Posts

Jim Jordan Dragged Martin Estrada Away from Fighting Fentanyl To Chase Hunter Biden’s Dick Pics

/33 Comments/in , , , , /by

Yesterday, Ohio Senator JD Vance gave a speech explaining that he is holding up the confirmation of a US Attorney candidate for his own state because Donald Trump is being prosecuted for stealing classified documents but — Vance claimed in an earlier version of this rant — “the President and his family [go] completely untouched.”

Meanwhile, yesterday’s version of Vance’s harangue claimed that “it is Joe Biden’s border policies that have invited this fentanyl into our country at record levels.”

It’s an interesting take, given that Republicans keep dragging law enforcement away from fighting the fentanyl crisis  so they can explain that the conspiracy theories right wingers believe about the investigation into Hunter Biden are false.

In a July hearing where both Jim Jordan and now-Speaker Mike Johnson complainedrelying on Terry Doughty’s badly misinformed opinion — that (they claimed) the FBI had prevented millions of people from sniffing Hunter Biden’s dick pics before the 2020 election, Chris Wray pointed to the impact two drug busts had had in Marion, Ohio.

Just last month, for instance, the FBI charged 31 members of two drug trafficking organizations responsible for distributing dangerous drugs like fentanyl, cocaine, and methamphetamine throughout the area around Marion, Ohio. In that one investigation, run out of the FBI’s 2-man office in Mansfield, we worked with partners in multiple local police departments and sheriff’s offices to take kilos of fentanyl off  Marion’s streets, enough lethal doses, I should add, to kill the entire population of Columbus, Cleveland, and Cincinnati, combined.

As I noted at the time, this was good staff work. Marion, Mansfield, and Lorrain are all in Jim Jordan’s district (and so all obviously constituents of Vance, as well).

Jim Jordan took time out of Chris Wray’s day so he could complain about Hunter Biden’s dick pics, while ignoring the drug problems facing his own constituents.

It’s not just Wray.

In testimony last week before Jordan’s committee, the US Attorney for Los Angeles, Martin Estrada, struggled to explain to Jordan’s staffers why his own top AUSAs didn’t think it smart to reallocate prosecutors to partner on the Hunter Biden investigation at a time his office was 40 prosecutors short of the number they’re supposed to have. As Estrada explained, instead, CDCA granted Special AUSA status to some prosecutors from Delaware and had done so even as Gary Shapley wailed that nothing was going on in LA.

Jordan’s top aide Steve Castor was incredulous that Estrada wouldn’t know specific details about what the Delaware prosecutors granted Special Assistant status to pursue a case against Hunter Biden in LA were doing.

I mean, this is a potential prosecution of the President’s son. If the lawyers from the District of Delaware were out in your district discussing the case, don’t you think you’d know about it?

When Estrada tried to get Castor to understand how different the priorities looked when you were running the country’s biggest US Attorney’s office, fentanyl was the first thing he raised.

I think a little context would be helpful. So, as I said, we have the largest district in the country. We have a Fentanyl epidemic which is one of the worst in the country’s. We’ve done more death-resulting cases than any other district in the country. We’re on pace to do more this year than we ever had before.

[snip]

There are a lot of high-profile cases, so I don’t meet with attorneys on every single high-profile case.

[snip]

We have a fentanyl epidemic. That includes not just death-resulting cases, it includes going after cartels which are distributing these pills, not just in powder form but in pill form. We routinely seize over a million pills at a time from vehicles, and we need to prosecute those cases. Each pill could be a death. And routinely now we’re finding cartels transporting fentanyl in liquid form, which is a new thing that they’re doing. So we have to do those cases.

Republicans claim to care about the fentanyl crisis. But in reality, they keep proving that they care more about Hunter Biden’s dick pics than they do about their troubled constituents in Marion, OH.

Donald Trump Agrees He Is Living By Barack Obama’s Rules

/51 Comments/in , /by

I’ve been waiting for something like this: the moment where Donald Trump concedes that Barack Obama — Hawaiian birth certificate and all — will play a key role in decisions about his ridiculous claims about hoarding classified documents.

Midway through Trump’s bid to convince Aileen Cannon to reject DOJ’s motion for a stay of her injunction against using the documents marked with classification marks seized from Trump’s beach resort, he notes that the only power he ever had to classify and declassify documents was governed by an Executive Order signed by Barack Obama on December 29, 2009.

The Government does not contest—indeed, it concedes—that the President has broad authority governing classification of, and access to, classified documents. [ECF No. 69 at 10, 18 (quoting Dep’t of Navy v. Egan, 484 U.S. 518, 529 (1988))]. In fact, the Government advocates that “the protection of classified information must be committed to the broad discretion of the agency responsible, and this must include broad discretion to determine who may have access to it.” [ECF No. 69 at 18 (quoting Egan, 484 U.S. at 529)]. Congress provided certain parameters for controlling classified information but primarily delegated to the President how to regulate classified information. 50 U.S.C. § 3161. At the same time, Congress exempted the President from complying with such requirements. See id. § 3163 (“Except as otherwise specifically provided, the provisions of this subchapter shall not apply to the President . . .”).

President Obama enacted the current Executive Order prescribing the parameters for controlling classified information in 2009. See Exec. Order 13526 (Dec. 29, 2009). That Executive Order, which controlled during President Trump’s term in office, designates the President as an original classification authority. See id. § 1.3(a)(1). In turn, the Executive Order grants authority to declassify information to either the official who originally classified the information or that individual’s supervisors—necessarily including the President. § 3.1(b)(1), (3). Thus, assuming the Executive Order could even apply to constrain a President, cf. 50 U.S.C. § 3163, the President enjoys absolute authority under the Executive Order to declassify any information. There is no legitimate contention that the Chief Executive’s declassification of documents requires approval of bureaucratic components of the executive branch. Yet, the Government apparently contends that President Trump, who had full authority to declassify documents, “willfully” retained classified information in violation of the law. See 18 U.S.C. § 793(e); [ECF No. 69 at 9].7 Moreover, the Government seeks to preclude any opportunity for consideration of this issue.

7 Of course, classified or declassified, the documents remain either Presidential records or personal records under the PRA. [ed: See this post for how Trump debunked this claim. My emphasis]

Donald Trump concedes that Executive Order 13526 governed the classification and declassification of information on December 29, 2009. It continued to govern the classification and declassification of information on January 20, 2017. It continued to govern the classification and declassification of information on January 20, 2021. It continues to govern the classification and declassification of information today.

Donald Trump agrees that he never altered this EO. He agrees that he is bound by it still, unless the lawful President, a guy named Joe Biden, decides to change it.

This is a virtual capitulation to the arguments DOJ is making, including that the classification review of the documents he stole, the review ongoing as we speak, will be determinative of the classification status of those documents.

But it’s also a concession that he is bound by everything in the EO. There’s a whole bunch of things Trump concedes when he concedes that point (including that classified information must be kept secure).

One of those things, however, is that former Presidents — and the propagandists who work for them — still must get waivers to bypass Need to Know restrictions on classified information.

Sec. 4.4. Access by Historical Researchers and Certain Former Government Personnel.

(a) The requirement in section 4.1(a)(3) of this order that access to classified information may be granted only to individuals who have a need to-know the information may be waived for persons who:

(1) are engaged in historical research projects;

(2) previously have occupied senior policy-making positions to which they were appointed or designated by the President or the Vice President; or

(3) served as President or Vice President.

