Posts

emptywheel

A Busy Day for the Bears

Yesterday, there were three arguably big events associated with stolen records alleged to have ties to Russia’s GRU.

Simon Biles treats her ADHD

The first is the leak, by a group explicitly calling itself Fancy Bear (though the hack was once tied to Polish Anonymous), of anti-doping agency records showing the Williams sisters and Simone Biles all got approval for and took drugs on a list of otherwise banned substances. While there are no allegations of impropriety — indeed, Biles explained that in her case the exception involved treating ADHD — the story got covered by the major international press, including the Beeb, NBC, and NYT.

Colin Powell rants

The second alleged-Bear event is the release of Colin Powell emails, obtained by DC Leaks, to The Intercept, BuzzFeed, and Politico. The emails include quite recent ones, including one from August 26. Powell now uses GMail, suggesting his emails should be harder to hack than (for example) his State emails on AOL or emails run on a private server. Whether you worry about Russian influence or not, this hack is quite newsworthy.

There are embarrassing emails with Powell asserting that “Everything HRC touches she kind of screws up with hubris,” as well as emails with Powell complaining about Trump’s racism and the press’ stoking of it.

The emails are not limited to election-related ones, either. They also include correspondence between Powell and Jack Straw and how the Chilcot report got buried in all the Brexit news.

Guccifer 2 goes mainstream

dncarchitecture_mc

Finally, there was the “appearance” at a security conference by Guccifer 2.0, the guy who has released the DNC emails that gave the Democrats an excuse to force Debbie Wasserman Schultz’s to resign, though they had been looking for an excuse for some time.

In point of fact, Guccifer 2.0 didn’t appear in person at the conference. Rather, he sent a speech which got read at the conference, with the transcript released to journalists. The speech focused on the negligence of software companies in security. Guccifer went on for several paragraphs about the power and sloppiness of tech companies, arguing they were to blame for hacks.

The next reason, and the crucial one, is software vulnerability. Tech companies hurry to finish the work and earn money. So they break development cycle very often omitting the stage of testing. As a result, clients have raw products installed on their systems and networks with a great number of bugs and holes.

Fourth. It’s well known that all large companies look forward to receiving governmental contracts. They develop governmental websites, communication systems, electronic voting systems, and so on and have their products installed to critical infrastructure objects on the national level.

They are aggressively lobbying their interests. You can see it at the diagram that they spent millions of dollars for lobbying. That doesn’t mean they will produce better software. That means they will get even more money in return.

Then he returned to a claim he has made on two earlier occasions: that he hacked DNC via a vulnerability in VAN.

So, what’s the right question we should ask about cyber crime?

Who hacked a system?

Wrong. The right question is: who made it possible that a system was hacked? In this regard, what question should you ask me?

How I hacked the DNC???

Now you know this is a wrong question. Who made it possible, that I hacked into the DNC? This is the question. And I suppose, you already know the answer. This is NGP VAN Company that operates the DNC network. And this is its CEO Stu Trevelyan who is really responsible for the breach.

Their software is full of holes. And you knew about it even before I came on stage.

You may remember Josh Uretsky, the national data director for Sander’s presidential campaign. He was fired in December, 2015 after improperly accessing proprietary data in the DNC system. As it was agreed, he was intentionally searching for voter information belonging to other campaigns.

However, he is not to blame. The real reason voter information became available for non-authorized users was NGP VAN’s raw software which had holes and errors in the code. And this is the same reason I managed to get access to the DNC network. Vulnerabilities in the NGP VAN software installed on its server which they have plenty of. Shit! Yeah?

This scheme shows how NGP VAN is incorporated in the DNC infrastructure.

One of two schemes released with the speech appears above.

Now, Guccifer’s allegation — tying vulnerabilities in the VAN software to his own hack — could be newsworthy. Recall, after all, that one excuse the Bernie staffer gave for nosing around Hillary’s side of VAN was that Sanders’ own data had been compromised earlier that year. Importantly, Guccifer’s persistent focus on VAN, which was a signature moment in Sanders’ voters disillusionment with the DNC conduct in the election, would provide an alternative motive for this hack rather than just a Putinesque plot to tamper with Hillary’s election.

Thing is, there’s nothing in the materials released on VAN that indicates any particular vulnerability (though the dump does include some dated information on DNC’s computer security): effectively Guccifer makes an allegation but — at least from what I’ve seen and heard from a few people who know security better — doesn’t deliver the goods.

Indeed, while there are documents acknowledging the kind of pay-to-play appointments for big donors that both parties practice, and some other financial data that I suspect may prove more interesting with further scrutiny, there’s nothing really newsworthy in this dump. It seems to be interesting primarily to Bernie diehards, not the press generally, which is rightly more interested by the Powell emails.

Which, again, emphasizes how much Guccifer has been feeding Bernie diehards, either out of his own motivation or his handler’s. It is worth noting that while Guccifer claims to oppose Trump’s policies, he did say this about Sanders: “I have nothing to say about Bernie Sanders. It seems he never had a chance to win the nomination as the Democratic Party itself stood against him!”

Why stomp on the Bears other big blasts?

Which has me wondering about yesterday generally. If someone is orchestrating all these leaks, why have Guccifer “give a speech” on the same day as two highly managed releases, especially given that Guccifer failed to deliver the goods? Indeed, why invite Guccifer to, or have him accept an invitation from, a pretty staid security conference at all?

And what is the role of Darren Martyn, a LulzSec Irish hacker who was indicted along with Jeremy Hammond but apparently never extradited. He’s apparently the one who read Guccifer’s speech. Which raises all sorts of questions about Guccifer’s ties to the Anon group of hackers, or maybe also to what Martyn has been doing since he was indicted in the US.

Let me just close with an observation.

