Jesse Furman Archives

Posts

On Joshua Schulte’s Alleged Substantial Amount of CSAM … and Other Contraband

March 23, 2023/20 Comments/in Cybersecurity, emptywheel, WikiLeaks /by emptywheel

Yesterday, Judge Jesse Furman docketed a letter, impossibly dated March 23, updating him on the investigation into the Child Sexual Abuse Material allegedly found on WikiLeaks Vault 7 source, Josh Schulte’s discovery computer, six months ago (see this post for an explanation).

It described more about the CSAM material found on Schulte’s computer: The FBI had found “at least approximately 2,400 files on the laptop … likely containing CSAM.”

With respect to assertions that Joshua Schulte, the defendant, has made about the discovery laptop—that the laptop does not contain CSAM, that any CSAM appears only in thumbnails, or that the CSAM was maliciously or inadvertently loaded onto the laptop by the Government. See, e.g., D.E. 998 at 3 (pro se letter to the Court dated Dec. 21, 2022), 5 (pro se letter to the Court dated Jan. 5, 2023)—the Government is able to confirm the following: at least approximately 2,400 files on the laptop have been identified to date as likely containing CSAM. Those files include full images, and are not limited to thumbnail images. Moreover, the Government did not copy discovery materials onto the defendant’s laptop. In 2021, former defense counsel copied discovery and trial materials onto the laptop, which was then reviewed by personnel from the U.S. Attorney’s Office for security compliance before making a file index and providing the laptop to the Metropolitan Correctional Center (“MCC”), where the defendant was then in custody. The CSAM on the laptop was not provided by the Government or the result of Government action.

That, by itself, doesn’t tell us a lot more than we learned in an October filing, which explained that the FBI had found, “a substantial amount” of suspected CSAM.

Indeed, the letter focuses on debunking two counterarguments Schulte has made since, which is one of the reasons Furman docketed it after DOJ submitted it ex parte: “[T]his letter responds directly to assertions by Mr. Schulte,” Furman observed.

The government was debunking a claim made by Schulte that the government had caused the CSAM — but only thumbnails — to be loaded onto his discovery computer by “connect[ing] a child pornography drive to the laptop during setup.”

Schulte repeated and expanded — at great, great length — that theory in a set of filings dated March 1 but just loaded to the docket today.

The government response, effectively, was that they made an index of the files as the computer existed when it was turned over to MCC in 2021, calling Schulte on his claim that he was framed with CSAM.

Ultimately both sides will be able to present their claims to a jury.

But there are several other reasons I’m interested in the letter and related issues.

The government’s working theory when they first revealed this last fall, was that Schulte got a thumb drive into the SCIF and from that accessed the CSAM allegedly found on his home computer six years ago, presumably just to have it in his cell for his own further exploitation of children.

there is reason to believe that the defendant may have misused his access to the SCIF, including by connecting one or more unauthorized devices to the laptop used by the defendant to access the CSAM previously produced.

That’s because in August, they found a thumb drive attached to the SCIF laptop.

On or about August 26, 2022, Schulte was produced to the Courthouse SCIF and, during that visit, asked to view the hard drive containing the Home CSAM Files from the Home Desktop. The hard drive was provided to Schulte and afterwards re-secured in the dedicated safe in the SCIF. The FBI advised the undersigned that, while securing the hard drive containing the Home CSAM Files, they observed that an unauthorized thumb drive (the “Thumb Drive”) was connected to the SCIF laptop used by Schulte and his counsel to review that hard drive containing the Home CSAM Files. On or about September 8, 2022, at the Government’s request, the CISO retrieved the hard drive containing materials from the Home Desktop from the SCIF and returned it to the FBI so that it could be handled pursuant to the normal procedures applicable to child sexual abuse materials. The CISO inquired about what should be done with the Thumb Drive, which remained in the dedicated SCIF safe.

But in a little noticed development, during the period when FBI has been investigating how a defendant held under SAMs managed to get (we’re now told) 2,400 CSAM files onto his discovery computer, CNN reported that the network of FBI’s NY Field Office focused on CSAM had been targeted in a hacking attempt.

The FBI has been investigating and working to contain a malicious cyber incident on part of its computer network in recent days, according to people briefed on the matter.

FBI officials believe the incident involved an FBI computer system used in investigations of images of child sexual exploitation, two sources briefed on the matter told CNN.

“The FBI is aware of the incident and is working to gain additional information,” the bureau said in a statement to CNN. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”

FBI officials have worked to isolate the malicious cyber activity, which two of the sources said involved the FBI New York Field Office — one of the bureau’s biggest and highest profile offices. The origin of the hacking incident is still being investigated, according to one source.

DOJ still insists that former CIA hacker Josh Schulte found a way to access a whole bunch of CSAM. And in the same period, reportedly, the servers involved with CSAM investigation in the NYFO were hacked.

And while the letter released yesterday doesn’t tell us — much — that’s new about what Schulte allegedly had on his laptop, it does tell us, by elimination, which of the sealed filings in his docket are not related to the CSAM investigation.

Since the October update on the investigation into Schulte, sealed documents have been filed in Schulte’s docket on the following days:

December 15: Sealed document
January 19: Ex parte update on CSAM investigation
January 26: Sealed document
March 9: Sealed document
March 13: Sealed document

Only the January 19 letter — along with yesterday’s letter — have been unsealed. That, plus the flurry of filings in September and October, are it for the CSAM investigation. There’s something else going on in this docket, four sealed documents worth.

Indeed, in those very long set of filings mentioned above, both dated February and finalized March 1, both docketed today, Schulte alluded to something beyond CSAM.

Judge Furman has begun claiming that there are other vague misuses or misbehavior on the laptop.

He must not have read the September and October letters very closely, because they describe there was a warrant that preceded the discovery of the CSAM.

The warrants that we know of include the following:

July 27: Contempt and contraband
September 22: CSAM expansion warrant
October 4: MDC cell and devices
October 4: CSAM devices (for the devices used in the SCIF)
October 5 and 6 (authorized by protective order): Log files for devices in SCIF

Since late September, this investigation was about the “substantive” amounts of CSAM found on a computer possessed by Schulte.

But before that it was based on suspicions of contraband.

That stems, in significant part, from a search of the computer DOJ did in June, when Schulte turned it over claiming it had been dropped.

It hadn’t been dropped. It needed to be charged. Indeed, in the interminable motions filed today, Schulte treated plugging in a laptop as some kind of due process violation.

Plugging in a laptop should in no way compromise the privacy of a laptop. But it did raise real questions about the excuse Schulte offered in an attempt to get a second laptop (one he effectively got once trial started anyway).

Needless to say, his description of what happened with the BIOS password differs from the government’s, as provided last June.

First, with respect to the defendant’s discovery laptop, which he reported to be inoperable as of June 1, 2022 (D.E. 838), the laptop was operational and returned to Mr. Schulte by the end of the day on June 3, 2022. Mr. Schulte brought the laptop to the courthouse on the morning of June 3 and it was provided to the U.S. Attorney’s Office information technology staff in the early afternoon. It appears that the laptop’s charger was not working and, after being charged with one of the Office’s power cords, the laptop could be turned on and booted. IT staff discovered, however, that the user login for the laptop BIOS1 had been changed. IT staff was able to log in to the laptop using an administrator BIOS account and a Windows login password provided by the defendant. IT staff also discovery an encrypted 15-gigabyte partition on the defendant’s hard drive. The laptop was returned to Mr. Schulte, who confirmed that he was able to log in to the laptop and access his files, along with a replacement power cord. Mr. Schulte was admonished about electronic security requirements, that he is not permitted to enable or use any wireless capabilities on the laptop, and that attempting to do so may result in the laptop being confiscated and other consequences. Mr. Schulte returned to the MDC with the laptop. [my emphasis]

Here’s more background on all the funky things that happened with this laptop that led me to suspect something was going on last summer.

Anyway, the government claims it found a whole bunch of CSAM on Schulte’s computer. But there’s also something else going on.

We may find out reasonably soon. The impossibly dated filing from this week promised an update in a week, which (if the impossibly dated filing was actually dated March 21) might be Tuesday.

The Government expects to provide the Court with a supplemental status letter in approximately one week.

At the same time that CIA hacker Josh Schulte was allegedly finding a way to load CSAM onto his discovery laptop, the local FBI office’s CSAM servers were hacked.

That might be a crazy coincidence.

Update: DOJ filed an ex parte update today, which may or may not have to do with the CSAM investigation.

SDNY Calls DOJ’s Definition of the Espionage Act an “Academic Interest”

January 6, 2023/19 Comments/in Blogs Internet and New Media, Press and Media, WikiLeaks /by emptywheel

DOJ has now responded to my intervention in the Joshua Schulte case. Presumably because my motion, written by Kel McClanahan, focused on how flimsy the government’s claim to keep transcripts of a CIPA conference hidden, the government’s response pitches this as exclusively a CIPA battle. It’s totally a reasonable legal stance.

But along the way, in apparent effort to distract from the topic at issue — in part, the application of the Espionage Act to journalism — SDNY suggests it is just an academic interest whether DOJ would charge someone for sharing classified information already published by the NYT.

The mere fact that someone would like to know information is not a part of the right-of-access analysis, however, and the Government’s motion should be granted.

[snip]

Intervenor’s desire to speculate as to the potential application of the Government’s articulation of the elements of an offense to other circumstances has no bearing on the ability of the public to monitor or assess the actual rulings of the Court in the CIPA § 6 hearings to which Intervenor demands access.

[snip]

[T]he question is not whether redacted transcripts are coherent as a matter of language or whether they might be relevant to Intervenor’s academic interest.

I’m the intervenor here, not McClanahan (who is a professor on national security law at GW Law). I need to know this stuff not just to cover WikiLeaks (I’m more of an expert than the expert SDNY relied on in the first trial, Paul Rosenzweig), but also to understand my own exposure as a journalist.

Not once in the filing does the government use the words “Espionage Act.” Not once does DOJ mention “journalist.” Not once does it mention the NY Times, the hypothetical that DOJ is attempting to hide, which (as Judge Jesse Furman described in a court hearing) is this:

I gave you two hypotheticals. I think one is where a member of the public goes on WikiLeaks today and downloads Vault 7 and Vault 8 and then provides the hard dive with the download to someone who is not authorized to receive NDI, and I posed the question of whether that person would be guilty of violating the Espionage Act and I think your answer was yes. That strikes me as a very bold, kind of striking proposition because in that instance, if the person is not in a position to know whether it is actual classified information, actual government information, accurate information, etc., simply providing something that’s already public to another person doesn’t strike me as — I mean, strikes me as, number one, would be sort of surprising if that qualified as a criminal act. But, to the extent that the statute could be construed to the extend to that act one would think that there might be serious constitutional problems with it.