(b) Waivers under this section may be granted only if the agency head or senior agency official of the originating agency:

(1) determines in writing that access is consistent with the interest of the national security;

(2) takes appropriate steps to protect classified information from unauthorized disclosure or compromise, and ensures that the information is safeguarded in a manner consistent with this order; and

(3) limits the access granted to former Presidential appointees or designees and Vice Presidential appointees or designees to items that the person originated, reviewed, signed, or received while serving as a Presidential or Vice Presidential appointee or designee. [my emphasis]

This part of the EO — an EO that Trump, who served but no longer serves as President, agreed he is bound by — does not say that such access must be waived. It says it may be.

May. Not must.

Moreover, this waiver requires that before waiving the Need to Know rule, agency heads first determine, in writing, that giving former Presidents and their propagandists access to classified information, “is consistent with the interest of national security.”

Right there, in the middle of his filing arguing that maybe the classification decisions Joe Biden’s Administration is making right now can be overridden by a Special Master, Donald Trump agrees that the Barack Obama order he says he is bound by means not even he gets access to this information without a waiver, and even then, only if the agency heads that own the information say it won’t make the country less safe.

In his bid to claw back classified information he stole, Donald Trump admits he’s still living by Barack Obama’s rules. And those rules, the rules Trump admits he is bound by, say he can only even access this information if Avril Haines and Paul Nakasone and William Burns and Chris Wray say he can.

Go to emptywheel resource page on Trump Espionage Investigation.

Now We Know Why Jeffrey Rosen Has Been Silent, How About Chris Wray?

/60 Comments/in , /by

Since the attempted coup, both Jeffrey Rosen and Chris Wray (and Wray’s then-Deputy David Bowdich) were almost silent about the attack. A week after the attack, Rosen  a video in the middle of the night, explaining what he had done during the coup.

The day after, Wray released a short statement. More than a week later, he spoke at a closed-press meeting on inauguration security. Neither provided the kind of daily updates one would expect after such an attack.

Last night (as Rayne laid out here), NYT reported on why Rosen was so silent: because he’s a witness in what should be a criminal investigation into how the attack relates to the effort to overturn the election.

As the NYT lays out, in the days leading up to the coup attempt, Trump already tried to replace Rosen with someone, Jeffrey Bossert Clark, who would be willing to take steps to overturn the vote.

The effort to force Rosen to use DOJ resources to undermine a democratic election started on December 15, the day after Bill Barr resigned.

When Mr. Trump said on Dec. 14 that Attorney General William P. Barr was leaving the department, some officials thought that he might allow Mr. Rosen a short reprieve before pressing him about voter fraud. After all, Mr. Barr would be around for another week.

Instead, Mr. Trump summoned Mr. Rosen to the Oval Office the next day. He wanted the Justice Department to file legal briefs supporting his allies’ lawsuits seeking to overturn his election loss. And he urged Mr. Rosen to appoint special counsels to investigate not only unfounded accusations of widespread voter fraud, but also Dominion, the voting machines firm.

Then, over the weekend in advance of the certification, Assistant Attorney General Jeffrey Bossert Clark told Rosen Trump was going to make him Attorney General so he could chase Rudy Giuliani’s conspiracy theories.

On New Year’s Eve, the trio met to discuss Mr. Clark’s refusal to hew to the department’s conclusion that the election results were valid. Mr. Donoghue flatly told Mr. Clark that what he was doing was wrong. The next day, Mr. Clark told Mr. Rosen — who had mentored him while they worked together at the law firm Kirkland & Ellis — that he was going to discuss his strategy to the president early the next week, just before Congress was set to certify Mr. Biden’s electoral victory.

Unbeknown to the acting attorney general, Mr. Clark’s timeline moved up. He met with Mr. Trump over the weekend, then informed Mr. Rosen midday on Sunday that the president intended to replace him with Mr. Clark, who could then try to stop Congress from certifying the Electoral College results. He said that Mr. Rosen could stay on as his deputy attorney general, leaving Mr. Rosen speechless.

In a replay of the 2004 Hospital Hero moment, the others involved (including White House Counsel Pat Cipollone) agreed they’d resign en masse if Trump replaced Rosen, which led him to back off the plan.

NYT had four sources for this story, all of whom fear — even after Trump has been relegated to Florida — retaliation.

This account of the department’s final days under Mr. Trump’s leadership is based on interviews with four former Trump administration officials who asked not to be named because of fear of retaliation.

Clark claimed there were errors in this story, but ultimately he claimed Executive Privilege (his statement to WaPo on the topic, which I’ve used here, is more expansive).

In a statement that seemed to draw on language in the New York Times account, Clark said, “I categorically deny that I ‘devised a plan . . . to oust’ Jeff Rosen. . . . Nor did I formulate recommendations for action based on factual inaccuracies gleaned from the Internet.”

“My practice is to rely on sworn testimony to assess disputed factual claims,” Clark said. “There were no ‘maneuver[s].’ There was a candid discussion of options and pros and cons with the President. It is unfortunate that those who were part of a privileged legal conversation would comment in public about such internal deliberations, while also distorting any discussions. . . . Observing legal privileges, which I will adhere to even if others will not, prevent me from divulging specifics regarding the conversation.”

The WaPo version of this story names all who were involved in the confrontation with Trump (though the sources for the story are likely, in part, their aides).

At the meeting were Trump, Clark and Rosen, along with Richard Donoghue, the acting deputy attorney general; Steven A. Engel, the head of the department’s Office of Legal Counsel; and Pat Cipollone, the White House counsel, the people familiar with the matter said. The people said Rosen, Donoghue, Engel and Cipollone pushed against the idea of replacing Rosen, and warned of a mass resignation.

Clark says he will only respond to a sworn statement. By all means, the impeachment managers should demand sworn testimony, from all involved.

Of course, that would mean Pat Cipollone, who led the former President’s defense in his first impeachment trial, would be asked about the second time Trump tried to use government resources to cheat. Steve Engel, who authorized the withholding of a whistleblower complaint describing Trump’s earlier attempt, would also testify. Rosen, who participated in having DOJ chase Sidney Powell’s conspiracy theories about Mike Flynn, would be asked to testify about why the conspiracy theories about Dominion machines were any less credible than the Flynn ones. And Donoghue, who served as a filter for some of the conspiracy theories Rudy Giuliani had been fed by men who have since been named Russian agents, would be asked to testify about why Rudy wasn’t a credible source.

Rosen was silent in his final two weeks, presumably, for fear he might get fired and replaced by someone who would be more pliant to a coup attempt. But he — and the three others — are also witnesses to a larger plot that ended up in violence and death.

I wonder if Chris Wray has similar evidence he’ll be asked to share.

Steve Bannon and His Competent Lawyers Part Ways

/65 Comments/in , /by

It has been hard to understand Steve Bannon’s desperate efforts to sell a Hunter Biden conspiracy in recent weeks outside the context of a pardon audition. He is already charged with fraud for diverting funds donated to build a wall to his own pocketbook. And there’s a lot about the Hunter Biden story that reeks of fraud, if not serving as an Agent of a Foreign Power.

Then, last night, he said that Anthony Fauci and Chris Wray should be beheaded and have their heads put on pikes outside the White House as a warning. He got banned permanently from Twitter as a result.

