Posts

The Government Prepares to Argue that Transmitting Information *To* WikiLeaks Makes the Vault 7 Leak Different

In a long motion in limine yesterday, the government suggested that if Joshua Schulte had just been given a “prestigious desk with a window,” he might not have leaked all of CIA’s hacking tools in retaliation and caused what the government calls “catastrophic” damage to national security.

Schulte grew angrier at what he perceived was his management’s indifference to his claim that Employee-1 had threatened him. Schulte also began to complain about what, according to him, amounted to favoritism toward Employee-1, claiming, for example, that while the investigation was ongoing, Schulte was moved to an “intern desk,” while Employee-1 had been moved to a “prestigious desk with a window.”

[snip]

The Leaks are the largest illegal disclosure of CIA information in the agency’s history and, as noted above, caused catastrophic damage to national security.

Along the way, the motion provides the most detailed description to date about how the government believes Schulte stole the Vault 7 files from CIA. It portrays him as an arrogant racist at the beginning of this process, and describes how he got increasingly belligerent with this colleagues at CIA leading up to his alleged theft of the CIA’s hacking files, leading his supervisors to recognize the threat he might pose, only to bollox up their efforts to restrict his access to CIA’s servers.

The motion, along with several other submitted yesterday, suggests that the government would like to argue that leaking to WikiLeaks heightens the damage that might be expected to the United States.

Along with laying out that it intends to argue that the CIA charges (stealing the files and leaking them to WikiLeaks) are intertwined with the MCC charges (conducting “information war” against the government from a jail cell in the Metropolitan Correction Center; I explained why the government wants to do so here), the government makes the case that cybersecurity expert Paul Rosenzweig should testify as a witness about WikiLeaks.

Rosenzweig will testify about (i) WikiLeaks’s history, technical and organizational structure, goals, and objectives; (ii) in general terms, prior leaks through WikiLeaks, in order to explain WikiLeaks’s typical practices with regard to receiving leaked classified information, its practices or lack thereof regarding the review and redaction of sensitive information contained in classified leaks, and certain well-publicized harms to the United States that have occurred as a result of disclosures by WikiLeaks; and (iii) certain public statements by WikiLeaks regarding the Classified Information at issue in this case.

Rosenzweig’s testimony would come in addition to that of classification experts (probably for both sides) and forensic experts (again, for both sides; Steve Bellovin is Schulte’s expert).

The expert witnesses were allowed to testify as to the background of the organization Wikileaks; how the U.S. Government uses certain markings and designations to identify information that requires special protection in the interests of national security; the meaning of certain computer commands and what they would do; how various computers, servers, and networks work; how data is stored and transferred by various computer programs and commands; and the examination of data that is stored on computers and other electronics.

The only motion in limine Schulte submitted yesterday objected to Rosenzweig’s testimony. Schulte argues that the government’s expert notice neither provides sufficient explanation about Rosenzweig’s intended testimony nor proves he’s an expert on WikiLeaks. More interesting is Schulte’s  argument that Rosenzweig’s testimony would be prejudicial. It insinuates that Rosenzweig’s testimony would serve to substitute for a lack of proof about how Schulte sent the CIA files to WikiLeaks (Schulte is alleged to have used Tor and Tails to transmit the files, which would leave no forensic trace).

In Mr. Schulte’s case, the government has no reliable evidence of how much information was taken from the CIA, how it was taken, or when it was provided to WikiLeaks. The government cannot overcome a lack of relevant evidence by introducing evidence from other cases about how much information was leaked or how information was leaked in unrelated contexts. The practices of WikiLeaks in other contexts and any testimony about alleged damage from other entirely unrelated leaks is completely irrelevant.

Schulte’s claimed lack of evidence regarding transfer notwithstanding, that’s not how the government says they want to use Rosenzweig’s testimony. They say they want to use his testimony to help prove that Schulte intended to injure the US.

The Government is entitled to argue that Schulte intended to harm the United States, by transmitting the stolen information to WikiLeaks, because he knew or had reason to know what WikiLeaks would do with the information. The fact that WikiLeaks’ prior conduct has harmed the United States and has been widely publicized is powerful evidence that Schulte intended or had reason to believe that “injury [to] the United States” was the likely result of his actions—particularly given that the Government will introduce evidence that demonstrates Schulte’s knowledge of earlier WikiLeaks disclosures, including his own statements.

It does so by invoking WikiLeaks’ past leaks and the damage those leaks have done.

Accordingly, proof that it was foreseeable to Schulte that disclosure of classified information to WikiLeaks could cause “injury [to] the United States” is a critical element in this case. Indeed, the Senate Select Committee on Intelligence has explicitly stated “that WikiLeaks and its senior leadership resemble a non-state hostile intelligence service.” S. Rep. 115-151 p. 10. In order to evaluate evidence related to this topic, the jury will need to understand what WikiLeaks is, how it operates, and the fact that WikiLeaks’ previous disclosures have caused injury to the United States. The Government is entitled to argue that Schulte intended to harm the United States, by transmitting the stolen information to WikiLeaks, because he knew or had reason to know what WikiLeaks would do with the information.

Notably, the government motion invokes the Senate’s recognition that WikiLeaks resembles “a non-state hostile intelligence service.” That may well backfire in spectacular fashion. That statement didn’t come until over a year after Schulte is alleged to have stolen the files. And the statement was a follow-up to Mike Pompeo’s similar claim, which was a direct response to Schulte’s leak. If I were Schulte, I’d be preparing a subpoena to call Pompeo to testify about why, after the date when Schulte allegedly stole the CIA files, on July 24, 2016, he was still hailing the purported value of WikiLeaks’ releases.

The thing is, showing that the specific nature of the intended recipient of a leak is an element of the offense has never been required in Espionage leak cases before. Indeed, the government’s proposed jury instructions are based off the instruction in the Jeffrey Sterling case. While the government flirted with naming James Risen an unindicted co-conspirator in that case, they did not make any case that leaking to Risen posed unique harm.

Moreover, even before getting into Schulte’s statements about WikiLeaks (most of which have not yet been made public, as far as I’m aware), by arguing the CIA and MCC charges together, the government will have significant evidence not just about Schulte’s understanding of WikiLeaks, but his belief and that they would lie to harm the US. The government also has evidence that Schulte knew that WikiLeaks’ pretense to minimizing harm with the Vault 7 files was false, and that instead WikiLeaks did selective harm in its releases, though it doesn’t want to introduce that evidence at trial.

In other words, this seems unnecessary, superfluous to what the government has done in past Espionage cases, and a dangerous precedent (particularly given the way the government suggested that leaking to The Intercept was especially suspect in the Terry Albury and Reality Winner cases).

That’s effectively what Schulte argues: that the government is trying to argue that leaking to WikiLeaks is particularly harmful, and that if such testimony goes in, it would be forced to call its own witnesses to testify about how past WikiLeaks releases have shown government malfeasance.

This testimony could also suggest that the mere fact that information was released by WikiLeaks necessarily means that it was intended to—and did—cause harm to the United States. These are not valid evidentiary objectives. Instead, this type of testimony would create confusion and force a trial within a trial on the morality of WikiLeaks and the extent of damage caused by prior leaks. If the government is allowed to introduce this evidence, the defense will necessarily have to respond with testimony about how WikiLeaks is a non-profit news organization, that it has previously released information from government whistle-blowers that was vital to the public understanding of government malfeasance, and that any assertion of damages in the press is not reliable evidence.

The government, in a show of reasonableness, anticipates Schulte’s argument about the prejudice this will cause by stating that it will limit its discussion of prior WikiLeaks releases to a select few.

