Posts

What if Julian Assange Flipped?

I’ve said this before, I’ll say it again: I hope to hell Chelsea Manning’s advisors are cognizant of the ways her attempts to avoid testifying against Julian Assange may put her in unforeseen legal jeopardy.

I’m thinking of that anew given my consideration of what I consider to be a distant, but real, possibility: that the US government would offer Assange a plea deal on the current charge he faces in exchange for testimony in a range of other issues. The idea is crazy, but perhaps not as crazy as it sounds.

As I laid out in this post, it seems the US government has been carefully orchestrating the Assange arrest since Ecuador first applied for diplomatic status for him in 2017 in an attempt to exfiltrate him, possibly to Russia. They’re now on the clock, with (depending on which expert you ask) just 44 more days to lard on the additional charges multiple outlets have reported are coming. Meanwhile, he’s being held at Belmarsh, with conflicting stories about what kind of visitors he’s been permitted — though the UN Special Rapporteur for Privacy did visit him this week. Though I’ve asked some top experts, it’s not entirely clear whether, if he were being interrogated right now, that’d be under UK law or US law; the former has fewer protections against self-incrimination for people being detained.

One passage of the Mueller Report may provide an explanation for why his prosecutors didn’t obtain Julian Assange’s testimony.

The Office limited its pursuit of other witnesses and information-such as information known to attorneys or individuals claiming to be members of the media-in light of internal Department of Justice policies. See, e.g., Justice Manual §§ 9-13.400, 13.410.

Assange would fall squarely within DOJ policy covering people who are subjects or targets of an investigation for activities related to their news-gathering activities.

Member of the news media as subject or target. In matters in which a member of the Department determines that a member of the news media is a subject or target of an investigation relating to an offense committed in the course of, or arising out of, newsgathering activities, the member of the Department requesting Attorney General authorization to use a subpoena, 2703(d) order, or 3123 order to obtain from a third party the communications records or business records of a member of the news media shall provide all facts necessary to a determination by the Attorney General regarding both whether the member of the news media is a subject or target of the investigation and whether to authorize the use of such subpoena or court order. 28 C.F.R. 50.10(c)(5)(i). If the Attorney General determines that the member of the news media is a subject or target of an investigation relating to an offense committed in the course of, or arising out of, newsgathering activities, the Attorney General’s determination should take into account the principles reflected in 28 C.F.R. 50.10(a), but need not take into account the considerations identified in 28 C.F.R. 50.10(c)(5)(ii) – (viii). Id. Members of the Department must consult with the PSEU regarding whether a member of the news media is a subject or target of an investigation related to an offense committed in the course of, or arising out of, newsgathering activities.

The EDVA case appears to have gotten over this policy (perhaps by distinguishing the assistance on cracking a password from newsgathering activities); but it’s not clear Mueller did (especially given the discussion of First Amendment considerations in passages relating to WikiLeaks). In any case, this calculus may change given that he’s in British, not US custody.

And there has been very little reporting on what’s going on with him — or with US investigations into him.

There are a number of investigations the government would love to get his testimony on, including:

Testimony against Joshua Schulte

Schulte is the accused Vault 7 leaker. WikiLeaks has been far less circumspect about the possibility he’s their source than with other leakers (while also engaging in far less of an effort to lay the case that he’s a whistleblower). Plus, the government has video evidence of Schulte attempting to leak classified information.

But thus far, Schulte’s prosecution has been slowed by CIA’s reluctance to share the classified information Schulte needs to defend himself. Plus, the FBI apparently bolloxed up the initial search warrants for Schulte (in what I suspect was a sloppy effort at parallel construction), which Schulte has been trying to win the ability to speak publicly about for over a year; he recently appealed a decision denying him a request to exempt those initial warrants from his protective order.

To the extent that Assange and Schulte (if he is really the Vault 7 source) communicated — and there’s good reason to believe WikiLeaks did communicate in advance of this publication — then Assange might be able to provide testimony that would get beyond the classification problems.

Testimony about the response to his pardon requests (including Roger Stone’s role in it)

I also believe that DOJ continues to investigate the long effort — an effort that includes Roger Stone, whom prosecutors say is still under investigation — in brokering a pardon for Assange, possibly in part for Assange providing disinformation about where the Democratic documents came from. Consider that, as recently as November, Mueller was trying to learn whether Trump had discussed pardoning Assange before his inauguration, a question about which Trump was especially contemptuous, even given his overall contempt for responding to questions.

Then there’s a subtle point I find really interesting. When the Mueller Report lays out all the times Don Jr magnified Russian trolls, it noted that the failson’s fondness for Russian propaganda continued after the election.

96 See, e.g., @DonaldJTrumpJr 10/26/16 Tweet (“RT @TEN_GOP: BREAKING Thousands of names changed on voter rolls in Indiana. Police investigating #VoterFraud. #DrainTheSwamp.”); @DonaldJTrumpJr 11/2/16 Tweet (“RT @TEN_GOP: BREAKING: #VoterFraud by counting tens of thousands of ineligible mail in Hillary votes being reported in Broward County, Florida.”); @DonaldJTrumpJr 11/8/16 Tweet CRT @TEN_GOP: This vet passed away last month before he could vote for Trump. Here he is in his #MAGA hat. #voted #ElectionDay.”). Trump Jr. retweeted additional @TEN_GOP content subsequent to the election.

[snip]

103 @DonaldJTrumpJr 11/7/16 Tweet (“RT @Pamela jetonc13. Detroit residents speak out against the failed policies of Obama, Hillary & democrats . . . . “) [my emphasis]

The page-long section (page 60) that lays out Don Jr’s innocuous pre-election interactions (which is how I described them when they were first published) does not, similarly, note the President’s son’s more damning interactions with WikiLeaks that took place after the election, where Assange once privately

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM

And then publicly asked for an Ambassadorship that would amount to a pardon.

Given the thoroughness of the report, I find the silence about these exchanges to be notable.

Admittedly, one aspect of the pardon campaign implicates Assange far more than (at least given the public details) it does Trump: his seeming attempt at extortion using the CIA’s hacking tools. But that doesn’t mean the government wouldn’t like his testimony about the larger effort, and I have reason to suspect that is something they were pursuing via other channels as well.

