On the Shoddy Journalistic Defense of “WikLeaks”

When it was first published, a letter that the NYT, Guardian, Le Monde, Der Spiegel, and El País signed, calling on the US government to drop the Espionage Act charges against Julian Assange, got the date of Assange’s arrest wrong — it was April 11, not April 12, 2019. The outlets have since corrected the error, though without crediting me for alerting them to it.

A correction was made on Nov. 29, 2022: An earlier version of this letter misstated the date of Julian Assange’s 2019 arrest. It was April 11th, not April 12th.

An email was sent by me and then a correction was made. No bill was sent for the free fact checking.

As it currently exists, even after correcting that error, the Guardian version of the letter misspells WikiLeaks: “WikLeaks.”

For Julian Assange, publisher of WikLeaks, the publication of “Cablegate” and several other related leaks had the most severe consequences. On [April 11th] 2019, Assange was arrested in London on a US arrest warrant, and has now been held for three and a half years in a high-security British prison usually used for terrorists and members of organised crime groups. He faces extradition to the US and a sentence of up to 175 years in an American maximum-security prison. [my emphasis]

The slovenly standards with which five major newspapers released this letter suggest the other inaccuracies in the letter may be the result of sloppiness or — in some cases — outright ignorance about the case on which they claim to comment.

Take the claim Assange could serve his sentence in “an American maximum-security prison.” The assurances on which British judges relied before approving the extradition included a commitment that the US would agree to transfer Assange to serve any sentence, were he convicted, in Australia.

Ground 5: The USA has now provided the United Kingdom with a package of assurances which are responsive to the judge’s specific findings in this case. In particular, the US has provided assurances that Mr Assange will not be subject to SAMs or imprisoned at ADX (unless he were to do something subsequent to the offering of these assurances that meets the tests for the imposition of SAMs or designation to ADX). The USA has also provided an assurance that they will consent to Mr Assange being transferred to Australia to serve any custodial sentence imposed on him if he is convicted.

While the assurances that Assange wouldn’t be subject to Special Administrative Measures (basically contact limits that amount to isolation) aren’t worth the paper they were written on — partly because Assange did so much at the Ecuadorian Embassy that, if done in a US jail, would get him subject to SAMs, and partly because the process of designation under SAMs is so arbitrary — reneging on the agreement to transfer Assange to Australia would create a significant diplomatic row. A sentence in an American maximum-security prison is explicitly excluded from the terms of the extradition before Attorney General Garland, unless Assange ultimately chose to stay in the US over Australia (or Australia refused to take him).

The claim that he could be sentenced to 175 years, when the reality is that sentencing guidelines and concurrent sentences would almost certainly result in a fraction of that, is misleading, albeit absolutely within the norm for shoddy journalism about the US legal system. It’s also needlessly misleading, since any sentence he would face would be plenty draconian by European standards. Repeating a favorite Assange line, one that is legally true but practically misleading, does little to recommend the letter.

In the next paragraph, these five media outlets seem to suggest that the Computer Fraud and Abuse Act conspiracy alleged in “the indictment” is limited to Assange’s effort to crack a password.

This group of editors and publishers, all of whom had worked with Assange, felt the need to publicly criticise his conduct in 2011 when unredacted copies of the cables were released, and some of us are concerned about the allegations in the indictment that he attempted to aid in computer intrusion of a classified database. But we come together now to express our grave concerns about the continued prosecution of Julian Assange for obtaining and publishing classified materials.

It is — in the 2017 to 2019 charging documents. But not the one on which Assange is being extradited.

The hacking conspiracy, as currently charged, is a 5-year conspiracy that alleges far more than — and starts before — the password cracking seemingly described in the paragraph. It includes Assange’s use of Siggi’s credentials to access a police database to monitor any investigation into himself, a request to hack a former WikiLeaks associate, the recruitment of Anonymous hackers to target US-based companies (arguably also an attempt to aid in the computer intrusion of classified databases, albeit not US government ones), and the exploitation of WikiLeaks’ role in helping Edward Snowden flee to recruit more hacks including, explicitly, a sysadmin hack of the CIA’s classified databases like the one for which Joshua Schulte has now been convicted. (The existing indictment ends at 2015, before the start of Schulte’s actions, though I would be unsurprised to see a superseding indictment incorporating that hack, leak, and exposure of sensitive identities.)

Are these media outlets upset that DOJ has charged Assange for a conspiracy in which at least six others have been prosecuted, including in the UK? Are they saying that’s what their own journalists do, recruit teenaged fraudsters who in turn recruit hackers for them? Or are these outlets simply unaware of the 2020 indictment, as many Assange boosters are?

Whichever it is, it exhibits little awareness of the import that Judge Vanessa Baraitser accorded the hacking conspiracy to distinguish Assange’s actions from actual journalism.

At the same time as these communications, it is alleged, he was encouraging others to hack into computers to obtain information. This activity does not form part of the “Manning” allegations but it took place at exactly the same time and supports the case that Mr. Assange was engaged in a wider scheme, to work with computer hackers and whistle blowers to obtain information for Wikileaks. Ms. Manning was aware of his work with these hacking groups as Mr. Assange messaged her several times about it. For example, it is alleged that, on 5 March 2010 Mr. Assange told Ms. Manning that he had received stolen banking documents from a source (Teenager); on 10 March 2010, Mr. Assange told Ms. Manning that he had given an “intel source” a “list of things we wanted and the source had provided four months of recordings of all phones in the Parliament of the government of NATO country-1; and, on 17 March 2010, Mr. Assange told Ms. Manning that he used the unauthorised access given to him by a source, to access a government website of NATO country-1 used to track police vehicles. His agreement with Ms. Manning, to decipher the alphanumeric code she gave him, took place on 8 March 2010, in the midst of his efforts to obtain, and to recruit others to obtain, information through computer hacking


In relation to Ms. Manning, it is alleged that Mr. Assange was engaged in these same activities. During their contact over many months, he encouraged her to obtain information when she had told him she had no more to give him, he identified for her particular information he would like to have from the government database for her to provide to him, and, in the most obvious example of his using his computer hacking skills to further his objective, he tried to decipher an alphanumeric code she sent to him. If the allegations are proved, then his agreement with Ms. Manning and his agreements with these groups of computer hackers took him outside any role of investigative journalism. He was acting to further the overall objective of WikiLeaks to obtain protected information, by hacking if necessary. Notwithstanding the vital role played by the press in a democratic society, journalists have the same duty as everyone else to obey the ordinary criminal law. In this case Mr. Assange’s alleged acts were unlawful and he does not become immune from criminal liability merely because he claims he was acting as a journalist.

Whether editors and publishers at the five media outlets know that Assange was superseded in 2020 or not or just used vague language that could be read, given the actual allegations in the indictment, to suggest that some of them think Assange shouldn’t be prosecuted for conspiring to hack private companies, the language they included about the CFAA charge has led other outlets, picking up on this misleading language (along with the original error about the arrest date), to write at length about an indictment, with a more limited CFAA charge, that is not before Attorney General Merrick Garland. So maybe the NYT, Guardian, Le Monde, Der Spiegel, and El País know about the true extent of the CFAA charge, but by their vagueness, these five leading newspapers have contributed to overtly false claims by others about it.

Finally, the letter repeats WikiLeaks’ narrative about the changing DOJ views on Assange, presenting it as a binary between the “Obama-Biden” and Donald Trump Administrations.

The Obama-Biden administration, in office during the WikiLeaks publication in 2010, refrained from indicting Assange, explaining that they would have had to indict journalists from major news outlets too. Their position placed a premium on press freedom, despite its uncomfortable consequences. Under Donald Trump however, the position changed. The DoJ relied on an old law, the Espionage Act of 1917 (designed to prosecute potential spies during world war one), which has never been used to prosecute a publisher or broadcaster.

This is a story WikiLeaks likes to tell even while incessantly publicizing a a story that debunks it. It is based on a public quote — made in November 2013 by former DOJ spox, Matt Miller, who left DOJ in 2011, about why DOJ wouldn’t charge Assange. But a Yahoo story last year included former Counterintelligence head Bill Evanina’s description of how the US approach to WikiLeaks began to change in 2013, after Miller left DOJ but still during the Obama Administration, based on WikiLeaks’ role in helping Snowden flee.

That began to change in 2013, when Edward Snowden, a National Security Agency contractor, fled to Hong Kong with a massive trove of classified materials, some of which revealed that the U.S. government was illegally spying on Americans. WikiLeaks helped arrange Snowden’s escape to Russia from Hong Kong. A WikiLeaks editor also accompanied Snowden to Russia, staying with him during his 39-day enforced stay at a Moscow airport and living with him for three months after Russia granted Snowden asylum.

In the wake of the Snowden revelations, the Obama administration allowed the intelligence community to prioritize collection on WikiLeaks, according to Evanina, now the CEO of the Evanina Group.

Years earlier, CNN reported the same thing: that the US understanding of WikiLeaks began to change based on its role in helping Snowden to flee.

It should be unsurprising that the government’s approach to WikiLeaks changed after the outlet helped a former intelligence officer travel safely out of Hong Kong, because at least one media outlet made similar judgments about how that distinguishes WikiLeaks from journalism. Bart Gellman’s book described how lawyers for WaPo believed the journalists should not publish Snowden’s key to help him authenticate himself with foreign governments — basically, something else that would have helped him flee. Once Gellman understood what Snowden wanted, he realized it would make WaPo, “a knowing instrument of his flight from American law.” By his description, the lawyers implied Gellman and Laura Poitras might risk aid and abetting charges unless they refused a “direct attempt to enlist [them] in assisting him with his plans to approach foreign governments.” Like the US government, the WaPo judged in 2013 that helping Snowden obtain protection from other, potentially hostile, governments would legally go beyond journalism.

This is one reason clearly conveying the scope of the CFAA allegations is central to any credible commentary on the Assange case: because Assange’s exploitation of the Snowden assistance is an overt act charged in it. But five media outlets skip both the import of that act and its inclusion in the charges against Assange in a bid to influence the Biden Administration.

This WikiLeaks narrative also obscures one more step in the evolution of the understanding of Assange during the Obama administration, one that is more problematic for this letter, given that it would hope to persuade Attorney General Merrick Garland. Per the Yahoo article that WikiLeaks never tires of publicizing, the US government’s understanding of WikiLeaks changed still more when the outlet partnered with Russian intelligence on its 2016 hack-and-leak campaign.

Assange’s communication with the suspected operatives settled the matter for some U.S. officials. The events of 2016 “really crystallized” U.S. intelligence officials’ belief that the WikiLeaks founder “was acting in collusion with people who were using him to hurt the interests of the United States,” said [National Intelligence General Counsel Bob] Litt.

That’s important because, while the parts pertaining to WikiLeaks are almost entirely redacted, the SSCI Report on responses to the 2016 hack-and-leak makes it clear how central a role then-Homeland Security Advisor and current Deputy Attorney General Lisa Monaco played in the process. You’re writing a letter about which Garland would undoubtedly consult with Monaco. She knows that the gradual reassessment of WikiLeaks was no lightswitch that flipped with the inauguration of Donald Trump. Treating it as one provides one more basis on which DOJ could dismiss this letter. What changed wasn’t the administration: it was a series of WikiLeaks actions that increasingly overcame the “New York Times problem,” leading to expanded collection on Assange himself, leading to a different understanding of his actions.

Here’s why I find the sloppiness of this letter so frustrating.

I absolutely agree that, as charged, the Espionage Act charges against Assange are a dangerous precedent. That’s an argument that should be made soberly and credibly, particularly if made by leaders of the journalistic establishment.

I agree with the letter’s point that, “Obtaining and disclosing sensitive information when necessary in the public interest is a core part of the daily work of journalists,” (though these same publishers decided that disclosing the names of US and coalition sources was not in the public interest, and Assange’s privacy breach in doing so was the other basis by which Baraitser distinguished what Assange does from journalism).

But so is fact-checking. So is speaking accurately and with nuance.

If you’re going to write a letter that will be persuasive to the Attorney General, it would be useful to address the indictment and extradition request as it actually exists, not as it existed in 2019 or 2020 or 2021.

And if you’re going to speak with the moral authority of five leading newspapers defending the institution of journalism, you would do well to model the principles of journalism you claim to be defending.

As noted, these outlets corrected the date error after I inquired about the process by which this letter was drafted. I have gotten no on-the-record comments about the drafting of this letter in response.

Priti Patel Approves Julian Assange’s Extradition

As expected, this morning UK Home Secretary approved the extradition warrant for Julian Assange. In a statement, the Home Office described that Assange’s extradition didn’t raise any of the issues that she is asked to consider, like abuse of process or human rights.

“The UK courts have not found that it would be oppressive, unjust or an abuse of process to extradite Mr Assange. Nor have they found that extradition would be incompatible with his human rights, including his right to a fair trial and to freedom of expression, and that whilst in the US he will be treated appropriately, including in relation to his health.”

Unsurprisingly, a number of entities purporting to defend the values of transparency embraced by the press, starting with Edward Snowden, have issued statements condemning the step without disclosing their own exposure in Assange’s indictment. As they’ve done throughout this process, many of Assange’s boosters are destroying the principles of journalism in order to save him.

That’s a damned shame, because extradition on this indictment does pose a threat to journalism. The charges for publishing information, particularly those for publishing the names of US and Coalition informants, does pose a dangerous precedent.

Vanessa Baraitser’s initial ruling finding this did not pose a threat to freedom of expression clearly distinguished Assange from what journalists do, partly by noting that soliciting hacks has always been tied to Assange’s publication, and partly by noting EU privacy protections would prohibit indiscriminate publication of names as Assange is accused of doing. But the latter distinction doesn’t exist in US law. There are no such protections for privacy in the US.

