Posts

Tit-for-Tat: What Mike Flynn’s 302 Reveals about the Lies He Told

Last week, I wrote this post arguing that Mike Flynn’s 302 (FBI interview report) shows what Flynn was hiding when he lied to the FBI: In addition to his most fundamental lie — that he and Sergei Kislyak had talked about Russia moderating its response to new Obama sanctions, Flynn lied about his coordination with KT McFarland, who was with Trump at Mar-a-Lago.

Since people are still wondering why Flynn lied, I thought I’d write it up to make it even more plain. This post relies on these sources:

As Flynn’s Statement of the Offense lays out, Obama signed the Executive Order imposing new sanctions on December 28, 2016.

On or about December 28, 2016, then-President Barack Obama signed Executive Order 13757, which was to take effect the following day. The executive order announced sanctions against Russia in response to that government’s actions intended to interfere with the 2016 presidential election (“U.S. Sanctions”).

Flynn admitted that Kislyak contacted him the day Obama imposed the sanctions.

On or about December 28, 2016, the Russian Ambassador contacted FLYNN.

Flynn told the FBI that was a text that, because of poor connectivity in Dominican Republic, he didn’t see for a day. (I suspect this is also a lie, but it is possible.)

Shortly after Christmas, 2016, FLYNN took a vacation to the Dominican Republic with his wife. On December 28th, KISLYAK sent FLYNN a text stating, “Can you call me?”

Sometime in the day after Obama imposed the sanctions, Lisa Monaco gave her successor, Tom Bossert, a heads up about how angry the Russians were, making it clear the Obama Administration had formally contacted them.

Obama administration officials were expecting a “bellicose” response to the expulsions and sanctions, according to the email exchange between Ms. McFarland and Mr. Bossert. Lisa Monaco, Mr. Obama’s homeland security adviser, had told Mr. Bossert that “the Russians have already responded with strong threats, promising to retaliate,” according to the emails.

That suggests that the Obama Administration formally alerted the Russians before Kislyak’s text and alerted the Trump Transition not long after. That is, the Flynn-Kislyak contacts occurred after Obama had informed both sides, if not Flynn directly.

In spite of that formal notification, Flynn attributed any delay in responding to Kislyak to Dominican Republic’s poor cell phone reception. He claims (probably assuming the only communications the FBI would ever review would be Kislyak’s communications) that he saw the text on the 29th, took a bit of time, then called the Russian Ambassador.

FLYNN noted cellular reception was poor and he was not checking his phone regularly, and consequently did not see the text until approximately 24 hours later. Upon seeing the text, FLYNN responded that he would call in 15-20 minutes, and he and KISLYAK subsequently spoke.

What Flynn didn’t tell the FBI is that, per his allocution, he spoke with KT McFarland immediately before his call with Kislyak (importantly, this is true whether he really didn’t find out until the 29th or if there was a longer conversation with McFarland).

On or about December 29, 2016, FLYNN called a senior official of the Presidential Transition Team (“PTT official”), who was with other senior ·members of the Presidential Transition Team at the Mar-a-Lago resort in Palm Beach, Florida, to discuss what, if anything, to communicate to the Russian Ambassador about the U.S. Sanctions. On that call, FLYNN and the PTT official discussed the U.S. Sanctions, including the potential impact of those sanctions on the incoming administration’s foreign policy goals. The PTT official and FLYNN also discussed that the members of the Presidential Transition Team at Mar-a-Lago did not want Russia to escalate the situation.

Immediately after his phone call with the PTT official, FLYNN called the Russian Ambassador and requested that Russia not escalate the situation and only respond to the U.S. Sanctions in a reciprocal manner.

The account of the timing of discussions both at Mar-a-Lago and with advisors who were dispersed across the globe in the NYT story is vague. Though NYT makes it clear that one email, at least, described the Flynn call with Kislyak prospectively.

As part of the outreach, Ms. McFarland wrote, Mr. Flynn would be speaking with the Russian ambassador, Mr. Kislyak, hours after Mr. Obama’s sanctions were announced.

One of those emails, importantly, included the following talking points.

Obama is doing three things politically:

  • discrediting Trump’s victory by saying it was due to Russian interference
  • lure trump into trap of saying something today that casts doubt on report on Russia’s culpability and then next week release report that catches Russia red handed
  • box trump in diplomatically with Russia. If there is a tit-for-tat escalation trump will have difficulty improving relations with Russia which has just thrown USA election to him. [my emphasis]

Per the NYT, that email appears to have been forwarded to — among others — Flynn.

Mr. Bossert forwarded Ms. McFarland’s Dec. 29 email exchange about the sanctions to six other Trump advisers, including Mr. Flynn; Reince Priebus, who had been named as chief of staff; Stephen K. Bannon, the senior strategist; and Sean Spicer, who would become the press secretary.

One thing makes it more likely that Flynn received McFarland’s email (or at least equivalent talking points via phone), and received it before he returned the call to Kislyak. When the Agents moved to the stage of the interview where — per Peter Strzok’s later description — “if Flynn said he did not remember something they knew he said, they would use the exact words Flynn used,” they quoted that “tit-for-tat” language.

The interviewing agents asked FLYNN if he recalled any conversation with KISLYAK in which the expulsions were discussed, where FLYNN might have encouraged KISLYAK not to escalate the situation, to keep the Russian response reciprocal, or not to engage in a “tit-for-tat.” FLYNN responded, “Not really. I don’t remember. It wasn’t, “Don’t do anything.” [my emphasis]

So whether Flynn saw this language in an email first, it seems clear he spoke to McFarland — who was coordinating all this from Mar-a-Lago, where Trump was — before he spoke with Kislyak. And that’s important, because Flynn claimed he had no idea that the US had expelled a bunch of Russian diplomats “until it was in the media.”

The U.S. Government’s response was a total surprise to FLYNN. FLYNN did not know about the Persona-Non-Grata (PNG) action until it was in the media.  KISLYAK and FLYNN were starting off on a good footing and FLYNN was looking forward to the relationship. With regard to the scope of the Russians who were expelled, FLYNN said he did not understand it. FLYNN stated he could understand one PNG, but not thirty-five.

It’s possible that Flynn didn’t learn about the expulsions until Obama’s press releases on the 29th, if he didn’t check with McFarland before that. Except he also claimed the FBI that he didn’t have access to TV news in DR.

FLYNN noted he was not aware of the then-upcoming actions as he did not have access to television news in the Dominican Republic and his government BlackBerry was not working.

In context in his 302, though, that seems to be offered as a substantiating detail to support his claim that he didn’t know about the expulsions before he spoke with Kislyak — or, indeed, the even crazier claim that Kislyak didn’t raise it on that call, regardless of what Flynn knew going into the call.

The interviewing agents asked FLYNN is he recalled any conversation with KISLYAK surrounding the expulsion of Russian diplomats or closing of Russian properties in response to Russian hacking activities surrounding the election. FLYNN stated that he did not. FLYNN reiterated his conversation was about [Astana peace conference] described earlier.

Consider how ridiculous this lie is: Flynn wanted the FBI to believe that, having asked Flynn to contact him after Russia was informed of Obama’s sanctions, Kislyak didn’t even mention the sanctions to him.

That’s obvious nonsense. But it was a necessary to hide two things. First, that he had spoken with Kislyak about sanctions — which is what the focus has been on until now.

But claiming that he hadn’t heard about the expulsions before he called Kislyak also served to hide an equally critical detail: Flynn had not only heard of the sanctions (if he hadn’t already heard) from his deputy, KT McFarland, who was at Mar-a-Lago with Trump, but she and he and a number of other people had coordinated what he would say to Kislyak before the call. And they did do based off the belief that Obama’s actions against Russia were all a political set-up and not a sound response to Russia’s involvement in the election.

Flynn not only coordinated his messaging with McFarland, but he used language she offered, writing from Mar-a-Lago: “tit-for-tat.”

After Flynn pled guilty, McFarland spent some time cleaning up what she had told the FBI the previous summer (at a time when everyone seemed to believe their emails recording all this would never be reviewed by the FBI). According to WaPo’s coverage, McFarland,

walked back her previous denial that sanctions were discussed, saying a general statement Flynn had made to her that things were going to be okay could have been a reference to sanctions, these people said.

Flynn’s statement of the offense actually reflects two conversations that McFarland may have initially lied about — one on December 29, when Flynn reported back on his call with Kislyak, and another after his December 31 call with Kislyak, when Flynn reported back to “senior members of the Presidential Transition Team.”

Shortly after his phone call with the Russian Ambassador, FLYNN spoke with the PTT official to report on the substance of his call with the Russian Ambassador, including their discussion of the U.S. Sanctions.

On or about December 30, 2016, Russian President Vladimir Putin released a statement indicating that Russia would not take retaliatory measures in response to the U.S. Sanctions at that time.

On or about December 31, 2016, the Russian Ambassador called FLYNN and informed him that Russia had chosen not to retaliate in response to FL YNN’s request.

After his phone call with the Russian Ambassador, FLYNN spoke with senior members of the Presidential Transition Team about FL YNN’s conversations with the Russian Ambassador regarding the U.S. Sanctions and Russia’s decision not to escalate the situation.

It appears that Flynn tried to hide the entire existence of the call on December 31 (unless that’s why he claimed he had to keep calling back to Kislyak because of connectivity issues).