WikiLeaks’ ongoing interactions with Russia

Finally, I’m sure the US government would be willing to give Assange some consideration if he offered to describe his interactions with Russia over the years. The most public aspect of that was the WikiLeaks effort to get Snowden safely out of Hong Kong, which ended unexpectedly in Russia. But there are also credible allegations WikiLeaks engaged in some catch-and-kill of damning documents, most publicly with an incriminating document from the Syria Files. Emma Best looks more closely at that incident in a longer profile of a Russian hacker, Maksym Igor Popov, who seemed to shift loyalties back and forth from the US to Russia even while cultivating Anonymous.

Simultaneously, Sabu, who had been boasting about an alleged breach of Iranian systems, pivoted to the then-pending Syria files. “We owned central syrian bank and got all their emails,” he told Popov. There were “a lot of scandals” in those emails. In the 2012 exchange, Popov is told about an alleged email revealing that Syria had secretly sent Russia billions of Euros. Sabu appears to confuse the amount, which was 2 billion, with an amount from a similar transfer involving an Austrian bank. Reporting by The Daily Dot implies that the two emails were often discussed in the same conversation, while also revealing that the email Sabu was describing to the alleged Russian contractor was omitted from WikiLeaks’ eventual release.

WikiLeaks responded to the reporting by claiming that they “either never had the data or [that it was] in some strange MIME format so it isn’t indexed,” and that the reporting was an attack on WikiLeaks that was meant “to help HRC.”

Popov was impressed by Sabu’s description of the Syria emails, though he briefly confused them with another, unspecified cache that Sabu hinted Popov helped release. “If you want real access to the emails, I can [give it to you],” Sabu offered. Popov responded ecstatically, saying he could use it to create disinformation and fabricate conspiracies. Undaunted by Popov’s intended use for the emails, Sabu said he’d “try to set it all up soon.”

This exchange occurred several months after WikiLeaks received the first batch of the Syria files and several weeks after WikiLeaks gave the LulzSec hackers private access to a search engine to help parse the Stratfor emails which the group had also provided to WikiLeaks.

19:16 <Sabu> though we did very well on syria.. we owned central syrian bank and got all their emails 19:16 <LoD> and Nepalese hack 19:16 <Sabu> a lot of scandals ... like syria sending russia 5 billion euros before civil unrest and when russia sent warsip to trait of whateves its called 19:16 <LoD> Ive actually checked it RESPECT syria gave me some things to mastermind my next operations those email accounts were of much help to improve our strategy 19:17 <LoD> i give you thumbs up 19:17 <Sabu> well we didn't realease it yet ... that was another small hack you released. if you want real access to emails I can ive you 19:17 <LoD> really? 19:17 <LoD> can you? 19:17 <LoD> man I WILL BE in DEBT 19:17 <LoD> I can utilize it in my release 19:18 <LoD> to create a conspiracy 19:18 <Sabu> ya I'll try to set it all up soon

If Popov acquired early access to the Syria files, it would have been the score of a lifetime, giving him an exclusive early inside look at corporations and governments. However, as any later logs of discussions between Popov and Sabu aren’t part of the leaked file, it’s unclear if Popov actually received early access to the Syria files.

Already by this time period in 2011, some former Anons were expressing concern that their operations were being facilitated by Russian infrastructure.

Some followers came to believe that the leaders sought only personal aggrandisement or were effectively in cahoots with the organised criminals who may have raided Sony’s credit-card hoard after Anonymous knocked down the door. Even stalwarts such as Housh are unhappy that much of Anonymous’s infrastructure is now housed on computers used by Russian criminals. “It’s not like the Russians wanted us to get HBGary, but I want to know personally why they are doing this,” he says of the chat hosts. “Where is the money coming from?”

To be sure: a tie with Anonymous is different than a tie directly with WikiLeaks, even if Anonymous was serving as one of WikiLeaks’ important source streams at the time. Further, Best notes that there’s no evidence in available files that Popov interacted directly with WikiLeaks — nor would there be, given the scope of the publicly available chat logs.

But, particularly given the allegations that Assange fed the Seth Rich hoax as part of an effort to deny that he knew he had gotten the Democratic files from Russia, I’m sure the US government would love to know from him about any ties between WikiLeaks and Russia.

Offering Assange a plea deal might be one way to close the book on WikiLeaks without the political controversy of a trial.

The question, of course, is whether Assange would take one. Admittedly, it’s highly unlikely.

Still, as noted, he repeatedly claimed he’d love to tell all if he could avoid prison altogether. But even in a best case scenario, he’s looking at a long extradition fight from Belmarsh in conditions that are reportedly pretty shitty. A plea deal might be one way to limit how much more time in custody he faces.

Which could bode poorly for people like Chelsea Manning, making significant sacrifices to protect Assange.

As I disclosed last July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The Irony of Glenn Greenwald Cuddling Up with Bill Barr, the Grandfather of Ed Snowden’s Phone Dragnet

Glenn Greenwald, who has written two books about the abuse of Presidential power, continues to dig in on his factually ignorant claims about the Mueller report. For days, he and the denialists said that if Mueller’s report was being misrepresented by Bill Barr, Mueller would speak up. Now that Mueller’s team has done so, Glenn complains that these are anonymous leaks and nevertheless only address obstruction, not a conspiracy with Russia on the election.

Glenn and his lackeys in the denialist crowd who continue to willfully misrepresent the public evidence have yet to deal with the fact that Mueller has already presented evidence that Paul Manafort conspired with Russian Konstantin Kilimnik on the election, but that they weren’t able to substantiate and charge it because Manafort lied. Mueller’s team say they believe Manafort did so in hopes and expectation that if he helped Trump and denialists like Glenn sustain a “no collusion” line, he might get a pardon. That is, we know that Trump’s offers of pardons — his obstruction — specifically prevented Mueller from pursuing a fairly smoking gun incident where Trump’s campaign manager coordinated with Russians on the hack-and-leak.

As Glenn once professed to know with respect to Scooter Libby’s obstruction, if someone successfully obstructs an investigation, that may mean the ultimate culprit in that investigation escapes criminal charge.

