Posts

Eleven (or Thirteen) Senators Are Cool with Using Section 702 to Spy on Americans

The Senate Intelligence Committee report on its version of Section 702 “reform” is out. It makes it clear that my concerns raised here and here are merited.

In this post, I’ll examine what the report — particularly taken in conjunction with the Wyden-Paul reform — reveals about the use of Section 702 for domestic spying.

The first clue is Senator Wyden’s effort to prohibit collection of domestic communications — the issue about which he and Director of National Intelligence Dan Coats have been fighting about since June.

By a vote of four ayes to eleven noes, the Committee rejected an amendment by Senator Wyden that would have prohibited acquisition under Section 702 of communications known to be entirely domestic under authority to target certain persons outside of the United States. The votes in person or by proxy were as follows: Chairman Burr—no; Senator Risch—no; Senator Rubio—no; Senator Collins—no; Senator Blunt—no; Senator Lankford—no; Senator Cotton—no; Senator Cornyn—no; Vice Chairman Warner—no; Senator Feinstein—aye; Senator Wyden—aye; Senator Heinrich— aye; Senator King—no; Senator Manchin—no; and Senator Harris—aye.

It tells us that the government collects entirely domestic communications, a practice that Wyden tried to prohibit in his own bill, which added this language to Section 702.

(F) may not acquire communications known to be entirely domestic;

This would effectively close the 2014 exception, which permitted the NSA to continue to collect on a facility even after it had identified that Americans also used it. As I have explained is used to collect Tor (and probably VPN) traffic to obtain foreigners’ data. I suspect that detail is what Wyden had in mind when, in his comments in the report, he said the report itself “omit[s] key information about the scope of authorities granted the government” (though there are likely other things this report hides).

I have concerns about this report. By omitting key information about the scope of authorities granted the government, the Committee is itself contributing to the continuing corrosive problem of secret law

As the bill report lays out, Senators Burr, Risch, Rubio, Collins, Blunt, Lankford, Cotton, Cornyn, Warner, King, and Manchin are all cool using a foreign surveillance program to spy on their constituents, especially given that Burr has hidden precisely the impact of that spying in this report.

Any bets on whether they might have voted differently if we all got to know what kind of spying on us this bill authorized.

That, of course, is only eleven senators who are cool with treating their constituents (or at least those using location obscuring techniques) like foreigners.

But I’m throwing Feinstein and Harris in with that group, because they voted against a Wyden amendment that would have limited how the government could use 702 collected data in investigations.

By a vote of two ayes to thirteen noes, the Committee rejected an amendment by Senator Wyden that would have imposed further restrictions on use of Section 702-derived information in investigations and legal proceedings. The votes in person or by proxy were as follows: Chairman Burr—no; Senator Risch—no; Senator Rubio—no; Senator Collins—no; Senator Blunt—no; Senator Lankford—no; Senator Cotton—no; Senator Cornyn—no; Vice Chairman Warner—no; Senator Feinstein—no; Senator Wyden— aye; Senator Heinrich—aye; Senator King—no; Senator Manchin— no; and Senator Harris—no.

While we don’t have the language of this amendment, I assume it does what this language in Wyden’s bill does, which is to limit the use of Section 702 data for purposes laid out in the known certificates (foreign government including nation-state hacking, counterproliferation, and counterterrorism — though this language makes me wonder if there’s a Critical Infrastructure certificate or whether it only depends on the permission to do so in the FBI minimization procedures, and the force protection language reminds me of the concerns raised by a recent HRW FOIA permitting the use of 12333 language to do so).

(B) in a proceeding or investigation in which the information is directly related to and necessary to address a specific threat of—

(i) terrorism (as defined in clauses (i) through (iii) of section 2332(g)(5)(B) of title 18, United States Code);

(ii) espionage (as used in chapter 37 of title 18, United States Code);

(iii) proliferation or use of a weapon of mass destruction (as defined in section 2332a(c) of title 18, United States Code);

(iv) a cybersecurity threat from a foreign country;

(v) incapacitation or destruction of critical infrastructure (as defined in section 1016(e) of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001 (42 U.S.C. 5195c(e))); or

(vi) a threat to the armed forces of the United States or an ally of the United States or to other personnel of the United States Government or a government of an ally of the United States.

Compare this list with the one included in the bill, which codifies the use of 702 data for issues that,

“Affects, involves, or is related to” the national security of the United States (which will include proceedings used to flip informants on top of whatever terrorism, proliferation, or espionage and hacking crimes that would more directly fall under national security) or involves,

  • Death
  • Kidnapping
  • Serious bodily injury
  • Specified offense against a minor
  • Incapacitation or destruction of critical infrastructure (critical infrastructure can include even campgrounds!)
  • Cybersecurity, including violations of CFAA
  • Transnational crime, including transnational narcotics trafficking
  • Human trafficking (which, especially dissociated from transnational crime, is often used as a ploy to prosecute prostitution; the government also includes assisting undocumented migration to be human trafficking)

[snip]

Importantly, the bill does not permit judicial review on whether the determination that something “affects, involves, or is related to” national security. Meaning Attorney General Jeff Sessions could decide tomorrow that it can collect the Tor traffic of BLM or BDS activists, and no judge can rule that’s an inappropriate use of a foreign intelligence program.

The bill report’s description of this section makes it clear that — in spite of its use of the word “restriction,” — this is really about providing affirmative “permission.”

Section 6 provides restrictions on the Federal Bureau of Investigation’s (FBI’s) use of Section 702-derived information, so that the FBI can use the information as evidence only in court proceedings [my emphasis]

That is, Wyden would restrict the use of 702 data to purposes the FISC has affirmatively approved, rather than the list of 702 purposes expanded to include the most problematic uses of Tor: all hacking, dark markets, and child porn.

So while Feinstein and Harris voted against the use of 702 to collect known domestic communications, they’re still okay using domestic Tor commuincations they say they don’t want to let NSA collect to prosecute Americans (which is actually not surprising given their past actions on sex workers).

Again, they’re counting on the fact that the bill report is written such that their constituents won’t know that this is going on. Unless they read me.

Look, I get the need to collect on Tor traffic to go after its worst uses. But if you’re going to do that, stop pretending this is a foreign surveillance bill, and instead either call it a secret court bill (one that effectively evades warrant requirements for all Tor wiretapping in this country), or admit you’re doing that collection and put review of it back into criminal courts where it belongs.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Senate Intelligence Committee 702 Bill Is a Domestic Spying Bill

Richard Burr has released his draft Section 702 bill.

Contrary to what you’re reading about it not “reforming” 702, the SSCI bill makes dramatic changes to 702. Effectively, it makes 702 a domestic spying program.