I also posed the hypothetical of the New York Times is publishing something that appears in the leak and somebody sharing that article in the New York Times with someone else. That would be a crime and there, too, I think you said it might well be violation of the law. I think to the extent that that would extend to the New York Times reporter for reporting on what is in the leak, or to the extent that it would extend to someone who is not in position to know or position to confirm, that raises serious constitutional doubts in my mind. That, to me, is distinguishable from somebody who is in a position to know. I think there is a distinction if that person transmits a New York Times article containing classified information and in that transmission does something that confirms that that information is accurate — right — or reliable or government information, then that’s confirmation, it strikes me, as NDI. But it just strikes me as a very bold and kind of striking proposition to say that somebody, who is not in position to know or does not act in a way that would confirm the authenticity or reliability of that information by sharing a New York Times article, could be violating the Espionage Act. That strikes me as a kind of striking proposition.

The government is no doubt exploiting the emphasis in my filing, but the notion that whether I can be charged for doing journalism is not an academic interest! It’s not just that there is an acute interest, amid the Julian Assange extradition proceedings, to know the government’s thinking about the Espionage Act, it goes to the chilling effect of not knowing what I can safely publish in the course of doing my job. I don’t have the luxury of “speculating” about the application of the Espionage Act, because if I guess wrong, I could be imprisoned for a decade.

The government wants this to be about CIPA. But the problem is that the government is attempting to hide something that is not classified — the elements of offense for a serious crime that can chill the ability to do journalism — via claims about CIPA.

Third, Intervenor asserts a First Amendment right of access premised on the assertion that “the Government present[ed] legal arguments about elements of the crime itself,” which Intervenor claims both have traditionally been open to the public and are of value to the monitoring of the judicial process. (D.E. 988 at 2). Intervenor’s contention that legal arguments the Government may have advanced at the Section 6 hearings are “something that interested persons in the field should know” (id. at 3) simply “cuts too wide a swath—taken to its extreme, considerations of logic would always validate public access to any judicial document or proceeding.” United States v. Cohen, 366 F. Supp. 3d 612, 631 (S.D.N.Y. 2019). Contrary to Intervenor’s suggestion that discussion of the elements of an offense “stray[s] far from a simple discussion of evidentiary issues” (D.E. 988 at 3), such discussion is integral to virtually any assessment of the relevance and admissibility of evidence, including that occurring in CIPA § 6 hearings, in which courts “look to what elements must be proven under the statute,” United States v. McCorkle, 688 F.3d 518, 521 (8th Cir. 2012); see also United States v. Bailey, 444 U.S. 394, 416 (1980) (describing need to “limit[] evidence in a trial to that directed at the elements of the crime”).

Tellingly, SDNY’s citation of a 2019 District opinion relating to the unsealing of Michael Cohen’s search warrants — which were released with redactions, the desired goal here! — is inapt to the question of whether the government should be able to hide its discussions of how it understands the Espionage Act by claiming that that needs to be protected as classified information.

Considerations of logic also counsel against recognizing a First Amendment right to access search warrant materials. Of course, public access to search warrant materials may promote the integrity of the criminal justice system or judicial proceedings in a generalized sense. United States v. Huntley, 943 F.Supp.2d 383, 385 (E.D.N.Y. 2013) (remarking that “the light of the press shining into the innards of government is necessary to inhibit violation of the public trust”). But such an argument cuts too wide a swath—taken to its extreme, considerations of logic would always validate public access to any judicial document or proceeding. Cf. Times Mirror Co., 873 F.2d at 1213 (rejecting as overbroad the argument that the First Amendment mandates access to any proceeding or document that implicates “self-governance or the integrity of the criminal fact-finding process”); In re Bos. Herald, Inc., 321 F.3d at 187 (“In isolation, the [rationale that the public must have a full understanding to serve as an effective check] proves too much—under it, even grand jury proceedings would be public.”). As the Ninth Circuit aptly observed, “[e]very judicial proceeding, indeed every governmental process, arguably benefits from public scrutiny to some degree, in that openness leads to a better-informed citizenry and tends to deter government officials from abusing the powers of government.” Times Mirror Co., 873 F.2d at 1213.

Understanding the law is a matter that precedes the media’s scrutiny of whether the government abused the Espionage Act in this case (or in Julian Assange’s). And while the elements of the offense of the Espionage Act does dictate whether evidence would be helpful or not to the defense — the consideration of a CIPA hearing — ultimately this debate was about (and significantly appeared in) jury instructions, the law as applied.

Again, SDNY’s stance seems tactical, a response to our filing’s greater focus on matters of classification than the status of the press. But the outcome — SDNY’s claim that I have the luxury of merely “speculating” about the application of the Espionage Act — is alarmingly arrogant.

I was only able to make this challenge because McClanahan was able and willing to help — and he can only do so through the support of his non-profit. If you believe fights like this are important and have the ability to include it in your year-end donations, please consider supporting the effort with a donation via this link or PayPal. Thanks!

Judge Jesse Furman Gives DOJ 3 Pages to Reply to emptywheel’s Bid to Liberate Sealed Transcripts on the Espionage Act

December 28, 2022/29 Comments/in Leak Investigations, WikiLeaks /by emptywheel

Some weeks ago, I described that, with the help of National Security Counselors, I was intervening in the Joshua Schulte case to try to liberate transcripts from a May 3 sealed Classified Information Procedures Act hearing in which this exchange took place.

I gave you two hypotheticals. I think one is where a member of the public goes on WikiLeaks today and downloads Vault 7 and Vault 8 and then provides the hard dive with the download to someone who is not authorized to receive NDI, and I posed the question of whether that person would be guilty of violating the Espionage Act and I think your answer was yes. That strikes me as a very bold, kind of striking proposition because in that instance, if the person is not in a position to know whether it is actual classified information, actual government information, accurate information, etc., simply providing something that’s already public to another person doesn’t strike me as — I mean, strikes me as, number one, would be sort of surprising if that qualified as a criminal act. But, to the extent that the statute could be construed to the extend to that act one would think that there might be serious constitutional problems with it.

I also posed the hypothetical of the New York Times is publishing something that appears in the leak and somebody sharing that article in the New York Times with someone else. That would be a crime and there, too, I think you said it might well be violation of the law. I think to the extent that that would extend to the New York Times reporter for reporting on what is in the leak, or to the extent that it would extend to someone who is not in position to know or position to confirm, that raises serious constitutional doubts in my mind. That, to me, is distinguishable from somebody who is in a position to know. I think there is a distinction if that person transmits a New York Times article containing classified information and in that transmission does something that confirms that that information is accurate — right — or reliable or government information, then that’s confirmation, it strikes me, as NDI. But it just strikes me as a very bold and kind of striking proposition to say that somebody, who is not in position to know or does not act in a way that would confirm the authenticity or reliability of that information by sharing a New York Times article, could be violating the Espionage Act. That strikes me as a kind of striking proposition.

CIPA is the means by which the government tries criminal cases involving classified information. It permits the government to ask to hold certain hearings about what evidence will be admitted in sealed hearings to avoid any possibility that classified information will be publicly disclosed at those hearings.

[Note, these transcripts were funded by Calyx Institute with funding provided by Wau Holland Foundation, the latter of which has close ties to WikiLeaks.]

While everyone else was staying up late waiting for the January 6 Committee Report last Thursday, I was staying up late to see the filing that Kel McClanahan submitted in that intervention, which is here.

In the filing, McClanahan argued that the government’s own argument in support of sealing the transcripts attempted to use wiretap precedents to justify their continued sealing of CIPA hearings, even though they were asking to seal something else — hearings at which classified information might or might not be discussed.

It goes without saying that the proceedings in question—and the transcripts thereof—are judicial records for purposes of the common law, and the Government does not make any serious argument to the contrary. Instead, it argues that CIPA established a presumption against disclosure, drawing an analogy to the statutory provision for sealing of wiretap applications at issue in In re New York Times Co. to Unseal Wiretap & Search Warrant Materials, 577 F.3d 401 (2d Cir. 2009). It then goes beyond that analogy to argue that the presumption is even stronger because Congress allowed for wiretap materials to be unsealed for good cause but provided no comparable mechanism for CIPA proceedings. However, CIPA is not Title III, and the Government’s argument requires that to be the case in order to succeed.

Simply put, In re New York Times dealt with a statute which included a “manifest congressional intent that wiretap applications be treated confidentially,” id. at 408, but only because it includes a provision that the records themselves “shall be disclosed only upon a showing of good cause before a judge of competent jurisdiction.” 18 U.S.C. § 2518(8)(b). In contrast, CIPA only provides that a hearing shall be held in camera because “a public proceeding may result in the disclosure of classified information.” 18 U.S.C. App 3 § 6(a) (emphasis added). It in no way exhibits any intent that the records created from such a hearing should be presumed undisclosable, nor could it, since by its own terms the hearing might actually include no classified information. In other words, CIPA merely provides a protective procedure to guard against the chance that a hearing may include classified information,2 based solely on the Attorney General’s assertion that it may include classified information—hardly a high bar for the Government to clear. Congress voiced no opinion about what should then happen to the unclassified information included in that hearing, let alone a “manifest congressional intent.”

McClanahan laid out how the CIPA discussions at issue played a role in the exercise of Article III power, noting that the transcripts in question address the elements of the charges against Schulte: the very definition of the Espionage Act (and its application to someone like me, who might be held accountable for disseminating unconfirmed classified information).

The key question then becomes, what was the “role of the material at issue in the exercise of Article III judicial power” and its “resultant value . . . to those monitoring the courts?” United States v. Amodeo, 71 F.3d 1044, 1049 (2d Cir. 1995). The Court itself addressed both of these issues at various times. Most relevantly, it engaged in open court in an extensive discussion of a colloquy that appears to have taken place in the 3 May hearing, telling Government counsel, “I gave you two hypotheticals” about the Government’s interpretation of the scope of the Espionage Act. (Tr. of 7/6/22 Hrg. at 149:3-151:12.) It did so in the context of a discussion of potential jury instructions, and expressed the sentiment several times that the Government’s assertion that a person sharing National Defense Information (“NDI”) that is already in the public domain would still be liable under that statute was “kind of a striking proposition.” The role, then, of these transcripts—and the information they contain—in the exercise of Article III judicial power is clear, as is the resultant value to people monitoring the judicial process. In this case, according to this Court, the Government has—behind closed doors—pressed an argument that a person can violate the Espionage Act by handing a copy of a New York Times article containing leaked NDI to someone else, which is definitely something that interested persons in the field should know, and what they do not know is the degree to which the Government pressed this point, how it defended it, whether it has actually done so in the past, and what other positions it took when it was not expecting the transcripts to become made public.