Glenn’s denialism is all the more remarkable, though, given that this same guy who wrote two books on abuse of presidential power is choosing to trust a memo from Bill Barr that was obviously playing legalistic games over what the public record says. As Glenn must know well, Barr has a history of engaging in precisely the kind of cover-up of presidential abuses Glenn once professed to oppose, fairly epically on Iran-Contra. The cover-up that Barr facilitated on that earlier scandal was the model that Dick Cheney used in getting away with leaking Valerie Plame’s identity and torture and illegal wiretapping, the kinds of presidential abuses that Glenn once professed to oppose.

I find Glenn’s trust of Bill Barr, one of the most authoritarian Attorneys General in the last half century, all the more ironic, coming as it does the same week that DOJ IG released this IG report on several DEA dragnets.

That’s because Glenn’s more recent opposition to abuse of power comes in the form of shepherding Edward Snowden’s leaks. Glenn’s recent fame stems in significant degree to the fact that on June 5, 2013, he published a document ordering Verizon to turn over all its phone records to the government.

The dragnet Snowden revealed with that document was actually just the second such dragnet. The first one targeted the phone calls from the US to a bunch of foreign countries claimed, with no court review, to have a drug nexus. Only, that term “drug nexus”  came to include countries with no significant drug ties but instead a claimed tie between drug money and financing terrorism, and which further came to be used in totally unrelated investigations. That earlier dragnet became the model for Stellar Wind, which became the model for the Section 215 dragnet that Glenn is now famous for having helped Edward Snowden expose.

Here’s what the IG Report released the same week that Glenn spent hours cuddling up to Bill Barr says about the original dragnet.

Bill Barr, the guy Glenn has spent 10 days nuzzling up to, is the grandfather of the dragnet system of surveillance.

The IG Report also shows that Bill Barr — the guy Glenn has spent 10 days trusting implicitly — didn’t brief Congress at all; the program wasn’t first briefed to Congress until years after Barr left office the first time.

This is the man that former critic of abusive presidential power Glenn Greenwald has chosen to trust over the public record.

This is, it seems, the strange plight of the denialist left, cozying up to the kind of authoritarians that their entire career, at least to this point, have vigorously opposed.

As I disclosed last July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

10 Years of emptywheel: Key Non-Surveillance Posts 2016-2017

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten today.

To celebrate, over the next few days, the emptywheel team will be sharing some of our favorite work from the last decade. I’ll be doing probably 3 posts featuring some of my most important or — in my opinion — resilient non-surveillance posts, plus a separate post bringing together some of my most important surveillance work. I think everyone else is teeing up their favorites, too.

Putting together these posts has been a remarkable experience to see where we’ve been and the breadth of what we’ve covered, on top of mainstays like surveillance. I’m really proud of the work I’ve done, and proud of the community we’ve maintained over the years.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2016

Why Doesn’t Dianne Feinstein Want to Prevent Murders Like those Robert Dear Committed?

I’ve written a lot about how the focus on Islamic terrorism, based on a claim it’s foreign, creates gross inequalities for Muslims in this country, and does nothing to address some of our most dangerous mass killers (as the Stephen Paddock massacre in Las Vegas makes all too clear). This post is one of that series. It focuses on how the ill-advised efforts to use the No Fly List to create a list of those who couldn’t own guns would be discriminatory and wouldn’t add much to safety.

“Only Facts Matter:” Jim Comey Is Not the Master Bureaucrat of Integrity His PR Sells Him As

From the periods when Jim Comey was universally revered as a boy scout through those when Democrats blamed him for giving us Trump (through the time Democrats predictably flip flopped on that point), I have consistently pointed to a more complicated story, particularly with regards to surveillance and torture. I think the lesson of Comey isn’t so much he’s a bad person — it’s that he’s human, and no human fits into the Manichean world of good guys and bad guys that he viewed justice through.

NSA and CIA Hacked Enrique Peña Nieto before the 2012 Election

As Americans came to grips with the fact that Russia had hacked Democrats to influence last year’s election, many people forgot that the US does the same. And it’s not even just in the bad old days of Allen Dulles. The Snowden documents revealed that NSA and CIA hacked Enrique Peña Nieto in the weeks before he was elected in 2012. The big difference is we don’t know what our spooks did with that information.

Why Is HPSCI’s Snowden Report So Inexcusably Shitty?

In 2016, HPSCI released its Devin Nunes-led investigation into Edward Snowden’s leaks. It was shitty. Really shitty.

Now that the HPSCI investigation into the Russian hack (which has not been subjected to the same limitations as the Snowden investigation was) has proven to be such a shit show, people should go back and review how shitty this review was (including its reliance on Mike Flynn’s inflammatory claims). There absolutely should have been a review of Snowden’s leaks. But this was worse than useless.

Look Closer to Home: Russian Propaganda Depends on the American Structure of Social Media

As people began to look at the role of fake news in the election, I noted that we can’t separate the propaganda that supported Trump from the concentrated platforms that that propaganda exploited. A year later, that’s a big part of what the Intelligence Committees have concluded.

The Evidence to Prove the Russian Hack

In this post I did a comprehensive review of what we knew last December about the proof Russia was behind the tampering in last year’s election.

Obama’s Response to Russia’s Hack: An Emphasis on America’s More Generalized Vulnerability

Last year, in a speech on the hack, Obama focused more on America’s vulnerability that made it possible for Russia to do so much damage than he did on attacking Putin. I think it’s a really important point, one I’ve returned to a lot in the last year.

The Shadow Brokers: “A Nice Little NSA You’ve Got Here; It’d Be a Shame If…”

In December, I did a review of all the posts Shadow Brokers had done and suggested he was engaged in a kind of hostage taking, threatening to dump more NSA tools unless the government met his demands. I was particularly interested in whether such threats were meant to prevent the US from taking more aggressive measures to retaliate against Russia for the hack.

2017

On “Fake News”

After getting into a bunch of Twitter wars over whether we’re at a unique moment with Fake News, I did this post, which I’ve often returned to.

