Posts

It Is False and Defamatory to Accuse WikiLeaks of a Bunch of Things that Aren’t the Key Allegations against It

WikiLeaks decided it was a good idea to release a long list of claims about Julian Assange and WikiLeaks that it considers defamatory. Emma Best obtained and liberated the list. Given that the list clearly attempts (unsuccessfully in some places, and hilariously in other places where they deem matters of opinion defamatory) to be factually correct, I’m interested in the way WikiLeaks uses the list to try to deny a bunch of things that might end up in a US criminal indictment.

The US is only angry with Assange because Ecuador has lots of debt

Pretty far down the list, WikiLeaks denies being gagged for claims made about Sergey Skripal in such a way as to falsely suggest the only concerns the US had over Assange came to do with debt pressure.

It is false and defamatory to suggest that Ecuador isolated and gagged Mr. Assange due to his comments on Sergei Skripal [in fact, he was isolated over his refusal to delete a factually accurate tweet about the arrest of the president of Catalonia by Spain in Germany, along with U.S. debt pressure on Ecuador. The president of Ecuador Lenin Moreno admitted that these two countries were the issue, see https://defend.wikileaks.org/about-julian/].

It’s nonsensical to claim that Assange was gagged just because of debt pressure, but it’s a good way to hide how the timing of his gag correlated with actions he took to piss of the US government, including by releasing a live CIA malware file.

The US charged Assange for actions it already decided not to charge him for, on which statutes of limitation have expired

The rest of the list is sprinkled with efforts to spin the US government’s legal interest in Assange. There’s an extended series of items that attempt to claim, as WikiLeaks has since DOJ accidentally revealed the existence of a recently filed complaint against Assange, that the charges instead relate to long-past publications (like Cablegate).

It is false and defamatory to deny that Julian Assange has been formally investigated since 2010 and charged by the U.S. federal government over his publishing work [it is defamatory because such a claim falsely imputes that Mr. Assange’s asylum is a sham and that he is a liar, see https://defend.wikileaks.org/].

It is false and defamatory to suggest that such U.S. charges have not been confirmed [in fact, they have, most recently by Associated Press (AP) and the Washington Post in November 2018].
– It is false and defamatory to suggest that the U.S. government denies the existence of such charges.
– It is false and defamatory to suggest that Julian Assange is not wanted for extradition by the U.S. government [in fact, public records from the Department of Justice show that the U.S. government says it had been intentionally concealing its charges against Mr. Assange from the public specifically to decrease his ability to “avoid arrest and extradition”].
– It is false and defamatory to suggest that the U.S. government has not publicly confirmed that it has an active grand jury, or pending or prospective proceedings, against Julian Assange or WikiLeaks, each year since 2010.

These claims are all true. WikiLeaks has been under investigation since well before 2010. There are charges that the US would like to extradite Assange for.

But all the public evidence suggests those charges relate to WikiLeaks’ recent actions, almost certainly involving Vault 7 and probably involving Russia’s election year operation.

Julian Assange is not a hacker, which is different from being someone who solicits or assists in hacks

WikiLeaks makes repeated claims that might appear to deny that the organization has solicited or assisted in hacks. The list denies that the DNC (which doesn’t have all the evidence Mueller does) has accused Assange of soliciting hacks of the DNC or Podesta. (Everywhere, this list is silent about the DCCC and other election year targets).

It is false and defamatory to suggest that the Democratic National Committee has claimed that Julian Assange directed, conspired, or colluded to hack the Democratic National Committee or John Podesta [in fact, the DNC makes no such claim: https://www.courthousenews.com/wp-content/uploads/2018/12/WikiLeaksDNC.pdf].

It denies that France has claimed that the MacronLeaks came from Russia (which again stops short of saying that the MacronLeaks came from Russia).

It is false and defamatory to suggest that the French government found that “MacronLeaks” were hacked by Russia [in fact, the head of the French cyber-security agency, ANSSI, said that they did not have evidence connecting the hack with Russia, see https://wikileaks.org/macron-emails/].

It denies that Assange has hacked the state of Ecuador (but not the Embassy of Ecuador or other states, including the US or Iceland).

It is false and defamatory to suggest that Julian Assange has ever hacked the state of Ecuador.

And it denies that Assange is, himself, a hacker.

It is false and defamatory to suggest that Julian Assange is a “hacker”.

All of these hacking denials stop well short of denying that WikiLeaks has solicited hacks before, including by publicizing a “most wanted” list that Russian hackers might respond to.

Mueller described WikiLeaks as an unindicted co-conspirator but that doesn’t mean Mueller has any interest in the organization

Close to the top of the list, WikiLeaks makes two claims to suggest the organization and Assange are not targets in the Mueller investigation.

It is false and defamatory to suggest that WikiLeaks or Julian Assange has ever been contacted by the Mueller investigation.

It is false and defamatory to suggest that there is any evidence that the U.S. charges against Julian Assange relate to the Mueller investigation.

This is misdirection hiding a great deal of evidence that WikiLeaks is a target in the Mueller investigation. The list is silent, for example, on whether Congressional investigators have contacted Assange, whether Assange ultimately did accept SSCI’s renewed request last summer to meet with Assange, and whether Assange demanded immunity to travel to the US to respond to such inquiries.

Nor does WikiLeaks deny having been described — in a fashion usually reserved for unindicted co-conspirators — in a Mueller indictment.

WikiLeaks doesn’t deny that WikiLeaks denied Russians were its source for 2016 materials

WikiLeaks twice denies, in very similar language, that it suggested that Seth Rich was its source for the DNC emails.

It is false and defamatory to suggest that WikiLeaks or Julian Assange claimed that any person or entity was their source for WikiLeaks’ 2016 U.S. election publications [it is defamatory because Julian Assange’s professional reputation is substantially based on source protection].

[snip]

It is false and defamatory to suggest that WikiLeaks or Julian Assange has ever stated or suggested that any particular person was their source for any publication, including Seth Rich.

A good lawyer would be able to sustain a claim that Assange had indeed “suggested” that Rich was his source, though it would make an interesting legal battle.

But when WikiLeaks denies feeding Seth Rich conspiracies, it does so only by denying the most extreme conspiracy, that the Democrats had Rich killed.

It is false and defamatory to suggest that WikiLeaks or Julian Assange has ever published, uttered or tried to promote alleged conspiracy theories claiming “John Podesta engaged in satanic rituals”, the “Democratic Party had Seth Rich Killed”, “Clinton wore earpieces to the 2016 US election debates”, on “Clinton’s health” or “Clinton kidnapping children”.

All of this, of course, dodges the way that WikiLeaks repeatedly tried to claim that Russia was not its ultimate source for the 2016 files.

Should we take the silence on this point as an admission?

Marcy Wheeler is false and defamatory

Finally, there are four claims relating to Vault 7, three of which pertain to my coverage of the way WikiLeaks attempted to leverage the Vault 7 releases in conversations with the Trump Administration. WikiLeaks denies that the two times Assange suggested to the President’s spawn that he should be made an ambassador to the US constituted an effort by WikiLeaks to get Trump to appoint Assange ambassador (note, this is also a denial that Assange tried to serve in another diplomatic role, which is different than being Ambassador).

It is false and defamatory to suggest that WikiLeaks tried to have the Trump administration appoint Julian Assange as an ambassador or to have any other person or state appoint him as an ambassador.

I find it notable that this claim departs from the form used in many of these denials, speaking for both Assange and WikiLeaks.

Then the list twice denies that Assange suggested he wouldn’t release the Vault 7 files if the Trump Administration provided him immunity.

It is false and defamatory to suggest that Julian Assange has ever extorted the United States government.

It is false and defamatory to suggest that Julian Assange has ever proposed that he not publish, censor or delay a publication in exchange for any thing.

Assange would and will claim that the discussions with Adam Waldman where just this arrangement was floated are protected by Attorney-Client privilege. But Waldman may have said enough to people at DOJ to refute this denial regardless.

Finally, WikiLeaks insisted it has never retracted any of the bullshit claims it made about its Vault 7 files.

It is false and defamatory to suggest that any of WikiLeaks’ claims about its 2017 CIA leak, Vault 7, “were later retracted”.

Given that one of the claims directly parroted the bullshit claims Shadow Brokers was making, a claim it made in a release that will probably be part of the charges against it, this non-retraction doesn’t necessarily help it much.

Note that one other thing WikiLeaks is silent about here are its public statements about Joshua Schulte, whose attempts to continue leaking from jail the FBI got on video. I find that interesting both for WikiLeaks’ attempt to corroborate Schulte’s thin excuse for using Tor after he was charged, and for its relative silence about whether he would be a whistleblower if he were its source for CIA’s hacking tools.

