Posts

Why We Should Remain Skeptical of the Five (!!) Congressional Investigations into the Russian Hack

I was interviewed (on Thursday) about the Flynn resignation and larger investigation into the Russia hack for Saturday’s On the Media. In what made the edit, I made one error (which I’ll explain later), but a key point I made holds. The leaking about Flynn and other Russian events are hypocritical and out of control. But they may create pressure to fix two problems with the current investigations into the Russian hack: the role of Jeff Sessions overseeing the DOJ-led investigations, and the role of Trump advisory officials Devin Nunes and Richard Burr overseeing the most appropriate congressional investigations.

In this post I’ll look at the latter conflicts. In a follow-up I’ll look at what the FBI seems to be doing.

As I noted in the interview, contrary to what you might think from squawking Democrats, there are five congressional investigations pertaining to Russian hacks, though some will likely end up focusing on prospective review of Russian hacking (for comparison, there were seven congressional Benghazi investigations). They are:

  • Senate Intelligence Committee: After months of Richard Burr — who served on Trump’s campaign national security advisory council — saying an inquiry was not necessary and going so far as insisting any inquiry wouldn’t review the dossier leaked on Trump, SSCI finally agreed to do an inquiry on January 13. Jim Comey briefed that inquiry last Friday, February 17.
  • House Intelligence Committee: In December, James Clapper refused to brief the House Intelligence Committee on the latest intelligence concluding Russian hacked the DNC with the goal of electing Trump, noting that HPSCI had been briefed all along (as was clear from some of the leaks, which clearly came from HPSCI insiders). In January, they started their own investigation of the hack, having already started fighting about documents by late January. While Ranking Democratic Member Adam Schiff has long been among the most vocal people complaining about the treatment of the hack, Devin Nunes was not only a Trump transition official, but made some absolutely ridiculous complaints after Mike Flynn’s side of some conversations got legally collected in a counterintelligence wiretap. Nunes has since promised to investigate the leaks that led to Flynn’s forced resignation.
  • Senate Armed Services Committee: In early January, John McCain announced he’d form a new subcommittee on cybersecurity, with the understanding it would include the Russian hack in its focus. Although he originally said Lindsey Graham would lead that committee, within weeks (and after Richard Burr finally capitulated and agreed to do a SSCI inquiry), McCain instead announced Mike Rounds would lead it.
  • Senate Foreign Relations Committee: In December, Bob Corker announced the SFRC would conduct an inquiry, scheduled to start in January. At a hearing in February, the topic came up multiple times, and both Corker and Ben Cardin reiterated their plans to conduct such an inquiry.
  • Senate Judiciary Subcommittee on Crime and Terrorism: After Graham was denied control of the SASC panel, he and Sheldon Whitehouse announced they’d conduct their own inquiry, including a prospective review of “the American intelligence community’s assessment that Russia did take an active interest and play a role in the recent American elections.”

All the while, some Senators — McCain, Graham, Chuck Schumer, and Jack Reed — have called for a Select Committee to conduct the investigation, though in true McCainesque fashion, the maverick has at times flip-flopped on his support of such an inquiry.

Also, while not an investigation, on February 9, Jerry Nadler issued what I consider (strictly as it relates to the Russian hack, not the other conflicts) an ill-advised resolution of inquiry calling for the Administration to release materials relating to the hack, among other materials. Democrats in both the House and Senate have introduced legislation calling for an independent commission, but have gotten no support even from the mavericky Republicans.

As you can see from these descriptions, it took pressure from other committees, especially Lindsey Graham getting control of one of the inquiries, before Richard Burr let himself be convinced by SSCI Vice Chair Mark Warner to conduct an inquiry. Thus far, Mitch McConnell has staved off any Select Committee. As soon as SSCI did claim to be launching an investigation, a bunch of Republicans tried to shut down the others, claiming it was all simply too confusing.

Let me be clear: as I noted in the OTM interview, the intelligence committees are the appropriate place to conduct this investigation, as it concerns really sensitive counterintelligence matters — people who could be witnesses to it are getting killed! — and an ongoing investigation. The only way to conduct a responsible inquiry is to do so in secret, and unless a select committee with clearance is formed, that means doing so in the dysfunctional intelligence committees.

That’s made worse by Nunes and Burr’s obvious conflicts, having served on Trump’s pre-inauguration advisory teams (at a time when Mike Flynn was chatting about ongoing sanctions with Russia), and their equally obvious disinterest in conducting the investigation. Remember that the intelligence committees successfully bolloxed up the independent investigation into Iran-Contra. While neither Nunes nor Burr is as smart as Dick Cheney, who had a key role in that intentional bolloxing, Democrats should be cognizant of the ways that such bolloxing has happened in the past.

And now that SSCI has finally started its inquiry, Ali Watkins published an uncharacteristically credulous report on Burr’s role in the investigation, slathering on the colorful vocabulary — “brutally yanked;” “underground cohort;” “dark shadow of Langley;” “Wearily, they’re trudging forward on a probe littered with potential political landmines;” — before portraying the allegedly difficult position Burr is in:

That he’s now in charge of the sweeping Russia inquiry puts the North Carolina Republican in between a rock and a hard place. Since taking over the helm of the intelligence committee, Burr has pressed for more active and aggressive oversight, and has kept a rigorous travel schedule to match. But his decisive reelection victory in November came at a cost — throughout the contentious race, Burr towed Trump’s line, and hasn’t yet directly criticized the White House publicly.

But Burr has shown no indication that he’s ever angled for a Trump administration job, and says he’s not running for re-election. How seriously he takes his obligation to carry his president’s water remains to be seen.

Burr has been slammed by colleagues in recent days, who fear he’s slow-rolling an investigation into a fast-moving story. But much of the inquiry’s slow start was due to bureaucratic wrangling — some intelligence agencies insisted products be viewed on site rather than sent to the Hill, and some of the intelligence was so tightly controlled that it was unclear if staffers could even view it.

This is just spin. There is abundant public record that Burr has thwarted oversight generally (he has said things supporting that stance throughout his history on both the Senate and House Intelligence Committee, even ignoring his role in covering up torture, and Watkins’ earlier incorrect claims about Burr’s open hearings remain only partly corrected). There is no mention in this article that Burr was on Trump’s national security advisory committee. Nor that SSCI had reason to do hearings about this hack well before January 2017, back when it might have made a difference — at precisely the time when Burr apparently had time to advise Trump about national security issues as a candidate. Plus, it ignores all the things laid out here, Burr’s continued equivocation about whether there should even be a hearing.

There is no reason to believe Burr or Nunes intend to have a truly rigorous investigation (bizarrely, Warner seems to have had more success pushing the issue than Schiff — or Dianne Feinstein when she was Vice Chair — though that may be because the Ranking position is stronger in the Senate than in the House). And history tells us we should be wary that their investigations will be counterproductive.

As I noted, on Friday — the Friday before a recess — Jim Comey briefed the SSCI on the Russian hack. That briefing was unusual for the date (regular SSCI meetings happen on Tuesday and Thursday, and little business of any kinds happens right before a recess). Reporters have interpreted that, along with the presumed silence about the content of the briefing, as a sign that things are serious. That may be true — or it may be that that was the only time a 3-hour briefing could be scheduled. In the wake of the briefing, it was reported that the SSCI sent broad preservation requests tied to the inquiry (that is, they sent the request long after the inquiry was started). And while the press has assumed no one is talking, the day after the briefing, Reuters reported outlines of at least three parts of the FBI investigation into the Russian hack, attributed to former and current government officials.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Trump Raises the Axe over the Intelligence Community, Again

The Intelligence Community is finishing its report on the intelligence regarding Russia’s influence in our elections. The report is expected to be delivered to President Obama tomorrow and briefed to President Elect Trump on Friday.

