Posts

Kashyap Patel Had Better Not Rely on the Bill Duhnke Precedent

Contrary to what a lot of people understand of the case, Jeffrey Sterling was not the CIA’s first suspect for the Merlin leaks to James Risen. Senate Intelligence Committee Staff Director Bill Duhnke was. As former CIA press person Bill Harlow testified, he told the FBI that James Risen had close ties to Duhnke when he first talked to them about Risen’s story.

Q. Okay. And you also told them that someone they should talk to about something like this would be Bill Duhnke, a person named Bill Duhnke, correct, up at the — that worked at the U.S. Senate?

BY MR. MAC MAHON: Q. Now, Mr. Harlow, in 2003, you told the FBI that you thought that Mr. Risen might reach out to the Staff Director of the Senate Select Intelligence Committee on Intelligence for confirmation, that Mr. Risen would, correct?

[snip]

A. My recollection is what the FBI asked me is who are the kind of people that Risen might talk to on a story like this, and I told them that he had regular contact with the Congressional Oversight Committees, including the Senate Intelligence Committee, and so the kind of places he might go to ask about the story would be the Senate Oversight committees. That’s my recollection of it. You know, it’s a dozen years ago but —

Q. And one of the names you gave them was Bill Duhnke, right?

A. Right.

As FBI Agent Hunt explained, however, she was hampered from investigating whether Duhnke (who knew aspects about Merlin that Sterling did not which showed up in Risen’s reporting) was a source for Risen because Senator Pat Roberts refused to cooperate with the FBI, even after then FBI Director Robert Mueller requested himself.

Q. And do you also remember writing in 2006 that the FBI director contacted the SSCI Chairman and Senator Pat Roberts, right?

A. Yes.

Q. And that Senator Roberts told Director Mueller that he wasn’t going to cooperate with the FBI at all in this investigation, correct?

A. Yes.

Q. And that never changed, did it?

A. It did change.

Q. You then got some cooperation from SSCI, correct?

A. I did. Q. You never got an interview with Mr. Duhnke, right?

A. I did not interview Mr. Duhnke.

Thus it happened that Speech and Debate prevented the FBI from investigating whether a key Intelligence Committee staffer played a role in a leak the government claimed was one of the worst ever.

I thought of that precedent when I read this passage in the NYT’s latest story on DOJ’s belated realization that Devin Nunes was using purported oversight requests to discover details that might help Trump delegitimize the Mueller investigation.

In another meeting, Mr. Rosenstein felt he was outright misled by Mr. Nunes’s staff. Mr. Rosenstein wanted to know whether Kashyap Patel, an investigator working for Mr. Nunes who was the primary author of the disputed memo, had traveled to London the previous summer to interview a former British spy who had compiled a salacious dossier about Mr. Trump, according to a former federal law enforcement official familiar with the interaction.

Mr. Patel was not forthcoming during the contentious meeting, the official said, and the conversation helped solidify Mr. Rosenstein’s belief that Mr. Nunes and other allies in Congress were not operating in good faith.

And these passages in an earlier NYT piece on Patel.

Over the summer, Mr. Nunes dispatched Mr. Patel and another member of the committee’s Republican staff to London, where they showed up unannounced at the offices of Mr. Steele, a former British intelligence official.

Told Mr. Steele was not there, Mr. Patel and Douglas E. Presley, a professional staff member, managed to track him down at the offices of his lawyers. There, they said they were seeking only to establish contact with Mr. Steele, but were rebuffed and left without meeting him, according to two people with knowledge of the encounter.

A senior official for the Republican majority on the Intelligence Committee, who spoke on the condition of anonymity because he was not authorized to speak about the matter, said the purpose of the visit had been to make contact with Mr. Steele’s lawyers, not Mr. Steele. Still, the visit was highly unusual and appeared to violate protocol, because they were trying to meet with Mr. Steele outside official channels.

Ordinarily, such a visit would be coordinated through lawyers, conducted with knowledge of the House Democrats, who were not informed and the American Embassy.

Given Rosenstein’s concerns that Patel was lying, I find it particularly interesting that he didn’t inform the American Embassy when he was there. It’s as if he was looking for a back channel!

As NYCSouthpaw noted, Patel has been hanging around the White House since he’s started playing this role.

In the months since, Mr. Patel has apparently forged connections at the White House. In November, he posted a series of photos to Facebook of him and several friends wearing matching shirts at the White House bowling alley. “The Dons hit the lanes at 1600 Pennsylvania,” Mr. Patel wrote under the photos.

This would suggest that the Nunes designee who has had firsthand access to all this intelligence, has also gotten really comfortable with the White House, leaving the possibility that he has shared the information with those in charge of delegitimize the investigation.

I’ve long wondered why Nunes has refused to read the information he has fought so hard to get access to. But by giving Patel that access without reading the materials himself, Nunes ensures that someone with easy access to the White House sees the materials, without jeopardizing the power to refuse any cooperation with Mueller.

Nunes, like Roberts did in 2006, could simply refuse to cooperate under speech and debate.

And it might well work!

There is, however one problem with that. You see, one of the ways (admittedly one of the less offensive ways) the President has interfered in the operations of DOJ is by demanding that the department ratchet up the leak investigations. And at a time last summer where Trump was threatening to fire Sessions so he could hire someone who could interfere with the Mueller investigation, Sessions and Dan Coats rolled out a new war on leaks, speaking of new permissiveness for prosecutors. Both Sessions…

To prevent these leaks, every agency and Congress has to do better.

We are taking a stand. This culture of leaking must stop.

[snip]

Finally, here is what I want to tell every American today: This nation must end the culture of leaks. We will investigate and seek to bring criminals to justice. We will not allow rogue anonymous sources with security clearances to sell out our country any longer.

These cases are never easy. But cases will be made, and leakers will be held accountable.

All of us in government and in every agency and in Congress must do better.

And Coats invoked Congress as a source of leaks specifically.

I would like to point out, however, that these national security breaches do not just originate in the Intelligence Community. They come from a wide range of sources within government, including the Executive Branch and including the Congress.

At the time, those mentions were deemed a warning that (in addition to changing the rules allowing them to pursue journalists), DOJ would also start pursuing Congress and its staffers more aggressively.

So while the available evidence suggests that Patel may be part of Nunes’ effort to funnel information to the White House, and while past history has shown that Nunes’ counterparts have been able to protect intelligence committee leakers, perhaps the witch hunt demanded by Trump will change that.

The Sekulow Questions, Part Six: Trump Exacerbates His Woes

In this series, it feels like time is marked by big Russian meetings and key firings.

I’m talking, of course, about my efforts to use the Mueller questions as imagined by Jay Sekulow to map out what the structure of the investigation (at least as it pertains to Trump personally) might be. Thus far, I’ve shown:

  • Russians, led by the Aras Agalarov and his son, cultivated Trump for years by dangling two things: real estate deals and close ties with Vladimir Putin.
  • During the election, the Russians and Trump appear to have danced towards a quid pro quo agreement, with the Russians offering dirt on Hillary Clinton in exchange for a commitment to sanctions relief, with some policy considerations thrown in.
  • During the transition period, Trump’s team took a series of actions that moved towards consummating the deal they had made with Russia, both in terms of policy concessions, particularly sanctions relief, and funding from Russian sources that could only be tapped if sanctions were lifted. The Trump team took measures to keep those actions secret.
  • Starting in January 2017, Trump came to learn that FBI was investigating Mike Flynn. His real reasons for firing Flynn remain unreported, but it appears he had some concerns that the investigation into Flynn would expose him personally to investigation.
  • After a failed attempt to quash the investigation into his Administration by firing Flynn, Trump grew increasingly angry that Jim Comey wouldn’t provide a quick exoneration without conducting an investigation first, leading to his firing.

May 10, 2017: What did you mean when you told Russian diplomats on May 10, 2017, that firing Mr. Comey had taken the pressure off?

Trump fired Comey just in time to report to Russian Ambassador Sergey Kislyak and Foreign Minister Sergey Lavrov in a meeting the next day that doing took the pressure off he felt because of Russia.

“I just fired the head of the F.B.I. He was crazy, a real nut job. I faced great pressure because of Russia. That’s taken off.” Remarkably, he also felt the need to reassure the Russians that, “I’m not under investigation.”

The reports that Trump’s lawyers need to have clearance because of the inclusion of this meeting in the list of questions suggests Mueller wants to learn more about the meeting beyond the public reports. That may include Trump’s sharing of classified information provided by the Israelis.

May 11, 2017: What did you mean in your interview with Lester Holt about Mr. Comey and Russia?

The day after meeting with the Russians, he told Lester Holt he was going to fire Comey regardless of what Rod Rosenstein recommended. [These are excerpts and a little rough; here’s a partial transcript that leaves out a lot of the Russian comments]

He’s a showboat, he’s a grand-stander, the FBI has been in turmoil, you know that. I know that. Everybody knows that. You take a look at the FBI a year ago, it was in virtual turmoil. Less than a year ago. It hasn’t recovered from that.

[in response to a question about Rosenstein’s recommendation] What I did was I was going to fire Comey. My decision. I was going to fire Comey. There’s no good time to do it, by the way. I was going to fire regardless of recommendation. [Rosenstein] made a recommendation, he’s highly respected. Very good guy, very smart guy. The Democrats like him. The Republicans like him. But regardless of recommendation I was going to fire Comey. Knowing there was no good time to do it.

And in fact when I decided to just do it, I said to myself, I said you know, this Russia thing with Trump and Russia is a made-up story, it’s an excuse by the Democrats for having lost an election that they should have won. And the reason they should have won it is the electoral college is almost impossible for a Republican to win. Very hard. Because you start off at such a disadvantage. So everybody was thinking, they should have won the election. This was an excuse for having lost an election.

I just want somebody that’s competent. I’m a big fan of the FBI. I love the people of the FBI.

As far as I’m concerned, I want that [investigation] to be absolutely done properly. When I did this now, I said I’ll probably, maybe confuse that. Maybe I’ll expand that, you know, lengthen the time because it should be over with, in my opinion, should have been over with a long time ago. ‘Cause all it is, is an excuse but I said to myself, I might even lengthen out the investigation, but I have to do the right thing for the American people.

[in response to question about why he put he was not under investigation in his termination letter] Because he told me that, I mean he told me that. I’ve heard that from others. I had a dinner him, he wanted to have dinner because he wanted to stay on, we had a very nice dinner at the White House very early on. [He asked to have dinner?] A dinner was arranged. I think he asked for the dinner. And he wanted to stay on as the FBI head. And I said, I’ll consider, we’ll see what happens. We had a very nice dinner. And at that time he told me you’re not under investigation. I knew anyway. First of all, when you’re under investigation, you’re giving all sorts of documents and everything. I knew I wasn’t under — and I heard it was stated at the committee, at some committee level, number one. Then during the phone call he said it, then during another phone call he said it. He said it at dinner, and then he said it twice during phone calls.

In one case I called him, in one case he called me.

I actually asked him, yes. I said, if it’s possible, would you let me know, am I under investigation? He said you are not under investigation. All I can tell you is that I know that I’m not under investigation. Personally. I’m not talking about campaigns, I’m not talking about anything else. I’m not under investigation.

[did you ask him to drop the investigation] No. Never. I want the investigation speeded up. Why would we do that? Iw ant to find out if there was a problem with an election having to do with Russia, or anyone else, any other country, I want it to be so strong and so good.

I want somebody that’s going to do a great job.

I think that looking into me and the campaign, I have nothing to do, his was set up by the Democrats. There’s no collusion between me and my campaign and the Russians. The other things is the Russians did not affect the vote.

If Russia hacked, If Russia had to anything to do with our election, I want to know about it. If Russia or anybody elseis trying to interfere with our elections I want to make sure that will never ever happen

[wiretapping] I was surprised [Comey said no spying] but I wasn’t angry. There’s a big thing going on right now, spying, to me that’s the big story.

I want a great FBI Director. I expect that [they will continue investigation].