The Government recognizes the need to avoid undue prejudice, and will therefore limit Mr. Rosenzweig’s testimony to prior WikiLeaks leaks that have a direct relationship with particular aspects of the conduct relevant to this case, for example by linking specific harms caused by WikiLeaks in the past to Schulte’s own statements of his intent to cause similar harms to the United States or conduct. Those leaks include (i) the 2010 disclosure of documents provided to WikiLeaks illegally by Chelsea Manning; (ii) the 2010 disclosure of U.S. diplomatic cables; (iii) the 2012 disclosure of files stolen from the intelligence firm Stratfor; and (iv) the 2016 disclosure of emails stolen from a server operated by the Democratic National Committee.

The selected cases are notable, as all of them (with Manning’s leaks seemingly listed twice) involve cases the government either certainly (with the EDVA grand jury seeking Manning and Jeremy Hammond’s testimony) or likely (with ongoing investigations into Roger Stone) currently has ongoing investigations into.

As a reminder: absent an unforeseen delay, this trial will start January 13, 2020 and presumably finish in the weeks leading up to the beginning of Julian Assange’s formal extradition process on February 25. The government has maintained it can add charges up until that point, and US prosecutors told British courts it won’t provide the evidence against Assange until two months before the hearing (so around Christmas).

Schulte’s trial, then, appears to be the opening act for that extradition, an opening act that will undermine the claims WikiLeaks supporters have been making about the journalistic integrity of the organization in an attempt to block Assange’s extradition. Rosenzweig’s testimony seems designed, in part, to heighten that effect.

Which may be why this instruction appears among the government’s proposed instructions.

Some of the people who may have been involved in the events leading to this trial are not on trial. This does not matter. There is no requirement that everyone involved in a crime be charged and prosecuted, or tried together, in the same proceeding.

You may not draw any inference, favorable or unfavorable, towards the Government or the defendant from the fact that certain persons, other than the defendant, were not named as defendants in the Indictment. Do not speculate as to the reasons why other persons were not named. Those matters are wholly outside your concern and have no bearing on your function as jurors.

Whether a person should be named as a co-conspirator, or indicted as a defendant in this case or another separate case, is a matter within the sole discretion of the United States Attorney and the Grand Jury.

As noted, a number of different WikiLeaks supporters have admitted to me that they’re grateful Assange has not (yet) been charged in conjunction with the Vault 7 case, because even before you get to his attempt to extort a pardon with the files, there’s little journalistic justification for what it did, and even more reason to criticize WikiLeaks’ actions as the case against Schulte proceeded.

Yet the obscure proceedings before the EDVA grand jury suggests the government may be pursuing a conspiracy case that starts in 2010 and continues through the Vault 7 releases, with the same variety of Espionage and CFAA charges continuing through that period.

By arguing the CIA and MCC charges in tandem, the government can pretty compellingly make the case that WikiLeaks’ activities went well beyond journalism in this case. But it seems to want to use Rosenzweig’s testimony to make the case more broadly.

Journalist Records from the “Last Five Years”

Some weeks ago, there was some concern raised by DOJ’s response to an October 10, 2017 letter from Ron Wyden, written in the wake of an August Jeff Sessions press conference asking how many times DOJ has seized journalists’ records.

  1. For each of the past five years, how many times has DOJ used subpoenas, search warrants, national security letters, or any other form of legal process authorized by a court to target members of the news media in the United States and American journalists abroad to seek their (a) communications records, (b) geo-location information, or (c) the content of their communications? Please provide statistics for each form of legal process.
  2. Has DOJ revised the 2015 regulations, or made any other changes to internal procedures governing investigations of journalists since January 20, 2017? If yes, please provide me with a copy.

In response, in a letter claiming to provide all the “requests for information from January 2012 to the present,” DOJ pointed to the 2013 collection of AP records and the 2014 subpoena of James Risen. It also claimed,

The Federal Bureau of Investigation does not currently use national security letters to advance media leak investigations.

DOJ’s letter was written after Ali Watkins received notice, on February 13, that her phone and email records had been seized in the investigation of James Wolfe. It also comes after DOJ subpoenaed the Twitter information of Dissent Doe and Popehat last spring in conjunction with DOJ’s dumb persecution of Justin Shafer, both of whom have websites providing original content.

Whether DOJ has gotten more aggressive about seizing reporters’ phone records or content is a question I’m unsurprisingly very interested in.

All that said, DOJ may simply be playing word games, at least thus far.

Note, first of all, that Wyden only asked for the “past five years.” While DOJ claimed to present records spanning into the present, had DOJ responded to the actual request, it might have only presented past requests. Additionally, if Watkins got 90 day notice of her records being seized, the request itself would have taken place after the Wyden request.

While more specious, the May 2017 Twitter subpoena may have been deemed to be the same year as Wyden’s request.

Note three other details. First, Wyden’s letter (though not DOJ’s response) describes “targeting” journalists. Obviously, that word has a specific meaning in the context of surveillance, and I could see DOJ claiming that the Shafer investigation, for example, targeted Shafer, not his Tweeps.

Additionally, Wyden only asks about US news media and US journalists overseas. That’s not going to include an obvious target (whether or not DOJ still considers him a publisher): Julian Assange, an Australian publisher living in what counts as Ecuadoran territory.

Finally, note that DOJ specifies they don’t use NSLs for “media leak investigations.” That, too, has a specific meaning, one that probably doesn’t include the Shafer investigation on trumped up cyberstalking charges.

The Watkins case, especially, demands explanation. But finding it might just require rewording the questions.

Kashyap Patel Had Better Not Rely on the Bill Duhnke Precedent

Contrary to what a lot of people understand of the case, Jeffrey Sterling was not the CIA’s first suspect for the Merlin leaks to James Risen. Senate Intelligence Committee Staff Director Bill Duhnke was. As former CIA press person Bill Harlow testified, he told the FBI that James Risen had close ties to Duhnke when he first talked to them about Risen’s story.

Q. Okay. And you also told them that someone they should talk to about something like this would be Bill Duhnke, a person named Bill Duhnke, correct, up at the — that worked at the U.S. Senate?

BY MR. MAC MAHON: Q. Now, Mr. Harlow, in 2003, you told the FBI that you thought that Mr. Risen might reach out to the Staff Director of the Senate Select Intelligence Committee on Intelligence for confirmation, that Mr. Risen would, correct?

[snip]

A. My recollection is what the FBI asked me is who are the kind of people that Risen might talk to on a story like this, and I told them that he had regular contact with the Congressional Oversight Committees, including the Senate Intelligence Committee, and so the kind of places he might go to ask about the story would be the Senate Oversight committees. That’s my recollection of it. You know, it’s a dozen years ago but —

Q. And one of the names you gave them was Bill Duhnke, right?

A. Right.

As FBI Agent Hunt explained, however, she was hampered from investigating whether Duhnke (who knew aspects about Merlin that Sterling did not which showed up in Risen’s reporting) was a source for Risen because Senator Pat Roberts refused to cooperate with the FBI, even after then FBI Director Robert Mueller requested himself.

Q. And do you also remember writing in 2006 that the FBI director contacted the SSCI Chairman and Senator Pat Roberts, right?

A. Yes.

Q. And that Senator Roberts told Director Mueller that he wasn’t going to cooperate with the FBI at all in this investigation, correct?

A. Yes.

Q. And that never changed, did it?

A. It did change.

Q. You then got some cooperation from SSCI, correct?

A. I did. Q. You never got an interview with Mr. Duhnke, right?

A. I did not interview Mr. Duhnke.

Thus it happened that Speech and Debate prevented the FBI from investigating whether a key Intelligence Committee staffer played a role in a leak the government claimed was one of the worst ever.

