Posts

The Quid Pro Quo: a Putin Meeting and Election Assistance, in Exchange for Sanctions Relief (Part Two in a Series)

As I explained in Part One of this series, I think the Mueller questions leaked by the Trump people actually give a far better understanding of a damning structure to the Mueller investigation — one mapping out cultivation, a quid pro quo, and a cover-up — than the coverage has laid out. This post will lay out how, over the course of the election, the Russians and Trump appear to have danced towards a quid pro quo, involving a Putin meeting and election assistance in exchange for sanctions relief if Trump won (as noted, the Russians dangled real estate deals to entice Trump based on the assumption he wouldn’t win).

April 27, 2016: During the campaign, what did you know about Russian hacking, use of social media, or other acts aimed at the campaign?

Given the structure of George Papadopoulos’ plea, it’s highly likely Mueller knows that Papadopoulos passed on news that the Russians had thousands of Hillary emails they planned to release to help Trump to people in the campaign. Papadopoulos could have passed on that news to Stephen Miller and Corey Lewandowski as early as April 27. On the same day, Papadopoulos helped draft Trump’s first foreign policy speech, which Papadopoulos reportedly told Ivan Timofeev signaled a willingness to meet.

Between the time the GRU first exfiltrated DNC emails in April and the election, Trump invoked “emails” 21 times on Twitter (usually to refer to emails from Hillary’s server). The first of those times came on June 9, less than an hour after the Trump Tower meeting. The most famous of those came on July 27, when Trump addressed Russia directly.

Earlier in the day, Trump had called on Russia to release the emails not to the FBI, but to the press.

Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing. I think you will probably be rewarded mightily by our press.

The timing may reflect awareness among some in the campaign that the call to Russia was a step too far legally. (h/t TC for the addition)

That Trump’s email comments pertain mostly to Hillary’s home-based server doesn’t actually exonerate him. Right after the DNC release (and therefore the July 27 Trump tweet), GOP rat-fucker Peter Smith started reaching out to Russian hackers in hopes of finding hacked versions of those emails. His support documents named Steve Bannon, Kellyanne Conway, Sam Clovis, and Mike Flynn. If those people actually learned of the effort (there’s reason to believe Smith was just overselling the ties to the campaign), it’s possible that Trump learned about it as well.

As to social media, while it has gotten virtually no attention, the reference to three Florida-based Trump campaign officials in the Internet Research Agency indictment suggests further investigative interest in them.

[T]here are three (presumed) Americans who, both the indictment and subsequent reporting make clear, are treated differently in the indictment than all the other Americans cited as innocent people duped by Russians: Campaign Official 1, Campaign Official 2, and Campaign Official 3. We know, from CNN’s coverage of Harry Miller’s role in building a cage to be used in a fake “jailed Hillary” stunt, that at least some other people described in the indictment were interviewed — in his case, for six hours! — by the FBI. But no one else is named using the convention to indicate those not indicted but perhaps more involved in the operation. Furthermore, the indictment doesn’t actually describe what action (if any) these three Trump campaign officials took after being contacted by trolls emailing under false names.

So Mueller may be pursuing whether there was state-level coordination going on, and if so, how far up the campaign chain of command knowledge of that coordination extended.

May 31, 2016: What discussions did you have during the campaign regarding any meeting with Mr. Putin? Did you discuss it with others?

On June 16, 2015, the day Trump announced his campaign, the Agalarovs offered to serve as an intermediary between him and Putin.

Then, starting at least as early as March 31, 2016 (with Trump’s first foreign policy meeting), his aides started floating pitches for meetings with increasingly senior campaign officials that would hypothetically lead up to one between Trump and Putin.

Those include at least:

  • The George Papadopoulos thread, spanning from March 21 through August 15
  • The Carter Page thread, including his Moscow trip in July, and possibly continuing through his December Moscow trip
  • The NRA thread, focusing on the NRA meeting in Kentucky in May; NRA’s longer outreach includes Trump associates John Bolton and David Clarke

We know Trump was present and did not object when Papadopoulos pitched this in the May 31 meeting. Several of the other entrees went through Don Jr. Many of the offers got briefed at least as far as Jared Kushner and Paul Manafort. We don’t know how many of the other offers he learned about. We just know that years earlier he had joked about becoming Putin’s best friend, and over the course of the campaign, Russian intermediaries made repeated, persistent efforts to work towards a meeting between Trump and Putin, with a meeting between Agalarov representatives (who, again, had offered to serve as intermediaries with Putin when Trump kicked off the campaign) and the most senior people on the campaign happening just as Trump sealed up the nomination.

May 31, 2016: What discussions did you have during the campaign regarding Russian sanctions?

This is an open-ended question that might pose particular problems for Trump given the misleading statement claiming the June 9 meeting was about adoptions and not the Magnitsky sanctions. More interesting still are hints that Mueller sees a signaling going back and forth involving Papadopoulos; some of this may have involved signaling a willingness to provide sanctions relief.

Both Aras Agalarov and Natalia Veselnitskaya followed up after the election pushing for sanctions relief.

June 9, 2016: When did you become aware of the Trump Tower meeting?

Sam Nunberg has suggested Trump probably learned of the Trump Tower meeting before it happened. While he is unreliable on that point, the original June 3, 2016 email Rob Goldstone sent to Don Jr suggests reaching out to Trump’s assistant Rhona Graff.

I can also send this info to your father via Rhona, but it is ultra sensitive so wanted to send to you first.

Democrats suspect that between two calls Don Jr had with Emin Agalarov about the meeting on June 6, 2016, he called his dad.

Trump Jr.’s phone records show two calls to and from the same Russian number on June 6, 2016.62 The first call occurred at 4:04 pm on June 6, 2916 – just 21 minutes after Goldstone emailed Trump Jr. to say that Emin Agalarov was “on stage in Moscow but should be off within 20 minutes so I am sure can call. [emphasis added]” 63 At 4:38 pm, Trump Jr emailed Goldstone, “Rob, thanks for the help.”64

This documentary evidence indicates that a call likely took place between Trump Jr. and Emin Agalarov. During his interview, Trump Jr. confirmed that the Russian phone number belonged to Agalarov, though he claimed to not recall whether he actually spoke with him. Rather, despite one of the two calls reflecting a two-minute connection, Trump Jr. suggested that Agalarov may have left voice messages.65

The phone records also show a “blocked” number at 4:27 pm, between the two calls to and from Emin Agalarov. Trump Jr. claimed he did not know who was associated with the blocked number.66 While the Committee has not pursued leads to determine who called Trump Jr. at this crucial time from a blocked number, Corey Lewandowski told the Committee that Mr. Trump’s “primary residence has a blocked [phone] line.” 67

Mueller, of course, almost certainly has the phone records the Democrats weren’t able to obtain.

Finally, Steve Bannon has stated that he’s certain Don Jr “walk[ed] these jumos up to his father’s office on the twenty-sixth floor” on the day of the meeting. There’s reason to believe Ike Kaveladze and Goldstone could have done so, including the new piece of evidence that “Kaveladze left [a meeting with Rinat Akhmetshin and Natalia Veselnitskaya] after a few minutes to take a call from Agalarov to discuss the meeting.”

The day after the meeting — and four days before Trump’s birthday — Agalarov sent Trump an expensive painting as a present.

The June 9 meeting is, as far as is public, the most important cornerstone in a presumed quid pro quo. Russians offered unnamed dirt that Don Jr seemed to know what it entailed even before speaking to Emin Agalarov personally. Having offered dirt, four Russians — including two representatives of Trump’s long-time handler Aras Agalarov — laid out a pitch to end the Magnitsky sanctions. And less than a week later, a presumed Russian agent released the first dirt stolen from Hillary Clinton.

July 7, 2016: What knowledge did you have of any outreach by your campaign, including by Paul Manafort, to Russia about potential assistance to the campaign?

We don’t have many details on what Mueller knows about Manafort’s requests for help on the campaign. We do know he remained in close touch with Russians via someone the FBI believed was a Russian intelligence agent, Konstantin Kilimnik, through whom he remained in communications with Russian oligarch Oleg Deripaska. Deripaska is named in some court documents in a way that suggests his relationship with Manafort may be the still hidden third prong of investigation into Manafort approved by August 2, 2017.

Starting in April, Manafort and Kilimnik (whom Rick Gates and therefore presumably Manafort knew was a former GRU officer), exchanged a series of cryptic emails, suggesting that Manafort might be able to pay off the $20 million he owed Deripaska with certain actions on the campaign. In an email sent on July 7, Manafort offered to provide briefings on the campaign to Deripaska. On or around August 2, Manafort and Kilimnik met in person at the Grand Havana Club, in Kushner’s building at 666 5th Avenue. Both deny that anything about the campaign came up. Shortly after this meeting, one of Deripaska’s jets came to Newark, and Russian opposition figure Viktor Navalny has claimed to have proof the jet went from there to a meeting between Deripaska and Russian deputy prime minister Sergei Prikhodko.