That’s the context for — and surely at least part of the explanation for — this WSJ story reporting that Trump plans to reorganize the intelligence community.

[A]dvisers also are working on a plan to restructure the Central Intelligence Agency, cutting back on staffing at its Virginia headquarters and pushing more people out into field posts around the world. The CIA declined to comment on the plan.

“The view from the Trump team is the intelligence world [is] becoming completely politicized,” said the individual, who is close to the Trump transition operation. “They all need to be slimmed down. The focus will be on restructuring the agencies and how they interact.”

[snip]

The Office of the Director of National Intelligence was established in 2004 in large part to boost coordination between intelligence agencies following the Sept. 11, 2001 terror attacks.

Many Republicans have proposed cutting the ODNI before, but this has proven hard to do in part because its mission centers are focused on core national security issues, such as counterterrorism, nuclear proliferation, and counterintelligence.

“The management and integration that DNI focuses on allows agencies like the CIA to better hone in on its own important work,” said Rep. Adam Schiff (D., Calif.), the ranking Democrat on the House Intelligence Committee, who believes dismantling the ODNI could lead to national security problems.

Mr. Trump’s advisers say he has long been skeptical of the CIA’s accuracy, and the president-elect often mentions faulty intelligence in 2002 and 2003 concerning Iraq’s weapons programs. But he has focused his skepticism of the agencies squarely on their Russia assessments, which has jarred analysts who are accustomed to more cohesion with the White House.

The report repeats earlier reporting — in part from some of the same WSJ reporters — that Trump planned this briefing. Back then, in mid-November, Trump was merely disdainful of the IC and much of the reorganization appeared to be a mix of vengeance on the part of Mike Flynn and, frankly, some reasonable ideas (things like splitting NSA and reversing some of the questionable changes John Brennan made). At the center of it all was a plan to make Admiral Mike Rogers Director of National Intelligence.

The day after that reporting, however, outlets reported that Ash Carter and James Clapper had been planning to fire Rogers, partly because the NSA had remained a leaky sieve under his tenure and partly because he had delayed cyber-bombing ISIS (perhaps to preserve intelligence collection). And that’s before it became public that the NSA hadn’t adopted four security measures recommended after the Snowden leaks.

After that, of course, Democrats and the CIA started leaking that Russia hacked the DNC with the purpose of electing Trump, which gave Trump the entrée to suggest this discussion is all politicized, which has escalated to this week. Trump seems to have orchestrated the Sean Hannity interview at which Julian Assange said what he has long said — that he didn’t get the DNC files from Russia.

Reuters is now reporting that after the election the IC determined that third parties had gotten the files from Russian entities to Wikileaks, which means Assange likely has no idea where the files came from.

But the timing of this story, sourced significantly to the Trump camp, seems to be a warning to those who will brief Trump on Friday. While Clapper and Brennan are on their way out (the fate of Comey and Rogers is still undecided), they certainly will want to protect their agencies.

Which should make for an interesting briefing Friday.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Conspiracy Theory in YouGov’s Conspiracy Theory Poll

YouGov has a poll showing that “belief in conspiracy theories largely depends on political identity.” For example, it shows that Republicans believe Obama is Kenyan.

It focuses on several things it considers conspiracy theories tied to this election, including pizzagate, millions of alleged illegal votes, and claims about the Russian hack.

Interestingly, it shows that half of Clinton voters believe that Russia tampered with vote tallies to get Trump elected, in spite of the White House’s assurances that did not happen.

It’s the other tested question about Russian hacking that strikes me as more curious. 87% of Clinton voters believe Russia hacked Democratic emails “in order to help Donald Trump,” whereas only 20% of Trump voters believe that.

That’s about the result I’d expect. But to explain why this is a conspiracy theory, YouGov writes,

Similarly, even after the Central Intelligence Agency and the Federal Bureau of Investigation reported that Russia was responsible for the leaks of damaging information from the Democratic National Committee and the Clinton campaign and that the hacking was done to help Donald Trump win the Presidency, only one in five say that is definitely true, about the same percentage as believe it is definitely not true.

So YouGov bases this “truth” on a claim that the CIA and FBI “reported that Russia was responsible for the leaks … and that the hacking was done to help Donald Trump win the Presidency.”

Except there has been no such report, not from CIA and FBI, anyway.

There was an official report finding that,

The U.S. Intelligence Community (USIC) is confident that the Russian Government directed the recent compromises of e-mails from US persons and institutions, including from US political organizations. … These thefts and disclosures are intended to interfere with the US election process.

That is, the official report stated that the hack was “intended to interfere with the US election process;” it did not say the hack was done to help Trump.

Moreover, while the report speaks for the entire IC (including the FBI), the report itself came from DHS and ODNI, not FBI or CIA.

It is absolutely true that anonymous leakers — at least some of whom appear to be Democratic Senate sources — claim that CIA said the hack happened to get Trump elected. It is also true that anonymous sources passed on the substance of a John Brennan letter that said in separate conversations with Jim Comey and James Clapper, each agreed with Brennan about the purpose of the hack, which WaPo edited its previous reporting to say included electing Trump as one of a number of purposes, but that’s a third-hand report about what Jim Comey believes.

But that was not an official report, not even from CIA. Here’s what John Brennan said when interviewed about this topic by NPR’s Mary Louise Kelly:

You mentioned the FBI director and the director of national intelligence. And NPR confirmed with three sources that after the three of you meeting last week, you sent a memo to your workforce and that the memo read: There is strong consensus among us on the scope, nature and intent of Russian interference in our presidential elections. Is that an accurate quote from your memo?

I certainly believe that, that there is strong consensus.

Was there ever not?

Well, sometimes in the media, there is claims, allegations, speculation about differences of view. Sometimes I think that just feeds concerns about, you know, the strength of that intelligence and …

And in this case it was reports of tension between FBI and CIA …

… and differences of view. And I want to make sure that our workforce is kept as fully informed as possible so that they understand that what we’re doing, we’re doing in close coordination with our partners in the intelligence community. And so I try to keep my workforce informed on a periodic basis. But aside from whatever message I might have sent out to the workforce, there is, I strongly believe, very strong consensus among the key players — but not just the leaders of these organizations, but also the institutions themselves. And that’s why we’re going through this review. We want to make sure that we scrub this data, scrub the information and make sure that the assessment and analysis is as strong and as grounded as it needs to be.

That quote I read you about the memo that you sent mentioned that there is agreement on scope, nature and intent of Russian interference. And intent is the one that’s been controversial recently, the question of motive. How confident are you in the intelligence on that? It seems like proving motive is an infinitely harder thing than proving that somebody did something. The “why” is tough.

I will not disagree with you that the why is tough. And that’s why there needs to be very careful consideration of what it is that we know, what it is that we have insight into and what our analysis needs to be. But even back in early October when Jim Clapper and Jeh Johnson put out this statement, it said “the intent to interfere in the election.” Now, there are different elements that could be addressed in terms of how it wanted to interfere. And so that’s why this review is being done to make sure that there is going to be a thorough look at the nature, scope and intent of what transpired.

What’s been reported is that the CIA has concluded the intent was to interfere with the election with the purpose of swinging at Donald Trump. Is that an accurate characterization?