Update: WikiLeaks has released a revised version that takes out, among other things, the Ambassador claim, the Seth Rich claims, and also a denial that it is close to Russia.

As I disclosed last July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Government Requests Harsh New Conditions Governing Joshua Schulte’s Access to Classified Discovery

When we last heard from Joshua Schulte, he had been thrown in solitary in response to FBI’s discovery that he had a cellphone in his jail cell at Metropolitan Correctional Center, after which FBI discovered he had other devices and 13 email and social media accounts.

In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.

Today, the government asked for supplemental protective order governing Schulte’s access to a special secure facility from which he can review classified discovery. Among other things, it requires his attorney to be searched for devices upon entering the facility, it requires him to remain in manacles throughout the time he is there, and sets up a clean team to monitor both what happens in the room and the computer the defense uses to review discovery.

The defense council will be screened for electronic devices prior to entering the SCIF when she meets with her client. Once inside the Secure Area, the defendant will be allowed to meet with cleared counsel during normal business hours. The Secure Area contains equipment (the “Computer Equipment”) to allow the defendant and cleared defense counsel to review the Classified Information produced by the Government. The Computer Equipment shall be used only for purposes of preparing the defense, and is enabled to log computer activity occurring on the equipment and is equipped with security measures. These logs may be reviewed by law enforcement agents or personnel who are not involved in the prosecution of the defendant (the “Wall Team”). In the event the Wall Team determines the Computer Equipment has been used in an unauthorized manner, including by attempting to circumvent any security measures or logging features, the Wall Agent will report that information to the CISO, who will notify the Court for further action.

When the defendant is present in the Secure Area, the Secure Area will be monitored for security purposes through closed circuit television (“CCTV”) by the Marshals and an authorized FBI agent for all scheduled productions. The CCTV will allow only for visual monitoring of the defendant and cleared defense counsel, and will not include audio. The CCTV will not be recorded. Should any Marshal or member of the Wall Team hear any conversation between the defendant and any of his counsel, those conversations will not be communicated to any member of the government prosecution team, including, but not limited to attorneys, agents, and support staff.

The Defendant will be in full restraints during the time he is in the SCIF and secured to a bolt in the floor. The Defendant will be stripped searched after departing the SCIF at the conclusion of each session. The Defense attorney will sign a waiver of liability due to the fact she will be alone and in close proximity to the defendant. The USMS reserves the right to terminate these meetings if security issues arise during any session.

While there’s no hint that one of Schulte’s defense attorneys was responsible for the past acquisition of contraband, the FBI sure seems intent on making sure that avenue isn’t possible going forward.

I believe when Schulte was arraigned on the new charge of leaking from jail, the government said that CIA hadn’t continued to give Schulte access to classified information after he left. Which suggests the stuff he tried to leak from jail included information he saw in discovery (presumably including how the FBI figured out he was the one leaking CIA’s tools).

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The Year Long Trump Flunky Effort to Free Julian Assange

The NYT has an unbelievable story about how Paul Manafort went to Ecuador to try to get Julian Assange turned over. I say it’s unbelievable because it is 28 paragraphs long, yet it never once explains whether Assange would be turned over to the US for prosecution or for a golf retirement. Instead, the story stops short multiple times of what it implies: that Manafort was there as part of paying off Trump’s part of a deal, but the effort stopped as soon as Mueller was appointed.

Within a couple of days of Mr. Manafort’s final meeting in Quito, Robert S. Mueller III was appointed as the special counsel to investigate Russian interference in the 2016 election and related matters, and it quickly became clear that Mr. Manafort was a primary target. His talks with Ecuador ended without any deals.

The story itself — which given that it stopped once Mueller was appointed must be a limited hangout revealing that Manafort tried to free Assange, complete with participation from the spox that Manafort unbelievably continues to employ from his bankrupt jail cell — doesn’t surprise me at all.

After all, the people involved in the election conspiracy made multiple efforts to free Assange.

WikiLeaks kicked off the effort at least by December, when they sent a DM to Don Jr suggesting Trump should make him Australian Ambassador to the US.

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM

Weeks later, Hannity would go to the Embassy to interview Assange. Assange fed him the alternate view of how he obtained the DNC emails, a story that would be critical to Trump’s success at putting the election year heist behind him, if it were successful. Trump and Hannity pushed the line that the hackers were not GRU, but some 400 pound guy in someone’s basement.

Then the effort actually shifted to Democrats and DOJ. Starting in February through May 2017, Oleg Deripaska and Julian Assange broker Adam Waldman tried to convince Bruce Ohr or Mark Warner to bring Assange to the US, using the threat of the Vault 7 files as leverage. In February, Jim Comey told DOJ to halt that effort. But Waldman continued negotiations, offering to throw testimony from Deripaska in as well. He even used testimony from Christopher Steele as leverage.

This effort has been consistently spun by the Mark Meadows/Devin Nunes/Jim Jordan crowd — feeding right wing propagandists like John Solomon — as an attempt to obstruct a beneficial counterintelligence discussion. It’s a testament to the extent to which GOP “investigations” have been an effort to spin an attempt to coerce freedom for Assange.

Shortly after this effort failed, Manafort picked it up, as laid out by the NYT. That continued until Mueller got hired.

There may have been a break (or maybe I’m missing the next step). But by the summer, Dana Rohrabacher and Chuck Johnson got in the act, with Rohrabacher going to the Embassy to learn the alternate story, which he offered to share with Trump.

Next up was Bill Binney, whom Trump started pushing Mike Pompeo to meet with, to hear Binney’s alternative story.

At around the same time, WikiLeaks released the single Vault 8 file they would release, followed shortly by Assange publicly re-upping his offer to set up a whistleblower hotel in DC.

Those events contributed to a crackdown on Assange and may have led to the jailing of accused Vault 7 source Joshua Schulte.

In December, Ecuador and Russia started working on a plan to sneak Assange out of the Embassy.

A few weeks later, Roger Stone got into the act, telling Randy Credico he was close to winning Assange a pardon.

These efforts have all fizzled, and I suspect as Mueller put together more information on Trump’s conspiracy with Russia, not only did the hopes of telling an alternative theory fade, but so did the possibility that a Trump pardon for Assange would look like anything other than a payoff for help getting elected. In June, the government finally got around to charging Schulte for Vault 7. But during the entire time he was in jail, he was apparently still attempting to leak information, which the government therefore obtained on video.

Ecuador’s increasing crackdown on Assange has paralleled the Schulte prosecution, with new restrictions, perhaps designed to provide the excuse to boot Assange from the Embassy, going into effect on December 1.

Don’t get me wrong: if I were Assange I’d use any means I could to obtain safe passage.

Indeed, this series of negotiations — and the players involved — may be far, far more damning for those close to Trump. Sean Hannity, Oleg Deripaska, Paul Manafort, Chuck Johnson, Dana Rohrabacher, Roger Stone, and Don Jr, may all worked to find a way to free Assange, all in the wake of Assange playing a key role in getting Trump elected. And they were conducting these negotiations even as WikiLeaks was burning the CIA’s hacking tools.

Time Machine: 2011 to 2012 WikiLeaks Is not 2018 WikiLeaks

Since DOJ confirmed last week that it does have at least one sealed criminal complaint against Julian Assange, WikiLeaks has adopted a notable defense strategy. In most of their responses, WikiLeaks has claimed a continuity between what it has done in the last two years and what it was doing in 2010, when the US government first took aggressive action against WikiLeaks.

For example, this timeline claims vindication of persistent claims among WikiLeaks supporters that Assange had already been indicted, even while linking to reports that make it clear DOJ has changed its approach recently (and ignoring, entirely, the NYT report that says the charge dates to this summer and which WikiLeaks’ Twitter feed attacks elsewhere).

November: US prosecutors inadvertently reveal that Julian has been charged under seal (i.e., confidentially) in the US – something which WikiLeaks and others have long said but which has been denied by some US officials. The document making the admission was written by Assistant US Attorney Kellen S Dwyer. The Wall Street Journal reports that “over the past year, US prosecutors have discussed several types of charges they could potentially bring against Mr. Assange”. It notes that charges against Julian could include violating the US Espionage Act, which criminalises releasing information regarding US national defence.

Assange’s UK lawyer, Jennifer Robinson, did the same in an appearance with MSNBC. She claimed  that the charge came out of the investigation started in 2010 in response to WikiLeaks’ publication of US Diplomatic cables, the Iraq war logs, the Afghan war logs, which she argues (correctly, I’d agree) was demonstrated to be in the public interest and had been published by other media outlets, including the NYT. She says this criminal charge proves it was correct for Assange to have sought asylum from Ecuador. And she emphasized that Assange would be extradited “for publishing truthful information.” She repeated “public interest” over and over.