An August 2017 report describes intercepts picking up “Russian operatives discussing their efforts to work with Manafort, … relay[ing] what they claimed were conversations with Manafort, encouraging help from the Russians.”

There’s one more area of potential assistance I find of interest. Since January, we’ve been getting hints that Oleg Deripaska has some tie to the Steele dossier, possibly through a lawyer he and Steele share. I’ve raised repeated concerns that the Russians learned about the dossier and found ways to feed Steele disinformation. If they did, the disinformation would have led Democrats to be complacent about the hacks that targeted them. And whether or not the dossier is disinformation (and whether or not Deripaska had a role in that, if true), Paul Manafort coached Reince Priebus on how to attack the dossier as a way to discredit the investigation into the campaign’s ties with Russia.

With regards to this Manafort question: remember that Rick Gates flipped on February 23, and the questions date to early March. So Gates may have proffered confirmation about these details. In any case, Mueller likely has learned far more about them two months after Gates flipped.

July 10-12, 2016: What involvement did you have concerning platform changes regarding arming Ukraine?

The Majority HPSCI Russia Report explains that the RNC platform was changed by staffers at the convention based off Trump’s public statements on sanctions.

[Rick] Dearborn generated a memorandum, dated August 1, 2016, outlining a detailed sequence of events that occurred between July 10 and 12, 2016. As part of that memo, J.D. Gordon created a timeline that noted candidate Trump’s policy statements–including at a March 31, 2016, national security meeting–served as the basis for the modification of [Diana] Denman’s amendments. Gordon’s timeline made it clear that the change was initiated by campaign staffers at the convention–not by Manafort or senior officials.

J.D. Gordon has not confirmed that he was asked about this, but he surely was. I would expect Mueller to have tested the timeline Gordon laid out in summer 2016 (when the platform change was a big political issue) against the testimony and communications records of everyone else involved.

Of course, by asking the question in this fashion, Mueller doesn’t reveal what he has already confirmed about the platform changes.

August 5, 2016: What did you know about communication between Roger Stone, his associates, Julian Assange or WikiLeaks?

After multiple public statements that the Russians were behind the hack-and-leak, on August 5, 2016 (after traveling from NY to LA to his home in FL), Roger Stone wrote a column claiming to believe that Guccifer 2.0 was a hacktivist with no ties to Russia. Stone’s purportedly changed beliefs about Guccifer 2.0 coincide with an August 4 claim he made in an email to Sam Nunberg that he had met with Julian Assange the night before. Stone’s claimed belief that Guccifer 2.0 is not Russian is key to his denials of any involvement or pre-knowledge of hack-and-leak events. It also kicked off an alternative story that others, up to and including Trump, have adopted to excuse their own embrace of the stolen emails. In other words, a key prong in the plausible deniability the Russians built into the hack-and-leak campaign came from long-time Trump associate Roger Stone, after a dramatic and unexplained change in beliefs (Lee Stranahan, who used to work for Breitbart and now works for Sputnik, has claimed some credit for the change, and given how lucid the August 5 column is, someone had to have helped Stone write it).

Ten days later, after Stone had called on Twitter to let him out of Twitter jail, Guccifer 2.0 and Stone started exchanging (fairly innocuous) DMs.

There are events both before and after that which suggest Stone — probably through more interesting go-betweens than Randy Credico — sought information on what dirt Assange and Wikileaks had, and what and when planned to do with it.

Much has been made, especially in the DNC lawsuit, about Stone’s seeming prediction that “it would soon be Podesta’s time in the barrel.” Perhaps that’s true (and Stone’s explanation for the tweet is garbage), but any explanation of Stone’s supposed prediction needs to acknowledge that he more often predicted Wikileaks would release Clinton Foundation emails, not Podesta ones, that he got the timing somewhat wrong, and that he didn’t dwell on the Podesta emails at all once Wikileaks started releasing them (preferring, instead, to talk about Bill Clinton’s lady problems). Still, that may reflect Stone involvement in the Peter Smith operation, and efforts to get WikiLeaks to release purported Clinton Foundation emails passed on via hackers.

That Mueller is even asking this suggests (if the several grand jury witnesses in recent months dedicated to it don’t already) that Mueller has a pretty good idea that Stone’s communications were more extensive than his denials let on. That he thinks Stone may have shared that information with Trump is all the more interesting.

All of which is to say that the known answers to Mueller’s questions map out a quid pro quo set up during the election, in which Russians offered a Putin meeting and dirt on Hillary, with the expectation that Trump would lift the Magnitsky sanctions if he won (and would get a Trump Tower in Moscow if he lost). I suspect there are other pieces to the quid pro quo, dealing with Ukraine and Syria. But certainly the June 9 meeting set up an understanding: dirt in exchange for Magnitsky relief. The release of the Guccifer 2.0 emails may indicate the Trump camp provided some signal they had formally accepted the offer.

Update: Fixed syntax in last paragraph, h/t LT.

RESOURCES

These are some of the most useful resources in mapping these events.

Mueller questions as imagined by Jay Sekulow

CNN’s timeline of investigative events

Majority HPSCI Report

Minority HPSCI Report

Trump Twitter Archive

Jim Comey March 20, 2017 HPSCI testimony

Comey May 3, 2017 SJC testimony

Jim Comey June 8, 2017 SSCI testimony

Jim Comey written statement, June 8, 2017

Jim Comey memos

Sally Yates and James Clapper Senate Judiciary Committee testimony, May 8, 2017

NPR Timeline on Trump’s ties to Aras Agalarov

George Papadopoulos complaint

George Papadopoulos statement of the offense

Mike Flynn statement of the offense

Internet Research Agency indictment

Text of the Don Jr Trump Tower Meeting emails

Jared Kushner’s statement to Congress

Erik Prince HPSCI transcript

THE SERIES

Part One: The Mueller Questions Map Out Cultivation, a Quid Pro Quo, and a Cover-Up

Part Two: The Quid Pro Quo: a Putin Meeting and Election Assistance, in Exchange for Sanctions Relief

Part Three: The Quo: Policy and Real Estate Payoffs to Russia

Part Four: The Quest: Trump Learns of the Investigation

Part Five: Attempting a Cover-Up by Firing Comey

Part Six: Trump Exacerbates His Woes

Was Trump’s Birthday Present a Painting? Or Stolen Emails?

Donald Trump was born on June 14, 1946.

According to the Minority HPSCI Russian Report, the day after Trump’s spawn, spawn’s husband, and campaign manager met with a bunch of Russian envoys (including Aras Agalarov’s representative Ike Kaveladze), Agalarov sent the presidential candidate an expensive painting.

[O]n June 10, 2016, Aras Agalarov delivered to candidate Trump an expensive painting for the candidate’s birthday.

An email from Rob Goldstone identified it as a birthday gift.

Email from Rob Goldstone to Rhona Graff, Subject: Birthday gift for Mr. Trump, June 10, 2016

On June 14, 2016 — Donald Trump’s birthday — the Washington Post revealed that Hillary had been hacked by Russia.

According to Nakashima, she was first contacted about this story, “About a week before the story published online.”

On June 15, in what has always been presumed to be a rushed response to the WaPo story, Russian cut-out Guccifer 2.0 published a bunch of stolen documents, including Hillary’s (dated) oppo research on Trump.

On June 17, a Trump staffer sent an Agalarov staffer a Trump thank you note, one that did not (at least in the bit quoted in the Minority HPSCI report) describe what the gift in question was.

“There are few things better than receiving a sensational gift from someone you admire – and that’s what I’ve received from you. You made my birthday a truly special event by your thoughtfulness – not to mention your remarkable talent. I’m rarely at a loss for words, but right now I can only say how much I appreciate your friendship and to thank you for this fantastic gift. This is one birthday that I will always remember.”

Was the gift a painting? Or stolen emails?

Counterintelligence versus Criminal: George Papadopoulos

While I was playing in an undisclosed location in Europe, Chuck Ross wrote two stories based off access to people in the immediate vicinity of George Papadopoulos.

The first purports to answer whether Papadopoulos [thinks he] colluded with Russia. The second reports that someone with close ties to CIA and MI6 reached out to Papadopoulos after the US government learned of Papadopoulos’ comments to Alexander Downer about Hillary emails.

There’s a funny movement between the two. In the first, Ross feigns concern about how long it took the FBI to reach out to Papadopoulos after learning of his email conversation.

Papadopoulos was not interviewed by FBI agents until Jan. 27, 2017, nearly six months after the start of the investigation. That six month delay is puzzling to both congressional investigators and to Papadopoulos. He has wondered to associates why, if he was actually suspected of conspiring with the Russian government, the bureau would have waited so long to contact him.

He doesn’t mention, of course, that the FBI reached out to Papadopoulos just one week after the presidential transition period — which Papadopoulos played a role in — ended. That is, there was virtually no delay between the time Papadopoulos separated from Trump’s retinue and the FBI investigated. That doesn’t feed the poutrage about FBI’s investigation of politics, however, and so goes unmentioned.