That’s an accurate characterization of what’s been appearing in the media. Yes.

Is it an accurate characterization of where the CIA is on this?

Well, that’s what the review is going to do. And we will be as forward-leaning as the intelligence and analysis allows us to be, and we will make sure that, again, President Obama and the incoming administration understands what the intelligence community has assessed and determined to have happened during the run-up to this election.

Why not confirm that that’s where the CIA is on this? Why not confirm if you have the evidence that you believe is …

Because I don’t work for NPR, Mary Louise. I work for the president, I work for the administration, and it is my responsibility to give them the best information and judgment possible.

That is, the CIA Director specifically avoided stating what he or his agency believes the motive to be, deferring to the ongoing review of the evidence, something that Obama also did in his press conference earlier this month.

Q Mr. President, I want to talk about Vladimir Putin again. Just to be clear, do you believe Vladimir Putin himself authorized the hack? And do you believe he authorized that to help Donald Trump? And on the intelligence, one of the things Donald Trump cites is Saddam Hussein and the weapons of mass destruction, and that they were never found. Can you say, unequivocally, that this was not China, that this was not a 400-pound guy sitting on his bed, as Donald Trump says? And do these types of tweets and kinds of statements from Donald Trump embolden the Russians?

THE PRESIDENT: When the report comes out, before I leave office, that will have drawn together all the threads. And so I don’t want to step on their work ahead of time.

What I can tell you is that the intelligence that I have seen gives me great confidence in their assessment that the Russians carried out this hack.

None of that is to say that CIA and (perhaps to a lesser extent) FBI don’t think Russia hacked Democrats to help Trump, as one of several — probably evolving over the course of the election — reasons. CIA surely does (but then it has a big incentive to downplay the most obvious motivation, that Russia was retaliating for perceived and real CIA covert actions against it). FBI probably does.

But there has been no “report” that they believe that, just anonymous reports of reports. The official stance of the Executive Branch is that they’re conducting a review of the evidence on this point.

Perhaps if YouGov wants to test conspiracy theories, it should start by sticking to topics about which there aren’t a slew of anonymous leaks and counter-leaks contravened by public deferral?

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The ObamaCare Not Comey Effect

Just after the election I did two posts considering the relative impact of the Jim Comey letter announcing FBI was reviewing the Anthony Weiner derived emails and the announcement of a huge ObamaCare premium spike.

I still think we don’t have enough data about the relative effect of the two events.

But a number of people are pointing to this post from Sam Wang, which ends,

In the above graph of the Comey effect, each point shows the median margin for polls that were in the field on that day. As you can see, the immediate effect of Comey’s letter was a swing toward Trump of 4 percentage points, about half of which stuck. This was enough to swing Michigan, Pennsylvania, Florida, and Wisconsin. It seems likely that Comey’s letter was a critical factor in the election outcome.

Nowhere in the post does Wang note what date Comey sent his letter, though. It was October 28.

Unless Wang’s chart is totally mislabeled (Update: In an “explanation” added to his post, Wang effectively says his graph is off by three — though not four — days due to the way he presents multi-day polls; he has, at least, now told his readers when the actual letter came out) but what it shows seems to be consistent with what I showed in this post, which shows a Hillary dip and a Trump spike moving in concert on before October 28), then his chart show doesn’t support a Comey effect at all — it shows the opposite. The differential started narrowing after October 24. By October 28, when the letter was released, the differential had plateaued before it turned up again.

As it turns out, the ObamaCare spike was announced on October 24 (and reported heavily starting October 25).

That’s precisely when we see the differential moving.

If we’re assuming an immediate response in polls in response to an event, then the ObamaCare premium spike would be a far better explanation than the Comey letter, which took place later.

Frankly, I suspect both had an impact, and further suspect there may have been something else driving the differential late turn to Trump in the Rust Belt. And I suspect we still don’t have the data to explain what made a bunch of Rust Belt voters move to Trump right before the election.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Evidence to Prove the Russian Hack

In this post, I’m going to lay out the evidence needed to fully explain the Russian hack. I think it will help to explain some of the timing around the story that the CIA believes Russia hacked the DNC to help win Trump win the election, as well as what is new in Friday’s story. I will do rolling updates on this and eventually turn it into a set of pages on Russia’s hacking.

As I see it, intelligence on all the following are necessary to substantiate some of the claims about Russia tampering in this year’s election.

  1. FSB-related hackers hacked the DNC
  2. GRU-related hackers hacked the DNC
  3. Russian state actors hacked John Podesta’s emails
  4. Russian state actors hacked related targets, including Colin Powell and some Republican sites
  5. Russian state actors hacked the RNC
  6. Russian state actors released information from DNC and DCCC via Guccifer 2
  7. Russian state actors released information via DC Leaks
  8. Russian state actors or someone acting on its behest passed information to Wikileaks
  9. The motive explaining why Wikileaks released the DNC and Podesta emails
  10. Russian state actors probed voter registration databases
  11. Russian state actors used bots and fake stories to make information more damaging and magnify its effects
  12. The level at which all Russian state actors’ actions were directed and approved
  13. The motive behind the actions of Russian state actors
  14. The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

I explain all of these in more detail below. For what it’s worth, I think there was strong publicly available information to prove 3, 4, 7, 11. I think there is weaker though still substantial information to support 2. It has always been the case that the evidence is weakest at point 6 and 8.

At a minimum, to blame Russia for tampering with the election, you need high degree of confidence that GRU hacked the DNC (item 2), and shared those documents via some means with Wikileaks (item 8). What is new about Friday’s story is that, after months of not knowing how the hacked documents got from Russian hackers to Wikileaks, CIA now appears to know that people close to the Russian government transferred the documents (item 8). In addition, CIA now appears confident that all this happened to help Trump win the presidency (item 13).

1) FSB-related hackers hacked the DNC

The original report from Crowdstrike on the DNC hack actually said two separate Russian-linked entities hacked the DNC: one tied to the FSB, which it calls “Cozy Bear” or APT 29, and one tied to GRU, which it calls “Fancy Bear” or APT 28. Crowdstrike says Cozy Bear was also responsible for hacks of unclassified networks at the White House, State Department, and US Joint Chiefs of Staff.

I’m not going to assess the strength of the FSB evidence here. As I’ll lay out, the necessary hack to attribute to the Russians is the GRU one, because that’s the one believed to be the source of the DNC and Podesta emails. The FSB one is important to keep in mind, as it suggests part of the Russian government may have been hacking US sites solely for intelligence collection, something our own intelligence agencies believe is firmly within acceptable norms of spying. In the months leading up to the 2012 election, for example, CIA and NSA hacked the messaging accounts of a bunch of Enrique Peña Nieto associates, pretty nearly the equivalent of the Podesta hack, though we don’t know what they did with that intelligence. The other reason to keep the FSB hack in mind is because, to the extent FSB hacked other sites, they also may be deemed part of normal spying.

2) GRU-related hackers hacked the DNC

As noted, Crowdstrike reported that GRU also hacked the DNC. As it explains, GRU does this by sending someone something that looks like an email password update, but which instead is a fake site designed to get someone to hand over their password. The reason this claim is strong is because people at the DNC say this happened to them.

Note that there are people who raise questions of whether this method is legitimately tied to GRU and/or that the method couldn’t be stolen and replicated. I will deal with those questions at length elsewhere. But for the purposes of this post, I will accept that this method is a clear sign of GRU involvement. There are also reports that deal with GRU hacking that note high confidence GRU hacked other entities, but less direct evidence they hacked the DNC.