I thought of that precedent when I read this passage in the NYT’s latest story on DOJ’s belated realization that Devin Nunes was using purported oversight requests to discover details that might help Trump delegitimize the Mueller investigation.

In another meeting, Mr. Rosenstein felt he was outright misled by Mr. Nunes’s staff. Mr. Rosenstein wanted to know whether Kashyap Patel, an investigator working for Mr. Nunes who was the primary author of the disputed memo, had traveled to London the previous summer to interview a former British spy who had compiled a salacious dossier about Mr. Trump, according to a former federal law enforcement official familiar with the interaction.

Mr. Patel was not forthcoming during the contentious meeting, the official said, and the conversation helped solidify Mr. Rosenstein’s belief that Mr. Nunes and other allies in Congress were not operating in good faith.

And these passages in an earlier NYT piece on Patel.

Over the summer, Mr. Nunes dispatched Mr. Patel and another member of the committee’s Republican staff to London, where they showed up unannounced at the offices of Mr. Steele, a former British intelligence official.

Told Mr. Steele was not there, Mr. Patel and Douglas E. Presley, a professional staff member, managed to track him down at the offices of his lawyers. There, they said they were seeking only to establish contact with Mr. Steele, but were rebuffed and left without meeting him, according to two people with knowledge of the encounter.

A senior official for the Republican majority on the Intelligence Committee, who spoke on the condition of anonymity because he was not authorized to speak about the matter, said the purpose of the visit had been to make contact with Mr. Steele’s lawyers, not Mr. Steele. Still, the visit was highly unusual and appeared to violate protocol, because they were trying to meet with Mr. Steele outside official channels.

Ordinarily, such a visit would be coordinated through lawyers, conducted with knowledge of the House Democrats, who were not informed and the American Embassy.

Given Rosenstein’s concerns that Patel was lying, I find it particularly interesting that he didn’t inform the American Embassy when he was there. It’s as if he was looking for a back channel!

As NYCSouthpaw noted, Patel has been hanging around the White House since he’s started playing this role.

In the months since, Mr. Patel has apparently forged connections at the White House. In November, he posted a series of photos to Facebook of him and several friends wearing matching shirts at the White House bowling alley. “The Dons hit the lanes at 1600 Pennsylvania,” Mr. Patel wrote under the photos.

This would suggest that the Nunes designee who has had firsthand access to all this intelligence, has also gotten really comfortable with the White House, leaving the possibility that he has shared the information with those in charge of delegitimize the investigation.

I’ve long wondered why Nunes has refused to read the information he has fought so hard to get access to. But by giving Patel that access without reading the materials himself, Nunes ensures that someone with easy access to the White House sees the materials, without jeopardizing the power to refuse any cooperation with Mueller.

Nunes, like Roberts did in 2006, could simply refuse to cooperate under speech and debate.

And it might well work!

There is, however one problem with that. You see, one of the ways (admittedly one of the less offensive ways) the President has interfered in the operations of DOJ is by demanding that the department ratchet up the leak investigations. And at a time last summer where Trump was threatening to fire Sessions so he could hire someone who could interfere with the Mueller investigation, Sessions and Dan Coats rolled out a new war on leaks, speaking of new permissiveness for prosecutors. Both Sessions…

To prevent these leaks, every agency and Congress has to do better.

We are taking a stand. This culture of leaking must stop.

[snip]

Finally, here is what I want to tell every American today: This nation must end the culture of leaks. We will investigate and seek to bring criminals to justice. We will not allow rogue anonymous sources with security clearances to sell out our country any longer.

These cases are never easy. But cases will be made, and leakers will be held accountable.

All of us in government and in every agency and in Congress must do better.

And Coats invoked Congress as a source of leaks specifically.

I would like to point out, however, that these national security breaches do not just originate in the Intelligence Community. They come from a wide range of sources within government, including the Executive Branch and including the Congress.

At the time, those mentions were deemed a warning that (in addition to changing the rules allowing them to pursue journalists), DOJ would also start pursuing Congress and its staffers more aggressively.

So while the available evidence suggests that Patel may be part of Nunes’ effort to funnel information to the White House, and while past history has shown that Nunes’ counterparts have been able to protect intelligence committee leakers, perhaps the witch hunt demanded by Trump will change that.

Why I Left The Intercept: The Surveillance Story They Let Go Untold for 15 Months

The Intercept has a long, must-read story from James Risen about the government’s targeting of him for his reporting on the war on terror. It’s self-serving in many ways — there are parts of his telling of the Wen Ho Lee, the Valerie Plame, and the Jeffrey Sterling stories he leaves out, which I may return to. But it provides a critical narrative of DOJ’s pursuit of him. He describes how DOJ tracked even his financial transactions with his kids (which I wrote about here).

The government eventually disclosed that they had not subpoenaed my phone records, but had subpoenaed the records of people with whom I was in contact. The government obtained my credit reports, along with my credit card and bank records, and hotel and flight records from my travel. They also monitored my financial transactions with my children, including cash I wired to one of my sons while he was studying in Europe.

He also reveals that DOJ sent him a letter suggesting he might be a subject of the investigation into Stellar Wind.

But in August 2007, I found out that the government hadn’t forgotten about me. Penny called to tell me that a FedEx envelope had arrived from the Justice Department. It was a letter saying the DOJ was conducting a criminal investigation into “the unauthorized disclosure of classified information” in “State of War.” The letter was apparently sent to satisfy the requirements of the Justice Department’s internal guidelines that lay out how prosecutors should proceed before issuing subpoenas to journalists to testify in criminal cases.

[snip]

When my lawyers called the Justice Department about the letter I had received, prosecutors refused to assure them that I was not a “subject” of their investigation. That was bad news. If I were considered a “subject,” rather than simply a witness, it meant the government hadn’t ruled out prosecuting me for publishing classified information or other alleged offenses.

But a key part of the story lays out the NYT’s refusals to report Risen’s Merlin story and its reluctance — until Risen threatened to scoop him with his book — to publish the Stellar Wind one.

Glenn Greenwald is rightly touting the piece, suggesting that the NYT was corrupt for acceding to the government’s wishes to hold the Stellar Wind story. But in doing so he suggests The Intercept would never do the same.

That’s not correct.

One of two reasons I left The Intercept is because John Cook did not want to publish a story I had written — it was drafted in the content management system — about how the government uses Section 702 to track cyberattacks. Given that The Intercept thinks such stories are newsworthy, I’m breaking my silence now to explain why I left The Intercept.

I was recruited to work with First Look before it was publicly announced. The initial discussions pertained to a full time job, with a generous salary. But along the way — after Glenn and Jeremy Scahill had already gotten a number of other people hired and as Pierre Omidyar started hearing from friends that the effort was out of control — the outlet decided that they were going to go in a different direction. They’d have journalists — Glenn and Jeremy counted as that. And they’d have bloggers, who would get paid less.

At that point, the discussion of hiring me turned into a discussion of a temporary part time hire. I should have balked at that point. What distinguishes my reporting from other journalists — that I’m document rather than source-focused (though by no means exclusively), to say nothing of the fact that I was the only journalist who had read both the released Snowden documents and the official government releases — should have been an asset to The Intercept. But I wanted to work on the Snowden documents, and so I agreed to those terms.

There were a lot of other reasons why, at that chaotic time, working at The Intercept was a pain in the ass. But nevertheless I set out to write stories I knew the Snowden documents would support. The most important one, I believed, was to document how the government was using upstream Section 702 for cybersecurity — something it had admitted in its very first releases, but something that it tried to hide as time went on. With Ryan Gallagher’s help, I soon had the proof of that.