For that reason, I’m more interested in what happens now that the UK has reached a final decision. After all, Joshua Schulte just caused to make available heavily redacted documents that almost certainly describe an ongoing investigation pertaining to WikiLeaks. In August, DOJ seemed to advocate delaying Schulte’s trial (which started Monday), in anticipation of something like this.

Assange will avail himself of every possible appeal, so he won’t be extradited for months or years anyway.

But because the final UK approval may trigger other actions, this may mark just a beginning in other ways.

Charlie Savage Plays with His Magic Time Machine To Avoid Doing Journalism

Charlie Savage just did something astonishing in the name of press freedom. He said that the truth doesn’t matter now, in 2021, because he reported a different truth eleven years ago.

He took issue with my headline to this piece, noting that he was obfuscating the facts about the Julian Assange prosecution so as to shoehorn it into a story about actual journalists.

Charlie made several obfuscations or clear errors in that piece:

  • He didn’t explain (as he hasn’t, to misleading effect, in past stories on Assange) the nature of the 2nd superseding indictment and the way it added to the most problematic first superseding one
  • He said the 2019 superseding indictment (again, he was silent about the 2020 superseding indictment) raised the “specter of prosecuting reporters;” this line is how Charlie shoehorned Assange into a story about actual journalists
  • He claimed that the decision to charge Assange for “his journalistic-style acts” arose from the change in Administrations, Obama to Trump (and specifically to Bill Barr), not the evidence DOJ had obtained about Assange’s actions over time

Charlie presented all this as actual journalism about the Assange prosecution, but along the way, he made claims that were either inflammatory and inexact — a veritable specter haunting journalism — or, worse, what I believe to be false statements, false statements that parrot the propaganda that Wikileaks is spreading to obscure the facts.

The “specter” comment, I take to be a figure of speech, melodramatic and cynical, but mostly rhetorical.

The silence about the 2020 superseding indictment is a habit I have called Charlie on before, but one that is an error of omission, rather than of fact.

It’s this passage that I objected to at length:

But the specter of prosecuting reporters returned in 2019, when the department under Attorney General William P. Barr expanded a hacking conspiracy indictment of Julian Assange, the WikiLeaks founder, to treat his journalistic-style acts of soliciting and publishing classified information as crimes.

Obama-era officials had weighed charging Mr. Assange for publishing leaked military and diplomatic files, but worried about establishing a precedent that could damage mainstream news outlets that sometimes publish government secrets, like The Times. The Trump administration, however, was undeterred by that prospect.

As presented, this passage made several claims:

  1. “Obama-era officials” had considered charging Assange for publishing activities, but “Obama-era officials” did not do so because it might damage “mainstream news outlets” like the NYT
  2. The reason that the Trump administration was willing to charge Assange for publishing was because they were “undeterred” from the prospect of doing damage to the NYT
  3. DOJ under Billy Barr expanded a hacking conspiracy “to treat his journalistic-style acts of soliciting and publishing classified information as crimes”

I believe the last claim is largely factual but misleading, as if the operative issue were Barr’s involvement or as if Barr deliberately treated Assange’s “journalistic-style acts” — as distinct from that of actual journalists — as a crime. There may be evidence that Barr specifically had it in for WikiLeaks or that Barr (as distinct from Trump’s other Attorneys General) treated Assange as he did out of the same contempt with which he treated actual journalists. There may be evidence that Barr — whose tenure as AG exhibited great respect for some of the journalists he had known since his first term as AG — was trying to burn down journalism, as an institution. But Charlie provides no evidence of that, nor has anyone else I know. (Indeed, Charlie’s larger argument presents evidence that Barr’s attacks on journalism, including subpoenas that may or may not have been obtained under Barr in defiance of guidelines adopted under Eric Holder, may only differ from Obama’s in their political tilt.)

Of course, one of the worst things that the Trump Administration did to a journalist, obtaining years of Ali Watkins’ email records, happened under Jeff Sessions, not Barr.

The first and second claims together set up a clear contrast. Obama-era officials — and by context, this means the entirety of the Obama Administration — did not prosecute Assange for publication because of what became known — based off a description that DOJ’s spox Matthew Miller gave publicly in 2013 — as the NYT problem, the risk that prosecuting WikiLeaks would endanger NYT. But the Trump Administration was willing to charge Assange for publication because they didn’t think the risk that such charges posed to the NYT were all that grave or damaging or important.

There’s no way to understand these two points except as a contrast of Administrations, to suggest that Obama’s Administration — which was epically shitty on leak investigations — wouldn’t do what the Trump Administration did do. It further involves treating the Department of Justice as an organization entirely subject to the whims of a President and an Attorney General, rather than as the enormous bureaucracy full of career professionals who guard their independence jealously, who even did so, with varying degrees of success, in the face of Barr’s unprecedented politicization of the department.

It’s certainly possible that’s true. It’s possible that Evan Perez and three other CNN journalists who reported in 2017 that what actually changed pertained to Snowden simply made that report up out of thin air. It’s certainly possible that under a President who attempted to shut down the Russian hacking investigation to protect Assange even after his CIA Director declared war on Assange, who almost blew up the investigation into Joshua Schulte, who entertained pardoning Assange in 2016, in 2017, in 2018, and in 2020, at the same time viewed the Assange prosecution as a unique opportunity to set up future prosecutions of journalists. It’s certainly possible that Billy Barr, who sabotaged the Mike Flynn and Roger Stone prosecutions to serve Trump’s interests, went rogue on the Assange case.

But given the abundant evidence that this prosecution happened in spite of Trump’s feelings about WikiLeaks rather than because of them, you would need to do actual reporting to make that claim.

And, as noted, I asked Charlie whether he had done the reporting to sustain that claim before I wrote the post…

… just as I — months earlier — asked Charlie why he was falsely claiming Assange was charged in 2018 rather than within a day of a Russian exfiltration attempt in 2017, something that probably has far more to do with why DOJ charged Assange when and how they did than who was Attorney General at the time.

After his bullshit attempt to explain that date error away, Charlie removed the date, though without notice of correction, must less credit to me for having to fact check the NYT.

Anyway, Charlie apparently didn’t read the post when I first wrote it, but instead only read it yesterday when I excused Icelandic journalists for making the same error — attributing the decision to prosecute Assange to Billy Barr’s animus rather than newly discovered evidence — that Charlie had earlier made. And Charlie went off on a typically thin-skinned tirade. He accused me (the person who keeps having to correct his errors) of being confused. He claimed that the thrust of my piece — that he was misrepresenting the facts about Assange — was “false.” He claimed the charges against and extradition of Assange was a precedent not already set by Minh Quang Pham’s extradition and prosecution. He accused me of not grasping that this was a First Amendment argument and not the journalism argument he had shoehorned it into. He suggested my insistence on accurate reporting about the CFAA overt acts against Assange (including the significance of Edward Snowden to them) was a “hobbyhorse,” and that I only insisted on accurate reporting on the topic in an effort to, “us[e] something [Charlie] said as a peg to artificially sex it up (dumb NYT!) even though it doesn’t actually fit.” He then made a comment that still treats the prosecution of Assange as binary — the original indictment on a single CFAA charge or the first superseding indictment that added the dangerous Espionage Act charges — rather than tertiary, the second superseding indictment that, at least per Vanessa Baraitser, clearly distinguished what Assange did from what journalists do.

That’s when things went absolutely haywire. Pulitzer prize winning journalist Charlie Savage said that his repeated claim that the charges against Assange arose from a change in Administration rather than a changed understanding of Assange did not rely on what Miller said, because he had “been writing since 2010 about deliberations inside DOJ re wanting to charge Assange/WL,” linking to this story.


That is, Charlie presented as a defense to my complaint that he was misrepresenting what happened in 2016 and 2017 by pointing to reporting he did in 2010, which — I pointed out — is actually before 2013 and so useless in offering a better reason to cling to that 2013 detail rather than rely on more recent reporting. Because DOJ did not have the same understanding of WikiLeaks in 2010 as they got after Julian Assange played a key role in a Russian intelligence operation against the United States, obtained files from a CIA SysAdmin after explicitly calling on CIA SysAdmins to steal such things (in a speech invoking Snowden), attempted to extort the US with those CIA files, and then implicitly threatened the President’s son with them, Charlie Savage says, it’s okay to misrepresent what happened in 2016 and 2017. Charlie’s reporting in 2010 excuses his refusal to do reporting in 2021.

Given his snotty condescension, it seems clear that Charlie hasn’t considered that, better than most journalists in the United States, I understand the grave risks of what DOJ did with Assange. I’ve thought about it in a visceral way that a recipient of official leaks backed by an entire legal department probably can’t even fathom. But that hasn’t stopped me from trying to understand — and write accurately about — what DOJ claims to be doing with Assange. Indeed, as someone whose career has intersected with WikiLeaks far more closely than Charlie’s has and as someone who knows what people very close to Assange claim to believe, I feel I have an obligation to try to unpack what really happened and what the real legal implications of it are, not least because that’s the only way to assess where DOJ is telling the truth and whether they’re simply making shit up to take out Assange. DOJ is acting ruthlessly. But at the same time, at least one person very close to Assange told me explicitly she wanted me to misrepresent the truth in his defense, and WikiLeaks has been telling outrageous lies in Assange’s defense with little pushback by people like Charlie because, I guess, he thinks he’s defending journalism.

As I understand it, the entire point of journalism is to try to write the truth, rather than obfuscate it in an attempt to protect an institution called journalism. It does no good to the institution — either its integrity or the ability to demonstrate the risks of the Assange prosecution — to blame it all on Billy Barr rather than explore how and why DOJ’s institutional approach to Assange has changed over time.

WikiLeaks and Edward Snowden Champion Sociopathic Liars and Sloppy Thinking

WikiLeaks boosters have embraced a really bizarre new entry in the propaganda case to support Julian Assange this weekend: An article by two Icelandic journalists that purports to prove that, “The veracity of the information contained [in the June 2020 superseding indictment against Julian Assange] is now directly contradicted by the main witness, whose testimony it is based on.” This is an article about Sigurdur Ingi Thordarson, AKA Siggi, the sociopath that Assange chose to hang out with for a period in 2010 to 2011, who does have a role but by no means the “main” role in the case against Assange. The journalists who wrote the article present as credible Siggi’s claim, from someone that everyone agrees is a pathological liar, that he’s telling the truth now, rather than when he testified to US authorities in 2019.

The journalists who wrote the article and all the WikiLeaks boosters who have embraced it are arguing that the article somehow proves that an avowed liar is telling the truth now about lying in the past. Even as WikiLeaks boosters are pointing to the Icelandic legal judgment that Siggi is a sociopath, they are once again welcoming him into the WikiLeaks fold because the avowed liar claims to have lied.

This is what Assange’s boosters are now staking his defense on: convincing you to accept the words of liars as truth.

Except, Siggi retracts nothing substantive that is alleged in the indictment, so this drama is instead a demand that you accept the word of a liar rather than read the documents to show that the liar’s claims are irrelevant to the charges against Assange.

The article proves it doesn’t understand US law

Before I get into how little of what the article presents even relates to the indictment, let me show how badly the authors misunderstand (or misrepresent) US law. The last eight paragraphs of the article insinuate that, because US prosecutors gave Siggi immunity for testimony in 2019, he exploited that immunity to commit new crimes in Iceland. The suggestion starts by claiming that the outdated NYT Problem remained true in 2017 and parroting the WikiLeaks claim that therefore what must have changed was the appointment of Bill Barr (who was confirmed after the initial complaint and first indictment had already been obtained).

Although the Department of Justice had spent extreme resources attempting to build a case against Julian Assange during the Obama presidency, they had decided against indicting Assange. The main concern was what was called “The New York Times Problem”, namely that there was such a difficulty in distinguishing between WikiLeaks publications and NYT publications of the same material that going after one party would pose grave First Amendment concerns.

President Donald Trump’s appointed Attorney general William Barr did not share these concerns, and neither did his Trump-appointed deputy Kellen S. Dwyer. Barr, who faced severe criticism for politicizing the DoJ on behalf of the president, got the ball rolling on the Assange case once again. Their argument was that if they could prove he was a criminal rather than a journalist the charges would stick, and that was where Thordarson’s testimony would be key.

I don’t fault journalists in Iceland from repeating this bit of propaganda. After all, even Pulitzer prize winning NYT journalists do. But the NYT problem was overcome when WikiLeaks did something in 2013 — help Edward Snowden get asylum in Russia — that the journalists involved at the time said was not journalism. What’s novel about this take, however, is the claim that career prosecutor Kellen Dwyer was “Trump-appointed.” Dwyer has been an EDVA prosecutor through four Administrations, since the George W Bush administration.

I assume that the reason why it’s important for this tale to claim that Dwyer was appointed by Barr is to claim the immunity agreement under which Siggi — and several other known witnesses to this prosecution — testified did something it didn’t.

In May 2019 Thordarson was offered an immunity deal, signed by Dwyer, that granted him immunity from prosecution based on any information on wrong doing they had on him. The deal, seen in writing by Stundin, also guarantees that the DoJ would not share any such information to other prosecutorial or law enforcement agencies. That would include Icelandic ones, meaning that the Americans will not share information on crimes he might have committed threatening Icelandic security interests – and the Americans apparently had plenty of those but had over the years failed to share them with their Icelandic counterparts.

All the agreement does is immunize the witness against prosecution for the crimes they admit during interviews with prosecutors they were part of, so as to avoid any Fifth Amendment problem with self-incrimination. This is not about hiding Siggi’s role in WikiLeaks; it has been public for a decade. Moreover the article even described the US sharing just the kind of security threat information this paragraph claims they did not.

