[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

FISC Rules that [Redacted] Is Not Subject to FISA 702 for One of Its Services

Last week ODNI declassified two FISA Court opinions pertaining to Section 702. The first was a 2022 FISA Court opinion (which dates to sometime after April 2022 orders were signed) written by Presiding Judge Rudolph Contreras. The second is a 2023 per curiam opinion (David Sentelle, Robert Miller, and Stephen Higginson) affirming the original Contreras one.

While the exact details of the appeal are heavily redacted, it’s clear that the opinion pertains to the definition of Electronic Communications Service Provider under the law. As a reminder, under 702, the government can given a US-based ESCP a “directive” ordering not just content, but also technical assistance. In general, such directives apply to both data in motion (so telecoms) and data at rest (so cloud providers).

One thing the opinions make clear is that the service provider provided at least two categories of service. The service provider seemed to only challenge one of those two categories of service and willingly accept directives for another. The FISCR opinion lays out that the definition of ECSP must be applied on a service to service basis.

A reexamination of subparagraphs (A), (B) and (C) confirms that it is the service being rendered-and nothing else about the provider-that is the crux of each definition. For “provider of electronic communication service,” and “provider of remote computing service,” only the specified communication service is statutorily defined. See 50 U.S.C. § 1881 (b )( 4 )(B) (relying on the definition of “electronic communication service” at 18 U .S.C. § 2510(15) to delineate providers of such); 50U.S.C.§1881(b)(4)(C) (relying on the definition of “remote computing service” at 18 U.S.C. § 2711 to delineate providers of such). Although the term “telecommunications carrier” is itself statutorily defined, that definition similarly relies on the definition of “telecommunications services,” except for one exclusion. See 47 U.S.C. § 153( 51) (‘” [T]elecommunications carrier’ means any provider of telecommunications services, except that such term does not include aggregators of telecommunications services . … “); 47 U .S.C. § 153(53) ( defining “telecommunications service”).

[snip]

What matters is the service that is being provided at a particular time (or as to a particular piece of electronic communication at a particular time), rather than … the service provider itself.” (internal quotations omitted)).

The issue, for the second service, seems to pertain to whether the service provider had access to the comms in question — whether in motion or at rest; such a dispute may be a question of encrypted communications to which the provider did not have access.

Contreras’ opinion treats each type of ECSP, data in motion and then data at rest, to determine that for the service in question (but not for others the service provider offers) it is not a an ECSP under Section 702.

Notably, a key part of the first part of Contreras’ analysis (on data in motion) relies on two opinions about cell phones.

see also Garcia v. City of Laredo, 702 F.3d 788, 793 (5th Cir. 2012) (a cell phone “does not provide an electronic communication service just because the device enables use of electronic communication services” ( emphasis in original); Loughnane v. Zukowski, Rogers, Flood & McArdle, No. 19 C 86, 2021 WL 1057278 at *4 (N.D. Ill. Mar. 18, 2021) (“a smartphone … does not provide the end-user the ability to send or receive wire or electronic communications;” it “merely enables the end-user to employ a wire or electronic communication service . . . which in turn provides [that] ability”) (emphasis in original). 15

And a later passages also pertains to personal devices.

Nonetheless, most courts have found that personal devices used to access web-based email services or similar communication platforms are not facilities through which an ECS is provided. 18

Under the second part of his analysis, Contreras focused on whether the service provider had access to communications (again, a discussion that might be consistent with encryption). In that section, there’s this curious discussion of the June 2021 Van Buren decision that limited the application of the Computer Fraud and Abuse Act, which pivoted on authority to access.

Van Buren interpreted a statutory provision that describes the elements of a crime. It is natural for “access” in that context to be confined to (wrongfully) entering a computer system or parts thereof. It would not sensibly extend to the opportunity or ability to enter a system, without actually doing so, just as it would not make sense for a passerby to be liable for trespass because he walked by an open door without going in. But it strikes the Court that, in other, even computer-related contexts, “access” could be used as a noun (as it is in Section 701(b)(4)(D)) to refer to the ability or opportunity to enter: “Frank has access to the database but be has not logged into it yet.”

FISCR likewise invoked the definition of access under Van Buren.

Context reinforces this understanding. See, e.g., Van Buren v. United States, 141 S. Ct. 1648, 1657- 58 (2021) (“When interpreting statutes, courts take note of terms that carry ‘technical meaning[s]. “‘). In Van Buren, the Supreme Court observed that ‘” [ a ]ccess’ is one such term, long can-ying a ‘well established’ meaning in the ‘ computational sense’- a meaning that matters when interpreting a statute about computers.” Id. at 1657 ( citation omitted).

Close to the end of the FISCR opinion, it seems to definitively define ECSP based on this access principle.

If an entity does not provide a communication service through which it has “access to wire or electronic communications either as such communications are transmitted or as such communications are stored;’ 50 U.S.C. § 188l(b)(4)(D), it is not an ECSP as defined by subparagraph (D), [half paragraph]

Then, FISCR notes that 702 is up for reauthorization this year, so if the government doesn’t like this principle, it can go ask Congress to change it.

Some company successfully argued that if they don’t have access to your data, they can’t be compelled to provide US spooks assistance to get to it.

Between the Annual Release of FISA Statistics and the Release of the FISA 702 Opinion, FBI Rolled Up Turla

I’m curious about the timing of the release of the FISC 702 opinion, dated April 21, 2022, approving Section 702 certificates that would last until April 21, 2023. I laid out a Modest Proposal in response to that opinion here.

In the past, the government has often released the prior year’s FISC opinion around the same time as it releases all the FISA transparency reports, which it released this year on April 28, 2023. But ODNI didn’t release the opinion itself until May 19, eight days after the FBI released a FISA-related audit that covers many of the same violative queries laid out in the FISC opinion and three weeks after the other transparency filings. The delayed release resulted in the release of significantly overlapping bad news twice, a week apart, at a time when the spooks already face an uphill climb to get 702 reauthorized before the end of the year.

One possible explanation for the delayed release is that there was a one-month delay in reapproval of new 702 certificates, meaning that ODNI held back the opinion until such time as a new opinion had replaced the old one.

But as I read, especially, a separate opinion released along with the 702 one, I couldn’t help but note that between the date when ODNI would customarily release the prior FISC authorization and the date it did, FBI rolled up the Turla malware.

May 4, 2023: Search warrant affidavit

May 8, 2023: Planned operation

May 9, 2023: DOJ Press releaseNSA press releaseJoint Cybersecurity Advisory

When I wrote my post on the operation, I laid out how, starting in 2016, the FBI had learned how Turla worked via voluntary monitoring of US-based victims from whose servers the malware was launching attacks in other countries.

A key part of the affidavit’s narrative describes that monitoring process. The FBI discovered that Turla compromised computers at US Victim A in San Jose, which let the FBI monitor how the malware worked. Using US Victim A, Turla compromised US Victim B in Syracuse, which in turn let the FBI monitor what happened from there. Using both US Victims A and B, Turla compromised US Victim D in Columbia, SC, which in turn let the FBI monitor traffic. Using Victim B, Turla compromised US Victim C, in Boardman, OR, which in turn let the FBI monitor traffic.

Over seven years, then, the FBI has been monitoring communications traffic from a growing number of US victim companies that Turla used as nodes. The affidavit emphasizes that these sites were used to attack overseas targets — like the presumed German and French targets mentioned in the affidavit. Aside from the journalist working for a US outlet (who could be stationed overseas), the affidavit doesn’t mention any US collection targets. Nor does it explain whence Turla targets US collection targets.

But there were two or three companies that refused to allow the FBI to engage in consensual monitoring of their victimized servers: Victim-E, Victim-F, and Victim-G, all of which were discovered in 2021 or 2022 (Victim-F went defunct and destroyed its computers).

According to the FBI search warrant, then, it launched a global operation to roll up the Turla Snake’s many nodes around the world without the benefit of at least two US-based nodes from which it could discover other victims. That didn’t make sense to me.

The other FISA opinion released with the 702 one sought authorization to conduct physical surveillance of two locations in the US used by an agent of a foreign power; the government uses physical surveillance to obtain data in rest on a server. DOJ first submitted the application in early 2021. FISC appointed former cybersecurity prosecutor and current tech attorney Marc Zwillinger and retired EDNY Magistrate James Orenstein as amici and conducted several rounds of briefing and a hearing. Orenstein would have still been a Magistrate in EDNY when the grand jury behind this operation was seated there in 2018; he retired in 2020.

The heavily redacted opinion itself is pretty short — just 6 pages. It explains that “the Court has little difficulty finding probable cause to believe that the intended targets … are agents of a foreign power.” It had a harder time with two other issues, though: proving that the premises to be searched “is or is about to be owned, used, possessed by … that foreign power.” Suggestions from Zwillinger and Orenstein provided limits to the order such that FISC presiding Judge Rudolph Contreras could meet that standard.

The government also noted that the data in the targeted location “might not be owned or used by” the agents of the foreign power in question. Contreras imposed a 60-day deadline for the government to destroy everything that was not.

With those limitations, Contreras approved the FISC order on September 27, 2021.

Both of these issues are common ones in cybersecurity surveillance. Hackers hijack others’ servers, and from that sanctuary, victimize others. And then hackers transport data that are the fruits of theft, not communications about such a crime, via these nodes. So one way or another, the opinion sounds like it could pertain to cybersecurity surveillance. The timing is what makes me wonder whether the order was withheld until the end of the Turla operation.

Zwillinger and Orenstein were appointed as amici in 2022 as well.

