Posts

“Ridiculous:” Durham’s Failed Clinton Conspiracy Theory

/43 Comments/in , /by

I put together a very rough list of the interviews that John Durham included in his Report and a table showing the organization of his report.

I’d like to describe what appears to have happened with the investigation. Remember a few things about this list: It won’t include everything. Even just among witnesses who testified at trial, Durham was known to have done initial interviews, then threatened them with prosecution, in an often successful attempt to shade their testimony (see this post for an example). With others, Durham is being affirmatively misleading by stating that people who did appear before the grand jury were unwilling to be interviewed.

This list is just a list of interviews that actually support his narrative.

2019: Manufacturing a new origin story

As noted, most of the junkets that Durham and Barr did in the first year of the investigation don’t appear. The only overseas investigative steps noted in 2019 include the Legal Attaché personnel in London and the two Australian sources, Alexander Downer and Erika Thompson (described as Australian Diplomat-1), behind the original tip on George Papadopoulos. Durham did two separate interviews with the Australians, done on the same day, months before the DOJ IG Report determined the investigation was properly predicated.

Durham relies heavily on Downer, instead of Thompson, and claims to have discovered a conflict in their two accounts.

The Australian account reflects that two meetings of a casual nature took place with Papadopoulos. 215 These meetings were documented by Downer on May 11, 2016 and by Australian Diplomat-I later in the month. 216 Both diplomats advised that prior to the Spring of 2016, Papadopoulos was unknown to them. 217 Notably, the information in Paragraph Five does not include any mention of the hacking ofthe DNC, the Russians being in possession of emails, or the public release of any emails. In addition, when interviewed by the Office, Downer stated that he would have characterized the statements made by Papadopoulos differently than Australian Diplomat-1 did in Paragraph 5. According to Downer, Papadopoulos made no mention of Clinton emails, dirt or any specific approach by the Russian government to the Trump campaign team with an offer or suggestion of providing assistance. Rather, Downer’s recollection was that Papadopoulos simply stated “the Russians have information” and that was all. 218

As recounted to the FBI on August 2, 2016, by Australian Diplomat-1, the substance of Paragraph Five was written in a “purposely vague” way. 219 This was done because Papadopoulos left a number of things unexplained and “did not say he had direct contact with the Russians.” 220 The impression Papadopoulos made on the Australian diplomats was wide ranging. On the one hand, he “had an inflated sense of self,” was “insecure,” and was “trying to impress.” 221 On the other hand, he was “a nice guy,” was “not negative,” and “did not name drop.” 222

Downer noted that he

was impressed Papadopoulos acknowledged his lack of expertise and felt the response was uncommon for someone of Papadopoulos’ age, political experience and for someone thrust into the spotlight overnight. Many people in a similar position would represent themselves differently and [Downer] would have sniffed them out. If [Downer] believed Papadopoulos was a fraud [he] would not have recorded and reported on the meeting [he] had with Papadopoulos. 223

Downer also said that he “did not get the sense Papadopoulos was the middle-man to coordinate with the Russians.” 224 The Australian diplomats would later inform the FBI, and subsequently the Office, that the impetus for passing the Paragraph Five information in late-July was the public release by WikiLeaks ( on July 22, 2016) of email communications that had been hacked from the DNC servers. 225

215 We note there is an inconsistency in the statements given by Australian Diplomat-1 and former-High Commissioner Downer to the Crossfire Hurricane interviewers in August 2016 and what they told the Office when interviewed in October 2019. Australian Diplomat-1 and Downer were interviewed together in August 2016, and, according to the FD-302 prepared afterward by Supervisory Special Agent- 1, Papadopoulos made the statements about the Russians during the May 6, 2016 introductory meeting when he met only with Australian Diplomat-1. When the two diplomats were interviewed separately by the Office in October 2019, investigators were advised that Papadopoulos made the statements in front of both Australian Diplomat-1 and Downer during the second meeting on May 10, 2016.

216 The meetings with Papadopoulos took place on May 6 and 10, 2016. Australia 302 at 1- 2. The Australian diplomats documented the meetings in two cables dated May 11 and May 16, 2016; OSC Report of Interview ofAlexander Downer on Oct. 9, 2019 at 2; OSC Report of Interview ofAustralian Diplomat-1 on Oct. 9, 2019 at 3.

217 OSC Report of Interview of Alexander Downer on Oct. 09, 2019 at 1; OSC Report of Interview of Australian Diplomat-I on Oct. 09, 2019 at 1-2.

218 OSC Report of Interview of Alexander Downer on Oct. 09, 2019 at 2 (and related field notes); Downer also is reported to have stated in an interview that in talking with Papadopoulos there was “no suggestion that there was collusion between Donald Trump or Donald Trump’s campaign and the Russians.” Brooke Singman, Diplomat Who Helped Launch Russia Probe Speaks Out, Defends Role, Fox News (May 10, 2019), https://www.foxnews.com/politics/forrner-ausralian-diplomat-alexander-downer-defendswork-pushes-back-on-claim-he-tried-to-trap-papadopoulos. 219 Australia 302 at 2.

There’s no conflict.

Papadopoulos appears to have told the story about advance notice of Russia’s help to Thompson twice, once on May 6 and again, with Downer present, on May 10. She explains that not everything Papadopoulos said made it into her report. It’s likely Papadopoulos said more at the first meeting (I believe the record reflects that he drank more at the first meeting).

But by relying on Downer instead of Thompson, Durham claims that there was less to the tip than Thompson appears to have taken from it.

Having manufactured an alternate story about the initial predication, it’s no wonder Durham pushed Michael Horowitz not to say the investigation was fully predicated.

Durham also appears to have investigated why it took so long for the Steele reports to make their way from New York to DC. This is a fairly remarkable and sustained part of his report, because Durham is basically complaining that the pee tape report wasn’t immediately taken seriously.

Finally, from the very first year, Durham started doing investigations into the treatment of the Clinton Foundation investigation. As I have noted, his report leaves out really important details of that investigation: that agents who exhibited every bit as much bias as Durham finds in Peter Strzok, Lisa Page, or Kevin Clinesmith were running a key informant on the investigation, something no one has alleged happened with investigations into Trump’s associates.

That silence is all the more important given how Durham compares the predication of the Crossfire Hurricane investigation with that of Clinton Foundation, which relied in significant part on the Steve Bannon-linked Clinton Cash book which was every bit as shoddy as the Christopher Steele dossier, with a much more aggressive bias.

Once again, the investigative actions taken by FBI Headquarters in the Foundation matters contrast with those taken in Crossfire Hurricane. As an initial matter, the NYFO and WFO investigations appear to have been opened as preliminary investigations due to the political sensitivity and their reliance on unvetted hearsay information (the Clinton Cash book) and CHS reporting. 388 By contrast, the Crossfire Hurricane investigation was immediately opened as a full investigation despite the fact that it was similarly predicated on unvetted hearsay information. Furthermore, while the Department appears to have had legitimate concerns about the Foundation investigation occurring so close to a presidential election, it does not appear that similar concerns were expressed by the Department or FBI regarding the Crossfire Hurricane investigation. Indeed, in short order after opening the Crossfire Hurricane file and its four subfiles, the FBI was having one of its long-time CHSs meet not with just one Trump campaign associate, but meet and record conversations with three such insiders. And a little more than a month after opening the Crossfire Hurricane file on Page, a “senior U.S. law enforcement official” was publicly reported as confirming for Michael Isikoff and Yahoo! News that the FBI had Page on its radar screen. 389

Durham says two Australians who had no stake in the election (and who likely didn’t want to create a row with a major political candidate) have the same credibility as a long term political hoaxster paid by Trump’s ultimate campaign manager.

And in making this comparison, Durham doesn’t consider the urgency of the ongoing Russian attack on democracy (something that he generally ignores throughout the report). The underlying crime behind the Papadopoulos tip was potential (and real, in the case of both Paul Manafort and Roger Stone) ongoing involvement in Russia’s efforts to interfere in the election.

2020: Laying the ground work for the Clinton conspiracy

Early in 2020, Barr made Durham a Special Counsel, giving him authority to use a grand jury.

The very next day, he met with Jim Baker.

In cross-examination at the Sussmann trial, Baker lawyer Sean Berkowitz situated this meeting and another, in June 2020, when Baker’s story about the Sussmann meeting was still radically different than the one he told at trial, in terms of a leak investigation into Baker that had just closed. Baker had recently been criminally investigated by Durham, he knew that Durham would come after him again on the Russian investigation, and that February 2020 meeting was the first after the close of the leak investigation.

Q. So you know what it’s like to be under criminal investigation. Right?

A. Yes.

Q. You know what it’s like to be under criminal investigation by this man?

A. Yes.

Q. That’s Mr. Durham?

A. Yes.

Q. In fact, sir, in March of 2017 Mr. Durham was appointed by the Department of Justice to conduct a criminal investigation of the unauthorized disclosure of classified information to a reporter. Correct?

A. I don’t remember exactly when he was appointed, but that’s roughly correct based on my recollection of the timeframe.

Q. And you were a subject of that investigation?

A. I was never told that I was a subject.

Q. Is it fair to say that your lawyer refused to let you answer questions before Congress because you were under investigation?

A. He did object to certain questions — certain questions — because I was under investigation. That’s correct.

Q. Under criminal investigation. Right?

A. It was a criminal investigation was my understanding, yes.

Q. And you refused to answer those questions on the gounds that it might incriminate you?

A. I refused to answer those questions on advice of counsel, and it was a voluntary interview so I could refuse to answer any questions that I didn’t want to answer.

Q. And the investigation took place between 2017 and 2018. correct:

A. Say that again.

Q. The investigation took place between 2017 and 2019. correct?

A. I think it was not closed until 2020 by the Department.

[snip]

Q. And you, sir, were aware that Mr. Baker was — I mean, Mr. Durham was reappointed as special counsel, correct, in or around 2019?

A. For this matter?

Q. Yes.

A. Yes.

Q. And when that happened, you were concerned, were you not?

A. Concerned about what?

Q. That Mr. Durham might come and investigate you more?

A. I wasn’t concerned about it. I expected it.

[snip]

Q. It’s the first time you saw him after you were the subject of the criminal investigation by him?

A. Again, I was never told that I was a subject.

Q. Was that the first time?

A. Yeah, I think that was the first time.

In June 2020, Baker’s story started to evolve until ultimately, he testified, claiming 100% certainty about a story that had changed at least four times, to precisely the story Durham would want him to.

Most of the early 2020 interviews relied on by Durham in his report pertain to two topics: His reinvestigation of how the Clinton Foundation investigation proceeded, and his pursuit of a claim that Hillary framed Donald Trump (marked as “Russian intelligence” in the timeline).