The interviewing agents asked FLYNN if he recalled any conversation with KISLYAK in which KISLYAK told him the Government of Russia had taken into account the incoming administration’s position about the expulsions, or where KISLYAK said the Government of Russia had responded, or chosen to modulate their response, in any way to the U.S.’s actions as a result of a request by the incoming administration. FLYNN stated it was possible that he talked to KISLYAK on the issue, but if he did, he did not remember doing so. FLYNN stated he was attempting to start a good relationship with KISLYAK and move forward. FLYNN remembered making four to five calls that day about this issue, but that the Dominican Republic was a difficult place to make a call as he kept having connectivity issues. FLYNN reflected and stated that he did not think he would have had a conversation with KISLYAK about the matter.

The point, however, is multiple people in the Transition lied about this back-and-forth involving people at Mar-a-Lago with Trump.

Their correction of those stories is probably one thing described in this redaction in Flynn’s sentencing addendum.

The fact that Flynn’s lies attempted to hide coordination with Mar-a-Lago and the Transition team generally is significant for several reasons.

First, it appears that at least KT McFarland and probably Sean Spicer were in on at least part of Flynn’s cover story. If that’s right, it would require more coordination than we’ve seen reported based on emails. It’s still unclear how much those who lied about Flynn’s conversations early in January 2017 — including Spicer but especially Mike Pence, who has not been named as receiving the emails among the Transition team — knew about Flynn’s conversations.

A perhaps more important detail, legally, is one that Ty Cobb — at the time, still working for Trump — tried to deny: at least one person in the Trump camp had assured the Obama Administration that they would not undercut Obama’s efforts to retaliate against Russia.

The Trump transition team ignored a pointed request from the Obama administration to avoid sending conflicting signals to foreign officials before the inauguration and to include State Department personnel when contacting them. Besides the Russian ambassador, Mr. Flynn, at the request of the president’s son-in-law, Jared Kushner, contacted several other foreign officials to urge them to delay or block a United Nations resolution condemning Israel over its building of settlements.

Mr. Cobb said the Trump team had never agreed to avoid such interactions. But one former White House official has disputed that, telling Mr. Mueller’s investigators that Trump transition officials had agreed to honor the Obama administration’s request.

This puts a totally different spin on Susan Rice’s role in unmasking intercepts involving Trump transition officials exhorting the Russian Ambassador to blow off Obama’s sanctions and working with Mohammed bin Zayed al-Nahyan to keep a face-to-face meeting in NY secret (and probably also other intercepts assuring Bibi Netanyahu the Trump Transition would do all they could to undercut an Obama effort to punish Israeli settlements).

Rice would have unmasked those conversations having some reason to believe that the people involved in those discussions (Flynn and Kushner) were blowing off a Trump Transition commitment not to undercut Obama policy.

Such actions, then, would appear to go beyond a mere Logan Act violation. That is, Flynn and Kushner would have appeared to be pursuing their own foreign policy agenda, not just undercutting Obama’s policy, but also undercutting Trump’s (contested) agreement not to undercut Obama’s policies at least through the transition. And they would be doing so, by appearances, in pursuit of their own personal profit.

And those seeming instances of free-lancing would have accompanied Flynn’s request (in the days before it would be exposed that his Transition calls had been intercepted) to Rice to delay arming the Kurds, at a time when he was still legally hiding this relationship with Turkey.

Ultimately, we’re almost certainly going to learn all this was done with Trump’s explicit approval.

But because Flynn made such an effort to hide that his efforts to placate the Russians (and help the Turks and carry out undisclosed conversations with the Emirates and Israel) were done on the specific direction of Trump and Kushner, it would have looked like he was undermining both the Trump Administration and the interests of the United States.

It turns out he was only doing the latter.

As I disclosed in July, I provided information to the FBI on issues related to the Mueller investigation, so I’m going to include disclosure statements on Mueller investigation posts from here on out. I will include the disclosure whether or not the stuff I shared with the FBI pertains to the subject of the post. 

Richard Burr Accuses the Obama Administration of Running Out the Clock on Election Interference

At the end of yesterday’s press conference, Richard Burr made a startling accusation. In response to a question about whether the Trump Administration hasn’t done enough to respond to Russia’s interference, Burr instead addressed DHS’ delayed notice to states about election intrusions, as if that constituted an adequate response from the Trump Administration.

In doing so, Burr accused the Obama Administration of “running out the clock” (apparently, on notifying states).

Listen, I think the Vice Chairman alluded to the fact that though it was slow, getting DHS to recognize [that states needed notice of attempted hacks on their election infrastructure], it didn’t take as long as it did for the last Administration to run the clock on it. So we’re not trying to look back and point to things that were done wrong. Everybody’s done things wrong.

The accusation is particularly galling, given Lisa Monaco’s description of her efforts to get the Gang of Eight to write a letter warning states of the thread.

In the briefings, the C.I.A. said there was intelligence indicating not only that the Russians were trying to get Mr. Trump elected but that they had gained computer access to multiple state and local election boards in the United States since 2014, officials said.

Although the breached systems were not involved in actual vote-tallying operations, Obama administration officials proposed that the eight senior lawmakers write a letter to state election officials warning them of the possible threat posed by Russian hacking, officials said.

But Senator Mitch McConnell of Kentucky, the Republican majority leader, resisted, questioning the underpinnings of the intelligence, according to officials with knowledge of the discussions. Mr. McConnell ultimately agreed to a softer version of the letter, which did not mention the Russians but warned of unnamed “malefactors” who might seek to disrupt the elections through online intrusion. The letter, dated Sept. 28, was signed by Mr. McConnell, Mr. Reid, Speaker Paul D. Ryan and Representative Nancy Pelosi, the ranking Democrat.

On Sept. 22, two other members of the Gang of Eight — Senator Dianne Feinstein and Representative Adam B. Schiff, both of California and the ranking Democrats on the Senate and House intelligence committees — released their own statement about the Russian interference that did not mention Mr. Trump or his campaign by name.

Do the math here: McConnell, Reid, Ryan, and Pelosi signed a letter saying that malefactors might try to disrupt the elections. Then Feinstein (then Burr’s counterpart on SSCI) and Schiff (Nunes’ counterpart on HPSCI) released a stronger letter blaming Russia.

Based on briefings we have received, we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the U.S. election.

At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes of the election—we can see no other rationale for the behavior of the Russians.

We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government.

We call on President Putin to immediately order a halt to this activity. Americans will not stand for any foreign government trying to influence our election. We hope all Americans will stand together and reject the Russian effort.

None of these are the precise letter that Monaco has said she was after — a letter emphasizing the risk to the polls.

Still, just two people signed no letter: Nunes (who would go on to serve in Trump’s transition team) and Burr (who not only was serving on Trump’s national security advisory committee, but was in a close race in one of the states most likely to have had the outcome affected by known Russian hacking).

And he has the gall to call out the Obama Administration?

The Compartments in WaPo’s Russian Hack Magnum Opus

The WaPo has an 8300 word opus on the Obama Administration’s response to Russian tampering in the election. The article definitely covers new ground on the Obama effort to respond while avoiding making things worse, particularly with regards to imposing sanctions in December. It also largely lays out much of the coverage the three bylined journalists (Greg Miller, Ellen Nakashima, and Adam Entous) have broken before, with new details. The overall message of the article, which has a number of particular viewpoints and silences, is this: Moscow is getting away with their attack.

“[B]ecause of the divergent ways Obama and Trump have handled the matter, Moscow appears unlikely to face proportionate consequences.”

The Immaculate Interception: CIA’s scoop

WaPo starts its story about how Russia got away with its election op with an exchange designed to make the non-response to the attack seem all the more senseless. It provides a dramatic description of a detail these very same reporters broke on December 9: Putin, who was personally directing this effort, was trying to elect Trump.

Early last August, an envelope with extraordinary handling restrictions arrived at the White House. Sent by courier from the CIA, it carried “eyes only” instructions that its contents be shown to just four people: President Barack Obama and three senior aides.

Inside was an intelligence bombshell, a report drawn from sourcing deep inside the Russian government that detailed Russian President Vladi­mir Putin’s direct involvement in a cyber campaign to disrupt and discredit the U.S. presidential race.

[snip]

The material was so sensitive that CIA Director John Brennan kept it out of the President’s Daily Brief, concerned that even that restricted report’s distribution was too broad. The CIA package came with instructions that it be returned immediately after it was read.

[snip]

In early August, Brennan alerted senior White House officials to the Putin intelligence, making a call to deputy national security adviser Avril Haines and pulling national security adviser Susan Rice side after a meeting before briefing Obama along with Rice, Haines and McDonough in the Oval Office.

While the sharing of this information with just three aides adds to the drama, WaPo doesn’t consider something else about it. The inclusion of Rice and McDonough totally makes sense. But by including Avril Haines, Brennan was basically including his former Deputy Director who had moved onto the DNSA position, effectively putting two CIA people in a room with two White House people and the President. Significantly, Lisa Monaco — who had Brennan’s old job as White House Homeland Security Czar and who came from DOJ and FBI before that — was reportedly excluded from this initial briefing.

There are a number of other interesting details about all this. First, for thousands of wordspace, the WaPo presents this intelligence as irreproachable, even while providing this unconvincing explanation of why, if it is so secret and solid, the CIA was willing to let WaPo put it on its front page.

