Dot Connecting about Failure to Connect the Dots: Trump Tower Edition

I’d like to throw two dots out there. Well, maybe four.

First, this curious language in the House Judiciary Committee 702 bill, mandating that any FBI back door search of 702 data ensure it includes all data in its holdings.

(F) SIMULTANEOUS QUERY OF FBI DATABASES.—Except as otherwise provided by law or applicable minimization procedures, the Director of the Federal Bureau of Investigation shall ensure that all available investigative or intelligence databases of the Federal Bureau of Investigation are simultaneously queried when the Bureau properly uses an information system of the Bureau to determine whether information exists in such a database.

Here’s what it had been.

(E) SIMULTANEOUS ACCESS OF FBI DATABASES.—The Director of the Federal Bureau of Investigation shall ensure that all available investigative or intelligence databases of the Federal Bureau of Investigation are simultaneously accessed when the Bureau properly uses an information system of the Bureau to determine whether information exists in such a database. Regardless of any positive result that may be returned pursuant to such access, the requirements of this subsection shall apply.

In his commentary on the new language, Charlie Savage suggested the first change pertained to rules in the EO 12333 sharing language prohibiting the search for criminal purposes. I’m as interested by the second change: the language that originally said even if you got a positive hit from one source, you still had to make sure you pulled up the same positive hit via all databases. Requiring that FBI pull up all incidences of a piece of intelligence anytime they do a search would have several functions: ensure they found data that would be easier to parallel construct, because it was collected under Title III or didn’t have notice provisions, make sure an Agent understand the context from which the intelligence was collected, and ensure any associated analysis got seen along with the intelligence.

In my opinion this suggests there is at least once incidence when the FBI did a search and missed something.

My original thought was that the use of ad hoc databases removed certain information from the general search pool such that an important dot was missed. Ad hoc databases were formalized in 2013 to permit FBI to store raw 702 data in separate repositories; one reason among other redacted reasons to do so was to more easily manipulate the data, but the repositories might be as small as a single laptop.

The formalization of a requirement that all queries include all databases in the HJC would seem to require that ad hoc databases (at least those with unique data streams) be included in those searches. And that, it seems, would be formalized because some queries missed data.

But it also might be that an FBI Agent did a search and missed critical context that would have been obvious if he had gotten that hit in a different database.

Someone missed a dot.

Someone missed a dot sufficiently important to codify rules to avoid missing dots into law.

That dot could be on any subject pertaining to 702: terrorism, counterproliferation, hacking, or counterintelligence. That said, we certainly don’t have any counterterrorism dots — in the form of a foreign sponsored attack — that appear to be missed.

Now let’s look at another dot. Among the many Russia-related items the SSCI-passed intelligence authorization mandates for next year is an intelligence posture review — separate from the SSCI investigation going on right now — to examine (in part) whether the IC was collecting the right intelligence to identify and respond to the Russian tampering.

(b) Elements.—The review required by subsection (a) shall include, with respect to the posture and efforts described in paragraph (1) of such subsection, the following:

(1) An assessment of whether the resources of the intelligence community were properly aligned to detect and respond to the efforts described in subsection (a)(1).

(2) An assessment of the information sharing that occurred within elements of the intelligence community.

(3) An assessment of the information sharing that occurred between elements of the intelligence community.

Admittedly, this is what the IC does in the wake of every intelligence failure: figure out why they failed. But I’m interested in the focus on whether information was shared within and between intelligence agencies sufficiently.

That’s because the public reports of the Task Force investigating the operation in real time describe it as very compartmented — the kind of compartment that might require the use of an ad hoc database.

Brennan convened a secret task force at CIA headquarters composed of several dozen analysts and officers from the CIA, the NSA and the FBI.

The unit functioned as a sealed compartment, its work hidden from the rest of the intelligence community. Those brought in signed new non-disclosure agreements to be granted access to intelligence from all three participating agencies.

They worked exclusively for two groups of “customers,” officials said. The first was Obama and fewer than 14 senior officials in government. The second was a team of operations specialists at the CIA, NSA and FBI who took direction from the task force on where to aim their subsequent efforts to collect more intelligence on Russia.

Dot three.

None of this is definitive in any way.

But I raise it all because there is a dot that — dot four is stunning in retrospect — was missed: the June 9, 2016 meeting at Trump Tower. Rayne even noted it at the time it was reported. While I’m less sure than she is that Rinat Akhmetshin — a naturalized American — would be targeted under FISA, it seems likely that Natalia Veselnitskaya would be, or those in the background of those meetings.

A former Trump lawyer working for Aras Agalarov, Scott Balber, went to Moscow to obtain this partial email thread. It’s not a PRISM provider, but Veselnitskaya is a likely target whose emails could be obtained via upstream surveillance. And she was still in Russia — discussing the meeting with another likely target, Agalarov — days before the June 9 meeting.

Veselnitskaya has said she was interested in the Magnitsky Act issue on behalf of a private client. She was working closely in the United States with Akhmetshin, a Russian American lobbyist who has been accused of having ties to Russian intelligence. He has denied ties to the Russian government.

Veselnitskaya told Balber that she met with a series of well-connected Russians in early June 2016 to discuss her upcoming trip to the United States. One person with whom she met was Agalarov, for whom she had previously done legal work.

Veselnitskaya told Balber she did not seek a meeting with the Trump campaign but was “surprised and pleased” when Agalarov explained his business connection to the presidential candidate and offered to make a connection. Veselnitskaya told Agalarov that she had in October 2015 provided information intended to undermine the U.S. law to Yuri Chaika, the Russian prosecutor general, Balber said. Balber said he believes it is possible Veselnitskaya’s statement resulted in a misunderstanding about the prosecutor’s role.

Side note: this entire press blitz based on former Trump lawyer Balber’s months old meeting with Veselnitskaya reeks of an attempt to compare notes in advance of someone’s testimony. CNN reported today that several of the Russians involved in the meeting had been interviewed by SSCI, and Richard Burr all but confirmed Veselnitskaya had been included among those at a press conference earlier this month.

Mind you, it’s not clear either of these likely targets would be in FBI’s databases in real time, in part because they’re less likely 702 targets. But they’d likely be in NSA databases. Which means as things heated up, particularly around meeting attendee Paul Manafort — who, as an individualized FISA target, could automatically be backdoor searched at NSA, against far more extensive NSA collection — this might have come up (though it’s not clear Manafort got mentioned until and except for the Rob Goldstone-Don Jr email thread).

All of which is to say when this meeting came out in July, Robert Mueller reportedly had just learned of it. That’s true, in spite of the fact that one reported FISA target (Manafort) and at least one likely NSA target (Veselnitskaya) attended the meeting.