If you consider the fact that the investigation — led by the FBI — into Bannon’s charged fraud is ongoing, that comes off as a threat to someone involved in his case (though is probably not why he made the comment). Roger Stone did far less and got a gag placed on him while he was out on bail.

Today, William Burck, the very competent lawyer who shepherded Bannon through a whole lot of evolving testimony in the Mueller investigation sent a letter saying they’re going to withdraw from the case.

On behalf of Defendant Stephen Bannon, we write respectfully to request an adjournment of the status conference currently scheduled for Monday, November 9 at 1:00 p.m. Mr. Bannon is in the process of retaining new counsel, and Quinn Emanuel intends to move to withdraw. As a result, Mr. Bannon respectfully requests that the status conference in this matter be adjourned for three weeks so that he may formally retain new counsel.

We have conferred with counsel for the government and for Defendants Brian Kolfage, Andrew Badolato, and Timothy Shea, all of whom consent to an adjournment. This is the second request Mr. Bannon has made for an adjournment of this status conference.

This could be nothing more than Quinn Emanuel’s unwillingness to represent someone who engages in such action. Or, there may be a larger underlying strategic dispute, one that might extend to how Bannon might audition for a pardon.

But when Mike Flynn took a similar step over a year ago, it didn’t work out the way he hoped.

Lindsey Graham, Chuck Grassley, and Mike Lee Exhibit Utter Ignorance about FBI Certification on FISA Applications

/6 Comments/in , , /by

Jim Comey’s testimony in Lindsey’s Graham’s purported investigation of FISA — by which Lindsey means using the Carter Page FISA application as a stand-in for the Russian investigation more generally while remaining silent about both DOJ IG findings that the problems identified with the Page application are true more generally, and about ongoing 702 abuses under Bill Barr and Chris Wray — just finished.

As a Comey hearing connoisseur, it wasn’t bad. Notably, he repeatedly refused to answer questions for which the presumptions were false.

But as a connoisseur of hearings on FISA and FBI oversight, it was an atrocity.

This hearing was meant to talk about the dangers of counterintelligence investigations that unfairly treat people as Russian agents, meaning Page. But by my count, on at least 19 occasions, Republicans raised the investigation into Christopher Steele’s primary subsource, Igor Danchenko, for being a suspected Russian Agent. The investigation lasted from 2009 to 2011. It used many of the same tactics used against Page, Mike Flynn, and Paul Manafort. While the FBI closed the investigation in 2011 because Danchenko left the country — meaning they never affirmatively decided he wasn’t a Russian spy — neither did they decide he was.

That makes Danchenko exactly like Carter Page, someone once suspected of and investigated over a period for being a Russian Agent, but about whom the investigation was inconclusive, with remaining unanswered questions.

If you believe in due process in this country, you treat Igor Danchenko exactly like you’d like Carter Page to be treated.

And Republicans — starting and ending with Lindsey Graham — over and over again — stated that Danchenko was a suspected Russian agent in 2016 (which is plausible but for which there is no evidence) and even, repeatedly, stated as fact that he was a Russian spy. Lindsey claimed at one point that “the Primary Subsource was a Russian agent.” He later called Danchenko, “Igor the Russian spy.”

Republicans today did everything they complain was done with Carter Page, but they did so in a public hearing.

Danchenko may very well have been still suspect in 2016; that may very well have been something to consider when vetting the dossier (though as Comey noted, it could either corroborate that Danchenko had the sources he claimed or raise concerns about Russian disinformation). That absolutely should have been a factor to raise concerns about Russian disinformation. But everything in the public record shows that Danchenko was, in 2016, in exactly the same status Page will be in 2022, someone against whom an inconclusive foreign agent investigation was closed years earlier.

Still worse, at a hearing in which Lindsey Graham and other Republican Senators claimed they wanted to fix the problems in the FISA process identified as part of the Carter Page application, one after another — including Graham, Chuck Grassley, Mike Lee, Josh Hawley, and Joni Ernst — betrayed utter ignorance about the role of the FBI Director’s certification in a FISA application.

By statute, the FBI Director (or National Security Advisor) certification requires a very limited set of information, basically explaining why the FBI wants to and can use a FISA warrant rather than a criminal warrant, because they believe the desired information in part pertains to a national security threat.

(6)a certification or certifications by the Assistant to the President for National Security Affairs, an executive branch official or officials designated by the President from among those executive officers employed in the area of national security or defense and appointed by the President with the advice and consent of the Senate, or the Deputy Director of the Federal Bureau of Investigation, if designated by the President as a certifying official–

(A)that the certifying official deems the information sought to be foreign intelligence information;

(B)that a significant purpose of the surveillance is to obtain foreign intelligence information;

(C)that such information cannot reasonably be obtained by normal investigative techniques;

(D)that designates the type of foreign intelligence information being sought according to the categories described in section 1801(e) of this title; and

(E)including a statement of the basis for the certification that—

(i)the information sought is the type of foreign intelligence information designated; and

(ii)such information cannot reasonably be obtained by normal investigative techniques;

Thanks to the declassification of the Carter Page FISA applications, we can see what the declaration Comey signed looked like. In 8 pages tracking the statutory requirement, it explains (in redacted language) what kind of foreign intelligence information FBI hoped to obtain from the FISA, and why normal investigative methods are not sufficient to achieve those objectives.

Not a shred of that declaration pertains to the underlying affidavit.

And Comey tried to alert people to this, over and over, in the hearing, stating that his certification was very limited, even while taking responsibility in the affidavit that he didn’t sign (and once, in response to a question from Lindsey, stating explicitly that he had not signed). Rather than asking him what his certification entailed and how he thought about that responsibility, Republican Senators entrusted with overseeing FISA insinuated over and over, falsely, that he should have known the underlying pieces of evidence used to obtain the FISA.

Maybe he should have. He frankly exhibited some awareness of what was in that.

But that’s not what the law requires. And if the Senate Judiciary Committee wants FBI Directors signing FISA applications to have that kind of granular awareness of case, they need to rewrite the law to mandate it.

Instead, they simply exhibited their utter lack of awareness of what FISA law requires.

Some of these Senators, notably Grassley, have been overseeing FISA for decades. Lindsey heads this committee. Mike Lee is easily among the Senators who is best informed about FISA. And yet none of them know — not even with a declassified application to read — what it is that the FBI Director certifies.

The Eight Investigations into the Russian Investigation Have Already Lasted 47% Longer than the Investigation Itself

/9 Comments/in , , /by

Before the holiday weekend, FBI Director Christopher Wray announced an “after-action review of the Michael Flynn investigation.” Thus far, that makes the eighth known investigation into the Russian investigation — and every known investigation included at least a small component relating to Mike Flynn. The investigations into the Russian investigation, which collectively have lasted around 2,064 days, have gone on 47% longer than the investigation itself.

This table lists all the known investigations pertaining to the Russian investigation, save those into people involved in the Carter Page FISA applications. All have at least a component touching on the investigation into Mike Flynn.

This table assumes the Russian investigation is ongoing, based off the redactions in the Roger Stone warrant releases and FOIAed 302s, even though Mueller closed up shop a year ago.

At least three of the investigations in this table pertain to allegations first seeded with Sara Carter and then to various Congressional staffers that Andrew McCabe said, “Fuck Flynn, and I fucking hate Trump.” McCabe was actually considered the victim of the first investigation, which was conducted by the FBI’s Inspection Division, the same entity that will conduct the investigation announced last week. While the full timing of that investigation is not known, Strzok gave a statement to the Inspection Division on July 26, 2017. That Inspection Division investigation led into the investigation into McCabe himself, though that investigation focused on his confirmation of the investigation into the Clinton Foundation (and so is not counted in this table).

