Sally Yates Doth Protest Too Much

Some months ago Ninth Circuit Judge Alex Kozinski wrote an important piece talking about the many way criminal prosecutions are not fair. A lot of it focused on the imperfect process behind key ingredients of prosecutions — eye witness testimony, fingerprint analysis, plea deals. But he also reprised his argument that we’ve seen an epidemic of Brady violations in recent years.

The Supreme Court has told us in no uncertain terms that a prosecutor’s duty is to do justice, not merely to obtain a conviction.38 It has also laid down some specific rules about how prosecutors, and the people who work for them, must behave—principal among them that the prosecution turn over to the defense exculpatory evidence in the possession of the prosecution and the police.39 There is reason to doubt that prosecutors comply with these obligations fully. The U.S. Justice Department, for example, takes the position that exculpatory evidence must be produced only if it is material.40 This puts prosecutors in the position of deciding whether tidbits that could be helpful to the defense are significant enough that a reviewing court will find it to be material, which runs contrary to the philosophy of the Brady/Giglio line of cases and increases the risk that highly exculpatory evidence will be suppressed. Beyond that, we have what I have described elsewhere as an “epidemic of Brady violations abroad in the land,”41 a phrase that has caused much controversy but brought about little change in the way prosecutors operate in the United States.

As Zoe Tillman writes, the DOJ is rolling out an effort to tell itself that the mean things said by a top Appellate judge aren’t true. Deputy Attorney General Sally Yates is going to give a speech telling prosecutors not to listen to that mean bully.

Deputy Attorney General Sally Yates on Tuesday is expected to deliver a rallying speech to a meeting of prosecutors that is a further response—albeit indirect—to Kozinski’s article.

Yates will say that the “overwhelming majority” of prosecutors honor their legal and ethical obligations, including the requirement that they turn over potentially favorable information to defense lawyers, according to a copy of her prepared remarks.

Yates’ planned remarks criticize defense lawyers who make allegations of prosecutorial misconduct “a standard litigation strategy,” and others who “irresponsibly” make misconduct allegations.

“Prosecutors are in these jobs because we care about our solemn obligation to seek justice, and when someone unfairly impugns that commitment, it strikes at the core of who we are,” Yates, who will speak at the National Prosecution Summit in Washington, is expected to say.

And the Associate Deputy Attorney General Andrew Goldsmith and U.S. Attorney John Walsh of Colorado wrote this letter, attempting to rebut that mean bully.

On its face, the entire effort is farcical. In recent years, DOJ has rewarded lawyers who helped it get away with misconduct. It failed, for years to give proper notice of Section 702 surveillance to defendants, and still hasn’t corrected the record with the Supreme Court about its false claim that it had been doing so. And until this summer, David Margolis served as an unwavering shield against DOJ actually disciplining its own.

But the funniest part of DOJ’s pushback is this paragraph from Goldsmith and Walsh’s letter.

On several occasions, Judge Kozinski referenced the prosecution of former senator Ted Stevens. The Stevens case, as others have noted, involved significant discovery failures and deserves to be held up as an object lesson to prosecutors. But the Department’s efforts in the aftermath of that case also deserve discussion. One of Eric Holder’s first acts after his swearing in as Attorney General was to seek dismissal of the conviction. In the months that followed, the Department undertook a sweeping review of its discovery-related procedures and instituted a string of new policies. All federal prosecutors, regardless of experience level, are now required to attend annual discovery trainings, while new prosecutors must attend rigorous, multi-day “discovery boot camps.” The Department developed a series of new policies governing the collection and disclosure of electronically stored information. And the Department established an extensive infrastructure of experienced prosecutors to focus on discovery issues, including a full-time national criminal discovery coordinator (who reports directly to the Deputy Attorney General, second only to the Attorney General herself at the Department of Justice) and discovery coordinators at each of the 93 U.S. Attorney’s Offices across the country.

That mean bully Alex Kozinski was wrong to bring up the time DOJ engaged in willful prosecutorial misconduct even of one of the most powerful men in the country, they say, because when caught doing so DOJ rolled out a system to try to prevent that from happening again.

Except that’s not all DOJ did. First, it went to great lengths to hide the independent review of its actions — a review which showed fairly rampant abuse. Then, when it conducted its own discipline of those who engaged in that abuse, it not only focused on the lower level prosecutors, but it also did nothing more than slap their wrists.