For spy agencies, gaining insights into the intentions of foreign leaders is among the highest priorities. But Putin is a remarkably elusive target. A former KGB officer, he takes extreme precautions to guard against surveillance, rarely communicating by phone or computer, always running sensitive state business from deep within the confines of the Kremlin.

The Washington Post is withholding some details of the intelligence at the request of the U.S. government.

If this intelligence is so sensitive, why is even the timing of its collection being revealed here, much less its access to Putin?

That seemingly contradictory action is all the more curious given that not all agencies were as impressed with this intelligence as CIA was. It’s not until much, much later in its report until WaPo explains what remains true as recently as Admiral Rogers’ latest Congressional testimony: the NSA wasn’t and isn’t as convinced by CIA’s super secret intelligence as CIA was.

Despite the intelligence the CIA had produced, other agencies were slower to endorse a conclusion that Putin was personally directing the operation and wanted to help Trump. “It was definitely compelling, but it was not definitive,” said one senior administration official. “We needed more.”

Some of the most critical technical intelligence on Russia came from another country, officials said. Because of the source of the material, the NSA was reluctant to view it with high confidence.

By the time this detail is presented, the narrative is in place: Obama failed to respond adequately to the attack that CIA warned about back in August.

The depiction of this top-level compartment of just Brennan, Rice, McDonough, and Haines is interesting background, as well, for the depiction of the way McDonough undermined a State Department plan to institute a Special Commission before Donald Trump got started.

Supporters’ confidence was buoyed when McDonough signaled that he planned to “tabledrop” the proposal at the next NSC meeting, one that would be chaired by Obama. Kerry was overseas and participated by videoconference.

To some, the “tabledrop” term has a tactical connotation beyond the obvious. It is sometimes used as a means of securing approval of an idea by introducing it before opponents have a chance to form counterarguments.

“We thought this was a good sign,” a former State Department official said.

But as soon as McDonough introduced the proposal for a commission, he began criticizing it, arguing that it would be perceived as partisan and almost certainly blocked by Congress.

Obama then echoed McDonough’s critique, effectively killing any chance that a Russia commission would be formed.

Effectively, McDonough upended the table on those (which presumably includes the CIA) who wanted to preempt regular process.

Finally, even after  these three WaPo journalists foreground their entire narrative with CIA’s super duper scoop (that NSA is still not 100% convinced is one), they don’t describe their own role in changing the tenor of the response on December 9 by reporting the first iteration of this story.

“By December, those of us working on this for a long time were demoralized,” said an administration official involved in the developing punitive options.

Then the tenor began to shift.

On Dec. 9, Obama ordered a comprehensive review by U.S. intelligence agencies of Russian interference in U.S. elections going back to 2008, with a plan to make some of the findings public.

The WaPo’s report of the CIA’s intelligence changed the tenor back in December, and this story about the absence of a response might change the tenor here.

Presenting the politics ahead of the intelligence

The WaPo’s foregrounding of Brennan’s August scoop is also important for the way they portray the parallel streams of the intelligence and political response. It portrays the Democrats’ political complaints about Republicans in this story, most notably the suggestion that Mitch McConnell refused to back a more public statement about the Russian operation when Democrats were pushing for one in September. That story, in part because of McConnell’s silence, has become accepted as true.

Except the WaPo’s own story provides ample evidence that the Democrats were trying to get ahead of the formal intelligence community with respect to attribution, both in the summer, when Clapper only alluded to Russian involvement.

Even after the late-July WikiLeaks dump, which came on the eve of the Democratic convention and led to the resignation of Rep. Debbie Wasserman Schultz (D-Fla.) as the DNC’s chairwoman, U.S. intelligence officials continued to express uncertainty about who was behind the hacks or why they were carried out.

At a public security conference in Aspen, Colo., in late July, Director of National Intelligence James R. Clapper Jr. noted that Russia had a long history of meddling in American elections but that U.S. spy agencies were not ready to “make the call on attribution” for what was happening in 2016.

And, more importantly, in the fall, when the public IC attribution came only after McConnell refused to join a more aggressive statement because the intelligence did not yet support it (WaPo makes no mention of it, but DHS’s public reporting from late September still attributed the the threat to election infrastructure to “cybercriminals and criminal hackers”).

Senate Majority Leader Mitch McConnell (R-Ky.) went further, officials said, voicing skepticism that the underlying intelligence truly supported the White House’s claims. Through a spokeswoman, McConnell declined to comment, citing the secrecy of that meeting.

Key Democrats were stunned by the GOP response and exasperated that the White House seemed willing to let Republican opposition block any pre-election move.

On Sept. 22, two California Democrats — Sen. Dianne Feinstein and Rep. Adam B. Schiff — did what they couldn’t get the White House to do. They issued a statement making clear that they had learned from intelligence briefings that Russia was directing a campaign to undermine the election, but they stopped short of saying to what end.

A week later, McConnell and other congressional leaders issued a cautious statement that encouraged state election officials to ensure their networks were “secure from attack.” The release made no mention of Russia and emphasized that the lawmakers “would oppose any effort by the federal government” to encroach on the states’ authorities.

When U.S. spy agencies reached unanimous agreement in late September that the interference was a Russian operation directed by Putin, Obama directed spy chiefs to prepare a public statement summarizing the intelligence in broad strokes.

I’m all in favor of beating up McConnell, but there is no reason to demand members of Congress precede the IC with formal attribution for something like this. So until October 7, McConnell had cover (if not justification) for refusing to back a stronger statement.

And while the report describes Brennan’s efforts to brief members of Congress (and the reported reluctance of Republicans to meet with him), it doesn’t answer what remains a critical and open question: whether Brennan’s briefing for Harry Reid was different — and more inflammatory — than his briefing for Republicans, and whether that was partly designed to get Reid to serve as a proxy attacker on Jim Comey and the FBI.

Brennan moved swiftly to schedule private briefings with congressional leaders. But getting appointments with certain Republicans proved difficult, officials said, and it was not until after Labor Day that Brennan had reached all members of the “Gang of Eight” — the majority and minority leaders of both houses and the chairmen and ranking Democrats on the Senate and House intelligence committees.

Nor does this account explain another thing: why Brennan serially briefed the Gang of Eight, when past experience is to brief them in groups, if not all together.

In short, while the WaPo provides new details on the parallel intelligence and political tracks, it reinforces its own narrative while remaining silent on some details that are critical to that narrative.

The compartments

The foregrounding of CIA in all this also raises questions about a new and important detail about (what I assume to be the subsequently publicly revealed, though this is not made clear) Task Force investigating this operation: it lives at CIA, not FBI.

Brennan convened a secret task force at CIA headquarters composed of several dozen analysts and officers from the CIA, the NSA and the FBI.

The unit functioned as a sealed compartment, its work hidden from the rest of the intelligence community. Those brought in signed new non-disclosure agreements to be granted access to intelligence from all three participating agencies.

They worked exclusively for two groups of “customers,” officials said. The first was Obama and fewer than 14 senior officials in government. The second was a team of operations specialists at the CIA, NSA and FBI who took direction from the task force on where to aim their subsequent efforts to collect more intelligence on Russia.

Much later in the story, WaPo reveals how, in the wake of Obama calling for a report, analysts started looking back at their collected intelligence and learning new details.

Obama’s decision to order a comprehensive report on Moscow’s interference from U.S. spy agencies had prompted analysts to go back through their agencies’ files, scouring for previously overlooked clues.

The effort led to a flurry of new, disturbing reports — many of them presented in the President’s Daily Brief — about Russia’s subversion of the 2016 race. The emerging picture enabled policymakers to begin seeing the Russian campaign in broader terms, as a comprehensive plot sweeping in its scope.

It’s worth asking: did the close hold of the original Task Force, a hold that appears to have been set by Brennan, contribute to the belated discovery of these details revealing a broader campaign?

The surveillance driven sanctions

I’m most interested in the description of how the Obama Admin chose whom to impose sanctions on, though it includes this bizarre claim.

But the package of measures approved by Obama, and the process by which they were selected and implemented, were more complex than initially understood.

The expulsions and compound seizures were originally devised as ways to retaliate against Moscow not for election interference but for an escalating campaign of harassment of American diplomats and intelligence operatives. U.S. officials often endured hostile treatment, but the episodes had become increasingly menacing and violent.

Several of the details WaPo presents as misunderstood (including that the sanctions were retaliation for treatment of diplomats) were either explicit in the sanction package or easily gleaned at the time.

One of those easily gleaned details is that the sanctions on GRU and FSB were mostly symbolic. WaPo uses the symbolic nature of the attack on those who perpetrated the attack as a way to air complaints that these sanctions were not as onerous as those in response to Ukraine.

“I don’t think any of us thought of sanctions as being a primary way of expressing our disapproval” for the election interference, said a senior administration official involved in the decision. “Going after their intelligence services was not about economic impact. It was symbolic.”

More than any other measure, that decision has become a source of regret to senior administration officials directly involved in the Russia debate. The outcome has left the impression that Obama saw Russia’s military meddling in Ukraine as more deserving of severe punishment than its subversion of a U.S. presidential race.

“What is the greater threat to our system of government?” said a former high-ranking administration official, noting that Obama and his advisers knew from projections formulated by the Treasury Department that the impact of the election-related economic sanctions would be “minimal.”