Meanwhile, the second piece expresses shock that someone tied into Anglo-American intelligence reached out to Papadopoulos, Page, and one other Trump aide during the election.

Two months before the 2016 election, George Papadopoulos received a strange request for a meeting in London, one of several the young Trump adviser would be offered — and he would accept — during the presidential campaign.

The meeting request, which has not been reported until now, came from Stefan Halper, a foreign policy expert and Cambridge professor with connections to the CIA and its British counterpart, MI6.

Halper’s September 2016 outreach to Papadopoulos wasn’t his only contact with Trump campaign members. The 73-year-old professor, a veteran of three Republican administrations, met with two other campaign advisers, The Daily Caller News Foundation learned.

Papadopoulos questioned Halper’s motivation for contacting him, according to a source familiar with Papadopoulos’ thinking. That’s not just because of the randomness of the initial inquiry but because of questions Halper is said to have asked during their face-to-face meetings in London.

According to a source with knowledge of the meeting, Halper asked Papadopoulos: “George, you know about hacking the emails from Russia, right?”

While Ross focuses on the FBI investigation, which started as a counterintelligence investigation, he doesn’t mention the separate Task Force run out of CIA (or, for that matter, the Steele dossier, though given how shitty the dossier is on the hack-and-leak, I question whether that’s what this was).

In any case, there were several investigations, even within the US, and while law enforcement has certain squeamishness about engaging in politics, our foreign allies do not.

All that said, Ross provides details about Papadopoulos’ reported timeline and beliefs which are useful to understanding the events of 2016. Chief among those, he dates the meeting between Papadopoulos and Downer to May 10.

On around May 10, 2016, two weeks after the Mifsud meeting, Papadopoulos met with Downer at Kensington Gardens in London.

Ross also relays Papadopoulos’ reported belief that the emails floated by Joseph Mifsud were the deleted Clinton Foundation emails.

Papadopoulos has also said he believes that the emails in question were the 30,000-plus emails that Clinton deleted in Dec. 2014 before turning her State Department emails over to the agency. Clinton’s deleted records were a hot topic of debate during the 2016 presidential campaign, well before WikiLeaks began releasing emails that were stolen from the DNC and Clinton campaign.

This is entirely unsurprising (and useful for Papadopoulos to have out there). It means Papadopoulos doesn’t claim to have had more advance details about the stolen Hillary emails, and instead just assumed Mifsud (and his sources) were responding to the burning issue of the day, the Hillary investigation.

The confirmation that the Republicans had early likely been fed an expectation they might have gotten those emails provides important insight on the later Peter Smith effort to get those emails, the reported outreach by people associated with the campaign to Guccifer 2.0 to get those emails, and Guccifer 2.0’s false claims to be leaking them. Papadopoulos likely confirmed to Mifsud that that’s what the Republicans thought of as valuable oppo research, and multiple later efforts focused on making Trump aides believe they would get them.

To understand just how much Ross’ sources were feeding an exonerating narrative, however, consider that he or they refused to say whether Papadopoulos passed on news of the emails to other campaign people.

Miller did not respond to the email, but it is unclear whether Papadopoulos told Miller, who currently works in the White House, or anyone else on the campaign about Mifsud’s comments about emails. TheDCNF’s sources did not say whether Papadopoulos told the campaign of Mifsud’s remarks.

Instead of the answer to the critical issue (to which we have good reason to suspect the answer, even if it hasn’t been confirmed), Ross instead passes on a non-denial denial of something Papadopoulos has never been accused of.

[S]ources familiar with Papadopoulos’ thinking say he has told associates he did not see, handle or disseminate Clinton emails.

Further, Ross claims there’s no evidence that meetings between Russia and the Trump campaign took place, in spite of the fact that Don Jr, Jared, and Trump’s campaign manager took a meeting 6 weeks after the emails-as-dirt got floated based on a promise they’d get dirt on Hillary.

There is no evidence that those meetings took place.

To back this no collusion claim, you’d have to prove both that none of the participants in the Trump Tower meeting had heard about Papadopoulos promise of emails (in spite of Don Jr’s reference to “if it’s what I think it is”), and you’d have to prove that the Russians didn’t consider a meeting with the campaign manager a high level meeting.

George Papadopoulos does not, by himself, prove “collusion.” But neither does this transparent attempt to deny collusion by issuing a non-denial denial disprove it. Moreover, it was never going to be the case that one person — not even Paul Manafort, not even Michael Cohen, possibly not even Trump himself — would offer the Rosetta stone on what happened in 2016.

The Access Hollywood Search Doesn’t Mean Trump Coordinated with Assange

As I noted, yesterday several outlets reported that among the things included in the FBI warrant for Michael Cohen’s premises was communications between Trump, Cohen, and others (whom I suspect to include Steve Bannon and Marc Kasowitz) “regarding the infamous ‘Access Hollywood'” video.

FBI agents who raided the home, office and hotel of Donald Trump’s personal lawyer sought communications that Trump had with attorney Michael Cohen and others regarding the infamous “Access Hollywood” tape that captured Trump making lewd remarks about women a month before the election, according to sources familiar with the matter.

[snip]

The search warrant also sought communications between then-candidate Trump and his associates regarding efforts to prevent disclosure of the tape, according to one of the sources. In addition, investigators wanted records and communications concerning other potential negative information about the candidate that the campaign would have wanted to contain ahead of the election. The source said the warrant was not specific about what this additional information would be.

From that, people on both the right and the left have assumed, without presenting hard evidence, that this means there must be a tie to Russia. Most often, people assume this must mean Trump somehow managed the events of October 7, when the Intelligence Committee report blaming Russia for the DNC hack, the Access Hollywood video, and the first Podesta emails all came out in quick succession.

That’s certainly possible, but thus far there’s no reason to believe that’s the case.

Mueller and Rosenstein referred this

That’s true, first of all, because after consulting with Rod Rosenstein, Robert Mueller referred this to the Southern District of New York for execution and prosecution, rather than dealing with it himself. He did that surely knowing what a sieve for leaks SDNY is, and therefore knowing that doing so would undercut his remarkably silent teamwork thus far.

In spite of a lot of reporting on this raid this week, we don’t yet have a clear understanding of why the two chose to refer it (or, tangentially, why interim SDNY US Attorney Geoffrey Berman recused himself from this matter).

There are two options. The first is that Rosenstein believed hush payments and taxi medallion money laundering sufficiently attenuated to the Russian investigation that it should properly be referred. In which case, the fact that it was referred is itself reason to believe that Mueller — even while he had abundant evidence supporting the search warrant — has no reason to believe those releases were orchestrated with Wikileaks, and therefore have no direct interest to his investigation (though they may cough up one to three witnesses who will be more willing to cooperate when faced with their own fraud indictments). In which case, the Access Hollywood video would be just another example, like the Stormy Daniels and the Karen McDougal payoffs, of Trump’s efforts to bury embarrassing news, using whatever means necessary.

The other option is that Mueller does have evidence that Trump in some way managed the October 7 events, which would be one of the most inflammatory pieces of evidence we would have heard of so far, but that there was some other reason to refer the matter.

Michael Cohen wasn’t serving as an attorney for much of the reported documents

The really good reason to refer the warrant would be so that SDNY would serve as a natural clean team, sorting through seized items for privileged communications, only to hand them back to Mueller’s team in DC once they’ve sorted through them. It’s an idea Preet Bharara and Matt Miller, among others, have floated.

Before we conclude that SDNY is only serving as a clean team for Mueller’s team here, consider that coverage has vastly overstated the degree to which the items being searched will fall under attorney-client privilege.

The search also sought information on Cohen’s taxi medallions, a business in which he has had really corrupt partners, some Russian, with their own legal problems, and one that has reportedly left Cohen with some debt problems that make his purported personal payment to Stormy Daniels all the more sketchy.

In addition, as soon as Trump claimed to know nothing of the hush payment to Daniels last Friday, the government could credibly claim that either Cohen was not representing Trump when paying off Daniels, or involved in fraud.

The NYT has reported that the raid also sought all communications between Cohen and National Enquirer’s top brass, communications that would in no way be privileged.

Even the reported communications about the Access Hollywood video may not be privileged. If they involved four people, then the only way they’d be covered by privilege is if they counted as campaign emails and Marc Kasowitz, not Cohen, was the attorney providing privileged advice in question. In that case, Cohen would have been playing the press contact role he often did during the campaign.

Still, just because Cohen was not playing the role of an attorney during most of the activities the FBI is interested in doesn’t mean the FBI won’t be really careful to make sure they don’t violate privilege, and I’m sure they’ll still use a taint team.

Mueller has already dealt with (at least) two sensitive attorney-client relationships in his investigation

Even on top of the eight members of the White House Counsel’s office who have spoken with the Special Counsel, Mueller’s team has dealt with (at least) two other sensitive attorney-client relationships.

The first was Melissa Laurenza, a lawyer for Paul Manafort whom he had write false declarations for FARA registry. Judge Amy Berman Jackson permitted Mueller’s team to ask her seven of eight proposed question after proving Manafort had used her services to engage in fraud.

