The FBI Has No Idea What Time MalwareTech Waived Miranda

Here’s the signature line of the FBI Agent who says that Marcus Hutchins waived his Miranda rights when he was arrested on August 2 of last year.

As I noted here, in addition to not memorializing that they asked him whether or not he was drunk (but not if he was high or exhausted) until four months after his arrest, the FBI wrote three different times down on his consent form, with the last being just a minute after he was arrested. In a new filing, Hutchins’ lawyers disclose that the Agent didn’t make those changes until a week after he was arrested — and didn’t note the delay on either the form or the 302 of the interview.

Hours before the scheduled April 19 evidentiary hearing, the government revealed to the defense for the first time how the handwritten times listed on the form came about. Since receiving the form from the government in discovery last fall, the defense had assumed that one of the agents had added the times contemporaneously with the interrogation. But that was not so. One of the two agents who interrogated Mr. Hutchins, Agent Butcher, disclosed to the prosecutors that:

The header information on the advice of rights form was entered after the interview. [She] realized the time she entered on the form was incorrect when she was drafting the 302 and attempted to reconstruct the time based on information available to her.

Agent Butcher wrote that 302, which is the FBI’s official report of the interrogation, five days after the interrogation, when she was presumably back in Milwaukee. The agent did not note her alteration of the form in the 302 or anywhere else.

It almost seems like the Agent was just as confused, possibly regarding the two hour time zone change from Wisconsin, as Hutchins was.

Hutchins’ lawyers want the form thrown out and the FBI’s claim that he was warned to be treated with a negative inference.

Evidence crucial to determining whether law enforcement honored Mr. Hutchins’ constitutional rights in connection with custodial interrogation is spoiled, at law enforcement’s hands. The form, as it existed whenever Mr. Hutchins signed it, apparently no longer exists. In its place is an altered version, and the government should not be permitted to introduce and rely on altered evidence in defending against Mr. Hutchins’ suppression motion.


And the Court should also draw from the circumstance an inference adverse to the government’s position that Mr. Hutchins was warned of and waived his constitutional rights before making a post-arrest statement.

Hutchins team also suggests — though doesn’t explain — that the Agents deceived Hutchins as to why they they were interviewing him or that he was under arrest or what waiving Miranda entails.

Deception, as an independent basis for suppression, requires that the defense produce clear and convincing evidence that the agents affirmatively mislead the defendant as to the true nature of their investigation, and that the deception was material to the decision to talk. United States v. Serlin, 707 F.2d 953, 956 (7th Cir. 1983). Importantly, as the Seventh Circuit explained:

Simple failure to inform defendant that he was the subject of the investigation, or that the investigation was criminal in nature, does not amount to affirmative deceit unless defendant inquired about the nature of the investigation and the agents’ failure to respond was intended to mislead.

Id. (emphasis added).

They haven’t explained this, but perhaps it will come out on the stand when the Agent testifies next week.

There’s one more fuck-up revealed in this motion.

The government wants to use two calls Hutchins made to his boss from jail, in which he apparently discussed the issues he did in the interrogation, as proof that he was willing to discuss those issues. Whether that helps their case or not, apparently the transcript the government made of those calls has some discrepancies with the actual recording.

The calls were audio-recorded and the government has disclosed those recordings, along with draft transcripts reflecting what was said. The defense’s review of the draft transcripts reveals minor discrepancies between the transcripts and the actual conversations. If, over Mr. Hutchins’ objection, the Court chooses to consider the calls, that consideration should be based on listening to the actual calls, not just reviewing the transcripts.

The defense wants to prevent the government from using the calls (because they were made hours after his arrest and can’t really reflect on his state of mind), as well.

Recording the time you gave someone their Miranda warning is pretty basic stuff. Noting that you screwed that up is also pretty basic stuff.

None of that happened properly. Normally, it’s really hard to get interrogations thrown out. But the fuck-ups pertaining to this one keep mounting.

After Reiterating Orin Kerr’s Arguments, MalwareTech Asks for the Indictment to be Dismissed with Prejudice

In a post explaining that MalwareTech (Marcus Hutchins) had gotten a last minute continuance before an evidentiary hearing last month, I linked to my thread on the government’s weak responses to a bunch of motions he had submitted. Here’s how I described the original motions:

The five filings are:

  1. motion for a bill of particulars, basically demanding that the government reveal what 10 computers Hutchins and his alleged co-conspirator conspired and intended to damage
  2. motion to suppress the statements Hutchins made after he was arrested, requesting an evidentiary hearing, based on the fact that Hutchins was high and exhausted and didn’t know US law about Miranda warnings
  3. motion to dismiss the indictment, arguing on three different grounds that,
    • The CFAA charges (one and six) don’t allege any intent to cause damage to a protected computer (because the malware in question steals data, but doesn’t damage affected computers)
    • The Wiretapping charges (two through five) don’t allege the use of a device as defined under the Wiretap Act, but instead show use of software
    • The sales-related charges (one, five, and six) conflate the sale of malware with the ultimate effect of it
  4. motion to dismiss the indictment for improper extraterritorial application and venue, effectively because this case should never have been charged in the US, much less Milwaukee
  5. motion to dismiss charges two and six based on suspected improper grand jury instruction failing to require intentionality

Yesterday, Hutchins submitted his replies to the government’s arguments, in which he argues:

1.The government needs to explain what kind of proof of damage to 10 computers that Hutchins and his co-defendant conspired to damage it will offer and provide discovery on it.

2. [Hutchins offered no new response to the government’s Miranda response]

4. Because the government didn’t include the legitimate (purchase by an FBI Agent of the malware) and specious (sharing a binary with someone in CA and discussing the malware in online forums) bases that tie Hutchins’ activities to Eastern District of Wisconsin or even the US in the indictment itself, the indictment is an improper extraterritorial application of the law and lack venues in EDWI.

5. Because the government doesn’t include intentionality where the statute requires it, it should dismiss the related counts with prejudice (note, this argument has evolved from a grand jury error to a more fundamental problem assault on the indictment).

While I’m not sure all of these will succeed on their own (indeed, I think the motion on venue with respect to CFAA might fail in the absence of the rest of this), these motions form an interlocking argument that there’s no there there.

Which the defense argues at most length is the motion reiterating that selling software does not amount to either CFAA (damaging 10 computers) or wiretapping (which requires a device), an argument Orin Kerr made just after the charges were released in August. I get the feeling the defense thought that, having had access to Kerr’s argument all these months, the government might have responded better. The two substantive parts of their argument are here, addressing the point that CFAA violations require doing (or attempting to do) actual damage to computers, not just code that has the ability to damage them.

[T]he government suggests that its characterization of Kronos as “malware” should satisfy the pleading standard, claiming that it is “common knowledge” that malware is “written with the intent of being disruptive or damaging.” (Gov’t Response at 4 (citing Oxford English Dictionary 2018).) But the CFAA does not make so-called malware illegal—it is not some form of contraband. In fact, the term “malware” does not appear anywhere in the statute. The CFAA is not concerned with what software is called, but what an actor uses it to do. Artificial labels aside, the question before the Court is whether the indictment adequately pleads a case that Mr. Hutchins and his co-defendant conspired or attempted to “knowingly cause[] the transmission of a program, information, code, or command, and as a result of such conduct, intentionally cause damage without authorization, to a protected computer.” 18 U.S.C. §§ 371 & 1030(a)(5)(A).

The only definition of “malware” relevant to that question is one offered in the indictment. The indictment, at paragraph 3(d), defines “malware” as “malicious computer code installed on protected computers without authorization that allowed unauthorized access to the protected computer.” Nothing in this definition involves “intentionally caus[ing] damage without authorization, to a protected computer,” which is necessary to violate § 1030(a)(5)(A). The indictment’s “unauthorized access” language seems to be borrowed from other provisions of the CFAA that have not been charged in this case, such as §§ 1030(a)(2), (5)(B), and (5)(C)—all of which include additional elements beyond “unauthorized access.” Even if Kronos precisely meets the definition of “malware” offered by the government in the indictment, that functionality alone would not constitute a violation of § 1030(a)(5)(A) or any other provision of the CFAA.

There are, I think, cases where malware sellers have been convicted — but only after their customers were busted doing damage. Here, the only customer mentioned in the legal case thus far was an FBI Agent that no one has alleged actually used the malware (the malware was used in other countries, including Hutchins’ home in the UK, about which the government has been completely silent since the initial indictment).

Here’s the language arguing that software, sold without a computer, is not a device as defined in the wiretapping statute charged.

[T]hose cases all involved claims that the defendants acquired communications using software running on a computer. Under those circumstances, a court has no reason to draw a distinction between the two because the software and computer are working together: the operation of one depends on the other. Indeed, the cases cited by the government discuss computers and the software installed on them as one unit. See, e.g., Zang, 833 F.3d at 633 (“[O]nce installed on a computer, WebWatcher automatically acquires and transmits communications to servers”); Klumb, 884 F. Supp. 2d at 661 (“The point is that a program has been installed on the computer which will cause emails sent at some time in the future through the internet to be re-routed[.]”); see also Shefts, 2012 WL 4049484, **6-10 (variously referring to servers, email accounts, software, and BlackBerry smartphones as interception devices).

For purposes of the § 2512 charges in this case, however, the distinction between software and computer is important. In Counts Two through Four, there is no computer, which would not be true in any scenario involving an actual interception. As noted in Potter, software alone is incapable of intercepting anything. 2008 WL 2556723, at *8. “It must be installed in a device, such as a computer, to be able to do so.” protected computer,” which is necessary to violate § 1030(a)(5)(A).

In both cases, the defense is basically arguing that not only do Hutchins’ actions not meet the terms of the statute, but the indictment was also badly written in an unsuccessful attempt to make those statutes apply.

These are alleged crimes for which the government has refused to identify victims, provided none of the requisite evidence of intentionality, applied to software that doesn’t obviously qualify under either of the charged laws. Some of that is a problem with the indictment, as written. Much about this case suggests the government assumed Hutchins would plead quickly, obviating the need to write an indictment that could hold up to a trial. As I noted, in its response a few weeks ago, the government claimed (after threatening that it might) it was planning on obtaining a superseding indictment.

The government plans to seek a superseding indictment in this case, and in doing so will correct this drafting error and moot Hutchins’s argument.

Two weeks later, there’s still no sign of the indictment that fixes the aspects the government admits are flawed, much less the other scope issues. And so now Hutchins is asking for the indictment — all counts of it, between one challenge or another — be dismissed with prejudice.