The initial hook I wanted to use for the story was how, in testimony to PCLOB, government officials misleadingly suggested it only used upstream to collect on things like email addresses.

Bob Litt:

We then target selectors such as telephone numbers or email addresses that will produce foreign intelligence falling within the scope of the certifications.

[snip]

It is targeted collection based on selectors such as telephone numbers or email addresses where there’s reason to believe that the selector is relevant to a foreign intelligence purpose.

[snip]

It is also however selector-based, i.e. based on particular phone numbers or emails, things like phone numbers or emails.

Raj De:

Selectors are things like phone numbers and email addresses.

[snip]

A term like selector is just an operational term to refer to something like an email or phone number, directive being the legal process by which that’s effectuated, and tasking being the sort of internal government term for how you start the collection on a particular selector.

[snip]

So all collection under 702 is based on specific selectors, things like phone numbers or email addresses.

Brad Wiegmann:

A selector would typically be an email account or a phone number that you are targeting.

[snip]

So that’s when we say selector it’s really an arcane term that people wouldn’t understand, but it’s really phone numbers, email addresses, things like that.

[snip]

So putting those cases aside, in cases where we just kind of get it wrong, we think the email account or the phone is located overseas but it turns out that that’s wrong, or it turns out that we think it’s a non-U.S. person but it is a  U.S. person, we do review every single one to see if that’s the case.

That PCLOB’s witnesses so carefully obscured the fact that 702 is used to collect cybersecurity and other IP-based or other code collection is important for several reasons. First, because collection on a chat room or an encryption key, rather than an email thread, has very different First Amendment implications than collecting on the email of a target. But particularly within the cybersecurity function, identifying foreignness is going to be far more difficult to do because cyberattacks virtually by definition obscure their location, and you risk collecting on victims (whether they are hijacked websites or emails, or actual theft victims) as well as the perpetrator.

Moreover, the distinction was particularly critical because most of the privacy community did not know — many still don’t — how NSA interpreted the word “facility,” and therefore was missing this entire privacy-impacting aspect of the program (though Jameel Jaffer did raise the collection on IP addresses in the hearing).

I had, before writing up the piece, done the same kind of iterative work (one, two, three) I always do; the last of these would have been a worthy story for The Intercept, and did get covered elsewhere. That meant I had put in close to 25 hours working on the hearing before I did other work tied to the story at The Intercept.

I wrote up the story and started talking to John Cook, who had only recently been brought in, about publishing it. He told me that the use of 702 with cyber sounded like a good application (it is!), so why would we want to expose it. I laid out why it would be questionably legal under the 2011 John Bates opinion, but in any case would have very different privacy implications than the terrorism function that the government liked to harp on.

In the end, Cook softened his stance against spiking the story. He told me to keep reporting on it. But in the same conversation, I told him I was no longer willing to work in a part time capacity for the outlet, because it meant The Intercept benefitted from the iterative work that was as much a part of my method as meetings with sources that reveal no big scoop. I told him I was no longer willing to work for The Intercept for free.

Cook’s response to that was to exclude me from the first meeting at which all Intercept reporters would be meeting. The two things together — the refusal to pay me for work and expertise that would be critical to Intercept stories, as well as the reluctance to report what was an important surveillance story, not to mention Cook’s apparent opinion I was not a worthy journalist — are why I left.

And so, in addition to losing the person who could report on both the substance and the policy of the spying that was so central to the Snowden archives, the story didn’t get told until 15 months later, by two journalists with whom I had previously discussed 702’s cybersecurity function specifically with regards to the Snowden archive. In the interim period, the government got approval for the Tor exception (which I remain the only reporter to have covered), an application that might have been scrutinized more closely had the privacy community been discussing the privacy implications of collecting location-obscured data in the interim.

As recently as November, The Intercept asked me questions about how 702 is actually implemented because I am, after all, the expert.

So by all means, read The Intercept’s story about how the NYT refused to report on certain stories. But know that The Intercept has not always been above such things itself. In 2014 it was reluctant to publish a story the NYT thought was newsworthy by the time they got around to publishing it 15 months later.

DOJ Can’t Keep Its Spin Straight in the Sterling Case

As I noted several weeks ago, Jeffrey Sterling challenged his conviction based on the absence of evidence actually implicating him in the crime. On Monday, the government responded.  And while I expect the government will succeed in defeating Sterling’s challenge I am still struck by some very big problems with their story.

As they did at the trial (especially in closing arguments) they argued that Sterling had knowledge of what they claim was the leak, he had a motive to leak it, and he had the pre-existing relationship with James Risen that would explain that he would go to Risen to leak it. So far so good.

They also argued that because Sterling was the only one favorably treated in Risen’s chapter, Sterling must be a source for Risen, which logically doesn’t hold at all.

But in the filing, the government also returns to its efforts — played out in the indictment, rehearsed briefly as both sides tried to make narratological arguments neither was equipped to make, introduced at the opening, but largely dropped during the trial — to a claim that Sterling lied to both the Senate Intelligence Committee and Risen to get them to show interest in his story. Not just that, but they claim Sterling told the same lies to both. This is where their argument starts to fall apart, and fall apart in ways that identify more problems for their argument.

He not only possessed the facts about Classified Program No. 1, he had a motive to spin them in a way that would do maximum damage to the agency. That is exactly what the evidence reflects. Risen’s spin on the program—i.e., that it was botched and risked enabling the Iranian nuclear program—is the same spin the defendant used when he met with Vicki Divoll and Donald Stone from the Senate Select Committee on Intelligence (SSCI) on March 5, 2003, GX 101, the day after he filed his second lawsuit, GX 99, and about a month after his last settlement offer expired. GX 96. Indeed, the only time anyone expressed the concerns Risen parroted in Chapter 9 was when Sterling went to SSCI.

This is wrong on two counts.

First, what Sterling told SSCI was not spin. Here’s what the SSCI report (Exhibit 101) — which Donald Stone claims he wrote on Bill Duhnke’s direction after he informed Stone of an investigation (in which Duhnke was then the prime suspect, for some unknown reason) — says Sterling said.

The operation entailed a CIA asset providing Iran with faulty plans for a Russian based nuclear fire set. Although the plans had been modified by the National Laboratories, Mr. Sterling feared they were insufficiently flawed to prevent a Russian scientist hired by the Iranians from identifying and correcting the mistakes. His concern was based on the fact that the CIA asset recognized the plan’s flaws almost immediately after being shown them. He would have preferred to string the operation out by giving pieces of the plan out over time. In the end, the entire plan was turned over to the Iranians without any means for further follow up. However, CIA supposedly deemed the operation a success. Mr. Sterling fears the CIA gave the Iranians too much information that they can either use themselves or sell to someone else.

And here’s what Stone told the FBI Sterling had told them, but which (in his memo written after he knew of the investigation) he didn’t include in the investigation.

Which is why the details Stone provided the FBI, which would have been captured in his notes but which didn’t show up in the report, are so interesting. First, Sterling said that “they did the equivalent of throwing it over a fence,” an admission of how shoddy the pass-off of the blueprints was. Then, that one of CIA’s two assets involved “got cold feet,” an admission that Merlin almost backed out just before the trip to Vienna. And that one asset (it actually sounds like Stone might have meant Human Asset 2, the other Russian, which the records actually support) “recognized the plans were faulty.”

Every single one of these details are true, not spin. Not only did Merlin immediately say the plans “would not work” (and in testimony said the real plan would have been “100 times more complicated than it was shown in drawing and the schematics”), but the other Russian involved — the guy who gave the plans to the CIA in the first place — apparently had problems with them as well. The National Lab got the plans to work in 3 months (not 5, as Walter C testified under oath), at least according to CIA’s own cables. And the entire operation was premised on the assumption that Iran had access to Russian engineers. 