More recently, we’ve gotten hints — but only hints — of what must be extensive cooperation from Skadden Arps and its partner Greg Craig, describing how Manafort and Gates laundered money to pay the firm loads of money to write a report they hoped would exonerate Ukraine’s persecution of Yulia Tymoshenko. While the cooperation of Skadden itself was probably effusive in its voluntary nature (the firm seems determined to avoid the taint that Tony Podesta’s firm has acquired in this process), Mueller did subpoena Alex Van der Zwaan and it’s unclear what methods the FBI used to obtain some of the materials he tried to hide from prosecutors.

Neither of those exchanges involves a search warrant. But they do show that Mueller is willing to take on the tricky issue of attorney testimony first-hand. Using SDNY as a clean team still may be the easiest option in the Cohen case, but Mueller clearly isn’t shying away from managing all such issues in-house in other cases.

The other possible explanations for the Access Hollywood search and the October 7 timing

Which brings us finally to the other possibilities behind the Access Hollywood search.

It’s certainly possible that the coincidental release of all these things was coordination, entirely orchestrated by the Trump campaign. But there are a number of reasons — on top of the fact that Mueller isn’t keeping this search far tighter under his own control — I think that’s not the most likely explanation.

Consider this story, arguing that the real story of Access Hollywood isn’t that it leaked on October 7 — the piece notes that David Farenthold had only received it that day — but that it didn’t leak earlier in the process, when it might have led Trump to lose the primary.

t is just impossible to believe that the tape not coming out at the start of Trump’s campaign, when logic dictates that it would have blown Trump instantly out of the water (before he was in a position where Republicans had no choice other than to keep backing him against the evil Hillary Clinton), was anything but a highly unethical political decision by someone at NBC. The fact that no one has ever even gotten an answer from NBC about how this could have happened is equally unfathomable and yet, given the news media’s overall incompetence, kind of expected.

[snip]

It has always struck me as EXTREMELY odd that it was the Washington Post, not NBC, who first released the tape on Friday Oct. 7, 2016, barely beating NBC which, it should be noted, was clearly ready to go with it immediately after the Post did. I presumed that perhaps NBC wanted this to be the case because it might take some of the focus off why they had not released it during the primaries (and thus chose not to prematurely kill off the media’s Golden Goose which was Trump’s ratings-friendly campaign).

However, there is another aspect of the Post being the outlet which got the big scoop that has always struck me as potentially very significant. The Post’s reporter, David Fahrenthold, has said that he was only made aware of the tape, via an unnamed source, THAT day — which is a clear indication that whomever was trying to get the Post to release it had decided to do so in tremendous haste. After all, if the source had planned it sooner they would have made contact with Fahrenthold well before then because he might have been out of pocket that day.

[snip]

For instance, what if it was actually someone from the TRUMP team who leaked the tape. At first glance, this seems ludicrous because no one thought that Trump would be anything but greatly harmed by the tape (though he clearly was not). But what if someone in Trump World got wind that the tape was about to be released and decided that stepping all over the Russia news (which would normally have dominated the narrative for the remainder of the campaign) would at least create the least bad outcome for them?

I don’t agree that the release was released when it was to distract from the Russia announcement that day. As I’ve long noted, in reality, the Access Hollywood distracted from the Podesta emails, effectively burying the most damning release in the bunch, the excerpts of Hillary’s speeches that even Democrats had been demanding she release since the primary. And while the Trump team might claim they didn’t control the release of the Podesta emails directly — and Roger Stone’s predictions that Wikileaks would release Clinton Foundation rather than Podesta emails were dead wrong — the Trump team at least knew something was coming (indeed, Wikileaks had made that clear themselves). So there’s little reason they would stomp on what they had long welcomed with the Access Hollywood tape. As this post alludes, I also think the Trump team and Russians or Wikileaks may have been squabbling over whether Wikileaks would release possibly faked Clinton Foundation emails that week, only to scramble when Wikileaks refused to release whatever the Peter Smith effort had gotten dealt to them.

Like the Mediate piece, I’m interested in the way that Steve Bannon had Clinton accusers all lined up to go that weekend (indeed, I noted how quickly Stone moved to that after having raised expectations for a Clinton Foundation release). But I also think there are some reasons to believe that attack was in the works for other reasons (though I agree it might reflect advance knowledge that the video might come out, or even that Stormy Daniels might come forward).  Finally, I don’t think the release came from Trump because of all the reports of Republicans trying to convince Trump to step down (though it’s possible the GOP dropped the video in one last bid to get him to do so).

One alternative narrative, then, is that the real story about the Access Hollywood suppression goes back months or years earlier, as one of the things Trump managed to suppress throughout the campaign, but something happened internally to breach that agreement. And, separately, that either Assange by himself, with Russian help, or with Trump assistance, timed the Podesta emails to come out as the Russian attribution was coming out. That is, it could be that the real story remains that whoever orchestrated the Wikileaks release did so in an attempt to bury the Russian attribution, but that the coincidental release of the Access Hollywood video in turn buried the Podesta emails.

Finally, it’s possible that Democrats got ahold of the Access Hollywood video and they released it to (successfully) drown out the Podesta emails, which they (and the intelligence community) also would have known were coming, but by doing so, they also drowned out the all-important Russian attribution in the process.

The point is, we don’t know. And nothing we know thus far about the process leading to this warrant or about the suppression and release of either the video or the women’s stories suggest it all took place that week of October. Trump’s usual m.o. is about suppression, not timing.

That said, I’m curious if this raid will reveal details about one other item Trump probably tried to suppress: the nude Melania photos that NYPost released on July 31, 2016, just as campaign season got going in earnest.

What Did Wikileaks Do with the DCCC Emails It Monopolized?

Yesterday Buzzfeed did a story that adds important details to this report from the New Yorker last year.

In mid-August, Guccifer 2.0 expressed interest in offering a trove of Democratic e-mails to Emma Best, a journalist and a specialist in archival research, who is known for acquiring and publishing millions of declassified government documents. Assange, I was told, urged Best to decline, intimating that he was in contact with the persona’s handlers, and that the material would have greater impact if he released it first.

First, Buzzfeed describes the emails clearly as the DCCC documents (though elsewhere this article remains unreliable on some facts about what documents were what).

As Best describes, she had reached out to Guccifer 2.0 when he had asked for assistance from journalists, and ultimately then reached out to Wikileaks.

Best told BuzzFeed News she first reached out to Guccifer 2.0 in August 2016 after it posted on its WordPress account a call for journalists who wanted its files. “I sent them a Direct Message and referred to that, asking what they had in mind,” Best told BuzzFeed News over Signal. Best has experience posting large data sets, and wondered if she could host the files on archive.org, a nonprofit digital library.

But Guccifer 2.0 had another idea. “[I] gonna send a large trove to wikileaks,” it said. Best, who had DMed with WikiLeaks before, relayed that message to WikiLeaks in a direct message on Twitter. Neither party conveyed to her whether they had interacted together before.

“I told them that Guccifer 2.0 was considering giving me at least part of the cache, which is when they asked me to be their ‘agent,’ which they said I would get ‘credit’ for,” Best said. She didn’t agree to act as Assange’s agent, she said, but stopped messaging with Guccifer 2.0.

Note, this exchange shortly follows the release by Best and Wikileaks of some Turkish emails under some interesting circumstances.

Best’s outreach led to the conversation with Wikileaks, the Wikileaks side of which Buzzfeed includes.

The following is the entirety of WikiLeaks’s messages to Best that night, according to the emails she provided. All times are ET. (Twitter does not send a user copies of their own messages, so the contents Best provided are one-sided.)

8:43 p.m.: please “leave” their conversation with them and us

8:43 p.m.: we would appreciate it if you did not dump the docs and obviously archive.org will delete them anyway

9:12 p.m.: Impact is very substantially reduced if the “news” of a release doesn’t co-incide with the ability to respond to the news by searching

9:13 p.m.: non-searchable dumps are just channeled into a few orgs with technical resources. then others won’t touch them because they perceive that the cherries have all been picked by techdirt or whatever.

9:14 p.m.: and these other media groups are very likely to take a stupid initial angle

9:15 p.m.: “We don’t know if its true. Possibly russians who knows blah blah blah” because they don’t properly verify prior to publication and are scared because they’re not us, contaminating the entire release

9:18 p.m.: in that regretable event, from our perspective, please just act as our agent we can ensure you get the right credit, cross promotion etc.

As Buzzfeed notes, at 10:16 PM ET that day, Guccifer 2.0 tweeted that he would give the documents to Wikileaks (though Buzzfeed incorrectly says Guccifer 2.0 said “it had handed those documents over” to Wikileaks; the tweet in fact describes doing so prospectively).