Note, there’s a technique that got authorized in the 702 opinion, first proposed in March 2021, which involved two different amici, Georgetown Professor Laura Donohue, who asked for the assistance of Dr. Wayne Chung, the Chief Technology Officer of BlueVoyant, a cybersecurity company. That discussion is even more heavily redacted. But the issues debated appear to include:

  • Whether the thing obtained using 702 was included in the definition of intelligence permitted for collection
  • Whether the assistance required in the US came from an Electronic Communications Service Provider (Victim A from the Turla operation was located in San Jose, and the Victim G that refused to cooperate was described as a cloud service provider located in Gaithersberg)
  • Whether the assistance from the ECSP is covered by 702
  • Whether the intended use of the information fit the definition of querying
  • Whether NSA should have used another provision of FISA
  • Whether all the targets were overseas
  • What kind of minimization procedures the kind of information that would be obtained required

The 702 application is even more obscure than the physical search one. But if the latter pertains to Turla, it’s not inconceivable that the former does too.

A Modest Proposal to Fix FBI’s FISA 702 Woes

There’s an easy way to fix the FBI’s FISA 702 woes: Simply provide a way for FBI to obtain probable cause warrants — from the FISA court, if need be — for any 702 data it wants to be able to query. Armed with those probable cause warrants, virtually all the queries that have been deemed violations in recent years will be compliant with the Fourth Amendment.

The FBI can go back to doing queries on all this information without having to worry about oversight on the back end.

Problem solved, Scoob.

Section 702 of FISA is up for reauthorization this year. Partly because Republicans are upset that Donald Trump is the serial subject of criminal investigations, and partly because a series of changes to FBI’s querying of 702 data has made FBI’s querying process (of all data) visible for the first time, resulting in persistent violations of the new querying standard, whether and how it will be reauthorized is going to be very contentious. The two sides are talking past each other and proposing yet more tweaks that won’t address two underlying causes to the problem. But my solution is an easy fix and will make all the current problems go away!

Don’t get me wrong: I think all sides would hate this solution. It would result in more surveillance and more criminal investigations of US persons. But it would solve the problem everyone thinks they have.

For the FBI, it would mean this material will become discoverable to potential future defendants. For civil libertarians, it would mean the FBI would revert to the status quo of about 2015, doing millions of usually fruitless queries on every assessment they did. But it would solve the legal problem before Congress. Which is a pretty good hint that the legal problem before Congress is not going to address the underlying reasons for the problem — and some potential solutions will make the underlying issues worse without serving US security.

I make my Modest Proposal for three reasons:

  • Virtually everyone engaged in the current debate is engaged in bad faith, because everyone has an incentive to ignore the fact that the violative queries are the way the program was designed from the start and the way the FBI runs everything else.
  • This Modest Proposal will demonstrate the degree to which current debates are ignoring two underlying problems, the way The Wall between intelligence and criminal evidence was eliminated in the wake of 9/11 and the degree to which the FBI runs on massive troves of data.
  • My Modest Proposal represents FBI’s likely response to current proposals for individualized warrants on query targets, rather than collection targets (indeed, some of this has already happened), so it’s a way for people to contemplate the obvious outcomes of the current impasse, including more spying on Americans with less oversight.

The system underlying Section 702 arose because the FBI missed the 9/11 terrorists and in the panic that ensued, the Bush Administration decided it needed to identify everyone in the US with ties to known or suspected terrorists overseas. The program operated illegally as part of Stellar Wind for several years. In 2004, Jack Goldsmith imposed some limitations (some of which remain secret and misunderstood). In 2005, James Risen and Eric Lichtblau started revealing what Stellar Wind had been. Between 2004 and 2008, the content collection part of Stellar Wind was legalized, first as the Protect America Act and then as Section 702. In both the public debates over that legislation and in a Yahoo challenge to its first PAA order, the Administration and a few members of Congress obscured — even lied — about the underlying intent to use the program to identify associates of targets in the United States. Then Snowden made what was already public public (along with the names of the then-recipients of standing orders). And in the years since, each FISA 702 certification has made more of this reality visible to the FISA Judges, who almost every year get all outraged and then nevertheless reapprove the program (in part, because both 702 and FISA applications don’t require the things that would really give FISC judges the means to implement real fixes).

I have laid out in recent years how this process has not worked and why we’d have the shitty opinion (again, this opinion is a year old) that we got, in part because it was obvious that Bill Barr was not making substantive changes:

The underlying problem is this: The point from the start was to allow the FBI to see who inside the United States had ties to first, suspected terrorists and then, people of intelligence interest (which includes but is not limited to suspected spooks, hackers, and weapons proliferators) overseas. It’s a great idea! But it also resulted in the FBI routinely searching on content obtained without a warrant with the intent of identifying the communications of Americans, a clear violation of the intent of the Fourth Amendment, but also what Congress and Presidents have demanded the FBI do to prevent another 9/11 or similar surprise.

On Friday, the DOJ released an opinion approving the delayed authorization of certificates first filed in October 2021 (months after my prediction that this process would continue to fail) that showed the FBI continued to commit egregious violations of the then-existing querying guidelines. (One problem with the 702 process is both the violations and the opinions have a significant lag time, and the lag time here has predictably led Republicans to blame Merrick Garland for violations that happened because Bill Barr — who is the grandfather of this entire system — didn’t make radical enough fixes in 2019.) Of specific note, it showed that the FBI had done queries in conjunction with the summer 2020 unrest, the January 6 attack, and a losing political campaign known to be targeted by a foreign intelligence service. That’s bad! In several cases, though, there was some foreign component to the investigation (indeed, three of the January 6 targets did find material, which is only supposed to happen if there’s some spooky tie, but it’s a violation because the FBI personnel in question didn’t know of those spooky ties in advance).

Numerous of the violative queries are actually pretty good uses of 702. In predicated criminal investigations against narcotics traffickers, for example, it’d be useful to learn of any unsuspected ties to an international trafficking network. In predicated domestic terrorism investigations, it’d be useful to know whether suspects are getting help or have associates hiding out overseas (as multiple people in the January 6 investigation are known to have); indeed the notion that we shouldn’t know this with white terrorists when we spent decades assuming we had to know it with brown terrorists is racist. In vetting people for clearance or use as informants, it’d be useful to know if they’ve got past ties to foreign spooks. But the way the current standard works, you’ll only be able to look if you already suspect such ties. As a result, the standard for associative querying is now far higher for international criminals than it is for domestic ones. In a globalized world, that seems like a stupid state to be in. But it’s also the result of ingesting a lot of content into FBI servers without a warrant.

Which brings me to one of the underlying problems this debate is not addressing: The FBI runs on databases. Back during the hellacious USA Freedom Act debates, I argued that all sides should work on a collect-and-query standard to the Fourth Amendment, one that reflected both the real privacy impact of what was dismissed as “just metadata” collected and stored in large volume, and to account for the vast amount of content collected and stored for years via search warrants. What we’re seeing described as violative queries are really just descriptions of how FBI analysts work — how they’ve been ordered to work since 9/11. Got some new identifiers in a narcotics investigation? Stick them into the database and see what you find! Investigating a new suspect in a domestic terrorism case? Stick his identifiers in the database and see what you find!

A dirty little secret is that, with three exceptions I can think of, the privacy impact on a US person by searches done on vast stores of material obtained with a warrant is not that different from searches done on vast stores of material on foreigners obtained via Section 702. It’s going to matter if the subject has incriminating or interesting ties to a past subject of surveillance, but because of the negligible cost of doing a search, millions of searches get done with no results. Most of the violative queries, in fact, result in nothing (which is one reason they went on for so long without attracting more attention).

One exception is that US law has entirely different standards for terrorism involving foreign organizations, including that people can be prosecuted for what in the domestic terrorism context would be protected by the First Amendment. Searches on content have repeatedly led to foreign terrorist investigations — though several appeals courts have reviewed such searches and found no big deal to them. Friday’s opinion cited all three in judging that the 702 program complies with the Fourth Amendment. Given the FBI’s success combatting domestic terrorism without such crutches, given the greater impact of domestic terrorism of late, we should reconsider the asymmetry of foreign terrorism investigations.

A second exception is that so much of our commerce is with China, but so much of China’s spying is economic, that US persons with legitimate economic ties to China undergo a great deal of scrutiny. There’s good reason to believe a number of US persons have been targeted for criminal investigation as a result, some in cases that have blown up in spectacular fashion.

A third exception is that the FBI uses (or probably, used) such searches to identify potential informants. And way back in 2002, John Yoo justified identifying derogatory information (like domestic abuse or rape) that had nothing to do with terrorism but could nevertheless be used to coerce someone to become an FBI informant. So there are definitely cases where someone will be coerced by the FBI not because of any crime they’ve committed (or at least, not because of any international crime), but because the FBI finds their network to be interesting and wants to get that person’s “cooperation” to learn more about it.

Side note: one premise of the Durham Report is that the use of informants, which the FBI considers a really low-impact investigative step, is actually really intrusive. I still believe nothing good will come out of the Durham Report, but a public debate about how intrusive the public and Congress believes the use of informants to be, which is dramatically different than what the FBI thinks, could lead to an adjustment of how it is treated in FBI’s Domestic Investigations Guide, would be one such good outcome.

Because only the target of a warrant has a Fourth Amendment interest, tons of communications of innocent people get swept up with every warrant, just as tons of communications of innocent people get swept up with every 702 directive. But as FISC imposes new requirements on FBI queries, the latter has started to be treated with far greater protection than the former. That makes sense from a legal perspective (because the former was collected with a probable cause warrant but the latter was not), but not from a privacy perspective. The privacy community has spent years getting worked up about the 702 queries while largely ignoring the privacy impact of all the other data on which these very same queries are run.

