Posts

The Most Irresponsible Thing Michael Horowitz Has Done as DOJ IG

As you likely know, I’m a big fan of Michael Horowitz. I think he has routinely discovered key aspects of DOJ and FBI’s behavior that needs improvement. I think he has stood up to FBI pushback reasonably well, if not always successfully. That other professional IGs look to him as their leader reflects the great respect he has earned among his peers.

I’ve already mentioned, in passing, that I think Horowitz’ treatment of the NY field office leaks in the IG Report on the Hillary investigation to be really problematic. The report, and the Andrew McCabe report before it, makes it very clear the rampant leaking from NY motivated a lot of the defensive behavior at FBI and DOJ (not to mention the decision to take an overt act in advance of the election in violation of standing policy). Among other passages, the report cites this very long response (it starts on report page 385 if you want to read the whole thing) from Loretta Lynch, describing how much hatred towards Hillary there was in NY.

I said, but this has become a problem. And he said, and he said to me that it had become clear to him, he didn’t say over the course of what investigation or whatever, he said it’s clear to me that there is a cadre of senior people in New York who have a deep and visceral hatred of Secretary Clinton. And he said it is, it is deep. It’s, and he said, he said it was surprising to him or stunning to him. You know, I didn’t get the impression he was agreeing with it at all, by the way. But he was saying it did exist, and it was hard to manage because these were agents that were very, very senior, or had even had timed out and were staying on, and therefore did not really feel under pressure from headquarters or anything to that effect. And I said, you know, I’m aware of that…. I said, I wasn’t aware it was to this level and this depth that you’re talking about, but I said I’m sad to say that that does not surprise me. And he made a comment about, you know, you understand that. A lot of people don’t understand that. You, you get that issue. I said, I get that issue. I said I’m, I’m just troubled that this issue, meaning the, the New York agent issue and leaks, I am just troubled that this issue has put us where we are today with respect to this laptop.

The report makes clear that the NY leaks played a key role in Comey’s disastrous decision to announce the reopening of the investigation into Hillary.

Comey denied that a fear of leaks influenced his decision to send the October 28 letter to Congress. However, other witnesses told us that a concern about leaks played a role in the decision. As Baker stated, “We were quite confident that…. [I]f we don’t put out a letter, somebody is going to leak it. That definitely was discussed….” Numerous witnesses connected this concern about leaks specifically to NYO and told us that FBI leadership suspected that FBI personnel in NYO were responsible for leaks of information in other matters. Even accepting Comey’s assertion that leaks played no role in his decision, we found that, at a minimum, a fear of leaks influenced the thinking of those who were advising him.

In spite of the magnitude that these leaks had, Horowitz did not seize the FBI phones of the presumed leakers to find out what kind of damning texts they sent among themselves. This is a point made by NYCSouthpaw in a thread the day the report came out. The asymmetric focus on bias against Trump and not against Hillary is a real problem with this report.

I’m sympathetic with the IG’s explanations for why it didn’t find the source of leaks and hopeful by its promise to follow up.

Against this backdrop, and as noted at the time the OIG announced this review, we examined allegations that Department and FBI employees improperly disclosed non-public information. We focused, in particular, on the April/May and October 2016 time periods. We have profound concerns about the volume and extent of unauthorized media contacts by FBI personnel that we have uncovered during our review. Our ability to identify individuals who have improperly disclosed non-public information is often hampered by two significant factors. First, we frequently find that the universe of Department and FBI employees who had access to sensitive information that has been leaked is substantial, often involving dozens, and in some instances, more than 100 people. We recognize that this is a challenging issue, because keeping information too closely held can harm an investigation and the supervision of it. Nevertheless, we think the Department and the FBI need to consider whether there is a better way to appropriately control the dissemination of sensitive information.

Second, although FBI policy strictly limits the employees who are authorized to speak to the media, we found that this policy appeared to be widely ignored during the period we reviewed.221 We identified numerous FBI employees, at all levels of the organization and with no official reason to be in contact with the media, who were nevertheless in frequent contact with reporters. The large number of FBI employees who were in contact with journalists during this time period impacted our ability to identify the sources of leaks. For example, during the periods we reviewed, we identified dozens of FBI employees that had contact with members of the media. Attached to this report as Attachments G and H are link charts that reflects the volume of communications that we identified between FBI employees and media representatives in April/May and October 2016.222

In addition to the significant number of communications between FBI employees and journalists, we identified social interactions between FBI employees and journalists that were, at a minimum, inconsistent with FBI policy and Department ethics rules. For example, we identified instances where FBI employees received tickets to sporting events from journalists, went on golfing outings with media representatives, were treated to drinks and meals after work by reporters, and were the guests of journalists at nonpublic social events. We will separately report on those investigations as they are concluded, consistent with the Inspector General (IG) Act, other applicable federal statutes, and OIG policy. [my emphasis]

Though I would like more details about what the IG discovered when it tried to chase down FBI leaks. We know they grilled McCabe (and discovered the source of one leak that damaged Hillary). Who else did they grill, and how many were in NY?

But here’s the part I find totally irresponsible.

This is, of course, one of the totally decontextualized link analyses the IG includes in the report to substantiate its claim that the FBI leaks like a sieve. By context, this one (of two) probably reflects communications from October, a period we know (from the McCabe report) that DOJ investigated heavily, based in part off an effort to identify Devlin Barrett’s sources and those of other journalists who created a panic right before the election. The IG has gone through the effort to identify (between the two link analyses, assuming no overlap of journalists, though I suspect there may be some) the FBI sources for seven different journalists. At least the two or three journalists with more sources likely recognize they’ve been burned, as might their sources.

But the IG released these two link analyses without telling us information that it surely knows. That is: how many members of these clusters were sitting in NY, and how many in DC? Is the prolific one here Barrett (which is virtually the only way the IG would be able to claim there were too many calls to ID sources for a story we know they examined closely)? If so, then the IG already knows whether it’s true that NY started leaking about both the Weiner emails and the Clinton Foundation investigation with the purpose of pressuring DC to make certain decisions.

That is, having done this analysis, the IG knows the answer to a critical question: did leakers in NY have a significant role in forcing decisions that played a key role the outcome of the election?

If most of these leakers are in NY, then the answer is clear. But the IG didn’t tell us that information.

Worse still, by withholding this information, the IG allowed these two pages to be used (as released) out of context. They were waved around on TV all morning, with the clear suggestion that each of these leaks reflected someone trying to do in Trump. But the reality is possibly (likely even!) precisely the opposite — that a good chunk of these leakers were trying to help Trump.

And they may well have succeeded.

Michael Horowitz owes us at least that context. And I hope Democrats on the Senate Judiciary Committee demand that answer when Michael Horowitz shows up to testify.

Update: One more question I’ve got — how DOJ IG decided to stop the analysis at October, and not at the election. After all, the most damaging fake news story of the election, IMO, was the false leak to Bret Baier, attributed to “two sources inside the FBI,” that Hillary was going to be indicted.

 

Graham and Grassley Are Seeing Christopher Steele’s Ghost Where Mike Flynn Lurks

I get it. Trump is making us all crazy. But Chuck “Ethanol flipflop” Grassley and Lindsey “Trump’s best golfing buddy” Graham are going nuts not because of Trump but because of Christopher Steele. They’ve just written a letter to Susan Rice asking her why she emailed herself a letter, memorializing a January 5, 2017 meeting about the Russian hack, just before she left the White House.

In this email to yourself, you purport to document a meeting that had taken place more than two weeks before, on January 5, 2017. You wrote:

On January 5, following a briefing by IC leadership on Russian hacking during the 2016 Presidential election, President Obama had a brief follow-on conversation with FBI Director Jim Comey and Deputy Attorney General Sally Yates in the Oval Office. Vice President Biden and I were also present.

That meeting reportedly included a discussion of the Steele dossier and the FBI’ s investigation of its claims. 1 Your email continued:

President Obama began the conversation by stressing his continued commitment to ensuring that every aspect of this issue is handled by the Intelligence and law enforcement communities “by the book”. The President stressed that he is not asking about, initiating or instructing anything from a law enforcement perspective. He reiterated that our law enforcement team needs to proceed as it normally would by the book. From a national security perspective, however, President Obama said he wants to be sure that, as we engage with the incoming team, we are mindful to ascertain if there is any reason that we cannot share information fully as it relates to Russia.

The next part of your email remains classified. After that, you wrote:

The President asked Comey to inform him if anything changes in the next few weeks that should affect how we share classified information with the incoming team. Comey said he would.