The Democrats have, rightly, been worried about what Guccifer will release closer to the election; I’ve heard specific concerns from connected Dems that he will release far more damning financial documents. The FBI, too, appears uncertain whether the set of documents Guccifer has is the same that the GRU-related hackers are believed to have spied on at the DNC. Thus, both the DNC and FBI would love to do something to make Guccifer show more of his hand.

Before this hack, we were all just waiting to see what Julian Assange, who is clearly maximizing damage to Hillary, will drop next.

And instead, by inviting Guccifer to appear at a conference, someone got Guccifer to drop an additional 700 MB of files while everyone is busy looking at the Powell emails.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Did Wikileaks Do US Intelligence Bidding in Publishing the Syria Files?

Consider this nutty data point: between CNN’s Reliable Sources and NBC’s Meet the Press, Julian Assange was on more Sunday shows today than John McCain, with two TV appearances earlier this week.

Sadly, even in discussions of the potential that the DNC hack-plus-publication amounts to tampering with US elections, few seem to understand that evidence at least suggests that Wikileaks — not its allegedly Russian source — determined the timing of the release to coincide with the Democratic National Convention. Guccifer 2, at least, was aiming to get files out earlier than Wikileaks dumped them. So if someone is tampering, it is Julian Assange who, I’ve noted, has his own long-standing gripes with Hillary Clinton (though he disclaims any interest in doing her harm). If his source is Russia, that may just mean they had mutual interest in the publication of the files; but Assange claims to have determined the timing.

Since Wikileak’s role in the leak has been downplayed even as Assange has made the media rounds, since the nation’s spooks claim that publishing these documents is what makes it different, I want to consider this exchange Assange had with Chuck Todd:

CHUCK TODD:

All right. Let me ask you this. Do you, without revealing your source on this, do you accept information and leaked documents from foreign governments?

JULIAN ASSANGE:

Well, our publishing model means that what we publish is guaranteed to be true. That’s what we’re concerned about. That’s what our readers are concerned about. That’s the right of the general public, to not–

[snip]

CHUCK TODD:

Does that not trouble you at all, if a foreign government is trying to meddle in the affairs of another foreign government?

JULIAN ASSANGE:

Well, it’s an interesting speculative question that’s for the press and others to perhaps–

CHUCK TODD:

That doesn’t bother you? That is not part of the WikiLeaks credo?

JULIAN ASSANGE:

Well, it’s a meta story. If you’re asking would we accept information from U.S. intelligence that we had verified to be completely accurate, and would we publish that, and would we protect our sources in U.S. intelligence, the answer is yes, of course we would. [my emphasis]

Sure, at one level this is typical Assange redirection. When Todd asked if he’d accept files from Russia, Assange instead answered that he would accept them from the United States.

But it may not be so farcical as it seems. Consider the case of the Syria Files Wikileaks posted in spring 2012, at the beginning of the time the US was engaging in covert operations in Syria. They contained embarrassing information on Bashar al-Assad, his wife, and close associates, as well as documents implicating western companies that had facilitated Assad’s repression. Even at the time, people asked if the files were a western intelligence pys-op, though they were explicitly sourced to various factions of Anonymous. Then, between Jeremy Hammond and Sabu’s sentencing processes, it became clear that in January 2012, the latter identified targets for Anonymous hackers, targets that include the Syrian government.

An informant working for the F.B.I. coordinated a 2012 campaign of hundreds of cyberattacks on foreign websites, including some operated by the governments of Iran, Syria, Brazil and Pakistan, according to documents and interviews with people involved in the attacks.

Exploiting a vulnerability in a popular web hosting software, the informant directed at least one hacker to extract vast amounts of data — from bank records to login information — from the government servers of a number of countries and upload it to a server monitored by the F.B.I., according to court statements.

[snip]

The sentencing statement also said that Mr. Monsegur directed other hackers to give him extensive amounts of data from Syrian government websites, including banks and ministries of the government of President Bashar al-Assad. “The F.B.I. took advantage of hackers who wanted to help support the Syrian people against the Assad regime, who instead unwittingly provided the U.S. government access to Syrian systems,” the statement said.

What’s not known (as multiple reports say is still not known about the DNC hack) is whether the specific files the Sabu-directed Anonymous hackers obtained were the same ones that Wikileaks came to publish, though the timing certainly works out. It’s a very distinct possibility. In which case Assange’s comment may be more than redirection, but instead a reminder that Wikileaks has played the analogous role in US-directed hack-and-publish operation, one designed to damage Assad and his western allies. If those documents did ultimately come via FBI direction of Sabu, then Assange might be warning US spooks that their own similar actions could be exposed if he were asked to reveal more about any Russian role in the DNC hack.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Two (Three, Four?) Data Points on DNC Hack: Why Does Wikileaks Need an Insurance File?

Actually, let me make that three data points. Or maybe four.

First, Reuters has reported that the DCCC has also been hacked, with the hacker apparently believed to be the same entity (APT28, also believed to be GRU). The hackers created a spoof version of ActBlue, which donors use to give money to campaigns.

The intrusion at the group could have begun as recently as June, two of the sources told Reuters.

That was when a bogus website was registered with a name closely resembling that of a main donation site connected to the DCCC. For some time, internet traffic associated with donations that was supposed to go to a company that processes campaign donations instead went to the bogus site, two sources said.

The sources said the Internet Protocol address of the spurious site resembled one used by Russian government-linked hackers suspected in the breach of the DNC, the body that sets strategy and raises money for the Democratic Party nationwide.

That would mean hackers were after either the donations themselves, the information donors have to provide (personal details including employer and credit card or other payment information), or possibly the bundling information tied to ActBlue.