Another Tweet RTed by WikiLeaks claims that Assange had been indicted as early as 2011 and the Australian government knew about it.

Finally, another Tweet purports to lay out the possible charges against Assange, which it describes as:

  • Espionage: 18 U.S.C. § 793(d) – imprisonment up to 10 years
  • Conspiracy to commit espionage: 18 U.S.C. § 793(g) – imprisonment up to 10 years
  • The theft or conversion of property belonging to the United States government: 18 U.S.C. § 641 – imprisonment up to 10 years
  • Violation of the Computer Fraud and Abuse Act: 18 U.S.C. § 1030 – imprisonment up to 10 years
  • (general) Conspiracy: 18 U.S.C. § 371 – imprisonment up to 5 years

It bases that claim on this post from early 2015 describing the late 2014 notice to WikiLeaks of warrants served on Google two and a half years earlier (so around June 2012, which is when Assange first took refuge in the Ecuadorian embassy).

In other words, WikiLeaks is working public opinion by pretending it is being prosecuted for the stuff it did in 2011, even to the point of claiming that news of a recent complaint proves that Assange has been indicted all this time. It is true that the prosecutor who made the cut-and-paste error that revealed the existence of a complaint, Kellen Dwyer, has reportedly been on the WikiLeaks investigative team for years. But that doesn’t mean, at all, that the US prosecution is in any way related to those earlier actions.

The reports of both the WSJ and NYT seem to prove the opposite. Whether because the Trump Administration that WikiLeaks worked so hard to elect turned out to be far less respectful of freedom of the press than the Obama Administration, or because the US started collecting more aggressively on WikiLeaks and therefore learned more about its operations, or because the nature of Assange’s more recent actions are fundamentally different from what he did in 2011, DOJ came to charging Assange this summer when Eric Holder refused to do so. Indeed, while no one has confirmed this one way or another, the assumption has been that Assange’s charges relate either to his involvement in the 2016 Russian hack-and-leak (though that would presumably be charged in DC) or his involvement in the 2017 Vault 7 and Vault 8 files as well as his exploitation of them.

The possible crimes may have expanded, too. Espionage is definitely still a possibility, particularly given how DOJ charged accused Vault 7 leaker Joshua Schulte, including possibly suggesting his leaks were designed to help another nation (presumably Russia). If Assange had advance knowledge of any of the Russian hacks (or the Peter Smith negotiated efforts to obtain Hillary’s server emails), he might be exposed to CFAA as well. And if he is charged by Mueller, he will surely be charged with at least one conspiracy charge as well; WikiLeaks was already described as an unindicted co-conspirator in the GRU indictment.

But there may well be other charges, starting with extortion or something akin to it for the way Assange tried to use the threat of the release of the Vault 7 documents to obtain a pardon. Some of his actions might also amount to obstruction. Yochai Benkler’s latest post also imagines Assange may have coordinated more closely with Russian intelligence, which might lead to different charges.

WikiLeaks’ attempts to rest on its earlier laurels is telling, for several reasons. It suggests they and their supporters don’t seem to want to defend Assange’s more recent actions. I find it remarkable, for example, that Robinson didn’t mention how many stories the NYT and WaPo wrote based on the 2016 files, which would support her argument that the files were newsworthy.

The attempt to pretend Assange is being prosecuted for his earlier actions seems to serve another purpose — to defend his years of asylum claims, which are also the basis for his claims to be a victim of US political targeting (and the premise for his demands for immunity on threat of releasing the Vault 7 files). Don’t get me wrong. I think some of the things DOJ is known or suspected to have done in 2010 and 2011 are problematic. But those did not directly merit an asylum claim (and in fact they preceded Assange’s asylum claim by over a year).

That may, in turn, serve to obscure what Assange wanted immunity for in coercive negotiations that started in 2017: Was it 2011, his role in publishing the State cables? Or was it 2016, as his offers to explain what (he claims) really happened in 2016 would suggest?

Whichever it is, WikiLeaks seems to have a lot staked on making a defense of Assange’s 2011 activities. Which suggests they’re a lot less confident they can defend his 2016 and 2017 activities.

The Theory of Prosecution You Love for Julian Assange May Look Different When Applied to Jason Leopold

The WaPo confirmed something Seamus Hughes disclosed last night: Sometime before August 22, EDVA had filed a sealed complaint (not indictment) against Julian Assange.

WikiLeaks founder Julian Assange has been charged under seal, prosecutors inadvertently revealed in a recently unsealed court filing — a development that could significantly advance the probe into Russian interference in the 2016 election and have major implications for those who publish government secrets.

The disclosure came in a filing in a case unrelated to Assange. Assistant U.S. Attorney Kellen S. Dwyer, urging a judge to keep the matter sealed, wrote that “due to the sophistication of the defendant and the publicity surrounding the case, no other procedure is likely to keep confidential the fact that Assange has been charged.” Later, Dwyer wrote the charges would “need to remain sealed until Assange is arrested.”

Dwyer is also assigned to the WikiLeaks case. People familiar with the matter said what Dwyer was disclosing was true, but unintentional.

The confirmation closely follows a WSJ story describing increased confidence that the US will succeed in extraditing Assange for trial.

The confirmation that Assange has been charged has set off a frenzy, both among Assange supporters who claim this proves their years of claims he was indicted back in 2011 and insisting that charging him now would amount to criminalizing journalism, and among so-called liberals attacking Assange lawyer Barry Pollack’s scolding of DOJ for breaking their own rules.

I’ve long been on record saying that I think most older theories of charging Assange would be very dangerous for journalism. More recently, though, I’ve noted that Assange’s actions with respect to Vault 7, which had original venue in EDVA where the Assange complaint was filed (accused leaker Joshua Schulte waived venue in his prosecution), go well beyond journalism. That said, I worry DOJ may have embraced a revised theory on Assange’s exposure that would have dire implications for other journalists, most urgently for Jason Leopold.

There are, roughly, four theories DOJ might use to charge Assange:

  • Receiving and publishing stolen information is illegal
  • Conspiring to release stolen information for maximal damage is illegal
  • Soliciting the theft of protected information is illegal
  • Using stolen weapons to extort the US government is illegal

Receiving and publishing stolen information is illegal

The first, theory is the one that Obama’s DOJ rejected, based on the recognition that it would expose NYT journalists to prosecution as well. I suspect the Trump Administration will have the same reservations with such a prosecution.

Conspiring to release stolen information for maximal damage is illegal

The second imagines that Assange would be charged for behavior noted in the GRU indictment — WikiLeaks’ solicitation, from someone using the persona of Guccifer 2.0, of material such that it would be maximally damaging to Hillary Clinton.

On or about June 22, 2016, Organization 1 sent a private message to Guccifer 2.0 to “[s]end any new material [stolen from the DNC] here for us to review and it will have a much higher impact than what you are doing.” On or about July 6, 2016, Organization 1 added, “if you have anything hillary related we want it in the next tweo [sic] days prefable [sic] because the DNC [Democratic National Convention] is approaching and she will solidify bernie supporters behind her after.” The Conspirators responded, “ok . . . i see.” Organization 1 explained, “we think trump has only a 25% chance of winning against hillary . . . so conflict between bernie and hillary is interesting.”

After failed attempts to transfer the stolen documents starting in late June 2016, on or about July 14, 2016, the Conspirators, posing as Guccifer 2.0, sent Organization 1 an email with an attachment titled “wk dnc link1.txt.gpg.” The Conspirators explained to Organization 1 that the encrypted file contained instructions on how to access an online archive of stolen DNC documents. On or about July 18, 2016, Organization 1 confirmed it had “the 1Gb or so archive” and would make a release of the stolen documents “this week.”

Significantly, WikiLeaks (but not Roger Stone) was referred to in the way an unidicted co-conspirator normally is, not named, but described in such a way to make its identity clear.

This is a closer call. There is a Supreme Court precedent protecting journalists who publish stolen newsworthy information. But it’s one already being challenged in civil suits in ways that have elicited a lot of debate. Prosecuting a journalist for trying to do maximal damage actually would criminalize a great deal of political journalism, starting with but not limited to Fox. Note that when the founders wrote the First Amendment, the norm was political journalism, not the so-called objective journalism we have now, so they certainly didn’t expect press protections to be limited to those trying to be fair to both sides.