Buzzfeed emphasizes that this proves Wikileaks knew that it obtained documents from Guccifer 2.0, and not Seth Rich (though this is one reason why Buzzfeed’s conflation of the email sets is problematic, as the Rich conspiracy pertains necessarily to the DNC documents, not the DCCC ones). Showing Wikileaks in direct coordination with Guccifer 2.0 is important.

Equally important, however, is that Wikileaks never released the DCCC documents. Having laid out reasons why it, rather than Best, should release them (because they could make them searchable, because other media outlets would take a stupid initial angle, because other outlets would emphasize the Russian source), Wikileaks then sat on them, if indeed they ever obtained them.

Meanwhile, five minutes after saying he’d dump the DCCC documents to Wikileaks, at 10:23 PM, Guccifer 2.0 sent the first tweet in what would become an exchange via DMs with Roger Stone.

Among the things Guccifer 2.0 did in that exchange was twice try to get Stone interested in the DCCC documents he was posting (though Stone did not respond).

Similarly, also on August 12, Guccifer 2.0 started discussing sharing the emails with a Republican operative named James Bambanek who says, in a recently published report that probably misunderstands one goal of Guccifer 2.0’s actions, he was conducting infosec research.

Elsewhere, Bambanek says he turned over every message immediately to the FBI, but as he notes, they would have been monitoring all this in any case.

Every [direct message] I sent, every [one] I received was turned over to the FBI immediately. I assumed they would have been monitoring the account to begin with,” Bambenek said.

Publicly, we know that Guccifer was also sharing the DCCC documents with other Republican operatives around the country. While some of these documents were unexciting, others provided the Democrats’ oppo research for congressional races. Florida was one of the states where the documents might be said to have helped Republicans (which is not coincidentally where Mueller’s focus on the Internet Research Agency seems to be).

What seems to have happened, then, is that by getting Best to agree not to publish the emails, Guccifer 2.0 then offered them up to a series of Republicans who would (whatever value the actual documents did or didn’t have) then be implicated in obtaining campaign documents from a presumed Russian source.

Contrary to what Wikileaks said, there’d be no way Republican operatives would let actually useful documents go unused, regardless of how much work they had to do to search for them. But by convincing Best not to publish them in bulk (and by not publishing them themselves!), Wikileaks created the opportunity for Guccifer 2.0 to implicate at least a handful of Republican operatives around the country.

Yes, in Bambanek’s case that happened with the knowledge of the FBI. But how many other Republicans didn’t think to admit to the FBI what they were doing?

Update: When the New Yorker story came out last August, Best said she did not know what she was being offered. I’m assuming they were the DCCC docs from the context, timing, and related actions with state based Republicans, but that may not be the case.

There Are Almost Certainly Other DAG Rosenstein Memos

As I noted in this post, Robert Mueller’s team of “Attorneys for the United States of America” responded to Paul Manafort’s claim that Rod Rosenstein’s grant of authority to the Special Counsel did not extend to the money laundering he is currently being prosecuted for by revealing an August 2, 2017 memo from Rosenstein authorizing Mueller to investigate, along with a bunch of redacted stuff,

Allegations that Paul Manafort:

  • Committed a crime or crimes by colluding with Russian government officials with respect to the Russian government’s efforts to interfere with the 2016 election for President of the United States, in violation of United States law;
  • Committed a crime or crimes arising out of payments he received from the Ukrainian government before and during the tenure of President Viktor Yanukovych.

As the filing notes, this memo has not been revealed before, neither to us nor to Manafort.

That’s all very interesting (and has the DC press corps running around claiming this is a big scoop, when it is instead predictable). More interesting, however, is the date, which strongly suggests that there are more of these memos out there.

Mueller is unlikely to have waited two and a half months to memorialize his scope

I say that, first of all, because Rosenstein wrote the August 2 memo two and a half months after he appointed Mueller. Given Trump’s raging attacks on the investigation, it’d be imprudent not to get memorialization of the scope of the investigation at each step. Indeed, as I’ve noted, in the filing Mueller points to the Libby precedent, arguing that this memo “has the same legal significance” as the two memos Jim Comey used to (publicly) memorialize the scope of Patrick Fitzgerald’s investigation.

The August 2 Scope Memorandum is precisely the type of material that has previously been considered in evaluating a Special Counsel’s jurisdiction. United States v. Libby, 429 F. Supp. 2d 27 (D.D.C. 2006), involved a statutory and constitutional challenge to the authority of a Special Counsel who was appointed outside the framework of 28 C.F.R. Part 600. In rejecting that challenge, Judge Walton considered similar materials that defined the scope of the Special Counsel’s authority. See id. at 28-29, 31-32, 39 (considering the Acting Attorney General’s letter of appointment and clarification of jurisdiction as “concrete evidence * * * that delineates the Special Counsel’s authority,” and “conclud[ing] that the Special Counsel’s delegated authority is described within the four corners of the December 30, 2003 and February 6, 2004 letters”). The August 2 Scope Memorandum has the same legal significance as the original Appointment Order on the question of scope.

The first of those Comey letters, dated December 30, 2003, authorized Fitz to investigate the leak of Valerie Plame’s identity. The second of those, dated February 6, 2004, memorialized that Fitz could also investigate,

federal crimes committed in the course of, and with intent to interfere with, your investigation, such as perjury, obstruction of justice, destruction of evidence, and intimidation of witnesses; to conduct appeals arising out of the matter being investigated and/or prosecuted; and to pursue administrative remedies and civil sanctions (such as civil contempt) that are within the Attorney General’s authority to impose or pursue.

It’s the second memo that memorialized Fitz’ authority to prosecute Scooter Libby for protecting Dick Cheney’s role in outing Valerie Plame.

Mueller, then the acting FBI Director, would presumably have been in the loop of the Fitz investigation (as Christopher Wray is in Mueller’s) and would have known how these two letters proceeded. So it would stand to reason he’d ask for a memo from the start, particularly given that the investigation already included multiple known targets and that Trump is even more hostile to this investigation than George Bush and Dick Cheney were to Fitz’s.

Admittedly, unlike the Comey memo, which was designed for public release, there’s no obvious, unredacted reference to a prior memo. Though something that might imply a prior memo is redacted at the top of the released memo (though this is probably a classification marking).

And, given that this memo was designed to be secret, Rosenstein may have written the memo to obscure whether there are prior ones and if so how many.

The memo closely follows two key dates

That said, the date of the memo, August 2, is mighty curious. It is six days after the July 27 Papadopoulos arrest at Dulles airport. And seven days after the July 26 no knock search of Paul Manafort’s Alexandria home.

That timing might suggest any of several things. It’s certainly possible (though unlikely) the timing is unrelated.

It’s possible that Rosenstein wrote the memo to ensure those two recent steps were covered by his grant. That wouldn’t mean that the search and arrest wouldn’t have been authorized. The memo itself notes that Mueller would be obliged to inform Rosenstein before each major investigative step.

The Special Counsel has an explicit notification obligation to the Attorney General: he “shall notify the Attorney General of events in the course of his or her investigation in conformity with the Departmental guidelines with respect to Urgent Reports.” 28 C.F.R. § 600.8(b). Those reports cover “[m]ajor developments in significant investigations and litigation,” which may include commencing an investigation; filing criminal charges; executing a search warrant; interviewing an important witness; and arresting a defendant.

Both Papadopoulos’ arrest and that dramatic search would fit this criteria. So it’s virtually certain Rosenstein reviewed Urgent Memos on both these events before they happened. Plus, his memo makes it clear that the allegations included in his memo “were within the scope of the Investigation at the time of your appointment and are within the scope of the Order,” meaning that the inclusion of them in the memo would retroactively authorize any activities that had already taken place, such as the collection of evidence at Manafort’s home outside the scope of the election inquiry.

As I noted, the memo also asserts that Special Counsels’ investigative authority, generally, extends to investigating obstruction and crimes the prosecutor might use to flip witnesses.

The filing is perhaps most interesting for the other authorities casually asserted, which are not necessarily directly relevant in this prosecution, but are for others. First, Mueller includes this footnote, making it clear his authority includes obstruction, including witness tampering.

The Special Counsel also has “the authority to investigate and prosecute federal crimes committed in the course of, and with intent to interfere with, the Special Counsel’s investigation, such as perjury, obstruction of justice, destruction of evidence, and intimidation of witnesses” and has the authority “to conduct appeals arising out of the matter being investigated and/or prosecuted.” 28 C.F.R. § 600.4(a). Those authorities are not at issue here.

Those authorities are not at issue here, but they are for the Flynn, Papadopoulos, Gates, and Van der Zwaan prosecutions, and for any obstruction the White House has been engaging in. But because it is relevant for the Gates and Van der Zwaan prosecutions, that mention should preempt any Manafort attempt to discredit their pleas for the way they expose him.

The filing includes a quotation from DOJ’s discussion of special counsels making it clear that it’s normal to investigate crimes that might lead someone to flip.

