalists do, at times, do.

The government often tries to classify identities that should not be (as they did with Gina Haspel, to hide her role in torture, for example). When journalists learn these identities they sometimes do choose to ignore admonitions against publication, for good reason. That’s what Assange is accused of doing here, but only on a mass scale. But if this is successful, there’s nothing that will prevent the government from charging people for disclosing classified identities at a smaller scale.

I’m also not sure how, as a foreign citizen, this doesn’t invite retaliation against the US for identifying classified identities of other countries.

On the Curious Timing of Daniel Everette Hale’s Arrest

By all appearances, the FBI executed a search on the home of Daniel Everette Hale, an intelligence analyst the government has accused of being Jeremy Scahill’s source for his Drone Papers reporting, on August 8, 2014. In the search, they found a thumb drive with a PowerPoint on drone operations that he had printed off at work over five months earlier.

By that time, Hale had already printed out all 23 documents, unrelated to his work at Leidos, that are charged in his indictment. He also had an unclassified document he printed off at work on his home computer. He had a separate thumb drive with Tails on it, the operating system that the Intercept recommended users use to share files. Somewhere along the way, the government obtained Hale’s location data.

The August 2014 search was done a month after the Intercept published — in July 2014 — the first of the documents Hale printed out, and fourteen months before the Intercept first published that drone war PowerPoint, in October 2015. So the entire time the Intercept was publishing these documents, the government had solid evidence on who their suspected source was.

By the time FBI did that search, Hale had been in contact with Scahill — in largely unsecure form — for fifteen months. Even before Hale left the Air Force in July 2013, Hale had done a Google search on the NSA unclassified computer assigned to him for details on Scahill’s Dirty Wars book tour. He attended an event at Politics and Prose that month, and told a “confidant” he had met Scahill, who wanted to tell his story. Hale played a public role in some of Scahill’s events about the US war on terror. They emailed (including about Edward Snowden) through the summer and spoke at least once on the phone.

It wasn’t until September 2013 that Scahill and Hale switched to Jabber (but even there, the government has evidence of at least three of their Jabber chats before Hale started printing off files from work), perhaps because Hale at least once texted Scahill about getting on Jabber, apparently the day before he printed out a bunch of drone war documents.

All that suggests that, as soon as a month after the Intercept first published documents from Hale, the government had all the same evidence they’ve shown in this indictment substantiating the very strong case that Hale was Scahill’s source.

That was almost five years ago (the statute of limitations for the 793 Espionage Act crimes with which they’ve charged Hale is 10 years).

Just as curious, the government indicted Hale (in EDVA, based off work Maryland FBI Agents did) on March 7, apparently with a newly installed grand jury. The indictment has been sealed since then, waiting for Hale’s arrest in Nashville.

It is not at all surprising that the government indicted Hale. Even under the Obama Administration’s aggressive prosecutions of whistleblowing leakers, the case would be among the type they prosecuted (even though the drone documents he allegedly leaked exposed really damning details about a dysfunctional side of our war on terror, so the prosecution might have embarrassed Obama). The Trump Administration has gotten even more aggressive with journalists.

According to his criminal cover sheet, Hale is represented by Abbe Lowell who, along with being Jared Kushner’s lawyer, is also one of the best lawyers in the country on defending leak cases.

The Significance of the James Wolfe Sentence for Mike Flynn, Leak Investigations, and the Signal Application

Yesterday, Judge Ketanji Brown Jackson sentenced former SSCI head of security James Wolfe to two months in prison for lying to the FBI. In her comments announcing the sentence, Jackson explained why she was giving Wolfe a stiffer sentence than what George Papadopoulos and Alex van der Zwaan received: because Wolfe had abused a position of authority.

“This court routinely sentences people who come from nothing, who have nothing, and whose life circumstances are such that they really don’t have a realistic shot of doing anything other than committing crimes,” Jackson said. “The unfortunate life circumstances of those defendants don’t result in a lower penalty, so why should someone who had every chance of doing the right thing, a person who society rightly expects to live up to high moral and ethical standards and who has no excuse for breaking the law, be treated any better in this regard.”