By the same token, this convergence of factors also definitively demonstrates that the First Amendment right of access attaches to these records, because unlike the hypothetical CIPA hearing that the Government asks the Court to envision, at least this discussion strayed far from a simple discussion of evidentiary issues, with the Government presenting legal arguments about elements of the crime itself. [McClanahan’s italics, my bold]

He argued that the government’s argument went further than the stance it takes on Prepublication Reviews, insofar as we’re just arguing for a First Amendment right to read these transcripts, not publish them.

Simply put, when courts are put in the position of balancing claims related to national security against a writer’s First Amendment concerns, they consistently and without exception find that only classified information tilts the balance. There is no reason for this dynamic to change when it involves a reader’s First Amendment concerns, and while we acknowledge that some district courts have accepted the Government’s arguments, there is no evidence to show that those courts were presented with our argument and no grounds for this Court to follow suit.

Then McClanahan pointed to Judge Furman’s own comments about the colloquy as proof that the government’s claim — that there is no meaningful way to unseal just the unclassified portions of the transcripts — must be false.

In fact, the very existence of the Court’s 6 July summary of the two hypotheticals discussed above demonstrates the frivolousness of these arguments, since: (a) it was neither incoherent not functionally useless; and (b) the Court presumably did not divulge classified information in discussing it.

Judge Furman must have found something novel or persuasive in this argument. When he ordered the government to formally request the continued sealing of the transcripts on November 21, he said they could only submit a reply with his permission. But he just gave the government three pages to to do so.

This challenge could do more than liberate arguments the government made about the Espionage Act in secret. It could challenge the government’s larger views on secrecy in the context of CIPA.

As McClanahan laid out, “the Government has—behind closed doors—pressed an argument that a person can violate the Espionage Act by handing a copy of a New York Times article containing leaked [classified information] to someone else.” When I saw the argument (as relayed in Furman’s July description), I recognized the import of liberating this transcript.

If a Bear Shits in a Sealed CIPA Conference, Can It Expand the Espionage Act to the NYT’s Readers?

December 9, 2022/23 Comments/in WikiLeaks /by emptywheel

On May 3, 2022, Judge Jesse Furman posed two hypotheticals to prosecutors in the Joshua Schulte case about whether the Espionage Act would apply to people who disseminated already public information from the Vault 7/Vault 8 leaks: First, a member of the public, having downloaded publicly-posted CIA hacking materials made available by WikiLeaks, who gave those materials to a third party. Second, someone who passed on information from the Vault 7/8 leaks published by the NYT to a third party. In both cases, the government argued that someone passing on already public information from the leaked files could be guilty of violating the Espionage Act.

At least, it appears that the government argued for this expansive hypothetical application of the Espionage Act, based on what Furman said in a discussion about jury instructions on July 6. I’ve put a longer excerpt of the exchange from the discussion about jury instructions below; here’s how Judge Furman instructed the jury on the matter.

The actual discussion in May took place in a hearing conducted as part of the Classified Information Procedures Act, CIPA, the hearings during which the government and defense argue about what kind of classified information must be declassified for trial (I wrote more about CIPA in this post). Because the discussion happened as part of the CIPA process, the hearing itself is currently sealed.

And the government wants it to stay that way.

Both in a letter motion filed on November 11, postured as an update on the classification review of the transcripts of that hearing, and in a December 5 letter motion Furman ordered the government to file formally asking to keep the transcripts sealed, the government argued that CIPA trumps the public’s right of access to such court records.

CIPA’s mandatory sealing of the records of in camera proceedings conducted pursuant to Section 6 supersedes any common law right of access to those records, and neither history, logic, nor the right of attendance at proceedings support a right of access under the First Amendment.

The earlier letter even explained why it wanted to keep the “extensive colloquies” in these hearings sealed.

Beyond that, the extensive colloquies and the specific issues of law discussed at that hearing would reveal, by itself, the specific type of relief sought by the parties on specific subjects, which would in turn provide significant indications about what classified information was at issue, prompting undue speculation that would undermine national security interests.

But this specific issue of law, whether journalists or their readers have legal exposure under the Espionage Act for reporting on leaked, classified material, is not secret. Nor should it be.

That’s why, with the support of National Security Counselors’ Kel McClanahan, I’m intervening in the case to oppose the government’s bid to keep the May 3 and other transcripts sealed. How the government applies the Espionage Act to people who haven’t entered into a Non-Disclosure Agreement with the government to keep those secrets has been a pressing issue for years, made all the more so by the prosecution of Julian Assange. Indeed, the government may have given the answers to Judge Furman’s hypotheticals that they did partly to protect the basis of the Assange prosecution. But for the same reason that the Assange prosecution is a dangerous precedent, the prosecutors’ claims — made in a sealed hearing — that they could charge people who share a NYT article (or an emptywheel post) on the Vault 7 releases raise real Constitutional concerns. As Judge Furman noted, “there are hundreds of thousands of people unwittingly violating the Espionage Act by sharing the New York Times report about the WikiLeaks leak” (and, though he doesn’t say it, tens of thousands sharing the emptywheel reporting about it). And yet no one will learn that fact if the discussion about it remains sealed.

I’m not usually able to intervene in such matters because I don’t have the resources of a big media in-house counsel to do so. McClanahan’s willingness to help makes that possible. National Security Counselors are experts on this kind of national security law, with extensive experience both on the Espionage Act and on CIPA. But the group relies heavily on tax-exempt charitable contributions to be able to do this kind of work. Please consider supporting the effort with a donation via this link or PayPal. Thanks!

Transcript excerpt

These transcripts were obtained by the Calyx Institute with funding from Wau Holland, the latter of which has close ties to WikiLeaks.

So that’s the context and a little bit of the background. I think I have frankly come around to thinking that for reasons and constitutional avoidance and otherwise that there is a lot to — that Mr. Schulte is not entirely correct but is substantially correct, that is to say that if all — let me put it differently. I think the reason that Mr. Schulte is in a different position with respect to the MCC counts is that he is someone in a position to know whether the information was classified, was NDI, was CIA information and in that sense by virtue of leaking it again, so to speak, he is providing official confirmation but it is the official confirmation that is the new information that would qualify as NDI and I think Rosen kind of highlights that, that particular nuance. I think that distinguishes Mr. Schulte from — I gave you a hypothetical, again, I think it is currently in the classified hearing and therefore not yet public, but I gave you two hypotheticals. I think one is where a member of the public goes on WikiLeaks today and downloads Vault 7 and Vault 8 and then provides the hard dive with the download to someone who is not authorized to receive NDI, and I posed the question of whether that person would be guilty of violating the Espionage Act and I think your answer was yes. That strikes me as a very bold, kind of striking proposition because in that instance, if the person is not in a position to know whether it is actual classified information, actual government information, accurate information, etc., simply providing something that’s already public to another person doesn’t strike me as — I mean, strikes me as, number one, would be sort of surprising if that qualified as a criminal act. But, to the extent that the statute could be construed to the extend to that act one would think that there might be serious constitutional problems with it.

I also posed the hypothetical of the New York Times is publishing something that appears in the leak and somebody sharing that article in the New York Times with someone else. That would be a crime and there, too, I think you said it might well be violation of the law. I think to the extent that that would extend to the New York Times reporter for reporting on what is in the leak, or to the extent that it would extend to someone who is not in position to know or position to confirm, that raises serious constitutional doubts in my mind. That, to me, is distinguishable from somebody who is in a position to know. I think there is a distinction if that person transmits a New York Times article containing classified information and in that transmission does something that confirms that that information is accurate — right — or reliable or government information, then that’s confirmation, it strikes me, as NDI. But it just strikes me as a very bold and kind of striking proposition to say that somebody, who is not in position to know or does not act in a way that would confirm the authenticity or reliability of that information by sharing a New York Times article, could be violating the Espionage Act. That strikes me as a kind of striking proposition.

So all of which is to say I think I have come around to the view that merely sharing something that is already in the public domain probably can’t support a conviction under this provision except that if the sharing of it provides something new, namely, confirmation that it is reliable, confirmation that it is CIA information, confirmation that it is legitimate bona fide national defense information, then that confirmation is, itself, or can, itself, be NDI. I otherwise think that we are just in a terrain where, literally, there are hundreds of thousands of people unwittingly violating the Espionage Act by sharing the New York Times report about the WikiLeaks leak.

MR. DENTON: So, your Honor, I think there is a couple of different issues there and one of them is sort of whether the question that you are posing right now is actually the right question for this moment in time when we are talking about the elements of the offense.

In the context of that earlier discussion, and I will repeat it here, I think one of the things that we emphasized is there is a difference between whether a set of conduct, either the hypotheticals that you describe would satisfy the elements of a violation of 793 as opposed to the separate question of whether a person or an organization in that context would have a well-taken, as-applied First Amendment challenge to the application of the statute to them in that context.

THE COURT: But I have to say — and I recognize this may be in tension with my prior holding on this issue — the First Amendment is an area where somebody — I mean, the overbreadth doctrine in the First Amendment context allows somebody, as to whom a statute could be applied, constitutionally to challenge the statute on the grounds that it does cover conduct that would violate the First Amendment. So in that regard, it is distinct from a vagueness challenge. I think to the extent that you are saying that in those instances — I mean, the reason being that the First Amendment embodies a concept of chilling. If a New York Times reporter doesn’t know whether he is violating the Espionage Act by repeating what is in the WikiLeaks leak notwithstanding the fact that there is serious public interest in it, it may chill the suppression and that suppression is protected by the First Amendment. That’s the point in the overbreadth doctrine.

Go ahead.

Sabrina Shroff Really Wants to Meet in Person with Josh Schulte

October 19, 2022/5 Comments/in WikiLeaks /by emptywheel

Something odd happened in the Josh Schulte case yesterday.

He still has to submit his Rule 29 motion for acquittal and Rule 33 motion for a new trial for his trial. Before the government seized his laptop in a search, they were originally due September 23.

But since the FBI allegedly found Child Sexual Abuse Material on his discovery laptop — the FBI suspects he copied it from the materials allegedly on his home computer via a thumb drive brought into the SCIF storing his discovery — he has been restricted to a typewriter, and so will be given more time to write the filings.