How Hal Martin Stole 75% of NSA’s Hacking Tools: NSA Failed to Implement Required Security Fixes for Three Years after Snowden

The government apparently is still struggling to figure out how its hacking tools (both NSA and CIA) got stolen. I noted back in January that an IG report from 2016 showed that in the three years after Snowden, the IC hadn’t completed really basic things to make itself more safe from such theft.

The Doxing of Equation Group Hackers Raises Questions about the Legal Role of Nation-State Hackers

One thing Shadow Brokers did that Snowden and WikiLeaks, with its Vault 7 releases, have not is to reveal the identities of NSA’s own hackers. Like DOJ’s prosecution of nation-state hackers, I think this may pose problems for the US’ own hackers.

Reasons Why Dems Have Been Fucking Stupid on the Steele Dossier: a Long Essay

I believe Democrats have been ill-advised to focus their Russia energy on the Steele dossier, not least because there has been so much more useful reporting on the Russia hack that the Steele dossier only makes their case more vulnerable to attack. In any case, I continue to post this link, because I continue to have to explain the dossier’s problems.

Other Key Posts Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

10 Years of emptywheel: Key Non-Surveillance Posts 2013-2015

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten today.

To celebrate, over the next few days, the emptywheel team will be sharing some of our favorite work from the last decade. I’ll be doing probably 3 posts featuring some of my most important or — in my opinion — resilient non-surveillance posts, plus a separate post bringing together some of my most important surveillance work. I think everyone else is teeing up their favorites, too.

Putting together these posts has been a remarkable experience to see where we’ve been and the breadth of what we’ve covered, on top of mainstays like surveillance. I’m really proud of the work I’ve done, and proud of the community we’ve maintained over the years.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

 

2011

DOJ Points to David Passaro’s Trial as Proof We Investigate Torture, But It Actually Proves John Yoo Should Be Tried

I’v written a lot about the David Passaro case — the only one associated with the CIA (he was a contractor training Afghans) to be prosecuted for abuse. This post summarizes a lot of the problems with his case and its use to claim that the US ever held itself responsible for torture.

One Year After Collateral Murder Release, DOD’s Networks Are Still Glaring Security Problem

I’ve done a ton of posts on how the government complains about leaks even while it fails to close gaping security holes in its networks. This was one of the first. A day later I noted that DOD wasn’t aspiring to fix these problems until 2013; as it would turn out, Edward Snowden managed to download NSA’s crown jewels before they would fix them.

The Drone War on Westphalia

For Independence Day in 2011, I wrote a post arguing that the damage the use of drones will do to sovereignty will pose a real problem, particularly with regard to the consent of the governed. In a follow-up I argued against invoking “national security” to defend policies that weaken the nation.

Pakistani Bounty Claims: Adnan Farhan Abd Al Latif and TD-314/00684-02

In the first of a bunch of posts on Adnan Farhan abd al Latif, I showed that the intelligence report on which his detention relied — which Judge Henry Kennedy had originally deemed unreliable — probably was used to detain a bunch of people turned over with bounties.

49% of Michigan’s African Americans to Lose Their Right to Self-Governance

As the country started focusing on MI’s disastrous policy of  emergency managers, I was the first to note the moment when half of Michigan’s African Americans lost their right to local self-governance.

2012

Why Has the Government Story about Who Ordered the UndieBomber to Attack the US Changed?

As part of an effort to justify drone-killing Anwar al-Awlaki, the government publicly blamed him for all of Umar Farouk Abdulmutallab’s attack on the US, blame which should have been shared with others in AQAP. This was the first post where I made that clear.

“The Gloves Come Off” Memorandum of Notification

I discovered that language the government was trying to keep classified in the ACLU torture FOIA was not (as ACLU mistakenly believed) a description about waterboarding, but instead an admission that torture was authorized by the September 17, 2001 Memorandum of Notification that authorized a bunch of other programs. This was a key post in a series of posts on the MON.

US Climate Inaction: Blame Dick Cheney

I believe the US invaded Iraq as part of a Cheney-backed decision to double down on our petroleum-based hegemonic position in the world, in the apparent belief that we can clean up the damage from climate change at some later time. Even our shift to fracking is more about power than the environment. Given how catastrophic the Iraq war was, and given everything that has occurred since — not least our singular abstention from the Paris Accord — I think it a particularly ironic choice.

Lanny Breuer Covers Up Material Support for Terrorism

I wrote a ton about Obama’s failure to prosecute the banks that blew up the world’s economy. One of the most important ones was the post where I laid out Lanny Breuer’s efforts to hide the fact that HSBC had materially supported al Qaeda. Of course, it got no more than a hand slap even as Pete Seda was in prison for closely related actions (Seda’s case ultimately blew up).

Other Key Post Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

702 Reauthorization: The Anti-Leak Package

As part of the draft Section 702 Reauthorization released this week, the House Judiciary Committee included what I’ll call the anti-leak package. They’re not actually presented in the same Title, but I want to consider them as a group as a way to consider whether they’ll do anything to make leaking less useful than internal whistleblowing.

The package consists of three things:

  • Increased penalties for improperly handling classified information
  • New protections for FBI whistleblowers and contractor whistleblowers
  • A GAO report on whether classification works

Increased penalties for improperly handling classified information

The first part of the package changes 18 USC 1924, which criminalizes unauthorized retention of classified documents, to make knowingly retaining classified information a felony, while creating a new misdemeanor for negligently retaining classified information.

SEC. 302. PENALTIES FOR UNAUTHORIZED REMOVAL AND RETENTION OF CLASSIFIED DOCUMENTS OR MATERIAL.

Section 1924 of title 18, United States Code, is amended—

(1) in subsection (a), by striking ‘‘one year’’ and inserting ‘‘five years’’;

(2) by redesignating subsections (b) and (c) as subsections (c) and (d), respectively; and 13 (3) by inserting after subsection (a) the following new subsection (b):

(b) Whoever, being an officer, employee, contractor, or consultant of the United States, and, by virtue of his office, employment, position, or contract, becomes possessed of documents or materials containing classified information of the United States, negligently removes such documents or materials without authority and knowingly retains such documents or materials at an unauthorized location shall be fined under this title or imprisoned for not more than one year, or both.

I think this was done to make what Hillary Clinton did a clear felony, so Republicans can squawk about it, rather than solving any real problem.