Starting in June 2020, Durham appears to have started focusing on Igor Danchenko, burning him as a source, reviewing the long-dormant counterintelligence investigation into him, and focusing the same kind of pressure on Danchenko handler Kevin Helson (whom Durham seems to have referred for further investigation, on a date he doesn’t provide, for his handling of Danchenko). In July 2020, Barr provided Lindsey Graham the interview transcripts for Danchenko, which would lead to (or provide the excuse for) Danchenko’s exposure. In September 2020, the Senate Judiciary Committee would stage a FISA hearing to expose Danchenko’s past counterintelligence investigation.

None of these were effective investigative steps. Most witnesses didn’t testify at trial, and the one who did — Helson — was a devastating witness against Durham’s case (which may be why he was referred for further investigation). Those investigative steps did make Danchenko far more insecure, both legally and financially.

On September 29, John Ratcliffe would also share the report and, a week later, the underlying intelligence, around which Durham would build his Clinton conspiracy theory: A Russian intelligence Report that Hillary’s complaints about Trump’s pro-Russian bias stemmed from an attempt to cover up her email scandal and not from real concern about Russia or frustration with being victimized by a nation-state hack during an election.

On October 19, after Nora Dannehy disrupted Durham’s plan to release an initial report before the election, Barr made him Special Counsel so he could stick around for two more years to try to build the case he hadn’t done by 2020.

One of the most telling things about Durham’s actions in 2020 is that he didn’t do any of the ground work he needed to do to investigate the accusations he would make in late 2021. His primary work on the Alfa Bank case was making Danchenko far, far more vulnerable. He records virtually no obvious investigative work on the Alfa Bank allegations in 2020. He did little work on the dossier allegations. Some key investigative steps — getting a technical review of the Alfa Bank allegation and trying to secure Sergei Millian’s make-or-break testimony — waited until 2022, well after he had actually indicted these cases.

2021: Preparing actual indictments to hang failed conspiracy theories on

And it’s not just those two indictments Durham neglected in 2020. Here’s something Carter Page should think seriously about: John Durham did not do the investigation into the problems with his FISA application until the statutes of limitation started to expire in 2021. Given that investigative history, it’s fairly clear that Durham was never going to charge FBI agents in conjunction with those applications. Never. He had other priorities.

Instead, in 2021, he started making belated attempts to substantiate his Clinton conspiracy, with interviews to set up Charles Dolan as a witness.

Durham did no apparent interviews into Sergei Millian in 2021.

He did begin the effort — one paralleled and assisted by Alfa Bank lawsuit against the researchers in question, which to a DC judge seemed,”almost like they were written by the same people in some way,” — to spin the research into DNS anomalies into a deliberate plan by Hillary’s team.

In Durham’s investigations, however, there were obvious basic investigative failures. Durham didn’t interview people from Cendyn and Listrak until after the Sussmann indictment (and in the latter case, it’s not clear whether Durham spoke to anyone authoritative or even got the name of all the people interviewed).

I’ve already laid out how Durham didn’t even ask Michael Horowitz for relevant evidence until after the indictment. It was several months later before he asked Jim Baker to check his iCloud for the exculpatory communications that Sussmann correctly predicted would be there.

Durham didn’t interview Sergei Millian — and even then, he only did so remotely, with no agreement he would testify at trial — until February 2022, three months after indicting Danchenko.

These indictments — both of which could only have worked if charged as conspiracy indictments for which Durham had no evidence — were always bound to fail. They were bound to fail because they weren’t the result of an investigation, the logical progression from a clear crime committed. They were instead legal clothes hangers on which he could try to hang a conspiracy theory. They might have worked if Sussmann or Rodney Joffe or Danchenko had caved to the economic and legal pressure Durham was applying (as he did with Danchenko, Durham also got Joffe discontinued as an FBI source, but that had no financial repercussions for Joffe). But the charges were so flimsy Sussmann and Danchenko mounted a fairly clearcut defense.

Late 2021 to 2022: Chasing Clinton conspiracies

There’s a detail, though, that is all the more revealing given Durham’s failure to conduct an adequate investigation into these charges before indicting. As I noted last year, even after Sussmann was indicted, Durham refused the former Clinton lawyer’s demand for a list of the people on the Clinton campaign with whom he had coordinated his Alfa Bank efforts. It wasn’t until months later that it became clear — as Sussmann laid out in a filing — that Durham hadn’t even interviewed any of the people Sussmann purportedly coordinated with until after the indictment.

[T]he Special Counsel has alleged that Mr. Sussmann met with the FBI on behalf of the Clinton Campaign, but it was not until November 2021—two months after Mr. Sussmann was indicted—that the Special Counsel bothered to interview any individual who worked full-time for that Campaign to determine if that allegation was true.

Here’s what those interviews look like, as laid out in the Durham Report:

11/10/21: Jennifer Palmieri

11/12/21: Jake Sullivan

1/19/22: John Podesta (Russian Intelligence)

5/11/22: Hillary Clinton (Russian Intelligence)

Those questions weren’t focused on Sussmann, though. They were focused on Durham’s Clinton conspiracy, the claim that she had made a plan to frame Donald Trump.

During an interview of former Secretary Clinton, the Office asked if she had reviewed the information declassified by DNI Ratcliffe regarding her alleged plan to stir up a scandal between Trump and the Russians. 44 ° Clinton stated it was “really sad,” but “I get it, you have to go down every rabbit hole.” She said that it “looked like Russian disinformation to me; they’re very good at it, you know.” Clinton advised that she had a lot of plans to win the campaign, and anything that came into the public domain was available to her.

In addition, the Office interviewed several other former members of the Clinton campaign using declassified materials441 regarding the purported “plan” approved by Clinton.

The campaign Chairperson, John Podesta, stated that he had not seen the declassified material before, characterized the information as “ridiculous,” and denied that the campaign was involved in any such “plan.”442 Jake Sullivan, the campaign Senior Policy Advisor, stated that he had not seen the intelligence reporting before and had no reaction to it other than to say, “that’s ridiculous.”443 Although the campaign was broadly focused on Trump and Russia, Sullivan could not recall anyone articulating a strategy or “plan” to distract negative attention away from Clinton by tying Trump to Russia, but could not conclusively rule out the possibility. 444 The campaign Communications Director, Jennifer Palmieri, who was shown the Referral Memo, 445 stated that she had never seen the memorandum before, found its contents to be “ridiculous,” and could not recall anything “like this” related to the campaign. 446 She stated that Podesta, Mook, Sullivan and herself were aware of a project involving ties between Trump and Russia being conducted by Perkins Coie, the campaign law firm, but she did not think Clinton was aware of it, nor did she receive any direction or instruction from Clinton about the project.447

Another foreign policy advisor (“Foreign Policy Advisor-2”) confirmed that the campaign was focused on Trump and Russia, but that focus was due to national security concerns and not designed to distract the public from Clinton’s server issue. 448

Every single one of them called Durham’s conspiracy theories “ridiculous.”

For good reason. As I’ve laid out, the timeline Durham obscures, in which Trump’s rat-fucker had contact with Russia weeks before Hillary purportedly ginned up this plan, disproves the conspiracy theory.

Which explains something about the Sussmann trial — led by Andrew DeFilippis, the same AUSA who had willingly attempted to trump up a crime against John Kerry. Over and over, Durham’s prosecutors willfully ignored Judge Christopher Cooper’s orders, thereby introducing evidence with no evidentiary basis. They did so most blatantly when, minutes after Cooper ordered DeFilippis not to read from a paragraph of a Hillary Tweet calling on FBI to investigate the Alfa Bank allegations, he did so anyway, predictably leading the same outlets that wrote supine reviews of the Durham report to focus exclusively on something not before the jury.

After Judge Cooper said he would reserve his decision, Berkowitz noted that in fact, DeFilippis planned to use the tweet to claim the campaign wanted to go to the FBI when the testimony at trial (from both Elias and Mook) would establish that going to the FBI conflicted with the campaign’s goals.

[T]hey are offering the tweet for the truth of the matter, that that’s what the campaign desired and wanted and that it was a accumulation of the efforts.

Number one, it’s not the truth; and in fact, it’s the opposite of the truth. We expect there to be testimony from the campaign that, while they were interested in an article on this coming out, going to the FBI is something that was inconsistent with what they would have wanted before there was any press. And in fact, going to the FBI killed the press story, which was inconsistent with what the campaign would have wanted.

And so we think that a tweet in October after there’s an article about it is being offered to prove something inconsistent with what actually happened.

Then, after both Elias and Mook had testified that they had not sanctioned Sussmann going to the FBI, DeFilippis renewed his assault on Cooper’s initial exclusion, asking to introduce it through Mook’s knowledge that the campaign had tried to capitalize on the Foer story.

Having ruled in the past that the tweet was cumulative and highly prejudicial, Cooper nevertheless permitted DeFilippis to introduce the tweet if he could establish that Mook knew that the campaign tried to capitalize on the Foer story.

But Cooper set two rules: The government could not read from the tweet and could not introduce the part of the tweet that referenced the FBI investigation. (I explained what DeFilippis did at more length in this post.)

THE COURT: All right. Mr. DeFilippis, if you can lay a foundation that he had knowledge that a story had come out and that the campaign decided to issue the release in response to the story, I’ll let you admit the Tweet. However, the last paragraph, I agree with the defense, is substantially more prejudicial than it is probative because he has testified that had neither — he nor anyone at the campaign knew that Mr. Sussmann went to the FBI, no one authorized him to go to the FBI, and there’s been no other evidence admitted in the case that would suggest that that took place. And so this last paragraph, I think, would unfairly suggest to the jury, without any evidentiary foundation, that that was the case. All right?

MR. DeFILIPPIS: Your Honor, just two brief questions on that.

THE COURT: Okay.

MR. DeFILIPPIS: Can we — so can we use — depending on what he says about whether he was aware of the Tweet or the public statement, may we use it to refresh him?

THE COURT: Sure. Sure.

MR. DeFILIPPIS: Okay. And then, as to the last paragraph, could it be used for impeachment or refreshing purposes as well in terms of any dealings with the FBI?

THE COURT: You can use anything to refresh.

MR. DeFILIPPIS: Okay.

THE COURT: But we’re not going to publish it to the jury. We’re not going to read from it. And let’s see what he says. [my emphasis]

Having just been told not to read the tweet, especially not the part about the FBI investigation, DeFilippis proceeded to have Mook do just that.

The exhibit of the tweet that got  to the jury had that paragraph redacted and that part of the transcript was also redacted. But, predictably, the press focused on little but the tweet, including the part that Cooper had explicitly forbidden from coming into evidence.