Second, Joe Uchill, who wrote one of the stories — on two corrupt donors to the Democratic Party — that preceded both publication at the Guccifer 2 site and Wikileaks, said Guccifer gave him the files for the story because Wikileaks was dawdling in publishing what they had.

Screen Shot 2016-07-29 at 12.59.01 PM
Guccifer posted some of the documents Uchill used here.

This detail is important because it says Julian Assange is setting the agenda (and possibly, the decision to fully dox DNC donors) for the Wikileaks release, and that agenda does not perfectly coincide with Guccifer’s (which is presumed to be a cut-out for GRU).

As I’ve noted, Wikileaks has its own beef with Hillary Clinton, independent of whom Vladimir Putin might prefer as President or any other possible motive for Russia to do this hack.

Now consider this bizarre feature of several high level leak based stories on the hack: the claim of uncertainty about how the files got from the hackers to Wikileaks. This claim, from NYT, seems bizarrely stupid, as Guccifer and Wikileaks have both said the former gave the latter the files.

The emails were released by WikiLeaks, whose founder, Julian Assange, has made it clear that he hoped to harm Hillary Clinton’s chances of winning the presidency. It is unclear how the documents made their way to the group. But a large sampling was published before the WikiLeaks release by several news organizations and someone who called himself “Guccifer 2.0,” who investigators now believe was an agent of the G.R.U., Russia’s military intelligence service

The claim seems less stupid when you consider these two cryptic comments from two equally high level sourced piece from WaPo. In a story on FBI’s certainty Russia did the hack(s), Ellen Nakashima describes that the FBI is less certain that Russia passed the files to Wikileaks.

What is at issue now is whether Russian officials directed the leak of DNC material to the anti-secrecy group WikiLeaks — a possibility that burst to the fore on the eve of the Democratic National Convention with the release of 20,000 DNC emails, many of them deeply embarrassing for party leaders.

The intelligence community, the officials said, has not reached a conclusion about who passed the emails to WikiLeaks.

“We have not drawn any evidentiary connection to any Russian intelligence service and WikiLeaks — none,” said one U.S. official. Doing so will be a challenge, in part because the material may not have been passed electronically. [my emphasis]

The claim appears this way in a more recent report.

The bureau is trying to determine whether the emails obtained by the Russians are the same ones that appeared on the website of the anti-secrecy group WikiLeaks on Friday, setting off a firestorm that roiled the party in the lead-up to the convention.

The FBI is also examining whether APT 28 or an affiliated group passed those emails to WikiLeaks, law enforcement sources said.

Now, the doubts about whether the files were passed electronically is thoroughly fascinating. I assume the NSA has Assange — and potentially even the Wikileaks drop — wired up about 100 different ways, so the questions about whether the files were passed electronically may indicate that they didn’t see them get passed in such a fashion.

Add in the question of whether they’re even the same emails! We know the DCCC hack is targeting donor information. The Wikileaks release included far more than that. Which raises the possibility GRU is only after donor information (which is part of, but just one part of, what Guccifer has released).

But then there’s this detail. On June 17, Wikileaks released an insurance file — a file that will be automatically decrypted if Wikileaks is somehow impeded from releasing the rest of the files. It has been assumed that the contents of that file are just the emails that were already released, but that is almost certainly not the case. After all, Wikileaks has already released further documents (some thoroughly uninteresting voice mails that nevertheless further impinge on the privacy of DNC staffers). They have promised still more, files they claim will be more damaging. Indeed, Wikileaks claims there’s enough in what they have to indict Hillary, though such claims should always be taken with a grain of salt. Correction: That appears to have been a misunderstanding about what Assange said about the previously released State emails.

But here’s the other question.

There’s no public discussion of Ecuador booting Assange from their Embassy closet (though I’m sure they’re pretty tired of hosting him). His position — and even that of Wikileaks generally — seems pretty stable.

So why does Assange believe they need an insurance file? I don’t even remember the last time they issued an insurance file (update: I think it was when they released an insurance file of Chelsea Manning’s documents). So is there someone else in the process that needs an insurance file? Is there someone else in the process that would use the threat of full publication of the files (which presumably is going to happen anyway) to ensure safety?

I’ll leave that question there.

That said, these data point confirms there are at least two players with different motivations: Wikileaks, and the Russian hackers. But the FBI isn’t even certain whether the files the Russians took are the same that Wikileaks released, which might suggest a third party.

Meanwhile, James Clapper (who thankfully is willing to poo poo claims that hacks that we ourselves do are unique) seems very interested in limiting the panic about this hack.

Update: Oh! I forgot this fifth data point. This absolutely delightful take-down of Debbie Wasserman Schultz includes this claim that Wikileaks has malware in its site, which I’ve asked around and doesn’t seem to be true.

Staff members were briefed in a Tuesday afternoon meeting in Washington that their personal data was part of the hack, as were Social Security numbers and other information for donors, according to people who attended. Don’t search WikiLeaks, they were told — malware is embedded throughout the site, and they’re looking for more data.

Who told the DNC Wikileaks is releasing malware, and why?

Update: here’s what the malware claim is about: When it posted the “AKP emails,”  WL either added or did not remove a bunch of malware included in those emails, and as a result, that malware is still posted at the site. That is, the malware is associated with a separate set of documents available at the site.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

FBI Is Not “Surveilling” WikiLeaks Supporters in Its Never-Ending Investigation; Is It “Collecting” on Them?

The FOIA for records on FBI’s surveillance of WikiLeaks supporters substantially ended yesterday (barring an appeal) when Judge Barbara Rothstein ruled against EPIC. While she did order National Security Division to do a more thorough search for records, she basically said the agencies had properly withheld records under Exemption 7(A) for its “multi-subject investigation into the unauthorized disclosure of classified information published on WikiLeaks, which is ‘still active and ongoing’ and remains in the investigative stage.” (Note, the claim that the investigation is still in what FBI calls an investigative stage, which I don’t doubt, is nevertheless dated, as the most recent secret declarations in this case appear to have been submitted on April 25, 2014, though Rothstein may not have read them until after she approved such ex parte submissions on July 29 of last year.)