The SSCI expands the kinds of criminal prosecutions with which it can use Section 702 data

It does so in Section 5, in what is cynically called “End Use Restriction,” but which is in reality a vast expansion of the uses to which Section 702 data may be used (affirmatively codifying, effectively, a move the IC made in 2015). It permits the use of 702 data in any criminal proceeding that “Affects, involves, or is related to” the national security of the United States (which will include proceedings used to flip informants on top of whatever terrorism, proliferation, or espionage and hacking crimes that would more directly fall under national security) or involves,

  • Death
  • Kidnapping
  • Serious bodily injury
  • Specified offense against a minor
  • Incapacitation or destruction of critical infrastructure (critical infrastructure can include even campgrounds!)
  • Cybersecurity, including violations of CFAA
  • Transnational crime, including transnational narcotics trafficking
  • Human trafficking (which, especially dissociated from transnational crime, is often used as a ploy to prosecute prostitution; the government also includes assisting undocumented migration to be human trafficking)

This effectively gives affirmative approval to the list of crimes for which the IC can use 702 information laid out by Bob Litt in 2015 (in the wake of the 2014 approval).

Importantly, the bill does not permit judicial review on whether the determination that something “affects, involves, or is related to” national security. Meaning Attorney General Jeff Sessions could decide tomorrow that it can collect the Tor traffic of BLM or BDS activists, and no judge can rule that’s an inappropriate use of a foreign intelligence program.

“So what?” you might ask, this is a foreign surveillance program. So what if they find evidence of child porn in the course of spying on designated foreign targets, and in the process turn it over to the FBI?

The reason this is a domestic spying program is because of two obscure parts of 702 precedent.

The 2014 exception permits NSA to collect Tor traffic — including the traffic of 430,000 Americans

First, there’s the 2014 exception.

In 2014, the FISC approved an exception to the rule that the NSA must detask from a facility when it discovers that a US person was using it. I laid out the case that the facilities in question were VPNs (collected in the same way PRISM would be) and Tor (probably collected via upstream collection). I suggested then that it was informed speculation, but it was more than that: the 2014 exception is about Tor (though I haven’t been able to confirm the technical details of it).

NSA is collecting Tor traffic, including the traffic of the 430,000 Americans each day who use Tor.

One way to understand how NSA gets away with this is to consider how the use of upstream surveillance with cybersecurity works. As was reported in 2015, NSA can use upstream for cybersecurity purposes, but only if that use is tied to known indicators of compromise of a foreign government hacking group.

On December 29 of last year, the Intelligence Community released a Joint Analysis Report on the hack of the DNC that was considered — for cybersecurity purposes — an utter shitshow. Most confusing at the time was why the IC labeled 367 Tor exit nodes as Russian state hacker indicators of compromise.

But once you realize the NSA can collect on indicators of compromise that it has associated with a nation-state hacking group, and once you realize NSA can collect on Tor traffic under that 2014 exception, then it all begins to make sense. By declaring those nodes indicators of compromise of Russian state hackers, NSA got the ability to collect off of them.

NSA’s minimization procedures permit it to retain domestic communications that are evidence of a crime

The FISC approved the 2014 exception based on the understanding that NSA would purge any domestic communications collected via the exception in post-tasking process. But NSA’s minimization procedures permit the retention of domestic communications if the communication was properly targeted (under targeting procedures that include the 2014 exception) and the communication 1) includes significant foreign intelligence information, 2) the communication includes technical database information (which includes the use of encryption), 3) contains information pertaining to an imminent threat of serious harm to life or property OR,

Such domestic communication does not contain foreign intelligence information but is reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed. Such domestic communication may be disseminated  (including United States person identities) to appropriate law enforcement authorities, in accordance with 50 U.S.C. § 1806(b) and 1825(c), Executive Order No 12333, and, where applicable, the crimes reporting procedures set out in the August 1995 “Memorandum of Understanding: Reporting of Information Concerning Federal Crimes,” or any successor document.

So they get the data via the 2014 exception permitting NSA to collect from Tor (and VPNs). And they keep it and hand it off to FBI via the exception on NSA’s destruction requirements.

In other words, what Richard Burr’s bill does is affirmatively approve the use of Section 702 to collect Tor traffic and use it to prosecute a range of crimes, some of them potentially quite minor.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

After the Ad Hominem Approach to Surveillance Reauthorization Fails, Spooks Now Revert to Secrecy

As I have noted, thus far the surveillance boosters’ favored approach to Section 702 reauthorization has been to engage in ad hominem attacks against people engaging in good faith in the legislative process (even while they, themselves, make what would most charitably be called significant errors). Even when people make a concerted effort to avoid such sloppy attacks — as FBI Director Christopher Wray did at a recent appearance — they still accuse others of believing in myths while ignoring their own myth-making.

But now Richard Burr and the spooks he caters to are adopting another approach: legislating in secret.

The SSCI is reportedly moving to mark up their own version of Section 702 reauthorization this week — a bill crafted by Senators Burr, Warner, Feinstein, and Cornyn. The make-up of the team is key: because Cornyn and Feinstein are also on Senate Judiciary, they can sink any alternate bill that moves through that committee (something Feinstein has been doing since at least 2009).

As Wyden says in a letter objecting to the secret mark-up,

Section 702 has been the subject of extensive public testimony, while relevant FISA Court orders, minimization procedures and other documents have been declassified and released to the public. In this context, the public is right to expect that Congress debate the reauthorization of this authority in the open. Indeed, a transparent legislative process is a fundamental hallmark of our democracy.

A bunch of NGOs have also called on Burr to make this mark-up public.

There are several likely reasons why Burr and the spooks want to craft their legislation in secret.

Perhaps most importantly, by holding a closed session, you delay by about a month and a half what happened in the session, what the cleared Senators debated, and the tactical means the Chair (in this case Burr) used to shut down reform suggestions. That’s what happened in 2012, when Feinstein delayed the release of the bill report for about that long, hiding details about Ron Wyden’s attempt to get a count of US persons affected by 702 (see these three posts — one, two, three — for details, though Wyden did manage to call Feinstein out for lying about FISC always finding the collection to be constitutional).

Indeed, I’d bet a lot of money that one reason Burr wants to have a secret mark-up is to the very same thing Feinstein did four years ago: hide the government’s lies about their alleged inability to do a count of how many Americans get sucked up as part of 702, and how.

But the other reason Burr and the spooks likely want to have a mark-up in secret is precisely because of the transparency won since 2013, they don’t have winning arguments anymore. While courts, because of the secrecy reviewing cases without any adversarial process and often not getting a full picture of how 702 works, have found 702 itself constitutional (though the Ninth Circuit largely dodged the question of back door searches), as more and more people understand how it works (and as white men watching the Mike Flynn case come to understand how fragile life can get for those picked up incidentally), the program seems problematic.