In addition, Merlin did get cold feet, as extensively documented by CIA cables, and confirmed — once he presented it as protecting his own family — by the Russian’s testimony.

But the most important evidence from Sterling’s report to the SSCI is that he complained that “the entire plan was turned over to the Iranians without any means for further follow up,” largely because “they did the equivalent of throwing it over a fence.” Not only are those claims absolutely true — as confirmed by both Bob S and Merlin’s sworn testimony at the trial — but they are one of the two key points of his whistleblower complaint to Congress. Not only did CIA give Iran a nuclear blueprint. But they did so, Sterling worried (according to the SSCI), in such a way as to make further follow-up and intelligence gathering almost impossible. He would have rather strung out the operation so as to collect intelligence.

And that’s important, because that complaint doesn’t show up in Risen’s book with the details that substantiate it, appearing only as “the CIA also gave the blueprints to the Iranians without any certain way of monitoring their use by Iranian scientists.”

Indeed, there are details in Risen’s book that are inconsistent with both the real basis of Sterling’s worry and the facts as presented by CIA cables, Bob S, and Merlin, though not with the instructions originally given to Merlin. The book repeats the instructions that Merlin was not supposed to hide that he lived in the US.

The Russian was also told not to try to hide the fact that he now lived in the United States.

And it includes the final line of the letter it claims Merlin left, indicating his contact information was on the next page.

My contact info on next page.

The thing is, probably because of Bob S’ suppression of the actual details of the operation as executed — Bob S’ false spin, not Sterling’s! — the CIA documents included these details, but they are inaccurate, per both Bob S and Merlin. Merlin did everything he could to ensure any tie with the US was hidden. “Nobody likes United States in the world,” Merlin testified, “I’m not stupid. I can put in danger my family.” And he had been doing so for almost a year by the time of the operation. And according to Merlin — and Bob S claims he knew this at the time — Merlin did not provide the contact information the Iranians would need to contact him.

In other words, a key part of Sterling’s concern, that as Merlin executed the operation, he had left the Iranians no way to contact him and therefore largely prevented any follow-up contact, doesn’t show up in Risen’s book. The “spin” is not the same, and in fact Risen’s version misstates a key concern Sterling shared with SSCI.

If Sterling had wanted to get Risen to publish the same story he told to SSCI, he surely would have foregrounded that Merlin refused to do as he told with respect to leaving his contact information.

And that’s important for two reasons.

First, as I noted, FBI proved unable ultimately to find the version of the letter Merlin left (or the letter that appears in Risen’s book, which is almost certainly a different thing). And FBI proved unbelievably incurious about why Risen was quoting from a report on Merlin’s trip that Bob S claims never existed, a report that included the details that Bob S suppressed in his own reporting of the operation.

Here’s how the government’s filing deals with their inability to produce the actual letter.

The evidence at trial established that over a period of months, the defendant, Robert S., and Merlin worked on drafting and editing a letter for Merlin to provide to the Iranians. See, e.g., DE 435 at 22-23. The document went through multiple drafts. On January 12, 2000, the defendant sent a cable containing the then-current version of the letter. GX 35. Two days later, on January 14, 2000, Robert S. responded in another cable, requesting certain changes, including that the letter make explicit that the schematics were being provided for “free.” GX 36 at 1. There were no additional changes reflected in any cable traffic. The version of the letter that appears in Chapter 9 is the January 12, 2000, formulation, with Robert S.’s suggested changes from January 14 incorporated into the document—i.e., the final version. Compare GX 35 at 2, and GX 36 at 102, with GX 132 at 13-14

This is false. As I laid out, not only did Bob S’ instructions include agreement that the letter should be stripped of “puffery” that it retains in the Risen version, but Bob S himself testified that the letter that appeared in the book was not the final letter either.

In response on January 14, 2000, Bob S wrote (Exhibit 36),

We agree with [Sterling’s] comments that the verbiage needs to be tightened up still further to make sure the Iranians understand what he has and on what terms. He should say explicitly that he is offering the schematic and associated parts list free to prove that he can provide further information, and acknowledge that what he is providing initially is incomplete. There should be a very clear message that he expects to be paid for the rest of the details they will need if they want to build the device.

[snip]

Each iteration of his draft letter is better than the previous one, so [Sterling]‘s patience seems to be paying off. It is worth our while to take the extra time to make sure he finally gets it just right, since the letters will have to do much of the work for us with the target.

Now, given Merlin’s payment strike at the following two meetings, it is possible CIA never got around to making the changes Bob S wanted. The fact that Bob S, not Sterling, wrote the cables from those meetings means we would never know, because unlike Sterling, Bob S never included the text of correspondence in cables he wrote (as I laid out here). But Bob S — who ran both the remaining meetings before the Vienna trip with Merlin — clearly wanted changes. And while the letter appearing in Risen’s book retains what Sterling called Merlin’s “puffery” language, it does reflect two of the changes Bob S asked for: reiteration that this package was meant as an assessment package, and an indication Merlin had emailed IS2 to alert him to the package (though see my questions about whether he really did in the update to this post).

In his testimony, Bob S claimed that what appeared in the book was the “nearly final draft,” explaining that the reference to Merlin getting paid was “sharpened” still further after the version that appears in the book. If true, given the way the final meetings worked out, Bob S may have been the only one who would know that.

In spite of the abundant evidence that Bob S was more likely to have these late iteration letters than Sterling, the government goes further to argue — as they prevented Sterling from arguing at trial — that he probably didn’t do his job and that’s why there isn’t a final version of the letter.

It would be entirely reasonable for a jury to conclude that an individual, who was terminated for failure to perform his assigned duties, GX 62 at 1, might also fail to properly document all of his contacts with an asset.

This would require that Merlin and Sterling made changes Bob S knew about, did not document them verbatim as was Sterling’s (but not Bob S’) consistent practice, and Bob S never noticed. Indeed, Bob S insisted at trial that the CIA writes everything down (in contradiction to the evidence that, while Sterling did, he did not). It’s just not possible.

And, as I mentioned, the motion never deals with — as the entire trial didn’t either — the report which Merlin and Bob S say never existed but gets quoted extensively in Risen’s book, which included information which Bob S suppressed in official CIA communications but admits are factually correct.

But the mistranslation of Sterling’s concern is important for another reason: the errors in Risen’s book, errors which Sterling not only knew to be errors (per trial evidence), but errors that make no sense given FBI’s claimed spin. The big one — the one that pissed Merlin off the most — was the claim he was a defector (I’m less convinced that Risen’s claim that CIA helped Merlin get citizenship is entirely false, because there’s reason to believe they did accelerate his green card and treat it differently to allow him to do the Vienna trip).

That is, while there are details that (according to FBI) only Sterling, Bob S, and Merlin knew that weren’t documented (though the majority of those were in the report they didn’t look for), there are also a slew of details that show someone ill-informed, but not in a way that matches’ Sterling’s actual or purported concerns, was talking to Risen.

All this is probably moot. The government will succeed with this motion on evidentiary grounds and the interesting venue argument will be revisited in the Appeals Court.

But it is worth noting that the government’s narrative, even as laid out in a careful motion, continues to make no sense.

Yes, Eric Holder Does Do the Intelligence Community’s Bidding in Leak Prosecutions

 

Screen Shot 2015-02-19 at 10.17.51 AM

The second-to-last witness in the government’s case against Jeffrey Sterling, FBI Special Agent Ashley Hunt, introduced a number of things she had collected over the course of her 7.5 year investigation into James Risen’s chapter on Operation Merlin. That included a few things — most notably two lines from Risen’s credit card records from 2004 — that in no conceivable way incriminated Sterling.