It strikes us as odd that, among your activities in the final moments on the final day of the Obama administration, you would feel the need to send yourself such an unusual email purporting to document a conversation involving President Obama and his interactions with the FBI regarding the Trump/Russia investigation. In addition, despite your claim that President Obama repeatedly told Mr. Comey to proceed “by the book,” substantial questions have arisen about whether officials at the FBI, as well as at the Justice Department and the State Department, actually did proceed “by the book.”

It pains me that two top Republicans on the Senate Judiciary Committee are too fucking stupid to see that, in fact, the FBI proceeded quite cautiously with the Russia investigation, not inappropriately, as they suggest. It pains me still more that they think this is all about the dossier.

7. During the meeting, did Mr. Comey or Ms. Yates mention potential press coverage of the Steele dossier? If so, what did they say?

8. During the meeting, did Mr. Comey describe the status of the FBI’s relationship with Mr. Steele, or the basis for that status?

9. When and how did you first become-aware of the allegations made by Christopher Steele?

10. When and how did you first become aware that the Clinton Campaign and the Democratic National Committee funded Mr. Steele’s efforts?

It’s certainly possible, given what I laid out here, that DOJ was prepping the second FISA application for Carter Page (though if the reauthorization were dated January 9, the application would have had to have been submitted by January 2).

But there are other reasons why you’d expect to have this meeting on January 5 and why Rice would want a record of it for posterity (the meeting generally probably relates to this story about the way Obama protected information on the investigation in the last days of the Administration).

As reporting on the discovery of Mike Flynn’s conversations about Russian sanctions with Sergey Kislyak make clear, the conversation wasn’t discovered in real time. Rather, after Putin didn’t respond to the December sanctions against Russia, analysts sought to figure out why. Only after that did they discover the conversation and Flynn’s role in it.

For Yates and other officials, concerns about the communications peaked in the days after the Obama administration on Dec. 29 announced measures to punish Russia for what it said was the Kremlin’s interference in the election in an attempt to help Trump.

After the sanctions were rolled out, the Obama administration braced itself for the Russian retaliation. To the surprise of many U.S. officials, Russian President Vladimir Putin announced on Dec. 30 that there would be no response. Trump praised the decision on Twitter.

Intelligence analysts began to search for clues that could help explain Putin’s move. The search turned up Kislyak’s communications, which the FBI routinely monitors, and the phone call in question with Flynn, a retired Army lieutenant general with years of intelligence experience.

So it would be right around this time when law enforcement concerns about the incoming National Security Advisor would have arisen.

Update: This story confirms that the January 5 meeting was partly about the Flynn phone call.

On Jan. 5, FBI Director James B. Comey, CIA Director John Brennan and Director of National Intelligence James R. Clapper Jr. briefed Obama and a small group of his top White House advisers on the contents of a classified intelligence report showing that Russia intervened in the 2016 election to help Trump. That’s when White House officials learned that the FBI was investigating the Flynn-Kislyak calls. “The Flynn-Kislyak relationship was highlighted,” a former senior U.S. official said, adding that the bureau made clear “that there was an actual investigation” underway.

And, in a very significant way, the investigation did not proceed by the book, almost certainly because of Mike Flynn’s (and possibly even Jeff Sessions’) potential compromise. Back in March, Jim Comey admitted to Elise Stefanik that the FBI had delayed briefing Congress about the counterintelligence investigation into Trump because it had, in turn, delayed telling the Executive Branch until February.

Stefanik returned to her original point, when Congress gets briefed on CI investigations. Comey’s response was remarkable.

Stefanik: It seems to me, in my first line of questioning, the more serious a counterintelligence investigation is, that would seem to trigger the need to update not just the White House, the DNI, but also senior congressional leadership. And you stated it was due to the severity. I think moving forward, it seems the most severe and serious investigations should be notified to senior congressional leadership. And with that thanks for your lenience, Mr. Chairman, I yield back.

Comey could have been done with Stefanik yielding back. But instead, he interrupted, and suggested part of the delay had to do with the practice of briefing within the Executive Branch NSC before briefing Congress.

Comey: That’s good feedback, Ms. Stefanik, the challenge for is, sometimes we want to keep it tight within the executive branch, and if we’re going to go brief congressional leaders, the practice has been then we brief inside the executive branch, and so we have to try to figure out how to navigate that in a good way.

Which seems to suggest one reason why the FBI delayed briefing the Gang of Four (presumably, this is the Gang of Eight) is because they couldn’t brief all Executive Branch people the White House, and so couldn’t brief Congress without first having briefed the White House.

Which would suggest Mike Flynn may be a very central figure in this investigation.

Because the National Security Advisor was suspected of being compromised (and because the Attorney General had at least a conflict), the FBI couldn’t and didn’t proceed normally.

Plus, there’s one other issue about which Obama should have discussed normal procedure with Yates and Comey on January 5. Two days earlier, Loretta Lynch signed an order permitting, for the first time, the sharing of EO 12333 data in bulk. Among the first things I’m sure FBI would have asked for would have been EO 12333 data to support their Russian investigation. Yet doing so would expose Trump’s people. That’s all the more true given that the rules permit the retention of entirely domestic communications if they have significant counterintelligence value.

So one of the first things that would have happened, after signing data sharing rules the government had been working to implement since Stellar Wind, would have been the prospect that the very first Americans directly affected weren’t going to be some powerless Muslims or relatively powerless Chinese-Americans, but instead the President’s closest associates. Given what we’ve seen from the George Papadopoulos case, the FBI likely bent over backwards to insulate Trump aides (indeed, it’s hard to understand how they wouldn’t have known of Ivan Timofeev’s outreach to Papadopoulos before his interviews if they hadn’t).

Just before this meeting, FBI and DOJ had discovered that Trump’s most important national security aide had had surprising conversations with Russia. That clearly raised the prospect of necessary deviations from normal practices with regards to intelligence sharing.

Yet Grassley and Graham are seeing Christopher Steele’s ghost behind every single solitary action. Rather than the real challenges posed when top officials pose real counterintelligence concerns.

Update: Kathryn Ruemmler, representing Rice, pretty much confirms Grassley and Graham have gone on a wild Steele chase.

“There is nothing ‘unusual’ about the National Security Advisor memorializing an important discussion for the record,” Kathryn Ruemmler, a counsel for Rice, said in a statement. “The Obama White House was justifiably concerned about how comprehensive they should be in their briefings regarding Russia to members of the Trump transition team, particularly Lt. General Michael Flynn, given the concerning communications between him and Russian officials.”
Ruemmler added: “The discussion that Ambassador Rice documented did not involve the so-called Steele dossier. Any insinuation that Ambassador Rice’s actions in this matter were inappropriate is yet another attempt to distract and deflect from the importance of the ongoing investigations into Russian meddling in America’s democracy.”

It Is False that Downstream 702 Collection Consists Only of To and From Communications

I was swamped this week when Hoover Institute had this conference on Section 702 of FISA. But I heard so much about this panel, with Jim Baker, Susan Hennessey, Alex Abdo, and Julian Sanchez, I had to watch.

The panel generally and Hennessey especially gave far too much credence to the claim that NSA self-reported the upstream search violations revealed in the April 26 Rosemary Collyer opinion. You cannot claim NSA self-reported a problem they sat on for nine months before initially explaining, and pointedly didn’t mention in the initial reauthorization application, and that’s just one example of egregiously belated reporting described in the opinion. I’ll have far more to say about that — and NSA oversight generally — in the upcoming days.

I’m also frankly shocked that no one on the panel mentioned the approval to share EO 12333 data that was authorized between the time NSA belatedly declared these problems and the time it said it would discontinue an abusive problem. Here’s what the timing looked like:

  • January 2016: Several formal discoveries of the problems in upstream searches
  • September 26, 2016: Initial application (that didn’t disclose the problems) first submitted
  • October 24, 2016: The government first discloses the upstream search problems
  • January 3, 2017: Loretta Lynch signs procedures authorizing the sharing of raw EO 12333 data
  • March 30, 2017: The government submits their fix to upstream problems
  • April 26, 2017: Rosemary Collyer opinion authorizing the reframed upstream collection

The timing is critical because in between the time the government very belatedly revealed the problems with upstream and the time it decided to halt a narrowly defined “about” collection, it got approval to share raw EO 12333 data between agencies. The searches that NSA won’t be able to do under Section 702 are all, by definition, possible (though probably not as easy) to do under EO 12333. So the government can still obtain the very things they’ve told the FISC they won’t collect [under 702], and they can share them more easily with the FBI and CIA (which can do back door searches on them). In other words, even as the FISC was saying that the backdoor searches of upstream collection violated the Fourth Amendment, the government was self-authorizing a way to do the very same searches via means that don’t have any FISC oversight (and for which the existing oversight regime is flimsy).