[Flynn’s access to secrets] My White House Counsel it did not sound like an emergency. She didn’t make it sound that way either in the hearings the other day. It didn’t sound like it had to be done immediately. This man has served for many years. He’s a general. In my opinion a very good person. It would be very unfair to hear from someone we don’t even know to immediately run out and fire a general. We ultimately fired, but we fired for a different reason. Everything plays into it. We fired him because he said something to the Vice President that wasn’t true. He had clearance from the Obama Administration. I think it’s a very unfair thing that the media doesn’t talk about that.

I just sent a letter from one of the most prestigious law firms in the country that I have nothing to do with Russia, I have no investments in Russia, I don’t have property in Russia. I’m in total compliance in every way.

I had the Miss Universe Pageant in Moscow a long time ago. I have a certified letter. I’m not just saying that. I assume he’s gonna give the letter out. No loans, no nothing.

I never thought about it [optics of Lavrov meeting]. What difference does it make.

When I spoke with Putin he asked me whether I’d see Lavrov. I think we had a great discussion having to do with Syria, having to do with the Ukraine. Maybe that discussion will lead to peace.

Ultimately, Trump said several things here (aside from putting into the public record the meetings with Comey, though he got details that can almost certainly be proved wrong wrong). He differentiated between an investigation into himself personally and others, denied asking to halt the investigation into Flynn, provided his bogus self-exoneration claim of not having business ties with Russians. He also reiterated the claim he had been spied on.

May 12, 2017: What was the purpose of your May 12, 2017, tweet?

By this point, Trump and Comey were in a war of credibility. And Trump suggested that he might have tapes of his meetings with Comey.

The White House answers about whether there were tapes have dodged some, so it’s possible.

May 17, 2017: What did you think and what did you do in reaction to the news of the appointment of the special counsel?

In the wake of reporting that Comey had documented a request from Trump to halt the investigation into Flynn, on May 17, Rod Rosenstein appointed Robert Mueller to investigate any links between the Russian government and individuals associated with Trump’s campaign and “any matters that arose or may arise directly from the investigation.” The latter phrase made it clear that by firing Comey, Trump had put himself under investigation for obstructing the investigation in chief.

In the middle of a meeting with Sessions, Don McGahn, Mike Pence, and several others on replacing Comey, Rosenstein called McGahn and told him he had appointed Mueller. Trump took it out on Sessions, calling him an idiot and telling him he should resign. Sessions left and sent a resignation letter, but Pence, Steve Bannon, and Reince Priebus convinced him to hold off on accepting it. This piece describes Priebus’ side of that story.

May 31, 2017: Why did you hold Mr. Sessions’s resignation until May 31, 2017, and with whom did you discuss it?

Mueller has received testimony from most of the people who counseled Trump not to fire Sessions, including McGahn, Bannon, and Priebus (but not Pence). He has also gotten Sessions’ testimony on this point.

I’m particularly interested in whether Trump consulted with people not listed in the NYT story on this, such as Jared Kushner and Stephen Miller (who had counseled him to fire Comey in the first place). I also suspect that Trump had already reached out Flynn by this point to talk pardons.

June 8, 2017: What did you think about Mr. Comey’s June 8, 2017, testimony regarding Mr. Flynn, and what did you do about it?

On June 8, Comey testified to SSCI. The night before, he released a statement that reviewed much of what appeared in his memos. The hearing consisted of senators from each party trying to spin Comey’s report of being asked to drop the Flynn investigation, with little news  — though Comey did make clear the investigation covered false statements.

BLUNT: On the Flynn issue specifically, I believe you said earlier that you believe the president was suggesting you drop any investigation of Flynn’s account of his conversation with the Russian ambassador. Which was essentially misleading the vice president and others?

COMEY: Correct. I’m not going to go into the details but whether there were false statements made to government investigators, as well.

Comey refuted Trump’s claim that he didn’t ask him to stop the investigation into Flynn.

KING: In his press conference May 18th, the president responded, quote, no, no, when asked about asking you to stop the investigation into general Flynn. Is that a true statement?

COMEY: I don’t believe it is.

Comey said he viewed the Flynn investigation and the Russian one as touching, but separate, though raised the possibility of flipping Flynn.

KING: Back to Mr. Flynn. Would the — would closing out the Flynn investigation have impeded the overall Russian investigation?

COMEY: No. Well, unlikely, except to the extent — there is always a possibility if you have a criminal case against someone and squeeze them, flip them and they give you information about something else. But I saw the two as touching each other but separate.

Comey also revealed that he had shared memos memorializing his conversations with Trump with a friend.

BLUNT: You said something earlier and I don’t want to fail to follow up on, you said after dismissed, you gave information to a friend so that friend could get that information into the public media.

COMEY: Correct.

BLUNT: What kind of information was that? What kind of information did you give to a friend?

COMEY: That the — the Flynn conversation. The president had asked me to let the Flynn — forgetting my exact own words. But the conversation in the Oval Office.

Much of the hearing covered Sessions’ non-involvement. Comey deferred a number of questions to the closed session.

Trump used the Comey hearing — and his confirmation that at the time he left the president wasn’t under investigation — to have Marc Kasowitz make a statement claiming Trump never impeded the investigation and never demanded loyalty.

I am Marc Kasowitz, Predisent Trump’s personal lawyer.

Contrary to numerous false press accounts leading up to today’s hearing, Mr. Comey has now finally confirmed publicly what he repeatedly told the President privately: The President was not under investigation as part of any probe into Russian interference. He also admitted that there is no evidence that a single vote changed as a result of any Russian interference.

Mr Comey’s testimony also makes clear that the President never sought to impede the investigation into attempted Russian interference in the 2016 election, and in fact, according to Mr. Comey, the President told Mr. Comey “it would be good to find out” in that investigation if there were “some ‘satellite’ associates of his who did something wrong.” And he did not exclude anyone from that statement. Consistent with that statement, the President never, in form or substance, directed or suggested that Mr. Comey stop investigating anyone, including suggesting that that Mr. Comey“let Flynn go.” As he publicly stated the next day, he did say to Mr. Comey, “General Flynn is a good guy, he has been through a lot” and also “asked how is General Flynn is doing.”

Admiral Rogers testified that the President never “directed [him] to do anything . . . illegal, immoral, unethical or inappropriate” and never “pressured [him] to do so.” Director Coates said the same thing. The President likewise never pressured Mr. Comey. .

The President also never told Mr. Comey, “I need loyalty, I expect loyalty” in form or substance. Of course, the Office of the President is entitled to expect loyalty from those who are serving in an administration, and, from before this President took office to this day, it is overwhelmingly clear that there have been and continue to be those in government who are actively attempting to undermine this administration with selective and illegal leaks of classified information and privileged communications.

Kasowitz also accused Comey of leaking in order to lead to a special counsel investigation.

Mr. Comey has now admitted that he is one of these leakers. Today, Mr. Comey admitted that he unilaterally and surreptitiously made unauthorized disclosures to the press of privileged communications with the President. The leaks of this privileged information began no later than March 2017 when friends of Mr. Comey have stated he disclosed to them the conversations he had with the President during their January 27, 2017 dinner and February 14, 2017 White House meeting. Today, Mr. Comey admitted that he leaked to friends his purported memos of these privileged conversations, one of which he testified was classified. He also testified that immediately after he was terminated he authorized his friends to leak the contents of these memos to the press in order to “prompt the appointment of a special counsel.” Although Mr. Comey testified he only leaked the memos in response to a tweet, the public record reveals that the New York Times was quoting from these memos the day before the referenced tweet, which belies Mr. Comey’s excuse for this unauthorized disclosure of privileged information and appears to entirely retaliatory. We will leave it the appropriate authorities to determine whether this leaks should be investigated along with all those others being investigated. .

In sum, it is now established that there the President was not being investigated for colluding with the or attempting to obstruct that investigation. As the Committee pointed out today, these important facts for the country to know are virtually the only facts that have not leaked during the long course of these events.

This sort of kicked off the official campaign to discredit Comey and those who would back his story.

June 12, 2017: What did you think and do in reaction to the news that the special counsel was speaking to Mr. Rogers, Mr. Pompeo and Mr. Coats?

Public reports date Rogers and Coats’ interviews with Mueller to the week of June 12, 2017, so Pompeo’s must have been around that same time. Rogers and Coats, at least, testified that Trump tried to get them to state publicly that there was no collusion. They said the interaction was odd and uncomfortable, but that he did not order them to interfere.

Clearly, Trump responded to public reports of their being called as witnesses, though we don’t know what the response was. It’s possible that’s when Trump threatened to fire Mueller, only to back off when Don McGahn threatened to quit.

July 7, 2017: What involvement did you have in the communication strategy, including the release of Donald Trump Jr.’s emails?

I’ve laid out that I believe the evolving June 9 story is a limited hangout orchestrated by Agalarov lawyer Scott Balber. The strategy would have begun when Jared Kushner wrestled with the need to disclose the meeting, both in response to congressional investigations and for his clearance. Manafort, too, turned over emails backing the event about a month before the story came out publicly. This post talks about the response the weekend of the G-20 in Hamburg, including Ivanka sitting in on a meeting so Trump could strategize, and Hope Hicks suggesting the emails would never come out.

As a reminder, on the same day Trump had a second hour long meeting with Putin, he dictated Putin’s propaganda line that the meeting pertained to adoptions. Importantly, he hid what I’ve suggested was the quo in the quid pro quo, sanctions relief. Mueller undoubtedly would like to know if Putin helped him come up with that message, which would be really damning.

Mueller also wants to know about the decision to leak Don Jr’s emails. Bannon suspects that a Jared aide leaked the emails (his then lawyer Jamie Gorelick would cut back her work with him shortly thereafter). But remember: in a DM, Assange proposed that he give Wikileaks the email.

There’s clearly far more back story to the leaked email we don’t know yet.

If Trump’s involvement here involves coordination with Russians (like the Agalrovs, to say nothing of Putin) or Assange, it would provide damning evidence not of obstruction, but of collusion, an effort to coordinate a story about a key meeting. Trump’s lawyers have always suggested questions about Trump’s role in this statement are improper, which is itself a telling indicator that they don’t understand (or want to spin) the risk of the original June 9 meeting.

July 20, 2017: After the resignations, what efforts were made to reach out to Mr. Flynn about seeking immunity or possible pardon?

Mike Flynn tried to get Congressional immunity in March 2017, with Trump’s backing the effort in a tweet.

Mueller’s question seems to suggest even at that earlier period, someone from Trump’s camp reached out and discussed immunity with Flynn. Shortly before April 25, Trump also sent Flynn a message to “stay strong.” (h/t TC)

On July 20, the WaPo reported that Trump’s team was researching pardons. The NYT report first revealing that Trump offered pardons to Mike Flynn (and Manafort, who is curiously not mentioned in this question) describes it happening after John Dowd took over, in the wake of the revelation of the June 9 meeting and the Kasowitz firing. Dowd denied any such thing was happening on July 21, which is probably a good sign such discussions were taking place.

July 25, 2017: What was the purpose of your July 2017 criticism of Mr. Sessions? What discussions did you have with Reince Priebus in July 2017 about obtaining the Sessions resignation? With whom did you discuss it?

In late July, 2017, Trump accused Sessions of several sins: failing to crack down on leaks, failing to prosecute Hillary, and failing to fire Andrew McCabe. That must be the same time when Trump ordered Priebus to get Sessions’ resignation, which he dodged by stalling, which probably answers the “what was the purpose” question: to lay predicate to fire Sessions.

I’m particularly interested in the question about who Trump discussed this with, particularly given the provocative timing — the days before George Papadopoulos’s July 26 arrest and Paul Manafort’s July 27 condo search (using a warrant that, unlike a warrant from a May 27 storage unit search, invoked the June 9 meeting). It’s possible Trump had advance knowledge of this stuff (which would be alarming), but likely it’s a coincidence.

In any case, Mueller clearly has reason to believe Trump learned something about the investigation and discussed it with people that led him to try, again, to stop it by firing someone.

What was the purpose of the September and October 2017 statements, including tweets, regarding an investigation of Mr. Comey?

On September 1, Trump responded to reports that because Comey had a declination written before interviewing Hillary, he rigged the outcome of the investigation. In mid-October, in the wake of the Manafort indictment and George Papadopoulos plea, Trump returned to this attack. Rudy Giuliani has renewed this attack in recent days, which is presumably an attempt to undercut Comey’s credibility.