Jónasson recalls that when the FBI first contacted Icelandic authorities on June 20th 2011 it was to warn Iceland of an imminent and grave threat of intrusion against government computers. A few days later FBI agents flew to Iceland and offered formally to assist in thwarting this grave danger. The offer was accepted and on July 4th a formal rogatory letter was sent to Iceland to seal the mutual assistance.

All that immunity did was provide DOJ a way to ask Siggi about his role at the time. It didn’t immunize future crime in Iceland, nor did it give him any incentive to claim Assange asked him to hack things he hadn’t.

That’s the extent to which these journalists are spinning wildly: getting the facts about the prosecutors and the law wrong in a piece claiming to assess how Siggi recanting what they assume he told prosecutors in 2019 would affect the indictment.

Siggi’s purportedly retracted claims in several cases don’t conflict with the indictment

And, even beyond claiming Siggi is the “main witness” against Assange, they seem to misunderstand the indictment, in which Siggi’s actions play a role in a limited set of overt acts in a Computer Fraud and Abuse Act charge. Because there are so many ways that Assange allegedly engaged in a long-ranging effort to encourage hackers, jurors could find Assange guilty even if none of the Siggi events were deemed credible, and he is central (though his testimony may not be) to just a portion of the overt acts in the CFAA charge.

In fact, this piece never once cites the indictment directly.

Instead, they cite Judge Vanessa Baraitser’s ruling on Assange’s extradition. They cite fragments though, not the single paragraph about Siggi’s role in the CFAA charge that is relevant (indeed, was key) to her decision:

100. At the same time as these communications, it is alleged, he was encouraging others to hack into computers to obtain information. This activity does not form part of the “Manning” allegations but it took place at exactly the same time and supports the case that Mr. Assange was engaged in a wider scheme, to work with computer hackers and whistle blowers to obtain information for Wikileaks. Ms. Manning was aware of his work with these hacking groups as Mr. Assange messaged her several times about it. For example, it is alleged that, on 5 March 2010 Mr. Assange told Ms. Manning that he had received stolen banking documents from a source (Teenager); on 10 March 2010, Mr. Assange told Ms. Manning that he had given an “intel source” a “list of things we wanted” and the source had provided four months of recordings of all phones in the Parliament of the government of NATO country-1; and, on 17 March 2010, Mr. Assange told Ms. Manning that he used the unauthorised access given to him by a source, to access a government website of NATO country-1 used to track police vehicles. His agreement with Ms. Manning, to decipher the alphanumeric code she gave him, took place on 8 March 2010, in the midst of his efforts to obtain, and to recruit others to obtain, information through computer hacking. [italics and bold mine]

Baraitser includes the overt acts involving Siggi — that Siggi gave Assange “stolen banking documents,” may have been his source for “a list of things he wanted” including recordings from Parliament, and provided Assange access to an Icelandic police website — not for Siggi’s role in the action, but for Assange’s representations to Chelsea Manning about them. “Mr. Assange told Ms. Manning … Mr. Assange told Ms. Manning … Mr. Assange told Ms. Manning” certain things about Siggi, and what mattered most is that Assange made the claims, not whether what Assange claimed to Manning was true or not, because it was part of getting her to leak more documents.

The two times Stundin does cite Baraitser’s judgment, they cite it misleadingly, particularly with regards any claims made about the indictment. The sole citation to the critical paragraph of Baraitser’s ruling I cited above appears this way:

More deceptive language emerges in the aforementioned judgment where it states: “…he [Assange] used the unauthorized access given to him by a source, to access a government website of NATO country-1 used to track police vehicles.”

This depiction leaves out an important element, one that Thordarson clarifies in his interview with Stundin. The login information was in fact his own and not obtained through any nefarious means. In fact, he now admits he had been given this access as a matter of routine due to his work as a first responder while volunteering for a search and rescue team. He also says Assange never asked for any such access.

As noted above in bold, in the critical paragraph pertaining to Siggi of the ruling, this topic matters solely for how it related to Assange’s interactions with Manning. And where she introduces the allegation earlier in her ruling, Baraitser makes no claim that Siggi’s access was unauthorized, only that Assange’s was.

It is alleged that Mr. Assange kept Ms. Manning informed about these hacking activities: on 5 March 2010, he told her that he had received stolen bank documents from a source (Teenager); on 10 March 2010, he told her that, in response to a “list of things we wanted”, a source had provided him with four months of recordings from phones located within the Parliament of a “NATO country 1”; on 17 March 2010, he told her that he had used the access, given to him by a source, to obtain unauthorised access a government website used to track police vehicles, in “NATO country 1”. [italics and bold mine]

No one is claiming that Siggi obtained the access via nefarious means. Rather, Baraitser claims only that Assange’s — who was not an Icelandic first responder — was unauthorized, to which Siggi’s purported retraction is irrelevant.

And the indictment provides further context — context that addresses another of Stundin’s claims.

41. In early 2010, a source provided ASSANGE with credentials to gain unauthorized access into a website that was used by the government of NATO Country-1 to track the location of police and first responder vehicles, and agreed that ASSANGE should use those credentials to gain unauthorized access to the website.

42. On March 17, 2010, ASSANGE told MANNING that ASSANGE used the unauthorized access to the website of the government of NATO Country-1 for tracking police vehicles (provided to ASSANGE by a source) to determine that NATO Country-1 police were monitoring ASSANGE.

43. On March 29, 2010, WikiLeaks posted to its website classified State Department materials regarding officials in the government of NATO Country-1, which Manning had downloaded on February 14, 2010.

Again, what is key here is that the credentials were unauthorized for Assange (which they were), that Assange went on to tell Manning about it, and that those things happened when Manning was leaking documents pertaining to Iceland as well. Nothing in Siggi’s supposed recantation is even relevant to that.

Similarly, Stundin complains that Baraitser referred to a file from an Icelandic bank as “stolen,” when Siggi says that he understood the file to have been leaked by whistleblowers, not stolen.

One is a reference to Icelandic bank documents. The Magistrate court judgement reads: “It is alleged that Mr. Assange and Teenager failed a joint attempt to decrypt a file stolen from a “NATO country 1” bank”.

Thordarson admits to Stundin that this actually refers to a well publicised event in which an encrypted file was leaked from an Icelandic bank and assumed to contain information about defaulted loans provided by the Icelandic Landsbanki. The bank went under in the fall of 2008, along with almost all other financial institutions in Iceland, and plunged the country into a severe economic crisis. The file was at this time, in summer of 2010, shared by many online who attempted to decrypt it for the public interest purpose of revealing what precipitated the financial crisis. Nothing supports the claim that this file was even “stolen” per se, as it was assumed to have been distributed by whistleblowers from inside the failed bank.

As noted above, in the key paragraph in Baraitser’s judgment, she described that, “Mr. Assange was engaged in a wider scheme, to work with computer hackers and whistle blowers to obtain information for Wikileaks.” The inclusion of whistleblowers here makes it clear that she understood some of this to be leaked rather than hacked.

Moreover, in the indictment, the claim is about how Siggi’s actions tie to requests Assange made of Manning and (presumably) David House (both of whom were also given immunity to testify, though Manning refused to do so), both of whom took steps to access Icelandic files.

35. In early 2010, around the same time that ASSANGE was working with Manning to obtain classified information, ASSANGE met a 17-year old in NATO Country-1 (“Teenager”), who provided ASSANGE with data stolen from a bank.


39. On March 5, 2010, ASSANGE told MANNING about having received stolen banking documents from a source who, in fact, was Teenager.


44. On July 21, 2010, after ASSANGE and Teenager failed in their joint attempt to decrypt a file stolen from a NATO Country-1 bank, Teenager asked a U.S. person to try to do so. In 2011 and 2012, that individual, who had been an acquaintance of Manning since early 2010, became a paid employee of WikiLeaks, and reported to ASSANGE and Teenager.

The indictment doesn’t source the claim that the file was stolen to Siggi (certainly, the FBI has other ways of finding out what happens to financial files, and in many contexts, a whistleblower leaking them would amount to theft). Nor does it say Siggi stole it. Nor does Siggi’s understanding of whether it was leaked or stolen matter to the conspiracy indictment at hand, not least given its import to Assange and Manning’s alleged attempts to hack a password so she could leak documents, just what Siggi claims he believed bank employees had done. What matters, instead, is the joint shared goal of accessing it. Nothing Siggi says in his supposed recantation of this story undermines that claim.

Stundin’s third specific denial — that Siggi didn’t himself hack the phone recordings of MPs, but instead received them from a third party — is the single denial of a specific claim made in the indictment.

Thordarson now admits to Stundin that Assange never asked him to hack or access phone recordings of MPs. His new claim is that he had in fact received some files from a third party who claimed to have recorded MPs and had offered to share them with Assange without having any idea what they actually contained. He claims he never checked the contents of the files or even if they contained audio recordings as his third party source suggested. He further admits the claim, that Assange had instructed or asked him to access computers in order to find any such recordings, is false.

The indictment does claim that Siggi obtained these files after Assange requested that Siggi hack things.

In early 2010, ASSANGE asked Teenager to commit computer intrusions and steal additional information, including audio recordings of phone conversations between high-ranking officials of the government of NATO Country-1, including members of the Parliament of NATO Country-1.


On March 10, 2010, after ASSANGE told Manning that ASSANGE had given an “intel source” a “list of things we wanted” and the source had agreed to provide and did provide four months of recordings of all phones in the Parliament of the government of a NATO Country-1, ASSANGE stated, “So that’s what I think the future is like ;),” referring to how he expected WikiLeaks to operate.

Siggi denies he hacked anything to get these files, but he does say he got them. He got them, instead, from a third party, unasked. Even if that’s true (and even if the third party wasn’t the intel source), the key point here is that Assange enticed Manning to keep providing requested documents by claiming he had successfully requested and obtained the recorded calls.

The specific denials in this story, even if true, don’t actually deny anything of substance and in one case is completely consistent with the indictment. More importantly, none of these denials are relevant to the way in which Baraitser used them, which is to discuss how Assange’s interactions with Siggi, Manning, and House were part of a unified effort; that unified effort is the only reason Iceland (but not Siggi alone) is key.

The story is silent about or confirms the more serious allegations about Siggi

And the parts of the indictment where Siggi’s role is key, which pertain to Assange’s alleged entry into a conspiracy with Lulzsec to hack Stratfor and to hack a Wikileaks dissident, are unaddressed in this story. For example, Stundin describes reading chat logs Siggi provided — which is not the full set of chatlogs available to the US government, though Stundin claims they must be comprehensive — and finding no proof in the chatlogs that anyone at Wikieaks ordered him to ask other hackers to hack websites. But their focus is on why Siggi asked other hackers to hack Icelandic sites. There’s no mention of hacking US sites.

The chat logs were gathered by Thordarson himself and give a comprehensive picture of his communications whilst he was volunteering for Wikileaks in 2010 and 11. It entails his talks with WikiLeaks staff as well as unauthorized communications with members of international hacking groups that he got into contact with via his role as a moderator on an open IRC WikiLeaks forum, which is a form of live online chat. There is no indication WikiLeaks staff had any knowledge of Thordarson’s contacts with aforementioned hacking groups, indeed the logs show his clear deception.

The communications there show a pattern where Thordarson is constantly inflating his position within WikiLeaks, describing himself as chief of staff, head of communications, No 2 in the organization or responsible for recruits. In these communications Thordarson frequently asks the hackers to either access material from Icelandic entities or attack Icelandic websites with so-called DDoS attacks. These are designed to disable sites and make them inaccessible but not cause permanent damage to content.

Stundin cannot find any evidence that Thordarson was ever instructed to make those requests by anyone inside WikiLeaks. Thordarson himself is not even claiming that, although he explains this as something Assange was aware of or that he had interpreted it so that this was expected of him. How this supposed non-verbal communication took place he cannot explain. [my emphasis]

More bizarre still, Stundin describes Siggi admitting that “Assange was aware of or that he had interpreted it so that this was expected of him.” This actually confirms the most important key allegation pertaining to Lulzsec, that when Siggi was negotiating all this, he claimed to DOJ and still claims now, Assange knew and approved of it. And in fact the indictment alleges that Siggi proved to Topiary he was working with Assange by filming himself sitting with Assange, a non-verbal communication that — because Siggi deleted it — would not have been included in the chatlogs that Stundin insists had to be comprehensive.

To show Topiary that Teenager spoke for WikiLeaks so that an agreement could be reached between WikiLeaks and LulzSec, Teenager posted to YouTube (and then quickly deleted) a video of his computer screen that showed the conversation that he was then having with Topiary. The video turned from Topiary’s computer screen and showed ASSANGE sitting nearby.

In fact, the only specific denial regarding LulzSec in this piece pertains to Sabu, not any of the people that Siggi is alleged to have spoken with.

Thordarson continued to step up his illicit activities in the summer of 2011 when he established communication with “Sabu”, the online moniker of Hector Xavier Monsegur, a hacker and a member of the rather infamous LulzSec hacker group. In that effort all indications are that Thordarson was acting alone without any authorization, let alone urging, from anyone inside WikiLeaks.

There’s no allegation in the indictment pertaining to Siggi’s conversations with Sabu. It alleges he was part of the conspiracy, but not that he spoke with Siggi.

Finally, the one other key allegation involving Siggi in the indictment — that Assange asked him to hack a WikiLeaks dissident — is actually sourced independently to an Assange comment. Nothing in this article denies it specifically, but it’s not even necessarily sourced to Siggi.

There’s no there there in this article. Moreover, all the claims in it — most notably, that Siggi is a sociopath and a liar — have been long known. What the article misunderstands is where Siggi’s testimony may be important, where it served to explain existing documentary files, and the many ways in which DOJ ensured it didn’t rely on such an easily discredited witness. The article also doesn’t understand how co-conspirator statements — statements that have already been made — get entered at trial.

