The Complexities of Reality Winner’s Case

I suggested in this post that some of the coverage of Reality Winner’s arraignment was less than stellar.

Case in point: I didn’t see any reporting of the hearing that the government had moved to declare her case complex because they intended to use the Classified Information Procedures Act (CIPA, which governs how the government uses or substitutes classified information to be used in a trial); Winner’s attorney did not object. The court formally approved that on June 14. Then, on June 19, the government moved for a CIPA pretrial conference, which (credit where due) the Augusta press covered on Friday.

Perhaps this is just formality. At the end of its CIPA motion, the government refers to the “fast-moving nature of this case” even while admitting that it may not need some (or most?) of the CIPA procedures it had just laid out.

Given that this investigation concerns the disclosure of classified material and that the government’s evidence includes classified information, the government respectfully moves for a pretrial conference, pursuant to Section 2 of CIPA, to establish a discovery and motion schedule relating to any classified information. The government notes that some of the CIPA sections outlined above may not be invoked or need to be addressed.

Further, dependent upon future events and potential pretrial resolutions and proceedings, there may be no need for hearings pursuant to CIPA. Because of the fast-moving nature of this case, the precise amount of classified information that may be discoverable or used as evidence is still being determined.

Claims of thumb drives inserted into Air Force computers last year notwithstanding, on its face, this appears to be a cut-and-dry case: out of a pool of six potential leakers, one — Winner — has already confessed to the FBI. So perhaps the government is just doing this to ensure it has a Court Information Security Officer involved and a hefty protection order imposed on Winner’s defense team.

But in the same motion, the government makes it clear that it collected classified material beyond the document that Winner is alleged to have leaked to The Intercept.

The indictment in this case charges the defendant with unlawfully retaining and transmitting classified national defense information in violation of 18 U.S.C. § 793(e). Classified material, including but not limited to the document which the defendant is charged with unlawfully retaining and transmitting, was collected as part of the underlying investigation and will be the subject of certain procedures set forth in CIPA, as well as in other applicable rules, statutes, and case law. The disclosure of such material will raise issues of national security that the Court must address before the material is provided to the defense. [my emphasis]

That might just refer to data the NSA and FBI used to hone in on Winner. Or it may mean there’s more to the case than meets the eye.

And whatever that is will remain out of eyesight, behind CIPA.

In Opinion Mostly Rejecting Jeffrey Sterling Appeal, Fourth Circuit Criminalizes Unclassified Tips

The Fourth Circuit just codified the principle that you can go to prison for four minutes and 11 seconds of phone calls during which you tell a reporter to go find out classified details you know about.

They just released an opinion mostly upholding Jeffrey Sterling’s conviction. The majority, penned by Albert Diaz, overturned one conviction based on whether Sterling handed a letter (about which the court seems to have misunderstood the evidence) to James Risen in Virginia, but that didn’t result in any reduction in sentence. The court not only upheld all other convictions, but did so in ways that will be really horrible for any clearance holders charged with leaks in the Fourth Circuit (the jurisdiction of which covers all the major government spy agencies).

Four minutes and 11 seconds of metadata

First, there’s the matter of whether there was evidence to support the three charges related to the first story James Risen attempted to write on Merlin in 2003. The opinion claims Sterling and Risen had “numerous” phone calls in advance of Risen going to the CIA with his story.

The government presented evidence of numerous phone calls in February and March 2003, between Sterling’s home in Virginia and Risen’s home in Maryland. These phone calls occurred right before Risen notified the CIA that he had learned about the program from confidential sources and was planning to write an article about its classified operations. Furthermore, all of these calls were made nearly a year after Risen wrote an article about Sterling’s discrimination lawsuit.

Here’s what those “numerous” calls look like:

Altogether, the government presented evidence that Sterling and Risen spoke for four minutes and 11 seconds in advance of the first story. Sterling also sent an unclassified email referring to a CNN story on Iran’s nukes.

Significantly, the court doesn’t even hold that Sterling may have transmitted classified information in those calls. It holds that he may have “encouraged” and “caused” Risen to publish the information.

That circumstantial evidence, viewed in the light most favorable to the government, could have led a rational jury to infer that Sterling discussed some classified information with Risen during these calls—the longest of which was 91 seconds—or encouraged Risen to publish the information. Thus, a jury could find that, more likely than not, Sterling helped “cause” dissemination of the information to the public through phone communications from his home in the Eastern District of Virginia, making venue proper for Counts I, II, and IX.

This establishes a standard criminalizing something that happens all the time in DC — where sources point reporters to something that’s classified without providing any classified information, leading the reporter to go find the classified information from other sources.

Importantly (and not mentioned in the Fourth Circuit opinion), the FBI’s initial suspect in this case was then-SSCI staffer Bill Duhnke. SSCI refused to cooperate with the FBI in the early stages of the investigation and may never have done so with respect to Duhnke. Nothing in the public record ever ruled out that he was Risen’s source for this early story.

The Court erroneously claims that Sterling had “the letter” printed in Risen’s book

The court makes two troubling steps in upholding Sterling’s conviction for illegally retaining classified information, which it upholds this way.

As to this offense, the Russian scientist testified that he gave Sterling a copy of the program letter in 2000. Sterling lost access to classified materials after he was fired in early 2002 (when he was working and living in Virginia), and Risen first notified authorities that he had seen the letter in April 2003. Finally, the government introduced evidence that in 2006, Sterling had stored other classified documents in his Missouri home, after he moved in mid-2003. On this evidence, a jury could therefore reasonably infer that after Sterling left the CIA in 2002, he unlawfully retained the program letter in his home—which was then in the Eastern District of Virginia.

In the language rejecting the conviction that Sterling transmitted the actual letter to Risen in Virginia, the court claimed that both sides agree that Sterling actually had the letter.

Because both sides agree that Sterling provided Risen with a paper copy of the letter, evidence of phone and email communications alone cannot support proper venue for Count V.

The claim that the defense agreed that Sterling even had the hard copy of the letter, much less handed it to Risen, is utterly inconsistent with this statement later in the opinion.