Which is a pity. Because those who want to write new laws criminalizing the retention and leaking of classified information (something I’m not advocating, but I understand the sentiment), it might be useful to write laws that address the problems we’re actually seeing.

For example, the Espionage Act should be rewritten to make it clear it only applies to real Espionage — the secret sharing of “national defense information” (which should be better defined) with an adversary for some kind of personal benefit. By all means, create something else that applies to the Edward Snowdens and Chelsea Mannings of the world, if you feel the need to. But in that law, do something to ensure that the David Petraeuses of the world — who leaked information to get laid and tell nice stories about himself — don’t get a wrist slap, while people who at least believe their acts to be benefitting the country face life imprisonment.

The degree to which the Espionage statute specifically, and leak prosecutions generally, have become the means to pursue arbitrary retaliation against people who don’t hew a party line undermines the legitimacy of the classification system, which (in my opinion, as someone who has covered most recent leak prosecutions) just leads to more leaking.

In related news, one of the reasons why magistrate Brian Epps Cobb denied Reality Winner bail yesterday is because she admires Snowden and Assange.

In addition, this week’s news that an NSA TAO hacker brought files home and used them on his machine running Kaspersky, thereby alerting Russia to them, suggests the need to consider the impact of even negligent improper handling, because it can have an impact akin to that of Snowden if it is compromised.

Finally, there should be some controls over abuse of Original Classification Authority, both in Prepublication Reviews, to prevent the selective censorship of important stories. And there should be some recognition that OCAs are often not the only source of information (which is one of the problems with the Hillary emails — her staffers were reporting widely known facts that the CIA later claimed a monopoly on, thereby making the information “classified”).

Perhaps the GAO review, below, can go some distance to making this happen.

New protections for contractor whistleblowers

There’s a section that extends the (still inadequate) whistleblower protections of the National Security Act to contractors, while adding protection (just for contractors!) for the reporting of “evidence of another employee or contractor employee accessing or sharing classified information without authorization.” It also adds additional reporting vehicles for FBI contractors (to DOJ or FBI’s Office of Professional Responsibility, to FBI’s Inspection Division, or to the Office of Special Counsel).

The bill also adds contractors to those you can’t retaliate against by stripping of security clearance if they’ve made a protected disclosure.

Contractor is defined as “an employee of a contractor, subcontractor, grantee, subgrantee, or personal services contractor, of a covered intelligence community element.”

As I said, this is just the protection extended to intelligence community employees, with enforcement by the President, the same guy who orders up the illegal activities (such as torture or domestic spying) of the IC.

Plus, I’m not sure the language protects against two other problems that have happened with contractors. First, the loss of a contract, which doesn’t seem to be included in the definition of personnel decisions. So an agency could retaliate not by denying a promotion, but simply denying a contract. And, for similar reasons, I’m not sure the language prevents a contractor from retaliating against one of their employees directly, particularly if they’re threatened with losing work.

As I said, I’m not sure on this. I await analysis from the people who work whistleblower issues all the time.

That said, while this is an important improvement that will extend the same inadequate protection that IC employees get to IC contractors, I think it doesn’t necessarily protect against some known kinds of retaliation.

A GAO report on whether classification works

Perhaps most interestingly, the bill asks GAO to conduct on a story on why we’re having so much leakage.

SEC. 303. COMPTROLLER GENERAL STUDY ON UNAUTHORIZED DISCLOSURES AND THE CLASSIFICATION SYSTEM.

(a) STUDY.—The Comptroller General of the United States shall conduct a study of the unauthorized disclosure of classified information and the classification system of the United States.

(b) MATTERS INCLUDED.—The study under subsection (a) shall address the following:

(1) Insider threat risks to the unauthorized disclosure of classified information.

(2) The effect of modern technology on the unauthorized disclosure of classified information, including with respect to—

(A) using cloud storage for classified information; and

(B) any technological means to prevent or detect such unauthorized disclosure.

(3) The effect of overclassification on the unauthorized disclosure of classified information.

(4) Any ways to improve the classification system of the United States, including with respect to changing the levels of classification used in such system.

(5) How to improve the authorized sharing of classified information, including with respect to sensitive compartmented information.

(6) The value of polygraph tests in determining who is authorized to access classified information.

(7) Whether each element of the intelligence community (as defined in section (4) of the National Security Act of 1947 (50 U.S.C. 3003(4))—

(A) applies uniform standards in determining who is authorized to access classified information; and

(B) provides proper training with respect to the handling of classified information.

(c) COOPERATION.—The heads of the intelligence community shall provide to the Comptroller General information the Comptroller General determines necessary to carry out the study under subsection (a).

(d) REPORT.—Not later than 180 days after the date of the enactment of this Act, the Comptroller General shall submit to the Committee on the Judiciary and the Permanent Select Committee on Intelligence of the House of Representatives and the Committee on the Judiciary and the Select Committee on Intelligence of the Senate a report containing the study under subsection (a). (e) FORM.—The report under subsection (d) shall be submitted in unclassified form, but may include a classified annex.

I really like the idea of doing such a report (though am not sure GAO can get it done in just 6 months, especially since I’m sure some agencies will filibuster any cooperation). And what a novelty, to finally consider whether polygraphs actually do what they’re claimed to do (rather than get people to confess to dirt that can later be used against them or leaked to China in an OPM hack).

As mentioned above, a really thorough such study should also look specifically at the Prepublication Review process, which is one of the most notorious forms of arbitrary use of classification.

It should also try to quantify how much classification does (abusively) hide mismanagement or law-breaking, especially in the FOIA process.

A truly thorough study would have to include leaks by members of Congress, up to and including the Gang of Four — but that’s never going to happen and so that means of leakage will remain untouched.

A study should also not only review recent leak prosecutions, with a particularly focus on the selectivity with which they’ve been taken, but compare leak prosecutions with the efficacy of internal measures (like stripping someone of clearance), which ODNI has been using more in recent years, at least before Reality Winner.

And a study should do a macro review of the initiatives put in place since Chelsea Manning’s leaks, to review overall compliance (we know NSA and CIA had not fully complied as of last year), and to measure whether those initiatives have done any good.