Another dirty little secret is that FISA allows the privacy community visibility on FBI behavior that the privacy community has to do a lot more work to get in the criminal context. So every three years the privacy community has an opportunity to make a big stink and raise money from donors, all while very similar criminal data is being queried zillions of times a year with little notice.

Which leads me to the second underlying problem here, The Wall. Whether true or not, one reason spooks used to excuse their failure to prevent 9/11 is that they weren’t permitted to use data collected using intelligence authorities in criminal investigations (which, in turn, made it harder to use intelligence information to coerce informants). So FISC was forced to permit the use of information collected using individualized FISA orders in criminal prosecutions (which only happens around ten times a year). But that approval was grand-fathered onto 702 collection. Because the FBI has a dual intelligence/law enforcement role, it was permitted to ask for a small percentage of the content collected under 702. But for years, that content got sucked into FBI databases and treated just like all the other content they had ingested, with the result that 702 content was queried zillions of times in usually fruitless searches a year. It is absolutely the FBI’s job to hunt down foreign hackers, terrorists, or spies using 702 data. But when those foreign hackers, terrorists, or spies network with Americans, because of the way The Wall came down after 9/11, that 702 data can be used to predicate investigations against Americans.

The legal contortions around justifying the way the barrier formerly known as The Wall have gotten really remarkable, always premised on the notion that what’s outside the US has national security implications but what’s inside does not. Again, in a globalized world — especially one in which domestic terrorism is a bigger threat than international terrorism — that’s a ridiculous stance. The stance arises from the definition of Presidential (and Executive) power, not from threats to the country.

The privacy community has decided they’re going to fight for an individualized warrant for every query, including “queries” that are part of combatting cyberattacks (including cyberattacks against corporate entities), which is what the IC credibly claims they’re increasingly using 702 for. They’re asking for this standard even though the FBI doesn’t have to get individualized warrants for queries of material obtained with a warrant.

My Modest Proposal would instead require the FBI to get a probable cause criminal warrant on the collection targets themselves for everything they otherwise would get under 702, targeted at the intelligence target, rather than the query target before they can query it. But once they’ve done so, they could put it in the same bucket on which the FBI does their zillion searches every year. Because, after all, at that point it would become the same kind of data. The FBI could keep other 702 data on entirely separate servers for use only with regards to the FBI’s foreign targets. There already is one such server at the FBI, because the FBI hasn’t been able to do drop down menus to record the purpose of queries to comply with the evolving query requirements.

I suspect that my Modest Proposal might be what results if this debate blows up — though it might happen with little notice. I say that because that’s precisely what has sometimes happened in the past when authorities surrounding surveillance techniques used in counterterrorism were made more onerous. Back in 2014, FISC required a higher standard to obtain prospective cell site location data than a number of states would, so in some cases, the FBI would choose to use criminal process rather than FISA process. Similarly, the reason the FBI never needed to rely on the Section 215 phone dragnet to find suspected terrorists in the US is that phone records are really easy to get in the US, and the FBI could accumulate enough of those phone records to get the coverage they needed. The number of individualized FISA orders has similarly dramatically shrank after the Carter Page fiasco — but that surveillance didn’t go away, it just went somewhere else, and much of that spying can be via other authorities.

Much of the content that the FBI obtains under 702 is cloud data from US providers, and the FBI has been able to do entire foreign focused national security investigations using criminal process, such as when the FBI indicted GRU hackers using much the same criminal process used to successfully prosecute Vladimir Klyushin. At least with regards to cloud providers, what you can’t get from a probable cause warrant, but that you get from 702, is prospective coverage, with new communications coming in on a timely basis in real time. But DOJ gets a shit-ton of stuff when they obtain warrants for cloud providers.

Such a Modest Proposal might require a kind of programmatic warrant — say, targeting all of GRU’s known identifiers. This kind of programmatic targeting was likely used for Section 215 when Obama imposed pre-approval for those queries. There would just be lots more of them, You’d have to create a FISC Magistrate to deal with the volume.

One more thing has changed in recent years that would make this feasible — which change would accelerate if the FBI had to use probable cause warrants to get the same data they’re currently getting under 702: The FBI has focused on a variety of crimes — foreign agent laws, sanctions violations, and cryptocurrency enabled crimes — that’d be the kinds of crimes they’d use if forced to get probable cause warrants on targets. If they were forced to go this route, there’d be more open investigations into people, including US persons.

It would ensure that data searched in any of the FBI’s zillion yearly searches was obtained using a warrant. But it wouldn’t at all limit the number of Americans exposed to such searches. And it would wildly limit the oversight on such searches.

The Yahoos in Brazil Identified in Sergey Cherkasov’s Complaint

There’s a detail in Greg Miller’s profile of Sergey Cherkasov, the Russian accused of posing under an assumed Brazilian identity and using a SAIS degree to get an internship at the ICC, that confirms something I’ve long assumed: the US has had a hand in the recent roll-up of Russian spies, mostly in Europe.

He was due to start a six-month internship there last year — just as the court began investigating Russian war crimes in Ukraine — only to be turned away by Dutch authorities acting on information relayed by the FBI, according to Western security officials.

[snip]

His arrest last April came at the outset of an ongoing roll-up of Russian intelligence networks across Europe, a crackdown launched after Russia’s invasion of Ukraine that officials say has inflicted greater damage on Kremlin spy agencies than any other effort since the end of the Cold War.

The FBI and CIA have played extensive behind-the-scenes roles in this wave of arrests and expulsions, according to Western officials.

As Miller describes, the Dutch realized that Russians stationed in the Hague were preparing to welcome a new agent, but by then, the US already had an incredibly detailed dossier on him.

On March 31, as he boarded a flight to Amsterdam, neither Cherkasov nor his GRU handlers seemed aware of the net closing in on him. By then, the Dutch intelligence service had picked up its own signals that the Russian Embassy in The Hague was making preparations for the arrival of an important new illegal, according to a Western security official.

Authorities in the Netherlands then received a dossier from the FBI with so much detail about Cherkasov’s identity and GRU affiliation that they concluded the bureau and the CIA had been secretly monitoring Cherkasov for months if not years, according to a Western official familiar with the matter.

Until DOJ charged him last week, this had been largely a European story, with Dutch intelligence crowing about their success at foiling his plans and Bellingcat serially unpacking his public life (though CNN published this story at the time). Significantly, the Dutch published his legend and an explanation of how it might be used, with translations into Dutch and English from the original Portuguese.

As noted below, the US would later source its own possession of the legend to devices seized from Cherkasov on arrest in Brazil.

However, as Brazil gets closer to extraditing Cherkasov back to Russia on a trumped up narcotics trafficking charge, the US stepped in to make their own claim with the criminal charges: multiple counts of fraud, as well as acting as an unregistered foreign power. It’s not yet clear how Brazil will respond to the competing charges. Contrary to some reporting on the charges, DOJ has not yet indicted the case. The complaint has not yet been docketed.

Which is why I wanted to look at the sourcing for the complaint.

Many of the sources in the complaint come via way of Brazil, temporally after the Dutch deported him and the Brazilians arrested him, and so long past the time the US shared “a dossier” from the FBI reflecting months if not years of review. Brazil-sourced evidence includes:

  • A picture taken on Cherkasov’s 2011 immigration into Brazil
  • His Brazilian birth certificate
  • The details behind Brazil’s identity theft charges
  • Items collected — as if for the first time — from devices Cherkasov had with him when he arrived in Brazil, including:
    • The hard drive
    • Thumb drive 1
    • Thumb drive 2
    • Thumb drive 3, including:
      • March 2022 emails of unknown provider with details about a dead drop
      • Details about his dead drop site
      • March 2022 emails about paying for false Portuguese citizenship
      • March 2022 mails about establishing a meeting place
    • Samsung Galaxy Note phone
      • His mother’s Kaliningrad contact
      • 90 contacts with someone whose Telegram account and VKontakte account lead to a 2011 picture of Cherkasov in military uniform and a 2008 picture with friends
      • Contacts from one of those friends to a posted picture in military uniform (a picture also shown in the original Bellingcat profile)
  • Devices collected from the dead drop shared by Brazilian authorities
  • Correspondence between Brazil and Russia about Cherkasov
  • Audio messages between Cherkasov and his fiancée from immediately after his arrest in the Netherlands
  • Post-arrest communications between Cherkasov and his one-time fiancée, at least some of which were photographs of hand-written notes
  • Validation of Cherkasov’s ID in certain photos from FBI agents who met him in 2022 (though these meetings are not explicitly described to have taken place in Brazil)
  • A Bellingcat story debunking the Russian narcotics charges against Cherkasov

The focus on the phone, especially, cites evidence that would be fairly easily collected via other sources, but attributes that evidence to analysis the FBI did only downstream from the Brazilian arrest, and with the assent of Brazil. The complaint doesn’t explain whether these devices were encrypted or even what messaging applications were used, at least on the thumb drives including communications with his handlers. But there’s at least some reason to believe Brazil let FBI take the lead on exploiting those devices.

To be sure, there are items that the US could have collected in the US, whether before or after Cherkasov flew to the Hague, such as an Uber receipt timed to his travel to the dead drop in Brazil and IP addresses tied to US-based cloud providers like Yahoo and Google. Just once does the complaint reference using legal process — a 2017 video from a Moscow airport restaurant, obtained using legal process, reflecting Cherkasov saying goodbye to his mother — though it doesn’t describe what kind (it sounds like it could be iCloud content).

Still, the emphasis on material obtained with subpoenas and investigative steps done while Cherkasov has been in Brazilian custody — whether or not that was the first that FBI obtained such evidence — is one reason I’m interested in the outliers.