You go to trial with the sociopaths that a target like Julian Assange has chosen to associate with, not with the Boy Scouts you’d like to have as witnesses. But this indictment relies on that sociopath far less than Stundin would have you believe, and Siggi’s purported retractions do very little to rebut the indictment or Baraitser’s ruling about the case. More importantly, the article claims that the DOJ’s purported reliance on a sociopath is fatal, but their argument is based on the claims of that same sociopath.

WikiLeaks boosters claim it exonerates Julian Assange that someone they claim is a liar claims he lied

Admittedly, this is what WikiLeaks always does with their shoddy propaganda claims. They did it with their misrepresentations about a pardon dangle delivered by suspected Russian asset Dana Rohrabacher, they did it with the admission that former Sputnik employee Cassandra Fairbanks personally ferried non-public information about Assange’s prosecution from Don Jr’s best friend to Assange, and they did it with unsupported allegations about UC Global.

They don’t care what the actual evidence is or supports, so long as they have a shiny object that their army of boosters can point to to claim the indictment says something other than it does.

But this one is particularly remarkable because of shit like this.

Edward Snowden, who explained his theft of vast swaths of secret documents based on a claim that he had the judgment to know what he was seeing was abuse, claims to believe that this article “is the end of the case against Julian Assange.” That is, Ed Snowden has displayed for all the world that his critical reasoning skills are so poor that he doesn’t understand that — even if every single thing Siggi is reported to say in this article were true (including his claim that Assange knew and approved of his efforts to forge ties with LulzSec) — it would do little damage to the indictment against Julian Assange.

It amounts to Ed Snowden putting up a sign saying, “Oh sure, I knew better than the entire NSA, but I have such poor critical thinking skills I can’t read through a misleading headline.”

Worse still, what Ed Snowden is telling you to do is to trust the word of someone that — everyone agrees! — is a lying sociopath!! Ed and the entire WikiLeaks booster community here are endorsing the truth claims of someone they acknowledge in the same breath is a liar and a sociopath. What matters for them is not any critical assessment of whether Siggi could be telling the truth, but that the liar is saying what will help them.

Finally, the craziest thing is that Edward Snowden, who not only is personally named in five of the fifty CFAA overt acts, but whose own book confirms key allegations in those five overt acts, pretends that someone else is the star witness. Snowden’s own book, itself, could result in a guilty verdict on the CFAA claim, and the only way to prevent his book from serving that role is for Ed Snowden to claim he himself is a liar. This indictment could only be “poisoned top-to-bottom with false testimony” if Snowden came out tomorrow and claimed he was lying in his own book.

Ed Snowden’s own claim to be telling the truth distinguishes him as a whistleblower rather than a spy. But here, he affirmatively asks you to believe someone everyone agrees is a liar. And based on the belief that that liar was this time telling the truth, Ed asserts that an indictment that implicates his own truth claims is “poisoned top-to-bottom with false testimony.”

Update: One more thing I didn’t stress enough. This story doesn’t claim that prosecutors lied to the UK. Rather, they claim (without evidence about the full set of witnesses and evidence that DOJ relied on), that Siggi misled DOJ about two claims that don’t affect most of the CFAA charge.

Update: I’ve added language making it clear that the claim that Assange knew Siggi was negotiating ties with Lulzsec is still apparently based on what Siggi told DOJ and what he maintains now. That overt act is not the only one showing Assange entering into an agreement before they hacked Stratfor though.

Update: Subtropolis has convinced me to drop the references to Siggi as a child rapist, as he was underage too at the time.

Update: Corrected that the W administration was four Administrations ago.

PCLOB: The Essential Oversight Link Designed to Be Inadequate

Last year, there were a couple of measures that purported to respond to the problems with the Carter Page FISA application but which would not have helped him at all. In February, House Judiciary Committee rolled out a bill to replace the now-lapsed Section 215 of FISA that included a Privacy and Civil Liberties Oversight Board review of the impact that tradition FISA had on First Amendment Activities.


(a) REPORT.—Not later than one year after the date of the enactment of this Act, the Privacy and Civil Liberties Oversight Board shall make publicly available, to the extent practicable, a report on—

(1) the extent to which the activities and protected classes described in subsection (b) are used to support targeting decisions in the use of authorities pursuant to the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.); and

(2) the impact of the use of such authorities on such activities and protected classes.

As I noted at the time, because PCLOB’s mandate is limited to counterterrorism, it would not be able to look at counterintelligence targeting. This is not the first time that PCLOB’s mandate made its work less useful than it could be. Because its Section 702 report was necessarily limited to the counterterrorism uses of the law, PCLOB’s report did not address problems with the cybersecurity and counterproliferation uses of Section 702, both of which have far more unexpected impact on US person’s privacy than the counterterrorism use.

Then, in May, PCLOB’s Chair, Adam Klein, announced PCLOB was going to review traditional FISAs.

Adam I. Klein, the chairman of the privacy board, said that the issues Horowitz surfaced were precisely those that the board was established to examine.

“This is at the heartland of our jurisdiction,” said Klein, a lawyer and prominent researcher of FISA and other national security laws. “The IG found systemic compliance problems. At a minimum, we have a duty to inform ourselves.”

I again noted that PCLOB’s mandate would limit the value of such a review, and indeed, would prevent PCLOB from even reviewing the precipitating application, Page’s counterintelligence application.

Last week, Klein released the results of that review, billed and released not as a PCLOB report, but as a Chairperson’s White Paper (Klein has said he’d step down once Joe Biden replaced him). He makes clear,

I provide several observations and recommendations based on this review. These views are provided in my individual capacity as Chairman and should not be attributed to the Board as a whole or to other members of the Board.

Its recommendations are not obviously supported by the described scope of the review. His White Paper generally argues for more efficiency, a recommendation that conflicts with virtually all other conclusions that came out of the Carter Page review (though some of his recommendations to achieve efficiency, such as making the authorization period for non-US person FISA applications one year, make sense). He makes two recommendations (that the Woods file not require repeated documentation for repeated facts and that DOJ distinguish between information known at the time and information learned subsequent to an initial application) that would undercut some of the results of the DOJ IG Report on Carter Page.

Klein’s White Paper does recommend that a summary memo submitted with the application which highlights novel privacy, legal, or technological issues. If the FBI Director or his delegate were required to sign off on that summary as well as the current certification (that doesn’t address the probable cause content of the application in the least), it might provide a level of accountability that (Congress doesn’t yet understand) FISA currently lacks. Other than that, Klein’s White Paper reads as much like a valedictory trying to guide future PCLOB plans as it does a report to improve FISA. Almost two pages of the 26-page report constitutes a recommendation to reauthorize Section 215 of FISA.

But, as predicted, the review did not consider anything remotely pertinent to what happened to Carter Page.

To conduct its review of applications themselves, PCLOB asked for and received the subset of the 29 FISA files that DOJ IG is conducting a review of that pertain to counterterrorism as well as the backup exchange between FBI and DOJ regarding those applications. That included:

  • 19 total applications (out of 29 reviewed by DOJ IG)
  • All counterterrorism targets
  • Most located in United States at time of targeting

These details help us understand the two reports DOJ IG wrote about the full set of 29 files, which I wrote about here. Of the 29, ten must be counterintelligence files like Carter Page’s.

Because PCLOB did not review the counterintelligence applications, it only reviewed one of the two for which DOJ IG found a material error.  The second was a CI application that showed a worse error rate than the Carter Page file (which was measured using a different methodology than the Carter Page one).

It also didn’t review any Sensitive Investigative Matters — applications which, like Carter Page’s, involve someone who is a political, journalistic, or religious figure whose targeting should get extra scrutiny. That seems to suggest that DOJ IG did not include any counterterrorism applications targeting SIMs in its review (it would seem SIMs would be more likely to be targeted on the counterintelligence side, but we know of religious and political figures targeted under counterterrorism FISA applications). These would be the applications that pose the greatest privacy and civil liberties concern.

In lieu of that, FBI Office of General Counsel provided PCLOB with,

The number of “sensitive investigative matters” pertaining to U.S. persons in which FBI sought a FISA probable cause order in each year between 2015 and 2019, a summary of each matter (including the type of investigation and the features resulting in its classification as a “sensitive investigative matter”), and whether each request was granted.

That’s presumably how PCLOB learned that there aren’t all that many SIMs targeted under FISA.

[I]nformation received by the Board indicates that relatively few FISA applications are obtained each year in SIMs.

Still, this is the core of what you’d need to review to serve the function of PCLOB. Klein even appears not to have reviewed Page’s significantly declassified public applications, which would have been simple to do, would have provided him something to compare the counterterrorism applications he reviewed with, but which would have been outside the scope of PCLOB’s mandate.

This matters because PCLOB has been reasonably effective. Indeed, in a book published in April in recognition of the 50th Anniversary of the Pentagon Papers, Lisa Monaco (in a contribution submitted before she became Deputy Attorney General) pointed to PCLOB’s contributions after the Snowden releases as an important way forward to balance security and secrecy in the age of mass leaks. Monaco even recommended that PCLOB consult with the Director of National Intelligence prior to the implementation of certain policies. (Director of National Intelligence Avril Haines also contributed a chapter to the book, which was far more intriguing that Monaco’s.)

Another would be to institute a practice of DNI consultation with the PCLOB before the adoption of certain collection programs. The PCLOB served an important function after disclosures precisely because it is charged with considering privacy and civil liberties implications as well as the national security implications of counter-terrorism programs.82 It could be a valuable addition to the consideration and review of some intelligence programs for a standing body with the infrastructure to handle classified information to work with privacy officers in each agency to assess privacy concerns and conduct privacy impact assessments that are reported to the DNI.

But as noted above, even PCLOB’s Section 702 review suffered because it couldn’t look at several of the applications of 702, applications implicated by the Snowden releases.

Last year, I was told that efforts to expand the jurisdiction of PCLOB would be a poison pill to any bill to which they were attached. I can only assume that means the Executive doesn’t want to expose to scrutiny they kinds of practices that were central to the Carter Page application.

But if Lisa Monaco believes PCLOB has a role to play in balancing national security and secrecy, she should ensure its mandate is sufficiently broad to do that job.

Charlie Savage’s Obfuscations in the Service of Claiming Julian Assange Is a Journalist

Everyone is fighting for press freedoms again, and therefore lots of people are misrepresenting the facts about Julian Assange’s prosecution in purported defense of press freedom again.

These are the paragraphs with which UK Judge Vanessa Baraitser distinguished what Julian Assange is accused of from what “ordinary investigative journalists” entitled to protection in the UK or European Union do.

99. As part of his assistance to Ms. Manning, [Assange] agreed to use the rainbow tools, which he had for the purpose of cracking Microsoft password hashes, to decipher an alphanumeric code she had given him. The code was to an encrypted password hash stored on a Department of Defence computer connected to the SIPRNet. It is alleged that had they succeeded, Ms. Manning might have been able to log on to computers connected to the network under a username that did not belong to her. This is the conduct which most obviously demonstrates Mr. Assange’s complicity in Ms. Manning’s theft of the information, and separates his activity from that of the ordinary investigative journalist.

100. At the same time as these communications, it is alleged, he was encouraging others to hack into computers to obtain information. This activity does not form part of the “Manning” allegations but it took place at exactly the same time and supports the case that Mr. Assange was engaged in a wider scheme, to work with computer hackers and whistle blowers to obtain information for Wikileaks. Ms. Manning was aware of his work with these hacking groups as Mr. Assange messaged her several times about it. For example, it is alleged that, on 5 March 2010 Mr. Assange told Ms. Manning that he had received stolen banking documents from a source (Teenager); on 10 March 2010, Mr. Assange told Ms. Manning that he had given an “intel source” a “list of things we wanted” and the source had provided four months of recordings of all phones in the Parliament of the government of NATO country-1; and, on 17 March 2010, Mr. Assange told Ms. Manning that he used the unauthorised access given to him by a source, to access a government website of NATO country-1 used to track police vehicles. His agreement with Ms. Manning, to decipher the alphanumeric code she gave him, took place on 8 March 2010, in the midst of his efforts to obtain, and to recruit others to obtain, information through computer hacking.

101. Mr. Assange, it is alleged, had been engaged in recruiting others to obtain information for him for some time. For example, in August 2009 he spoke to an audience of hackers at a “Hacking at Random” conference and told them that unless they were a serving member of the US military they would have no legal liability for stealing classified information and giving it to Wikileaks. At the same conference he told the audience that there was a small vulnerability within the US Congress document distribution system stating, “this is what any one of you would find if you were actually looking”. In October 2009 also to an audience of hackers at the “Hack in the Box Security Conference” he told the audience, “I was a famous teenage hacker in Australia, and I’ve been reading generals’ emails since I was 17” and referred to the Wikileaks list of “flags” that it wanted captured. After Ms. Manning made her disclosures to him he continued to encourage people to take information. For example, in December 2013 he attended a Chaos computer club conference and told the audience to join the CIA in order to steal information stating “I’m not saying don’t join the CIA; no, go and join the CIA. Go in there, go into the ballpark and get the ball and bring it out”.

Assange is not an “ordinary investigative journalist,” according to the judge who ruled that his extradition would not violate journalistic protections, because he allegedly:

  • Tried to help Manning hack a password
  • Solicited hacks of Iceland
  • Identified a vulnerability in a US server and encouraged people to use it
  • In a speech invoking WikiLeaks’ role in helping Edward Snowden to flee to what ended up being Russia, allegedly encouraged people to join the CIA with the express intent of stealing files from it

A key point for Baraitser is this was all happening at the same time, Assange was allegedly soliciting hacks in Iceland even as he attempted to help Manning crack a password, and Manning knew about the other hacking.