As we learn more and more about that meeting, it seems more remarkable that it got missed for over a year after it happened (and only disclosed in response to subpoenas, not back door searches).

If we’re going to codify back door searches, even of Americans, can we first learn how it was this meeting never came up in a back door search?

In Defense of Trump’s Steele Dossier Tweet

I can’t believe what I’m about to do.

I’m going to defend this tweet from Donald Trump as reasonable.

Before I do, let me say two things.

First, I have zero doubt that the Russians attempted to influence the election. I think it likely Robert Mueller will eventually show evidence that senior people in Trump’s camp attempted to and may have coordinated with people working for Russia, and people more tangential to the campaign sought out Russians for help. I think if the full story of the Russian involvement in the election comes out, it will be worse than what people currently imagine.

I also think Trump opponents have made a really grave error in investing so much in the Steele dossier. That’s true because, from the start, there were some real provenance questions about it, as leaked. Those questions have only grown, as I’ll explain below. The dossier was always way behind ongoing reporting on the hack-and-leak, meaning it is utterly useless for one of the most important parts of last year’s tampering. The dossier provides Trump officials a really easy way to rebut claims of involvement, even when (such as with Michael Cohen) there is ample other evidence to suggest inappropriate ties with Russia. Most importantly, the dossier is not needed for the most common reason people cling to it, to provide a framework to understand Trump’s compromise by Russia. By late January, WaPo’s reporting did a far better job of that, with the advantage that it generally proceeded from events with more public demonstrable proof. And (again, given the abundance of other evidence) there’s no reason to believe the Mueller investigation depends on it.

But because Trump opponents have clung to the damn dossier for months, like a baby’s blanket, hoping for a pee tape, it allows Trump, Republicans, and Russians to engage in lawfare and other means to discredit the dossier as if discrediting the dossier will make the pile of other incriminating evidence disappear.

I believe the Trump opponents’ investment in the Steele dossier will ultimately lead to a bad own goal.

All that said, I think Trump’s tweet today, while as typically douchey as all his tweets, is somewhat defensible (and the fact that it is defensible should serve as a warning to those still clinging to the Steele dossier).

Workers of firm … take the 5th

Trump is referring to the fact that two Fusion employees refused to testify before the House Intelligence Committee under a subpoena issued unilaterally by Devin Nunes. There is significant confusion, spread in part by their attorney, as to why they would not testify. Beforehand, their attorney said the First Amendment permitted them to blow off the committee (which wouldn’t even be true for a journalist, much less an oppo research firm pretending for convenience to be a journalistic enterprise). Since it happened, several credible journalists have said Fusion’s lawyer said they pled the Fifth (which would work, but would also mean they felt they had criminal exposure).

So the point it at least contested.

My guess is they’re just stalling, with the knowledge that if Nunes has to find a way to enforce his subpoena, the rest of the committee will get to weigh in and will refuse to back his effort.

Discredited and Fake

It is true that anonymous sources say that the FBI has corroborated some things in the dossier (and Andy McCarthy makes an uncharacteristically worthwhile argument for what the tea leaves say). It is also true that Dianne Feinstein confirmed during the summer that we only have part (and given the numbering, probably a very small part) of the dossier. So we can’t be sure whether the bits FBI has corroborated are public at all.

There are things, as I’ve noted, that totally discredit parts of the dossier, such as the fact that it reported Russia hadn’t succeeded in hacking top targets almost a year after it was widely reported FSB already had (in general, the dossier is awful on the hack, as I lay out in this post; Steele’s speciality is in following the money and it shows).

Then there’s the fact that the unnecessary report on Alfa bank misspells their name: it’s a minor point but one those engaging in lawfare always point out.

The one thing that most people focus on — a Prague meeting between Cohen and the Russians — is not backed by the US passport he showed BuzzFeed.

A number of people have claimed that the dossier reported, 11 days after it occurred, the June 9 Trump Tower meeting. But as I lay out in this post, the dossier says the kompromat in question is older stuff based off wiretaps of Hillary, and it actually claims that Russia had not yet shared the intelligence in question, meaning the dossier did not confirm the June 9 meeting.

That doesn’t mean it’s discredited. But it doesn’t mean we know what parts of it have been corroborated, and some parts are not true (as we should expect from raw intelligence).

Who paid for it: Russia

The most problematic thing Trump said is that Russia may have paid for the dossier. It’s true we don’t know who paid for the dossier (indeed, that is the chief reason why Fusion doesn’t want to testify, to hide who did pay for it). Rumors say that a Jeb Bush supporter paid for it up until June 2016 (meaning, for a bunch of reports that aren’t public at all), and a Hillary supporter paid for it until November. Steele has claimed in court filings that the reports that came after that, including the December 13 report that has the most incendiary claims (including that Trump paid hackers involved in the operation), that he worked for free after November and that his sources — who normally would be paid — also just dumped the intelligence that happened to be the most inflammatory parts into his lap.

The Defendants continued to receive unsolicited intelligence on the matters covered by the pre-election memoranda after the US Presidential election and the conclusion of the assignment for Fusion.

After receiving some such intelligence [Steele] prepared the confidential December memorandum, … on his own initiative on or around 13 December 2016.

That last claim — that Steele worked for free — is pretty sketchy, especially when you consider that (given the numbering in the dossier and Feinstein’s confirmation we’ve got just part of the dossier) there were likely 31 reports filed between October 19 and December 13.

Regardless of who really paid for the work, the fact that Steele claims he (and his sources) were working for free, the fact that the Russians would have known about the dossier at least by October 31, when David Corn wrote about it, and possibly by mid-September, when Steele started briefing journalists on it, the fact that Aleksej Gubarev quickly sued, the fact that a suspected dossier source died in mysterious circumstances in December, and the fact that the last report tied everything up in a neat little bow, suggests the Russians may have been feeding Steele disinformation by that last report.

Does that mean the Russians paid Steele? Absolutely not. It’s an outrageous insinuation. Does that mean that any disinformation in the dossier was ultimately paid for by Russia and that it is not crazy to imagine the later reports included at least some disinformation? Yup.

Then there’s another detail that makes the Russian accusation at least reasonable: the fact that Rinat Ahkmetshin had a relationship with Fusion (to work on anti-Magnitsky stuff) at precisely the same time as Fusion was working on the Trump dossier. Not only does that fact make it more likely Russians eventually learned of the dossier and fed Steele disinformation, but it also means Fusion was getting paid by Russians at the same time as or not long before it was producing free Steele dossier work.

Who paid for it: FBI

People seem most offended by Trump’s claim that FBI may have paid for the dossier. The reporting on this point conflicts, but note that CNN has said that Steele got paid by the FBI for expenses.

