Posts

Why Are Republicans Still Squealing about FISA Applications If HPSCI Report Cedes Carter Page Concerns?

Republicans in Congress continue to make fairly breath-taking demands on Rod Rosenstein and Christopher Wray in what seems to be an attempt to create a bogus claim of non-responsiveness that Trump can use to fire one or both of them.

First there was the demand that the House Intelligence Committee get all of FBI’s non-grand jury records on the Mueller investigation, a demand Paul Ryan backed. Then there was the push to publish the Nunes memo over DOJ’s objections. More recently, after Wray’s doubling the number of FBI staffers (to 54) in an attempt to meet a Bob Goodlatte document deadline for FISA, Hillary investigation, and McCabe firing materials proved insufficient, Jeff Sessions has put Chicago’s US Attorney, John Lausch, in charge of the response. As with Sessions’ selection of Utah US Attorney John Huber to review other GOP demands, Sessions seems to be giving himself and his deputies cover from fairly ridiculous GOP demands.

Nevertheless, such concessions have not entirely sheltered Trump’s main targets from the kinds of complaints that might expose Robert Mueller’s investigation below them. Mark Meadows, one of the lead attack dogs in this congressional obstruction effort, even suggested Congress might impeach Rosenstein for failing to meet a 2-week deadline on a Bob Goodlatte subpoena.

Through it all, the complaints that FBI used the Steele dossier as one piece of evidence in Carter Page’s FISA application, persist. This, in spite of the fact that Page had been under FISA surveillance years before, and in spite of the fact that all sides agree that the counterintelligence investigation into Trump’s aides started in response to the George Papadopoulos tip from Australia.

This, in spite of the passage from the Schiff memo (including one redacted sentence) that seems to assert that FBI considered Page an on-going counterintelligence concern.

DOJ cited multiple sources to support the case for surveillance Page — but made only narrow use of information from Steele’s sources about Page’s specific activities in 2016, chiefly his suspected July 2016 meetings in Moscow with Russian officials. [entire short sentence redacted] In fact, the FBI interviewed Page in March 2016 about his contact with Russian intelligence, the very month candidate Donald Trump named hi a foreign policy advisor.

And the Schiff memo is consistent with what Sheldon Whitehouse (among the few other people who had read the application at the time) said.

Whitehouse: I’ve got to be careful because some of this is still classified. But the conclusion that I’ve reached is that there was abundant evidence outside of the Steele dossier that would have provoked any responsible FBI with a counterintelligence concern to look at whether Carter Page was an undisclosed foreign agent. And to this day the FBI continues to assert that he was a undisclosed Russian foreign agent.

Importantly, however, it’s no longer just former prosecutors in the Democratic party who seem to confirm that Page was a real counterintelligence concern, and therefore legitimately a FISA target. At least, that’s what these two passages from the GOP House Intelligence Report suggest.

If you’re complaining that the Intelligence Community didn’t inform Trump about that members of his campaign team were “assessed to be potential counterintelligence concerns,” (and this likely includes Paul Manafort, as well as Page), then you can’t very well complain if FBI obtained a FISA warrant once those counterintelligence concerns left the campaign team. Hell, you’re practically inviting the FBI to obtain such a warrant while the counterintelligence concern is on the campaign, to help warn the candidate.

I know this is a bit to ask, but the GOP should not be able to have it both ways, to try to discredit the Trump investigation by pointing to the use of the Steele dossier in targeting Page, even while demanding FBI should have shared what it knew about Page because he posed a risk to Trump.

On the Grassley-Feinstein Dispute

In a podcast with Preet Bharara this week, Sheldon Whitehouse had the following exchange about whether he thought Carter Page should have been surveilled. (after 24:30)

Whitehouse: I’ve got to be a little bit careful because I’m one of the few Senators who have been given access to the underlying material.

Bharara: Meaning the affidavit in support of the FISA application.

Whitehouse And related documents, yes. The package.

Bharara: And you’ve gone to read them?

Whitehouse: I’ve gone to read them.

Bharara: You didn’t send Trey Gowdy?

Whitehouse: [Laughs] I did not send Trey Gowdy. I actually went through them. And, so I’ve got to be careful because some of this is still classified. But the conclusion that I’ve reached is that there was abundant evidence outside of the Steele dossier that would have provoked any responsible FBI with a counterintelligence concern to look at whether Carter Page was an undisclosed foreign agent. And to this day the FBI continues to assert that he was a undisclosed Russian foreign agent.

For the following discussion, then, keep in mind that a very sober former US Attorney has read the case against Carter Page and says that the FBI still — still, after Page is as far as we know no longer under a FISA order — asserts he “was” an undisclosed foreign agent (it’s not clear what that past tense “was” is doing, as it could mean he was a foreign agent until the attention on him got too intense or remains one; also, I believe John Ratcliffe, a Republican on the House Judiciary Committee and also a former US Attorney, has read the application too).

With that background, I’d like to turn to the substance of the dispute between Chuck Grassley and Dianne Feinstein over the dossier, which has played out in the form of a referral of Christopher Steele to FBI for lying. In the wake of the Nunes memo theatrics, Grassley released first a heavily redacted version of the referral he and Lindsey Graham sent the FBI in early January, followed by a less-redacted version this week. The referral, even as a transparent political stunt, is nevertheless more substantive than Devin Nunes’ memo, leading some to take it more seriously.  Which may be why Feinstein released a rebuttal this week.

In case you’re wondering, I’m tracking footnote escalation in these documents. They line up this way:

  • 0: Nunes memo (0 footnotes over 4 pages, or 1 over 6 if you count Don McGahn’s cover letter)
  • 2.6: Grassley referral (26 footnotes over 10 pages)
  • 3.6: Schiff memo (36 footnotes, per HPSCI transcript, over 10 pages)
  • 5.4: Feinstein rebuttal (27 footnotes over 5 pages)

So let me answer a series of questions about the memo as a way of arguing that, while by all means the FBI’s use of consultants might bear more scrutiny, this is still a side-show.

Did Christopher Steele lie?

The Grassely-Graham referral says Steele may have lied, but doesn’t commit to whether classified documents obtained by the Senate Judiciary Committee (presumably including the first two Page applications), a declaration Steele submitted in a British lawsuit, or Steele’s statements to the FBI include lies.

The FBI has since provided the Committee access to classified documents relevant to the FBI’s relationship with Mr. Steele and whether the FBI relied on his dossier work. As explained in greater detail below, when information in those classified documents is evaluated in light of sworn statements by Mr. Steele in British litigation, it appears that either Mr. Steele lied to the FBI or the British court, or that the classified documents reviewed by the Committee contain materially false statements.

On September 3, 2017 — a good three months before the Grassley-Graham referral — I pointed to a number of things in the Steele declaration, specifically pertaining to who got the dossier or heard about it when, that I deemed “improbable.”

That was the genius of the joint (!!) Russian-Republican campaign of lawfare against the dossier. As Steele and BuzzFeed and Fusion tried to avoid liability for false claims against Webzilla and Alfa Bank and their owners, they were backed into corners where they had to admit that Democrats funded the dossier and made claims that might crumble as Congress scrutinized the dossier.

So, yeah, I think it quite possible that Steele told some stretchers.

Did Christopher Steele lie to the FBI?

But that only matters if he lied to the FBI (and not really even there). The UK is not about to extradite one of its former spies because of lies told in the UK — they’re not even going to extradite alleged hacker Lauri Love, because we’re a barbaric country. And I assume the Brits give their spooks even more leeway to fib a little to courts than the US does.

The most critical passage of the referral on this point, which appears to make a claim about whether Steele told the FBI he had shared information with the press before they first used his dossier in a Page application, looks like this.

The footnote in the middle of that redacted passage goes to an unredacted footnote that says,

The FBI has failed to provide the Committee the 1023s documenting all of Mr. Steele’s statements to the FBI, so the Committee is relying on the accuracy of the FBI’s representation to the FISC regarding the statements.

1023s are Confidential Human Source reports.

I say that’s the most important passage because the referral goes on to admit that in subsequent FISA applications the FBI explained that the relationship with Steele had been terminated because of his obvious involvement in the October 31, 2016 David Corn story. Graham and Grassley complain that the FBI didn’t use Steele’s defiance of the FBI request not to share this information with anyone besides the FBI to downgrade his credibility rankings. Apparently FISC was less concerned about that than Graham and Grassley, which may say more about standards for informants in FISA applications than Steele or Carter Page.

The footnote, though, is the biggest tell. That’s because Feinstein’s rebuttal makes it quite clear that after Grassley and Graham made their referral, SJC received documents — which, given what we know has been given to HPSCI, surely include those 1023s — that would alter the claims made in the referral.