Such a charge may depend on the degree to which the government can prove foreknowledge of the larger agreement with the Russians to damage Hillary, as well as the illegal procurement of information after WikiLeaks expressed an interest in information damaging Hillary.

Mueller might have evidence to support this (though there’s also evidence that WikiLeaks refused to publish a number of things co-conspirators leaked to them, including but not limited to the DCCC documents). The point is, we don’t know what the fact pattern on such a prosecution would look like, and how it would distinguish the actions from protected politically engaged journalism.

Soliciting the theft of protected information is illegal

Then there’s the scenario that Emma Best just hit on yesterday: that DOJ would prosecute Assange for soliciting hacks of specific targets. Best points to Assange’s close coordination with hackers going back to at least 2011 (ironically, but in a legally meaningless way, with FBI’s mole Sabu).

This is, in my opinion, a possible way DOJ would charge Assange that would be very dangerous. I’m particularly worried because of the way the DOJ charged Natalie Mayflower Edwards for leaking Suspicious Activity Reports to Jason Leopold. Edwards was charged with two crimes: Unauthorized Disclosure of Suspicious Activity Reports and Conspiracy to Make Unauthorized Disclosures of Suspicious Activity Reports (using the same Conspiracy charge that Mueller has been focused on).

In addition to describing BuzzFeed stories relying on SARs that Edwards saved to a flash drive by October 18, 2017 and then January 8, 2018, it describes a (probably Signal) conversation from September 2018 where Leopold — described in the manner used to describe unindicted co-conspirators — directed Edwards to conduct certain searches for material that ended up in an October story on Prevezon, a story published the day before Edwards was charged.

As noted above, the October 2018 Article regarded, among other things, Prevezon and the Investment Company. As recently as September 2018, EDWARDS and Reporter-1 engaged in the following conversation, via the Encrypted Application, in relevant part:

EDWARDS: I am not getting any hits on [the CEO of the Investment Company] do you have any idea what the association is if I had more information i could search in different areas

Reporter-1: If not on his name it would be [the Investment Company]. That’s the only other one [The CEO] is associated with Prevezon Well not associated His company is [the Investment Company]

Based upon my training and experience, my participation in the investigation, and my conversations with other law enforcement agents familiar with the investigation, I believe that in the above conversation, EDWARDS was explaining that she had performed searches of FinCEN records relating to Prevezon, at Reporter-l’s request, in order to supply SAR information for the October 2018 Article.

Edwards still has not been indicted, two weeks after her arraignment. That suggests it’s possible the government is trying to persuade her to plead and testify against Leopold in that conspiracy, thereby waiving indictment. The argument, in that case, would be that Leopold went beyond accepting stolen protected information, to soliciting the theft of the information.

This is the model a lot of people are embracing for an Assange prosecution, and it’s something that a lot of journalists not named Jason Leopold also do (arguably, it’s similar but probably more active than what James Rosen got dubbed a co-conspirator in the Stephen Jin-Woo Kim case).

Charging Leopold in a bunch of leaks pertaining to Russian targets would be a nice way (for DOJ, not for journalism) to limit any claim that just Assange was being targeted under such a theory. Indeed, it would placate Trump and would endanger efforts to report on what Mueller and Congress have been doing. Furthermore, it would be consistent with the aggressive approach to journalists reflected in the prosecution of James Wolfe for a bunch of leaks pertaining to Carter Page, which involved subpoenaing years of Ali Watkins’ call records.

In short, pursuing Leopold for a conspiracy to leak charge would be consistent with — and for DOJ, tactically advantageous — the theory under which most people want Assange charged.

Using stolen weapons to extort the US government is illegal

Finally, there’s the fourth possibility, and one I think is highly likely: charging Assange for his serial efforts to extort a pardon from the US government by threatening to release the Vault 7 (and ultimately, a single Vault 8 live malware) files.

This post shows how, starting in January 2017, Assange (and Oleg Deripaska) representative Adam Waldman was reaching out to top DOJ officials trying to negotiate a deal and using the release of the Vault 7 documents as leverage.

This post shows how, the second time Assange tweeted Don Jr asking for an Ambassadorship, he included a threatening reference to Vault 8, WikiLeaks’ name for the actual malware stolen and leaked from CIA, the first file from which Assange had released days earlier.

[B]ack in November 2017, some outlets began to publish a bunch of previously undisclosed DMs between Don Jr and Wikileaks. Most attention focused on Wikileaks providing Don Jr access to an anti-Trump site during the election. But I was most interested in Julian Assange’s December 16, 2016 “offer” to be Australian Ambassador to the US — basically a request for payback for his help getting Trump elected.

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM

In the wake of the releases, on November 14, 2017, Assange tweeted out a follow-up.

As I noted at the time, the offer included an implicit threat: by referencing “Vault 8,” the name Wikileaks had given to its sole release, on November 9, 2017 of an actual CIA exploit (as opposed to the documentation that Wikileaks had previously released), Assange was threatening to dump more hacking tools, as Shadow Brokers had done before it. Not long after, Ecuador gave Assange its first warning to stop meddling in other countries politics, explicitly pointing to his involvement in the Catalan referendum but also pointing to his tampering with other countries. That warning became an initial ban on visitors and Internet access in March of this year followed by a more formal one on May 10, 2018 that remains in place.

Notably, Ecuador may have warned Assange back then to stop releasing America’s malware from their Embassy; those warnings have laid the groundwork for the rigid gag rules recently imposed on Assange on risk of losing asylum.

Immediately after this exchange, accused Vault 7/8 leaker Joshua Schulte had some Tor accesses which led to him losing bail. They didn’t, however, lead BOP to take away his multiple devices (!?!?!). Which means that when they raided his jail cell on or around October 1, they found a bunch of devices and his activity from 13 email and social media accounts. Importantly, DOJ claims they also obtained video evidence of Schulte continuing his efforts to leak classified information.

The announcement of that raid, and the additional charges against Schulte, coincided with a period of increased silence from WikiLeaks, broken only by last night’s response to the confirmation Assange had been charged.

I think it possible and journalistically safe to go after Assange for releasing stolen weapons to extort a criminal pardon. But most of the other theories of prosecuting Assange would also pose real risks for other journalists that those rooting for an Assange prosecution appreciate and rely on.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

US Government Reveals It Has Video Evidence of Joshua Schulte Sharing Classified Information as Ecuador Restricts Assange’s Legal Visits

In a letter sent Thursday to Paul Crotty, the judge in the case of alleged Vault 7 WikiLeaks source, Joshua Schulte, prosecutors described the investigation conducted when, “in or about early October 2018,” they discovered he had been communicating clandestinely with third parties outside of the Metropolitan Corrections Center, where he has been held since December. They described discovering a truly stupendous amount of communications gear to store in a jail cell, amounting to multiple cell phones and other devices, from which Schulte was running 13 email and social media accounts.

In or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC. The Government and the FBI immediately commenced an investigation into Schulte’s conduct at the MCC. That investigation involved, among other things, the execution of six search warrants and the issuance of dozens of grand jury subpoenas and pen register orders. Pursuant to this legal process, in the weeks following the Government’s discovery of Schulte’s conduct at the MCC, the FBI has searched, among other things, the housing unit at the MCC in which Schulte was detained; multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices.

Now, the prosecutors use that word “encrypted” twice, as if it means extra spooky, but these days, a cellphone with significant encryption could mean an iPhone (though in jail Schulte might be able to get state of the art spook or crook phones) and “encrypted email accounts” often means ProtonMail.

In any case, that’s a whole lot of legal process for a one month investigation of someone sitting in a jail cell (Schulte was moved to solitary when the investigation started on October 1), but then Schulte allegedly had a shit-ton of hardware. The 6 search warrants were presumably used for Schulte’s devices, and the “dozens of grand jury subpoenas and pen registers” would probably have been used for those email and social media accounts, perhaps with both used for each account (I have a working theory that for encrypted comms it may take more than one pen register to get the data).

Schulte was using all this hardware and software, according to the prosecutors, to — among other things — do two things: send details about the search warrants to investigate him, as well as yet more classified information, to third parties.

As a result of these searches and other investigative steps, the Government discovered that Schulte had, among other things, (i) transmitted classified information to third parties, including by using an encrypted email account, and (ii) transmitted the Protected Search Warrant Materials to third parties in direct contravention of the Court’s Protective Order and the Court’s statements at the May 21 conference.

The prosecutors included a superseding indictment with their letter, adding two extra counts to his already life sentence-threatening indictment: a new Count Eleven, which is contempt of court for blowing off the protective order covering his search warrant starting in April, and a new Count Four, which is another count of transmitting and attempting to transmit unlawfully possessed national defense information (793(e)) during the period he has been in MCC.