Mike Flynn kept raising the “Fuck Flynn” allegations with prosecutors, leading the government to review the allegations two more times, including an October 25, 2018 interview with Lisa Page where she was also asked about her role in editing the Flynn 302s.

The defendant’s complaints and accusations are even more incredible considering the extensive efforts the government has made to respond to numerous defense counsel requests, including to some of the very requests repeated in the defendant’s motion. For instance, the defendant alleges that former FBI Deputy Director Andrew McCabe said, “‘First we f**k Flynn, then we f**k Trump,’ or words to that effect;” and that Deputy Director McCabe pressured the agents to change the January 24 interview report. See Mot. to Compel at 4, 6 (Request ##2, 22). Defense counsel first raised these allegations to the government on January 29, 2018, sourcing it to an email from a news reporter. Not only did the government inform defense counsel that it had no information indicating that the allegations were true, it conducted additional due diligence about this serious allegation. On February 2, 2018, the government disclosed to the defendant and his counsel that its due diligence confirmed that the allegations were false, and referenced its interview of the second interviewing agent, 4 who completely denied the allegations. Furthermore, on March 13, 2018, the government provided the defendant with a sworn statement from DAD Strzok, who also denied the allegations.

Nevertheless, on July 17, 2018, the defense revived the same allegations. This time, the defense claimed that the source was a staff member of the House Permanent Select Committee on Intelligence (“HPSCI”). The HPSCI staff member allegedly told the defendant that the second interviewing agent had told the staff member that after a debrief from the interviewing agents, Deputy Director McCabe said, “F**k Flynn.” Once again, the government reviewed information and conducted interviews, and once again confirmed that the allegations were completely false. And after defendant and his counsel raised the accusation for a third time, on October 15, 2018, the government responded by producing interview reports that directly contradicted the false allegations. Despite possessing all of this information, defense counsel has again resurrected the false allegations, now for a fourth time

The DOJ IG investigation into whether Jim Comey violated policy or the law by bringing home his CYA memos started in July 2017 and continued through last summer. Obviously, one of those memos recorded Trump asking Comey to let the Flynn investigation go.

The table above does not include the DOJ IG Report on the Midyear Exam investigation (into Hillary), even though that was the first to examine the Lisa Page and Peter Strzok texts. For timing purposes, only the DOJ IG investigation into Carter Page’s FISA applications investigation counts the investigation into Page and Strzok. That investigation also considered the treatment of Flynn’s presence in the first intelligence briefing for Trump.

Finally, there’s the John Durham investigation — which Bill Barr’s top aides were scoping at least as early as April 12 of last year. There is no public scope document. Similarly, there’s no public scope document of the Jeffrey Jensen review, which Barr launched to create some excuse to move to dismiss the Flynn prosecution after prosecutors recommended (and all of DOJ approved) prison time. Wray’s statement announcing the FBI’s own investigation into the Flynn investigation made clear that the Jensen investigation remains ongoing.

FBI Director Christopher Wray today ordered the Bureau’s Inspection Division to conduct an after-action review of the Michael Flynn investigation.  The after-action review will have a two-fold purpose:  (1) evaluate the relevant facts related to the FBI’s role in the Flynn investigation and determine whether any current employees engaged in misconduct, and (2)  evaluate any FBI policies, procedures, or controls implicated by the Flynn investigation and identify any improvements that might be warranted.

The after-action review will complement the already substantial assistance the FBI has been providing to U.S. Attorney Jeff Jensen in connection with his work on the Flynn case.  Under Director Wray’s leadership, the FBI has been fully transparent and cooperative with Mr. Jensen, and the FBI’s help has included providing special agents to assist Mr. Jensen in the fact-finding process.  Although the FBI does not have the prosecutorial authority to bring a criminal case, the Inspection Division can and will evaluate whether any current on-board employees engaged in actions that might warrant disciplinary measures.  As for former employees, the FBI does not have the ability to take any disciplinary action.

Director Wray authorized this additional level of review now that the Department of Justice, through Mr. Jensen’s work, has developed sufficient information to determine how to proceed in the Flynn case.  However, Mr. Jensen’s work will continue to take priority, and the Director has further ordered the Inspection Division to coordinate closely with Mr. Jensen and ensure that the review does not interfere with or impede his efforts.  Relatedly, for purposes of ensuring investigative continuity across these related matters, the Inspection Division will also utilize to the extent practicable the special agents that the FBI previously assigned to assist Mr. Jensen.

In Bill Barr’s interview with Catherine Herridge, he discussed the Jensen review in terms of criminal behavior, which would mean Jensen and Durham are both considering criminal charges for some of the same activities — activities that had been investigated six times already.

Based on the evidence that you have seen, did senior FBI officials conspire to throw out the national security adviser?

Well, as I said, this is a particular episode. And it has some troubling features to it, as we’ve discussed. But I think, you know, that’s a question that really has to wait an analysis of all the different episodes that occurred through the summer of 2016 and the first several months of President Trump’s administration.

What are the consequences for these individuals?

Well, you know, I don’t wanna, you know, we’re in the middle of looking at all of this. John Durham’s investigation, and U.S. Attorney Jensen, I’m gonna ask him to do some more work on different items as well. And I’m gonna wait till all the evidence is, and I get their recommendations as to what they found and how serious it is.

But if, you know, if we were to find wrongdoing, in the sense of any criminal act, you know, obviously we would, we would follow through on that. But, again, you know, just because something may even stink to high heaven and be, you know, appear everyone to be bad we still have to apply the right standard and be convinced that there’s a violation of a criminal statute. And that we can prove it beyond a reasonable doubt. The same standard applies to everybody.

This is one reason why DOJ’s claim to have found “new” information justifying their flip-flop on Flynn’s prosecution would be so absurd if DOJ weren’t making the claim (with no documentation) in court. Different entities in DOJ had already investigated circumstances surrounding the Flynn investigation at least seven times before Jensen came in and did it again.

But I guess Barr is going to keep investigating until someone comes up with the result he demands.

Bill Barr and Chris Wray Schedule a Press Conference to Admit Trump Let an Al Qaeda Terrorist onto Our Military Base

/37 Comments/in /by

Today, Billy Barr and Chris Wray had a press conference to announce that — in spite of his Muslim Ban — Trump had permitted an affiliate of AQAP, Mohammed Saeed Alshamrani, into this country, and onto a military base, where he bought a gun and murdered three sailors.

The evidence we’ve been able to develop from the killer’s devices shows that the Pensacola attack was actually the brutal culmination of years of planning and preparation, by a longtime AQAP associate.

The new evidence shows that al-Shamrani had radicalized not after training here in the U.S. but at least as far back as 2015, and that he had been connecting and associating with a number of dangerous AQAP operatives ever since. It shows that al-Shamrani described a desire to learn about flying years ago, around the same time he talked about attending the Saudi Air Force Academy in order to carry out what he called a “special operation.” And he then pressed his plans forward, joining the Air Force and bringing his plot here—to America.

Thanks to a lot of hard work by our people, we now know that al-Shamrani continued to associate with AQAP even while living in Texas and in Florida; and that in the months before the attack, while he was here among us, he talked with AQAP about his plans and tactics—taking advantage of the information he acquired here, to assess how many people he could try to kill.