CNN:

The FBI reimbursed some expenses of the former British intelligence operative who produced a dossier containing allegations of President Donald Trump’s ties to Russia, people familiar with the matter said.

WaPo:

The former British spy who authored a controversial dossier on behalf of Donald Trump’s political opponents alleging ties between Trump and Russia reached an agreement with the FBI a few weeks before the election for the bureau to pay him to continue his work, according to several people familiar with the arrangement.

The agreement to compensate former MI6 agent Christopher Steele came as U.S. intelligence agencies reached a consensus that the Russians had interfered in the presidential election by orchestrating hacks of Democratic Party email accounts.

[snip]

Ultimately, the FBI did not pay Steele. Communications between the bureau and the former spy were interrupted as Steele’s now-famous dossier became the subject of news stories, congressional inquiries and presidential denials, according to the people familiar with the arrangement, who spoke on the condition of anonymity because they were not authorized to discuss the matter.

NBC:

The FBI reached a deal in October to pay a former British spy who had compiled a dossier on Donald Trump’s alleged ties with Russia, an indication of how seriously the bureau was taking the allegations, according to a person familiar with the matter.

The deal for the former operative, Christopher Steele, to continue his work on behalf of the FBI fell apart when Steele pulled out, said the source, who has direct knowledge of the situation.

Given what Chuck Grassley has asked and said in response, my suspicion is the reality is that FBI paid Steele’s expenses for trips to explain sourcing and other details of the dossier to them, meaning their funds didn’t pay his sources or for his time, but did pay for him to meet with the FBI.

Who paid for it: Dems

This claim is a no-brainer. According to the public story, a Hillary supporter — who has always been presumed to be a Democrat though there’s no reason that has to be true (indeed, it is utterly conceivable that the same person paid for the work first in Jeb’s name and then in Hillary’s) — paid for all the reports we have, save the December 13 one.

(or all)?

Finally, people are especially offended that Trump, with his “or all,” insinuated that the FBI and Russians were colluding against Trump.

It’s certainly possible that’s what he intended. But the public record at least claims that three different entities paid for the dossier over time; that same record makes a reasonable claim that both the Dems and FBI paid some money to support the dossier.

All of which is to say the serial payment for the dossier does not require that “or all” to be a malicious insinuation of collusion (heh) between FBI and Russia.

I know this will be an unbelievably unpopular post. But the dossier simply isn’t as pristine as those clinging to it want it to be. Which is a good reason for Trump opponents to spend more time highlighting the great reporting of the WaPo or NYT, which often as not has been confirmed and is backed by public information.

Update: Made some tweaks in my argument that Trump opponents should stop clinging to the Steele dossier.

How Trump Could Install a Mole in the Mueller Inquiry

For six years, I’ve been working to raise attention to a 2002 OLC memo that authorized the sharing of grand jury information with the President with no notice to the district court. In the New Republic, I talk about how Trump might be able to use it to order a DOJ lawyer to spy on the Mueller grand jury.

July 22, 2002, memo from the Justice Department’s Office of Legal Counsel, written by Jay Bybee, the author of the infamous torture memos, held that, under the statute, the president could get grand jury information without the usual notice to the district court. It also found that the president could delegate such sharing without requiring a written order that would memorialize the delegation.

Bybee’s memo relies on and reaffirms several earlier memos. It specifically approves two rationales for sharing grand jury information with the president that would be applicable to the Russian investigation. A 1997 memo imagined that the president might get grand jury information “in a case where the integrity or loyalty of a presidential appointee holding an important and sensitive post was implicated by the grand jury investigation.” And a 2000 memo imagined that the president might need to “obtain grand jury information relevant to the exercise of his pardon authority.”

If you set aside Trump’s own role in obstructing the investigation—including the firing of former FBI Director James Comey—these rationales are defensible in certain cases. In fact, the Justice Department has already shared information (though not from a grand jury) with the White House for one of these very reasons. In January, acting Attorney General Sally Yates warned White House Counsel Don McGahn that Russians might be able to blackmail then-National Security Advisor Mike Flynn. As Yates explained in her congressional testimony in May, after Flynn’s interview with the FBI, “We felt that it was important to get this information to the White House as quickly as possible.” She shared it so the White House could consider firing Flynn: “I remember that Mr. McGahn asked me whether or not General Flynn should be fired, and I told him that that really wasn’t our call, that was up to them, but that we were giving them this information so that they could take action.”

A similar situation might occur now that the investigation has moved to a grand jury investigation, if someone remaining in the White House—the most likely candidate is the president’s son-in-law, Jared Kushner—were found to be compromised by Russian intelligence. In Kushner’s case, there are clear hints that he has been compromised, such as when he asked to set up a back channel with the Russians during the transition.

If Trump were to rely on the memo, he might order a Justice Department lawyer to tell him what evidence Mueller had against Kushner, or whether Mike Flynn or former campaign manager Paul Manafort were preparing to cooperate with Mueller’s prosecutors if they didn’t get an immediate pardon. Unlike Yates, Trump would have an incentive to use such information to undercut the investigation into Russia’s meddling.

I point out that Trump’s partisan nominee to be Assistant Attorney General for Criminal Division, Brian Benczkowski, would be far more likely to share such information than the career prosecutors that currently have visibility onto the investigation (Benczkowski has refused to recuse from the Russian investigation, but has promised to follow ethical guidelines at DOJ).

One thing didn’t make the cut, though it’s a key reason why I think it possible someone is trying to use this precedent to provide Trump with a mole on the investigation.

Viet Dinh was both the key author of the PATRIOT Act as well as the procedures implementing these sharing rules. Dinh is also the Kirkland & Ellis partner who asked Benczkowski to exercise the really poor judgment of overseeing an investigation for Alfa Bank while he was awaiting a likely DOJ appointment. “I’ve known Viet Dinh for twenty years,” Benczkowski explained during his confirmation hearing for why he represented Alfa Bank while potentially up for nomination to DOJ.

Benczkowski certainly said the right things about honoring Mueller’s work. But Dinh, a guy who had a key role in compromising Benczkowski with respect to the investigation just as he got nominated played a key role in the sharing rules that might make it possible.

As I say in the piece, we had better hope DOJ guards recusal concerns a lot more closely than they seem to have been doing.

The Latest CNN Scoop Doesn’t Prove What Everyone Says It Does

CNN has a story that reports something the evidence it presents doesn’t support, which others are taking to say things that it supports even less.

It claims that a short email thread it shares and five pages of talking points it doesn’t proves that the June 9, 2016 meeting at Trump Tower between Natalia Veselnitskaya and Don Jr (and others) “not about dirt on Clinton.”