[I]n deciding when additional jurisdiction is needed, the Special Counsel can draw guidance from the Department’s discussion accompanying the issuance of the Special Counsel regulations. That discussion illustrated the type of “adjustments to jurisdiction” that fall within Section 600.4(b). “For example,” the discussion stated, “a Special Counsel assigned responsibility for an alleged false statement about a government program may request additional jurisdiction to investigate allegations of misconduct with respect to the administration of that program; [or] a Special Counsel may conclude that investigating otherwise unrelated allegations against a central witness in the matter is necessary to obtain cooperation.”

That one is technically relevant here — one thing Mueller is doing with the Manafort prosecution (and successfully did with the Gates one) is to flip witnesses against Trump. But it also makes it clear that Mueller could do so more generally.

Mueller used the false statements charges against Papadopoulos to flip him. He surely hopes to use the money laundering charges against Manafort to flip him, too. Both issues may have been at issue in any memo written to newly cover the events of late July.

Mueller may not have revealed the scope of the Manafort investigation at that time

Now consider this detail: the second bullet describing the extent of the investigation into Manafort has a semi-colon, not a period.

It’s possible Mueller used semi-colons after all these bullets (of which Manafort’s is the second or third entry). But that, plus the resumption of the redaction without a double space suggests there may be another bulleted allegation in the Manafort allegation.

There are two other (known) things that might merit a special bullet. First, while it would seem to fall under the general election collusion bullet, Rosenstein may have included a bullet describing collusion with Aras Agalarov and friends in the wake of learning about the June 9 Trump Tower meeting with his employees. More likely, Rosenstein may have included a bullet specifically authorizing an investigation of Manafort’s ties with Oleg Deripaska and Konstantin Kilimnik.

The Mueller memo actually includes a specific reference to that, which as I’ve noted I will return to.

Open-source reporting also has described business arrangements between Manafort and “a Russian oligarch, Oleg Deripaska, a close ally of President Vladimir V. Putin.”

The latter might be of particular import, given that we know a bunch of fall 2017 interviews focused on Manafort’s ties to Deripaska and the ongoing cover-up with Kilimnik regarding the Skadden Arps report on the Yulia Tymoshenko prosecution.

All of which is to say that this memo may reflect a new expansion of the Manafort investigation, perhaps pursuant to whatever the FBI discovered in that raid on Manafort’s home. If so, that should be apparent to him, as he and his lawyers know what was seized.

Still, I wouldn’t be surprised if he inquired about what authorized that July 26 raid, if for no other reason than to sustain his effort to make more information on Mueller’s investigation public.

The redactions almost certainly hide two expansions to the investigation as it existed in October 2016

Now let’s turn to what else (besides another possible Manafort bullet) the redactions might show, and what may have been added since.

The unredacted description of the Manafort investigation takes up very roughly about one fifth of the section describing allegations Mueller was pursuing.

The Schiff Memo revealed that DOJ had sub-investigations into four individuals in October 2016.

Endnote 7 made it clear that, in addition to Page, this included Flynn and Papadopoulos, probably not Rick Gates, and one other person, possibly Roger Stone.

In August 2017, all four of those would have been included in a Rosenstein memo, possibly with a bullet dedicated to Gates alone added. That said, not all of these would require two or more bullets (and therefore as much space as the Manafort description). Papadopoulos’ description might include two, one dedicated to the collusion and one to the lying about collusion, or just one encompassing both the collusion and the lying. Flynn’s might include three, one dedicated to the collusion, one to the lying about it, and one to the unregistered foreign agent work, including with Turkey, that we know Mueller to have been investigating; or, as with Papadopoulos, the lying about the collusion might be incorporated into that bullet. Stone’s bullet would likely have only reflected the collusion, an investigation that is currently very active. Carter Page’s suspected role as a foreign agent might be one bullet or two.

That suggests, though doesn’t confirm, that there are a few other things included in those redacted bullets, things not included in the investigation in October 2016 as reflected in the Schiff memo.

Indeed, we should expect two more things to be included in the bullet points: First, the name of any suspect, including the President, associated with the obstruction of justice. Rosenstein himself had already been interviewed with respect to that aspect of the investigation by August 2, so surely Rosenstein had already authorized that aspect of the investigation.

The redactions most likely also include the names of Don Jr and Jared Kushner (and Paul Manafort), for their suspected collusion with Russia as reflected in the June 9 meeting. At least according to public reporting, Mueller may have first learned of this in June when Manafort and Kushner confirmed it in turning over evidence to Congress and Mueller. The first revelations that Mueller was obtaining subpoenas from a dedicated grand jury were on August 3, just one day after this memo. That same day, reports described Mueller issuing subpoenas related to the June 9 meeting.

Indeed, it’s quite possible Rosenstein issued this memo to memorialize the inclusion of the President’s spawn among the suspects of the investigation.

Rosenstein has almost certainly updated this memo since August 2

All that said, there’s not enough redacted space to include the known expanded current scope of the investigation, and given that the newly expanded scope gets closer to the President, Rosenstein has surely issued an update to this memo since then. These things are all definitively included in the current scope of the investigation and might warrant special mention in any update to Rosenstein’s authorizing memo:

Many of these — particularly the ones that affect only Russians — might be included under a generic “collusion with Russia” bullet. The closer scrutiny on Jared, however, surely would get an update, as would any special focus on the Attorney General.

More importantly, to the extent Mueller really is investigating Trump’s business interests (whether that investigation is limited just to Russian business, or more broadly) — the red line the NYT helpfully set for the President — that would necessarily be included in the most up-to-date memo authorizing Mueller’s activities. There is no way Mueller would take actions involving the President personally without having the authorization to do so in writing.

Which is why we can be virtually certain the August 2 memo is not the last memo Rosenstein has written to authorize Mueller’s actions.

Mind you, Mueller probably wouldn’t want to release a memo with several pages of redacted allegations. Which may be why we’re looking at the redacted version of an almost certainly superseded memo.

Updated: Later today Mueller’s team asked to file a copy of an exhibit–which given Judge Berman Jackson’s description of it as released in redacted form, has to be the Rosenstein memo–under seal. Which suggests they’re going to show Manafort what else they’re investigating (which I bet is the Deripaska stuff).

The Daily Beast Guccifer Scoop and Those GRU Officers Sanctioned Last Week

The Daily Beast has a story reporting (in addition to the already reported news that the DNC hack got moved under Robert Mueller) that the person behind the Guccifer 2.0 persona “slipped up” once and failed to use the VPN hiding his location in the GRU headquarters in Moscow.

[O]n one occasion, The Daily Beast has learned, Guccifer failed to activate the VPN client before logging on. As a result, he left a real, Moscow-based Internet Protocol address in the server logs of an American social media company, according to a source familiar with the government’s Guccifer investigation.

The US identified which particular officer was behind the Guccifer persona.

Working off the IP address, U.S. investigators identified Guccifer 2.0 as a particular GRU officer working out of the agency’s headquarters on Grizodubovoy Street in Moscow.

And then, according to TDB, the Guccifer persona was handed off to a more experienced GRU officer, with better English skills.

Sometime after its hasty launch, the Guccifer persona was handed off to a more experienced GRU officer, according to a source familiar with the matter. The timing of that handoff is unclear, but Guccifer 2.0’s last blog post, from Jan. 12, 2017, evinced a far greater command of English that the persona’s earlier efforts.

TDB’s sources did not reveal the name of the officer identified from the VPN “slip up.”

The Daily Beast’s sources did not disclose which particular officer worked as Guccifer.

But we may already know the name or names of the GRU officers involved. As I noted last week, Treasury added two names to the list of GRU officers sanctioned in conjunction with the DNC hack: Sergei Afanasyev and Grigoriy Viktorovich Molchanov. Both would actually be (very) experienced officers — they are 55 and 62. And both include very interesting “as of” dates identifying the last point when our intelligence officials identified their positions: February 2017 and April 2016, respectively.

The latter is of particular interest, as it came during the period when Guccifer 2.0 was setting up his infrastructure. But the government doesn’t know a ton about this guy — they know his birth year, but not his birth date, and possibly not even his passport information.

In any case, last week, the government revealed two new people it blames (and therefore sanctioned) for the DNC hack.

As TDB notes, the revelation that the government has tied Guccifer 2.0 to a known GRU officer is utterly damning for Roger Stone, who has admitted talking to him. But they don’t lay out how squirrelly Stone was in early March when trying to deny he was in trouble for his dalliances with Guccifer 2.0 and Wikileaks, which I laid out here.

In his response he does the following:

  • Raises doubts that he was actually talking to Guccifer 2.0 (even though Guccifer 2.0’s only identity was virtual, so Stone’s online interactions with any entity running the Guccifer Twitter account would by definition be communication with Guccifer 2.0)
  • Repeats his earlier doubts that Guccifer 2.0 is a Russian operative
  • Emphasizes that he couldn’t have couldn’t have been involved in any hack of the DNC Guccifer 2.0 had done because he first spoke to him six weeks after the email release (in reality, he was speaking to him three weeks after the Wikileaks release)
  • Admits he once believed Guccifer 2.0 did the hack but (pointing to the Bill Binney analysis, and giving it a slightly different focus than he had in September) claims he no longer believes that
  • Invents something about a WaPo report that’s not true, thereby shifting the focus to receiving documents (as opposed to, say, information)
  • Denies he received documents from anyone but not that he saw documents (other than the Wikileaks ones) before they were released

This denial stops well short of explaining why he reached out to Guccifer. And it does nothing to change the record — one backed by his own writing — that Stone reached out because he believed Guccifer, whoever he might be, had hacked the DNC.