This is a document that could form basis to extradite Cherkasov to the US — it seems more than sufficient to make that case. But it’s also a document that might reflect on the kinds of investigations that have contributed to efforts to roll up spies outside of the US.

First, there are details about communications that Cherkasov had, while studying at Trinity College in Ireland and so not a US person at all — via known Section 702 participant, Yahoo!!! — with a tour agent who wrote recommendations for Cherkasov then later worked in Russia’s Consul General and, apparently, the General Consul himself.

CHERKASOV used the Yahoo 1 Account on multiple occasions to contact individual “C2” who was communicating with CHERKASOV from Brazil. C2 communicated with CHERKASOV on numerous matters, including financial matters, between at least July 22, 2016, and December 27, 2019. According to a translation of C2’s curriculum vitae, C2 worked in Brazil at “The General Consulate of the Russian Federation,” for “General Consul [M.G.]”

[snip]

35. Other emails show C2 took direction from another person, M.G., about financial payments that C2 sent to CHERKASOV. In correspondence between C2 and M.G., C2 refers to M.G. as “Mikhail” and the email address is identified in C2’s contacts as “MikhailRussia.” For example, on or about November 30, 2016, C2 forwarded M.G. correspondence from CHERKASOV that indicated another payment to CHERKASOV was imminent. M.G. responded by sending an email to C2 instructing C2 to make a payment to CHERKASOV: “Friend; thank you very much. Let’s do another one on the 14th of December.” According to further correspondence, CHERKASOV was able to receive the original transaction intended via MoneyGram. However, after corresponding to CHERKASOV that C2 would attempt to make transactions via Western Union the following day, financial records indicate C2 attempted to make two separate transactions via Western Union shortly after on December 16 and 18, 2016, for $842.65 and $867.55, respectively, but the funds were never transferred to CHERKASOV. CHERKASOV corresponded on December 19, 2016, that Western Union would not work properly and moving forward, the transactions should be made via Moneygram. C2 corresponded back to CHERKASOV on December 20, 2016, that C2 had sent €750 again via Moneygram to CHERKASOV.

36. C2 also stated in other emails that C2 previously owned a travel agency in Brazil, and that the Russian Federation was one of C2’s best clients. C2 later moved to the Russian Consulate after C2 closed the travel agency.

37. On or about March 8, 2017, C2 wrote a letter of recommendation for CHERKASOV for a university located in Canada. In the letter, C2 indicated FERREIRA worked as a travel consultant for C2 from May 2014 until March 2017, and as a senior event manager in

It’s possible that something Cherkasov did while at SAIS triggered a larger investigation that worked its way back to two likely Russian spies in Brazil. It’s also possible that the investigation started from known subjects in Brazil and thereby discovered Cherkasov.

But one thing these two references do — aside from identify the travel agent later made part of the official Russian delegation, aside from making Cherkasov’s tie to Russian government officials necessary for the 18 USC 951 charge — is put both Brazil and Russia on notice that the US is aware of these two suspected intelligence officers who were or are in Brazil.

Both C2 and the Consult General would have been legal targets for the entirety of the period in question and (as noted) Cherkasov was while he was in both Ireland or Brazil.

Another of the relatively few pieces of evidence unmoored from the Brazil arrest pertains to collection Cherksov shared after taking a SAIS trip to Israel. The details around the reporting — the single use email directing Cherkasov to fly to the Philippines to meet — definitely give the story spy drama.

Just as interesting, however, are the descriptions of the identifiable US (and Israeli) subjects targeted by Cherksov’s collection.

45. On or about January 16, 2020, CHERKASOV, using his D.C.-based phone number, texted with M.S. at a Philippines-based number for M.S. the following:

CHERKASOV: Hey [M],7 I arrived…Where do you want to meet?

[M.S.]: Grab a taxi and ask to drive via skyway.

CHERKASOV: On my way. Will be there in approx. 15 min.

[M.S.]: Ok. Here

CHERKASOV: I can’t find it

[M.S.]: Names?

CHERKASOV: Yea, I’ll text you then when I’m in the airport.

CHERKASOV: Texting you the names.

CHERKASOV: Sent you a list there. Now whom we met.

CHERKASOV: All people from the Jerusalem Embassy, literally every single one, even LGBTQ advisor. [N.G.]8 – security expert, local. I think he is a spook. [?.L.]9 kingmaker’ – [Israeli political] party leader

CHERKASOV: The previous list didn’t sent [sic], I’ll retype it.

CHERKASOV: Can I send it to you email?

CHERKASOV: This SMS shit kills me

[M.S.]: Sure.

46. On or about January 17, 2020, CHERKASOV sent M.S. an email with a screen shot of names, mostly U.S. persons (“USP”), stating the following: Just a list of interesting people that I was talking to you about Experts side: [USP 1]10– DoS, middle Eastern direction advisor the president admin, former [University 1] student.

[USP 2]11– FDD, military security adviros [sic] to the Congress Committee on Intelligence, [USP 3]’s12 assistant. [“TT1”] 13 group: [USP 4]14– [USP 5]15 chair, came only for a day though, [USP 6]16– main guy to call shots, Israeli expert came with small team of his own. [University 1, University 2] student leader: [USP 7]17– Anapolis [sic] Naval Academy Cyber Sec instructor

While just one of the people involved in Cherkasov’s targeting — his SAIS professor, Eugene Finkel — has explicitly spoken out about being duped by Cherkasov, virtually all of these people (and a bunch more described later in the complaint) are likely to be able to identify themselves.

There are a few I suspect I recognize and, if I’m right, they’ve been apologists for Trump’s propaganda about Russia.

Notably, this messaging involved a US-based phone, one not obviously included among the devices seized from Cherkasov when he returned to Brazil. The FBI Agent who wrote the affidavit couldn’t have obtained the messaging in real time — he or she has only worked at the FBI since 2021, and the messaging dates to early 2020. But the affidavit does reference “surveillance that I have conducted.”

In general, the FBI is revealing almost nothing obtained via sensitive sources and methods — that’s one reason the reliance on evidence obtained via Brazil is of interest to me. Given how the US has allowed European countries to take credit for these stings, I find it interesting that the US almost creates the misimpression that it only discovered Cherkasov — that it accessed his legend that the Dutch had upon his arrest — when he arrived in Brazil.

But in just a few spots, the affidavit gives a glimpse of what else the US Intelligence Community might know.

The US has not really taken much credit for helping a bunch of European countries roll up Russian spies (though they’re likely reminding them of the role Section 702 plays in the process). But this document, seemingly released because they had reason to exert legal pressure with a country that is fairly close to Russia, likely serves multiple purposes. While it doesn’t give away a lot, it does hint at far more.

Update, 4/6: The Guardian reported that two suspected Russian illegals, one presenting as Brazilian and the other presenting as Greek-Mexican, disappeared in January.

Halfway through a trip to Malaysia in January, Gerhard Daniel Campos Wittich stopped messaging his girlfriend back home in Rio de Janeiro and she promptly launched a frantic search for her missing partner.

A Brazilian of Austrian heritage, Campos Wittich ran a series of 3D printing companies in Rio that made, among other things, novelty resin sculptures for the Brazilian military and sausage dog key chains.

[snip]

The Brazilian foreign ministry and Facebook communities in Malaysia mobilised to look for the missing man. But Campos Wittich had simply disappeared.

Greece believes Campos Wittich was a Russian illegal with the surname Shmyrev, said the official, while his wife, “Maria Tsalla”, was born Irina Romanova. She married him in Russia before their missions began and took his surname, the Greeks claim. She left Athens in a hurry in early January, just after Campos Wittich left Brazil. Neither have returned.

If I’m right that the FBI chose to use the Cherkasov complaint in part to identify those in Brazil who were running illegals, it may be because the disappearance of another Brazilian illegal in January led the US Intelligence Community to believe Russia had figured out what the US knew.

Tucker’s Putin Envy

There was a part of the Global Threats Report presented to both the Senate and House Intelligence Committees last week that deserves more attention. In the middle of the section on Russia’s influence operations, the report predicted that Russia will “try to strengthen ties to U.S. persons in the media and politics in hopes of developing vectors for future influence operations.”

It is the judgment of the intelligence community, per the report, that Russia is trying to cultivate “US persons in the media and politics” as part of its foundation for future influence operations.

Russia presents one of the most serious foreign influence threats to the United States, because it uses its intelligence services, proxies, and wide-ranging influence tools to try to divide Western alliances and increase its sway around the world, while attempting to undermine U.S. global standing, sow discord inside the United States, and influence U.S. voters and decisionmaking. Moscow probably will build on these approaches to try to undermine the United States as opportunities arise. Russia and its influence actors are adept at capitalizing on current events in the United States to push Moscow-friendly positions to Western audiences. Russian officials, including Putin himself, and influence actors routinely inject themselves into contentious U.S. issues, even if that causes the Kremlin to take a public stand on U.S. domestic political matters.

  • Moscow views U.S. elections as opportunities for malign influence as part of its larger foreign policy strategy. Moscow has conducted influence operations against U.S. elections for decades, including as recently as the U.S. midterm elections in 2022. It will try to strengthen ties to U.S. persons in the media and politics in hopes of developing vectors for future influence operations.
  • Russia’s influence actors have adapted their efforts to increasingly hide their hand, laundering their preferred messaging through a vast ecosystem of Russian proxy websites, individuals, and organizations that appear to be independent news sources. Moscow seeds original stories or amplifies preexisting popular or divisive discourse using a network of state media, proxy, and social media influence actors and then intensifies that content to further penetrate the Western information environment. These activities can include disseminating false content and amplifying information perceived as beneficial to Russian influence efforts or conspiracy theories. [italicized bold original, underline my emphasis]

This is not new news. Obviously Russia has been cultivating both journalists and politicians in recent years, often by inviting them for big shindigs in Russia, after which, over the course of years, they come to spout more and more Russian propaganda uncritically.