An email exchange and talking points provided to CNN are the latest indication of how some of the meeting participants plan to make their case about why the meeting with Donald Trump Jr. did not amount to collusion between Russian officials and the Trump campaign.

The new information stands in contrast with the initial email pitching the meeting to Trump Jr., which promised damaging information on Clinton.

The “proof” is an email chain — or perhaps, just five emails from a longer chain, out of context with other emails they relate to — that includes one where Veselnitskaya asks Rod Goldstone, who set up the meeting, permission to include Rinat Akhmetshin in the meeting because he “is working to advance these issues with several congressmen.” From that, CNN suggests, we should understand the meeting was primarily about the Magnitsky sanctions.

But even there, Goldstone’s references to the purpose of the meeting are oblique, wishing only that Veselnitskaya “bring[s] whoever you need in order to make the meeting successful.” Moreover, the talking point document that CNN doesn’t share does include “a passing reference to a possible financer of Clinton’s campaign.” The further discussion of the talking points suggest it was more than a passing reference.

As part of her explanation, Veselnitskaya’s talking points accuse the “Ziff brothers” — three billionaire brothers who had run a hedge fund company together — of violating Russian law, as well as their connections to Democratic politics.

“Ziff brothers participated in financing both Obama presidential campaign, American press dubs them as ‘main sponsors of Democrats,’ ” the memo states, according to a translated version. “It’s entirely possible they also take part in financing Hillary Clinton’s campaign.”

Now consider the provenance of the document, which to me is a big part of the story.

It was obtained, CNN explains, by an attorney CNN says represents Aras and Emin Agalarov, and who seems intent on refuting the story publicly told by Rod Goldstone.

The documents were provided by Scott Balber, who represents Aras and Emin Agalarov, the billionaire real estate developer and his pop star son who requested the June 2016 meeting.

Balber, who went to Moscow to obtain the documents from Veselnitskaya, said in an interview with CNN that the emails and talking points show she was focused on repealing the Magnitsky Act, not providing damaging information on Clinton.

The message was muddled, Balber said, when it was passed like a game of telephone from Veselnitskaya through the Agalarovs to Goldstone.

Balber also suggested that Goldstone “probably exaggerated and maybe willfully contorted the facts for the purpose of making the meeting interesting to the Trump people.”

A couple of points about this.

First, in addition to apparently representing the Agalarovs in this matter, and on top of being an early source for details about who attended this meeting, Balber also once represented Trump.

This story comes at a time when we know Akhmetshin has already testified before the grand jury, presumably saying what he said to the FT about Veselnitskaya sharing information developed with the help of corporate intelligence (which is quite likely to be Fusion! which might explain the NDA) on how bad money supported Hillary.

Akhmetshin said he did not read the papers about Hillary Clinton’s campaign funding that Veselnitskaya took to the meeting, but he had seen the Russian version of it before. He says the lawyer developed it with the help of private corporate intelligence and that it was about “how bad money ended up in Manhattan and that money was put into supporting political campaigns”.

Furthermore Richard Burr, last week, suggested that Veselnitskaya may have already met with SSCI investigators.

Sir, is the Russian lawyer who met Donald Trump, is she coming before you?

[snip]

Is the Russian attorney going to come through, the Russian attorney that met with Donald Trump Jr, she’s offered to come in open committee. Have you reached out to her, is she one of the 25 on your list?

Burr: How do you know we haven’t already heard from her?

So if this is an attempt to change the spin of the story, it may extend no further than changing the spin of the story publicly, not with Robert Mueller or anyone who matters.

But here’s the bigger question. Why would an American lawyer who has previously represented Trump need to fly to Russia to meet with Veselnitskaya personally? This email chain and the talking points could very easily be sent — but weren’t. So why did Balber need to solidify stories with Veselnitskaya in person? And what is the provenance of the emails as presented, stripped of any forensic information?

So while it’s clear Trump’s former lawyer wants to change the spin around this story, it seems to me the takeaway should be,

Breaking: Lawyer with past ties to Trump flew to Russia to coordinate stories with Natalia Veselnitskaya

Furthermore, given all the focus on Fusion and the emphasis in this story on NDAs, I’d suggest it possible they’re trying to hide the fact that Fusion was working both sides, or even providing dirt on Hillary to the initial funder of the Steele dossier to the Republican that originally paid for it.

Update: Compare this effort to rewrite the story with the flip-flop Don Jr made for his congressional testimony. Not only did Don Jr need to incorporate both adoptions and dirt on Hillary to accord with both his published emails but also with what Pops said, but he could not recall things about what Agalarov said in advance of the meeting.

I’m more interesting in the things the forgetful 39 year old could not recall. While his phone records show he spoke to Emin Agalarov, the rock star son of Aras Agalarov, who has been dangling real estate deals in Russia for the Trumps for some time, for example, he doesn’t recall what was discussed.

Three days later, on June 6th, Rob contacted me again about scheduling a time for a call with Emin. My phone records show three very short phone calls between Emin and me between June 6th and 7th. I do not recall speaking to Emin. It is possible that we left each other voice mail messages. I simply do not remember.

This is important, because those conversations probably explained precisely what was going to happen at that meeting (and how it might benefit real estate developer Aras Agalarov), but Jr simply can’t recall even having a conversation (or how long those conversations were).

Don Jr also claimed not to recall that Ahkmetshin attended the meeting. The focus in the CNN spin on the NDAs served to obscure his presence in a way.

Chuck Grassley Finally Shows Concern about Parallel Construction — Affecting Trump

As I’ve said repeatedly, I think Chuck Grassley’s concerns about the Steele dossier — and FBI’s refusal to answer questions about it — generally have merit. That continues with his latest letter to FBI.

Effectively, he’s worried that because Steele shared the dossier with MI6, the FBI might effectively be parallel constructing intelligence that ultimately came from Steele, and so from a oppo research dossier.

There is another concern about Mr. Steele’s and Fusion GPS’s work that the FBI needs to address.  Public reports indicate that the FBI received the dossier and has used it in the Russia investigation.  However, it appears that the FBI, the media, and various Congressional offices were not the only recipients of the dossier prior to its publication.  In court filings by Mr. Steele’s attorneys in London, he admitted that he had passed at least some contents of the dossier to at least one foreign government – the United Kingdom.[1]

Media reports have also claimed that foreign governments passed along information to the United States about purported contacts between Trump associates and Russians.  Given that Mr. Steele also distributed the dossier’s contents to at least one foreign government, it is possible that this political dossier’s collusion allegations, or related allegations originating via Mr. Steele, may have also been surreptitiously funneled into U.S. intelligence streams through foreign intelligence sharing.  If so, that foreign information would likely have ended up within the FBI’s investigation of allegations of collusion between Trump associates and Russia.  However, given that foreign intelligence agencies carefully guard their sources and methods, it may not have been clear to the FBI that the foreign reporting was actually based on the work of Mr. Steele and Fusion GPS.