Charlie Savage mentions none of this in a story explaining that Julian Assange’s extradition and prosecution, “raised the specter of prosecuting reporters.” He doesn’t even mention the second superseding indictment at all, the one that lays out (among other things) the allegation that Assange entered in a conspiracy to hack Stratfor, a hack that at least six people on both sides of the Atlantic already did time for.

But the specter of prosecuting reporters returned in 2019, when the department under Attorney General William P. Barr expanded a hacking conspiracy indictment of Julian Assange, the WikiLeaks founder, to treat his journalistic-style acts of soliciting and publishing classified information as crimes.

From there, Charlie tells a narrative that WikiLeaks has been pushing as part of Assange’s extradition defense, a claim that because DOJ Public Affairs head Matthew Miller said, in November 2013, that DOJ could not distinguish Julian Assange from what the NYT does, that means that the Obama Administration continued to face that challenge for the remaining three years of the Obama Administration, long after Miller left, and right through the time WikiLeaks played a key role in a Russian intelligence-led attack on American democracy. As Charlie presents it — citing no sources or public records, and I asked him if he was relying on any and he didn’t respond — the decision to prosecute Julian Assange arose not so much from a subsequent investigation that came to distinguish Assange’s actions from those of journalists, but instead because the Trump Administration “was undeterred” about the prospect of damaging “mainstream news outlets.”

Obama-era officials had weighed charging Mr. Assange for publishing leaked military and diplomatic files, but worried about establishing a precedent that could damage mainstream news outlets that sometimes publish government secrets, like The Times. The Trump administration, however, was undeterred by that prospect.

For now, the First Amendment issues are on hold as Mr. Assange fights extradition from Britain. Soon after the Biden administration took office, the Justice Department pressed forward with that extradition effort in British court, leaving the charges in place.

But that was before Mr. Garland was sworn in — and before the latest uproar about the escalating aggression of the Justice Department’s leak investigation tactics prompted him to focus on drafting a new approach that, he testified, will be “the most protective of journalists’ ability to do their jobs in history.”

It’s Trump’s doing, not the result of further investigation, Charlie reports, as news.

The WikiLeaks narrative that Charlie repeats unquestioningly is inconsistent with an April 2017 report — one Assange’s journalism professor expert witness claims to have been unable to find with the magic of Google — that what came to distinguish Assange from other journalists was his role in helping Edward Snowden.

The US view of WikiLeaks and Assange began to change after investigators found what they believe was proof that WikiLeaks played an active role in helping Edward Snowden, a former NSA analyst, disclose a massive cache of classified documents.

We now know, four years later, that not just DOJ but even “mainstream news outlets” considered what WikiLeaks did to help Snowden something other than journalism.

Bart Gellman’s book (which was published before the most recent superseding indictment) not only lays out how WaPo’s lawyers told Gellman that he and Laura Poitras could not safely, under the law, play the role (which is referenced in the superseding indictment against Assange that Charlie doesn’t mention) that WikiLeaks would end up playing, helping Snowden get asylum in what ended up be an adversarial nation. Gellman even cites communications he and Poitras sent to Snowden in real time explaining that taking steps to help Snowden get asylum in what might be, and as it happens turned out to be, a hostile country was not journalism.

We had lawyered up and it showed. “You were clear with me and I want to be equally clear with you,” I wrote. “There are a number of unwarranted assumptions in your email. My intentions and objectives are purely journalistic, and I will not tie them or time them to any other goal.” I was working hard and intended to publish, but “I cannot give you the bottom line you want.”

Poitras wrote to him separately.

There have been several developments since Monday (e.g., your decision to leave the country, your choice of location, possible intentions re asylum), that have come as a surprise and make [it] necessary to be clear. As B explained, our intentions and objectives are journalistic. I believe you know my interest and commitment to this subject. B’s work on the topic speaks for itself. I cannot travel to interview you in person. However, I do have questions if you are still willing to answer them. [my emphasis]

In other words, WaPo’s own lawyers made it clear that helping an intelligence source obtain asylum in another country is not journalism and might, instead, be viewed by the US government as abetting espionage.

Given Charlie’s focus on the transition from the Trump to Biden Administration, there’s something else glaringly absent from his story: the official record on the government response to WikiLeaks’ role in the 2016 election attack. Admittedly, great swaths of that discussion remain redacted (which suggests there’s stuff we may not know), but the Senate Intelligence Committee’s report the Obama Administration’s response to the 2016 Russian interference campaign discussed how part of that process involved “develop[ing] a complete understanding of WikiLeaks.”

The executive branch struggled to develop a complete understanding of WikiLeaks. Some officials viewed WikiLeaks as a legitimate news outlet, while others viewed WikiLeaks as a hostile organization acting intentionally and deliberately to undermine U.S. or allies’ interests.

In other words, in 2016 — three years after the Miller quote that WikiLeaks has trained obedient journalists to parrot unquestioningly — the government came to some new “complete” understanding of WikiLeaks. One of the most important players in this process was then White House Homeland Security Advisor, Lisa Monaco. Her interview with the committee is cited repeatedly in the unredacted passages of the report.

Admittedly, Monaco’s views on how or whether her own understanding of WikiLeaks changed as part of that process do not appear in the report. The SSCI report redacts what those Obama officials came to understand about WikiLeaks in the waning days of the Obama Administration. But, in a story presented as “news,” it seems important to consider how that process might influence Monaco’s understanding of the case against Assange, given that one of the last things she did when last in government was struggle to respond to an attack on American democracy in part because the government treated WikiLeaks as a journalistic outlet for far too long during the attack. Whatever she believes, Monaco knows far more than Matthew Miller, or us, for that matter. We might not agree with her thus far non-public understanding of WikiLeaks, but even the four year old understanding of WikiLeaks she brought to her position as Deputy Attorney General surely will have a bigger influence on DOJ’s decisions about Assange going forward than what the Public Affairs guy said eight years ago.

It’s not that I disagree that some of the charges against Assange — particularly for publishing the names of US and Coalition informants — present a dangerous precedent. They do, and those risks are important to talk about, accurately and honestly. On that note, though, it’s again worthwhile to see how Baraitser distinguishes Assange (note, the circumstances of the release of the informant names is the area where Assange presented the most evidence to challenge the government’s evidence).

The defence submits that, by disclosing Ms. Manning’s materials, Mr. Assange was acting within the parameters of responsible journalism. The difficulty with this argument is that it vests in Mr. Assange the right to make the decision to sacrifice the safety of these few individuals, knowing nothing of their circumstances or the dangers they faced, in the name of free speech. In the modern digital age, vast amounts of information can be indiscriminately disclosed to a global audience, almost instantly, by anyone with access to a computer and an internet connection. Unlike the traditional press, those who choose to use the internet to disclose sensitive information in this way are not bound by a professional code or ethical journalistic duty or practice. Those who post information on the internet have no obligation to act responsibly or to exercise judgment in their decisions. In the modern era, where “dumps” of vast amounts of data onto the internet can be carried out by almost anyone, it is difficult to see how a concept of “responsible journalism” can sensibly be applied.


Free speech does not comprise a ‘trump card’ even where matters of serious public concern are disclosed (see Stoll above), and it does not provide an unfettered right for some, like Mr. Assange, to decide the fate of others, on the basis of their partially informed assessment of the risks.


The New York Times published the following condemnation on 25 July 2012:

“The Times and the other news organizations agreed at the outset that we would not disclose —either in our articles or any of our online supplementary material — anything that was likely to put lives at risk or jeopardize military or antiterrorist operations. We have, for example, withheld any names of operatives in the field and informants cited in the reports. We have avoided anything that might compromise American or allied intelligence-gathering methods such as communications intercepts. We have not linked to the archives of raw material. At the request of the White House, The Times also urged WikiLeaks to withhold any harmful material from its Web site.”

This is a distinctly European decision. That’s true because in Europe, unlike the US, such protections are tied to being a journalist. Plus Baraitser argued that under EU law, Assange’s release violated privacy protections that simply don’t exist in the US. Mind you, it’s one thing to say the NYT won’t publish details that might endanger military operations and another thing to say such revelations shouldn’t be protected by the First Amendment. Even if WikiLeaks is a “hostile organization acting intentionally and deliberately to undermine U.S. or allies’ interests,” (as SSCI described), that should not, itself, surpass the First Amendment consideration.

But it underscores the point. There are First Amendment problems with the publication charges and, to a lesser extent, the other Manning-focused ones. But Assange actually wouldn’t be the first person extradited from the UK significantly for publication activities, the same thing happened to Minh Quang Pham for the few months he spent as AQAP’s graphic designer. That precedent has not only gone virtually unnoticed, but did little to harm the press freedom of others in the US. Not only are the First Amendment risks of Assange’s prosecution not tied to whether or not Assange is a journalist, but the effort to reinvent both the history of his prosecution and what he is accused of to turn him into a journalist has led a bunch of journalists and press freedom advocates to violate the principles that are supposed to distinguish journalism.


Insurance File: Glenn Greenwald’s Anger Is of More Use to Vladimir Putin than Edward Snowden’s Freedom

Glenn Greenwald risks making his own anger more valuable to Vladimir Putin than Edward Snowden’s freedom.

When WikiLeaks helped Snowden flee Hong Kong eight years ago, both WikiLeaks and Snowden had the explicit goal of using Snowden’s successful flight from prosecution to entice more leakers.

In his book, Snowden described that Sarah Harrison and Julian Assange’s goal in helping him flee Hong Kong was to provide a counterexample to the draconian sentence of Chelsea Manning.

People have long ascribed selfish motives to Assange’s desire to give me aid, but I believe he was genuinely invested in one thing above all—helping me evade capture. That doing so involved tweaking the US government was just a bonus for him, an ancillary benefit, not the goal. It’s true that Assange can be self-interested and vain, moody, and even bullying—after a sharp disagreement just a month after our first, text-based conversation, I never communicated with him again—but he also sincerely conceives of himself as a fighter in a historic battle for the public’s right to know, a battle he will do anything to win. It’s for this reason that I regard it as too reductive to interpret his assistance as merely an instance of scheming or self-promotion. More important to him, I believe, was the opportunity to establish a counterexample to the case of the organization’s most famous source, US Army Private Chelsea Manning, whose thirty-five-year prison sentence was historically unprecedented and a monstrous deterrent to whistleblowers everywhere. Though I never was, and never would be, a source for Assange, my situation gave him a chance to right a wrong. There was nothing he could have done to save Manning, but he seemed, through Sarah, determined to do everything he could to save me. That said, I was initially wary of Sarah’s involvement. But Laura told me that she was serious, competent, and, most important, independent: one of the few at WikiLeaks who dared to openly disagree with Assange. Despite my caution, I was in a difficult position, and as Hemingway once wrote, the way to make people trustworthy is to trust them.


It was only once we’d entered Chinese airspace that I realized I wouldn’t be able to get any rest until I asked Sarah this question explicitly: “Why are you helping me?”

She flattened out her voice, as if trying to tamp down her passions, and told me that she wanted me to have a better outcome. She never said better than what outcome or whose, and I could only take that answer as a sign of her discretion and respect.

It’s not just Snowden’s impression, though, that WikiLeaks intended to make an example of him. The superseding indictment against Assange cites several times when Assange invoked WikiLeaks’ role in Snowden’s successful escape to encourage others (including CIA Systems Administrators like Joshua Schulte, who had a ticket to Mexico when the FBI first interviewed him and seized his passports) to go do what Snowden did. British Judge Vanessa Baraitser even included one of those speeches in paragraphs distinguishing what Assange is accused of from legal journalism. And as early as 2017, public reporting said that WikiLeaks’ assistance to Snowden was what changed how DOJ understood WikiLeaks and why it began to consider prosecuting Assange. It wasn’t Trump that led DOJ to stop treating Assange as a journalist, it was Snowden.

According to Snowden’s own words, he shared WikiLeaks’ goal of setting an example to inspire others. In an email that Snowden must have sent Bart Gellman weeks before the exchange between him and Harrison above, Snowden described steps he took to give other leakers (this may be Gellman’s paraphrase), “hope for a happy ending.”

In the Saturday night email, Snowden spelled it out. He had chosen to risk his freedom, he wrote, but he was not resigned to life in prison or worse. He preferred to set an example for “an entire class of potential whistleblowers” who might follow his lead. Ordinary citizens would not take impossible risks. They had to have some hope for a happy ending.

To effect this, I intend to apply for asylum (preferably somewhere with strong internet and press freedoms, e.g. Iceland, though the strength of the reaction will determine how choosy I can be). Given how tightly the U.S. surveils diplomatic outposts (I should know, I used to work in our U.N. spying shop), I cannot risk this until you have already gone to press, as it would immediately tip our hand. It would also be futile without proof of my claims—they’d have me committed—and I have no desire to provide raw source material to a foreign government. Post publication, the source document and cryptographic signature will allow me to immediately substantiate both the truth of my claim and the danger I am in without having to give anything up. . . . Give me the bottom line: when do you expect to go to print?

Citizenfour also quotes Snowden describing how he hoped that proof that his “methods work[]” would encourage others to leak.

If all ends well, perhaps the demonstration that our methods worked will embolden more to come forward.

Snowden’s “methods” don’t work — they certainly haven’t for Daniel Hale, Reality Winner, or Joshua Schulte. But for each, Snowden played at least some role (there is ambiguity about how Schulte really felt about Snowden) in inspiring them to ruin their lives with magical thinking and inadequate operational security.