[snip]

Wolfe’s case was not part of special counsel Robert Mueller’s investigation, but the judge compared his situation to two defendants in the Mueller probe who also pleaded guilty to making false statements — former Trump campaign adviser George Papadopoulos, who spent 12 days in prison, and Dutch lawyer Alex van der Zwaan, who was sentenced to 30 days. Jackson concluded that Wolfe’s position as head of security for the Intelligence Committee was an “aggravating” factor.

The public shame he had endured, and the loss of his job and reputation, were not punishment enough, the judge said, but were rather the “natural consequence of having chosen to break the law.”

“You made blatant false statements directly to FBI agents who questioned you about matters of significance in the context of an ongoing investigation. And if anything, the fact that you were a government official tasked with responsibility for protecting government secrets yourself seems to make you more culpable than van der Zwaan and Papadopoulos, who held no such positions,” Jackson said.

While the resolution of this case is itself notable, it has likely significance in three other areas: for Mike Flynn, for DOJ’s leak investigations, and for encrypted messaging apps.

Emmet Sullivan will cite this sentence as precedent

It’s still far from clear that Emmet Sullivan will be sentencing Mike Flynn three months from now. Given Trump’s increasingly unstable mood, Flynn might get pardoned. Or, Flynn might try to judge shop, citing Sullivan’s invocation of treason Tuesday.

But if Sullivan does eventually sentence Flynn and if he still feels inclined to impose some prison time to punish Flynn for selling out his country, he can cite both this sentence and the language Jackson used in imposing it. Like Wolfe, Flynn occupied a (arguably, the) position of great responsibility for protecting our national security. Sullivan seems to agree with Jackson that, like Wolfe, Flynn should face more consequences for abusing the public trust. So Wolfe’s sentence might start a countertrend to the David Petraeus treatment, whereby the powerful dodge all responsibility.

(Note, this is a view that Zoe Tillman also expressed yesterday.)

DOJ may rethink its approach to using false statements to avoid the difficulties of leak cases

I have zero doubt that DOJ prosecuted Wolfe because they believe he is Ellen Nakashima’s source for the story revealing that Carter Page had been targeted with a FISA order, which is how they came to focus on him in the first place. But instead of charging him with that, they charged him for lying about his contacts with Nakashima, Ali Watkins, and two other journalists (and, in their reply to his sentencing memo, made it clear he had leaked information to two other young female national security reporters). In the sentencing phase, however, the government asked for a significant upward departure, a two year sentence that would be equivalent to what he’d face if they actually had proven him to be Nakashima’s source.

While the government provided circumstantial evidence he was Nakashima’s source — in part, her communications to him in the aftermath of the story — he convincingly rebutted one aspect of that claim (a suggestion that she changed her email footer to make her PGP key available to him). More importantly, he rightly called out what they were doing, trying to insinuate he had leaked the FISA information without presenting evidence.

The government itself admitted no fewer than four times in its opening submission that it found no evidence that Mr. Wolfe disclosed Classified Information to anyone. See infra Part I.A. Nonetheless, the government deploys the word “Classified” 58 times in a sentencing memorandum about a case in which there is no evidence of disclosure of Classified Information—let alone a charge.

[snip]

The government grudgingly admits that it lacks evidence that Mr. Wolfe disclosed Classified Information to anyone. See, e.g., Gov. Mem. at 1 (“although the defendant is not alleged to have disclosed classified information”); id. at 6 (“notwithstanding the fact that the FBI did not uncover evidence that the defendant himself disclosed classified national security information”); id. at 22 (“[w]hile the investigation has not uncovered evidence that Wolfe disclosed classified information”); id. at 25 n.14 (“while Wolfe denied that he ever disclosed classified information to REPORTER #2, and the government has no evidence that he did”).

The Court should see through the government’s repetition of the word “Classified” in the hope that the Court will be confused about the nature of the actual evidence and charges in this case and sentence Mr. Wolfe as if he had compromised such information.1

1 Similarly, the government devotes multiple pages of its memorandum describing the classified document that Mr. Wolfe is not accused of having disclosed. And although the government has walked back its initial assertion that Mr. Wolfe “received, maintained, and managed the Classified Document” (Indictment ¶ 18) to acknowledge that he was merely “involved in coordinating logistics for the FISA materials to be transported to the SSCI” (Gov. Mem. at 10), what the government still resists conceding is the fact that Mr. Wolfe had no access to read that document, let alone disclose any part of it. Beyond providing an explanation of how the FBI’s investigation arose, that document has absolutely no relevance to Mr. Wolfe’s sentencing, but it and its subject, an individual under investigation for dealings with Russia potentially related to the Trump campaign, likely have everything to do with the vigor of the government’s position.