What discussions did you have regarding terminating the special counsel, and what did you do when that consideration was reported in January 2018?

The NYT report that Trump tried to fire Mueller in June 2017 made it clear that Mueller had received testimony about it (presumably from McGahn and others). Clearly, Mueller has reason to know that Trump did something else in response. Note that this report came out in the wake of the Michael Wolff book, which would give Mueller an excuse to call several of the relevant witnesses (such as Mark Corallo and Steve Bannon) as witnesses. This time period also closely follows the increasingly aggressive response in Congress.

What is the reason for your continued criticism of Mr. Comey and his former deputy, Andrew G. McCabe?

The assumption is that Trump continues to attack Comey and McCabe because doing so might harm their credibility with regards to an obstruction investigation, and that’s surely true (made all the worse by McCabe’s firing and his criminal referral).

But I increasingly believe (particularly given that the other contemporaneous witnesses to Comey’s concerns, like James Baker, are not named) that’s not the only reason Trump is doing this. My guess is it’s an attempt to undermine their decision to investigate Flynn. We now know, for example, that McCabe set up the interview with Flynn on Comey’s direction. So in addition to discrediting key witnesses against him, it seems possible that Trump is also trying to discredit the decision, at a time when  FBI was about to close a counterintelligence investigation into Flynn, to instead interview him, leading to the exposure of Trump’s efforts to undermine US policy during the transition period.

RESOURCES

These are some of the most useful resources in mapping these events.

Mueller questions as imagined by Jay Sekulow

CNN’s timeline of investigative events

Majority HPSCI Report

Minority HPSCI Report

Trump Twitter Archive

Jim Comey March 20, 2017 HPSCI testimony

Comey May 3, 2017 SJC testimony

Jim Comey June 8, 2017 SSCI testimony

Jim Comey written statement, June 8, 2017

Jim Comey memos

Sally Yates and James Clapper Senate Judiciary Committee testimony, May 8, 2017

NPR Timeline on Trump’s ties to Aras Agalarov

George Papadopoulos complaint

George Papadopoulos statement of the offense

Mike Flynn statement of the offense

Internet Research Agency indictment

Text of the Don Jr Trump Tower Meeting emails

Jared Kushner’s statement to Congress

Erik Prince HPSCI transcript

THE SERIES

Part One: The Mueller Questions Map Out Cultivation, a Quid Pro Quo, and a Cover-Up

Part Two: The Quid Pro Quo: a Putin Meeting and Election Assistance, in Exchange for Sanctions Relief

Part Three: The Quo: Policy and Real Estate Payoffs to Russia

Part Four: The Quest: Trump Learns of the Investigation

Part Five: Attempting a Cover-Up by Firing Comey

Mueller Offers Trump an Open Book Test — Trump Should Refuse

Someone (possibly named Rudy 911) leaked the questions Robert Mueller wants to ask Trump to the NYT. The NYT, as they’ve been doing for some time, are presenting the president’s exposure in terms of obstruction.

Except that of 44 questions as presented by NYT, 13 are explicitly not about obstruction, and several of the obstruction questions are, I’m fairly sure, about “collusion.”

  1. What did you know about phone calls that Mr. Flynn made with the Russian ambassador, Sergey I. Kislyak, in late December 2016?
  2. What was your reaction to news reports on Jan. 12, 2017, and Feb. 8-9, 2017?
  3. What did you know about Sally Yates’s meetings about Mr. Flynn?
  4. How was the decision made to fire Mr. Flynn on Feb. 13, 2017?
  5. After the resignations, what efforts were made to reach out to Mr. Flynn about seeking immunity or possible pardon?
  6. What was your opinion of Mr. Comey during the transition?
  7. What did you think about Mr. Comey’s intelligence briefing on Jan. 6, 2017, about Russian election interference?
  8. What was your reaction to Mr. Comey’s briefing that day about other intelligence matters?
  9. What was the purpose of your Jan. 27, 2017, dinner with Mr. Comey, and what was said?
  10. What was the purpose of your Feb. 14, 2017, meeting with Mr. Comey, and what was said?
  11. What did you know about the F.B.I.’s investigation into Mr. Flynn and Russia in the days leading up to Mr. Comey’s testimony on March 20, 2017?
  12. What did you do in reaction to the March 20 testimony? Describe your contacts with intelligence officials.
  13. What did you think and do in reaction to the news that the special counsel was speaking to Mr. Rogers, Mr. Pompeo and Mr. Coats?
  14. What was the purpose of your calls to Mr. Comey on March 30 and April 11, 2017?
  15. What was the purpose of your April 11, 2017, statement to Maria Bartiromo?
  16. What did you think and do about Mr. Comey’s May 3, 2017, testimony?
  17. Regarding the decision to fire Mr. Comey: When was it made? Why? Who played a role?
  18. What did you mean when you told Russian diplomats on May 10, 2017, that firing Mr. Comey had taken the pressure off?
  19. What did you mean in your interview with Lester Holt about Mr. Comey and Russia?
  20. What was the purpose of your May 12, 2017, tweet?
  21. What did you think about Mr. Comey’s June 8, 2017, testimony regarding Mr. Flynn, and what did you do about it?
  22. What was the purpose of the September and October 2017 statements, including tweets, regarding an investigation of Mr. Comey?
  23. What is the reason for your continued criticism of Mr. Comey and his former deputy, Andrew G. McCabe?
  24. What did you think and do regarding the recusal of Mr. Sessions?
  25. What efforts did you make to try to get him to change his mind?
  26. Did you discuss whether Mr. Sessions would protect you, and reference past attorneys general?
  27. What did you think and what did you do in reaction to the news of the appointment of the special counsel?
  28. Why did you hold Mr. Sessions’s resignation until May 31, 2017, and with whom did you discuss it?
  29. What discussions did you have with Reince Priebus in July 2017 about obtaining the Sessions resignation? With whom did you discuss it?
  30. What discussions did you have regarding terminating the special counsel, and what did you do when that consideration was reported in January 2018?
  31. What was the purpose of your July 2017 criticism of Mr. Sessions?
  32. When did you become aware of the Trump Tower meeting?
  33. What involvement did you have in the communication strategy, including the release of Donald Trump Jr.’s emails?
  34. During a 2013 trip to Russia, what communication and relationships did you have with the Agalarovs and Russian government officials?
  35. What communication did you have with Michael D. Cohen, Felix Sater and others, including foreign nationals, about Russian real estate developments during the campaign?
  36. What discussions did you have during the campaign regarding any meeting with Mr. Putin? Did you discuss it with others?
  37. What discussions did you have during the campaign regarding Russian sanctions?
  38. What involvement did you have concerning platform changes regarding arming Ukraine?
  39. During the campaign, what did you know about Russian hacking, use of social media or other acts aimed at the campaign?
  40. What knowledge did you have of any outreach by your campaign, including by Paul Manafort, to Russia about potential assistance to the campaign?
  41. What did you know about communication between Roger Stone, his associates, Julian Assange or WikiLeaks?
  42. What did you know during the transition about an attempt to establish back-channel communication to Russia, and Jared Kushner’s efforts?
  43. What do you know about a 2017 meeting in Seychelles involving Erik Prince?
  44. What do you know about a Ukrainian peace proposal provided to Mr. Cohen in 2017?

Indeed, the questions seem almost an attempt to pit Trump’s word against Jim Comey’s (questions 6 through 23) as a way to lure him into answering questions that even as written will sink Trump. And that’s assuming there’s not some ulterior motive to the question (and for some of the most open-ended questions — like 33,39, 40, and 41 — I suspect, there is).

So yeah, if Trump has any lawyers still working for him, they should advise him not to take this interview.

But when that happens, it should badly undercut Trump’s claims there was no collusion.

 

Nunes Is So Dumb He Missed the Most Likely Way the Trump Campaign Might Have Been Wiretapped

Devin Nunes is so bad at his job overseeing the nation’s intelligence agencies that his memo alleging FISA abuses failed to mention the one way he might have legitimately argued that the Deep State was spying on the Trump campaign.

The memo, released Friday after a week of political drama, purports to show that the process by which the FBI applied for four individualized FISA orders targeting former Trump foreign policy advisor Carter Page, spanning from October 2016 through July 2017, failed to adequately explain to the court that the application included information obtained as part of paid opposition research. On that claim, the memo falls short of making the case. So too does Nunes’ claim that “top officials used unverified information [from the Title I warrants] to fuel a counter-intelligence investigation during an American political campaign,” since Carter Page had been gone from the Trump campaign for a month before he was targeted.

But the memo only deals with the request for traditional “probable cause” FISA orders approved by the FISA Court. The memo even says this surveillance at issue was “not under Title VII,” probably an effort to distinguish this surveillance practice, which Nunes claims is being abused, from collection under FISA’s Section 702, which is even more problematic from a privacy standpoint. Nunes wrote the bill that reauthorized Section 702 two weeks ago, a bill that included no reforms to the practice that allows the government to access the communications of Americans against whom the FBI has no evidence of wrong-doing without a warrant. That is, Nunes wants to make sure you know that only the FISA practice that actually requires probable cause is at issue in his claims of FISA abuse, not the practice that permits warrantless surveillance of Americans that he championed a few weeks ago.

The thing is, Nunes is probably wrong that the surveillance of Carter Page doesn’t involve any of the authorities he recently pushed through. That’s because, along with Section 702, Nunes’ bill extending FISA’s Title VII also reauthorized a section, 705(b), which the government uses to spy on Americans already under surveillance, like Carter Page, during the periods when they travel overseas.

Carter Page traveled to Russia and London in December 2016 and Abu Dhabi in January 2017; he told the House Intelligence Committee he met with a slew of interesting foreigners along the way. It would be malpractice for the government to halt surveillance on someone it suspected of spying for Russia when he went to Russia.

So assuming the NSA kept spying on Page when he was meeting with the Russians they suspected him of conspiring with while he was in Russia, then the government would have switched to 705(b) authority. That permits the NSA to use the different kinds of surveillance tools, more powerful tools like hacking someone’s computer or querying data collected in bulk, that it uses overseas, drawing from more kinds of collection.

The thing is, that kind of individualized overseas surveillance — far more than the domestic individual surveillance at issue in the memo — has been a problem in recent years. Indeed, in the months before the government obtained its first FISA order on Carter Page, the NSA’s Inspector General found that in the 8 years since Congress had passed 705(b), NSA had never set up a system to track surveillance conducted under it. Of particular concern, analysts were conducting surveillance under the authority outside the time frame permitted under the 705(b) order, meaning that analysts might collect data from a period before the 705(b) order, or even before the traditional FISA order underlying it, had been approved. Or, NSA might forget to turn off their hacking sensor in Page’s laptop or smart phone even after he returned to the US. By using overseas spying methods outside the time period when the person was overseas, then, NSA might have gotten what amounts to a time machine, letting the government (perhaps unknowingly) obtain stored communications from the period when Page was still working with the Trump campaign.

The discovery, in early 2016, that NSA hadn’t been following the rules for the kind of spying that would have been used with Page while he was in Russia led to a string of other discoveries, which in turn led to the termination of one kind of NSA spying, called “about” collection. But the process of fixing 705(b) and “about” collection continued well into the period when Page was under FISA surveillance, including the times when he was traveling overseas.

All that said, if the government obtained information from outside the time of Carter Page’s travels overseas improperly, Trump has only Trump to blame. That’s because, even after they did fix the problems with the program in April 2017, the Trump Administration didn’t do what the Obama Administration before it had done on numerous occasions: get rid of any data obtained improperly under such conditions. So while the underlying problems with 705(b) were never fixed under the Obama Administration (which is absolutely something that should be laid at his feet) Jeff Sessions and Dan Coats would be responsible for any lasting harm under the problems. The Trump Administration’s deviation from past practice in destroying improperly obtained data would be responsible for any harm to Trump.

Ultimately, Nunes’ failure to consider for his politicized memo the one FISA practice most likely to have affected Carter Page identifies the real source of any problems with FISA: a failure of oversight, including from people like Devin Nunes. With the Title VII reauthorization bill he authored, Nunes might have ensured some follow-up to make sure known overseas spying problems were fixed. He might have required the government to make sure it destroyed any data on the Trump campaign it collected while Page was overseas.