But one thing that was most striking for me came when Hennessey stated “there are two forms of collection, upstream and downstream. Within downstream there’s only to and from collection.”

This is the kind of claim that seems to be correct. Indeed, much of Rosemary Collyer’s shitty opinion is premised on such an assumption. In all unclassified FISC discussions, back door searches of PRISM content are considered acceptable because (the assumption is) the searches would return only the side of the US person conversing with a foreign intelligence target. The idea is that the US person would be interesting and potentially valid foreign intelligence because they had knowingly communicated with a target.

But it is actually incorrect.

That’s because PRISM (which has been renamed “downstream” for some reason, which distracts from what kind of providers these actually are) is significantly about the collection of stored data. And the data it collects is not just electronic surveillance (that is, data in motion). As the WaPo described years ago, the NSA will collect other things that are in someone’s users account.

No government oversight body, including the Justice Department, the Foreign Intelligence Surveillance Court, intelligence committees in Congress or the president’s Privacy and Civil Liberties Oversight Board, has delved into a comparably large sample of what the NSA actually collects — not only from its targets but also from people who may cross a target’s path.

Among the latter are medical records sent from one family member to another, résumés from job hunters and academic transcripts of schoolchildren. In one photo, a young girl in religious dress beams at a camera outside a mosque.

Scores of pictures show infants and toddlers in bathtubs, on swings, sprawled on their backs and kissed by their mothers. In some photos, men show off their physiques. In others, women model lingerie, leaning suggestively into a webcam or striking risque poses in shorts and bikini tops.

I raise this not to gotcha Hennessey for making a mistake at all; as I said, on its face the statement seems to be, but is not, correct. Rather, I wanted to point to an assumption virtually everyone has been making about PRISM collection and its suitability for back door searches that may not be valid. If you think about the hack-and-leak dumps in recent years, for example, often the most damaging, as well as the most ridiculous infringements on privacy, involve email attachments, such as the list of most Democratic members of Congress’ email many passwords for which were easily obtainable online, or phone conversations about routine housekeeping or illness. And that’s just attachments; most of the PRISM providers are actually cloud storage providers, in addition to being electronic communication providers, and from the very first requests to Yahoo there was mission creep of all the types of things the government might demand.

And while NSA and FBI aren’t supposed to keep stuff that doesn’t count as foreign intelligence or criminal information, it’s clear (from the WaPo report) that NSA, at least, does.

So as we talk about how inappropriate the upstream back door searches were and are because they can search on stuff that’s not foreign intelligence information, we should remember that the very same thing is likely true of back door searches of  the fruits of searches on a person’s cloud storage account.

 

Even (Especially?) the FBI Is Susceptible to Fake News

The WaPo has an utterly dispiriting story providing more detail on a document first revealed in this big NYT story on Jim Comey. Here’s how the NYT described it:

During Russia’s hacking campaign against the United States, intelligence agencies could peer, at times, into Russian networks and see what had been taken. Early last year, F.B.I. agents received a batch of hacked documents, and one caught their attention.

The document, which has been described as both a memo and an email, was written by a Democratic operative who expressed confidence that Ms. Lynch would keep the Clinton investigation from going too far, according to several former officials familiar with the document.

Read one way, it was standard Washington political chatter. Read another way, it suggested that a political operative might have insight into Ms. Lynch’s thinking.

[snip]

The document complicated that calculation, according to officials. If Ms. Lynch announced that the case was closed, and Russia leaked the document, Mr. Comey believed it would raise doubts about the independence of the investigation.

But as the WaPo reveals, the document was not an email, but rather a Russian document purportedly reporting on email. And while in August the FBI deemed the document a hoax, it took five months — covering the all important July announcement ending the Hillary investigation — to get to that point.

The document, obtained by the FBI, was a piece of purported analysis by Russian intelligence, the people said. It referred to an email supposedly written by the then-chair of the Democratic National Committee, Rep. Debbie Wasserman Schultz (D-Fla.), and sent to Leonard Benardo, an official with the Open Society Foundations, an organization founded by billionaire George Soros and dedicated to promoting democracy.

The Russian document did not contain a copy of the email, but it described some of the contents of the purported message.

[snip]

Comey had little choice, these people have said, because he feared that if Lynch announced no charges against Clinton, and then the secret document leaked, the legitimacy of the entire case would be questioned.

From the moment the bureau received the document from a source in early March 2016, its veracity was the subject of an internal debate at the FBI. Several people familiar with the matter said the bureau’s doubts about the document hardened in August when officials became more certain that there was nothing to substantiate the claims in the Russian document. FBI officials knew the bureau never had the underlying email with the explosive allegation, if it ever existed.

Yet senior officials at the bureau continued to rely on the document as part of their justification for how they handled the case before and after the election.

As the WaPo lays out, the FBI hadn’t even asked Loretta Lynch, much less the other participants in the alleged emails, about them before Comey used the document to justify his July statement on the investigation into Hillary’s emails. They simply relied on it, in spite of the way a Debbie Wasserman Schultz and George Soros screams of the worst kind of fevered misinformation that circulated last year. Or, at a minimum, they acted based on the assumption that they couldn’t combat evidently fake news were it to leak.

We talk a lot about dumb ordinary voters who can’t sort through PizzaGate and Seth Rich conspiracies on their own.

But even the FBI, with all the investigative tools you can imagine, was unable to sort through fake news. And that had a role in one of the most significant events in last year’s election.

Thoughts on the NYT Comey Blockbuster

The NYT has a big piece on Jim Comey’s involvement in the election you should definitely read. Rather than share my thoughts in a tweet storm I thought I’d share here so we can all gab about it.

Consensus coming closer to Jim Comey being self-righteous

As long time readers know, I think Jim Comey is self-righteous. He creates a heroic self-image that is often overblown (as it was regarding the post hospital hero events). So I was happy to see this paragraph — and observations matching it — through out the story.

Mr. Comey made those decisions with the supreme self-confidence of a former prosecutor who, in a distinguished career, has cultivated a reputation for what supporters see as fierce independence, and detractors view as media-savvy arrogance.

Comey deserves all the criticism he has gotten for his statements about the Hillary investigation. But we’re stuck with Comey for now; he’s one of the few checks against Trump’s arbitrary rule (and Comey is enough of a media hound to be able to create the space to conduct the investigation into Trump).

But one way or another I’m happy people are beginning to understand Comey not as the hospital hero, nor as a partisan, but as someone who doesn’t (or didn’t?) assess his own actions with a fair measure.

The secret David Margolis meeting

One of two really interesting new details in this story is that, when Comey was trying to decide what to do, he consulted with David Margolis, who has long been treated as the conscience of DOJ by DOJers. (See this bmaz post for more background on Margolis.)

Mr. Comey sought advice from someone he has trusted for many years. He dispatched his deputy to meet with David Margolis, who had served at the Justice Department since the Johnson administration and who, at 76, was dubbed the Yoda of the department.

What exactly was said is not known. Mr. Margolis died of heart problems a few months later. But some time after that meeting, Mr. Comey began talking to his advisers about announcing the end of the Clinton investigation himself, according to a former official.

This meeting (and the description of how they staged Margolis’ funeral so the DOJ people criticizing Comey wouldn’t have to share a stage with him) plays a weird role in the story, as if just the mention of the meeting serves to exonerate Comey’s terrible decision to announce the end of the Hillary investigation.

But what the story doesn’t note is that Comey was effectively consulting with the person who for years always intervened to make sure DOJ’s lawyers don’t get held accountable for their misconduct (most notably, he did this for John Yoo). Now, I’m not sure whether as FBI Director Comey’s behavior might have been reviewed by the Office of Professional Responsibility; as it happens DOJ IG is doing so. But it is not ethical to have the guy who, later on, would bless your actions, bless them before the fact. It’s like getting pre-approval to break the rules.

Loretta Lynch should have recused

One of the details others find most interesting is that the FBI acted as they did, in part, because a Democratic operative suggested in an email that Loretta Lynch would ensure nothing came of the investigation.

During Russia’s hacking campaign against the United States, intelligence agencies could peer, at times, into Russian networks and see what had been taken. Early last year, F.B.I. agents received a batch of hacked documents, and one caught their attention.