Sterling argued throughout the trial that he never retained or transmitted classified material.

Perhaps the court meant to say that “Sterling would have had to hand Risen a paper copy”?

Moreover, unless I’m missing something, not only does the defense not agree that Sterling handed over the letter, but it doesn’t even agree that Sterling ever had or saw the letter in the form handed to Risen. Indeed, the defense repeatedly got the government to admit they never found a copy of the actual letter that appeared in Risen’s book (though the record is inconsistent about whether that letter that got handed to the Iranians actually matched what appeared in Risen’s book).

That’s important — as I lay out in depth in this post — because Sterling was not involved in some key meetings leading up to the time Merlin went to Vienna. Given that he wasn’t involved in some of the meetings, it’s quite possible Sterling never saw the letter as it appeared in Risen’s book. I’d even say it’s likely, because Sterling’s habit was to include a verbatim transcript of letters Merlin was writing in his reporting, whereas Bob S, who handled the meetings Sterling didn’t attend, did not do so.

CIA has effectively — and not very credibly — claimed they didn’t have a copy of the letter as it appeared in Risen’s book, and in later years of the investigation Merlin started claiming he destroyed all evidence of it. Which would seem to undermine the claim that either side agreed Sterling handed over the actual letter to Risen.

I’m not sure how, based on that record, the Fourth Circuit can claim that Sterling ever had the letter in question.

Going to prison for keeping a procedure on how to dial a rotary phone

Then there’s what the court does to get to the claim that “in 2006, Sterling had stored other classified documents in his Missouri home, after he moved in mid-2003.”

The defense objected to the introduction of these documents, which included a performance review from the time Sterling was a trainee and instructions on how to dial into Langley from a rotary phone, specifically because of the way in which the documents were presented to the jury. The documents were handed out in red classified folders in unredacted form with great fanfare, whereas all other (far more classified) documents had been redacted and simply handed over to the jury in evidence binders.

Here’s how I described the theater surrounding these documents at the time.

A court officer handed out a packet of these same documents with bright red SECRET markings on the front to each juror (the government had tried to include such a warning on the binders of other exhibits, but the defense pointed out that nothing in them was actually classified at all). Judge Leonie Brinkema, apparently responding to the confused look on jurors’ faces, explained these were still-classified documents intended for their eyes only. “You’ll get the context,” Judge Brinkema added. “The content is not really anything you have to worry about.” The government then explained these documents were seized from Jeffrey Sterling’s house in Missouri in 2006. Then the court officer collected the documents back up again, having introduced the jurors to the exclusive world of CIA’s secrets for just a few moments.

On cross, however, the defense explained a bit about what these documents were. Edward MacMahon made it clear the date on the documents was February 1987 — a point which Lutz apparently missed. MacMahon then revealed that the documents explained how to use rotary phones when a CIA officer is out of the office. I believe the prosecution objected — so jurors can’t use MacMahon’s description in their consideration of how badly these documents implicate Sterling — but perhaps the improper description will help cue the jurors’ own understanding about what the documents they had glimpsed were really about, making it clear to them they’re being asked to convict a man because he possessed documents about using a rotary phone that the CIA retroactively decided were SECRET.

The court doesn’t deal with the silent witness aspect of this presentation at all. On the contrary, the court makes no mention of it when it dismisses the possibility this was inflammatory.

All probative evidence may be prejudicial to the defendant in some way, but we have found Rule 404(b) evidence to be unfairly prejudicial when it inflames the jury or encourages them to draw an inference against the defendant, based solely on a judgment about the defendant’s criminal character or wicked disposition. McBride, 676 F.3d at 399; Hernandez, 975 F.2d at 1041.

Here, evidence showing that Sterling had improperly retained four classified documents in the past encouraged the proper evidentiary inference that any subsequent retention of classified documents was, if proven, intentional.

The court’s treatment of these documents (and its silence on their actual content or the theater surrounding the introduction of them) is all the more troubling given that the court claimed the “prior bad acts” implicated by Sterling’s retention of these documents “were exactly the same as the act Sterling was charged with under Count III.”

Although the Rule 404(b) evidence was fairly old in this case, it did bear sufficient similarity in terms of pattern of conduct to justify its admission. An FBI search of Sterling’s Missouri home in 2006 uncovered four classified documents, which Sterling had improperly kept. And Sterling’s improper retention of these documents occurred during the same timeframe as his improper retention of files concerning the Program. Furthermore, the prior bad acts were exactly the same as the act Sterling was charged with under Count III.

Sure, in a legal sense, retaining classified information is retaining classified information. That’s how the Fourth Circuit gets to its “exactly the same” claim.

But retaining 20 year old HR documents — including a performance review — you obtained as a trainee just getting used to classification rules is not the same as retaining documents from covert operations. It’s not. And the claim it is is all the more outrageous given that Sterling wasn’t permitted to talk about how the witnesses against him had also retained classified information, and probably information that was far more classified than rotary phone dialing instructions.

Effectively, along with criminalizing sharing unclassified tips, the Fourth Circuit has also just criminalized mistakenly retaining HR documents in your basement, something that a large proportion of clearance holders have probably done over the course of their career.

Obstruction before the fact

Finally, here’s the court found that Sterling’s obstruction conviction was proper even though the government presented no proof whether he had deleted the unclassified email mentioning Iran’s nuclear program before or after receiving a subpoena for classified materials.

Sterling notes that this specific email “was not among the categories of documents requested by the grand jury’s [June 2006] subpoena.” Appellant’s Br. at 44. He argues, therefore, that even if he did delete the email, he could not have done so with the intent to impair the grand jury investigation. But while the email may not have been explicitly included in the subpoena’s categories, in that it did not directly share information about the classified program, it did reference Iran’s nuclear development efforts. Furthermore, the email and its brief comments suggest that Risen and Sterling had previously discussed Iran’s nuclear program.