If this in fact happened, it would be alarming.  Mr. Steele’s dossier allegations might appear to be “confirmed” by foreign intelligence, rather than just an echo of the same “research” that Fusion bought from Steele and that the FBI reportedly also attempted to buy from Steele.  It is even more alarming in light of what we are learning about the allegedly unregistered Russian foreign agents who Fusion GPS and Glenn Simpson were working with to undermine the Magnitsky Act and who met with Trump family and campaign officials last summer.

The Committee must understand what steps the FBI has taken to ensure that any foreign information it received and used in the Russia investigation, beyond the dossier itself, was not ultimately sourced to Mr. Steele, his associates such as Fusion GPS, or his sub-sources.

It’s a fair point — as mentioned, he’s effectively describing parallel construction, which the FBI uses all the time to hide the ultimate source for its evidence on defendants (though usually, that process involves obtaining subpoenas to hide what kind of foreign intelligence it relies on).

So I’m grateful the Chair of the Senate Judiciary Committee has finally decided to turn his focus on a process that is badly abused, to the detriment of due process in this country.

I just wish he expressed the same concern for less famous targets, rather than just the President.

Not Mentioned in Roger Stone’s Straw Rat-Fucker Statement: the Peter Smith Rat-Fuck

Earlier today, legendary rat-fucker Roger Stone had a three hour interview before the House Intelligence Committee. Before the interview, he leaked his testimony, as all of the most implicated Trump officials — save Paul Manafort — have.

The testimony is telling for multiple reasons. Given the recent trouble I got in for saying “rat-fucker” on TV, I’m particularly invested in the way he avoided calling himself one.

As to the substance of the report, it is delightfully, tellingly, squirrelly in two different ways. First, his generalized denial is very specific to colluding with the Russian state to affect the outcome of the 2016 election; this is a point Renato Mariotti makes here.

I have no involvement in the alleged activities that are within the publicly stated scope of this Committee’s investigation  — collusion with the Russian state to affect the outcome of the 2016 election.

I’m even more interested in how he depicts what he claims are the three allegations made against him.

Members of this Committee have made three basic assertions against me which bust be rebutted her today. The charge that I knew in advance about, and predicted, the hacking of the Clinton campaign chairman John Podesta’s email, that I had advanced knowledge of the source or actual content of the WikiLeaks disclosures regarding Hillary Clinton or that, my now public exchange with a persona that our intelligence agencies claim, but cannot prove, is a Russian asset, is anything but innocuous and are entirely false.

In point of fact, this tripartite accusation is actually a misstatement of the allegations against him (though in his rebuttal of them, he is helped immensely by the sloppiness of public statements made by Democrats, especially those on the panel, which I’ve criticized myself). Generally, the accusation is more direct: that in conversing with both Julian Assange (though a cut-out) and Guccifer 2.0, Stone was facilitating or in some way helping the Trump campaign maximally exploit the Russian releases that were coming.

Which is why I find one other silence quite interesting: Stone makes no mention of the Peter Smith operation to find the emails, purportedly related to the Clinton Foundation, deleted from Hillary’s server. As I noted here, along with reaching out to multiple suspected Russian hackers and advising those with emails that might be Foundation emails to share them with WikiLeaks, rat-fucker Smith also pushed GOP operatives like rat-fucker Stone to reach out to Guccifer 2.0.

Instead, Johnson said, he put the word out to a “hidden oppo network” of right-leaning opposition researchers to notify them of the effort. Johnson declined to provide the names of any of the members of this “network,” but he praised Smith’s ambition.

“The magnitude of what he was trying to do was kind of impressive,” Johnson said. “He had people running around Europe, had people talking to Guccifer.” (U.S. intelligence agencies have linked the materials provided by “Guccifer 2.0”—an alias that has taken credit for hacking the Democratic National Committee and communicated with Republicanoperatives, including Trump confidant Roger Stone—to Russian government hackers.)

As I noted, there is much about the events from August to October that suggest Republicans may have believed WikiLeaks had obtained, and might be leaking, the Clinton Foundation emails, only to have the John Podesta ones released in their stead.

If I’m right, it would mean that by pitching everything as pertaining to Podesta, and not to other emails, Stone can more successfully deny his involvement.

And Stone’s timeline obscures some of the key details here, notably leaving out his incorrect predictions not just of an October 5 release, but that they’d be the Foundation emails.

Also note: Stone describes his exchange with Guccifer as starting on August 14. That’s actually not right. It started on August 13 (actually, August 12 East Coast time), with this tweet, which puts it in the context of two offers for files.

It’s definitely true (in the DMs that Stone includes) that Stone ultimately doesn’t response to Guccifer 2.0’s offers of data.

But that timeline also extends matters just to where things were heating up on Smith’s hunt for Clinton Foundation documents.

As noted above, Stone has denied colluding with the Russian state to affect the outcome of the election. But that’s not a denial of colluding with Russian hackers or Russian assets (the latter a rather curious term Stone uses twice to refer to Guccifer 2.0 in his statement, but not in the Breitbart piece in which he claims to have refuted claims he was an “asset”) to “prove Hillary’s corruption” or some such excuse for digging up more dirt on Hillary.

And that’s precisely the kind of thing we know a rat-fucker like Stone would do, and precisely the kind of thing we know other rat-fuckers were doing.

One Thing Not Mentioned in Mueller Requests from the White House: The Putin Phone Call

Yesterday, three different outlets published versions of the list of stuff Robert Mueller has requested of the White House. The NYT describes Mueller asking for details of the in-person meeting with Russians after Comey’s firing, as well as details of Comey and Flynn’s firing,

Mueller’s office sent a document to the White House that detailed 13 different areas that investigators want more information about. Since then, administration lawyers have been scouring White House emails and asking officials whether they have other documents or notes that may pertain to Mr. Mueller’s requests.

One of the requests is about a meeting Mr. Trump had in May with Russian officials in the Oval Office the day after James B. Comey, the F.B. I director, was fired. That day, Mr. Trump met with the Russian foreign minister, Sergey V. Lavrov, and the Russian ambassador to the United States, Sergey I. Kislyak, along with other Russian officials. The New York Times reported that in the meeting Mr. Trump said that firing Mr. Comey relieved “great pressure” on him.