I’m not sure that will happen — judges have proven the ability to interpret CFAA to include all manner of bad hacker stuff. But an outright dismissal might put the government out of the misery it brought on itself with a case it should never have charged.


Continuance in MalwareTech’s Case

I thought that while I was out traveling the continent last week, I’d miss a key hearing on Thursday in MalwareTech’s (Marcus Hutchins’) case. This thread lays out the government’s responses to his challenges to his indictment; the short version is, while the government would likely defeat his Miranda challenge, they still had to put their Agents on the stand for discovery. On the other issues, the government seems to have more serious problems (notably with trying him on charges for which there are no victims). So I thought it might be a really interesting hearing that would provide a glimpse of whether the judge thinks the government has a case.

That didn’t happen. After he and his lawyers got out to Milwaukee for the hearing, they asked for and got a one month continuance.

In light of new information, defendant requests a continuance of the evidentiary hearing. Parties agree to conduct evidentiary hearing on May 16, 2018 at 1:30 P.M.

So something’s up in his case, but it’s totally unclear what it is. All of the following are possibilities:

  • As noted, the government has been going back and forth about whether they’d get a superseding indictment. Last week they said they would. That’s probably the worst case scenario to explain the new information that would lead to a continuance: new charges that might pose a more serious risk.
  • In one of last week’s filings, the government revealed that he shared a binary with someone in CA (alleging, dangerously, that that amounts to wiretapping). That must be the informant the government has been trying to hide by calling a tipster. It may be the government provided information on this guy, and the defense wants a year to research him.
  • The government had finally found the dark web materials related to the sale of the malware. They may have provided that or more details on Hutchins’ alleged co-conspirator.
  • Defendants that the government might have have been trying to coerce Hutchins to share information on — most notably Peter Levashov, who was arrested for making Kelihos (which uses a successor to Kronos) — are now in US custody. That may change the status of his case somehow.
  • The government may finally realize that it’s got real problems with its case, and is finally offering a plea that better reflects the potential legal pitfalls of their case.

As I said, it could be any of these issues, or a combination of them. All we know is something’s up in his case, and we may not find out for another month.

The MalwareTech Poker Hand: Calling DOJ’s Bluff

With a full poker hand’s worth of filings on Friday, MalwareTech’s (AKA Marcus Hutchins) lawyers are finally revealing the main thrust of their defense. The five filings are:

  1. A motion for a bill of particulars, basically demanding that the government reveal what 10 computers Hutchins and his alleged co-conspirator conspired and intended to damage
  2. A motion to suppress the statements Hutchins made after he was arrested, requesting an evidentiary hearing, based on the fact that Hutchins was high and exhausted and didn’t know US law about Miranda warnings
  3. A motion to dismiss the indictment, arguing on three different grounds that,
    • The CFAA charges (one and six) don’t allege any intent to cause damage to a protected computer (because the malware in question steals data, but doesn’t damage affected computers)
    • The Wiretapping charges (two through five) don’t allege the use of a device as defined under the Wiretap Act, but instead show use of software
    • The sales-related charges (one, five, and six) conflate the sale of malware with the ultimate effect of it
  4. A motion to dismiss the indictment for improper extraterritorial application and venue, effectively because this case should never have been charged in the US, much less Milwaukee
  5. A motion to dismiss charges two and six based on suspected improper grand jury instruction failing to require intentionality

Effectively, these five motions (which are likely to meet with mixed success, but even where they’re likely to fail, will lay the groundwork for trial) work together to sustain an argument that Hutchins should never have been charged with these crimes in the US, and that FBI may have cheated a bit to get the incriminatory statements that might let them sustain the prosecution.

I laid out the general oddity of these charges here, and the background to the Miranda challenge and grand jury instructions here, here, and here.

Hutchins was high and tired, not drunk, for his one minute Miranda warning

While I don’t expect the Miranda challenge (item 2) to be effective on its face, I do expect it to serve as groundwork for a significant attempt to discredit Hutchin’s incriminatory statements at trial. This motion provides more detail about why his defense thinks it will be an effective tactic. It’s not just that Hutchins is a foreigner and couldn’t be expected to know how US Miranda works, or that the FBI only documented that they asked Hutchins if he had drinking alcohol four months after the arrest (as I laid out here). But as the motion notes, the FBI doesn’t claim to have asked whether he was exhausted or otherwise intoxicated.

According to an FBI memorandum, before “initiating a post arrest interview,” an agent asked Mr. Hutchins if he had been drinking that day, and he responded that he had not. That memorandum, written over four months after the arrest, then states that the agent asked Mr. Hutchins “if has [sic] in a good state of mind to speak to the FBI Hutchins agreed.” Mr. Hutchins did not understand it to be an inquiry as to whether he had used drugs or was exhausted.

The initial 302 of the interrogation records Hutchins telling the agents that he had been partying and not sleeping.

Mr. Hutchins discussed his partying while in Las Vegas, as well as his lack of sleep, during the interrogation.

The motion admits that he had been using drugs (of unspecified type) the night before.

As Mr. Hutchins sat in the airport lounge, he was not drinking, but he was exhausted from partying all week and staying up the night before until the wee hours. He had also used drugs.

Nevada legalized the recreational use of marijuana effective July 2017, so if he was still high during this interview, he might have been legally intoxicated under state (but not federal) law. And there’s not a lick of evidence that the FBI asked him about that.

After laying out that the FBI has no record of asking Hutchins whether he was sober (rather than just not drunk), the motion reveals that the FBI couldn’t decide at what time it gave Hutchins his Miranda warning.

An FBI Advice of Rights form sets forth Miranda warnings and reflects Mr. Hutchins’ signature. It is dated August 2, 2017, but the time it was completed includes two crossed out times, 11:08 a.m. and 2:08 p.m., and one uncrossed out time, 1:18 p.m. (which is one minute after the FBI log reflects Mr. Hutchins’ arrest, as noted above).

And as noted before, and reiterated here, the FBI didn’t record that part of his interview.

The motion notes that if the final, current record of the time of warning is correct, then the Miranda warning, including any discussion of how US law differs from British law, took place in the minute after he was whisked away from this gate.

Hutchins recently tweeted that he “slept the entire time I was in prison,” which while not accurate (he was neither in prison nor in real solitary), would otherwise corroborate the claim he was exhausted.

The government’s cobbled case on intentionality and computer law

Items 3 and 5, arguing the law is inappropriately applied and specifically not instructed correctly with regards to two charges, work together to argue that the government has cobbled together charges against Hutchins via misapplying both CFAA and Wiretap law, and in turn using conspiracy charges and misstating requisite intentionality to be able to get at Hutchins.

As I’ve noted, Hutchins’ lawyers have been arguing for some time that the government may not have properly instructed the grand jury on the intentionality required under charges 2 and 6. At a hearing in February, Magistrate Nancy Joseph showed some sympathy to this argument (though is still reviewing whether the defense should get the grand jury instructions). As I noted in that post, whereas the government once claimed it would easily fix this problem by getting a superseding indictment (possibly larding on new charges), they seem to have lost their enthusiasm for doing so.

It’s the combination of the rest of the legal challenge that I find more interesting. The challenge will interact with recent innovations in charging other foreign hackers, especially a bunch of Russians that will make DOJ especially defensive of this challenge. But the motions all cite Seventh Circuit precedent closely, so I’m not sure whether that matters.

Ultimately, this motion makes roughly the same arguments that Orin Kerr made as soon as the indictment came out. As he introduced his more thorough explanation in August,

This raises an interesting legal question: Is it a crime to create and sell malware?

The indictment asserts that Hutchins created the malware and an unnamed co-conspirator took the lead in selling it. The indictment charges a slew of different crimes for that: (1) conspiracy to violate the Computer Fraud and Abuse Act; (2) three counts of violating 18 U.S.C. 2512, which prohibits selling and advertising wiretapping devices; (3) a count of wiretapping; and (4) a count of violating the Computer Fraud and Abuse Act through accomplice liability — basically, aiding and abetting a hacking crime.

Do the charges hold up? Just based on a first look at the case, my sense is that the government’s theory of the case is fairly aggressive. It will lead to some significant legal challenges. It’s hard to say, at this point, how those challenges will play out. The indictment is pretty bare-bones, and we don’t have all the facts or even what the government thinks are the facts. So while we can’t say that this indictment is clearly an overreach, we can say that the government is pushing the envelope in some ways and may or may not have the facts it needs to make its case. As always, we’ll have to stay tuned.

Kerr is not flaming hippie, so I assume that these arguments will be rather serious challenges for the government and I await the analysis of this challenge by more Fourth Amendment lawyers. But as he suggested back in August, Hutchins’ team may well be right that this indictment is an overreach.

DOJ still hasn’t explained why it charged Hutchins for a crime with no known US victims

While requests for Bill of Particulars (basically, a request for more details about what the government is claiming broke the law) are usually unsuccessful, this one does two interesting things. It asks the government for proof of damage, including proof of which ten computers got damaged.

Mr. Hutchins asks that the government be required to particularize the “damage” it intends to offer into evidence at trial in connection with the alleged violations of the Computer Fraud and Abuse Act by the two defendants. Mr. Hutchins also asks that the government be required to particularize the “10 or more protected computers” to which it contends the defendants conspired and attempted to cause “damage.”

Whether the motion itself is successful or not, demanding proof that ten computers were damaged helps support the challenge to the two CFAA charges based on whether stealing credentials amounts to damage. It also lays the groundwork for the motion made explicitly in item 4 — that Hutchins should never have been charged in the US, much less Wisconsin.

As I laid out in this piece, it appears likely that charges against Hutchins arose out of back door searches done as part of the investigation into who “MalwareTech” was after he sinkholed WannaCry. For whatever reason (probably because the government thought Hutchins could inform on someone, possibly related to either WannaCry itself or Kelihos), the government decided to cobble together a case against Hutchins consisting — by all appearances — entirely of incidental collection so as to coerce him into a plea deal. When he got a team of very good lawyers and then bail, that put a lot more pressure on the appropriateness of the charges in the first place.

So now, eight months after Hutchins was arrested, we’re finally getting to that question of why the US government decided to charge him for a crime that even DOJ didn’t claim had significant US victims.

The motion starts by noting that Hutchins didn’t do most of the acts alleged, his co-defendant Tran (whom the government has shown little urgency in extraditing) did. But even for Tran’s acts (basically marketing and selling the malware), there’s no affirmative tie made to Wisconsin.