With regards to Count Eleven, on Monday a letter Schulte sent to Judge Crotty that was uploaded briefly to PACER (I believe this is the third time Schulte has succeeded in getting such letters briefly uploaded to the docket), revealing that he had been moved to solitary, but also complaining about corrections the government had made to his original search warrant:

I beg you Judge Crotty to read the first search warrant affidavit and the government’s Brady letter; the FBI outright lied in that affidavit and now acknowledge roughly half of these lies. Literally, they [sic] “error” on seeing dates of 3/7 where there were only 3/2 dates and developing their entire predicate based on fallacious reasoning and lies. They “error” in seeing three administrators where there were “at least 5” (ie. 10). They [sic] “error” in where the C.I. was stolen who had access, and how it could be taken — literally everything.

While I absolutely don’t rule out the government either focused on Schulte back in March 2017 for reasons not disclosed in the search warrant application, or that they parallel constructed the real reasons badly (both of which would be of significant interest, but both of which his very competent public defender can deal with), the docket suggests the Vault 7 case against him got fully substantiated after the porn case, perhaps because of the stuff he did last year on Tor that got him jailed in the first place. As I noted, that Tor activity closely followed one of Julian Assange’s more pubic extortion attempts using the Vault 8 material Schulte is accused of sharing, though Assange has made multiple private extortion attempts both before and since.

Which brings me to the second new charge, transmitting and attempting to transmit national defense information to a third party, with a time span of December 2017 to October 2018. Effectively, the government claims that even after Schulte was jailed last December, he continued to share classified information.

I’m particularly interested in the government’s use of “attempted” in that charge, not used elsewhere. The time period they lay out, after all, includes a period when Ecuador restricted Julian Assange’s communication. Effectively, the government revealed on Wednesday that they have video evidence of Schulte sharing classified information with … someone.

Meanwhile, in the Ecuadoran embassy in London, things have been heating up between Assange and his hosts.

About halfway through the period after which Schulte had been put into solitary so the government could investigate a bunch of communications devices they claim they didn’t know about before around October 1, Ecuador announced what seemed to be a relaxation of restrictions on Assange, but actually was more of an ultimatum. He could have visitors, but first they’d have to apply 3 days in advance and supply their social media handles and identifying details for any devices they wanted to bring with them. Assange, too, has to register all his devices, and only use Ecuador’s wifi. If anyone uses unapproved devices, they’ll be deemed a security threat to Ecuador under the protection of the UK, basically giving the UK reason to prosecute them to protect Ecuador. Assange has to have regular medical exams; if he has a medical emergency, he’ll be treated off site. Starting on December 1, he has to start paying for food and other supplies. He has to start cleaning up the joint. He has to start taking care of his cat.

Assange immediately sued over the new rules. But he lost that suit on Monday. But even as he appeals that verdict, according to Courage Foundation, Ecuador has restricted even legal visits, something that hadn’t been the case before. Those restrictions appear to have been put in place on Wednesday, the same day the new Schulte charges were rolled out. They’ll remain in place until Monday.

A piece by Ryan Goodman and Bob Bauer renewed discussion this morning about the First Amendment limits on suing or prosecuting WikiLeaks for conspiring with Russia to swing the 2016 election; I hope to respond to it later, but wrote about the same lawsuit in this post. I think their view dangerously risks political journalism.

But I also think that you don’t necessarily need to charge WikiLeaks in the conspiracy to sustain a conspiracy charge; you can make them unindicted co-conspirators, just like Trump would be. I have long noted that you could charge Assange, instead, for his serial attempts to extort the United States, an effort that has gone on for well over 18 months using the very same files that Schulte is alleged to have leaked to WikiLeaks (extortion attempts which may also involve Roger Stone). Assange has accomplished those extortion attempts, in part, with the assistance of his lawyers, who up until this week (as far as I understand from people close to Assange) were still permitted access to him.

Say. Have I observed yet that these events are taking place in the last days before Mueller’s election season restrictions end?

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

The Assange Exfiltration Would Have Taken Place in the Wake of Joshua Schulte Tor Activity

The Guardian has a wild story about a joint Ecuadorian-Russian attempt to spring Julian Assange from the embassy. The idea was that he’d be snuck out of the Embassy in a diplomatic vehicle and sent to live in either Russia or Ecuador.

Sources said the escape plot involved giving Assange diplomatic documents so that Ecuador would be able to claim he enjoyed diplomatic immunity. As part of the operation, Assange was to be collected from the embassy in a diplomatic vehicle.

Four separate sources said the Kremlin was willing to offer support for the plan – including the possibility of allowing Assange to travel to Russia and live there. One of them said that an unidentified Russian businessman served as an intermediary in these discussions.

A single source claims that the plan was supposed to take place on Christmas Eve of last year.

The operation to extract Assange was provisionally scheduled for Christmas Eve in 2017, one source claimed, and was linked to an unsuccessful attempt by Ecuador to give Assange formal diplomatic status.

[snip]

Assange’s Christmas Eve escape was aborted with just days to go, one source claimed. Rommy Vallejo, the head of Ecuador’s intelligence agency, allegedly travelled to the UK on or around 15 December 2017 to oversee the operation and left London when it was called off.

In February Vallejo quit his job and is believed to be in Nicaragua. He is under investigation for the alleged kidnapping in 2012 of a political rival to Correa.

I’m not 100% convinced about that timing for two reasons. First, because related events — Assange receiving Ecuadorian citizenship and Ecuador requesting he be given diplomatic status — only got reported in January.

The Foreign Office has turned down a request from the Ecuadorian government to grant the WikiLeaks founder, Julian Assange, diplomatic status as a means of breaking the stalemate over his continued presence in the UK.

The development comes amid reports that Assange – an Australian who has been holed up in the Ecuadorian embassy for more than five years – has recently become a citizen of the South American state.

If awarded the status of a diplomat, it is thought, Assange could obtain certain rights to legal immunity and might be able to leave the embassy in Knightsbridge, and eventually the UK, without being arrested for breaching his former bail conditions.

Also, when Fidel Narváez denied involvement to the Guardian, he denied meetings with Russia this year, not last (though that’s just as likely non-denial denial).

Two sources familiar with the inner workings of the Ecuadorian embassy said that Fidel Narváez, a close confidant of Assange who until recently served as Ecuador’s London consul, served as a point of contact with Moscow.

In an interview with the Guardian, Narváez denied having been involved in discussions with Russia about extracting Assange from the embassy.

Narváez said he visited Russia’s embassy in Kensington twice this year as part of a group of “20-30 more diplomats from different countries”. These were “open-public meetings”, he said, that took place during the “UK-Russian crisis” – a reference to the aftermath of the novichok poisoning of Sergei and Yulia Skripal in March.

That said, assuming the diplomatic request went in sometime in advance of the reporting on it, then the timing does make sense.

And that’s interesting because it would mean the Ecuadorian-Russian attempt to exfiltrate Assange would have happened in the wake of accused Vault 7 leaker Joshua Schulte endangering his bail by hopping on Tor to do … we don’t know what. Whatever he did, however, it led to Schulte’s detention in MCC and ultimately his delayed indictment for leaking the Vault 7 documents.

November 9, 2017: Wikileaks publishes Vault 8 exploit

November 14, 2017: Assange posts Vault 8 Ambassador follow-up

November 14, 2017: Arrest warrant in VA

November 15, 2017: Charged in Loudon County for sexual assault

November 16, 2017: Use of Tor

November 17, 2017: Use of Tor

November 26, 2017: Use of Tor

November 29, 2017: Abundance of caution, attorney should obtain clearance

November 30, 2017: Use of Tor

December 5, 2017: Use of Tor, Smith withdraws

December 7, 2017: NYPD arrests on VA warrant for sexual assault

December 12, 2017: Move for detention, including description of email and Tor access

Separately, since the defendant was released on bail, the Government has obtained evidence that he has been using the Internet. First, the Government has obtained data from the service provider for the defendant’s email account (the “Schulte Email Account”), which shows that the account has regularly been logged into and out of since the defendant was released on bail, most recently on the evening of December 6, 2017. Notably, the IP address used to access the Schulte Email Account is almost always the same IP address associated with the broadband internet account for the defendant’s apartment (the “Broadband Account”)—i.e., the account used by Schulte in the apartment to access the Internet via a Wi-Fi network. Moreover, data from the Broadband Account shows that on November 16, 2017, the Broadband Account was used to access the “TOR” network, that is, a network that allows for anonymous communications on the Internet via a worldwide network of linked computer servers, and multiple layers of data encryption. The Broadband Account shows that additional TOR connections were made again on November 17, 26, 30, and December 5.

