Posts

Scooter Libby, Whom Trump Pardoned, Serves as Precedent for the CIPA Challenge His Prosecution Presents

If and when former President Trump goes on trial, the Classified Information Procedures Act will govern what information gets submitted at trial and in what form. I wrote about CIPA in conjunction with the Igor Danchenko case here. Former National Security Division prosecutor David Aaron wrote about it the other day.

I’d like to give three examples of what documents that have gone through the CIPA process look like.

First, here’s one of the many CIA cables introduced at Jeffrey Sterling’s trial (here’s a larger set). Sterling was convicted of leaking details about a scheme to use a former Russian nuclear scientist to deal fake blueprints to Iran in an attempt to bollox their nuclear program. The cables would include substitutions for all the organizational details of how CIA works, as well as for the names of the Russian — Merlin — and all the covert CIA officers involved. Entire paragraphs that weren’t crucial to the meaning of the document were redacted.

This particular document was 15 years old when it was used at trial. Most if not all of the Sterling exhibits were classified Secret.

This exhibit includes the parts of Josh Schulte’s prison notebook introduced at trial. This was tied to the allegation that he was launching an Information War from jail, planning to leak further classified information to damage the CIA.

The government was able to substitute the name of a cybersecurity company that had IDed one of the CIA’s hacking tools, so as to avoid confirming that the tool referred to as Bartender in the WikiLeaks release was the malware discussed in the vendor report. But several other things were entirely redacted — such as details of the role that Schulte played at the CIA.

Some of these redactions cover other information — such as his privileged material or stuff that’s particularly inflammatory.

Schulte wrote these notes in 2018; they were first introduced for his 2020 trial, then again for his trial last year.

The case that may present the most analogous challenges to a trial against Trump is the Scooter Libby case, which — like the documents charged against Trump — involved a lot of classified communications to the White House. Here are the exhibits used in his 2nd Grand Jury appearance, at which he lied to cover up the orders Dick Cheney gave him.

Many of these are CIA documents from which the classification markings and entire sentenced were redacted. Like two of the exhibits charged against Trump, these have hand-written notes — sometimes Libby’s, sometimes Cheney’s — which were important to the case. One HUMINT report involving Joe Wilson redacted all the front-matter, including the classification marks (in this case, the notation of Wilson’s name was the important bit).

Even still, the vast majority of the documents introduced at trial were still just classified Secret, not Top Secret with compartments like most of the documents charged against Trump.

The exceptions were often Libby’s notes of Daily Briefings (including PDBs), which he used as part of a gray-mail campaign to try to make the case impossible to try. Though they didn’t have any classification marks (as is true of a document charged against Trump), they were treated as TS/SCI.

Here’s one example of from Libby’s own notes:

The vast majority of this had to be declassified because it was central to the defense Libby was mounting. Just the Foreign Leader and the US official were masked.

The Libby documents are similar to those charged against Trump in another way. These were just 4 years old when presented at trial. If Trump were to go to trial next year, the most recent documents, from 2020, would be four years old.

These cases are all in different circuits than Trump would be prosecuted in. Nevertheless, given the scant number of CIPA cases, it’s possible that the case of Josh Schulte — about whose case was one of the first times Trump shared classified information — and Scooter Libby, whom Trump pardoned, will serve as precedents for his prosecution.

On Joshua Schulte’s Alleged Substantial Amount of CSAM … and Other Contraband

Yesterday, Judge Jesse Furman docketed a letter, impossibly dated March 23, updating him on the investigation into the Child Sexual Abuse Material allegedly found on WikiLeaks Vault 7 source, Josh Schulte’s discovery computer, six months ago (see this post for an explanation).

It described more about the CSAM material found on Schulte’s computer: The FBI had found “at least approximately 2,400 files on the laptop … likely containing CSAM.”

With respect to assertions that Joshua Schulte, the defendant, has made about the discovery laptop—that the laptop does not contain CSAM, that any CSAM appears only in thumbnails, or that the CSAM was maliciously or inadvertently loaded onto the laptop by the Government. See, e.g., D.E. 998 at 3 (pro se letter to the Court dated Dec. 21, 2022), 5 (pro se letter to the Court dated Jan. 5, 2023)—the Government is able to confirm the following: at least approximately 2,400 files on the laptop have been identified to date as likely containing CSAM. Those files include full images, and are not limited to thumbnail images. Moreover, the Government did not copy discovery materials onto the defendant’s laptop. In 2021, former defense counsel copied discovery and trial materials onto the laptop, which was then reviewed by personnel from the U.S. Attorney’s Office for security compliance before making a file index and providing the laptop to the Metropolitan Correctional Center (“MCC”), where the defendant was then in custody. The CSAM on the laptop was not provided by the Government or the result of Government action.

That, by itself, doesn’t tell us a lot more than we learned in an October filing, which explained that the FBI had found, “a substantial amount” of suspected CSAM.

Indeed, the letter focuses on debunking two counterarguments Schulte has made since, which is one of the reasons Furman docketed it after DOJ submitted it ex parte: “[T]his letter responds directly to assertions by Mr. Schulte,” Furman observed.

The government was debunking a claim made by Schulte that the government had caused the CSAM — but only thumbnails — to be loaded onto his discovery computer by “connect[ing] a child pornography drive to the laptop during setup.”

Schulte repeated and expanded — at great, great length — that theory in a set of filings dated March 1 but just loaded to the docket today.

The government response, effectively, was that they made an index of the files as the computer existed when it was turned over to MCC in 2021, calling Schulte on his claim that he was framed with CSAM.

Ultimately both sides will be able to present their claims to a jury.

But there are several other reasons I’m interested in the letter and related issues.

The government’s working theory when they first revealed this last fall, was that Schulte got a thumb drive into the SCIF and from that accessed the CSAM allegedly found on his home computer six years ago, presumably just to have it in his cell for his own further exploitation of children.

there is reason to believe that the defendant may have misused his access to the SCIF, including by connecting one or more unauthorized devices to the laptop used by the defendant to access the CSAM previously produced.

That’s because in August, they found a thumb drive attached to the SCIF laptop.

On or about August 26, 2022, Schulte was produced to the Courthouse SCIF and, during that visit, asked to view the hard drive containing the Home CSAM Files from the Home Desktop. The hard drive was provided to Schulte and afterwards re-secured in the dedicated safe in the SCIF. The FBI advised the undersigned that, while securing the hard drive containing the Home CSAM Files, they observed that an unauthorized thumb drive (the “Thumb Drive”) was connected to the SCIF laptop used by Schulte and his counsel to review that hard drive containing the Home CSAM Files. On or about September 8, 2022, at the Government’s request, the CISO retrieved the hard drive containing materials from the Home Desktop from the SCIF and returned it to the FBI so that it could be handled pursuant to the normal procedures applicable to child sexual abuse materials. The CISO inquired about what should be done with the Thumb Drive, which remained in the dedicated SCIF safe.

But in a little noticed development, during the period when FBI has been investigating how a defendant held under SAMs managed to get (we’re now told) 2,400 CSAM files onto his discovery computer, CNN reported that the network of FBI’s NY Field Office focused on CSAM had been targeted in a hacking attempt.

The FBI has been investigating and working to contain a malicious cyber incident on part of its computer network in recent days, according to people briefed on the matter.

FBI officials believe the incident involved an FBI computer system used in investigations of images of child sexual exploitation, two sources briefed on the matter told CNN.

“The FBI is aware of the incident and is working to gain additional information,” the bureau said in a statement to CNN. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”

FBI officials have worked to isolate the malicious cyber activity, which two of the sources said involved the FBI New York Field Office — one of the bureau’s biggest and highest profile offices. The origin of the hacking incident is still being investigated, according to one source.

DOJ still insists that former CIA hacker Josh Schulte found a way to access a whole bunch of CSAM. And in the same period, reportedly, the servers involved with CSAM investigation in the NYFO were hacked.

And while the letter released yesterday doesn’t tell us — much — that’s new about what Schulte allegedly had on his laptop, it does tell us, by elimination, which of the sealed filings in his docket are not related to the CSAM investigation.

Since the October update on the investigation into Schulte, sealed documents have been filed in Schulte’s docket on the following days:

  • December 15: Sealed document
  • January 19: Ex parte update on CSAM investigation
  • January 26: Sealed document
  • March 9: Sealed document
  • March 13: Sealed document

Only the January 19 letter — along with yesterday’s letter — have been unsealed. That, plus the flurry of filings in September and October, are it for the CSAM investigation. There’s something else going on in this docket, four sealed documents worth.

Indeed, in those very long set of filings mentioned above, both dated February and finalized March 1, both docketed today, Schulte alluded to something beyond CSAM.

Judge Furman has begun claiming that there are other vague misuses or misbehavior on the laptop.

He must not have read the September and October letters very closely, because they describe there was a warrant that preceded the discovery of the CSAM.

The warrants that we know of include the following:

Since late September, this investigation was about the “substantive” amounts of CSAM found on a computer possessed by Schulte.

But before that it was based on suspicions of contraband.

That stems, in significant part, from a search of the computer DOJ did in June, when Schulte turned it over claiming it had been dropped.

It hadn’t been dropped. It needed to be charged. Indeed, in the interminable motions filed today, Schulte treated plugging in a laptop as some kind of due process violation.

Plugging in a laptop should in no way compromise the privacy of a laptop. But it did raise real questions about the excuse Schulte offered in an attempt to get a second laptop (one he effectively got once trial started anyway).

Needless to say, his description of what happened with the BIOS password differs from the government’s, as provided last June.

First, with respect to the defendant’s discovery laptop, which he reported to be inoperable as of June 1, 2022 (D.E. 838), the laptop was operational and returned to Mr. Schulte by the end of the day on June 3, 2022. Mr. Schulte brought the laptop to the courthouse on the morning of June 3 and it was provided to the U.S. Attorney’s Office information technology staff in the early afternoon. It appears that the laptop’s charger was not working and, after being charged with one of the Office’s power cords, the laptop could be turned on and booted. IT staff discovered, however, that the user login for the laptop BIOS1 had been changed. IT staff was able to log in to the laptop using an administrator BIOS account and a Windows login password provided by the defendant. IT staff also discovery an encrypted 15-gigabyte partition on the defendant’s hard drive. The laptop was returned to Mr. Schulte, who confirmed that he was able to log in to the laptop and access his files, along with a replacement power cord. Mr. Schulte was admonished about electronic security requirements, that he is not permitted to enable or use any wireless capabilities on the laptop, and that attempting to do so may result in the laptop being confiscated and other consequences. Mr. Schulte returned to the MDC with the laptop. [my emphasis]

Here’s more background on all the funky things that happened with this laptop that led me to suspect something was going on last summer.