As part of the purported conspiracy, the indictment alleges that Mr. Hutchins created the Kronos software, described as “a particular type of malware that recorded and exfiltrated user credentials and personal identifying information from protected computers.” (Id. ¶¶ 3(e), 4(a).) It also alleges that Mr. Hutchins and his co-defendant later updated Kronos. (Id. ¶ 4(d).)

All other alleged overt acts in furtherance of the purported conspiracy pertain solely to Mr. Hutchins’ co-defendant. Per the indictment, the codefendant (1) used a video posted to YouTube to demonstrate how Kronos worked, (2) advertised Kronos on internet forums, (3) sold a version of Kronos, and (4) offered crypting services for Kronos. (Id. ¶¶ 4(b), (c), (e), (f), (g).)

Aside from a bare allegation that each offense was committed “in the state and Eastern District of Wisconsin and elsewhere,” the indictment does not describe any connection to this District.

While the government has long suggested that the case is in EDWI because an FBI agent located there bought a copy of Kronos, the motion suggests Hutchins’ team hasn’t even seen good evidence of that yet.

Here, the indictment reflects that Mr. Hutchins was on foreign soil, and any acts he performed occurred there. There is no indication that damage was caused in the Eastern District of Wisconsin—or, indeed, that any damage occurred at all. At best, a buyer was present in this District. But the buyer would then need to use Kronos to cause damage in the District for venue to lie. Nothing [i]n the indictment supports that conclusion.

The charging of two foreigners is all the more problematic on the four wiretapping charges, given that (unlike CFAA), Congress did not mean to apply it to foreigners.

There is evidence that Congress intended the CFAA—the legal basis of Counts One and Six—to have extraterritorial application. The CFAA prohibits certain conduct with respect to “protected computers,” 18 U.S.C. § 1030(e)(2)(B), and the legislative history shows that Congress crafted the definition of that term with foreign-based attackers in mind. S. Rep. 104-357, at 4-5 (1996).

The Wiretap Act—at issue in Counts Two through Five—is different, though. That law does not reflect a clear congressional mandate that it should apply extraterritorially. Accordingly, courts have repeatedly found that it “has no extraterritorial force.” Huff v. Spaw, 794 F.3d 543, 547 (6th Cir. 2015) (quoting United States v. Peterson, 812 F.2d 486, 492 (9th Cir. 1987)).

There is a great deal of precedent to establish venue based on where a federal agent bought something. Indeed, the main AlphaBay case against Alexandre Cazes consisted of that (remember that Kronos was ultimately sold on AlphaBay). But that case was based on the illegal sale of drugs and ATM skimmers, not software, which given the challenge to the CFAA and Wiretapping application here, might make the EDWI purchase of Kronos insufficient to justify venue here.

I’m not sure whether this motion will succeed or not. But one way or another, given that the defense appears to have seen no real basis for venue here, this motion may serve as critical groundwork for what appears to be a justifiable argument that this case should never have been charged in the US.

I keep waiting for DOJ to give up this case in the face of having to argue that the guy who sinkholed WannaCry should be prosecuted because he refused to accept a plea deal on charges with no known US victims. But they’re probably too stubborn to do that.

Update: Corrected Joseph’s name. h/t GM.

Government Won’t Be Able to Hide Its Informant in MalwareTech Case

While Paul Manafort was busy getting charged with 32 new charges (more on that tomorrow), I was in Milwaukee at a motion hearing in MalwareTech (Marcus Hutchins’) case.

Hutchins was asking for five things from the government:

  1. More information on his surveillance in Vegas, partly to challenge the claim he wasn’t drunk or exhausted when he waived Miranda rights, partly to understand whether he really understood how Miranda works in the US, and partly for probably unstated other reasons
  2. Information on Tran, his co-defendant, who remains at large in some other country, that he would have gotten if Tran were in custody facing the same charges with Hutchins
  3. More information on “Randy,” the informant who provided chat logs and a copy of the Kronos malware while trying to proffer his way out of his own cyber-crimes
  4. The instructions provided to the grand jury, to see if the importance of intentionality to the charges was properly emphasized
  5. Both the MLAT request used to get information on Tran and the search warrant used to search Randy’s home

Here are my pieces on the motion, the government’s response, and Hutchins’ reply.

At Thursday’s hearing, Judge Nancy Johnson made the following decisions:

  1. Based on the government’s representation that it had no more information on surveillance of Hutchins, she denied that motion barring any further evidence that it exists (though she did make the prosecution check again to make sure there weren’t text messages between Agents)
  2. Based on the government’s representation that there was nothing Hutchins would get about Tran were he in custody that he hasn’t already gotten, she denied that without prejudice
  3. Required the government to provide “Randy’s” identity 30 days before trial
  4. Took the request for grand jury instructions under advisement
  5. Denied the request for the search warrant for “Randy’s” house, but asked for more briefing on other cases pertaining to MLAT requests

While the discussion about materials pertaining to Tran were uninteresting, my comments about the other requests follow:

What surveillance happens in Vegas stays in Vegas

Much of this discussion pertained to clarifications that the defense wasn’t looking for the FBI Agents’ lunch place recommendations, though Hutchins’ lawyer Brian Klein said he’d take them if he got them. Klein admitted, however, that they want the surveillance materials, in part, because they think the government intentionally waited to arrest Hutchins until after he had been partying with other hackers for a week. “[W]e have our reasons to believe they arrested him at very end of Vegas trip, there was maybe a very pointed reason to believe they chose to wait until the end.” Note, I’m not sure they’re after (just) the exhaustion of DefCon, or even the government’s desire to hold off on a real rebellion if they had arrested Hutchins just as everyone was arriving to Las Vegas. 

The government claims it only has active surveillance from July 26, and August 2, as he headed for the airport. Prosecutor Michael Chmelar described the July 26 date as Hutchins’ arrival, though I think that’s incorrect as I noted here.

Note, while August 2 is the day Hutchins left Las Vegas, the 26th was not the day he arrived; that was July 21. So they conducted surveillance of him on at least one day while he was in the US hanging out with other hackers at Black Hat, but won’t tell him if they conducted surveillance on the other days.

Chmelar also seemed to describe a discussion about “certain preparations put in place if he did travel to the US,” which is curious given that Hutchins was publicly talking about his trip to Vegas for some time, and given the apparently weird start date of the surveillance. Chmelar also described, for the first time, a 302 on his unrecorded comments on the way to the detention facility. Chmelar made it clear that they want to force Hutchins to take the stand if he’s going to challenge his Miranda warning.

One more comment about this: Black Hat and DefCon are among the most spooked up conventions going. There would have been tons of law enforcement types wandering around unassociated with Hutchins, specifically. Would he get any surveillance from those guys?

FBI finally dug through its AlphaBay loot to find materials supporting a six month old arrest

Hutchins’ co-defendant, Tran, allegedly sold the Kronos malware at issue on AlphaBay. FBI, working with international partners (and probably using the Tor exception), took AlphaBay down on July 20, even before Hutchins’ arrest, and immediately started using those materials to prosecute crimes that, unlike Hutchins’ alleged crime, have actual American victims.

Out of the “several hundred” investigations cited by Phirippidis, other publicly known active US prosecutions arising out of AlphaBay sales involve clear American victims and perpetrators: a person in California suspected of paying an Israeli teenagerto phone and email bomb threats to Jewish Community Centers around the country;a group that fulfilled over 78,000 marijuana orders over the last two yearsmaking them largest vendor on AlphaBay; a transaction that led to the fentanyl overdose death of an 18-year old girl in Oregon; another transaction that led to a fentanyl overdose death, this time of a 24-year old Orlando woman; a fentanyl vendor suspected of making over $120,000 in profits who is tied to a non-lethal overdose; an investigation out of Atlanta into a still unidentified American who worked for AlphaBay. Other, earlier prosecutions, include the sales of heroin,fentanyl, and marijuana laid out in the indictment of AlphaBay’s head, Alexandre Cazes.

In Chmelar’s explanation that the government really doesn’t have any materials on Tran, he revealed what he (incorrectly) thought had been revealed in the government response: an unencrypted copy of AlphaBay material pertaining to the Kronos sale “just became available,” and they have put in a request for the material. “If anything is produced in that request,” Chmelar said he’d turn it over.

Again, the lackadaisical approach to establishing evidence of the sale of Kronos as compared to other AlphaBay prosecutions suggests the sale of Kronos really wasn’t that big of a priority.

As Klein noted, the government had spent three pages of their response arguing that Hutchins couldn’t have any material pertaining to Tran; at the hearing Chmelar represented nothing existed. Based on that representation, Johnson denied any further discovery.

“Randy” is not just a tipster

Michael Chmelar is a well-spoken guy. But he stumbled a lot, umming and uhing, during his discussion of “Randy,” the government informant who reportedly had chats with Hutchins about Kronos.

He received Kronos from Mr. Hutchins, before he was acting as a government , um um source, we’ve produced the malware that was received. As Mr. [Benjamin] Proctor and I noted, if we determine that uh this individual would be called as a witness, we would disclose him as district court requires.

The government really, really wants to hide certain details about “Randy” (and as Chmelar admitted, the 302 in which he proffered up Hutchins and others includes pages and pages of redacted details of “Randy’s” own crimes.

As Johnson pointed out, even if the government uses Hutchins’ own statements to admit “Randy’s” testimony, Hutchins’s team can decide to call “Randy” themselves.

In any case, while she said “Randy” wasn’t fully a transactional witness, he is closer to that than to the tipster the government is claiming. So while the defense won’t get his identity, yet, they will before trial.

The government seems to have dropped its enthusiasm for a superseding indictment

Hutchins wants the instructions given to the grand jury because two of the charges don’t include the necessary language about the required intentionality. Chmelar used one of the charges, where in parallel ones in the indictment the intentionality language is correct, to suggest this was just a scrivener’s error — something he could disappear away with a stipulation — to suggest both were. But Klein argued “These are not just little nits or typos, it goes to mens rea, [Hutchins’] alleged mental state.”

There was also an interesting subtext about whether the grand jury instructions exist. Chmelar claimed that normally he doesn’t instruct the grand jury. Klein noted the government had claimed, ‘We’re not required to instruct them.’ “Well, they did.” And it seems that Chmelar did, indeed, admit that the jury had gotten instructions on this point (I’d have to look at the transcript to make sure).

Ultimately, Johnson said she’d take the request under advisement and do more research on what constituted a compelling need to obtain grand jury instructions, but wouldn’t rule until the defense submitted their challenges to the indictment.  

