Posts

The George Nader Problem: NSA Removes the Child Exploitation Content from Its Servers

When Lebanese-American dual citizen George Nader was stopped at Dulles after arriving on a flight from Dubai on January 17, 2018, he had at least 12 videos on his phone depicting boys as young as two years old being sexually abused, often with the involvement of farm animals. In the days before a Mueller prosecutor obtained the contents of the three phones Nader had with him, Nader sat for at least four interviews with Mueller’s prosecutors and told a story (which may not have been entirely forthright) about how he brokered a meeting in the Seychelles between Russia and Erik Prince a year earlier. Nader exploited Prince’s interest in work with Nader’s own employer — Mohammed bin Zayed — to set up the back channel meeting, and as such was a very effective broker in the service of two foreign countries, one hostile to the US. As such, I assume, Nader became a key counterintelligence interest, on top of whatever evidence he provided implicating Trump and his flunkies.

Mueller’s team got the returns on Nader’s phones back on March 16. An FBI Agent in EDVA in turn got a warrant for the child porn. But two days after the agent got the warrant return, Nader skipped town and remained out of the country until days after Mueller shut down his investigation, at which point he returned to the US and was promptly arrested for his abuse of children. Even without the other influence peddling that Nader had done on behalf of the Emirates, he would have remained a key counterintelligence interest for the entire 14 months he remained outside the country. After all, Nader had been making key connections since at least the time he introduced Ahmed Chalabi to Dick Cheney, and probably going back to the Clinton Administration.

So it is quite possible that for the entire period Nader was out of the country, he was surveilled. If that happened, it almost certainly would have happened with the assistance of NSA. As an agent of Dubai, he would be targetable under FISA, but as a US citizen, targeting him under FISA would require an individualized FISA warrant, and the surveillance overseas would take place under 705b.

If the surveillance did happen, Nader’s sexual abuse of boys would have had foreign intelligence value. It would be of interest, for example, to know who knew of his abuse and whether they used it as leverage over Nader. The source of the videos showing the children being exploited would be of interest. So, too, would any arrangements Nader made to procure the actual boys he abused, particularly if that involved high powered people in Middle Eastern countries.

Understanding how George Nader fit in international efforts to intervene in US affairs would involve understanding his sexual abuse of boys.

And that poses a problem for the NSA, because it means that really horrible content — such as Nader’s videos showing young boys being abused with goats for the object of an adult’s sexual pleasure — is among the things the NSA might need to collect and analyze.

I’ve been thinking about George Nader as I’ve been trying to understand one detail of the recent FISA 702 reauthorization. In January 2020, the NSA got permission to — in the name of lawful oversight — scan its holdings for child exploitation, stuff like videos of adults using goats to sexually abuse very young boys.

In a notice filed on January 22, 2020, the government informed the Court that NSA had developed a method, [redacted] of known or suspected child-exploitation material (including child pornography), to identify and remove such material from NSA systems. To test this methodology, NSA ran the [redacted] against a same of FISA-acquired information in NSA systems. The government concedes that queries conducted for such purposes do not meet generally applicable querying standard; nor do they fall within one of the lawful oversight functions enumerated in the existing NSA querying procedures. Nevertheless, NSD/ODNI opined that “the identification and removal of child exploitation material … from NSA systems that is a lawful oversight function under section IV.C.6,” and that the deviation from the querying procedures was “necessary to perform this lawful oversight function of NSA systems.” Notice of Deviation from Querying Procedures, January 22, 2020, at 3; see Oct. 19, 2020, Memorandum at 10.

NSA anticipates using such queries going forward, likely on a recurring basis, to proactively identify and remove child-exploitation material from its systems. The government submits that doing so is necessary to “prevent [NSA] personnel from unneeded exposure to highly disturbing, illegal material.” October 19, 2020, Memorandum at 10. The Court credits this suggestion and likewise finds that performance of these queries qualifies as a lawful oversight function for NSA systems. But the Court encouraged the government to memorialize this oversight activity in § IV.C.6, among the other enumerated lawful oversight functions that are recognized exceptions to the generally acceptable querying standards.

The government has done so. Section IV.C.6 now includes a new provision for “identify[ing] and remov[ing] child exploitation material, including child pornography, from NSA systems.” NSA Querying Procedures § IV.C.6.f. The Court finds that the addition of this narrow exception has no material impact on the sufficiency of the querying procedures taken as a whole.

At first, I thought they were doing this to protect the children. Indeed, my initial concern was that NSA was using these scans to expand the use of NSA queries for what wound up being law enforcement action, such that they could ask to do similar scans for the seven other crimes they’ve authorized sharing FISA data on (though of the other crimes, only snuff videos would be as easy to automate as child porn, which has a well-developed technology thanks to Facebook and Google). I thought that, once they scanned their holdings, they would alert whatever authority might be able to rescue the children involved that they had been victimized. After all, under all existing minimization procedures, the NSA can share proof of a crime with the FBI or other relevant law enforcement agency. Indeed, in 2017, FISC even authorized NSA and FBI to share such evidence of child exploitation with the National Center for Missing and Exploited Children, so they could attempt to identify the victims, help bring the perpetrators to justice, and track more instances of such abuse.

But that doesn’t appear to be what’s happening.