In his report, Durham obscures the timeline of all this to falsely suggest that Hillary endorsed going to the FBI in September, before Sussmann met with the FBI, and not days before the election, when Franklin Foer reported the story.

On October 31, 2016 – about one week before the election – multiple media outlets reported that the FBI had received and was investigating the allegations concerning a purported secret channel between the Trump Organization and Alfa Bank. For example, Slate published an article that discussed at length the allegations that Sussmann provided to the FBI. 1530

Also on that day, the New York Times published an article titled Investigating Donald Trump, F.B.f Sees No Clear Link to Russia. 1531 The article discussed information in the possession of the FBI about ··what cyber experts said appeared to be a mysterious computer back channel between the Trump Organization and the Alfa Bank.” 1532 The article further reported that the FBI had “spent weeks examining computer data showing an odd stream of activity to a Trump Organization server,” and that the newspaper had been provided computer logs that evidenced this activity. The article also noted that at the time of the article, the FBI had not found “any conclusive or direct link” between Trump and the Russian government and that “Hillary Clinton’s supporters … pushed for these investigations.” 1533

As noted above, in the months prior to the publication of these articles, Sussmann had communicated with the media and provided them with the Alfa Bank data and allegations. 1534 Sussmann also kept Elias apprised of his efforts. 1535 Elias, in tum, communicated with the Clinton campaign’s leadership about potential media coverage of these issues. 1536

In addition, on September 15, 2016, Elias provided an update to the Clinton campaign regarding the Alfa Bank allegations and the not-yet-published New York Times article, sending an email to Jake Sullivan (HFA 154 ° Chief Policy Advisor), Robby Mook (HF A Campaign Manager), John Podesta (HF A Campaign Chairman), and Jennifer Palmieri (HFA Head of Communications), which he billed to the Clinton campaign as “email correspondence with J. Sullivan, R. Mook, J. Podesta, J. Palmieri re: Alfa Bank Article.” 1541

On the same day that these articles were published, the Clinton campaign posted a tweet through Hillary Clinton’s Twitter account which stated: “Computer scientists have apparently uncovered a covert server linking the Trump Organization to a Russian-based bank.” 1542 The tweet included a statement from Clinton campaign advisor Jake Sullivan which made reference to the media coverage article and stated, in relevant part, that the allegations in the article “could be the most direct link yet between Donald Trump and Moscow[,] that “[t]his secret hotline may be the key to unlocking the mystery ofTrump’s ties to Russia[,]” and that”[w ]e can only assume that federal authorities will now explore this direct connection between Trump and Russia as part oftheir existing probe into Russia’s meddling in our elections.”

In context, Durham falsely leaves the impression that Hillary supported going to the FBI in advance, even though both Robby Mook and Marc Elias testified that the last thing Hillary wanted to do was let the FBI get more involved in her campaign. In context, Durham falsely leaves the impression that Sussmann had sustained contacts with the NYT starting in September and never stopping, when the evidence he cites pertains exclusively to early September communications, after which Sussmann worked with the FBI to kill the story.

In a follow-up post, I will lay out just how grotesque Durham’s conspiracy theory is — the digital equivalent of slut-shaming a rape victim.

But for now, consider the abundant evidence that Durham didn’t investigate the charges he ultimately charged. He was far too busy, instead, pursuing this Clinton conspiracy theory he started chasing at least as early as February 2020.

Update: Added table showing the organization of Durham’s Report.

Dates

5/13/19: Preliminary review 

5/28/19: UK Legat-1

6/4/19: UK ALAT-1

6/17/19: SSA-1 (Steele Reports, Papadopoulos)

6/17/19: CIA Employee-1 (Page FISA)

6/18/19: SSA-1 (bias)

6/19/19: Case Agent-1 (defensive briefing, Steele Reports, Papadopoulos)

7/2/19: Handling Agent-1 (Page FISA)

7/2/19: NYFO ASAC-1 (Page FISA)

7/3/19: Michael Harpster (Steele Reports)

8/1/19: Mike Rogers

8/6/19: NYFO ADC-1

8/12/19: Randall Coleman (Clinton Foundation, Steele Reports)

8/12/19: Diego Rodriquez (Clinton Foundation)

8/14/19: HQ Analyst-3 

9/16/19: Cyber Agent-2 (Alfa)

10/17/19: SSA-2 (Clinesmith, Papadopoulos)

8/21/19: Case Agent-1

8/29/19: OGC Unit Chief-1 (bias, Australia referral, Page FISA)

9/5/19: NYFO Case Agent-1 (Page FISA)

10/9/19: Erika Thompson; Alexander Downer

12/9/19: DOJ IG Report

12/10/19: HQ Analyst-3 

1/6/20: David Johnson (Steele Reports)

1/15/20: NYFO Case Agent-1 (Clinton Foundation)

1/16/20: Diego Rodriquez (Clinton Foundation)

1/28/20: HQ Unit Chief-3 (Clinton Foundation)

2/6/20: Special Attorney to Attorney General (may reflect grand jury)

2/7/20: Jim Baker (defensive briefing)

2/13/20: Cyber Agent-3 (Alfa)

2/19/20: HQ Analyst-3 (Page FISA)

2/25/20: HQ Analyst-2 (Russian Intelligence, Clinesmith)

2/28/20: Jonathan Moffa (Russian Intelligence)

3/18/20: Paul Abbate (Clinton Foundation)

4/14/20: Field Office-1 Handling Agent-3 

4/23/20 Field Office-1 Handling Agent (Clinton Foundation)

4/23/20: Michael Harpster (Steele Reports)

5/1/20: Mueller SSA-1

5/5/20 Field Office-1 Handling Agent (Clinton Foundation)

5/6/20: Steele Reports

5/28/20: HQ SSA-4 (Clinton Foundation)

6/11/20: Jim Baker (Russian Intelligence)

6/18/20: Jim Baker (Russian Intelligence)

6/25/20: SA-2 (Steele Reports)

6/29/20: Michael Steinbach (initial EC)

6/30/20: Referral regarding existing counterintelligence investigation

7/1/20: OI Attorney (Page FISA)

7/8/20: Ray Hülser (Clinton Foundation)

7/14/20: Kevin Helson (Page FISA)

7/22/20: SSA-1 (Russian intelligence, Steele Report) 

7/23/20: OGC Unit Chief-1 (Page FISA)

7/28/20: Baltimore Special Agent-2 (Danchenko)

8/13/20: Baltimore Case Agent-1 (Danchenko)

8/13/20: CIA Employee-2 (Alfa)

8/19/20: IC Officer #6 (Russian Intelligence)

8/20/20: WFO Clinton Foundation Case Agent-1 

8/21/20: John Brennan (Russian Intelligence)

9/9/20: Acting OGC Section Chief-1 (Clinton Foundation)

9/10/20: Field Office-1 SAC

9/22/20: Field Office-1 Handling Agent-3

9/29/20: Patrick Fallon (Clinton Foundation)

9/29/20: John Ratcliffe shares Russian Intelligence with Lindsey Graham

10/19/20: Special Counsel appointment

10/27/20: OI Unit Chief-1 (Page FISA)

11/24/20: Kevin Helson (Danchenko)

12/8/20: HQ Supervisory Analyst-1 (Danchenko)

12/15/20: HQ SSA-3 (Alfa)

12/18/20: Baltimore Special Agent-1 (Danchenko)

12/21/20: Designation to use classified information

12/23/20: IC Officer#12 (Russian Intelligence)

12/20: Referral regarding accuracy of info in non-Page FISA (possibly Millian?)

2/2/21: Tech Company-1 Employee 1 (Alfa)

2/11/21: DARPA Program Manager-1 (Alfa)

2/25/21: Tech Company-1 Employee 1 (Alfa)

3/3/21: SSA-1 signed statement on Steele Reports

3/18/21: SSA-3 (Page FISA)

3/21/21: SA-1 (Page FISA)

4/8/21: Field Office-1 SSA-1

4/13/21: US Person-1 (Dolan Associate) (Danchenko)

4/14/21: Research Exec-1 (Alfa)

4/22/21: HQ Unit Chief-2

5/5/21: SSA-2  (bias, Page FISA, Danchenko, Clinesmith, Papadopoulos)

5/5/21: Field Office-1 Handling Agent-2 (second CI investigation)

6/21/21: David Archey (Defensive briefings)

6/29/21: CIA Employee-3 (Alfa)

6/30/21: OGC Attorney-1 (Page FISA)

6/30/21: Danchenko Employer-1 Exec-1 

7/7/21: Field Office-1 ASAC-1

7/9/21: Jennifer Boone

7/9/21: Tech Company-1 Employee 1 (Alfa)

7/21/21: Foreign Policy Advisor-1 (Russian Intelligence)

7/21/21: SSA-1 (Page FISA)

7/22/21: University-1 Researcher-1 (Alfa)

7/26/21: Brian Auten (bias, Russian Intelligence, Steele Reports)

7/27/21: Kevin Helson (Danchenko)

8/21: University-1 Researcher-2 (Alfa) [appears to be one 302 on more than one conversation]

8/9/21: NJ-Based Company Exec (Danchenko)

8/10/21: University-1 Researcher-3

8/11/21: Handling Agent-1 (Page FISA)

8/16/21: Mueller Analyst-1 (Danchenko)

8/12/21: Tech Company-3 Exec-1 (Alfa)

8/31/21: Charles Dolan (Danchenko)

8/31/21: Mueller SSA-1 (Danchenko)

9/7/21: Charles Dolan (Danchenko)

9/16/21: Michael Sussmann indictment

9/17/21: Brookings Fellow-1 (Danchenko)

10/21/21: UCE-1 (Papadopoulos)

10/27/21: Listrak Employee-1 and personnel (Alfa)

10/29/21: Mueller Analyst-1 (Danchenko)

11/1/21: Charles Dolan (Danchenko)

11/3/21: Danchenko indictment

11/17/21: Cendyn CEO and CTO (Alfa)

11/9/21: Jonathan Winer (Steele Reports)

11/10/21: Jennifer Palmieri

11/12/21: Jake Sullivan

11/16/21: Brookings Fellow-2 (Danchenko)

11/17/21: Cendyn CEO and CTO (Alfa)

12/2/21: HQ Analyst-3 (Steele)

11/20/21: Victoria Nuland

11/30/21: Victoria Nuland (Steele Reports)

12/13/21: James Clapper

1/19/22: John Podesta (Russian Intelligence, Alfa)

2/2/22: David Cohen

2/5/22: Sergei Millian (Danchenko)

3/1/22: Handling Agent-1 (Page FISA)

3/28/22: Foreign Policy Advisor-2

5/11/22: Hillary Clinton (Russian Intelligence)

6/22/22: SSA-1 (Russian Intelligence)

8/9/22: Ritz GM (Danchenko)

12/14/22: Referral to DOD IG on DARPA

Wheat Exporter Russia Begs China for Food

/107 Comments/in /by

As noted yesterday, the US government appears to be declassifying details of Russia’s requests to China for help. After revealing that the US had learned of Russia’s requests, yesterday (the same day in which Jake Sullivan had a seven hour meeting with Yang Jiechi) more details about what Russia requested were released. CNN even reported on a cable shared with allies detailing that Russia had asked for Meals Ready to Eat — basically food for its soldiers.