On November 17, 2004, Risen charged €158.00 at the Hotel Inter-Continental in Vienna, Austria on his credit card (the provider of which DOJ included in its exhibit). On November 21, 2004, Risen put another €215.30 in Inter-Continental charges on his credit card.

What Agent Hunt had proven by highlighting these two details was that James Risen traveled to Vienna as background for a book chapter set in Vienna, and even went to the hotel where Merlin had stayed. None of that did a thing to prove that Sterling leaked Merlin’s travel information — or anything else — to Risen. But the government decided to gratuitously enter into evidence that they had seized years of Risen’s credit card records, and in doing so obtained details of where Risen had traveled (and also, on what days his daughter sent something via FedEx). It wasn’t enough that we knew that already from court filings. DOJ still saw the need to introduce gratuitous notice that they had all of Risen’s credit card statements into the court record.

“We own you,” seemed to be the message to Risen from this flaunting of his credit card records.

But don’t worry, Eric Holder generously decided not to call Risen to testify against Sterling after having hounded him — in this and the warrantless wiretap investigation — for 6 years already, both Jack Goldsmith and Ben Wittes insist.

Both men seem to vastly underestimate how DOJ’s actions in the last decade impact journalism. And both men seem to misunderstand what just happened in the Jeffrey Sterling trial, where DOJ succeeded in exposing a man to 40 years in prison, based largely on metadata, without even having the key pieces of evidence at issue in the case (almost certainly because of CIA’s doing, not Sterling’s).

Uncharacteristically, Wittes’ post is less annoying that Goldsmith’s. Sure, as he did with Laura Poitras, Wittes appointed himself the arbiter of what the NYT should and shouldn’t tolerate from journalists it pays. I will remember that Wittes believes an employee’s intemperate rants on Twitter should get close scrutiny by their employers the next time Wittes makes factually flawed defenses of his torturer buddies on Twitter or complains when Chris Soghoian tweets about Keith Alexander’s operational security sloppiness when he rides on Amtrak.

But Goldsmith writes two paragraphs about leak prosecutions that — while they may bolster Goldsmith’s questionable claims about how journalism functions to rein in the Executive — entirely miss the point. I’ll take them in detail here:

Third, Holder could have called Risen to testify in the Sterling case – the law was clearly on his side, and DOJ attorneys wanted him to do it.  But Holder directed his lawyers to let Risen off the hook.  It is simply wrong to say (as Risen did) that Holder was doing the “bidding of the intelligence community” or sending “a message to dictators around the world that it is okay to crack down on the press and jail journalists.”  Quite the contrary.

The notion that the trial Holder’s DOJ just staged in Eastern District of Virginia was not about “doing the bidding of the intelligence community” makes me tear up I’m laughing so hard. A very key part of the trial was putting Bob S on the stand so he could make claims about Operation Merlin — which turned out not to be backed up by the documentary evidence or his asset’s memory — so as to be able to claim, “We have demonstrated we did this very carefully.” This was a clusterfuck of an operation, but nevertheless DOJ gave Bob S a day and a half to try to claim it wasn’t. DOJ offered CIA this favor while playing their classification games (this was, after all, EDVA, an improper venue for almost all of the charges, but a very good place to get favorable treatment for security theater) so as to avoid explaining — except when it became handy for Condi to blurt something out — why this operation went from being a clandestine information collection operation to something far more sensitive, which is probably the real reason someone other than Sterling leaked the information as the government was trumping up war against Iraq, the next country that got the Merlin treatment.

It’s EDVA, Goldsmith!!! The same place Holder went to have John Durham pretend to investigate CIA’s obstruction of justice until the statute of limitations expired! The same place Holder went to keep investigating and investigating until DOJ could deliver a head, any head, to punish Gitmo defense attorneys’ crazy notion that they might have good reason to want to learn how and who anally raped their clients in the name of rehydration such that they’re still bleeding, 12 years later.

EDVA has become, under Holder, where DOJ goes to obtain arbitrary judgments that ensure CIA and other agencies will never be held accountable for crimes, but some low-level leaker will be delivered up anytime CIA’s crimes or incompetence get exposed.

Fourth, Risen’s complaints about Holder rest in part on the fact that Holder has presided over many more leak prosecutions than any prior Attorney General.  I suspect that any Attorney General would have ramped up the leak prosecutions in light of the unprecedented cascade of deep secrets from the government in the last decade.

Here Goldsmith makes the same nonsensical claim that Steven Aftergood made for The Intercept’s profile of Stephen Kim. The investigation into James Risen’s stories has been going on for twelve years. The investigation into Risen’s reporting on Operation Merlin started over four years before Chelsea Manning even joined the Army, much less started the torrent of leaks Goldsmith claims justifies all these investigations.

And the ratio of leak prosecutions to leaks remains tiny.

This line comes right out of Holder’s defense of his leak prosecutions the other day. And it’s true. But it’s a big part of the problem. Thus far, after all, James Cartwright has not been indicted for allegedly leaking a far more sensitive counter-proliferation program targeting Iran than Sterling purportedly leaked. No one is even considering prosecuting Leon Panetta for leaking details of the Osama bin Laden raid (or classified details in his memoir). I doubt David Petraeus will be indicted either for letting his mistress have access to all his most intimate secrets.

The people who get prosecuted — Jeffrey Sterling, John Kiriakou, Donald Sachtleben, Stephen Kim — they’re not the problem behind this system of leaking and in several cases it’s very clear they’re not even the key leakers: instead, they’re the human detritus the government can dispose of so others will see just how arbitrary the secrecy system really is, by design.

But in any event, it must be true that these prosecutions have had a chilling effect on leakers (i.e. sources) and in that sense made journalists’ jobs harder.  Of course chilling criminal leaks is the whole point of the prosecutions.  They do not “wreck” the First Amendment if they are consistent with the First Amendment, which they are, especially since the prosecutions have not had any noticeable macro effect on the steady flow of secrets out of the government.

I suspect Risen would say this is not the case. I suspect a number of the other journalists targeted by DOJ would say the same. That is, the point is not about stopping leaks (though I think the Insider Threat system will make it easier to pick and choose which human detritus will be the next sacrificed to feed this arbitrary system of control), but often as not burning certain journalists or others who don’t play the game.

We own you, investigative journalist, and know what you did in Vienna back in 2004.

Note also that Risen and other journalists tend not to talk about the countervailing norms that have moved dramatically in journalists’ favor in the last decade.  (I have written about this extensively, here and here and here and here.)  Not only has the government significantly raised the bar for going after journalists’ sources, but it has also made clear what was not clear a decade ago: it will not prosecute journalists for publishing classified information in clear violation of 18 USC 798.

I think here Goldsmith misses the novel theory the government used to convict Sterling, the one Holder has deemed the model to go after others.

Under this theory, journalists will be treated as empty vehicles, and the “cause to leak” language in the Espionage Act will be blown up, so that even completely unclassified conversations may be deemed the cause of an investigative journalist with sources throughout the CIA publishing a story. And the jurisdiction, too, will be blown up, so that so long as a single hairdresser buys a book in EDVA — or maybe MD, who cares, really?!?! — then DOJ can stage their witch hunt in EDVA with all its trappings of security theater.

There are some interesting theories behind the successful prosecution of Sterling for a bunch of metadata. And Goldsmith might at least familiarize himself with where Holder’s DOJ is taking the Espionage Act, because it deserves more scrutiny before the Sterling prosecution is deemed to have done no damage to the journalistic process.