Mr. Mueller has also requested documents about the circumstances of the firing of Michael T. Flynn, who was Mr. Trump’s first national security adviser. Additionally, the special counsel has asked for documents about how the White House responded to questions from The Times about a June 2016 meeting at Trump Tower. That meeting was set up by Donald Trump Jr., the president’s eldest son, to get derogatory information from Russians about Hillary Clinton.

WaPo adds communications with Paul Manafort to the list and fleshes out the nature of the requests on Flynn and Comey.

Mueller has requested that the White House turn over all internal communications and documents related to the FBI interview of Flynn in January, days after he took office, as well as any document that discusses Flynn’s conversations with then­-Russian Ambassador Sergey Kislyak in December. Mueller has also asked for records about meetings then-Deputy Attorney General Sally Yates held with White House counsel Don McGahn in late January to alert him to Justice Department concerns about Flynn, as well as all documents related to Flynn’s subsequent ouster by the White House.

Regarding Comey, Mueller has asked for all documents related to meetings between Trump and Comey while Comey served at the FBI, records of any discussions regarding Comey’s firing and any documents related to a statement by then-press secretary Sean Spicer made on the night Comey was fired.

Here’s CNN’s mostly derivative version.

There’s one thing that’s not explicitly on this list (though it might be included in the larger request for details on Flynn’s firing): details surrounding the January 28th phone conversation between Trump and Putin, which included a bunch of people who happen to no longer be at the White House.

As a number of Democrats noted in the Sally Yates hearing before Senate Judiciary Committee, the call took place in the immediate wake of Yates’ two conversations with Don McGahn about Flynn’s potential for compromise by the Russians because of his lies about his conversation with Sergey Kislyak.

HIRONO: Others of my colleagues have mentioned, and you yourself, Mr. Clapper, said that RT is a Russian mouthpiece to spread propaganda. And, of course, we know that General Flynn attended a gala hosted by — or a 10th anniversary gala for RT in December, 2015, where he sat next President Putin and got paid over $33,000 for that.

Mr. Clapper, given the conversation that Ms. Yates provided to the White House regarding — and this is during the January 26th and 27th timeframe — regarding General Flynn, should he have sat in on the following discussions?

On January 28th, he participated in an hour-long call, along with President Trump, to President Putin. And on February 11th, he participated in a discussion with Prime Minister Abe and the president at Mar-a-Lago to discuss North Korea’s missile tests.

Should he — given the — the information that had already been provided by Ms. Yates, should he have participated in these two very specific instances?

In comments on Yates’ testimony when it got canceled on March 28, Adam Schiff focused on the possible explanation for why Flynn was kept on, through that meeting and for 18 days total after Yates’ warning to the White House.

In other words, the big question surrounding Flynn’s firing seems to have as much to do with why he wasn’t fired as why he was, eventually, 18 days after getting notice he was in trouble with DOJ. And the import of including him in that phone call with Putin seems to be a part of that.

Again, that may well be included in the universe of documents on Flynn’s firing (I’d love to see Yates’ firing in there as well, as the Muslim ban was used as an excuse to fire her just as she was raising concerns about Flynn). But it seems important to learn why Trump felt the need to keep Flynn on even after his communications with the Russians had gotten him in legal trouble.

Why Was Manafort FISA Tapped Rather than Criminal Tapped?

Congratulations to Donald Trump, who may have finally figured out how to prove his March 4 claim that there was a “tapp” on Trump Tower — by continuing to speak to Paul Manafort after FBI got a second FISA wiretap on him, at least according to the CNN’s report on the tap.

US investigators wiretapped former Trump campaign chairman Paul Manafort under secret court orders before and after the election, sources tell CNN, an extraordinary step involving a high-ranking campaign official now at the center of the Russia meddling probe.

The government snooping continued into early this year, including a period when Manafort was known to talk to President Donald Trump.

[snip]

The conversations between Manafort and Trump continued after the President took office, long after the FBI investigation into Manafort was publicly known, the sources told CNN. They went on until lawyers for the President and Manafort insisted that they stop, according to the sources.

It’s unclear whether Trump himself was picked up on the surveillance.

I mean, if you’re dumb enough to talk to a guy under active investigation, you should expect to be tapped. Trump should know this from his NY mobster buddies.

The CNN report — by the same team that last month revealed Carter Page had actually been wiretapped going back to 2014, too — is maddeningly vague about the dates of all this. Manafort was first targeted under FISA for his (and associated consulting companies, probably including Tony Podesta) Ukrainian influence peddling in 2014. Then the order lapsed, only to have a new one, possibly last fall, approved in association with the Trump investigation.

A secret order authorized by the court that handles the Foreign Intelligence Surveillance Act (FISA) began after Manafort became the subject of an FBI investigation that began in 2014. It centered on work done by a group of Washington consulting firms for Ukraine’s former ruling party, the sources told CNN.

The surveillance was discontinued at some point last year for lack of evidence, according to one of the sources.

The FBI then restarted the surveillance after obtaining a new FISA warrant that extended at least into early this year.

[snip]

The FBI interest deepened last fall because of intercepted communications between Manafort and suspected Russian operatives, and among the Russians themselves, that reignited their interest in Manafort, the sources told CNN. As part of the FISA warrant, CNN has learned that earlier this year, the FBI conducted a search of a storage facility belonging to Manafort. It’s not known what they found.

The gap would presumably have excluded June, given that Mueller reportedly didn’t learn about the June 9 meeting until the usual suspects started turning over records on it (though I may come back to that).

The report of a fall wiretap, based in part on intercepts of Russians, would put it well beyond the time Manafort got booted from the campaign (and might be consistent with the reporting of an earlier application followed by ultimate approval in the fall). The mention of a search of a storage facility suggests that Manafort would have been targeted under both 1805 (data in motion) and 1824 (data at rest, plus physical search like that used with the storage facility).

Here’s some relevant information from last year’s FISC and I Con the Record transparency numbers.

For the same authorities (1805, 1824, 1805/1824, and 1881c), the FISA Court, which uses different and in most cases more informative counting metrics, reports 1,220 orders granted, 313 orders modified, and 26 orders denied in part (which add up to I Con the Record’s 1,559), plus 8 orders denied, which I Con the Record doesn’t mention.

As an improvement this year, I Con the Record has broken down how many of these targets are US persons or not, showing it to be 19.9%. That means the vast majority of targeted FISA orders are targeted at people like Sergey Kislyak, the Russian Ambassador all of Trump’s people talked to.

This is the target number for the original report, not the order number, and it is an estimate (which is curious). This means at least 28 orders target multiple people. Neither ICTR nor FISC reveals how many US persons were approved for 705b, meaning they were spied on when they went overseas.