Three things that might play into the mostly symbolic targeting of FSB, especially, are not mentioned. First, WaPo makes no mention of the suspected intelligence sources who’ve been killed since the election, most credibly Oleg Erovinkin, as well as a slew of other suspect and less obviously connected deaths. It doesn’t mention the four men Russia charged with treason in early December. And it doesn’t mention DOJ’s indictment of the Yahoo hackers, including one of the FSB officers, Dmitry Dokuchaev, that Russia charged with treason (not to mention the inclusion within the indictment of intercepts between FSB officers). There’s a lot more spy vs. spy activity going on here that likely relates far more to retaliation or limits on US ability to retaliate, all of which may be more important in the medium term than financial sanctions.

Given the Yahoo and other indictments working through San Francisco (including that of Yevgeniey Nikulin, who claims FBI offered him a plea deal involving admitting he hacked the DNC), I’m particularly interested in the shift in sanctions from NY to San Francisco, where Nikulin and Dokuchaev’s victims are located.

The FBI was also responsible for generating the list of Russian operatives working under diplomatic cover to expel, drawn from a roster the bureau maintains of suspected Russian intelligence agents in the United States.

[snip]

The roster of expelled spies included several operatives who were suspected of playing a role in Russia’s election interference from within the United States, officials said. They declined to elaborate.

More broadly, the list of 35 names focused heavily on Russians known to have technical skills. Their names and bios were laid out on a dossier delivered to senior White House officials and Cabinet secretaries, although the list was modified at the last minute to reduce the number of expulsions from Russia’s U.N. mission in New York and add more names from its facilities in Washington and San Francisco.

And the WaPo’s reports confirm what was also obvious: the two compounds got shut down (and were a priority) because of all the spying they were doing.

The FBI had long lobbied to close two Russian compounds in the United States — one in Maryland and another in New York — on the grounds that both were used for espionage and placed an enormous surveillance burden on the bureau.

[snip]

Rice pointed to the FBI’s McCabe and said: “You guys have been begging to do this for years. Now is your chance.”

The administration gave Russia 24 hours to evacuate the sites, and FBI agents watched as fleets of trucks loaded with cargo passed through the compounds’ gates.

Finally, given Congress’ bipartisan fearmongering about Kaspersky Lab, I’m most interested that at one point Treasury wanted to include them in sanctions.

Treasury Department officials devised plans that would hit entire sectors of Russia’s economy. One preliminary suggestion called for targeting technology companies including Kaspersky Lab, the Moscow-based cybersecurity firm. But skeptics worried that the harm could spill into Europe and pointed out that U.S. companies used Kaspersky systems and software.

In spite of all the fearmongering, no one has presented proof that Kaspersky is working for Russia (there are even things, which I won’t go in to for the moment, that suggest the opposite). But we’re moving close to de facto sanctions against Kaspersky anyway, even in spite of the fact (or perhaps because) they’re providing better intelligence on WannaCry than half the witnesses called as witnesses to Congress. But discrediting Kaspersky undercuts one of the only security firms in the world who, in addition to commenting on Russian hacking, will unpack America’s own hacking. You sanction Kaspersky, and you expand the asymmetry with which security firms selectively scrutinize just Russian hacking, rather than all nation-state hacking.

The looming cyberattack and the silence about Shadow Brokers

Which brings me to the last section of the article, where, over 8000 words in, the WaPo issues a threat against Russia in the form of a looming cyberattack Obama approved before he left.

WaPo’s early description of this suggests the attack was and is still in planning stages and relies on Donald Trump to execute.

Obama also approved a previously undisclosed covert measure that authorized planting cyber weapons in Russia’s infrastructure, the digital equivalent of bombs that could be detonated if the United States found itself in an escalating exchange with Moscow. The project, which Obama approved in a covert-action finding, was still in its planning stages when Obama left office. It would be up to President Trump to decide whether to use the capability.

But if readers make it all the way through the very long article, they’ll learn that’s not the case. The finding has already been signed, the implants are already being placed (implants which would most likely be discovered by Kaspersky), and for Trump to stop it, he would have to countermand Obama’s finding.

The implants were developed by the NSA and designed so that they could be triggered remotely as part of retaliatory cyber-strike in the face of Russian aggression, whether an attack on a power grid or interference in a future presidential race.

Officials familiar with the measures said that there was concern among some in the administration that the damage caused by the implants could be difficult to contain.

As a result, the administration requested a legal review, which concluded that the devices could be controlled well enough that their deployment would be considered “proportional” in varying scenarios of Russian provocation, a requirement under international law.

The operation was described as long-term, taking months to position the implants and requiring maintenance thereafter. Under the rules of covert action, Obama’s signature was all that was necessary to set the operation in motion.

U.S. intelligence agencies do not need further approval from Trump, and officials said that he would have to issue a countermanding order to stop it. The officials said that they have seen no indication that Trump has done so.

Whatever else this article is designed to do, I think, it is designed to be a threat to Putin, from long gone Obama officials.

Given the discussion of a looming cyberattack on Russia, it’s all the more remarkable WaPo breathed not one word about Shadow Brokers, which is most likely to be a drawn out cyberattack by Russian affiliates on NSA. Even ignoring the Shadow Brokers’ derived global ransomware attack in WannaCry, Shadow Brokers has ratcheted up the severity of its releases, including doxing NSA’s spies and hacks of the global finance system, It has very explicitly fostered tensions between the NSA and private sector partners (as well as the reputational costs on those private sector partners). And it has threatened to leak still worse, including NSA exploits against current Microsoft products and details of NSA’s spying on hostile nuclear programs.

The WaPo is talking about a big cyberattack, but an entity that most likely has close ties to Russia has been conducting one, all in plain sight. I suggested back in December that Shadow Brokers was essentially holding NSA hostage in part as a way to constrain US intelligence retaliation against Russia. Given ensuing events, I’m more convinced that is, at least partly, true.

But in this grand narrative of CIA’s early warning and Obama’s inadequate response, details like that remain unsaid.

Last Fall’s Efforts against Russia: Influence versus Tamper

NYT has a story — citing “former government officials” and eventually citing Harry Reid — that’s attracting a lot of attention. It explains the CIA had evidence in August that Russia was affirmatively trying to elect Trump, rather than just hurt Hillary.

In an Aug. 25 briefing for Harry Reid, then the top Democrat in the Senate, Mr. Brennan indicated that Russia’s hackings appeared aimed at helping Mr. Trump win the November election, according to two former officials with knowledge of the briefing.

The officials said Mr. Brennan also indicated that unnamed advisers to Mr. Trump might be working with the Russians to interfere in the election. The F.B.I. and two congressional committees are now investigating that claim, focusing on possible communications and financial dealings between Russian affiliates and a handful of former advisers to Mr. Trump. So far, no proof of collusion has emerged publicly.

[snip]

In the August briefing for Mr. Reid, the two former officials said, Mr. Brennan indicated that the C.I.A., focused on foreign intelligence, was limited in its legal ability to investigate possible connections to Mr. Trump. The officials said Mr. Brennan told Mr. Reid that the F.B.I., in charge of domestic intelligence, would have to lead the way.

Given Jim Comey’s description of the FBI assessment Russia wanted to elect Trump — which he described as an “enemy of my enemy” approach, rooting against the Pats at all times because he’s a Giants fan — and given the NSA’s continued moderate confidence in this claim, I don’t make too much of the CIA claim. Furthermore, given Roger Stone’s public exchanges with Guccifer 2 in the weeks leading up to this briefing (and CIA’s purported prohibition on involvement in domestic affairs), I also don’t put too much stock in CIA’s evidence of Russian coordination. In precisely this period, after all, Brennan continued to publicly brief that Putin was out of his depth, which seemed then and seems even more now to underestimate Putin’s ability to play the United States.

The line about Brennan saying FBI would have to investigate the ties between Trump and Putin also reminds me of the recent complaint, laundered through BBC’s Paul Wood, that FBI is fucking up the investigation and CIA should take the lead.

The rest of the article includes partisan details that have attracted a lot of attention but that — in light of this Lisa Monaco interview — seem to miss some distinction. The NYT describes a conflict between a bipartisan statement about the integrity of the election and a more assertive statement implicating Russia with influencing the outcome of the election.

In the briefings, the C.I.A. said there was intelligence indicating not only that the Russians were trying to get Mr. Trump elected but that they had gained computer access to multiple state and local election boards in the United States since 2014, officials said.

Although the breached systems were not involved in actual vote-tallying operations, Obama administration officials proposed that the eight senior lawmakers write a letter to state election officials warning them of the possible threat posed by Russian hacking, officials said.

But Senator Mitch McConnell of Kentucky, the Republican majority leader, resisted, questioning the underpinnings of the intelligence, according to officials with knowledge of the discussions. Mr. McConnell ultimately agreed to a softer version of the letter, which did not mention the Russians but warned of unnamed “malefactors” who might seek to disrupt the elections through online intrusion. The letter, dated Sept. 28, was signed by Mr. McConnell, Mr. Reid, Speaker Paul D. Ryan and Representative Nancy Pelosi, the ranking Democrat.

On Sept. 22, two other members of the Gang of Eight — Senator Dianne Feinstein and Representative Adam B. Schiff, both of California and the ranking Democrats on the Senate and House intelligence committees — released their own statement about the Russian interference that did not mention Mr. Trump or his campaign by name.

Here’s the full statement from Feinstein and Schiff:

Based on briefings we have received, we have concluded that the Russian intelligence agencies are making a serious and concerted effort to influence the U.S. election.