Finally, there is the real possibility that other people hacked the DNC, in addition to FSB and GRU. That possibility is heightened because a DNC staffer was hacked via what may have been another method, and because DNC emails show a lot of password changes off services for which DNC staffers had had their accounts exposed in other hacks.

All of which is a way of saying, there is some confidence that DNC got hacked at least twice, with those two revealed efforts being done by hackers with ties to the Russian state.

3) Russian state actors (GRU) hacked John Podesta’s emails

Again, assuming that the fake Gmail phish is GRU’s handiwork, there is probably the best evidence that GRU hacked John Podesta and therefore that Russia, via some means, supplied Wikileaks, because we have a copy of the actual email used to hack him. The Smoking Gun has an accessible story describing how all this works. So in the case of Podesta, we know he got a malicious phish email, we know that someone clicked the link in the email, and we know that emails from precisely that time period were among the documents shared with Wikileaks. We just have no idea how they got there.

4) Russian state actors hacked related targets, including some other Democratic staffers, Colin Powell and some Republican sites

That same Gmail phish was used with victims — including at a minimum William Rinehart and Colin Powell — that got exposed in a site called DC Leaks. We can have the same high degree of confidence that GRU conducted this hack as we do with Podesta. As I note below, that’s more interesting for what it tells us about motive than anything else.

5) Russian state actors hacked the RNC

The allegation that Russia also hacked the RNC, but didn’t leak those documents — which the CIA seems to rely on in part to argue that Russia must have wanted to elect Trump — has been floating around for some time. I’ll return to what we know of this. RNC spox Sean Spicer is denying it, though so did Hillary’s people at one point deny that they had been hacked.

There are several points about this. First, hackers presumed to be GRU did hack and release emails from Colin Powell and an Republican-related server. The Powell emails (including some that weren’t picked up in the press), in particular, were detrimental to both candidates. The Republican ones were, like a great deal of the Democratic ones, utterly meaningless from a news standpoint.

So I don’t find this argument persuasive in its current form. But the details on it are still sketchy precisely because we don’t know about that hack.

6) Russian state actors released information from DNC and DCCC via Guccifer 2

Some entity going by the name Guccifer 2 started a website in the wake of the announcement that the DNC got hacked. The site is a crucial part of this assessment, both because it released DNC and DCCC documents directly (though sometimes misattributing what it was releasing) and because Guccifer 2 stated clearly that he had shared the DNC documents with Wikileaks. The claim has always been that Guccifer 2 was just a front for Russia — a way for them to adopt plausible deniability about the DNC hack.

That may be the case (and obvious falsehoods in Guccifer’s statements make it clear deception was part of the point), but there was always less conclusive (and sometimes downright contradictory) evidence to support this argument (this post summarizes what it claims are good arguments that Guccifer 2 was a front for Russia; on the most part I disagree and hope to return to it in the future). Moreover, this step has been one that past reporting said the FBI couldn’t confirm. Then there are other oddities about Guccifer’s behavior, such as his “appearance” at a security conference in London, or the way his own production seemed to fizzle as Wikileaks started releasing the Podesta emails. Those details of Guccifer’s behavior are, in my opinion, worth probing for a sense of how all this was orchestrated.

Yesterday’s story seems to suggest that the spooks have finally figured out this step, though we don’t have any idea what it entails.

7) Russian state actors released information via DC Leaks

Well before many people realized that DC Leaks existed, I suspected that it was a Russian operation. That’s because two of its main targets — SACEUR Philip Breedlove and George Soros — are targets Russia would obviously hit to retaliate for what it treats as a US-backed coup in Ukraine.

DC Leaks is also where the publicly released (and boring) GOP emails got released.

Perhaps most importantly, that’s where the Colin Powell emails got released (this post covers some of those stories). That’s significant because Powell’s emails were derogatory towards both candidates (though he ultimately endorsed Hillary).

It’s interesting for its haphazard targeting (if someone wants to pay me $$ I would do an assessment of all that’s there, because some just don’t make any clear sense from a Russian perspective, and some of the people most actively discussing the Russian hacks have clearly not even read all of it), but also because a number of the victims have been affirmatively tied to the GRU phishing methods.

So DC Leaks is where you get obvious Russian targets and Russian methods all packaged together. But of the documents it released, the Powell emails were the most interesting for electoral purposes, and they didn’t target Hillary as asymmetrically as the Wikileaks released documents did.

8) Russian state actors or someone acting on its behest passed information to Wikileaks

The basis for arguing that all these hacks were meant to affect the election is that they were released via Wikileaks. That is what was supposed to be new, beyond just spying (though we have almost certainly hacked documents and leaked them, most probably in the Syria Leaks case, but I suspect also in some others).

And as noted, how Wikileaks got two separate sets of emails has always been the big question. With the DNC emails, Guccifer 2 clearly said he had given them to WL, but the Guccifer 2 ties to Russia was relatively weak. And with the Podesta emails, I’m not aware of any known interim step between the GRU hack and Wikileaks.

A late July report said the FBI was still trying to determine how Russia got the emails to Wikileaks or even if they were the same emails.

The FBI is still investigating the DNC hack. The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks on Friday, setting off a firestorm that roiled the party in the lead-up to the convention.

The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.

An even earlier report suggested that the IC wasn’t certain the files had been passed electronically.

And the joint DHS/ODNI statement largely attributed its confidence that Russia was involved in the the leaking (lumping Guccifer 2, DC Leaks, and Wikileaks all together) not because it had high confidence in that per se (a term of art saying, effectively, “we have seen the evidence”), but instead because leaking such files is consistent with what Russia has done elsewhere.

The recent disclosures of alleged hacked e-mails on sites like DCLeaks.com and WikiLeaks and by the Guccifer 2.0 online persona are consistent with the methods and motivations of Russian-directed efforts.

Importantly, that statement came out on October 7, so well after the September briefing at which CIA claimed to have further proof of all this.

Now, Julian Assange has repeatedly denied that Russia was his source. Craig Murray asserted, after having meeting with Assange, that the source is not the Russian state or a proxy. Wikileaks’ tweet in the wake of yesterday’s announcement — concluding that an inquiry directed at Russia in this election cycle is targeted at Wikileaks — suggests some doubt. Also, immediately after the election, Sergei Markov, in a statement deemed to be consistent with Putin’s views, suggested that “maybe we helped a bit with WikiLeaks,” even while denying Russia carried out the hacks.

That’s what’s new in yesterday’s story. It stated that “individuals with connections to the Russian government” handed the documents to Wikileaks.

Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances.

[snip]

[I]ntelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability.

I suspect we’ll hear more leaked about these individuals in the coming days; obviously, the IC says it doesn’t have evidence of the Russian government ordering these people to share the documents with Wikileaks.

Nevertheless, the IC now has what it didn’t have in July: a clear idea of who gave Wikileaks the emails.

9) The motive explaining why Wikileaks released the DNC and Podesta emails

There has been a lot of focus on why Wikileaks did what it did, which notably includes timing the DNC documents to hit for maximum impact before the Democratic Convention and timing the Podesta emails to be a steady release leading up to the election.

I don’t rule out Russian involvement with all of that, but it is entirely unnecessary in this case. Wikileaks has long proven an ability to hype its releases as much as possible. More importantly, Assange has reason to have a personal gripe against Hillary, going back to State’s response to the cable release in 2010 and the subsequent prosecution of Chelsea Manning.