Anyway, the government claims it found a whole bunch of CSAM on Schulte’s computer. But there’s also something else going on.

We may find out reasonably soon. The impossibly dated filing from this week promised an update in a week, which (if the impossibly dated filing was actually dated March 21) might be Tuesday.

The Government expects to provide the Court with a supplemental status letter in approximately one week.

At the same time that CIA hacker Josh Schulte was allegedly finding a way to load CSAM onto his discovery laptop, the local FBI office’s CSAM servers were hacked.

That might be a crazy coincidence.

Update: DOJ filed an ex parte update today, which may or may not have to do with the CSAM investigation.

Judge Jesse Furman Gives DOJ 3 Pages to Reply to emptywheel’s Bid to Liberate Sealed Transcripts on the Espionage Act

Some weeks ago, I described that, with the help of National Security Counselors, I was intervening in the Joshua Schulte case to try to liberate transcripts from a May 3 sealed Classified Information Procedures Act hearing in which this exchange took place.

I gave you two hypotheticals. I think one is where a member of the public goes on WikiLeaks today and downloads Vault 7 and Vault 8 and then provides the hard dive with the download to someone who is not authorized to receive NDI, and I posed the question of whether that person would be guilty of violating the Espionage Act and I think your answer was yes. That strikes me as a very bold, kind of striking proposition because in that instance, if the person is not in a position to know whether it is actual classified information, actual government information, accurate information, etc., simply providing something that’s already public to another person doesn’t strike me as — I mean, strikes me as, number one, would be sort of surprising if that qualified as a criminal act. But, to the extent that the statute could be construed to the extend to that act one would think that there might be serious constitutional problems with it.

I also posed the hypothetical of the New York Times is publishing something that appears in the leak and somebody sharing that article in the New York Times with someone else. That would be a crime and there, too, I think you said it might well be violation of the law. I think to the extent that that would extend to the New York Times reporter for reporting on what is in the leak, or to the extent that it would extend to someone who is not in position to know or position to confirm, that raises serious constitutional doubts in my mind. That, to me, is distinguishable from somebody who is in a position to know. I think there is a distinction if that person transmits a New York Times article containing classified information and in that transmission does something that confirms that that information is accurate — right — or reliable or government information, then that’s confirmation, it strikes me, as NDI. But it just strikes me as a very bold and kind of striking proposition to say that somebody, who is not in position to know or does not act in a way that would confirm the authenticity or reliability of that information by sharing a New York Times article, could be violating the Espionage Act. That strikes me as a kind of striking proposition.

CIPA is the means by which the government tries criminal cases involving classified information. It permits the government to ask to hold certain hearings about what evidence will be admitted in sealed hearings to avoid any possibility that classified information will be publicly disclosed at those hearings.

[Note, these transcripts were funded by Calyx Institute with funding provided by Wau Holland Foundation, the latter of which has close ties to WikiLeaks.]

While everyone else was staying up late waiting for the January 6 Committee Report last Thursday, I was staying up late to see the filing that Kel McClanahan submitted in that intervention, which is here.

In the filing, McClanahan argued that the government’s own argument in support of sealing the transcripts attempted to use wiretap precedents to justify their continued sealing of CIPA hearings, even though they were asking to seal something else — hearings at which classified information might or might not be discussed.

It goes without saying that the proceedings in question—and the transcripts thereof—are judicial records for purposes of the common law, and the Government does not make any serious argument to the contrary. Instead, it argues that CIPA established a presumption against disclosure, drawing an analogy to the statutory provision for sealing of wiretap applications at issue in In re New York Times Co. to Unseal Wiretap & Search Warrant Materials, 577 F.3d 401 (2d Cir. 2009). It then goes beyond that analogy to argue that the presumption is even stronger because Congress allowed for wiretap materials to be unsealed for good cause but provided no comparable mechanism for CIPA proceedings. However, CIPA is not Title III, and the Government’s argument requires that to be the case in order to succeed.

Simply put, In re New York Times dealt with a statute which included a “manifest congressional intent that wiretap applications be treated confidentially,” id. at 408, but only because it includes a provision that the records themselves “shall be disclosed only upon a showing of good cause before a judge of competent jurisdiction.” 18 U.S.C. § 2518(8)(b). In contrast, CIPA only provides that a hearing shall be held in camera because “a public proceeding may result in the disclosure of classified information.” 18 U.S.C. App 3 § 6(a) (emphasis added). It in no way exhibits any intent that the records created from such a hearing should be presumed undisclosable, nor could it, since by its own terms the hearing might actually include no classified information. In other words, CIPA merely provides a protective procedure to guard against the chance that a hearing may include classified information,2 based solely on the Attorney General’s assertion that it may include classified information—hardly a high bar for the Government to clear. Congress voiced no opinion about what should then happen to the unclassified information included in that hearing, let alone a “manifest congressional intent.”

McClanahan laid out how the CIPA discussions at issue played a role in the exercise of Article III power, noting that the transcripts in question address the elements of the charges against Schulte: the very definition of the Espionage Act (and its application to someone like me, who might be held accountable for disseminating unconfirmed classified information).

The key question then becomes, what was the “role of the material at issue in the exercise of Article III judicial power” and its “resultant value . . . to those monitoring the courts?” United States v. Amodeo, 71 F.3d 1044, 1049 (2d Cir. 1995). The Court itself addressed both of these issues at various times. Most relevantly, it engaged in open court in an extensive discussion of a colloquy that appears to have taken place in the 3 May hearing, telling Government counsel, “I gave you two hypotheticals” about the Government’s interpretation of the scope of the Espionage Act. (Tr. of 7/6/22 Hrg. at 149:3-151:12.) It did so in the context of a discussion of potential jury instructions, and expressed the sentiment several times that the Government’s assertion that a person sharing National Defense Information (“NDI”) that is already in the public domain would still be liable under that statute was “kind of a striking proposition.” The role, then, of these transcripts—and the information they contain—in the exercise of Article III judicial power is clear, as is the resultant value to people monitoring the judicial process. In this case, according to this Court, the Government has—behind closed doors—pressed an argument that a person can violate the Espionage Act by handing a copy of a New York Times article containing leaked NDI to someone else, which is definitely something that interested persons in the field should know, and what they do not know is the degree to which the Government pressed this point, how it defended it, whether it has actually done so in the past, and what other positions it took when it was not expecting the transcripts to become made public.

By the same token, this convergence of factors also definitively demonstrates that the First Amendment right of access attaches to these records, because unlike the hypothetical CIPA hearing that the Government asks the Court to envision, at least this discussion strayed far from a simple discussion of evidentiary issues, with the Government presenting legal arguments about elements of the crime itself. [McClanahan’s italics, my bold]

He argued that the government’s argument went further than the stance it takes on Prepublication Reviews, insofar as we’re just arguing for a First Amendment right to read these transcripts, not publish them.

Simply put, when courts are put in the position of balancing claims related to national security against a writer’s First Amendment concerns, they consistently and without exception find that only classified information tilts the balance. There is no reason for this dynamic to change when it involves a reader’s First Amendment concerns, and while we acknowledge that some district courts have accepted the Government’s arguments, there is no evidence to show that those courts were presented with our argument and no grounds for this Court to follow suit.

Then McClanahan pointed to Judge Furman’s own comments about the colloquy as proof that the government’s claim — that there is no meaningful way to unseal just the unclassified portions of the transcripts — must be false.

In fact, the very existence of the Court’s 6 July summary of the two hypotheticals discussed above demonstrates the frivolousness of these arguments, since: (a) it was neither incoherent not functionally useless; and (b) the Court presumably did not divulge classified information in discussing it.

Judge Furman must have found something novel or persuasive in this argument. When he ordered the government to formally request the continued sealing of the transcripts on November 21, he said they could only submit a reply with his permission. But he just gave the government three pages to to do so.

This challenge could do more than liberate arguments the government made about the Espionage Act in secret. It could challenge the government’s larger views on secrecy in the context of CIPA.

As McClanahan laid out, “the Government has—behind closed doors—pressed an argument that a person can violate the Espionage Act by handing a copy of a New York Times article containing leaked [classified information] to someone else.” When I saw the argument (as relayed in Furman’s July description), I recognized the import of liberating this transcript.

I was only able to make this challenge because McClanahan was able and willing to help — and he can only do so through the support of his non-profit. If you believe fights like this are important and have the ability to include it in your year-end donations, please consider supporting  the effort with a donation via this link or PayPal. Thanks!

If a Bear Shits in a Sealed CIPA Conference, Can It Expand the Espionage Act to the NYT’s Readers?

On May 3, 2022, Judge Jesse Furman posed two hypotheticals to prosecutors in the Joshua Schulte case about whether the Espionage Act would apply to people who disseminated already public information from the Vault 7/Vault 8 leaks: First, a member of the public, having downloaded publicly-posted CIA hacking materials made available by WikiLeaks, who gave those materials to a third party. Second, someone who passed on information from the Vault 7/8 leaks published by the NYT to a third party. In both cases, the government argued that someone passing on already public information from the leaked files could be guilty of violating the Espionage Act.

At least, it appears that the government argued for this expansive hypothetical application of the Espionage Act, based on what Furman said in a discussion about jury instructions on July 6. I’ve put a longer excerpt of the exchange from the discussion about jury instructions below; here’s how Judge Furman instructed the jury on the matter.

The actual discussion in May took place in a hearing conducted as part of the Classified Information Procedures Act, CIPA, the hearings during which the government and defense argue about what kind of classified information must be declassified for trial (I wrote more about CIPA in this post). Because the discussion happened as part of the CIPA process, the hearing itself is currently sealed.

And the government wants it to stay that way.

Both in a letter motion filed on November 11, postured as an update on the classification review of the transcripts of that hearing, and in a December 5 letter motion Furman ordered the government to file formally asking to keep the transcripts sealed, the government argued that CIPA trumps the public’s right of access to such court records.

CIPA’s mandatory sealing of the records of in camera proceedings conducted pursuant to Section 6 supersedes any common law right of access to those records, and neither history, logic, nor the right of attendance at proceedings support a right of access under the First Amendment.

The earlier letter even explained why it wanted to keep the “extensive colloquies” in these hearings sealed.

Beyond that, the extensive colloquies and the specific issues of law discussed at that hearing would reveal, by itself, the specific type of relief sought by the parties on specific subjects, which would in turn provide significant indications about what classified information was at issue, prompting undue speculation that would undermine national security interests.

But this specific issue of law, whether journalists or their readers have legal exposure under the Espionage Act for reporting on leaked, classified material, is not secret. Nor should it be.