One of Snowden’s “methods” appears to entail quitting an existing job and then picking another at an Intelligence Community contractor with the intent of obtaining documents to leak. Snowden did this at Booz Allen Hamilton, and his book at least suggests the possibility he did that with his earlier job in Hawaii.

The government justified the draconian sentence that it had negotiated with Winner’s lawyers, in part, by claiming that she premeditated her leak.

Around the same time the defendant took a job with Pluribus requiring a security clearance in February 2017, she was expressing contempt for the United States, mocking compromises of our national security, and making preparations to leak intelligence information

Along with evidence Winner researched The Intercept’s SecureDrop before starting at her new job, the government supported this claim by pointing to three references Winner made to Snowden as or shortly after she started at Pluribus, including texts in which Winner told her sister she was on Assange and Snowden’s side the day the Vault 7 leak was revealed. That was still two months before she took the files she would send to The Intercept.

Had Hale gone to trial, the government would have shown that Hale discussed serving as a source for Jeremy Scahill by May 30, 2013, the day before he left NSA, and discussed Snowden — and hanging out with the journalists reporting on him — the day Snowden came forward on June 9. Then, on July 25, Hale sent Scahill a resume showing he was looking for counterterrorism or counterintelligence jobs. In December, Hale started the the job at Leidos where he would print out the files he sent to The Intercept.

You can think these leaks were valuable and ethical without thinking it a good idea to leave a months-long trail of evidence showing premeditation on unencrypted texts and social media.

Similarly, one of Snowden’s “methods” was to claim he had expressed concerns internally, but was ignored, a wannabe whistleblower stymied by America’s admittedly failed support for whistleblowers, especially those at contractors.

In the weeks before Snowden left NSA, he made a stink about some legal issues and NSA’s training programs (about how FISA Section 702 interacted with EO 12333) that he subsequently pointed to as his basis for claiming to be a whistleblower. The complaint was legit, and one NSA department actually did take notice, but it was not a formal complaint; indeed, it was more a complaint about US law. But his complaint had nothing to do with the vast majority of the documents that have been published based off his files, to say nothing of the far greater set of documents he took. And he made the complaint long after having prepared for months to steal vast amounts of files.

Similarly, Joshua Schulte wrote two emails documenting purported concerns about CIA security, one to a colleague less than a month before he left, which he didn’t send, and then, on his final day, one to CIA’s Inspector General that he falsely claimed was unclassified, a copy of which he was seen taking with him when he packed up. In the first search warrant for Schulte’s house obtained on March 13, 2017, less than a week after the initial Vault 7 release, the FBI had already found those emails and deemed Schulte’s treatment of them as suspect. And when they found a copy of the classified letter to the IG stashed in his headboard, it gave them cause to seize Schulte’s passports on threat of arrest. Snowden’s “methods” didn’t deliver Schulte a “happy ending;” they made Schulte’s apprehension easier.

To the extent Schulte could be shown to be following Snowden’s “methods” (again, that question was not resolved at his first trial) it would be a fairly damning indictment of those methods, since this effort to create a paper trail as a whistleblower was such an obvious attempt to retroactively invent cover for leaks for which there was abundant evidence Schulte’s motivation was spite and revenge. Maybe that’s why someone close to Assange explicitly asked me to stop covering Schulte’s case.

Had Daniel Hale gone to trial, the government undoubtedly would have used the exhibits showing that Hale had never made any whistleblower claims in any of the series of government jobs where he had clearance as a way to push back on his claim of being a whistleblower, though Hale was outspoken about his criticisms of the drone program before he took most of the files he shared with The Intercept. Indeed, given the success of Hale’s earlier anti-drone activism, his case raises real questions about whether leaking was more effective than Hale’s frank, overt witness to the problems of the drone program.

Worse still, Snowden’s boasts about his “methods” appear to have made prosecutions more likely. An early, mostly-sealed filing in Hale’s case, reveals that the government set out to investigate whether Hale was The Intercept’s source because they were trying to figure out whom Snowden had “inspired” to leak.

Specifically, the FBI repeatedly characterized its investigation in this case as an attempt to identify leakers who had been “inspired” by a specific individual – one whose activity was designed to criticize the government by shedding light on perceived illegalities on the part of the Intelligence Community.

That explains why the government required Hale to allocute to being the author of an essay in a collection of Hale’s leaked documents involving Snowden: by doing so, they obtained sworn proof that Hale is the person Snowden and Glenn Greenwald were discussing, while the two were sitting in Moscow, in the closing sequence of Citizenfour. In the scene, Glenn flamboyantly wrote for Snowden how this new leaker and The Intercept’s journalist were communicating, what appears to be J-A-B-B-E-R. That stunt for the camera would have tipped the government off, in cinema release just two months after they had raided Hale’s home, to look for and reconstruct Hale’s Jabber communications with Jeremy Scahill, which they partly succeeded in doing.

Rather than being means to a “happy ending,” then, prosecutors have found Snowden’s “methods” useful to pursuing increasingly draconian prosecutions of people inspired by him.

And now, after Snowden and Greenwald failed to persuade Trump to pardon Snowden, Assange — and in a secondary effort — The Intercept’s sources (perhaps, like Assange, they find the association with Schulte counterproductive, because they didn’t even try to get him pardoned, even though Trump himself almost bolloxed that prosecution), Snowden is left demanding pardons on Twitter for the people he set out to convince leaking could have a “happy ending.”

By associating these leaks with someone being protected by Russia so that — in Snowden’s own words — he could encourage more leaks, Snowden only puts a target on these people’s back, making a justifiable commutation of Winner’s sentence less likely (Winner is due to get out on November 23, two days before the most likely time for Joe Biden to even consider commuting her sentence).

I’m grateful for Snowden’s sacrifices to release the NSA files, but his efforts to lead others to believe that leaking would be easy was bound to, and has, ended badly.

If Vladimir Putin agreed to protect Snowden in hopes that he would inspire more leakers to release files that help Russia evade US spying (as Schulte’s leak did, at a time when the US was trying to understand the full scope of what Russia had done in 2016), the US prosecutorial focus on Snowden-related leakers undermines his value to Putin, probably by design. As that happens, Snowden might reach the moment that observers of his case have long been dreading, the moment when Putin’s utilitarian protection of Snowden will give way to some other equally utilitarian goal.

This is all happening as Putin adjusts to dealing with Joe Biden rather than someone he could manipulate by (at the very least) feeding his narcissism, Donald Trump. It is happening in the wake of new sanctions on Russia, in response to which Putin put US Ambassador John Sullivan on a plane to deliver some message, in person, to Biden. It is happening as Biden’s response to the Colonial Pipeline attack, in which ransomware criminals harbored by Putin shut down US critical infrastructure for fun and profit, includes noting that he and Putin will meet in person soon, followed by the unexplained disabling of the perpetrators in the wake of the attack.

Meanwhile, even as Snowden is of less and less use to Putin, Glenn Greenwald’s utility continues to grow. Snowden, for example, continues to speak out about topics inconvenient to Putin, like privacy. The presence in Russia of someone like Snowden with his own platform and international credibility may become increasingly risky for Putin given the success of protests around Alexei Navalny.

Greenwald, by contrast, seems to have dropped all interest in surveillance and has instead turned many of his grievances — even his complaint that former NSA lawyer Susan Hennessey will get a job in DOJ’s National Security Division, against whom one can make a strong case on privacy grounds — into a defense of Russia. Greenwald spends most of his time arguing that a caricature that he labels “liberals” and another caricature that he labels “the [American] Deep State,” followed closely by another caricature he calls “the  [non-right wing propaganda] Media,” are the most malignant forces in American life. In his rush to attack “liberals,” “the Deep State,” and “the Media,” Greenwald has coddled the political forces that Putin has found useful, including outright racists and other right wing extremists. By the end of the Trump presidency, Greenwald was excusing virtually everything Trump did, up to and including his attempted coup based on the utter denigration of democratic processes. In short, Greenwald has become a loud and important voice in support of the illiberalism Putin favors, to say nothing of Greenwald’s use of a rhetoric unbound by facts.

That Greenwald spends most of his days deliberately inciting Twitter mobs is just an added benefit, to those who want to weaken America, to Greenwald’s defense of fascists.

Most of us who used to know Greenwald attribute his Russian denialism and his apologies for Trump at least partly to his desire to free Snowden from exile. Yet Greenwald’s tantrums, because of their value to Putin, may have the opposite effect.

Stoking Greenwald’s irrational furor over what he calls “liberals” and “the Deep State” and “the Media” would actually be a huge incentive for Putin to deal Snowden to the US, in maximally symbolic fashion. There is nothing that could light up Greenwald’s fury like Putin bringing Snowden to a summit with Biden, wrapped up like a present, to send back on Air Force One. (That’s an exaggerated scenario, but you get my point.)

Plus, if Putin played it right, such a ceremonial delivery of Snowden might just achieve the completion of the Snowden operation, the public release of all of the files Snowden stole, not just those that one or another journalist found to have news value.

The Intelligence Community has, over the years, said a bunch of things about Snowden that were outright bullshit or, at least, for which they did not yet have evidence. But one true thing they’ve said is that Snowden took a great many files that had no imaginable privacy value. Even from a brief period working in the full archive aiming to answer three very discrete questions about FISA, I believe that to be true. While some (including Assange) pressured Snowden and others to release all these files, Snowden instead ensured that journalists would serve a vetting role, and after some initial fumbling, The Intercept did a laudable job of keeping those files safe. So up to now, the fact that Snowden took far more files than any privacy concern — even privacy concerns divorced from all question of nationality — could justify may not have mattered.

But as far as I know there are still full copies out there and Russia would love to spin up Glenn Greenwald’s fury so much he would attempt to burn down his caricature of “The Deep State” in retaliation — much like Schulte succeeded in badly damaging the CIA — by releasing his set.

I believe Russia has been trying to do this since at least 2016.

To be very clear, I’m not claiming that Greenwald is taking money from or is any way controlled by Russia. I am very much not claiming that, in part because it wouldn’t be necessary. Why pay Greenwald for what you can get him to do for free?

And while I assume Greenwald would respect Snowden’s stated wishes and protect the files, like Trump, Greenwald’s narcissism and resentment are very, very easy buttons to push. Greenwald has been heading in this direction without pushing. It would be child’s play to have people friendly to Russia’s illiberal goals (people like Steve Bannon or Tucker Carlson) exacerbate Greenwald’s anger at “the Deep State” to turn it into the frenzy it has become.

Meanwhile, custody of Edward Snowden would be a very enticing dangle for Putin to offer Biden as a way to reset Russia’s relationship with the US. One cannot negotiate with Putin, one can only adjust the points of leverage over each other and hope to come to some stable place, and Snowden has always been at risk of becoming a bargaining chip in such a relationship. By turning Snowden over to the US to be martyred in a high profile trial, Putin might wring the last bit of value out of Snowden. All the better, from Putin’s standpoint, if Greenwald were to respond by releasing the full Snowden set.

For the past four years, Greenwald seems to have believed that if he sucked up to Putin and Trump, he’d win Snowden’s freedom, as if either man would ever deal in good faith. Instead, I think, that process has had the effect of making Greenwald more useful to Russia than Snowden is anymore. And at this point, Greenwald seems to have lost sight of the likelihood that his belligerent rants may well make Snowden less safe, not more.

Update: According to the government sentencing memo for Hale, they didn’t write up the statement of offense, Hale did.

Hale pled guilty without any plea agreement, and submitted his own Statement of Facts. Def.’s Statement of Facts, Dkt. 197 (“SOF”).

The George Nader Problem: NSA Removes the Child Exploitation Content from Its Servers

When Lebanese-American dual citizen George Nader was stopped at Dulles after arriving on a flight from Dubai on January 17, 2018, he had at least 12 videos on his phone depicting boys as young as two years old being sexually abused, often with the involvement of farm animals. In the days before a Mueller prosecutor obtained the contents of the three phones Nader had with him, Nader sat for at least four interviews with Mueller’s prosecutors and told a story (which may not have been entirely forthright) about how he brokered a meeting in the Seychelles between Russia and Erik Prince a year earlier. Nader exploited Prince’s interest in work with Nader’s own employer — Mohammed bin Zayed — to set up the back channel meeting, and as such was a very effective broker in the service of two foreign countries, one hostile to the US. As such, I assume, Nader became a key counterintelligence interest, on top of whatever evidence he provided implicating Trump and his flunkies.

Mueller’s team got the returns on Nader’s phones back on March 16. An FBI Agent in EDVA in turn got a warrant for the child porn. But two days after the agent got the warrant return, Nader skipped town and remained out of the country until days after Mueller shut down his investigation, at which point he returned to the US and was promptly arrested for his abuse of children. Even without the other influence peddling that Nader had done on behalf of the Emirates, he would have remained a key counterintelligence interest for the entire 14 months he remained outside the country. After all, Nader had been making key connections since at least the time he introduced Ahmed Chalabi to Dick Cheney, and probably going back to the Clinton Administration.

So it is quite possible that for the entire period Nader was out of the country, he was surveilled. If that happened, it almost certainly would have happened with the assistance of NSA. As an agent of Dubai, he would be targetable under FISA, but as a US citizen, targeting him under FISA would require an individualized FISA warrant, and the surveillance overseas would take place under 705b.

If the surveillance did happen, Nader’s sexual abuse of boys would have had foreign intelligence value. It would be of interest, for example, to know who knew of his abuse and whether they used it as leverage over Nader. The source of the videos showing the children being exploited would be of interest. So, too, would any arrangements Nader made to procure the actual boys he abused, particularly if that involved high powered people in Middle Eastern countries.

Understanding how George Nader fit in international efforts to intervene in US affairs would involve understanding his sexual abuse of boys.