A Justice Department internal investigation of the botched prosecution of Ted Stevens concluded two prosecutors committed reckless professional misconduct and should be sanctioned through forced time off without pay.

DOJ officials recommended Joseph Bottini be suspended without pay for 40 days and James Goeke be suspended for 15 days without pay. DOJ did not find that either prosecutor acted intentionally to violate ethics rules, a finding that is contrary to a parallel criminal investigation.

Again, the Stevens case is a picture of what happens when prosecutorial misconduct is wielded against a very powerful white man — someone far more protected from abuse than the average federal defendant — and this is how things ended up, with a wrist-slap.

Maybe under her tenure, Yates plans to change this. Or maybe she just wants prosecutors not to worry too much about that bully in the Ninth.

But she needs to prove her intent through actions, not words, and thus far there’s little sign of those actions.

Update: Patrick Toomey also reminds me that DOJ the National Association of Criminal Defense Lawyers has been trying to get DOJ to share its guidelines on Brady, but thus far they’ve refused to give it over. NACDL has now appealed that to the DC Circuit.

The Loopholes in DOJ’s New Stingray Policy

DOJ just announced a new policy on use of Stingrays which requires a warrant and minimization of incidentally-collected data. It’s big news and an important improvement off the status quo.

But there are a few loopholes.

Exigent and emergency uses

First, the policy reserves exigent uses. The exigent uses include most of DOJ Agencies known uses of Stingrays now.

These include the need to protect human life or avert serious injury; the prevention of the imminent destruction of evidence; the hot pursuit of a fleeing felon; or the prevention of escape by a suspect or convicted fugitive from justice.


In addition, in the subset of exigent situations where circumstances necessitate emergency pen register authority pursuant to 18 U.S.C. § 3125 (or the state equivalent), the emergency must be among those listed in Section 3125: immediate danger of death or serious bodily injury to any person; conspiratorial activities characteristic of organized crime; an immediate threat to a national security interest; or an ongoing attack on a protected computer (as defined in 18 U.S.C. § 1030) that constitutes a crime punishable by a term of imprisonment greater than one year.

We know the US Marshals constitute the most frequent users of admitted Stingray use — they’d be covered in prevention of escape by a fugitive. DEA seems to use them a lot (though I think more of that remains hidden). That’d include “conspiratorial activities characteristic of organized crime.” And it’s clear hackers are included here, which includes the first known use, to capture Daniel Rigmaiden.

And I’m not sure whether the exigent/emergency use incorporates the public safety applications mentioned in the non-disclosure agreements localities sign with the FBI, or if that’s included in this oblique passage.

There may also be other circumstances in which, although exigent circumstances do not exist, the law does not require a search warrant and circumstances make obtaining a search warrant impracticable. In such cases, which we expect to be very limited, agents must first obtain approval from executive-level personnel at the agency’s headquarters and the relevant U.S. Attorney, and then from a Criminal Division DAAG. The Criminal Division shall keep track of the number of times the use of a cell-site simulator is approved under this subsection, as well as the circumstances underlying each such use.

In short, many, if not most, known uses are included in exceptions to the new policy.

Notice to defendants

The many known uses of Stingrays where warrants would not be necessary — and where DOJ would therefore just be using a PRTT — are of particular importance given the way new disclosure requirements work. There are, to be sure, admirable new requirements to tell judges what the fuck they’re approving and what it means. But nothing explicitly says defendants will not get noticed. DOJ has said no past or current usage of Stingrays will get noticed to defendants. And all these non-warrant uses of Stingrays will be noticed either, probably. In other words, this returns things to the condition where defendants won’t know — because they would normally expect to see a warrant that wouldn’t exist in these non-warrant uses.

Sharing with localities

The policy doesn’t apply to localities, which increasingly have their own Stingrays they permit federal agencies to use. Curiously, the language applying this policy to federal cooperation with localities would suggest the federal rules only apply if the Feds are supporting localities, not if the reverse (FBI borrowing Buffalo’s Stingray, for example) is the case.

The Department often works closely with its State and Local law enforcement partners and provides technological assistance under a variety of circumstances. This policy applies to all instances in which Department components use cell-site simulators in support of other Federal agencies and/or State and Local law enforcement agencies.

Thus, it may leave a big out for the kind of cooperation we know to exist.

National security uses

Then, of course, the policy only applies in the criminal context, though DOJ claims it will adopt a policy “consistent” with this one on the FISC side.