The Department of Justice has provided documents regarding its interactions with Mr. Steele to the Judiciary Committee both before and after the criminal referral was made. Despite this, the Majority did not modify the criminal referral and pressed forward with its original claims, which do not take into account the additional information provided after the initial January 4 referral.

Feinstein then goes on to state, several times and underlining almost everything for emphasis, that the referral provides no proof that Steele was ever asked if he had served as the source for Isikoff.

  • Importantly, the criminal referral fails to identify when, if ever, Mr. Steele was asked about and provided a materially false statement about his press contacts.
  • Tellingly, it also fails to explain any circumstances which would have required Mr. Steele to seek the FBI’s permission to speak to the press or to disclose if he had done so.

[snip]

But the criminal referral provides no evidence that Steele was ever asked about the Isikoff article, or if asked that he lied.

In other words, between the redacted claim about what Steele said and Feinstein’s repeated claims that the referral presents no evidence Steele was asked about his prior contacts with the press, the evidence seems to suggest that Steele was probably not asked. And once he was, after the Corn article, he clearly did admit to the FBI he had spoken with the press. So while it appears Steele blew off the FBI’s warnings not to leak to the press, the evidence that he lied to the FBI appears far weaker.

Does it harm the viability of the FISA application?

That should end the analysis, because the ostensible purpose of the referral is a criminal referral, not to make an argument about the FISA process.

But let’s assess the memo’s efforts to discredit the FISA application.

In two places, the referral suggests the dossier played a bigger role in the FISA application than, for example, Whitehouse suggests.

Indeed, the documents we have reviewed show that the FBI took important investigative steps largely based on Mr. Steele’s information–and relying heavily on his credibility.

[snip]

Mr. Steele’s information formed a significant portion of the FBI’s warrant application, and the FISA application relied more heavily on Steele’s credibility than on any independent verification or corroboration for his claims. Thus the basis for the warrant authorizing surveillance on a U.S. citizen rests largely on Mr. Steele’s credibility.

These claims would be more convincing, however, if they acknowledged that FBI had to have obtained valuable foreign intelligence off their Page wiretap over the course of the year they had him wiretapped to get three more applications approved.

Indeed, had Grassley and Graham commented on the addition of new information in each application, their more justifiable complaint that the FBI did not alert FISC to the UK filings in which Steele admitted more contact with the press than (they claim) show up in the applications would be more compelling. If you’re going to bitch about newly learned information not showing up in subsequent applications, then admit that newly acquired information showed up.

Likewise, I’m very sympathetic with the substance of the Grassley-Graham complaint that Steele’s discussions with the press made it more likely that disinformation got inserted into the dossier (see my most recently post on that topic), but I think the Grassley-Graham complaint undermines itself in several ways.

Simply put, the more people who contemporaneously knew that Mr. Steele was compiling his dossier, the more likely it was vulnerable to manipulation. In fact, the British litigation, which involves a post-election dossier memorandum, Mr. Steele admitted that he received and included in it unsolicited–and unverified–allegations. That filing implies that implies that he similar received unsolicited intelligence on these matters prior to the election as well, stating that Mr. Steele “continued to receive unsolicited intelligence on the matters covered by the pre-election memoranda after the US Presidential election.” [my underline]

The passage is followed by an entirely redacted paragraph that likely talks about disinformation.

This is actually an important claim, not just because it raises the possibility that Page might be unfairly surveilled as part of a Russian effort to distract attention from others (though its use in a secret application wouldn’t have sown the discord it has had it not leaked), but also because we can check whether their claims hold up against the Steele declaration. It’s one place we can check the referral to see whether their arguments accurately reflect the underlying evidence.

Importantly, to support a claim the potential for disinformation in the Steele dossier show up in the form of unsolicited information earlier than they otherwise substantiate, they claim a statement in Steele’s earlier declaration pertains to pre-election memos. Here’s what it looks like in that declaration:

That is, Steele didn’t say he was getting unsolicited information prior to the election; this was, in both declarations, a reference to the single December report.

Moreover, while I absolutely agree that the last report is the most likely to be disinformation, the referral is actually not clear whether that December 13 report ever actually got included in a FISA application. There’s no reason it would have been. While the last report mentions Page, the mention is only a referral back to earlier claims that Trump’s camp was trying to clean up after reports of Page’s involvement with the Russians got made public. So the risk that the December memorandum consisted partially or wholly of disinformation is likely utterly irrelevant to the validity of the three later FISA orders targeting Page.

Which is to say that, while I think worries about disinformation are real (particularly given their reference to Rinat Akhmetshin allegedly learning about the dossier during the summer, which I wrote about here), the case Grassley and Graham make on that point both miscites Steele’s own declaration and overstates the impact of their argued case on a Page application.

What about the Michael Isikoff reference?

Perhaps the most interesting detail in the Grassley-Graham referral pertains to their obsession with the applications’ references to the September 23 Michael Isikoff article based off Steele’s early discussions with the press. Grassley-Graham claim there’s no information corroborating the dossier (there’s a redacted Comey quote that likely says something similar). In that context, they point to the reference to Isikoff without explaining what it was doing there.

The application appears to contain no additional information corroborating the dossier allegations against Mr. Page, although it does cite to a news article that appears to be sourced to Mr. Steele’s dossier as well.

Elsewhere, I’ve seen people suggest the reference to Isikoff may have justified the need for secrecy or something, rater than as corroboration. But neither the referral nor Feinstein’s rebuttal explains what the reference is doing.

In this passage, Grassley and Graham not only focus on Isikoff, but they ascribe certain motives to the way FBI referred to it, suggesting the claim that they did not believe Steele was a source for Isikoff was an attempt to “shield Mr. Steele’s credibility.”

There’s absolutely no reason the FBI would have seen the need to shield Steele’s credibility in October. He was credible. More troubling is that the FBI said much the same thing in January.

In the January reapplication, the FBI stated in a footnote that, “it did not believe that Steele gave information to Yahoo News that ‘published the September 23 News Article.”

Let’s do some math.

If I’m doing my math correctly, if the FISA reapplications happened at a regular 90 day interval, they’d look like this.

That’d be consistent with what the Nunes memo said about who signed what, and would fit the firing dates of January 30 for Yates and May 9 for Comey, as well as the start date for Rosenstein of April 26 (Chris Wray started on August 1).

If that’s right, then Isikoff wrote his second article on the Steele dossier, one that made it clear via a link his earlier piece had been based off Steele, before the second application was submitted (though the application would have been finished and submitted in preliminary form a week earlier, meaning FBI would have had to note the Isikoff piece immediately to get it into the application, but the topic of the Isikoff piece — that Steele was an FBI asset — might have attracted their attention).

But that’s probably not right because the Grassley-Graham referral describes a June, not July, reapplication, meaning the application would have been no later than the last week of June. That makes the reauthorization dates look more like this, distributing the extra days roughly proportionately:

That would put the second footnote claiming the FBI had no reason to believe the September Isikoff piece was based on Steele before the time when the second Isikoff piece made it clear.

I’m doing this for a second reason, however. It’s possible (particularly given Whitehouse’s comments) Carter Page remains under surveillance, but for some reason it’s no longer contentious.

That might be the case if the reapplications no longer rely on the dossier.

And I’m interested in that timing because, on September 9, I made what was implicit clear: That pointing to the September Isikoff piece to claim the Steele dossier had been corroborated was self-referential. I’m not positive I was the first, but by that point, the Isikoff thing would have been made explicit.

Does this matter at all to the Mueller inquiry?

Ultimately, though, particularly given the Nunes memo confirmation that the counterintelligence investigation into Trump’s people all stems from the George Papadopoulos tip, and not Page (particularly given the evidence that the FBI was very conservative in their investigation of him) there’s not enough in even the Grassley-Graham referral to raise questions about the Mueller investigation, especially given a point I made out in the Politico last week.

According to a mid-January status report in the case against Manafort and his deputy, Rick Gates, the government has turned over “more than 590,000 items” to his defense team, “including (but not limited to) financial records, records from vendors identified in the indictment, email communications involving the defendants, and corporate records.” He and Gates have received imaged copies of 87 laptops, phones and thumb drives, and copies off 19 search-warrant applications. He has not received, however, a FISA notice, which the government would be required to provide if they planned to use anything acquired using evidence obtained using the reported FISA warrant against Manafort. That’s evidence of just how much of a distraction Manafort’s strategy [of using the Steele dossier to discredit the Mueller investigation] is, of turning the dossier into a surrogate for the far more substantive case against him and others.