Indeed, as described, “saving the victims” is not the purpose of these scans. Rather, preventing NSA personnel from having to look at George Nader’s pictures showing goats sexually abusing small boys is the goal. When I asked the government about this, NSA’s Director for Civil Liberties, Privacy and Transparency, Rebecca Richards, distinguished finding child exploitation material in the course of intelligence analysis — in which case it’ll get reported as a crime — from this, which just removes the content.

NSA does not query collected foreign intelligence information to identify individuals who may be in possession of child exploitation material. This particular provision allows NSA to identify and remove known or suspected child-exploitation material (including child pornography) from NSA systems.

The Court agreed that this was appropriate lawful oversight to “prevent [NSA] personnel from unneeded exposure to highly distributing, illegal material.” The point of the query is not to surface the material for foreign intelligence analysis, the function of the query is to remove the material. If NSA finds such information in the course of its analytic process to identify and report on foreign intelligence, it will review and follow necessary crimes reporting.

The Court credits the suggestion to conduct this activity as part of NSA’s lawful oversight function. [my emphasis]

I asked NSA a bunch of other questions about this, but got no further response.

First, isn’t the NSA required to (and permitted to, under the minimization procedures) alert the FBI to all such instances they find? So wouldn’t this be no different from a law enforcement search, since if found it will lead to the FBI finding out about it?

Second, as offensive as this stuff is, isn’t it also of value from a foreign intelligence perspective? Ignoring that George Nader is a US person, if a high profile advisor to MbZ was known to exploit boys, wouldn’t that be of interest in explaining his position in MbZ’s court and his preference for living in Dubai instead of VA? Wouldn’t it be of interest in understanding the counterintelligence threat he posed?

If it is of FI interest (I seem to recall a Snowden revelation where similar discoveries were used against a extremist cleric, for example), then how is it recorded to capture the FI use before it is destroyed? And in recording it, aren’t there NSA and/or FBI personnel who would have to look more closely at it? Wouldn’t that increase the amount of child exploitation viewed (presumably with the benefit of finding more predators, even if they are outside US LE reach)?

Finally, can you tell me whether NCMEC is involved in this? Do they receive copies of the material for their databases?

Are you saying that if the NSA finds evidence of child exploitation via these searches, it does not refer the evidence to FBI, even if it implicates victims in the United States?

Another question I have given Richards’ response is, why would NSA personnel be accessing collections that happen to include child exploitation except for analytic purposes?

But maybe that’s the real answer here: NSA employees would access child exploitation 1) for analytical purposes (in which case, per Richards, it would get reported as a crime) or 2) inappropriately, perhaps after learning of its presence via accessing it for analytic purposes (something that is not inconsistent with claims Edward Snowden has made).

After all, there have been two really high profile examples of national security personnel accused of critical leaks in the last decade who also have been accused of possessing child pornography: Donald Sachtleben, who after he was busted for (amazingly) bringing child porn on his laptop into Quantico, he later became the scapegoat for a high profile leak about Yemen, and Joshua Schulte, on whose computer the government claims to have found child porn on when it searched the computer for evidence that he stole all of CIA’s hacking tools.

So perhaps the NSA is just removing evidence of child exploitation from its servers — which it spent a lot of resources to collect as foreign intelligence — to avoid tempting NSA employees from accessing it and further victimizing the children?

If that’s correct, then it seems that NSA has taken a totally backwards approach to mitigating this risk.

If you’re going to scan all of NSA’s holdings to ID child exploitation, why not do so on intake, and once found, hash and encrypt it immediately. Some of what analysts would be interested in — tracking the dissemination of known child porn or the trafficking of known victims by transnational organized crime, for example — could be done without ever viewing it, solely after those existing hashes. If there were some other need — such as identifying a previously unidentified victim — then the file in question can be decrypted as it is sent along to FBI. That would have the added benefit of ensuring that if NSA personnel were choosing to expose themselves to George Nader’s videos of young boys being abused with farm animals, then the NSA would have a record of who was doing so, so they could be fired.

I get why the NSA doesn’t want to host the world’s biggest collection of child abuse, particularly given its difficulties in securing its systems. I don’t have any answers as to why they’re using this approach to purge their systems.

On the Leak Crackdown: Donald Sachtleben Was a Convenient Scapegoat

I’m reading Charlie Savage’s Power Wars. While I disagree with some parts of it and have additional information that isn’t included in others (the book is already 700 pages, so it’s possible they were left out because of length), it is absolutely worth reading and provides a ton of insight about what Obama’s legal insiders were willing to share with Savage. Here’s a long interview with Glenn Greenwald about it.

As it happens, last year I wrote but never finalized a post on an area that is misleading in Savage’s chapter on the Obama Administration’s serial prosecution of leakers, about the prosecution of Donald Sachtleben, the retired FBI guy who, after being busted for kiddie porn, ultimately got prosecuted for being the leaker behind the AP’s UndieBomb 2.0 story. I’m tweaking it and posting it now. This post explains his bust.