At the time Stone reached out to Guccifer (as I pointed out, he misrepresented the timing of this somewhat in his testimony), he believed Guccifer had violated the law by hacking the DNC.

He never does explain to Todd why he did reach out.

Guccifer 2.0 never comes back in the remainder of the interview.

Just weeks ago, when his buddy Sam Nunberg was giving (potentially immunized) testimony to the grand jury, Stone was really really squirrelly about whether his conversations with Guccifer 2.0 put him at legal jeopardy. The confirmation of the GRU tie may provide one reason why he’s so squirrelly.

Update: As Kaspersky’s Aleks Gostev notes, Treasury should know far more on Sergei Afanasyev. RT publicly described him as Deputy Chief of GRU in April 2016. And Molchanov is, at least now, head of GRU’s academy.

How the DNC Hack Skeptics’ Dominant Theory Sinks Stone

I’ve been thinking about something since I wrote this piece on Roger Stone’s Swiss cheese denials of conspiring with Guccifer 2.0 or Wikileaks on the hack-and-leak. As I laid out, Stone’s denial consists of two tactics: he admits he spoke with Guccifer 2.0 at a time he believed him to have done the hack but notes that that happened after (he claims six weeks, but it was really three) the documents already started coming out. And he denies knowing anything in advance about Wikileaks, which wouldn’t be a problem anyway, he says, because there’s no evidence Wikileaks is a Russian asset.

Effectively, that puts Stone’s involvement after the undeniably criminal act — the hack of the DNC and puts the rest into simple general foreknowledge of Wikileaks’ plan.

As I noted in my first post on Stone’s non-denials, that doesn’t address the possibility he was involved in the Peter Smith led rat-fuck negotiations with Russian hackers to find Hillary’s deleted emails.

But there’s one other problem with it.

According to the public record, Guccifer 2.0 first spoke with Stone on August 12 (though in his statement to Congress, he fudged that date interestingly and claimed the first contact — perhaps meaning DM — was August 14). While that post-dates all known hacking, it pre-dates at least one and possibly several key dates on the leak part of the operation. As Raffi Khatchadourian lays out, Wikileaks may have obtained the John Podesta emails around this time.

A pattern that was set in June appeared to recur: just before DCLeaks became active with election publications, WikiLeaks began to prepare another tranche of e-mails, this time culled from John Podesta’s Gmail account. “We are working around the clock,” Assange told Fox News in late August. “We have received quite a lot of material.” It is unclear how long Assange had been in possession of the e-mails, but a staffer assigned to the project suggested that he had received them in the late summer: “As soon as we got them, we started working on them, and then we started publishing them. From when we received them to when we published them, it was a real crunch. My only wish is that we had the equivalent from the Republicans.”

All of the raw e-mail files that WikiLeaks published from Podesta’s account are dated September 19th, which appears to indicate the day that they were copied or modified for some purpose.

Indeed, Stone’s “Podesta time in the barrel” comment, which Chuck Todd noted addressed Tony but not John Podesta, may even have preceded Wikileaks’ receipt of the emails.

But Stone’s discussions with Guccifer 2.0 undeniably precede an event that, at least according to the skeptics’ theory, necessarily precedes the publication of Podesta’s emails. That’s Craig Murray obtaining … something from someone while he was in the US for the Sam Adams Award on September 25. He has said he didn’t obtain the documents, but it might be a key or something.

That still doesn’t, by itself, make Stone’s conduct criminal. But it does mean his timeline is not exonerating.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The Preferred Anti-Obama Russian Hack Story Remains Silent on Shadow Brokers

Michael Isikoff and David Corn are fluffing their upcoming book on the Russian tampering with the 2016 election. This installment covers the same ground, and the same arguments, and has the same weaknesses that this WaPo article did: It describes how urgent but closely held the CIA tips were (without considering whether the close hold on the intelligence led the IC to make incorrect conclusions about the attack). It describes efforts to make a public statement that got drowned out by the Pussy Grabber and Podesta releases. It airs the disappointment of those who thought Obama should have launched a more aggressive response.

Perhaps the biggest addition to the WaPo version is that this one includes more discussion of Obama’s thoughts on cyber proliferation, with the acknowledgement that the US would be more vulnerable than Russia in an escalating cyber confrontation.

Michael Daniel and Celeste Wallander, the National Security Council’s top Russia analyst, were convinced the United States needed to strike back hard against the Russians and make it clear that Moscow had crossed a red line. Words alone wouldn’t do the trick; there had to be consequences. “I wanted to send a signal that we would not tolerate disruptions to our electoral process,” Daniel recalled. His basic argument: “The Russians are going to push as hard as they can until we start pushing back.”

Daniel and Wallander began drafting options for more aggressive responses beyond anything the Obama administration or the US government had ever before contemplated in response to a cyberattack. One proposal was to unleash the NSA to mount a series of far-reaching cyberattacks: to dismantle the Guccifer 2.0 and DCLeaks websites that had been leaking the emails and memos stolen from Democratic targets, to bombard Russian news sites with a wave of automated traffic in a denial-of-service attack that would shut the news sites down, and to launch an attack on the Russian intelligence agencies themselves, seeking to disrupt their command and control modes.

[snip]

One idea Daniel proposed was unusual: The United States and NATO should publicly announce a giant “cyber exercise” against a mythical Eurasian country, demonstrating that Western nations had it within their power to shut down Russia’s entire civil infrastructure and cripple its economy.

[snip]

The principals did discuss cyber responses. The prospect of hitting back with cyber caused trepidation within the deputies and principals meetings. The United States was telling Russia this sort of meddling was unacceptable. If Washington engaged in the same type of covert combat, some of the principals believed, Washington’s demand would mean nothing, and there could be an escalation in cyber warfare. There were concerns that the United States would have more to lose in all-out cyberwar.

“If we got into a tit-for-tat on cyber with the Russians, it would not be to our advantage,” a participant later remarked. “They could do more to damage us in a cyber war or have a greater impact.” In one of the meetings, Clapper said he was worried that Russia might respond with cyberattacks against America’s critical infrastructure—and possibly shut down the electrical grid.

[snip]

Asked at a post-summit news conference about Russia’s hacking of the election, the president spoke in generalities—and insisted the United States did not want a blowup over the issue. “We’ve had problems with cyber intrusions from Russia in the past, from other counties in the past,” he said. “Our goal is not to suddenly in the cyber arena duplicate a cycle escalation that we saw when it comes to other arms races in the past, but rather to start instituting some norms so that everybody’s acting responsibly.”

The most dramatic part of the piece quotes an angry Susan Rice telling her top Russian expert to stand down some time after August 21.

One day in late August, national security adviser Susan Rice called Daniel into her office and demanded he cease and desist from working on the cyber options he was developing. “Don’t get ahead of us,” she warned him. The White House was not prepared to endorse any of these ideas. Daniel and his team in the White House cyber response group were given strict orders: “Stand down.” She told Daniel to “knock it off,” he recalled.

Daniel walked back to his office. “That was one pissed-off national security adviser,” he told one of his aides.

But like the WaPo article before it, and in spite of the greater attentiveness to the specific dates involved, the Isikoff/Corn piece makes not one mention of the Shadow Brokers part of the operation, which first launched just as NSC’s Russian experts were dreaming up huge cyber-assaults on Russia.

On August 13, Shadow Brokers released its first post, releasing files that had compromised US firewall providers and including a message that — while appearing to be an attack on American Elites and tacitly invoking Hillary — emphasizes how vulnerable the US would be if its own cybertools were deployed against it.

We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what “Equation Group” can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites?

Sure, it’s possible the IC didn’t know right away that this was a Russian op (though Isikoff and Corn claim, dubiously and in contradiction to James Clapper’s November 17, 2016 testimony, that the IC had already IDed all the cut-outs Russia was using on the Guccifer 2.0 and DC Leaks operations). Though certainly the possibility was publicly discussed right away. By December, I was able to map out how it seemed the perpetrators were holding the NSA hostage to any retaliation attempts. Nice little NSA you’ve got here; it’d be a shame if anything happened to it. After the inauguration, Shadow Brokers took a break, until responding to Trump’s Syria strike by complaining that he was abandoning those who had gotten him elected.

Respectfully, what the fuck are you doing? TheShadowBrokers voted for you. TheShadowBrokers supports you. TheShadowBrokers is losing faith in you. Mr. Trump helping theshadowbrokers, helping you. Is appearing you are abandoning “your base”, “the movement”, and the peoples who getting you elected.