On October 6, Judge Jesse Furman ordered the two sides to come up with a new schedule for those motions by Friday to accommodate that restriction.

The FBI is also investigating Schulte for having contraband on his discovery laptop. Back in September, Schulte insisted that “the only material on the laptop was provided by the government or my attorneys.”

So early yesterday, the government filed a letter, effectively pre-empting one they said that Schulte’s attorney, Sabrina Shroff, had written but not yet docketed. They did so, they said, because hers was inaccurate and did not reflect consultation with Schulte, who is representing himself pro se on the last trial.

Counsel’s letter, which asks the Court to order the means by which the parties carry out their obligation to meet-and-confer about a proposed motions schedule, (i) is materially inaccurate, (ii) seeks unnecessarily burdensome and delay-laden restrictions on what should be a straightforward conversation about a schedule, and (iii) inappropriately attempts to speak on the defendant’s behalf with respect to an issue for which the defendant is pro se. Defense counsel’s letter falsely claims, for example, that the Government previously refused to have calls with the defendant while he was in the MDC and has “repudiated” this practice; when, in fact, the Government previously arranged meet-and-confer calls with the defendant during his courthouse SCIF days because doing so was logistically simpler. Here, where the defendant is no longer produced to the SCIF, the Government proposed a telephone call from the MDC, which defense counsel has been invited to join. When counsel objected to the call, the Government noted that the defendant is pro se and entitled to decide for himself whether or not to participate in the call and, if he declined to do so, the Government would attempt to confer through other means. The Government also offered to respond to a proposed schedule from the defendant conveyed by counsel. Rather than pursue either option or allow the defendant to speak for himself on this pro se matter,1 defense counsel submitted today’s letter to the Court.

1 Counsel’s letter does not assert that the defendant is incompetent to act for himself pro se and makes no representation that the defendant was consulted on the letter.

When Shroff’s letter was finally docketed (with two redactions describing Schulte’s current status, apparently something pertaining to having been moved from his prior cell), it became clear that she’s insisting on using the meet-and-confer as an opportunity to meet with him in person, rather than with her on the call, or barring that, ensuring that anything Schulte say not be used against him.

In the past, the government has fulfilled its meet and confer obligations by calling Mr. Schulte in the SCIF, where one or more of his standby counsel could be physically present and beside Mr. Schulte as he spoke with opposing counsel. During the time Mr. Schulte was entirely pro se, the government refused to have calls with him while he was at MDC-Brooklyn, insisting the calls take place while he was at the SCIF. Each call was recorded by the government and an FBI agent was present for the call.

In repudiation of this prior practice, the government now seeks to meet and confer with Mr. Schulte by arranging a telephone call with him at the MDC, meaning no defense counsel would be physically present next to Mr. Schulte during the call.1 Given (i) the hybrid representation in place; (ii) Mr. Schulte [redacted];2 and (iii) such a setup is not necessary, it would not be prudent for defense counsel to agree to such a meet and confer.

In lieu of the government’s proposal, defense counsel has offered to (i) take the government’s proposed briefing schedule to Mr. Schulte to get his sign-off;3 (ii) allow the meet and confer at the MDC, provided the government can arrange for Mr. Schulte’s counsel to be there physically with him in the same room; (iii) have Mr. Schulte produced at the 500 Pearl Street pens on the 4th floor for the meet and confer; or (iv) if the Court allows the meet and confer to take place outside the physical presence of counsel as the government demands, that the government agree not to use any purported spontaneous statements or questions that may come out during the call against Mr. Schulte at any future legal proceeding. The government has rejected each of these four proposals.

Given this impasse, and the importance of defense counsel being physically next to Mr. Schulte when the Government speaks with him, we respectfully ask the Court to Order the government to adopt one of the four proposals, so the meet and confer can proceed in a manner that allows defense counsel to step in and ensure that Mr. Schulte’s right against self-incrimination and right to counsel are protected.

1 Defense counsel has apprised the government of her unavailability on the government’s chosen date and time of October 19, 2022, and asked at the very least, the call be re-scheduled should the Court not grant the requested relief.

2 Neither the government nor the BOP informed counsel for Mr. Schulte [redacted] The BOP did not provide (for three days in row) the requested emergency legal calls. In person visits were also made unavailable. Counsel was told that the in-person visit could not take place as the room in the SAMs unit was occupied by other counsel, when in fact Mr. Schulte was not on his regular unit.

3 I twice offered to go to the MDC and vet with Mr. Schulte the government’s proposed briefing schedule for the Rule 29 and 33 motion. The government declined to provide its proposed timeline/schedule to me.

While Shroff’s letter sounds sketchy in light of Schulte’s own observation that any contraband had to have come from the government or his lawyers, Shroff is too smart to facilitate Schulte’s crimes. That said, the record suggests that he manipulates every single human being he comes into contact with, including his own family. I think the most likely explanation for any contraband is that he made a seemingly reasonable request for something from his lawyers, and then repurposed it.

The government, meanwhile, has used the recent developments to propose a long delay — with briefing to begin two months from now — on Schulte’s pretrial motions. Now they’re proposing he submit his motions on December 16.

I’ve been wondering how Schulte would respond to being accused of reaccessing CSAM material, something that, if proven, would make proving his pending charges on that easier to prove and also dramatically increase his potential sentence. He’s at the point where he has to be contemplating life in prison.

However he has and will respond, Shroff is worried about him speaking with the government without being present.

FBI Allegedly Found Child Sexual Abuse Material When It Searched Josh Schulte’s Discovery Laptop

October 6, 2022/21 Comments/in Cybersecurity /by emptywheel

For the past several weeks — since his attorney, Sabrina Shroff, filed a letter on September 28 asking why he hadn’t been delivered to the SCIF as expected on September 26 — there has been something weird going on in the docket for Josh Schulte — who in July was convicted of stealing and leaking the CIA’s hacking tools to Wikileaks. She noted there was a probable request that he be withheld from the SCIF in the docket and wanted access to it. Today, the government unsealed three filings explaining what happened: They allegedly caught Schulte with Child Sexual Abuse Material again. Almost four years to the day after he was found using contraband phones in MCC, the government did another search of his cell to figure out whether and how he got the CSAM (which probably came from his discovery pertaining to the files allegedly on his home computer in 2017).

The filings are:

What happened is this:

July 27: The government obtained a warrant for Schulte’s discovery laptop covering contempt and contraband with search run by filter AUSA.

As the Court is aware, on July 27, 2022, United States Magistrate Judge Cheryl L. Pollak of the Eastern District of New York signed a warrant authorizing the seizure and search of the laptop previously provided to the defendant for his use in the Bureau of Prisons for reviewing unclassified discovery and preparing litigation materials in this case (the “Laptop Warrant”), which was at that time located at the Metropolitan Detention Center (“MDC”) in Brooklyn, New York. Pursuant to the terms of the Laptop Warrant, the initial search and review of the contents of the defendant’s laptop for evidence of the subject offenses set forth therein, specifically violations of 18 U.S.C. §§ 401(3) (contempt of court) and 1791(a) (possessing contraband in a correctional facility), is being conducted by agents from the Federal Bureau of Investigation (“FBI”) who are not part of the prosecution team, supervised by an Assistant U.S. Attorney who is also not part of the prosecution team and is experienced in privilege matters (the “Wall Team”), to segregate out any potentially privileged documents or data.

August 26: The FBI discovered an extra thumb drive in the SCIF.

On or about August 26, 2022, Schulte was produced to the Courthouse SCIF and, during that visit, asked to view the hard drive containing the Home CSAM Files from the Home Desktop. The hard drive was provided to Schulte and afterwards re-secured in the dedicated safe in the SCIF. The FBI advised the undersigned that, while securing the hard drive containing the Home CSAM Files, they observed that an unauthorized thumb drive (the “Thumb Drive”) was connected to the SCIF laptop used by Schulte and his counsel to review that hard drive containing the Home CSAM Files. On or about September 8, 2022, at the Government’s request, the CISO retrieved the hard drive containing materials from the Home Desktop from the SCIF and returned it to the FBI so that it could be handled pursuant to the normal procedures applicable to child sexual abuse materials. The CISO inquired about what should be done with the Thumb Drive, which remained in the dedicated SCIF safe. The Government requested that the Thumb Drive remain secured in the SCIF while the Government completed its review of the defendant’s laptop and continued to investigate the defendant’s potentially unauthorized activities.

September 22: FBI discovers “a substantial amount” of suspected CSAM on his discovery laptop with review run by a second AUSA.

[O]n September 22, 2022, the Wall Team contacted one of the FBI case agents handling this matter to inform him that, during the Wall Team’s review of the defendant’s MDC laptop, they had discovered a substantial amount of what appeared to be child sexual abuse materials (the “Laptop CSAM Files”) and to request guidance about how to proceed.

[snip]

[A]nother Assistant U.S. Attorney was assigned to the Wall Team at the request of the undersigned to be able to review the material and assist in obtaining that additional warrant, which this Court issued on September 23, 2022 (the “CSAM Expansion Warrant”).

October 5: FBI executes a search on Schulte’s cell, the SCIF, and electronics in the SCIF.

One warrant, which was issued on October 4, 2022 by United States Magistrate Judge Robert M. Levy of the Eastern District of New York, authorized the search of the defendant’s cell at the MDC and the seizure of certain materials contained therein, including electronic devices (the “MDC Cell Warrant”). The second warrant, which was also issued on October 4, 2022 by this Court, authorized the seizure and search of three specified electronic devices previously used by the defendant in the Courthouse Sensitive Compartmented Information Facility (“SCIF”) in connection with his review of CSAM obtained from the defendant’s home computer equipment and produced in discovery for review in the SCIF (the “CSAM Devices Warrant”). Both the MDC Cell Warrant and the CSAM Devices Warrant contain substantially the same procedures as the CSAM Expansion Warrant for initial review of the seized materials by the Wall Team. Both warrants were executed by the FBI on October 5, 2022.

DOJ is still investigating the discovery laptop for both the contraband and the CSAM. But they’re ready to give Schulte a typewriter so he can write his post-trial motions.

As the Government previously informed defense counsel and the Court, the Government cannot at this point consent to providing the defendant with a replacement laptop under any conditions (D.E. 950), in light of both his convictions of a variety of computer-related offenses and the additional evidence of his misconduct with regard to the previous MDC laptop that was seized. The Government has conferred with legal counsel at the MDC to request that the defendant have access to a typewriter for purposes of drafting these post-trial motions, similar to that available to inmates in general population. MDC legal counsel has indicated that this would likely be possible, subject to approval from the senior management of the MDC.