Savage claims that Sachtleben never got IDed because he didn’t access any classified documents about the bomb and hadn’t signed the sign-in sheet of the room where it was being investigated — which is all stuff claimed in a Statement of Offense that is obviously designed to be misleading (though Sachtleben’s FBI badge did show him entering the examination space where the bomb was being examined; the Statement doesn’t say whether the specific room tracked badge entries). Savage states, Sachtleben “had visited the Quantico lab where the new underwear bomb was being examined on May 1, 2012, a few hours before Goldman and a colleague, Matt Apuzzo, first called government officials to say they knew the FBI had intercepted a new underwear bomb from Yemen” [that date of the call in the Statement is May 2]. That suggests (again, as the statement does) that Sachtleben was therefore the source for the things the AP told the government it knew on May 2.

As I’ve noted, Sacthleben contested this claim at his sentencing, which is actually consistent with what the text messages with him show: Goldman and Apuzzo were looking for confirmation of something they already knew.

“I was neither the sole nor the original source of information to ‘Reporter A’ about the suicide bomb,” Sachtleben said in a statement sent by his law firm. “The information I shared with Reporter A merely confirmed what he already believed to be true. Any implication that I was the direct source of a serious leak is an exaggeration.”

But in CIA Public Affairs emails obtained by FOIA by The Intercept last year, there’s further support for this. The emails reveal that by April 25, 2012 — 5 days before talking to Sachtleben — Goldman was already asking roughly the same questions about Ibrahim al-Asiri asked of Sachtleben. (PDF 548-9)

Screen Shot 2015-11-09 at 6.49.23 PM

“We’re hearing about aqap activity that has USG spun up and Ibrahim al-asiri is back on agency’s radar.” None of that’s surprising, of course, since AP sourced the initial story to numerous officials, and it’s unlikely two Pulitzer Prize winners would single source a story.

The Statement misleadingly suggests that the when Goldman and Apuzzo called the government on May 2, two and a half hours after speaking with Sachtleben (and a full week after Goldman’s email to the CIA Public Affairs office), they stated for the first time that “they believed, but had not confirmed, that the bomb was linked to AQAP’s premier bomb-maker, Ibrahim al-Asiri.” Except the government knew, but did not reveal in the Statement, that the AP reporters had already reached out via official government channels a week earlier with some of that information. Contrary to what Savage suggests, the call on May 2 was not the “first” that government officials learned the AP was working on the story, though it may have been the first time they claimed to have confirmed details about the bomb.

The emails also show the extent of AP’s efforts to provide CIA an opportunity to weigh in on the story.

After several exchanges the week before (including a “chat” between Deputy CIA Director Mike Morell and an AP editor in which the AP agreed to hold the story), CIA’s press office set up a meeting between Goldman, Apuzzo, and Morell at 9:30 on the morning they released their story, May 7. An Apuzzo email describes the purpose. “[T]his meeting is just the one the DDCIA [Morell] suggested, to offer some details to the story we agreed to hold for a few days.” (PDF 308)

This confirms a point the AP long insisted on — that they heeded an administration request for a few days before they published the story. And in response, Apuzzo’s email makes clear, Morell had offered to provide further details on the plot. That of course means that Mike Morell was himself a source for the story, probably including for the detail that CIA had just drone-killed Fahd al-Quso. Last I checked, Morell is not in prison for leaking to the AP (though of course his influence on the story would be considered official declassification and therefore cool).

Apuzzo followed up on the meeting and the story later that day. “I know that there were some strained conversations between our bosses this evening, but as far as Adam and I are concerned, I hope you found the story fair, accurate and responsible.” (PDF 308)

Of course, CIA had no reason to be pissed, given that the AP story celebrated their successful interception of a plot. Indeed, there is a very high likelihood that the CIA talked the AP reporters out of including more sensitive details — such as that the plot was really a sting run by a Saudi asset — that detail came out in other outlets, thanks in part to John Brennan and Peter King (the latter of whom was in turn blabbing about something the CIA had just briefed him), within a day. Or, something implied by the story but not stated directly, that the Administration had deployed a bunch of Air Marshals to Europe to protect against a threat that had never really been a threat and that they had already neutralized anyway. Those are the damning details of the story, but they weren’t in the AP’s version of it.

But the government came after them anyway. And, after members of Congress — including Peter King, who had served as a source for journalists!! — demanded a head, Donald Sachtleben served as a convenient one to offer up.

The story the government has told about Sachtleben — that they found he had a Secret CIA cable among his kiddie porn but didn’t pursue it any further until they exposed the sources of the entire AP newsroom — has never made sense. But as a guy who had already confessed to kiddie porn charges and had actually only served as the confirming source for some of the least sensitive information in the leak, he was convenient.

And while Savage appropriately lays into the Administration for the damage they did to journalism with their pursuit of leakers, the back story behind the scapegoating of Sachtleben suggests DOJ has been far more cynical about leaks and who gets prosecuted for them than suggested in Savage’s chapter.

Read more

Yes, Eric Holder Does Do the Intelligence Community’s Bidding in Leak Prosecutions

 

Screen Shot 2015-02-19 at 10.17.51 AM

The second-to-last witness in the government’s case against Jeffrey Sterling, FBI Special Agent Ashley Hunt, introduced a number of things she had collected over the course of her 7.5 year investigation into James Risen’s chapter on Operation Merlin. That included a few things — most notably two lines from Risen’s credit card records from 2004 — that in no conceivable way incriminated Sterling.