It’s unclear, at this point, whether the government had evidence against Wolfe but chose not to use it because it would have required imposing on Nakashima’s equities (notably, they appear to be treating Nakashima with more respect than Ali Watkins, though it may be that they only chose to parallel construct Ali Watkins’ comms) and introduce classified evidence at trial. It may be that Wolfe genuinely isn’t the culprit.

Or it may be that Wolfe’s operational security was just good enough to avoid leaving evidence.

Whatever it is, particularly in a culture of increasing aggressiveness on leaks, the failure to get Wolfe here may lead DOJ to intensify its other efforts to pursue leakers using the Espionage Act.

DOJ might blame Signal and other encrypted messaging apps for their failure to find the Carter Page FISA culprit

And if DOJ believes they couldn’t prove a real case against Wolfe because of his operational security, they may use it to go after Signal and other encrypted messaging apps.

That’s because Wolfe managed to hide a great deal of his communications with journalists until they had sufficient evidence for a Rule 41 warrant to search his phone (which may well mean they hacked his phone). Here’s what it took to get Wolfe’s Signal texts.

Once the government discovered that Wolfe was dating Watkins, they needed to find a way to investigate him without letting him know he was a target, which made keeping classified information particularly difficult. An initial step involved meeting with him to talk about the leak investigation — purportedly of others — which they used as an opportunity to image his phone.

The FBI obtained court authority to conduct a delayed-notice search warrant pursuant to 18 U.S.C. § 3103a(b), which allowed the FBI to image Wolfe’s smartphone in October 2017. This was conducted while Wolfe was in a meeting with the FBI in his role as SSCI Director of Security, ostensibly to discuss the FBI’s leak investigation of the classified FISA material that had been shared with the SSCI. That search uncovered additional evidence of Wolfe’s communications with REPORTER #2, but it did not yet reveal his encrypted communications with other reporters.

Imaging the phone was not sufficient to discover his Signal texts.

Last December and this January, the FBI had two more interviews with Wolfe where they explicitly asked him questions about the investigation. At the first one, even after he admitted his relationship with Watkins, Wolfe lied about the conversations he continued to have on Signal.

The government was able to recover and view a limited number of these encrypted conversations only by executing a Rule 41 search warrant on the defendant’s personal smartphone after his January 11, 2018 interview with the FBI. It is noteworthy that Signal advertises on its website that its private messaging application allows users to send messages that “are always end-to-end encrypted and painstakingly engineered to keep your communication safe. We [Signal] can’t read your messages or see your calls, and no one else can either.” See Signal Website, located at https://signal.org. The government did not recover or otherwise obtain from any reporters’ communications devices or related records the content of any of these communications.

Then, in a follow-up meeting, he continued to lie, after which they seized his phone and found “fragments” of his Signal conversations.

It is noteworthy that Wolfe continued to lie to the FBI about his contacts with reporters, even after he was stripped of his security clearances and removed from his SSCI job – when he no longer had the motive he claimed for having lied about those contacts on December 15. During a follow-up voluntary interview at his home on January 11, 2018, Wolfe signed a written statement falsely answering “no” to the question whether he provided REPORTER #2 “or any unauthorized person, in whole or in part, by way of summary, or verbal [or] non-verbal confirmation, the contents of any information controlled or possessed by SSCI.” On that same day, the FBI executed a second search warrant pursuant to which it physically seized Wolfe’s personal telephone. It was during this search, and after Wolfe had spoken with the FBI on three separate occasions about the investigation into the leak of classified information concerning the FISA application, that the FBI recovered fragments of his encrypted Signal communications with REPORTERS #3 and #4.

They specify that this second warrant was a Rule 41 warrant, which would mean it’s possible — though by no means definite — that they hacked the phone.