A Different DOJ Search of Note: Joshua Schulte

August 10, 2022/5 Comments/in emptywheel, WikiLeaks /by emptywheel

Josh Schulte should have grown concerned when David Denton — one of the two AUSAs in charge of his prosecution — didn’t show up to a status conference on July 26.

THE COURT: All right. Good afternoon, everyone. Mr. Lockard, will Mr. Denton be joining us?

MR. LOCKARD: He will not be joining us today.

For that matter, he should have sussed something was up a month earlier, during trial, when Denton objected to Schulte’s bid to introduce a script he wrote as evidence at his trial because of ongoing and escalating security concerns.

[Y]our Honor, we have accepted a continuing expansion of the defendant’s use of a laptop that was originally provided for the purpose of reviewing discovery, but to us, this is really a bridge too far in terms of security concerns, particularly in light of the issues uncovered during the last issue with his laptop and the concerns that the MDC has raised to us about tampering with the law library computer. We have not taken any action in response to that, because we’re in the middle of trial and we’re loath to do things that would disrupt the trial at this point.

As I laid out, among the security concerns Denton was worried about was that, just weeks before trial when Schulte claimed that his laptop was broken, IT staff at the US Attorney’s Office discovered that Schulte had been tampering with the BIOS on his laptop, seemingly in an attempt to bypass WiFi restrictions.

First, with respect to the defendant’s discovery laptop, which he reported to be inoperable as of June 1, 2022 (D.E. 838), the laptop was operational and returned to Mr. Schulte by the end of the day on June 3, 2022. Mr. Schulte brought the laptop to the courthouse on the morning of June 3 and it was provided to the U.S. Attorney’s Office information technology staff in the early afternoon. It appears that the laptop’s charger was not working and, after being charged with one of the Office’s power cords, the laptop could be turned on and booted. IT staff discovered, however, that the user login for the laptop BIOS1 had been changed. IT staff was able to log in to the laptop using an administrator BIOS account and a Windows login password provided by the defendant. IT staff also discovery an encrypted 15-gigabyte partition on the defendant’s hard drive. The laptop was returned to Mr. Schulte, who confirmed that he was able to log in to the laptop and access his files, along with a replacement power cord. Mr. Schulte was admonished about electronic security requirements, that he is not permitted to enable or use any wireless capabilities on the laptop, and that attempting to do so may result in the laptop being confiscated and other consequences. Mr. Schulte returned to the MDC with the laptop.

1 The BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The BIOS settings can determine, for example, whether external ports and wireless capabilities are enabled or disabled.

So DOJ revealed evidence that Schulte was attempting to hack his discovery laptop before trial, Denton implied DOJ was waiting until after trial to do anything about it, and Denton was too busy to show up at the status hearing on July 26.

He appears to have been busy getting a search warrant for the laptop. The government served Schulte with the warrant and seized the offending laptop two days later, on July 28. After Schulte attorney Sabrina Shroff complained, the government explained that since they had not yet charged Schulte in conjunction with the new warrant, they didn’t have to provide their affidavit.

[T]he Government’s investigation of the defendant’s conduct that gave rise to the search warrant is ongoing, no charges related to his use of the laptop have been filed, and the scope and precise nature of the conduct that the Government is investigating are not known either to the public or to the defendant.

If that investigation results in the use of information obtained pursuant to the search warrant, the Government will comply with its discovery obligations promptly.

They did, however, object to getting Schulte a new laptop.

The defendant has seven weeks to draft and file his pro se motions pursuant to Federal Rules of Criminal Procedure 29 and 33, and can do so using the normal resources available to pro se inmates at the Metropolitan Detention Center. The defendant “has the right to legal help through appointed counsel, and when he declines that help, other alternative rights, like access to a [personal laptop], do not spring up.” United States v. Byrd, 208 F.3d 592, 593 (7th Cir. 2000). Particularly in view of the Magistrate Judge’s determination that there is probable cause to believe that the defendant’s previous laptop contains evidence of additional crimes, there is no reason that the defendant should be afforded special access to a new laptop simply because the Court has permitted him to proceed partially pro se for certain matters going forward.

Shroff’s reply, in addition to making a legitimate case that Schulte should be able to get a laptop to finish his Rule 29 and 33 motions, provided more detail of what she knows about the warrant. This is not about espionage. She mentions only additional counts of contempt and possessing contraband, the same charges investigated in 2018 when Schulte’s phone was found (though those crimes seem inconsistent with the security concerns — hacking — described leading up to the trial).

The search warrant itself notes that the government is not alleging it has probable cause for any acts of espionage.

[snip]

Notably, while the government’s letter states the factors which may permit an affidavit to be withheld – e.g., to preserve confidential sources or protect witnesses – the government never explains how those factors possibly could apply here, where someone already incarcerated is accused of violations of Title 18, United States Code, Sections 401(3) (contempt of court) and 1791(a) (possessing contraband in a correctional facility). There are no confidential sources or witness at risk – and production of the affidavit in support of the search warrants implicates none of the articulated concerns.

But that’s not right. It can’t be right. If Schulte got contraband, it means someone — his legal team, his family, or the guards — shared it with him. He has a history of getting the latter two involved in ferrying information or goods improperly. I’m mindful, too, of Schulte’s curious replication of a WikiLeaks-seeded propaganda campaign about Mike Pompeo, even in spite of being on SAMs.

After suggesting there couldn’t be witnesses in a situation where there’d have to be witnesses, Shroff turns the government’s efforts to avoid disrupting Schulte’s trial on its head, claiming it is proof that waiting until after the trial is punitive.

The timing of the search warrant sought by the government as it relates to its stance on a replacement laptop is perhaps informative. Right before start of trial, a guard at the MDC dropped Mr. Schulte’s laptop. See ECF Docket Entry No. 838. In an effort to “fix” the laptop, Mr. Schulte provided it to the government – for that limited purpose. The government then returned the laptop saying it was working but asked Mr. Schulte about the organization of the laptop and then asked the court to admonish Mr. Schulte for manner in which he was maintaining it. The government did nothing more. It did not ask the Court for a search warrant or to curtail Mr. Schulte’s access to the laptop. The government allowed Mr. Schulte to keep his laptop – all through the trial – and only now seeks its seizure. The timing appears punitive and not keyed to any potential harm to a third party.

Ultimately, Judge Jesse Furman declined to intervene, in part because the warrant was obtained in EDNY, not SDNY.

How Josh Schulte Got Judge Jesse Furman to Open a File in Internet Explorer

July 14, 2022/26 Comments/in Cybersecurity, emptywheel, WikiLeaks /by emptywheel

Something puzzles me about both Josh Schulte trials (as noted yesterday, the jury found Schulte guilty of al charges against him yesterday).

In both, the government introduced a passage from his prison notebooks advocating the use of the tools he has now been found guilty of sharing with WikiLeaks in an attack similar to NotPetya. [This is the version of this exhibit from his first trial.]

Vault 7 contains numerous zero days and malware that could be [easily] ~~deployed~~ repurposed and released onto the world in a devastating fashion that would make NotPetya look like Child’s play.

Neither time, however, did prosecutors explain the implications of this passage, which proved both knowledge of the non-public files released to WikiLeaks and a desire that they would be used, possibly by Russia, as a weapon.

Here’s how AUSA Sidhardha Kamaraju walked FBI Agent Evan Schlessinger through explaining it on February 26, 2020, in the first trial.

Q. Let’s look at the last paragraph there.

A. “Vault 7 contains numerous zero days and malware that could easily be deployed, repurposed, and released on to the world in a devastating fashion that would make NotPetya look like child’s play.”

Q. Do you know what NotPetya is?

A. Yes, generally.

Q. What is it?

A. It is a version of Russian malware.

Here’s how AUSA David Denton walked Agent Shlessinger through that same exact script this June 30 in the second trial.

Q. And the next paragraph, please.

A. “Vault 7 contains numerous zero days and malware that could easily be deployed,” struck through “repurposed and released onto the world in a devastating fashion that would make NotPetya look like child’s play.”

Q. Sir, do you know what NotPetya is?

A. Yes, generally.

Q. Generally, what is a reference to?

A. Russian malware.

The placid treatment of that passage was all the more striking in this second trial because it came shortly after Schulte had gone on, at length, mocking the claim from jail informant Carlos Betances that Schulte had expressed some desire for Russia’s help to do what he wanted to do, which in context (though Betances wouldn’t know it) would be to launch an information war.

Q. OK. Next, you testified on direct that I told you the Russians would have to help me for the work I was doing, right?

A. Yes, correct.

Q. OK. So the Russians were going to send paratroopers into New York and break me out of MCC?

MR. LOCKARD: Objection.

THE COURT: Sustained.

BY MR. SCHULTE: Q. What is your understanding of how the Russians were going to help?

A. No, I don’t know how they were going to help you. You were the one who knew that.

Q. What work was I doing for Russia?

A. I don’t know what kind of work you were doing for Russia, but I know you were spending long periods of time in your cell with the phones.

Q. OK.

A. With a sheet covering you.

Q. OK. But only Omar ever spoke about Russia, correct?

A. No. You spoke about Russia.

Q. Your testimony is you never learned anything about Omar and Russian oligarchs?

A. No.

Denton could easily have had Schlessinger point out that wanting to get a CIA tool repurposed in Russian malware just like the Russians had integrated stolen NSA tools to use in a malware attack of unprecedented scope would be pretty compelling malicious cooperation with Russia. It would have made Schulte’s mockery with Betances very costly. But Denton did not do that.

In fact, the government entirely left this theory of information war out of Schulte’s trial. In his closing argument for the second trial, for example, Michael Lockard explicitly said that Schulte’s weapon was to leak classified information, not to launch cyberattacks.

Mr. Schulte goes on to make it even more clear. He says essentially it is the same as taking a soldier in the military, handing him a rifle, and then begin beating him senseless to test his loyalty and see if you end up getting shot in the foot or not. It just isn’t smart.

Now, Mr. Schulte is not a soldier in the military, he is a former CIA officer and he doesn’t have a rifle. He has classified information. That is his bullet.

To be sure, that’s dictated by the charges against Schulte. Lockard was trying to prove that Schulte developed malicious plans to leak classified information, not that he developed malicious plans to unleash a global cyberattack that would shut down ports in the United States. But that’s part of my point: The NotPetya reference was superfluous to the charges against Schulte except to prove maliciousness they didn’t use it for.