We have said that to be culpable of obstructing justice, the actual documents destroyed “do not have to be under subpoena.” United States v. Gravely, 840 F.2d 1156, 1160 (4th Cir. 1988) (analyzing a conviction for obstruction of justice under 18 U.S.C. § 1503). Instead, “it is sufficient if the defendant is aware that the grand jury will likely seek the documents in its investigation.” Id. A rational jury could infer, based on the evidence at trial, that Sterling deleted the email between April and July 2006 in order to conceal it from a grand jury investigation. We therefore reject Sterling’s challenge to this conviction.

This language is just — what is the technical term? — weird.

First of all, the court never explains how Sterling would know there was a grand jury before receiving a subpoena from it, which is pretty important given that Sterling had known there was an investigation for three years, but hadn’t deleted that email before then.

Moreover, even as it deems it rational to believe that Sterling deleted the email thinking the grand jury will “likely seek the documents,” the court ignores that the grand jury actually never did seek such an email. So Sterling, with no formal notice of a grand jury introduced in the trial, not only deleted the unclassified email knowing there would be one, but happened to delete an email that the grand jury, in fact, would never go onto ask for?

Somehow, too, unless I missed it the court neglected to deal with venue on this claim. They just … ignored that part of Sterling’s appeal.

The Fourth Circuit just made it illegal to share unclassified information

So between the finding that Sterling criminally “encouraged” the transmission of classified information in four minutes and 11 seconds of phone calls of unknown content, and the finding that Sterling obstructed justice before knowing there was a grand jury by deleting information that unknown grand jury ultimately never asked for, the Fourth Circuit has just criminalized sharing unclassified information.

The Sources for Some Russian Voting Hack Stories Will Not Be Prosecuted

Yesterday, former Homeland Security Secretary Jeh Johnson spent 90 minutes meeting with the Senate Intelligence Committee’s Russian investigators.

Today, Bloomberg reports that Russian probes of election-related targets was far more extensive than previously reported, reaching into 39 states. It relies on three unnamed sources for the story, either including, or in addition to, at least one former senior US official.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

[snip]

Another former senior U.S. official, who asked for anonymity to discuss the classified U.S. probe into pre-election hacking, said a more likely explanation is that several months of hacking failed to give the attackers the access they needed to master America’s disparate voting systems spread across more than 7,000 local jurisdictions.

[snip]

One former senior U.S. official expressed concern that the Russians now have three years to build on their knowledge of U.S. voting systems before the next presidential election, and there is every reason to believe they will use what they have learned in future attacks. [my emphasis]

The report also uses the document allegedly leaked by Reality Winner as corroboration and confirmation of one of the companies targeted, rather curiously included as a parenthetical comment.

(An NSA document reportedly leaked by Reality Winner, the 25-year-old government contract worker arrested last week, identifies the Florida contractor as VR Systems, which makes an electronic voter identification system used by poll workers.)

The Bloomberg story is critically important, as it should provide pressure on the Republicans for real protections for voting systems, even if they’ll probably ignore that pressure. It provides far more details than the Winner document did. That said, much of this information might come out formally in Jeh Johnson testimony before the House Intelligence Committee.

I raise all this to note that the treatment of Bloomberg’s sources will be dramatically different than that of Winner. I’d bet there won’t even be a referral for this story, especially if it relies on (as is likely) information shared by people protected by the speech and debate clause and/or people who might have been original classification authorities (OCAs — the people who get to decide whether something is classified or not) for this information in the past.

Perhaps that is as it should be. Perhaps our democracy has unofficially agreed that OCAs and congressional staffers should serve as kind of a relief valve, the place where classified information may be leaked without criminal penalty. Perhaps we believe those kinds of people have a better read on whether the interests of leaking outweigh the sensitivity of an issue. Though obviously, when OCAs like David Petraeus become impossible to punish (or former SSCI staff director Bill Duhnke, who was the FBI’s primary suspect for the Merlin leak, but who was protected by the Senate’s refusal to cooperate), that creates a profoundly unequal system of justice. Reality Winner can be prosecuted even while people leaking similar — perhaps even more sensitive — information within weeks might not even be investigated.

To be clear, I don’t want Bloomberg’s sources to be investigated. But we need to acknowledge the double standards for leakers in this country.

Which Was a More Sensitive Open Secret Revealed as a Result of the Reality Winner Story: Details on Russian Hacks of Voting Equipment, or Invisible Printer Dots?

Mr. EW doesn’t follow my work all that closely. He’s most apt to read something I wrote if it gets cited in TechDirt, a fact that occasionally makes me fantasize about getting Mike Masnick to publish secret messages about fixing leaky toilets or broken screen doors.

So I was pretty interested in Mr. EW’s take on the Reality Winner story. He believes, as many people do, that Winner was caught using the printer dot technology that Rob Graham laid out here.

I don’t doubt that the FBI or NSA used the printer dot technology to confirm that they had gotten the right person before they charged Winner. But it’s not mentioned at all in DOJ’s narrative of how they caught Winner (who, remember, pled not guilty even though she confessed to the FBI). They cite the following steps (search warrant affidavit, complaint affidavit):

  1. May 30: The Intercept contacts NSA and provides a copy of the document. NSA confirms for itself that it is real and classified.
  2. June 1: NSA makes a leak referral to the FBI.
  3. Undated:
    1. NSA notes that the document has been folded, suggested it was printed off.
    2. NSA checks who has accessed and printed the document.
    3. NSA checks the work computers of the six people who have printed the document, including Winner.
    4. NSA finds a direct email, from March, from Winner’s work computer to The Intercept using her personal Gmail account pertaining to TI’s podcast.
  4. June 1: For the second time, The Intercept contacts a contractor to validate the document (he or she had told them it was fake on May 24), telling the contractor that the NSA has confirmed its authenticity. The contractor provided a document number to The Intercept, and on the same day, the contractor informed the NSA about the May 24 and June 1 interactions, probably also passing on the detail that the document had been sent from Augusta, GA.
  5. June 2: FBI verifies Winner’s residence for a search warrant.
  6. June 3: FBI interviews Winner, who admits to “removing the classified intelligence reporting from her office space, retaining it, and mailing it from Augusta, Georgia.”

Winner was arrested on June 3; her arrest was unsealed on June 5, just after The Intercept published the document.