But what was just as interesting about this discussion is that, whereas previously there had been discussion about the government obtaining a superseding indictment (perhaps to lard on charges that might be easier to defend), Chmelar seemed unenthused about doing so here.

The government continues to insist documents sent to other countries are internal documents

Because privacy rights are not transitive in the United States (meaning, the Fourth Amendment only protects the privacy of the person whose premise is being searched, not those who might be implicated by the search), Hutchins is not going to get the search warrant for “Randy’s” house that led to chat logs involving Kronos to be discovered.

But the question of whether he’ll get the MLAT request to whatever foreign country had information on his co-defendant, Tran (but may not be arresting him), is still a matter Johnson is weighing. The government at first argued that they didn’t have to turn over the request because it was written by lawyers, not law enforcement officers. In the hearing, Chmelar defended withholding the request because the request, which was sent to a foreign country, was an internal document.

Both sides will submit more caselaw on when and whether such requests get turned over (and the open file discovery here may make turning it over more likely).

FBI Decided Four Months after They Arrested MalwareTech that He Told Them He Hadn’t Been Drinking before the Arrest

Marcus Hutchins’ (AKA MalwareTech) defense team has replied to the government’s response to their motion to compel discovery; they are seeking evidence pertaining to his arrest and about the people (his co-defendant, Tran, and an informant, “Randy”) on whom Hutchins was incidentally collected. Here’s my post on the original defense motion, and the one on the government response showing that this case is all about incidental collection.

FBI’s discussions about what to do about a drunken MalwareTech

As I laid out, the defense claims that Hutchins was intoxicated and exhausted when he was arrested awaiting a transatlantic flight after a week of partying at hacker conferences in Las Vegas. The government claims they asked Hutchins if he had been drinking, and (they claim) he said no.

This latest filing shows that the FBI was concerned about just that. FBI Agents had an email discussion the day Hutchins was arrested discussing what they should do if he was drinking.

That production included one e-mail, dated August 2, 2017 (the day of Mr. Hutchins’ arrest), discussing what the agents should do if Mr. Hutchins started drinking at the airport (the plan: “pull him out of terminal”). This shows the agents’ contemporaneous awareness of, and concern about, the possibility of Mr. Hutchins being impaired. There surely might be other communications, including e-mails and text messages on agents’ phones, touching on the voluntariness of Mr. Hutchins’ supposed proper waiver of his Miranda rights, as well as the voluntariness of the resulting statement.

The government claims that the Agents asked Hutchins if he had been drinking as part of their interview (only part of which was recorded). Except they didn’t memorialize that contemporaneously. They wrote it up into a 302 “over four months after the arrest” — so sometime after December 2.

The government makes much of the fact that Mr. Hutchins was asked by FBI agents if he had been drinking. But even if the FBI 302 (which was written over four months after the arrest) is accurate, it does not mention exhaustion or other possible forms of intoxication (it only mentions drinking).

Consider how this looks, given another detail from the defense reply: that the FBI didn’t turn over that 302 (or the email showing the FBI was concerned that Hutchins might be drinking) until the day they submitted their response on January 19.

The government’s response neglects to mention that these records that the government references as being disclosed “recently” were produced to the defense earlier on the same day the response was filed.

Incorporating the details provided in this status report produces this timeline:

November 21: Defense and prosecution lawyers try to resolve these issues including questions about whether Hutchins was intoxicated, and conclude they weren’t going to be able to resolve them.

[C]ounsel for the government and counsel for Mr. Hutchins participated in a conference call in an attempt to resolve open issues related those discovery requests. Despite our best efforts, we have been unable to resolve those issues.

After December 2: FBI creates 302 memorializing claim that they asked Hutchins whether he had been drinking.

December 7: Hutchins’ lawyers tell the government they’re going to file a motion compelling this discovery.

[C]ounsel for Mr. Hutchins informed the government they intend to file a motion for an order that compels the government to produce certain materials to the defense.

January 5: Defense files motion to compel.

January 19: Government turns over 302 claiming they asked if Hutchins had been drinking when they arrested him and response to motion to compel.

In spite of the fact that FBI itself was worried on the day they arrested him about whether Hutchins would be sober enough for an interrogation, they never got around to claiming that they had made sure he was until after some time, potentially months, of discussions about that question and after they had decided they couldn’t get the defense to stop asking for it.

I’d say that’s pretty sketchy.

Government didn’t get around to surveilling Hutchins until July 26

In my post on the government response, I wondered why there would be a surveillance report from July 26, but not one from when Hutchins first arrived in Las Vegas on July 21.

The filing also reveals that there are,

two reports detailing limited surveillance of the defendant on July 26, 2017, and August 2, 2017.

Note, while August 2 is the day Hutchins left Las Vegas, the 26th was not the day he arrived; that was July 21. So they conducted surveillance of him on at least one day while he was in the US hanging out with other hackers at Black Hat, but won’t tell him if they conducted surveillance on the other days.

The defense reply explains it: for whatever reason, Agents in Wisconsin didn’t get around to asking Las Vegas FBI to start surveillance on Hutchins until July 26.

Since the agents started surveillance on July 26, 2017 and it ran through August 2, 2017, it is inconceivable that the agents actively surveilling him exchanged nothing but a single e-mail right before Mr. Hutchins’ arrest.1

1 The only other e-mail disclosed by the government appears to have been sent from an FBI agent in Milwaukee on July 26, 2017, and requests FBI Las Vegas assistance to conduct surveillance of Mr. Hutchins.

For some reason, the FBI either didn’t realize the guy they had just indicted on July 11 was coming to the US until well after he got here in spite of the fact that 1) he had been to Black Hat the year before 2) he was talking about coming again on Twitter 3) he tracked his flight into the country on Twitter, or they didn’t decide they were going to arrest him until after he had been here for a while.

So arresting Hutchins was so urgent they had to do it before he left the country (to avoid extradition), even if he had been drinking (and interviewing him while he was still confused and without counsel was such a priority they couldn’t let him just catch up on his sleep in jail).

But not so urgent they had prepared enough for his well-advertised arrival in the weeks before he arrived to have Las Vegas’ FBI ready to surveil him.

The Government Built Its Criminal Case against MalwareTech Off Incidental Collection

The government has responded to MalwareTech’s (Marcus Hutchins) demand for more evidence by refusing everything. Along the way, they reveal that the bulk of the case against Hutchins arises from him being incidentally collected off two other criminal suspects, Tran (his co-defendant) and Randy (an informant who provided testimony against him in conjunction with his own criminal exposure).

Twenty-somethings claiming they’re not drunk occifer

As for rebuttals of the points made in his demand, the government has two rebuttals as to the substance of Hutchins’ argument, versus the law. First, they claim that Hutchins told the FBI he wasn’t drunk when they arrested him, contrary to the claim made to support a demand for materials on the surveillance of him leading up to his arrest.

Before the interview started, Hutchins told agents that he was not under the influence of alcohol.

Apparently they made a separate 302 (of unknown date) to memorialize their claim he told them he wasn’t drunk.

In addition to those materials, the government recently disclosed an additional FBI 302 report memorializing the defendant’s statement that he was not under the influence of alcohol at the time of his arrest,

The filing also reveals that there are,

two reports detailing limited surveillance of the defendant on July 26, 2017, and August 2, 2017.

Note, while August 2 is the day Hutchins left Las Vegas, the 26th was not the day he arrived; that was July 21. So they conducted surveillance of him on at least one day while he was in the US hanging out with other hackers at Black Hat, but won’t tell him if they conducted surveillance on the other days.

The government’s “intentional” fuckups may lead to superseding indictments

The government seems to cede Hutchins’ suggestion that it flubbed the language on “intention” versus “knowledge” on at least one and maybe a second charge against him.

Hutchins claims that the indictment is defective because Count Two of the indictment states that the defendant acted “knowingly” instead of “intentionally.” 3 Likewise, despite the fact that Count Six charges an attempt, Hutchins argues Count Six fails to allege that defendant “intentionally” attempted to cause damage to a protected computer.4 This, however is not an allegation of “error in the grand jury proceedings” under Rule 12(b)(3)(A)(v). It is an allegation of a defect in the indictment under Rule 12(b)(3)(B)(v). Thus, if Hutchins truly believes Counts Two and Six are facially defective, he can file a motion dismiss those counts under Rule 12(b)(3)(B)(v).

3 Count Two appears to contain a drafting error because Counts Three and Four, which also allege violations of 18 U.S.C. § 2512, state that the defendant acted “intentionally” rather than “knowingly.” This further undermines Hutchins’ speculation that the grand jury was erroneously instructed.

4 According to Seventh Circuit jury instructions, an attempt means to take a substantial step towards committing the offense, with the “intent to commit the offense.” Therefore, because Count Six is charged as an attempt to violate section 1030, including the word “intentionally” before “attempted” would be unnecessary and redundant.

But they generously offer to fix that problem in a superseding indictment.

The government has already explained to the defense that it will likely seek a superseding indictment in this case. That superseding indictment would address any possible drafting errors noted by the defense.

Given that elsewhere they say the informant, Randy, who provided information against Hutchins, discussed “involvement in creating the Kronos banking Trojan, among other criminal conduct” [my emphasis] with him in online chats, they seem to be suggesting that if the defense makes too big a deal about this they’ll add charges against Hutchins.

Incidentally collected defendants get nothing

Perhaps most interesting, this filing demonstrates the degree to which Hutchins’ prosecution stems from his incidental collection in investigative efforts targeting Tran and Randy. In fact, precisely because he was incidentally collected and not personally targeted, the government claims it doesn’t have to provide affidavits that might explain how — and more importantly, why — they decided to arrest Hutchins.

For example, the government argues Hutchins can’t have the MLAT requests, which are used to ask other countries to provide information for a criminal prosecution. In this case, MLATs obtained  information on Tran, the guy who sold the Kronos malware Hutchins is alleged to have helped write. The government refuses to hand these over, in part, because they don’t get signed by FBI Agents, but instead get signed by lawyers.

Here, the defendant relies on Rule 16(a)(1)(E)(i) in seeking disclosure of MLATs and search warrant applications. But that Rule is inapplicable. With regard to MLATs, they are not signed or attested to by law enforcement agents. Instead, they are signed by an attorney representing the United States. Information received in response to an MLAT that is subject to disclosure under Rule 16 has been, and will continue to be, turned over to the defense in this case. Indeed, the defendant acknowledges that he has received materials responsive to an MLAT request. Doc. #44 at 17. The MLAT request itself, however, is not subject to production. In fact, MLAT requests (rather than the responsive materials) are explicitly excluded from production under Rule 16(a)(2).