The document, which has been described as both a memo and an email, was written by a Democratic operative who expressed confidence that Ms. Lynch would keep the Clinton investigation from going too far, according to several former officials familiar with the document.

Read one way, it was standard Washington political chatter. Read another way, it suggested that a political operative might have insight into Ms. Lynch’s thinking.

Normally, when the F.B.I. recommends closing a case, the Justice Department agrees and nobody says anything. The consensus in both places was that the typical procedure would not suffice in this instance, but who would be the spokesman?

The document complicated that calculation, according to officials. If Ms. Lynch announced that the case was closed, and Russia leaked the document, Mr. Comey believed it would raise doubts about the independence of the investigation.

I’ve got a slew of hacking related questions about this document — starting with why it hasn’t, as far as I know, been leaked. The described timing as “early last year” suggests that it may have been hacked in the FSB phase of the hacking. But the document would have solidified the narrative the Russians were reportedly fostering about Hillary.

The article doesn’t pursue those questions, but it notes that in response to finding it, Comey did not ask Lynch to recuse. He should have. You recuse whether or not there’s basis for recusal but because of appearances as well. Moreover, so much awfulness could have been avoided had she recused. This was one of the big own goals of this whole mess.

CIA Directors should not meet with just one Gang of Eight member

The second detail I find most interesting in this story is that John Brennan privately briefed Harry Reid about his concerns about the Russians.

John O. Brennan, the C.I.A. director, was so concerned about the Russian threat that he gave an unusual private briefing in the late summer to Harry Reid, then the Senate Democratic leader.

Top congressional officials had already received briefings on Russia’s meddling, but the one for Mr. Reid appears to have gone further. In a public letter to Mr. Comey several weeks later, Mr. Reid said that “it has become clear that you possess explosive information about close ties and coordination between Donald Trump, his top advisors, and the Russian government — a foreign interest openly hostile to the United States.”

While I’m generally sympathetic to Democrats’ complaints that DOJ should have either remained silent about both investigations or revealed both of them, it was stupid for Brennan to give this private briefing (and I hope he gets grilled about it by HPSCI when he testifies in a few weeks). In addition to the things Reid said publicly about the investigation, it’s fairly clear he and his staffers were also behind some of the key leaks here (and, as CNN reported yesterday, leaks about the investigation actually led targets of it to alter their behavior). For reasons beyond what appears in this story, I think it likely Reid served as a cut-out for Brennan.

And that’s simply not appropriate. There may well have been reasons to avoid briefing Richard Burr (who was advising Trump). But spooks should not be sharing information with just one party. CIA did so during its torture cover-up in ways that are particularly troubling and I find this — while not as bad — equally problematic.

Two missing details: the leaks and the delayed notice to Congress

While this is already a comprehensive story (though its telling of October 7 omits key details), there are two parts that seem critical that are missing: the flood of leaks from FBI and the decision to delay notifying the Gang of Four of the CI investigation.

This week, CNN reported that the FBI was “clarifying” an earlier policy fostering more contact between FBI employees with the media in response to leaks about the Trump campaign. (Click through to read about the TV series coming out focusing on FBI heroism that the FBI exercised editorial control over!!!)

The FBI is overhauling its media policy, restricting contacts between the news media and its employees amid controversy over alleged leaks, bureau officials told CNN.

The new media policy was rolled out this week at a conference in Washington attended by FBI special agents in charge of its 56 field offices, according to officials who attended.
Media access to top officials at the FBI became more common in recent years under FBI Director James Comey, part of a transparency effort he said was aiming at demystifying the FBI and helping the public understand its mission. But the new policy appears to curtail that access.
An official familiar with the development of the new policy described it as largely a “clarification” intended to reinforce existing rules on who is authorized to talk to reporters, not a step back from Comey’s transparency initiatives.

Not only should this policy have been put in place before people leaked details of FISA orders, but it should have been put in place in early 2016, when it was clear FBI Agents were leaking details of the Hillary investigation to try to force their supervisors to expand its scope to include the Clinton Foundation.

Instead, the possibility that FBI Agents would leak was one of the reasons why Comey did what he did. The correct thing, instead of making unprecedented public statements as he did, would have been to shut down the leaking.

Additionally, according to Comey’s testimony, FBI actually delayed notifying at least the heads of the Intelligence Committees  until fairly recently. The NYT acknowledges that this detail was hidden. But I’d love to understand how this departure from normal briefing affected all the other decisions (particularly in light of the the Brennan meeting).

In any case, read the whole thing. It’s very frustrating. But it also lays out a series of things that Comey — and other Obama officials — should have done differently.

Robert Eatinger Brags that CIA Complies with Law Passed 2 Years Ago — But Will It Really Limit CIA?

Robert Eatinger — the former CIA lawyer deeply implicated in torture who referred the authors of the Senate Intelligence Committee report on torture to DOJ for criminal investigation — has a curious column in The Cipher Brief. Eatinger purports to rebut commentators who have described “Executive Order 12333 as a sort of mysterious, open-ended authorization for U.S. intelligence agencies to engage in secret, questionable activities.” But mostly he addresses the Agency’s new Attorney General Guidelines under EO 12333 approved by Loretta Lynch on January 17.

Eatinger doesn’t explain what led to the adoption of new procedures. He does at least admit that the CIA had been operating on procedures written in 1982, a year after EO 12333 mandated such procedures. He also admits that those procedures did not reflect, “advances in collection methods due to changes in technology and privacy interests unforeseen in 1982, which did not contemplate the ubiquitous use of mobile phones, computers, and other digital media devices or evolving views of privacy and thus did not seek to address ‘big data’ or ‘bulk’ collection.” But readers who didn’t know better might conclude from Eatinger’s piece that the CIA just decided out of the blue to start protecting Americans’ privacy.

The proximate change to the procedures was likely a desire to finally expand data sharing under Obama’s new EO 12333 sharing rules, a final step before accessing a firehose of data from the NSA (curiously, Eatinger doesn’t mention that these new procedures will probably enable the expanded intake of vast amounts of bulk data including US person information). It also (as I’ll explain) belatedly responds to a mandate from Congress.

But in reality, the change comes in response to over three years of nagging from the Privacy and Civil Liberties Oversight Board, which asked James Clapper and Eric Holder to make agencies update these procedures back in August 2013, pointing out how much technology had changed in the interim. Which is another way of saying that, for the entire time when Eatinger was a top CIA lawyer, CIA was perfectly happy to operate on 35-year old procedures not reflecting current technology.

Among the procedures limiting CIA’s (newly expanded) access to bulk data, Eatinger highlights the five year restriction on retention of information including US person data.

These sections also satisfy the requirements to create procedures that limit to five years the retention of any nonpublic telephone or electronic communication acquired without the consent of a person who is a party to the communication except in defined circumstances (Section 309).

[snip]

Section 6 creates two different types of handling requirements for unevaluated information; one for “routine” handling and one for “exceptional” handling.  Exceptional handling requirements apply to intelligence collections either of nonpublic communications that were acquired without the consent of a party to the communication, or that are anticipated to contain U.S. person identifying information that is significant in volume, proportion, or sensitivity.  The exceptional requirements include segregating the unevaluated information, limiting access to CIA employees who receive special training, creating an auditable record of activity, and importantly, requiring such information to be destroyed no later than five years after collection, permitting extensions in limited circumstances.

The five-year limit in Section 6 is but one example of how specifics in the new procedures attempt to find the right balance of intelligence and privacy interests.  Each procedure involves an effort to find the right tradeoffs to allow lawful intelligence collection and protect privacy and civil liberty rights and interests. The tradeoff was between the risk to a loss in intelligence capabilities by destroying information at five years against the risk to compromising privacy interests by keeping the information longer.

It’s not until nine paragraphs after Eatinger introduces this requirement, which he notes arises from “Section 309” in paragraph 8, that he explains where it comes from in paragraph 17, from Congress.

The five-year retention period in Section 6 was not set by the CIA, DNI, or Attorney General, however, it was set by Congress through Section 309.

Eatinger doesn’t describe when Congress passed that law, but I will. It was in the Intelligence Authorization for FY 2015. It became law on December 19, 2014.

Which is another way of saying that for over two years after Congress passed this law mandating the destruction of bulk data including US person data after five years, CIA hadn’t updated its EO 12333 procedures to reflect that requirement (this was after Eatinger left CIA, so we can’t blame him for the tardiness).