On June 5, Graham posted a piece explaining how the hidden dots on the hard copy of the document would have told NSA that the document had been printed out on May 9, making it even easier for the NSA to pinpoint who had printed out the document.

The document leaked by the Intercept was from a printer with model number 54, serial number 29535218. The document was printed on May 9, 2017 at 6:20. The NSA almost certainly has a record of who used the printer at that time.

As I explained to Mr. EW last night, nothing in the official record says the NSA used this hidden dot technology in its hunt for the leaker. I explained that while my friends started talking about the hidden dots almost immediately, there was nothing in the public record about it.

Clearly, the government didn’t exactly want that (and no doubt a number of other investigative methods, presumably including at a minimum checks on the non-government computer communications of the six people who printed out the document, and potentially also a check of postal records) detail to become public.

Yet, as a result of the reporting on this, people like Mr. EW not only know about the dot technology, but believe it was the key factor in identifying Winner. If they follow Rob Graham closely, they’ll also know that (in response to my question) another presumed leaker to The Intercept had managed to pass on a printed (and frankly far more important leaked) document — FBI’s Domestic Investigations and Operations Guidewithout including the telltale dots (I told Mr. EW about the follow-up but he’s more likely to read it if TechDirt links so…) So they would have learned that the dots are an operational security issue, but there are as yet unknown ways to mitigate that problem.

As I’ve stated several times, while the document Winner leaked to The Intercept provides new details about Russian attempts to hack the election, it simply adds to the widely known narrative already in the public (though the redacted details would no doubt be even more interesting). The secret dots though! — that was news to most people (including me).

Which secret do you think the government is most grumpy about having been made public?

Reality Winner Appears to Have Already Leaked “Documents” Plural

There appears to be a misunderstanding about details revealed at the bail hearing for Reality Winner last week, where Magistrate Judge Brian Epps denied her bail. Epps did so because she allegedly said she said wanted to burn the White House down and because prosecutor Jennifer Solari — who sounds like she made some pretty inflated claims — suggested Winner might have more to leak. There’s no written record for this yet, but it appears from one of the less-shitty reports on the hearing that the claim is based on three things: First, Winner stuck a thumb drive in a Top Secret computer last year.

Winner inserted a portable hard drive in a top-secret Air Force computer before she left the military last year. She said authorities don’t know what happened to the drive or what was on it.

Second, because Solari portrayed the 25-year old translator’s knowledge as a danger unto itself (more ridiculously, she painted Winner’s knowledge of Tor — which Winner didn’t use to look up sensitive information — as a means by which she might flee).

“We don’t know how much more she knows and how much more she remembers,” Solari said. “But we do know she’s very intelligent. So she’s got a lot of valuable information in her head.”

And finally, because Winner told her mother, in a conversation from jail that was recorded, that she was sorry about the documents, plural.

Solari said Winner also confessed to her mother during a recorded jailhouse phone call, saying: “Mom, those documents. I screwed up.”

Solari apparently emphasized the latter point as a way to suggest Winter might still have documents to leak.

Solari stressed that Winner referred to “documents” in the plural, and that federal agents were looking to see whether she may have stolen other classified information.

The idea is that because Winner used the plural and she only leaked one document, there must be more she’s planning on leaking.

Except that doesn’t appear right.

It appears Winner actually already leaked two documents.

While the Intercept article describes a document, singular, what they actually appear to have gotten are two documents — the report on the Russian hacking, and one page of a two-page document laying out the hacks. The Intercept calls the second document “an overview chart.”

But the “chart” actually has its own separate pagination (indeed, its own separate pagination format). The “document” paginates by page number,

Whereas the “chart” paginates by pages out of total.

Moreover, the “chart” also uses a different title than the report.

That’s not to say they’re not related. It’s just two say that we already appear to have documents, plural, from Winner.

Moreover, are we really led to believe that 3 years after Edward Snowden succeeded in loading a bunch of documents onto a flash drive because he was in a remote facility where insider threat programs hadn’t yet been fully implemented, had SysAdmin access, and had pulled some strings to retain an outdated computer that had a port, a translator in an NSA or other military facility could use a flash drive without a very close accounting of what she downloaded?

Mind you, her attorney should have argued as much in the detention hearing if Winner really thinks these are multiple documents. But appears they are.

What a Difference a Day Makes to the Privileges of a King

As part of his testimony today, Jim Comey revealed he gave some or all of the nine memos he wrote documenting his interactions with President Trump to a friend, since confirmed to be Columbia Professor Dan Richman, who in turn shared one with the press.

COLLINS: Finally, did you show copies of your memos to anyone outside of the department of justice?

COMEY: Yes.

COLLINS: And to whom did you show copies?

COMEY: I asked — the president tweeted on Friday after I got fired that I better hope there’s not tapes. I woke up in the middle of the night on Monday night because it didn’t dawn on me originally, that there might be corroboration for our conversation. There might a tape. My judgement was, I need to get that out into the public square. I asked a friend of mine to share the content of the memo with a reporter. Didn’t do it myself for a variety of reasons. I asked him to because I thought that might prompt the appointment of a special counsel. I asked a close friend to do it.

COLLINS: Was that Mr. Wittes?

COMEY: No.

COLLINS: Who was it?

COMEY: A close friend who is a professor at Columbia law school.

The fact that Comey released the memo through Richman formed part of Trump lawyer Marc Kasowitz’s pushback after the hearing.

Of course, the Office of the President is entitled to expect loyalty from those who are serving in an administration, and, from before this President took office to this day, it is overwhelmingly clear that there have been and continue to be those in government who are actively attempting to undermine this administration with selective and illegal leaks of classified information and privileged communications. Mr. Comey has now admitted that he is one of the leakers.