And even those who believe 702 in its current form serves an irreplaceable role in our surveillance system can see the need for no-nonsense reforms, such as requiring an amicus help review yearly reauthorization.

In other words, by hiding this mark-up, Burr is conceding that he can’t win this legislative battle democratically. He, and the spooks, have to cheat. And they’re willing to do so, to codify parts of this program that likely wouldn’t pass court review if done in a real adversarial process.

We are at a critical tipping point with surveillance in this country, as the government chips away at the technologies that allow individuals to retain some kind of privacy. And to ensure we slide over that tipping point and down the dangerous slope on the other side, a bunch of spooks and their servants are cowering from democracy.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Senate Judiciary Committee Republicans Have No Excuse for Not Doing Something about White Supremacist Violence

Last I checked, the following Republicans on the Senate Judiciary Committee have criticized white supremacists, violence, and/or Trump’s appeasement of the former in Charlotteville.

Chuck Grassley, Senate Judiciary Committee Chair:

What ” WhiteNatjonalist” are doing in Charlottesville is homegrown terrorism that can’t be tolerated anymore that what Any extremist does

Orrin Hatch, President pro tempore:

We should call evil by its name. My brother didn’t give his life fighting Hitler for Nazi ideas to go unchallenged here at home

Their tiki torches may be fueled by citronella but their ideas are fueled by hate, & have no place in civil society.

Lindsey Graham, Chair of Subcommittee on Crime and Terrorism:

The South Carolina Republican called on Attorney General Jeff Sessions to go to Virginia and “personally handle domestic terrorism investigations” and alleged civil rights abuses by the Ku Klux Klan and neo-Nazis “who took this young woman’s life.”

Graham was referring to Heather Heyer, 32, who was killed when a car ran into a group of counter-protesters Saturday in Charlottesville where white supremacists and neo-Nazis were holding a “Unite the Right” rally. Many more were injured.

Graham additionally proposed the Departments of Justice and Homeland Security form a task force on the threat of white supremacist groups and report back to Congress with potential solutions for cracking down on them.

“This is an opportunity for the Trump administration to come down like a hammer on white supremacists,” Graham said during a news conference in his Columbia office. “And I hope they do.”

John Cornyn, Chair of Subcommittee on Border Security and Immigration and Senate Majority Whip:

No place for the bigotry & hate-filled violence in . These actions should be condemned in the strongest possible terms.

And (update, from August 17):

We’ve all been shocked that the unhealed wounds of the nation’s racial divide flared up in such a surprising and disturbing way,” Cornyn said in a Chronicle interview. “I think the president had an opportunity to send a message that would unite America behind our common resolve to heal those wounds and unite our country, and unfortunately I don’t think he did that.”

Ted Cruz, Chair of Subcommittee on the Constitution, who while Chair of the Subcommittee on Oversight, Agency Action, Federal Rights and Federal Courts, had a hearing on the importance of naming Islamic terrorism Islamic terrorism:

It’s tragic and heartbreaking to see hatred and racism once again mar our great Nation with bloodshed. Heidi’s and my prayers are with the loved ones of those killed and injured in the ongoing violence in Charlottesville. The First Amendment protects the rights of all Americans to speak their minds peaceably, but violence, brutality, and murder have no place in a civilized society.

The Nazis, the KKK, and white supremacists are repulsive and evil, and all of us have a moral obligation to speak out against the lies, bigotry, anti-Semitism, and hatred that they propagate. Having watched the horrifying video of the car deliberately crashing into a crowd of protesters, I urge the Department of Justice to immediately investigate and prosecute this grotesque act of domestic terrorism.

These bigots want to tear our country apart, but they will fail. America is far better than this. Our Nation was built on fundamental truths, none more central than the proposition ‘that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty, and the Pursuit of Happiness.’

But,

“One of the things we’re seeing going on is the media and the Democrats are, to the surprise of no one, demagoguing this issue and using it for political advantage,” Cruz said. “So, in the media’s telling, they want to tar and feather any Republican, any conservative, and paint us all as these crazy racist nutbags.”

Jeff Flake, Chair of Subcommittee Privacy, Technology, and the Law):

We can’t accept excuses for white supremacy & acts of domestic terrorism. We must condemn. Period.

Flake, more generally:

Under our Constitution, there simply are not that many people who are in a position to do something about an executive branch in chaos. As the first branch of government (Article I), the Congress was designed expressly to assert itself at just such moments. It is what we talk about when we talk about “checks and balances.” Too often, we observe the unfolding drama along with the rest of the country, passively, all but saying, “Someone should do something!” without seeming to realize that that someone is us. And so, that unnerving silence in the face of an erratic executive branch is an abdication, and those in positions of leadership bear particular responsibility.

Ben Sasse, Chair of Subcommittee on Oversight, Agency Action, Federal Rights and Federal Courts:

“I refuse to accept that mankind is tragically bound to the starless midnight of racism… Unconditional love will have the final word” -MLK

“My dream is of a place and a time where America will once again be seen as the last best hope of earth.” -Abraham Lincoln

“We hold these truths to be self-evident, that ALL men are created equal, that they are endowed, by their Creator with…unalienable Rights”

These people are utterly revolting–and have no understanding of America. This creedal nation explicitly rejects “blood & soil” nationalism.

John Kennedy:

Violence and hatred are never the answer.

There are 20 members of the Senate Judiciary Committee, 11 Republicans and 9 Democrats. Of the Republicans, eight have made statements at least condemning the violence in Charlottesville, even if Cornyn and Kennedy, among others, are obviously issuing empty condemnations.

If even two of the Republicans who’ve made statements condemning the right wing violence in Charlottesville are serious — or more specifically serious about actions that DOJ must take, as in comments that both Lindsey and Cruz made — then they’ve got the numbers to make it happen.

They’ve got the numbers to force DOJ to refund the Life After Hate program, which white supremacist Seb Gorka’s wife Katherine defunded. They’ve got the numbers to ask Jefferson Beauregard Sessions whether his DOJ will treat this act of terrorism as terrorism. They’ve got the numbers to ask whether FBI ignored warnings of surging white supremacism.

Republicans often complain that there’s nothing they can do about their unmanageable President. This is one case where that’s patently false.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Story About Judicial Dysfunction Behind the Comey Whiplash

I’ve been home from Europe for less than a day and already I’m thinking of sporting a neck collar for the whiplash I’ve gotten watching the wildly varying Jim Comey opinions.

I’m speaking, of course, of the response to Jim Comey’s highly unusual announcement to sixteen Chairs and Ranking Members of congressional committees (at least some of which Comey did not testify to) that the investigative team — presumably on the Clinton case — briefed him Thursday that FBI discovered additional emails in an unrelated case — now known to be the investigation into Anthony Weiner allegedly sexting a 15 year old — and he approved their request to take the steps necessary to be able to review those emails.