And it’s not just Manafort. Not a single thing in the George Papadopoulos and Michael Flynn guilty pleas—for lying to the FBI—stems from any recognizable mention in the dossier, either. Even if the Steele dossier were a poisoned fruit, rather than the kind of routine oppo research that Republicans themselves had pushed to the FBI to support investigations, Mueller has planted an entirely new tree blooming with incriminating details.

Thus the point of my graphic above. The Steele dossier evidence used in the Carter Page FISA application to support an investigation into Cater Page, no matter what else it says about the FISA application process or FBI candor, is just a small corner of the investigation into Trump’s people.

 

A Dragnet of emptywheel’s Most Important Posts on Surveillance, 2007 to 2017

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten this week.

To celebrate, the emptywheel team has been sharing some of our favorite work from the last decade. This is my massive dragnet of surveillance posts.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2007

Whitehouse Reveals Smoking Gun of White House Claiming Not to Be Bound by Any Law

Just days after opening the new digs, I noticed Sheldon Whitehouse entering important details into the Senate record — notably, that John Yoo had pixie dusted EO 12333 to permit George Bush to authorize the Stellar Wind dragnet. In the ten years since, both parties worked to gradually expand spying on Americans under EO 12333, only to have Obama permit the sharing of raw EO 12333 data in its last days in office, completing the years long project of restoring Stellar Wind’s functionalities. This post, from 2016, analyzes a version of the underlying memo permitting the President to change EO 12333 without providing public notice he had done so.

2008

McConnell and Mukasey Tell Half Truths

In the wake of the Protect America Act, I started to track surveillance legislation as it was written, rather than figure out after the fact how the intelligence community snookered us. In this post, I examined the veto threats Mike McConnell and Michael Mukasey issued in response to some Russ Feingold amendments to the FISA Amendments Act and showed that the government intended to use that authority to access Americans’ communication via both what we now call back door searches and reverse targeting. “That is, one of the main purposes is to collect communications in the United States.”

9 years later, we’re still litigating this (though, since then FISC has permitted the NSA to collect entirely domestic communications under the 2014 exception).

2009

FISA + EO 12333 + [redacted] procedures = No Fourth Amendment

The Government Sez: We Don’t Have a Database of All Your Communication

After the FISCR opinion on what we now know to be the Yahoo challenge to Protect American Act first got declassified, I identified several issues that we now have much more visibility on. First, PAA permitted spying on Americans overseas under EO 12333. And it didn’t achieve particularity through the PAA, but instead through what we know to be targeting procedures, including contact chaining. Since then we’ve learned the role of SPCMA in this.

In addition, to avoid problems with back door searches, the government claimed it didn’t have a database of all our communication — a claim that, narrowly parsed might be true, but as to the intent of the question was deeply misleading. That claim is one of the reasons we’ve never had a real legal review of back door searches.

Bush’s Illegal Domestic Surveillance Program and Section 215

On PATRIOTs and JUSTICE: Feingold Aims for Justice

During the 2009 PATRIOT Act reauthorization, I continued to track what the government hated most as a way of understanding what Congress was really authorizing. I understood that Stellar Wind got replaced not just by PAA and FAA, but also by the PATRIOT authorities.

All of which is a very vague way to say we probably ought to be thinking of four programs–Bush’s illegal domestic surveillance program and the PAA/FAA program that replaced it, NSLs, Section 215 orders, and trap and trace devices–as one whole. As the authorities of one program got shut down by exposure or court rulings or internal dissent, it would migrate to another program. That might explain, for example, why Senators who opposed fishing expeditions in 2005 would come to embrace broadened use of Section 215 orders in 2009.

I guessed, for example, that the government was bulk collecting data and mining it to identify targets for surveillance.

We probably know what this is: the bulk collection and data mining of information to select targets under FISA. Feingold introduced a bajillion amendments that would have made data mining impossible, and each time Mike McConnell and Michael Mukasey would invent reasons why Feingold’s amendments would have dire consequences if they passed. And the legal information Feingold refers to is probably the way in which the Administration used EO 12333 and redacted procedures to authorize the use of data mining to select FISA targets.

Sadly, I allowed myself to get distracted by my parallel attempts to understand how the government used Section 215 to obtain TATP precursors. As more and more people confirmed that, I stopped pursuing the PATRIOT Act ties to 702 as aggressively.

2010

Throwing our PATRIOT at Assange

This may be controversial, given everything that has transpired since, but it is often forgotten what measures the US used against Wikileaks in 2010. The funding boycott is one thing (which is what led Wikileaks to embrace Bitcoin, which means it is now in great financial shape). But there’s a lot of reason to believe that the government used PATRIOT authorities to target not just Wikileaks, but its supporters and readers; this was one hint of that in real time.

2011

The March–and April or May–2004 Changes to the Illegal Wiretap Program

When the first iteration of the May 2004 Jack Goldsmith OLC memo first got released, I identified that there were multiple changes made and unpacked what some of them were. The observation that Goldsmith newly limited Stellar Wind to terrorist conversations is one another reporter would claim credit for “scooping” years later (and get the change wrong in the process). We’re now seeing the scope of targeting morph again, to include a range of domestic crimes.

Using Domestic Surveillance to Get Rapists to Spy for America

Something that is still not widely known about 702 and our other dragnets is how they are used to identify potential informants. This post, in which I note Ted Olson’s 2002 defense of using (traditional) FISA to find rapists whom FBI can then coerce to cooperate in investigations was the beginning of my focus on the topic.

2012

FISA Amendments Act: “Targeting” and “Querying” and “Searching” Are Different Things

During the 2012 702 reauthorization fight, Ron Wyden and Mark Udall tried to stop back door searches. They didn’t succeed, but their efforts to do so revealed that the government was doing so. Even back in 2012, Dianne Feinstein was using the same strategy the NSA currently uses — repeating the word “target” over and over — to deny the impact on Americans.

Sheldon Whitehouse Confirms FISA Amendments Act Permits Unwarranted Access to US Person Content

As part of the 2012 702 reauthorization, Sheldon Whitehouse said that requiring warrants to access the US person content collected incidentally would “kill the program.” I took that as confirmation of what Wyden was saying: the government was doing what we now call back door searches.

2013

20 Questions: Mike Rogers’ Vaunted Section 215 Briefings

After the Snowden leaks started, I spent a lot of time tracking bogus claims about oversight. After having pointed out that, contrary to Administration claims, Congress did not have the opportunity to be briefed on the phone dragnet before reauthorizing the PATRIOT Act in 2011, I then noted that in one of the only briefings available to non-HPSCI House members, FBI had lied by saying there had been no abuses of 215.

John Bates’ TWO Wiretapping Warnings: Why the Government Took Its Internet Dragnet Collection Overseas

Among the many posts I wrote on released FISA orders, this is among the most important (and least widely understood). It was a first glimpse into what now clearly appears to be 7 years of FISA violation by the PRTT Internet dragnet. It explains why they government moved much of that dragnet to SPCMA collection. And it laid out how John Bates used FISA clause 1809(a)(2) to force the government to destroy improperly collected data.

Federated Queries and EO 12333 FISC Workaround

In neither NSA nor FBI do the authorities work in isolation. That means you can conduct a query on federated databases and obtain redundant results in which the same data point might be obtained via two different authorities. For example, a call between Michigan and Yemen might be collected via bulk collection off a switch in or near Yemen (or any of the switches between there and the US), as well as in upstream collection from a switch entering the US (and all that’s assuming the American is not targeted). The NSA uses such redundancy to apply the optimal authority to a data point. With metadata, for example, it trained analysts to use SPCMA rather than PATRIOT authorities because they could disseminate it more easily and for more purposes. With content, NSA appears to default to PRISM where available, probably to bury the far more creative collection under EO 12333 for the same data, and also because that data comes in structured form.

Also not widely understood: the NSA can query across metadata types, returning both Internet and phone connection in the same query (which is probably all the more important now given how mobile phones collapse the distinction between telephony and Internet).

This post described how this worked with the metadata dragnets.

The Purpose(s) of the Dragnet, Revisited

The government likes to pretend it uses its dragnet only to find terrorists. But it does far more, as this analysis of some court filings lays out.

2014

The Corporate Store: Where NSA Goes to Shop Your Content and Your Lifestyle

There’s something poorly understood about the metadata dragnets NSA conducts. The contact-chaining isn’t the point. Rather, the contact-chaining serves as a kind of nomination process that puts individuals’ selectors, indefinitely, into the “corporate store,” where your identity can start attracting other related datapoints like a magnet. The contact-chaining is just a way of identifying which people are sufficiently interesting to submit them to that constant, ongoing data collection.