This policy applies to the use of cell-site simulator technology inside the United States in furtherance of criminal investigations. When acting pursuant to the Foreign Intelligence Surveillance Act, Department of Justice components will make a probable-cause based showing and appropriate disclosures to the court in a manner that is consistent with the guidance set forth in this policy.

BREAKING! FBI has been using Stingrays in national security investigations! (Told ya!)

This language is itself slippery. FISC use of Stingrays probably won’t be consistent on the FISC side (even accounting for the many ways exigent uses could be claimed in national security situations), because we know that FISC already has different rules for PRTT on the FISC side, in that it permits collection of post cut through direct dialed numbers — things like extension numbers — so long as that gets minimized after the fact. The section on minimization here emphasizes the “law enforcement” application as well. So I would assume that not only will national security targets of Stingrays not get noticed on it, but they may use different minimization rules as well (especially given FBI’s 30 year retention for national security investigation data).

Other agencies use of Stingrays for content

DOJ suggests that DOJ never collects content using Stingrays by stating that its Stingrays always get set not to collect content.

Moreover, cell-site simulators used by the Department must be configured as pen registers, and may not be used to collect the contents of any communication, in accordance with 18 U.S.C. § 3127(3). This includes any data contained on the phone itself: the simulator does not remotely capture emails, texts, contact lists, images or any other data from the phone. In addition, Department cell-site simulators do not provide subscriber account information (for example, an account holder’s name, address, or telephone number).

But the rest of the policy makes it clear that department agents will work with other agencies on Stingray use. Some of those — such as JSOC — not only would have Stingrays that get content, but can even partner within the US with FBI.  So DOJ hasn’t actually prohibited its agencies from getting content from a Stingray (domestically — it goes without saying they’re permitted to do so overseas), just that it won’t do so using its own Stingrays.

Funny definitional games

Finally, while not necessarily a loophole (or at least not one I completely understand yet), I’m interested in this definition.

In the context of this policy, the terms “collection” and “retention” are used to address only the unique technical process of identifying dialing, routing, addressing, or signaling information, as described by 18 U.S.C. § 3 I 27(3), emitted by cellular devices. “Collection” means the process by which unique identifier signals are obtained; “retention” refers to the period during which the dialing, routing, addressing, or signaling information is utilized to locate or identify a target device, continuing until tlle point at whic!h such information is deleted.

This definition (which only applies to this policy and therefore perhaps not to national security uses of Stingrays) employs an entirely different definition for collection and retention than other collection that relies on collection then software analysis. Under upstream collection, for example, the government calls this definition of “retention” something closer to “collection.” Don’t get me wrong — this is probably a better definition than that used in other contexts. But I find it funny that FBI employs such different uses of these words in very closely connected contexts.

So, in sum, this is a real victory, especially the bit about actually telling judges what they’re approving when they approve it.

But there are some pretty obvious loopholes here….

Update: ACLU also welcomes this while pointing to some of the limits of the policy.

Update: Here are some of my posts on the FISA uses of PRTT, including (we now know) Stingrays.

On the Apple Back Door Rumors … Remember Lavabit

During the July 1 Senate Judiciary Committee hearing on back doors, Deputy Attorney General Sally Yates claimed that the government doesn’t want the government to have back doors into encrypted communications. Rather, they wanted corporations to retain the back doors to be able to access communications if the government had legal process to do so. (After 1:43.)

We’re not going to ask the companies for any keys to the data. Instead, what we’re going to ask is that the companies have an ability to access it and then with lawful process we be able to get the information. That’s very different from what some other countries — other repressive regimes — from the way that they’re trying to get access to the information.

The claim was bizarre enough, especially as she went on to talk about other countries not having the same lawful process we have (as if that makes a difference to software code).

More importantly, that’s not true.

Remember what happened with Lavabit, when the FBI was in search of what is presumed to be Edward Snowden’s email. Lavabit owner Ladar Levison had a discussion with FBI about whether it was technically feasible to put a pen register on the targeted account. After which the FBI got a court order to do it. Levison tried to get the government to let him write a script that would provide them access to just the targeted account or, barring that, provide for some kind of audit to ensure the government wasn’t obtaining other customer data.

