Posts

George Papadopoulos’ Social Media Call Records Were Not Subpoenaed Until After His Interviews

I’ve been tracking questions about how aggressively (or not) the FBI investigated George Papadopoulos after receiving a tip, in July 2016, that he had heard the Russians bragging about having dirt in the form of emails from Hillary Clinton in April 2016. In this post, I showed that, given that they didn’t know about Ivan Timofeev until after his interviews, they could not even have started pursuing a warrant until after the first interview, at best (and didn’t know about the existence communications over a Section 702 provider with Timofeev until after both). In this post, I suggested that it looked like the FBI first obtained a preservation order for the device GSA had on him on March 9, 21 days after his second interview.

Since then two details have come out. First, this Peter Strzok/Lisa Page SMS text highlighted by Matt Tait suggests that as late as June 6, 2017, the Special Counsel’s office was still debating whether searching Section 702 presented a litigation risk (meaning Trump’s buddies are getting far more protection than the rest of us might be).

Then there’s a point that Eric Swalwell made in Monday’s hearing debating whether or not to reveal the Schiff memo. In response to Michael Turner’s suggestion that there was no evidence of “collusion” between Trump and Russia, Swalwell pointed out that only after the FBI challenged Trump aide claims did the Bureau find evidence to support a conspiracy.

George Papadopoulos I think is the canary in the coal mine. He was interviewed January 27, 2017, by FBI. He lied about his contacts over in London with the professor. He was interviewed again in February, and he lied. Only when the FBI showed the willingness to subpoena his Skype and Facebook logs did he come around 6 months later.

This makes it clear that the FBI had not even obtained call records from Papadopoulos (via an NSL or a subpoena) before the second interview, the standard for which is really low.

Again, this shows that, at least during that phase of the investigation, the FBI was moving very conservatively. The GOP keep complaining that Carter Page, who had been a suspected foreign agent for years, was targeted under FISA. But they’re not acknowledging that the FBI appears to have treated the other Trump aides with kid gloves. for nine months after the period when they obtained a real tip about their involvement.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Timing of Mark Warner’s PseudoScandal Texts

By now, you’ve heard about Fox News’ scoop that Mark Warner made efforts last year to obtain testimony from two key figures in the Senate Intelligence Committee investigation into Russia’s involvement in the 2016 election via DC fixer Adam Waldman: Christopher Steele and Oleg Deripaska. (In my opinion, the news buried at the bottom of the story that Deripaska agreed to provide testimony if he could get immunity, but did not get it, is far more interesting than the rest of this, but I’m not a Fox News editor.)

“We have so much to discuss u need to be careful but we can help our country,” Warner texted the lobbyist, Adam Waldman, on March 22, 2017.

“I’m in,” Waldman, whose firm has ties to Hillary Clinton, texted back to Warner.

The story also includes this paragraph, which also has gotten less attention.

Warner began texting with Waldman in February 2017 about the possibility of helping to broker a deal with the Justice Department to get the WikiLeaks founder Julian Assange to the United States to potentially face criminal charges. That went nowhere, though a Warner aide told Fox News that the senator shared his previously undisclosed private conversations about WikiLeaks with the FBI.

Interestingly, the Fox story relies on texts that Warner and Richard Burr jointly requested in June (targeting Waldman’s phone, not Warner’s, apparently), and then turned over to the committee in October. I look forward to seeing how the notoriously anti-leak Burr deals with the apparent leak of committee sensitive materials to the right wing press.

Even while the story links to texts from SSCI, it comes a week after a woman duped the famously paranoid Julian Assange into exchanging texts with her fake Sean Hannity account promising news on Mark Warner.

[Dell] Gilliam, a technical writer from Texas, was bored with the flu when she created @SeanHannity__ early Saturday morning. The Fox News host’s real account was temporarily deleted after cryptically tweeting the phrase “Form Submission 1649 | #Hannity” on Friday night. Twitter said the account had been “briefly compromised,” according to a statement provided to The Daily Beast, and was back up on Sunday morning.

[snip]

Just minutes after @SeanHannity disappeared, several accounts quickly sprung up posing as the real Hannity, shouting from Twitter exile. None were as successful as Gilliam’s @SeanHannity__ account, which has since amassed over 24,000 followers.

Gilliam then used her newfound prominence to direct message Assange as Hannity within hours.