Moreover, because the MLAT was targeted at Hutchins’ co-defendant, and not him, he doesn’t get it.

Moreover, the MLAT request submitted in this case related to Hutchins’s codefendant and not Hutchins. As noted above, the government has disclosed materials received in response to the MLAT, but the MLAT itself is not subject to production under Rule 16, Giglio, Brady, or § 3500.

There is one still undisclosed search warrant affidavit in the case. But because that was used to incriminate Randy, the informant, Hutchins won’t get that either.

With regard to search warrant materials, the government has explained to Hutchins that no search warrants were executed that focused on Hutchins’ activities. There was a search warrant executed in an unrelated case that revealed statements made by Hutchins to CS-1, and those statements were turned over in discovery under Rule 16. But, there is no authority supporting the production of that search warrant affidavit or other documents relating to that warrant. The warrant was executed at a residence in the United States and did not involve Hutchins’ property or privacy interests. The affidavit is not subject to disclosure under 18 U.S.C. § 3500 because it was made in connection with an unrelated investigation. Given the separation between this case and the other investigation, the government does not believe at this time that the affiant’s statements in the affidavit supporting that warrant “relate to the subject matter of the testimony” to be presented in this case. 18 U.S.C. § 3500.

The government seems pretty lackadaisical towards Hutchins’ co-defendant

The government’s unwillingness to turn over information on the other alleged criminals in this case is particularly interesting given how uninterested they seem in him. The filing reveals that someone working undercover for the FBI did have discussions with Tran about Kronos (again, this is malware that had no significant US victims in the form Hutchins is alleged to have been involved in it), and they collected postings on it off the Darkode forum.

In support of this request, Hutchins asserts that such items “must be material to preparing Mr. Hutchins’ defense” because the indictment alleges a conspiracy; that “the government may be withholding information that could exculpate Mr. Hutchins”; and that he has a right to “locate the codefendant.” Doc. #44 at 8-9. Because the government has disclosed information relating to the codefendant, and there is no authority supporting the defendant’s request for additional information, his motion to compel the production of this information should be denied.

Of note, Hutchins’ codefendant has not yet been arrested in connection with this case. And, the government has disclosed certain information relating to the codefendant to Hutchins. This includes (1) the codefendant’s name; (2) materials responsive to an MLAT request that included a redacted copy of the codefendant’s passport; (3) undercover chats between the codefendant and the FBI related to the marketing, sale, and distribution of Kronos; and (4) various Internet postings related to Kronos that are attributable to one of the aliases used by the codefendant, including on the now shuttered Darkode forum.

But the government hasn’t obtained any information about the other things Tran was selling on dark markets.

Hutchins’ speculation that “the government must be withholding substantial additional information in its possession,” including information that may show the codefendant acted independently of Hutchins, is not supported. Doc. #44 at 8. While it might be true that the codefendant was involved in criminal activity in addition to distributing Kronos with Hutchins, the government is not suppressing that information. It simply does not possess such information. If additional records in the government’s possession are identified and deemed material, the government will provide those records to the defendant.1

That suggests he’s not really the target here.

More interesting still, the government claims it hasn’t yet identified any records from its AlphaBay seizure pertaining this malware they claim is so important they’ve arrested the guy who stopped the WannaCry malware attack.

1 In his motion, Hutchins states that “the government likely has records of the codefendant’s activities on AlphaBay.” Doc. #44 at 9. The government is still pursing information from the AlphaBay marketplace, but it has not yet located any materials subject to disclosure.

It seems virtually impossible that they wouldn’t find information in the seized servers,  if it was, at all, a priority. Which seems to suggest the opposite — not finding anything — may be a priority.

By providing evidence that suggests the government simply isn’t all that interested in Tran (if, as his name suggests, he’s Vietnamese, he may be beyond any extradition treaty), the government dismisses the possibility that Hutchins or his friends could find Tran (not an unreasonable possibility, because that’s how hackers roll).

[Hutchins] told agents that he knew his codefendant only by various online aliases; his dealings with his codefendant were all online; and he has never met his codefendant in person or even seen a photograph of the codefendant. It therefore makes no sense for Hutchins to claim that, if provided the requested “materials and communications,” he will be able to locate the fugitive codefendant and obtain exculpatory information from that individual.

But along the way, this prevents Hutchins from arguing that this case is all trumped up to go after him, for some reason.

Hiding Randy and the carding charges he’s working off

More interesting, still, the government is going to some lengths to hide Randy, the informant they call CS-1 who provided information on Hutchins.

The list of what they have provided in discovery provides some outline of how they got to Randy.

In reality, the government has produced the following materials related to CS-1: (1) A redacted proffer letter between the government and CS-1; (2) undercover chats between a government cooperator and CS-1 regarding the sale of stolen credit card numbers; (3) chats between CS-1 and Hutchins regarding Hutchins’ involvement in creating the Kronos banking Trojan, among other criminal conduct; and (4) a redacted FBI 302 report (which Hutchins refers to in his motion) memorializing a FBI interview of CS-1 regarding Hutchins and others.

It seems that a third part (the “government cooperator,” who himself may be an informant working off criminal charges) provided the FBI chats showing discussions with Randy of carding activity. This led to the FBI to go after Randy. He, in turn, made a proffer to the government offering to cooperate, presumably in exchange for leniency in his own case. That led to an interview with the FBI where Randy provided information on Hutchins “and others.”

Note that the government doesn’t tell us when all this happened?

The government argues that Randy is a mere tipster who wasn’t (yet) being controlled by the FBI at the time, and so they won’t have to let Hutchins question Randy about these underlying circumstances unless they put Randy on the stand, even though they concede he might (as someone working off his own criminal exposure) might actually be a transactional witness.

CS-1’s position in this case is more of a like a “mere tipster” than a transactional confidential informant. Hutchins sent a copy of the Kronos malware to CS-1 in 2015, but CS-1 was not acting as an agent for the government at that time. If the government called CS-1 as a witness at trial, his/her primary role would be to testify about the third-party admissions Hutchins made during chats with CS-1. Even if the Court found CS-1 acted more like a transactional witness, that finding does not automatically justify disclosure of CS-1’s identity. United States v. McDowell, 687 F.3d 904, 911 (7th Cir. 2012). The defendant would still need to establish that knowing CS-1’s identity is “relevant and helpful to his defense or is essential to a fair determination of a cause,” Wilburn, 581 F.3d at 623. Here, his request for disclosure of CS-1’s identity is based on speculation, which is insufficient. See Valles, 41 F.3d at 358 (“The confidential informant privilege ‘will not yield to permit a mere fishing expedition, nor upon bare speculation that the information may possibly prove useful.’” (quoting Dole, 870 F.2d at 373)).

The government argues that Hutchins is only speculating that learning who Randy is would be material to his defense, and uses that to argue that they don’t have to reveal Randy’s name so Hutchins can test whether it’s material to his defense.

The government generously agrees to give Hutchins Randy’s real name if they call him to testify, but then boast that Hutchins’ jail phone calls mitigate the need to put Randy on the stand.

Nonetheless, the government agrees to disclose CS-1’s identity to the defense if it determines that CS-1 will be a testifying witness at trial.2

2 To be sure, it might not be necessary to call CS-1 as a witness at trial because the defendant was shown the chats he had with CS-1 during his post-arrest interview and the defendant admitted that he was one of the parties in those conversations. Later, the defendant made phone call from jail in which he described the chats as “undeniable.” Therefore, the admissions Mr. Hutchins made to CS-1 are admissible non-hearsay statements, which Mr. Hutchins previously identified as accurate.

There are a slew of reasons Randy’s identity is of particular interest. Not least, that unknown entities engaged in serial credit card fraud to try to disrupt Hutchins’ defense fundraisers. As I’ve suggested, that means that entities engaged in probable criminal credit card fraud made a concerted effort to thwart Hutchins’ ability to mount the most robust defense.

Is the FBI even investigating who disrupted Hutchins’ defense fundraising efforts? Would they do so if it would hurt their case?

All of which leaves the distinct impression that the government isn’t all that interested in the two suspected criminals implicated in the case against him, but are very interested in ratcheting up the pressure on Hutchins himself.

And because they got to Hutchins via incidental collection — and not direct targeting — they might succeed in doing so.


The Government’s MalwareTech Case Goes (Further) To Shit

MalwareTech’s lawyers just submitted a motion to compel discovery in his case. It makes it clear his case is going to shit — and that’s only the stuff that is public.

DOJ is hiding what drunken MalwareTech understood about un-common law

First, the motion reveals that even though the FBI recorded its interview with Marcus Hutchins at the Las Vegas airport, where Hutchins allegedly admitted to creating the Kronos malware (though in actuality Hutchins only admitted to creating that code), they somehow forgot to record (or even write down) the Miranda warning part.

After Mr. Hutchins was taken into custody, two law enforcement agents interviewed him at the airport. The memorandum of that interview generically states: “After being advised of the identity of the interviewing Agents, the nature of the interview and being advised of his rights, HUTCHINS provided the following information . . .” A lengthy portion of Mr. Hutchins’ interview with the agents was audio recorded. Importantly, however, the agents did not record the part of the interview in which they purportedly advised of him of his Miranda rights, answered any questions he might have had, and had him sign a Miranda waiver form.

This is important for several reasons. First, Hutchins is a foreign kid. And while I presume he has seen Miranda warnings a jillion times on the TV, those warnings are different in the US than they are in the UK, contrary to whatever else we might share as common law.

Mr. Hutchins is a citizen of the United Kingdom, where a defendant’s post-arrest rights are very different than in the United States.4 The United Kingdom’s version of Miranda contains no mention of the right to counsel, and if a defendant does not talk, it may later be used against him under certain circumstances.5 Because of this, any government communications in advance of Mr. Hutchins’ arrest and regarding how to advise him of his rights under Miranda are important to demonstrate that Mr. Hutchins would not have understood any purported Miranda warnings and that he was coerced to waive his rights.

4 United Kingdom law requires the following caution being given upon arrest (though minor wording deviations are allowed): “You do not have to say anything. But it may harm your defence if you do not mention when questioned something which you later rely on in Court. Anything you do say may be given in evidence.”

So the specific wording of the warning he got would be especially important to understand whether he was told how things are different here in the former colonies, where you’re always told you can have a lawyer.