SPCMA: The Other NSA Dragnet Sucking In Americans

I’ve done a lot of work on SPCMA — the authorization that, starting in 2008, permitted the NSA to contact chain on and through Americans with EO 12333 data, which was one key building block to restoring access to EO 12333 analysis on Americans that had been partly ended by the hospital confrontation, and which is where much of the metadata analysis affecting Americans has long happened. This was my first comprehensive post on it.

The August 20, 2008 Correlations Opinion

A big part of both FBI and NSA’s surveillance involves correlating identities — basically, tracking all the known identities a person uses on telephony and the Internet (and financially, though we see fewer details of that), so as to be able to pull up all activities in one profile (what Bill Binney once called “dossiers”). It turns out the FISC opinion authorizing such correlations is among the documents the government still refuses to release under FOIA. Even as I was writing the post Snowden was explaining how it works with XKeyscore.

A Yahoo! Lesson for USA Freedom Act: Mission Creep

This is another post I refer back to constantly. It shows that, between the time Yahoo first discussed the kinds of information they’d have to hand over under PRISM in August 2007 and the time they got directives during their challenge, the kinds of information they were asked for expanded into all four of its business areas. This is concrete proof that it’s not just emails that Yahoo and other PRISM providers turn over — it’s also things like searches, location data, stored documents, photos, and cookies.

FISCR Used an Outdated Version of EO 12333 to Rule Protect America Act Legal

Confession: I have an entire chapter of the start of a book on the Yahoo challenge to PRISM. That’s because so much about it embodied the kind of dodgy practices the government has, at the most important times, used with the FISA Court. In this post, I showed that the documents that the government provided the FISCR hid the fact that the then-current versions of the documents had recently been modified. Using the active documents would have shown that Yahoo’s key argument — that the government could change the rules protecting Americans anytime, in secret — was correct.

2015

Is CISA the Upstream Cyber Certificate NSA Wanted But Didn’t Really Get?

Among the posts I wrote on CISA, I noted that because the main upstream 702 providers have a lot of federal business, they’ll “voluntarily” scan on any known cybersecurity signatures as part of protecting the federal government. Effectively, it gives the government the certificate it wanted, but without any of the FISA oversight or sharing restrictions. The government has repeatedly moved collection to new authorities when FISC proved too watchful of its practices.

The FISA Court’s Uncelebrated Good Points

Many civil libertarians are very critical of the FISC. Not me. In this post I point out that it has policed minimization procedures, conducted real First Amendment reviews, taken notice of magistrate decisions and, in some cases, adopted the highest common denominator, and limited dissemination.

How the Government Uses Location Data from Mobile Apps

Following up on a Ron Wyden breadcrumb, I figured out that the government — under both FISA and criminal law — obtain location data from mobile apps. While the government still has to adhere to the collection standard in any given jurisdiction, obtaining the data gives the government enhanced location data tied to social media, which can implicate associates of targets as well as the target himself.

The NSA (Said It) Ate Its Illegal Domestic Content Homework before Having to Turn It in to John Bates

I’m close to being able to show that even after John Bates reauthorized the Internet metadata dragnet in 2010, it remained out of compliance (meaning NSA was always violating FISA in obtaining Internet metadata from 2002 to 2011, with a brief lapse). That case was significantly bolstered when it became clear NSA hastily replaced the Internet dragnet with obtaining metadata from upstream collection after the October 2011 upstream opinion. NSA hid the evidence of problems on intake from its IG.

FBI Asks for at Least Eight Correlations with a Single NSL

As part of my ongoing effort to catalog the collection and impact of correlations, I showed that the NSL Nick Merrill started fighting in 2004 asked for eight different kinds of correlations before even asking for location data. Ultimately, it’s these correlations as much as any specific call records that the government appears to be obtaining with NSLs.

2016

What We Know about the Section 215 Phone Dragnet and Location Data

During the lead-up to the USA Freedom Debate, the government leaked stories about receiving a fraction of US phone records, reportedly because of location concerns. The leaks were ridiculously misleading, in part because they ignored that the US got redundant collection of many of exactly the same calls they were looking for from EO 12333 collection. Yet in spite of these leaks, the few figured out that the need to be able to force Verizon and other cell carriers to strip location data was a far bigger reason to pass USAF than anything Snowden had done. This post laid out what was known about location data and the phone dragnet.

While It Is Reauthorizing FISA Amendments Act, Congress Should Reform Section 704

When Congress passed FISA Amendments Act, it made a show of providing protections to Americans overseas. One authority, Section 703, was for spying on people overseas with help of US providers, and another was for spying on Americans overseas without that help. By May 2016, I had spent some time laying out that only the second, which has less FISC oversight, was used. And I was seeing problems with its use in reporting. So I suggested maybe Congress should look into that?

It turns out that at precisely that moment, NSA was wildly scrambling to get a hold on its 704 collection, having had an IG report earlier in the year showing they couldn’t audit it, find it all, or keep it within legal boundaries. This would be the source of the delay in the 702 reauthorization in 2016, which led to the prohibition on about searches.

The Yahoo Scan: On Facilities and FISA

The discussion last year of a scan the government asked Yahoo to do of all of its users was muddled because so few people, even within the privacy community, understand how broadly the NSA has interpreted the term “selector” or “facility” that it can target for collection. The confusion remains to this day, as some in the privacy community claim HPSCI’s use of facility based language in its 702 reauthorization bill reflects new practice. This post attempts to explain what we knew about the terms in 2016 (though the various 702 reauthorization bills have offered some new clarity about the distinctions between the language the government uses).

2017

Ron Wyden’s History of Bogus Excuses for Not Counting 702 US Person Collection

Ron Wyden has been asking for a count of how many Americans get swept up under 702 for years. The IC has been inventing bogus explanations for why they can’t do that for years. This post chronicles that process and explains why the debate is so important.

The Kelihos Pen Register: Codifying an Expansive Definition of DRAS?

When DOJ used its new Rule 41 hacking warrant against the Kelihos botnet this year, most of the attention focused on that first-known usage. But I was at least as interested in the accompanying Pen Register order, which I believe may serve to codify an expansion of the dialing, routing, addressing, and signaling information the government can obtain with a PRTT. A similar codification of an expansion exists in the HJC and Lee-Leahy bills reauthorizing 702.

The Problems with Rosemary Collyer’s Shitty Upstream 702 Opinion

The title speaks for itself. I don’t even consider Rosemary Collyer’s 2017 approval of 702 certificates her worst FISA opinion ever. But it is part of the reason why I consider her the worst FISC judge.

It Is False that Downstream 702 Collection Consists Only of To and From Communications

I pointed out a number of things not raised in a panel on 702, not least that the authorization of EO 12333 sharing this year probably replaces some of the “about” collection function. Most of all, though, I reminded that in spite of what often gets claimed, PRISM is far more than just communications to and from a target.

UNITEDRAKE and Hacking under FISA Orders

A document leaked by Shadow Brokers reveals a bit about how NSA uses hacking on FISA targets. Perhaps most alarmingly, the same tools that conduct such hacks can be used to impersonate a user. While that might be very useful for collection purposes, it also invites very serious abuse that might create a really nasty poisonous tree.

A Better Example of Article III FISA Oversight: Reaz Qadir Khan

In response to Glenn Gerstell’s claims that Article III courts have exercised oversight by approving FISA practices (though the reality on back door searches is not so cut and dry), I point to the case of Reaz Qadir Khan where, as Michael Mosman (who happens to serve on FISC) moved towards providing a CIPA review for surveillance techniques, Khan got a plea deal.

The NSA’s 5-Page Entirely Redacted Definition of Metadata

In 2010, John Bates redefined metadata. That five page entirely redacted definition became codified in 2011. Yet even as Congress moves to reauthorize 702, we don’t know what’s included in that definition (note: location would be included).

FISA and the Space-Time Continuum

This post talks about how NSA uses its various authorities to get around geographical and time restrictions on its spying.

The Senate Intelligence Committee 702 Bill Is a Domestic Spying Bill

This is one of the most important posts on FISA I’ve ever written. It explains how in 2014, to close an intelligence gap, the NSA got an exception to the rule it has to detask from a facility as soon as it identifies Americans using the facility. The government uses it to collect on Tor and, probably VPN, data. Because the government can keep entirely domestic communications that the DIRNSA has deemed evidence of a crime, the exception means that 702 has become a domestic spying authority for use with a broad range of crimes, not to mention anything the Attorney General deems a threat to national security.

“Hype:” How FBI Decided Searching 702 Content Was the Least Intrusive Means

In a response to a rare good faith defense of FBI’s back door searches, I pointed out that the FBI is obliged to consider the least intrusive means of investigation. Yet, even while it admits that accessing content like that obtained via 702 is extremely intrusive, it nevertheless uses the technique routinely at the assessment level.