Finally, for the classified version, the report should include a full measure of how much internal spying is being targeted at government employees and contractors in various CI programs, and whether those are overseen adequately (they’re absolutely not).

Will this all do any good?

As I said, I’m the one lumping these together into a package, not the bill’s authors. I did so, though, to better weigh whether this will do any good — whether we’ll move the balance on necessary discussions for democracy being weighed against genuine need to protect secrets. I think an actual assessment is worthwhile.

But ultimately, I suspect our leak problem stems, in large part, from the degree to which classification (and clearances and leak prosecutions) have all been designed to give the Executive Branch unfettered ability to run an arbitrary system of secrets that does as much to serve nexuses of power as it does to keep the country safe.  Secrets, in DC, have become the coin of power, not the necessary tool to ensure a vibrant and secure democracy.

And I’m not sure this effort will do much to change that.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Rick Ledgett’s Straw Malware

For some reason, over a month after NotPetya and almost two months after WannaCry, former Deputy DIRNSA Rick Ledgett has decided now’s the time to respond to them by inventing a straw man argument denying the need for vulnerabilities disclosure. In the same (opening) paragraph where he claims the malware attacks have revived calls for the government to release all vulnerabilities, he accuses his opponents of oversimplification.

The WannaCry and Petya malware, both of which are partially based on hacking tools allegedly developed by the National Security Agency, have revived calls for the U.S. government to release all vulnerabilities that it holds.  Proponents argue this will allow for the development of patches, which will in turn ensure networks are secure.  On the face of it, this argument might seem to make sense, but it is actually a gross oversimplification of the problem, would not have the desired effect, and would in fact be dangerous.

Yet it’s Ledgett who is oversimplifying. What most people engaging in the VEP debate — even before two worms based, in part, on tools stolen from NSA — have asked for is for some kind of sense and transparency on the process by which NSA reviews vulnerabilities for disclosure. Ledgett instead poses his opponents as absolutists, asking for everything to be disclosed.

Ledgett then spends part of his column claiming that WannaCry targeted XP.

Users agree to buy the software “as is” and most software companies will attempt to patch vulnerabilities as they are discovered, unless the software has been made obsolete by the company, as was the case with Windows XP that WannaCry exploited.

[snip]

Customers who buy software should expect to have to patch it and update it to new versions periodically.

Except multiple reports said that XP wasn’t the problem, Windows 7 was. Ledgett’s mistake is all the more curious given reports that EternalBlue was blue screening at NSA when — while he was still at the agency — it was primarily focused on XP. That is, Ledgett is one of the people who might have expected WannaCry to crash XP; that he doesn’t even when I do doesn’t say a lot for NSA’s oversight of its exploits.

Ledgett then goes on to claim that WannaCry was a failed ransomware attack, even though that’s not entirely clear.

At least he understands NotPetya better, noting that the NSA component of that worm was largely a shiny object.

In fact, the primary damage caused by Petya resulted from credential theft, not an exploit.

The most disturbing part of Ledgett’s column, however, is that it takes him a good eight (of nine total) paragraphs to get around to addressing what really has been the specific response to WannaCry and NotPetya, a response shared by people on both sides of the VEP debate: NSA needs to secure its shit.

Some have made the analogy that the alleged U.S. government loss of control of their software tools is tantamount to losing control of Tomahawk missile systems, with the systems in the hands of criminal groups threatening to use them.  While the analogy is vivid, it incorrectly places all the fault on the government.  A more accurate rendering would be a missile in which the software industry built the warhead (vulnerabilities in their products), their customers built the rocket motor (failing to upgrade and patch), and the ransomware is the guidance system.

We are almost a full year past the day ShadowBrokers first came on the scene, threatening to leak NSA’s tools. A recent CyberScoop article suggests that, while government investigators now have a profile they believe ShadowBrokers matches, they’re not even entirely sure whether they’re looking for a disgruntled former IC insider, a current employee, or a contractor.

The U.S. government’s counterintelligence investigation into the so-called Shadow Brokers group is currently focused on identifying a disgruntled, former U.S. intelligence community insider, multiple people familiar with the matter told CyberScoop.

[snip]

While investigators believe that a former insider is involved, the expansive probe also spans other possibilities, including the threat of a current intelligence community employee being connected to the mysterious group.

[snip]

It’s not clear if the former insider was once a contractor or in-house employee of the secretive agency. Two people familiar with the matter said the investigation “goes beyond” Harold Martin, the former Booz Allen Hamilton contractor who is currently facing charges for taking troves of classified material outside a secure environment.

At least some of Shadow Brokers’ tools were stolen after Edward Snowden walked out of NSA Hawaii with the crown jewels, at a time when Rick Ledgett, personally, was leading a leak investigation into NSA’s vulnerabilities. And yet, over three years after Snowden stole his documents, the Rick Ledgett-led NSA still had servers sitting unlocked in their racks, still hadn’t addressed its privileged user issues.

Rick Ledgett, the guy inventing straw man arguments about absolutist VEP demands is a guy who’d do the country far more good if he talked about what NSA can do to lock down its shit — and explained why that shit didn’t get locked down when Ledgett was working on those issues specifically.

But he barely mentions that part of the response to WannaCry and NotPetya.

Or Maybe America Post-9/11 Inspires More Disillusionment?

Michael Hayden thinks he has an explanation for all the whistleblowers. It’s those damn millennials.

How do you make sure every one of [the people who have clearance] was and remains a loyal American or a loyal member of British security services and so on. Beyond that, Catty, there’s another dynamic at work here. In order to do this kind of stuff, we have to recruit from a certain demographic, and I don’t mean to judge them at all, but this group of millennials and related groups simply have different understandings of the words loyalty and secrecy and transparency than certainly my generation did. And so we bring these folks into the agency, good Americans all, I can only assume, but again, culturally they have different instincts than the people who made the decision to hire them.

The reason Chelsea Manning and Edward Snowden leaked vast troves of documents, according to Hayden, is because they’re young and not as loyal as people like him.

That may be true, to a point. Both Manning and Snowden seem to have a cosmopolitanism that a lot of Americans — those Americans raised during the Cold War — don’t have. We live in a globe now, just just America, and it’s possible Manning and Snowden felt some loyalty to humankind, rather than just America.