In other words, absent really good evidence to the contrary, I assume that Russia’s interests and Wikileaks’ coincided perfectly for this operation.

10) Russian state actors probed voter registration databases

Back in October, a slew of stories reported that “Russians” had breached voter related databases in a number of states. The evidence actually showed that hackers using a IP tied to Russia had done these hacks. Even if the hackers were Russian (about which there was no evidence in the first reports), there was also no evidence the hackers were tied to the Russian state. Furthermore, as I understand it, these hacks used a variety of methods, some or all of which aren’t known to be GRU related. A September DHS bulletin suggested these hacks were committed by cybercriminals (in the past, identity thieves have gone after voter registration lists). And the October 7 DHS/ODNI statement affirmatively said the government was not attributing the probes to the Russians.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

In late November, an anonymous White House statement said there was no increased malicious hacking aimed at the electoral process, though remains agnostic about whether Russia ever planned on such a thing.

The Federal government did not observe any increased level of malicious cyber activity aimed at disrupting our electoral process on election day. As we have noted before, we remained confident in the overall integrity of electoral infrastructure, a confidence that was borne out on election day. As a result, we believe our elections were free and fair from a cybersecurity perspective.

That said, since we do not know if the Russians had planned any malicious cyber activity for election day, we don’t know if they were deterred from further activity by the various warnings the U.S. government conveyed.

Absent further evidence, this suggests that reports about Russian trying to tamper with the actual election infrastructure were at most suspicions and possibly just a result of shoddy reporting conflating Russian IP with Russian people with Russian state.

11) Russian state actors used bots and fake stories to make information more damaging and magnify its effects

Russia has used bots and fake stories in the past to distort or magnify compromising information. There is definitely evidence some pro-Trump bots were based out of Russia. RT and Sputnik ran with inflammatory stories. Samantha Bee famously did an interview with some Russians who were spreading fake news. But there were also people spreading fake news from elsewhere, including Macedonia and Surburban LA. A somewhat spooky guy even sent out fake news in an attempt to discredit Wikileaks.

As I have argued, the real culprit in this economy of clickbait driven outrage is closer to home, in the algorithms that Silicon Valley companies use that are exploited by a whole range of people. So while Russian directed efforts may have magnified inflammatory stories, that was not a necessary part of any intervention in the election, because it was happening elsewhere.

12) The level at which all Russian state actors’ actions were directed and approved

The DHS/ODNI statement said clearly that “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.” But the WaPo story suggests they still don’t have proof of Russia directing even the go-between who gave WL the cables, much less the go-between directing how Wikileaks released these documents.

Mind you, this would be among the most sensitive information, if the NSA did have proof, because it would be collection targeted at Putin and his top advisors.

13) The motive behind the actions of Russian state actors

The motive behind all of this has varied. The joint DHS/ODNI statement said it was “These thefts and disclosures are intended to interfere with the US election process.” It didn’t provide a model for what that meant though.

Interim reporting — including the White House’s anonymous post-election statement — had suggested that spooks believed Russia was doing it to discredit American democracy.

The Kremlin probably expected that publicity surrounding the disclosures that followed the Russian Government-directed compromises of e-mails from U.S. persons and institutions, including from U.S. political organizations, would raise questions about the integrity of the election process that could have undermined the legitimacy of the President-elect.

At one level, that made a lot of sense — the biggest reason to release the DNC and Podesta emails, it seems to me, was to confirm the beliefs a lot of people already had about how power works. I think one of the biggest mistakes of journalists who have political backgrounds was to avoid discussing how the sausage of politics gets made, because this material looks worse if you’ve never worked in a system where power is about winning support. All that said, there’s nothing in the emails (especially given the constant release of FOIAed emails) that uniquely exposed American democracy as corrupt.

All of which is to say that this explanation never made any sense to me; it was mostly advanced by people who live far away from people who already distrust US election systems, who ignored polls showing there was already a lot of distrust.

Which brings us to the other thing that is new in the WaPo story: the assertion that CIA now believes this was all intended to elect Trump, not just make us distrust elections.

The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter.

[snip]

“It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.”

For what it’s worth, there’s still some ambiguity in this. Did Putin really want Trump? Or did he want Hillary to be beat up and weak for an expected victory? Did he, like Assange, want to retaliate for specific things he perceived Hillary to have done, in both Libya, Syria, and Ukraine? That’s unclear.

14) The degree to which Russia’s efforts were successful and/or primary in leading to Hillary’s defeat

Finally, there’s the question that may explain Obama’s reticence about this issue, particularly in the anonymous post-election statement from the White House, which stated that the “election results … accurately reflect the will of the American people.” It’s not clear that Putin’s intervention, whatever it was, had anywhere near the effect as (for example) Jim Comey’s letters and Bret Baier’s false report that Hillary would be indicted shortly. There are a lot of other factors (including Hillary’s decision to ignore Jake Sullivan’s lonely advice to pay some attention to the Rust Belt).

And, as I’ve noted repeatedly, it is no way the case that Vladimir Putin had to teach Donald Trump about kompromat, the leaking of compromising information for political gain. Close Trump associates, including Roger Stone (who, by the way, may have had conversations with Julian Assange), have been rat-fucking US elections since the time Putin was in law school.

But because of the way this has rolled out (and particularly given the cabinet picks Trump has already made), it will remain a focus going forward, perhaps to the detriment of other issues that need attention.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

DOJ Still Claiming Its Kid Glove Oversight of Prosecutors Is Adequate

During the uproar over Jim Comey’s role in the Hillary email investigation, a lot of commentators figured it’d all come out in an Inspector General report. But as I noted, DOJ exempts its lawyers from normal kind of oversight, subjecting them instead to Office of Professional Responsibility investigations without statutory independence. The problem has been debated at least since 2007, but Congress squelched efforts to change it in 2008. That, helped by the interference of the now-deceased David Margolis, was how John Yoo got off after writing shoddy memos authorizing torture.

Last month, DOJ’s IG released its yearly review of top management challenges. And, as Michael Horowitz’s predecessor Glenn Fine had done before him, he made a bid for being able to review the conduct of DOJ’s lawyers. The report argues that the oversight for lawyers should be the same as it is for agents.

The OIG, however, does not have authority to investigate allegations of misconduct against Department attorneys when the allegations are related to their work as lawyers. Those allegations fall under the exclusive jurisdiction of the Department’s Office of Professional Responsibility. The OIG has long believed that there is no principled basis for this continued limitation on our jurisdiction, and no reason to treat the investigation of misconduct by prosecutors differently than misconduct by agents. Under the current system, misconduct allegations against agents are handled by a statutorily independent OIG, while misconduct allegations against prosecutors are handled by a Department component that lacks statutory independence and whose leadership is both appointed by and removable by the Department’s leadership.

As Horowitz has done with IG statutory independence with respect to accessing evidence, the report focuses on bills to address the problem.

Bipartisan bills pending in both the U.S. House of Representatives and the U.S. Senate would remove this limitation on the OIG’s jurisdiction. The legislation, as now proposed, would allow the OIG to investigate these important matters, where appropriate, with the independence and transparency that is the touchstone of all of the OIG’s work, thereby providing the public with confidence regarding the handling of these matters. The Department’s attorneys should be held to the same standards of oversight as other Department components, and the OIG should have oversight over all Department employees, just like every other OIG.

Most interesting, however, is the way that DOJ claimed this long-established problem doesn’t exist. Unbelievably, “the Department” claimed that OPR has the same independence as OIG.