Today, Mr. Comey admitted that he unilaterally and surreptitiously made unauthorized disclosures to the press of privileged communications with the President. The leaks of this privileged information began no later than March 2017 when friends of Mr. Comey have stated he disclosed to them the conversations he had with the President during their January 27, 2017 dinner and February 14, 2017 White House meeting. Today, Mr. Comey admitted that he leaked to his friends his purported memos of these privileged conversations, one of which he testified was classified. He also testified that immediately after he was terminated he authorized his friends to leak the contents of these memos to the press in order to “prompt the appointment of a special counsel.” Although Mr. Comey testified he only leaked the memos in response to a tweet, the public record reveals that the New York Times was quoting from these memos the day before the referenced tweet, which belies Mr. Comey’s excuse for this unauthorized disclosure of privileged information and appears to [sic] entirely retaliatory.

Kasowitz gets a lot wrong here. Comey said one memo was classified, but that’s the memo that memorialized the January 6 meeting, not the ones described here. And the NYT has already corrected the claim that the shared memos preceded the tweet.

And, as a number of people (including Steve Vladeck) have noted, even if this information were covered by executive privilege, even if that privilege weren’t waived with Trump’s tweet, it’s not a crime to leak privileged information.

Nevertheless, Kasowitz’ focus on purportedly privileged documents is all the more interesting given the pathetic conduct of Director of National Intelligence Dan Coats and NSA Director Mike Rogers at yesterday’s 702 hearing. After a great deal of obfuscation from both men about why they couldn’t answer questions about Trump’s request they intervene in the FBI’s Mike Flynn investigation, Angus King finally got Rogers to admit that he and Coats never got a conclusive answer about whether the White House was invoking privilege.

King: I think you testified, Admiral Rogers, that you did discuss today’s testimony with someone in the White House?

Rogers: I said I asked did the White House intend to invoke executive privilege with respect to interactions between myself and the President of the United States.

King: And what was the answer to that question?

Rogers: To be honest I didn’t get a definitive answer. Both myself and the DNI are still talking–

King: So then I’ll ask both of you the same question. Why are you not answering these questions? Is there an invocation by the President of the United States of executive privilege? Is there or not?

Rogers: Not that I’m aware of.

King: Then why are you not answering the question?

Rogers: Because I feel it is inappropriate, Senator.

King: What you feel isn’t relevant Admiral. What you feel isn’t the answer. The question is why are you not answering the questions. Is it an invocation of executive privilege? If there is, then let’s know about it, and if there isn’t answer the questions.

Rogers: I stand by the comments I’ve made. I’m not interested in repeating myself, Sir. And I don’t mean that in a contentious way.

King: Well I do mean it in a contentious way. I don’t understand why you’re not answering our questions. When you were confirmed before the Armed Services Committee you took an oath, do you solemnly swear to give the committee the truth, the full truth and nothing but the truth. You answered yes to that.

Rogers: I do. And I’ve also answered that those conversations were classified. It is not appropriate in an open forum to discuss those classified conversations.

King: What is classified about a conversation about whether or not you should intervene in the FBI investigation?

Rogers: Sir I stand by my previous comments.

King: Mr. Coats? Same series of questions. What’s the basis for your refusal to answer these questions today?

Coats: The basis is what I’ve previously explained, I do not believe it is appropriate for me to–

King: What’s the basis? I’m not satisfied with I do not believe it is appropriate or I do not feel I should answer. I want to understand a legal basis. You swore that oath to tell us the truth, the whole truth, and nothing but the truth, and today you are refusing to do so. What is the legal basis for your refusal to testify to this committee?

Coats: I’m not sure I have a legal basis.

In other words, these men admit they had no legal basis (they’re not classified, no matter what Rogers claimed) to dodge the Committee’s question. But nevertheless they’re invoking things like their feelings to avoid testifying.

Clearly, the White House is playing a game here, invoking loyalty rather than law to compel silence from its top officials.

Kasowitz’ claims are, on their face, bogus. But taken in conjunction with the dodges from Coats and Rogers, they’re all the more problematic.

 

Does Vice President Pence Believe He Has Declassification Authority?

It is, as I understand it, fairly customary for each new presidential administration to rewrite the Executive Order on classification. George W Bush didn’t do so right away — he finalized his classification EO on March 23, 2003. Obama moved a bit more quickly, superseding the Bush EO with his own classification EO on December 29, 2009.

But even among the flood of Executive Orders that Trump has signed thus far in his term, I don’t believe he has modified the Obama one.

That means a change made in 2003, which was retained in the Obama EO, remains in place: the inclusion of the Vice President among those who is and can name Original Classification Authorities (here’s Bill Clinton’s EO for comparison). Here’s the language that gave Dick Cheney classification authorities:

Classification Authority. (a) The authority to classify information originally may be exercised only by:

    (1) the President and, in the performance of executive duties, the Vice President;

And here’s how Obama slightly tweaked that language to retain that authority for Joe Biden:

a) The authority to classify information originally may be exercised only by:

(1) the President and the Vice President;

Now, Cheney got this authority at an interesting time. That was a key time for Torture cover-up; in fact, sometime in that period, someone in the White House ordered George Tenet to make torture a Special Access Program. He was already pushing back against the CIA whistleblowers who knew the intelligence behind Iraq was crap, an effort that would lead to Scooter Libby sharing Valerie Plame’s identity with Judy Miller on Cheney’s orders (it remains unclear whether Cheney had Bush’s permission to leak this). Yet for some reason, the new classification rules appear most closely connected with Stellar Wind (I believe this had to do with a change in whom Stellar Wind could target).

In any case, from that moment forward, the Vice President has had the authority to classify things. As you can imagine, given Cheney’s role in the Plame outing, there was a heated and still publicly unresolved debate whether the Vice President also got declassification authorities, including of things that the President or Presidential authority had classified.

I raise this issue because more and more people have started raising questions about whether Mike Pence is sabotaging Donald Trump, especially as leaks like this come out of the White House.

President Trump told Russian officials in the Oval Office this month that firing the F.B.I. director, James B. Comey, had relieved “great pressure” on him, according to a document summarizing the meeting.

“I just fired the head of the F.B.I. He was crazy, a real nut job,” Mr. Trump said, according to the document, which was read to The New York Times by an American official. “I faced great pressure because of Russia. That’s taken off.”

Mr. Trump added, “I’m not under investigation.”