On November 17, 2004, Risen charged €158.00 at the Hotel Inter-Continental in Vienna, Austria on his credit card (the provider of which DOJ included in its exhibit). On November 21, 2004, Risen put another €215.30 in Inter-Continental charges on his credit card.

What Agent Hunt had proven by highlighting these two details was that James Risen traveled to Vienna as background for a book chapter set in Vienna, and even went to the hotel where Merlin had stayed. None of that did a thing to prove that Sterling leaked Merlin’s travel information — or anything else — to Risen. But the government decided to gratuitously enter into evidence that they had seized years of Risen’s credit card records, and in doing so obtained details of where Risen had traveled (and also, on what days his daughter sent something via FedEx). It wasn’t enough that we knew that already from court filings. DOJ still saw the need to introduce gratuitous notice that they had all of Risen’s credit card statements into the court record.

“We own you,” seemed to be the message to Risen from this flaunting of his credit card records.

But don’t worry, Eric Holder generously decided not to call Risen to testify against Sterling after having hounded him — in this and the warrantless wiretap investigation — for 6 years already, both Jack Goldsmith and Ben Wittes insist.

Both men seem to vastly underestimate how DOJ’s actions in the last decade impact journalism. And both men seem to misunderstand what just happened in the Jeffrey Sterling trial, where DOJ succeeded in exposing a man to 40 years in prison, based largely on metadata, without even having the key pieces of evidence at issue in the case (almost certainly because of CIA’s doing, not Sterling’s).

Uncharacteristically, Wittes’ post is less annoying that Goldsmith’s. Sure, as he did with Laura Poitras, Wittes appointed himself the arbiter of what the NYT should and shouldn’t tolerate from journalists it pays. I will remember that Wittes believes an employee’s intemperate rants on Twitter should get close scrutiny by their employers the next time Wittes makes factually flawed defenses of his torturer buddies on Twitter or complains when Chris Soghoian tweets about Keith Alexander’s operational security sloppiness when he rides on Amtrak.

But Goldsmith writes two paragraphs about leak prosecutions that — while they may bolster Goldsmith’s questionable claims about how journalism functions to rein in the Executive — entirely miss the point. I’ll take them in detail here:

Third, Holder could have called Risen to testify in the Sterling case – the law was clearly on his side, and DOJ attorneys wanted him to do it.  But Holder directed his lawyers to let Risen off the hook.  It is simply wrong to say (as Risen did) that Holder was doing the “bidding of the intelligence community” or sending “a message to dictators around the world that it is okay to crack down on the press and jail journalists.”  Quite the contrary.

The notion that the trial Holder’s DOJ just staged in Eastern District of Virginia was not about “doing the bidding of the intelligence community” makes me tear up I’m laughing so hard. A very key part of the trial was putting Bob S on the stand so he could make claims about Operation Merlin — which turned out not to be backed up by the documentary evidence or his asset’s memory — so as to be able to claim, “We have demonstrated we did this very carefully.” This was a clusterfuck of an operation, but nevertheless DOJ gave Bob S a day and a half to try to claim it wasn’t. DOJ offered CIA this favor while playing their classification games (this was, after all, EDVA, an improper venue for almost all of the charges, but a very good place to get favorable treatment for security theater) so as to avoid explaining — except when it became handy for Condi to blurt something out — why this operation went from being a clandestine information collection operation to something far more sensitive, which is probably the real reason someone other than Sterling leaked the information as the government was trumping up war against Iraq, the next country that got the Merlin treatment.

It’s EDVA, Goldsmith!!! The same place Holder went to have John Durham pretend to investigate CIA’s obstruction of justice until the statute of limitations expired! The same place Holder went to keep investigating and investigating until DOJ could deliver a head, any head, to punish Gitmo defense attorneys’ crazy notion that they might have good reason to want to learn how and who anally raped their clients in the name of rehydration such that they’re still bleeding, 12 years later.

EDVA has become, under Holder, where DOJ goes to obtain arbitrary judgments that ensure CIA and other agencies will never be held accountable for crimes, but some low-level leaker will be delivered up anytime CIA’s crimes or incompetence get exposed.

Fourth, Risen’s complaints about Holder rest in part on the fact that Holder has presided over many more leak prosecutions than any prior Attorney General.  I suspect that any Attorney General would have ramped up the leak prosecutions in light of the unprecedented cascade of deep secrets from the government in the last decade.

Here Goldsmith makes the same nonsensical claim that Steven Aftergood made for The Intercept’s profile of Stephen Kim. The investigation into James Risen’s stories has been going on for twelve years. The investigation into Risen’s reporting on Operation Merlin started over four years before Chelsea Manning even joined the Army, much less started the torrent of leaks Goldsmith claims justifies all these investigations.

And the ratio of leak prosecutions to leaks remains tiny.

This line comes right out of Holder’s defense of his leak prosecutions the other day. And it’s true. But it’s a big part of the problem. Thus far, after all, James Cartwright has not been indicted for allegedly leaking a far more sensitive counter-proliferation program targeting Iran than Sterling purportedly leaked. No one is even considering prosecuting Leon Panetta for leaking details of the Osama bin Laden raid (or classified details in his memoir). I doubt David Petraeus will be indicted either for letting his mistress have access to all his most intimate secrets.