Instead, Nunes seems completely unaware that such problems existed.

 

Under Cover of the Nunes Memo, Russian Spooks Sneak Openly into Meetings with Trump’s Administration

On December 17, Vladimir Putin picked up the phone and called Donald Trump.

Ostensibly, the purpose of the call was to thank Trump for intelligence the US provided Russia that helped them thwart a terrorist attack. Here’s what the White House readout described.

President Vladimir V. Putin of Russia called President Donald J. Trump today to thank him for the advanced warning the United States intelligence agencies provided to Russia concerning a major terror plot in Saint Petersburg, Russia. Based on the information the United States provided, Russian authorities were able to capture the terrorists just prior to an attack that could have killed large numbers of people. No Russian lives were lost and the terrorist attackers were caught and are now incarcerated. President Trump appreciated the call and told President Putin that he and the entire United States intelligence community were pleased to have helped save so many lives. President Trump stressed the importance of intelligence cooperation to defeat terrorists wherever they may be. Both leaders agreed that this serves as an example of the positive things that can occur when our countries work together. President Putin extended his thanks and congratulations to Central Intelligence Agency (CIA) Director Mike Pompeo and the CIA. President Trump then called Director Pompeo to congratulate him, his very talented people, and the entire intelligence community on a job well done!

Putin, of course, has a history of trumping up terrorist attacks for political purposes (which is not to say he’s the only one).

In Trump’s Russia, top spooks come to you

That call that Putin initiated serves as important background to an event (or several — the details are still uncertain) that happened earlier this week, as everyone was distracted with Devin Nunes’ theatrics surrounding his memo attacking the Mueller investigation into whether Trump has engaged in a conspiracy with Russia. All three of Russia’s intelligence heads came to DC for a visit.

The visit of the sanctioned head of SVR, Sergey Naryshkin — Russia’s foreign intelligence service — was ostentatiously announced by Russia’s embassy.

SVR is the agency that tried to recruit Carter Page back in 2013, and which has also newly been given credit for the hack of the DNC in some Dutch reporting (and a recent David Sanger article). It’s clear that SVR wanted Americans to know that their sanctioned head had been through town.

As the week went on, WaPo reported that FSB’s Alexander Bortnikov and GRU’s Colonel General Igor Korobov had also been through town (GRU has previously gotten primary credit for the hack and Korobov was also sanctioned in the December 2016 response, and FSB was described as having an assisting role).

Pompeo met with Sergey Naryshkin, the head of Russia’s Foreign Intelligence Service or SVR, and Alexander Bortnikov, who runs the FSB, which is the main successor to the Soviet-era security service the KGB.

The head of Russia’s military intelligence, the GRU, also came to Washington, though it is not clear he met with Pompeo.

A senior U.S. intelligence official based in Moscow was also called back to Washington for the meeting with the CIA chief, said a person familiar with the events, who, like others, spoke on the condition of anonymity to discuss the sensitive meeting.

Treasury defies Congress on Russian sanctions

These visits have been associated with Trump’s decision not to enforce congressionally mandated sanctions, claiming that the threat of sanctions is already working even as Mike Pompeo insists that Russia remains a threat. In lieu of providing a mandated list of Russians who could be sanctioned, Treasury basically released the Forbes list of richest Russians, meaning that the sanction list includes people who’re squarely opposed to Putin. In my opinion, reporting on the Forbes list underplays the contempt of the move. Then, today, Treasury released a memo saying Russia was too systematically important to sanction.

Schumer’s questions and Pompeo’s non-answers

Indeed, Chuck Schumer emphasized sanctions in a letter he sent to Dan Coats, copied to Mike Pompeo, about the Naryshkin visit (the presence of the others was just becoming public).

As you are well aware, Mr. Naryshkin is a Specially Designated National under U.S. sanctions law, which imposes severe financial penalties and prohibits his entry into the U.S. without a waiver. Moreover, the visit of the SVR chief occurred only days before Congress was informed of the president’s decision not to implement sanctions authorized the Countering America’s Adversaries Through Sanctions Act (CAATSA), which was passed with near unanimous, bipartisan support. CAATSA was designed to impose a price on Russian President Vladimir Putin and his cronies for well-documented Russian aggression and interference in the 2016 election. However, the administration took little to no action, even as Russia continues its cyberattacks on the U.S.

Certainly, that seems a fair conclusion to draw — that by emphasizing Naryshkin’s presence, Russia was also boasting that it was immune from Congress’ attempts to sanction it.

But Mike Pompeo, who responded to Schumer, conveniently responded only to Schumer’s public comments, not the letter itself.

I am writing to you in response to your press conference Tuesday where you suggested there was something untoward in officials from Russian intelligence services meeting with their U.S. counterparts. Let me assure you there is not. [my emphasis]

This allowed Pompeo to dodge a range Schumer’s questions addressing Russia’s attacks on the US.

What specific policy issues and topics were discussed by Mr. Naryshkin and U.S. officials?

    1. Did the U.S. officials who met with Mr. Naryshkin raise Russia’s interference in the 2016 elections?  If not, why was this not raised? If raised, what was his response?
    2. Did the U.S. officials who met with Mr. Naryshkin raise existing and congressionally-mandated U.S. sanctions against Russia discussed? If not, why was this not raised? If raised, what was his response?
    3. Did the U.S. officials who met with Mr. Naryshkin raise ongoing Russian cyber attacks on the U.S. and its allies, including reported efforts to discredit the Federal Bureau of Investigation and law enforcement investigations into Russian interference in the 2016 U.S. elections? If not, why was this not raised? If raised, what was his response?
    4. Did the U.S. officials who met with Mr. Naryshkin make clear that Putin’s interference in the 2018 and 2020 elections would be a hostile act against the United States? If not, why was this not raised? If raised, what was his response?

Instead of providing responses to questions about Russian tampering, Pompeo instead excused the whole meeting by pointing to counterterrorism, that same purpose, indeed — the same attack — that Putin raised in his December phone call.

We periodically meet with our Russian intelligence counterparts — to keep America safe. While Russia remains an adversary, we would put American lives at greater risk if we ignored opportunities to work with the Russian services in the fight against terrorism. We are proud of that counterterror work, including CIA’s role with its Russian counterparts in the recent disruption of a terrorist plot targeting St. Petersburg, Russia — a plot that could have killed Americans.

[snip]

Security cooperation between our intelligence services has occurred under multiple administrations. I am confident that you would support CIA continuing these engagements that are aimed at protecting the American people.

The contempt on sanctions makes it clear this goes beyond counterterrorism

All this together should allay any doubt you might have that this meeting goes beyond counterterrorism, if, indeed, it even has anything to do with counterterrorism.

Just as one possible other topic, in November, WSJ reported that DOJ was working towards charging Russians involved in the hack after the new year.

The Justice Department has identified more than six members of the Russian government involved in hacking the Democratic National Committee’s computers and swiping sensitive information that became public during the 2016 presidential election, according to people familiar with the investigation.

Prosecutors and agents have assembled evidence to charge the Russian officials and could bring a case next year, these people said. Discussions about the case are in the early stages, they said.

If filed, the case would provide the clearest picture yet of the actors behind the DNC intrusion. U.S. intelligence agencies have attributed the attack to Russian intelligence services, but haven’t provided detailed information about how they concluded those services were responsible, or any details about the individuals allegedly involved.

Today, Russia issued a new warning that America is “hunting” Russians all over the world, citing (among others) hacker Roman Seleznev.

“American special services are continuing their de facto hunt for Russians all over the world,” reads the statement published on the ministry’s website on Friday. The Russian diplomats also gave several examples of such arbitrary detentions of Russian citizens that took place in Spain, Latvia, Canada and Greece.

“Sometimes these were actual abductions of our compatriots. This is what happened with Konstantin Yaroshenko, who was kidnapped in Liberia in 2010 and secretly taken to the United States in violation of Liberian and international laws. This also happened in 2014 with Roman Seleznyov, who was literally abducted in the Maldives and forcefully taken to American territory,” the statement reads.

The ministry also warned that after being handed over to the US justice system, Russian citizens often encounter extremely biased attitudes.

“Through various means, including direct threats, they attempt to coerce Russians into pleading guilty, despite the fact that the charges of them are far-fetched. Those who refuse get sentenced to extraordinarily long prison terms.”

And, as I noted earlier, Trey Gowdy — one of the few members of Congress who has seen where Mueller is going with this investigation — cited the import of the counterintelligence case against Russia in a Sunday appearance.

CHRIS WALLACE: Congressman, we’ll get to your concerns about the FBI and the Department of Justice in a moment. But — but let me begin first with this. Do you still trust, after all you’ve heard, do you still trust Special Counsel Robert Mueller to conduct a fair and unbiased investigation?

REP. TREY GOWDY, R-SC, OVERSIGHT COMMITTEE CHAIRMAN: One hundred percent, particularly if he’s given the time, the resources and the independence to do his job. Chris, he didn’t apply for the job. He’s where he is because we have an attorney general who had to recuse himself. So Mueller didn’t raise his hand and say, hey, pick me. We, as a country, asked him to do this.

And, by the way, he’s got two — there are two components to his jurisdiction. There is a criminal component. But there’s also a counterintelligence component that no one ever talks about because it’s not sexy and interesting. But he’s also going to tell us definitively what Russia tried to do in 2016. So the last time you and I were together, I told my Republican colleagues, leave him the hell alone, and that’s still my advice.

Schumer and other Democrats demanding answers about this visit might think about any ways the Russians might be working to undermine Mueller’s investigation or transparency that might come of it.

Three weeks of oversight free covert action

The timing of this visit is particularly concerning for another reason. In the three week continuing resolution to fund the government passed on January 22, the House Appropriations Chair Rodney Frelinghuysen added language that would allow the Administration to shift money funding intelligence activities around without telling Congress. It allows funds to,

“be obligated and expended notwithstanding section 504(a)(1) of the National Security Act of 1947.”

Section 504(a)(1) is the piece of the law that requires intelligence agencies to spend money on the program the money was appropriated for. “Appropriated funds available to an intelligence agency may be obligated or expended for an intelligence or intelligence-related activity only if those funds were specifically authorized by the Congress for use for such activities; or …”

The “or” refers to the intelligence community’s obligation to inform Congress of any deviation. But without any obligation to spend funds as specifically authorized, there is no obligation to inform Congress if that’s not happening.

Since the only real way to prohibit the Executive is to prohibit them to spend money on certain things, the change allows the Trump Administration to do things they’ve been specifically prohibited from doing for the three week period of the continuing resolution.

Senators Burr and Warner tried to change the language before passage on January 22, to no avail.

This year’s Defense Authorization included a whole slew of limits on Executive Branch activity, including mandating a report if the Executive cooperates with Russia on Syria and prohibiting any military cooperation until such time as Russia leaves Ukraine. It’s possible the Trump Administration would claim those appropriations-tied requirements could be ignored during the time of the continuing resolution.

Which just happened to cover the period of the Russian visit.

Our friends are getting nervous

Meanwhile, both before and after the visit, our allies have found ways to raise concerns about sharing intelligence with the US in light of Trump’s coziness with Russia. A key subtext of the stories revealing that Netherlands’ AIVD saw Russian hackers targeting the Democrats via a hacked security camera was that Rick Ledgett’s disclosure of that operation last year had raised concerns about sharing with the US.

President elect Donald Trump categorically refuses to explicitly acknowledge the Russian interference. It would tarnish the gleam of his electoral victory. He has also frequently praised Russia, and president Putin in particular. This is one of the reasons the American intelligence services eagerly leak information: to prove that the Russians did in fact interfere with the elections. And that is why intelligence services have told American media about the amazing access of a ‘western ally’.

This has led to anger in Zoetermeer and The Hague. Some Dutchmen even feel betrayed. It’s absolutely not done to reveal the methods of a friendly intelligence service, especially if you’re benefiting from their intelligence. But no matter how vehemently the heads of the AIVD and MIVD express their displeasure, they don’t feel understood by the Americans. It’s made the AIVD and MIVD a lot more cautious when it comes to sharing intelligence. They’ve become increasingly suspicious since Trump was elected president.