And that poses a problem for the NSA, because it means that really horrible content — such as Nader’s videos showing young boys being abused with goats for the object of an adult’s sexual pleasure — is among the things the NSA might need to collect and analyze.

I’ve been thinking about George Nader as I’ve been trying to understand one detail of the recent FISA 702 reauthorization. In January 2020, the NSA got permission to — in the name of lawful oversight — scan its holdings for child exploitation, stuff like videos of adults using goats to sexually abuse very young boys.

In a notice filed on January 22, 2020, the government informed the Court that NSA had developed a method, [redacted] of known or suspected child-exploitation material (including child pornography), to identify and remove such material from NSA systems. To test this methodology, NSA ran the [redacted] against a same of FISA-acquired information in NSA systems. The government concedes that queries conducted for such purposes do not meet generally applicable querying standard; nor do they fall within one of the lawful oversight functions enumerated in the existing NSA querying procedures. Nevertheless, NSD/ODNI opined that “the identification and removal of child exploitation material … from NSA systems that is a lawful oversight function under section IV.C.6,” and that the deviation from the querying procedures was “necessary to perform this lawful oversight function of NSA systems.” Notice of Deviation from Querying Procedures, January 22, 2020, at 3; see Oct. 19, 2020, Memorandum at 10.

NSA anticipates using such queries going forward, likely on a recurring basis, to proactively identify and remove child-exploitation material from its systems. The government submits that doing so is necessary to “prevent [NSA] personnel from unneeded exposure to highly disturbing, illegal material.” October 19, 2020, Memorandum at 10. The Court credits this suggestion and likewise finds that performance of these queries qualifies as a lawful oversight function for NSA systems. But the Court encouraged the government to memorialize this oversight activity in § IV.C.6, among the other enumerated lawful oversight functions that are recognized exceptions to the generally acceptable querying standards.

The government has done so. Section IV.C.6 now includes a new provision for “identify[ing] and remov[ing] child exploitation material, including child pornography, from NSA systems.” NSA Querying Procedures § IV.C.6.f. The Court finds that the addition of this narrow exception has no material impact on the sufficiency of the querying procedures taken as a whole.

At first, I thought they were doing this to protect the children. Indeed, my initial concern was that NSA was using these scans to expand the use of NSA queries for what wound up being law enforcement action, such that they could ask to do similar scans for the seven other crimes they’ve authorized sharing FISA data on (though of the other crimes, only snuff videos would be as easy to automate as child porn, which has a well-developed technology thanks to Facebook and Google). I thought that, once they scanned their holdings, they would alert whatever authority might be able to rescue the children involved that they had been victimized. After all, under all existing minimization procedures, the NSA can share proof of a crime with the FBI or other relevant law enforcement agency. Indeed, in 2017, FISC even authorized NSA and FBI to share such evidence of child exploitation with the National Center for Missing and Exploited Children, so they could attempt to identify the victims, help bring the perpetrators to justice, and track more instances of such abuse.

But that doesn’t appear to be what’s happening.

Indeed, as described, “saving the victims” is not the purpose of these scans. Rather, preventing NSA personnel from having to look at George Nader’s pictures showing goats sexually abusing small boys is the goal. When I asked the government about this, NSA’s Director for Civil Liberties, Privacy and Transparency, Rebecca Richards, distinguished finding child exploitation material in the course of intelligence analysis — in which case it’ll get reported as a crime — from this, which just removes the content.

NSA does not query collected foreign intelligence information to identify individuals who may be in possession of child exploitation material. This particular provision allows NSA to identify and remove known or suspected child-exploitation material (including child pornography) from NSA systems.

The Court agreed that this was appropriate lawful oversight to “prevent [NSA] personnel from unneeded exposure to highly distributing, illegal material.” The point of the query is not to surface the material for foreign intelligence analysis, the function of the query is to remove the material. If NSA finds such information in the course of its analytic process to identify and report on foreign intelligence, it will review and follow necessary crimes reporting.

The Court credits the suggestion to conduct this activity as part of NSA’s lawful oversight function. [my emphasis]

I asked NSA a bunch of other questions about this, but got no further response.

First, isn’t the NSA required to (and permitted to, under the minimization procedures) alert the FBI to all such instances they find? So wouldn’t this be no different from a law enforcement search, since if found it will lead to the FBI finding out about it?

Second, as offensive as this stuff is, isn’t it also of value from a foreign intelligence perspective? Ignoring that George Nader is a US person, if a high profile advisor to MbZ was known to exploit boys, wouldn’t that be of interest in explaining his position in MbZ’s court and his preference for living in Dubai instead of VA? Wouldn’t it be of interest in understanding the counterintelligence threat he posed?

If it is of FI interest (I seem to recall a Snowden revelation where similar discoveries were used against a extremist cleric, for example), then how is it recorded to capture the FI use before it is destroyed? And in recording it, aren’t there NSA and/or FBI personnel who would have to look more closely at it? Wouldn’t that increase the amount of child exploitation viewed (presumably with the benefit of finding more predators, even if they are outside US LE reach)?

Finally, can you tell me whether NCMEC is involved in this? Do they receive copies of the material for their databases?

Are you saying that if the NSA finds evidence of child exploitation via these searches, it does not refer the evidence to FBI, even if it implicates victims in the United States?

Another question I have given Richards’ response is, why would NSA personnel be accessing collections that happen to include child exploitation except for analytic purposes?

But maybe that’s the real answer here: NSA employees would access child exploitation 1) for analytical purposes (in which case, per Richards, it would get reported as a crime) or 2) inappropriately, perhaps after learning of its presence via accessing it for analytic purposes (something that is not inconsistent with claims Edward Snowden has made).

After all, there have been two really high profile examples of national security personnel accused of critical leaks in the last decade who also have been accused of possessing child pornography: Donald Sachtleben, who after he was busted for (amazingly) bringing child porn on his laptop into Quantico, he later became the scapegoat for a high profile leak about Yemen, and Joshua Schulte, on whose computer the government claims to have found child porn on when it searched the computer for evidence that he stole all of CIA’s hacking tools.

So perhaps the NSA is just removing evidence of child exploitation from its servers — which it spent a lot of resources to collect as foreign intelligence — to avoid tempting NSA employees from accessing it and further victimizing the children?

If that’s correct, then it seems that NSA has taken a totally backwards approach to mitigating this risk.

If you’re going to scan all of NSA’s holdings to ID child exploitation, why not do so on intake, and once found, hash and encrypt it immediately. Some of what analysts would be interested in — tracking the dissemination of known child porn or the trafficking of known victims by transnational organized crime, for example — could be done without ever viewing it, solely after those existing hashes. If there were some other need — such as identifying a previously unidentified victim — then the file in question can be decrypted as it is sent along to FBI. That would have the added benefit of ensuring that if NSA personnel were choosing to expose themselves to George Nader’s videos of young boys being abused with farm animals, then the NSA would have a record of who was doing so, so they could be fired.

I get why the NSA doesn’t want to host the world’s biggest collection of child abuse, particularly given its difficulties in securing its systems. I don’t have any answers as to why they’re using this approach to purge their systems.

Two One-Time Devin Nunes Flunkies Under Investigation for Leaks

Michael Ellis, the Devin Nunes flunky who had been installed as NSA General Counsel over more qualified people, resigned from NSA after being placed on leave since Inauguration Day. I hadn’t realized until I read Ellen Nakashima’s report on Ellis’ resignation that he was being investigated for leaking classified information, though Catherine Herridge reported that investigation in real time, the very same day that Ellis’ attorney wrote NSA inquiring about the investigation.

Meanwhile, a long David Ignatius profile of another Nunes flunky, Kash Patel, mentions that he, too, is under investigation for leaking classified information.

Patel repeatedly pressed intelligence agencies to release secrets that, in his view, showed that the president was being persecuted unfairly by critics. Ironically, he is now facing Justice Department investigation for possible improper disclosure of classified information, according to two knowledgeable sources who requested anonymity because of the sensitivity of the probe. The sources said the investigation resulted from a complaint made this year by an intelligence agency, but wouldn’t provide additional details.

Both of these men (along with a third Nunes flunky, Derek Harvey) have been a real threat to national security and both have a history of writing crappy reports for Nunes (recent reporting reminds that Ellis was the author of an unnecessarily shitty Edward Snowden report, for example). There’s little doubt they have released the kinds of material that have never before been released, but much of that would either be legal and/or protected by Speech and Debate.

But the fact that both are being investigated for leaking classified information raises questions whether leak investigations are just being used as an easy way to take out intelligence community critics, whether they’re both suspected of leaking the same information, or whether there’s more there.

The Ignatius story, in particular, is of interest, not least because he’s the guy who first reported Mike Flynn’s conversation with Sergey Kislyak in a seemingly sanctioned leak, making this report a kind of book-end to the Trump Administration. All the more so given that Ignatius not only notes the sensitivity of the probe into Patel, but then tells a story that likely relies on classified information of how Patel’s incompetence almost blew up a SEAL rescue mission in Niger.

Anger toward Patel within the national security bureaucracy mounted after an Oct. 31, 2020, hostage rescue mission in Nigeria. The incident, never previously reported in detail, was described by four high-level sources.

It was a rescue mission that was nearly aborted partly because of inadequate coordination by Patel. SEAL Team Six had been assigned to rescue 27-year-old Philip Walton, a missionary’s son who had been kidnapped by gunmen in Niger, near the border with Nigeria. Patel, as a senior counterterrorism adviser, had assured colleagues that the mission had a green light, according to several sources. The SEALs were ready to parachute into the rescue site from high altitude (one source estimated 30,000 feet) when there was a last-minute hitch.

But as the SEALs were about to jump, military commanders and State Department officials realized that one necessary item hadn’t been completed: The Nigerian government hadn’t been informed prior to the operation inside their country, as required.

A frantic last-minute effort to obtain the necessary permission ensued. The SEAL team’s aircraft held over the target, flying in a racetrack pattern, for about 45 minutes while the State Department tried to locate a Nigerian national security official who could receive the official notice. Finally, just 15 minutes before the operational window closed, the Nigerians were given word, the SEALs parachuted down, and the hostage was rescued.

Secretary of State Mike Pompeo and Gen. Mark A. Milley, chairman of the Joint Chiefs of Staff, were angry that, in their view, Patel had prematurely said the operation was fully cleared, according to knowledgeable officials. One senior Pentagon official said he was “incensed” at Patel. A second senior Pentagon official described Patel’s actions as potentially “dangerous” for the SEALs.

The attack on Patel’s role in the hostage rescue may be a signal about what Patel is suspected of leaking.

While Ignatius provides no indication of what Patel is suspected of leaking, the WaPo columnist does link to an interview Patel did with Aaron Maté. The interview is about what you’d expect from a propagandist interviewing a propagandist.  Patel makes a slew of false claims that Maté encourages: the purpose of FISA, what normally goes in FISA applications, the intelligence against Carter Page, what servers the FBI obtained as part of its investigation into the hack (Maté still ascribes the single server fallacy!), what Crowdstrike actually had access to, what Bruce Ohr’s FBI interviews actually showed. Perhaps the most hysterical part of the interview is where Patel claimed that the way to conduct an investigation is to follow the money, but Maté never asked him why HPSCI didn’t follow the money on a single Trump associate, to say nothing of Trump’s role in money laundering for Russian oligarchs.

Nevertheless, in their discussion about the Russian investigation, Patel was quite careful to avoid revealing non-public information, not even for a report he authored claiming poor tradecraft on the Intelligence Community Assessment of the Russian attack that both SSCI and John Durham have investigated and dismissed.

Maté similarly let Patel dodge really answering questions about his conduct on January 6, even though some of the biggest questions about that day pertain to why DOD delayed for three hours before reinforcing the Capitol, including why it took over 30 minutes for an order to deploy to get from Acting Secretary of Defense Christopher Miller to Guard Commander General William Walker who had been waiting on stand-by. In response to Maté’s question, Patel first repeated his selective breach of Executive Privilege to claim that Trump had already authorized Guard deployments, then answered a totally different question than the one Maté asked — not why DOD let the attack continue for 3 hours, long after it had gotten repeated requests for help, but how quickly DOD deployed the Guard after they had allowed an attack to happen across town while they watched.

We activated, from a start, the fastest augmentation and mobilization of uniformed military troops in the DC area since World War II, and we put 24,000 boots on the ground in less than 48 hours. I don’t know who’s saying we slow-rolled anything, because these are Guardsmen, they’re not active duty military.

While Patel violated Executive Privilege, there’s nothing classified about the belated Guard deployment.

It’s in-between those two conversations, though, where Patel may have succumbed to Maté’s persistent questioning about the very same topic about which Ignatius’ sources attack Patal: hostage rescues. Maté asked about a report that Patel had tried to negotiate the release of Austin Tice. Patel first responded to Maté by saying that he wouldn’t address whether Tice is alive or not. But then Maté followed up, and Patel told a self-serving story about his role in an attempt to free Tice. In it, Patel provided non-public details about his meeting with Assad representatives in Syria and may have confirmed an intercept on Bashar al-Assad.

Maté: Can you tell us anything about your discussions with Syrian officials, what they were asking from you, their level of openness to having talks with the US government?