I may return to this puzzle in a future post. For now, though, I want to use it as background to explain how, that very same day that prosecutors raised Schulte’s alleged plan to get CIA hacking tools used to launch a global malware attack, Schulte got Judge Jesse Furman to open a document in Internet Explorer.

One of the challenges presented when a computer hacker like Schulte represents himself (pro se) is how to equip him to prepare a defense without providing the tools he can use to launch an information war. It’s a real challenge, but also one that Schulte exploited.

In one such instance, in February, Schulte argued the two MDC law library desktops available to him did not allow him to prepare his defense, and so he needed a DVD drive to transfer files including “other binary files,” the kind of thing that might include malware.

Neither of these two computers suffices for writing and printing motions, letters, and other documents. The government proposes no solution — they essentially assert I have no right to access and use a computer to defend myself in this justice system.

I require an electronic transfer system; printing alone will not suffice, because I cannot print video demonstratives I’ve created for use at trial; I cannot print forensics, forensic artifacts, and other binary files that would ultimately be tens of thousands of useless printed pages. I need a way to transfer my notes, documents, motion drafts, demonstrative videos, technical research, analysis, and countless other documents to my standby counsel, forensic expert, and for filing in this court.

The government had told Schulte on January 21 that he could not have a replacement DVD drive that his standby counsel had provided in January because it had write-capabilities; as they noted in March, not having such a drive was not preventing him from filing a blizzard of court filings. Ultimately, in March, the government got Schulte to let them access the laptop to add a printer driver to his discovery laptop. Schulte renewed his request for a write-capable DVD, though, in April.

Schulte continued to complain about his access to the law library for months, sometimes with merit, and other times (such as when he objected to the meal times associated with his choice to fast during Ramadan) not.

The continued issues, though, and Schulte’s claims of retaliation by prison staffers, are why I was so surprised that when, on June 1, Sabrina Shroff reported that a guard had broken Schulte’s discovery laptop by dropping it just weeks before trial, she didn’t ask for any intervention from Judge Furman. Note, she attributes her understanding of what happened to the laptop to Schulte’s parents (who could only have learned that from Schulte) and the prison attorney (who may have learned of it via Schulte as well). In response, as Shroff had tried to do with the write-capable DVD, she was just going to get him a new laptop.

We write to inform the Court that a guard at the MDC accidently dropped Mr. Schulte’s laptop today, breaking it. Because the computer no longer functions, Mr. Schulte is unable to access or print anything from the laptop, including the legal papers due this week. The defense team was first notified of the incident by Mr. Schulte’s parents early this afternoon. It was later confirmed in an email from BOP staff Attorney Irene Chan, who stated in pertinent part: “I just called the housing unit and can confirm that his laptop is broken. It was an unfortunate incident where it was accidentally dropped.”

Given the June 13, 2022 trial date, we have ordered him a new computer, and the BOP, government, and defense team are working to resolve this matter as quickly as possible. We do not seek any relief from the Court at this time.

Only, as I previously noted, that’s not what happened to the laptop, at all. When DOJ’s tech people examined the laptop, it just needed to be charged. As they were assessing it, though, they discovered he had a 15GB encrypted partition on the laptop and had been trying to use wireless capabilities.

First, with respect to the defendant’s discovery laptop, which he reported to be inoperable as of June 1, 2022 (D.E. 838), the laptop was operational and returned to Mr. Schulte by the end of the day on June 3, 2022. Mr. Schulte brought the laptop to the courthouse on the morning of June 3 and it was provided to the U.S. Attorney’s Office information technology staff in the early afternoon. It appears that the laptop’s charger was not working and, after being charged with one of the Office’s power cords, the laptop could be turned on and booted. IT staff discovered, however, that the user login for the laptop BIOS1 had been changed. IT staff was able to log in to the laptop using an administrator BIOS account and a Windows login password provided by the defendant. IT staff also discovery an encrypted 15-gigabyte partition on the defendant’s hard drive. The laptop was returned to Mr. Schulte, who confirmed that he was able to log in to the laptop and access his files, along with a replacement power cord. Mr. Schulte was admonished about electronic security requirements, that he is not permitted to enable or use any wireless capabilities on the laptop, and that attempting to do so may result in the laptop being confiscated and other consequences. Mr. Schulte returned to the MDC with the laptop.

1 The BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The BIOS settings can determine, for example, whether external ports and wireless capabilities are enabled or disabled.

This had all the markings of a hacker — someone who had once envisioned launching a cyberattack as part of his information war from jail — trying to prepare just such an attack.

Weeks later, during the trial, the government intimated that they might punish Schulte for that stunt, but were just trying to get through trial.

We have not taken any action in response to that, because we’re in the middle of trial and we’re loath to do things that would disrupt the trial at this point.

Along the way, though, Schulte’s laptop access continued to grow — for perfectly justifiable reasons tied to the trial, but which appears to have resulted in the discovery laptop (the one with the encrypted partition that he had apparently tried to access WiFi on) being in the same place as a second exhibit laptop, perhaps the very laptop originally intended to replace the one that wasn’t really broken at all. On June 13, Judge Furman ordered the Marshals to let Schulte keep his laptop at breaks. On June 15, Schulte got Furman to order the Marshals to let him use his second laptop, “just like the discovery laptop.”

MR. SCHULTE: OK. So the first thing is I think the marshals just need permission or authorization from you for me to be able to use the second laptop for my exhibits.

THE COURT: Use in the courtroom?

MR. SCHULTE: Yeah, be able to access and use it likeI use the other. I think there was court order for me to be able to use this laptop so they need authorization from you for me to use the second laptop.

THE COURT: And the second laptop is something that standby counsel procured? What is it?

MR. SCHULTE: Yes.

THE COURT: Any objection, Mr. Denton? Any concerns?

MR. DENTON: I think as long as it is something that’s used just here in the courtroom, that’s fine, your Honor. I think to the extent that it was going with the defendant anywhere else other than the courtroom, we would want to make sure that we applied the same security procedures that were applied to his original laptop.

THE COURT: Is it just to be used in this courtroom?

MR. SCHULTE: Yes. That’s correct. It is being locked, I think, in the FBI marshal’s room by the SCIF.

On June 17, Schulte asked Furman to issue a specific order to MDC to ensure he’d be able to “go to the law library and access the laptop.” Again, these are generally understandable accommodations for a defendant going pro se. But they may have placed his discovery laptop (normally used in MDC in Brooklyn) in close proximity to his exhibit laptop used outside of a SCIF in Manhattan.

With that in the background, on June 24, prosecutors described that just days earlier, Schulte had provided them code he wanted to introduce as an exhibit at trial. There were evidentiary problems — this was a defendant representing himself trying to introduce his own writing without taking the stand — but the real issue was his admission he was writing (very rudimentary) code on his laptop. As part of that explanation, the government also claimed that MDC had found Schulte tampering with the law library computer.

The third, however, and most sort of problematic category are the items that were marked as defense exhibits 1210 and 1211, which is code and then a compiled executable program of that code that appear to have been written by the defendant. That raises an evidentiary concern in the sense that those are essentially his own statements, which he’s not entitled to offer but, separately, to us, raises a substantial security concern of how the defendant was able to, first, write but, more significantly, compile code into an executable program on his laptop.

You know, your Honor, we have accepted a continuing expansion of the defendant’s use of a laptop that was originally provided for the purpose of reviewing discovery, but to us, this is really a bridge too far in terms of security concerns, particularly in light of the issues uncovered during the last issue with his laptop and the concerns that the MDC has raised to us about tampering with the law library computer. We have not taken any action in response to that, because we’re in the middle of trial and we’re loath to do things that would disrupt the trial at this point. The fact that defendant is compiling executable code on his laptop raises a substantial concern for us separate from the evidentiary objections we have to its introduction.

THE COURT: OK. Maybe this is better addressed to Mr. Schulte, but I don’t even understand what the third category would be offered for, how it would be offered, what it would be offered for.

MR. DENTON: As best we can tell, it is a program to change the time stamps on a file, which I suppose would be introduced to show that such a thing is possible. I don’t know. We were only provided with it on Tuesday. Again, we think there are obvious issues with its admissibility separate and apart from its relevance, but like I said, for us, it also raises the security concern that we wanted to bring to the Court’s attention.

[snip]

MR. SCHULTE: But for the code, the government produced lots of source code in discovery, and this specific file is, like, ten, ten lines of source code as well as —

THE COURT: Where does it come from? Did you write it?

MR. SCHULTE: Yes, I wrote it. That’s correct.

Schulte didn’t end up introducing the script he wrote. Instead, he asked forensics expert Patrick Leedom if he knew that Schulte had used the “touch” command in malware to alter file times.

Q. Do you know about the Linux touch command?

A. Yes.

Q. This command can be used to change file times, right?

A. Yes, it can.

Q. That includes access times, right?

A. Yes.

Q. And from reviewing my workstation, you know that I developed Linux malware tools for the CIA, right?

A. I know you worked on a few tools. I don’t know if they were Linux-specific or not, but —

Q. And you knew from that that I wrote malware that specifically used the touch command to change file times, right?

In the end, then, it turned out to be just one of many instances during the trial where Schulte raised the various kinds of malware he had written to hide his tracks, infect laptops, and jump air gaps, instances that appeared amidst testimony — from that same jail informant, Carlos Betonces — that Schulte had planned to launch some kind of key event in his information war from the (MCC) law library.

Q. That we — you testified that we were going to do something really big and needed to go to the law library, right?

A. You were paying $200 to my friend named Flaco to go to the library, yes.

Q. I paid someone money?

A. No. They were paying. And Flaco refused to take it downstairs. And the only option left was that they had to go down and take it themselves.

Q. OK. So Omar offered to pay money for Flaco to take some phone down, right?

A. That’s not how Flaco told me. That’s not the way Flaco described it. He said that both of them were offering him money.

Q. All right. But there were cameras in the law library, correct?

THE INTERPRETER: I’m sorry. Can you repeat the question?

Q. There were cameras in the law library, correct?

A. I don’t know.

Q. OK. But your testimony on direct was that me and Omar needed to send some information from the phone, right?

A. Let me explain it to you again. Not information. It’s that you had to do something in the, in the library. That’s what I testified about.

Q. OK. What did I have to do in the law library, according to you?

A. Well, you’re very smart. You must know the question. There was something down there that you wanted to use that you couldn’t use upstairs.