The government was able to recover and view a limited number of these encrypted conversations only by executing a Rule 41 search warrant on the defendant’s personal smartphone after his January 11, 2018 interview with the FBI. It is noteworthy that Signal advertises on its website that its private messaging application allows users to send messages that “are always end-to-end encrypted and painstakingly engineered to keep your communication safe. We [Signal] can’t read your messages or see your calls, and no one else can either.” See Signal Website, located at https://signal.org.

Mind you, this still doesn’t tell us much (surely by design). In another mention, they note Signal’s auto-delete functionality.

Given the nature of Signal communications, which can be set to delete automatically, and which are difficult to recover once deleted, it is impossible to tell the extent of Wolfe’s communications with these two reporters. The FBI recovered 626 Signal communications between Wolfe and REPORTER #3, and 106 Signal communications between Wolfe and REPORTER #4.

Yet it remains unclear (though probably likely) that the “recovered” texts were Signal (indeed, given that he was lying and the only executed the Rule 41 warrant after he had been interviewed a second time, he presumably would have deleted them then if not before). DOJ’s reply memo also reveals that Wolfe deleted a ton of his texts to Watkins, as well.

The defendant and REPORTER #2 had an extraordinary volume of contacts: in the ten months between December 1, 2016, and October 10, 2017, alone, they exchanged more than 25,750 text messages and had 556 phone calls, an average of more than 83 contacts per day. The FBI was unable to recover a significant portion of these text messages because they had been deleted by the defendant.

All of this is to say two things: first, the government would not pick up Signal texts — at least not deleted ones — from simply imaging a phone. Then, using what they specify was a Rule 41 warrant that could indicate hacking, they were able to obtain Signal. At least some of the Signal texts the government has revealed pre-date when his phone was imaged.

That’s still inconclusive as to whether Wolfe had deleted Signal texts and FBI was able to recover some of them, or whether they were unable to find Signal texts that remained on his phone when they imaged it in October.

Whichever it is, it seems clear that they required additional methods (and custody of the phone) to find the Signal texts revealing four relationships with journalists he had successfully hidden until that point.

Which is why I worry that the government will claim it was unable to solve the investigation into who leaked Carter Page’s FISA order because of Signal, and use that claim as an excuse to crack down on the app.

Government Requests Harsh New Conditions Governing Joshua Schulte’s Access to Classified Discovery

When we last heard from Joshua Schulte, he had been thrown in solitary in response to FBI’s discovery that he had a cellphone in his jail cell at Metropolitan Correctional Center, after which FBI discovered he had other devices and 13 email and social media accounts.

In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.

Today, the government asked for supplemental protective order governing Schulte’s access to a special secure facility from which he can review classified discovery. Among other things, it requires his attorney to be searched for devices upon entering the facility, it requires him to remain in manacles throughout the time he is there, and sets up a clean team to monitor both what happens in the room and the computer the defense uses to review discovery.

The defense council will be screened for electronic devices prior to entering the SCIF when she meets with her client. Once inside the Secure Area, the defendant will be allowed to meet with cleared counsel during normal business hours. The Secure Area contains equipment (the “Computer Equipment”) to allow the defendant and cleared defense counsel to review the Classified Information produced by the Government. The Computer Equipment shall be used only for purposes of preparing the defense, and is enabled to log computer activity occurring on the equipment and is equipped with security measures. These logs may be reviewed by law enforcement agents or personnel who are not involved in the prosecution of the defendant (the “Wall Team”). In the event the Wall Team determines the Computer Equipment has been used in an unauthorized manner, including by attempting to circumvent any security measures or logging features, the Wall Agent will report that information to the CISO, who will notify the Court for further action.

When the defendant is present in the Secure Area, the Secure Area will be monitored for security purposes through closed circuit television (“CCTV”) by the Marshals and an authorized FBI agent for all scheduled productions. The CCTV will allow only for visual monitoring of the defendant and cleared defense counsel, and will not include audio. The CCTV will not be recorded. Should any Marshal or member of the Wall Team hear any conversation between the defendant and any of his counsel, those conversations will not be communicated to any member of the government prosecution team, including, but not limited to attorneys, agents, and support staff.