The conversation, during a May 10 meeting — the day after he fired Mr. Comey — reinforces the notion that Mr. Trump dismissed him primarily because of the bureau’s investigation into possible collusion between his campaign and Russian operatives. Mr. Trump said as much in one televised interview, but the White House has offered changing justifications for the firing.

The White House document that contained Mr. Trump’s comments was based on notes taken from inside the Oval Office and has been circulated as the official account of the meeting. One official read quotations to The Times, and a second official confirmed the broad outlines of the discussion.

If Pence believes — perhaps based on knowledge personally imparted by Cheney allies — that he has the ability to declassify anything that the President can, then he can leak details of White House events with utter impunity. Having him insta-declassify things would be a fairly safe way to feed the never-ending stream of embarrassing information coming out of the White House.

Oh, sure. He’d have utterly venal motive to do so. By feeding the Trump Russian scandal, Pence would make it increasingly likely he’d become President without having to expose his regressive views to the review of voters. But there’s nothing Trump could do about it so long as an EO granting Pence the same authorities that Cheney abused to great effect remains on the book.

Hot and Cold Running Sources and Methods Outrage

Let’s stipulate that Donald Trump is an incompetent president. Let’s stipulate that his fondness for the Russians exhibits at least naiveté about their intentions, if not out and out compromise. Let’s agree that when he fucks up, it is fair game to scream about it as a way to limit his power. Let’s acknowledge ruefully, again, that the man who got elected heckling “Lock her up!” continues to engage in far more egregious mistreatment of classified information than an email server.

But it’s worth looking at one paragraph in the WaPo story on how Donald Trump shared code word intelligence with the two Russian Sergeys, Foreign Minister Sergey Lavrov and the omnipresent Ambassador to the US Sergey Kislyak last week.

First, some background.

The whole point of the story, which is sourced to “current and former U.S. officials,” just one of whom is described as a former intelligence official (meaning the others could be members of Congress), is that Trump’s actions are particularly egregious because he revealed the city from which ISIS was allegedly plotting a laptop attack on US planes that has led US Homeland Security to consider ineffective bans on laptops in passenger areas of planes.

Trump went on to discuss aspects of the threat that the United States learned only through the espionage capabilities of a key partner. He did not reveal the specific intelligence-gathering method, but he described how the Islamic State was pursuing elements of a specific plot and how much harm such an attack could cause under varying circumstances. Most alarmingly, officials said, Trump revealed the city in the Islamic State’s territory where the U.S. intelligence partner detected the threat. [my emphasis]

Revealing the city, these US officials sharing the information anonymously because of “the sensitivity of the subject” explain, might help ID the US ally or capability involved in revealing this laptop threat.

The identification of the location was seen as particularly problematic, officials said, because Russia could use that detail to help identify the U.S. ally or intelligence capability involved. Officials said the capability could be useful for other purposes, possibly providing intelligence on Russia’s presence in Syria. Moscow would be keenly interested in identifying that source and perhaps disrupting it.

Hmmm. How many cities does ISIS still hold…?

The other problem with sharing this information is that it is not ours to share. This ally gets very frustrated when it discovers we shared information that it hasn’t permitted us to share.

At a more fundamental level, the information wasn’t the United States’ to provide to others. Under the rules of espionage, governments — and even individual agencies — are given significant control over whether and how the information they gather is disseminated, even after it has been shared. Violating that practice undercuts trust considered essential to sharing secrets.

[snip]

At a more fundamental level, the information wasn’t the United States’ to provide to others. Under the rules of espionage, governments — and even individual agencies — are given significant control over whether and how the information they gather is disseminated, even after it has been shared. Violating that practice undercuts trust considered essential to sharing secrets.

The officials declined to identify the ally but said it has previously voiced frustration with Washington’s inability to safeguard sensitive information related to Iraq and Syria.

“If that partner learned we’d given this to Russia without their knowledge or asking first, that is a blow to that relationship,” the U.S. official said.

So: bad to share because this ally gets to veto any sharing of this information, and “if that partner learned we’d given this to Russia without their knowledge or asking first, that is a blow to that relationship.” And especially bad to share the city (even though there can’t be many possibilities) because that would make it easier to figure out the underlying sources and methods.

This stuff is so sensitive, the WaPo explains, that if anyone else were to share it (with an adversary, they caveat), it’d be illegal.

For almost anyone in government, discussing such matters with an adversary would be illegal.

You with me so far? Sharing bad without okay of frustrated ally, sharing location especially bad, illegal if you’re not the President.

Okay. Now read this paragraph:

The Post is withholding most plot details, including the name of the city, at the urging of officials who warned that revealing them would jeopardize important intelligence capabilities.

So multiple people learned of this event, and went out and leaked it (which is illegal to do for most anyone besides the President, the WaPo helpfully notes), not just with the WaPo’s two reporters, but with reporters from Buzzfeed, NYT, WSJ, and more. They leaked it to reporters who they presumably knew would then report it, alerting the frustrated ally that Trump had shared the information, which is a blow to that relationship, and also alerting the frustrated ally that they then proceeded to go leak it more.

I’m confused, is that a blow to that relationship too, leaking the sharing so it can be revealed? Or did, say, the Saudis call up a bunch of members of Congress and former spooks and permit them to leak this to the press so Donald and his close relationship with the Russians can be undermined?

And these sources who are outraged that Trump shared the city where our frustrated ally that shouldn’t learn we’re leaking it without its permission learned of the plot? These sources shared plot details, including the name of the city, with journalists whose job it is to publish stuff like this, though the journalists didn’t share it with us or the Russians.

Now, I’ll grant you, WaPo’s reporters aren’t an adversary (depending on who you ask), though neither are they tasked with keeping a nation that has already lost a plane to ISIS safe. WaPo’s reporters aren’t fighting for power in Syria like Russia (and our frustrated ally), so they can’t personally use this information for advantage there.

So, yeah, it’s different. But these very outraged sources are still sharing the information that it is so outrageous to share.

Me? I’m hoping all this sharing and leaking about sharing will reveal what the underlying threat really is supposed to be. Because some of our frustrated allies have a habit of exaggerating threats so we implement stupid transportation policies and grow ever more reliant on their intelligence that they seem to keep sharing even though it seems to keep getting leaked.