The people who get prosecuted — Jeffrey Sterling, John Kiriakou, Donald Sachtleben, Stephen Kim — they’re not the problem behind this system of leaking and in several cases it’s very clear they’re not even the key leakers: instead, they’re the human detritus the government can dispose of so others will see just how arbitrary the secrecy system really is, by design.

But in any event, it must be true that these prosecutions have had a chilling effect on leakers (i.e. sources) and in that sense made journalists’ jobs harder.  Of course chilling criminal leaks is the whole point of the prosecutions.  They do not “wreck” the First Amendment if they are consistent with the First Amendment, which they are, especially since the prosecutions have not had any noticeable macro effect on the steady flow of secrets out of the government.

I suspect Risen would say this is not the case. I suspect a number of the other journalists targeted by DOJ would say the same. That is, the point is not about stopping leaks (though I think the Insider Threat system will make it easier to pick and choose which human detritus will be the next sacrificed to feed this arbitrary system of control), but often as not burning certain journalists or others who don’t play the game.

We own you, investigative journalist, and know what you did in Vienna back in 2004.

Note also that Risen and other journalists tend not to talk about the countervailing norms that have moved dramatically in journalists’ favor in the last decade.  (I have written about this extensively, here and here and here and here.)  Not only has the government significantly raised the bar for going after journalists’ sources, but it has also made clear what was not clear a decade ago: it will not prosecute journalists for publishing classified information in clear violation of 18 USC 798.

I think here Goldsmith misses the novel theory the government used to convict Sterling, the one Holder has deemed the model to go after others.

Under this theory, journalists will be treated as empty vehicles, and the “cause to leak” language in the Espionage Act will be blown up, so that even completely unclassified conversations may be deemed the cause of an investigative journalist with sources throughout the CIA publishing a story. And the jurisdiction, too, will be blown up, so that so long as a single hairdresser buys a book in EDVA — or maybe MD, who cares, really?!?! — then DOJ can stage their witch hunt in EDVA with all its trappings of security theater.

There are some interesting theories behind the successful prosecution of Sterling for a bunch of metadata. And Goldsmith might at least familiarize himself with where Holder’s DOJ is taking the Espionage Act, because it deserves more scrutiny before the Sterling prosecution is deemed to have done no damage to the journalistic process.

Given this change in norms and the structural factors pushing secrets out (size of bureaucracy, digitalization of secrets, and the like), it is very hard to conclude that the advantage on secrecy versus transparency has shifted to the government under Holder.

Again, the underlying problem is the asymmetry involved. The government keeps hiding more and more stuff — the top officials behind its trust-building CVE program, even! — behind a veil of secrecy. That amid increasingly absurd claims of secrecy — and increasingly persistent evidence the secrecy often serves to hide law-breaking or incompetence, as it did with the Merlin caper — more secrets get out should be no great celebration. It’s the structure of it all — the paranoia, the arbitrariness, and the incompetence behind it all — that really sours any claim to democratic governance. Goldsmith may take solace we’re getting more secrets out, but until we reverse the slide into arbitrariness it heralds, I’m not so sanguine.

During the hearing just after the defense closed in the Sterling trial, there was a fascinating discussion, largely about how DOJ planned to blow up the “cause” language in the Espionage Act to further criminalize just talking to journalists, to criminalize publishing a book and deigning to distribute it in EDVA. The conversation kept coming back to how DOJ had gone from treating Risen as a criminal weeks earlier to treating him as an innocent naif who channeled Sterling’s spying to the unwitting citizens of EDVA. Judge Leonie Brinkema at one point said, “If Risen were not protected by the newsman’s privilege, I suspect he would have been named as a co-conspirator.” “There is no newsman’s privilege,” defense attorney Edward MacMahon pointed out, laughing at the absurdity of claiming there was after the 3 year battle over just that topic. But the exchange hung there, pregnantly, because ultimately branding Risen a criminal — or, barring that, branding having even unclassified conversations with Risen as criminal — was a big part of the point of this trial.

What this prosecution did — what, I believe, it was designed to do — was two-fold. First, burn Risen, burn Risen over 12 long years of investigation during which the counterpart investigation even reportedly seized his phone records. But also, to herald a new interpretation of the Espionage Act that will criminalize even having phone calls with a journalist who has reported on completely unclassified stories involving you in the past.

Update: Year on Risen’s credit card records corrected per Rich.

Shorter the Neocons: Let Our General Go!

Neocon scribes Eli Lake and Josh Rogin published a piece asserting that the man whose COIN theories failed in 3 different war theaters is making a comeback undermined only by his extramarital affair.

By all outward appearances, David Petraeus appears to be mounting a comeback. The former general landed a job at powerhouse private-equity firm KKR, has academic perches at Harvard and the University of Southern California and, according to White House sources, was even asked by the President Barack Obama’s administration for advice on the fight against Islamic State. Yet it turns out that the extramarital affair that forced him to resign as director of the Central Intelligence Agency is still hanging over him.

Yet that’s not actually what their article describes. Instead, it explores why it is that the FBI investigation into David Petraeus for leaking information to his mistress, not fucking her, is ongoing.

Curiously, these two journalists exhibit no shred of curiosity about why the GOP Congress continues to investigate the Benghazi attack, an investigation that started exactly contemporaneously with the Petraeus leak investigation — or, for that matter, why all the investigations have avoided questions about Petraeus’ training failures in Libya.