Other Key Posts Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

10 Years of emptywheel: Key Non-Surveillance Posts 2013-2015

10 Years of emptywheel: Key Non-Surveillance Posts 2016-2017

10 Years of emptywheel: Jim’s Dimestore

Are Trump’s Associates Forgoing Lawyers because They Expect Pardons?

One of the numerous topics over which Attorney General Jeff Sessions invoked non-executive executive privilege when he testified earlier this month was whether the Trump Administration has started discussing pardoning those who might be criminally exposed for their ties with Russia.

WARNER: To your knowledge, have any Department of Justice officials been involved with conversations about any possibility of presidential pardons about any of the individuals involved with the Russia investigation?

SESSIONS: Mr. Chairman, I’m not able to comment on conversations with high officials within the white house. That would be a violation of the communications rule that I have to —

WARNER: Just so I can understand, is the basis of that unwilling to answer based on executive privilege?

SESSIONS: It’s a long standing policy. The department of justice not to comment on conversations that the attorney general had with the president of the united States for confidential reasons that rounded in the coequal branch.

WARNER: Just so I understand, is that mean you claim executive privilege?

SESSIONS: I’m not claiming executive privilege because that’s the president’s power and I have no power there.

WARNER: What about conversations with other Department of Justice or White House officials about potential pardons? Not the president, sir.

SESSIONS: Without in any way suggesting I had any conversations concerning pardons, totally apart from that, there are privileges of communication within the department of justice that we share all of us do. We have a right to have full and robust debate within the Department of Justice and encourage people to speak up and argue cases on different sides. Those arguments are not — historically we have seen they shouldn’t be revealed.

WARNER: I hope you agree since you recused yourself that if the president or others would pardon someone during the midst of this investigation while our investigation or Mr. Mueller’s investigation, that would be problematic.

After I watched this testimony I predicted Trump would pardon someone — probably Mike Flynn — within three months of the day I made the prediction (which was roughly June 14).

I said that, in part, because of Sessions’ sheer arrogance when he was providing obviously false answers (most especially to Kamala Harris). Sessions had the giddy look of someone who knew he’d get away with whatever he was pulling, even beyond the kind of a look you’d expect from a southern white man talking to a woman of color.

But I also say that because some of the people most exposed in this affair have had at least initial conversations with the FBI without a lawyer. That’s true of Mike Flynn in his first interview with the FBI at the White House. (Flynn has since retained Robert Kelner.)

WHITEHOUSE: Do you know where that interview took place or under what circumstances?

YATES: I believe it took place at the White House.

WHITEHOUSE: The Flynn interview?

YATES: Yes.

WHITEHOUSE: OK. Do you know if Flynn was represented by council at the time?

YATES: I don’t believe he was.

And — according to a new WaPo story — that’s true of the 10 hours of questioning that Carter Page underwent in March.

Over a series of five meetings in March, totaling about 10 hours of questioning, Page repeatedly denied wrongdoing when asked about allegations that he may have acted as a kind of go-between for Russia and the Trump campaign, according to a person familiar with Page’s account.

The interviews with the FBI are the most extensive known questioning of a potential suspect in the probe of possible Russian connections to associates of President Trump. The questioning of Page came more than a month before the Russian investigation was put under the direction of Special Counsel Robert S. Mueller III.

Page confirmed Monday that the interviews occurred, calling them “extensive discussions.” He declined to say if he’s spoken to investigators since the March interviews.

[snip]

Because it is against the law for an individual to lie to FBI agents about a material issue under investigation, many lawyers recommend their clients not sit for interviews with the bureau without a lawyer present. Page said he spoke without a lawyer and wasn’t concerned about the risks because he told the truth.

Now, it may be that after getting these men to incriminate themselves, the FBI encouraged them to lawyer up so they could be flipped. Certainly, Sheldon Whitehouse appears to believe Flynn has done just that.

Still, the kind of arrogance that would lead men as exposed as they are to forgo a lawyer makes me wonder whether they’ve already been promised pardons?

Update: Meanwhile, the most likely Trump associate to get a pardon, father of his grandchildren Jared Kushner, just hired Abbe Lowell, while still retaining Jamie Gorelick.

Sheldon Whitehouse and the Russia Investigation Deconfliction

Laura Rozen has me worried.

She pointed to this CNN article — posted sometime this afternoon — describing Sheldon Whitehouse’s worries that the scope of the DOJ inquiry into Trump and Russia might conflict with the Congressional inquiries.

Sen. Sheldon Whitehouse, the top Democrat on a Judiciary subcommittee, told CNN Thursday that it’s possible Flynn is cooperating with the Justice Department — and that Capitol Hill has not been kept in the loop. He warned that congressional probes that have subpoenaed Flynn for records could undercut Mueller’s investigation if the former national security adviser is secretly working with the Justice Department as part of its broader investigation into possible collusion between Russian officials and Trump associates during the campaign season.

“There is at least a reasonable hypothesis that Mike Flynn is already cooperating with the DOJ investigation and perhaps even has been for some time,” said Whitehouse, a Rhode Island Democrat.

Whitehouse added he had no direct evidence to suggest that Flynn is cooperating with the Justice Department. But he said there is circumstantial evidence to suggest that it could be the case, saying Mueller must immediately detail the situation to “deconflict” with probes on the Hill to “make sure that congressional investigations aren’t inadvertently competing with DOJ criminal investigations.”

[snip]

The Rhode Island Democrat said there are number of factors that suggest Flynn is working the Justice Department in its probe. He pointed out that “all reporting indicates they’ve got him dead to rights on a false statement felony” in his private interview with the FBI over his conversations last year with Russian Ambassador Sergey Kislyak. He also noted that Flynn has gone silent and retroactively signed on as a foreign agent to Turkey. And he noted that a federal grand jury has been summoned and has issued subpoenas to Flynn associates.

“So none of that proves anything but it’s all consistent with the hypothesis that he’s already cooperating,” Whitehouse told CNN.

“But that’s certainly a hypothetical case of a time when we do need need this de-confliction apparatus in place to make sure that congressional investigations aren’t inadvertently competing DOJ criminal investigations.”

Now, in point of fact, that deconfliction has already happened — or at least started. That’s what a May 11 meeting between Rod Rosenstein, Richard Burr, and Mark Warner was described as at the time.

Rosenstein was tight-lipped as he entered and emerged from a secure facility Thursday on Capitol Hill, where he huddled with Senate Intelligence Committee Chairman Richard Burr (R-N.C.) and Vice Chairman Mark R. Warner (D-Va.). The senators said the meeting had been scheduled before Comey’s ouster to discuss “deconfliction” — keeping the FBI’s and committee’s investigations of alleged ties between the Trump campaign and the Russian government from stepping on each other’s toes.

According to reports, the meeting was scheduled before the Jim Comey ouster, so it should reflect the scope of what he was investigating, and therefore presumably resembles the scope of what Robert Mueller will investigate.

But there are three reasons why Whitehouse might be justified in worrying that Congress might fuck up what DOJ is investigating.

Obviously, the first is Mueller: the Comey firing might have reflected some new investigative approach (including Flynn immunity), or Mueller, because of the firing, might be scoping the investigation differently.

A second is jurisdiction. Whitehouse and Lindsey Graham have assumed jurisdiction over the Russia investigation for their subcommittee — and the Senate Judiciary Committee obviously should oversee the FBI. So it may be that former US Attorney Sheldon Whitehouse wants to have a deconflicting conversation for himself, because he knows how investigations work (and for all we know is getting tips from DOJ).

The other is another announcement from this afternoon: that the Senate Intelligence Committee had voted to give Chair Richard Burr and Vice Chair Mark Warner the ability to issue subpoenas themselves going forward, without consulting the committee.

The leaders of the Senate Intelligence Committee now have broad authority to issue subpoenas in the Russia investigation without a full committee vote, Chairman Richard Burr (R-N.C.) said Thursday.

The panel voted unanimously to give Burr and Vice Chairman Mark Warner (D-Va.) the blanket authority for the duration of the investigation into Russia’s election meddling and possible collusion with President Trump’s campaign.

The two Senate leaders must be in agreement in order to issue an order.

Now, as the article notes, thus far, the committee has asked for documents, not testimony. My suspicion is this might have more to do with ensuring Comey’s testimony — promised after Memorial Day — is “compelled” in such a way that DOJ can’t object.