Then, the author of a book on Israeli’s assassinations has suggested that the intelligence Trump shared with the Russians goes beyond what got publicly reported, goes to the heart of Israeli intelligence operations.

DAVIES: So if I understand it, you know of specific information that the U.S. shared with the Russians that has not been revealed publicly and that you are not revealing publicly?

BERGMAN: The nature of the information that President Trump revealed to Foreign Minister Lavrov is of the most secretive nature.

Finally, a piece on the Nunes memo out today suggests the British will be less likely to share intelligence with Trump’s administration after the release of the memo (though this is admittedly based on US congressional claims, not British sources).

Britain’s spy agencies risk having their intelligence methods revealed if Donald Trump releases a controversial memo about the FBI, congressional figures have warned.

The UK will be less likely to share confidential information if the secret memo about the Russian investigation is made public, according to those opposing its release.

Clearly, this meeting goes beyond counterterrorism cooperation. And given the way that both Treasury and CIA have acted contemptuously in the aftermath of the visit, Schumer and others should be far more aggressive in seeking answers about what this visit really entailed.

Update: I’ve added the section on Section 504.

Congress Should Revert to Section 702 as Passed in 2008, If That’s What the Spooks Want!

Congress is passing a continuing resolution with an extension of Section 702 today, giving Congress one month to figure out how it will reauthorize the surveillance program.

But the Intelligence Community is making one more bid to talk Congress into passing some bill today. The same Intelligence Community that has opposed bills that offer even lip service reforms — most notably the House Judiciary Committee bill — insist that anything else than a new authorization will make the country less safe.

Reauthorizing Section 702 before it expires is vital to keeping the nation safe. Let us be clear: if Congress fails to act, vital intelligence collection on international terrorists and other foreign adversaries will be lost. The country will be less secure.

And (again, from an IC that has refused to engage with the HJC bill) the IC wants its reauthorization now, without the short term extension, because short term extension don’t provide certainty.

We also believe it is important that Congress reauthorize Section 702 before it expires on December 31, 2017.  Although the current Section 702 certifications do not expire until April 2018, the Intelligence Community would need to start winding down its Section 702 program well in advance of that date.  Winding down such a valuable program would force agencies to divert resources away from addressing foreign threats. Short-term extensions are not the long-term answer either, as they fail to provide certainty, and will create needless and wasteful operational complications. We urge Congress, therefore, to act quickly to reauthorize Section 702 in a manner that preserves the effectiveness of this critical national security law before it expires.

Where the release gets truly inexcusable, however, is how they flip their demand that this reauthorization codify certain dubious practices and not limit other ones. Congress is not required to make changes, the spooks say, without telling you that even the SSCI bill makes at least one reform, and most of the bills on the floor today make more serious ones. Those are the bills the IC prevented from passing.

To be clear – Congress is not required to make any changes to Section 702. The Intelligence Community conducts and uses 702 collection in a manner that protects the privacy and civil liberties of individuals.

The spooks pretend, as they have before, that the Ninth Circuit approved back door searches, which it didn’t.

Every single court that has reviewed Section 702 and queries of its data has found it to be constitutional.

They then take their emphasis on the word targeting a step further than normal to avoid telling you that their “targeted surveillance” of location-obscuring servers like Tor and VPNs actually collects on US persons, and the “oversight’ of that collection allows entirely domestic communications collected via such “targeted” collection to be used in criminal cases.

The Intelligence Community’s use of Section 702, which permits targeted surveillance only of foreign persons located outside the United States, is subject to extensive oversight and incorporates substantial protections to protect the privacy and civil liberties of individuals.

Here, the spooks don’t acknowledge how much has changed in between the various passage of these bills.

In short, we believe Congress got it right in 2008 when it passed Section 702 and in 2012 when Congress reauthorized it.

Consider: if the 702 on the table today were 702 as it existed in 2008, Congress would pass it gladly. That’s because no backdoor searches were permitted (though FBI was already doing them), to say nothing of the 2014 exception that permits the collection of US person location-obscured communications. And upstream “about” collection wasn’t affirmatively permitted either.

In other words, if Congress could have Section 702 as it passed in 2008, it’d be a vast improvement from a privacy perspective than the program as it exists right now (and also wouldn’t include a counterproliferation certificate or approval to target cybersecurity targets).

Note, too, the spooks don’t admit that most of Congress didn’t know about backdoor and other kinds of US person searches in 2012.

All that said, even after saying that Congress had it right in 2008, the spooks return to the coded demands that Congress not do a single thing to limit the spying on Americans that has gotten added to the program since 2008.

Nevertheless, the Intelligence Community continues to be open to reasonable reforms to Section 702 to further enhance the already-substantial privacy protections contained in the law, but we simply cannot support legislation that would impede the operational efficacy of this vital authority.

There were many “reasonable reforms to … further enhance the already-substantial privacy protections contained in the law.” Those were the bills the IC refused to let pass, which is why we’re here on one of the last legislative days of the year, punting this legislation for a month.

“Circumventing” Encryption Is Different than “Weakening” or “Altering” It

I’m still catching up to the Questions for the Record that ODNI submitted to the Senate Intelligence Committee after its June hearing on 702. So I’d like to look more closely at something from the QFRs first reported by Zack Whittaker on encryption.

It has to do with a response to a Ron Wyden question about whether 702 provides authority to “circumvent or weaken” encryption.

Whittaker notes what I pointed out here — because of the way 702 works, “the court is never going to review the individual directives which is where the specific technical assistance gets laid out (unless a provider is permitted to challenge those directives).” That’s the headline point of his piece, one I agree with.

The US government does not need the approval of its secret surveillance court to ask a tech company to build an encryption backdoor.

Whittaker also notes that this language falls far short of denying (or confirming) whether it has asked for a back door. Meaning, it’s possible they asked a provider for a back door, and the provider complied without being forced to.

That said, I wanted to point out the limits to this claim from Whittaker.

In its answers, the government said it has “not to date” needed to ask the FISC to issue an order to compel a company to backdoor or weaken its encryption.

It is true that the government says it has not asked an ECSP to “alter the encryption provided by a service or product it offers.”

But that answer is non-responsive to the totality of Wyden’s question, which asks if the government ordered a provider to “circumvent or weaken” encryption. The government only addresses the latter question, whether the government has altered (presumably by weakening) encryption. It hasn’t answered, at all, whether it has ordered a provider to “circumvent” encryption.

That’s an important point regardless. These QFRs are always carefully crafted, particularly in responses to Wyden (or the few other people who actually exercise oversight).

I think it’s particularly important given something that happened with iOS in the last year: rather than just answering, yes or no, before a phone trusts a computer (meaning it will share its contents with iTunes and therefore potentially with Apple), iOS 11 now requires you to enter your password before a phone will trust a computer.

A different and more significant change is requiring the passcode to “trust” a new computer. Currently, when the police wish to search a phone, they unlock it either with the fingerprint reader, by convincing the suspect to unlock the phone (e.g. to look up a phone number), or they simply seize the phone while it is unlocked. None of these avenues directly implicate suspects’ constitutional rights. Once the unlocked phone is obtained, officials connect the device to a computer running forensics software, or even just iTunes, direct the device to “trust” the new computer when prompted, and download a backup that contains almost all of the relevant information stored on the phone. Requiring the passcode in order to sync the device with a new machine means that, even with an unlocked device, a party that wants access is now limited to searching the phone manually for visible items and can only perform that search while the phone remains unlocked.

I had already been thinking trusted backups provided a way the government could, through Apple, obtain contents from phones that would otherwise be hard to decrypt (I believe it would require altering iTunes, not the encryption itself). Such an approach would be particularly useful for NatSec investigations, where collecting contents wasn’t so much about solving an already committed crime (which is what all the iPhones the government hasn’t been able to break into were collected for), but to prevent one or otherwise collect prospective data.

I don’t even know if this is technically feasible. Nor do I know whether someone would be better sticking with iOS 10 and just rigorously refusing to trust a given computer or upgrading to iOS 11 and never entering that password.

But I do know this passage on encryption is — with respect to whether the government has ever ordered a company to circumvent encryption — a non-denial.

And I have learned that non-denials, especially in response to Wyden, generally should be closely scrutinized.

A Dragnet of emptywheel’s Most Important Posts on Surveillance, 2007 to 2017

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten this week.

To celebrate, the emptywheel team has been sharing some of our favorite work from the last decade. This is my massive dragnet of surveillance posts.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2007

Whitehouse Reveals Smoking Gun of White House Claiming Not to Be Bound by Any Law

Just days after opening the new digs, I noticed Sheldon Whitehouse entering important details into the Senate record — notably, that John Yoo had pixie dusted EO 12333 to permit George Bush to authorize the Stellar Wind dragnet. In the ten years since, both parties worked to gradually expand spying on Americans under EO 12333, only to have Obama permit the sharing of raw EO 12333 data in its last days in office, completing the years long project of restoring Stellar Wind’s functionalities. This post, from 2016, analyzes a version of the underlying memo permitting the President to change EO 12333 without providing public notice he had done so.

2008

McConnell and Mukasey Tell Half Truths

In the wake of the Protect America Act, I started to track surveillance legislation as it was written, rather than figure out after the fact how the intelligence community snookered us. In this post, I examined the veto threats Mike McConnell and Michael Mukasey issued in response to some Russ Feingold amendments to the FISA Amendments Act and showed that the government intended to use that authority to access Americans’ communication via both what we now call back door searches and reverse targeting. “That is, one of the main purposes is to collect communications in the United States.”

9 years later, we’re still litigating this (though, since then FISC has permitted the NSA to collect entirely domestic communications under the 2014 exception).

2009

FISA + EO 12333 + [redacted] procedures = No Fourth Amendment

The Government Sez: We Don’t Have a Database of All Your Communication

After the FISCR opinion on what we now know to be the Yahoo challenge to Protect American Act first got declassified, I identified several issues that we now have much more visibility on. First, PAA permitted spying on Americans overseas under EO 12333. And it didn’t achieve particularity through the PAA, but instead through what we know to be targeting procedures, including contact chaining. Since then we’ve learned the role of SPCMA in this.

In addition, to avoid problems with back door searches, the government claimed it didn’t have a database of all our communication — a claim that, narrowly parsed might be true, but as to the intent of the question was deeply misleading. That claim is one of the reasons we’ve never had a real legal review of back door searches.

Bush’s Illegal Domestic Surveillance Program and Section 215

On PATRIOTs and JUSTICE: Feingold Aims for Justice

During the 2009 PATRIOT Act reauthorization, I continued to track what the government hated most as a way of understanding what Congress was really authorizing. I understood that Stellar Wind got replaced not just by PAA and FAA, but also by the PATRIOT authorities.

All of which is a very vague way to say we probably ought to be thinking of four programs–Bush’s illegal domestic surveillance program and the PAA/FAA program that replaced it, NSLs, Section 215 orders, and trap and trace devices–as one whole. As the authorities of one program got shut down by exposure or court rulings or internal dissent, it would migrate to another program. That might explain, for example, why Senators who opposed fishing expeditions in 2005 would come to embrace broadened use of Section 215 orders in 2009.

I guessed, for example, that the government was bulk collecting data and mining it to identify targets for surveillance.

We probably know what this is: the bulk collection and data mining of information to select targets under FISA. Feingold introduced a bajillion amendments that would have made data mining impossible, and each time Mike McConnell and Michael Mukasey would invent reasons why Feingold’s amendments would have dire consequences if they passed. And the legal information Feingold refers to is probably the way in which the Administration used EO 12333 and redacted procedures to authorize the use of data mining to select FISA targets.

Sadly, I allowed myself to get distracted by my parallel attempts to understand how the government used Section 215 to obtain TATP precursors. As more and more people confirmed that, I stopped pursuing the PATRIOT Act ties to 702 as aggressively.

2010

Throwing our PATRIOT at Assange

This may be controversial, given everything that has transpired since, but it is often forgotten what measures the US used against Wikileaks in 2010. The funding boycott is one thing (which is what led Wikileaks to embrace Bitcoin, which means it is now in great financial shape). But there’s a lot of reason to believe that the government used PATRIOT authorities to target not just Wikileaks, but its supporters and readers; this was one hint of that in real time.

