Posts

Why I Left The Intercept: The Surveillance Story They Let Go Untold for 15 Months

The Intercept has a long, must-read story from James Risen about the government’s targeting of him for his reporting on the war on terror. It’s self-serving in many ways — there are parts of his telling of the Wen Ho Lee, the Valerie Plame, and the Jeffrey Sterling stories he leaves out, which I may return to. But it provides a critical narrative of DOJ’s pursuit of him. He describes how DOJ tracked even his financial transactions with his kids (which I wrote about here).

The government eventually disclosed that they had not subpoenaed my phone records, but had subpoenaed the records of people with whom I was in contact. The government obtained my credit reports, along with my credit card and bank records, and hotel and flight records from my travel. They also monitored my financial transactions with my children, including cash I wired to one of my sons while he was studying in Europe.

He also reveals that DOJ sent him a letter suggesting he might be a subject of the investigation into Stellar Wind.

But in August 2007, I found out that the government hadn’t forgotten about me. Penny called to tell me that a FedEx envelope had arrived from the Justice Department. It was a letter saying the DOJ was conducting a criminal investigation into “the unauthorized disclosure of classified information” in “State of War.” The letter was apparently sent to satisfy the requirements of the Justice Department’s internal guidelines that lay out how prosecutors should proceed before issuing subpoenas to journalists to testify in criminal cases.

[snip]

When my lawyers called the Justice Department about the letter I had received, prosecutors refused to assure them that I was not a “subject” of their investigation. That was bad news. If I were considered a “subject,” rather than simply a witness, it meant the government hadn’t ruled out prosecuting me for publishing classified information or other alleged offenses.

But a key part of the story lays out the NYT’s refusals to report Risen’s Merlin story and its reluctance — until Risen threatened to scoop him with his book — to publish the Stellar Wind one.

Glenn Greenwald is rightly touting the piece, suggesting that the NYT was corrupt for acceding to the government’s wishes to hold the Stellar Wind story. But in doing so he suggests The Intercept would never do the same.

That’s not correct.

One of two reasons I left The Intercept is because John Cook did not want to publish a story I had written — it was drafted in the content management system — about how the government uses Section 702 to track cyberattacks. Given that The Intercept thinks such stories are newsworthy, I’m breaking my silence now to explain why I left The Intercept.

I was recruited to work with First Look before it was publicly announced. The initial discussions pertained to a full time job, with a generous salary. But along the way — after Glenn and Jeremy Scahill had already gotten a number of other people hired and as Pierre Omidyar started hearing from friends that the effort was out of control — the outlet decided that they were going to go in a different direction. They’d have journalists — Glenn and Jeremy counted as that. And they’d have bloggers, who would get paid less.

At that point, the discussion of hiring me turned into a discussion of a temporary part time hire. I should have balked at that point. What distinguishes my reporting from other journalists — that I’m document rather than source-focused (though by no means exclusively), to say nothing of the fact that I was the only journalist who had read both the released Snowden documents and the official government releases — should have been an asset to The Intercept. But I wanted to work on the Snowden documents, and so I agreed to those terms.

There were a lot of other reasons why, at that chaotic time, working at The Intercept was a pain in the ass. But nevertheless I set out to write stories I knew the Snowden documents would support. The most important one, I believed, was to document how the government was using upstream Section 702 for cybersecurity — something it had admitted in its very first releases, but something that it tried to hide as time went on. With Ryan Gallagher’s help, I soon had the proof of that.

The initial hook I wanted to use for the story was how, in testimony to PCLOB, government officials misleadingly suggested it only used upstream to collect on things like email addresses.

Bob Litt:

We then target selectors such as telephone numbers or email addresses that will produce foreign intelligence falling within the scope of the certifications.

[snip]

It is targeted collection based on selectors such as telephone numbers or email addresses where there’s reason to believe that the selector is relevant to a foreign intelligence purpose.

[snip]

It is also however selector-based, i.e. based on particular phone numbers or emails, things like phone numbers or emails.

Raj De:

Selectors are things like phone numbers and email addresses.

[snip]

A term like selector is just an operational term to refer to something like an email or phone number, directive being the legal process by which that’s effectuated, and tasking being the sort of internal government term for how you start the collection on a particular selector.

[snip]

So all collection under 702 is based on specific selectors, things like phone numbers or email addresses.

Brad Wiegmann:

A selector would typically be an email account or a phone number that you are targeting.

[snip]

So that’s when we say selector it’s really an arcane term that people wouldn’t understand, but it’s really phone numbers, email addresses, things like that.

[snip]

So putting those cases aside, in cases where we just kind of get it wrong, we think the email account or the phone is located overseas but it turns out that that’s wrong, or it turns out that we think it’s a non-U.S. person but it is a  U.S. person, we do review every single one to see if that’s the case.