In a diplomatic cable, the US relayed to its allies in Europe and Asia that China had conveyed a willingness to assist Russia, which has asked for military support. The cable did not state definitively that assistance had been provided. One official also said the US warned in the cable that China would likely deny it was willing to provide assistance.

Among the assistance Russia requested was pre-packaged, non-perishable military food kits, known in the US as “meal, ready-to-eat,” or MREs, according to two sources familiar with the matter. The request underscores the basic logistical challenges that military analysts and officials say have stymied Russian progress in Ukraine — and raises questions about the fundamental readiness of the Russian military.

Forward-deployed units have routinely outstripped their supply convoys and open source reports have shown Russian troops breaking into grocery stores in search of food as the invasion has progressed. One of the sources suggested that food might be a request that China would be willing to meet, because it stops short of lethal assistance that would be seen as deeply provocative by the west.

CNN is right that a request for MREs suggests a logistical failure to prepare for this invasion.

But the symbolism is far more alarming (which may be why it was included in a cable that got leaked).

As Al Jazeera notes, Russia is the world’s largest wheat exporter, accounting for 18% of the total, with Ukraine another big producer.

The sanctions on Russia and Ukrainian farmers’ focus on capturing tanks will significantly impact wheat markets globally — though one key impact will be that Russia will send wheat to China instead of Egypt and Turkey.

Meanwhile, Ukraine exported over $3 billion grain and other agricultural products to China in 2020.

Unless Russia were to leave Ukraine today, most of those exports won’t be delivered this year.

On top of all the other things that Russia did by invading Ukraine, it has created the conditions for food insecurity around the globe — the kind of food insecurity that large countries like China can ill afford.

That’s going to happen, too, as COVID shutdowns in China are about to cause more supply chain crises around the globe.

At the moment that Russia is destabilizing both Europe and much of the world (in part because a key food producer will be harvesting tanks and cluster bombs instead of grain), Russia has asked China for help feeding its soldiers.

 

On the Benefits of Having a Career Diplomat Run CIA: “This Is One Information War that I Think Putin Is Losing”

/87 Comments/in /by

Thus far during Russia’s invasion of Ukraine, the intelligence community has declassified at least four major reports and a slew of smaller ones:

I would bet a fair amount of money that, when the history of these events is told twenty years from now, we’ll learn of similar, but non-public, selective declassification with NATO-plus-Sweden-and-Finland partners, starting at a NATO summit in February, immediately after which a number of European countries (most spectacularly, Germany) took dramatic and unified action.

There has been a slew of commentary about the aggressive use the US has made of declassified intelligence. The triumphalism of such commentary may yet prove premature.

After all, it’s possible that Putin arrested two FSB officers because he suspects they were sources for some of the intelligence that got shared to undermine Russia’s efforts. It’s possible that Russia’s focus on neutralizing western support for Ukraine in recent days, particularly its attack on the western training base in Yavoriv yesterday, reflects a counterintelligence crackdown responding to declassified US intelligence.

But for now, such declassification has been tremendously successful. It allowed the US and its European partners to repeatedly undercut Russian efforts to gain surprise or legitimize their invasion with disinformation. It has exposed specifics about China’s support for the invasion, raising the costs of such support and, potentially, providing leverage to convince China to distance themselves both publicly and privately from Russia’s efforts. And it seems to have provided a basis for Western countries to unify quickly.

This most recent instance — the organized sharing of information about Russian pleas to China for help just before Jake Sullivan meets with Yang Jiechi in Rome — makes this comment from CIA Director William Burns at least week’s Global Threats hearing resonate.

In response to a question from Susan Collins about Russia’s efforts to use false flag attacks, he tied his own years losing information wars with Russia to decisions to declassify information now.

Well, thanks very much Senator. I think it underscores the concern that all of us need to focus on those kind of issues, whether it’s the potential for a use of chemical weapons either as a false flag operation or against Ukrainians. This is something, as all of you know very well, is very much a part of Russia’s playbook. They’ve used those weapons against their own citizens, they’ve at least encouraged the use in Syria and elsewhere, so it’s something we take very seriously, and it’s one of the reasons, as Director Haines said earlier, that I’m convinced that our efforts at selective declassification, to pre-empt those kind of false flag efforts and the creation of false narratives have been so important.

In all the years I spent as a career diplomat, I saw too many instances in which we lost information wars with the Russians. In this case, I think we have had a great deal of effect in disrupting their tactics and their calculations and demonstrating to the entire world that this is a premeditated and unprovoked aggression, built on a body of lies and false narratives. So this is one information war that I think Putin is losing.

Among other posts Burns served in, he was Ambassador to Russia in the final years of the Bush Administration (months before Russia’s invasion of Georgia) and he served as Deputy Secretary of State during Russia’s response to Viktor Yanukovych’s ouster, including its annexation of Crimea.

He knows how successful Russia has been at lying in the last twenty years.

And he explicitly tied his experience of attempting to diplomatically negotiate with Russia and others while Russia’s lies held sway to the decision to declassify information here.

Normally, CIA Directors protect such secrets with knee-jerk obstinance. But under this former diplomat, the Intelligence Community is actually using the intelligence it gathers to gain tactical leverage. After years of Russian intelligence operations designed to split American alliances, that has had the effect of raising US credibility with allies.

This is assuredly not just Burns. Even under Trump, Paul Nakasone was much more aggressive about taking credit for NSA or CYBERCOM operations than past NSA Directors. And Avril Haines, whose background is more diverse, promised a more open Intelligence Community during her confirmation as well.

But after the two decades of paranoid secrecy that followed the Iraq intelligence debacle, the United States is actually using the intelligence it makes such efforts to collect.

India’s COVID Surge: The Curious Facets of U.S. Response

/102 Comments/in , , , /by

The volume and tenor of pleas for help escalated to new heights this past week as India was engulfed in the pandemic.

You’ve likely seen images of numerous funeral pyres and many graves along with sick outside overfull hospitals.

Apart from the pyres, it looks like Wuhan in January 2020, the U.S. in March 2020, and Brazil at the end of this March.

And yet there is something really wrong here, very off. The case counts and deaths are truths which can’t be escaped but the insistence the U.S. somehow is failing to meet India’s needs is off base.

~ ~ ~

All that’s left of a couple thousand word post I wrote and wrote, and  then rewrote over the last several days is what remains above.

The situation over this past weekend changed rapidly, thought the angry ranting at the U.S. and Big Pharma never let up.

The Biden administration issued a couple of statements between Sunday and Monday about the steps it would take to aid India, which included COVID testing kits, PPE, oxygen, therapeutics for treatment, raw materials for vaccine production, and funding to ramp up capacity of India’s own vaccine producer, BioE.

The media did its usual weak sauce reporting.

Not a single outlet noted extremely curious facets about the Biden administration’s outreach to India:

• U.S. National Security Adviser Jake Sullivan spoke with his counterpart, India’s National Security Advisor Ajit Doval this weekend;

• There are no reports of Prime Minister Mahendra Modi contacting Biden to ask for help though they have spoken in the last 24 hours (perhaps as recently as this morning Eastern Time);

• There was scant coverage of U.S. Secretary of State Antony Blinken talks at least a week ago with his counterpart, India’s External Affairs Minister Subrahmanyam Jaishankar, regarding COVID and vaccines.

Why did the National Security Adviser play such a big role, with the White House statement issued by NSC office?

~ ~ ~

In the mean time invective against the Biden administration and Big Pharma has continued, some of it based in what looks like weak and less-than-thorough reporting.

Claims that Big Pharma has decided profits come before the lives of India’s people follow reports that Big Pharma refused to give India patents or transfer intellectual property.

Except that Big Pharma is represented in India by AstraZeneca, which is making their adenovirus-vector vaccine in country. It’s the same vaccine which has been used in Europe, and is still in FDA safety review here.

India also has its own Big Pharma in Bharat Biotech, which has developed Covaxin vaccine in collaboration with Washington University School of Medicine in St. Louis, Missouri. The vaccine left Phase 3 trials in early January.

Yet intelligent people continue to harangue the U.S. and Big Pharma about their refusal to help India with the IP needed for licensing. They retweet stuff like this:

The account that wrote this was opened only weeks ago in January 2021. There’s almost nothing in its profile to suggest this is a human with credible background education or experience; the account hasn’t been validated by Twitter. Note the number of times this has been shared by retweet or quote tweet, yet the majority of roughly 6000 tweets by this account are about pop culture.

This is the kind of social media content which ramped up tension around U.S. response to India’s ongoing COVID surge and continues to do so because it remains uncontested.

The issue the tweet focused on was vaccine manufacturers’ request for indemnification by countries which use its vaccine or licensing to manufacture vaccines. How odd that an account tweeting about beauty products and the Kardashians chose to phrase indemnification this way.

~ ~ ~

One of the reasons the U.S. National Security Adviser may be involved is the lack of an effective top-level response by India’s government to the surge. From Reuters via Yahoo:

NEW DELHI (Reuters) -India’s government has decided to leave the import of COVID-19 vaccines to state authorities and companies, two government officials told Reuters, a decision that may slow acquisitions of shots as a second wave of the pandemic rips through the country.

They said Prime Minister Narendra Modi’s government would instead aim to support domestic vaccine makers by guaranteeing purchases from them. The government this month paid Indian producers in advance, for the first time, for vaccine doses.

Under fire for his uneven handling of the world’s worst COVID-19 surge, Modi has opened vaccinations for all adults from next month but supplies are already running short.

Negotiations between countries on exports/imports are usually handled by their state departments or external affairs and not at lower state/province level. What amounts to the transfer of technology between a nation and individual states is a security risk, let alone problematic for individual pharmaceutical companies.

This is likely why the initial agreement between the U.S. and India’s national security advisers addressed shipment of supplies and other support but not vaccines, technology, or licensing.

It surely didn’t encourage the Biden administration to see how badly Modi has bungled handling the pandemic:

In late January, Modi indulged in a smarter version of Trump’s March 10, 2020 remark, “We’re prepared, and we’re doing a great job with it. And it will go away. Just stay calm. It will go away.”