Also Hutchins was drunk and — because he’d been at DefCon and Black Hat all week — exhausted. But the defense can’t show that because the government isn’t turning over any of the surveillance materials from the week the FBI was surely following Hutchins in Las Vegas.

The defense believes the requested discovery will show the government was aware of Mr. Hutchins’ activities while he was in Las Vegas, including the fact that he had been up very late the night before his arrest, and the high likelihood that the government knew he was exhausted and intoxicated at the time of his arrest.

The government doesn’t want you to know co-defendant Tran is just a convenient excuse to arrest MalwareTech

Next, the government is withholding both information about Hutchins’ co-defendant, and the MLAT request the government used to get that information. The co-defendant’s last name is Tran, but the government has been hiding that since it accidentally published the name when Hutchins’ docket went live. Tran has not yet been arrested, but apparently there was evidence relating to him in a country that would respond to an American MLAT request. The government hasn’t turned it over.

[T]he government may be withholding information that could exculpate Mr. Hutchins. For example, any material showing that the codefendant operated independently of Mr. Hutchins’ alleged conduct would tend to demonstrate that they did not conspire to commit computer fraud and abuse (Count 1). The indictment itself supports that notion: it alleges that the codefendant advertised and sold the Kronos malware independently of Mr. Hutchins. (Indictment at 3 ¶ 4(e)-(f).) Moreover, the indictment alleges that the malware was advertised on the AlphaBay market forum, which the Department of Justice seized and shut down on July 20, 2017 in cooperation with a number of foreign authorities.8 In connection with that case, the government likely has records of the co-defendant’s activities on AlphaBay that it has not produced (e.g., records obtained through MLAT requests).

They also haven’t turned over the MLAT application itself, which would explain why some country has turned over evidence on Tran, but not Tran himself.

To date, the government has produced materials responsive to a single MLAT request, and has declined to produce the MLAT request itself. The MLAT request, however, surely contains information regarding the government’s theory of the case and may have been signed by an agent who will testify at trial. MLAT requests vary from country to country, but they can be quite similar to search warrants, since they are often used to obtain documents.

DOJ won’t tell you which ham sandwiches the grand jury intended knowed to indict

Hutchins’ lawyers then ask for the grand jury instructions because the indictment as charged doesn’t get the mens rea necessary for the underlying charges. Basically, two of the charges against Hutchins were laid out as if the only thing needed for a crime was to knowingly do something, as opposed to intentionaly do it.

The defense needs the legal instructions for an anticipated motion to dismiss the indictment. One ground for that motion is that at least two of the charged counts are defective on their face, failing to include the appropriate mens rea. Since the two counts deviate materially from the required and heightened mental states set forth in the operative statutes, this demonstrates likely irregularities in how the grand jury was instructed on the law.


Count 6 suffers from a similar defect. It charges that the defendants:

[K]nowingly caused the transmission of a program, information and command and as a result of such conduct, attempted to cause damage without authorization, to 10 or more protected computers during a 1-year period. In violation of Title 18, United States Code, Sections 1030(a)(5)(A), (c)(4)(B)(i) and (ii), (c)(4)A(i)(VI), 1030(b), and 2.

(Indictment at 8 (emphasis added).)

But 1030(a)(5)(A) states it is illegal to:

[K]nowingly cause[] the transmission of a program, information and command, and as a result of such conduct, intentionally cause[] damage without authorization, to a protected computer[.] (Emphasis added.)

Likewise, the Seventh Circuit Pattern Jury Instructions state the elements of the offense are:

1. The defendant knowingly caused the transmission of a [program; information; code; command]; and

2. By doing so, the defendant intentionally caused damage to a protected computer without authorization. (Emphasis added.)

The plain text of 1030(a)(5)(A) and the Pattern Jury Instructions leave no doubt that Count 6, as it is pleaded, does not include the requisite “intentional” mens rea for causing damage without authorization, again failing to allege an essential element of the offense.

Effectively, they’re arguing that the government has charged Hutchins for knowingly done something when they had to charge him for intentionally doing something. Which, given that his code was probably used without his knowledge, is going to present difficulties. And so Hutschins’ team is going to attack the indictment itself.

Considering that Counts 2 and 6 misstate the required mental states specified in the statutes, there is a high likelihood the government did not properly instruct the grand jury on the law, and the grand jury returned a legally defective indictment, as a result of improper legal instructions.

What about “Randy”?

But the thing that intrigues me the most about this case is that some guy the government is naming “Randy” — because they don’t want to actually reveal anything about this dude — is a key witness against Hutchins. 

The defense expects “Randy” to testify at trial because he is alleged to have had extensive online chats with Mr. Hutchins around the time of the purported crimes in which Mr. Hutchins discussed his purported criminal activity. Any communications and materials relating to “Randy” are therefore material to defense preparations.

The defense argues that the government is treating Randy like a tipster rather than a witness as a way to hide who he is. This is worth citing at length (also note Marcia Hofmann and Brian Klein added local lawyer Daniel Stiller, who — I presume — is Seventh Circuit citing with great abandon).

The informant privilege does not permit the government to conceal a witness when, as here, disclosure “is relevant and helpful” to a defendant’s defense “or is essential to a fair determination of a cause.” United States v. McDowell, 687 F.3d 904, 911 (7th Cir. 2012) (quoting Roviaro v. United States, 353 U.S. 53, 60-61 (1957)). Indeed, the Seventh Circuit’s treatment of the privilege indicates that its reach is typically limited to background sources of information, as in a tipster who furnishes details that commence an investigation resulting in a prosecution premised on the fruits of the investigation, not the details of the background tip.

A mere tipster, according to the Seventh Circuit, is “someone whose only role was to provide the police with the relevant information that served as the foundation to obtaining a search warrant.” Id. Tipsters differ from what the Seventh Circuit terms “transactional witnesses,” who are individuals “who participated in the crime charged . . . or witnessed the event in question.” Id. For tipsters, “the rationale for the privilege is strong and the case for overriding it is generally weak.” Id. In contrast, “the case for overriding the privilege and requiring disclosure tends to be stronger” for transactional witnesses. Id.

Here, the government’s refusal to disclose even the identity of “Randy’s” attorney is apparently the result of miscategorizing an important witness as a mere tipster. “Randy” is a cooperating witness, one whose provision of information to law enforcement was facilitated by consideration—proffer immunity, at the least—from the government. This circumstance alone weighs against continuing confidentiality because “Randy” surely knows his cooperation will be revealed.

The government won’t even give the defense the name of this dude’s lawyer so the lawyer can tell them his client doesn’t want to talk to them.

Me? I’m guessing if the government were required to put “Randy” on the stand they’d contemplate dismissing the charges against Hutchins immediately. I’m guessing the government now realizes “Randy” took them for a ride — perhaps an enormous one. And given how easy it is to reconstitute chat logs — but here, it’s not even clear “Randy” has the chat logs, but just claimed to have been a part of them, in an effort to incriminate him — I’m guessing this part of the case against Hutchins won’t hold up.

It’d probably be a good time for the government to dismiss the charges against Hutchins and give him an H1B for his troubles so he can surf off the last 6 months of stress. But that’s not how the government works, when they realize they really stepped in a load of poo.

The Bankrupt Attribution of WannaCry

I’ve been puzzling through this briefing, purportedly attributing the WannaCry hack to North Korea, which followed last night’s Axis of CyberEvil op-ed (here’s the text). The presser was … perhaps even more puzzling than the Axis of CyberEvil op-ed.

Unlike the op-ed, Homeland Security Czar Tom Bossert provided hints about how the government came to attribute this attack.

Bossert makes much of the fact that the Five Eyes plus Japan all agree on this.

We do so with evidence, and we do so with partners.

Other governments and private companies agree.  The United Kingdom, Australia, Canada, New Zealand, and Japan have seen our analysis, and they join us in denouncing North Korea for WannaCry.

He also points to the Microsoft and (unnamed — because it’d be downright awkward to name Kaspersky in the same briefing where you attack them as a cybersecurity target) security consultant attributions from months ago.

Commercial partners have also acted.  Microsoft traced the attack to cyber affiliates of the North Korean government, and others in the security community have contributed their analysis.

Here are the specific things he says about how the US, independent of Microsoft and villains like Kaspersky, made an attribution.

What we did was, rely on — and some of it I can’t share, unfortunately — technical links to previously identified North Korean cyber tools, tradecraft, operational infrastructure.  We had to examine a lot.  And we had to put it together in a way that allowed us to make a confident attribution.


[I]t’s a little tradecraft, to get to your second question.  It’s hard to find that smoking gun, but what we’ve done here is combined a series of behaviors.  We’ve got analysts all over the world, but also deep and experienced analysts within our intelligence community that looked at not only the operational infrastructure, but also the tradecraft and the routine and the behaviors that we’ve seen demonstrated in past attacks.  And so you have to apply some gumshoe work here, not just some code analysis.

Nevertheless, Bossert alludes to people launching this attack from “keyboards all over the world,” but says because these “intermediaries … had carried out those types of attacks on behalf of the North Korean government in the past,” they were confident in the attribution.

People operating keyboards all over the world on behalf of a North Korean actor can be launching from places that are not in North Korea.  And so that’s one of the challenges behind cyber attribution.


[T]here were actors on their behalf, intermediaries, carrying out this attack, and that they had carried out those types of attacks on behalf of the North Korean government in the past.  And that was one of the tradecraft routines that allowed us to reach that conclusion.

Taking credit for stuff the private sector did

In his prewritten statement, Bossert provides on explanation for the timing of all this. One of the reasons the US is attributing the WannaCry attack now — aside from the need to gin up war with North Korea — is that Facebook and Microsoft, “acting on their own initiative last week,” took action last week against North Korean targets.

We applaud our corporate partners, Microsoft and Facebook especially, for acting on their own initiative last week without any direction by the U.S. government or coordination to disrupt the activities of North Korean hackers.  Microsoft acted before the attack in ways that spared many U.S. targets.

Last week, Microsoft and Facebook and other major tech companies acted to disable a number of North Korean cyber exploits and disrupt their operations as the North Koreans were still infecting computers across the globe.  They shut down accounts the North Korean regime hackers used to launch attacks and patched systems.

Yet even while acknowledging that Microsoft and Facebook are busy keeping the US safe, he demands that the private sector … keep us safe.

We call today — I call today, and the President calls today, on the private sector to increase its accountability in the cyber realm by taking actions that deny North Korea and the bad actors the ability to launch reckless and disruptive cyber acts.