Thoughts on the NYT Comey Blockbuster

The NYT has a big piece on Jim Comey’s involvement in the election you should definitely read. Rather than share my thoughts in a tweet storm I thought I’d share here so we can all gab about it.

Consensus coming closer to Jim Comey being self-righteous

As long time readers know, I think Jim Comey is self-righteous. He creates a heroic self-image that is often overblown (as it was regarding the post hospital hero events). So I was happy to see this paragraph — and observations matching it — through out the story.

Mr. Comey made those decisions with the supreme self-confidence of a former prosecutor who, in a distinguished career, has cultivated a reputation for what supporters see as fierce independence, and detractors view as media-savvy arrogance.

Comey deserves all the criticism he has gotten for his statements about the Hillary investigation. But we’re stuck with Comey for now; he’s one of the few checks against Trump’s arbitrary rule (and Comey is enough of a media hound to be able to create the space to conduct the investigation into Trump).

But one way or another I’m happy people are beginning to understand Comey not as the hospital hero, nor as a partisan, but as someone who doesn’t (or didn’t?) assess his own actions with a fair measure.

The secret David Margolis meeting

One of two really interesting new details in this story is that, when Comey was trying to decide what to do, he consulted with David Margolis, who has long been treated as the conscience of DOJ by DOJers. (See this bmaz post for more background on Margolis.)

Mr. Comey sought advice from someone he has trusted for many years. He dispatched his deputy to meet with David Margolis, who had served at the Justice Department since the Johnson administration and who, at 76, was dubbed the Yoda of the department.

What exactly was said is not known. Mr. Margolis died of heart problems a few months later. But some time after that meeting, Mr. Comey began talking to his advisers about announcing the end of the Clinton investigation himself, according to a former official.

This meeting (and the description of how they staged Margolis’ funeral so the DOJ people criticizing Comey wouldn’t have to share a stage with him) plays a weird role in the story, as if just the mention of the meeting serves to exonerate Comey’s terrible decision to announce the end of the Hillary investigation.

But what the story doesn’t note is that Comey was effectively consulting with the person who for years always intervened to make sure DOJ’s lawyers don’t get held accountable for their misconduct (most notably, he did this for John Yoo). Now, I’m not sure whether as FBI Director Comey’s behavior might have been reviewed by the Office of Professional Responsibility; as it happens DOJ IG is doing so. But it is not ethical to have the guy who, later on, would bless your actions, bless them before the fact. It’s like getting pre-approval to break the rules.

Loretta Lynch should have recused

One of the details others find most interesting is that the FBI acted as they did, in part, because a Democratic operative suggested in an email that Loretta Lynch would ensure nothing came of the investigation.

During Russia’s hacking campaign against the United States, intelligence agencies could peer, at times, into Russian networks and see what had been taken. Early last year, F.B.I. agents received a batch of hacked documents, and one caught their attention.

The document, which has been described as both a memo and an email, was written by a Democratic operative who expressed confidence that Ms. Lynch would keep the Clinton investigation from going too far, according to several former officials familiar with the document.

Read one way, it was standard Washington political chatter. Read another way, it suggested that a political operative might have insight into Ms. Lynch’s thinking.

Normally, when the F.B.I. recommends closing a case, the Justice Department agrees and nobody says anything. The consensus in both places was that the typical procedure would not suffice in this instance, but who would be the spokesman?

The document complicated that calculation, according to officials. If Ms. Lynch announced that the case was closed, and Russia leaked the document, Mr. Comey believed it would raise doubts about the independence of the investigation.

I’ve got a slew of hacking related questions about this document — starting with why it hasn’t, as far as I know, been leaked. The described timing as “early last year” suggests that it may have been hacked in the FSB phase of the hacking. But the document would have solidified the narrative the Russians were reportedly fostering about Hillary.

The article doesn’t pursue those questions, but it notes that in response to finding it, Comey did not ask Lynch to recuse. He should have. You recuse whether or not there’s basis for recusal but because of appearances as well. Moreover, so much awfulness could have been avoided had she recused. This was one of the big own goals of this whole mess.

CIA Directors should not meet with just one Gang of Eight member

The second detail I find most interesting in this story is that John Brennan privately briefed Harry Reid about his concerns about the Russians.

John O. Brennan, the C.I.A. director, was so concerned about the Russian threat that he gave an unusual private briefing in the late summer to Harry Reid, then the Senate Democratic leader.

Top congressional officials had already received briefings on Russia’s meddling, but the one for Mr. Reid appears to have gone further. In a public letter to Mr. Comey several weeks later, Mr. Reid said that “it has become clear that you possess explosive information about close ties and coordination between Donald Trump, his top advisors, and the Russian government — a foreign interest openly hostile to the United States.”

While I’m generally sympathetic to Democrats’ complaints that DOJ should have either remained silent about both investigations or revealed both of them, it was stupid for Brennan to give this private briefing (and I hope he gets grilled about it by HPSCI when he testifies in a few weeks). In addition to the things Reid said publicly about the investigation, it’s fairly clear he and his staffers were also behind some of the key leaks here (and, as CNN reported yesterday, leaks about the investigation actually led targets of it to alter their behavior). For reasons beyond what appears in this story, I think it likely Reid served as a cut-out for Brennan.

And that’s simply not appropriate. There may well have been reasons to avoid briefing Richard Burr (who was advising Trump). But spooks should not be sharing information with just one party. CIA did so during its torture cover-up in ways that are particularly troubling and I find this — while not as bad — equally problematic.

Two missing details: the leaks and the delayed notice to Congress

While this is already a comprehensive story (though its telling of October 7 omits key details), there are two parts that seem critical that are missing: the flood of leaks from FBI and the decision to delay notifying the Gang of Four of the CI investigation.

This week, CNN reported that the FBI was “clarifying” an earlier policy fostering more contact between FBI employees with the media in response to leaks about the Trump campaign. (Click through to read about the TV series coming out focusing on FBI heroism that the FBI exercised editorial control over!!!)