In response to a draft of this report, the Department questioned our position that the OIG should have the same authority as every other federal Inspector General to review allegations of misconduct by Department attorneys in connection with their work as lawyers. Among other things, the Department took issue with our description of OPR’s relative lack of independence as compared to the OIG by asserting that (1) OPR’s Counsel “remains unchanged with successive Attorneys General and presidential administrations,” (2) the OIG has not “criticized OPR’s work, the thoroughness of its investigations, or the soundness of its findings,” and (3) the OIG has not “identified a single OPR investigation that failed to appropriately hold accountable . . . Department attorneys.”

The report calls bullshit on the claim that the department hasn’t replaced OPR officials, noting that Holder did replace OPR Counsel Marshall Jarret in 2009 in the midst of the Ted Stevens scandal (Jarret was also backing off promises he would make the results of the Yoo investigation with Congress).

On the first point, the same could be said of supervisory attorneys throughout the Department and, in fact, contrary to the Department’s claim with regard to OPR, in April 2009, less than 4 months after the last change in presidential administrations, the new Attorney General replaced the OPR Counsel without any public explanation.

Holder actually replaced the OPR Counsel one more time, in 2011.

The report goes on to note that we can’t assess OPR’s work because, unlike most IG Reports, it is not public.

On the second and third points, neither the OIG nor the public are in a position to fully assess the thoroughness and soundness of OPR’s work precisely because OPR does not disclose sufficient information to allow for such an assessment.

The report then lists off a bunch of people — including the judge in the Ted Stevens case, Emmet Sullivan — who have complained about OPR’s work.

However, federal judges, the American Bar Association, and the Project on Government Oversight (POGO) have all questioned the level of independence, transparency, and accountability of OPR. See, e.g., Order by Hon. Emmet G. Sullivan Appointing Henry F. Schuelke Special Counsel in United States v. Stevens, No. 08-cr-231 (Apr. 7, 2009), p. 46. (“the events and allegations in this case are too serious and too numerous to be left to an internal investigation that has no outside accountability”) ; “Criminal Law 2.0,” by Hon. Alex Kozinski, 44 Geo. L.J. Ann. Rev. Crim. Proc. iii (2015); ABA Recommendation urging the Department of Justice to release “as much information regarding individual investigations as possible,” Aug. 9-10, 2010, available here; “Hundreds of Justice Department Attorneys Violated Professional Rules, Laws, or Ethical Standards: Administration Won’t Name Offending Prosecutors,” Report by POGO, March 13, 2014, available here.

The report ends with a reassertion that the Inspector General Act requires far more of inspectors general than OPR provides.

Moreover, whatever the soundness of OPR’s work, the Department’s efforts to equate OPR’s independence and transparency with that of the OIG flies directly in the face of the Inspector General Act, which fundamentally exists to create entities with an enhanced degree of independence and transparency so that they can credibly conduct investigations and reviews where there would be an expectation that more independent and transparent oversight is required. That is the very reason why Attorney General Ashcroft expanded the OIG’s jurisdiction in 2001 to include the FBI and the DEA, and there simply is no reason why Department attorneys continue to be protected from the possibility that their conduct may warrant independent review by the OIG in appropriate cases.

Frankly, there is evidence that OPR’s investigation has been inadequate, starting with both the Yoo and the Stevens investigations.

But there have also been a slew of cases of prosecutors withholding evidence from defendants, cases that ought to merit some real review (to say nothing of the Clinton email case). For example, just this week, Ross Ulbricht’s lawyers revealed they had discovered evidence of a third corrupt agent, the evidence of which had been withheld from the defense team.

There’s no hint of why Horowitz is making this point now. But there sure are a number of cases that might elicit actual independent review.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

About that Russian Hacker Story

This story is going viral on social media. The CNN article, dated October 12, describes a compromise of a FL contractor they don’t situate in time.

Federal investigators believe Russian hackers were behind cyberattacks on a contractor for Florida’s election system that may have exposed the personal data of Florida voters, according to US officials briefed on the probe.

The hack of the Florida contractor comes on the heels of hacks in Illinois, in which personal data of tens of thousands of voters may have been stolen, and one in Arizona, in which investigators now believe the data of voters was likely exposed.
Later in the article, CNN makes it clear this is the same hack as described in this earlier ABC reporting, which expands on a story from several days earlier. ABC’s reporting doesn’t date the compromise either. Rather, it explains that FL was one of four states in which hackers had succeeded in compromising data, whereas hackers had scanned voting related systems — tried to hack systems — in half the states.

As ABC News first reported Thursday, hackers have recently tried to infiltrate voter registration systems in nearly half of the states across the country –- a significantly larger cyber-assault than U.S. officials have been willing to concede.

And while officials have publicly admitted Illinois and Arizona had their systems compromised, officials have yet to acknowledge that information related to at least two other states’ voters has also been exposed.

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

And ABC’s source at least claimed that all hackers did was copy voter data.

The voter information was exposed after cyber-operatives gained entry to at least one computer associated with a private company hired to administer voter information, the sources said.

A simple “phishing” scheme –- with a malicious link or attachment sent in an email –- is likely how it all started, one source said.

“The attack was successful only in the sense that they gained access to the database, but they didn’t manipulate any of the voter [information] in the database,” the source said.

So, in spite of what people might think given the fact that the CNN is going viral right now, it doesn’t refer to a hack in conjunction with the election. It refers to a hack that happened well over a month ago. It refers to a hack that — at least according to people who have an incentive to say so — resulted only in the theft of data, not its alteration.

Both CNN and ABC use language that suggests the Russian government was behind this hack. Here’s CNN:

FBI investigators believe the the hacks and attempted intrusions of state election sites were carried out by hackers working for Russian intelligence.

And here’s ABC:

Hackers working on behalf of the Russian government are suspected in the onslaught against election-related systems, according to sources with knowledge of the matter.

But (as CNN points out) the October 7 joint DNI/DHS statement on Russian hacking doesn’t attribute the voting rolls part to the Russian state.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

An earlier DHS one explicitly attributes them to cybercriminals.

(U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

There were known instances of identity thieves hacking voting rolls going back some time, so it is possible that’s all this was about.

We learned recently that FBI Director Comey pointedly did not want to be included on the joint DNI/DHS statement, because it was too close to the election. So it’s possible there was disagreement about that part of it (which might explain the FBI-sourced leak to CNN).

Also note, I believe the known hackers used different methods, including both SQL injection and phishing. If in response to the earlier ones, DHS did a review of voting systems and found a number of phishes using the same methods as GRU, that may explain why FBI would say it was Russian.

In any case, we don’t know what happened, and at least public claims say the hackers didn’t alter any data.

But the CNN story, at least, is not about something that just happened.

Update: Fixed some typos and clarity problems.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The Blame Comey Movement

screen-shot-2016-11-11-at-4-49-34-pmThere is a big rush from commentators on all sides to blame Jim Comey for the election result. And while normally I’m happy to blame Comey for things, I’m not convinced we have data to support that claim here, at least not yet.

The claim comes from two places. First, this description of how Trump’s analysts responded after discovering rural whites were voting at higher rates than expected.

Trump’s analysts had detected this upsurge in the electorate even before FBI Director James Comey delivered his Oct. 28 letter to Congress announcing that he was reopening his investigation into Clinton’s e-mails. But the news of the investigation accelerated the shift of a largely hidden rural mass of voters toward Trump.