Golly how do you think the US avoided damage from the attack based on US tools so well?

Then Bossert invites Assistant Secretary for Cybersecurity and Communications at DHS Jeanette Manfra to explain not how the US attributed this attack (the ostensible point of this presser), but how the US magically avoided getting slammed — by an attack based on US tools — as badly as other countries did.

By midafternoon, I had all of the major Internet service providers either on the phone or on our watch floor sharing information with us about what they were seeing globally and in the United States.  We partnered with the Department of Health and Human Services to reach out to hospitals across the country to offer assistance.  We engaged with federal CIOs across our government to ensure that our systems were not vulnerable.  I asked for assistance from our partners in the IT and cybersecurity industry.  And by 9:00 p.m. that night, I had over 30 companies represented on calls, many of whom offered us analytical assistance throughout the weekend.

By working closely with these companies and the FBI throughout that night, we were able to issue a technical alert, publicly, that would assist defenders with defeating this malware.  We stayed on alert all weekend but were largely able to escape the impacts here in this country that other countries experienced.

Managing to avoid getting slammed by an attack that the US had far more warning of (because it would have recognized and had 96 days to prepare) is proof, Manfra argues, of our preparation to respond to attacks we didn’t write the exploit for.

[T]he WannaCry attack demonstrated our national capability to effectively operate and respond.

Ix-Nay on the AdowBrokers-Shay

Which brings us to the dramatic climax of this entire presser, where Tom Bossert plays dumb about the fact that his this attack exploited an NSA exploit. In his first attempt to deflect this question, Bossert tried to distinguish between vulnerabilities and the exploits NSA wrote for them.

Q    Had they not been able to take advantage of the vulnerabilities that got published in the Shadow Brokers website, do you think that would have made a significant difference in their ability to carry out the attack?

MR. BOSSERT:  Yeah.  So I think what Dave is alluding to here is that vulnerabilities exist in software.  They’re not — almost never designed on purpose.  Software producers are making a product, and they’re selling it for a purpose.

Pretending a vulnerability is the same thing as an exploit, Bossert pointed to the (more visible but still largely the same) Vulnerabilities Exploit Process Trump has instituted.

When we find vulnerabilities, the United States government, we generally identify them and tell the companies so they can patch them.

In this particular case, I’m fairly proud of that process, so I’d like to elaborate.  Under this President’s leadership and under the leadership of Rob Joyce, who’s serving as my deputy now and the cybersecurity coordinator, we have led the most transparent Vulnerabilities Equities Process in the world.

Hey, by the way, why isn’t Rob Joyce at this presser so the person in government best able to protect against cyber attacks can answer questions?

Oh, never mind–let’s continue with this VEP thing.

And what that means is the United States government finds vulnerabilities in software, routinely, and then, at a rate of almost 90 percent, reveals those.  They could be useful tools for us to then exploit for our own national security benefit.  But instead, what we choose to do is share those back with the companies so that they can patch and increase the collective defense of the country.  It’s not fair for us to keep those exploits while people sit vulnerable to those totalitarian regimes that are going to bring harm to them.

So, in this particular case, I’m proud of the VEP program.  And I’d go one step deeper for you:  Those vulnerabilities that we do keep, we keep for very specific purposes so that we can increase our national security.  And we use them for very specific purposes only tailored to our perceived threats.  I think that they’re used very carefully.  They need to be protected in such a way that we don’t leak them out and so that bad people can get them.  That has happened, unfortunately, in the past.

Hell! Let’s go for broke. Let’s turn the risk that someone can steal our toys and set off a global worm into the promise that we’ll warn people they’ve been hacked.

But one level even deeper.  When we do use those vulnerabilities to develop exploits for the purpose of national security for the classified work that we do, we sometimes find evidence of bad behavior.  Sometimes it allows us to attribute bad actions.  Other times it allows us to privately call — and we’re doing this on a regular basis, and we’re doing it better and in a more routine fashion as this administration advances — we’re able to call targets that aren’t subject to big rollouts.  We’re able to call companies, and we’re able to say to them, “We believe that you’ve been hacked.  You need to take immediate action.”  It works well; we need to get better at doing that.  And I think that allows us to save a lot of time and money.

We’re not yet broke yet, though! When Bossert again gets asked whether WannaCry was based off a US tool, he tried to argue the only tool involved was the final WannaCry one, not than the underlying NSA exploit.

Q    So you talked about the 90 percent of times when you guys share information back with companies rather than exploit those vulnerabilities.  Was this one of the 10 percent that you guys had held onto?

MR. BOSSERT:  So I think there’s a case to be made for the tool that was used here being cobbled together from a number of different sources.  But the vulnerability that was exploited — the exploit developed by the culpable party here — is the tool, the bad tool.

This soon descends into full-on Sergeant Schultz.

I don’t know what they got and where they got it, but they certainly had a number of things cobbled together in a pretty complicated, intentional tool meant to cause harm that they didn’t entirely create themselves.

MalwareTech took a risk doing what he always does [er, did, before the US government kidnapped him] with malware?

Then there’s weird bit — one of those Bossert moments (like when he said WannaCry was spread by phishing) that makes me think he doesn’t know what he’s talking about. When asked if this North Korean attribution changed the government’s intent to prosecute MalwareTech (Marcus Hutchins), Bossert dodged that tricksy question (the answer is, yes, the prosecution is still on track to go to trial next year) but then claimed that Hutchins “took a risk” doing something he has repeatedly said he always does when responding to malware.

I can’t comment on the ongoing criminal prosecution or judicial proceedings there.  But I will note that, to some degree, we got lucky.  In a lot of ways, in the United States we were well-prepared.  So it wasn’t luck — it was preparation, it was partnership with private companies, and so forth.  But we also had a programmer that was sophisticated, that noticed a glitch in the malware, a kill-switch, and then acted to kill it.  He took a risk, it worked, and it caused a lot of benefit.  So we’ll give him that.  Next time, we’re not going to get so lucky.

After dodging the issue of why the government is prosecuting the guy whose “luck” Bossert acknowledges saved the world, he has the gall to say — in the very next breath!! — we need to do the kind of information sharing that Hutchins’ prosecution disincents.

So what we’re calling on here today is an increased partnership, an increased rapidity in routine speed of sharing information so that we can prevent patient zero from being patient 150.

Whatever you do, don’t follow the lack of money

All that was bad enough. But then things really went off the rail when a journalist asked about what one of the poorest countries on earth — a country with a severe exchangeable currency shortage — did with the money obtained in this ransomware attack.

Q    Tom, the purpose of ransomware is to raise money.  So do you have a sense now of exactly how much money the North Koreans raised as a result of this?  And do you have any idea what they did with the money?  Did it go to fund the nuclear program?  Did it go just to the regime for its own benefit?  Or where did that money go?

MR. BOSSERT:  Yeah, it’s interesting.  There’s two conundrums here.  First, we don’t really know how much money they raised, but they didn’t seem to architect it in the way that a smart ransomware architect would do.  They didn’t want to get a lot of money out of this.  If they did, they would have opened computers if you paid.  Once word got out that paying didn’t unlock your computer, the payment stopped.

And so I think that, in this case, this was a reckless attack and it was meant to cause havoc and destruction.  The money was an ancillary side benefit.  I don’t think they got a lot of it.

Wow. A couple things here. First, of one of the poorest countries in the world, Bossert said with a straight face: “They didn’t want to get a lot of money out of this.”

He has to do that, because he has just said that, “They’ve got some smart programmers.” So he has to treat the attack, as implemented, as the attack that the perpetrators wanted. That apparently doesn’t mean he feels bound to offer some explanation for why North Korea would forgo the money that their smart programmers could have earned. Because he never offers that, without which you have zero credible attribution.

Still nuttier, at one level it cannot be true that “we don’t know how much money they raised.” Later in his presser he claims, “cryptocurrency might be difficult to track” and suggests the government only learned about how little they were making because, “targets seem to have reported to us, by and large, that they mostly didn’t pay. … So we were able to track the behavior of the targets in that case.”

Um. No. It was very public! We watched WannaCry’s perps collect $144,000 via the @Actual_ransom account, and we watched the account be cashed out in the immediate wake of the aforementioned MalwareTech arrest (as Hutchins noted, making it look like he had absconded with his Bitcoin rather than gotten arrested by the FBI).  That, too, is a detail that Bossert would have needed to address for this to be a marginally credible press conference.

But wait! There’s more! We also know that as soon as WannaCry’s perps publicly cashed out, Shapeshift blacklisted all its known accounts, making it impossible for WannaCry to launder the money, and adding still more transparency to the process. Which means Bossert should know well the answer to the question “how much did North Korea (or whatever perp) make off this?” is, zero. None. Because their money got cut off in the laundering process. (For some reason, Bossert gave Shapeshift zero credit here, which raises further questions I might return to at a later date.) Either attribution includes details about this process or … it’s not credible.

Bossert’s backflips to pretend Trump isn’t treating North Korea differently than Russia

Now, all this is before you get into the gymnastics Bossert performed to pretend that Trump isn’t treating North Korea — against whom this attribution will serve as justification for war — differently than Russia. After being asked about it, Bossert claimed,

President Trump not only continued the national emergency for cybersecurity, but he did so himself and sanctioned the Russians involved in the hacks of last year.

His effort to conflate last year’s hack-related sanctions with the sanctions imposed by Congress but not fully implemented looked really pathetic.

Q    Have all the sanctions been implemented?

MR. BOSSERT:  This was — yeah, this was the Continuation of the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities.  President Trump continued that national emergency, pursuant to the International Emergency Economic Powers Act, to deal with the “unusual and extraordinary threat to the national security, foreign policy, and economy of the United States.”

Pivoting to one of the most important private companies

Immediately after which, perhaps in an act of desperation, Bossert pivoted to Kaspersky, one of the most important security firms in unpacking WannaCry and therefore utterly central to any claim the answer to cyberattacks is to share between the private and public sector. Bossert said this to defend the claim that the Trump administration is taking Russian threats seriously.

Now, look, in addition, if that’s not making people comfortable, this year we acted to remove Kaspersky from all of our federal networks.  We did so because having a company that can report back information to the Russian government constituted a risk unacceptable to our federal networks.

And then — in the same press conference where Bossert hailed cooperation, including with private security firms like Kaspersky, he boasted about how “in the spirit of cooperation” the US has gotten “providers, sellers, retail stores” to ban one of the firms that was critical in analyzing and minimizing the WannaCry impact.

