October 16, 2024 / by 

 

The Schulte CIPA Transcripts: Locking up Vault 8

Perhaps the most interesting thing about the CIPA (Classified Information Procedures Act) transcripts from the Josh Schulte case that Kel McClanahan helped me liberate is that (at least in 2022, when they did a classification review) the CIA treated the moniker “Vault 8” that WikiLeaks gave to the CIA source code releases as still-classified.

When Judge Jesse Furman restated the hypothetical he posed about whether disseminating already-released stolen classified information could itself be a crime, he described the releases to include Vault 7 and Vault 8.

I gave you two hypotheticals. I think one is where a member of the public goes on WikiLeaks today and downloads Vault 7 and Vault 8 and then provides the hard dive with the download to someone who is not authorized to receive NDI, and I posed the question of whether that person would be guilty of violating the Espionage Act and I think your answer was yes. [my emphasis]

There’s actually no unredacted reference to Vault 8 in the released transcripts.

But there are what are almost certainly redacted references to Vault 8.

Here’s how part of the discussion about hypotheticals appears in the May 2 transcript:

It appears likely that Josh Schulte was deliberately using both terms — he started doing so, and much later in the transcript he claimed, falsely, that there was a distinction in the charges against him between the development notes and the source code. The dual references, with repeated mention of Vault 7, followed immediately by a redaction describing the other of plural “disclosures,” appear to stop after page 31, perhaps in response to something one of the prosecutors said.

There’s undoubtedly good reason the government remains coy about the more damaging part of this release.

In a self-serving note sent after it became clear he was a suspect, Schulte himself made a clear distinction between the development notes and the source code, describing that, “These tools are MUCH more valuable [to a hostile country like Russia] undiscovered by the media or the nation that lost them [because] Now, you can secretly trace and discover every operation that nation is conducting.”  The source code provided American adversaries the ability to reverse engineer US spying efforts, and in the process, identify CIA assets.

I have written about how Julian Assange seemed to threaten Don Jr by raising the separately named source code in November 2017.

Schulte’s apparent failed attempt to win the right to discuss the source code releases, in addition to the development note releases, came in the midst of his attempt to get more details from what was likely the ongoing investigation into the aftermath of his leak, including (possibly) how hackers obtained the tools he had leaked. Schulte received that discovery starting in early April, and on April 29, he asked Judge Furman to give him all the details of the ongoing investigation. Throughout his second trial, Schulte seemed focused on using his defense to communicate outward (which is one reason I found Wau Holland’s decision to pay for transcripts so notable). So in the hearing where he was attempting to include Vault 8 among the things he could discuss publicly, he was focused on the ongoing investigation into how hackers had obtained or used these tools.

I have long said that, historically, the files WikiLeaks chose not to release — and, potentially, to selectively share — were far more important than the files they released. The government’s ongoing sensitivity seems to confirm that: The US government has conceded that the development notes from CIA’s hacking tools, which constitutes the bulk of what WikiLeaks released, came from the CIA, but appears not to concede that the hacking source code itself does.

Copyright © 2024 emptywheel. All rights reserved.
Originally Posted @ https://www.emptywheel.net/tag/david-denton/