Now, Eatinger helpfully confirms something I’ve long believed but hadn’t confirmed: rather than sorting through and deleting the US person data in the collection, which would be all the law requires, the CIA instead destroys the entire data set at the five year interval, effectively extending the privacy protections passed to cover US persons to foreigners as well (you’re welcome, Europe). Eatinger does so in a passage laying out the trade-offs to deleting data after five years.

Deleting all unevaluated information specifically concerning U.S. persons has little to no intelligence downside because intelligence agencies will never want or have reason to search their intelligence holdings.  The five-year period to destroy all unevaluated information, however, will remove not only information concerning U.S. persons but also any information potentially concerning valid intelligence targets, such as international terrorists, from the intelligence agencies holdings.  In this latter case, however, intelligence agencies will want and may have a reason to search its holdings for information on these targets.  The deletion of that information could thus have an adverse intelligence impact, particularly on counterterrorism and counterproliferation intelligence reporting, as well as on the conduct of human intelligence operations, all of which are important activities of the CIA.

The CIA could be expected to search all of its holdings upon receiving intelligence identifying a previous unknown person as a suspected terrorist or proliferator.  Under the five-year retention period, when the CIA conducts the search, any unevaluated information on that person that may have been acquired during a bulk collection activity over five years ago will have been deleted; CIA’s search will not retrieve that information.  Thus, CIA might gain an incomplete or misleading understanding of the individual, his place in a terrorist network, and his contacts.  Or, CIA may send intelligence officers to conduct dangerous human intelligence operations to collect information it once had.  The loss of five-year old information could also adversely impact the spotting, assessing, recruiting, and running of human sources. [my emphasis]

This is how Eatinger introduces Congress’ role in requiring CIA to destroy data after five years: to blame them for limiting the CIA’s ability to sit on bulk data on Americans and foreigners for 25 years. To his credit, Eatinger does describe Congress as “the right body” to “impose” a “single retention period … on the entire intelligence community.” Given his direct attacks on Congressional oversight of the torture program, though, I wonder precisely in what spirit he intended this comment.

In any case, Eatinger also emphasizes that CIA doesn’t have to abide by this “single retention period …  imposed on the entire intelligence community.” After suggesting that some agencies might be able to abide by the Congressional mandate, he asserts unnamed other agencies may not be able to.

Some intelligence entities likely could accomplish their mission and destroy unevaluated information in less than five years.  Others may need to retain information longer than five years.

He then notes that Congress has given agencies an out.

Congress has provided that intelligence agency heads may retain information longer than five years if the head determines a longer retention “is necessary to protect the national security of the United States” and certifies in writing to the intelligence committees the reasons for that determination, the new retention period, the particular information to be retained; and the measures that will be taken to protect the privacy interests of U.S. persons and persons located inside the United States.

That out is laid out in CIA’s procedures at 6.2.2.2, but rather than stating the intelligence committees must get notice, the section says only that, “Upon such extension, the [CIA Director] shall complete any notifications required by statute, Executive Order, or other Presidential decree” which, given the way the Bush Administration ignored FISA based on Presidential decree, doesn’t inspire confidence that Congress would get the notice mandated under Section 309.

In any case, we have reason to believe the CIA is just one month into receiving an expanded firehose of data, including a great deal of data on Americans. And Eatinger sure seems to suggest the CIA may never give the data obtained via that firehose up.

The Ironies of the EO 12333 Sharing Expansion for Obama and Trump

In one of his first acts as leader of the Democratic party in 2008, Barack Obama flipped his position on telecom immunity under FISA Amendments Act, which cleared the way for its passage. That was a key step in the legalization of the Stellar Wind dragnet illegally launched by George Bush in 2001, the normalization of turnkey surveillance of the rest of the world, surveillance that has also exposed countless Americans to warrantless surveillance.

Bookends of the Constitutional law president’s tenure: codifying and expanding Stellar Wind

So it is ironic that, with one of his final acts as President, Obama completed the process of normalizing and expanding Stellar Wind with the expansion of EO 12333 information sharing.

As I laid out some weeks ago, on January 3, Loretta Lynch signed procedures that permit the NSA to share its data with any of America’s other 16 intelligence agencies. This gives CIA direct access to NSA data, including on Americans. It gives all agencies who jump through some hoops that ability to access US person metadata available overseas for the kind of analysis allegedly shut down under USA Freedom Act, with far fewer limits in place than existed under the old Section 215 dragnet exposed by Edward Snowden.

And it did so just as an obvious authoritarian took over the White House.

I’ve was at a privacy conference in Europe this week (which is my partial explanation for being AWOL all week), and no one there, American or European, could understand why the Obama Administration would give Trump such powerful tools.

About the only one who has tried to explain it is former NSA lawyer Susan Hennessey in this Atlantic interview.

12333 is not constrained by statute; it’s constrained by executive order. In theory, a president could change an executive order—that’s within his constitutional power. It’s not as easy as just a pen stroke, but it’s theoretically possible.

[snip]

When they were in rewrites, they were sort of vulnerable. There was the possibility that an incoming administration would say, “Hey! While you’re in the process of rewriting, let’s go ahead and adjust some of the domestic protections.” And I think a reasonable observer might assume that while the protections the Obama administration was interested in putting into place increased privacy protections—or at the very least did not reduce them—that the incoming administration has indicated that they are less inclined to be less protective of privacy and civil liberties. So I think it is a good sign that these procedures have been finalized, in part because it’s so hard to change procedures once they’re finalized.

[snip]

I think the bottom line is that it’s comforting to a large national-security community that these are procedures that are signed off by Director of National Intelligence James Clapper and Attorney General Loretta Lynch, and not by the DNI and attorney general that will ultimately be confirmed under the Trump Administration.

Hennessey’s assurances ring hollow. That’s true, first of all, because it is actually easier to change an EO — and EO 12333 specifically — than “a pen stroke.” We know that because John Yoo did just that, in authorizing Stellar Wind, when he eliminated restrictions on SIGINT sharing without amending EO 12333 at all. “An executive order cannot limit a President,” Yoo wrote in the 2001 memo authorizing Stellar Wind. “There is no constitutional requirement for a President to issue a new executive order whenever he wishes to depart from the terms of a previous executive order. Rather than violate an executive order, the President has instead modified or waived it.” And so it was that the NSA shared Stellar Wind data with CIA, in violation of the plain language of EO 12333 Section 2.3, until that sharing was constrained in 2004.

Yes, in 2008, the Bush Administration finally changed the language of 2.3 to reflect the SIGINT sharing it had started to resume in 2007-2008. Yes, this year the Obama Administration finally made public these guidelines that govern that sharing. But recent history shows that no one should take comfort that EOs can bind a president. They cannot. The Executive has never formally retracted that part of the 2001 opinion, which in any case relies on a 1986 OLC opinion on Iran-Contra arguing largely the same thing.

No statutorily independent oversight over vastly expanded information sharing

Which brings us to whether the EO sharing procedures, as released, might bind Trump anymore than EO 12333 bound Bush in 2001.

In general, the sharing procedures are not even as stringent as other surveillance documents from the Obama Administration. The utter lack of any reasonable oversight is best embodied, in my opinion, by the oversight built into the procedures. A key cog in that oversight is the Department of National Intelligence’s Privacy and Civil Liberties Officer — long inhabited by a guy, Alex Joel, who had no problem with Stellar Wind. That role will lead reviews of the implementation of this data sharing. In addition to DNI’s PCLO, NSA’s PCLO will have a review role, along with the General Counsels of the agencies in question, and in some limited areas (such as Attorney Client communications), so will DOJ’s National Security Division head.

What the oversight of these new sharing procedures does not include is any statutorily independent position, someone independently confirmed by the Senate who can decide what to investigate on her own. Notably, there is not a single reference to Inspectors General in these procedures, even where other surveillance programs rely heavily on IGs for oversight.

There is abundant reason to believe that the PATRIOT Act phone and Internet dragnets violated the restrictions imposed by the FISA Court for years in part because NSA’s IG’s suggestions were ignored, and it wasn’t until, in 2009, the FISC mandated NSA’s IG review the Internet dragnet that NSA’s GC “discovered” that every single record ingested under the program violated FISC’s rules after having not discovered that fact in 25 previous spot checks. In the past, then, internal oversight of surveillance has primarily come when IGs had the independence to actually review the programs.

Of course, there won’t be any FISC review here, so it’s not even clear whether explicit IG oversight of the sharing would be enough, but it would be far more than what the procedures require.

I’d add that the Privacy and Civil Liberties Oversight Board, which provided key insight into the Section 215 and 702 programs, also has no role — except that PCLOB is for all intents and purposes defunct at this point, and there’s no reason to believe it’ll become operational under Trump.