Inside his campaign, Trump’s analysts became convinced that even their own models didn’t sufficiently account for the strength of these voters. “In the last week before the election, we undertook a big exercise to reweight all of our polling, because we thought that who [pollsters] were sampling from was the wrong idea of who the electorate was going to turn out to be this cycle,” says Matt Oczkowski, the head of product at London firm Cambridge Analytica and team leader on Trump’s campaign. “If he was going to win this election, it was going to be because of a Brexit-style mentality and a different demographic trend than other people were seeing.”

Trump’s team chose to focus on this electorate, partly because it was the only possible path for them. But after Comey, that movement of older, whiter voters became newly evident. It’s what led Trump’s campaign to broaden the electoral map in the final two weeks and send the candidate into states such as Pennsylvania, Wisconsin, and Michigan that no one else believed he could win (with the exception of liberal filmmaker Michael Moore, who deemed them “Brexit states”). [my emphasis]

And from this letter from Hillary’s pollster Navin Nayak.

We believe we lost this election in the last week. Comey’s letter in the last 11 days of the election both helped depress our turnout and also drove away some of our critical support among college-educated white voters — particularly in the suburbs. We also think Comey’s 2nd letter, which was intended to absolve Sec. Clinton, actually helped to bolster Trump’s turnout.

Navak is presumably the same person who missed the surge in rural areas that Trump was seeing, and therefore partly responsible for Clinton’s belated attention to MI and WI. No matter what caused surges in Trump’s support, not responding to it was a key reason for Hillary’s loss. So Navak has a big incentive to blame others.

After saying everything was going swimmingly in early turnout (without noting low African American turnout in that early vote), Navak tells this story about the last week.

But then everything changed in the last week.

Voters who decided in the last week broke for Trump by a larger margin (42-47). These numbers were even more exaggerated in the key battleground states.

There are two major events that happened in the last week:

Director Comey released his first letter 11 days out from the election, which likely helped to depress turnout among Hillary’s supporters. It made Sec. Clinton’s e-mail the focus of the campaign for half the remaining 10 days.

After seeing record early vote numbers, there was a significant drop in Election Day turnout, particularly among Hillary supporters, and this was noticeable in both larger cities such as Philadelphia, Raleigh-Durham, Milwaukee, Detroit and the suburbs surrounding these and other cities.

The two days before Election Day, Director Comey released a 2nd letter, which energized Trump supporters. [emphasis original]

What these two pieces — from Trump’s data analyst and Hillary’s pollster — suggest is a correlation between the Comey letter and Trump’s improved chances. But there’s no proof of causation — certainly not that Comey is the primary explanation.

Iscreen-shot-2016-11-11-at-5-21-22-pmn fact, temporally, the correlation is not perfect. Trump’s analysts say the trend started before the Comey letter. This was a weird election, but it is still highly unlikely that a letter released on October 28 can entirely explain a trend that started before October 28.

Navak is a lot squishier on timing. He says the trend happened in the last week. But of course, the letter (and the blizzard of press coverage) came out earlier than that. Precisely when did he see things start going south? He doesn’t say in his email but if it was really just the last week, then that timing doesn’t make sense either.

Then there’s the other detail that Navak does tell us: the move away from Hillary happened more in the “key battleground states.” That got me wondering why voters in key battleground states would be more responsive to Comey’s letter than voters in red or blue states.

screen-shot-2016-11-11-at-5-32-21-pmWhen I raised this on Twitter, a lot of people said swing state residents would be more bombarded with discussions about emails in the last two weeks. But aside from people who went to a Trump rally (which is admittedly thousands of people, though presumably hard core Trump supporters more than late deciders), they wouldn’t necessarily have. Trump’s final ad, which was very good and pretty reminiscent of Obama’s election ads, only referred to the emails once (albeit right at the beginning, just 5 seconds in), and even then only visually, appearing as Trump said “corrupt.” The emails were just one part of Trump’s larger narrative about a corrupt establishment. The rest of Trump’s ad played to economic anxieties, with dog whistles to anti-Semitism and xenophobia, but not the aggressive ones you’d see in his rallies.

Hillary’s final ad meanwhile (at the same link), was far weaker, basically just saying Trump is a dick but without naming him. So for those who decided based  on the content of these ads (I personally didn’t see many super PAC ads, though they may be a factor), the emails probably weren’t the deciding factor, the quasi-empowering message probably was more likely to have been.

And look at the data, above, from Nate Silver’s analysis. It is absolutely true that late-deciding voters in WI, MI, IA, PA, and FL went disproportionately for Trump. They did too in UT, which is unsurprising, but which is also a useful example because it suggests one of the other things people were doing in the last week: Deciding whether to vote a third party candidate, Evan McMullin, or not. Indeed, polling averages show that Trump’s late surge nationally came in conjunction with what was a longer, slower slide in Gary Johnson’s support. I think it’s possible that the emails affected people’s decision to vote third party or even among Republicans who might have voted for Hillary. But one thing that appears to partly explain Trump’s rise at the end is just a very typical decision among people who consider voting third party to in the end support the major candidate. Remember, too, that Trump’s aides had finally gotten him onto a script for these last days, so he was saying and doing fewer offensive things just as these late deciders decided.

Finally, look at those other swing states. In OH, the difference was much smaller. In NV, later breakers actually broke for Hillary. In GA that was even more pronounced.

Perhaps most interesting of all, however, is VA. VA — especially its northern suburbs where Hillary got most of her support — is packed with security clearance holders, precisely the kind of people who’ve expressed the most exasperation about a perceived double standard in the treatment of Hillary. Perhaps that sentiment, which I’ve seen expressed by individuals in a number of places — is overstated. Maybe some clearance holders who also understand overclassification aren’t as bugged by the email scandal as others. In any case, in VA, the state that probably has a higher chunk of clearance holders than any other, broke slightly for Hillary after the Comey letters. Why would Virginians treat the Comey letter so much differently than Wisconsonites and Michiganders?

One final thing. In the days after the first Comey letter, polls actually asked how much it would influence voters’ decision. One poll showed as many undecided voters saying it made no difference as those who said it did.

Thirty-nine percent of voters said the additional review of emails in the Clinton case had no bearing on their vote in November, while 33 percent it made them much less likely to vote for Clinton.

But most of those voters are already aligned against Clinton. Nearly two-thirds of Trump voters, 66 percent, said it makes them much less likely to vote against Clinton.

Among the small pocket of undecided voters remaining, 42 percent said it made them less likely to vote for Clinton, including 30 percent who said it made them much less likely to vote for her. But just as many, 41 percent, said it makes no difference either way.

In others, there was a bigger difference, even affecting Clinton supporters.

An ABC/Washington Post tracking survey released Sunday, conducted both before and after Comey’s letter was made public on Friday, found that about one-third of likely voters, including 7 percent of Clinton supporters, said the new e-mail revelations made them less likely to support the former secretary of state.

The poll found that Clinton received support from 46 percent of likely voters to Trump’s 45 percent, suggesting the race is a toss-up. That contrasts with the 12-point advantage that Clinton held in the same poll a week ago. Trump’s numbers have crept up, in part, as more Republicans have gotten behind their candidate.

A CBS tracking poll of likely voters in battleground states — the 13 states that could swing the Nov. 8 election — released on Sunday found that among voters overall, 71 percent say it either won’t change their thinking, or in some cases, they had already voted.

I’m not aware of any polls that asked about this after Comey’s second letter (and I’m somewhat baffled about how it could energize Trump voters in the way Navak claims), so it’s unclear how these numbers moved after she was re-exonerated.