“I can’t believe this is happening. I mean… I can. It’s crazy. Nothing can be put past people,” Gilliam, posing as Hannity, wrote to Assange. “I’m exhausted from the whole night. What about you, though? You doing ok?”

“I’m happy as long as there is a fight!” Assange responded.

Gilliam reassured Assange that she, or Hannity, was also “definitely up for a fight” and set up a call for 9:30 a.m. Eastern, about six hours later.

“You can send me messages on other channels,” said Assange, the second reference to “other channels” he made since their conversation began.

“Have some news about Warner.”

With that in mind, I want to look at the timing of some security issues last year.

While the texts turned over to Congress date to February 14, the conversation pertaining to Steele started around March 22. That puts it not long after news of a massive hack involving T-Mobile, first reported March 16.

An unusual amount of highly suspicious cellphone activity in the Washington, D.C., region is fueling concerns that a rogue entity is surveying the communications of numerous individuals, likely including U.S. government officials and foreign diplomats, according to documents viewed by the Washington Free Beacon and conversations with security insiders.

A large spike in suspicious activity on a major U.S. cellular carrier has raised red flags in the Department of Homeland Security and prompted concerns that cellphones in the region are being tracked. Such activity could allow pernicious actors to clone devices and other mobile equipment used by civilians and government insiders, according to information obtained by the Free Beacon.

It remains unclear who is behind the attacks, but the sophistication and amount of time indicates it could be a foreign nation, sources said.

I would hope to hell that former cell company mogul and current Ranking Member on the Senate Intelligence Committee running an important counterintelligence investigation Mark Warner would be aware of the security problems with mobile phones. But what do I know? [Update: Not much. Looking more closely it looks like he was using Signal.] In the last several months we’ve learned that FBI’s investigators discuss the even more sensitive aspects of the more important side of counterintelligence investigation on SMS texts on their Samsung cell phones.

¯\_(ツ)_/¯

But who knows what Waldman (who apparently chats a lot with spies, mobbed up Russian oligarchs, and — as Mike Pompeo deemed Wikileaks — non-state hostile intelligence services) knows about cell phone security?

In any case, the day before that was reported publicly, Ron Wyden and Ted Lieu sent a letter to John Kelly (who, as a reminder, in spite of or because he ran DHS for a while, had his own cell phone compromised), stating in part,

We are also concerned that the government has not adequately considered the counterintelligence threat posed by SS7-enabled surveillance.

[snip]

What resources has DHS allocated to identifying and addressing SS7-related threats? Are these resources sufficient to protect U.S. government officials and the private sector.

If the government started considering such issues in March, they might have gotten around to discovering what kinds of problems were created by the T-Mobile hack in June, when Warner and Burr moved to get the texts for SSCI.

In any case, at around that point in time, APT 28 (one of the entities blamed for hacking the DNC the previous year) started a phishing campaign targeting the Senate’s email server.

Beginning in June 2017, phishing sites were set up mimicking the ADFS (Active Directory Federation Services) of the U.S. Senate. By looking at the digital fingerprints of these phishing sites and comparing them with a large data set that spans almost five years, we can uniquely relate them to a couple of Pawn Storm incidents in 2016 and 2017. The real ADFS server of the U.S. Senate is not reachable on the open internet, however phishing of users’ credentials on an ADFS server that is behind a firewall still makes sense. In case an actor already has a foothold in an organization after compromising one user account, credential phishing could help him get closer to high profile users of interest.

Reporting at the time suggested this was an effort in advance of the 2018 election (which aside from minimizing the damage Russia might do in the interim, ignores the fact that staffers are ostensibly prohibited from using Senate resources for election related activities). But it always seemed to me it would more profitably target policy.

Or, maybe the only reasonable work Congress is doing to investigate the Russians?

Whether there’s a connection between these two compromises last year or not, and Julian Assange, and this Mark Warner story, it’s clear that DC remains ill-prepared to address the counterintelligence problems they’re faced with.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The “Insurance” Text Explained: A Debate on How Urgently to Investigation Trump’s Russian Ties

WSJ has the fascinating explanation for Peter Strzok’s August 15, 2016 “insurance” text that Republicans have been spinning into a grand scandal. Effectively, Strzok and Lisa Page were debating about how aggressively FBI should investigate Trump’s Russian ties. Page figured they could do so deliberately, and therefore avoid any risk they’d burn sources, because he wasn’t going to win. Strzok disagreed, arguing they had to investigate more aggressively in case he did win.