At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes of the election—we can see no other rationale for the behavior of the Russians.

We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government.

We call on President Putin to immediately order a halt to this activity. Americans will not stand for any foreign government trying to influence our election. We hope all Americans will stand together and reject the Russian effort.

Note the difference in emphasis: the letter from Congressional leaders emphasizes voting apparatus. Also note (and I suspect this is far more important than any report has yet made out) the letter Mitch McConnell was willing to sign states clearly that voting systems are not being designated critical infrastructure (which Jeh Johnson tried to do in early January, to much resistance from the states).

We urge the states to take full advantage of the robust public and private sector resources available to them to ensure that their network is secure from attack. In addition, the Department of Homeland Security stands ready to provide cybersecurity assistance to those states that choose to request it. Such assistance does not entail federal regulation or binding federal directives of any kind, and we would oppose any effort by the federal government to exercise any degree of control over the states’ administration of elections by designating these systems as critical infrastructure.

In other words, the Democrats wanted this to be about Russian influence, whereas the government was primarily worried about Russia affecting the outcome of the election at the polls.

Here’s how Monaco described the effort, which she describes as largely successful.

[M]y own view on that is we did not want to do anything to do the Russians’ work for them by engaging in partisan discussion about this, which is why we were so intent upon getting bipartisan support, and ultimately, we did so from the House and Senate leadership, in trying to get the state and local governments to work with us to shore up their cybersecurity.

We made a specific effort to go to Congress, to say we want bipartisan support for state governments to take us up on our offer to shore up their cybersecurity in their election systems, because there was a tremendous amount of resistance. This is an election year, I think there was a view that we—if we came to state and municipal governments and said, “We want to help you shore up your cybersecurity for your election system,” they viewed it as a big federal takeover.

We really needed bipartisan support for the efforts we were making, largely out of the Department of Homeland Security. Ultimately, that turned out to be a smart way of doing business, and we ended up having 48 of 50 states take us up on our offer, but we needed bipartisan support to do it. Ultimately, that turned out to be a smart way of doing business, and we ended up having 48 of 50 states take us up on our offer, but we needed bipartisan support to do it.

For Monaco, the effort was entirely about convincing states to accept help from DHS to ensure the machines counting the vote would not be compromised in a way that would affect the vote, not about the theft of emails from the DNC.

Incidentally, one of the two states that refused DHS help was Georgia, which of course is conducting an election to replace Tom Price as we speak, and which accused DHS of trying to hack its systems in the weeks after the election.

Two more comments on this. First, Mitch McConnell appears to have been in the right on this. Public discussion of the probes at the time noted that such hacks had happened in the past and generally sought credentials, not voting information. DHS released a warning on the polling probes on September 20, a week before the Leaders’ statement was released, and it still discussed the probes in terms of stealing PII.

(U//FOUO) DHS has no indication that adversaries or criminals are planning cyber operations against US election infrastructure that would change the outcome of the coming US election. Multiple checks and redundancies in US election infrastructure—including diversity of systems, non-Internet connected voting machines, pre-election testing, and processes for media, campaign, and election officials to check, audit, and validate results—make it likely that cyber manipulation of US election systems intended to change the outcome of a national election would be detected.

(U//FOUO) We judge cybercriminals and criminal hackers are likely to continue to target personally identifiable information (PII), such as that available in voter registration databases. We have no indication, however, that criminals are planning theft of voter information to disrupt or alter US computer-enabled election infrastructure.

And the October 7 joint DHS/ODNI statement –released after the Leaders’ statement — still stopped short of blaming Russia for those probes.

Some states have also recently seen scanning and probing of their election-related systems, which in most cases originated from servers operated by a Russian company. However, we are not now in a position to attribute this activity to the Russian Government.

In other words, McConnell’s resistance to blaming Russia in that September 28 letter was completely consistent with the public intelligence at the time.

Finally, now how the role of Richard Burr and Devin Nunes always gets glossed over in these descriptions? I get that people want to blame Mitch for refusing to take a tougher line. But what were Trump’s campaign surrogates doing at the time?

The October Non-Surprise

Both the Wikileaks Podesta release and the Access Hollywood tape drowned out the Intelligence Community report on Russia

Earlier this week, in an interview with Politico (the story and the interview transcript seem to be memory holed for now), Obama’s Homeland Security Czar Lisa Monaco insisted that the Obama response to the Russian hack of the DNC was actually quite forceful, but that it got lost in the release of the Access Hollywood video showing Trump threatening to grab women by the pussy.

But strong supporters of Clinton’s campaign argued—some at the time, many more in the wake of the former secretary of state’s shocking November election defeat—that the Obama team should have done more to publicize the hacking for what it was: a heavy-handed Kremlin intervention on behalf of one side in America’s presidential election. Monaco pushed back against that, recalling that the heads of U.S. intelligence agencies issued a joint statement publicly blaming the Russians for the pre-election hack on Oct. 7. “That was an unprecedented statement,” she says, “a fact that sometimes gets lost in this discussion” given that it came on the same day as the revelation of the “Access Hollywood” tape showing Trump joking about sexually assaulting a woman.

I point to Monaco’s argument because it’s a mirror image to claims Hillary supporters make about the same week. They argue that the release of the John Podesta emails drowned out the Access Hollywood video. Here’s John Podesta in a December appearance on Meet the Press.

So October 7th, Wiki– October 7th, let’s go through the chronology. On October 7th, the Access Hollywood tape comes out. One hour later, WikiLeaks starts dropping my emails into the public. One could say that there might, those things might not have been a coincidence.

Monaco is in the right here. The Google Trends graph above maps “Wikileaks emails” in blue, “Access Hollywood” in red, and “Russian hack” in yellow (“Grab them by the pussy” shows a more extreme but shorter spike, “John Podesta” doesn’t show as high). In fact, the Grab them by the pussy video drowned out the first releases of the Podesta emails — which suggests it would have been stupid strategy to intentionally release them at the same time, as doing so would mean fewer people would read the excerpts from Hillary’s speeches that got released on the first day. By the following Tuesday, Wikileaks had taken over. By comparison, the Russian hack was a mere blip compared to those two stories, though.

The Roger Stone and Wikileaks narrative misses a few data points

I return to this chronology for another reason. The events of the week of October 3 have been in the news for another reason: their role in the claim that Roger Stone was coordinating with Wikileaks during that week (which is presumably a big part of the reason Podesta insinuated there was coordination on that timing).

CNN has a timeline of many of Stone’s Wikileaks related comments, which actually shows that in August, at least, Stone believed Wikileaks would release Clinton Foundation emails (a claim that derived from other known sources, including Bill Binney’s claim that the NSA should have all the Clinton Foundation emails).

It notes, as many timelines of Stone’s claims do, that on Saturday October 1 (or early morning on October 2 in GMT; the Twitter times in this post have been calculated off the unix time in the source code), Stone said that on Wednesday (October 5), Hillary Clinton is done.

Fewer of these timelines note that Wikileaks didn’t release anything that Wednesday. It did, however, call out Guccifer 2.0’s purported release of Clinton Foundation documents (though the documents were real, they were almost certainly mislabeled Democratic Party documents) on October 5. The fact that Guccifer 2.0 chose to mislabel those documents is worth further consideration, especially given public focus on the Foundation documents rather than other Democratic ones. I’ll come back to that.

Throughout the week — both before and after the Guccifer 2.0 release — Stone kept tweeting that he trusted the Wikileaks dump was still coming.

Monday, October 3:

Wednesday, October 5 (though this would have been middle of the night ET):

Thursday, October 6 (again, this would have been nighttime ET, after it was clear Wikileaks had not released on Wednesday):

On October 7, at 4:03PM, David Fahrenthold tweeted out the Access Hollywood video.

On October 7, at 4:32 PM, Wikileaks started releasing the Podesta emails.

Stone didn’t really comment on the substance of the Wikileaks release. In fact, even before the Access Hollywood release, he was accusing Bill Clinton of rape, and he continued in that vein after the release of the video, virtually ignoring the Podesta emails.

For its part, Wikileaks was denying it had any knowing contact with Stone within a week, as it had before. CNN finally reported those denials in the wake of reporting on Stone’s August 2016 contacts with Guccifer 2.0. It’s worth noting that in precisely that time period, Wikileaks managed to discredit a still unexplained US-based hoax launched against Julian Assange, accusing him of soliciting a minor via the online dating site Todd and Claire. In addition, this was the period when the odd Alfa Bank story was being pitched to journalists.

Thus far, anyway, the full chronology suggests that either Stone’s information was only vaguely accurate or Wikileaks delayed its release for a few days. That does weird things to Podesta’s narrative, since either Wikileaks delayed their release so the actually newsworthy part of it — Hillary’s speech excerpts — would be overshadowed (as it was) by the Access Hollywood video, or the Access Hollywood video was timed to coincide with the Wikileaks release — which after all had been announced publicly in a way the Access Hollywood video had not been.

Democrats had more warning of impending emails than Podesta makes out

There’s another part of Podesta’s narrative that deserves review. He liked to suggest he had no idea when his emails were being released — in part, to criticize the FBI for not warning him.

It’s not just that Stone appears to have had a vaguer sense of when the next dump (which, as noted, he appeared to believe would be Clinton Foundation emails) was coming than often made out. Democrats also had more warning than often claimed.