Addressing the World Economic Forum’s online Davos Agenda Summit, PM Modi said India has beaten all odds to battle the pandemic. “When Covid-19 arrived, India had its share of problems. At the beginning of last year, several experts and organizations had made several predictions that India would be most affected by the pandemic. Someone had even said that 700-800 million would be infected and someone had said that over two million Indians would die from the pandemic. Looking at the condition of countries with better health infrastructure, the world was right in worrying about us,” he said.

“India, however, took a proactive public participation approach and developed a Covid-specific health infrastructure and trained its resources to fight Covid,” the PM added.

This was a mere 12 weeks ago; it was complete hogwash and hardly the stuff needed to instill confidence. India’s situation deteriorated greatly after Davos because Modi failed to take any effective measures to mitigate COVID’s spread in advance of a weeks-long major religious holiday, the Hindu observation of Kumbh Mela.

Nor has it helped develop trust in Modi and his government when they have demanded Twitter hide tweets critical of Modi’s COVID response from Indian public view.

Faith in the individual Indian states is tenuous at best; there are far too many anecdotes about state governments lying about COVID response and health care resources.

This is an insane level of denial:

Amid reports of patients and hospitals struggling to find and maintain oxygen supply, Uttar Pradesh Chief Minister Yogi Adityanath has asked officials to take action under the National Security Act and seize the property of individuals who spread “rumours” and propaganda on social media and try to “spoil the atmosphere”.

Mr. Adityanath asserted that there was no shortage of oxygen supply in any COVID-19 hospital – private or government-run – but that the actual problem was blackmarketing and hoarding.

The state of Uttar Pradesh is expending more resources on suppressing “rumours” than on demonstrating to the public there is ample oxygen and other resources for COVID therapy.

~ ~ ~

This level of narcissism, gross incompetence, and denial in another country’s leadership isn’t something the U.S. can fix. Obviously the U.S. is still struggling with cleaning up after its own run-in with a white nationalist populist who was narcissistic and grossly incompetent as well as corrupt.

We’re still playing catch up because the Trump administration obstructed a peaceful and efficient transition, what with Trumpist GSA Administrator Emily Murphy refusing to turn over the keys to Biden’s team after the election. We’re not as far along as we should be with vaccinating the public because there was no federal COVID program when Biden was inaugurated and insufficient amounts of vaccine had been ordered by Trump.

Not to mention the January 6 attempt to overthrow the government and the Big Lie which continues to interfere with outstanding transition issues.

But the U.S. somehow bears some responsibility for the mounting disaster in India?

Otherwise smart people are trashing both the U.S. and their own cred with demands to remedy Modi’s manifold failures; others insist immediate action in spite of global inaction for decades on pandemic preparedness.

Where was all this concern when Trump killed the pandemic monitoring program instituted under Obama?

Where is the awareness of the security risks posed by a failing state like India, which already has patents?

~ ~ ~

There’s one more element in this mix which may explain the presence of the National Security Adviser in the aid offering to India.

Granted, I’m not certain how to get a handle on the risk involved, but some of the intellectual property and technology isn’t as benign as a Play-Doh Fuzzy Pumper or an Easy-Bake Oven. It can be militarized and its output weaponized.

When talking about some of the COVID vaccines, we’re talking about development which began as military programs. Research for adenovirus-vector vaccines now used against COVID began in the 1950s inside the Defense Department; a vaccine was developed and distributed to military personnel for more than two decades to prevent acute respiratory disease associated with adenovirus infections. This vaccine didn’t become part of the scheduled vaccines American civilians receive, just as they didn’t receive anthrax vaccines.

How much of the limitations we have seen tossed around in social media, attributed to Big Pharma greed, are really carefully parsed concerns about the potential for the vaccine IP and technology to be acquired by hostile entities for weaponization?

Can we really blame any legitimate pharmaceutical company for expecting indemnification against the misuse of their product, IP, or technology considering this kind of exposure? Let alone the potential claims against them for extremely rare side effects which may be worsened by incompetence in treatment, ex. treating unusual clotting events with blood thinners which may exacerbate the clotting.

But this goes to the lack of global systemic preparedness for pandemic. It’s a global problem, not one for which the U.S. bears sole responsibility.

Imagine the possible blowback from questionable social media accounts with negligible provenance should the U.S. under the Biden administration choose to arbitrarily “Free the patents!” as so many demanded this past week over social media, without due diligence about the security risks these new vaccine technologies pose.

This pandemic requires us to imagine this and a lot more. We need to think systemically, more deeply and widely.

This includes thinking ahead to where will the next crisis begin, because it’s only a matter of time.

The Evidence to Prove the Russian Hack

/39 Comments/in , , /by

In this post, I’m going to lay out the evidence needed to fully explain the Russian hack. I think it will help to explain some of the timing around the story that the CIA believes Russia hacked the DNC to help win Trump win the election, as well as what is new in Friday’s story. I will do rolling updates on this and eventually turn it into a set of pages on Russia’s hacking.

As I see it, intelligence on all the following are necessary to substantiate some of the claims about Russia tampering in this year’s election.

  1. FSB-related hackers hacked the DNC
  2. GRU-related hackers hacked the DNC
  3. Russian state actors hacked John Podesta’s emails
  4. Russian state actors hacked related targets, including Colin Powell and some Republican sites
  5. Russian state actors hacked the RNC
  6. Russian state actors released information from DNC and DCCC via Guccifer 2
  7. Russian state actors released information via DC Leaks
  8. Russian state actors or someone acting on its behest passed information to Wikileaks
  9. The motive explaining why Wikileaks released the DNC and Podesta emails
  10. Russian state actors probed voter registration databases
  11. Russian state actors used bots and fake stories to make information more damaging and magnify its effects
  12. The level at which all Russian state actors’ actions were directed and approved
  13. The motive behind the actions of Russian state actors
  14. The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

I explain all of these in more detail below. For what it’s worth, I think there was strong publicly available information to prove 3, 4, 7, 11. I think there is weaker though still substantial information to support 2. It has always been the case that the evidence is weakest at point 6 and 8.

At a minimum, to blame Russia for tampering with the election, you need high degree of confidence that GRU hacked the DNC (item 2), and shared those documents via some means with Wikileaks (item 8). What is new about Friday’s story is that, after months of not knowing how the hacked documents got from Russian hackers to Wikileaks, CIA now appears to know that people close to the Russian government transferred the documents (item 8). In addition, CIA now appears confident that all this happened to help Trump win the presidency (item 13).

1) FSB-related hackers hacked the DNC

The original report from Crowdstrike on the DNC hack actually said two separate Russian-linked entities hacked the DNC: one tied to the FSB, which it calls “Cozy Bear” or APT 29, and one tied to GRU, which it calls “Fancy Bear” or APT 28. Crowdstrike says Cozy Bear was also responsible for hacks of unclassified networks at the White House, State Department, and US Joint Chiefs of Staff.

I’m not going to assess the strength of the FSB evidence here. As I’ll lay out, the necessary hack to attribute to the Russians is the GRU one, because that’s the one believed to be the source of the DNC and Podesta emails. The FSB one is important to keep in mind, as it suggests part of the Russian government may have been hacking US sites solely for intelligence collection, something our own intelligence agencies believe is firmly within acceptable norms of spying. In the months leading up to the 2012 election, for example, CIA and NSA hacked the messaging accounts of a bunch of Enrique Peña Nieto associates, pretty nearly the equivalent of the Podesta hack, though we don’t know what they did with that intelligence. The other reason to keep the FSB hack in mind is because, to the extent FSB hacked other sites, they also may be deemed part of normal spying.

2) GRU-related hackers hacked the DNC

As noted, Crowdstrike reported that GRU also hacked the DNC. As it explains, GRU does this by sending someone something that looks like an email password update, but which instead is a fake site designed to get someone to hand over their password. The reason this claim is strong is because people at the DNC say this happened to them.

Note that there are people who raise questions of whether this method is legitimately tied to GRU and/or that the method couldn’t be stolen and replicated. I will deal with those questions at length elsewhere. But for the purposes of this post, I will accept that this method is a clear sign of GRU involvement. There are also reports that deal with GRU hacking that note high confidence GRU hacked other entities, but less direct evidence they hacked the DNC.

Finally, there is the real possibility that other people hacked the DNC, in addition to FSB and GRU. That possibility is heightened because a DNC staffer was hacked via what may have been another method, and because DNC emails show a lot of password changes off services for which DNC staffers had had their accounts exposed in other hacks.

All of which is a way of saying, there is some confidence that DNC got hacked at least twice, with those two revealed efforts being done by hackers with ties to the Russian state.

3) Russian state actors (GRU) hacked John Podesta’s emails

Again, assuming that the fake Gmail phish is GRU’s handiwork, there is probably the best evidence that GRU hacked John Podesta and therefore that Russia, via some means, supplied Wikileaks, because we have a copy of the actual email used to hack him. The Smoking Gun has an accessible story describing how all this works. So in the case of Podesta, we know he got a malicious phish email, we know that someone clicked the link in the email, and we know that emails from precisely that time period were among the documents shared with Wikileaks. We just have no idea how they got there.

4) Russian state actors hacked related targets, including some other Democratic staffers, Colin Powell and some Republican sites

That same Gmail phish was used with victims — including at a minimum William Rinehart and Colin Powell — that got exposed in a site called DC Leaks. We can have the same high degree of confidence that GRU conducted this hack as we do with Podesta. As I note below, that’s more interesting for what it tells us about motive than anything else.

5) Russian state actors hacked the RNC

The allegation that Russia also hacked the RNC, but didn’t leak those documents — which the CIA seems to rely on in part to argue that Russia must have wanted to elect Trump — has been floating around for some time. I’ll return to what we know of this. RNC spox Sean Spicer is denying it, though so did Hillary’s people at one point deny that they had been hacked.

There are several points about this. First, hackers presumed to be GRU did hack and release emails from Colin Powell and an Republican-related server. The Powell emails (including some that weren’t picked up in the press), in particular, were detrimental to both candidates. The Republican ones were, like a great deal of the Democratic ones, utterly meaningless from a news standpoint.

So I don’t find this argument persuasive in its current form. But the details on it are still sketchy precisely because we don’t know about that hack.

6) Russian state actors released information from DNC and DCCC via Guccifer 2

Some entity going by the name Guccifer 2 started a website in the wake of the announcement that the DNC got hacked. The site is a crucial part of this assessment, both because it released DNC and DCCC documents directly (though sometimes misattributing what it was releasing) and because Guccifer 2 stated clearly that he had shared the DNC documents with Wikileaks. The claim has always been that Guccifer 2 was just a front for Russia — a way for them to adopt plausible deniability about the DNC hack.