It’s is noteworthy that the IC stuck this detail amid discussions about election interference and Ukraine mobilization, because Russia has had renewed success of late getting entertainers and politicians to magnify inflammatory and often false claims about Ukraine.

The judgement came out the same week that Tucker Carlson (whose Ukraine invasion anniversary special was breathtaking even by his standards of propaganda) provided more details of the time, in summer 2021, he was informed that the NSA had discovered his back channel contacts to Putin.

The story starts when Tucker squeals that he’s envious of the podcasters because they got to go to Russia, but he might be arrested if he went. Throughout the show, his interviewers operate on the assumption that Russia is the threat to Tucker, but he suggests State or FBI is.

Tucker: Now I’m envious.

[snip]

Full Send: But everyone told us not to go obviously, but. We knew we were with good people. So after that, it was all good, but.

Tucker: Oh, I want to go. I’ve never been there!

Full Send: You feel it though, it is real scary. There’s like military checkpoints.

Tucker: Oh yeah!

Full Send: It’s … it’s serious shit.

Full Send 2: Would you have gone with him or no?

Tucker: I can’t go to Russia. I honestly think I would be arrested.

Full Send: Yeah, they get you.

Tucker: Which is outrageous because, I’m a journalist, and I’ve been all over the world. I feel like I’ve been everywhere except Russia. And Russia is a combatant in a war that’s changing the world, and like I should go see it. And I was planning it and then I got stopped by the US government from doing it.

Full Send: Oh, you were gonna go? What were going to do?

Tucker: Interview Putin. Why wouldn’t I?

Full Send: You had it set up? Damn!

Tucker: I was working on it and then they broke into my text messages — the NSA broke into my Signal account, which I didn’t know they could do —

Full Send: Oh so Signal’s not even safe!

Tucker: Signal is not safe. It’s not safe. Signal’s not safe.

Full Send: I know people think WhatsApp’s safe.

Tucker: WhatsApp?!?! WhatsApp is not — you know what’s safe? And ask any mafia Don. Park your car in front of the liquor store. Leave your phone in the vehicle, in your Caprice Classic, and walk out behind the liquor store, in the vacant lot back there with the WINOs, to talk to the person you want to talk to.

Full Send 2: How many times have you done that?

Tucker: Zero. Cause I’m like lazy. I’m like whoa! And I’m — actually I always say to myself, I’m not hiding anything. I don’t have a secret life. I’m pretty upfront. And some people like it and some people don’t. Of course, but, I’m not hiding anything. But I was definitely hiding my plan to go interview Putin, just because it’s an interview. It’s no one’s business.

Full Send 2: So how did that happen? How do you know the NSA broke into your Signal?

Tucker: Because they admitted it.

Full Send: Really?

Tucker: Oh yeah!

Full Send: Can you tell us about it? Like how did you find out?

Tucker: I got a call from somebody in Washington who’s — who would know. Just trust me. So I went up there for another reason. But this person said, you know, you going to come to Washington anytime soon? This was a year and a half ago, and I was like, yeah, actually I’m going to be up in a week. He’s like, meet me Sunday morning. So weird. Like, who does that? Just text me, you know what I mean? Just text me. No. So I go and this person’s like — and this is someone who would know — Um, are you planning a trip to go see Putin? This was the summer before the war started. I was like, how would you know that? I haven’t told anybody that, I mean, anybody. Not my brother, not my wife, nobody. Just because, you know, it’s one of a million things you’re working on, but that was one of them. I want to go interview Putin. Why wouldn’t I want to go interview Putin?

Full Send 2: Of course.

Tucker: I want to interview Xi, I want to interview everybody. Right? That’s kind of my job.

Full Send: We want to get Kim Jong Un on here one day.

Tucker: Of course! Of course! We met him.

Full Send: You did? We gotta talk about that. Holy shit.

Tucker: Yup. Super interesting. But anyway, um, how would you know that? Because NSA pulled your texts with this other person you were texting. How did you know that? And so I immediately, I was intimidated, I’m embarrassed to admit, but I was, I was completely freaked out by it. I called a US Senator, who I know — not that well, but it seems like a trustworthy person, and I told him the story, I just want to tell you this, and then I went on TV on Monday and I’m like this happened. And so they had — Congress asked NSA and NSA’s like, yes we did this, but for good reason. What would be a good reason to read my — you know, what? But the head of NSA, it’s fine, cause everyone’s in on it, Republicans and Democrats are all in on it. And by it I mean the assumption that there’s no privacy whatsoever, that they have a right to know everything you’re saying and thinking,

Full Send: That shit’s scary.

Tucker: And that’s just not a right as far as I’m concerned. By the way, if you have no privacy you have no freedom. [my emphasis]

Parts of Tucker’s commentary provides more detail on the incident than previous reporting did, which I covered here and here. As Jonathan Swan reported, the IC collected communications showing a back channel effort to set up a meeting with Putin.

Tucker Carlson was talking to U.S.-based Kremlin intermediaries about setting up an interview with Vladimir Putin shortly before the Fox News host accused the National Security Agency of spying on him, sources familiar with the conversations tell Axios.

[snip]

The intrigue: Two sources familiar with Carlson’s communications said his two Kremlin intermediaries live in the United States, but the sources could not confirm whether both are American citizens or whether both were on U.S. soil at the time they communicated with Carlson.

  • This is relevant because if one of them was a foreign national and on foreign soil during the communications, the U.S. government wouldn’t necessarily have had to seek approval to monitor their communications.

On Maria Bartiromo’s show in 2021, Tucker pointed to what was undoubtedly reporting done in the wake of his initial story — quite likely Swan’s own story (indeed, Tucker could well be one of Swan’s two sources) — and claimed it was proof the NSA was leaking information about him.

In the Bartiromo appearance, Tucker spoke in terms of a single email arranging an imminent trip to Russia.

In last week’s podcast, in addition to reiterating that Tucker is not trying to hide anything but oh yeah he was trying to hide his back channel to Putin, even from his spouse, Tucker adds two details: After he learned about it, he reached out to a (male) Senator to look into it, and the communications obtained include Signal texts, not just a single email.

In the past, I had suggested that Tucker’s tipster might be a member of Congress — a Gang of Eight member like Devin Nunes or Kevin McCarthy — or someone close to them (like Kash Patel). The fact that Tucker called a Senator in response (then Chair of the Senate Intelligence Committee Marco Rubio would make sense given the details he provides), and not someone he was closer to like Nunes, makes it more likely his initial tipster had a tie to the House. The focus on the Senate response may suggest this came up again in the Global Threats hearing, during the closed session.

The detail that, per Tucker, in addition to the email he sent about arranging a then-imminent trip to Russia, they also got Signal texts is more interesting, but it doesn’t mean he was the target or that they broke into his phone.

It does suggest that there could have been two different tracks going on: the discussion, over email, about a trip to Russia, one his producer knew about, and another more sensitive discussion going on via Signal.

We do know, however, that Tucker hasn’t hidden past interview preparation. Indeed, his outreach to Viktor Orbán was quite overt and gleeful. So his explanations about why he would want to hide preparation for a Putin interview don’t hold up.

Remember: When Tucker sent his now former investigative producer to try to FOIA this information from NSA (via a FOIA that was guaranteed to fail), he asked for 30 months of data, going back to January 1, 2019. That’s more than a single email to set up a meeting with Putin.

Rather than taking this as a tip that the back channels via which he was (at least) trying to set up a meeting with Putin are considered — even by Republican Senators — legitimate intelligence targets, possibly Russian spies, Tucker has instead spun up conspiracy theories. And that has, in turn, led him to suggest he faces a bigger threat from the US State Department than he would from Russian military checkpoints.

Update: On Twitter, MD suggested that Rand Paul may have been the Senator Tucker approached, given that he wrote a letter to General Nakasone. It’s an interesting possibility, especially given Russia’s cultivation of Rand and his father as well as the suggestion that whatever Senator he approached was ultimately satisfied with the explanation.

The Michael Flynn Complaint For Damages Against The US

As commenter David F. Snyder noted yesterday, yes Michael Flynn has filed a complaint for $50,000,000 damages against the US Government for all the perceived wrongs and grievances that he, his unhinged lawyers like Sidney Powell, and rabid MAGA Republicans have been carping about forever. A thread on this started out in Marcy’s “JUDGE UNSEALS DETAILS ON COOPERATING WITNESS IN DOUGLASS MACKEY CASE”, but I am going to bring it here so as to not pollute that post and give people a place to discuss Flynn.

I took a look at the docket for the fledgling case. It is filed in the Middle District of Florida, where Flynn resides. That is the only discernible nexus to MDFL as pretty much all facts, actors and witnesses would be in or about the DC District. Here is the docket entry for the complaint, which was actually filed on March 3, 2023:

NEW CASE ASSIGNED to Judge Mary S. Scriven and Magistrate Judge Christopher P. Tuite. New case number: 8:23-cv-0485-MSS-CPT. (SJB)

The complaint itself is attached to this Rolling Stone article by a detestable SCRIBD (seriously, nobody should ever convey documents by SCRIBD). It is 50 pages long, and I am not wasting my PACER account on it.

Marcy, in the earlier thread, said:

Not only does it not have legs, but if it survives the summary judgment stage (which is unlikely) it may catastrophically backfire on him.

I think that is right, but the case may not ever get that far. It may not even make it to a summary judgment motion, as it may well not make it past a 12b6 motion, which would be the initial attack by the government.