Effectively, the Weiner investigators, in reviewing the content from devices seized in that investigation, found emails from Huma Abedin, told the Hillary investigative team, and they’re now obtaining a warrant to be able to review those emails.

So of course the Republicans that had been claiming Comey had corruptly fixed the investigation for Hillary immediately started proclaiming his valor and Democrats that had been pointing confidently to his exoneration of Hillary immediately resumed their criticism of his highly unusual statements on this investigation. Make up your minds, people!

For the record, I think his initial, completely inappropriate statements made this inevitable. He excuses Friday’s statement as formally correcting the record of his testimony. The claim is undermined by the fact that not all recipients of the letter had him testify. But I think once you start the process of blabbing about investigations, more blabbing likely follows. I don’t mean to excuse this disclosure, but the real sin comes in the first one, which was totally inappropriate by any measure. I’m also very unsympathetic with the claim —  persistently offered by people who otherwise cheer Comey — that he released his initial statement to help Loretta Lynch out of the jam created by her inappropriate meeting with Bill Clinton; I think those explanations stem from a willful blindness about what a self-righteous moralist Comey is.

Of course I’ve been critical of Comey since long before it was cool (and our late great commenter Mary Perdue was critical years before that).

But I’d like to take a step back and talk about what this says about our judicial system.

Jim Comey doesn’t play by the rules

Jamie Gorelick (who worked with Comey when she was in DOJ) and Larry Thompson (who worked with Comey when Comey was US Attorney and he was Deputy Attorney General, until Comey replaced him) wrote a scathing piece attacking Comey for violating the long-standing prohibition on doing anything in an investigation pertaining to a political candidate in the 60 days leading up to an election. The op-ed insinuates that Comey is a “self-aggrandizing crusader[] on [a] high horse” before it goes on to slam him for making himself the judge on both the case and Hillary’s actions.

James B. Comey, put himself enthusiastically forward as the arbiter of not only whether to prosecute a criminal case — which is not the job of the FBI — but also best practices in the handling of email and other matters. Now, he has chosen personally to restrike the balance between transparency and fairness, departing from the department’s traditions. As former deputy attorney general George Terwilliger aptly put it, “There’s a difference between being independent and flying solo.”

But the real meat is that there’s a rule against statements like the one Comey made, and Comey broke it.

Decades ago, the department decided that in the 60-day period before an election, the balance should be struck against even returning indictments involving individuals running for office, as well as against the disclosure of any investigative steps. The reasoning was that, however important it might be for Justice to do its job, and however important it might be for the public to know what Justice knows, because such allegations could not be adjudicated, such actions or disclosures risked undermining the political process. A memorandum reflecting this choice has been issued every four years by multiple attorneys general for a very long time, including in 2016.

If Comey is willing to break this rule in such a high profile case, then what other rules is he breaking? What other judgements has Comey made himself arbiter of? Particularly given Comey’s persistent discussion of FBI’s work in terms of “good guys” and “bad guys” — as opposed to criminal behavior — that seems a really pertinent question.

As with James Clapper, Loretta Lynch can’t control Comey

Gorelick (who has been suggested among potential Clinton appointees) and Thompson go easier on Lynch, however, noting that she didn’t order him to stand down here, but ultimately blaming Comey for needing to be ordered.

Attorney General Loretta E. Lynch — nominally Comey’s boss — has apparently been satisfied with advising Comey but not ordering him to abide by the rules. She, no doubt, did not want to override the FBI director in such a highly political matter, but she should not have needed to. He should have abided by the policy on his own.

But since John Cornyn confronted Lynch in March about who would make decisions in this case — “Everyone in the Department of Justice works for me, including the FBI, sir,” Lynch forcefully reminded Cornyn — it has been clear that there’s a lot more tension than the org chart would suggest there should be.

The NYT provides more details on how much tension there is.

The day before the F.B.I. director, James B. Comey, sent a letter to Congress announcing that new evidence had been discovered that might be related to the completed Hillary Clinton email investigation, the Justice Department strongly discouraged the step and told him that he would be breaking with longstanding policy, three law enforcement officials said on Saturday.

Senior Justice Department officials did not move to stop him from sending the letter, officials said, but they did everything short of it, pointing to policies against talking about current criminal investigations or being seen as meddling in elections.

And it’s not just Lynch that has problems managing FBI.

In a response to a question from me in 2014 (after 56:00), Bob Litt explained that FBI’s dual role creates “a whole lot of complications” and went on to admit that the office of Director of National Intelligence — which is supposed to oversee the intelligence community — doesn’t oversee the FBI as directly.

Because FBI is part of the Department of Justice, I don’t have the same visibility into oversight there than I do with respect to the NSA, but the problems are much more complicated because of the dual functions of the FBI.

Litt said something similar to me in May when we discussed why FBI can continue to present bogus numbers in its legally mandated NSL reporting.

Now these are separate issues (though the Clinton investigation is, after all, a national security investigation into whether she or her aides mishandled classified information). But if neither the DNI nor the AG really has control over the FBI Director, it creates a real void of accountability that has repercussions for a whole lot of issues and, more importantly, people who don’t have the visibility or power of Hillary Clinton.

The FBI breaks the rules all the time by leaking like a sieve

Underlying this entire controversy is another rule that DOJ and FBI claim to abide by but don’t, at all: FBI is not supposed to reveal details of ongoing investigations.

Indeed, according to the NYT, Comey pointed to the certainty that this would leak to justify his Friday letter.

But although Mr. Comey told Congress this summer that the Clinton investigation was complete, he believed that if word of the new emails leaked out — and it was sure to leak out, he concluded — he risked being accused of misleading Congress and the public ahead of an election, colleagues said.

Yet the US Attorney’s Manual, starting with this language on prejudicial information and continuing into several more clauses, makes it clear that these kinds of leaks are impermissible.

At no time shall any component or personnel of the Department of Justice furnish any statement or information that he or she knows or reasonably should know will have a substantial likelihood of materially prejudicing an adjudicative proceeding.

Comey, the boss of all the FBI Agents investigating this case, had another alternative, one he should have exercised months ago when it was clear those investigating this case were leaking promiscuously: demand that they shut up, conduct investigations of who was leaking, and discipline those who were doing so. Those leaks were already affecting election year concerns, but there has been little commentary about how they, too, break DOJ rules.

But instead of trying to get FBI Agents to follow DOJ guidelines, Comey instead decided to violate them himself.

Again, that’s absolutely toxic when discussing an investigation that might affect the presidential election, but FBI’s habitual blabbing is equally toxic for a bunch of less powerful people whose investigative details get leaked by the FBI all the time.