In so ruling, Rothstein has dodged a key earlier issue, which is that all three entities EPIC FOIAed (DOJ’s Criminal and National Security Division and FBI) invoked a statutory Exemption 3 from FOIA, but refused to explain what statute they were using.

2 Defendants also rely on Exemptions 1, 3, 5, 6, 7(C), 7(D), 7(E), and 7(F). The Court, finding that Exemption 7(A) applies, does not discuss whether these alternative exemptions may apply.

I have argued — and still strongly suspect — that the government was relying, in part, on Section 215 of PATRIOT, as laid out in this post.

In addition to the Exemption 3 issue Rothstein dodged, though, there were three other issues that were of interest in this case.

First, we’ve learned in the 4 years since EPIC filed this FOIA that their request falls in the cracks of the language the government uses about its own surveillance (which it calls intelligence, not surveillance). EPIC asked for:

  1. All records regarding any individuals targeted for surveillance for support for or interest in WikiLeaks;
  2. All records regarding lists of names of individuals who have demonstrated support for or interest in WikiLeaks;
  3. All records of any agency communications with Internet and social media companies including, but not limited to Facebook and Google, regarding lists of individuals who have demonstrated, through advocacy or other means, support for or interest in WikiLeaks; and
  4. All records of any agency communications with financial services companies including, but not limited to Visa, MasterCard, and PayPal, regarding lists of individuals who have demonstrated, through monetary donations or other means, support or interest in WikiLeaks. [my emphasis]

As I’ve pointed out in the past, if the FBI obtained datasets rather than lists of the people who supported WikiLeaks from Facebook, Google, Visa, MasterCard, and PayPal, FBI would be expected to deny it had lists of such supporters, as it has done. We’ve since learned about the extent to which it does collect datasets when carrying out intelligence investigations.

Then there’s our heightened understanding of the words “target” and “surveillance” which are central to request 1. The US doesn’t target a lot of Americans, but it does collect on them. And when it does so — even if it makes queries that return their identifiers — it doesn’t consider that “surveillance.” That is, the FBI would only admit to having responsive data to request 1 if it were obtaining FISA or Title III warrants against mere supporters of WikiLeaks, rather than — say — reading their email to Julian Assange, whom FBI surely has targeted and still targets under Section 702 and other surveillance authorities, or even, as I guarantee you has happened, looked up people after the fact and discovered they had previous conversations with Assange. We’ve even learned that NSA collects vast amounts of Internet communications that talk “about” a targeted person’s selector, meaning that Americans’ communications might be pulled if they used WikiLeaks or Assange’s Internet identifiers in the body of their emails or chats. None of that would count as “targeted” “surveillance,” but it is presumably among the kinds of things EPIC had in mind when it tried to learn how FBI’s investigation of WikiLeakas was implicating completely innocent supporters.

I noted the way FBI’s declaration skirted both these issues some years ago, and everything we’ve learned since only raises the likelihood that FBI is playing a narrow word game to claim that it doesn’t have any responsive records, but out of an act of generosity it nevertheless considered the volumes of FBI records that are related to the request that it nevertheless has declared 7(A) over. Rothstein’s order replicates the use of the word “targeting” to discuss FBI’s search, suggesting the distinction is as important as I suspect.

Plaintiff first argues that the release of records concerning individuals who are simply supporting WikiLeaks could not interfere with any pending or reasonably anticipated enforcement proceeding since their activity is legal and protected by the First Amendment. Pl.’s Cross-Mot. at 14. This argument is again premised on Plaintiff’s speculation that the Government’s investigation is targeting innocent WikiLeaks supporters, and, for the reasons previously discussed, the Court finds it lacks merit.

All  of which brings me to the remaining interesting subtext of this ruling.

Five years after the investigation into WikiLeaks must have started in earnest, 20 months after Chelsea Manning was found guilty for leaking the bulk of the documents in question, and over 10 months since Rothstein’s most recent update on the “investigation” in question, Rothstein is convinced these records may adequately be withheld because there is an active investigation.

While it’s possible DOJ is newly considering charges related to other activities of WikiLeaks — perhaps charges relating to WikiLeaks’ assistance to Edward Snowden in escaping from Hong Kong, though like Manning’s verdict, that was over 20 months ago — it’s also very likely the better part of whatever ongoing investigation into WikiLeaks is ongoing is an intelligence investigation, not a criminal one. (See this post for my analysis of the language they used last year to describe the investigation.)

Rothstein is explicit that DOJ still has — or had, way back when she read fresh declarations in the case — a criminal investigation, not just an intelligence investigation (which might suggest Assange’s asylum in the Ecuador Embassy in London is holding up something criminal).

In stark contrast to the CREW panel, this Court is persuaded that there is an ongoing criminal investigation. Unlike the vague characterization of the investigation in CREW, Defendants have provided sufficient specificity as to the status of the investigation, and sufficient explanation as to why the investigation is of long-term duration. See e.g., Hardy 4th Decl. ¶¶ 7, 8; Bradley 2d Decl. ¶ 12; 2d Cunningham Decl. ¶ 8.

Yet much of her language (which, with one exception, relies on the earliest declarations submitted in this litigation) sounds like that reflecting intelligence techniques as much as criminal tactics.