Given this change in norms and the structural factors pushing secrets out (size of bureaucracy, digitalization of secrets, and the like), it is very hard to conclude that the advantage on secrecy versus transparency has shifted to the government under Holder.

Again, the underlying problem is the asymmetry involved. The government keeps hiding more and more stuff — the top officials behind its trust-building CVE program, even! — behind a veil of secrecy. That amid increasingly absurd claims of secrecy — and increasingly persistent evidence the secrecy often serves to hide law-breaking or incompetence, as it did with the Merlin caper — more secrets get out should be no great celebration. It’s the structure of it all — the paranoia, the arbitrariness, and the incompetence behind it all — that really sours any claim to democratic governance. Goldsmith may take solace we’re getting more secrets out, but until we reverse the slide into arbitrariness it heralds, I’m not so sanguine.

During the hearing just after the defense closed in the Sterling trial, there was a fascinating discussion, largely about how DOJ planned to blow up the “cause” language in the Espionage Act to further criminalize just talking to journalists, to criminalize publishing a book and deigning to distribute it in EDVA. The conversation kept coming back to how DOJ had gone from treating Risen as a criminal weeks earlier to treating him as an innocent naif who channeled Sterling’s spying to the unwitting citizens of EDVA. Judge Leonie Brinkema at one point said, “If Risen were not protected by the newsman’s privilege, I suspect he would have been named as a co-conspirator.” “There is no newsman’s privilege,” defense attorney Edward MacMahon pointed out, laughing at the absurdity of claiming there was after the 3 year battle over just that topic. But the exchange hung there, pregnantly, because ultimately branding Risen a criminal — or, barring that, branding having even unclassified conversations with Risen as criminal — was a big part of the point of this trial.

What this prosecution did — what, I believe, it was designed to do — was two-fold. First, burn Risen, burn Risen over 12 long years of investigation during which the counterpart investigation even reportedly seized his phone records. But also, to herald a new interpretation of the Espionage Act that will criminalize even having phone calls with a journalist who has reported on completely unclassified stories involving you in the past.

Update: Year on Risen’s credit card records corrected per Rich.

Merlin Was Reading James Risen in 1999

On March 16, 1999, Jeffrey Sterling met with Merlin, the Russian scientist Sterling was trying to get to establish ties with Iran so he could hand off a nuclear blueprint. (Exhibit 22) Merlin seemed to be getting impatient — and perhaps a little insulted — that the Iranians he was approaching weren’t showing more interest in his 20 year experience as a Russian nuclear engineer. So he made an utterly bizarre suggestion.

[M] then suggested that in some of his future messages, he may make mention of the recent revelation that another country had secured nuclear secrets from the U.S. [M]’s reasoning was that others now see that it is possible to obtain nuclear secrets which can advance their programs, and that the project can build upon that supposition to entice the Iranians. [Sterling] lauded [M] for his thinking but said some thought would need to be given to such a proposition prior to [M] implementing it.

Merlin has to be referring to the stories about Wen Ho Lee which started appearing on page one of the NYT starting on March 6, 1999. (Remember, too, that Merlin lived in the NY area, so if he read this in the dead tree version — as most people still read newspapers in 1999 — he most likely read it in the NYT.)

Those stories were written by James Risen.

Which is strong evidence that Merlin was reading Risen as far back as 1999.

Merlin’s suggestion — that he, a CIA asset, entice Iran to accept his Russian blueprint by pointing out that China had allegedly jump-started its own nuclear weapon program by stealing blueprints from the US — reveals just how unclear on the concept of the operation Merlin was. After all, it had to have been suspicious enough to Iran that a Russian who had moved to the US was seeking to deal blueprints (it’s unclear whether the blueprints were ultimately in English or Russian). Any suggestion that the Iranians would thereby be getting US, as opposed to Russian, technology should have alarmed them greatly.

It’s also, of course, a bizarre commentary on the arc of Risen’s career, that the main character in a future book of his would be monitoring nuclear developments by reading Risen. Risen, of course, managed to protect his sources in both cases, in a series that unfairly identified Wen Ho Lee as a Chinese spy and in a book that raised real questions about what our nuclear establishment was doing.

I’m still waiting for Merlin’s transcript on this point, but his wife was asked whether she and her husband knew of or knew Risen. “I start to know about Jim Risen after he wrote the book,” Mrs. Merlin testified on the stand in her imperfect English. She went further, asserting that her husband did not know (it’s unclear whether she meant “of,” or “personally”) before, either. Given how much of the Wen Ho Lee story was driven by Risen between March 6 and March 16, 1999, Merlin probably had known “of” Risen for years before Risen started reporting on the operation that we now refer to by Merlin’s codename.

And yet, I’m fairly certain, the fact that Merlin offered up Risen reporting to the man now convicted of having leaked to Risen, Jeffrey Sterling, 4 years before that leak began, never got mentioned at the trial.

Walter Pincus’ Great Intelligence Work

Walter Pincus had a piece yesterday purporting to lay out the inaccuracies in the chapter of James Risen’s State of War. In it, he includes this passage.

In Vienna in late February 2000 to deliver the materials to an Iranian mission to the International Atomic Energy Agency, the Russian, according to Risen’s book, “unsealed the envelope with the nuclear blueprints and included a personal letter of his own to the Iranians. No matter what the CIA told him, he was going to hedge his bets. There was obviously something wrong with these blueprints — so he decided to mention that fact to the Iranians in his letter.”

Risen’s book reprints the letter, saying the Russian later gave the CIA a copy.

The CIA trial witnesses and agency memos tell a different story.

The agency plan always was that the schematics and drawings would have some obvious flaws — and the Russian engineer was told about them. It also was part of the plan from the start that the design materials were to be accompanied by a letter from the Russian noting some errors. A Jan. 10, 2000, CIA memo carries a draft of what it describes as “the letter to be included in the package of material.”

It has elements almost word for word found in the letter as printed in the Risen book, but it was written cooperatively with CIA input and made part of the document package for the Iranians more than a month before the Russian arrived in Vienna.

Now, I think the trial did show that there were some inaccuracies in the book — the one the Merlins cared most about is that they weren’t defectors.

But I find it really curious that Pincus claims these were errors. I say it’s curious because unless I’m mistaken, the transcripts for all the CIA witnesses save Bill Harlow have not been loaded onto the docket and so probably aren’t yet done. And in the 5 of 6 days of testimony I attended (including all but a few minutes of Bob S’ testimony, whom Pincus cites by name), I didn’t see Pincus in the courtroom once. And with the exception of Merlin himself, the CIA witnesses I missed, for the most part, talked about issues other than the Merlin operation. So it’s unclear where Pincus got his understanding of CIA witness testimony, and what he got is inaccurate.

Indeed, in this limited example, Pincus makes two pretty significant errors: in suggesting Merlin was supposed to know about the flaws in (as opposed to the incompleteness of) the blueprints, and in suggesting the CIA is certain about what Merlin left at the IAEA in March 2000.

First, the flaws. Throughout discussions about this operation, there has been some confusion between the flaws and the incompleteness, which has allowed the CIA to push back on the story when in fact the CIA records show this may be a convenient way to claim Risen’s book was wrong when what the CIA thought is meaningless if the Russians still had concerns. While Merlin was told the blueprints were incomplete, he was not told about the flaws the nuclear lab (probably Sandia) put in the blueprints that were supposed to prevent the Iranians from using them (but only held back a national lab team 3 months in using the same blueprints). According to my notes, for example, Bob S said they “didn’t want to say [the blueprints] were intentionally flawed,” to Merlin. Nevertheless, there is reason to believe that Merlin and (far more importantly) the other Russian asset involved in this operation saw what they believed were problems that would make the blueprints not serve the purpose the Russians believed they were supposed to serve, and there is reason to believe that those concerns were never adequately addressed.