[Update: Jeffrey Toobin addresses the role of leaks more generally here, though he seems to forget that the Hillary investigation is technically a national security investigation. I think it’s important to remember that, especially given Hillary’s campaign focus on why FBI isn’t leaking about the investigation into Trump’s ties to Russia, which would also be a national security investigation.]

Warrantless back door searches do tremendous amounts of damage

Finally, think about the circumstances of the emails behind this latest disclosure.

Reports are currently unclear how much the FBI knows about these emails. The NYT describes that the FBI seized multiple devices in conjunction with the Weiner investigation, including the laptop on which they found these emails.

On Oct. 3, F.B.I. agents seized several electronic devices from Mr. Weiner: a laptop, his iPhone and an iPad that was in large measure used by his 4-year-old son to watch cartoons, a person with knowledge of the matter said. Days later, F.B.I. agents also confiscated a Wi-Fi router that could identify any other devices that had been used, the person said.

While searching the laptop, the agents discovered the existence of tens of thousands of emails, some of them sent between Ms. Abedin and other Clinton aides, according to senior law enforcement officials. It is not clear if Ms. Abedin downloaded the emails to the laptop or if they were automatically backed up there. The emails dated back years, the officials said. Ms. Abedin has testified that she did not routinely delete her emails.

Presumably, the warrant to seize those devices permits the FBI agents to go find any evidence of Weiner sexting women (or perhaps just the young woman in question).

And admittedly, the details NYT’s sources describe involve just metadata: addressing information and dates.

But then, Comey told Congress these emails were “pertinent” to the Clinton investigation, and other details in reports, such as they might be duplicates of emails already reviewed by the FBI, suggest the Weiner investigators may have seen enough to believe they might pertain to the inquiry into whether Clinton and her aides (including Huma) mishandled classified information. Moreover, the FBI at least thinks they will be able to prove there is probable cause to believe these emails may show the mishandling of classified information.

Similarly, there are conflicting stories about whether the Hillary investigation was ever closed, which may arise from the fact that if it were (as Comey had suggested in his first blabby statements), seeking these emails would require further approval to continue the investigation.

The point, though, is that FBI would have had no idea these emails existed were it not for FBI investigators who were aware of the other investigation alerting their colleagues to these emails. This has been an issue of intense litigation in recent years, and I’d love for Huma, after the election, to submit a serious legal challenge if any warrant is issued.

But then, in this case, Huma is being provided far more protection than people swept up in FISA searches, where any content with a target can be searched years into the future without any probable cause or even evidence of wrong-doing. Here, Huma’s emails won’t be accessible for investigative purpose without a warrant (in part because of recent prior litigation in the 2nd Circuit), whereas in the case of emails acquired via FISA, FBI can access the information — pulling it up not just by metadata but by content — with no warrant at all.

[Update: Orin Kerr shares my concerns on this point — with the added benefit that he discusses all the recent legal precedents that may prohibit accessing these emails.]

This is a good example of the cost of such investigations. Because the FBI can and does sweep so widely in searches of electronic communications, evidence from one set of data collection can be used to taint others unrelated to the crime under investigation.

All the people writing scathing emails about Comey’s behavior in this particular matter would like you to believe that this issue doesn’t reflect on larger issues at DOJ. They would like you to believe that DOJ was all pure and good and FBI was well-controlled except for this particular investigation. But that’s simply not the case, and some of these issues go well beyond Comey.

Update: Minor changes were made to this post after it was initially posted.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Senate Narrowly Avoids Voting Themselves to Become “Typos”

The McCain (Cornyn) amendment to the Judiciary Appropriations bill that would let them get Electronic Communication Transaction Records with a National Security Letter just narrowly failed to get cloture, with Dan Sullivan flipping his vote to yes near the end but Mike Crapo, a likely no vote, not voting. The final vote was 59-37.

The floor debate leading up to the vote featured a few notable exchanges. Richard Burr was an absolutely douchebag, saying Ron “Wyden is consistently against providing LE the tools it needs to defend the American people.” He did so in a speech admitting that, “My colleague says this wouldn’t stop SB or Orlando. He’s 100% correct.”

Burr also insisted that we can’t let the Lone Wolf provision, which allegedly has never been used, expire. It was extended just last year and doesn’t expire until 2019.

More interesting though was the debate between Burr and Leahy over whether the FBI can’t obtain ECTRs because of a typo in the law as passed in 1993. Leahy basically described that Congress had affirmatively decided not to include ECTRs in NSLs (implicit in this, Congress also did not decide to include it in the 2001 expansion). Burr claimed that Congress meant to include it but didn’t in some kind of oversight.

Here’s how Mazie Hirono and Martin Heinrich described the debate in the report on the Intelligence Authorization, which has a version of the ECTR change.

The FBI has compared expanding these authorities to fixing a “typo” in the Electronic Communications Privacy Act (ECPA).

However, during consideration of ECPA reform legislation in 1993, the House Judiciary Committee said in its committee report that “Exempt from the judicial scrutiny normally
required for compulsory process, the national security letter is an extraordinary device. New applications are disfavored.”

The House Judiciary Committee report also makes clear that the bill’s changes to Section 2709(b) of ECPA were a “modification of the language originally proposed by the
FBI.”

This does not support claims that the removal of the ECTR language was a “typo.”

Burr effectively argued that because law enforcement wanted ECTRs to be included back in 1993, they were meant to be included, and Congress’ exclusion of them was just a typo.

In short, a member of the Senate just argued that if Congress affirmatively decides not to capitulate to every demand of law enforcement, it must be considered a “typo” and not legally binding law.

For the moment, the Senate voted down making itself a “typo,” but Mitch McConnell filed a motion to reconsider, meaning he can bring the vote back up as soon as he arm twists one more vote.

 

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Key Details about the Mitch McConnell Bid to Expand FBI Surveillance

As I noted, one of the two poison pills that stalled (if not killed) ECPA reform in the Senate Judiciary Committee a few weeks back was a John Cornyn amendment that would give the FBI authority to obtain Electronic Communication Transaction Records — which have been billed as email records, but include far more, including URLs and IP records — with an NSL again.

In a move akin to what he did by attaching CISA to last year’s Omnibus bill, Mitch McConnell has moved to shove that amendment through, this time on the Judiciary Appropriation.

Here are some key details about that effort:

Generally, the amendment would not have prevented the Orlando shooting

Republicans are spinning (and therefore some reporters are reporting) the amendment as “an effort … to respond to last week’s mass shooting in an Orlando nightclub after a series of measures to restrict guns offered by both parties failed on Monday.”