Couple of notes, the complaint alleges compliance with the FTCA (Federal Tort Claims Act), but claims the government never responded. Scriven is a Bush Jr. appointee and Tuite a Trump appointee to the magistrate bench. Sid Powell is noticeably absent from noticed attorneys, but Shawn Flynn, son of Michael’s brother, Gen. Charles Flynn, is listed. That could be interesting if Charles is to be a fact/damages witness, which would kind of be expected.

Very hard to see this matter gaining any real traction given all the facts and rulings against Flynn in the underlying criminal case in front of (now senior status) Judge Emmet Sullivan of DC District.

DOJ Rethinks — but in a Few Areas, Expands — Access to Media Content

In a story on the new media guidelines DOJ rolled out yesterday, Charlie Savage reveals what representatives of the press think they got in the new guidelines, in addition to a formal codification of broader restrictions on the use of legal process to find real journalists’ sources:

Those conversations led to several adjustments about potentially critical issues, like how “news gathering” is defined. According to participants, the Justice Department originally intended to define it in a way that was limited to the passive receipt of government secrets. But the final version now covers the act of pursuing information.

The language in question appears to cover things like encrypted dropboxes, something that journalists liked to compare (inaptly) to the charge against Julian Assange of attempting to hack a password for Chelsea Manning. Thus far, multiple criminal prosecutions show that dropboxes have not thwarted DOJ from prosecuting those who submitted documents into them.

Journalism includes reporting on classified information

A more important change is that the guidelines explicitly include reporting on classified information in its definition of newsgathering.

Newsgathering includes the mere receipt, possession, or publication by a member of the news media of government information, including classified information, as well as establishing a means of receiving such information, including from an anonymous or confidential source.

Savage describes that “is also said to have removed espionage from a list of criminal activities that are excluded from protected news gathering.” I’m not sure that’s right: 18 USC 793 and 798 were (along with Child Sexual Abuse Materials) included in the exceptions to 42 USC 2000aa, which I think is unchanged by this regulation.

What has been removed from the prior version (in addition to the inclusion of classified information in the definition of newsgathering) is an exception permitting the use of legal process in investigations of classified leaks. This language has been removed.

In investigations or prosecutions of unauthorized disclosures of national defense information or of classified information, where the Director of National Intelligence, after consultation with the relevant Department or agency head(s), certifies to the Attorney General the significance of the harm raised by the unauthorized disclosure and that the information disclosed was properly classified and reaffirms the intelligence community’s continued support for the investigation or prosecution, the Attorney General may authorize members of the Department, in such investigations, to issue subpoenas to members of the news media.

In other words, it wasn’t that there was an exception for the Espionage Act. Rather, there was language permitting searches in leak investigations that might be (and frequently have been in recent years) charged under the Espionage Act. That exception has been removed, and reporting on classified information has been explicitly included in the definition of newsgathering.

As we’ll see below, the regulation still authorizes searches in cases of suspected agents of a foreign power.

Expanded protection and a prohibition with exceptions instead of permission for exceptions

As Savage notes, however, the topline change is both a restructuring in the ways that a journalist’s sources might be accessed and the types of legal process covered. Whereas previously, the language on accessing source information included a presumption of access with a bunch of limits on use, as laid out in the prior regulation

The Department views the use of certain law enforcement tools, including subpoenas, court orders issued pursuant to 18 U.S.C. 2703(d) or 3123, and search warrants to seek information from, or records of, non-consenting members of the news media as extraordinary measures, not standard investigatory practices. In particular, subpoenas or court orders issued pursuant to 18 U.S.C. 2703(d) or 3123 may be used, after authorization by the Attorney General, or by another senior official in accordance with the exceptions set forth in paragraph (c)(3) of this section, only to obtain information from, or records of, members of the news media when the information sought is essential to a successful investigation, prosecution, or litigation; after all reasonable alternative attempts have been made to obtain the information from alternative sources; and after negotiations with the affected member of the news media have been pursued and appropriate notice to the affected member of the news media has been provided, unless the Attorney General determines that, for compelling reasons, such negotiations or notice would pose a clear and substantial threat to the integrity of the investigation, risk grave harm to national security, or present an imminent risk of death or serious bodily harm. [my emphasis]

The new regulation outright prohibits compulsory legal process except in certain exceptions.

(c) Compulsory legal process for the purpose of obtaining information from or records of a member of the news media acting within the scope ofnewsgathering. Compulsory legal process for the purpose of obtaining information from or records of a member of the news media acting within the scope of newsgathering is prohibited except under the circumstances set forth in paragraphs (c)(l) through (3).

In other words, these regulations importantly flip the presumption from one that permits the access of journalist records in certain situations to one that prohibits it except according to an enumerated exception.

And this revised regulation has broader language prohibiting the use of legal process. It now includes interception orders (like that used against NBC journalists who were sourced by Henry Kyle Frese), MLAT orders (like the Mexican one that targeted Zach Whittaker in 2020), and orders served on obscure third party providers of enterprise email hosting (like orders used against the WaPo and NYT in recent years).

“Compulsory legal process” consists of subpoenas, search warrants, court orders issued pursuant to 18 U.S.C. 2703(d) and 3123, interception orders issued pursuant to 18 U.S.C. 2518, civil investigative demands, and mutual legal assistance treaty requests-regardless of whether issued to members of the news media directly, to their publishers or employers, or to others, including third-party service providers of any of the forgoing, for the purpose of obtaining information from or records of members of the news media, and regardless of whether the compulsory legal process seeks testimony, physical or electronic documents, telephone toll or other communications records, metadata, or digital content.

In other words, the revision closes loopholes used under the Trump Administration.

What journalism isn’t

More generally, DOJ has reconceptualized the regulation though the use of exceptions.

Some of these are exceptions that permit the compelled process of a journalist, the most interesting new one of which entails evidentiary authentication with DAAG authorization.

(1) To authenticate for evidentiary purposes information or records that have already been published, in which case the authorization of a Deputy Assistant Attorney General for the Criminal Division is required;

This may be a response to the need to get journalists to validate videos they took on January 6.

DOJ has slightly reworked an existing section that at least used to be tailored to the definition covered by FISA (and FISA surveillance of journalists is in no way excluded from these regulations). It still includes the same language excepting an agent of a foreign power or someone who aids or abets one.

A foreign power or agent of a foreign power, as those terms are defined in section 101 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801);

In at least one of the reworked categories, the regulations represent an (entirely reasonable) expansion. The regulation includes this definition of terrorist activity — adding 18 USC 2339B, C, and D — which not only aren’t tied to State’s Foreign Terrorist Organization designations, but also includes (with C) funding for what could be domestic terrorism.

Committing or attempting to commit the crimes of providing material support or resources to terrorists or designated foreign terrorist organizations, providing or collecting funds to finance acts of terrorism, or receiving military-type training from a foreign terrorist organization, as those offenses are defined in 18 U.S.C. 2339A, 2339B, 2339C, and 2339D; or

Seamus Hughes pointed me to this case in which three white supremacists were prosecuted under 18 USC 2339A as an example of how this might apply to domestic terrorists. The new regulations add a review by the National Security Division head on these categories, but since John Demers approved the data collection on real journalists under the Trump Administration, that’s unlikely to be a very useful protection.

Another new exception — this time not associated with newsgathering — is for an investigation targeting a journalist’s non-journalist housemate or similar who is the subject of an investigation.

To obtain information or records of a non-member of the news media, when the nonmember is the subject or target of an investigation and the information or records are in a physical space, device, or account shared with a member of the news media;

But the biggest change is that, in addition to that tweaked list of national security exceptions, DOJ added a bunch of more common crimes that journalism doesn’t include:

(B) Except as provided in paragraph (b)(2)(ii)(A) of this section, newsgathering does not include criminal acts committed in the course of obtaining information or using information, such as: breaking and entering; theft; unlawfully accessing a computer or computer system; unlawful surveillance or wiretapping; bribery; extortion; fraud; insider trading; or aiding or abetting or conspiring to engage in such criminal activities, with the requisite criminal intent.

The distinctions are not entirely clearcut though. Of most concern, what distinguishes a journalist reporting on tech vulnerabilities and a hacker is that “requisite criminal intent,” and one often determines that by accessing content.

Incorporation of cases against recent not-journalism cases

Importantly, however, these crimes include a number of the cases that got journalists all hot and bothered but which, under the new rules, are very clearcut (Savage’s professed uncertainty about Project Veritas notwithstanding).

DOJ’s approach to Julian Assange didn’t begin change until he helped Edward Snowden flee to Russia and Assange wasn’t charged — initially, with attempting to help Chelsea Manning crack a password, itself included in one of the distinguishing crimes — until after he had aided and abetted Russia in a hack-and-leak campaign, one of the national security exceptions. The Espionage charges against Assange were filed after Russia attempted to exfiltrate Assange at the end of 2017. Any superseding indictment of Assange in the future would likely include an extortion claim and an aid-and-abet claim of Josh Schulte’s hacking of the CIA, for which Assange clearly expressed the criminal intent.

With regards to Project Veritas, the very first subpoena targeting their office manager (one obtained while Bill Barr was still Attorney General) listed 18 USC 873, blackmail — a kind of extortion — among the crimes under investigation, and their own defenses raised the possibility of extortion. Plus, Robert Kurlander’s statement of offense described trying to raise the price Project Veritas would pay for Ashley Biden’s diary because it was “literally a stolen diary.” So these new guidelines, applied retroactively, make the Project Veritas search an obvious exception.