[snip]

First, there is clear and convincing evidence that the defendant has violated a release condition—namely, the condition that he shall not use the Internet without express authorization from Pretrial Services to do so. As explained above, data obtained from the Schulte Email Account and the Broadband Account strongly suggests that the defendant has been using the Internet since shortly after his release on bail. Especially troubling is the defendant’s apparent use on five occasions of the TOR network. TOR networks enable anonymous communications over the Internet and could be used to download or view child pornography without detection. Indeed, the defendant has a history of using TOR networks. The defendant’s Google searches obtained in this investigation show that on May 8, 2016, the defendant conducted multiple searches related to the use of TOR to anonymously transfer encrypted data on the Internet. In particular, the defendant had searched for “setup for relay,” “test bridge relay,” and “tor relay vs bridge.” Each of these searches returned information regarding the use of interconnected computers on TOR to convey information, or the use of a computer to serve as the gateway (or bridge) into the TOR network.

Which is to say, things were falling apart in this period. And the response, tellingly, was for the Russians to try to find a way to exfiltrate Assange.

Update: Reuters describes the timing as still more problematic.

Ecuador last Dec. 19 approved a “special designation in favor of Mr. Julian Assange so that he can carry out functions at the Ecuadorean Embassy in Russia,” according to the letter written to opposition legislator Paola Vintimilla.

“Special designation” refers to the Ecuadorean president’s right to name political allies to a fixed number of diplomatic posts even if they are not career diplomats.

But Britain’s Foreign Office in a Dec. 21 note said it did not accept Assange as a diplomat and that it did not “consider that Mr. Assange enjoys any type of privileges and immunities under the Vienna Convention,” reads the letter, citing a British diplomatic note.

More and more this looks like an attempt to legally exfiltrate him.

And/Or: An Ominous Sign for WikiLeaks in the Joshua Schulte Indictment

There’s been a lot of attention paid to the language in the GRU indictment from Friday showing WikiLeaks asking to receive stolen Hillary emails in time to cause maximal outrage among Bernie supporters.

On or about June 22, 2016, Organization I sent a private message to Guccifer 2.0 to “[s]end any new material [stolen from the DNC] here for us to review and it will have a much higher impact than what you are doing.” On or about July 6, 2016, Organization 1 added, “if you have anything hillary related we want it in the next tweo [sic] days prefable [sic] because the DNC [DemocraticNationalConvention] is approaching and she Will solidify bernie supporters behind her after.” The Conspirators responded,“0k . . . i see.” Organization I explained,“we think trump has only a 25% chance of winning against hillary . . . so conflict between bernie and hillary is interesting.”

But I want to look at a minor–but potentially significant–detail in the Joshua Schulte indictment describing how he provided CIA’s hacking tools to WikiLeaks. The description of Count Two, Illegal Transmission of Lawfully Possessed National Defense Information, reads like this:

In or about 2016, in the Eastern District of Virginia and elsewhere, JOSHUA ADAM SCHULTE, the defendant, lawfully having possession of, access to, control over, and being entrusted with information relating to the national defense, to wit, certain portions of the Classified Information, which information the defendant had reason to believe could be used to the injury of the United States and to the advantage of a foreign nation, did knowingly and willfully communicate, deliver and transmit, and cause to be communicated, delivered, and transmitted, that aforesaid information to a person not entitled to receive it, to wit, Schulte caused the Classified information to be transmitted to Organization-1.

(Title 18, United States Code, Sections 793(d) and 2.)

The “and” there was pointed out to me by GDingers on Twitter.

As GDingers noted, the suggestion that Schulte knew a foreign nation (unnamed, but surely Russia if DOJ had any specific one, backed by evidence, in mind) would benefit, along with the US being damaged, is a fairly strong statement, one implicating WikiLeaks as well.

Moreover, that language didn’t have to be in the indictment. Here’s what the statutory language looks like:

Whoever, lawfully having possession of, access to, control over, or being entrusted with any document, writing, code book, signal book, sketch, photograph, photographic negative, blueprint, plan, map, model, instrument, appliance, or note relating to the national defense, or information relating to the national defense which information the possessor has reason to believe could be used to the injury of the United States or to the advantage of any foreign nation, willfully communicates, delivers, transmits or causes to be communicated, delivered, or transmitted or attempts to communicate, deliver, transmit or cause to be communicated, delivered or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it on demand to the officer or employee of the United States entitled to receive it; [my emphasis]

The statutory language uses “or.” DOJ chose, in this indictment, to use “and.” As Secrecy News’ Steven Aftergood suggested via email, asserting both in the indictment sets a higher mens rea bar for proving Schulte’s guilt. DOJ didn’t have to do so, but they did.

So along with exposing Schulte to 130 years of potential prison time — a life sentence even accounting for how it will work in sentencing — DOJ wants to prove that Schulte leaked CIA’s hacking tools not just to hurt the United States but to help another nation, possibly Russia by name.

That bodes poorly for Schulte. But it also suggests a different kind of role for WikiLeaks than prior discussions have made out.

Update: Nerdyatty suggested that this is a DOJ practice. Except that Count One, charging a different part of 18 USC 793, maintains the “or” of the statute:

… with intent or reason to believe that the information is to be used to the injury of the United States, or to the advantage of any foreign nation … [my emphasis]

Which tracks this language from the statute:

Whoever, for the purpose of obtaining information respecting the national defense with intent or reason to believe that the information is to be used to the injury of the United States, or to the advantage of any foreign nation,

[snip]

Whoever, for the purpose aforesaid, and with like intent or reason to believe, [my emphasis]

John Solomon’s Baby Assange

There are two telling details that John Solomon left out of this story, suggesting Jim Comey blew an opportunity to prevent the damage done by WikiLeaks’ Vault 7 leak (and, purportedly, to learn the “real” source of the DNC emails), based on a “trove” of documents but posting only fragments of 5. First, Solomon doesn’t include this text, showing Adam Waldman issuing an extortion threat stating Assange “is going to do something catastrophic for the dems, Obama, CIA and national security.”

Solomon is also silent about the recent indictment of anti-Obama former CIA hacker Joshua Schulte for stealing all these CIA files. Notably, Solomon doesn’t note that as this was going on, the FBI had obtained probable cause search warrants against Schulte. Having left out those key details (and surely, a bunch of other once included in his “trove” that don’t help the latest right wing narrative), Solomon produces the convenient narrative that Jim Comey personally hurt the government.

“He told me he had just talked with Comey and that, while the government was appreciative of my efforts, my instructions were to stand down, to end the discussions with Assange,” Waldman told me. Waldman offered contemporaneous documents to show he memorialized Warner’s exact words.

Waldman couldn’t believe a U.S. senator and the FBI chief were sending a different signal, so he went back to Laufman, who assured him the negotiations were still on. “What Laufman said to me after he heard I was told to ‘stand down’ by Warner and Comey was, ‘That’s bullshit. You are not standing down and neither am I,’” Waldman recalled.

Solomon pays no consideration to the ongoing investigation, no consideration to the fact that if Comey stood down, he did so in the face of threats to the Democrats (though it’s not clear why they’d be at fault), which as always is contrary to the hoaxes against Comey. More importantly, Solomon doesn’t answer the question posed, but not answered, here: whether Assange was seeking to meet at a cafe in London, or whether he wanted to come to the US and get a pardon once he got here.

The real punchline — the one we may see come back — is the claim that Jim Comey, on top of refusing an extortion attempt directed at the Democrats, also prevented — or maybe this isn’t about the FBI at all — from learning the real story behind the DNC hack.

Not included in the written proffer was an additional offer from Assange: He was willing to discuss technical evidence ruling out certain parties in the controversial leak of Democratic Party emails to WikiLeaks during the 2016 election. The U.S. government believes those emails were hacked by Russia; Assange insists they did not come from Moscow.

[snip]

Soon, the rare opportunity to engage Assange in a dialogue over redactions, a more responsible way to release information, and how the infamous DNC hacks occurred was lost — likely forever.

In honesty, this looks like an effort to set up the next campaign to suggest that Comey prevented the “truth” about the DNC hack from coming out because it would undermine the alleged Witch Hunt into Trump. It also looks like the first of three efforts to tee up the alternate explanation for the DNC hack in exchange for a Trump pardon, which resumed by August (and therefore which wasn’t a forever thing).

It also makes it clear that Vault 7 was entirely about extortion.