After presenting this evidence, Barr and Wray didn’t announce that Trump is ending his Muslim Ban or retargeting it to focus on countries like Saudi Arabia that have always been a risk for terrorism. Barr and Wray didn’t explain how it was that the Trump Administration’s vetting was so poor that they let Alshamrani into a flight training program in Pensacola without vetting his social media or searching his phone on arrival. They didn’t explain how they’ll make sure foreign military officers we’re training don’t continue to plot attacks under our nose.

Instead, Barr and Wray used this opportunity to explain that Apple has to make all our phones less secure even after the FBI succeeded in accessing Alshamrani’s phones.

Barr and Wray didn’t explain why the obvious solution is not, instead, to properly vet military officers from countries that have attacked us in the past, including consensual searches of phones as those officers enter the country.

Useful But Not Sufficient: FBI’s FISA Fix Filing

/3 Comments/in , , , /by

As one of her last acts as presiding FISA judge, Rosemary Collyer ordered the government to explain how it will ensure the statement of facts in future FISA applications don’t have the same kind of errors laid out in the DOJ IG Report on Carter Page.

THEREFORE, the Court ORDERS that the government shall, no later than January 10, 2020, inform the Court in a sworn written submission of what it has done, and plans to do, to ensure that the statement of facts in each FBI application accurately and completely reflects information possessed by the FBI that is material to any issue presented by the application. In the event that the FBI at the time of that submission is not yet able to perform any of the planned steps described in the submission, it shall also include (a) a proposed timetable for implementing such measures and (b) an explanation of why, in the government’s view, the information in FBI applications submitted in the interim should be regarded as reliable.

DOJ and FBI submitted their response on Friday. (This post lays out new revelations about the FISA process in it.) While I think there are useful fixes, most laid out in FBI Director Chris Wray’s response to the IG Report itself, the fixes are insufficient to fix FISA.

The filing largely focuses on the institution and evolution of the current accuracy review process. It promises to review the memorandum guiding that process (though doesn’t set a deadline for doing so), and adds some forms and training to try to ensure that FBI Agents provide DOJ all the information that the lawyers should include in an application to FISA. One of those forms — pertaining to human sources — seems important though might lead to counterintelligence problems in the future. Another, requiring agents to provide all exculpatory information, may improve the process. But fundamentally, DOJ and FBI assume that the process they currently use just needs to be improved to make sure it works the way they intend it to.

They’re probably insufficient to fix the underlying problems in the Carter Page FISA application.

The FISA Fix Filing is based on faulty assumptions

I say that, first of all, because the FISA Fix Filing adopts certain assumptions from the DOJ IG Report that may not be valid. The FISA Fix Filing assumes that:

  • FBI was responsible for all the errors on the Carter Page application
  • The right people at FBI had the information they needed
  • The Carter Page application was an aberration

The IG Report ignored where DOJ’s National Security Division contributed to errors

As I note in this post, possibly because of institutional scope (DOJ IG cannot investigate DOJ’s prosecutors), possibly because of its own confirmation bias, the IG Report held the FBI responsible for all the information that was known to investigators, but not included in the Carter Page FISA applications. Yet the report showed that at least two of the things it says should have been included in the Page applications — Page’s own denials of a tie with Paul Manafort, and Steele’s own derogatory comments about Sergei Millian — were shared with DOJ’s Office of Intelligence, which writes the applications. Indeed, Rosemary Collyer even noted the latter example in her letter. It also shows DOJ’s National Security Division had confirmed a fact — that Carter Page had no role in the platform change at the RNC — before FBI had.

Because the FISA Fix Filing assumes FBI is responsible for everything mistakenly excluded from the applications, the proposed fixes shift even more responsibility to FBI, requiring agents, with FBI lawyers, to identify the information that should be in an application. But if — as the IG Report shows — sometimes FBI provides the relevant information but it’s not included by the lawyers, then ensuring they provide all the relevant information won’t be sufficient to fix the problem.

The focus on FBI to the detriment of NSD has one other effect. NSD includes few changes to their behaviors in the FISA Fix Filing (largely limited to training and inadequate accuracy reviews). And where they do consider changes, they do not — as ordered by the court — set deadlines for themselves.

The IG Report barely noted the import of the failure to share information in timely fashion

The IG Report deviates radically from almost twenty years of after-action reports that have consistently advocated for more sharing of national security information. It recommends that Bruce Ohr be disciplined for doing just that. Perhaps to sustain that bizarre conclusion, the IG Report focuses almost no attention on an issue that is critical to fixing the problems in the Carter Page applications: ensuring that the people submitting a FISA application have all the information available to the US government. The IG Report showed a 2 month delay before the Crossfire Hurricane team obtained the Steele reports, a month delay in getting feedback from State Department official Kathleen Kavalec, and delays in obtaining the full extent of Bruce Ohr’s knowledge on the dossier, all of which contributed to the delayed vetting of the dossier. But the IG Report doesn’t explore why this happened. And the FBI FISA Fix only addresses it by reminding agents to consult with other agencies.

In another of the 17 problems with the FISA applications, the people submitting the applications apparently did not learn that Christopher Steele had admitted meeting with Yahoo in court filings.

According to the Rule 13 Letter and FBI officials, although there had been open source reporting in May 2017 about Steele’s statements in the foreign litigation, the FBI did not obtain Steele’s court filings until the receipt of Senators Grassley and Graham’s January 2018 letter to DAG Rosenstein and FBI Director Christopher Wray with the filings enclosed. We found no evidence that the FBI made any attempts in May or June 2017 to obtain the filings to assist a determination of whether to change the FBI’s assessment concerning the September 23 news article in the final renewal application.

In other instance (as noted above), while NSD had affirmative knowledge that Carter Page had not been involved in the change to the RNC platform, FBI had a different view, yet this issue was not resolved to fully discount the claim in FISA applications. The IG Report also faults FBI managers (but never NSD ones) for not aggressively questioning subordinates to get a full sense of problems with the applications. All of these are information sharing problems, not errors of transparency. Making the case agent fill out forms about what he or she knows will have only limited effect on ensuring that those agents obtain all the information they need, because if they don’t know it, they won’t know to look for it.

With the Crossfire Hurricane investigation, that problem was exacerbated by the close hold of the investigation (most notably by running the investigation out of Main Justice) and, probably, by the urgency of investigating an ongoing attack while it’s happening, which likely led personnel to focus more on collecting information about the attack than exculpatory information.

The FISA Fix Filing includes a vaguely worded document describing technological improvements — including a workflow document that sounds like bureaucratic annoyance as described — that suggest FBI is considering moving some of this to the cloud.

Corrective Action #11 requires the identification and pursuit of short- and long-term technological improvements, in partnership with DOJ, that aid in consistency and accountability. I have already directed executives in the FBI’s Information Technology Branch leadership to work with our National Security Branch leadership and other relevant stakeholders to identify technological improvements that will advance these goals. To provide one example of a contemplated improvement, the FBI is considering the conversion of the revised FISA Request Form into a workflow document that would require completion of every question before it could be sent to OI. The FBI proposes to update the Court on its progress with respect to this Corrective Action in a filing made by March 27, 2020.