The reason why the ECTR change would not have prevented the Orlando shooting — as I noted when John Cornyn made the same bogus claim — is that, at least according to FBI Director Jim Comey (then what would he know?) FBI already obtained Omar Mateen’s ECTRs. So it is false to say that this is a real response, except insofar as shifting the way FBI would have gotten ECTRs in this case would have had other implications.

The most obvious implication of obtaining ECTRs via a subpoena versus an NSL is the latter’s gag, which the executive would retain significant prerogative over keeping in place years after obtaining the records. NSL gags have been used to hide records collection from their targets — and given that these use a “related to” standard, probably hides the number of innocent people collected for their role in someone else’s suspicious behavior — but the record of the Nicholas Merrill NSL makes it clear the gag served even more prominently to hide the kinds of records the government obtained under a broad definition of ECTR.

FBI is doing this to bypass minimization the FISA Court fought for for years

For tactical reasons, privacy groups have been claiming that permitting FBI to obtain ECTRs with an NSL is an expansion of FBI authority. That’s not technically correct: whether it should have been or not, FBI obtained ECTRs with an NSL from 2001 to 2009, until the publication of an OLC memo gave some tech companies the ability to refuse NSLs asking for ECTRs. Indeed, there’s reason to believe some companies — notably including AT&T — still provide some records beyond those listed in the 2008 OLC memo with just an NSL.

But what happened next is critical for understanding why FBI wants this change now. When ECTR collection moved from NSLs to Section 215 orders starting in 2009, the number of 215 orders spiked from about 30 to about 200, and with that, court mandated minimization procedures spiked, and remained elevated, until FBI finally adopted minimization procedures mandated by the 2006 reauthorization of the authority after Edward Snowden’s leaks (which makes me wonder whether they were actually following FISC-ordered minimization in the interim). Given that we know the spike in 215 orders stemmed from ECTR requests, that has to mean that FISC believed this collection was sufficiently intrusive on innocent people that it needed to be minimized.

Side note: it’s possible that those 175 ECTR records a year were bulky records: more systematic collection on orders issued four times a year, just like the phone dragnet orders, in lieu of tens of thousands of orders obtained via an NSL prior to that. If that’s the case, it’s possible that USA Freedom Act’s limits on bulk have posed a problem for some, though not all, of this bulky collection. In most cases with a designated suspect, as with Mateen, the FBI could still get the records with a subpoena.

This would push through the more expansive of two ECTR efforts

There are actually two efforts to let the FBI obtain ECTRs via NSL. This amendment, which is largely similar to Cornyn’s amendment to ECPA reform, and language already approved in the Intelligence Authorization (see section 803 at pp 64-65) for next year. The Intel Authorization version basically just adds “ECTRs” to the records available under 18 USC 2709.

request the name, address, length of service, local and long distance toll billing records, and electronic communication transactional records of a person or entity, but not the contents of an electronic communication,

The amendment that will get a vote tomorrow, however, lays out what can be obtained in much greater detail with this list:

(A) Name, physical address, e-mail address, telephone number, instrument number, and other similar account identifying information.

(B) Account number, login history, length of service (including start date), types of service, and means and sources of payment for service (including any card or bank account information).

(C) Local and long distance toll billing records.

(D) Internet Protocol (commonly known as ‘IP’) address or other network address, including any temporarily assigned IP or network address, communication addressing, routing, or transmission information, including any network address translation information (but excluding cell tower information), and session times and durations for an electronic communication.

There are three big differences in the Cornyn version. The Cornyn amendment affirmatively permits FBI to obtain payment information. The Cornyn amendment affirmatively permits a lot more information, in addition to that financial information, that is used to correlate identities (things like all types of service used, all possible types of “address” or instrument number, and IP generally; see this post for more on correlations). Finally, Cornyn lays out that ECTRs include IP address information.

Nicholas Merrill described the significance of IP address information in a declaration he submitted, with the explanation, “I believe that the public would be alarmed if they knew what kinds of records the FBI apparently believes constitute ECTR,” in his bid to unseal the NSL he received.

Electronic communication service providers can maintain records of the IP addresses assigned to particular individuals and of the electronic communications involving that IP address. These records can identify, among other things, the identity of an otherwise anonymous individual communicating on the Internet, the identities of individuals in communication with one another, and the web sites (or other Internet content) that an individual has accessed.

Electronic communication service providers can also monitor and store information regarding web transactions by their users. These transaction logs can be very detailed, including the name of every web page accessed, information about the page’s content, the names of accounts accessed, and sometimes username and password combinations. This monitoring can occur by routing all of a user’s traffic through a proxy server or by using a network monitoring system.

Electronic communication service providers can also record internet “NetFlow” data. This data consists of a set of packets that travel between two points. Routers can be set to automatically record a list of all the NetFlows that they see, or all the NetFlows to or from a specific IP address. This NetFlow data can essentially provide a complete history of each electronic communications service used by a particular Internet user.

[snip]

Web servers also often maintain logs of every request that they receive and every web page that is served. This could include a complete list of all web pages seen by an individual, all search terms, names of email accounts, passwords, purchases made, names of other individuals with whom the user has communicated, and so on.

Content Delivery Networks, such as Akamai and Limelight Networks, are availability networks that popular websites use to increase the speed at which their content is delivered to users. For example, many of the country’s top media, entertainment, and electronic commerce companies use Akamai’s services to store images and other rich content so that users can download their pages more quickly. These Content Delivery Networks record every image, webpage, video clip, or other “object” downloaded by every user of their client websites. Content Delivery Networks can therefore serve as independent sources of a user’s web browsing history through the records that they store.

In 2004, when Merrill got his NSL, the FBI included Cell Site Location Information in its definition of ECTR. That is excluded here, but there are ways FBI can obtain general location information from IP address and other data included in ECTRs.

FBI likely would (and will, if and when the Intel Authorization passes) argue that ECTRs include the items identified by Merrill even if passed without the specifying language that appears in the Cornyn amendment. But with the language specifying login history and IP metadata, Cornyn’s gets much closer to admitting that this kind of information is what FBI is really after.

And, as noted, we should assume the reason FBI wants the gags associated with NSLs is to hide what they’re getting even more than from whom they’re getting it.

Long live the allegedly never used Lone Wolf

I said above that the amendment that will get a vote tomorrow is almost the same as the Cornyn amendment was. With regards to the NSL language, they’re virtually identical. But tomorrow’s amendment extends the Lone Wolf provision of the PATRIOT Act — which FBI keeps telling Congress they have never ever used — forever.

I suspect FBI is being disingenuous when they say the Lone Wolf has never been used. I suspect that it, like the roaming wiretap provision, was used by the FISA Court as a concept to justify approving something else. For example, a number of Americans have had FISA warrants deeming them agents of a foreign power even without ever speaking to a member of an actual terrorist group. I suspect — and this is just a wildarsed guess — that FISC will treat a foreign extremist and/or a non-Al Qaeda/ISIS jihadist forum as a lone wolf in concept (the law itself only applies here in the US), thereby finding the ties between the American and that non-formal Islamic extremist entity to reach the bar of agent of a foreign power via foreign-located lone wolf.