The distinction between certain crimes and journalism would encompass three other, still undisclosed investigations into journalists last year described in DOJ’s report on legal process. The first was into insider trading:

In connection with an investigation of securities fraud and wire fraud relating to insider trading activities, a Deputy Assistant Attorney General authorized a U.S. Attorney’s Office to apply for a warrant to search the person, personal effects, and cellular telephones of a member of the news media who was the subject of the insider trading investigation. Investigators had established probable cause that the member of the news media had participated in the insider trading activities with three coconspirators and was in communication with the primary target of the investigation, a former U.S. Congressperson; and that the information seized pursuant to the search warrant would lead to further evidence. Investigators had pursued multiple avenues to obtain the evidence, without success, and had exhausted all investigative leads. The Department’s News Media Policy generally requires that the Attorney General must approve any application to search the communications records of a member of the news media, see 28 C.F.R. § 50.10(d)(1), but here, because the suspected criminal conduct was wholly outside the scope of the member of the news media’s newsgathering activities, a Deputy Assistant Attorney General for the Criminal Division authorized the search warrant applications pursuant to the “suspect exception” of the Privacy Protection Act (PPA), see 28 C.F.R. § 50.10(d)(4).

The second was into fraud and money laundering.

In connection with a fraud and money laundering investigation involving employees of a news media entity, a Deputy Assistant Attorney General authorized a U.S. Attorney’s Office to search stored electronic content of email accounts maintained by a member of the news media and its affiliate entity; and to issue a subpoena to a thirdparty service provider for information relating to accounts maintained by a member of the news media. The Department’s News Media Policy generally requires that the Attorney General must approve any application to search the communications records of a member of the news media, see 28 C.F.R. § 50.10(d)(1), but here, because the suspected criminal conduct was wholly outside the scope of the entities’ and employees’ newsgathering activities, a Deputy Assistant Attorney General for the Criminal Division authorized the search warrant applications pursuant to the “suspect exception” of the PPA, see 28 C.F.R. § 50.10(d)(4).

A third investigation last year into stalking that included the use of spyware and hacking.

In connection with an investigation of a member of the news media for stalking offenses, a Deputy Assistant Attorney General authorized a U.S. Attorney’s Office to apply for a warrant to search the email account of the member of the news media. Investigators had established probable cause that the member of the news media had engaged in harassment and stalking of multiple people, including through the installation and use of spyware and the hacking of social media accounts, as well as employing several means to damage the reputations of the parties the member of the news media was harassing and stalking. The U.S. Attorney’s Office established evidence that the information seized pursuant to the search warrant would lead to evidence regarding the member of the news media’s criminal conduct, which was wholly outside the scope of his newsgathering activities. The Department’s News Media Policy generally requires that the Attorney General must approve any application to search the communications records of a member of the news media, see 28 C.F.R. § 50.10(d)(1), but here, a Deputy Assistant Attorney General for the Criminal Division authorized the search warrant application pursuant to the “suspect exception” of the PPA, see 28 C.F.R. § 50.10(d)(4).

In other words, DOJ has used the lessons from the Trump DOJ’s hunt for journalistic sources, Julian Assange, Project Veritas, and three other undisclosed investigations (and who knows? Perhaps also to media outlets run by Neo-Nazis to help fundraise) to change how they conceive of journalism. All of those are reasonable exceptions from journalism.

There are a bunch of potential loopholes. If DOJ wants a journalist’s content, there are a great many ways they can still get it and because those exceptions would permit sustained secrecy about the searches might never be disclosed.

But these regulations, at a minimum, have established that reporting on classified information is part of journalism and have eliminated a lot of the loopholes to surveillance used to target journalists during the Trump Administration.

Yes, Trump Was Making Notes on Classified Documents

When the Trump search warrant was initially unsealed, many commentators focused on the description of documents bearing Trump’s notes.

From May 16-18, 2022, FBI agents conducted a preliminary review of the FIFTEEN BOXES provided to NARA and identified documents with classification markings in fourteen of the FIFTEEN BOXES. A preliminary triage of the documents with classification markings revealed the following approximate numbers: 184 unique documents bearing classification markings, including 67 documents marked as CONFIDENTIAL, 92 documents marked as SECRET, and 25 documents marked as TOP SECRET. Further, the FBI agents observed markings reflecting the following compartments/dissemination controls: HCS, FISA, ORCON, NOFORN, and SI. Based on my training and experience, I know that documents classified at these levels typically contain NDI. Several of the documents also contained what appears to be FPOTUS ‘s handwritten notes. [my emphasis]

At the time, I thought that was an overreading of the passage. After all, that paragraph is a description of the contents of fifteen boxes, of which just 184 documents have classification markings. Given the context, I believed it was possible this described other documents in the boxes, hand-written documents that also might also contain classified information. Trump’s notes from calls with foreign leaders, for example, might include classified information or be otherwise particularly sensitive.

But one of the newly unsealed passages from the affidavit released yesterday describes Trump’s handwritten notes on the documents on June 3, as well. (As noted, this passage also revealed that at least one of the documents bore a FISA marking, as the first did.)

A preliminary review of the documents contained in the Redweld envelope produced pursuant to the grand jury subpoena revealed the following approximate numbers: 38 unique documents bearing classification markings, including 5 documents marked as CONFIDENTIAL, 16 documents marked as SECRET, and 17 documents marked as TOP SECRET. Further, the FBI agents observed markings reflecting the following caveats/compartments, among others: HCS, SI, and FISA. [redacted] Multiple documents also contained what appears to be FPOTUS’s handwritten notes. [my emphasis]

In this case, there cannot be any doubt: the notes are on documents bearing classification marks. That’s because the only things Evan Corcoran handed over on June 3 were documents bearing classified markings.

In fact, of all the sets of documents turned over or seized, that set includes the highest concentration of Top Secret documents. Almost half those documents turned over were marked Top Secret.

(This table includes the contents of the leatherbound box in the total of classified documents seized on August 8, but also breaks it out, which shows the leatherbound box stored the second highest concentration of Top Secret documents.)

So, yeah, at least some of these documents — multiple, not just several — reflect Trump writing on classified documents.

We don’t yet know what that means. Nor is it clear when he wrote those notes. In fact, FBI might be able to use those notes to prove that Trump has gone back and referred to (and written on) these documents since he left the White House, after such time as the current President decided that the former President no longer had a need to know America’s most sensitive secrets.

The confirmation that Trump took notes on documents bearing classification markings is important background to Trump’s attempt to claim that documents marked classified might be his own personal documents, as he made hints of doing in these passages of his response to the government’s motion for a stay.

Yet, the Government apparently contends that President Trump, who had full authority to declassify documents, “willfully” retained classified information in violation of the law. See 18 U.S.C. § 793(e); [ECF No. 69 at 9].7

7 Of course, classified or declassified, the documents remain either Presidential records or personal records under the PRA.

[snip]

To the extent President Trump may have categorized certain of the seized materials as personal during his presidency, any disagreement as to that categorization is to be resolved under the PRA and cannot possibly form the basis for any criminal prosecution. [my emphasis]

That is, in an attempt to forestall an Espionage Act prosecution (the only time Trump has named the statute), he seems to be entertaining a claim that he first declassified these documents and then, by dint of writing on them, made them his own personal property.

Such an argument raises the stakes on the timing of his notes. If he only wrote on these documents after he left the White House, they would have been declassified government (often, Agency) documents on January 20, 2021, not personal documents. But if he wrote on these as President, then his notations would have been made, “in the course of conducting activities which relate to or have an effect upon the carrying out of the constitutional, statutory, or other official or ceremonial duties of the President,” clearly making them Presidential Records under the Act. Either way, the documents belong in government custody.

The government scoffed at the possibility that Trump could have made classified documents personal records (it does not raise his notes on them).

Plaintiff’s suggestion that he “may have categorized certain of the seized materials as personal [records] during his presidency” pursuant to the PRA, D.E. 84 at 15, if true, would only supply another reason that he cannot assert executive privilege with regard to those records. If Plaintiff truly means to suggest that, while President, he chose to categorize records with markings such as “SECRET” and “TOP SECRET” as his personal records for purposes of the PRA, then he cannot assert that the very same records are protected by executive privilege—i.e., that they are “Presidential communications” made in furtherance of the “performance of his official duties.” Nixon v. GSA, 433 U.S. at 447, 456; see 44 U.S.C. § 2201(3) (defining “personal records” as records “of a purely private or nonpublic character which do not relate to or have an effect upon the carrying out of the constitutional, statutory, or other official or ceremonial duties of the President”). In any event, whether Plaintiff declared documents with classification markings to be his “personal” records for purposes of the PRA has no bearing on the government’s compelling need to review them, both for national security purposes and as part of its investigation into the potentially unlawful retention of national defense information.2

2 Plaintiff’s characterization of the discretion the PRA provides the President to categorize records as “Presidential” or “personal,” D.E. 84 at 14-15 (citing Judicial Watch v. National Archives and Records Administration, 845 F. Supp. 2d 288 (D.D.C. 2012)), is thus irrelevant here. In any event, the district court decision on which Plaintiff relies did not concern classified records and does not support his assertion that a court must accept a former President’s claim that records that indisputably qualify as Presidential records under the PRA are instead personal records. Instead, the court in Judicial Watch concluded that it could not compel the National Archives and Records Administration to revisit a President’s decision about such a categorization. 845 F. Supp. 2d at 300-301. More fundamentally, the district court’s analysis in Judicial Watch has no bearing on the application of criminal law regarding unauthorized retention of national defense information, unauthorized removal of government documents, or obstruction of justice. 18 U.S.C. §§ 793, 2071, 1519.

If Trump claims to have made these classified documents his own personal documents while President (by writing on them), it would more clearly amount to theft, because otherwise any notes he wrote would be part of his official business, as noted above. But that’s currently what Trump is offering up as his defense.