That’s why, with the support of National Security Counselors’ Kel McClanahan, I’m intervening in the case to oppose the government’s bid to keep the May 3 and other transcripts sealed. How the government applies the Espionage Act to people who haven’t entered into a Non-Disclosure Agreement with the government to keep those secrets has been a pressing issue for years, made all the more so by the prosecution of Julian Assange. Indeed, the government may have given the answers to Judge Furman’s hypotheticals that they did partly to protect the basis of the Assange prosecution. But for the same reason that the Assange prosecution is a dangerous precedent, the prosecutors’ claims — made in a sealed hearing — that they could charge people who share a NYT article (or an emptywheel post) on the Vault 7 releases raise real Constitutional concerns. As Judge Furman noted, “there are hundreds of thousands of people unwittingly violating the Espionage Act by sharing the New York Times report about the WikiLeaks leak” (and, though he doesn’t say it, tens of thousands sharing the emptywheel reporting about it). And yet no one will learn that fact if the discussion about it remains sealed.

I’m not usually able to intervene in such matters because I don’t have the resources of a big media in-house counsel to do so. McClanahan’s willingness to help makes that possible. National Security Counselors are experts on this kind of national security law, with extensive experience both on the Espionage Act and on CIPA. But the group relies heavily on tax-exempt charitable contributions to be able to do this kind of work. Please consider supporting  the effort with a donation via this link or PayPal. Thanks!

Transcript excerpt

These transcripts were obtained by the Calyx Institute with funding from Wau Holland, the latter of which has close ties to WikiLeaks.

So that’s the context and a little bit of the background. I think I have frankly come around to thinking that for reasons and constitutional avoidance and otherwise that there is a lot to — that Mr. Schulte is not entirely correct but is substantially correct, that is to say that if all — let me put it differently. I think the reason that Mr. Schulte is in a different position with respect to the MCC counts is that he is someone in a position to know whether the information was classified, was NDI, was CIA information and in that sense by virtue of leaking it again, so to speak, he is providing official confirmation but it is the official confirmation that is the new information that would qualify as NDI and I think Rosen kind of highlights that, that particular nuance. I think that distinguishes Mr. Schulte from — I gave you a hypothetical, again, I think it is currently in the classified hearing and therefore not yet public, but I gave you two hypotheticals. I think one is where a member of the public goes on WikiLeaks today and downloads Vault 7 and Vault 8 and then provides the hard dive with the download to someone who is not authorized to receive NDI, and I posed the question of whether that person would be guilty of violating the Espionage Act and I think your answer was yes. That strikes me as a very bold, kind of striking proposition because in that instance, if the person is not in a position to know whether it is actual classified information, actual government information, accurate information, etc., simply providing something that’s already public to another person doesn’t strike me as — I mean, strikes me as, number one, would be sort of surprising if that qualified as a criminal act. But, to the extent that the statute could be construed to the extend to that act one would think that there might be serious constitutional problems with it.

I also posed the hypothetical of the New York Times is publishing something that appears in the leak and somebody sharing that article in the New York Times with someone else. That would be a crime and there, too, I think you said it might well be violation of the law. I think to the extent that that would extend to the New York Times reporter for reporting on what is in the leak, or to the extent that it would extend to someone who is not in position to know or position to confirm, that raises serious constitutional doubts in my mind. That, to me, is distinguishable from somebody who is in a position to know. I think there is a distinction if that person transmits a New York Times article containing classified information and in that transmission does something that confirms that that information is accurate — right — or reliable or government information, then that’s confirmation, it strikes me, as NDI. But it just strikes me as a very bold and kind of striking proposition to say that somebody, who is not in position to know or does not act in a way that would confirm the authenticity or reliability of that information by sharing a New York Times article, could be violating the Espionage Act. That strikes me as a kind of striking proposition.

So all of which is to say I think I have come around to the view that merely sharing something that is already in the public domain probably can’t support a conviction under this provision except that if the sharing of it provides something new, namely, confirmation that it is reliable, confirmation that it is CIA information, confirmation that it is legitimate bona fide national defense information, then that confirmation is, itself, or can, itself, be NDI. I otherwise think that we are just in a terrain where, literally, there are hundreds of thousands of people unwittingly violating the Espionage Act by sharing the New York Times report about the WikiLeaks leak.

MR. DENTON: So, your Honor, I think there is a couple of different issues there and one of them is sort of whether the question that you are posing right now is actually the right question for this moment in time when we are talking about the elements of the offense.

In the context of that earlier discussion, and I will repeat it here, I think one of the things that we emphasized is there is a difference between whether a set of conduct, either the hypotheticals that you describe would satisfy the elements of a violation of 793 as opposed to the separate question of whether a person or an organization in that context would have a well-taken, as-applied First Amendment challenge to the application of the statute to them in that context.

THE COURT: But I have to say — and I recognize this may be in tension with my prior holding on this issue — the First Amendment is an area where somebody — I mean, the overbreadth doctrine in the First Amendment context allows somebody, as to whom a statute could be applied, constitutionally to challenge the statute on the grounds that it does cover conduct that would violate the First Amendment. So in that regard, it is distinct from a vagueness challenge. I think to the extent that you are saying that in those instances — I mean, the reason being that the First Amendment embodies a concept of chilling. If a New York Times reporter doesn’t know whether he is violating the Espionage Act by repeating what is in the WikiLeaks leak notwithstanding the fact that there is serious public interest in it, it may chill the suppression and that suppression is protected by the First Amendment. That’s the point in the overbreadth doctrine.

Go ahead.

The Discovery Refrigerator: When Joshua Schulte Social Engineered His Cellmate’s Brother

In advance of some other things, I want to look at the time that Joshua Schulte, who was convicted last week on nine counts related to stealing and leaking CIA files to WikiLeaks, social engineered the brother of his cellmate.

One of the charges on which the jury found Schulte guilty was sending WaPo reporter Shane Harris a warrant affidavit from the investigation into him, along with Schulte’s own narrative purportedly debunking the allegations made in the warrant. The jury found that Schulte’s description of two hundred people who might have access to the DevLAN backups and the network setup that would allow them that access was National Defense Information. Effectively, prosecutors argued and the jury agreed, Schulte was revealing CIA’s organizational structure and numbers of classified employees to a journalist. It’s a picayune Espionage count that because it likely won’t be treated as the same leak as the charge for sending CIA’s hacking tools, could add years to Schulte’s sentence.

Schulte sent the warrant affidavits along with a dangle, a promise to tell Harris some dirt about Russian oligarchs’ ties to Marc Kasowitz and Rudy Giuliani.

We have decided to share with you an initial exposé (depending on how the first one goes with you we will share up to nine more) involving Russian oligarchs, business ties and wire transfers involving hundreds of millions of dollars to Donald Trump’s closest advisers and law firms, including Giuliani and Mark Kasowitz firms. Trump’s self-reported best friend plays a starting role.

In cross-examination of FBI Agent Evan Schlessinger, Schulte suggested, credibly, that this dangle came from his cellmate, Omar Amanat.

Q. Well, you remember the ProtonMail email that referenced Marc Kasowitz, right?

A. Yes.

Q. OK. And there’s no relation between me and Marc Kasowitz, right?

A. No. You’re — not that I’m aware of.

Q. OK. Let’s talk about the cell search at the MCC. Now, in the cell search at the MCC, did you know what cell I was in?

A. Yes.

Q. And just real quick, you did know that there was a relationship between Mr. Amanat and Marc Kasowitz, right?

A. I know it was a — it’s connected to Mr. Amanat. I don’t know exactly how.

Q. OK.

A. Or how it relates to Mr. Amanat.

Of course, Schulte wasn’t charged for leaking information about Trump’s once and future lawyers. He was charged for sharing information about the CIA that — even if Amanat were the one who sent the email to Harris — would still mean Schulte shared it with Amanat, someone else who wasn’t cleared to receive it.

Plus, the record now shows that Schulte had been working with Omar Amanat and his brother, Irfan, to get these documents out.

An FBI interview of Schulte’s cousin, Shane Presnall, conducted just days before his first trial on January 13, 2020 but only released in April, explains that the Amanats were participating in the effort to publicize Schulte’s case starting as soon as Schulte and Amanat ended up in a cell together in December 2017. In fact, Presnall handed off Schulte’s warrants (it’s not clear whether this includes Schulte’s response, which is where the classified information was) to Amanat’s brother, Irfan, by leaving them in the fridge at the apartment he had shared with Schulte. (At the time, Irfan had been charged in the same fraud as Omar, but he was still out on pretrial release; since these events in 2018, both Omar and Irfan have been sentenced, served their time, and released.)

JS’s idea to get to press was to get court documents to get more attention to his case. JS told SP he was trying to create public outrage. When arrested in December 2017, another inmate in MCC, named Omar Amanat, told JS that Omar had media comments [sic] and that JS should send documents out and Omar will get them out. SP expressed skepticism about having a stranger do this. Then Omar’s cousin (Iffy) reaches out to SP via WhatsApp and says they have media contacts and can get documents out. When moving everything out of the apartment, SP put the documents in the bottom of the fridge in his apartment and informed Iffy where the where the documents would be. Iffy came and got the documents at JS’s apartment. Iffy confirmed to SP that Iffy got the documents. Iffy had the key because SP handed it to him.

Presnall was also communicating with reporters via Signal and a ProtonMail account, JohnGalt. But after he handed off the documents, he never heard from Irfan again.

But Schulte and the Amanats continued to work closely to get the documents out.

Just days before the ProtonMail dangle with the warrants was sent to Harris on September 24, the Samsung phone primarily used by Schulte texted Irfan on Signal. [This is a version of the Signal report, GX 822-1 as submitted in the first trial, but in which I replaced phone numbers with names and eliminated extraneous data; the righthand-most column shows who sent a particular text, the second-from-right is who received it.]

Schulte claimed to be Omar. He said that J — Schulte — needed “screen shots of Romania hack and Moscow.”

Irfan was understandably confused because, at the same time as someone claiming to be his brother was texting from the Samsung, someone else was calling him on what must be the iPhone that Omar primarily used.

Nevertheless, Irfan sent the files and only then did Schulte tell Omar’s brother he had pretended to be Omar to get Irfan to send files he had been trying to get from his cellmate.

Irfan and Schulte had a good laugh together about “master airhead” Omar, and then they got back to work on the documents they were working on.

Over the next two days Irfan and Schulte chatted away as they worked on various files, at several points, switching to group chat. At one point, Omar asked who “anonymous badger” is. “My bro?”

Here’s a picture of Omar’s side of that conversation, working on the Google doc via his iPhone while Schulte and Irfan worked from other locations, from one of the 2018 warrant affidavits tied to this part of the investigation.

On September 26, Schulte texted Irfan to say that Omar broke a screen (perhaps an exacerbation of the crack seen above) but that everything was still a go.

That’s the day when jailhouse informant Carlos Betances narced them out to the guard before they could do … something … in the law library.