In addition, as I noted in this Salon piece yesterday, CIA doesn’t actually have the final version of what Merlin left with the IAEA. They claim — with questionable credibility, which I’ll return to — not to know what was in the formal letter Merlin left. Bob S himself agreed in his testimony that Pincus supposedly reviewed that Merlin is the only person who knows what he put in the final version. At the very least the story the CIA tells is that Merlin took a copy of the letter drafted in conjunction with the CIA to Vienna but with the nuke references altered to make sure he could get through customs (Bob S called it “sanitized”), then changed them back on the hotel computer and printed a fresh copy (note, earlier in this process, Merlin at times sent stuff off to the Iranians before the CIA had a chance to review it, so he had a history of freelancing). He then destroyed the disk he used, meaning no one — according to what Merlin told CIA  — has a copy (though the almost-final version without any last minute changes would reside on Merlin’s poorly secured home computer). Interestingly, Risen’s book says Merlin wrote a report back, but Bob S and Merlin (apparently) claim he did not.

But that printed letter is not all Merlin left with the blueprints. He also left a handwritten letter in his  packet of newspaper-wrapped nuclear blueprints — what Bob S called a “cover note.” The current story — relying on an earlier idea floated during the drafting period but not formally adopted — is that the cover note would help alert the Iranian staffers to the ultimate intended recipient of the letter. But that letter was by all appearances ad-libbed by Merlin. So we only have Merlin’s word for what he wrote.

Now these are just two details — details in Risen’s book that Pincus claims were disproven by cables and Bob S’ testimony — but which were anything but.

I will have a much longer summary of all the other details that came out at trial that made it clear the operation was an even bigger shitshow than Risen’s report makes out. But for the moment, I’m just curious what Pincus is trying to accomplish. Perhaps he was in the back of the courtroom for a tiny part of Bob S’ testimony and neither I nor the several other journalists I asked noticed him. But (at least as far as testimony) it appears he’s working off second-hand claims about what the record says and claiming, falsely, that they specifically disprove Risen’s book.

Why?

Why would whoever provided Pincus this partial view of Bob S’ testimony be so desperate to claim that Risen’s book was proven wrong?

How the Sterling Prosecution Threatens Even Unclassified Tips

In a piece for Salon, I describe how the government managed to get Jeffrey Sterling convicted of 7 charges under the Espionage Act for one leak. More importantly, I show how the jury’s conviction of him for 2 of those charges — related to “causing” James Risen to write a 2003 NYT story on Merlin that got quashed — may well amount to convicting him for tipping Risen, without sharing any classified information, to the operation.

Here’s the key part of that discussion:

D.C. information brokers should be worried that Sterling faces 80 years in prison based off this circumstantial evidence. All the more so, given the evidence supporting the charge that Sterling leaked to Risen in time for and caused him to write the article Risen told CIA he had in completed draft on April 24, 2003. After all, the only pieces of evidence that the government submitted from before the time when Risen told CIA he had a completed article were the CNN email, phone calls reflecting Risen and Sterling spoke for four minutes and 11 seconds across seven phone calls, and Sterling’s entirely legal discussion with staffers from the Senate Intelligence Committee.

No matter what you think all the later phone calls between Sterling and Risen indicate, short of evidence of a face-to-face meeting in this earlier period, the evidence seems to suggest Sterling was doing something that people in DC do all the time: point an investigative reporter to where she might find classified scoops, without providing those scoops themselves. That’s especially true given the way the CIA’s own notations about Risen’s story seem to track the reporter fleshing out information, from initial outlines of the operation (that happen to map what Sterling told Senate staffers) to, weeks later, inclusion of that elusive document FBI never managed to find. That is, it appears Risen got a tip, possibly from Jeffrey Sterling, but that he spent weeks using his sources to flesh out that tip.

In both the indictment and discussions about jury instructions, the government interpreted the Espionage Act to cover what might be an unclassified tip through two means. First, they pointed to language in the Espionage Act that criminalizes someone “caus[ing secrets] to be communicated, delivered, or transmitted,” and from that argued Sterling was responsible not just for the leak to Risen but also for the journalist’s attempt to publish a newspaper article and his completion and his publisher’s delivery to Virginia of a book chapter. Then, for most counts, they argued that Sterling did not have to have handed Risen secret information directly, he could do so indirectly.

If the jury found Sterling indirectly got secrets into Risen’s hands and, from that, caused him to write an article and a book chapter on it (irrespective of the additional work Risen did, the work of his editors at the Times and the publishers at Simon and Schuster and the commercial freight company that carried those secrets in a bound book to Virginia), that was enough to send him to prison for most of the rest of his life.

While it’s all well and good that DOJ backed off plans to force James Risen to testify, I think few realize the implications of Sterling being held responsible for an entire NYT story based on four minutes and 11 seconds of phone conversations.

They may well criminalize providing unclassified tips to get reporters to chase down classified stories.

Jury Convicts Sterling on All Nine Counts

Courtroom sketch by Debra Van Poolen (http://www.debvanpoolen.com/)

Courtroom sketch by Debra Van Poolen (http://www.debvanpoolen.com/)

After having deliberated for slightly over 2 days, the jury today found Jeffrey Sterling guilty of all nine counts today. (See a summary of the charges here.)

I’m not surprised the jury found Sterling guilty of some of the charges: of leaking Risen information on Merlin and the operation he was involved in, and of retaining and then leaking Risen a document involved in that. The government multiplied the charges for both the 2003 New York Times story (at which point, Sterling and Risen had only spoken for two minutes and 40 seconds) and the 2006 book (by which point they had had more lengthy discussions), such that each leak amounted to multiple charges. In addition, the jury convicted Sterling of passing government property worth over $1,000, and of obstruction of justice.

It’s the last charge that really raises questions about how the jury understood their instructions.

That’s because the government charged Sterling for obstructing the investigation by destroying a totally unclassified email he sent to James Risen in March 2003; he destroyed that email sometime between April and July 2006. The government made no allegation that Sterling ever entered Virginia during this period, much less destroyed the email there. In other words, there is no way Sterling should have been found guilty on that charge in Virginia (though it was easily the charge for which there was the most evidence to convict him of, had it been charged in Missouri). So that guilty verdict should make it easier to prove that the jury misunderstood the venue questions.

The other thing I think the defense might have grounds to appeal was Leonie Brinkema’s decision (which remains classified) that kept out details showing that several of the witnesses against Sterling — up to four of the people cleared into the Merlin operation — had, like Sterling, kept classified documents at home. One of the few concrete pieces of evidence against Sterling was that he had kept (probably retroactively) classified documents at home, which the government presented in big red printed SECRET folders. But, if (as seems highly likely) Bob S also did the same, it might raise questions about why FBI never investigated him as a potential source.

There’s much more that raises questions about the legitimacy (though not necessarily the outcome) of the trial, such as the things CIA managed to keep secret, including that the CIA had declared state secrets over some of the evidence submitted at trial to deprive Sterling of the ability to sue for discrimination.

And, finally, the verdict raises real questions about the economy of leaks in DC, in which people may point reporters to stories, only to have the reporters dig up damning evidence from other sources (which is what seems most likely to have happened here). Jeffrey Sterling just got found guilty for causing James Risen to publish a story to (the government claimed) avenge his crummy treatment by the CIA. Sterling’s guilty verdict allows no room for Risen to have decided to publish a story about CIA’s horrible record on WMD. This verdict will not only send Sterling to prison, but it turns journalists into agency-free vehicles of their sources.