In his December Meet the Press appearance, Podesta made a big deal out of the fact that the FBI had not informed him before the October 7 release.

CHUCK TODD:

This is your personal account that was hacked. I’ve got to think you’re getting updates on the investigation that others would not. What can you share?

JOHN PODESTA:

I will share this with you, Chuck. The first time I was contacted by the F.B.I. was two days after WikiLeaks started dropping my emails.

CHUCK TODD:

Let me pause here.

JOHN PODESTA:

The first, the first–

CHUCK TODD:

Two days after?

But as he went on to reveal, he had seen a document released earlier that he had reason to believe may have been from him (I think, but will have to return to this, that it may have been one of the original Guccifer 2.0 documents).

CHUCK TODD:

But when were you aware that you had been hacked? Before October 7th?

JOHN PODESTA:

I think it was confirmed on October 7th in some of the D.N.C. dumps that had occurred earlier.

CHUCK TODD:

Earlier, yeah.

JOHN PODESTA:

And other campaign officials also had their emails divulge earlier than October 7th. But in one of those D.N.C. dumps, there was a document that appeared to me was– that appeared came– might have come from my account. So I wasn’t sure, I didn’t know, I didn’t know what they had, what they didn’t have. It wasn’t until October 7th when Assange both really in his first statements said things that were incorrect, but started dumping them out and said they were going to all dump out. That’s when I knew that they had the contents of my email account.

Even putting aside Podesta’s suspicion one of the release documents had come from him and Stone’s warnings, Podesta would have had one more warning there would be a further release: from the Christopher Steele reports being done as opposition research for the Hillary campaign.

On September 14, Steele reported that the Russians were considering releasing more emails after the September 18 Duma elections, though the Russians thought they might not have to release any more emails to make Hillary look “weak and stupid.”

Russians do have further “kompromat” on CLINTON (e-mails) and considering disseminating it after Duma (legislative elections) in late September. Presidential spokesman PESKOV continues to lead on this.

[snip]

Continuing on this theme, the senior PA official said the situation was that the Kremlin had further “kompromat” on candidate CLINTON and had been considering releasing this via “plausibly deniable” channels after the Duma (legislative elections) were out of the way in mid-September. There was however a growing train of thought and associated lobby, arguing that the Russians could still make candidate CLINTON look “weak and stupid” by provoking her into railing against PUTIN and Russia without the need to release more of her e-mails.

Curiously, as with all other Wikileaks releases, the publicly-released Steele reports never prospectively confirm a release. Steele’s sources seemed to have little prospective insight to offer about non-public events tied to the release of emails. But on October 12, a report (based on undated early October reporting, which raises questions why the reporting on this wasn’t as quick as on some other reports) notes that the Russians have dumped more anti-Clinton material, which would continue until election day.

Russians have injected further anti-CLINTON material into the “plausibly deniable” leaks pipeline which will continue to surface, but best material already in public domain.

[snip]

Speaking separately in confidence to a trusted compatriot in early October 2016, a senior Russian leadership figure and a Foreign Ministry official reported on recent developments concerning the Kremlin’s operation to support Republican candidate Donald TRUMP in the US presidential election. The senior leadership figure said that a degree of buyer’s remorse was setting in among Russian leaders concerning TRUMP, PUTIN and his colleagues were surprised and disappointed that leaks of Democratic candidate, Hillary CLINTON’s hacked e-mails had not had greater impact on the campaign.

Continuing on this theme, the senior leadership figure commented that a stream of further hacked CLINTON material already had been injected by the Kremlin into compliant western media outlets like Wikileaks, which remained at least “plausibly deniable”, so the stream of these would continue through October and up to the election. However s/he understood that the best material the Russians had already was out and there were no real game-changers to come.

Suffice it to say, even without an FBI warning, Podesta had good reason to expect the emails would occur, though he may have had only a vague idea of the timing.

The other missing detail

Which brings me to one final event from that week that rarely makes the timelines, particularly not the Democratic ones (though Glenn Greenwald pointed out some of it in this post).

From at least the time of the DNC email release in July, Democrats insinuated that Russia and/or Wikileaks had doctored the emails, without ever offering proof, besides the original obvious doctoring of metadata in the Guccifer 2.0 documents (though some DNC people have since credibly claimed that not all of their emails got published). Chief among those people was Malcolm Nance, who was writing a book on the hack. He started warning of spoofed emails in late July. He started pitching his book, which predicted the leaks would include tampering, at the end of September.

And then, just over an hour after the Podesta emails dropped (5:44PM) documents including excerpts from Hillary’s speeches, a pro-Clinton Twitter account responded to Michael Tracey’s observations about the excerpts with a badly faked transcript of a Hillary Goldman Sachs speech.

At 7:25PM, one of the key Russian story commenters linked to it, accusing “Trumpists” of “dirtying docs.” Then at 7:43PM, Nance tweeted, “Official Warning: #PodestaEmails are already proving to be riddled with obvious forgeries & #blackpropaganda not even professionally done.”

Click through to Greenwald’s post to see how it went viral after that (MSNBC’s Joy Reid, who had repeatedly had Nance on, was key to both of Nance’s claims of forgeries go viral), including how it got picked up in the Democrats’ own fake news sites.

Here’s the thing: in multiple places, the guy who later claimed credit, under the name “Marco Chacon,” for the hoax stated he had done the transcript in advance of the release of the emails.

The biggest breakout I had came when a Vice reporter, Michael Tracey, was holding forth on Twitter in the wake of the Podesta Email leaks. He was speaking about the Goldman Sachs transcripts—and I had one.

I had written up a fake Goldman Sachs transcript days before, wherein Hillary Clinton is preparing a run for president and is speaking to the board of directors in 2014 about the coming threat to Wall Street and Washington power. That threat? Bronies, adult male fans of the cartoon My Little Pony: Friendship Is Magic. She has to explain this “Bronie Threat” to them and, in the process, describes a group of internet denizens she calls a “bucket of losers.”

When I tweeted the link and an image of some of the text at Tracey, I did it because I find him to be something of a self-important git and wanted to poke fun at him. I didn’t know at the time that there were Goldman Sachs transcript fragments in the WikiLeaks release.

Note, too, that his claim that when he tweeted the hoax transcript to Tracey, he didn’t know there were Goldman transcripts in the Wikileaks release is laughable: That’s what Tracey’s tweet was about!

Just days later, Kurt Eichenwald would make another claim that Russia had doctored emails that went even more wildly viral (and became among the most remembered fake news stories of the election cycle). In Eichenwald’s discussions with the Sputnik writer in question, Bill Moran, he insisted that spooks had alerted him to the (mis)use of his story.

There is definitely evidence that Roger Stone had at least enough feedback with those leaking stolen emails to know to expect them the first week of October — though he clearly didn’t know precisely when or what to expect. Moreover, he clearly didn’t have an open channel with Assange to find out when the delayed release would be — it appears, instead, he got a warning, but no update.

But there are at least as many reasons to ask whether the Democrats (or perhaps even a government agency) had advance warning of what was coming, and had planned in response.

And all that played out at the time when, per Lisa Monaco, the Intelligence Community made what they viewed as an unprecedented announcement blaming Russia for the hack of the Democrats.

There are definitely reasons to scrutinize Stone’s foreknowledge in all this. But that is by no means the only feedback loop that appears to have been in operation by this point.

Trump’s Muslim Ban Forces IC to Conduct Actual Assessment of Terror Threats

CNN reports that the Trump Administration has asked DHS and DOJ to come up with an intelligence report backing the selection of the seven Muslim banned countries. According to CNN, some of those working on the report feel they’re being asked to fit a report to a desired conclusion.

President Donald Trump has assigned the Department of Homeland Security, working with the Justice Department, to help build the legal case for its temporary travel ban on individuals from seven countries, a senior White House official tells CNN.

Other Trump administration sources tell CNN that this is an assignment that has caused concern among some administration intelligence officials, who see the White House charge as the politicization of intelligence — the notion of a conclusion in search of evidence to support it after being blocked by the courts. Still others in the intelligence community disagree with the conclusion and are finding their work disparaged by their own department.

This is another of those areas where I’m grateful for the incompetence of the Trump Administration. If it were me, I’d call the four Obama Administration officials who first named these seven countries a threat: former Deputy CIA Director Avril Haines, former Secretary of State John Kerry, former Homeland Security Czar Lisa Monaco, and former National Security Advisor Susan Rice. They’re already on a court declaration in this case, so even the ones who might have been able to dodge testifying normally, they wouldn’t be able to. Make them explain why Iran and Sudan are on this list. They would either have to admit the truth: that our notions of terrorism generally are utterly politicized, and that if we were to measure on actual threat, our close allies Saudi Arabia and Pakistan would lead the list. Or they’d have to invent something to justify their past politicized actions.

Instead, Trump is trying to politicize intelligence, which not only has elicited this backlash, but will never be able to accomplish its objective. Even after redefining terror attack down to include material support (something that is actually consistent with the last 15 years of FBI fluffing their terror prosecution numbers), it is still impossible to present Iran as a bigger terrorist threat than Saudi Arabia (plus, you’d have to acknowledge that the listing and delisting of MEK, which a number of Trump officials have supported for cash payments, is also totally politicized).

Hopefully, that will lead to a larger reassessment of how we think of terrorism, including the recognition that our allies are actually the problem, not our arch-enemy Iran. That’s obviously wildly optimistic. But it is the kind of possibility that Trump’s incompetence allows us to consider.