The unsealed documents describe a meeting on June 28th between the F.B.I. and Levison at Levison’s home in Dallas. There, according to the documents, Levison told the F.B.I. that he would not comply with the pen-register order and wanted to speak to an attorney. As the U.S. Attorney for the Eastern District of Virginia, Neil MacBride, described it, “It was unclear whether Mr. Levison would not comply with the order because it was technically not feasible or difficult, or because it was not consistent with his business practice in providing secure, encrypted e-mail service for his customers.” The meeting must have gone poorly for the F.B.I. because McBride filed a motion to compel Lavabit to comply with the pen-register and trap-and-trace order that very same day.

Magistrate Judge Theresa Carroll Buchanan granted the motion, inserting in her own handwriting that Lavabit was subject to “the possibility of criminal contempt of Court” if it failed to comply. When Levison didn’t comply, the government issued a summons, “United States of America v. Ladar Levison,” ordering him to explain himself on July 16th. The newly unsealed documents reveal tense talks between Levison and the F.B.I. in July. Levison wanted additional assurances that any device installed in the Lavabit system would capture only narrowly targeted data, and no more. He refused to provide real-time access to Lavabit data; he refused to go to court unless the government paid for his travel; and he refused to work with the F.B.I.’s technology unless the government paid him for “developmental time and equipment.” He instead offered to write an intercept code for the account’s metadata—for thirty-five hundred dollars. He asked Judge Hilton whether there could be “some sort of external audit” to make sure that the government did not take additional data. (The government plan did not include any oversight to which Levison would have access, he said.)

Most important, he refused to turn over the S.S.L. encryption keys that scrambled the messages of Lavabit’s customers, and which prevent third parties from reading them even if they obtain the messages.

The discussions disintegrated because the FBI refused to let Levison do what Yates now says they want to do: ensure that providers can hand over the data tailored to meet a specific request. That’s when Levison tried to give FBI his key in what it claimed (even though it has done the same for FOIAs and/or criminal discovery) was in a type too small to read.

On August 1st, Lavabit’s counsel, Jesse Binnall, reiterated Levison’s proposal that the government engage Levison to extract the information from the account himself rather than force him to turn over the S.S.L. keys.

THE COURT: You want to do it in a way that the government has to trust you—
BINNALL: Yes, Your Honor.
THE COURT: —to come up with the right data.
BINNALL: That’s correct, Your Honor.
THE COURT: And you won’t trust the government. So why would the government trust you?
Ultimately, the court ordered Levison to turn over the encryption key within twenty-four hours. Had the government taken Levison up on his offer, he may have provided it with Snowden’s data. Instead, by demanding the keys that unlocked all of Lavabit, the government provoked Levison to make a last stand. According to the U.S. Attorney MacBride’s motion for sanctions,
At approximately 1:30 p.m. CDT on August 2, 2013, Mr. Levison gave the F.B.I. a printout of what he represented to be the encryption keys needed to operate the pen register. This printout, in what appears to be four-point type, consists of eleven pages of largely illegible characters. To make use of these keys, the F.B.I. would have to manually input all two thousand five hundred and sixty characters, and one incorrect keystroke in this laborious process would render the F.B.I. collection system incapable of collecting decrypted data.
The U.S. Attorneys’ office called Lavabit’s lawyer, who responded that Levison “thinks” he could have an electronic version of the keys produced by August 5th.

Levison came away from the debacle believing that the FBI didn’t understand what it was asking for when they asked for his keys.

One result of this newfound expertise, however, is that Levison believes there is a knowledge gap between the Department of Justice and law-enforcement agencies; the former did not grasp the implications of what the F.B.I. was asking for when it demanded his S.S.L. keys.

I raise all this because of the rumor — which Bruce Schneier inserted into his excerpt of this Nicholas Weaver post — that FBI is already fighting before FISC with Apple for a back door.

There’s a persistent rumor going around that Apple is in the secret FISA Court, fighting a government order to make its platform more surveillance-friendly — and they’re losing. This might explain Apple CEO Tim Cook’s somewhat sudden vehemence about privacy. I have not found any confirmation of the rumor.

Weaver’s post describes how, because of the need to allow users to access their iMessage account from multiple devices (think desktop, laptop, iPad, and phone), Apple technically could give FBI a key.

In iMessage, each device has its own key, but its important that the sent messages also show up on all of Alice’s devices.  The process of Alice requesting her own keys also acts as a way for Alice’s phone to discover that there are new devices associated with Alice, effectively enabling Alice to check that her keys are correct and nobody has compromised her iCloud account to surreptitiously add another device.