2011

The March–and April or May–2004 Changes to the Illegal Wiretap Program

When the first iteration of the May 2004 Jack Goldsmith OLC memo first got released, I identified that there were multiple changes made and unpacked what some of them were. The observation that Goldsmith newly limited Stellar Wind to terrorist conversations is one another reporter would claim credit for “scooping” years later (and get the change wrong in the process). We’re now seeing the scope of targeting morph again, to include a range of domestic crimes.

Using Domestic Surveillance to Get Rapists to Spy for America

Something that is still not widely known about 702 and our other dragnets is how they are used to identify potential informants. This post, in which I note Ted Olson’s 2002 defense of using (traditional) FISA to find rapists whom FBI can then coerce to cooperate in investigations was the beginning of my focus on the topic.

2012

FISA Amendments Act: “Targeting” and “Querying” and “Searching” Are Different Things

During the 2012 702 reauthorization fight, Ron Wyden and Mark Udall tried to stop back door searches. They didn’t succeed, but their efforts to do so revealed that the government was doing so. Even back in 2012, Dianne Feinstein was using the same strategy the NSA currently uses — repeating the word “target” over and over — to deny the impact on Americans.

Sheldon Whitehouse Confirms FISA Amendments Act Permits Unwarranted Access to US Person Content

As part of the 2012 702 reauthorization, Sheldon Whitehouse said that requiring warrants to access the US person content collected incidentally would “kill the program.” I took that as confirmation of what Wyden was saying: the government was doing what we now call back door searches.

2013

20 Questions: Mike Rogers’ Vaunted Section 215 Briefings

After the Snowden leaks started, I spent a lot of time tracking bogus claims about oversight. After having pointed out that, contrary to Administration claims, Congress did not have the opportunity to be briefed on the phone dragnet before reauthorizing the PATRIOT Act in 2011, I then noted that in one of the only briefings available to non-HPSCI House members, FBI had lied by saying there had been no abuses of 215.

John Bates’ TWO Wiretapping Warnings: Why the Government Took Its Internet Dragnet Collection Overseas

Among the many posts I wrote on released FISA orders, this is among the most important (and least widely understood). It was a first glimpse into what now clearly appears to be 7 years of FISA violation by the PRTT Internet dragnet. It explains why they government moved much of that dragnet to SPCMA collection. And it laid out how John Bates used FISA clause 1809(a)(2) to force the government to destroy improperly collected data.

Federated Queries and EO 12333 FISC Workaround

In neither NSA nor FBI do the authorities work in isolation. That means you can conduct a query on federated databases and obtain redundant results in which the same data point might be obtained via two different authorities. For example, a call between Michigan and Yemen might be collected via bulk collection off a switch in or near Yemen (or any of the switches between there and the US), as well as in upstream collection from a switch entering the US (and all that’s assuming the American is not targeted). The NSA uses such redundancy to apply the optimal authority to a data point. With metadata, for example, it trained analysts to use SPCMA rather than PATRIOT authorities because they could disseminate it more easily and for more purposes. With content, NSA appears to default to PRISM where available, probably to bury the far more creative collection under EO 12333 for the same data, and also because that data comes in structured form.

Also not widely understood: the NSA can query across metadata types, returning both Internet and phone connection in the same query (which is probably all the more important now given how mobile phones collapse the distinction between telephony and Internet).

This post described how this worked with the metadata dragnets.

The Purpose(s) of the Dragnet, Revisited

The government likes to pretend it uses its dragnet only to find terrorists. But it does far more, as this analysis of some court filings lays out.

2014

The Corporate Store: Where NSA Goes to Shop Your Content and Your Lifestyle

There’s something poorly understood about the metadata dragnets NSA conducts. The contact-chaining isn’t the point. Rather, the contact-chaining serves as a kind of nomination process that puts individuals’ selectors, indefinitely, into the “corporate store,” where your identity can start attracting other related datapoints like a magnet. The contact-chaining is just a way of identifying which people are sufficiently interesting to submit them to that constant, ongoing data collection.

SPCMA: The Other NSA Dragnet Sucking In Americans

I’ve done a lot of work on SPCMA — the authorization that, starting in 2008, permitted the NSA to contact chain on and through Americans with EO 12333 data, which was one key building block to restoring access to EO 12333 analysis on Americans that had been partly ended by the hospital confrontation, and which is where much of the metadata analysis affecting Americans has long happened. This was my first comprehensive post on it.

The August 20, 2008 Correlations Opinion

A big part of both FBI and NSA’s surveillance involves correlating identities — basically, tracking all the known identities a person uses on telephony and the Internet (and financially, though we see fewer details of that), so as to be able to pull up all activities in one profile (what Bill Binney once called “dossiers”). It turns out the FISC opinion authorizing such correlations is among the documents the government still refuses to release under FOIA. Even as I was writing the post Snowden was explaining how it works with XKeyscore.

A Yahoo! Lesson for USA Freedom Act: Mission Creep

This is another post I refer back to constantly. It shows that, between the time Yahoo first discussed the kinds of information they’d have to hand over under PRISM in August 2007 and the time they got directives during their challenge, the kinds of information they were asked for expanded into all four of its business areas. This is concrete proof that it’s not just emails that Yahoo and other PRISM providers turn over — it’s also things like searches, location data, stored documents, photos, and cookies.

FISCR Used an Outdated Version of EO 12333 to Rule Protect America Act Legal

Confession: I have an entire chapter of the start of a book on the Yahoo challenge to PRISM. That’s because so much about it embodied the kind of dodgy practices the government has, at the most important times, used with the FISA Court. In this post, I showed that the documents that the government provided the FISCR hid the fact that the then-current versions of the documents had recently been modified. Using the active documents would have shown that Yahoo’s key argument — that the government could change the rules protecting Americans anytime, in secret — was correct.

2015

Is CISA the Upstream Cyber Certificate NSA Wanted But Didn’t Really Get?

Among the posts I wrote on CISA, I noted that because the main upstream 702 providers have a lot of federal business, they’ll “voluntarily” scan on any known cybersecurity signatures as part of protecting the federal government. Effectively, it gives the government the certificate it wanted, but without any of the FISA oversight or sharing restrictions. The government has repeatedly moved collection to new authorities when FISC proved too watchful of its practices.

The FISA Court’s Uncelebrated Good Points

Many civil libertarians are very critical of the FISC. Not me. In this post I point out that it has policed minimization procedures, conducted real First Amendment reviews, taken notice of magistrate decisions and, in some cases, adopted the highest common denominator, and limited dissemination.

How the Government Uses Location Data from Mobile Apps

Following up on a Ron Wyden breadcrumb, I figured out that the government — under both FISA and criminal law — obtain location data from mobile apps. While the government still has to adhere to the collection standard in any given jurisdiction, obtaining the data gives the government enhanced location data tied to social media, which can implicate associates of targets as well as the target himself.

The NSA (Said It) Ate Its Illegal Domestic Content Homework before Having to Turn It in to John Bates

I’m close to being able to show that even after John Bates reauthorized the Internet metadata dragnet in 2010, it remained out of compliance (meaning NSA was always violating FISA in obtaining Internet metadata from 2002 to 2011, with a brief lapse). That case was significantly bolstered when it became clear NSA hastily replaced the Internet dragnet with obtaining metadata from upstream collection after the October 2011 upstream opinion. NSA hid the evidence of problems on intake from its IG.

FBI Asks for at Least Eight Correlations with a Single NSL

As part of my ongoing effort to catalog the collection and impact of correlations, I showed that the NSL Nick Merrill started fighting in 2004 asked for eight different kinds of correlations before even asking for location data. Ultimately, it’s these correlations as much as any specific call records that the government appears to be obtaining with NSLs.

2016

What We Know about the Section 215 Phone Dragnet and Location Data

During the lead-up to the USA Freedom Debate, the government leaked stories about receiving a fraction of US phone records, reportedly because of location concerns. The leaks were ridiculously misleading, in part because they ignored that the US got redundant collection of many of exactly the same calls they were looking for from EO 12333 collection. Yet in spite of these leaks, the few figured out that the need to be able to force Verizon and other cell carriers to strip location data was a far bigger reason to pass USAF than anything Snowden had done. This post laid out what was known about location data and the phone dragnet.

While It Is Reauthorizing FISA Amendments Act, Congress Should Reform Section 704

When Congress passed FISA Amendments Act, it made a show of providing protections to Americans overseas. One authority, Section 703, was for spying on people overseas with help of US providers, and another was for spying on Americans overseas without that help. By May 2016, I had spent some time laying out that only the second, which has less FISC oversight, was used. And I was seeing problems with its use in reporting. So I suggested maybe Congress should look into that?

It turns out that at precisely that moment, NSA was wildly scrambling to get a hold on its 704 collection, having had an IG report earlier in the year showing they couldn’t audit it, find it all, or keep it within legal boundaries. This would be the source of the delay in the 702 reauthorization in 2016, which led to the prohibition on about searches.

The Yahoo Scan: On Facilities and FISA

The discussion last year of a scan the government asked Yahoo to do of all of its users was muddled because so few people, even within the privacy community, understand how broadly the NSA has interpreted the term “selector” or “facility” that it can target for collection. The confusion remains to this day, as some in the privacy community claim HPSCI’s use of facility based language in its 702 reauthorization bill reflects new practice. This post attempts to explain what we knew about the terms in 2016 (though the various 702 reauthorization bills have offered some new clarity about the distinctions between the language the government uses).

2017

Ron Wyden’s History of Bogus Excuses for Not Counting 702 US Person Collection

Ron Wyden has been asking for a count of how many Americans get swept up under 702 for years. The IC has been inventing bogus explanations for why they can’t do that for years. This post chronicles that process and explains why the debate is so important.

The Kelihos Pen Register: Codifying an Expansive Definition of DRAS?

When DOJ used its new Rule 41 hacking warrant against the Kelihos botnet this year, most of the attention focused on that first-known usage. But I was at least as interested in the accompanying Pen Register order, which I believe may serve to codify an expansion of the dialing, routing, addressing, and signaling information the government can obtain with a PRTT. A similar codification of an expansion exists in the HJC and Lee-Leahy bills reauthorizing 702.

The Problems with Rosemary Collyer’s Shitty Upstream 702 Opinion

The title speaks for itself. I don’t even consider Rosemary Collyer’s 2017 approval of 702 certificates her worst FISA opinion ever. But it is part of the reason why I consider her the worst FISC judge.

It Is False that Downstream 702 Collection Consists Only of To and From Communications

I pointed out a number of things not raised in a panel on 702, not least that the authorization of EO 12333 sharing this year probably replaces some of the “about” collection function. Most of all, though, I reminded that in spite of what often gets claimed, PRISM is far more than just communications to and from a target.

UNITEDRAKE and Hacking under FISA Orders

A document leaked by Shadow Brokers reveals a bit about how NSA uses hacking on FISA targets. Perhaps most alarmingly, the same tools that conduct such hacks can be used to impersonate a user. While that might be very useful for collection purposes, it also invites very serious abuse that might create a really nasty poisonous tree.

A Better Example of Article III FISA Oversight: Reaz Qadir Khan

In response to Glenn Gerstell’s claims that Article III courts have exercised oversight by approving FISA practices (though the reality on back door searches is not so cut and dry), I point to the case of Reaz Qadir Khan where, as Michael Mosman (who happens to serve on FISC) moved towards providing a CIPA review for surveillance techniques, Khan got a plea deal.

The NSA’s 5-Page Entirely Redacted Definition of Metadata

In 2010, John Bates redefined metadata. That five page entirely redacted definition became codified in 2011. Yet even as Congress moves to reauthorize 702, we don’t know what’s included in that definition (note: location would be included).

FISA and the Space-Time Continuum

This post talks about how NSA uses its various authorities to get around geographical and time restrictions on its spying.

The Senate Intelligence Committee 702 Bill Is a Domestic Spying Bill

This is one of the most important posts on FISA I’ve ever written. It explains how in 2014, to close an intelligence gap, the NSA got an exception to the rule it has to detask from a facility as soon as it identifies Americans using the facility. The government uses it to collect on Tor and, probably VPN, data. Because the government can keep entirely domestic communications that the DIRNSA has deemed evidence of a crime, the exception means that 702 has become a domestic spying authority for use with a broad range of crimes, not to mention anything the Attorney General deems a threat to national security.