Nevertheless, the power to subpoena does grant someone (like former Trump National Security Advisor Richard Burr) the ability to fuck with the DOJ investigation by potentially working at cross-purposes. To grant immunity (and therefore to fuck up the investigation as happened in Iran-Contra), I think Burr would still need the support of the committee.

Still, this still gives Burr far more power to thwart the investigation, with only Mark Warner (who unlike Whitehouse has never been a prosecutor) to prevent it.

In theory, I think Whitehouse is just pushing for jurisdiction (and for the ability to demand the same kind of deconfliction conversation Burr and Warner have gotten).

But upon reflection, I don’t think his concerns are entirely unjustified.

In any case, I trust Whitehouse (with whatever leftover ties he has to DOJ) to do this review more than Mark Warner.

Update: Burr told Bloomberg he has had a deconfliction conversation with Mueller.

Senate Intelligence Chairman Richard Burr, a Republican from North Carolina, said he has contacted Mueller to discuss their parallel probes of Russian meddling.

One Takeaway from the Five Takeaways from the Comey Hearing: Election 2016 Continues to Suffocate Oversight

The Senate Judiciary Committee had an oversight hearing with Jim Comey yesterday, which I live-tweeted in great depth. As you can imagine, most of the questions pertained either to Comey’s handing of the Hillary investigation and/or to the investigation into Russian interference in the election. So much so that The Hill, in its “Five Takeaways from Comey’s testimony,” described only things that had to do with the election:

  • Comey isn’t sorry (but he was “mildly nauseous” that his conduct may have affected the outcome)
  • Emotions over the election are still raw
  • Comey explains DOJ dynamic: “I hope someday you’ll understand”
  • The FBI may be investigating internal leaks
  • Trump, Clinton investigations are dominating FBI oversight

The Hill’s description of that third bullet doesn’t even include the “news” from Comey’s statement: that there is some still-classified detail, in addition to Loretta Lynch’s tarmac meeting with Bill Clinton and the intercepted Hillary aide email saying Lynch would make sure nothing happened with the investigation, that led Comey to believe he had to take the lead on the non-indictment in July.

I struggled as we got closer to the end of it with the — a number things had gone on, some of which I can’t talk about yet, that made me worry that the department leadership could not credibly complete the investigation and declined prosecution without grievous damage to the American people’s confidence in the — in the justice system.

As I said, it is true that most questions pertained to Hillary’s emails or Russia. Still, reports like this, read primarily by people on the Hill, has the effect of self-fulfilling prophecy by obscuring what little real oversight happened. So here’s my list of five pieces of actual oversight that happened.

Neither Grassley nor Feinstein understand how FISA back door searches work

While they primarily focused on the import of reauthorizing Section 702 (and pretended that there were no interim options between clean reauthorization and a lapse), SJC Chair Chuck Grassley and SJC Ranking Member Dianne Feinstein both said things that made it clear they didn’t understand how FISA back door searches work.

At one point, in a discussion of the leaks about Mike Flynn’s conversation with Sergey Kislyak, Grassley tried to suggest that only a few people at FBI would have access to the unmasked identity in those intercepts.

There are several senior FBI officials who would’ve had access to the classified information that was leaked, including yourself and the deputy director.

He appeared unaware that as soon as the FBI started focusing on either Kislyak or Flynn, a back door search on the FISA content would return those conversations in unmasked form, which would mean a significant number of FBI Agents (and anyone else on that task force) would have access to the information that was leaked.

Likewise, at one point Feinstein was leading Comey through a discussion of why they needed to have easy back door access to communication content collected without a warrant (so we don’t stovepipe anything, Comey said), she said, “so you are not unmasking the data,” as if data obtained through a back door search would be masked, which genuinely (and rightly) confused Comey.

FEINSTEIN: So you are not masking the data — unmasking the data?

COMEY: I’m not sure what that means in this context.

It’s raw data. It would not be masked. That Feinstein, who has been a chief overseer of this program for the entire time back door searches were permitted doesn’t know this, that she repeatedly led the effort to defeat efforts to close the back door loophole, and that she doesn’t know what it means that this is raw data is unbelievably damning.

Incidentally, as part of the exchange wit Feinstein, Comey said the FISA data sits in a cloud type environment.

Comey claims the government doesn’t need the foreign government certificate except to target spies

Several hours into the hearing, Mike Lee asked some questions about surveillance. In particular, he asked if the targeting certificates for 702 ever targeted someone abroad for purposes unrelated to national security. Comey seemingly listed off the certificates we do have — foreign government, counterterrorism, and counterproliferation, noting that cyber gets worked into other ones.

LEE: Yes. Let’s talk about Section 702, for a minute. Section 702 of the Foreign Intelligence Surveillance Amendments Act authorizes the surveillance, the use of U.S. signals surveillance equipment to obtain foreign intelligence information.

The definition includes information that is directly related to national security, but it also includes quote, “information that is relevant to the foreign affairs of the United States,” close quote, regardless of whether that foreign affairs related information is relevant to a national security threat. To your knowledge, has the attorney general or has the DNI ever used Section 702 to target individuals abroad in a situation unrelated to a national security threat?

COMEY: Not that I’m aware of. I think — I could be wrong, but I don’t think so, I think it’s confined to counterterrorism to espionage, to counter proliferation. And — those — those are the buckets. I was going to say cyber but cyber is fits within…

He said they don’t need any FG information except that which targets diplomats and spies.

LEE: Right. So if Section 702 were narrowed to exclude such information, to exclude information that is relevant to foreign affairs, but not relevant to a national security threat, would that mean that the government would be able to obtain the information it needs in order to protect national security?

COMEY: Would seem so logically. I mean to me, the value of 702 is — is exactly that, where the rubber hits the road in the national security context, especially counterterrorism, counter proliferation.

I assume that Comey said this because the FBI doesn’t get all the other FG-collected stuff in raw form and so isn’t as aware that it exists. I assume that CIA and NSA, which presumably use this raw data far more than FBI, will find a way to push back on this claim.

But for now, we have the FBI Director stating that we could limit 702 collection to national security functions, a limitation that was defeated in 2008.

Comey says FBI only needs top level URLs for ECTR searches

In another exchange, Lee asked Comey about the FBI’s continued push to be able to get Electronic Communication Transaction Records. Specifically, he noted that being able to get URLs means being able to find out what someone was reading.

In response, Comey said he thought they could only get the top-level URL.

After some confusion that revealed Comey’s lie about the exclusion of ECTRs from NSLs being just a typo, Comey said FBI did not need any more than the top domain, and Lee answered that the current bill would permit more than that.

LEE: Yes. Based on the legislation that I’ve reviewed, it’s not my recollection that that is the case. Now, what — what I’ve been told is that — it would not necessarily be the policy of the government to use it, to go to that level of granularity. But that the language itself would allow it, is that inconsistent with your understanding?

COMEY: It is and my understanding is we — we’re not looking for that authority.

LEE: You don’t want that authority…

(CROSSTALK)

COMEY: That’s my understanding. What — what we’d like is, the functional equivalent of the dialing information, where you — the address you e-mailed to or the — or the webpage you went to, not where you went within it.

This exchange should be useful for limiting any ECTR provision gets rushed through to what FBI claims it needs.

The publication of (US) intelligence information counts as intelligence porn and therefore not journalism

Ben Sasse asked Comey about the discussion of indicting Wikileaks. Comey’s first refusal to answer whether DOJ would indict Wikileaks led me to believe they already had.

I don’t want to confirm whether or not there are charges pending. He hasn’t been apprehended because he’s inside the Ecuadorian embassy in London.

But as part of that discussion, Comey explained that Wikileaks’ publication of loads of classified materials amounted to intelligence porn, which therefore (particularly since Wikileaks didn’t call the IC for comment first, even though they have in the past) meant they weren’t journalism.

COMEY: Yes and again, I want to be careful that I don’t prejudice any future proceeding. It’s an important question, because all of us care deeply about the First Amendment and the ability of a free press, to get information about our work and — and publish it.

To my mind, it crosses a line when it moves from being about trying to educate a public and instead just becomes about intelligence porn, frankly. Just pushing out information about sources and methods without regard to interest, without regard to the First Amendment values that normally underlie press reporting.

[snip]

[I]n my view, a huge portion of WikiLeaks’s activities has nothing to do with legitimate newsgathering, informing the public, commenting on important public controversies, but is simply about releasing classified information to damage the United States of America. And — and — and people sometimes get cynical about journalists.

American journalists do not do that. They will almost always call us before they publish classified information and say, is there anything about this that’s going to put lives in danger, that’s going to jeopardize government people, military people or — or innocent civilians anywhere in the world.

I’ll write about this more at length.