Q. Mr. Betances, did there come a time when you learned of an effort to take the Samsung somewhere else in the jail?

A. Yes.

Q. And what did you learn about that?

A. That they were going to pay this friend of mine, Flaco, 200 bucks to take it down to the library that day.

Q. And who wanted to pay to bring the phone to the library?

MR. SCHULTE: Objection. Hearsay.

THE COURT: How did you learn about that information?

THE WITNESS: Because Flaco told me.

[snip]

BY MR. LOCKARD: Q. Mr. Betances, did you observe anything about Mr. Schulte’s or Omar’s behavior around that time?

A. Yes. They were very wary. They wanted to go down to the library then, and — so once I realized that they wanted to go down there, I threw this little piece of paper at the guard who was right there, and letting him know that something was going to happen in the library, that he could — he should —

THE INTERPRETER: Interpreter correction. A. — that he should conduct a search or everybody should go down and figure out what was about to happen. So that is what happened. When Josh and Omar came up, they said something had happened, that there was a search, there had been a search in the library, but they never found out that I was the one who had prevented that from happening.

Q. And did you hear Mr. Schulte or Omar discuss why they wanted the phone in the library?

MR. SCHULTE: Objection.

THE COURT: Overruled.

A. They wanted to send something very important. I don’t know what it was, but it was important. They had spent a week, a long time with the phones. They would give me the phone back very late at night with a very low charge.

Over the course of the next few days, as one after another of the detainees in on the contraband phone gig got caught and put into the SHU, it seemed that Omar came to rely on the Samsung (the first of the contraband phones was seized on September 26) to send Irfan gloomy texts. What appears to be Omar asks Irfan to call Carlos’ son to let the son know they’d put $500 in his father’s commissary fund, something that Betances testified to at the second trial, claiming he newly remembered just last month being offered a $5,000 bribe through the air conditioning pipes to stay quiet.

So as the brothers allegedly discussed arranging paying off the guy who narced them out, they also discussed what Harris has received. “How much to carlo,” Irfan asked about the payment. “Washpo has em,” Omar discussed the documents.

The very last Signal text sent on the phone, on a day when Schulte was definitely in SHU but Omar was not yet, was a text from Omar to Harris, asking if they could shift to a different ProtonMail address, [email protected].

It’s a point Schulte made at trial: When that last text was sent, he was in SHU. He couldn’t have sent it.

According to Agent Schlessinger, there was no activity on the ProtonMail account Schulte had described in his notebook setting up on August 21, Annon1204, after Schulte was put in SHU. While Schulte pointed to a follow-up, on Annon1204, on September 26 that he suggested must have come from Omar, the switch to a different ProtonMail account after Schulte was moved overnight on October 1 is consistent with Omar not having the password for Annon1204, and so moving the ongoing conversation with Harris to another ProtonMail account, psalms100.

The entire (resumed) conversation with Shane Harris started with Schulte pretending to be Anonymous, partly in an effort to get Harris to send documents that Schulte’s family had already been warned, by the FBI, not to release publicly. Along the way, Schulte pretended to be Omar and then Omar pretended to be Schulte pretending to be Anonymous.

It was a grand scheme across contraband cell phones and Google docs to send out a bunch of documents. One of which, the jury has now issued their verdict, constituted a very costly crime.

On Josh Schulte’s Continued Attempts to Hack the Judicial System

Last June, I argued that accused Vault 7 leaker Josh Schulte’s decision to represent himself involved a plan to “hack” the judicial system, not with computer code, but by introducing commands into the legal system to make it malfunction.

Joshua Schulte attempted to complete a hack of the court system yesterday.

I don’t mean that Schulte used computer code to bring down the court systems. His laptop doesn’t connect to the Internet, and so he does not have those tools available. Rather, over the 3.5 years he has been in jail, he has tested the system, figured out which messages can be used to distract adversaries, and which messages have an effect that will lead the system to perform in unexpected ways. He identified vulnerabilities and opportunities — SDNY arrogance, the pandemic and related court delays, Louis DeJoy’s postal system, and even the SAMs imposed on him — and attempted to exploit them.

[snip]

It is almost without exception an insanely bad idea for a defendant to represent themselves, and this is probably not that exception. Still, there are advantages that Schulte would get by representing himself. He’s brilliant, and clearly has been studying the law in the 3.5 years he has been in prison (though he has made multiple errors of process and judgment in his own filings). He has repeatedly raised the Sixth Amendment problems with Special Administrative Measures, notably describing how delays in receiving his mail make it impossible for him to respond to legal developments in timely fashion. So I imagine he’d prepare a Sixth Amendment challenge to everything going forward. He’d be able to demand access to the image of the server he is alleged to have hacked himself. By proceeding pro se, Schulte could continue to post inflammatory claims to the docket for sympathetic readers to magnify, as happened with a filing he submitted earlier this year. And after the government has made clear it will reverse its disastrous strategy from the first trial of making the trial all about Schulte’s conflicts with the CIA, by questioning witnesses himself, Schulte would be able to make personality conflicts central again, even against the government’s wishes. Plus, by not replacing Bellovin, Schulte would serve as expert himself. In that role, Schulte would present the false counter story he has been telling since he was jailed, but in a way that the government couldn’t cross-examine him. So it would probably be insanely detrimental, but less so than for most defendants that try it. It certainly would provide a way to mount the defense that Schulte clearly wants to pursue.

I also noted the signs that what Schulte really wanted to do was act as co-counsel with his attorneys, something prohibited by precedent in the 2nd Circuit.

Much of this has held up (though not regarding Steve Bellovin, Schulte’s superb expert; Schulte has effectively just waited for Bellovin to become available again). Schulte has engaged in the legal equivalent of a DDOS attack, with dozens of motions in the last year, many serial repeats of the same arguments rejected already, and seventeen appeals of one sort or another.

It appears that Schulte may still be attempting to have hybrid counsel. In a New Yorker profile that came out this week, his attorney, Sabrina Shroff, described how by going pro se, Schulte will not be bound by the legal ethics she is (particularly if he’s willing to face further charges for whatever he does at trial — his potential sentence is already so long any additional contempt or leaking charges might make little difference).

When you consider the powerful forces arrayed against him—and the balance of probabilities that he is guilty—Schulte’s decision to represent himself seems reckless. But, for the C.I.A. and the Justice Department, he remains a formidable adversary, because he is bent on destroying them, he has little to lose, and his head is full of classified information. “Lawyers are bound,” Shroff told me. “There are certain things we can’t argue, certain arguments we can’t make. But if you’re pro se ”—representing yourself—“you can make all the motions you want. You can really try your case.”

Nevertheless, Schulte recently wrote a letter inquiring about whether Shroff could cross-examine some of the witnesses and issue objections for him.

I fully expect Schulte to make his contentious relationship with his colleagues a central feature of the trial (Schulte even attempted, unsuccessfully, to exclude the one CIA witness who remained on good terms with him, which would have made it easy to portray his targeting as a vendetta by colleagues who hate him). I expect Schulte to disclose information about his colleagues — perhaps including that Jeremy Weber, a pseudonym, appears under his real name in the Ashley Madison hack, an allegation Schulte seemed primed to make in 2018. Whatever else Schulte does, he will attempt to raise the costs of this trial on the CIA.

Stipulating stipulations

No doubt he has other stunts planned. Schulte claimed this week that the government is refusing to stipulate to things from official custodians (like Google).

This doesn’t make sense, unless Schulte is trying to undermine the regularity of this evidence with stipulations.

All that said, I think I may have underestimated Schulte when I suggested he only intended to use legal filings as the code with which he would hack the judicial system.

When dropping a laptop alters its BIOS

On June 1, Shroff wrote the court informing Judge Jesse Furman that a guard had accidentally dropped Schulte’s discovery laptop, but asking for no further relief.

We write to inform the Court that a guard at the MDC accidently dropped Mr. Schulte’s laptop today, breaking it. Because the computer no longer functions, Mr. Schulte is unable to access or print anything from the laptop, including the legal papers due this week. The defense team was first notified of the incident by Mr. Schulte’s parents early this afternoon. It was later confirmed in an email from BOP staff Attorney Irene Chan, who stated in pertinent part: “I just called the housing unit and can confirm that his laptop is broken. It was an unfortunate incident where it was accidentally dropped.”

Given the June 13, 2022 trial date, we have ordered him a new computer, and the BOP, government, and defense team are working to resolve this matter as quickly as possible. We do not seek any relief from the Court at this time.

I think Shroff is a formidable defense attorney and she has no patience for the carceral regime that her clients face, particularly someone under strict measures like Schulte. Which is why I find it so odd that she was so blasé about what might be viewed as intentional retaliation against Schulte, just days before trial, especially given Schulte’s recent complaints about his access to the law library. A month earlier, after all, Shroff had described that efforts at détente with the jail had failed.

I’m especially puzzled about Shroff’s response given the discrepancy between her explanation — sourced to Schulte’s parents and the prison attorney, not anyone who could  be held accountable for a false claim — and that of the government.

On June 6, DOJ explained its resolution of the laptop. Their explanation sounds nothing like a dropped laptop, at all. It sounds like an attempted hack.

First, with respect to the defendant’s discovery laptop, which he reported to be inoperable as of June 1, 2022 (D.E. 838), the laptop was operational and returned to Mr. Schulte by the end of the day on June 3, 2022. Mr. Schulte brought the laptop to the courthouse on the morning of June 3 and it was provided to the U.S. Attorney’s Office information technology staff in the early afternoon. It appears that the laptop’s charger was not working and, after being charged with one of the Office’s power cords, the laptop could be turned on and booted. IT staff discovered, however, that the user login for the laptop BIOS1 had been changed. IT staff was able to log in to the laptop using an administrator BIOS account and a Windows login password provided by the defendant. IT staff also discovery [sic] an encrypted 15-gigabyte partition on the defendant’s hard drive. The laptop was returned to Mr. Schulte, who confirmed that he was able to log in to the laptop and access his files, along with a replacement power cord. Mr. Schulte was admonished about electronic security requirements, that he is not permitted to enable or use any wireless capabilities on the laptop, and that attempting to do so may result in the laptop being confiscated and other consequences.

All the more so given one of the new details disclosed in the New Yorker profile: that in his moments of desperation to keep his contraband cell phone charged in jail back in 2018, Schulte figured out how to hot-wire the phone to the light switch.

Schulte figured out a way to hot-wire a light switch in his cell so that it worked as a cell-phone charger. (The person who knew Schulte during this period praised his innovation, saying, “After that, all M.C.C. phones were charged that way.”)