It’s still not clear this would fix the problem (it’s still not clear how Bruce Ohr would have shared the information he had in such a way that he wouldn’t now be threatened with firing for doing so, for example). And for a close hold investigation like this, such a cloud might not work. But it would be an improvement (if FBI could keep it secure, which is a big if).

The FISA Fix Filing does have suggests to improve information sharing. But because the scope of the problem, as defined in the IG Report, doesn’t account for information that simply doesn’t get to the people submitting the application, it’s not clear it will fix that problem.

No one knows whether the Page applications are an aberration or not

Finally, no one yet knows whether the Carter Page application was an aberration, and thus far, no one at DOJ has committed to finding out. DOJ IG has committed to doing an audit of the Woods Procedure process that failed in the Carter Page case (and the FISA Fix Filing committed to respond to any findings from that).

The Government further notes that the OIG is conducting an audit of FBI’s process for the verification of facts included in FISA applications that FBI submits to the Court, including an evaluation of whether the FBI is in compliance with its Woods Procedures requirements. The Department will work with the OIG to address any issues identified in this audit.

Yet everyone involved admits that the most serious problems with the Page applications consisted of information excluded from the application, not inaccurate information in it.

Many of the most serious issues identified by the OIG Report were … [when] relevant information is not contained in the accuracy sub-file and has not been conveyed to the OI attorney.

Doing an audit of the Woods Procedures, then, does not test the conclusion that Page’s applications are an aberration, and therefore does not test whether more substantive fixes are necessary.

DOJ IG has considered doing more — and PCLOB suggested last year they might get involved (though technically, their counterterrorism scope wouldn’t even permit them to look at counterintelligence cases like Page’s) — but thus far there’s no plan in this filing to figure out of this is a broader problem.

The existing oversight for FISA may be inadequate

There are several reasons to believe that the existing oversight regime for FISA may be inadequate.

As noted, the existing IG plan to audit the Woods Procedure is insufficient to identify whether the existing FISA Fix Filing is sufficient to fix the problem. Also as noted above, the jurisdiction of DOJ’s IG, because it cannot review the actions of prosecutors, might not (and in this case, pretty demonstrably did not) adequately review all parts of the process, because it could not subject NSD attorneys to the same scrutiny it did FBI.

Then there are shortcomings to NSD’s oversight regime — shortcomings that Judge James Boasberg — the new presiding FISA Judge and so the just now in charge of overseeing these fixes — already highlighted in an opinion on problems with Section 702 queries.

As the FISA Fix Filing describes, OI (the same office that the IG Report let off when it received information but did not include it in applications) does a certain number of oversight reviews each year. But they don’t do reviews in every FBI field office (to which FBI devolved the FISA application process some years ago), and they don’t do accuracy reviews at every office where they do an oversight review.

OI’s Oversight Section conducts oversight reviews at approximately 25-30 FBI field offices annually. During those reviews, OI assesses compliance with Court-approved minimization and querying procedures, as well as the Court orders. Pursuant to the 2009 Memorandum, OI also conducts accuracy reviews of a subset of cases as part of these oversight reviews to ensure compliance with the Woods Procedures and to ensure the accuracy of the facts in the applicable FISA application. 5 OI may conduct more than one accuracy review at a particular field office, depending on the number ofFISA applications submitted by the office and factors such as whether there are identified cases where errors have previously been reported or where there is potential for use of FISA information in a criminal prosecution. OI has also, as a matter of general practice,_ conducted accuracy reviews of FISA applications for which the FBI has requested affirmative use of FISA-obtained or -derived information in a proceeding against an aggrieved person. See 50U.S.C. §§ 1806(c), 1825(d).

During these reviews, OI attorneys verify that every factual statement in the categories of review described in footnote 5 is supported by a copy of the most authoritative document that exists or, in enumerated exceptions, by an appropriate alternate document. With regard specifically to human source reporting included in an application, the 2009 Memorandum requires that the accuracy sub-file include the reporting that is referenced in the application and further requires that the FBI must provide the reviewing attorney with redacted documentation from the confidential human source sub-file substantiating all factual assertions regarding the source’s reliability and background.

As Boasberg noted in his 702 opinion last year, this partial review may result in problems going unaddressed for years.

Personnel from the Office of Intelligence (OI) within the Department of Justice’s National Security Division (NSD) visit about half of the FBI’s field offices for oversight purposes in a given year. Id at 35 & n 42. Moreover OI understandably devotes more resources to offices that use FISA authorities more frequently, so those offices [redacted] are visited annually, id at 35 n. 42, which necessitates that some other offices go for periods of two years or more between oversight visits. The intervals of time between oversight visits at a given location may contribute to lengthy delays in detecting querying violations and reporting them to the FISC. See, e.g., Jan. 18, 2019, Notice [redacted] had been conducting improper queries in a training context since 2011, but the practice was not discovered until 2017).

Furthermore, OI’s review of a subset of a subset of applications targeting Americans only reviews for things included in the application, not things excluded from it.

OI’s accuracy reviews cover four areas: (1) facts establishing probable cause to believe that the target is a foreign power or an agent of a foreign power; (2) the fact and manner of FBI’s verification that the target uses or is about to use each targeted facility and that property subject to search is or is about to be owned, used, possessed by, or in transit to or from the target; (3) the basis for the asserted U.S. person status of the target(s) and the means of verification; and (4) the factual accuracy of the related criminal matters section, such as types of criminal investigative techniques used (e.g., subpoenas) and dates of pertinent actions in the criminal case.

DOJ admits that this is a problem, and considers doing a check for the kind of information excluded from Carter Page’s applications, but doesn’t commit to doing so and (again, unlike FBI) doesn’t give itself a deadline to do so.

Admittedly, these accuracy reviews do not check for the completeness of the facts included in the application. That is, if additional, relevant information is not contained in the accuracy sub-file and has not been conveyed to the OI attorney, these accuracy reviews would not uncover the problem. Many of the most serious issues identified by the OIG Report were of this nature. Accordingly, OI is considering how to expand at least a subset of its existing accuracy reviews at FBI field offices to check for the completeness of the factual information contained in the application being reviewed. NSD will provide a further update to the Court on any such expansion of the existing accuracy reviews.

Improving these oversight reviews will have a salutary effect on all FISA authorities, not just individualized orders. Since Boasberg has already identified the inadequacies of the current reviews, I would hope he’d ask for at least an improved oversight regime.

Treating alleged subpoenas like they’re not subpoenas

There’s a change promised that I’m unsure about: Chris Wray’s voluntary decision to subject Section 215 and pen register orders to heightened accuracy reviews.

Currently, the accuracy of facts contained in applications for pen register and trap and trace surveillance pursuant to 50 U.S.C. § 1841 , et seq. , or applications for business records pursuant to 50 U.S. C. § 1861 , et seq. , must, prior to submission to the Court, be reviewed for accuracy by the case agent and must be verified as true and correct under penalty ofpeijury pursuant to 28 U.S.C. § 1746 by the Supervisory Special Agent or other designated federal official submitting the application. Historically, the Woods Procedures described herein have not been formally applied by the FBI to applications for pen register and trap and trace surveillance or business records. As discussed in the FBI Declaration, FBI will begin to formally apply accuracy procedures to such applications and proposes to update the Court on this action by March 27, 2020.

FBI has, for years, told the public these are mere grand jury subpoena equivalents, and so the privacy impact is not that great. That Wray thinks these need accuracy reviews suggests they’re more intrusive than that, in which case by all means FBI should add these reviews.