I include this, especially the FISC numbers (the top ones), to show that for the category that Manafort would have been targeted under, the court outright rejected 8 applications, denied in part — perhaps by approving only some of the facilities in the application — 18, and modified — which can often be minimization procedures — 260. Note, too, that among all the individual orders approved last year, roughly 336 were targeted at Americans like Manafort and Page. I assume there would be more minimization procedures on those targeting Americans, especially those who hang out with political candidates or the President.

All of which is my way of saying that for Manafort, in particular, the FBI may have had to use some kind of clean team to separate the political items from the foreign intelligence ones. The members of Congress that are the most likely sources for this story probably would have known that too, but it wouldn’t serve the point of the leak as well if that detail were included.

One more point.

The CNN piece is clear: FBI had a FISA order targeting Manafort (and probably others, probably the same ones who’ve been asked to testify, including Tony Podesta’s group), then let it lapse. They then got an order focused on election-related issues.

By the point they got the election-related FISA, the FBI was very deep into their investigation of Manafort for money laundering (and in NY, where FBI agents are notoriously gabby).

But at least given all the public reporting thus far, there have been no reported criminal warrants against Manafort, at least not before the no-knock search in VA this summer.

Which is odd, because they sure seem to have probable cause against him for crimes, as well. If Manafort were targeted by a criminal warrant, it’s nowhere near as clear that any minimization would be overseen by a court. That is, it might be more likely that Trump would get picked up in his rash conversations with someone known to be under investigation if that person were targeted with a criminal warrant than if he were targeted under FISA.

One, final, point. Craig Murray, who ferried something (though not emails) to Julian Assange in September 2016 claimed the emails had been picked obtained by American National Security types wiretapping [John] Podesta because of the Podesta Group’s lobbying for Saudi Arabia. As I noted at the time, that didn’t make any sense, partly because Tony would have been the target, not John, but also the FBI wouldn’t be all that interested in lobbying for Saudi Arabia.

Murray claimed the documents came from someone in the national security establishment, and implied they had come from legal monitoring of John Podesta because he (meaning John) is a lobbyist for Saudi Arabia.

Again, the key point to remember, in answering that question, is that the DNC leak and the Podesta leak are two different things and the answer is very probably not going to be the same in both cases. I also want you to consider that John Podesta was a paid lobbyist for the Saudi government — that’s open and declared, it’s not secret or a leak in a sense. John Podesta was paid a very substantial sum every month by the Saudi government to lobby for their interests in Washington. And if the American security services were not watching the communications of the Saudi government paid lobbyist then the American intelligence services would not be doing their job. Of course it’s also true that the Saudis’ man, the Saudis’ lobbyist in Washington, his communications are going to be of interest to a great many other intelligence services as well.

As a threshold matter, no national security agency is going to monitor an American registered to work as an agent for the Saudis. That’s all the more true if the agent has the last name Podesta.

But that brings us to another problem. John Podesta isn’t the lobbyist here. His brother Tony is. So even assuming the FBI was collecting all the emails of registered agent for the Saudis, Tony Podesta, even assuming someone in national security wanted to blow that collection by revealing it via Wikileaks, they would pick up just a tiny fraction of John Podesta’s emails. So this doesn’t explain the source of the emails at all.

They would — and apparently were — interested in tapping all the corrupt people working with corrupt Ukrainians, including Manafort and, maybe, Tony (but not John).

This in no way confirms Murray’s explanation — his story still makes no sense for the reasons I laid out when I first wrote the post. But I find it particularly interesting that Tony Podesta may well have been wiretapped along with Manafort, for his Ukrainian influence peddling, not his Saudi influence peddling, earlier in the year last year.

SSCI Plays Hardball with Michael Cohen’s Attempt to Distract from Trump Tower Deal

Just before it was supposed to start, SSCI canceled Michael Cohen’s private interview with the committee. They did so, per a statement from Richard Burr and Mark Warner, because Cohen broke an agreement not to talk to the press by releasing what has generally been described as “his statement” to the press beforehand.

We were disappointed that Mr. Cohen decided to pre-empt today’s interview by releasing a public statement prior to his engagement with Committee staff, in spite of the Committee’s requests that he refrain from public comment. As a result, we declined to move forward with today’s interview and will reschedule Mr. Cohen’s appearance before the Committee in open session at a date in the near future. The Committee expects witnesses in this investigation to work in good faith with the Senate.

But in point of fact, what got published as his “statement” was not the entirety of it. Close to the end of the “statement” is this paragraph, alluding to a further two page statement on the Trump Tower deal that somehow didn’t get leaked.

I assume we will discuss the rejected proposal to build a Trump property in Moscow that was terminated in January of 2016; which occurred before the Iowa caucus and months before the very first primary. This was solely a real estate deal and nothing more. I was doing my job. I would ask that the two-page statement about the Moscow proposal that I sent to the Committee in August be incorporated into and attached to this transcript.

Other than that paragraph, mind you, Cohen’s statement closely parallels the letter to HPSCI Cohen released last month after spending a week distracting from and pre-empting the Trump Tower story. Both deny the allegations in the Christopher Steele dossier, and try to suggest that if he is found innocent of those allegations, then HPSCI and/or SSCI must issue a statement exonerating him.

In other words, with both committees, Cohen has manipulated the press so as to set a narrative about his testimony, a narrative that treats the Steele dossier as the entirety of his expose, rather than the now far more interesting (and interestingly time) real estate deal.

Four days ago, Michael Cohen (or the Trump Organization) pre-empted revelations that would leak as soon as he turned over a third tranche of documents to the House Intelligence Committee by revealing a seemingly damning detail from it: along with Trump’s associate Felix Sater, Cohen was pursuing a Trump Tower deal in Moscow well after Trump’s campaign was in full swing. Sure enough, more damning information was still to come: Sater somehow imagined the deal — whatever it was — would get Trump elected. Then still more damning information: in January 2016, Cohen reached out to trusted Putin aide Dmitry Peskov to push for help on the deal. That’s when Cohen began to not recall precisely what happened, and also ignore questions about why he hadn’t told Trump about this call, unlike the other actions he took on this deal.

[snip]

All that said, the way in which Cohen has orchestrated this disclosure — up to and including his failures to recall and answer obvious questions — is either great lawyering and/or sign that this earlier deal making is a real problem.

Of course, Burr and Warner were having none of this narrative scene setting and so now will force Cohen to testify publicly.

Cohen is sure spending a lot of time orchestrating distractions from this property deal. A pity for him his second attempt didn’t work as well as the first one.

Can Congress — or Robert Mueller — Order Facebook to Direct Its Machine Learning?