Instead, they see in this particular 2 year counterintelligence investigation a conspiracy to silence the fine General.

[Retired General Jack] Keane questions whether the Petraeus FBI probe lasting this long may be driven by something other than a desire to investigate a potential crime. “It makes you wonder if there is another motivation to drag an investigation out this long,” he said.

[snip]

Petraeus allies both inside and outside the U.S. intelligence community and the military express a concern that goes beyond a criminal probe: that the investigation has caused Petraeus to trim his sails — that one of the most informed and experienced voices on combating terrorism and Islamic extremism is afraid to say what he really thinks, a sharp juxtaposition to Bob Gates and Leon Panetta, two former defense secretaries who have not been shy about criticizing Obama’s national security team.

[snip]

But what does seem surprising, to many who know and have worked with him, is that the views he has been expressing are so at odds with what he has said and implied in the past.

For example, when Petraeus was inside Obama’s administration in his first term, he advocated for more troops inside Afghanistan and made the case for arming Syrian moderate forces. But when asked this summer about that effort, Petraeus demurred and focused on Obama’s new $500 million initiative in 2014 to train Syrian rebels. “I strongly support what’s being done now,” he said. “Half a billion dollars is a substantial amount of resourcing to train and equip.”

Petraeus’s rhetoric on Iraq and Syria differs sharply not only from his past positions, but from that of many retired generals of his generation and of his biggest supporters.

To support their conspiracy theory, they not only cite noted leaker Pete Hoekstra, but Lake and Rogin ignore a whole load of other details, such as how long leak investigations normally take. Even the investigation into and punishment of Sandy Berger — which they cite — took 18 months from leak to guilty plea, plus another two years until he relinquished his license. The investigation into Donald Sachtleben — or rather, the UndieBomb 2.0 leak that Sachtleben was singularly held responsible for — took 15 months, even with his computer  in custody and Sachtleben on bond most of that time. John Kiriakou was charged almost 4 years after his leaks, and two after Pat Fitzgerald was appointed to find a head for the CIA. Thomas Drake was indicted over 4 years after the investigation into Stellar Wind leaks started and almost 3 years after the FBI raided the homes of those associated with Drake’s whistleblowing. Jeffrey Sterling was indicted 7 years after FBI first started looking into leaks to James Risen.

Leak investigations can take a long time. That’s not a good thing, as they leave the targets of those investigations in limbo through that entire time. Petraeus is, comparatively, doing better off than most of the others I named above. Indeed, in paragraph 7, Lake and Rogin reveal that Petraeus, in fact, has gotten preferential treatment, in that his security clearance hasn’t been stripped.

To wit: Petraeus is ostensibly being investigated for mishandling classified material and yet he retains his security clearance.

Even Hoss Cartwright had his security clearance stripped for allegedly leaking details of StuxNet to the press. Heck, based on this detail, one has just as much evidence to support a counter-conspiracy theory that Petraeus is getting lax treatment because he’s got damning information on Obama (not one I’m adopting, mind you, but it does illustrate what one can do with an absence of evidence).

If warmongers like Jack Keane want to make drawn out leak investigations a cause, they would do well to make it a principle, not a singular conspiracy theory used to explain why David Petraeus isn’t being more critical of Obama’s efforts not to escalate into another failed counterinsurgency.

Is it possible, after all, that Petraeus is silent because he realizes what a hash he has made of the Middle East?

John Kiriakou’s Prosecution Is an Important Precedent to CIA – Senate Intelligence Committee Spat

On several occasions, I have pointed to the arbitrary system our classification system constructs. It asks government employees to spy on their colleagues. It permits agencies to conduct fishing expeditions into personal information as part of the polygraph process. It permits Agencies to selectively approve propaganda under the guise of pre-publication review (most notably in the case of Jose Rodriguez and John Rizzo). By stripping sensitive unclassified jobs of their Merit Board protection, even lower level staffers who don’t receive a clearance-related income boost are now subject to this arbitrary system. And Congress even tried to use pensions as another leverage point against cleared personnel.

The arbitrary nature of this system is perhaps most clear, however, when it comes to prosecutions.

Which is a point John Kiriakou made in an op-ed yesterday. In it, he suggests Leon Panetta and James Cartwright could be sitting next to him in Loretto Prison.

The [Espionage Act] states: “Whoever, lawfully having possession of, access to, control over, or being entrusted with any … information relating to the national defense which information the possessor has reason to believe could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates … the same to any person not entitled to receive it … shall be fined under this title or imprisoned not more than 10 years, or both.”

A transcript obtained by the organization Judicial Watch shows that, at a CIA awards ceremony attended by Boal, Panetta did exactly that. The CIA seems to acknowledge that Panetta accidentally revealed the name of the special forces ground commander who led the operation to kill Osama bin Laden, not knowing that the Hollywood screenwriter was part of an audience cleared to hear him speak. But intent is not relevant to Espionage Act enforcement.

U.S. District Court Judge Leonie Brinkema ruled in my case that evidence of the accidental release of national defense information was inadmissible, and she added that the government did not have to prove that a leak of classified information actually caused any harm to the United States. In other words, the act of disclosing the kind of broad information covered by the Espionage Act is prosecutable regardless of outcome or motive.