The FBI is overhauling its media policy, restricting contacts between the news media and its employees amid controversy over alleged leaks, bureau officials told CNN.

The new media policy was rolled out this week at a conference in Washington attended by FBI special agents in charge of its 56 field offices, according to officials who attended.
Media access to top officials at the FBI became more common in recent years under FBI Director James Comey, part of a transparency effort he said was aiming at demystifying the FBI and helping the public understand its mission. But the new policy appears to curtail that access.
An official familiar with the development of the new policy described it as largely a “clarification” intended to reinforce existing rules on who is authorized to talk to reporters, not a step back from Comey’s transparency initiatives.

Not only should this policy have been put in place before people leaked details of FISA orders, but it should have been put in place in early 2016, when it was clear FBI Agents were leaking details of the Hillary investigation to try to force their supervisors to expand its scope to include the Clinton Foundation.

Instead, the possibility that FBI Agents would leak was one of the reasons why Comey did what he did. The correct thing, instead of making unprecedented public statements as he did, would have been to shut down the leaking.

Additionally, according to Comey’s testimony, FBI actually delayed notifying at least the heads of the Intelligence Committees  until fairly recently. The NYT acknowledges that this detail was hidden. But I’d love to understand how this departure from normal briefing affected all the other decisions (particularly in light of the the Brennan meeting).

In any case, read the whole thing. It’s very frustrating. But it also lays out a series of things that Comey — and other Obama officials — should have done differently.

The WikiLeaks Deterrent Theory, AKA the Arbitrary Official Secrets Act

Three outlets yesterday — first the WaPo, then CNN, then NYT — reported that DOJ is considering charges against Julian Assange and WikiLeaks. The discussion of what charges, and for what leaks, differs between the reports.

While mentioning the Vault 7 leaks, WaPo also focuses on Chelsea Manning’s leaks and Assange’s discussions about how to gain access.

In March, WikiLeaks published thousands of files revealing secret cyber-tools used by the CIA to convert cellphones, televisions and other ordinary devices into implements of espionage. The FBI has made significant progress in the investigation of the leak, narrowing the list of possible suspects, officials said. The officials did not describe WikiLeaks’ exact role in the case beyond publishing the tools.

Prosecutors are also reexamining the leaks from Chelsea Manning, the Army soldier who was convicted in 2013 of revealing sensitive diplomatic cables. Manning chatted with Assange about a technique to crack a password so Manning could log on to a computer anonymously, and that conversation, which came up during Manning’s court-martial, could be used as evidence that WikiLeaks went beyond the role of publisher or journalist.

Alexa O’Brien tweeted out some thoughts and links to what any further prosecution of the Manning leak might entail.

CNN, which is the most certain charges have already been drawn up, explains that DOJ believes WikiLeaks’ actions changed in nature with Edward Snowden.

The US view of WikiLeaks and Assange began to change after investigators found what they believe was proof that WikiLeaks played an active role in helping Edward Snowden, a former NSA analyst, disclose a massive cache of classified documents.

I think that may be demonstrably true of Sarah Harrison, who helped a fugitive escape. But I’m not sure the US has equally compelling evidence against Assange.

Perhaps the most interesting discussion comes from NYT, which discusses the ongoing debate — with “senior Justice Department officials … pressuring prosecutors” over what is realistic and what authorities actually want, which is an Espionage conviction.

The official, speaking on the condition of anonymity because the details of the discussions remain secret, said senior Justice Department officials had been pressuring prosecutors in the Eastern District of Virginia to outline an array of possible charges against Mr. Assange.

But the official said prosecutors remained skeptical that they could pursue the most serious charges, of espionage, with regard to the documents Mr. Assange disclosed years ago with the help of an Army intelligence analyst, Chelsea Manning. Ms. Manning was convicted and sent to prison, but President Barack Obama commuted her sentence in January.

Given how few people Trump has confirmed into positions in government, these outlets should be a bit more descriptive. In that passage, for example, and the following from WaPo, what does “senior justice department official” mean when US Attorney Dana Boente is (as I’ve noted but none of these stories do) also acting DAG and acting AG for any Russia-related charges.

Prosecutors in recent weeks have been drafting a memo that contemplates charges against members of the WikiLeaks organization, possibly including conspiracy, theft of government property or violating the Espionage Act, officials said. The memo, though, is not complete, and any charges against members of WikiLeaks, including founder Julian Assange, would need approval from the highest levels of the Justice Department.

Would Boente be approving charges filed under Boente’s name?

Though that may not matter. Rod Rosenstein, who will become DAG shortly, has himself pursued excessive charges in leak cases, both against Thomas Drake and Hal Martin.

Perhaps the most interesting claim is that the FBI thought indicting Assange — who likely won’t be prosecuted in any case unless Ecuador suddenly changes their mind about their house guest — would provide some kind of deterrent effect.

Officials have said that the F.B.I. supports prosecuting Mr. Assange. Several years ago, the agency sent a series of documents to the Justice Department outlining charges that investigators claimed to have evidence to support. At the time, F.B.I. counterintelligence agents believed that charging Mr. Assange would deter him from posting new troves of American documents.

I think you’d have to be daft to think prosecuting Assange would deter him from posting more, assuming this happened while he was in the Ecuadoran Embassy. Prosecuting him would only mean he’d have less to lose — and, frankly, more reason to post things that might please America’s adversaries, like Russia.

But it might serve as deterrence for other publishing outlets that aren’t holing up in an Embassy. Short of some really distinguishing actions (and Harrison’s might amount to that in the Snowden case), indicting Assange would put everyone else with a SecureDrop on notice that they, too, might be prosecuted. Surely, DOJ would pick and choose who gets prosecuted. They might choose other easily easily targeted people — people who are gay, people who no longer live in this country, people who have too many dogs — to similarly make examples of (though pity the fool that challenges Glenn Greenwald’s First Amendment rights.

DOJ wants to start cutting away at the First Amendment. All the better for them, if in the name of prosecutorial discretion, Jeff Sessions’ DOJ could pick and choose which publishers’ speech gets curtailed.

image_print