Here, the FBI and CRM have determined that the release of information on the techniques and procedures employed in their WikiLeaks investigation would allow targets of the investigation to evade law enforcement, and have filed detailed affidavits in support thereof. Hardy 1st Decl. ¶ 25; Cunningham 1st Decl. ¶ 11. As Plaintiff notes, certain court documents related to the Twitter litigation have been made public and describe the agencies’ investigative techniques against specific individuals. To the extent that Plaintiff seeks those already-made public documents, the Court is persuaded that their release will not interfere with a law enforcement proceeding and orders that Defendants turn those documents over.

[snip]

In the instant case, releasing all of the records with investigatory techniques similar to that involved in the Twitter litigation may, for instance, reveal information regarding the scope of this ongoing multi-subject investigation. This is precisely the type of information that Exemption 7(A) protects and why this Court must defer to the agencies’ expertise.

I’m left with the impression that FBI has reams of documents responsive to what EPIC was presumably interested in — how innocent people have had their privacy compromised because they support a publisher the US doesn’t like — but that they’re using a variety of tired dodges to hide those documents.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

DOJ Continues Its “Multi-Subject” Investigation of WikiLeaks

As I noted some weeks ago, the judge in EPIC’s FOIA for materials on the investigation into supporters of WikiLeaks asked for an update. The government provided that update last night.

It said it still must withhold all documents responsive to EPIC’s FOIA because two investigations pertaining to WikiLeaks are ongoing: Chelsea Manning’s appeal, and the investigation into WikiLeaks proper.

There are at least two separate categories of “enforcement proceedings” relevant to defendants’ Exemption 7(A) analysis, and those two separate categories of law enforcement proceedings are progressing on different tracks. One set consists of those enforcement proceedings directly related to the military prosecution of Army Pfc. Manning, which falls within the jurisdiction of the Department of Defense (“DoD”). Since this case was originally briefed, Manning was tried and convicted by a military court, as noted above. The court-martial remains ongoing, in the appellate phase.

The second type of enforcement proceeding, generally, is the DOJ’s civilian criminal/national security investigation(s) into the unauthorized disclosure of classified information that was published on the WikiLeaks website. The investigation of the unauthorized disclosure is a multi-subject investigation and is still active and ongoing. While there have been developments in the investigation over the last year, the investigation generally remains at the investigative stage. It is this second category of enforcement proceeding that is actually more central to defendants’ Exemption 7(A) withholdings in this case.

Note, DOJ says the investigation is “multi-subject.” Further, it describes it as an “civilian criminal/national security” investigation. It’s worth noting that the sealed declaration providing more detail on the investigation comes from Mark Bradley, in DOJ’s National Security Division, not from FBI. (I take my observation that the sealed declaration is from Bradley back: the motion is inconsistent on whom the sealed declaration is from. While the table on page 4 lists Bradley, it says the declaration is from FBI. The reference to a fourth declaration from David Hardy on page 9 suggests the declaration is from him.)

I’ll have a bit more to say about this later.

Update: One more observation: the description says there are “at least two” separate categories, suggesting there may be still another investigative matter.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Judge in WikiLeaks FOIA Cites “Events that Have Transpired,” Government Claims FOIA Is “Improper”

Back in 2011, the Electronic Privacy Information Center sued to enforce a FOIA for documents on FBI’s investigation of WikiLeaks supporters. In response, the government cited an ongoing investigation exemption. But they also cited a statutory exemption, claiming some law prevented them from releasing the records on investigations into WikiLeaks supporters. Unusually, DOJ refused to name the law in question. For that reason, and because my suspicions of how Section 215 gets used suggested it would make a spectacular tool for investigating a group of WikiLeaks supporters, I suggested that the statute was likely Section 215.

Since then, we’ve seen indications of NSA involvement in the investigation into WikiLeaks, though without any details from before EPIC’s FOIA.

And until March 11, that’s where things stood, with the government claiming it couldn’t release records about its investigation into completely innocent supporters of a publishing outlet and the judge (who had been newly assigned to the case in April 2013) doing nothing with the government’s motion for summary judgement.

On March 11, however, Judge Barbara Jacobs Rothstein ordered DOJ and EPIC to submit briefs updating her on the status of the investigation into WikiLeaks and with it the government’s ongoing investigation exemption, but not its claimed statutory exemption.

The Court takes judicial notice that events have transpired during that time that may cause the government’s position to to have changed. Therefore, the Court instructs the government to update its position regarding Plaintiff’s FOIA request, particularly with respect to the government’s invocation of exemption 7(A).

The language of her order suggests two things. First, if Rothstein is asking whether the 7(A) ongoing investigation exemption remains active, it suggests she’s may not accept the government’s statutory exemption 3 to completely withhold these documents. And she doesn’t say what the “events” that “have transpired” are, but it’s probably not any developments in the WikiLeaks investigation, as that’s what she says she doesn’t know. That makes it likely the Snowden leaks and related official disclosures have made the exemption 3, the basis for which she knows about from classified declarations, moot.

That’s all tea leaf reading. And even if I’ve read the tea leaves correctly, it doesn’t mean I’m right about Section 215. After all, back door searches on collection targeted at Julian Assange (who, as a foreign citizen and alleged spy, would be a legal target under Section 702 or even generally) would be a useful investigation into WikiLeaks supporters as well, though there’s abundant reason to believe dragnet queries serve as the basis for back door searches. Still, I think it’s likely that something that has been released and declassified since last April has mooted the government’s secret statutory claims.

The government, having sat on Judge Rothstein’s April 11 deadline from March 11 until Tuesday, is now stalling for time. (h/t JG; links to come shortly) On Tuesday, the lawyer who inherited this case claimed she has another case that prevents her from writing 10 pages on the status of the WikiLeaks investigation. But also that she needs more time to consult with the “defendant agencies.”

In addition, the draft supplemental brief will require review within the Department of Justice and defendant agencies before it may be filed.