The text came after a meeting involving Ms. Page, Mr. Strzok and FBI Deputy Director Andrew McCabe, according to people close to the pair and familiar with their version of events. At the meeting, Ms. Page suggested they could take their time investigating the alleged collusion because Mrs. Clinton was likely to win, the people said.

If they move more deliberately, she argued, they could reduce the risk of burning sensitive sources.

Mr. Strzok felt otherwise, according to these people.

His text was meant to convey his belief that the investigation couldn’t afford to take a more measured approach because Mr. Trump could very well win the election, they said. It would be better to be aggressive and gather evidence quickly, he believed, because some of Mr. Trump’s associates could land administration jobs and it was important to know if they had colluded with Russia.

The investigation is telling for a number of reasons.

First, the comments came after just 7 of the 17 dossier reports — even assuming FBI got two reports dated August 10 immediately. Many of the most inflammatory ones — notably all the ones involving Michael Cohen — came after this. As WSJ notes, the text also comes four days after another Strozk one, dated August 11, exclaiming, “OMG I CANNOT BELIEVE WE ARE SERIOUSLY LOOKING AT THESE ALLEGATIONS AND THE PERVASIVE CONNECTIONS.” That’s probably not the dossier per se. But it may well be Paul Manafort’s burgeoning scandal; Manafort would resign August 19.

I’m also interested in how this plays with the report that Trump was warned Russians — and other countries — would try to infiltrate his campaign. The report is not that newsworthy; this kind of briefing is routine. But I wonder whether it’s coming out because the timing is of interest — perhaps in conjunction with Strzok’s increasing panic. I even wonder whether Strzok participated in the briefing.

All of which is to say that on this matter, Strzok and Page were not in agreement. Indeed, the text is actually a work debate about the tradeoff of guarding sources and methods and the urgency of excluding any compromised figures from joining Trump’s government.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

How Does the Strzok Text Dump Differ from Jim Comey’s July 5, 2016 Speech?

I’m a bit bemused by the response to DOJ’s release of the texts between Peter Strzok and Lisa Page. As Rod Rosenstein testified before HJC yesterday, the release came after notice to Strzok and Page through their lawyers. The release of the texts came with the approval of DOJ IG Michael Horowitz — who says the investigation into the underlying conduct may last through spring. And Rosenstein strongly implied he wanted them released, taking responsibility for it (while claiming not to know whether Jeff Sessions had a role in their release).

As he explained to Trey Gowdy — who, like a number of Republicans, claimed to be at a loss of what to say to constituents who asked “what in the hell is going on with DOJ and the FBI” — the release of the texts proves that any wrongdoing will be met with consequences.

Gowdy: What happens when people who are supposed to cure the conflict of interest have even greater conflicts of interests than those they replace? That’s not a rhetorical question. Neither you nor I nor anyone else would ever sit Peter Strzok on a jury, we wouldn’t have him objectively dispassionately investigate anything, knowing what we now know. Why didn’t we know it ahead of time, and my last question, my final question — and I appreciate the Chairman’s patience — how would you help me answer that question when I go back to South Carolina this weekend?

Rosenstein: Congressman, first of all, with regard to the Special Counsel, Mr. Strzok was already working on the investigation when the Special Counsel was appointed. The appointment I made was of Robert Mueller. So what I’d recommend you tell your constituents is that Robert Mueller and Rod Rosenstein and Chris Wray are accountable and that we will ensure that no bias is reflected in any actions taken by the Special Counsel or any matter within the jurisdiction of the Department of Justice. When we have evidence of any inappropriate conduct, we’re going to take action on it. And that’s what Mr. Mueller did here as soon as he learned about this issue — he took action — and that’s what I anticipate the rest of our prosecutors, the new group of US Attorneys, our Justice Department appointees. They understand the rules and they understand the responsibility to defend the integrity of the Department. If they find evidence of improper conduct, they’re going to take action.

So Congressman, that’s the best assurance I can give you. But actually, there’s one other point, which is you should tell your constituents that we exposed this issue because we’re ensuring that the Inspector General conducts a thorough and effective investigation, and if there is any evidence of impropriety, he’s going to surface it and report about it publicly.