But as I suggested in this post, some of the problems with the Carter Page applications might have been avoided had the Crossfire Hurricane team obtained call records from both Page and George Papadopoulos early in the process, which would not only have confirmed Page’s accurate claim that Paul Manafort never returned his emails (undermining a key claim from the dossier), but it would have revealed Papadopoulos’ interactions with suspect Russian asset Joseph Mifsud, thereby pinpointing where the investigative focus should have been (and making it a lot harder for Papadopoulos to obstruct the investigation in the way he did). The IG Report doesn’t ask why this didn’t happen, but it seems an important question because if the FBI chose not to use ostensibly less intrusive legal process because existing Section 215 applications are not worth the trouble, then making the purportedly less-intrusive applications even more onerous will only lead to a rush to use full FISA, as appears to have happened here.

Further breaking the affiant-officer of the court relationship

One of the more insightful observations from the IG Report described how OI attorneys and FBI agents applying for FISA orders don’t work as closely as prosecutors and agents on a normal case.

NSD officials told us that the nature of FISA practice requires that OI rely on the FBI agents who are familiar with the investigation to provide accurate and complete information. Unlike federal prosecutors, OI attorneys are usually not involved in an investigation, or even aware of a case’s existence, unless and until OI receives a request to initiate a FISA application. Once OI receives a FISA request, OI attorneys generally interact with field offices remotely and do not have broad access to FBI case files or sensitive source files. NSD officials cautioned that even if OI received broader access to FBI case and source files, they still believe that the case agents and source handling agents are better positioned to identify all relevant information in the files.

The proposed FISA fixes seem to derive from this OI viewpoint, that because OI don’t work closely with agents they need to replace cooperation that is often inadequate on normal criminal investigations with a process that has even less cooperation for applications that are supposed to have a higher degree of candor.

The FISA Fix Filing seems to envision FBI lawyers picking up this slack, but especially since DOJ devolved the application process to Field Agents some years ago, it’s not clear, at all, why this would result in better lawyering.

Formalizing the role of FBI attorneys in the legal review process for FISA applications, to include identification of the point at which SES-level FBI OGC personnel will be involved, which positions may serve as the supervisory legal reviewer, and establishing the documentation required for the legal review;

[snip]

Corrective Action #7 requires the formalization of the role of FBI attorneys in the legal review process for FISA applications, to include identification of the point at which SES-level FBI OGC personnel will be involved, which positions may serve as the supervisory legal reviewer, and establishing the documentation required for the legal reviewer. Through this Corrective Action, the FBI seeks to encourage legal engagement throughout the FISA process, while still ensuring that case agents and field supervisors maintain ownership of their contributions.

As it is, the FISA process requires a more senior agent to be the affiant on an application, which in at least one of the Page applications, resulted in someone who had less knowledge of the case making the attestation under penalty of perjury.

It may be that these changes go in the opposite direction from where FISA should go, which would be closer to the criminal warrant model where a judge will have an FBI affiant who anticipates taking the stand at a trial (and therefore needs to retain his or her integrity to avoid damaging the case), and an office of the court signing off on applications (whom judges can sanction directly). That is, by introducing more layers and absolving OI from some of the direct responsibility for the process, these proposed changes may make FISA worse, not better.

Remarkably, the court might consider something far more effective.

On Friday, Boasberg appointed David Kris as amicus for this consideration. Kris literally wrote the book on all this, in addition to writing the 2001 OLC memo that eliminated the wall between the intelligence collected under FISA and the prosecutions that arise out of them. In a recent podcast, he mused that the way to fix all this may be to give defendants review of their applications, something always envisioned by Congress, but something no defendant has done. That — along with a more robust oversight process — seems like it has a better chance of changing the way the FBI and DOJ approach FISA applications than adding a bunch more checklists for the process.

The frothy right is in a lather over Kris’ appointment, which is a testament to how little these people (up to and especially Devin Nunes) understand FISA. But he has the institutional clout to be able to recommend real fixes to FISA, rather than a bunch of paperwork to try to make the Woods Procedure to work the way it’s supposed to.

DOJ could, voluntarily, provide review to more defendants. Alternately, Congress could mandate it in whatever bill reauthorizes Section 215 this year. Or Kris could suggest that’s the kind of thing that should happen.

Update: David Kris submitted his recommendations to Boasberg. Like me, he finds Wray’s plan useful but not sufficient. Like me he notes that the agents doing the investigation should be the ones signing off on affidavits (and he suggests the FISC review more applications until new procedures are in place). Kris also focuses on cultural changes that need to happen.

One thing he doesn’t do is review DOJ’s role (though he does argue that part of this stems from conflict between DOJ and FBI).

He also notes that DOJ has not imposed deadlines for itself.

Horowitz

With Release of DOJ IG FISA Report, Democrats Should Pause on Impeachment

/169 Comments/in , , , /by

Democrats are going to roll out at least two articles of impeachment today.

But I think, in the wake of the release of the DOJ IG FISA Report, they should take a brief pause.

Don’t get me wrong. I think impeachment is necessary and urgent. I can see why Democrats might want to impeach even as Trump meets with Sergei Lavrov — particularly given Trump’s assault on Chris Wray for making some honest comments about the IG Report yesterday.

But I’ve gotten far enough into the IG Report to believe that it merits a pause for both sides to consider what it says. That’s because it basically says both parties were right. Democrats were right to think the investigation into Trump was fair and legitimately predicated. The Mueller Report has provided abundant evidence not only that Paul Manafort and Roger Stone (at a minimum) were willing to “collude” in the Russian hack-and-leak, but that they both took affirmative efforts to prevent Mueller from finding out whether they succeeded in doing so. Trump was a key player in that effort to obstruct the investigation. So the investigation was warranted, fairly predicated, and produced results that confirmed Trump’s people wanted to conspire with the Russian operation, whether or not they succeeded.

Republicans, however, were right that the Steele dossier was not adequately vetted by the FBI, and the FISA on Carter Page may not have been adequately substantiated (and the vetting on the follow-ups was even worse). That doesn’t mean Page shouldn’t have been investigated; he was already being investigated in April 2016, and things he did through December 2016 provided more cause for concern.

But neither of those things — the dossier’s shoddy vetting or the Page FISA — were key to the more substantive investigation into Trump. Indeed, Stone wasn’t even a subject in this early process; the first big investigative steps on him took place in August 2017, under Mueller.

I’ve got some quibbles with the report (mostly about how it treats exonerating information and Bruce Ohr and information sharing).

That said, the report should be an opportunity to step back and reflect on how the key issue — that Russia aggressively interfered in the US and a number of Americans embraced that effort — has gotten lost. That focus might make a few people, including Republicans who otherwise would not support impeachment but are appalled by the way Rudy has doubled down on his Ukrainian escapades, even meeting with KGB trained thugs, rethink the investigation into Trump.

Plus, the FISA Report provides one basis for bipartisan work in the near term.

Section 215 of the PATRIOT Act was due to get reauthorized on December 15. That got extended 3 months in the continuing resolution, but it will need reauthorized at that point. Meanwhile, over the past year, evidence that FBI misused FISA under both Jim Comey (with this IG Report) and Chris Wray (with the earlier report on problems with 702).