EPIC’s not buying it, citing from the judge’s previous orders warning against extensions and stating clearly that business in other matters is not a good excuse. EPIC also described DOJ’s sleazy post-business hours effort to provide notice. and noted this is precisely the kind of thing Judge Rothstein had said would get a motion summarily denied.

Ms. Zeidner Marcus also did not timely notify Plaintiff’s counsel of her plans to file this Motion for Extension of Time. Ms. Zeidner Marcus first contacted Ms. McCall on April 8, 2014, the date that the filing was due, after ordinary business hours. Ms. Zeidner Marcus first emailed Ms. McCall on April 8, 2014 at 5:01 PM and followed up at approximately 5:30 PM that day with a telephone call. This did not give Ms. McCall sufficient time to consider Ms. Zeidner Marcus’ request or to consult with Ms. McCall’s co-counsel ,Mr. Rotenberg, regarding that request. Ms. Zeidner Marcus then filed her Motion for Extension of Time at 11:23 PM on the same day (April 8, 2014).

To which DOJ responded by accusing EPIC of filing an “improper” FOIA.

This case involves plaintiff’s attempts to improperly use the Freedom of Information Act to seek information about ongoing criminal investigations.

Remember, the underlying issue here is that DOJ shouldn’t be investigating innocent supporters of a publishing outlet. But DOJ believes trying to learn how and why they are doing so is an improper FOIA.

Meanwhile, DOJ sources admitted last November that they can’t really charge Assange without charging the NYT as well.

Justice officials said they looked hard at Assange but realized that they have what they described as a “New York Times problem.” If the Justice Department indicted Assange, it would also have to prosecute the New York Times and other news organizations and writers who published classified material, including The Washington Post and Britain’s Guardian newspaper, according to the officials, who spoke on the condition of anonymity to discuss internal deliberations.

Which, I guess, explains the rudeness and urgent need for one more month. Because if the government loses both its ongoing investigation and its statutory exemptions, they might have to explain why they used national security tools against people exercising free speech.

Update: The Judge gave the government half the extension they requested, to April 25.

In light of the fact that the motion was not timely filed and that press of business is not an adequate reason for an extension, the Court will not grant the request for a thirty day extension. Instead, the Court will grant an extension to and including April 25, 2014. Plaintiff’s opposition shall be filed on or before May 12, 2014. The reply shall be file on or before May 19, 2014. In the future, the Court expects the parties to comply with the terms of the Standing Order in this case.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Obama’s Stubbornness and the Risk of Snowden

At the outset of this post, let me lay out my following assumptions (I can’t prove these points, but I suspect them):

  • The documents released so far by Guardian and WaPo — information on the Section 215 program, PRISM, and the PPD on cyberwar — have done negligible damage to our security (indeed, even Sheldon Whitehouse, a big defender of these programs, said the government should have been transparent about them earlier)
  • China already knew the content of Edward Snowden’s public revelations about our hacking into Chinese networks (we know China’s compromises of us, so it is unlikely China, which is more successful and aggressive at hacking than we are, doesn’t know our compromises of it); the revelations on this front so far have served primarily to even out the playing field on mutual accusations of hacking
  • Snowden personally (and his laptops) have information that China and Russia could both find of more use, particularly given that some of our programs targeting them were run out of HI
  • Snowden may also have things that might be of use to others, such as organized crime (If I were planning on longevity and had access, for example, I would take some zero day exploits when I left the NSA, though the street value of them would diminish once NSA had inventoried what I took)
  • The reporting I’ve seen has not confirmed reports that either China or Russia has debriefed Snowden or scanned his computers (indeed, this report on China’s involvement in his departure from Hong Kong suggests they did not talk with him directly)
  • Julian Assange knows where Snowden is, leading to the possibility he has escaped Russia to a country that has not yet been named in reports of Snowden’s escape (named countries have included Venezuela, Cuba, Ecuador, and Iceland)

All of that is a roundabout way of saying that Snowden could do great damage to the US, but may not have yet, and certainly hadn’t by the time he first revealed himself in Hong Kong.

If that’s right, then it seems the Obama approach has been precisely the wrong approach in limiting potential damage to national security. The best way to limit damage, for example, would be to get Snowden to a safe place where our greatest adversaries can’t get to him, where we could make an eternal stink about his asylum there, but still rest easy knowing he wasn’t leaking further secrets. Indeed, if he were exiled in some place like France, we’d likely have more influence over what he was allowed to do than if he gets to Ecuador, for example.

The most likely approach to lead to further damage, however, is to charge him with Espionage. This not only raises the specter of the treatment we’ve given Bradley Manning — giving Snowden Denise Lind’s judgement that Manning’s rights were violated to include in any asylum application — but also easily falls under what states can call political crimes, which permits them to ignore extradition requests. That is, we appear to be pursuing the approach that could lead to greater damage.

By contrast, letting Snowden get someplace safe is perfectly equivalent to letting the CIA off for torture (or, for that matter, James Clapper off for lying to Congress). It’s a violation of rule of law, but it also serves to minimize the tremendous damage the spooks might do to retaliate. Obama has chosen this path already when the criminals were his criminals; he clearly doesn’t have the least bit of compunction of setting aside rule of law for pragmatic reasons. But in Snowden’s case, he seems to be pursuing a strategy that not only might increase the likelihood of damage, but also lets China and Russia retaliate for perceived slights along the way.

All this is just an observation. I believe Obama’s relentless attacks on whistleblowers and his ruthless enforcement of information asymmetry have actually raised the risk of something like this. And he seems to be prioritizing proving the power of the US (which has, thus far, only proved our diminishing influence) over limiting damage Snowden might do.

Update: This fearmongering WaPo article nevertheless quotes a former senior US official admitting that what Snowden has released so far wouldn’t help China or Russia.