If I’m right, the lone wolf provision exists not so much because it has proven necessary as Congress understands it, but as a gimmick to get more Americans treated as foreign agents by FISC. Again, if I’m right, someday this will be disclosed in court (or understood by enough trial judges that it starts being a problem). But if this amendment passes, there will not be an easy time to review the use of lone wolf.

Why didn’t the GOP push this on USA Freedom Act?

There’s one more point I find notable about this. The USA Freedom Act affected both NSL and Section 215 orders last year, both of which are central to the question of how FBI obtains ECTRs. It also extended the Lone Wolf provision to December 15, 2019. In other words, Congress just legislated on precisely these issues, and USA Freedom Act would have been the appropriate time to make changes that might be necessary.

So why didn’t FBI and Comey do that last year?

Update: With respect to this last question, I’ve been informed that there was a behind the scenes effort to add ECTRs to USAF, though not one that ever made a public draft of the bill.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

John Cornyn Wants to Pass Law Letting FBI Collect Information on Omar Mateen It Already Collected

The bodies from Sunday’s Orlando massacre are not yet buried, but that hasn’t stopped John Cornyn from trying to use their deaths to expand surveillance that would not have stopped the attack.

Cornyn told reporters yesterday he will use the attack to push to include Electronic Communications Transaction Records in the things FBI can obtain with a National Security Letter.

Senator John Cornyn of Texas, the No. 2 Senate Republican, pointed to a longstanding request by the FBI to expand the scope of electronic records — such as web browsing history — agents could sweep up from companies in terrorism investigations without obtaining a court order.

“They could go and get additional information, like metadata, who he’s e-mailing, the websites he’s accessing. Not content,” Cornyn told reporters Monday.

[snip]

Legislation dealing with the FBI’s surveillance powers — something that has been requested by FBI Director James Comey — could come to the Senate floor as soon as this week as part of a debate on the spending bill that funds law enforcement.

“This was the No. 1 legislative priority of the FBI according to James Comey, and those sort of additional surveillance tools could have provided the FBI more information, which would have allowed them to identify this guy as the threat that he obviously was,” Cornyn said.

In his push for new authorities, Cornyn actually claimed that if the FBI had obtained Omar Mateen’s ECTRs, it “could have provided the FBI more information” which would have “allowed” the FBI to “identify this guy as the threat that he obviously was.”

But even the article quotes (but does not unpack) Jim Comey explaining why Cornyn’s claim that ECTRs would have helped the FBI identify Mateen as a threat is complete bullshit: because FBI obtained his ECTRs.

Our investigation involved introducing confidential sources to him, recording conversations with him, following him, reviewing transactional records from his communications, and searching all government holdings for any possible connections, any possible derogatory information. We then interviewed him twice.

John Cornyn wants to give FBI the authority to obtain what they obtained (presumably via a subpoena), promising that obtaining the same records via a parallel authority somehow would have tipped the FBI that he was a threat when the very same ECTRs didn’t do so obtained via subpoena.

The claim is so stupid I can only assume former judge, TX Attorney General, and longtime Senate Judiciary Committee member has no fucking clue what he’s talking about.

And based on that position of authority, Cornyn wants us to believe we need to pass this law?

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Connecting the Dots on the Hillary Emails

I maintain my belief that it is unlikely Hillary will be implicated in the investigation into her email practices, though it is quite possible that top aides like Jake Sullivan or Huma Abedin would be.

That said, I want to put three pieces of data together that have made me less sure of that — or the potential scope of this investigation.

The first is this AP story showing that top Clinton aides sought, but did not obtain, a blackberry like device that Hillary would have been able to use in a SCIF. [See update]

Clinton’s desire for a secure “BlackBerry-like” device, like that provided to President Barack Obama, is recounted in a series of February 2009 exchanges between high-level officials at the State Department and NSA. Clinton was sworn in as secretary the prior month, and had become “hooked” on reading and answering emails on a BlackBerry she used during the 2008 presidential race.

“We began examining options for (Secretary Clinton) with respect to secure ‘BlackBerry-like’ communications,” wrote Donald R. Reid, the department’s assistant director for security infrastructure. “The current state of the art is not too user friendly, has no infrastructure at State, and is very expensive.”

Reid wrote that each time they asked the NSA what solution they had worked up to provide a mobile device to Obama, “we were politely told to shut up and color.”

Resolving the issue was given such priority as to result in a face-to-face meeting between Clinton chief of staff Cheryl Mills, seven senior State Department staffers with five NSA security experts. According to a summary of the meeting, the request was driven by Clinton’s reliance on her BlackBerry for email and keeping track of her calendar. Clinton chose not to use a laptop or desktop computer that could have provided her access to email in her office, according to the summary.

Standard smartphones are not allowed into areas designated as approved for the handling of classified information, such as the block of offices used by senior State Department officials, known by the nickname “Mahogany Row” for the quality of their paneling. Mills said that was inconvenient, because they had to leave their offices and retrieve their phones to check messages.

The story shows that some top aides (and presumably Hillary herself) were aware of the security concerns tied to using a blackberry in a SCIF (though Judicial Watch president Tom Fitton’s statement that this shows an awareness of security concerns with the blackberry may overstate things).

Perhaps the most telling detail comes from this no-comment from former Department of Justice Director of Public Affairs, Brian Fallon:

Clinton campaign spokesman Brian Fallon declined to comment Wednesday.

Fallon has generally been much chattier about the drip drip drip tied to this story.

In any case, this story puts revelations in a Fox story from last week, describing Clinton sysadmin Bryan Pagliano’s testimony as “devastating” because he helped tie the use of particular devices to particular times.

The source said Pagliano told the FBI who had access to the former secretary of state’s system – as well as when – and what devices were used, amounting to a roadmap for investigators.

“Bryan Pagliano is a devastating witness and, as the webmaster, knows exactly who had access to [Clinton’s] computer and devices at specific times. His importance to this case cannot be over-emphasized,” the intelligence source said.

The source, who is not authorized to speak on the record due to the sensitivity of the ongoing investigation, said Pagliano has provided information allowing investigators to knit together the emails with other evidence, including images of Clinton on the road as secretary of state.

The cross-referencing of evidence could help investigators pinpoint potential gaps in the email record. “Don’t forget all those photos with her using various devices and it is easy to track the whereabouts of her phone,” the source said. “It is still boils down to a paper case. Did you email at this time from your home or elsewhere using this device? And here is a picture of you and your aides holding the devices.”