Relatedly (though technically a Russian investigation detail), Comey revealed that the investigation into Trump ties to Russia is being done at Main Justice and EDVA.

COMEY: Yes, well — two sets of prosecutors, the Main Justice the National Security Division and the Eastern District of Virginia U.S. Attorney’s Office.

That makes Dana Boente’s role, first as Acting Attorney General for the Russian investigation and now the Acting Assistant Attorney General for National Security, all the more interesting, as it means he is the person who can make key approvals related to the investigation.

I don’t have any problem with him being chosen for these acting roles. But I think it supremely unwise to effectively eliminate levels of oversight on these sensitive cases (Russia and Wikileaks) by making the US Attorney already overseeing them also the guys who oversees his own oversight of them.

The US is on its way to becoming the last haven of shell corporations

Okay, technically these were Sheldon Whitehouse and Amy Klobuchar comments about Russia. But as part of a (typically prosecutorial) line of questioning about things related to the Russian investigation, Whitehouse got Comey to acknowledge that as the EU tries to crack down on shell companies, that increasingly leaves the US as the remaining haven for shell companies that can hide who is paying for things like election hacks.

WHITEHOUSE: And lastly, the European Union is moving towards requiring transparency of incorporations so that shell corporations are harder to create. That risks leaving the United States as the last big haven for shell corporations. Is it true that shell corporations are often used as a device for criminal money laundering?

COMEY: Yes.

[snip]

WHITEHOUSE: What do you think the hazards are for the United States with respect to election interference of continuing to maintain a system in which shell corporations — that you never know who’s really behind them are common place?

COMEY: I suppose one risk is it makes it easier for illicit money to make its way into a political environment.

WHITEHOUSE: And that’s not a good thing.

COMEY: I don’t think it is.

And Klobuchar addressed the point specifically as it relates to high end real estate (not mentioning that both Trump and Paul Manafort have been alleged to be involved in such transactions).

There have been recent concerns that organized criminals, including Russians, are using the luxury real estate market to launder money. The Treasury Department has noted a significant rise in the use of shell companies in real estate transactions, because foreign buyers use them as a way to hide their identity and find a safe haven for their money in the U.S. In fact, nearly half of all homes in the U.S. worth at least $5 million are purchased using shell companies.

Does the anonymity associated with the use of shell companies to buy real estate hurt the FBI’s ability to trace the flow of illicit money and fight organized crime? And do you support efforts by the Treasury Department to use its existing authority to require more transparency in these transactions?

COMEY: Yes and yes.

It’s a real problem, and not just because of the way it facilitates election hacks, and it’d be nice if Congress would fix it.

Why We Should Remain Skeptical of the Five (!!) Congressional Investigations into the Russian Hack

I was interviewed (on Thursday) about the Flynn resignation and larger investigation into the Russia hack for Saturday’s On the Media. In what made the edit, I made one error (which I’ll explain later), but a key point I made holds. The leaking about Flynn and other Russian events are hypocritical and out of control. But they may create pressure to fix two problems with the current investigations into the Russian hack: the role of Jeff Sessions overseeing the DOJ-led investigations, and the role of Trump advisory officials Devin Nunes and Richard Burr overseeing the most appropriate congressional investigations.

In this post I’ll look at the latter conflicts. In a follow-up I’ll look at what the FBI seems to be doing.

As I noted in the interview, contrary to what you might think from squawking Democrats, there are five congressional investigations pertaining to Russian hacks, though some will likely end up focusing on prospective review of Russian hacking (for comparison, there were seven congressional Benghazi investigations). They are:

  • Senate Intelligence Committee: After months of Richard Burr — who served on Trump’s campaign national security advisory council — saying an inquiry was not necessary and going so far as insisting any inquiry wouldn’t review the dossier leaked on Trump, SSCI finally agreed to do an inquiry on January 13. Jim Comey briefed that inquiry last Friday, February 17.
  • House Intelligence Committee: In December, James Clapper refused to brief the House Intelligence Committee on the latest intelligence concluding Russian hacked the DNC with the goal of electing Trump, noting that HPSCI had been briefed all along (as was clear from some of the leaks, which clearly came from HPSCI insiders). In January, they started their own investigation of the hack, having already started fighting about documents by late January. While Ranking Democratic Member Adam Schiff has long been among the most vocal people complaining about the treatment of the hack, Devin Nunes was not only a Trump transition official, but made some absolutely ridiculous complaints after Mike Flynn’s side of some conversations got legally collected in a counterintelligence wiretap. Nunes has since promised to investigate the leaks that led to Flynn’s forced resignation.
  • Senate Armed Services Committee: In early January, John McCain announced he’d form a new subcommittee on cybersecurity, with the understanding it would include the Russian hack in its focus. Although he originally said Lindsey Graham would lead that committee, within weeks (and after Richard Burr finally capitulated and agreed to do a SSCI inquiry), McCain instead announced Mike Rounds would lead it.
  • Senate Foreign Relations Committee: In December, Bob Corker announced the SFRC would conduct an inquiry, scheduled to start in January. At a hearing in February, the topic came up multiple times, and both Corker and Ben Cardin reiterated their plans to conduct such an inquiry.
  • Senate Judiciary Subcommittee on Crime and Terrorism: After Graham was denied control of the SASC panel, he and Sheldon Whitehouse announced they’d conduct their own inquiry, including a prospective review of “the American intelligence community’s assessment that Russia did take an active interest and play a role in the recent American elections.”

All the while, some Senators — McCain, Graham, Chuck Schumer, and Jack Reed — have called for a Select Committee to conduct the investigation, though in true McCainesque fashion, the maverick has at times flip-flopped on his support of such an inquiry.

Also, while not an investigation, on February 9, Jerry Nadler issued what I consider (strictly as it relates to the Russian hack, not the other conflicts) an ill-advised resolution of inquiry calling for the Administration to release materials relating to the hack, among other materials. Democrats in both the House and Senate have introduced legislation calling for an independent commission, but have gotten no support even from the mavericky Republicans.

As you can see from these descriptions, it took pressure from other committees, especially Lindsey Graham getting control of one of the inquiries, before Richard Burr let himself be convinced by SSCI Vice Chair Mark Warner to conduct an inquiry. Thus far, Mitch McConnell has staved off any Select Committee. As soon as SSCI did claim to be launching an investigation, a bunch of Republicans tried to shut down the others, claiming it was all simply too confusing.

Let me be clear: as I noted in the OTM interview, the intelligence committees are the appropriate place to conduct this investigation, as it concerns really sensitive counterintelligence matters — people who could be witnesses to it are getting killed! — and an ongoing investigation. The only way to conduct a responsible inquiry is to do so in secret, and unless a select committee with clearance is formed, that means doing so in the dysfunctional intelligence committees.

That’s made worse by Nunes and Burr’s obvious conflicts, having served on Trump’s pre-inauguration advisory teams (at a time when Mike Flynn was chatting about ongoing sanctions with Russia), and their equally obvious disinterest in conducting the investigation. Remember that the intelligence committees successfully bolloxed up the independent investigation into Iran-Contra. While neither Nunes nor Burr is as smart as Dick Cheney, who had a key role in that intentional bolloxing, Democrats should be cognizant of the ways that such bolloxing has happened in the past.

And now that SSCI has finally started its inquiry, Ali Watkins published an uncharacteristically credulous report on Burr’s role in the investigation, slathering on the colorful vocabulary — “brutally yanked;” “underground cohort;” “dark shadow of Langley;” “Wearily, they’re trudging forward on a probe littered with potential political landmines;” — before portraying the allegedly difficult position Burr is in:

That he’s now in charge of the sweeping Russia inquiry puts the North Carolina Republican in between a rock and a hard place. Since taking over the helm of the intelligence committee, Burr has pressed for more active and aggressive oversight, and has kept a rigorous travel schedule to match. But his decisive reelection victory in November came at a cost — throughout the contentious race, Burr towed Trump’s line, and hasn’t yet directly criticized the White House publicly.

But Burr has shown no indication that he’s ever angled for a Trump administration job, and says he’s not running for re-election. How seriously he takes his obligation to carry his president’s water remains to be seen.

Burr has been slammed by colleagues in recent days, who fear he’s slow-rolling an investigation into a fast-moving story. But much of the inquiry’s slow start was due to bureaucratic wrangling — some intelligence agencies insisted products be viewed on site rather than sent to the Hill, and some of the intelligence was so tightly controlled that it was unclear if staffers could even view it.