The other day I pointed out that two articles (WSJ, CNN) — both of which infer that Robert Mueller obtained a probable cause search warrant on Facebook based off an interpretation that under Facebook’s privacy policy a warrant would be required — actually ignored two other possibilities. Without something stronger than inference, then, these articles do not prove Mueller got a search warrant (particularly given that both miss the logical step of proving that the things Facebook shared with Mueller count as content and not business records).

In response to that and to this column arguing that Facebook should provide more information, some of the smartest surveillance lawyers in the country discussed what kind of legal process would be required, but were unable to come to any conclusions.

Last night, WaPo published a story that made it clear Congress wanted far more than WSJ and CNN had suggested (which largely fell under the category of business records and the ads posted to targets, the latter of which Congress had been able to see but not keep). What Congress is really after is details about the machine learning Facebook used to identify the malicious activity identified in April and the ads described in its most recent report, to test whether Facebook’s study was thorough enough.

A 13-page “white paper” that Facebook published in April drew from this fuller internal report but left out critical details about how the Russian operation worked and how Facebook discovered it, according to people briefed on its contents.

Investigators believe the company has not fully examined all potential ways that Russians could have manipulated Facebook’s sprawling social media platform.

[snip]

Congressional investigators are questioning whether the Facebook review that yielded those findings was sufficiently thorough.

They said some of the ad purchases that Facebook has unearthed so far had obvious Russian fingerprints, including Russian addresses and payments made in rubles, the Russian currency.

Investigators are pushing Facebook to use its powerful data-crunching ability to track relationships among accounts and ad purchases that may not be as obvious, with the goal of potentially detecting subtle patterns of behavior and content shared by several Facebook users or advertisers.

Such connections — if they exist and can be discovered — might make clear the nature and reach of the Russian propaganda campaign and whether there was collusion between foreign and domestic political actors. Investigators also are pushing for fuller answers from Google and Twitter, both of which may have been targets of Russian propaganda efforts during the 2016 campaign, according to several independent researchers and Hill investigators.

“The internal analysis Facebook has done [on Russian ads] has been very helpful, but we need to know if it’s complete,” Schiff said. “I don’t think Facebook fully knows the answer yet.”

[snip]

In the white paper, Facebook noted new techniques the company had adopted to trace propaganda and disinformation.

Facebook said it was using a data-mining technique known as machine learning to detect patterns of suspicious behavior. The company said its systems could detect “repeated posting of the same content” or huge spikes in the volume of content created as signals of attempts to manipulate the platform.

The push to do more — led largely by Adam Schiff and Mark Warner (both of whom have gotten ahead of the evidence at times in their respective studies) — is totally understandable. We need to know how malicious foreign actors manipulate the social media headquartered in Schiff’s home state to sway elections. That’s presumably why Facebook voluntarily conducted the study of ads in response to cajoling from Warner.

But the demands they’re making are also fairly breathtaking. They’re demanding that Facebook use its own intelligence resources to respond to the questions posed by Congress. They’re also demanding that Facebook reveal those resources to the public.

Now, I’d be surprised (pleasantly) if either Schiff or Warner made such detailed demands of the NSA. Hell, Congress can’t even get NSA to count how many Americans are swept up under Section 702, and that takes far less bulk analysis than Facebook appears to have conducted. And Schiff and Warner surely would never demand that NSA reveal the extent of machine learning techniques that it uses on bulk data, even though that, too, has implications for privacy and democracy (America’s and other countries’). And yet they’re asking Facebook to do just that.

And consider how two laws might offer guidelines, but (in my opinion) fall far short of authorizing such a request.

There’s Section 702, which permits the government to oblige providers to provide certain data on foreign intelligence targets. Section 702’s minimization procedures even permit Congress to obtain data collected by the NSA for their oversight purposes.

Certainly, the Russian (and now Macedonian and Belarus) troll farms Congress wants investigated fall squarely under the definition of permissible targets under the Foreign Government certificate. But there’s no public record of NSA making a request as breathtaking as this one, that Facebook (or any other provider) use its own intelligence resources to answer questions the government wants answered. While the NSA does draw from far more data than most people understand (including, probably, providers’ own algorithms about individually targeted accounts), the most sweeping request we know of involves Yahoo scanning all its email servers for a signature.

Then there’s CISA, which permits providers to voluntarily share cyber threat indicators with the federal government, using these definitions:

(A) IN GENERAL.—Except as provided in subparagraph (B), the term “cybersecurity threat” means an action, not protected by the First Amendment to the Constitution of the United States, on or through an information system that may result in an unauthorized effort to adversely impact the security, availability, confidentiality, or integrity of an information system or information that is stored on, processed by, or transiting an information system.

(B) EXCLUSION.—The term “cybersecurity threat” does not include any action that solely involves a violation of a consumer term of service or a consumer licensing agreement.

(6) CYBER THREAT INDICATOR.—The term “cyber threat indicator” means information that is necessary to describe or identify—

(A) malicious reconnaissance, including anomalous patterns of communications that appear to be transmitted for the purpose of gathering technical information related to a cybersecurity threat or security vulnerability;

(B) a method of defeating a security control or exploitation of a security vulnerability;

(C) a security vulnerability, including anomalous activity that appears to indicate the existence of a security vulnerability;

(D) a method of causing a user with legitimate access to an information system or information that is stored on, processed by, or transiting an information system to unwittingly enable the defeat of a security control or exploitation of a security vulnerability;

(E) malicious cyber command and control;

(F) the actual or potential harm caused by an incident, including a description of the information exfiltrated as a result of a particular cybersecurity threat;

(G) any other attribute of a cybersecurity threat, if disclosure of such attribute is not otherwise prohibited by law; or

(H) any combination thereof.

Since January, discussions of Russian tampering have certainly collapsed Russia’s efforts on social media with their various hacks. Certainly, Russian abuse of social media has been treated as exploiting a vulnerability. But none of this language defining a cyber threat indicator envisions the malicious use of legitimate ad systems.

Plus, CISA is entirely voluntary. While Facebook thus far has seemed willing to be cajoled into doing these studies, that willingness might change quickly if they had to expose their sources and methods, just as NSA clams up every time you ask about their sources and methods.

Moreover, unlike the sharing provisions in 702 minimization procedures, I’m aware of no language in CISA that permits sharing of this information with Congress.

Mind you, part of the problem may be that we’ve got global companies that have sources and methods that are as sophisticated as those of most nation-states. And, inadequate as they are, Facebook is hypothetically subject to more controls than nation-state intelligence agencies because of Europe’s data privacy laws.

All that said, let’s be aware of what Schiff and Warner are asking for, however justified it may be from a investigative standpoint. They’re asking for things from Facebook that they, NSA’s overseers, have been unable to ask from NSA.

If we’re going to demand transparency on sources and methods, perhaps we should demand it all around?

image_print