Timeline

January 12: Bruce Ohr considers Waldman’s offer

February 3: Laufman reaches out to Waldman

February 4: Wikileaks first pitches Vault 7

February 15: Waldman reaches out to Warner

February 16: Waldman issues extortion threat against Democrats

February 17: Warner says he’s got important call (with Comey), relays stand down order

March 7: Wikileaks releases first Vault 7 documents

March 13, 2017: Google search warrant on Schulte

Mid-March: Waldman contacts Laufman, suggests Assange is interested

March 20, 2017: Search on Schulte (including of cell phone, from which passwords to his desktop obtained)

March 23: Second Vault 7 release

March 28: Safe passage offer not including details about hack

March 31: Third Vault 7 release

April 5: Laufman asks whether Assange wants safe passage into London or to the US

April 7: Wikileaks posts third dump, which Solomon suggests was the precipitating leak for Mike Pompeo’s declaration of Wikileaks as non-state intelligence service (these are weekly dumps by this point)

Two Days after Julian Assange Threatened Don Jr, Accused Vault 7 Leaker Joshua Schulte Took to Tor

Monday, the government rolled out a superseding indictment for former NSA and CIA hacker Joshua Schulte, accusing him (obliquely) of leaking the CIA’s hacking tools that became the Vault 7 release from Wikileaks. The filings in his docket (as would the search warrants his series of defense attorneys would have seen) make it clear that the investigation into him, launched just days after the first CIA release, was always about the CIA leak. But when the government took his computer last spring, they found thousands of child porn pictures dating back to 2009. It took the government over three months and a sexual assault indictment in VA to convince a judge to revoke his bail last December, and then another six months to solidify the leaking charges they had been investigating him from the start.

But the case appears to have taken a key turn on November 16, 2017, when he did something — it’s not clear what — on the Tor network. While there are several things that might explain why he chose to put his release at risk by accessing Tor that day, it’s notable that it occurred two days after Julian Assange tweeted publicly to Donald Trump Jr that he’d still be happy to be Australian Ambassador to the US, implicitly threatening to release more CIA hacking tools.

Schulte was, from days after the initial Vault 7 release, apparently the prime suspect to be the leaker. As such, the government was always interested in what Schulte was doing on Tor. In response to a warrant to Google served in March 2017, the government found him searching, on May 8, 2016, for how to set up a Tor bridge (Schulte has been justifiably mocked for truly abysmal OpSec, and Googling how to set up a bridge is one example). That was right in the middle of the time he was deleting logs from his CIA computer to hide what he was doing on it.

When he was granted bail, he was prohibited from accessing computers. But because the government had arrested him on child porn charges and remained coy (in spite of serial hold-ups with his attorneys regarding clearance to see the small number of classified files the government found on his computer) about the Vault 7 interest, the discussions of how skilled he was with a computer remained fairly oblique. But in their finally successful motion to revoke Schulte’s bail, the government revealed that Schulte had not only accessed his email (via his roommate, Schulte’s lawyer would later claim), but had accessed Tor five times in the previous month, on November 16, 17, 26, and 30, and on December 5, 2017, which appears to be when the government nudged Virginia to get NYPD to arrest him on a sexual assault charge tied to raping a passed out acquaintance at his home in VA in 2015.

Perhaps the most obvious explanation for why Schulte accessed Tor starting on November 16, 2017, is that he was trying to learn about the assault charges filed in VA the day before.

But there is a more interesting explanation.

As you recall, back in November 2017, some outlets began to publish a bunch of previously undisclosed DMs between Don Jr and Wikileaks. Most attention focused on Wikileaks providing Don Jr access to an anti-Trump site during the election. But I was most interested in Julian Assange’s December 16, 2016 “offer” to be Australian Ambassador to the US — basically a request for payback for his help getting Trump elected.

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM

In the wake of the releases, on November 14, 2017, Assange tweeted out a follow-up.

As I noted at the time, the offer included an implicit threat: by referencing “Vault 8,” the name Wikileaks had given to its sole release, on November 9, 2017 of an actual CIA exploit (as opposed to the documentation that Wikileaks had previously released), Assange was threatening to dump more hacking tools, as Shadow Brokers had done before it. Not long after, Ecuador gave Assange its first warning to stop meddling in other countries politics, explicitly pointing to his involvement in the Catalan referendum but also pointing to his tampering with other countries. That warning became an initial ban on visitors and Internet access in March of this year followed by a more formal one on May 10, 2018 that remains in place.

There’s a reason I think those Tor accesses may actually be tied to Assange’s implicit threat. In January of this year, when his then lawyer Jacob Kaplan made a bid to renew bail, he offered an excuse for those Tor accesses. He claimed Schulte was using Tor to research the diaries on his experience in the criminal justice system.

In this case, the reason why TOR was accessed was because Mr. Schulte is writing articles, conducting research and writing articles about the criminal justice system and what he has been through, and he does not want the government looking over his shoulder and seeing what exactly he is searching.

Someone posted those diaries to a Facebook account titled “John Galt’s Defense Fund” on April 20, 2018 (in addition to being an accused rapist and child porn fan, Schulte’s public postings show him to be an anti-Obama racist and an Ayn Rand worshiping libertarian).

Yesterday, Wikileaks linked those diaries, which strikes me as an attempt to corroborate the alibi Schulte has offered for his access to Tor last November.

The government seems to have let Schulte remain free for much of 2017, perhaps in search of evidence to implicate him in the Vault 7 release. Whether it was a response to a second indictment or to Assange’s implicit threats to Don Jr, Schulte’s use of Tor last year (and, surely, the testimony of the roommate he was using as a go-between) may have been one of the keys to getting the proof the government had been searching for since March 2017.

Whatever it is, both Wikileaks and Schulte would like you to believe he did nothing more nefarious than research due process websites when he put his bail at risk by accessing Tor last year. I find that a dubious claim.


2009: IRC discussions of child porn

2011 and 2012: Google searches for child porn

April 2015: Rapes a woman (possibly partner) who is passed out and takes pictures of it

March to June 2016: Schulte deleting logs of access to CIA computer

May 8, 2016: Schulte Googles how to set up a Tor bridge

November 2016: Leaves CIA, moves to NY, works for Bloomberg

December 16, 2016: Assange DM to Don Jr about becoming Ambassador

Hi Don. Hope you’re doing well! In relation to Mr. Assange: Obama/Clinton placed pressure on Sweden, UK and Australia (his home country) to illicitly go after Mr. Assange. It would be real easy and helpful for your dad to suggest that Australia appoint Assange ambassador to DC “That’s a really smart tough guy and the most famous australian you have! ” or something similar. They won’t do it, but it will send the right signals to Australia, UK + Sweden to start following the law and stop bending it to ingratiate themselves with the Clintons. 12/16/16 12:38PM

February 4, 2017: Wikileaks starts prepping Vault 7

March 7, 2017: Wikileaks starts releasing Vault 7

March 13, 2017: Google search warrant

March 20, 2017: Search (including of cell phone, from which passwords to his desktop obtained)

June 2017: Interview

August 17, 2017: Dana Rohrabacher tries to broker deal for Assange with Trump

August 23, 2017: Arrest affidavit

August 24, 2017: Arraignment

THE COURT: Well, it sounds like, based on the interview, that he knew what the government was looking at.

MR. LAROCHE: That wasn’t the basis of the interview, your Honor.

 

MR. KOSS: I think it was either two or three [interviews]. I think it was three occasions. I was there on all three, including one of which where we handed over the telephone and unblocked the password to the phone, which they did not have, and gave that to them. And as I said, I have been in constant contact with the three assistant U.S. attorneys working on this matter literally on a weekly basis for the last 4, 5, 6 months. And any time Mr. Schulte even thought about traveling, I provided them an itinerary. I cleared it with them first and made sure it was okay. On any occasion that they said they might want him close so that he could speak to them, I cancelled the travel and rescheduled it so that we would be available if they needed him at any given time.

October 2, 2017: Bail hearing

MR. LAROCHE: Well, I believe there still is a danger because it’s not just computers, your Honor, but electronic devices are all over society and easy to procure and this type of defendant having the type of knowledge he has does in terms of accessing things — so he has expertise and not only just generally computers but using things such as wiping tools that would allow him to access certain website and leave no trace of it. Those can be done from not just a computer but from other electronic devices.

But the child pornography itself is located on the defendant’s desktop computer. They can be accessed irrespective of those servers. So if all the government had was this desktop computer, we could recover the child pornography. So I think this idea that numerous people had access to the serves and potentially could have put it there, is simply a red herring. This was on the defendant’s desktop computer. And the location where it was found, this sub-folder within several layers of encryption, there were other personal information of the defendant in that area. There was his bank accounts. I think there was even a resume for the defendant where he was storing this information. And the passwords that were used to get into that location, those passwords were the same passwords the defendant used to access his bank account, to access various other accounts that are related to him. So this idea that he shared them with other people, the government just strongly disagrees.