This is just spin. There is abundant public record that Burr has thwarted oversight generally (he has said things supporting that stance throughout his history on both the Senate and House Intelligence Committee, even ignoring his role in covering up torture, and Watkins’ earlier incorrect claims about Burr’s open hearings remain only partly corrected). There is no mention in this article that Burr was on Trump’s national security advisory committee. Nor that SSCI had reason to do hearings about this hack well before January 2017, back when it might have made a difference — at precisely the time when Burr apparently had time to advise Trump about national security issues as a candidate. Plus, it ignores all the things laid out here, Burr’s continued equivocation about whether there should even be a hearing.

There is no reason to believe Burr or Nunes intend to have a truly rigorous investigation (bizarrely, Warner seems to have had more success pushing the issue than Schiff — or Dianne Feinstein when she was Vice Chair — though that may be because the Ranking position is stronger in the Senate than in the House). And history tells us we should be wary that their investigations will be counterproductive.

As I noted, on Friday — the Friday before a recess — Jim Comey briefed the SSCI on the Russian hack. That briefing was unusual for the date (regular SSCI meetings happen on Tuesday and Thursday, and little business of any kinds happens right before a recess). Reporters have interpreted that, along with the presumed silence about the content of the briefing, as a sign that things are serious. That may be true — or it may be that that was the only time a 3-hour briefing could be scheduled. In the wake of the briefing, it was reported that the SSCI sent broad preservation requests tied to the inquiry (that is, they sent the request long after the inquiry was started). And while the press has assumed no one is talking, the day after the briefing, Reuters reported outlines of at least three parts of the FBI investigation into the Russian hack, attributed to former and current government officials.

Stephen Miller’s and Trump’s Gross Re-Politicization of DOJ

There was some legitimate concern about inappropriate machination of the Department of Justice when Trump named and confirmed Jeff Sessions as his Attorney General. Typical discussion followed this by Isaac Arnsdorf at Politico:

Donald Trump suggested on the campaign trail that he could use the Justice Department to fulfill his political agenda, taunting Hillary Clinton by threatening to throw her in jail over her email scandal.

Now, Sen. Jeff Sessions, Trump’s pick for attorney general, will have to decide whether to follow his predecessors by vowing to not let politics drive the DOJ’s decision-making.

That was one, and a serious, level of concern. Today we find said concern not close to being deep enough as to how the Trump White House would try to run Justice as merely a lever of their extreme politics.

But, via the New York Daily News, comes a little noticed, and truly frightening report of just how renegade and ridiculous the “fine tuned machine” the Trump White House is determined to be in politicizing the DOJ. In an article captioned “Stephen Miller called Brooklyn U.S. Attorney at home and told him how to defend travel ban in court”, comes the stunning news that:

In the chaotic hours after President Trump signed on a Friday afternoon the sloppily written executive order meant to fulfill his Muslim ban campaign promise, Stephen Miller called the home of Robert Capers to dictate to the U.S. Attorney for the Eastern District how he should defend that order at a Saturday emergency federal court hearing.

That’s according to a federal law enforcement official with knowledge of the call, which happened as Department of Justice attorneys cancelled plans, found babysitters and rushed back to their Brooklyn office to try and find out what exactly it was they were defending and who was being affected by it — how many people were already being held in America, how many were being barred from arriving here and the exact status of each person.

The full article at the NYDN is mandatory reading, but let that sink in for a second. 31 year old Stephen Miller, a wet behind the ears extreme right wing ideologue with white nationalist leanings and NO, repeat NO legal training, much less law degree, called up a United States Attorney – at home! – to “dictate” how the DOJ would operate in an emergency litigation situation in an United States District Court.

Stunning is too weak of a response. Shocking is insufficient. It is actually hard to know what the proper words for this are.

I asked Matthew A. Miller, former OPA head under the Obama DOJ for a thought on the implications of Stephen Miller’s hubris in this instance. His reply was:

The last time a White House started dictating demands to U.S. attorneys, the sitting Attorney General had to resign in disgrace. This raises yet another in a series of questions about whether the Sessions Justice Department will be independent from the Trump White House.

Exactly. I would have said “unprecedented” above along with “stunning” and “shocking”, but for what occurred during a period of the Bush/Cheney regime when the interaction and control of the DOJ from the White House was extreme. And, ultimately, blown up as beyond unacceptable and appropriate by more reasoned minds and authorities. And, I might add, substantially due to the Fourth Estate of the press, that Trump blithely and ignorantly describes as “enemies of the American people”.

Yes, it is really that important of a moment now with Stephen Miller (note: NO relation to Matthew A. Miller) and the extreme hubris and lack of institutional awareness, competence or control, and obvious disdain for any, by the Trump Administration.

Back in 2007 Senator Sheldon Whitehouse created, and displayed at a Senate hearing, a stunning graphic displaying the shocking difference between communication between the Clinton White House and DOJ, and the ridiculous political input that the Bush Cheney White House had to DOJ.

With the grossly inappropriate statements of President Donald Trump as to how “he” will direct prosecutions of political enemies and other criminal and military defendants, leakers and others, to the literally insane conduct of Stephen Miller here, it is time to remember Senator Whitehouse’s chart.

It is also time to wonder if Sheldon Whitehouse and other members of the Senate Judiciary Committee have the cojones to take the fight for the Constitution and integrity of the justice system once again to a renegade White House. And the Trump White House has quickly made the Bush/Cheney White house look better in the rear view mirror, as truly craven as they were.

And, yes, the situation is exactly that dire if you recall the same Stephen Miller, being sent out and directed to all the Sunday political shows to declare and mandate that:

“…our opponents, the media and the whole world will soon see as we begin to take further actions, that the powers of the president to protect our country are very substantial and will not be questioned.”

This is straight up an Article II Branch declaration of pure tyranny by Stephen Miller and Trump. This is a serious problem, and this is an Administration making good on its promise and determination in that regard.

CISA Update: Cloture Passed, Masters of the Universe and Sheldon Whitehouse Agree on Compromise

This morning, the Senate voted in favor of cloture on the new (this morning) manager’s amendment on CISA.

Here’s the roll call, which was a blowout. Votes against cloture were:

  • Baldwin (WI)
  • Booker (NJ)
  • Brown (OH)
  • Coons (DE)
  • Franken (MN)
  • Leahy (VT)
  • Markey (MA)
  • Menendez (NJ)
  • Merkley (OR)
  • Paul (KY)
  • Sanders (VT)
  • Udall (NM)
  • Warren (MA)
  • Wyden (OR)

Rand Paul’s amendment — requiring companies to adhere to their contract with customers — failed by a two-thirds margin (I will update with roll call when it’s posted).

One significant change in today’s manager’s amendment was that Sheldon Whitehouse’s crappy CFAA amendment got replaced in its entirety with this language:

SEC. 408. STOPPING THE FRAUDULENT SALE OF FINANCIAL INFORMATION OF PEOPLE OF THE UNITED STATES.

Section 1029(h) of title 18, United States Code, is amended by striking ‘‘title if—’’ and all that follows through ‘‘therefrom.’’ and inserting ‘‘title if the offense involves an access device issued, owned, managed, or controlled by a financial institution, account issuer, credit card system member, or other entity organized under the laws of the United States, or any State, the District of Columbia, or other Territory of the United States.’’

This basically protects Americans’ data if the data is owned by a US entity, regardless of where the attack on it was launched from (which was the unoffensive part of Whitehouse’s CFAA amendment). Given what Tom Carper said yesterday, we still need to be vigilant against it returning in conference, but for now this is a solid compromise.

 

Sheldon Whitehouse’s Horrible CFAA Amendment Gets Pulled — But Will Be Back in Conference

As I noted yesterday, Ron Wyden objected to unanimous consent on CISA yesterday because Sheldon Whitehouse’s crappy amendment, which makes the horrible CFAA worse, was going to get a vote. Yesterday, it got amended, but as CDT analyzed, it remains problematic and overbroad.

This afternoon, Whitehouse took to the Senate floor to complain mightily that his amendment had been pulled — presumably it was pulled to get Wyden to withdraw his objections. Whitehouse complained as if this were the first time amendments had not gotten a vote, though that happens all the time with amendments that support civil liberties. He raged about the Masters of the Universe who had pulled his amendment, and suggested a pro-botnet conference had forced the amendment to be pulled, rather than people who have very sound reasons to believe the amendment was badly drafted and dangerously expanded DOJ’s authority.

For all Whitehouse’s complaining, though, it’s likely the amendment is not dead. Tom Carper, who as Ranking Member of the Senate Homeland Security Committee would almost certainly be included in any conference on the bill, rose just after Whitehouse. He said if the provision ends up in the bill, “we will conference, I’m sure, with the House and we will have an opportunity to revisit this, so I just hope you’ll stay in touch with those of us who might be fortunate enough to be a conferee.”