In recent months, Schulte has been making technical requests, such as for his own printer or a write-capable DVD which (he explicitly said) he wanted to use to transfer “other binary files” in addition to trial exhibits, that seemed an attempt to acquire equipment that could be used for other purposes. Here, in the guise of an accident caused by a guard, Schulte got his laptop, with its BIOS alteration, its encrypted compartment, and apparent attempts to use wireless capabilities, into the office of the people prosecuting him, then got it returned with a new power cord.

Among the things Schulte worked on at CIA was a tool to jump an air gap and compressing and exfiltrating data.

The expanding Pompeo subpoena

Then there’s the way information has gotten to Schulte, who is under strict Special Administrative Measures that would normally limit news about his own case from getting shared with him (the following is not a commentary about the humanity  or constitutionality of SAMs, which are arguably not either; it is an observation that they may not be working). In a filing purporting to represent Schulte’s views as to why he needs to call Mike Pompeo as a witness, his stand-by attorneys laid out the following justification:

Secretary Pompeo was Director of the CIA in May 2017 when WikiLeaks began disclosing Vault 7 and Vault 8. As noted in prior briefings to the Court, [1] Mr. Pompeo was immediately debriefed about the WikiLeaks disclosure and specifically informed that Mr. Schulte was an early suspect. He was also told that Mr. Schulte had a disciplinary history. Further, less than a week after the disclosure, Secretary Pompeo approved the substance of the first search warrant application, authorizing the FBI to make various statements therein, at least some of which later proved untrue.

As such, Secretary Pompeo took an active role in the investigation against Mr. Schulte and has non-hearsay information that is relevant to the charges. Mr. Schulte also seek to inquire of Secretary Pompeo whether he directed his staff to consider charges against Mr. Schulte to the exclusion of anyone else or contrary to existing exculpatory evidence

Further, while the government has sought to establish the grave harm caused by the leak, just months after it allegedly occurred, [2] Secretary Pompeo championed WikiLeaks’ publication of the stolen DNS [sic] emails on social media. This disconnect, too, is ripe for examination.

Finally, as recently as September 2021, [3] Secretary Pompeo continued to voice his views on the prosecution of leaks from WikiLeaks, see https://nationalpost.com/news/trump-pompeo-and-cia-agents-discussed-kidnappingassassinating-assange-in-revenge-for-vault-7-leak. Secretary Pompeo’s evolving stance on the prosecution of leaks is relevant to the issues at trial. Accordingly, Mr. Schulte asks this Court to deny the government’s application to preclude Secretary Pompeo’s testimony. [my numbering]

In the past, I have argued that calling Pompeo as a witness is a reasonable request, for what I’ve marked as reason 2, above. As House Intelligence Chair, Mike Pompeo cheered WikiLeaks’ release of emails by Russia from the DNC. He did so in July 2016, months after Schulte is alleged to have transmitted the CIA files in early May 2016. That Pompeo’s support of WikiLeaks, even when he had access to intelligence about them, did not prevent him from being confirmed as CIA Director undercuts claims about Schulte’s perception of the particular damage leaking to WikiLeaks might do.

But the other two reasons are more suspect. Reason one, Pompeo’s approval of early steps in the investigation, is only a measure of what he got briefed, and the briefer would be the more direct witness to the substance of that briefing (and given the seniority of some of the witnesses who testified at his first trial, likely already appeared as witnesses. But Pompeo’s presumed briefing of the case to Donald Trump — before Trump almost blew the case by sharing those details with Tucker Carlson on the very day the FBI first searched Schulte — is another issue. I’m acutely interested in Trump’s treatment of the attack on the CIA by a Russian-associated outlet in 2017, but it really doesn’t indicate anything about Schulte’s guilt or innocence.

The last reason — the claim published by Yahoo but never matched by another outlet that Pompeo responded to the initial Vault 7 release by asking about the possibility of assassinating Julian Assange — is a more dubious argument still. Remember: This is Schulte’s standby counsel writing this filing. They’re not under SAMs, Schulte is, but they’re only his standby counsel, and so should only be posting things he can be privy to. The rationale for calling Pompeo is presented as Pompeo’s comments, from September 2021, responding to the Yahoo story. Except the story linked — to a Canadian story on the Yahoo story published a day before Pompeo’s response — doesn’t reflect those 2021 comments from Pompeo at all. If Pompeo were really asked to testify about this, he would debunk parts of it, as his actual public comments about the story did. If the Yahoo story became an issue at trial, it might come out that the story repeats a claim (though nowhere near the most inflammatory claim of the story) made publicly by a WikiLeaks surrogate in 2020, but never (AFAIK) made publicly elsewhere, and that Michael Isikoff had persistently suppressed details from the Stone prosecution that debunk large parts of the Yahoo story. That is, if the Yahoo story became an issue at Schulte’s — or anyone else’s — trial, it could easily be discredited, like several of the other stories used in WikiLeaks’ campaign against Assange’s extradition. But Schulte, who has purportedly read about this in spite of his SAMs, would like to make it an issue at his trial.

A minute note in the docket may indicate that the two sides settled this issue on Friday. So we’re likely to be deprived of Pompeo’s testimony for a second Schulte trial.

The [redacted] discovery

I find reasons one and three particularly interesting given a series of documents that presumably relate to a broader-than-publicly understood investigation into WikiLeaks. Schulte was provided materials from that investigation in discovery on April 6 or 8. Schulte sent Judge Furman a request on April 29 (perhaps not coincidentally, after a UK judge approved Assange’s extradition, though the actual extradition decision remains pending before Priti Patel) asking to obtain all the discovery from that case, have it excluded from the protective order so he could use it at trial, and asking Furman to give Schulte an investigator so he could learn more about that investigation. In response to an order from Furman, the government responded on May 16. All the materials were docketed on May 25.

The materials are so heavily redacted as to offer little illumination to the subject. They do say, however, that the investigation “is neither known to the public nor to all of the targets of the investigation,” suggesting that at least one of those targeted is aware of it, and that DOJ is working with targets, not subjects. DOJ asserts that Schulte’s claims about the utility of the evidence for his trial conflict. It also describes that Schulte wants to argue — falsely, DOJ asserts — that this evidence proves the Vault 7 materials were obtained by hackers. Given the original discovery letter and subsequent treatment, it is unclear to me whether this information is considered classified, or just confidential. But the government, unsurprisingly, argues that the material shouldn’t be released.

[B]ecause the [redacted] Investigation Materials relate to an ongoing criminal investigation, and their disclosure could cause serious harms to that investigation and other law enforcement interests.

The argument for Pompeo’s testimony, above, came after DOJ responded to Schulte’s request for more information. That is, Schulte’s defense stretched beyond a completely legitimate claim that Pompeo’s actions prove that even the CIA did not consider support for WikiLeaks disqualifying at the moment Schulte allegedly leaked the files, to claims that are little more than repetitions of Trumpist and WikiLeaks propaganda.

Meanwhile, Schulte is asking for a two day adjournment of trial after jury selection starting tomorrow, partly on account of the laptop, partly because the government has shifted the order in which they’ll present witnesses, this time starting with Richard Evanchec, one of the FBI Agents who originally investigated the leak, rather than Schulte’s colleagues at the CIA (among other things, doing so will foreground Schulte’s easily debunked cover story, which he plans to tell himself in court).

Sometime this week, Schulte will have his moment in court, this time running his own defense and exploiting whatever hacks — digital or legal — he has succeeded in launching over the last year or four. As Shroff says, Schulte’s not bound by professional ethics in any way that would limit what arguments he makes. Schulte will undoubtedly attempt to feed the jury the kind of code that the legal system normally doesn’t expect. We will then get to see whether such code causes the system to malfunction.

Five Years after WikiLeaks Exposed CIA Identities in Vault 7, UK Moves Closer to Assange Extradition

Last November, in response to an order from Judge Jesse Furman, DOJ said that they were fine with accused Vault 7 leaker Joshua Schulte’s request for a delay before his retrial. In fact, they didn’t think a Schulte retrial could start before March 21.

Although the Government is available for trial at any time in the first or second quarters of 2022, the Government does not believe it would be practical to schedule the trial prior to March 2022. In particular, although the Government believes that the Court’s prior rulings pursuant to Section 6 of CIPA address the vast majority of questions concerning the use of classified information at trial in this matter, it appears likely that the defendant will seek to use additional classified information beyond that previously authorized by the Court. The process for pretrial consideration of that application pursuant to Section 6 is necessarily complex, entailing both briefing and hearings in a classified setting. To the extent the Court authorizes the defendant to use additional classified information, implementation of the Court’s rulings can also take time, such as through either declassification of information or supplemental briefing regarding the application of Section 8 of CIPA (authorizing the admission of classified evidence without change in classification status). The proposed trial date also takes into consideration matters discussed in the Government’s ex parte letter submitted on August 4, 2021. Accordingly, in order to afford sufficient time both for the likely upcoming CIPA litigation and for the parties to prepare for trial with the benefit of any supplemental CIPA rulings, the Government believes that the earliest practical trial date for this matter would be March 21, 2022.

Part of this delay was to revisit the Classified Information Procedures Act decisions from the first trial because, now that he’s defending himself, Schulte likely wanted to use more classified information than Sabrina Shroff had used in the first trial. It turns out March 21 was overly optimistic for CIPA to be done. Because of an extended debate over how to alter the protective order, the government will only file its CIPA motion tomorrow (it just asked to submit a much longer filing than originally permitted, and got permission to file a somewhat longer one).

It’s the other part of the government’s interest in delay — its references to “matters discussed” in a sealed letter from August 4 — that I’ve been tracking with interest, particularly as the Assange extradition proceeded. As I noted earlier, that August 4 letter would have been sent five years to the day after Schulte started searching on WikiLeaks, Edward Snowden, and Shadow Brokers (according to the government theory of the case, Schulte stole and leaked the CIA’s hacking tools earlier, in late April and early May 2016).

Since those mentions of a sealed letter last year, the government has asked for and gotten two meetings to discuss classified information with Judge Fruman under section 2 of CIPA, first for February 8 (after which a sealed document was lodged in Chambers), and the second one for March 9.

Section 2 provides that “[a]t any time after the filing of the indictment or information, any party may move for a pretrial conference to consider matters relating to classified information that may arise in connection with the prosecution.” Following such a motion, the district court “shall promptly hold a pretrial conference to establish the timing of requests for discovery, the provision of notice required by Section 5 of this Act, and the initiation of the procedure established by Section 6 (to determine the use, relevance, or admissibility of classified information) of this Act.”

That second CIPA Section 2 meeting, on March 9, would have taken place days after the five year anniversary for the first Vault 7 publication, and with it the publication of the names or pseudonyms and a picture of several colleagues Schulte had vendettas against.

Schulte acknowledged that publication in a recently-released self-justification he wrote to an associate after the Vault 7 release (it’s unclear when in 2017 or 2018 he wrote it), one he’s making a renewed attempt to suppress.