That may be the case (and obvious falsehoods in Guccifer’s statements make it clear deception was part of the point), but there was always less conclusive (and sometimes downright contradictory) evidence to support this argument (this post summarizes what it claims are good arguments that Guccifer 2 was a front for Russia; on the most part I disagree and hope to return to it in the future). Moreover, this step has been one that past reporting said the FBI couldn’t confirm. Then there are other oddities about Guccifer’s behavior, such as his “appearance” at a security conference in London, or the way his own production seemed to fizzle as Wikileaks started releasing the Podesta emails. Those details of Guccifer’s behavior are, in my opinion, worth probing for a sense of how all this was orchestrated.

Yesterday’s story seems to suggest that the spooks have finally figured out this step, though we don’t have any idea what it entails.

7) Russian state actors released information via DC Leaks

Well before many people realized that DC Leaks existed, I suspected that it was a Russian operation. That’s because two of its main targets — SACEUR Philip Breedlove and George Soros — are targets Russia would obviously hit to retaliate for what it treats as a US-backed coup in Ukraine.

DC Leaks is also where the publicly released (and boring) GOP emails got released.

Perhaps most importantly, that’s where the Colin Powell emails got released (this post covers some of those stories). That’s significant because Powell’s emails were derogatory towards both candidates (though he ultimately endorsed Hillary).

It’s interesting for its haphazard targeting (if someone wants to pay me $$ I would do an assessment of all that’s there, because some just don’t make any clear sense from a Russian perspective, and some of the people most actively discussing the Russian hacks have clearly not even read all of it), but also because a number of the victims have been affirmatively tied to the GRU phishing methods.

So DC Leaks is where you get obvious Russian targets and Russian methods all packaged together. But of the documents it released, the Powell emails were the most interesting for electoral purposes, and they didn’t target Hillary as asymmetrically as the Wikileaks released documents did.

8) Russian state actors or someone acting on its behest passed information to Wikileaks

The basis for arguing that all these hacks were meant to affect the election is that they were released via Wikileaks. That is what was supposed to be new, beyond just spying (though we have almost certainly hacked documents and leaked them, most probably in the Syria Leaks case, but I suspect also in some others).

And as noted, how Wikileaks got two separate sets of emails has always been the big question. With the DNC emails, Guccifer 2 clearly said he had given them to WL, but the Guccifer 2 ties to Russia was relatively weak. And with the Podesta emails, I’m not aware of any known interim step between the GRU hack and Wikileaks.

A late July report said the FBI was still trying to determine how Russia got the emails to Wikileaks or even if they were the same emails.

The FBI is still investigating the DNC hack. The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks on Friday, setting off a firestorm that roiled the party in the lead-up to the convention.

The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.

An even earlier report suggested that the IC wasn’t certain the files had been passed electronically.

And the joint DHS/ODNI statement largely attributed its confidence that Russia was involved in the the leaking (lumping Guccifer 2, DC Leaks, and Wikileaks all together) not because it had high confidence in that per se (a term of art saying, effectively, “we have seen the evidence”), but instead because leaking such files is consistent with what Russia has done elsewhere.

The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts.

Importantly, that statement came out on October 7, so well after the September briefing at which CIA claimed to have further proof of all this.

Now, Julian Assange has repeatedly denied that Russia was his source. Craig Murray asserted, after having meeting with Assange, that the source is not the Russian state or a proxy. Wikileaks’ tweet in the wake of yesterday’s announcement — concluding that an inquiry directed at Russia in this election cycle is targeted at Wikileaks — suggests some doubt. Also, immediately after the election, Sergei Markov, in a statement deemed to be consistent with Putin’s views, suggested that “maybe we helped a bit with WikiLeaks,” even while denying Russia carried out the hacks.

That’s what’s new in yesterday’s story. It stated that “individuals with connections to the Russian government” handed the documents to Wikileaks.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

[snip]

[I]ntelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability.

I suspect we’ll hear more leaked about these individuals in the coming days; obviously, the IC says it doesn’t have evidence of the Russian government ordering these people to share the documents with Wikileaks.

Nevertheless, the IC now has what it didn’t have in July: a clear idea of who gave Wikileaks the emails.

9) The motive explaining why Wikileaks released the DNC and Podesta emails

There has been a lot of focus on why Wikileaks did what it did, which notably includes timing the DNC documents to hit for maximum impact before the Democratic Convention and timing the Podesta emails to be a steady release leading up to the election.

I don’t rule out Russian involvement with all of that, but it is entirely unnecessary in this case. Wikileaks has long proven an ability to hype its releases as much as possible. More importantly, Assange has reason to have a personal gripe against Hillary, going back to State’s response to the cable release in 2010 and the subsequent prosecution of Chelsea Manning.

In other words, absent really good evidence to the contrary, I assume that Russia’s interests and Wikileaks’ coincided perfectly for this operation.

10) Russian state actors probed voter registration databases

Back in October, a slew of stories reported that “Russians” had breached voter related databases in a number of states. The evidence actually showed that hackers using a IP tied to Russia had done these hacks. Even if the hackers were Russian (about which there was no evidence in the first reports), there was also no evidence the hackers were tied to the Russian state. Furthermore, as I understand it, these hacks used a variety of methods, some or all of which aren’t known to be GRU related. A September DHS bulletin suggested these hacks were committed by cybercriminals (in the past, identity thieves have gone after voter registration lists). And the October 7 DHS/ODNI statement affirmatively said the government was not attributing the probes to the Russians.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

In late November, an anonymous White House statement said there was no increased malicious hacking aimed at the electoral process, though remains agnostic about whether Russia ever planned on such a thing.

The Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day. As we have noted before, we remained confident in the overall integrity of electoral infrastructure, a confidence that was borne out on election day. As a result, we believe our elections were free and fair from a cybersecurity perspective.

That said, since we do not know if the Russians had planned any malicious cyber activity for election day, we don’t know if they were deterred from further activity by the various warnings the U.S. government conveyed.

Absent further evidence, this suggests that reports about Russian trying to tamper with the actual election infrastructure were at most suspicions and possibly just a result of shoddy reporting conflating Russian IP with Russian people with Russian state.

11) Russian state actors used bots and fake stories to make information more damaging and magnify its effects

Russia has used bots and fake stories in the past to distort or magnify compromising information. There is definitely evidence some pro-Trump bots were based out of Russia. RT and Sputnik ran with inflammatory stories. Samantha Bee famously did an interview with some Russians who were spreading fake news. But there were also people spreading fake news from elsewhere, including Macedonia and Surburban LA. A somewhat spooky guy even sent out fake news in an attempt to discredit Wikileaks.

As I have argued, the real culprit in this economy of clickbait driven outrage is closer to home, in the algorithms that Silicon Valley companies use that are exploited by a whole range of people. So while Russian directed efforts may have magnified inflammatory stories, that was not a necessary part of any intervention in the election, because it was happening elsewhere.

12) The level at which all Russian state actors’ actions were directed and approved

The DHS/ODNI statement said clearly that “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.” But the WaPo story suggests they still don’t have proof of Russia directing even the go-between who gave WL the cables, much less the go-between directing how Wikileaks released these documents.

Mind you, this would be among the most sensitive information, if the NSA did have proof, because it would be collection targeted at Putin and his top advisors.

13) The motive behind the actions of Russian state actors

The motive behind all of this has varied. The joint DHS/ODNI statement said it was “These thefts and disclosures are intended to interfere with the US election process.” It didn’t provide a model for what that meant though.

Interim reporting — including the White House’s anonymous post-election statement — had suggested that spooks believed Russia was doing it to discredit American democracy.

The Kremlin probably expected that publicity surrounding the disclosures that followed the Russian Government-directed compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, would raise questions about the integrity of the election process that could have undermined the legitimacy of the President-elect.

At one level, that made a lot of sense — the biggest reason to release the DNC and Podesta emails, it seems to me, was to confirm the beliefs a lot of people already had about how power works. I think one of the biggest mistakes of journalists who have political backgrounds was to avoid discussing how the sausage of politics gets made, because this material looks worse if you’ve never worked in a system where power is about winning support. All that said, there’s nothing in the emails (especially given the constant release of FOIAed emails) that uniquely exposed American democracy as corrupt.

All of which is to say that this explanation never made any sense to me; it was mostly advanced by people who live far away from people who already distrust US election systems, who ignored polls showing there was already a lot of distrust.

Which brings us to the other thing that is new in the WaPo story: the assertion that CIA now believes this was all intended to elect Trump, not just make us distrust elections.

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

[snip]

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

For what it’s worth, there’s still some ambiguity in this. Did Putin really want Trump? Or did he want Hillary to be beat up and weak for an expected victory? Did he, like Assange, want to retaliate for specific things he perceived Hillary to have done, in both Libya, Syria, and Ukraine? That’s unclear.

14) The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

Finally, there’s the question that may explain Obama’s reticence about this issue, particularly in the anonymous post-election statement from the White House, which stated that the “election results … accurately reflect the will of the American people.” It’s not clear that Putin’s intervention, whatever it was, had anywhere near the effect as (for example) Jim Comey’s letters and Bret Baier’s false report that Hillary would be indicted shortly. There are a lot of other factors (including Hillary’s decision to ignore Jake Sullivan’s lonely advice to pay some attention to the Rust Belt).

And, as I’ve noted repeatedly, it is no way the case that Vladimir Putin had to teach Donald Trump about kompromat, the leaking of compromising information for political gain. Close Trump associates, including Roger Stone (who, by the way, may have had conversations with Julian Assange), have been rat-fucking US elections since the time Putin was in law school.

But because of the way this has rolled out (and particularly given the cabinet picks Trump has already made), it will remain a focus going forward, perhaps to the detriment of other issues that need attention.

On Responsible Sourcing for DNC Hack Stories

/47 Comments/in , /by

For some reason Lawfare thinks it is interesting that the two Democratic members of the Gang of Four — who have apparently not figured out there’s a difference between the hack (allegedly done by Russia) and the dissemination (done by Wikileaks, which has different motivations) are calling for information on the DNC hack to be released.

The recent hack into the servers of the Democratic National Committee (DNC) and the subsequent release via WikiLeaks of a cache of 20,000 internal e-mails, demonstrated yet again the vulnerability of our institutions to cyber intrusion and exploitation.  In its timing, content, and manner of release, the email dissemination was clearly intended to undermine the Democratic Party and the presidential campaign of Secretary Hillary Clinton, and disrupt the Democratic Party’s convention in Philadelphia.