But there’s another problem with Hayden’s claim. There have been a number of whistleblowers who are of his generation. Consider all the intelligence people who’ve joined VIPS in response to idiotic foreign policy, after all.

Or consider an even more interesting example: Bill Binney. Binney was, during the Cold War, one of the most aggressive spies out there. He has said to me, repeatedly, that he’s the guy who invented Collect it all (though he, of course, wanted privacy protections for Americans). But when his approach came to be rolled out against Americans as part of the War on Terror that Hayden pursued with little self-reflection, Binney balked, quit the NSA, and started complaining that his program had been repurposed to target everyone.

Now, Binney didn’t bring a trove of documents with him. But he’s definitely animated by some of the same things that animated Manning and Snowden.

And Binney is two years older than Hayden.

There are a lot of things that motivate whistleblowers, and Daniel Ellsberg (who is 14 years older than Hayden) has said repeatedly that Snowden is just like he was.

But I do think one thing that has happened is that during the Cold War, for good or ill, Americans believed that they were the force of good. That belief is a lot harder to sustain in this day and age, for a range of reasons (not least the warrantless wiretapping and torture that Hayden facilitated). So just maybe the values remain the same, but America has changed?

Devin Nunes Doesn’t Think Donald Trump Should be Subject To the Kind of “Witch Hunt” He Conducted with Edward Snowden

We know what a Devin Nunes-led investigation into possible Russian compromise looks like. Just in December, after all, the House Intelligence Committee released their investigation into Edward Snowden.

Using the Snowden investigation as a guide, we know that HPSCI believes that if there’s an ongoing investigation, it should avoid speaking to anyone who knows evidence first-hand. It can instead rely on the impressions of people who don’t like the target of the investigation, as HPSCI did for claims that Snowden went to a hackers conference in China. It can also avoid reviewing official records, including public school records or even official Army records. Rather than do that, it may rely on imprecise citations of public reporting, interpreted in the light designed to be most damning. Any lies told — such as Snowden’s cover story that he’d be undergoing epilepsy treatment or Mike Flynn’s lies to Mike Pence — are themselves evidence of the worst possible guilt. Numbers are interpreted in the most damning possible light, even if more recent and informed numbers suggest something far less damning; those damning numbers came, in Snowden’s case, from a decision made by former DIA Director and recently fired National Security Advisor Flynn to assume any contact involved potential compromise.

Very importantly, HPSCI’s standard is that if anyone alleges contact between Russians and the target of an investigation, they should believed, even if that person is not in a position to know first hand. According to HPSCI standard, it is permissible to rely on dubious translations of Russian comments.

That’s the standard a Devin Nunes-led investigation holds to — or at last held to, with Snowden — before it deems an American citizen a traitor (irrespective of the very specific requirements of a treason charge).

Now, you can certainly argue that that’s a horrible standard for an intelligence committee investigation into allegations that an American citizen is spying for Russia. I have made that argument myself. But that is the standard HPSCI very recently set for serious allegations of possible intelligence compromises involving Russia.

Which is mighty curious, because Devin Nunes just gave a press conference claiming, categorically, that no Trump campaign personnel had any contact with any Russian official. That, in spite of public reporting relying on an interview with Russian Ambassador Sergey Kislyak that said his contacts with Trump campaign advisor Mike Flynn went back before November 8. That’s pretty good evidence that Trump’s campaign was in contact with a Russian official. (Later in his presser, Nunes acknowledged that Flynn spoke with Russia, though suggested that happened after Trump became President-Elect.)

And if Nunes applied the same standard to Trump’s associates he applied to Edward Snowden, then clearly the allegations in the Trump dossier should be presumed to be true (again, I’m not advocating for this, I’m talking about what would happen if HPSCI applied the same standard). That would mean Carter Page’s contacts with Kremlin Internal Affairs official Diyevkin would count as evidence of a contact. Carter Page’s other contacts were not named. Michael Cohen’s, which were alleged to be even more inflammatory, were done with Russian Presidential Administration figures working under cover, but would seem to meet the Nunes HPSCI standard. Paul Manafort’s contacts were with Ukrainians.

Finally, if HPSCI applied the same standards they did with Snowden, then the claims from Sergei Ryabkov that there were discussions before the election should amount to sufficient evidence to substantiate the claim.

Devin Nunes invoked McCarthyism in insisting his committee shouldn’t just investigate American citizens without evidence. But he apparently extends that standard differently to men on whose transition team he served.

How Hal Martin Stole 75% of NSA’s Hacking Tools: NSA Failed to Implement Required Security Fixes for Three Years after Snowden

The other day, Ellen Nakashima reported that Hal Martin, the Booz Allen contractor who has been in custody for months based on allegations he stole terabytes of NSA’s hacking tools, may be indicted this week. The story raises some interesting questions — such as how, absent some proof that Martin leaked this information to a third party, prosecutors intend to distinguish Martin’s hoarding from David Petraeus’ sharing of code word information with his girlfriend Paula Broadwell. One detail Nakashima included — that Martin had stolen “operational plans against ‘a known enemy’ of the United States” — may suggest prosecutors plan to insinuate Martin stole the information to alert that known enemy (especially if the known enemy is Russia).

All that said, the detail in Nakashima’s story that has attracted the most notice is the claim that Martin stole 75% of NSA’s hacking tools.

Some U.S. officials said that Martin allegedly made off with more than 75 percent of TAO’s library of hacking tools — an allegation which, if true, would be a stunning breach of security.

Frankly, this factoid feels a lot like the claim that Edward Snowden stole 1.5 million documents from NSA, a claim invented at least in part because Congress wanted an inflammatory detail they could leak and expand budgets with. That’s especially true given that the 75% number comes from “US officials,” which sometimes include members of Congress or their staffers.

Still, the stat is pretty impressive: even in the wake of the Snowden leak, a contractor was able to walk out the door, over time, with most of NSA’s most dangerous hacking tools.