The names that were allegedly un-redacted were pseudonyms — fake names used internally in case a leak happened. Those of us who were overt never used last names anyway; This was an unwritten rule at the agency — NEVER use/write true last names for anyone. So I was convinced that there was little personal information revealed besides a picture of an old boss of mine that was mistakenly released with the memes.

Not long after he acknowledged the rule against using people’s names in that self-justification, Schulte used the names of the three colleagues he was most angry at: His boss Karen, his colleague “Jeremy Weber,” and another colleague, Amol, names that were also central to his efforts to leak from jail. If the FBI could ever develop evidence that Weber’s name was deliberately left in WikiLeaks’ Vault 7 publication, both Schulte and anyone else involved would be exposed to legal liability for violating the Intelligence Identities Protection Act, among other crimes.

On Monday, one week short of the day DOJ thought might be a realistic start day for the retrial, the British Supreme Court refused Assange’s bid to appeal a High Court decision accepting (flimsy) US assurances that Assange would not be held under Special Administrative Measures, finding that the appeal “does not raise an arguable point of law.”

Given the timing of the sealed filings in the Schulte case and the way the 2020 superseding indictment accuses Assange of “exhort[ing a Chaos Computer Club] audience to join the CIA in order to steal and provide information to WikiLeaks,” effectively teeing up Schulte’s alleged theft, I would be unsurprised if one of the things DOJ was delaying for weren’t this moment, some resolution to the Assange extradition.

To be sure: the Assange extradition is not over, not by a long shot. As a letter from his attorneys explains, this decision will go back to Vanessa Baraitser, who will then refer the extradition to Home Secretary Priti Patel. Assange will have four weeks to try to persuade Patel not to extradite him.

And, as the same letter notes in classically British use of the passive voice, Assange could still appeal Baraitser’s original ruling.

It will be recollected that Mr Assange succeeded in Westminster Magistrates’ Court on the issue subsequently appealed by the US to the High Court. No appeal to the High Court has yet been filed by him in respect of the other important issues he raised previously in Westminster Magistrates’ Court. That separate process of appeal has, of course, has yet to be initiated.

But an appeal on these issues would be decidedly more difficult now than they would have been two years ago.

That’s true, in part, because the Biden Administration’s continuation of Assange’s prosecution has debunked all the bullshit claims Assange made about being politically targeted by Donald Trump.

I also expect at least one of the purportedly exculpatory stories WikiLeaks has been spamming in recent months to be exposed as a complete set-up by WikiLeaks — basically an enormous hoax on WikiLeaks’ boosters and far too many journalist organizations. WikiLeaks has become little more than a propaganda shop, and I expect that to become clearer in the months ahead.

Finally, if the US supersedes[d] the existing indictment against Assange or obtains[ed] a second one in the last seven months, it will badly undermine any remaining claim Assange has to doing journalism. That’s true for a slew of reasons.

As I laid out here, the part of the Baraitser ruling that distinguished Assange’s actions from journalism based on his solicitation of hacks relied heavily on the language that directly teed up the hack-and-leak Schulte is accused of.

Mr. Assange, it is alleged, had been engaged in recruiting others to obtain information for him for some time. For example, in August 2009 he spoke to an audience of hackers at a “Hacking at Random” conference and told them that unless they were a serving member of the US military they would have no legal liability for stealing classified information and giving it to Wikileaks. At the same conference he told the audience that there was a small vulnerability within the US Congress document distribution system stating, “this is what any one of you would find if you were actually looking”. In October 2009 also to an audience of hackers at the “Hack in the Box Security Conference” he told the audience, “I was a famous teenage hacker in Australia, and I’ve been reading generals’ emails since I was 17” and referred to the Wikileaks list of “flags” that it wanted captured. After Ms. Manning made her disclosures to him he continued to encourage people to take information. For example, in December 2013 he attended a Chaos computer club conference and told the audience to join the CIA in order to steal information stating “I’m not saying don’t join the CIA; no, go and join the CIA. Go in there, go into the ballpark and get the ball and bring it out”. [emphasis Baraitser’s]

If the government proves what is publicly alleged, Schulte’s actions have nothing to do with whistleblowing and everything to do with vindictive hacking to damage the CIA, precisely what Assange was eliciting. Plus, even if such a hypothetical superseding indictment added just Vault 7/Vault 8 charges against Assange, it could put extortion and IIPA on the table (the latter of which would be a direct analogue to the UK’s Official Secrets Act), to say nothing of the still unexplained fate of the CIA source code which — as Schulte himself acknowledged — would have provided an unbelievable benefit had Russia had received it.

And that assumes that Vault 7/Vault 8 would be the only thing the US wanted to supersede with. When Jeremy Hammond asked prosecutors why they hadn’t charged Assange for helping Russia tamper in US elections, they appeared to respond by describing the long time it would take to extradite Assange, implying that they still had time to charge Assange. To be sure, Mueller concluded that he “did not have admissible evidence that was probably sufficient to obtain and sustain a Section 1030 conspiracy conviction of WikiLeaks [or] Assange.” But the implication was that Mueller had evidence, just not stuff that could be submitted at trial. The extradition of Vladislav Klyushin — whose lawyer believed the US was particularly interested in his knowledge of the 2016 operation — might change that. (Like Assange, Klyushin’s extradition was also pending when DOJ submitted that first sealed filing; Klyushin’s case has been continued to share more discovery.)

There are several other operations WikiLeaks was involved in in 2015 and afterwards that would undermine any claim of being a journalistic outlet — and would add to the evidence that Assange had, at least by those years, been working closely to advance the interests of the Russian government.

It would be very hard to argue that Assange was being prosecuted for doing journalism if the US unveiled more credible allegations about the multiple ways Assange did Russia’s bidding in 2016 and 2017, even in normal times. All the more so as Russia is continuing its attack on democracy with its invasion of Ukraine.

And that’s what Assange faces as he attempts to stay out of the US.

Josh Schulte Described the Damage Giving Russia Advance Access to the Vault 8 Files Would Have Caused

As part of a fight over whether the government obtained Josh Schulte’s explanation of his FBI interview via Schulte’s prison notebooks or via subpoena from a Schulte associate (probably a family member), the government released a redacted version of that explanation, ostensibly a chapter in his “Presumed Innocent” blog. It’s fascinating for a slew of reasons (including that he lays out that it would be a crime to expose the identities of his colleagues, and then does just that).

For now, though, I want to look at what Schulte claims he told the FBI about the damage sharing the CIA source code files with Russia would do (none of this appears in the 302 of the interview).

I told them the confluence server was the one that seemed to be compromised, and while horrible and damaging at least it wasn’t Stash; At least not at this point–Hopefully they could stop any additional leaks from the network at this point. From the news articles I’ve read, wikileaks claims to have source code, but we don’t know what code or from where. However, at this point, I knew the SOP was a complete stand down on all [redacted] operations. We had no idea what had been leaked, when, for how long, or even who else had seen the materials leaked. Have they been steadily accessing our network every day? Have all our ops been blown since we wrote the first line of code? Perhaps only confluence had been leaked, but the individual(s) responsible are/were planning to exfil the other parts of DEVLAN too? So much still unknown, and with potential (yet unconfirmed) link between wikileaks and Russia–Did the Russians have all the tools? How long? It seems very unlikely that an intelligence service would ever leak a nation’s “cyber weapons” as the media calls them. These tools are MUCH more valuable undiscovered by the media or the nation that lost them. Now, you can secretly trace and discover every operation that nation is conducting. I told them all this was certainly very disturbing and I felt bad for my friends and colleagues at the agency who likely weren’t doing anything and most likely had to completely re-write everything.

I’m frankly shocked that DOJ didn’t use this file in his first trial, as it accurately describes what multiple witnesses testified happened after WikiLeaks first published the leak: everything ground to a halt while CIA tried to mitigate damage. And as Schulte predicted, the Agency did have to rewrite everything. This is powerful evidence that, if Schulte is found guilty, he knew well what kind of damage he would cause.

Particularly given that I was told Schulte himself reached out to Russia at some point (I’m not convinced this is accurate; it may reflect a misunderstanding of discovery), I find what he said about another nation-state — and he named Russia — obtaining the documents to be particularly interesting.

To be fair to Schulte, when he allegedly leaked the documents (in April-May 2016), there was far less understanding of WikiLeaks’ ties to Russia. So these comments may reflect what he understood in March 2017, after WikiLeaks helped Russia tamper in the election.

But what Schulte describes is precisely what the CIA would have been panicking about in summer 2017, as they ratcheted up spying on WikiLeaks associates. What he described with respect to WikiLeaks’ publication is precisely what happened. With just a few exceptions (published at key moments), WikiLeaks published none of the CIA’s source code. Given what we now know of WikiLeaks’ ties to Russia, there’s a real possibility Russia obtained the files even before the US understood the full extent of Russia’s intervention in the 2016 election. As Schulte accurately describes (and I laid out here), Russia could have spent the months in the interim reverse engineering all the US operations targeting Russia and its clients.

This is something that overblown Yahoo article alluded to, but then never really considered. At precisely the moment US intelligence was beginning to understand that Assange was a Russian asset, they were never able to rule out that this is precisely what Russia did with the files.

Liar’s Poker: The Complexity of Julian Assange’s Extradition

There’s a remarkable passage in the High Court ruling granting the US appeal to extradite Julian Assange. It basically judged that the key medical expert who determined that Assange would be at risk of suicide if he were extradited, Michael Kopelman, had deliberately not told the truth in his first report on Assange about his family ties to Stella Morris and their two kids, and had not used available means to correct his falsehood afterwards.

We do not accept that Professor Kopelman was confronted with a dilemma of such difficulty as has been claimed. No reason has been put forward why, if it was felt that concern for Ms Moris’ safety made it necessary to conceal her identity, he could not simply have reported all relevant facts but indicated that he did not think it right to name her. That, indeed, is what Mr Assange’s solicitor seems to have expected him to do: her statement says that she canvassed with Professor Kopelman whether the identification of Ms Moris as Mr Assange’s partner could be deferred, and the report served, without detriment to or qualification of its conclusions or their basis. Thus she was not proposing that the report should contain anything misleading, only that for the time being Ms Moris should not be named.

Nor has any reason been given why an application could not have been made to the court pursuant to rule 19.9 of the Criminal Procedure Rules which enables material to be withheld in appropriate circumstances. But in any event, even making every allowance for his being placed in a difficult situation, we cannot agree with the judge’s view that Professor Kopelman did not fail in his professional duty. As the judge found, he made at least two statements which were misleading; and we see no escape from the inference that he did so deliberately, having decided to obscure certain facts in order to avoid mentioning the obviously-relevant facts of Ms Moris’ recent and continuing relationship and of the children whom she had by Mr Assange. At the conclusion of his first report, and in accordance with rule 19.4 of the Criminal Procedure Rules, he signed a declaration in the form required by paragraph 19B.1 of the Criminal Practice Direction. In this, he stated amongst other things –

“(vii) I have exercised reasonable skill and care in order to be accurate and complete in preparing this report.