Obama vastly expanded information sharing with these procedures without implementing the most obvious and necessary oversight over that sharing, statutorily independent oversight.

Limits on using the dragnet to affect political processes

There is just one limit in the new procedures that I think will have any effect whatsoever — but I think Trump may have already moved to undercut it.

The procedures explicitly prohibit what everyone should be terrified about under Trump — that he’ll use this dragnet to persecute his political enemies. Here’s that that prohibition looks like.

Any IC element that obtains access to raw SIGINT under these Procedures will:

[snip]

Political process in the United States. Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States. The IC element will comply with the guidance applicable to NSA regarding the application of this prohibition. Questions about whether a particular activity falls within this prohibition will be resolved in consultation with the element’s legal counsel and the General Counsel of the Office of the Director of National Intelligence (ODNI) (and the DoD’s Office of the General Counsel in the case of a DoD IC element).

If you need to say the IC should not share data with the White House for purposes of affecting the political process, maybe your info sharing procedures are too dangerous?

Anyway, among the long list of things the IC is not supposed to do, this is the only one that I think is so clear that it would likely elicit leaks if it were violated (though obviously that sharing would have to be discovered by someone inclined to leak).

All that said, note who is in charge of determining whether something constitutes affecting political processes? The IC agency’s and ODNI’s General Counsel (the latter position is vacant right now). Given that the Director of National Intelligence is one of the positions that just got excluded from de facto participation in Trump’s National Security Council (in any case, Republican Senator Dan Coats has been picked for that position, which isn’t exactly someone you can trust to protect Democratic or even democratic interests), it would be fairly easy to hide even more significant persecution of political opponents.

FBI and CIA’s expanded access to Russian counterintelligence information

There is, however, one aspect of these sharing guidelines that may have work to limit Trump’s power.

In the procedures, the conditions on page 7 and 8 under which an American can be spied on under EO 12333 are partially redacted. But the language on page 11 (and in some other parallel regulations) make it clear one purpose under which such surveillance would be acceptable, as in this passage.

Communications solely between U.S. persons inadvertently retrieved during the selection of foreign communications will be destroyed upon recognition, except:

When the communication contains significant foreign intelligence or counterintelligence, the head of the recipient IC element may waive the destruction requirement and subsequently notify the DIRNSA and NSA’s OGC;

Under these procedures generally, communications between an American and a foreigner can be read. But communications between Americans must be destroyed except if there is significant foreign intelligence or counterintelligence focus. This EO 12333 sharing will be used not just to spy on foreigners, but also to identify counterintelligence threats (which would presumably include leaks but especially would focus on Americans serving as spies for foreign governments) within the US.

Understand: On January 3, 2017, amid heated discussions of the Russian hack of the DNC and public reporting that at least four of Trump’s close associates may have had inappropriate conversations with Russia, conversations that may be inaccessible under FISA’s probable cause standard, Loretta Lynch signed an order permitting the bulk sharing of data to (in part) find counterintelligence threats in the US.

This makes at least five years of information collected on Russian targets available, with few limits, to both the CIA and FBI. So long as the CIA or FBI were to tell DIRNSA or NSA’s OGC they were doing so, they could even keep conversations between Americans identified “incidentally” in this data.

I still don’t think giving the CIA and FBI (and 14 other agencies) access to NSA’s bulk SIGINT data with so little oversight is prudent.

But one of the only beneficial aspects of such sharing might be if, before Trump inevitably uses bulk SIGINT data to persecute his political enemies, CIA and FBI use such bulk data to chase down any Russian spies that may have had a role in defeating Hillary Clinton.

The Story About Judicial Dysfunction Behind the Comey Whiplash

I’ve been home from Europe for less than a day and already I’m thinking of sporting a neck collar for the whiplash I’ve gotten watching the wildly varying Jim Comey opinions.

I’m speaking, of course, of the response to Jim Comey’s highly unusual announcement to sixteen Chairs and Ranking Members of congressional committees (at least some of which Comey did not testify to) that the investigative team — presumably on the Clinton case — briefed him Thursday that FBI discovered additional emails in an unrelated case — now known to be the investigation into Anthony Weiner allegedly sexting a 15 year old — and he approved their request to take the steps necessary to be able to review those emails.

Effectively, the Weiner investigators, in reviewing the content from devices seized in that investigation, found emails from Huma Abedin, told the Hillary investigative team, and they’re now obtaining a warrant to be able to review those emails.

So of course the Republicans that had been claiming Comey had corruptly fixed the investigation for Hillary immediately started proclaiming his valor and Democrats that had been pointing confidently to his exoneration of Hillary immediately resumed their criticism of his highly unusual statements on this investigation. Make up your minds, people!

For the record, I think his initial, completely inappropriate statements made this inevitable. He excuses Friday’s statement as formally correcting the record of his testimony. The claim is undermined by the fact that not all recipients of the letter had him testify. But I think once you start the process of blabbing about investigations, more blabbing likely follows. I don’t mean to excuse this disclosure, but the real sin comes in the first one, which was totally inappropriate by any measure. I’m also very unsympathetic with the claim —  persistently offered by people who otherwise cheer Comey — that he released his initial statement to help Loretta Lynch out of the jam created by her inappropriate meeting with Bill Clinton; I think those explanations stem from a willful blindness about what a self-righteous moralist Comey is.

Of course I’ve been critical of Comey since long before it was cool (and our late great commenter Mary Perdue was critical years before that).

But I’d like to take a step back and talk about what this says about our judicial system.

Jim Comey doesn’t play by the rules

Jamie Gorelick (who worked with Comey when she was in DOJ) and Larry Thompson (who worked with Comey when Comey was US Attorney and he was Deputy Attorney General, until Comey replaced him) wrote a scathing piece attacking Comey for violating the long-standing prohibition on doing anything in an investigation pertaining to a political candidate in the 60 days leading up to an election. The op-ed insinuates that Comey is a “self-aggrandizing crusader[] on [a] high horse” before it goes on to slam him for making himself the judge on both the case and Hillary’s actions.

James B. Comey, put himself enthusiastically forward as the arbiter of not only whether to prosecute a criminal case — which is not the job of the FBI — but also best practices in the handling of email and other matters. Now, he has chosen personally to restrike the balance between transparency and fairness, departing from the department’s traditions. As former deputy attorney general George Terwilliger aptly put it, “There’s a difference between being independent and flying solo.”

But the real meat is that there’s a rule against statements like the one Comey made, and Comey broke it.

Decades ago, the department decided that in the 60-day period before an election, the balance should be struck against even returning indictments involving individuals running for office, as well as against the disclosure of any investigative steps. The reasoning was that, however important it might be for Justice to do its job, and however important it might be for the public to know what Justice knows, because such allegations could not be adjudicated, such actions or disclosures risked undermining the political process. A memorandum reflecting this choice has been issued every four years by multiple attorneys general for a very long time, including in 2016.

If Comey is willing to break this rule in such a high profile case, then what other rules is he breaking? What other judgements has Comey made himself arbiter of? Particularly given Comey’s persistent discussion of FBI’s work in terms of “good guys” and “bad guys” — as opposed to criminal behavior — that seems a really pertinent question.

As with James Clapper, Loretta Lynch can’t control Comey

Gorelick (who has been suggested among potential Clinton appointees) and Thompson go easier on Lynch, however, noting that she didn’t order him to stand down here, but ultimately blaming Comey for needing to be ordered.

Attorney General Loretta E. Lynch — nominally Comey’s boss — has apparently been satisfied with advising Comey but not ordering him to abide by the rules. She, no doubt, did not want to override the FBI director in such a highly political matter, but she should not have needed to. He should have abided by the policy on his own.

But since John Cornyn confronted Lynch in March about who would make decisions in this case — “Everyone in the Department of Justice works for me, including the FBI, sir,” Lynch forcefully reminded Cornyn — it has been clear that there’s a lot more tension than the org chart would suggest there should be.

The NYT provides more details on how much tension there is.

The day before the F.B.I. director, James B. Comey, sent a letter to Congress announcing that new evidence had been discovered that might be related to the completed Hillary Clinton email investigation, the Justice Department strongly discouraged the step and told him that he would be breaking with longstanding policy, three law enforcement officials said on Saturday.

Senior Justice Department officials did not move to stop him from sending the letter, officials said, but they did everything short of it, pointing to policies against talking about current criminal investigations or being seen as meddling in elections.

And it’s not just Lynch that has problems managing FBI.