[snip]

Specifically, we ask that the Administration consider declassifying and releasing, subject to redactions to protect sources and methods, any Intelligence Community assessments regarding the incident, including any that might illuminate potential Russian motivations for what would be an unprecedented interference in a U.S. Presidential race, and why President Putin could potentially feel compelled to authorize such an operation, given the high likelihood of eventual attribution.

For some equally bizarre reason, WaPo thinks Devin Nunes’ claim — in the same breath as he claims Donald Trump’s repeated calls on Russia to release Hillary’s email were sarcastic — that there is “no evidence, absolutely no evidence” that Russia hacked the DNC to influence the election is credible.

Rep. Devin Nunes (R-Calif.), the chairman of the House Intelligence Committee, told The Washington Post in an interview Wednesday that speculation about Russian attempts to sway the presidential election is unfounded.

“There is no evidence, absolutely no evidence, that the Russians are trying to influence the U.S. election,” Nunes said, repeatedly swatting away the suggestion made by some Democrats that the Russians may be using their intelligence and hacking capabilities to boost Donald Trump’s chances.

“There is evidence that the Russians are actively trying to hack into the United States — but it’s not only the Russians doing that. The Russians and the Chinese have been all over our networks for many years.”

These are two obvious (because they’re on the record) examples of partisans using their access to classified information to try to boost or refute a narrative that the Hillary Clinton campaign has explicitly adopted: focusing on the alleged Russian source of the hack rather on the content of the things the hack shows.

Kudos to Richard Burr, who is facing a surprisingly tough reelection campaign, for being the one Gang of Four member not to get involved in the partisan bullshit on this.

There are plenty of people with no known interest in either seeing a Trump or a Clinton presidency that have some measure of expertise on this issue (this is the rare moment, for example, when I’m welcoming the fact that FBI agents are sieves for inappropriate leaks). So no outlet should be posting something that obviously primarily serves the narrative one or the other candidate wants to adopt on the DNC hack without a giant sign saying “look at what partisans have been instructed to say by the campaign.” That’s all the more true for positions, like the Gang of Four, that we’d prefer to be as little politicized as possible. Please don’t encourage those people to use their positions to serve a partisan narrative, I beg of you!

For the same reason I’m peeved that Harry Reid suggested the Intelligence Community give Trump fake intelligence briefings. Haven’t we learned our lesson about politicizing intelligence?

More generally, I think journalists should be especially careful at this point to make it clear whether their anonymous sources have a partisan dog in this fight, because zero of those people should be considered to be unbiased when they make claims about the DNC hack.

A very special case of that comes in stories like this, where Neocon ideologue Eliot Cohen, identified as Bush appointee, is quoted attacking Trump for suggesting Russia should leak anymore emails.

But now Republican-aligned foreign policy experts are also weighing in along similar lines.

“It’s appalling,” Dr. Eliot A. Cohen, who was counselor of the State Department during the second term of George W. Bush’s presidency, said to me today. “Calling on a foreign government to go after your opponent in an American election?”

Cohen recently organized an open letter from a range of GOP national security leaders that denounced Trump in harsh terms, arguing that Trump’s “own statements” indicate that “he would use the authority of his office to act in ways that make America less safe, and which would diminish our standing in the world.” The letter said: “As committed and loyal Republicans, we are unable to support a Party ticket with Mr. Trump at its head. We commit ourselves to working energetically to prevent the election of someone so utterly unfitted to the office.”

But this latest from Trump, by pushing the envelope once again, raises the question of whether other prominent Republicans are ever going to join in.

For instance, to my knowledge, top national security advisers to George W. Bush, such as Stephen Hadley and Condoleezza Rice (who was also secretary of state), have yet to comment on anything we’ve heard thus far from Trump. Also, there could theoretically come a point where figures like former Defense Secretary Donald Rumsfeld and possibly even Dubya and George H.W. Bush feel compelled to weigh in.

Meanwhile, senior Republican elected officials who have backed Trump continue to refrain from taking on his comments forcefully or directly. Some Republicans actually defended Trump’s comments today. Paul Ryan’s spokesman issued a statement saying this: “Russia is a global menace led by a devious thug. Putin should stay out of this election.”

I feel differently about Trump’s asinine comment than I do about attribution of the attack. I’m all in favor of Hillary’s campaign attacking Trump for it, and frankly Cohen is a far more credible person to do so than Jake Sullivan and Leon Panetta, who also launched such attacks yesterday, because as far as I know Cohen has not mishandled classified information like the other two have.

But I would prefer if, rather than IDing Cohen as one of the Republicans who signed a letter opposing Trump, Greg Sargent had IDed him as someone who has also spoken affirmatively for Hillary.

On foreign policy, Hillary Clinton is far better: She believes in the old consensus and will take tough lines on China and, increasingly, Russia. She does not hesitate to make the case for human rights as a key part of our foreign policy. True, under pressure from her own left wing, she has backtracked on the Trans-Pacific Partnership, a set of trade deals that supports American interests by creating a counterbalance to China and American values by protecting workers’ rights. But she might edge back toward supporting it, once in.

Admittedly, this was at a time when Cohen and others still hoped some Mike Bloomberg like savior would offer them a third choice; that was before Bloomberg gave a very prominent speech endorsing Hillary last night.

Here’s the thing. The Neocons (led by Robert Kagan, who’s wife got named as a target of Russian aggression in the Feinstein-Schiff letter) are functioning as surrogates for Hillary just like top Democrats are. They are, just like Democrats are, now scrambling to turn their endorsements into both policy and personnel wins. Therefore we should no more trust the independence of a pro-Hillary Neocon — even if he did work for George Bush — than we would trust the many Democrats who have used their power to help Hillary win this election. Progressives should be very wary about the promises Hillary has made to get the growing number of Neocons (and people like Bloomberg) to so aggressively endorse her. Because those endorsements will come with payback, just like union or superdelegate endorsements do.

In any case, it’s hard enough to tease out attribution for two separate hacks and the subsequent publication of the hacked data by Wikileaks. Relying on obviously self-interested people as sources only further obscures the process.

Update: The Grammar Police actually nagged me to fix “whose/who’s” error in the Kagan sentence. Fun!

Some Legislative Responses to Clinton’s Email Scandal

/3 Comments/in /by

The Republicans have reverted to their natural “Benghazi witchhunt” form in the wake of Jim Comey’s announcement Tuesday that Hillary Clinton and her aides should not be charged, with Comey scheduled to testify before the House Oversight Committee at 10 AM.

Paul Ryan wrote a letter asking James Clapper to withhold classified briefings from Hillary. And the House Intelligence Committee is even considering a bill to prevent people who have mishandled classified information from getting clearances.

In light of the FBI’s findings, a congressional staffer told The Daily Beast that the House Intelligence Committee is considering legislation that could block security clearances for people who have been found to have mishandled classified information in the past.

It’s not clear how many of Clinton’s aides still have their government security clearances, but such a measure could make it more difficult for them to be renewed, should they come back to serve in a Clinton administration.

“The idea would be to make sure that these rules apply to a very wide range of people in the executive branch,” the staffer said. (Clinton herself would not need a clearance were she to become president.)

It’s nice to see the same Republicans who didn’t make a peep when David Petraeus kept — and still has — his clearance for doing worse than Hillary has finally getting religion on security clearances.

But this circus isn’t really going to make us better governed or safer.

So here are some fixes Congress should consider:

Add some teeth to the Federal/Presidential Records Acts

As I noted on Pacifica, Hillary’s real crime was trying to retain maximal control over her records as Secretary of State — probably best understood as an understandable effort to withhold anything potentially personal combined with a disinterest in full transparency. That effort backfired spectacularly, though, because as a result all of her emails have been released.

Still, every single Administration has had at least a minor email scandal going back to Poppy Bush destroying PROFS notes pertaining to Iran-Contra.

And yet none of those email scandals has ever amounted to anything, and many of them have led to the loss of records that would otherwise be subject to archiving and (for agency employees) FOIA.

So let’s add some teeth to these laws — and lets mandate and fund more rational archiving of covered records. And while we’re at it, let’s ensure that encrypted smart phone apps, like Signal, which diplomats in the field should be using to solve some of the communication problems identified in this Clinton scandal, will actually get archived.

Fix the Espionage Act (and the Computer Fraud and Abuse Act)

Steve Vladeck makes the case for this:

Congress has only amended the Espionage Act in detail on a handful of occasions and not significantly since 1950. All the while, critics have emerged from all corners—the academy, the courts, and within the government—urging Congress to clarify the myriad questions raised by the statute’s vague and overlapping terms, or to simply scrap it and start over. As the CIA’s general counsel told Congress in 1979, the uncertainty surrounding the Espionage Act presented “the worst of both worlds”:

On the one hand the laws stand idle and are not enforced at least in part because their meaning is so obscure, and on the other hand it is likely that the very obscurity of these laws serves to deter perfectly legitimate expression and debate by persons who must be as unsure of their liabilities as I am unsure of their obligations.

In other words, the Espionage Act is at once too broad and not broad enough—and gives the government too much and too little discretion in cases in which individuals mishandle national security secrets, maliciously or otherwise.

To underscore this point, the provision that the government has used to go after those who shared classified information with individuals not entitled to receive it (including Petraeus, Drake, and Manning), codified at 18 U.S.C. § 793(d), makes it a crime if:

Whoever, lawfully having possession of, access to, control over, or being entrusted with any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note relating to the national defense, or information relating to the national defense which information the possessor has reason to believe could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates, delivers, transmits or causes to be communicated, delivered, or transmitted … to any person not entitled to receive it, or willfully retains the same and fails to deliver it on demand to the officer or employee of the United States entitled to receive it …

This provision is stunningly broad, and it’s easy to see how, at least as a matter of statutory interpretation, it covers leaking—when government employees (“lawfully having possession” of classified information) share that information with “any person not entitled to receive it.” But note how this doesn’t easily apply to Clinton’s case, as her communications, however unsecured, were generally with staffers who were“entitled to receive” classified information.

Instead, the provision folks have pointed to in her case is the even more strangely worded § 793(f), which makes it a crime for:

Whoever, being entrusted with or having lawful possession or control of [any of the items mentioned in § 793(d)], (1) through gross negligence permits the same to be removed from its proper place of custody or delivered to anyone in violation of his trust, or to be lost, stolen, abstracted, or destroyed, or (2) having knowledge that the same has been illegally removed from its proper place of custody or delivered to anyone in violation of its trust, or lost, or stolen, abstracted, or destroyed … fails to make prompt report of such loss, theft, abstraction, or destruction to his superior officer …

Obviously, it’s easy to equate Clinton’s “extreme carelessness” with the statute’s “gross negligence.” But look closer: Did Clinton’s carelessness, however extreme, “[permit] … [classified information] to be removed from its proper place of custody or delivered to anyone in violation of [her] trust”? What does that even mean in the context of intangible information discussed over email? The short answer is nobody knows: This provision has virtually never been used at least partly because no one is really sure what it prohibits. It certainly appears to be focused on government employees who dispossess the government of classified material (like a courier who leaves a satchel full of secret documents in a public place). But how much further does it go?