The sensitivity of what Panetta revealed is not in question. The spokesman for the former CIA director said Panetta assumed that everyone present at the time of the speech had proper clearance for such a discussion. When the transcript of the speech was released, more than 90 lines had been redacted, implying that Panetta had disclosed a great deal more classified information than the name of an operative.

[snip]

If an intent to undermine U.S. national security or if identifiable harm to U.S. interests are indeed not relevant to Espionage Act enforcement, then the White House and the Justice Department should be in full froth. Panetta should be having his private life dug in to, sifted and seized as evidence, as happened to me and six others under the Obama administration.

[snip]

If Panetta and Cartwright aren’t accountable while Drake, Kim and I have been crucified for harming U.S. national security — all of us accused of or investigated for the same thing: disclosing classified information to parties not authorized to know it — then what does that say about justice in America or White House hypocrisy?

Kiriakou goes on to call for changes in the Espionage Act to focus on issues of intent and harm.

Kiriakou is, of course, correct that he got punished for things that Panetta and Cartwright have (so far, at least) escaped such levels of punishment for. (I’d also add the unnamed real sources for the UndieBomb 2.0 leak, who are being protected by the scapegoating of Donald Sachtleben.)

But I’d go even further. Given reports that FBI is investigating whether Senate Intelligence Committee staffers violated the law for obtaining proof the Agency they oversee was hiding evidence from it, it’s crucial to remember how Kiriakou’s prosecution came about, which I laid out in this post.

It started when CIA officers claimed that when Gitmo defense attorneys provided photos of their clients torturers to them–having independently discovered their identity–the torturers were put at risk. DOJ didn’t believe it was a security risk; CIA disagreed and went to John Brennan. And after Patrick Fitzgerald was brought in to mediate between DOJ and CIA, the prosecution of John Kiriakou resulted.

As a reminder of where this all started, it’s worth reading this March 15, 2010 Bill Gertz article which was, AFAIK, the first public report of the investigation into the John Adams Project. It describes a March 9, 2010 meeting between Fitzgerald and the CIA.

The dispute prompted a meeting Tuesday at CIA headquarters between U.S. Attorney Patrick J. Fitzgerald and senior CIA counterintelligence officials. It is the latest battle between the agency and the department over detainees and interrogations of terrorists.

[snip]

According to U.S. officials familiar with the issue, the current dispute involves Justice Department officials who support an effort led by the American Civil Liberties Union to provide legal aid to military lawyers for the Guantanamo inmates. CIA counterintelligence officials oppose the effort and say giving terrorists photographs of interrogators has exposed CIA personnel and their families to possible terrorist attacks.

[snip]

According to the officials, the dispute centered on discussions for a interagency memorandum that was to be used in briefing President Obama and senior administration officials on the photographs found in Cuba. Justice officials did not share the CIA’s security concerns about the risks posed to CIA interrogators and opposed language on the matter that was contained in the draft memorandum. The memo was being prepared for White House National Security Council aide John Brennan, who was to use it to brief the president.

The CIA insisted on keeping its language describing the case and wanted the memorandum sent forward in that form.

That meeting, of course, would have taken place the day after Fitzgerald was appointed. So immediately after Fitzgerald got put in charge of this investigation, he presumably moderated a fight between DOJ, which didn’t think detainee lawyers pursuing their clients’ torturers via independent means threatened to expose the torturers’ identity directly, and CIA, which apparently claimed to be worried.

What happened with Kiriakou’s sentencing today is many things. But it started as–and is still fundamentally a result of–an effort on the part of CIA to ensure that none of its torturers ever be held accountable for their acts, to ensure that the subjects of their torture never gain any legal foothold to hold them accountable.

Read more

Time to Investigate John Brennan and Those Air Marshals Again

Back in September I noted that the entire narrative of the guilty plea from Donald Sachtleben presented the false impression that he was the first, only, or most dangerous leaker about the UndieBomb 2.0.

But, as bmaz emphasized in his post on Donald Sachtleben’s plea agreement, there’s no hint of prosecuting Brennan, who leaked Top Secret details about the British/Saudi double agent into AQAP, even while they’re imprisoning Donald Sachtleben, who is only accused of leaking details he knew to be Secret.

[snip]

They would also have you believe the AP had no inkling of the UndieBomb plot until ABC reported inflammatory claims about cavity bombs on April 30, 2012, even in spite of ABC’s reference to TSA head John Pistole’s earlier fear-mongering about it and in spite of additional reporting about broad Air Marshall mobilization.

That was nonsensical on its face.

But it is something that Sachtleben went out of his way to make clear at his sentencing yesterday.

“I was neither the sole nor the original source of information to ‘Reporter A’ about the suicide bomb,” Sachtleben said in a statement sent by his law firm. “The information I shared with Reporter A merely confirmed what he already believed to be true. Any implication that I was the direct source of a serious leak is an exaggeration.”

Ah well. Eric Holder has his head, and DOJ doesn’t have to prosecute the CIA Director now.

The Kiddie Porn and the UndieBomb

Screen shot 2013-09-26 at 1.22.11 PMI was at a funeral Monday and Tuesday. So when I heard the FBI had busted the guy who leaked the UndieBomb 2.0 story, I assumed they had finally arrested John Brennan.