But there remains a critical flaw: there is no user interface for Alice to discover (and therefore independently confirm) Bob’s keys.  Without this feature, there is no way for Alice to detect that an Apple keyserver gave her a different set of keys for Bob.  Without such an interface, iMessage is “backdoor enabled” by design: the keyserver itself provides the backdoor.

So to tap Alice, it is straightforward to modify the keyserver to present an additional FBI key for Alice to everyone but Alice.  Now the FBI (but not Apple) can decrypt all iMessages sent to Alice in the future.

Admittedly, as heroic as Levison’s decision to shut down Lavabit rather than renege on a promise he made to his customers, Apple has a lot more to lose here strictly because of the scale involved. And in spite of the heated rhetoric, FBI likely still trusts Apple more than they trusted Levison.

Still, it’s worth noting that Yates’ claim that FBI doesn’t want keys to communications isn’t true — or at least wasn’t before her tenure at DAG. Because a provider, Levison, insisted on providing his customers what he had promised, the FBI grew so distrustful of him they did demand a key.

OLC Undermines DOJ Inspector General Independence

For over a year, DOJ’s Inspector General has been trying to ensure it got ready access to things like grand jury materials (this has been pertinent in the Fast and Furious investigation and how DEA and FBI use the latter’s dragnet, among other things). As part of this effort, the IG asked OLC to weigh in on whether it should be able to access this information, or whether it needed to ask nicely, as it has been forced to do.

Here’s the opinion. Here’s the key passage:

In particular, Title III permits Department officials to disclose to OIG the contents of intercepted communications when doing so could aid the disclosing official or OIG in the performance of their duties related to law enforcement, including duties related to Department leadership’s supervision of law enforcement activities on a programmatic or policy basis. Rule 6(e) permits disclosure of grand jury materials to OIG if a qualifying attorney determines that such disclosure could assist her in the performance of her criminal law enforcement duties, including any supervisory law enforcement duties she may have. And FCRA permits the FBI to disclose to OIG consumer information obtained pursuant to section 626 if such disclosure could assist in the approval or conduct of foreign counterintelligence investigations, including in the supervision of such investigations on a programmatic or policy basis. In our view, however, Title III and Rule 6(e) forbid disclosures that have either an attenuated or no connection with the conduct of the Department’s criminal law enforcement programs or operations, and section 626 of FCRA forbids disclosures that have either an attenuated or no connection with the approval or conduct of foreign counterintelligence investigations.

And here’s OIG’s response.

Today’s opinion by the OLC undermines the OIG’s independence, which is a hallmark of the Inspector General system and is essential to carrying out the OIG’s oversight responsibilities under the Inspector General Act. The OLC’s opinion restricts the OIG’s ability to independently access all records in the Justice Department’s possession that are necessary for our audits, reviews, and investigations, and is contrary to the principles and express language set forth in the Inspector General Act.

The opinion also finds that, in adopting Section 218 of the Department of Justice’s FY 2015 Appropriations Act, Congress’ intent was not sufficiently clear to support independent OIG access to all records in the Department’s possession. The OLC’s opinion reaches this conclusion even though Congress passed Section 218 “to improve OIG access to Department documents and information” following the Department’s failure to independently and timely provide all responsive records to the OIG, and Section 218 explicitly provides that the Department may not use appropriated funds to withhold records from the OIG for reasons other than as expressly provided in the Inspector General Act.

As a result of the OLC’s opinion, the OIG will now need to obtain Justice Department permission in order to get access to important information in the Department’s files – putting the agency over which the OIG conducts oversight in the position of deciding whether to give the OIG access to the information necessary to conduct that oversight. The conflict with the principles enshrined in the Inspector General Act could not be clearer and, as a result, the OIG’s work will be adversely impacted.

The OIG will immediately ask Congress to pass legislation ensuring that the OIG has independent access to the information it needs for its work. The Attorney General and the Deputy Attorney General have each expressed their commitment to join the OIG in this effort.

Inspector General Michael E. Horowitz stated:

“I strongly disagree with the OLC opinion. Congress meant what it said when it authorized Inspectors General to independently access ‘all’ documents necessary to conduct effective oversight. Without such access, our Office’s ability to conduct its work will be significantly impaired, and it will be more difficult for us to detect and deter waste, fraud, and abuse, and to protect taxpayer dollars. We look forward to working with the Congress and the Justice Department to promptly remedy this serious situation.”

[This post has been updated to add the opinion.]