“Hype:” How FBI Decided Searching 702 Content Was the Least Intrusive Means

In a response to a rare good faith defense of FBI’s back door searches, I pointed out that the FBI is obliged to consider the least intrusive means of investigation. Yet, even while it admits that accessing content like that obtained via 702 is extremely intrusive, it nevertheless uses the technique routinely at the assessment level.

Other Key Posts Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

10 Years of emptywheel: Key Non-Surveillance Posts 2013-2015

10 Years of emptywheel: Key Non-Surveillance Posts 2016-2017

10 Years of emptywheel: Jim’s Dimestore

The Intelligence Community’s Swiss Cheese Preemptive 702 Unmasking Reports: Now with Twice the Holes!

Because a white man still liked by some members of Congress had FISA-collected conversations leaked to the press, Republicans who used to applaud surveillance started to show some more concerns about it this year. That has been making reauthorization of Section 702 unexpectedly challenging. Both the HJC and SJC bills reauthorizing the law include new reporting requirements, which include mandates to provide real numbers for how many Americans get unmasked in FISA reports. There’s no such requirement on the SSCI bill.

Instead, explicitly in response to concerns raised in SSCI’s June 7 hearing on 702 reauthorization (even though the concern was also raised earlier in HJC and SJC hearings), I Con the Record has released an ODNI report on disseminations under FISA, a report it bills as “document[ing] the rigorous and multi-layered framework that safeguards the privacy of U.S. person information in FISA disseminations.”

The report largely restates language that is available in the law or declassified targeting and minimization procedures, though there are a few tidbits worth noting. Nevertheless, the report falls far short of what the SJC and HJC bills lay out, which is a specific count and explanation of the unmasking that happens (though NSA, in carrying out a review of a month’s worth of serialized reports, examining out their treatment of masking, does model what HJC and SJC would request).

The report consists of the DNI report with separate agency reports. I’ll deal with the latter first, then return to the DNI report.

NSA

The NSA report starts by narrowing the scope of the dissemination it will cover significantly in two ways.

This report examines the procedures and practices used by the National Security Agency (NSA) to protect U.S. person information when producing and disseminating serialized intelligence reports derived from signals intelligence (SIGINT) acquired pursuant to Title I and Section 702 of the Foreign Intelligence Surveillance Act of 1978, as amended (FISA). 1

1This report is limited to an examination of the procedures and practices used to protect FISA-acquired U.S. person information disseminated in serialized intelligence reports. This report does not examine other means of dissemination. For purposes of this report, the term “dissemination” should be interpreted as a reference to serialized intelligence reporting, unless otherwise indicated.

First, it treats just Title I and Section 702. That leaves out at least two other known collection techniques of content (to say nothing of metadata) under FISA: Title III (FBI probably does almost all of this, though it might be accomplished via hacking) and Section 704/705b targeting Americans overseas (which has been a significant problem of late).

More importantly, by limiting the scope to serialized reports, NSA’s privacy officer completely ignores the two most problematic means of disseminating US person data: by collecting it off Tor and other location obscured nodes and then deeming it evidence of a crime that can be disseminated in raw form to FBI, and by handing raw data to the FBI (and, to a lesser extent, CIA and NCTC).

As the report turns to whether NSA’s procedures meet Fair Information Practice Principles, then, the exclusion of these four categories of data permit the report to make claims that would be unsustainable if those data practices were included in the scope of the report.

The principle of Data Minimization states that organizations should only collect PII that is directly relevant and necessary to accomplish the specified purpose. The steps taken from the outset of the SIGINT production process to determine what U.S. person information can and should be disseminated directly demonstrate how this principle is met, as do NSA’s procedures and documentation requirements for the proactive and post-publication release of U.S. identities in disseminated SIGINT.

The principle of Use Limitation provides that organizations should use PII solely for the purposes specified in the notice. In other words, the sharing of PII should be for a purpose compatible with the purpose for which it was collected. NSA’s SIGINT production process directly reflects this principle.

[snip]

The principle of Accountability and Auditing states that organization should be accountable for complying with these principles, providing training to all employees and contractors who use personally identifiable information, auditing the actual use of personally identifiable information to demonstrate compliance with these principles and all applicable privacy protections.

For example, the collection of US person data off a Tor node is not relevant to the specified purpose (nor are the criminal categories under which NSA will pass on data). That’s true, too, of Use Limitation: the government is collecting domestic child porn information in the name of foreign intelligence, and the government is doing back door searches of raw 702 data for any matter of purpose. Finally, we know that the government has had auditing problems, particularly with 704/705b. Is that why they didn’t include it in the review, because they knew it would fail the auditing requirement?

CIA

CIA’s report is not as problematic as NSA’s one, but it does have some interesting tidbits. For example, because it mostly disseminates US person information for what it calls tactical purposes and to a limited audience, it rarely masks US person identities.

More specifically, unlike general “strategic” information regarding broad foreign intelligence threats, CIA’s disseminations of information concerning U.S. persons were “tactical” insofar as they were very often in response to requests from another U.S. intelligence agency for counterterrorism information regarding a specific individual, or in relation to a specific national security threat actor or potential or actual victim of a national security threat.

Relatedly, because these disseminations were generally for narrow purposes and sent to a limited number of recipients, the replacement of a U.S. person identity with a generic term (e.g., “named U.S. person,” sometimes colloquially referred to as “masking”) was rare, due to the need to retain the U.S. person identity in order to understand the foreign intelligence information by this limited audience.

CIA, like NSA, has its own unique definition of “dissemination:” That which gets shared outside the agency.

Information shared outside of CIA is considered a dissemination, and is required to occur in accordance with approved authorities, policies, and procedures.

Much later, dissemination is described as retaining information outside of an access-controlled system, which suggests fairly broad access to the databases that include such information.

Prior to dissemination of any information identifying, or even concerning, a U.S. person, the minimization procedures require that CIA make a determination that the information concerning the U.S. person may be retained outside of access-controlled systems accessible only to CIA personnel with specialized FISA training to review unevaluated information. I

Whereas NSA focused very little attention on its targeting process (which allows it to collect entirely domestic communications), CIA outsources much of its responsibility for limiting intake to FBI and NSA (note, unlike NSA, it includes Title III collection in its report, but also doesn’t treat 704/705b). For example, it focuses on the admittedly close FISA scrutiny FBI applications undergo for traditional FISA targeting, but then acknowledges that it can get “unevaluated” (that is, raw) information in some cases.

If requested by FBI in certain cases, unevaluated information acquired by FBI can be shared with CIA.

Likewise, the CIA notes that it can nominate targets to NSA, but falls back on NSA’s targeting process to claim this is not a bulk collection program (one of CIA’s greatest uses of this data is in metadata analysis).

CIA may nominate targets to NSA for Section 702 collection, but the ultimate decision to target a non-U.S. person reasonably believed to be located outside the United States rests with NSA.

[snip]

Section 702 is not a bulk collection program; NSA makes an individualized decision with respect to each non-U.S. person target.

Thus, the failure of the NSA report to talk about other collection methods (in CIA’s case, of incidental US person data in raw data) ports the same failure onto CIA’s report.

NCTC

NCTC’s report is perhaps the most amusing of all. It provides the history of how it was permitted to obtain raw Title I and Title III data in 2012 and 702 data in 2017 (like everyone else, it is silent on 704/705b data, though we know from this year’s 702 authorization they get that too), then says its use and dissemination of 702 data is too new to have been reviewed much.

Because NCTC just recently (in April 2017) obtained FISC authority to receive unminimized Section 702-acquired counterterrorism information, only a small number of oversight reviews have occurred. CLPT is directly involved in such reviews, including reviews of disseminations.

In other words, it is utterly silent about its dissemination of Title I and Title III data compliance. It is likewise silent on a dissemination that is probably unique to NCTC: the addition of US person names to watchlists based off raw database analysis. The dissemination of US person names in this way aren’t serialized reports, but they have a direct impact on the lives of Americans.

FBI

It’s hard to make sense of the FBI document because it lacks logical organization and includes a number of typos. More importantly, over and over it either materially misrepresents the truth (particularly in FBI’s access to entirely domestic communications collected under 702) or simply blows off requirements (most notably with its insistence that back door searches are important, without making any attempt to assess the privacy impact of them).

Bizarrely, the FBI treats just Title I and 702 in its report, even though it would be in charge of Title III collection in the US, and 705b collection would be tied to traditional FISA authorities.

Like CIA, FBI’s relies on NSA’s role in targeting, without admitting that NSA can collect on selectors that it knows to also be used by US persons, and can disseminate the US person data to FBI in case of a crime. Indeed, FBI specifically neglects to mention the 2014 exception whereby NSA doesn’t have to detask from a facility once it discovers US persons are using it as well as the foreign targets.

Targets under Section 702 collection who are subsequently found to be U.S. persons, or non-U.S. persons located in the U.S., must be detasked immediately

The end result if materially false, and false in a way that would involve dissemination of US person data (though not in a serialized report) from NSA to FBI.

The FBI report also pretends that a nomination would pertain primarily to an email address, rather than (for example) and IP address, in spite of later quoting from minimization procedures that reveal it is far broader than that: “electronic communication accounts/addresses/identifiers.”

After talking about its rules on dissemination, the FBI quickly turns to federated database “checks.”

Among other things, since 9/11, the FBI has dedicated considerable time, effort, and money to develop and operate a federated database environment for its agents and analysts to review information across multiple datasets to establish links between individuals and entities who may be associated with national security and/or criminal investigations. This allows FBI personnel to connect dots among various sources of information in support of the FBI’s investigations, including accessing data collected pursuant to FISA in a manner that is consistent with the statute and applicable FISA court orders. The FBI has done this by developing a carefully overseen system that enables its personnel to conduct database checks that look for meaningful connections in its data in a way that protects privacy and guards civil liberties. Maintaining the capability to conduct federated database checks is critical to the FBI’s success in achieving its mission.

But it doesn’t distinguish the legal difference between dissemination and checks. Far more importantly, it doesn’t talk about the privacy impact of these “checks,” a tacit admission that FBI doesn’t even feel the need to try to justify this from a privacy perspective.

Unlike NSA, FBI talks about the so-called prohibition on reverse targeting.

Reverse targeting is specifically prohibited under Section 702.31 “Reverse targeting” is defined as targeting a non-U.S. person who is reasonably believed to be located outside of the U.S. with the true purpose of acquiring communications of either (1) a U.S. person or (2) any individual reasonably believed to be located inside of the U.S. with whom the non-U.S. person is in contact.32

Yet we know from Ron Wyden that this prohibition actually permits FBI to nominate a foreigner even if a purpose of that targeting is to get to the Americans communications.

FBI talks about its new Title I minimization procedures, without mentioning that requirements on access controls and auditing arose in response to violations of such things.

The SMPs require, for example, FISA-acquired information to be kept under appropriately secure conditions that limit access to only those people who require access to perform their official duties or assist in a lawful and authorized governmental function.37 The SMP also impose an auditing requirement for the FBI to “maintain accurate records of all persons who have accessed FISA-acquired information in electronic and data storage systems and audit its access records regularly to ensure that FISA-acquired information is only accessed by authorized individuals.”38

And nowhere does FBI talk about the dissemination of US person data to ad hoc databases.

Remarkably, unlike NSA, FBI didn’t actually appear to review its dissemination practices (at least there’s no described methodology as such). Instead, it reviews its dissemination policy.

The instant privacy review found that the FBI’s SMP and Section 702 MP, which are subject to judicial review, protect the privacy rights of U.S. persons by limiting the acquisition, retention, and dissemination of their non-publicly available information without their consent. In addition, both sets of minimization procedures require that FISA-acquired information only be used for lawful purposes.42

Then it engages in a cursory few line review of whether it complies with FIPP. Whereas NSA assessed compliance with “Transparency, Use Limitation, Data Minimization, Security, Quality and Integrity, Accountability, and Auditing (but found Purpose specification not considered directly relevant), FBI at first assessed only Purpose specification. After noting that such a privacy review is not required in any case because FBI’s systems have been deemed a national security system, it then asserts that “DOJ and FBI conducted a review for internal purposes to ensure that all relevant privacy issues are addressed. These reviews ensure that U.S. person information is protected from potential misuse and/or improper dissemination.”