In a response to a question from me in 2014 (after 56:00), Bob Litt explained that FBI’s dual role creates “a whole lot of complications” and went on to admit that the office of Director of National Intelligence — which is supposed to oversee the intelligence community — doesn’t oversee the FBI as directly.

Because FBI is part of the Department of Justice, I don’t have the same visibility into oversight there than I do with respect to the NSA, but the problems are much more complicated because of the dual functions of the FBI.

Litt said something similar to me in May when we discussed why FBI can continue to present bogus numbers in its legally mandated NSL reporting.

Now these are separate issues (though the Clinton investigation is, after all, a national security investigation into whether she or her aides mishandled classified information). But if neither the DNI nor the AG really has control over the FBI Director, it creates a real void of accountability that has repercussions for a whole lot of issues and, more importantly, people who don’t have the visibility or power of Hillary Clinton.

The FBI breaks the rules all the time by leaking like a sieve

Underlying this entire controversy is another rule that DOJ and FBI claim to abide by but don’t, at all: FBI is not supposed to reveal details of ongoing investigations.

Indeed, according to the NYT, Comey pointed to the certainty that this would leak to justify his Friday letter.

But although Mr. Comey told Congress this summer that the Clinton investigation was complete, he believed that if word of the new emails leaked out — and it was sure to leak out, he concluded — he risked being accused of misleading Congress and the public ahead of an election, colleagues said.

Yet the US Attorney’s Manual, starting with this language on prejudicial information and continuing into several more clauses, makes it clear that these kinds of leaks are impermissible.

At no time shall any component or personnel of the Department of Justice furnish any statement or information that he or she knows or reasonably should know will have a substantial likelihood of materially prejudicing an adjudicative proceeding.

Comey, the boss of all the FBI Agents investigating this case, had another alternative, one he should have exercised months ago when it was clear those investigating this case were leaking promiscuously: demand that they shut up, conduct investigations of who was leaking, and discipline those who were doing so. Those leaks were already affecting election year concerns, but there has been little commentary about how they, too, break DOJ rules.

But instead of trying to get FBI Agents to follow DOJ guidelines, Comey instead decided to violate them himself.

Again, that’s absolutely toxic when discussing an investigation that might affect the presidential election, but FBI’s habitual blabbing is equally toxic for a bunch of less powerful people whose investigative details get leaked by the FBI all the time.

[Update: Jeffrey Toobin addresses the role of leaks more generally here, though he seems to forget that the Hillary investigation is technically a national security investigation. I think it’s important to remember that, especially given Hillary’s campaign focus on why FBI isn’t leaking about the investigation into Trump’s ties to Russia, which would also be a national security investigation.]

Warrantless back door searches do tremendous amounts of damage

Finally, think about the circumstances of the emails behind this latest disclosure.

Reports are currently unclear how much the FBI knows about these emails. The NYT describes that the FBI seized multiple devices in conjunction with the Weiner investigation, including the laptop on which they found these emails.

On Oct. 3, F.B.I. agents seized several electronic devices from Mr. Weiner: a laptop, his iPhone and an iPad that was in large measure used by his 4-year-old son to watch cartoons, a person with knowledge of the matter said. Days later, F.B.I. agents also confiscated a Wi-Fi router that could identify any other devices that had been used, the person said.

While searching the laptop, the agents discovered the existence of tens of thousands of emails, some of them sent between Ms. Abedin and other Clinton aides, according to senior law enforcement officials. It is not clear if Ms. Abedin downloaded the emails to the laptop or if they were automatically backed up there. The emails dated back years, the officials said. Ms. Abedin has testified that she did not routinely delete her emails.

Presumably, the warrant to seize those devices permits the FBI agents to go find any evidence of Weiner sexting women (or perhaps just the young woman in question).

And admittedly, the details NYT’s sources describe involve just metadata: addressing information and dates.

But then, Comey told Congress these emails were “pertinent” to the Clinton investigation, and other details in reports, such as they might be duplicates of emails already reviewed by the FBI, suggest the Weiner investigators may have seen enough to believe they might pertain to the inquiry into whether Clinton and her aides (including Huma) mishandled classified information. Moreover, the FBI at least thinks they will be able to prove there is probable cause to believe these emails may show the mishandling of classified information.

Similarly, there are conflicting stories about whether the Hillary investigation was ever closed, which may arise from the fact that if it were (as Comey had suggested in his first blabby statements), seeking these emails would require further approval to continue the investigation.

The point, though, is that FBI would have had no idea these emails existed were it not for FBI investigators who were aware of the other investigation alerting their colleagues to these emails. This has been an issue of intense litigation in recent years, and I’d love for Huma, after the election, to submit a serious legal challenge if any warrant is issued.

But then, in this case, Huma is being provided far more protection than people swept up in FISA searches, where any content with a target can be searched years into the future without any probable cause or even evidence of wrong-doing. Here, Huma’s emails won’t be accessible for investigative purpose without a warrant (in part because of recent prior litigation in the 2nd Circuit), whereas in the case of emails acquired via FISA, FBI can access the information — pulling it up not just by metadata but by content — with no warrant at all.

[Update: Orin Kerr shares my concerns on this point — with the added benefit that he discusses all the recent legal precedents that may prohibit accessing these emails.]

This is a good example of the cost of such investigations. Because the FBI can and does sweep so widely in searches of electronic communications, evidence from one set of data collection can be used to taint others unrelated to the crime under investigation.

All the people writing scathing emails about Comey’s behavior in this particular matter would like you to believe that this issue doesn’t reflect on larger issues at DOJ. They would like you to believe that DOJ was all pure and good and FBI was well-controlled except for this particular investigation. But that’s simply not the case, and some of these issues go well beyond Comey.

Update: Minor changes were made to this post after it was initially posted.

As Part of Confirmation Process, Loretta Lynch Suggested DOJ Didn’t Have Enough Evidence to Prosecute HSBC

The WSJ has a story reporting what we long pretty much knew: DOJ decided not to prosecute HSBC for helping drug kingpins (this report, like most others and like DOJ’s settlement itself, forgets to mention HSBC also materially supported terrorism) because doing so might create global financial havoc.

U.S. Justice Department officials overruled their prosecutors’ recommendation to pursue criminal charges against  HSBC Holdings PLC over money-laundering failings, according to a House committee report prepared by Republicans that sheds new light on the bank’s 2012 settlement.

The report, which was reviewed by The Wall Street Journal and prepared by the Republican staff of the Financial Services Committee, concluded that former Attorney General Eric Holder overruled the internal recommendation and subsequently misled Congress about the Justice Department’s decision not to prosecute the U.K. bank.

“Rather than lacking adequate evidence to prove HSBC’s criminal conduct, internal Treasury documents show that DOJ leadership declined to pursue [the] recommendation to prosecute HSBC because senior DOJ leaders were concerned that prosecuting the bank ‘could result in a global financial disaster,’ ” the 282-page report stated.

[snip]

Holder later said those comments were misconstrued and that the Justice Department doesn’t believe any institution is too large to face legal punishment. “If we find a bank or a financial institution that has done something wrong, if we can prove it beyond a reasonable doubt, those cases will be brought,” Mr. Holder said at a 2013 House hearing.

The report, which was expected to be released Monday, concluded those comments were misleading because lower-level prosecutors had recommended the department prosecute HSBC, according to Treasury Department emails subpoenaed by the committee.

The report blames Eric Holder for the decision, not Loretta Lynch, who oversaw the case as US Attorney. Indeed, her name doesn’t appear in the WSJ story at all.

But given the claim that line prosecutors believed they had plenty of evidence to charge HSBC, consider how Lynch answered a question about the topic during her confirmation process.

38. As United States Attorney for the Eastern District of New York, you helped secure nearly $2 billion from HSBC over its failure to establish proper procedures to prevent money laundering by drug cartels and terrorists. You were quoted in a DOJ press release saying, “HSBC’s blatant failure to implement proper anti-money laundering controls facilitated the laundering of at least $881 million in drug proceeds through the U.S. financial system.”

You stated that the bank’s “willful flouting of U.S. sanctions laws and regulations resulted in the processing of hundreds of millions of dollars in [Office of Foreign Assets Control]-prohibited transactions.” Still, no criminal penalties have been assessed for any executive who may have been involved.

a. Did you make any decision or recommendation on charging any individual with a crime?

i. If so, please describe any and all decisions or recommendations you made.

ii. Please explain why such decisions or recommendations were made.

b. If you did not make any decision or recommendation on charging any individual with a crime, who made the decision not to prosecute?