I’ve been arguing since at least February — and more aggressively since September, when I got the first concrete descriptions of how much this report would focus on process issues at FBI — that this IG Report would present an opportunity to call more substantive review of FISA. I got pushback among allies, because Carter Page is such an unsympathetic person to Democrats. But I think the report really demonstrates that, no matter how unsympathetic he is, no matter how warranted the investigation into him, the FISA process used against him was appalling.

So the surveillance community, which previously was able to unite Jim Jordan and the most Progressive Dems, really ought to take a step back and propose a three-part fix for FISA, one that could guide the further audit of FISA Michael Horowitz announced and one that might implement immediate legislative fixes to known FISA problems. At least beginning those conversation would provide some of the people yelling most loudly at each other a chance to talk about something they claim to agree on.

Let me be clear: I’m just arguing for a pause — maybe a week. Trump has violated every word of his oath of office and he threatens to undo our Constitution. But let’s take a few days and reflect on the way that the events of 2016 have sown division without getting us to do the things to prevent further Russian aggression. It won’t happen, but it’s what I think should happen.

The Other Servers and Laptops FBI Never Investigated: VR Systems and North Carolina Polling Books

/40 Comments/in /by

Ron Wyden had a lot to say in his minority views to the SSCI Report on election security released yesterday, mostly arguing that there need to be national standards and assistance and that no one can make any conclusions about the effects of Russia’s efforts in 2016 because no one collected the data to make such conclusions.

But there’s one line in his section raising questions about the 2016 conclusions I find particularly interesting, pertaining to VR Systems (which he doesn’t name).

Assessments about Russian attacks on the administration of elections are also complicated by newly public information about the infiltration of an election technology company.

Since the Mueller Report came out, Wyden has been trying to chase down this reference in the report to the VR Systems hack.

Unit 74455 also sent spear-phishing emails to public officials involved in election administration and personnel a~ involved in voting technology. In August 2016, GRU officers targeted employees of [redacted; VR Systems], a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed malware on the company network.

In May, he sent a letter to VR Systems President Mindy Perkins, asking how the company could claim, in March 2018, that it had not experienced a security breach when the report said it had been infected with malware in August 2016. In response, the company told Wyden (according to a letter he and Amy Klobuchar sent FBI Director Chris Wray) that they had alerted the FBI that they found suspicious IPs in their logs in real time, but that FBI had never explained the significance of that.

In a May 16, 2019, letter to Senator Wyden, VR Systems described how it participated in an August 2016 conference call with law enforcement. Participants in that call were apparently asked by the FBI to “be on the lookout for certain suspicious IP addresses.” According to VR Systems, the company examined its website logs, “found that several of the IP addresses had, in fact, visited our website” and as a result, the company “notified the FBI as we had been directed to do.” VR Systems indicates they did not know that these IP addresses were part of a larger pattern until 2017, which suggests the FBI may not have followed up with VR Systems in 2016 about the nature of the threat they faced.

The implication from Wyden’s letters is that VR Systems only hired FireEye to conduct an assessment of what happened after Reality Winner leaked an NSA document making it clear they had been targeted by GRU in 2017. [Update: Kim Zetter actually reported this here.]

In their June 12 letter, Wyden and Klobuchar asked Wray whether the FBI followed up on VR Systems’ report.

  1. What steps, if any, did the FBI take to examine VR Systems’ servers for evidence of a successful cyber breach after the company alerted the FBI, in August of 2016, to the presence of suspicious IP addresses in its website logs? If the FBI did not examine VR Systems’ servers or request access to those servers, please explain why.
  2. Several months after VR Systems first contacted the FBI, electronic pollbooks made by the company malfunctioned during the November 8 general election in Durham County, North Carolina. In the two and a half years since that incident in Durham County, has the FBI requested access to the pollbooks that malfunctioned, and the computers used to configure them, in order to examine them for evidence of hacking? If not, please explain why.
  3. VR Systems contracted FireEye to perform a forensic examination of its systems in the summer of 2017. Has the FBI reviewed FireEye’s conclusions? If so, what were its key findings?

It’s unclear how Wray answered (or didn’t). But just before Wyden sent this letter, the WaPo reported that no one had yet conducted a forensic examination of the laptops used in the VR Systems polling books in North Carolina. After Democrats took over control, they finally persisted in getting DHS to agree to check the laptops.

On Tuesday, the Department of Homeland Security told The Washington Post it will conduct a forensic analysis of the laptops used in Durham County elections in 2016. Lawson said North Carolina first asked the department to conduct such a review more than 18 months ago, though he added that DHS has generally been a “good partner” on election security.

“We appreciate the Department of Homeland Security’s willingness to make this a priority so the lingering questions from 2016 can be addressed in advance of 2020,” said Karen Brinson Bell, the newly appointed executive director of the State Board of Elections.

After the election, Durham County hired a firm called Protus3 to dig into what happened. The security consultant said it appeared the problems were caused by user error but ended its 12-page report with a list of recommendations that included examining computers in a lab setting and interviewing more election workers.

Durham County elections director Derek Bowens said he is comfortable with the report’s conclusions. Even so, in 2017, the county switched to electronic poll books created by the state. Bowens said in an interview that the state’s software would save money and is, in his view, better.

But for North Carolina officials, concerns resurfaced in June 2017 when the website Intercept posted a leaked National Security Agency report referencing “cyber espionage operations against a . . . U.S. company in August 2016.” The NSA report said that “it was likely that at least one account was compromised.”

VR Systems soon acknowledged that hackers had targeted the company but insisted that its network had not been breached.

North Carolina officials weren’t so sure.

“This was the first leak that indicated anything like a nation-state actor targeting a voting systems vendor,” Lawson said.

The state elections board soon launched its own investigation, seizing 40 laptops from Durham in July. And it suspended the certification that allowed more than 20 North Carolina counties to use VR Systems’ poll books during elections, an action that would later land in court. “Over the past few months there has been a considerable change in the election security landscape and the level of scrutiny we receive,” the board wrote in a letter explaining its decision to VR Systems.

No one working for the board had the technical expertise to do a forensic examination of the machines for signs of intrusion. Staffers asked DHS for technical help but did not get a substantive answer for a year and a half, Lawson said.

As noted, FireEye appears to have done an assessment at VR Systems itself in the wake of the Winner disclosure. The WaPo reports that FireEye declared VR Systems hadn’t been hacked, but wouldn’t share any information with Wyden or–apparently–DHS.

VR Systems said a cybersecurity firm it hired to review its computer network in 2017 found no evidence of a hack. A subsequent review by DHS also found no issues, the company said. VR Systems declined to give Wyden documentation of those reviews, citing the need to protect proprietary information.

Wyden in a statement to The Post accused VR Systems of “stonewalling congressional oversight.”

A senior U.S. official confirmed DHS’s review of VR Systems’s network to The Post and noted that by the time agency investigators arrived, a commercial vendor had already “swept” the networks. “I can’t tell you what happened before the commercial vendor came in there,” the official said, speaking on the condition of anonymity to discuss a sensitive matter.

The same day as the WaPo report, Kim Zetter reported that VR Systems used remote updates for their software, opening up a possible point of compromise for hackers.

For two years, GRU hack denialists have thought it was the most important thing that the DNC provided FBI Crowdstrike’s forensic images of the hacked laptops, rather than providing the servers themselves.

But that step has, apparently, not been done yet with VR Systems. And the laptops that failed on election day are only now being forensically examined.  Which is why, I presume, that Wyden believes it’s premature to claim no vote totals were affected on election day 2016.