I actually think Rosenstein did a much better job than others apparently do, yesterday, at distinguishing between the Strzok texts (which apparently were on DOJ issued cell phones and, in spite of having Hillary investigation subject lines may not have been logged into Sentinel) and the political views of Andrew Weissmann or the past representation of Jeannie Rhee. Furthermore, he repeatedly said he would only fire Mueller for cause, and made it clear there had been no cause. Several times he talked about how closely he has worked with Mueller, such as on the scope of what gets included in his investigation (even while defending the charges against Manafort as appropriately included).

That said, I wonder how Rosenstein distinguishes, in his own mind, what he did in approving the release of the texts from an ongoing investigation and what Jim Comey did on July 5, 2016, when he gave a press conference about why Hillary Clinton had not been charged. While Rosenstein’s biggest complaint in his letter supporting the firing of Comey was that he substituted his decision for that of prosecutors, he also argued that the Department shouldn’t release derogatory information gratuitously.

Compounding the error, the Director ignored another longstanding principle: we do not hold press conferences to release derogatory information about the subject of a declined criminal investigation. Derogatory information sometimes is disclosed in the course of criminal investigations and prosecutions, but we never release it gratuitously. The Director laid out his version of the facts for the news media as if it were a closing argument, but without a trial. It is a textbook example of what federal prosecutors and agents are taught not to do.

In response to skeptical question at a congressional hearing, the Director defended his remarks by saying that his “goal was to say what is true. What did we do, what did we find, what do we think about it.” But the goal of a federal criminal investigation is not to announce our thoughts at a press conference. The goal is to determine whether there is sufficient evidence to justify a federal criminal prosecution, then allow a federal prosecutor who exercises authority delegated by the Attorney General to make a prosecutorial decision, and then – if prosecution is warranted – let the judge and jury determine the facts. We sometimes release information about closed investigations in appropriate ways, but the FBI does not do it sua sponte.

In some ways this is worse because of the off chance that Inspector General Michael Horowitz finds that these texts don’t merit some kind of response; the investigation is not finished yet.

That said, I actually do think there’s a difference: Strzok and Page are department employees, rather than subjects of an external investigation. DOJ exercises awesome power, and usually DOJ is releasing the texts of private citizens in this kind of embarrassing way.

Even former clearance holders seem surprised that these texts were discovered. It is unbelievable to me how few people understand the great liberty that counterintelligence investigators like Strzok can have in obtaining the communications of investigative targets like he has now become, particularly during leak or insider threat investigations. That may not be a good thing, but it is what other targets have been subjected to. So I think it reasonable to have FBI’s own subject to the same scrutiny, for better and worse.

I do think it worthwhile for DOJ to show that it will hold people accountable for improper actions.

Plus, aside from one August comment — which we may obtain more context on when Horowitz does finish this investigation — about an “insurance” policy against Trump, the texts simply aren’t that damning (though they do raise questions about Strzok’s role in the investigation). Strzok agrees with Rex Tillerson, after all, that Trump is an idiot.

So as far as that goes, I’m actually okay with Rosenstein’s release of these texts.

Except I worry about something else.

I actually worry less about Mueller getting fired than just about every other Trump opponent on the planet. Rosenstein seems intent to let him do his work, and (notably at several times during the hearing) seems to agree with the gravity of the investigation. Trump can’t get to Mueller without taking out Rosenstein (and Rachel Brand). And I actually think Rosenstein has thus far balanced the position of a Republican protecting a Republican from Republican ire fairly well. I expect the next shoes Mueller drops — whenever that happens — will change the tone dramatically.

What bothers me most about the release of these texts, however, is that they are a response to the same pressure that Comey was responding to (and which he thought he was smart enough to manage, just as Rosenstein surely thinks he can handle it here).

They are a response — from the same people who ran the Benghazi investigation then ignored DOJ’s prosecution of the Benghazi mastermind — to a willingness to challenge the very core of DOJ functionality, all in a bid to politicize it.

Perhaps Rosenstein is right to bide his time — to create space for Mueller to drop the next few shoes — with the release of the Strzok texts.

But at some point, Republicans need to start calling out Republicans for the damage they’re doing to rule of law with this constant playing of the refs, this demand for proof that Democrats aren’t getting some advantage through the rule of law. If those next shoes don’t have the effect I imagine, it may be too late.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.