The election was incredibly close. So if those 7% of Hillary voters who, the weekend after the first Comey letter, considered his announcement significant enough that it might decide their vote instead decided to stay home, it may well have been decisive. But we don’t have that data yet.

Let me close by emphasizing what I am not saying. I am not saying the email scandal didn’t affect the election at all. I am not saying that the press’ disproportionate coverage of it as opposed to Trump’s own corruption didn’t affect the election. Nor am I saying that the Comey letter definitively did not affect the election.

Rather, I’m just saying we don’t have proof that a somewhat inexact correlation between Trump’s late surge and the Comey letter was the cause of his late surge. I’m happy to be convinced otherwise. But right now I’m not seeing it.

Update: This David Plouffe analysis is worth reading in the context of this post for two reasons. First, he notes that Gary Johnson lost support primarily among his older supporters, but his younger supporters stayed with him. This means that his decline likely was tied to a Trump increase, and what remained did hurt Hillary disproportionately.

And here’s what he says about Comey.

JAMES COMEY From the last debate until Election Day, the dominant news was the F.B.I. and Mrs. Clinton’s emails along with a drumbeat of daily WikiLeaks dumps. Postelection research will help shed light here, but the small number of undecided voters at the end should have broken at least equally based on their demographic and voting history. If exit polls are accurate, they moved to Mr. Trump much more than to Mrs. Clinton in certain battleground states, and it’s quite possible the shadow created by the F.B.I. director was the major culprit. Oct. 19, the day of the final debate, was a long 20 days to Nov. 8, and the atmosphere was far from ideal for the Democratic candidate.

Update: On Twitter, Jamison Foser explained why the second letter would invigorate Trump’s supporters: because it fed the narrative that Hillary is corrupt and always gets away with it. That makes sense.

Another person pointed out that the differential impact in VA may be due to Tim Kaine’s influence, which is also a good explanation.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Is FBI Still Fluffing Its Encryption Numbers?

Note: All the big civil liberties groups are fundraising “bigly” off of the election of Trump. If you are donating to them and are able, please consider supporting this work as well.  

Update: I went back to the FBI spox who originally told me that the 13% number cited in August included damaged phones, to clarify that this more recent one did. It does not. Here’s what he said:

It is true that damaged devices are provided to CART and RCFL for FBI assistance, but the 886 devices in FY16 that the FBI was not able to access (which is the number that GC Baker provided last week), does not include those damaged devices. It includes only those devices for which we encountered a password we were not able to bypass.

“[T]he data on the vast majority of the devices seized in the United States may no longer be accessible to law enforcement even with a court order or search warrant,” FBI Director Jim Comey wrote in a response to a question from Senate Judiciary Committee Chair Chuck Grassley in January. Grassley had asked whether Comey agreed with New York District Attorney’s Cy Vance’s estimate — made in Senate testimony the previous July — that “when smartphone encryption is fully deployed by Apple and Google, 71% of all mobile devices examined…may be outside the reach of a warrant.”

In Comey’s very next answer, however, he admitted the FBI was still trying to quantify the problem. “FBI is currently working on improving enterprise-wide quantitative data collection to better understand and explain the ‘data at rest’ problem.” Comey and Deputy Attorney General Sally Yates had promised to come up with real data at the July 2015 hearing.

Since that time, FBI has publicly created the impression they had real numbers on encryption.

In a speech at the end of August, Jim Comey claimed that the FBI had been unable to open 650 of the 5,000 devices it got in its forensics centers (remember, the fiscal year starts on October 1).

We believe in the FBI that we need a conversation. If at the end of the day the American people say, “You know what, we’re okay with that portion of the room being dark. We’re okay with”—to use one example—“the FBI, in the first 10 months of this year, getting 5,000 devices from state and local law enforcement and asked for assistance in opening them, and in 650 of those devices being unable to open those devices.” That’s criminals not caught, that’s evidence not found, that’s sentences that are far, far shorter for pedophiles and others because judges can’t see the true scope of their activity.

That left the impression that encryption thwarted the FBI in 13% of all cases.

According to Kevin Bankston, FBI General Counsel just provided an equivalent number at a National Academy of the Sciences working group on encryption (Baker only said these were inaccessible — he did not claim that was because of encryption, though that was the context of the number).

Interesting data point: Baker says over FY 2016, of 6814 mobile devices submitted by fed/state/local to FBI’s [Computer Analysis Response Teams and Regional Computer Forensic Laboratories for analysis 2095 of them req’d passcodes, defeated passcodes in 1210 cases, unable to (presumably due to crypto?) in 886 (885?) cases.

That reflects the same 13% failure rate.

I asked the FBI in September where they got this number. And at least at that point, the 13% was not a measure of how often encryption thwarted the FBI. A spokesperson told me,

It is a reflection of data on the number of times over the course of each quarter this year that the FBI or one of our law enforcement partners (federal, state, local, or tribal) has sought assistance from FBI digital forensic examiners with respect to accessing data on various mobile devices where the device is locked, data was deleted or encrypted, the hardware was damaged, or there were other challenges with accessing the data. I am not able to break that down by crime type.

In the San Bernardino case, for example, the FBI may not have been able to access 66% of the phones it seized from the culprits (there are actually varying reports on this). But in the end, encryption accounted for none of those phones being inaccessible: physical destruction accounted for all of it.

So unless the FBI, after I asked in early September, went back and recalculated their quarterly numbers (I’ve got a question in to clarify this point), then the FBI is presenting a false claim about encryption.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Why Democrats May Embrace Jim Comey’s Self-Righteousness in 12 Months

Some Democrats are already blaming Jim Comey for Hillary’s loss last night. It will be some time before we know for sure whether that is true. Certainly polling (to the extent that it can be regarded as a fair read of the electorate, which I’m not sure it can) didn’t show Hillary losing a lot of support, net, over the course of Comey’s head fake. Instead, polls showed Gary Johnson voters coming home to the GOP, which closed Trump’s polling gap. I do think it likely that Comey’s head fake had an effect on Democratic turnout.

So we will see whether Comey is to blame or something else (that said, by the time we really know that, a narrative will be set).

But I also want to talk about Comey’s position going forward.

Had Hillary won, I think President Obama might have fired Comey in the lame duck. But I don’t see that happening now. Partly, because it would be seen as vindictive, and Obama has his legacy to cement. More importantly, there’s no chance Obama could get someone else confirmed.

So Comey will be FBI Director on January 20, with six plus years of a ten year term in front of him.

Trump has already floated Rudy Giuliani as Attorney General.

I have no idea what their relationship is like now, but recall that Comey worked for (presumably was hired by) Giuliani when the latter was US Attorney in the 1980s. Giuliani is the guy that launched Comey on his self-righteous career of federal prosecution.

For that reason — and because of Comey’s behavior in the last month — I expect Trump will keep him.

That means Comey’s self-righteous rule is one of the few things that will prevent Trump, in the near turn, from politicizing the FBI more than it already is. Today’s FBI is already bad, but Comey may limit how badly Trump’s FBI targets Muslims and others Trump targeted during the campaign.

Ultimately, Comey’s tenure may end where it has before, in standing up to some legalistic abuse (even while sanctioning the underlying behavior, as Comey did with both torture and mass surveillance), and resigning or getting fired.

But in the short term, at least, the Democrats who are blaming Comey today may welcome his self-righteousness tomorrow. Me, I think the reasons that self-righteousness is a problem now will remain a problem. But probably less problematic than having Joe Arpaio run the FBI.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.