That was followed by a release of tools that would soon lead to billion dollar attacks using repurposed NSA tools.

As recently as February, the NSA and CIA were still trying to figure out what Russia (and the stories do appear to confirm the IC believed this was Russia) had obtained.

I mean, it’s all well and good to complain that Obama asked the NSC to stand down from its plans to launch massive cyberattacks as a warning to Putin. But you might, first, consider whether that decision happened at a time when the US was facing far greater uncertainty about our own vulnerabilities on that front.

Roger Stone’s Rat-Eating Swiss Cheese Denials

Back when Roger Stone leaked his September testimony to HPSCI, I noted that it misrepresented the key allegations against him, meaning he never denied the important parts.

I’m even more interested in how he depicts what he claims are the three allegations made against him.

Members of this Committee have made three basic assertions against me which bust be rebutted her today. The charge that I knew in advance about, and predicted, the hacking of the Clinton campaign chairman John Podesta’s email, that I had advanced knowledge of the source or actual content of the WikiLeaks disclosures regarding Hillary Clinton or that, my now public exchange with a persona that our intelligence agencies claim, but cannot prove, is a Russian asset, is anything but innocuous and are entirely false.

In point of fact, this tripartite accusation is actually a misstatement of the allegations against him (though in his rebuttal of them, he is helped immensely by the sloppiness of public statements made by Democrats, especially those on the panel, which I’ve criticized myself). Generally, the accusation is more direct: that in conversing with both Julian Assange (though a cut-out) and Guccifer 2.0, Stone was facilitating or in some way helping the Trump campaign maximally exploit the Russian releases that were coming.

The same is true of his interview with Chuck Todd yesterday.

I’m most interested in the way Stone addresses his direct exchange with Guccifer 2.0, then restricts the rest of his denials to Wikileaks. When Todd asks Stone why he reached out to both Guccifer and Wikileaks, Stone focuses his attention on the former.

Todd: Why did you reach out to Guccifer? Why did you reach out to Wikileaks?

Stone: First of all, my direct messages with Guccifer 2.0, if that’s who it really is, come six weeks, almost six weeks after the DNC emails had been published by Wikileaks. So in order to collude in their hacking, which I had nothing whatsoever to do with, one would have needed a time machine. Secondarily, I wrote a very long piece, you can find it still at the Stone Cold Truth. I doubt that Guccifer is, indeed, a Russian operative. I also once believed that he had hacked the DNC. I don’t believe that anymore either. I believe it was an inside job and the preponderance of evidence points to a load to a thumb drive or some other portable device and the device is coming out the back door. But, Chuck, ten days ago, the Washington Post that based on the Democratic minority that the Russians had sent documents to me for review. I never received any documents from the Russians or anybody representing them. I never had any contact with any

Todd: Did you receive any documents and you didn’t know it was a Russian?

Stone: I never received any documents from anyone purporting to be a Russian or otherwise, and I never saw the Wikileaks documents in advance.

In his response he does the following:

  • Raises doubts that he was actually talking to Guccifer 2.0 (even though Guccifer 2.0’s only identity was virtual, so Stone’s online interactions with any entity running the Guccifer Twitter account would by definition be communication with Guccifer 2.0)
  • Repeats his earlier doubts that Guccifer 2.0 is a Russian operative
  • Emphasizes that he couldn’t have couldn’t have been involved in any hack of the DNC Guccifer 2.0 had done because he first spoke to him six weeks after the email release (in reality, he was speaking to him three weeks after the Wikileaks release)
  • Admits he once believed Guccifer 2.0 did the hack but (pointing to the Bill Binney analysis, and giving it a slightly different focus than he had in September) claims he no longer believes that
  • Invents something about a WaPo report that’s not true, thereby shifting the focus to receiving documents (as opposed to, say, information)
  • Denies he received documents from anyone but not that he saw documents (other than the Wikileaks ones) before they were released

This denial stops well short of explaining why he reached out to Guccifer. And it does nothing to change the record — one backed by his own writing — that Stone reached out because he believed Guccifer, whoever he might be, had hacked the DNC.

At the time Stone reached out to Guccifer (as I pointed out, he misrepresented the timing of this somewhat in his testimony), he believed Guccifer had violated the law by hacking the DNC.

He never does explain to Todd why he did reach out.

Guccifer 2.0 never comes back in the remainder of the interview. The first time Todd asks Stone if there had been “collusion” with the Russians, Stone answers it generally, insisting Trump needed no help to beat Hillary.

Todd: You have made the case here that there was no collusion here that you’re aware of. Would it have been wrong to collude with a foreign adversary to undermine Hillary Clinton’s campaign?

Stone: Well, there’s no evidence that this happened, you’re asking me to answer a hypothetical question. It seems to me that Mr. Steele was colluding with the Russians.

Todd: Let me ask you this. Do you think it’s fair game to get incriminating evidence from a foreign government about your political opponent?

Stone: But that didn’t happen, Chuck, so I’m not going to answer a hypothetical question. It was unnecessary. The idea that Donald Trump needed help from the Russians to beat Hillary Clinton it’s an excuse, a canard, a fairy tale. I don’t believe it ever happened.

The next time — when Stone first labels then backs way the fuck off labeling conspiring with the Russians as treason — Stone then focuses on how such conspiring would only be treason if you believed that Assange was a Russian agent.

Stone: Chuck I’ve been accused of being a dirty trickster. There’s one trick that’s not in my bag. That’s treason. I have no knowledge or involvement with Russians–

Todd: And you believe

Stone: And I have no knowledge of anybody else who does.

Todd: Let me establish something. You believe, if unbeknownst to you, there is somebody on the Trump campaign who worked with the Russians on these email releases, that’s a treasonous act?

Stone: No, actually, I don’t think so because for it to be a treasonous act, Assange would have to be provably a Russian asset, and Wikileaks would have to be a Russian front and I do not believe that’s the case.

Todd: Let me back you up there. You think it’s possible Wikileaks and the Trump campaign coordinated the release?

Stone: I didn’t say that at all. I have no knowledge of that and I make no such claim.

Todd: No, I understand that. You just issued that hypothetical. So what you’re saying is had that occurred you don’t believe that’s, you don’t believe, you don’t believe that that’s against the law?

Stone: This is all based on a premise that Wikileaks is a Russian front and Assange is a Russian agent. As I said I reject that. On the other hand I have no knowledge that that happened. It’s certainly did not happen in my case. That isn’t something I was involved in.

When asked whether it would be illegal to work with Wikileaks (Stone’s contacts with Guccifer at a time he believed Guccifer to have hacked the DNC go unmentioned) Stone again focuses on whether Wikileaks was Russian, not on the conspiracy to hack and leak documents.

This focus on Wikileaks instead of Guccifer 2.0 carries over to the statement Stone issued to ABC:

I never received anything whatsoever from WikiLeaks regarding the source, content or timing of their disclosures regarding Hillary Clinton, the DNC or Podesta. I never received any material from them at all. I never received any material from any source that constituted the material ultimately published by WikiLeaks. I never discussed the WikiLeaks disclosures regarding Hillary Clinton or the DNC with candidate or President Donald Trump before during or after the election. I don’t know what Donald Trump knew about the WikiLeaks disclosures regarding Hillary or the DNC if anything and who he learned it from if anyone.

No one, including Sam Nunberg is in possession If any evidence to the contrary because such evidence does not exist … This will be an impossible case to bring because the allegation that I knew about the WikiLeaks disclosures beyond what Assange himself had said in interviews and tweets or that I had and shared this material with anyone in the Trump campaign or anyone else is categorically false. Assange himself has said and written that I never predicted anything that he had not already stated in public.

There’s very good reason Stone would want to focus on Wikileaks rather than Guccifer.

Even by his own dodgy explanation, at the time he reached out to Guccifer, he believed that Guccifer had hacked the DNC. While it’s true that the public record shows Stone stopping short of accepting documents from Guccifer (all this ignores Stone’s reported involvement in a Guccifer-suggested Peter Smith effort to obtain Hillary’s Clinton Foundation emails), Stone’s interest in coordinating with the hack-and-leak is clear.

And it seems Sam Nunberg may fear that his past testimony and communications with Stone would document that interest. If he knows Stone did have non-public communications with Guccifer, but didn’t believe Guccifer to be Russian, it would also explain why Nunberg said he thought Putin was too smart to collude with Trump, but that his testimony might hurt Stone.

Adding one more point to this: early in the interview, Stone goes to some lengths to say that he proved he had actually separated from the Trump campaign by contemporaneously showing two reporters his resignation letter. This is akin to something Carter Page did in his HPSCI testimony. But given how many of those conspiring with Russia on the Trump campaign (Carter Page — especially after his departure, George Papadopoulos, and Paul Manafort) didn’t have formal roles, it’s not clear that letter would be definitive. Indeed, it might be the opposite, one of a group of people who arranged plausible deniability by getting or staying off the campaign payroll.

Update: Fixed my misrepresentation of Stone’s claim about the six week delay, and fact-checked it to note it was only three weeks.