The Folks Who Picked the Stupid Seven Banned Countries Say the Muslim Ban Is Stupid

Buried in a declaration written by a bunch of former national security officials in the Washington v Trump suit opposing Trump’s Muslim ban is this passage:

Because various threat streams are constantly mutating, as government officials, we sought continually to improve that vetting, as was done in response to particular threats identified by U.S. intelligence in 2011 and 2015. Placing additional restrictions on individuals from certain countries in the visa waiver program –as has been done on occasion in the past – merely allows for more individualized vettings before individuals with particular passports are permitted to travel to the United States.

These officials, which include (among others) former Deputy CIA Director Avril Haines, former Secretary of State John Kerry, former Homeland Security Czar Lisa Monaco, and former National Security Advisor Susan Rice argue that the practice is to tweak immigration rules based on changing threat patterns rather than impose broad bans not driven by necessity and logic. They argue that additional restrictions imposed on certain immigrants in 2015 were “in response to particular threats identified by U.S. intelligence.”

That’s really interesting because the 2015 change they reference is the basis of the Trump list that excludes countries that are real threats and includes others (especially Iran) that are not. Here’s how CNN describes the genesis of the seven countries covered by Trump’s ban.

In December 2015, President Obama signed into law a measure placing limited restrictions on certain travelers who had visited Iran, Iraq, Sudan, or Syria on or after March 1, 2011. Two months later, the Obama administration added Libya, Somalia, and Yemen to the list, in what it called an effort to address “the growing threat from foreign terrorist fighters.

The restrictions specifically limited what is known as visa-waiver travel by those who had visited one of the seven countries within the specified time period. People who previously could have entered the United States without a visa were instead required to apply for one if they had traveled to one of the seven countries.

Under the law, dual citizens of visa-waiver countries and Iran, Iraq, Sudan, or Syria could no longer travel to the U.S. without a visa. Dual citizens of Libya, Somalia, and Yemen could, however, still use the visa-waiver program if they hadn’t traveled to any of the seven countries after March 2011.

Now, Haines, Kerry, Monaco, and Rice might be excused for opposing Trump’s ban on seven poorly picked countries that themselves had a hand in picking. After all, the changes derived from bills presented by Republicans, Candace Miller and Ron Johnson, which got passed as part of the Omnibus in 2015. Obama can’t be expected to veto the entire spending bill because some Republicans wanted to make life harder on some immigrants.

Except that, as far as I understand, the Obama Administration extended the restrictions from the original law, which pertained only to people from or who had traveled to Syria and Iraq, to Iran and Sudan. And then (as CNN notes) they extended it again to three other countries, Libya, Somalia, and Yemen (notably, all countries we destabilized).

So it’s partly the fault of Haines, Kerry, Monaco, and Rice that Iran, which hasn’t targeted the US in real terrorism for decades, is on the list. It’s partly the fault of Haines, Kerry, Monaco, and Rice that countries with actual ties to terrorists who have attacked inside the US — most notably Saudi Arabia and Pakistan — are not on the list.

I have no doubt that the argument presented in the declaration (which was also signed by a bunch of people who weren’t part of Obama’s second term national security team) is right: Trump’s Muslim ban is badly conceived and makes us less safe. But one reason they likely know that is because their own visa restrictions were badly conceived and did little to make us more safe.

Trump is pursuing a lot of stupid policies. But we should remain honest that they largely build on stupid policies of those who came before.

Update: Corrected that this is not an amicus, but a declaration submitted with state opposition.

The Game of Telephone about the Election Hacking Review

This morning, the White House announced that Obama has ordered a review of election-related hacking, to be completed before Donald Trump takes over. I want to capture the varying descriptions of what the review will entail.

Politico: The review will look at the hacks blamed on the Russians this year and malicious cyber activity (publicly understood to be China in 2008 and someone else in 2012) going back to 2008

The review will put the spate of hacks — which officials have blamed on Russia — “in a greater context” by framing them against the “malicious cyber activity” that may have occurred around the edges of the 2008 and 2012 president elections, said White House principal deputy press secretary Eric Schultz at a briefing.

“This will be a review that is broad and deep at the same time,” he added.

[snip]

In 2008, the campaigns for both Sen. John McCain (R-Ariz.) and Obama were bombarded by suspected Chinese hackers, according to U.S. intelligence officials. The digital intruders were reportedly after internal policy papers and the emails of top advisers.

And in 2012, Gawker reported that hackers had broken into Republican presidential candidate Mitt Romney’s personal Hotmail account after correctly answering his backup security question: “What is your favorite pet?”

“We will be looking at all foreign actors and any attempt to interfere with the elections,” Schultz said.

WaPo: The review will be a “full review” of Russian hacking during the November election

President Obama has ordered a “full review” of Russian hacking during the November election, as pressure from Congress has grown for greater public understanding of exactly what Moscow did to interfere in the electoral process.

[snip]

U.S. intelligence and law enforcement agencies had already been probing what they see as a broad covert Russian operation to sow distrust in the presidential election process. It was their briefings of senior lawmakers that led a number of them to press for more information to be made public.

[snip]

Though Russia has long conducted cyberspying on U.S. agencies, companies and organizations, this presidential campaign marks the first time Russia has attempted through cyber means to interfere in, if not actively influence, the outcome of an election, the officials said.

CNN: The review will look at “hacking by the Russians aimed at influencing US elections going back to 2008” (CNN notes that the IC “never said there was strong evidence that [hacks of voter registration systems were] tied to the Russian government”)

President Barack Obama has ordered a full review into hacking by the Russians aimed at influencing US elections going back to 2008, the White House said Friday.

“The President has directed the Intelligence Community to conduct a full review of what happened during the 2016 election process. It is to capture lessons learned from that and to report to a range of stakeholders,” White House Homeland Security and Counterterrorism Adviser Lisa Monaco said at a Christian Science Monitor breakfast with reporters Friday. “This is consistent with the work that we did over the summer to engage Congress on the threats that we were seeing.”
White House spokesman Eric Schultz added later that the review would encompass malicious cyber activity related to US elections going back to 2008. [my emphasis]

Wikileaks (relying on the CNN story): The review will look at Wikileaks

CNN: Obama orders report into WikiLeaks timed for release just prior to Trump presidency

NYT: The review will look at all Russian efforts to influence the 2016 election, including publishing email contents and probing the “vote-counting system” (presumably a reference to voter lists that have nothing to do with vote counting)

President Obama has ordered American intelligence agencies to produce a full report on Russian efforts to influence the 2016 presidential election, his homeland security adviser said on Friday. He also directed them to develop a list of “lessons learned” from the broad campaign the United States has accused Russia of carrying out to steal emails, publish their contents and probe the vote-counting system.

The Reason Obama Capitulated on the (Phone) Dragnet

This will be a bit of a contrary take on what I believe to be the reasons for President Obama’s capitulation on the dragnet, announcing support today for a plan to outsource the first query in the dragnetting process to the telecoms.

It goes back to the claims — rolled out in February — that the NSA has only been getting 20 to 30% of the call data in the US. Those reports were always silent or sketchy on several items:

  • The claims were always silent that they applied only to Section 215, and did not account for the vast amount of data, including US person cell data, collected under EO 12333.
  • The claims were sketchy about the timing of the claim, especially in light of known collection of cell data in 2010 and 2011, showing that at that point NSA had no legal restrictions on accepting such data.
  • The claims were silent about why, in both sworn court declarations and statements to Congress, Administration officials said the collection (sometimes modified by Section 215, often, especially in court declarations, not) was comprehensive.

Here’s what I think lies behind those claims.

We know that as recently as September 1, 2011, the NSA believed it had the legal authority to collect cell location data under Section 215, because they were doing just that. Congress apparently did not respond well to learning, belatedly, that the government was collecting location data in a secret interpretation of a secret interpretation. Nevertheless, it appears the government still believed it had that authority — though was reevaluating it — on January 31, 2012, when Ron Wyden asked James Clapper about it — invoking the “secret law” we know to be Section 215 — during his yearly grilling of Clapper in the Global Threat hearing.

Wyden: Director Clapper, as you know the Supreme Court ruled last week that it was unconstitutional for federal agents to attach a GPS tracking device to an individual’s car and monitor their movements 24/7 without a warrant. Because the Chair was being very gracious, I want to do this briefly. Can you tell me as of now what you believe this means for the intelligence community, number 1, and 2, would you be willing to commit this morning to giving me an unclassified response with respect to what you believe the law authorizes. This goes to the point that you and I have talked, Sir, about in the past, the question of secret law, I strongly feel that the laws and their interpretations must be public. And then of course the important work that all of you’re doing we very often have to keep that classified in order to protect secrets and the well-being of your capable staff. So just two parts, 1, what you think the law means as of now, and will you commit to giving me an unclassified answer on the point of what you believe the law actually authorizes.

Clapper: Sir, the judgment rendered was, as you stated, was in a law enforcement context. We are now examining, and the lawyers are, what are the potential implications for intelligence, you know, foreign or domestic. So, that reading is of great interest to us. And I’m sure we can share it with you. [looks around for confirmation] One more point I need to make, though. In all of this, we will–we have and will continue to abide by the Fourth Amendment. [my emphasis]

Unsurprisingly, as far as I know, Clapper never gave Wyden an unclassified answer.