That PCLOB’s witnesses so carefully obscured the fact that 702 is used to collect cybersecurity and other IP-based or other code collection is important for several reasons. First, because collection on a chat room or an encryption key, rather than an email thread, has very different First Amendment implications than collecting on the email of a target. But particularly within the cybersecurity function, identifying foreignness is going to be far more difficult to do because cyberattacks virtually by definition obscure their location, and you risk collecting on victims (whether they are hijacked websites or emails, or actual theft victims) as well as the perpetrator.

Moreover, the distinction was particularly critical because most of the privacy community did not know — many still don’t — how NSA interpreted the word “facility,” and therefore was missing this entire privacy-impacting aspect of the program (though Jameel Jaffer did raise the collection on IP addresses in the hearing).

I had, before writing up the piece, done the same kind of iterative work (one, two, three) I always do; the last of these would have been a worthy story for The Intercept, and did get covered elsewhere. That meant I had put in close to 25 hours working on the hearing before I did other work tied to the story at The Intercept.

I wrote up the story and started talking to John Cook, who had only recently been brought in, about publishing it. He told me that the use of 702 with cyber sounded like a good application (it is!), so why would we want to expose it. I laid out why it would be questionably legal under the 2011 John Bates opinion, but in any case would have very different privacy implications than the terrorism function that the government liked to harp on.

In the end, Cook softened his stance against spiking the story. He told me to keep reporting on it. But in the same conversation, I told him I was no longer willing to work in a part time capacity for the outlet, because it meant The Intercept benefitted from the iterative work that was as much a part of my method as meetings with sources that reveal no big scoop. I told him I was no longer willing to work for The Intercept for free.

Cook’s response to that was to exclude me from the first meeting at which all Intercept reporters would be meeting. The two things together — the refusal to pay me for work and expertise that would be critical to Intercept stories, as well as the reluctance to report what was an important surveillance story, not to mention Cook’s apparent opinion I was not a worthy journalist — are why I left.

And so, in addition to losing the person who could report on both the substance and the policy of the spying that was so central to the Snowden archives, the story didn’t get told until 15 months later, by two journalists with whom I had previously discussed 702’s cybersecurity function specifically with regards to the Snowden archive. In the interim period, the government got approval for the Tor exception (which I remain the only reporter to have covered), an application that might have been scrutinized more closely had the privacy community been discussing the privacy implications of collecting location-obscured data in the interim.

As recently as November, The Intercept asked me questions about how 702 is actually implemented because I am, after all, the expert.

So by all means, read The Intercept’s story about how the NYT refused to report on certain stories. But know that The Intercept has not always been above such things itself. In 2014 it was reluctant to publish a story the NYT thought was newsworthy by the time they got around to publishing it 15 months later.

Merlin Was Reading James Risen in 1999

On March 16, 1999, Jeffrey Sterling met with Merlin, the Russian scientist Sterling was trying to get to establish ties with Iran so he could hand off a nuclear blueprint. (Exhibit 22) Merlin seemed to be getting impatient — and perhaps a little insulted — that the Iranians he was approaching weren’t showing more interest in his 20 year experience as a Russian nuclear engineer. So he made an utterly bizarre suggestion.

[M] then suggested that in some of his future messages, he may make mention of the recent revelation that another country had secured nuclear secrets from the U.S. [M]’s reasoning was that others now see that it is possible to obtain nuclear secrets which can advance their programs, and that the project can build upon that supposition to entice the Iranians. [Sterling] lauded [M] for his thinking but said some thought would need to be given to such a proposition prior to [M] implementing it.

Merlin has to be referring to the stories about Wen Ho Lee which started appearing on page one of the NYT starting on March 6, 1999. (Remember, too, that Merlin lived in the NY area, so if he read this in the dead tree version — as most people still read newspapers in 1999 — he most likely read it in the NYT.)

Those stories were written by James Risen.

Which is strong evidence that Merlin was reading Risen as far back as 1999.

Merlin’s suggestion — that he, a CIA asset, entice Iran to accept his Russian blueprint by pointing out that China had allegedly jump-started its own nuclear weapon program by stealing blueprints from the US — reveals just how unclear on the concept of the operation Merlin was. After all, it had to have been suspicious enough to Iran that a Russian who had moved to the US was seeking to deal blueprints (it’s unclear whether the blueprints were ultimately in English or Russian). Any suggestion that the Iranians would thereby be getting US, as opposed to Russian, technology should have alarmed them greatly.

It’s also, of course, a bizarre commentary on the arc of Risen’s career, that the main character in a future book of his would be monitoring nuclear developments by reading Risen. Risen, of course, managed to protect his sources in both cases, in a series that unfairly identified Wen Ho Lee as a Chinese spy and in a book that raised real questions about what our nuclear establishment was doing.

I’m still waiting for Merlin’s transcript on this point, but his wife was asked whether she and her husband knew of or knew Risen. “I start to know about Jim Risen after he wrote the book,” Mrs. Merlin testified on the stand in her imperfect English. She went further, asserting that her husband did not know (it’s unclear whether she meant “of,” or “personally”) before, either. Given how much of the Wen Ho Lee story was driven by Risen between March 6 and March 16, 1999, Merlin probably had known “of” Risen for years before Risen started reporting on the operation that we now refer to by Merlin’s codename.