A former senior U.S. official said that the material that has leaked publicly would be of limited use to China or Russia but that if Snowden also stole files that outline U.S. cyber-penetration efforts, the damage of any disclosure would be multiplied.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

The International Manhunt for WikiLeaks

One of the things DOJ is protecting from FOIA in Electronic Privacy Information Center’s suit is information other governments have shared with the US on the investigation.

According to FBI’s David Harvey, this includes classified information from foreign governments.

(45) E.O. 13526, § 1.4(b) authorizes the classification of foreign government information. E.O. 13526, § 6.1(s) defines foreign government information as: “(1) information provided to the United States Government by a foreign government or governments, an international organization of governments, or any element thereof, with the expectation that the information, the source of the information, or both, are to be held in confidence; (2) information produced by the United States Government pursuant to or as a result of a joint arrangement with a foreign government or governments, or an international organization of governments, or any element thereof, requiring that the information, the arrangement, or both, are to be held in confidence; or (3) information received and treated as ‘foreign government information’ under the terms of a predecessor order.”

(46) Many foreign governments do not officially acknowledge the existence of some of their intelligence and security services, or the scope of their activities or the sensitive information generated by them. The free exchange of information between United States intelligence and law enforcement services and their foreign counterparts is predicated upon the understanding that these liaisons, and information exchanged between them, must be kept in confidence.

(47) The release of official United States Government documents that show the existence of a confidential relationship with a foreign government reasonably could be expected to strain relations between the United States and the foreign governments and lead to diplomatic, political, or economic retaliations. A breach of this relationship can be expected to have at least a chilling effect on the free flow of vital information to the United States intelligence and law enforcement agencies, which may substantially reduce their effectiveness. Although the confidential relationship of the United States with certain countries may be widely reported, they are not officially acknowledged. (48) Disclosure of such a relationship predictably will result in the careful analysis and possible compromise of the information by hostile intelligence services. The hostile service may be able to uncover friendly foreign intelligence gathering operations directed against it or its allies. This could lead to the neutralization of friendly allied intelligence activities or methods or the death of live sources, cause embarrassment to the supplier of the information, or result in economic or diplomatic retaliation against both the United States and the supplier of the information.

(49) Even if the government from which certain information is received is not named in or identifiable from the material it supplies, the danger remains that if the information were to be made public, the originating government would likely recognize the information as material it supplied in confidence. Thereafter, it would be reluctant to entrust the handling of its information to the discretion of the United States.

(50) The types of classified information provided by foreign government intelligence components can be categorized as: (a) information that identifies a named foreign government and detailed information provided by that foreign government; (b) documents received from a named foreign government intelligence agency and classified “Secret” by that agency; and (c) information that identifies by name, an intelligence component of a specific foreign government, an official of the foreign government, and information provided by that component official to the FBI.

[snip]

(51) The cooperative exchange of intelligence information between the foreign governments and the FBI was, and continues to be, with the express understanding that the information will be kept classified and not released to the public. Disclosure of the withheld information would violate the FBI’s promise of confidentiality. Read more

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

DOJ: We Can’t Tell Which Secret Application of Section 215 Prevents Us From Telling You How You’re Surveilled

As Mike Scarcella reported yesterday, the government has moved for summary judgment in an Electronic Privacy Information Center FOIA suit for details on the government’s investigation into WikiLeaks. EPIC first FOIAed these materials in June 2011. After receiving nothing, they sued last January.

The government’s motion and associated declarations would be worth close analysis in any case. All the more so, though, in light of the possibility that the government conducted a fishing expedition into WikiLeaks as part of its Aaron Swartz investigation, almost certainly using PATRIOT Act investigative techniques. The government’s documents strongly suggest they’re collecting intelligence on Americans, all justified and hidden by their never ending quest to find some excuse to throw Julian Assange in jail.

EPIC’s FOIA asked for information designed to expose whether innocent readers and supporters of WikiLeaks had been swept up in the investigation. It asked for:

  1. All records regarding any individuals targeted for surveillance for support for or interest in WikiLeaks;
  2. All records regarding lists of names of individuals who have demonstrated support for or interest in WikiLeaks;
  3. All records of any agency communications with Internet and social media companies including, but not limited to Facebook and Google, regarding lists of individuals who have demonstrated, through advocacy or other means, support for or interest in WikiLeaks; and
  4. All records of any agency communications with financial services companies including, but not limited to Visa, MasterCard, and PayPal, regarding lists of individuals who have demonstrated, through monetary donations or other means, support or interest in WikiLeaks. [my emphasis]

At a general level, the government has exempted what files it has under a 7(A) (ongoing investigation) exemption, while also invoking 1 (classified information), 3 (protected by statute), 5 (privileged document), 6 (privacy), 7(C) (investigative privacy), 7(D) (confidential source, which can include private companies like Visa and Google), 7(E) (investigative techniques), and 7(F) (endanger life or property of someone) exemptions.

No one will say what secret law they’re using to surveil Americans

But I’m most interested in how all three units at DOJ — as reflected in declarations from FBI’s David Hardy, National Security Division’s Mark Bradley, and Criminal Division’s John Cunningham — claimed the files at issue were protected by statute.

None named the statute in question. All three included some version of this statement, explaining they could only name the statute in their classified declarations.

The FBI has determined that an Exemption 3 statute applies and protects responsive information from the pending investigative files from disclosure. However, to disclose which statute or further discuss its application publicly would undermine interests protected by Exemption 7(A), as well as by the withholding statute. I have further discussed this exemption in my in camera, ex parte declaration, which is being submitted to the Court simultaneously with this declaration

In fact, it appears the only reason that Cunningham submitted a sealed declaration was to explain his Exemption 3 invocation.