The Defendant will be in full restraints during the time he is in the SCIF and secured to a bolt in the floor. The Defendant will be stripped searched after departing the SCIF at the conclusion of each session. The Defense attorney will sign a waiver of liability due to the fact she will be alone and in close proximity to the defendant. The USMS reserves the right to terminate these meetings if security issues arise during any session.

While there’s no hint that one of Schulte’s defense attorneys was responsible for the past acquisition of contraband, the FBI sure seems intent on making sure that avenue isn’t possible going forward.

I believe when Schulte was arraigned on the new charge of leaking from jail, the government said that CIA hadn’t continued to give Schulte access to classified information after he left. Which suggests the stuff he tried to leak from jail included information he saw in discovery (presumably including how the FBI figured out he was the one leaking CIA’s tools).

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Who Told Carter Page that James Wolfe Was the Source of the FISA Leak?

There’s a detail in the Statement of the Offense filed in conjunction with the guilty plea former Senate Intelligence Committee Director of Security James Wolfe worth further attention.

As I had noted when Wolfe was indicted, while the indictment catches Wolfe red-handed in lies about unclassified leaks Wolfe gave to Ali Watkins and some NBC reporters, it seems more interested in, and therefore probably arose out of, Wolfe’s ties with the reporters on the WaPo story first reporting that Carter Page had been targeted with a FISA order. Rather than having to prove that Wolfe leaked classified FISA information to a journalist with better operational security than the others, the government chose instead to charge him for the more easily proved case that he lied to the FBI.

The statement of offense confirms that the investigation arose in response to the FISA story.

On April 11, 2017, classified national security information concerning the existence and predication of FBI surveillance of an individual (“MALE-1”) pursuant to the Foreign Intelligence Surveillance Act (FISA) was published in an article authored by three reporters, including REPORTER #1.

In April 2017, the Federal Bureau of Investigation (FBI) opened an investigation into the unauthorized disclosure of this classified information to the news media.

And whereas the indictment had mostly discussed Wolfe’s conversations with the WaPo reporter obliquely, the statement of the offense describes how Wolfe followed up by email after meeting the reporter on December 9, 2015, and how the reporter then checked in the day before the election.

What’s more interesting, however, are the details about the aftermath of the story, when Carter Page wrote to the journalist in question and BCCed Wolfe.

On May 8, 2017, MALE-1 emailed REPORTER #1 complaining about REPORTER #1’s reporting of him (MALE-1). According to the metadata recovered during the search of Wolfe’s email, Wolfe was blind-copied on that email by MALE-1.

The day before Page sent that email, he had written a letter to Richard Burr and Mark Warner, complaining about the WaPo story and Ali Watkins’ reporting that Page was the anonymous person named in the  case. It seems that Page either learned or discovered that Wolfe might be the person who leaked the FISA news.

And as the Statement lays out, it seems that Wolfe and the journalist in question exchanged an encrypted file.

On May 11, 2017, at 11:13 a.m., REPORTER #1 emailed Wolfe, “What’s your cell?” The signature block of REPORTER #1’s email contained the reporter’s name, affiliation with a national news outlet, and telephone numbers.

On May 11, 2017, at 5:16 p.m., REPORTER #1 sent a second email to Wolfe, writing “Hi! When can we get coffee?” This time, the signature block of the second email included a 44-character long code made up of letters and numbers that appears to be a “PGP” fingerprint. If used, this fingerprint would have permitted Wolfe to send REPORTER #1 an email using an application that would encrypt the contents of the message, but not the subject line or the name of the sender.

Between the December 9, 2015, November 7, 2016, and two May 11, 2017 emails, the Statement lays out four email exchanges between Wolfe and this journalist. But the indictment says there was a fifth, possibly in June 2017.

For example, between in or around December 2015 and in or around June 2017, WOLFE and REPORTER #1 communicated at least five times using his SSCI email account.

In any case, that Page BCCed Wolfe suggests that he suspected Wolfe was the source, and perhaps said as much in his email to the reporter (thus explaining the follow-up between them).

As it is this Statement (and the indictment of Natalie Mayflower Sours Edwards for sharing FinCen data with Jason Leopold yesterday, but I’ll return to that) may suggest that the government obtained the reporter’s emails, but then parallel constructed doing so by collecting Wolfe’s. But it also suggests that Page knew precisely who leaked the FISA information.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

image_print