Patel: Sure, I mean, look, that didn’t happen overnight. You know, one of President Trump’s priorities was, “go get American hostages home,” and I think we got over 50 — 53ish, hostages, detainees back — from 20-some countries maybe. Maybe a little less. But Austin Tice had been missing for, going on eight years, and we had made no headway, really, on it, so we made it a priority. We started working with our counterparts in the region. That trip was almost 18 months in the making. And we finally were able to land a meeting in Damascus because I told them, I said, “I’ll come see you. You send someone who can represent President Assad directly, because I can represent President Trump directly on this matter. And let’s go sit down.” And they said, “okay, come to Damascus.” And I don’t know if they thought we would show up or not. We did. And we were very clear. We said, “look, I understand I’m not getting Austin home on this trip, but I would like a proof of life. What would you like in return for that?” We had very frank conversations. They said, we want X amount of movement for the United States military. Troops stuff, and this and that. And I said, “look, all of that’s on the table. We can discuss all those things. I need a proof of life.” And they said they would take it back to Assad. Which they did. I know they did that. And then, I think shortly thereafter, I switched over to the Department of Defense, and tried to continue that mission, but, um, that one was one I just, unfortunately, didn’t succeed on. [my emphasis]

The most likely way that Patel would come to learn, with certainty, that whatever go-betweens he met with in Damascus actually did report back to Assad would be via an NSA or CIA intercept. If that is how he learned, then confirming that he knew Assad got a report back might have burned the intercept. Doing so with Maté at the Grayzone, which personally and as an outlet produce a lot of Assad apology, might be particularly sensitive. And the ease with which Maté appealed to Patel’s ego to get him to reveal these details would raise real questions about whether Patel played a role in the earlier WSJ story about the meeting, which was published on October 18, days before Patel almost fucked up the October 31 Niger mission.

That is, this Ignatius story seems like an effort to undermine Patel’s self-interested stories of heroism on hostage rescues, after he disclosed non-public details about one of them.

Which would also suggest that, whatever the merit of the investigation into Ellis (and I think GOP concerns about it have some merit), the investigation into Patel may be substantive.

Daniel Hale, Citizenfive

Jeremy Scahill: So if I have a confidential source who’s giving me information as a whistleblower and he works within the US government and he’s concerned about what he perceives as violations of the Constitution, and he gets in touch with me…

Bill Binney: From there on they would nail him and start watching everything he did, and if he started passing data, I’m sure they’d take him off the street. I mean, the way you have to do it is like Deep Throat did in the Nixon years — meet in the basement of a parking garage. Physically.

— Citizenfour

Last week, drone whistleblower Daniel Hale pled guilty. In pleading guilty, Hale admitted that he was the source behind The Intercept‘s Drone Papers package of stories that provided new details about the drone program as operated under President Obama. He also may have made clear that Laura Poitras’ film, Citizenfour, isn’t so much about Snowden, as it has always been described, but about Hale.

Hale pled guilty to one of five counts against him, Count 2 of the superseding indictment, 18 USC §793(e), for retaining and transmitting National Defense Information to Jeremy Scahill (Scahill was referred to as “the Reporter” in charging documents).

Before Hale pled guilty, the government released a list of exhibits it planned to use at trial. The exhibit list not only shows the government would have introduced a picture of Hale meeting publicly with Scahill at an event for the latter’s Dirty Wars, texts Hale sent to his friend Megan describing meeting Scahill, emails between Scahill and Hale sent months before they moved their communication to Jabber (those all were mentioned in the Indictment), but it included texts Hale and Scahill exchanged between January 24 and March 7, 2014, continuing after Hale had started the process of printing off documents at the contractor where he worked which he would ultimately send to Scahill. (The exhibit list doesn’t describe via what means they sent these texts and there are no correlating Verizon records prepared as exhibits covering that period, meaning they may not be telephony texts but instead could be the Jabber chats mentioned in the indictment, or maybe Signal texts). The government also would have introduced up to seven types of proof that Hale had printed each of the documents he was charged with, and badge records showing he was in his office and logged onto the relevant work computer each time those documents were printed out.

The government would also have submitted, for each of the agencies where Hale ever held clearance — NSA, DOD, a JSOC Task Force, NGA, and Air Force — a certification that the agency had no evidence that Hale had made any whistleblower complaints.

Unless those 2014 texts were from Jabber, there’s nothing in the exhibit list that obviously shows that the government was intending to introduce proof of three Jabber chats the government reconstructed that Hale had with Scahill, though those were mentioned in the indictment.

At the change of plea hearing last Thursday, the government refused to dismiss the four other counts against Hale, which Hale’s attorney, Todd Richman, said raised concerns that the government might revert to those charges if Judge Liam O’Grady didn’t sentence Hale harshly enough. O’Grady (who seemed as concerned about the possibility Hale might harm himself between now and the July 13 sentencing as anything else) as much as said that, if the government tried that, it would still amount to the same sentence, signaling he would have sentenced Hale with a concurrent sentence for all counts, had he gone to trial.

The plea agreement has not been released yet, but pleading guilty days before the trial was to start will give Hale a slight reduction in his sentence, but he’s still facing a draconian sentence for revealing details about the drone program.

That said, given what EDVA prosecutors — including Hale prosecutor Gordon Kromberg, who is the lead prosecutor on the Assange case — did to Chelsea Manning and Jeremy Hammond, I worry they might try something similar with Hale. From the start, the government has been interested in Hale for how he fit in the series of document leaks that started with Chelsea Manning and continued through Vault 7. That came up in mostly sealed filings submitted early in Hale’s prosecution.

[T]he FBI repeatedly characterized its investigation in this case as an attempt to identify leakers who had been “inspired” by a specific individual – one whose activity was designed to criticize the government by shedding light on perceived illegalities on the part of the Intelligence Community.

And the government intended to submit exchanges between Hale and Scahill about Snowden and Chelsea Manning at trial.

There are two things that appear in the Statement of Facts Hale pled guilty to that don’t appear in the indictment.

First, the biographical language that explains how Hale enlisted in the Air Force, quit in May 2013, and only then got a job at a defense contractor where he had access to the files he ultimately leaked, is slightly different and generally abbreviated (leaving out, for example, that Hale was assigned to the NSA from 2011 to 2013, overlapping with Snowden). However, the Statement of Facts adds the detail that, “In July 2009, while the United States was actively engaged in two wars,” Hale first enlisted. It’s as if to suggest that Hale knew he would end up killing people when he signed up to join the Air Force.

Of more interest, the Statement of Facts includes an admission that Hale authored an anonymous document that prosecutors had planned to use at trial.

Mr. Hale authored an essay, attributed to “Anonymous,” that became a chapter in a book published by the Reporter’s online news outlet (defined as Book 2 in the Superseding Indictment).

It’s a chapter in The Assassination Complex, a free-standing publication based on the documents Hale released.

The government first requested to use this document at trial in a sealed motion, accompanied by 6 exhibits, submitted on September 16, 2019 as part of the first wave of motions. But the judge didn’t resolve that request until November 17, 2020, a month after a hearing on that and other requests. In his order, O’Grady permitted the government to enter the chapter into evidence, but reminded them the jury gets to decide whether they believe the evidence is authentic or not.

The Court hereby ORDERS that the Government’s Motion to Admit an Anonymous Writing as an Admission of the Defendant (dkt. 54) is GRANTED, as the Court stated in the October 13 hearing; the government will be permitted to present the book chapter attributed to an anonymous author. Federal Rule of Evidence 901(a) requires the proponent of a piece of evidence to authenticate it before it can be admitted. United States v. Smith, 918 F.2d 1501,1510 (11th Cir. 1990). The Court’s role in determining whether evidence is authentic is limited to that of a gatekeeper in assessing whether the proponent has offered a satisfactory foundation.” United States v. Vidacak, 553, F.3rd 344, 349 (4th Cir. 2009). The court finds that the government has laid satisfactory foundation for the purpose of admitting the evidence at trial. It now falls to the jury to determine whether the evidence is indeed what the government says it is: an anonymous writing that was written by Defendant admitting to the conduct of which he is accused.

At trial, it seems, the government would have treated this chapter as a confession. There are three exhibits in their trial exhibit list — stills and video of an Obama event in June 2008 — that suggest they planned to authenticate it, in part, by pointing to the anonymous author’s admission that he shook then-Candidate Obama’s hand in 2008 and showing pictures of the exchange.

In 2008 I shook hands with Senator Obama when he came through my town on his way to the White House. After his inauguration he said, “Transparency and the rule of law will be the touchstones of this presidency.” I firmly believe those principles are crucial to an open society, which is why I was compelled to reveal this information. If this administration lacks the courage to uphold its promises to the people, then I and others like me will do so for them.

So after having made their case that this was Hale, they then would have asked the jury to consider it a confession that he was the leaker described throughout The Intercept‘s reporting on the drones.

But with Hale’s guilty plea, there’s no evidentiary value to this chapter anymore. (That is, unless the government wants to argue that the specific Tide Personal Numbers Hale listed in the chapter — TPN 1063599 for Osama bin Laden and TPN 26350617 for Abdul Rahman al-Awlaki — amount to new disclosures not included in the charged releases.) Hale has already admitted, under oath, to being the anonymous source referred to by journalists throughout the rest of the book.

What the admission that he was part of the book publication does do, however, is tie Hale far more closely with Snowden, who wrote a hubristic introduction for the book. In it, he tied his leaks with Manning’s and in turn his with Hale’s.

[U]nlike Dan Ellsberg, I didn’t have to wait forty years to witness other citizens breaking that silence with documents. Ellsberg gave the Pentagon Papers to the New York Times and other newspapers in 1971; Chelsea Manning provided the Iraq and Afghan War logs and the Cablegate materials to WikiLeaks in 2010. I came forward in 2013. Now here we are in 2015, and another person of courage and conscience has made available the set of extraordinary documents that are published here.

I noted, when Snowden called for Trump to pardon Hale along with The Intercept‘s other sources, Terry Albury and Reality Winner, he effectively put a target on Hale’s back, because it suggested those leaks all tied to him. All the more so, I now realize, given the way this Snowden essay suggests Hale’s leaks have some tie to him.

Snowden ended the introduction by suggesting there were far more people like Manning, himself, and Hale waiting to drop huge amounts of documents than there were the “insiders at the highest levels of government” guarding the monopoly on violence.

The individuals who make these disclosures feel so strongly about what they have seen that they’re willing to risk their lives and their freedom. They know that we, the people, are ultimately the strongest and most reliable check on the power of government. The insiders at the highest levels of government have extraordinary capability, extraordinary resources, tremendous access to influence, and a monopoly on violence, but in the final calculus there is but one figure that matters: the individual citizen.

And there are more of us than there are of them.

Yet the book suggests the links between Manning, Snowden, and Hale are merely inspirational.

Not so Citizenfour.

There’s a scene of the movie, quoted above, where Bill Binney warns Jeremy Scahill that if he wanted to publish documents from a source we now know to be Hale, with whom (trial exhibits would have shown) Scahill had already met in public, emailed, and texted during the period Hale was leaking, then (Binney instructed Scahill) he needed to do so by meeting in person, secretly.

It was probably too late for Hale by the time Binney gave Scahill this warning.

Then there’s the film’s widely discussed closing scene, showing a meeting where Glenn Greenwald flew to Moscow to update Snowden about “the new source” that has come to The Intercept. Apparently believing he’s using rockstar operational security, he’s writing down — on camera!!! — how The Intercept is communicating with this new source, bragging (still writing on camera about a source that had first reached out to Scahill via email and in person) that “they’re very careful.” One of the things he seems to write down is “Jabber,” chats from which the government obtained and might have released at Hale’s trial. In the scene, Greenwald continues to sketch out the contents of several of the documents — including one of the first ones to be published — that Hale just admitted he shared with The Intercept.

But in retrospect, the most important part of this sequence is where — against video footage showing Snowden and Lindsey in Moscow together — Poitras reads an email, dated April 2013 (a month before Hale quit the Air Force and NSA within days after Snowden fled to Hong Kong). She offers no explanation, not even naming the recipient of the email.

Let’s disassociate our metadata one last time, so we don’t have a clear record of your true name and our final communication chain. This is obviously not to say you can’t claim your involvement. But as every trick in the book is likely to be used in looking into this, I believe it’s better that that particular disclosure come on your own terms. Thank you again for all you’ve done. So sorry again for the multiple delays but we’ve been in unchartered territory with no model to benefit from. If all ends well, perhaps the demonstration that our methods worked will embolden more to come forward.

That email has received far less attention than Greenwald’s confident descriptions to Snowden of how someone inspired by his actions has come forward. But I remember when first viewing Citizenfour (which I watched long after it first came out), I had the feeling that Snowden was only feigning surprise when Greenwald told him of this new source and described the signals intercepts for the drone program going through Ramstein Air Base in Germany.

That is, that unexplained email may suggest that Hale met Snowden while both were at the NSA, and that days before the first Snowden releases, Hale quit, reached out to a close associate of Greenwald, then (months later) found a new job in the intelligence community where he could get files that would expose certain details of the drone program. The government had planned to introduce other movies at Hale’s trial. But Citizenfour was not on the exhibit list.

Update: PseudonymousInDenver has persuaded me this is a reference to Poitras, not to someone else.

That’s a detail I hadn’t realized before: Hale reached out to Scahill, then quit the Air Force and NSA, and only then got a new job that gave him access to files he ended up leaking.

I have no idea what the government intends to do, now that it has Hale admitting that he participated in this book in which Snowden promised a legion of similar leakers. I have always been concerned the government would go after Scahill. But now I think this is about Snowden.

Since last year, the government has explicitly argued that WikiLeaks considered its help to Snowden as part of a recruiting effort for further leakers (a detail of Julian Assange’s most recent superseding indictment that literally every one of Snowden’s closest associates has studiously avoided mentioning). They’re not making that up. It’s something Snowden admitted in his own book, and Bart Gellman described that Snowden was thinking the same as he leaked to Gellman. As noted, the government appears to have made a similar argument in sealed filings with Hale.

But one thing they seem to have demanded before they let Hale plead out before trial was a further admission, one that makes the Snowden tie more explicit.

Update: On Twitter, Hale corrected me that that TPN is for Awlaki’s son, not for Awlaki himself.