(viii) I have endeavoured to include in my report those matters, of which I have knowledge or of which I have been made aware, that might adversely affect the validity of my opinion. I have clearly stated any qualifications to my opinion. …

(x) I will notify those instructing me immediately and confirm in writing if for any reason my existing report requires any correction or qualification.”

In our view, Professor Kopelman plainly did not comply with those statements, because in his first report he chose not to state what he knew of the relationship between Mr Assange and Ms Moris when opining on the effects of Mr Assange’s “solitary confinement” in the Embassy and the risk of suicide; and subsequently he failed to correct his report or to make clear his earlier knowledge of the relationship. We regret to say that declaration (viii) was simply untrue. His second report did nothing to correct the misleading impressions created by the first. On the contrary, it maintained his silence about his knowledge at the time of the first report.

With all respect to the judge, we cannot agree with her implicit finding that Professor Kopelman’s failings could be excused or overlooked merely because his conduct could be viewed as “an understandable human response”. Many people mislead courts for reasons which might be understandable but that does not excuse the behaviour and it is incompatible with the obligations of an expert witness to do so. Nor was it relevant to the judge’s assessment of his evidence that she had learned of Mr Assange’s relationship with Ms Moris before she read the medical evidence: it was no thanks to Professor Kopelman that she had done so.

There were, therefore, substantial reasons for the judge to question the impartiality and reliability of Professor Kopelman’s opinion. With respect to the judge, we would have expected to see a rather fuller analysis than she gave of her reasons for deciding that she could accept his evidence not least because it was central to the success of Mr Assange on the single ground which led to his discharge.

The question for this court, however, is whether she was entitled to accept his evidence. Mr Lewis confirmed that the USA did not submit to the judge that the professor’s evidence was inadmissible and should be excluded but rather that it should be given little weight, particularly where it was not supported by other expert evidence or contemporary medical records. In the end the argument before the judge devolved to one of weight. It is highly unusual for the court to be considering an expert witness whom a judge has found to have given misleading evidence but whose evidence has nonetheless been accepted. [my emphasis]

Because the US did not argue that his testimony was, as a result, inadmissible, but instead argued his testimony should be given little weight, the High Court ruled they were unable to second guess Vanessa Baraitser’s ruling, which relied heavily on Kopelman’s opinion. For that reason, the High Court rejected US’ two bases for appeal tied to Kopelman’s opinion.

Nevertheless, the High Court accepted that US assurances that Assange would not be subjected to solitary confinement unless he does something new to merit it were sufficient to grant the extradition request.

Ground 2: Having decided that the threshold for discharge under section 91 was met, the judge ought to have notified the USA of her provisional view to afford it the opportunity of offering assurances to the court;

[snip]

Ground 5: The USA has now provided the United Kingdom with a package of assurances which are responsive to the judge’s specific findings in this case. In particular, the US has provided assurances that Mr Assange will not be subject to SAMs or imprisoned at ADX (unless he were to do something subsequent to the offering of these assurances that meets the tests for the imposition of SAMs or designation to ADX). The USA has also provided an assurance that they will consent to Mr Assange being transferred to Australia to serve any custodial sentence imposed on him if he is convicted.

[snip]

The first and fourth assurances wholly exclude the possibility of Mr Assange being made subject to SAMs, or detained at the ADX, either pretrial or after conviction, unless, after entry of the assurances, he commits any future act which renders him liable to such conditions of detention. It is difficult to see why extradition should be refused on the basis that Mr Assange might in future act in a way which exposes him to conditions he is anxious to avoid.

The ultimate effect is that, unless Assange succeeds in his own appeal of this or the underlying decision, then Priti Patel will soon face the decision of whether or not to extradite him.

These two issues go to the dubious credibility of both sides. The High Court ruled that Kopelman did not give unvarnished expert opinion (he was in no way the only one of WikiLeaks’ experts to do so), but found that could not, at this point, affect the legal analysis. And it found that US assurances that US jails would treat Assange humanely were sufficient, even though I believe there is a high likelihood that Assange will do something that ends up getting  him put in some form of isolation.

WikiLeaks has lied systematically throughout this extradition process — about why Assange was charged when he was, about what he was charged with, about how strong the case against him is, about what a Yahoo article actually said. I have described how a very close Assange associate ordered me, in advance of the first extradition hearing, to stop doing factual reporting on Joshua Schulte’s case because it would undermine the story about journalism WikiLeaks wanted to tell, which is one way I’m absolutely certain the lying is intentional. They have affirmatively told a story that was most useful to their propaganda effort, one they knew to be false.

It’s bad enough that WikiLeaks has chosen to lie over and over in Assange’s defense.

But out of a combination of sloppiness and willful ethical failures, press organizations and journalists have replicated those lies, claiming to do so in the name of “journalism.” In effect, press NGOs and journalists have spent the last two years stating that the lying and hacking that WikiLeaks does is what they do — a claim that I fear will backfire in the future. You can’t defend journalism by lying, but that is what Assange has induced journalists and their advocates to do, the world over.

That said, the US is little more credible. There’s scant reason to credit US assurances on jail and prison conditions. That’s true — and would be true for all international extradition cases — because our jails and prisons are shamefully inhumane. But it’s also true because a national security defendant like Assange would have little leeway before triggering more severe restrictions.

This is an example where neither side should be credited.

But that doesn’t change the danger. The way in which DOJ has applied the Espionage Act poses a grave threat to journalism.

17 of the 18 charges against Assange criminalize things that journalists also do: soliciting and publishing classified information.

The 18th charge is a hacking conspiracy, one that extends from efforts to hack multiple targets in 2010, including a WikiLeaks dissident, through the Stratfor hack, includes WikiLeaks’ efforts to exploit their role in helping Edward Snowden flee to Russia, right up to WikiLeaks’ efforts to recruit CIA SysAdmins like Joshua Schulte to hack the CIA, though the indictment stops short of WikiLeaks’ publication of those hacked files. There is nothing controversial about the CFAA charge — and, indeed, people who support privacy should be outraged about some of this (and this is not the only surveillance of private citizens I’ve heard about). A lot of people have been duped to cheerlead really invasive hacking and spying, if done by WikiLeaks, in the name of journalism.

The hacking charge parallels the Espionage charges, which is central to underlying extradition ruling. Judge Baraitser used the way these efforts worked in parallel to distinguish Assange from journalists.

[Baraitser] distinguished what Assange does from what journalists do because, as alleged in the indictment and in actual fact, hacking is such a central part of what Assange does. It’s not clear she would have gotten to this ruling without the language included in the superseding indictment (a superseding indictment which, again, virtually all Assange boosters either willfully ignore or are genuinely ignorant exists). But as it happened, she relied heavily on the language in the superseding indictment and very clearly distinguished what Assange does from what journalists do.

Of particular interest (because this is the language in the indictment that I believe sets up adding Vault 7 to the indictment), Baraitser accepted the US government’s description of Assange recruiting people to hack.

Mr. Assange, it is alleged, had been engaged in recruiting others to obtain information for him for some time. For example, in August 2009 he spoke to an audience of hackers at a “Hacking at Random” conference and told them that unless they were a serving member of the US military they would have no legal liability for stealing classified information and giving it to Wikileaks. At the same conference he told the audience that there was a small vulnerability within the US Congress document distribution system stating, “this is what any one of you would find if you were actually looking”. In October 2009 also to an audience of hackers at the “Hack in the Box Security Conference” he told the audience, “I was a famous teenage hacker in Australia, and I’ve been reading generals’ emails since I was 17” and referred to the Wikileaks list of “flags” that it wanted captured. After Ms. Manning made her disclosures to him he continued to encourage people to take information. For example, in December 2013 he attended a Chaos computer club conference and told the audience to join the CIA in order to steal information stating “I’m not saying don’t join the CIA; no, go and join the CIA. Go in there, go into the ballpark and get the ball and bring it out”.

Again, it’s not just that Assange solicited people to share classified information with him (which journalists do), but that he also explicitly encourages people to hack to get it.

She further used European privacy protections to distinguish Assange’s bulk publication of the identities of US and Coalition (therefore, also UK) informants from journalism.

She distinguished Assange’s publication online (in bulk, though that distinction is less clear and not one of great comfort to someone who also publishes online) from traditional journalism.

More importantly, Baraitser talked about the balancing involved in Article 10 (particularly with regards to the right of private life).

The defence submits that, by disclosing Ms. Manning’s materials, Mr. Assange was acting within the parameters of responsible journalism. The difficulty with this argument is that it vests in Mr. Assange the right to make the decision to sacrifice the safety of these few individuals, knowing nothing of their circumstances or the dangers they faced, in the name of free speech. In the modern digital age, vast amounts of information can be indiscriminately disclosed to a global audience, almost instantly, by anyone with access to a computer and an internet connection. Unlike the traditional press, those who choose to use the internet to disclose sensitive information in this way are not bound by a professional code or ethical journalistic duty or practice. Those who post information on the internet have no obligation to act responsibly or to exercise judgment in their decisions. In the modern era, where “dumps” of vast amounts of data onto the internet can be carried out by almost anyone, it is difficult to see how a concept of “responsible journalism” can sensibly be applied.

[comparison with other outlets and their condemnation of him]

The law already constrains in various ways what may be published in order to avoid damage to private interests. For example, the High Court recently awarded damages against the Associated Newspaper Ltd, after the MailOnline website published an article , reporting on the arrest of the claimant in the aftermath of the Manchester Arena bombing, and disclosing details capable of leading to his identification (Alaedeen Sicri v Associated Newspapers Limited, [2020] EWHC 3541 (QB)). Free speech does not comprise a ‘trump card’ even where matters of serious public concern are disclosed (see Stoll above), and it does not provide an unfettered right for some, like Mr. Assange, to decide the fate of others, on the basis of their partially informed assessment of the risks.

This was not necessarily a national security stance. Rather, in language that would apply equally to Assange’s indiscriminate publication of the DNC and Podesta emails (as well as the publication of the Turkish and Saudi emails), Baraitser argued that Assange’s publication in bulk was not protected because it did not and could not properly weigh the risk to others.

That’s scant comfort for the way Assange’s prosecution could be used against actual journalists, though, for several reasons. First, the Espionage Act charges still criminalize actions that journalists do, including the publication of classified information. Plus, the US First Amendment protects publication, not journalists, and so the distinction Baraitser made works less well in the US. And the US has none of the privacy protections that Baraitser used to distinguish his indiscriminate publication of informant identities (though it should).