There’s an easy answer here, and it’s to not use Clinton as a test case for an unprecedented prosecution pursuant to an underutilized criminal provision, even if some of us think what she did was a greater sin than the conduct of some who have been charged under the statute. The better way forward is for Congress to do something it’s refused to do for more than 60 years: carefully and comprehensively modernize the Espionage Act, and clarify exactly when it is, and is not, a crime to mishandle classified national security secrets.

Sadly, if Congress were to legislate the Espionage Act now, they might codify the attacks on whistleblowers. But they should not. They should distinguish between selling information to our adversaries and making information public. They should also make it clear that intent matters — because in the key circuit, covering the CIA, the Pentagon, and many contractors, intent hasn’t mattered since the John Kiriakou case.

Eliminate the arbitrariness of the clearance system

But part of that should also involve eliminating the arbitrary nature of the classification system.

I’ve often pointed to how, in the Jeffrey Sterling case, the only evidence he would mishandle classified information was his retention of 30-year old instructions on how to dial a rotary phone, something far less dangerous than what Hillary did.

Equally outrageous, though, is that four of the witnesses who may have testified against Sterling, probably including Bob S who was the key witness, have also mishandled classified information in the past. Those people not only didn’t get prosecuted, but they were permitted to serve as witnesses against Sterling without their own indiscretions being submitted as evidence. As far as we know, none lost their security clearance. Similarly, David Petraeus hasn’t lost his security clearance. But Ashkan Soltani was denied one and therefore can’t work at the White House countering cyberattacks.

Look, the classification system is broken, both because information is over-classified and because maintaining the boundaries between classified and unclassified is too unwieldy. That broken system is then magnified as people’s access to high-paying jobs are subjected to arbitrary review of security clearances. That’s only getting worse as the Intelligence Community ratchets up the Insider Threat program (rather than, say, technical means) to forestall another Manning or Snowden.

The IC has made some progress in recent years in shrinking the universe of people who have security clearances, and the IC is even making moves toward fixing classification. But the clearance system needs to be more transparent to those within it and more just.

Limit the President’s arbitrary authority over classification

Finally, Congress should try to put bounds to the currently arbitrary and unlimited authority Presidents claim over classified information.

As a reminder, the Executive Branch routinely cites the Navy v. Egan precedent to claim unlimited authority over the classified system. They did so when someone (it’s still unclear whether it was Bush or Cheney) authorized Scooter Libby to leak classified information — probably including Valerie Plame’s identity — to Judy Miller. And they did so when telling Vaughn Walker could not require the government to give al Haramain’s lawyers clearance to review the illegal wiretap log they had already seen before handing it over to the court.

And these claims affect Congress’ ability to do their job. The White House used CIA as cover to withhold a great deal of documents implicating the Bush White House in authorizing torture. Then, the White House backed CIA’s efforts to hide unclassified information, like the already-published identities of its torture-approving lawyers, with the release of the Torture Report summary. In his very last congressional speech, Carl Levin complained that he was never able to declassify a document on the Iraq War claims that Mohammed Atta met with a top Iraqi intelligence official in Prague.

This issue will resurface when Hillary, who I presume will still win this election, nominates some of the people involved in this scandal to serve in her White House. While she can nominate implicated aides — Jake Sullivan, Huma Abedin, and Cheryl Mills — for White House positions that require no confirmation (which is what Obama did with John Brennan, who was at that point still tainted by his role in torture), as soon as she names Sullivan to be National Security Advisor, as expected, Congress will complain that he should not have clearance.

She can do so — George Bush did the equivalent (remember he appointed John Poindexter, whose prosecution in relation to the Iran-Contra scandal was overturned on a technicality, to run the Total Information Awareness program).

There’s a very good question whether she should be permitted to do so. Even ignoring the question of whether Sullivan would appropriately treat classified information, it sets a horrible example for clearance holders who would lose their clearances.

But as far as things stand, she could. And that’s a problem.

To be fair, legislating on this issue is dicey, precisely because it will set off a constitutional challenge. But it should happen, if only because the Executive’s claims about Navy v. Egan go beyond what SCOTUS actually said.

Mandate and fund improved communication system

Update, after I posted MK reminded me I meant to include this.

If Congress is serious about this, then they will mandate and fund State to fix their decades-long communications problems.

But they won’t do that. Even 4 years after the Benghazi attack they’ve done little to improve security at State facilities.

Update: One thing that came up in today’s Comey hearing is that the FBI does not routinely tape non-custodial interviews (and fudges even with custodial interviews, even though DOJ passed a policy requiring it). That’s one more thing Congress could legislate! They could pass a simple law requiring FBI to start taping interviews.

Connecting the Dots on the Hillary Emails

/45 Comments/in /by

I maintain my belief that it is unlikely Hillary will be implicated in the investigation into her email practices, though it is quite possible that top aides like Jake Sullivan or Huma Abedin would be.

That said, I want to put three pieces of data together that have made me less sure of that — or the potential scope of this investigation.

The first is this AP story showing that top Clinton aides sought, but did not obtain, a blackberry like device that Hillary would have been able to use in a SCIF. [See update]

Clinton’s desire for a secure “BlackBerry-like” device, like that provided to President Barack Obama, is recounted in a series of February 2009 exchanges between high-level officials at the State Department and NSA. Clinton was sworn in as secretary the prior month, and had become “hooked” on reading and answering emails on a BlackBerry she used during the 2008 presidential race.

“We began examining options for (Secretary Clinton) with respect to secure ‘BlackBerry-like’ communications,” wrote Donald R. Reid, the department’s assistant director for security infrastructure. “The current state of the art is not too user friendly, has no infrastructure at State, and is very expensive.”

Reid wrote that each time they asked the NSA what solution they had worked up to provide a mobile device to Obama, “we were politely told to shut up and color.”

Resolving the issue was given such priority as to result in a face-to-face meeting between Clinton chief of staff Cheryl Mills, seven senior State Department staffers with five NSA security experts. According to a summary of the meeting, the request was driven by Clinton’s reliance on her BlackBerry for email and keeping track of her calendar. Clinton chose not to use a laptop or desktop computer that could have provided her access to email in her office, according to the summary.

Standard smartphones are not allowed into areas designated as approved for the handling of classified information, such as the block of offices used by senior State Department officials, known by the nickname “Mahogany Row” for the quality of their paneling. Mills said that was inconvenient, because they had to leave their offices and retrieve their phones to check messages.

The story shows that some top aides (and presumably Hillary herself) were aware of the security concerns tied to using a blackberry in a SCIF (though Judicial Watch president Tom Fitton’s statement that this shows an awareness of security concerns with the blackberry may overstate things).

Perhaps the most telling detail comes from this no-comment from former Department of Justice Director of Public Affairs, Brian Fallon:

Clinton campaign spokesman Brian Fallon declined to comment Wednesday.

Fallon has generally been much chattier about the drip drip drip tied to this story.

In any case, this story puts revelations in a Fox story from last week, describing Clinton sysadmin Bryan Pagliano’s testimony as “devastating” because he helped tie the use of particular devices to particular times.

The source said Pagliano told the FBI who had access to the former secretary of state’s system – as well as when – and what devices were used, amounting to a roadmap for investigators.

“Bryan Pagliano is a devastating witness and, as the webmaster, knows exactly who had access to [Clinton’s] computer and devices at specific times. His importance to this case cannot be over-emphasized,” the intelligence source said.

The source, who is not authorized to speak on the record due to the sensitivity of the ongoing investigation, said Pagliano has provided information allowing investigators to knit together the emails with other evidence, including images of Clinton on the road as secretary of state.

The cross-referencing of evidence could help investigators pinpoint potential gaps in the email record. “Don’t forget all those photos with her using various devices and it is easy to track the whereabouts of her phone,” the source said. “It is still boils down to a paper case. Did you email at this time from your home or elsewhere using this device? And here is a picture of you and your aides holding the devices.”

Knowing that the FBI has evidence that Clinton’s aides sought a way to obtain a secure blackberry, the detail that they’re tying emails sent to what device they were sent from, suggests they may be trying to tie individual emails, and their content, to the device they were sent from. And remember, there’s an entire Tumblr of pictures of Hillary using her (non-secure) blackberry.

Now consider what I laid out in this post, when John Cornyn made it clear Attorney General Loretta Lynch is the final decision maker on whether to act on an FBI recommendation to convene a grand jury and move toward an indictment.

Cornyn: If the FBI were to make a referral to the Department of Justice to pursue criminal charges against Mr. Pagliano or anyone else who may have been involved in this affair, does the ultimate decision whether to proceed to court, to ask for the convening of a grand jury, and to seek an indictment, does that rest with you, or someone who works for you at the Department of Justice?

Lynch: So Senator with respect to Mr. Pagliani [sic] or anyone who has been identified as a potential witness in any case, I’m not able to comment on the specifics of that matter and so I’m not able to provide you–

Cornyn: I’m not asking you to comment on the specifics of the matter, I’m asking about what the standard operating procedure is, and it seems pretty straightforward. The FBI does a criminal investigation, but then refers the charges to the Department of Justice, including US Attorneys, perhaps in more celebrated cases goes higher up the food chain. But my simple question is doesn’t the buck stop with you, in terms of whether to proceed, to seek an indictment, to convene a grand jury, and to prosecute a case referred to you by the FBI?

This felt like Cornyn had been sent by someone very high up in FBI (which is probably why Lynch responded so forcefully to make clear she’s the boss of everyone at the Bureau) to pressure the Attorney General to let them convene a grand jury. Now, it appears the basis for any grand jury is not just sending classified emails, but where and on what device those emails got sent.

Again, I still think Hillary is most likely safe. But I’m beginning to see how FBI might want to make a criminal case of sending classified information using insecure blackberries knowing they were insecure.

Update: Here are the emails. Note this seems to target Cheryl Mills more than Sullivan or Abedin (note her departure briefing is in there). It shows Mills directly receiving a bunch of briefing from NSA about the insecurities of BBs.

Also note: contrary to the emphasis of the AP piece, the issue appears not to be that NSA wasn’t doing what they could do, but instead that Hillary’s key staffers can be shown to have gotten technical briefing on the problems with BBs.