Q. OK. You also testified something about a USB drive, right?

A. Yes.

Q. You testified, I believe, that me and Omar wanted a USB device, right?

A. Yeah. You asked me all the time when the drive was going to arrive. When was it coming? When was it coming?

Q. OK. But there were already USB hard drives given to prisoners in the prison, right?

A. Not to my understanding.

Q. You don’t — you never received or saw anyone using a USB drive with their discovery on it?

A. No, because I — no, I hardly ever went down to the law library.

Q. All right. And then you said, you testified that you slipped a note under the guard’s door?

A. Yes.

Q. And that was about, you said something was going to happen in the law library, right?

THE INTERPRETER: Could you repeat the question, please?

MR. SCHULTE: Yes.

Q. You said that the note said something was going to happen in the law library, right?

A. Yes.

Which finally brings us to the Internet Explorer reference. During his cross-examination of FBI Agent Schlessinger on June 30, Schulte attempted to introduce the return from the warrant FBI served on WordPress after discovering Schulte was using the platform to blog from jail. The government objected, which led to an evidentiary discussion after the jury left for the weekend. The evidentiary discussion pertained to how to introduce the exhibit — which was basically his narrative attacking the criminal justice system — without also disclosing the child porn charges against Schulte referenced within them.

Schulte won that discussion. On the next trial day, July 6, Furman ruled for Schulte, and Schulte said he’d just put a document that redacted the references to his chid porn and sexual assault charges on a CD to share with the government.

MR. SCHULTE: Yes. I just — if I can get the blank CD from them or something I can just give it to them and they can review it.

But back on June 30, during the evidentiary discussion, Judge Furman suggested that the 80- or 90-page document that the government was looking at was something different than the file he was looking at.

That was surprising to Furman.

So was the fact that his version of the document opened in Internet Explorer.

MR. DENTON: Your Honor, on Exhibit 410 we recognize the Court has reserved judgment on that. I want to put sort of a fourth version in the hopper. At least in the version we are looking at, it is a 94-page 35000-word document. To the extent that the only thing the Court deems admissible is sort of the fact that there were postings that did not contain NDI, we would think it might be more appropriate to stipulate to that fact rather than put, essentially, a giant manifesto in evidence not for the truth. So I want to put that option out there given the scope of the document.

[snip]

MR. DENTON: Understood, your Honor. I think at that point, even if we get past the hearsay and the not for the truth problems, then there is a sort of looming 403 problem in the sense that it is a massive document that is essentially an manifesto offered for a comparatively small point. I think at that point it is risk of confusing the jury and potentially inflaming them if people decide to sit down and to read his entire screed, it significantly outweighs the fairly limited value it serves. But, we recognize the Court has reserved on this so I don’t need to belabor the point now.

THE COURT: Unless I am looking at something different, what I opened as Defendant’s Exhibit 410 — it opened for me in Internet Explorer, for some reason and I didn’t even think Internet Explorer existed anymore — and it does not appear to be 84 pages. So, I don’t even know if I am looking at what is being offered or not. But, let me add another option, which is if the government identifies any particular content in here that it thinks should be excluded under 403, then you are certainly welcome to make that proposal as well in the event that I do decide that it should come in in more or less its entirety with the child porn redacted. And if you think that there is something else that should be redacted pursuant to 403, I will consider that. All right?

MR. DENTON: We will make sure we are looking at the same thing and take a look at it over the weekend, your Honor.

To be clear: The reason this opened in IE for Furman is almost certainly that the document was old — it would date to October 2018 — and came in a proprietary form that Furman’s computer didn’t recognize. So for some reason, his computer opened it in IE.

That said, it’s not clear that the discrepancy on the page numbers in the file was ever addressed. Schulte just spoke to one of the prosecutors and they agreed on how it would be introduced.

And if a developer who had worked on malware in 2016 wanted an infection vector, IE might be one he’d pick. That’s because Microsoft stopped supporting older versions of IE in 2016, the year Schulte left the CIA. And WordPress itself was a ripe target for hacking in 2018. Schulte himself might relish using a Microsoft vector because the expert in the trial, Leedom, has moved onto Microsoft since working as a consultant to the FBI.

I have no idea how alarmed to be about all this. The opinions from experts I’ve asked have ranged from “dated file” to “he’d have to be lucky” to “unlikely but potentially terrifying” to “no no no no!” And Schulte is the kind of guy who lets grudges fester so badly that avenging the grudge becomes more important than all else.

So I wanted to put this out there so smarter people can access the documents directly — and perhaps so technical staff from the courthouse can try to figure out why that document opened in Internet Explorer.

Note: As it did with the first trial, Calyx Institute made the transcripts available. This time, however, they were funded by Germany’s Wau Holland Foundation. WHF board member Andy Müller-Maguhn has been named in WikiLeaks operations and was in the US during some of the rough period when Schulte is alleged to have leaked these documents.

Joshua Schulte Found Guilty on All Counts

July 13, 2022/24 Comments/in Cybersecurity, WikiLeaks /by emptywheel

The jury has returned guilty verdicts in all nine charges against Joshua Schulte. While I expected guilty verdicts on the revamped CFAA charges, I wasn’t sure about the far more circumstantial Espionage charges. DOJ must be breathing a sigh of relief.

I have no doubt Schulte will appeal. He has been setting up appeals on a Sixth Amendment SAMS challenge and on a Van Buren challenge to the CFAA charges; plus I imagine he’ll challenge some of the instructions and other decisions Judge Jesse Furman made (though I thought Furman was more favorable to Schulte than Paul Crotty before him).

I’m as interested in what happens with WikiLeaks after this.

WikiLeaks has been spamming references to the misleading Yahoo story about the response to WikiLeaks’ publication (and, more importantly, non-publication) of the stolen CIA files. And I know Assange’s US defense attorney has been getting transcripts from the case.

The WikiLeaks team surely recognizes what I have for years: The existing charges against Assange are all teed up to expand the CFAA count to incorporate the Vault 7 release and Vault 8 non-release (and, possibly, WikiLeaks’ role in the 2016 Russian effort). And Schulte was given discovery on an ongoing investigation into what is almost certainly WikiLeaks.

So while this closes the known part of the case against Schulte, it likely represents further headaches for Assange.

Update: SDNY’s statement calls this, straight up, Espionage.

Today, Schulte has been convicted for one of the most brazen and damaging acts of espionage in American history.

The Josh Schulte Trial Moves to Deliberations

July 8, 2022/7 Comments/in Cybersecurity, emptywheel, WikiLeaks /by emptywheel

Yesterday, the two sides in the Josh Schulte case presented their closing arguments.

It is always difficult to read how a jury will view a case, and in this case (in part for reasons I’ll lay out below) that’s all the more true. I could imagine any of a range of outcomes: full acquittal, acquittal on some charges, guilty on most but not all charges, or another hung jury (though I think it likely he’ll win acquittal on at least one or two charges).

This is what the jury will be deliberating about. The short version: Judge Furman seems very skeptical of the obstruction charge against Schulte, quite persuaded by the government’s CFAA charges, but very impressed by Schulte’s closing argument.

The charges

After his first mistrial, DOJ obtained a superseding indictment designed to break his alleged crimes into explicitly identifiable crimes, presumably to prevent the jury from getting confused about what specific actions allegedly constitute a crime, as the first jury appears to have done.

The indictment is generally broken into Espionage tied to files taken directly from the CIA’s servers (Counts One and Two), Espionage tied to stuff Schulte allegedly tried to send out from jail (Counts Three and Four), CFAA for hacking the CIA servers (Counts Five through Eight), and obstruction (Count Nine). I’ve put the legal code below, but here’s how Judge Furman described the charges in his draft jury instructions.

Specifically, Count One charges the defendant with illegal gathering of national defense information or “NDI.” Specifically, it charges that, on or about April 20, 2016, the defendant, without authorization, copied backup files of certain electronic databases (what I will refer to as the “Backup Files”) housed on a classified computer system maintained by the CIA (namely “DEVLAN”).

Count Two charges the defendant with illegal transmission of unlawfully possessed documents, writings, or notes containing NDI. Specifically, it charges that, between April and May 2016, the defendant, without authorization, retained copies of the Backup Files and communicated them to a third party not authorized to receive them, the organization WikiLeaks.

Count Five charges the defendant with unauthorized access to a computer to obtain classified information. Specifically, it charges that, between April 18 and April 20, 2016, the defendant accessed a 16 computer without authorization and exceeded his authorized access to obtain the Backup Files and subsequently transmitted them to WikiLeaks without authorization.

Count Six charges the defendant with unauthorized access to a computer to obtain information form a department or agency of the United States. Specifically, it charges that, on or about April 20, 2016, the defendant, accessed a computer without authorization or in excess of his authorized access, and copied the Backup Files.

Count Seven charges the defendant with causing transmission of a harmful computer command. Specifically, it charges that, on or about April 20, 2016, the defendant transmitted commands on DEVLAN to manipulate the state of the Confluence virtual server on DEVLAN.

Count Eight charges the defendant with causing transmission of a harmful computer command. Specifically, it charges that, on or about April 20, 2016, the defendant transmitted commands on DEVLAN to delete log files of activity on DEVLAN.

Counts Three and Four charge the defendant with crimes relating to the unlawful disclosure or attempted disclosure of NDI while he was in the Metropolitan Correctional Center (“MCC”), the federal jail.

Count Three charges that, in or about September 2018, the defendant had unauthorized possession of documents, writings, or notes containing NDI related to the internal computer networks of the CIA, and willfully transmitted them to a third party not authorized to receive them.

Count Four charges that, between July and September 2018, the defendant had unauthorized possession of documents, writings, and notes containing NDI related to tradecraft techniques, operations, and intelligence gathering tools used by the CIA, and attempted to transmit them to a third party or parties not authorized to receive them.

Finally, Count Nine charges the defendant with obstruction of justice. Specifically, it charges that between March and June 2017, the defendant made certain false statements to agents of the FBI during their investigation of the WikiLeaks leak.

Here’s that language with the legal statutes included:

Count One, 18 USC 793(d) and 2 (WikiLeaks Espionage), Illegal gathering of National Defense Information: For copying the DevLAN backup files on or about April 20, 2016.

Count Two, 18 USC 793(e) and 2 (WikiLeaks Espionage), Illegal transmission of unlawfully possessed NDI: For transmitting the backup files to WikiLeaks in or about April and May 2016.

Count Three, 18 USC 793(e) and 2 (MCC Espionage), Illegal transmission of unlawfully possessed NDI: For sending this information about DevLAN to Shane Harris in or about September 2018.

In reality, two groups — EDG and COG and at least 400 people had access. They don’t include COG who was connected to our DEVLAN through HICOC, an intermediary network that connected both COG and EDG. . . . There is absolutely NO reason they shouldn’t have known this connection exists. Step one is narrowing down the possible suspects and to completely disregard an ENTIRE GROUP and HALF the suspects is reckless. All they needed to do was talk to ONE person on Infrastructure branch or through ANY technical description / diagram of the network.”