Except it should in no way be a surprise. Consider what the House Intelligence Report on Snowden revealed, which I mentioned here. Buried way back at the end of the report, it describes how in the wake of Snowden’s leaks, NSA compiled a list of security improvements that would have stopped Snowden, which it dubbed, “Secure the Net.” This initiative included the following, among other things:

  • Imposing two person control for transferring data by removable media (making it harder for one individual to put terabytes of data on a thumb drive and walk out the door with it)
  • Reducing the number of privileged and authorized data transfer agents (making it easier to track those who could move terabytes of data around)
  • Moving towards continuous evaluation model for background investigations (which might reveal that someone had debt problems, as Martin did)

By July 2014, the report reveals, even some of the most simple changes included in the initiative had not been implemented. On August 22, 2016 — nine days after an entity calling itself Shadow Brokers first offered to auction off what have since been verified as NSA tools — NSA reported that four of the initiatives associated with the Secure the Net remained unfulfilled.

All the while, according to the prosecutors’ allegations, Martin continued to walk out of NSA with TAO’s hacking tools.

Parallel to NSA’s own Secure the Net initiative, in the intelligence authorization for 2016 the House directed the DOD Inspector General to assess NSA’s information security. I find it interesting that HPSCI had to order this review and that they asked DOD’s IG, not NSA’s IG, to do it.

DOD IG issued its report on August 29, 2016, two days after a search of Martin’s home had revealed he had taken terabytes of data and the very day he was arrested. The report revealed that NSA needed to do more than its proposed fixes under the Secure the Net initiative. Among the things it discovered, for example, is that NSA did not consistently secure server racks and other sensitive equipment in data centers, and did not extend two-stage authentication controls to all high risk users.

So more than three years after Snowden walked out of the NSA with thousands of documents on a thumb drive, DOD Inspector General discovered that NSA wasn’t even securing all its server racks.

“Recent security breaches at NSA underscore the necessity for the agency to improve its security posture,” The HPSCI report stated dryly, referring obliquely to Martin and (presumably) another case Nakashima has reported on.

Then the report went on to reveal that CIA didn’t even require a physical token for general or privileged users of its enterprise or mission systems.

So yes, it is shocking that a contractor managed to walk out the door with 75% of NSA’s hacking tools, whatever that means. But it is also shocking that even the Edward Snowden breach didn’t lead NSA to implement some really basic security procedures.

One-Fifth of Documents Edward Snowden Stole Were Blank

Charlie Savage has a great review in the New Yorker, pitting Oliver Stone’s Snowden movie against Edward Jay Epstein’s book (and astutely noting that these two have battled before over JFK history, which presumably explains the use of “Soviet” in the title).

In it, he addresses something fact-based commentators have had to deal with over and over: the claim Snowden stole 1.5 million documents.

Another complication for judging Snowden’s actions is that we do not know how many and which documents he took. Investigators determined only that he “touched” about 1.5 million files—essentially those that were indexed by a search program he used to trawl NSA servers. Many of those files are said to pertain to military and intelligence tools and activities that did not bear on the protection of individual privacy. Snowden’s skeptics assume that he stole every such file. His supporters assume that he did not. In any case they believe his statements that after giving certain NSA archives to the journalists in Hong Kong, he destroyed his hard drives and brought no files to Russia.

But it’s time, once and for all, to reject this frame entirely.

That’s true for several reasons. First, as the House Intelligence Report on Snowden discloses, the Intelligence Community actually has two different counts of what documents Snowden “took.” The 1.5 million number comes from Defense Intelligence Agency.

The IC more generally, though, has a different (undisclosed) number, based off three tiers of damage assessment: those documents that had been released to the public by August 31, 2015, those documents that, “based on forensic analysis, Snowden would have collected in the course of collecting [the documents already released], but have not yet been disclosed to the public.” (PDF 29) The IC believes these documents are in the hands of Glenn Greenwald and Laura Poitras and Bart Gellman. The last tier consists of documents that Snowden accessed in some way. The rest of the description of this category is redacted, but the logic involved in the section suggests the IC has good reason to question whether the third tier ever got delivered to journalists.

By May 2016 (much to HPSCI’s apparent chagrin), the IC had stopped doing damage assessment on documents not released the public, which strongly suggests they believed Russia and other adversaries hadn’t and probably wouldn’t obtain them, which in turn suggests the IC either believes the journalists’ operational security is adequate against Russia and China and/or the documents have already been destroyed and certainly didn’t go with Snowden to Russia and get delivered to Vladimir Putin.

Particularly given the later date for the IC assessment, I’d suggest the IC likely has listened for years for signs the wider universe of documents has been released, and have found no sign the documents have. Otherwise they’d be doing a damage assessment on them.

But the 1.5 million number is problematic for two more reasons. First, as Jason Leopold reported in 2015, the 1.5 million number comes from a period when HPSCI was actively soliciting dirt on Snowden that they could (and did) leak to the press. It was designed to be as damning as possible And, as I added at the time, the number also came at a time when Congress was scrambling to give DOD more money to deal with mitigation of Snowden’s leak. In other words, for several reasons Congress was asking the IC to give it the biggest possible number.

But there’s another problem with the 1.5 million number, revealed in the HPSCI report released last month. The 1.5 million isn’t actually all the documents Snowden is known to have touched, or even downloaded. Rather, it is all the documents he touched and downloaded, less some 374,000 “blank documents Snowden downloaded from the Department of the Army Intelligence Information Service (DAIIS) Message Processing System.”

So the real number of documents that Snowden “touched” is almost 1.9 million. But in coming up with its most inflammatory number, DIA eliminated the almost 20% of the documents that it had determined were blank.

But consider what that tacitly admits. It admits that one-fifth of the documents that Snowden not just touched, but actually downloaded, were absolutely useless for the purposes of leaking, because they were blank. But if Snowden downloaded 374,000 blank documents, it is proof he downloaded a bunch things he didn’t intend to leak.

Of course, fear-mongering about Snowden wandering the world with 374,000 blank documents risks making someone look crazy. So maybe that’s the reason the Snowden skeptics have chosen to edit their number down, even while doing so is tacit admission they know he “touched” a lot of things he had no intention of leaking.

If Edward Jay Epstein wants to write the definitive screed against Snowden, he should adopt, instead, that 1.9 million number. But in so doing, he should also admit he’s raising concerns about Snowden leaking blank documents.