Nevertheless, since then the government has come to believe it cannot accept cell data under Section 215. Perhaps in 2012 as part of the review Clapper said was ongoing, the government decided the Jones decision made their collection of the cell location of every cell phone in the US illegal or at least problematic. Maybe, in one of the 7 Primary orders DOJ is still withholding from 2011 to 2013, the FISC decided Jones made it illegal to accept data that included cell location. It may be that a February 24, 2013 FISC opinion — not a primary order but one that significantly reinterpreted Section 215 — did so. Certainly, by July 19, 2013, when Claire Eagan prohibited it explicitly in a primary order, it became illegal for the government to accept cell location data.

That much is clear, though: until at least 2011, DOJ believed accepting cell location under Section 215 was legal. At least by July 19, 2013, FISC made it clear that would not be legal.

That, I believe, is where the problems accepting cell phone data as part of Section 215 come from (though this doesn’t affect EO 12333 data at all, and NSA surely still gets much of what it wants via EO 12333). Theresa Shea has explicitly said in sworn declarations that the NSA only gets existing business records. As William Ockham and Mindrayge have helped me understand, unless a telecom makes it own daily record of all the calls carried on its network — which we know AT&T does in the Hemisphere program, funded by the White House Drug Czar — then the business ecords the phone company will have are its SS7 routing records. And that’s going to include cell phone records. And those include location data for cell phones.

Now, it may be that the telecoms chose not to scan out this information for the government. It may be that after the program got exposed they chose to do the bare minimum, and the cell restrictions allowed them to limit what they turned over (something similar may have happened with VOIP calls carried across their networks). It may be that Verizon and even AT&T chose to only provide that kind of data via EO 12333 program that, because they are voluntary, get paid at a much higher rate. In any case, I have very little doubt that NSA got the phone records from Verizon, just not via Section 215.

But I’m increasingly sure the conflict between Section 215’s limit to existing business record and the limits imposed on Section 215 via whatever means was the source of the “problem” that led NSA to only get 30% of phone records [via the Section 215 program, which is different than saying they only got 30% of all records from US calls].

And a key feature of both the President’s sketchy program…

  • the companies would be compelled by court order to provide technical assistance to ensure that the records can be queried and that results are transmitted to the government in a usable format and in a timely manner.

And the RuppRoge Fake Fix…

(h)(1)(A) immediately provide the Government with records, whether existing or created in the future, in the format specified by the Government

[snip]

(h)(2) The Government may provide any information, facilities, or assistance necessary to aid an electronic communications service provider in complying with a directive issued pursuant to paragraph (1).

Is that the government gets to dictate what format they get records in here, which they couldn’t do under Section 215. That means, among other things, they can dictate that the telecoms strip out any location data before it gets to NSA, meaning NSA would remain compliant with whatever secret orders have made the collection of cell location in bulk illegal.

Remember, too, that both of these programs will have an alert feature. In spite of getting an alert system to replace the one deemed illegal in 2009 approved on November 8 2012, the government has not yet gotten that alert function working for what are described as technical reasons.

The Court understands that to date NSA has not implemented, and for the duration of this authorization will not as a technical matter be in a position to implement, the automated query process authorized by prior orders of this Court for analytical purposes. Accordingly, this amendment to the Primary Order authorizes the use of this automated query process for development and testing purposes only. No query results from such testing shall be made available for analytic purposes. Use of this automated query process for analytical purposes requires further order of this Court.

It’s possible that, simply doing the alert on exclusively legally authorized data (as opposed to data mixing EO 12333 and FISC data) solves the technical problems that had stymied NSA from rolling out the alert system they have been trying to replace for 5 years. It’s possible that because NSA was getting its comprehensive coverage of US calls via different authorities, it could not comply with the FISC’s legal limits on the alert system. But we know there will be an alert function if either of these bills are passed.

The point is, here, too, outsourcing the initial query process solves a legal-technical problem the government has been struggling with for years.

The Obama plan is an improvement over the status quo (though I do have grave concerns about its applicability in non-terrorist contexts, and my concerns about what the government does with the data of tens to hundreds of thousands of innocent Americans remain).

But don’t be fooled. Obama’s doing this as much because it’s the easiest way to solve legal and technical problems that have long existed because the government chose to apply a law that was entirely inapt to the function they wanted to use it for.

Shockers! A more privacy protective solution also happens to provide the best technical and legal solution to the problem at hand.

Update: Forgot to add that, assuming I’m right, this will be a pressure point that Members of Congress will know about but we won’t get to talk about. That is, a significant subset of Congress will know that unless they do something drastic, like threatening legal penalties or specifically defunding any dragnetting, the Executive will continue to do this one way or another, whether it’s under a hybrid of Section 215 and EO 12333 collection, or under this new program. That is, it will be a selling point to people like Adam Schiff (who advocated taking the call records out of government hands but who has also backed these proposals) that this could bring all US intelligence collection under the oversight of the FISC (it won’t, really, especially without a very strong exclusivity provision that prohibits using other means, which the Administration will refuse because it would make a lot of what it does overseas illegal). This is the same tension that won the support of moderates during the FISA Amendments Act, a hope to resolve real separation of powers concerns with an imperfect law. So long as the Leahy-Sensenbrenner supporters remain firm on their demands for more reforms, we may be able to make this a less imperfect law. But understand that some members of Congress will view passing this law as a way to impose oversight over a practice (the EO 12333 collection of US phone records) that has none.

Update: Verizon has released this telling statement.

This week Congressmen Mike Rogers (R-MI) and Dutch Ruppersberger (D-MD) released the “End Bulk Collection Act of 2014”, which would end bulk collection of data related to electronic communications. The White House also announced that it is proposing an approach to end bulk collection. We applaud these proposals to end Section 215 bulk collection, but feel that it is critical to get the details of this important effort right. So at this early point in the process, we propose this basic principle that should guide the effort: the reformed collection process should not require companies to store data for longer than, or in formats that differ from, what they already do for business purposes. If Verizon receives a valid request for business records, we will respond in a timely way, but companies should not be required to create, analyze or retain records for reasons other than business purposes. [my emphasis]

It’s telling, first of all, because Verizon still doesn’t want to have to fuss with anything but their business records. That says it has been unwilling to do so, in the past, which, in my schema, totally explains why the government couldn’t get Verizon cell records using Section 215. (I have wondered whether this was a newfound complaint, since they got exposed whereas AT&T did not; and even in spite of Randal Milch’s denial, I still do wonder whether the Verizon-Vodaphone split hasn’t freed them of some data compliance obligations.)

Just as importantly, Verizon doesn’t want to analyze any of this data. As I have pointed out, someone is going to have to do high volume number analysis, because otherwise the number of US person records turned over will be inappropriately large but small enough it will be a significant privacy violation to do it at that point (for some things, it requires access to the raw data).

I’m unclear whether the RuppRuge Fake Fix plan of offering assistance (that is, having NSA onsite) fixes this, because NSA could do this analysis at Verizon.

The White House — Lisa Monaco? — “Cutting Off the Intelligence Community”

Too bad for Obama he has decided the great new way to aggressively prosecute leaks without the bad PR of doing it through the Courts is to have James Clapper’s Inspector General investigate them. Because I’m betting the IC IG will be unenthusiastic about hunting down this admitted leaker.

Some U.S. intelligence officials said they were being blamed by the White House for conducting surveillance that was authorized under the law and utilized at the White House.

“People are furious,” said a senior intelligence official who would not be identified discussing classified information. “This is officially the White House cutting off the intelligence community.”

But I’m a bit more interested in this barb, putting Homeland Security Advisor Lisa Monaco solidly in the line of communication receiving intelligence from wiretaps on foreign leaders.

Any decision to spy on friendly foreign leaders is made with input from the State Department, which considers the political risk, the official said. Any useful intelligence is then given to the president’s counter-terrorism advisor, Lisa Monaco, among other White House officials.

As I have twice noted, Monaco brings dramatically different experience to the position than her predecessor, John Brennan. Rather than being implicated in the illegal program that was the root of many of the problems as the program moved under FISA Court review, she had had to try to clean them up while Assistant Attorney General for National Security, including at least the upstream violations. She also participated in the decision to shut down the Internet dragnet collection program.

After prior bitching about her silence during this scandal, she penned an op-ed last week laying out the evolving White House position.

Today’s world is highly interconnected, and the flow of large amounts of data is unprecedented. That’s why the president has directed us to review our surveillance capabilities, including with respect to our foreign partners. We want to ensure we are collecting information because we need it and not just because we can.

[snip]

Going forward, we will continue to gather the information we need to keep ourselves and our allies safe, while giving even greater focus to ensuring that we are balancing our security needs with the privacy concerns all people share.

The implication, of course, is that the same person voicing this “because we need it and not just because we can” has been implicated by receiving intelligence with Merkel’s and other leaders names on it, and may be responsible for not alerting the President to it. The accuracy of the claim, of course, depends on whether the White House really shut down the collection on Merkel earlier this summer or only in the last week or so; remember tasking priorities are reassessed biannually. Moreover, it’s not like wiretaps on allied leaders would be the primary focus of someone whose job centers on counterterrorism.

The thing is, this attack can backfire, as having received this information puts Monaco in an appropriate position to know whether we were collecting it because we could, not because we need to.

Monaco has, in the past, been part of a team that deemed a program not valuable enough to sustain. Which means she has a little experience for the pushback the IC may be throwing at her in coming days.