October 11, 2017: Schulte lawyer Spiro withdraws

October 24, 2017: At Trump’s request Bill Binney meets with Mike Pompeo to offer alternate theory of the DNC hack

November 8, 2017: Status hearing

SMITH: I believe the government has told us that there’s more data in this case than in any other like case that they have prosecuted.

MR. STANSBURY: Let me just clarify that part first. We proposed this just in an abundance of caution given the defendant’s former employer and the fact that — and I meant to flag this before. I apologize now for not. There’s a small body of documents that were found in the defendant’s residence that were taken from his former employer that might implicate some classified issues. We have been in the process of having those reviewed and I think we’re going to be in a position to produce those in the next probably few days. But we wanted to just make sure that we were acting out of an abundance of caution in case any SEPA [sic] issues come about in the case. I don’t expect them too at this point but we wanted to do that out of an abundance of caution.

November 9, 2017: Wikileaks publishes Vault 8 exploit

November 14, 2017: Assange posts Vault 8 Ambassador follow-up

November 14, 2017: Arrest warrant in VA

November 15, 2017: Charged in Loudon County for sexual assault

November 16, 2017: Use of Tor

November 17, 2017: Use of Tor

November 26, 2017: Use of Tor

November 29, 2017: Abundance of caution, attorney should obtain clearance

November 30, 2017: Use of Tor

December 5, 2017: Use of Tor, Smith withdraws

December 7, 2017: NYPD arrests on VA warrant for sexual assault

December 12, 2017: Move for detention, including description of email and Tor access

Separately, since the defendant was released on bail, the Government has obtained evidence that he has been using the Internet. First, the Government has obtained data from the service provider for the defendant’s email account (the “Schulte Email Account”), which shows that the account has regularly been logged into and out of since the defendant was released on bail, most recently on the evening of December 6, 2017. Notably, the IP address used to access the Schulte Email Account is almost always the same IP address associated with the broadband internet account for the defendant’s apartment (the “Broadband Account”)—i.e., the account used by Schulte in the apartment to access the Internet via a Wi-Fi network. Moreover, data from the Broadband Account shows that on November 16, 2017, the Broadband Account was used to access the “TOR” network, that is, a network that allows for anonymous communications on the Internet via a worldwide network of linked computer servers, and multiple layers of data encryption. The Broadband Account shows that additional TOR connections were made again on November 17, 26, 30, and December 5.

[snip]

First, there is clear and convincing evidence that the defendant has violated a release condition—namely, the condition that he shall not use the Internet without express authorization from Pretrial Services to do so. As explained above, data obtained from the Schulte Email Account and the Broadband Account strongly suggests that the defendant has been using the Internet since shortly after his release on bail. Especially troubling is the defendant’s apparent use on five occasions of the TOR network. TOR networks enable anonymous communications over the Internet and could be used to download or view child pornography without detection. Indeed, the defendant has a history of using TOR networks. The defendant’s Google searches obtained in this investigation show that on May 8, 2016, the defendant conducted multiple searches related to the use of TOR to anonymously transfer encrypted data on the Internet. In particular, the defendant had searched for “setup for relay,” “test bridge relay,” and “tor relay vs bridge.” Each of these searches returned information regarding the use of interconnected computers on TOR to convey information, or the use of a computer to serve as the gateway (or bridge) into the TOR network.

December 14, 2017: US custody in NY

MR. KAPLAN: Well, your Honor, we’ve obtained the discovery given to prior counsel, and I’ve started to go through that. In addition, there was one other issue which I believe was raised at our prior conference, which was a security clearance for counsel to go through some of the national security evidence that might be present in the case.

While most of the national security stuff does not involve the charges, the actual charges against Mr. Schulte, the basis for the search warrants in this case involve national security.

So I’m starting the process with their office to hopefully get clearance to go through some of the information on that with an eye towards possibly a Franks motion going forward. So I would ask for more time just to get that rolling.

January 8, 2018: Bail appeal hearing

MR. KAPLAN: Judge, on the last court date, when we left, the idea was that we had consented to detention with the understanding that Mr. Schulte would be sent down to Virginia to face charges based on a Virginia warrant. None of that happened. Virginia never came to get him. Virginia just didn’t do anything in this case. But before I address the bail issues, I think it’s important that this Court hear the full story of how we actually get here. At one of the previous court appearances, I believe it was the November 8th date, this Court asked why the defense attorney in this case would need security clearance. And the answer that was given by one of the prosecutors, I believe, was that there was some top secret government information that was found in Mr. Schulte’s apartment, and that out of an abundance of caution it would be prudent that the defense attorney get clearance. But I don’t think that’s entirely accurate.

While the current indictment charges Mr. Schulte with child pornography, this case comes out of a much broader perspective. In March of 2017, there was the WikiLeaks leak, where 8,000 CIA documents were leaked on the Internet. The FBI believed that Mr. Schulte was involved in that leak. As part of their investigation, they obtained numerous search warrants for Mr. Schulte’s phone, for his computers, and other items, in order to establish the connection between Mr. Schulte and the WikiLeaks leak.

As we will discuss later in motion practice, we believe that many of the facts relied on to get the search warrants were just flat inaccurate and not true, and part of our belief is because later on, in the third or fourth search warrant applications, they said some of the facts that we mentioned earlier were not accurate. So we will address this in a Franks motion going forward, but what I think is important for the Court is, in April or May of 2017, the government had full access to his computers and his phone, and they found the child pornography in this case, but what they didn’t find was any connection to the WikiLeaks investigation. Since that point, from May going forward, although they later argued he was a danger to the community, they let him out; they let him travel. There was no concern at all. That changed when they arrested him in August on the child pornography case.

[snip]

The second basis that the government had in its letter for detaining Mr. Schulte was the usage of computers. In the government’s letter, they note how, if you search the IP address for Mr. Schulte’s apartment, they found numerous log-ons to his Gmail account, in clear violation of this court’s order. But what the government’s letter doesn’t mention is that Mr. Schulte had a roommate, his cousin, Shane Presnall, and this roommate, who the government and pretrial services knew about, was allowed to have a computer.

And more than that, based on numerous conversations, at least two conversations between pretrial services, John Moscato, Josh Schulte and Shane Presnall, it was Shane’s understanding that pretrial services allowed him to check Mr. Schulte’s e-mail and to do searches for him on the Internet, with the idea that Josh Schulte himself would not have access to the computer.

And the government gave 14 pages of log-on information to establish this point. And, Judge, we have gone through all 14 pages, and every single access and log-in corresponds to a time that Shane Presnall is in the apartment. His computer has facial recognition, it has an alphanumeric code, and there is no point when Josh Schulte is left himself with the computer without Shane being there, and that was their understanding.

LAROCHE: And part of that investigation is analyzing whether and to what extent TOR was used in transmitting classified information. So the fact that the defendant is now, while on pretrial release, using TOR from his apartment, when he was explicitly told not to use the Internet, is extremely troubling and suggests that he did willfully violate his bail conditions.

 

KAPLAN: In this case, the reason why TOR was accessed was because Mr. Schulte is writing articles, conducting research and writing articles about the criminal justice system and what he has been through, and he does not want the government looking over his shoulder and seeing what exactly he is searching.

 

LAROCHE: Because there is a classified document that is located on the defendant’s computer, it is extremely difficult, and we have determined not possible, to remove that document forensically and still provide an accurate copy of the desktop computer to the defendant.

So in those circumstances, defense counsel is going to require a top secret clearance in order to view these materials. It’s my understanding that that process is ongoing, and we have asked them to expedite it. As soon as the defendant’s application is in, we believe he will get an interim classification to review this material within approximately two to three weeks. Unfortunately, that hasn’t occurred yet. So the defendant still does not have access to that particular aspect of discovery. So we are working through that as quickly as we can.

January 17, 2018: Bail appeal denied

March 15, 2018: Sabrina Shroff appointed

March 28, 2018: Initial ban of Internet access and visitors for Assange

April 20, 2018: Schulte’s diaries (ostensibly the purpose of using Tor) posted

May 10, 2018: Ecuador bans visitors for Assange

May 16, 18, 2018: Documents placed in vault

May 16, 2018: Schulte Facebook site starts legal defense fund

June 18, 2018: Schulte superseding indictment

June 19, 2018: Wikileaks posts links to diary