Count Four, 18 USC 793(e) and 2 (MCC Espionage), Attempted illegal transmission of unlawfully possessed NDI: For staging a tweet and preparing to send out information about CIA’s hacking tools from at least July 2018 through October 2018. (Here’s the version of Exhibit 809 used at the first trial.)

Government Exhibit 801, page 3: “Which brings me to my next point — Do you know what my speciality was at the CIA? Do you know what I did for fun? Data hiding and crypto. I designed and wrote software to conceal data in a custom-designed file system contained with the drive slackspace or hidden partitions. I disguised data. I split data across files and file systems to conceal the crypto—analysis tools could NEVER detect random or pseudo-random data indicative of potential crypto. I designed and wrote my own crypto—how better to foll bafoons [sic] like forensic examiners ad the FBI than to have custom software that doesn’t fit into their 2-week class where they become forensic ‘experts.’”

Government Exhibit 809, page 8: “[tool from vendor report] — Bartender for [redacted] [vendor].”

Government Exhibit 809, page 10: “Additionally, [Tool described in vendor report] is in fact Bartender. A CIA toolset for [operators] to configure for [redacted] deployment.”

Government Exhibit 809, page 11: “[@vendor] discussed [tool] in 2016, which is really the CIA’s Bartender tool suite. Bartender was written to [redacted] deploy against various targets. The source code is available in the Vault 7 release.”

Count Five, 18 USC 1030(a)(1) and 2 (CFAA), Unauthorized access to a computer to obtain classified information: For hacking into the DevLAN backup files.

Count Six, 18 USC 1030(a)(2)(B) and 2 (CFAA), Unauthorized access of a computer to obtain classified information from a department or agency, for hacking into and copying the backup files.

Count Seven, 18 USC 1030(a)(5)(A) and 2 (CFAA), Causing transmission of harmful computer code: For the reversion of Confluence on April 20, 2016.

Count Eight, 18 USC 1030(a)(5)(A) and 2 (CFAA), Causing transmission of harmful computer code: For deleting log files on DevLAN on April 20, 2016.

Count Nine, 18 USC 1503, obstruction: For lying about having taken the backup files, keeping a copy of the letter he sent to the CIA IG, having classified information in his apartment, taking information from the CIA and transferring it to an unclassified network, making DevLAN vulnerable to theft, housing information from the CIA on his home computer, and removing classified information from the CIA.

The law

Based on orders Judge Jesse Furman issued and his response to Schulte’s Rule 29 motions for an acquittal after trial, it seems he views some of the charges to be stronger than others.

Espionage, WikiLeaks charges: Furman didn’t say much about the charges tied to Schulte allegedly obtaining and sharing the Vault 7 and 8 content with WikiLeaks. The transmission charge is the one that is most circumstantial (because the government made no claims about how Schulte got the stolen files out of the CIA and didn’t fully commit to how Schulte sent them to WikiLeaks), and so is one a jury might unsurprisingly find reasonable doubt on.

Espionage, MCC charges: There are two weaknesses to the MCC charges. First, Furman allowed Schulte to argue that because the Bartender information was already made public by WikiLeaks — a topic on which Schulte elicited helpful testimony — it was no longer National Defense Information (there’s more discussion on this issue here). There’s some question whether the Hickock information was NDI as well. But also, in the Bartender case, there’s a question about whether drafting a Tweet in a notebook is a significant enough step to be found guilty.

Obstruction: Furman seems quite skeptical the government has proven their case on obstruction and came close to ruling for Schulte on his Rule 29 motion on it. He ordered the two sides to brief whether the government had provided sufficient evidence of this charge. And in the conference on the instructions, he challenged whether things Schulte said on March 15, 2017 before receiving a grand jury subpoena could be included in an obstruction charge. As Schulte pointed out, too, his false statements from later interviews got less focus in this trial.

CFAA: Furman did rule against Schulte’s Rule 29 motions on the CFAA charges, suggesting he finds the evidence here much stronger. Schulte as much as admitted he had taken the steps DOJ claims he did to revert the confluence files, effectively admitting to one of the charges as written (and that’s what the government focused on in their rebuttal). That said, if he were found guilty on the CFAA charges, Schulte would mount an interesting appeal under SCOTUS’ Van Buren ruling, issued since his last trial, which held that you can’t be guilty of CFAA if you had authorized access. Schulte laid the groundwork to argue that while he didn’t have access to Atlassian, the CIA had not revoked his access as an Administrator to ESXi, which is what he used to be able to do the reversion.

Emotion

In Schulte’s first trial, it seems clear the jury hung based on nullification of one juror, who (according to some jurors) refused to deliberate fairly. DOJ stupidly presented the case in a way that emphasized the human resource dispute, and not the leak. And in a contest of popularity between the CIA and WikiLeaks, the CIA is never going to win 12 votes unanimously, certainly not in SDNY.

I had thought that Schulte would be able to recreate that dynamic with this trial, by once again portraying himself as the unfair victim of CIA bullying. But in at least one case, I think that attempt backfired (by showing Schulte to be precisely the insubordinate prick that the CIA claims him to be).

That said, given Furman’s response, Schulte did brilliantly portray the investigation into him as being biased. So he may win the emotional battle yet again. After he finished, Furman suggested that if Schulte were acquitted, he might have a future as a defense attorney.

THE COURT: You may be seated. All right. Mr. Schulte, that was very impressive, impressively done.

MR. SCHULTE: Thank you.

THE COURT: Depending on what happens here, you may have a future as a defense lawyer. Who knows?

Tactics

In a recent New Yorker profile of Schulte, Sabrina Shroff described how by going pro se, Schulte would be able to push boundaries that she herself could not.

When you consider the powerful forces arrayed against him—and the balance of probabilities that he is guilty—Schulte’s decision to represent himself seems reckless. But, for the C.I.A. and the Justice Department, he remains a formidable adversary, because he is bent on destroying them, he has little to lose, and his head is full of classified information. “Lawyers are bound,” Shroff told me. “There are certain things we can’t argue, certain arguments we can’t make. But if you’re pro se ”—representing yourself—“you can make all the motions you want. You can really try your case.”

Schulte did this repeatedly. He did so with classified information, as when he tried to get “Jeremy Weber” to admit to a report by a still-classified group that Weber was not aware of and which the government insists, to this day, does not exist undermined the attribution of the case (this is based off an out of context text that Weber was not privy to).

Q. Were there many forensic reports filed by AFD about the leak?

A. Not that I’m aware of.

Q. OK. But at some point you learned that AFD determined the backups from the Altabackups must have been stolen, correct?

MR. LOCKARD: Objection.

THE COURT: Sustained. (Defendant conferred with standby counsel)

BY MR. SCHULTE: Q. You reviewed the AFD reports, correct?

MR. LOCKARD: Objection.

THE COURT: Sustained. Let’s move on, Mr. Schulte. (Defendant conferred with standby counsel)

THE COURT: And please keep your voice down when conferring with standby counsel.

… with investigative details (both into his own and a presumed ongoing investigation into WikiLeaks) he has become privy to, such as when he suggested that a SysAdmin named Dave had lost a Stash backup.

Q. Speaking with the admins, you’re talking Dave, Dave C., right; he was one of those?

A. Yeah, Dave.

Q. And he was an employee who put the Stash on a hard drive, correct?

A. I know I’ve heard some of that. I don’t know exactly the situation around that, but —

Q. But that, basically this hard drive with Stash was lost, correct?

MR. DENTON: Objection.

THE COURT: Sustained.

… with testimony presented as questions, as here when Schulte tried to get Special Agent Evanchec to testify that his retention of an OIG email was an honest mistake.

Q. So in your career, classifying documents, sometimes people make honest mistakes when they classify documents, correct?

MR. LOCKARD: Objection.

A. I think that’s —

THE COURT: Sustained.

BY MR. SCHULTE: Q. Have you ever made a mistake classifying a document, sir?

MR. LOCKARD: Objection.

THE COURT: Sustained.

BY MR. SCHULTE: Q. Do you know if someone makes an honest mistake in classifying a document, if they can be charged with a crime?

MR. LOCKARD: Objection.

THE COURT: Sustained.

… and with speculative claims about alternative theories, such as here when he mocked jail informant Carlos Betances’ claim that Schulte said he needed Russian help for what he wanted to accomplish.

Q. OK. Next, you testified on direct that I told you the Russians would have to help me for the work I was doing, right?

A. Yes, correct.

Q. OK. So the Russians were going to send paratroopers into New York and break me out of MCC?

MR. LOCKARD: Objection.

THE COURT: Sustained.

Over and over, prosecutors objected when Schulte made such claims, and most often their objections were sustained. But I think it highly unlikely jurors will be able to entirely unhear many of the speculative claims Schulte made, and so while some of the claims Schulte presented in such fashion were outright false, the jury is unlikely to be able to fully ignore that information.

The unsaid

There are three things that didn’t happen at the trial that I’m quite fascinated by.

First, after delaying the trial for at least four months so as to be able to use Steve Bellovin as his expert, Schulte didn’t even submit an expert report for him. There are many possible explanations for this — that Schulte didn’t like what Bellovin would have said, that Schulte used Bellovin, instead, as a hyper-competent forensic source to check his own theories but never intended to call him, or finally, that Schulte correctly judged he could serve as his own expert in questioning witnesses. That said, the fact that he didn’t use Bellovin makes the delay far more curious.

There are numerous instances — one example is a gotcha that Schulte staged about a purported error (but not a far more significant real error) one of the FBI agents in the case made about Schulte’s Google searches — that were actually quite incriminating. The government, unsurprisingly, didn’t distract from their main case to lay this out though. But I hope to return to some of these details because, while they are irrelevant to the verdict against Schulte (and I want to make clear are distinct from the jury’s ultimate decision about his innocence), they do provide interesting details about Schulte’s actions.

Finally, the government fought hard for the right to be able to present a Schulte narrative about what happened that he shared with his cousin, Shane Presnall, but didn’t introduce it at trial. Effectively, in the document Schulte exposed the real identity of one or more of his colleagues to his cousin. I’m not sure whether the government didn’t rely on this because they wanted to avoid the possibility Presnall would testify, they wanted to limit damage already done to the covert status of the CIA employees, or they didn’t want jeopardy to attach to the document (meaning they could use it in further charges in case of an acquittal). But I’d sure like to know why DOJ didn’t rely on it.