Knowing that the FBI has evidence that Clinton’s aides sought a way to obtain a secure blackberry, the detail that they’re tying emails sent to what device they were sent from, suggests they may be trying to tie individual emails, and their content, to the device they were sent from. And remember, there’s an entire Tumblr of pictures of Hillary using her (non-secure) blackberry.

Now consider what I laid out in this post, when John Cornyn made it clear Attorney General Loretta Lynch is the final decision maker on whether to act on an FBI recommendation to convene a grand jury and move toward an indictment.

Cornyn: If the FBI were to make a referral to the Department of Justice to pursue criminal charges against Mr. Pagliano or anyone else who may have been involved in this affair, does the ultimate decision whether to proceed to court, to ask for the convening of a grand jury, and to seek an indictment, does that rest with you, or someone who works for you at the Department of Justice?

Lynch: So Senator with respect to Mr. Pagliani [sic] or anyone who has been identified as a potential witness in any case, I’m not able to comment on the specifics of that matter and so I’m not able to provide you–

Cornyn: I’m not asking you to comment on the specifics of the matter, I’m asking about what the standard operating procedure is, and it seems pretty straightforward. The FBI does a criminal investigation, but then refers the charges to the Department of Justice, including US Attorneys, perhaps in more celebrated cases goes higher up the food chain. But my simple question is doesn’t the buck stop with you, in terms of whether to proceed, to seek an indictment, to convene a grand jury, and to prosecute a case referred to you by the FBI?

This felt like Cornyn had been sent by someone very high up in FBI (which is probably why Lynch responded so forcefully to make clear she’s the boss of everyone at the Bureau) to pressure the Attorney General to let them convene a grand jury. Now, it appears the basis for any grand jury is not just sending classified emails, but where and on what device those emails got sent.

Again, I still think Hillary is most likely safe. But I’m beginning to see how FBI might want to make a criminal case of sending classified information using insecure blackberries knowing they were insecure.

Update: Here are the emails. Note this seems to target Cheryl Mills more than Sullivan or Abedin (note her departure briefing is in there). It shows Mills directly receiving a bunch of briefing from NSA about the insecurities of BBs.

Also note: contrary to the emphasis of the AP piece, the issue appears not to be that NSA wasn’t doing what they could do, but instead that Hillary’s key staffers can be shown to have gotten technical briefing on the problems with BBs.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

In Exchange about Clinton Email Investigation, Lynch Forcefully Reminds She Is FBI’s Boss

There’s one last exchange in Wednesday’s Senate Judiciary Committee hearing with Attorney General Loretta Lynch that deserves closer focus. It came during John Cornyn’s round of questioning.

He structured his questions quite interestingly. He started by using the example of the Apple All Writs Act order to emphasize that FBI can’t do anything without DOJ’s approval and involvement. “I just want to make sure people understand the respective roles of different agencies within the law enforcement community — the FBI and the DOJ.”

He then turned to an unrelated subject — mental health, particularly as it relates to gun crime — ending that topic with a hope he and Lynch could work together.

Then he came back to the respective roles of the FBI and DOJ. “So let me get back to the role of the FBI and the Department of Justice.”

He did so in the context of Hillary’s email scandal. He started by reminding that Hillary had deleted 30,000 emails rather than turning them over to State for FOIA review. Cornyn then raised reports that the government had offered Bryan Pagliano immunity (Chuck Grassley argued elsewhere in the hearing that that should make it easy for Congress to demand his testimony, as the WSJ has also argued). “It’s true, isn’t it, that immunity can’t be granted by the FBI alone, it requires the Department of Justice to approve that immunity.”

Lynch filibustered, talking about different types of immunities, ultimately ceding that lawyers must be involved. She refused to answer a question directly about whether they had approved that grant of immunity. Which is when Cornyn moved onto trying to get the Attorney General to admit that she would have the final decision on whether to charge anyone in the email scandal.

Cornyn: Let me give you a hypothetical. If the FBI were to make a referral to the Department of Justice to pursue a case by way of an indictment and to convene a grand jury for that purpose, the Department of Justice is not required to do so by law, are they?

Lynch: It would not be an operation of law, it would be an operation of our procedures, which is we work closely with our law enforcement partners–

Cornyn: Prosecutorial discretion–

Lynch: –it would also be consulting with the Agents on all relevant factors of the investigation, and coming to a conclusion.

Cornyn: But you would have to make to the decision, or someone else working under you in the Department of Justice?

Lynch: It’s done in conjunction with the Agents. It’s not something that we would want to cut them out of the process. That has not been an effective way of prosecuting in my experience.

Cornyn: Yeah, I’m not suggesting that you would cut them out. I’m just saying, as you said earlier, you and the FBI would do that together, correct? Just like the Apple case?

Lynch: We handle matters together of all types.

Cornyn: If the FBI were to make a referral to the Department of Justice to pursue criminal charges against Mr. Pagliano or anyone else who may have been involved in this affair, does the ultimate decision whether to proceed to court, to ask for the convening of a grand jury, and to seek an indictment, does that rest with you, or someone who works for you at the Department of Justice?

Lynch: So Senator with respect to Mr. Pagliani [sic] or anyone who has been identified as a potential witness in any case, I’m not able to comment on the specifics of that matter and so I’m not able to provide you–

Cornyn: I’m not asking you to comment on the specifics of the matter, I’m asking about what the standard operating procedure is, and it seems pretty straightforward. The FBI does a criminal investigation, but then refers the charges to the Department of Justice, including US Attorneys, perhaps in more celebrated cases goes higher up the food chain. But my simple question is doesn’t the buck stop with you, in terms of whether to proceed, to seek an indictment, to convene a grand jury, and to prosecute a case referred to you by the FBI?

Lynch: There’s many levels of review, at many stages of the case, and so I would not necessarily be involved in every decision as to every prosecutorial step to make.

Cornyn: It would be you or somebody who works for you, correct?

Lynch: Everyone in the Department of Justice works for me, including the FBI, sir.

Cornyn: I’m confident of that.

Grassley: Senator Schumer.

Schumer: Well done, Attorney General, well done.

I’m not entirely sure what to make of this: whether Cornyn was setting this up for the future, or whether he was trying to lay out Lynch’s responsibility for a decision already made. But given the reports that FBI Agents think someone should be charged (whether because of the evidence or because Hillary is Hillary), it sure felt like Cornyn was trying to pressure Lynch for her role in decisions already discussed. Indeed, I wonder whether Cornyn was responding to direct entreaties from someone at the FBI, possibly quite high up at the FBI, about Lynch’s role in this case.

Whatever he was trying to do, it may lead to some folks in the FBI getting a stern talking to from their boss, Loretta Lynch.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.