And then, as if DOJ didn’t trust the Court to keep sealed declarations secret, it added this plaintive request in the motion itself.

Defendants respectfully request that the Court not identify the Exemption 3 statute(s) at issue, or reveal any of the other information provided in Defendants’ ex parte and in camera submissions.

DOJ refuses to reveal precisely what EPIC seems to be seeking: what kind of secret laws it is using to investigate innocent supporters of WikiLeaks.

By investigating a publisher as a spy, DOJ gets access to PATRIOT Act powers, including Section 215

There’s a very very large chance that the statute in question is Section 215 of the PATRIOT Act (or some other national security administrative subpoena). After all, the FOIA asked whether DOJ had collected business records on WikiLeaks supporters, so it is not unreasonable to assume that DOJ used the business records provision to do so.

Moreover, the submissions make it very clear that the investigation would have the national security nexus to do so. While the motion itself just cites a Hillary Clinton comment to justify its invocation of national security, both the FBI and the NSD declarations make it clear this is being conducted as an Espionage investigation by DOJ counterintelligence people, which — as I’ve been repeating for over two years — gets you the full PATRIOT Act toolbox of investigative approaches.

Media outlets take note: The government is, in fact, investigating a publisher as a spy. You could be next.

Read more

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Our Government’s UnPATRIOTic Investigation of Aaron Swartz

As I noted back in December 2010, as soon as Eric Holder declared WikiLeaks’ purported crime to be Espionage, it opened up a whole slew of investigative methods associated with the PATRIOT Act. It allowed the government to use National Security Letters to get financial and call records. It allowed them to use Section 215 orders to get “any tangible thing.” And all that’s after FISA Amendments Act, which permits the government to bulk collect “foreign intelligence” on a target overseas–whether or not that foreign target is suspected of Espionage–that includes that target’s communications with Americans. The government may well be using Section 215 to later access the US person communications that have been collected under an FAA order, though that detail is one the government refuses to share with the American people.

At no point would a judge have the opportunity to challenge Holder’s assertion that a website publishing documents offered up anonymously is engaged in Espionage. All it would take is Holder’s assertion that it was, and those investigative powers would become available.

No matter how many Americans got sucked up into that investigation.

Which is why I find it interesting that Aaron Swartz’ lawyers were asking, last summer–but got only indirect answers–about how the government had collected some of the evidence, particularly emails, turned over to the grand jury.

This paragraph asked the government to “identify the origin of any and all statements of Aaron Swartz including but not limited to emails, text messages, chats, documents, memoranda or letters, i.e., to identify the source from which each statement was received and the legal procedure used to obtain each such statement of the defendant.” Swartz has received in discovery internet memoranda and chats purporting to be from him. For example, the discovery contains a number of chats on googlegroups.com which contain entries which facially indicate that Swartz was a participant in the communications. The discovery also contains a number of emails which on their faces indicate that they were either to or from Swartz. Swartz requires the additional information requested – the source of these statements and the procedure used by the government to obtain them – to enable him to move to suppress such statements if grounds exist to do so, which he cannot determine without the requested information.

The government offered this explanation.

In Paragraph 15, the defendant would require the government to identify the origin of any and all statements of Aaron Swartz in its possession and the legal procedure used to obtain the statements. All of the emails, text messages, chat sessions, and documents containing statements provided by the defendant relevant to this case were obtained either from individuals with whom the defendant communicated or from publicly available websites stored on the Internet. No emails, texts messages, chat logs, or documents were obtained from Internet service providers using orders under 18 U.S.C. 2703(d). As previously represented to defense counsel, there was no court-authorized electronic surveillance in this case. [my emphasis]

The government admits the defense has asked for the content and origin of all Aaron’s statement in its possession. In response, it described how it had gotten Aaron’s statements relevant to this case–which may well be just a subset of Aaron’s statements in their possession. It also says that it did not obtain any of his statements (presumably referring to the larger potential universe) using 18 USC 2703(d), which is how DOJ demanded Twitter information on four WikiLeaks figures in late 2010 to early 2011. It suggests everything it got relevant to this case was either willingly from people involved in private conversations with him–though it didn’t say whether it asked for them specifically or not–or from publicly available places. And it alludes to an earlier representation to the defense about whether or not it had intercepted Aaron’s communications in this case.

I believe these are the representations in question, which comes from early discovery discussions in August 2011.

C. Electronic Surveillance under Local Rule 1 16.1 (C)(l)(c)

No oral, wire, or electronic communications of the defendant as defined in 18 U.S.C. § 2510 were intercepted relating to the charges in the indictment.

D. Consensual Interceptions under Local Rule 1 16.1 (C)(l)(d)

There were no interceptions (as the term “intercept” is defined in 18 U.S.C. § 2510(4)) of wire, oral, or electronic communications relating to the charges contained in the indictment, made with the consent of one of the parties to the communication in which the defendant was intercepted or which the government intends to offer as evidence in its case-in-chief.

As you can see, in this statement the government made in August 2011 anticipated some of the same dodges the government was making in June 2012.

But in the earlier statement, the limitation on its assertions are even narrower than the later one. Whereas by June 2012 they were making assertions about “this case” in general, when they first discussed the issue, they discussed only the communications related to “the charges contained in the indictment” (though presumably they may have still been considering other charges).

Also, the second paragraph makes it very clear it is discussing intercepts only as defined under the Title III definition for intercept, which pertains to communications collected in transit. I’m not sure what the government considers communications collected under FISA and stored, though I would not be surprised, given all the discussions about the government yoking Section 215 onto FAA if they had some creative treatment of those US person communications.

None of that is proof that they had accessed Swartz’ communications via other means or, indeed, that they have any communications outside those pertaining directly to JSTOR downloads.

But their very careful hedges sure seem to leave that possibility open.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.