RESPONSE: On December 11, 2012, the Department filed an information charging HSBC Bank USA with violations of the Bank Secrecy Act and HSBC Holdings with violating U.S. economic sanctions (the two entities are collectively referred to as “HSBC”). Pursuant to a deferred prosecution agreement (“DPA”), HSBC admitted its wrongdoing, agreed to forfeit $1.256 billion, and agreed to implement significant remedial measures, including, among other things, to follow the highest global anti-money laundering standards in all jurisdictions in which it operates. As the United States District Judge who approved the deferred prosecution found, “the DPA imposes upon HSBC significant, and in some respect extraordinary, measures” and the “decision to approve the DPA is easy, for it accomplishes a great deal.” Although grand jury secrecy rules prevent me from discussing the facts involving any individual or entity against whom we decided not to bring criminal charges, as I do in all cases in which I am involved, I and the dedicated career prosecutors handling the investigation carefully considered whether there was sufficient admissible evidence to prosecute an individual and whether such a prosecution otherwise would have been consistent with the principles of federal prosecution contained in the United States Attorney’s Manual.

I want to reiterate, particularly in the context of recent media reports regarding the release of HSBC files pertaining to its tax clients, that the Deferred Prosecution Agreement reached with HSBC addresses only the charges filed in the criminal violations of the Bank Secrecy Act for failures to maintain an adequate anti-money laundering program and for sanctions violations. The DPA explicitly does not provide any protection against prosecution for conduct beyond what was described in the Statement of Facts. Furthermore, I should note the DPA explicitly mentions that the agreement does not bind the Department’s Tax Division, nor the Fraud Section of the Criminal Division. information, which are limited to violations of the Bank Secrecy Act for failures to maintain an adequate anti-money laundering program and for sanctions violations. The DPA explicitly does not provide any protection against prosecution for conduct beyond what was described in the Statement of Facts. Furthermore, I should note the DPA explicitly mentions that the agreement does not bind the Department’s Tax Division, nor the Fraud Section of the Criminal Division. [my emphasis]

To be fair to Lynch, hers was basically a non-answer. She said she and career prosecutors review the evidence. She implied that there was insufficient admissible evidence to prosecute, but did not say it.

But if the WSJ report is correct (and we should find out soon enough) in fact at least her prosecutors recommended prosecuting.

DOJ Thinks Releasing Omar Mateen’s ISIS Allegiance Claims It Released Last Week Will Revictimize the Victims

Yesterday, NPR reported that people investigating the Orlando mass shootings increasingly believe his attack may have had nothing to do with ISIS.

In fact, intelligence officials and investigators say they’re “becoming increasingly convinced that the motive for this attack had very little — or maybe nothing — to do with ISIS.”

Speaking on Weekend Edition Saturday, Dina says that al-Qaida and ISIS-inspired attacks tend to follow a different pattern. She explains:

“We know that during the attack the gunman posted messages on Facebook saying he was doing this on behalf of ISIS. But officials have yet to find any of the precursors usually associated with radicalization. They’ve interviewed dozens of people who either knew him or had contact with Mateen.

“And they say that they’ve yet to find any indication that he became noticeably more religious, which is one of the indicators of radicalization. He still was going to the same mosque. The way he dressed didn’t change. His relationship with his family didn’t change in any way. And these are all typically warning signs that parents and friends and educators are told to look for if they’re worried that someone they’re close to is radicalizing.”

She adds “this isn’t science,” but so far the signs of radicalization aren’t there, which has led investigators to wonder whether the 29-year-old invoked the name of ISIS to garner more publicity for his deadly attack.

I’ve been suggesting not only that Mateen was likely motivated for other reasons — but that FBI likely missed those cues because they were evaluating him for one and only one kind of threat, an Islamic terrorist rather than an angry violent man threat.

[I]t seems that when a Muslim guy invents a terrorist tie explicitly saying he wants the FBI to come after him in response so he can martyr himself protecting a particular image of his life — “He said he hoped that law enforcement would raid his apartment and assault his wife and child so that he could martyr himself” — the Bureau might think a little more critically about what is going on.

Instead, it appears, the FBI assessed Mateen for one and only one thing: whether his bogus claims of ties to terrorist organizations were real. There have been a slew of articles, such as this one or this one, wondering why the FBI didn’t “identify” Mateen as a “real” terrorist in its two investigations of him. But it appears the FBI was assessing only whether he was likely to commit violence because of–and with the support of–an Islamic terrorist group. It appears they weren’t assessing whether he was, like the overwhelming majority of men who commit mass shootings in this country, really screwed up, expressing it in violent ways, and seeking attention with such actions.

It is true that Islamic extremists want to attack this country. It is also true that far, far more Americans die when men carry out mass killings because they’re fucked up and begging for attention. If you’re Muslim, the easiest way to get attention right now is to say that word, “ISIS,” because it’s a guarantee law enforcement and politicians will give that killing more due then they might give the next disturbed mass shooter.

Of course, the apparent fact that investigators have now come to agree with me means that those who started screaming ISIS right away — and, importantly, leaking and officially revealing news that Mateen claimed affiliation with ISIS (and other conflicting terrorist groups) on his 911 call — means the people who rushed out the ISIS explanation in fact did ISIS’ propaganda work for them, giving them credit for a mass killing that was really your garden variety mass killing conducted by an angry man.

Which is why this is so batshit. After blowing off Florida’s open record laws for a week, DOJ will finally release his 911 transcripts. But, according to Loretta Lynch, they’re going to edit out the references to ISIS so as to avoid “revictimizing” the victims.

A week after the worst mass shooting in U.S. history, Attorney General Loretta Lynch said a portion of Orlando shooter Omar Mateen‘s calls with hostage negotiators will be released Monday.

“We’ll be releasing a partial transcript of the calls between the killer and the hostage negotiators so people can, in fact, see the type of interaction that was had there,” Lynch told ABC News’ Jonathan Karl on “This Week” Sunday.

The Attorney General says she’ll travel to Orlando on Tuesday to get an on-the-ground perspective on the investigation.

“I say partial because we’re not going to be, for example, broadcasting his pledges of allegiance. We are trying not to re-victimize those who went through that horror,” she added. “We’re trying to get as much information about this investigation out as possible, and we want people to provide information that they have to us.”

If releasing these claims of affiliation would “revictimize” the victims, then releasing them in the first place served to victimize them. So the much better approach would be to release the full transcripts and admit the Department fucked up, both in its assessment of a potential mass killer, and in rushing to blame ISIS in the first place. Not to mention that this will just feed conspiracy theories.

If DOJ fucked up — and the claim this could revictimize people is tacit admission it seriously fucked up — then admit that and make it right. Pay the political consequences of admitting that our obsessive focus on terrorism has distracted us from the more general, and therefore more lethal, problem with mass killings. Don’t try to pretend there’s a good reason for suppressing the very same claims you made a big deal of a week ago.

If DOJ now believes the claims served to do nothing more than give Mateen’s rampage more attention — and it was a key part of generating that attention — then it needs to come clean.

Update: One more point on this. Releasing the full transcript would reveal how non-credible the ISIS claim was, appearing as it did with a claim of affiliation with al-Nusra, which would make it even clearer that FBI shouldn’t have started telling everyone about the ISIS claim.

Update: Here’s the transcript from Meet the Press.

LORETTA LYNCH:

Yes, I’ll be going to Orlando on Tuesday to continue my briefings in the case. Actually though what we are announcing tomorrow is that the F.B.I. is releasing a partial transcript of the killer’s calls with law enforcement from inside the club. These are the calls with the Orlando P.D. negotiating team who were trying to ascertain who he was, where he was, and why he was doing this, all the while the rescue operations were continuing. That’ll be coming out tomorrow and I’ll be headed to Orlando on Tuesday.

CHUCK TODD:

Including the hostage negotiation part of this?

LORETTA LYNCH:

Yes. It will be primarily a partial transcript of his calls with the hostage negotiators.

CHUCK TODD:

You say partial. What’s being left out?

LORETTA LYNCH:

Well, what we’re not going to do is further proclaim this individual’s pledges of allegiance to terrorist groups and further his propaganda.

CHUCK TODD:

So we’re not going to hear him talk about those things?

LORETTA LYNCH:

We will hear him talk about some of those things, but we’re not going to hear him make his ascertains of allegiance and that. This will not be audio. This will be a printed transcript. But it will begin to capture the back and forth between him and the negotiators. We’re trying to get as much information about this investigation out as possible. As you know, because the killer is dead, we have a bit more leeway there. And so we will be producing that information tomorrow.