In the spirit of cooperation, which is the second pillar of our strategy — accountability being one, cooperation being the second — we’ve had providers, sellers, retail stores follow suit.  And we’ve had other private companies and other foreign governments also follow suit with that action.

In case you’re counting, he has boasted about cooperation in the same breath as speaking of both MalwareTech and Kaspersky.

Whatever. From this we’re supposed to conclude we should go to war against North Korea and their non-NK keyboarders the world over and  that the way to defend ourselves against them is to simultaneously demand “cooperation” even while treating two of the most important entities who minimized the threat of WannaCry as outlaws.

“Hype:” How FBI Decided Searching 702 Content Was the Least Intrusive Means

Former FBI Special Agent Asha Rangappa has a defense of back door searches at Just Security that (unlike most defenses of 702) actually takes on those searches as practiced in most problematic way at FBI, rather than as done in much more controlled fashion at NSA.

FBI does federated searches

I think she nitpicks a few issues. For example, she claims that back door opponents claim there is a “stand-alone computer in the middle of each FBI office with a big sign that reads ‘702 DATABASE ‘” but then goes on to claim “FBI uses one database for all of its investigative functions,” even while admitting that the FBI really does “federated queries” of multiple repositories. The distinction — particularly given that we know the database comes with access limits tied to job function — could offer solutions to concerns about 702 data (including providing access to just metadata, a proposal I’m not a fan of but one she attacks in the post). She also ignores the FBI’s use of “ad hoc databases” that have posed access and data protection concerns in the past.  Which is to say, the technical realities of how FBI Agents access this data soup are more complex than she lays out, and those complexities should be part of the discussion because they present additional risks and opportunities.

FBI’s raw data will be US-person focused

Rangappa minimizes what percentage of raw data obtained by FBI would include US person contact.

According to FBI Director Christopher Wray, the FBI receives about 4.3 percent of the NSA’s total collection – and since not every incidental communication will necessarily involve an USPER, the number of communications involving Americans are likely less than that.

While the FBI does have global investigations, the FBI is going to have few full investigations that have no domestic component. Investigations focused on US victims (say a US company hacked by Russian or Chinese state actors) won’t include many US interlocutors, but the other most likely 702 related investigations would all be focused on international communications: who suspected extremists were talking to in the US, what Iranians were buying dual use or other proliferation products, including from US companies, which Americans that Chinese scientists or Russian businessmen were engaging with closely. The 5,000 or so targets sucked into FBI would be the 5,000 targets in most frequent contact with Americans, by design. That has been the entire justification for this collection program since its inception as Stellar Wind.

And — as Ron Wyden recently made clear — it is permissible to target a foreigner if collecting on a US person is one purpose of the targeting, so long as the foreigner is targetable in his own right. Indeed, we can probably point to examples where that happened. That’s going to increase the US content pulled in with those 5,000 targets.

702 can target a whole bunch of selectors

And I believe this is misleading.

PRISM allows the NSA to target non-U.S. persons reasonably believed to be located abroad based on “selectors” – like an email address or a phone number (but not keywords or names) – which will reasonably return foreign intelligence information.

It is true that upstream collection doesn’t use keywords (and has halted about collection altogether). It is true that the most common selector provided in a directive to Google will be an email address. But there are a slew of other kinds of selectors that NSA and FBI can target. That includes IP addresses, which given the 2014 exception means entirely domestic communications can be collected. Even ignoring the targeting of IP addresses that Americans are known to also use (which will come into FBI’s possession a different way), the collection on chat room IPs, just as one example, might suck up a lot more US person content than individual emails might. And the FBI can also search for things like cookies or encryption tools, which will pull in different kinds of content.

FBI’s queries are not all routinely audited

I think Rangappa overstates the tracking of queries and makes an outright error when she claims that backdoor searches are “routinely audited.”

Every query, furthermore, is documented and placed in a case file. (If we learned anything from James Comey, it’s that the FBI puts everything down on paper.) In fact, every query conducted by the FBI is recorded and must be traceable back to an authorized purpose and a case file.  Agent queries are routinely audited, and a failure of an agent to provide an authorized purpose for conducting a query can be grounds for sanctions, suspension, or even termination.

She overstates the tracking of queries because by design there’s not a case file for many of the queries in question, because they’re done at the assessment stage. Moreover, if the FBI tracked its queries as well as Rangappa claims, it could provide documentation of what was going on to oversight bodies, but it has persistently claimed it could not do so, not in public, and not even in private.

More importantly, the FBI’s use of 702 is simply not audited adequately. That’s true, in part, because in 2012-2013, FBI moved much of its FISA activity to field offices, and not every field office gets audited every six months.

During this reporting period, however, FBI transitioned much of its dissemination from FBI Headquarters to FBI field offices. NSD is conducting oversight reviews of FBI field offices use of these disseminations, but because every field office is not reviewed every six months, NSD no longer has comprehensive numbers on the number of disseminations of United States person information made by FBI.

In 2015 — the most recent period for which we’ve gotten a Semiannual Report — NSD only reviewed minimization at 15 field offices (and ODNI did not attend all of these).

During these field office reviews, NSD also audits a sample of FBI personnel queries in systems that contain unminimized Section 702 collection. As detailed in the attachments to the Attorney General’s Section 707 Report, NSD conducted minimization reviews at 15 FBI field offices during this reporting period and reviewed cases involving Section 702-tasked facilities.

FBI has 56 field offices. And while I’m confident that NSD focuses its 702 reviews on the offices that work with FISA most often — places like DC, NY, LA, SF, and places with significant foreign population, like Detroit and Minneapolis — that means that when a field office that doesn’t use FISA often (say, if an Agent in Milwaukee were researching a hacker named MalwareTech), a combination of inexperience and lax oversight might be especially likely to result in problems.  And note, in any office, just a sample of queries gets reviewed, as the government explained to FISC last year, and the tracking isn’t detailed enough to figure out what occurred with a query without talking to the Agent who did it.

Additionally, NSD conducts minimization reviews in multiple FBI field offices each year. As part of these minimization reviews, NSD and FBI National Security Law Branch have emphasized the above requirements and processes during field office training. Further, during the minimization reviews, NSD audits a sample of queries performed by FBI personnel in the databases storing raw FISA-acquired information, including raw section 702-acquired information. Since December 2015, NSD has reviewed these queries to determine if any such queries were conducted solely for the purpose of retaining evidence of a crime. If such a query was conducted, NSD would seek additional information from the relevant FBI personnel as to whether FBI personnel received and reviewed section 702-acquired information of or concerning a U.S. person in response to such a query.

Notably, the one case where FBI reported a criminal return on a criminal search in 702 information only got reported after NSD did follow-up questioning. So yeah, NSD spends 4 days at Main Justice reviewing this stuff and goes to 27% of the field offices every six months, but that’s a far cry from “routinely auditing” queries.

The importance of investigative levels

The most remarkable thing about Rangappa’s post, however, is how well she exhibits the absurdity of what really goes on here. She correctly states — as I reported here — that FBI only obtains 702 content in full investigations. And she provides a short description of FBI’s three investigative levels.

Specifically, the NSA passes on to the FBI information collected on selectors associated with “Full Investigations” opened by the FBI. Full Investigations are the most serious class of investigations within the Bureau, and require the most stringent predicate to open: There must be an “articulable factual basis” that a federal crime has occurred or is occurring or a threat to national security exists.  (Two other investigative classifications, Preliminary Investigations and Threat Assessments, have lower thresholds to open and shorter time limits to remain open.)

She helpfully describes how investigations work through stages, with new investigative methods approved for each

Querying DIVS is, quite literally, the first and most basic thing the FBI does in its investigative sequence. Depending on the kind of information the search returns, an agent will then take the next prescribed step as outlined in the FBI’s Domestic and Investigative Operations Guide (DIOG) until a case is either opened for further investigation, or the matter is resolved in the negative and closed.

She then dismisses the concern that FBI does queries of 702 data at the assessment level without really addressing it.

Much of the criticism of the FBI’s use of 702 centers around the fact that agents can query subjects in their databases even if there is no evidence of criminal wrongdoing. However, as any law enforcement official will tell you, criminals and spies don’t show up on the doorstep of law enforcement with all of their evidence and motives neatly tied up in a bow. Cases begin with leads, tips, or new information obtained in the course of other cases. Often, the discrete pieces of information the FBI receives may not in and of themselves constitute criminal acts – and the identifying information provided to the FBI may be incomplete. However, anytime the FBI receives a credible piece of information that could indicate a potential violation of the law or a threat to national security, it has a legal duty determine whether a basis for further investigation exists. It is for this reason that a query of its existing databases is essential before proceeding further.

Somehow, the necessity of investigating a tip requires not an assessment of the lead itself, but querying a vast data store to see if the lead connects to any other known evidence even if that evidence is not itself evidence of criminal behavior. (One of the reasons FBI does that — which I’ve written about elsewhere — is to make it easier to find informants.)

That logic — which absolutely reflects the logic under which FBI operates — is all the more bizarre given the fact that the FBI is obliged, under the same DIOG Rangappa cites as the basis for the step-by-step development of an FBI case, to always consider using the “least intrusive” means as laid out by this language in the Attorney General Guidelines.

The conduct of investigations and other activities authorized by these Guidelines may present choices between the use of different investigative methods that are each operationally sound and effective, but that are more or less intrusive, considering such factors as the effect on the privacy and civil liberties of individuals and potential damage to reputation. The least intrusive method feasible is to be used in such situations.

DIOG section 4.4, which lays out what least intrusive means, says that “wiretaps … are very intrusive.” It says that “collecting information regarding an isolated event, such as a certain phone number called … is less intrusive or invasive of an individual’s privacy than collecting a complete communications … profile.” It states that, “If, for example, the threat is remote, the individual’s involvement is speculative, and the probability of obtaining probative information is low, intrusive methods may not be justified, and, in fact, may do more harm than good.”

Ultimately, though, the DIOG swallows all these rules by stating that, “FBI employees may use any lawful method allowed, even if intrusive, where the intrusiveness is warranted by the threat to the national security.” The logic must be — probably not born out even by FBI’s limitation to obtaining raw 702 data tied to Full Investigations — that for any person tied to a Full Investigation, any possible tie to an American about whom someone has submitted a tip, national security overrides all FBI’s rules about least intrusive methods.

But nonetheless, the FBI’s own guidelines admit how intrusive it is to start an investigation by looking at entire conversations rather than simply seeing the record of a email sent. That is, however, what the routine practice is.