And yet, I’m fairly certain, the fact that Merlin offered up Risen reporting to the man now convicted of having leaked to Risen, Jeffrey Sterling, 4 years before that leak began, never got mentioned at the trial.

Hatfill and Wen Ho Lee and Plame and al-Awlaki and Assange

Last night I appeared on a panel on the Scooter Libby case. It was Judge Reggie Walton, Peter Zeidenberg, Alexandra Walsh from the Libby team, Lee Levine (who represented Andrea Mitchell and Tim Russert), Walter Pincus and I.

The panel itself was good. My high point came after Walsh had explained why the Defense had argued that bloggers might embarrass the nice people who had written leniency letters for Libby. I said, “well I was flattered we were considered such a threat. But there were at least three people who submitted letters who were implicated in the case. And I was shocked that I was one of only two or three people who demonstrated the many conflicts of those who wrote letters.”

But I also had several weird moments when we were talking about reporter’s privilege, when I was acutely aware that I was sitting between Judge Walton–who had forced journalists to reveal who had blamed Steven Hatfill for the anthrax case [see Jim White’s post for an update on the anthrax case]–and Walter Pincus–who said he had had eight or nine sources for his stories implicating Wen Ho Lee in security leaks. Walton made the very good point that if he hadn’t held AP reporter Toni Locy in contempt, then Hatfill might not have gotten the huge settlement he did for having had DOJ ruin his life. Walton’s comment suggested he had had to choose between reporter’s privilege or government impunity for attacking one of its citizens.

The collection of people sitting there had all touched on three major cases recently where the government had ruined civil servant’s lives and then hid behind reporter’s privilege to try to get away with it.

I had that in mind when I read this Jay Rosen piece, in which he suggests the behavior best incarnated by the Judy Miller-Michael Gordon aluminum tubes story created the need for Wikileaks.

The aluminum tube story, Rosen suggests, marks the moment when top journalists came to see their role as simply repeating what the government said.

This was the nadir. This was when the watchdog press fell completely apart: On that Sunday when Bush Administration officials peddling bad information anonymously put the imprimatur of the New York Times on a story that allowed other Bush Administration officials to dissemble about the tubes and manipulate fears of a nuclear nightmare on television, even as they knew they were going to war anyway.

The government had closed circle on the press, laundering its own manipulated intelligence through the by-lines of two experienced reporters, smuggling the deed past layers of editors, and then marching it like a trained dog onto the Sunday talk shows to perform in a lurid doomsday act.

Rosen argues that the NYT was not only on the wrong side of the facts with that story, but also on the wrong side of secrecy.

But it has never been recognized that secrecy was itself a bad actor in the events that led to the collapse, that it did a lot of damage, and that parts of it might have to go. Our press has never come to terms with the ways in which it got itself on the wrong side of secrecy as the national security state swelled in size after September 11th. (I develop this point in a fuller way in my 14-min video, here.)

The failures of skepticism back then, Rosen argues, creates the need or opportunity for Julian Assange today.

Radical doubt, which is basic to understanding what drives Julian Assange, was impermissible then. One of the consequences of that is the appeal of radical transparency today

Now, I think Rosen actually misses a key step here: from where the press sees itself as the neutral conduit of what the government is thinking, to where the press thinks its leaks from the government can stand-in for due process in the Anwar al-Awlaki case, and from there to Assange. Read more

Steven Hatfill’s Lawyer Asks Some Questions

I have very mixed feelings about Steven Hatfill’s suit against those who leaked that he was a person of interest in the anthrax investigation. Unlike his lawyer, I’m not sure the federal officials who spoke to reporters broke the law (indeed, you could argue that some of them were trying to tamp down suspicion about Hatfill). Further, I disagree with Judge Walton that there’s not a scintilla of evidence against Hatfill. Nevertheless, I think Hatfill’s lawyer, Mark Grannis, asks some worthwhile questions.

First, should people like Steven Hatfill — that is, people injured by government leaks — have a remedy at law, and if so, what? It is not clear how victims like Dr. Hatfill can ever be made whole, if leakers and reporters join in a conspiracy of silence. Senators should expect a better explanation on this point before they make it impossible for courts to enforce the federal Privacy Act.

Second, how can the arguments and behavior of journalists in a case such as this be reconciled with the profession’s self-image as the public watchdog, bringing accountability to government? The public officials who leaked investigative information to Ms. Locy broke the law, ruined an innocent man, and violated the public trust. Shouldn’t our watchdog bark or something?

The leakers should be fired, prosecuted, or both — and reporters who care about government accountability should be racingeach other to tell us who these miscreants are. The fact that they shut their mouths tight and run the other way suggests that the image of reporter-as-watchdog does not reflect the current place of journalism in society, whatever may have been true in the past.

Third, if the law prevents courts from ordering reporters to identify anonymous sources, what will prevent government officials from using the private information they keep on us for personal or political score-settling? What will prevent them from simply lying? What will prevent reporters from inventing anonymous sources who don’t actually exist?

Read more