Later, it uses the affirmative permission to share data with other state and local law enforcement and foreign countries as a privacy limit, finding that it fulfills data minimization and transparency (and purpose, again).

Like the SMP for Title I of FISA, the Section 702 MP permits the FBI to disseminate Section 702-acquired U.S. person information that reasonably appears to be foreign intelligence information or is necessary to understand foreign intelligence information or assess its importance to federal, state, local, and tribal officials and agencies with responsibilities relating to national security that require access to intelligence information.50 The FBI is also permitted to disseminate U.S. person information that reasonably appears to be evidence of a crime to law enforcement authorities.51 In addition, the Section 702 MP provides guidelines that must be met before dissemination of U.S. person information to foreign governments is allowed.52 The dissemination of Section 702 information to a foreign government requires legal review by the NSCLB attorney assigned to the case.53 In light of the above judicially-reviewed minimization procedures for the dissemination of FISA acquired information, the FBI’s current implementation satisfies the data minimization and transparency FIPPs.

With respect to dissemination, FBI focuses on finished intelligence reports, not investigative files, where most data (including data affecting Mike Flynn) would be broadly accessed. Then, far later, it says this review found no violations, “in finished intelligence.”

Finally, the instant review found no indication of noncompliance with the required authorities governing dissemination of U.S. person information in finished intelligence.

At this point, the report appears to be a flashing siren of all the things it either clearly didn’t investigate or wouldn’t describe. Which worries me.

It then turns FBI’s failures to give notice that data derives from FISA as a privacy benefit, rather than a violation of the laws mandating disclosure.

While the redaction of U.S. person information may commonly be referred to as “masking,” the FBI does not generally use that term.

In addition, disseminations or disclosures of FISA-acquired information must be accompanied by a caveat. All caveats must contain, at a minimum, a warning that the information may not be used in a legal proceeding without the advanced authorization of the FBI or Attorney General.48 This helps ensure the information is properly protected.

And in the four paragraphs FBI dedicates to public transparency, it not only doesn’t admit that it has been exempted from most reporting on 702 use, but it doesn’t once mention mandated notice to defendants, which it has only complied with around 8 times.

There are many ways FBI could have handled this report to avoid making it look like a guilty omission that, while its finished intelligence reports aren’t a big US person data dissemination problem, virtually every other way it touches 702 data is. But it didn’t try any of those. Instead, it just engaged in omission after omission.

DNI

My unease over the giant holes in the FBI report carry over to a one detail in the DNI report. It’s only there that the government admits something that Semiannual 702 reports have admitted since FBI dispersed targeting to field offices. While the 702 reviews review pretty much everything NSA does and many things CIA does, the reviews don’t review all FBI disseminations, and they only include in their sample disseminations affirmatively identified as US person information.

As it pertains to reviewing dissemination of Section 702 information, ODNI and DOJ’s National Security Division (NSD) review many of the agencies’ disseminations as part of the oversight reviews to assess compliance with each agency’s respective minimization procedures and with statutory requirements.25 NSD and ODNI examine the disseminations to assess whether any information contained therein that appears to be of or concerning U.S. persons meets the applicable dissemination standard found in the agency’s minimization procedures; whether other aspects of the dissemination requirements (to include limitations on the dissemination of attorney-client communications and the requirement of a FISA warning statement as required by 50 U.S.C. § 1806(b)) have been met; and whether the information disseminated is indicative of reverse targeting of U.S. persons or persons located in the United States.

25For example, as it pertains to NSA, NSD currently reviews all of the serialized reports (with ODNI reviewing a sample) that NSA has disseminated and identified as containing Section 702-acquired U.S. person information. For CIA and NCTC, NSD currently reviews all dissemination (with ODNI reviewing a sample) of information acquired under Section 702 that the agency identified as potentially containing U.S. person information. For FBI, both NSD and ODNI currently review a sample of disseminations of information acquired under Section 702 that FBI identifies as potentially containing U.S. person information.

This is one of a number of reasons why FBI only identified one criminal 702 query last year — only after that one query was selected as part of the review, and only after some haranguing, was it identified as an entirely criminal query.

The DNI report makes one more incorrect claim — that all incidents of non-compliance have been remediated.

Disseminating FISA information in a manner that violates the minimization procedures would, therefore, be a violation of the statute, as would use or disclosure of the information for unlawful purposes. As noted above, identified incidents of non-compliance with the minimization procedures, to include improper disseminations, are reported to the FISC and to the congressional intelligence committees and those incidents are remediated.

That was true before this year, I guess. But Rosemary Collyer, in a deviation from past practice of requiring the government to destroy data collected without authorization, did not require NSA to destroy the poison fruit of unauthorized 704b and other back door queries (though perhaps DNI believes their claim is true given the way everyone has avoided talking about the more troubled collection techniques).

The DNI report ends with a boast about what it calls “transparency.”

These reviews also illustrate the importance of transparency. Historically, many of the documents establishing this framework were classified and not available to the public. In recent years, much progress has been made in releasing information from these documents, and providing context and explanations to make them more readily understandable. We trust that these reviews are a further step in enhancing public understanding of these key authorities. It is important to continue with transparency efforts like these on issues of public concern, such as the protection of U.S. person information in FISA disseminations.

It is true that these reports rely on a great deal of declassified information. But that does not amount to “transparency,” unless you’re defining that to mean something that hides the truth with a bunch of off-topic mumbo jumbo.

This report appears to be an attempt to stave off real reporting requirements for unmasked information — an attempt to placate the Republicans who are rightly troubled that the contents of FISA intercepts in which Mike Flynn was incidentally collected.

But no person concerned about the impact on US persons of FISA should find these reports reassuring. On the contrary, the way in which, agency after agency, the most important questions were dodged should raise real alarms, particularly with respect to FBI.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Ned Price Rebuts HPSCI’s Ignorance on Unmasking with His Own Stupid Obfuscation

Former Obama NSC staffer Ned Price has a piece on Section 702 at Lawfare that embodies the stupidity surrounding Section 702 reauthorization debate. He apparently doesn’t realize it, but his post effectively argues, “the people in Congress who oversee FISA have no clue how it works but reauthorize it forever anyway.”

Price’s post features all the typical things that Section 702 boosterism does: the false pretense that the value of Section 702 means it must be passed without even the most obvious reforms, such as ensuring FISC uses an amicus during the annual recertification so they know more than Rosemary Collyer did in this year’s go-around.

Administration officials privately concede that, in light of this conflation, Section 702 stands little chance for a clean reauthorization later this year.

[snip]

White House officials have vocally supported the clean reauthorization of Section 702 authorities.

Nor does Price admit that when he says “clean reauthorization” what he really means is “dramatic change to the norm, because it’d be permanent reauthorization.”

Further, like most 702 booster pieces, Price dismisses the real complaints of those of us who’ve raised concerns about 702, without even responding to them.

To be sure, several lawmakers from both parties have long voiced opposition to Section 702 over sincerely held, if misguided, concerns about privacy and civil liberties.

Instead of doing that, Price hauls out the old canard that this is not about “surveillance” of Americans.

All the while, law enforcement and intelligence officials—including former FBI director James Comey, Director of National Intelligence Dan Coats, and National Security Agency Director Mike Rogers—reminded lawmakers in hearing after hearing this year that the tool is not intended for surveillance of U.S. citizens,

In one of those hearings where, Price claims, these men offered reassurances about the surveillance of Americans, Coats lied about whether 702 will collect entirely domestic communications, after having just signed a certificate saying it could. And Rogers was less than forthcoming about NSA’s repeated and consistent failures to inform FISC of compliance problems in timely fashion. As I said after the key one, “given the dodgy testimony of the two men running that dragnet, Americans should have more worries than ever before.”

Worse, Price is engaged in the same old fiction: in spite of the fact that witnesses and members of Congress have made it clear for years that a key purpose of 702 is to learn what Americans are saying to 702 targets, he wields that word “target” as if it doesn’t affect Americans. It does. It permits the warrantless access to Americans’ communications, and is queried routinely by the FBI even before they open investigations on someone. If you won’t honestly deal with that, you’re unwilling to defend the program as it exists.

But all that’s just the typical 702 boosterism, which serves as backdrop for Price’s central project: to explain how Devin Nunes’ panic about unmasking this year threatens 702 reauthorization.

Within the pantheon of Trump administration scandals, the manufactured uproar over “unmasking” came and went quicker than most. It was last spring that White House officials, working in tandem with House intelligence committee Chairman Devin Nunes, laundered intelligence information in an effort to train Americans’ sights on a practice that is routine—if highly regulated—within our national security establishment.

The effort blew up in their faces. The House Ethics Committee opened an investigation into Nunes,  who partially recused himself from the Russia investigation. The White House staffer who oversaw the secret political operation has since been fired. Even prominent Republicans, including Richard Burr, the chairman of the Senate intelligence committee, have publicly distanced themselves from the affair.

Price is right that Nunes’ stunt was a manufactured scandal. That’s something I’ve been saying for months.

But along the way he engages in the same kind of stupidity as the hacks he criticizes. First, he suggests that unmasking is an entirely separate issue than 702.

Nevertheless, administration allies on Capitol Hill have repeatedly obscured those facts, publicly conflating Section 702 authorities with unmasking and leaking,

While I’ve long pointed out that back door searches Price ignores are the more common way Americans would have their communications exposed by 702 surveillance, it is nevertheless the case that Americans whose names appear in reports based off 702 are usually eventually unmasked.

ICTR provided better information on unmasked US person identities this year than last, revealing how many USP identities got released.

As I said last year, ICTR is not doing itself any favors by revealing what a tiny fraction of all 702 reports the 3,914 — it must be truly miniscule.

All that said if you do get reported in one of those rare 702 reports that includes a USP identity, chances are very good you’ll be unmasked. In 30% of the reports with USP identities, last year, at least one USP identity was released in original form unmasked (as might happen, for example, if Carter Page or Mike Flynn’s identity was crucial to understanding the report). Of the remainder, though, 65% had at least one more US person identity unmasked. I believe that means that only roughly 26% of the names originally masked remained masked in the reports.

You actually cannot separate 702 from questions about how Americans’ communications get accessed without a warrant via the authority, and contrary to what Price suggests, unmasking is one of those ways (albeit the less troubling and less common).

More importantly, Price ignores what the unmasking scandal proves.  He cites both Trey Gowdy and Tom Rooney (whom he calls Tim) raising concerns about 702 because of the treatment of Title I intercepts targeting Sergey Kislyak. He specifically describes Gowdy’s comments as being “impermeable to fact.”

The political narrative, however, has thus far proven impermeable to fact. Rep. Trey Gowdy, a proponent of Section 702, last month summarized the zeitgeist of his caucus, telling Bloomberg: “A lot of my colleagues right now are very skeptical of reauthorizing this because of how little we know about unmasking.”

But what Price doesn’t tell you is that both Gowdy and Rooney (and Mike Lee, whose citation I think Price uses disingenuously) are the key overseers in Congress of FISA. As I noted in March when Gowdy and Rooney first started pursuing this hoax, these comments prove that the people purportedly closely overseeing NSA and FISA have no fucking clue how FISA works.

I mean, these two men who ostensibly provide oversight of FISA clearly didn’t understand what the biggest risk to privacy is –back door searches of US person content — which at the FBI doesn’t even require any evidence of wrong-doing. That is the biggest impediment to reauthorizing FISA.

And testimony about the intricacies of unmasking a US person identity — particularly when a discussion of traditional FISA serves as stand-in for Section 702 — does nothing more than expose that the men who supposedly oversee FISA closely have no fucking clue — and I mean really, not a single fucking clue — how it works. Devin Nunes, too, has already expressed confusion on how access to incidentally collected US person content works.

Does anyone in the House Intelligence Committee understand how FISA works? Bueller?

So it’s not just that Price misrepresents the risk to Americans (more often brown people, not top White House officials) from 702, or that he pretends unmasking is completely separate from 702, but he actually proves that the people overseeing the authority don’t understand it.

And based on that argument, Price says we should reauthorize the authority forever.