But, as bmaz emphasized in his post on Donald Sachtleben’s plea agreement, there’s no hint of prosecuting Brennan, who leaked Top Secret details about the British/Saudi double agent into AQAP, even while they’re imprisoning Donald Sachtleben, who is only accused of leaking details he knew to be Secret.

A law enforcement official indicated that the case has not been officially closed but the charges against Sachtleben are the only ones expected.

(Sure, the evidence that Sachtleben was involved with kiddie porn seems solid, but then Brennan drone-killed children, so he’s not above reproach for his treatment of children either.)

But that is by no means the weirdest thing about the government’s treatment of the UndieBomb 2.0 leak investigation.

The entire premise of the FBI narrative is that they exercised greater care with a kiddie porn accusee they had dead to rights than they did the 100 or so AP reporters who got sucked up in their overbroad dragnet. They would have you believe that, even after seizing a CD holding a November 2, 2006 SECRET CIA intelligence report at Sachtleben’s house in May 2012 pursuant to a kiddie porn warrant (which they have not produced in the docket), they just sat on his devices for almost a year until they obtained the phone records for 20 AP phone lines, in a seizure far more intrusive into journalism than any recent known subpoena.

Sachtleben was identified as a suspect in the case of this unauthorized disclosure only after toll records for phone numbers related to the reporter were obtained through a subpoena and compared to other evidence collected during the leak investigation. This allowed investigators to obtain a search warrant authorizing a more exhaustive search of Sachtleben’s cell phone, computer, and other electronic media, which were in the possession of federal investigators due to the child pornography investigation.

(I may be mistaken, but I don’t think the FBI made this claim in any court document, so I assume it is bullshit, especially since they had had to do extensive forensic searches of Sachtleben’s computer and he had already signed a plea deal forfeiting it.)

They would also have you believe the AP had no inkling of the UndieBomb plot until ABC reported inflammatory claims about cavity bombs on April 30, 2012, even in spite of ABC’s reference to TSA head John Pistole’s earlier fear-mongering about it and in spite of additional reporting about broad Air Marshall mobilization. DOJ goes to great lengths to make you believe AP first texted Sachtleben on April 30 and not, say, on April 28 (which would mean the kiddie porn investigation accelerated after such contact), though there’s no reason to believe that’s true and the AP call records DOJ obtained apparently go back to well before April 30. They also suggest AP was asking Sachtleben about an Asiri bomb, though the first text they include is an assertion — not a question — that Asiri has been busy.

They would have you believe that two Pulitzer Prize winners would defy White House and CIA wishes with a story sourced to a single source who, just a day earlier, had provided a mistaken guess about the excitement. Read more

Further Implications of UndieBomb II Leaker Guilty Plea

As you have likely heard by now, a former FBI agent has agreed to plead guilty to leaking material about the second underwear bomb attempt to reporters in May of 2012. Charlie Savage of the New York Times has the primary rundown:

A former Federal Bureau of Investigation agent has agreed to plead guilty to leaking classified information to The Associated Press about a foiled bomb plot in Yemen last year, the Justice Department announced on Monday. Federal investigators said they identified him after obtaining phone logs of Associated Press reporters.

The retired agent, a former bomb technician named Donald Sachtleben, has agreed to serve 43 months in prison, the Justice Department said. The case brings to eight the number of leak-related prosecutions brought under President Obama’s administration; under all previous presidents, there were three such cases.

“This prosecution demonstrates our deep resolve to hold accountable anyone who would violate their solemn duty to protect our nation’s secrets and to prevent future, potentially devastating leaks by those who would wantonly ignore their obligations to safeguard classified information,” said Ronald C. Machen Jr., the United States attorney for the District of Columbia, who was assigned to lead the investigation by Attorney General Eric H. Holder Jr.

In a twist, Mr. Sachtleben, 55, of Carmel, Ind., was already the subject of a separate F.B.I. investigation for distributing child pornography, and has separately agreed to plead guilty in that matter and serve 97 months. His total sentence for both sets of offenses, should the plea deal be accepted by a judge, is 140 months.

Here is the DOJ Press Release on the case.

Here is the information filed in SDIN (Southern District of Indiana). And here is the factual basis for the guilty plea on the child porn charges Sachtleben is also pleading guilty to.

So Sachtleben is the leaker, he’s going to plead guilty and this all has a nice beautiful bow on it! Yay! Except that there are several troubling issues presented by all this tidy wonderful case wrap up.

First off, the information on the leak charges refers only to “Reporter A”, “Reporter A’s news organization” and “another reporter from Reporter A’s news organization”. Now while the DOJ may be coy about the identities, it has long been clear that the “news organization” is the AP and “Reporter A” and “another reporter” are AP national security reporters Matt Apuzzo and Adam Goldman (I’d hazard a guess probably in that order) and the subject article for the leak is this AP report from May 7, 2012.

What is notable about who the reporters are, and which story is involved, is that this is the exact matter that was the subject of the infamous AP phone records subpoenas that were incredibly broad – over 20 business and personal phone lines. These subpoenas, along with those in the US v. Steven Kim case collected against James Rosen and Fox News, caused a major uproar about the sanctity of First Amendment press and government intrusion thereon.

The issue here is that Attorney General Eric Holder and the DOJ, as a result of the uproar over the Read more