In other words, unless the charges — or the way they’re presented — change between now and trial, ultimately the application of them to Assange would be a dangerous precedent given US law.

They may well change. The US government may have plans to make an argument that — even key press defenders have said — would make the Espionage Act charges more palatable: by, in effect, declaring Assange a spy. That’s one of the reasons I find the sealed ex parte filing submitted in the Joshua Schulte case on August 4 of such interest, because it seems so reactive to what is going on in the Assange extradition.

To understand why I think this is a possibility, it’s important to understand key details about the timeline leading up to Assange’s charges, details that WikiLeaks has worked very hard to obscure:

  • As CNN reported in a 2017 piece that Julian Assange’s expert professed to be unable to find with Google, “The US view of WikiLeaks and Assange began to change after investigators found what they believe was proof that WikiLeaks played an active role in helping Edward Snowden, a former NSA analyst, disclose a massive cache of classified documents.” Snowden’s own book gave significant reason to believe this went well beyond simply fleeing to Russia. In any case, once Assange helped Snowden flee, WikiLeaks had eliminated the “NYTimes problem” DOJ faced if they prosecuted Assange for things real news outlets also do, because whatever else journalists do to protect their own sources, they don’t help the intelligence officers of one country flee to a hostile country.
  • Just before Obama left office, the review of WikiLeaks’ role in the Russian election operation changed the view of the Obama Administration. It’s impossible to know whether that would have led Obama to charge Assange if he had more time. But there’s reason to believe that developments people like to blame on Trump — like increased surveillance of Assange — were set in motion before Trump came in.
  • The 2017 release of hacked CIA tools — the publication that led Mike Pompeo to call WikiLeaks a hostile non-state intelligence agency and to consider and in some cases implement more onerous steps against Assange — not only involved the same actions currently charged for the Manning leaks (including the apparently selective publication of CIA officer identities), but it also involved efforts to extort the US government and even the President’s son. Additionally, the concern about WikiLeaks’ treatment of the CIA leak was not just or even primarily about the files that got released, but the files that WikiLeaks was hoarding; that’s what the government was really trying to understand when they conducted some of the more aggressive spying on WikiLeaks associates: what WikiLeaks was doing with the CIA’s source code, the vast majority of which is still unaccounted for.
  • In addition to the Vault 7 release, after Roger Stone almost got Trump to shut down the entire Russian investigation in June 2017, later in 2017 DOJ started investigating Assange’s role in the 2016 operation, an investigation that at least by 2018 encompassed the question of whether he was an Agent of Russia. Particularly about these topics, Assange repeatedly foregrounded Russian-favored storylines during his extradition, rather than the truth.
  • The surveillance that ratcheted up starting in summer 2017 and especially in December 2017 reportedly bore fruit. That month, according to even WikiLeaks-friendly sources speaking to Yahoo, Russia tried to exfiltrate Assange. This is a core detail of the Yahoo story that WikiLeaks has otherwise embraced, one that likely affects everything that came later. Julian Assange was not charged in 2016 after he helped Russia tamper in the US election. He was not charged in April 2017 after the Vault 7 release. He was charged the day the Russians tried to exfiltrate him. The Espionage Act charges that pose such a threat to journalism only came in May 2019, at least 8 months after DOJ started investigating whether Assange was a Russian Agent based on his 2016 conduct and two years after they significantly ramped up surveillance of him. The second superseding indictment that Assange boosters like to ignore includes conduct that extends through 2015 and incorporates multiple hacking conspiracies (in a single count) and his actions with regards to Edward Snowden. None of that changes the danger the Espionage Act charges pose to journalism. But it means they post-date the time when Russia came to fetch Assange.

In 2020, as part of a presumptively cynical attempt to coerce Jeremy Hammond to testify against Assange in a grand jury, prosecutors on this case asserted, as fact, that Assange is a Russian spy.

I don’t know whether that’s true or not — or whether the government would ever share its evidence to make the case, much less prove that he was a Russian spy during all the current charged acts going back to 2010. I know of plenty of circumstantial evidence going back even before 2009 that makes it plausible (here’s a compendium of some, but not all, of that evidence I know of). If that were proven, it would suggest Assange is — and may have been since he convinced Chelsea Manning to keep stealing documents, some of which she didn’t personally work with — a spy, using a classic technique of recruiting people using one motive to serve a very different one. It’d be a brilliant way to convince a lot of people to ruin their lives if that were true.

I’m not going to persuade the boosters nor, probably, is anything the US government would be willing to say in unclassified form. But I invite Assange boosters to consider whether they would continue their own activism for him if they were convinced of that fact. (There’s absolutely a case to be made for doing so, particularly for non-Americans.) More importantly, I invite journalists and journalism NGOs, particularly the ones who have been telling partial truths, lies of omissions, or magnifying brazen falsehoods, to consider what that would mean for their profession, if after spending two years proclaiming that what Assange does is what journalists do it were revealed that Assange was not what the deliberate lies WikiLeaks is telling proclaim him to be.

I’d like to protect journalism. That requires opposing the Espionage Act charges against Assange for obtaining classified information and publishing it. But it also requires telling the truth about Julian Assange.

What today’s High Court judgment confirms is that neither side can be trusted.

DOJ’s Ex Parte Classified Plans for Joshua Schulte — and Maybe, Julian Assange

Update: The High Court has overturned Baraitser’s ruling, finding that the US should have had an opportunity to give the assurances it has since given that Assange will not be subjected to solitary confinement. I expect Assange will appeal immediately.

Per a tweet from Stella Morris, the decision in the appeal of a Vanessa Baraitser’s decision denying the US extradition request for Julian Assange on humanitarian grounds will be announced Friday at 10:15 GMT. Because of something that happened in the High Court extradition hearing, I want to point to some things that happened in the Joshua Schulte docket in recent months.

On August 5, DOJ filed notice of an ex parte classified status letter in the Schulte case.

The Government respectfully submits this letter to provide notice of an ex parte, classified status letter submitted yesterday.

By filing an ex parte classified status letter, the government would have informed the judge (then Paul Crotty but the case has since been reassigned to Judge Jesse Furman) something about the case, without sharing it with Schulte or the public. The letter would have been filed five years to the day after the start date, August 4, 2016, for searches DOJ has described that Schulte did on WikiLeaks, Edward Snowden, and (as described elsewhere) Shadow Brokers.

In addition to the numerous searches for “wikileaks” which commenced on August 4, 2016, SCHULTE also conducted multiple related Searches, including: prior to the March 7, 2017 release of the Classified Information, “assange” (Julian Assange is the founder and “editor-in-chief’ of WikiLeaks.org), “snowden its time,” “wikileaks code,” and “wikileaks 2017”-and after the March 7, 2017 release of the Classified Information, “wikileaks public opinion,” and “officials were aware before the WikiLeaks release of a loss of sensitive information.”

On September 23, the government wrote a letter to Judge Crotty, voicing its support for adjourning Schulte’s trial date — which at that point was scheduled for October 25, two days before Assange’s extradition hearing — and revisiting the schedule after November 1, several days after the extradition hearing.

The Government respectfully submits this letter in response to the defendant’s request to adjourn the trial date, currently scheduled for October 25, 2021. (D.E. 495). As discussed at the pretrial conference held on September 15, 2021, the Government consents to the defendant’s request for an adjournment. We respectfully suggest that the Court enter an order adjourning the trial sine die, and the Government will provide an update with respect to our views on an appropriate trial date by November 1, 2021.

On September 26, Yahoo published a story that made claims about assassination discussions that, the story itself revealed, were overblown. The story debunked WikiLeaks’ claims that the charges against Assange were political retaliation pertaining to the Russian investigation from Trump. It corroborated the obvious temporal link between the initial charge against Assange and a Russian exfiltration attempt. And it provided details of CIA’s clandestine plans to limit the damage of the still (then, and now) unreleased Vault 8 source code of CIA’s hacking tools. There’s reason to believe WikiLeaks has known aspects of those damage mitigation plans for at least two years, via means they do not want to disclose.

Since its publication, WikiLeaks has used the story to try to suggest that the DOJ extradition should not go forward, but the British judges who heard the appeal seemed unimpressed by tales of CIA outrage about WikiLeaks’ hoarding CIA’s hacking tools.

As part of the extradition hearing on October 28, according to the WikiLeaks’ Twitter account, the lawyer representing the US in Assange’s extradition hearing, James Lewis, asserted that if this effort to extradite Assange fails, they can just start again with another extradition request.

Note: I looked for a more credible source for this quotation than WikiLeaks, which has been sowing more propaganda than usual in recent months, but did not find it quoted by other credible journalists. For the purposes of this post, though, I will accept this as accurate. A representative for US DOJ said that if this extradition attempt fails, Lewis seemed to suggest, DOJ can ask the UK to extradite on a different indictment.

Shortly after the extradition hearing, on November 5, in response to an order from Judge Furman, DOJ proposed March 21, 2022 as the earliest feasible trial date, largely because of expected CIPA proceedings, but in part because of whatever DOJ discussed in that August 4 ex parte classified status letter.

Although the Government is available for trial at any time in the first or second quarters of 2022, the Government does not believe it would be practical to schedule the trial prior to March 2022.

[snip]

The proposed trial date also takes into consideration matters discussed in the Government’s ex parte letter submitted on August 4, 2021. Accordingly, in order to afford sufficient time both for the likely upcoming CIPA litigation and for the parties to prepare for trial with the benefit of any supplemental CIPA rulings, the Government believes that the earliest practical trial date for this matter would be March 21, 2022.

March 21 would be two weeks after the five year anniversary of the first publication of Vault 7, the less harmful development notes stolen from the CIA, but with them, the names or pseudos of several colleagues that Schulte allegedly scapegoated. That would be the likely date for any statutes of limitation on another CFAA conspiracy to toll.

That is, this timing would provide DOJ an opportunity to learn the fate of Assange’s first, declassified charges through 2015, in case DOJ wanted to ask for extradition on a second case charging actions since 2015.

Admittedly, one explanation for that August 4 filing could be that DOJ obtained new evidence (though if it is evidence Schulte will ultimately get, it should not be ex parte). But given Lewis’ comment and the timing of DOJ’s various updates about trial schedule, one explanation is that DOJ would ask to extradite Assange for the Vault 7 publications (and related actions that have nothing to do with journalism) if the current extradition effort fails.

Ultimately, Schulte’s decisions have created a further delay than the one the government proposed. Because Schulte’s expert, Steve Bellovin, has limited availability due to his teaching schedule, the trial is scheduled to start on June 13, 2022, more than six years after Schulte allegedly stole the files in question.

Depends on what happens tomorrow, though, we may learn sooner what that ex parte filing was.