Because he is suggesting that classified documents were declassified and made personal, the notes make it more likely that Trump used America’s secrets for his own private gain either during or after he left the Presidency. In fact, that appears to be the argument he’s offering in his defense!

Update: Tried to clarify my logic in the final two paragraphs per observations from Ariel817.

Go to emptywheel resource page on Trump Espionage Investigation.

Did Kash Patel Already Confess to Illegally Disseminating Carter Page FISA Information?

I’m pretty proud of how closely my two posts (first, second) predicted what the likely and known contents of the Trump affidavit would be. I pretty accurately described the structure, the contents, and many of the known details of what we’ve seen of the application so far.

That’s especially true of the statutory section. I not only predicted that — “Particularly given the novel legal issues implicating a search of the former President” — there would be a substantial statutory background section, but that, “If there’s a version of this statutory language, it may be among the things DOJ would acquiesce to releasing.”

Which they did.

And, to a significant extent, I predicted what would be in that statutory section. Here is that section of my post, with the paragraphs of the Trump affidavit where that language appears in bold and linked.

Everything I expected to be in there, was in there. The details I didn’t anticipate, though, are pretty noteworthy.

That’s particularly true of the section describing special designations. These designations all stem from what the FBI found in the 15 boxes Trump returned in January.

From May 16-18, 2022, FBI agents conducted a preliminary review of the FIFTEEN BOXES provided to NARA and identified documents with classification markings in fourteen of the FIFTEEN BOXES. A preliminary triage of the documents with classification markings revealed the following approximate numbers: 184 unique documents bearing classification markings, including 67 documents marked as CONFIDENTIAL, 92 documents marked as SECRET, and 25 documents marked as TOP SECRET. Further, the FBI agents observed markings reflecting the following compartments/dissemination controls: HCS, FISA, ORCON, NOFORN, and SI. Based on my training and experience, I know that documents classified at these levels typically contain NDI. Several of the documents also contained what appears to be FPOTUS ‘s handwritten notes.

If the FBI found a document of a particular type in May, it included that designation in this statutory section.

The Atomic Energy Act was not included, which means (as some knowledgable people predicted in advance), if Trump had nuke documents, they’re not about our nukes, they’re about someone else’s. Trump’s affidavit also includes a description of HCS and SI, Human and Signals Intelligence, designations which have appropriately sobered the response of at least some Republicans, because they mean Trump could get someone killed.

The mention of ORCON — Originator Controlled material — would mostly matter if the FBI found that one of NSA documents that Mike Ellis was sharing with unauthorized people and places during the period Trump was packing up were among the things in the boxes. Those documents were both described as relating to (a or some), “controlled, compartmented NSA program,” in the Inspector General Report on Ellis and the designation ORCON would matter more if documents were retained after the Originator made a sustained effort to get them back, as NSA did in this case.

It’s the mention of FISA, though, that I should have anticipated, and which could present heightened legal problems for Trump — and Kash Patel, and others.

14. Foreign Intelligence Surveillance Act, or “FISA,” is a dissemination control designed to protect intelligence information derived from the collection of information authorized under the Foreign Intelligence Surveillance Act by the Foreign Intelligence Surveillance Court, or “FISC.”

That’s because both Kash and John Solomon have been attempting to create an alibi for information that may include the final Carter Page application. And, as that preliminary review determined, there was at least one FISA document in the boxes returned in January.

On top of any violations of the Espionage Act, if Trump took a copy of that with him after he was fired, it might constitute unlawful dissemination under FISA.

Between them, Kash and Solomon — whom Trump made his representatives to NARA on June 19 — have described that materials relating to the Russian investigation were among those NARA found in the returned boxes and that they might include a Carter Page FISA warrant (which I assume must mean the application).

There’s the May 5 column in which Kash claimed that everything that had been returned in the 15 boxes had been declassified.

“Trump declassified whole sets of materials in anticipation of leaving government that he thought the American public should have the right to read themselves,” Patel told Breitbart News in a phone interview.

“The White House counsel failed to generate the paperwork to change the classification markings, but that doesn’t mean the information wasn’t declassified,” Patel said. “I was there with President Trump when he said ‘We are declassifying this information.’”

In that column, Kash exhibited knowledge that the materials included documents from “Russiagate” [sic] and Impeachment 1.0.

“It’s information that Trump felt spoke to matters regarding everything from Russiagate to the Ukraine impeachment fiasco to major national security matters of great public importance — anything the president felt the American people had a right to know is in there and more.”

That’s the column cited in the Trump affidavit — though there’s at least one sentence of that paragraph that remains redacted.

I am aware of an article published in Breitbart on May 5, 2022, available at https://www.breitbart.com/politicsi2022i05/05/documents-mar-a-lago-marked-classified-wereah-eadv-declassifi.ed-kash-patel-savs/, which states that Kash Patel, who is described as a former top FPOTUS administration official, characterized as ”misleading” reports in other news organizations that NARA had found classified materials among records that FPOTUS provided to NARA from Mar-a-Lago. Patel alleged that such reports were misleading because FPOTUS had declassified the materials at issue. [redacted]

Kash has issued a statement complaining, even though he had no complaint when information about Michael Isikoff was unsealed in the Carter Page FISA application for a similar published statement.

More interesting still, on July 20, John Solomon (who did a podcast on January 14, 2021 bragging of detailed knowledge of what Russian investigation materials would be released in the coming days) described having newly obtained a January 20, 2021 Mark Meadows memo to DOJ instructing them to declassify documents from the Russian investigation.

Even though the Meadows memo cites from Trump’s own January 19, 2021 order stating that the declassification, “does not extend to materials that must be protected from disclosure pursuant to orders of the Foreign Intelligence Surveillance Court,” Solomon described that the declassified information did include both transcripts of “intercepts made by the FBI of Trump aides,” (which may have included the intercepts of Mike Flynn obtained by targeting Sergey Kislyak which, because the intercepts took place in the US, may have been conducted under FISA) and “a declassified copy of the final FISA warrant approved by an intelligence court.”

The declassified documents included transcripts of intercepts made by the FBI of Trump aides, a declassified copy of the final FISA warrant approved by an intelligence court, and the tasking orders and debriefings of the two main confidential human sources, Christopher Steele and Stefan Halper, the bureau used to investigate whether Trump had colluded with Russia to steal the 2016 election.

In the end, multiple investigations found there was no such collusion and that the FBI violated rules and misled the FISA court in an effort to keep the probe going.

The documents that Trump declassified never saw the light of day, even though they were lawfully declassified by Trump and the DOJ was instructed by the president though Meadows to expeditiously release them after redacting private information as necessary. [my emphasis]

Curiously, the PDF of the Mark Meadows memo Solomon linked (my link) — which includes a staple mark and other oddities for an original document preserved by NARA — shows a September 27, 2021 creation date, with a modification date just days after Trump designated Solomon as his representative at NARA. (h/t @z3dster for the observation)

Back to Solomon’s implication that the documents in question — documents that Kash had suggested were among those boxed and sent back to NARA — included the final Carter Page warrant.

If the former President’s stash included an unredacted copy of the final FISA application targeting Carter Page, it could mean additional trouble for him and anyone else involved.

Even a Kislyak intercept would, because it would impact Mike Flynn’s privacy.

Similarly, even if, after three years of effort led largely by Kash Patel, an Inspector General hadn’t deemed the Carter Page FISA applications problematic, Trump took the Carter Page warrant application home after he left office, it would be an egregious violation of FISA’s minimization procedures, which strictly limit how such material can be disseminated. A disgruntled former government’s employee’s desire to spread propaganda about his tenure is not among the approved dissemination purposes.

But Carter Page, almost uniquely of any American surveilled under FISA, has special protections against such things happening.

That’s because in the wake of the IG Report on Carter Page, and in the wake of Bill Barr’s DOJ withdrawing its claim of probable cause for the last two Page warrants, James Boasberg required the government to ensure that materials for which there might not have been probable cause were no longer disseminated. In issuing that order, Boasberg cited 50 USC 1809(a)(2), the part of FISA that makes it a crime, punishable by a five year sentence, to disseminate improperly collected material from a targeted person. As a result, in June 2020, Boasberg issued an order sequestering the material collected from the Carter Page FISA except for five designated purposes.

Indulging the former President’s tantrum is not one of those five purposes.

And Trump and Kash, especially, have reason to know about this sequester. That’s because in October 2020 — at a time when Kash was still babysitting John Ratcliffe at DNI — DOJ violated the sequester by sharing information on Page with the Jeffrey Jensen and John Durham inquiries. As far as we know, that violation of the sequester order didn’t result in surveillance records on Carter Page being stored in a poorly secured storage closet in a resort hotel, but it still involved a hearing before the FISC and a public scolding.

If there’s an unredacted copy of the Page application, it would mean sections like this and this would be unsealed. There’s even a description of the emails that Page sent to the campaign bragging about his access to top Russian officials that, because of how it came to be in the application, would be subject to Boasberg’s sequestration order. There might even be contacts that Page had with Steve Bannon, whose privacy would also be implicated. Disseminating any of that stuff in unredacted form is, by itself, a crime, one the FISC has warned Trump and Kash’s bosses about repeatedly.

In his January 2021 podcast, Solomon claimed that the material Trump wanted to release would prove he was spied on. To show that from materials relating to Carter Page would require sharing information specifically covered by the sequestration order. Shipping that from the White House to Mar-a-Lago would be a crime. Sharing it from there would definitely be a crime. And any authorization would have to involve the FISA Court. No President — not Trump and not Biden — can lawfully ignore that order.

Since at least May, both Kash and Solomon seem frantic to help Trump develop a cover story. And their frantic efforts seem to explicitly include materials pertaining to Carter Page.

And that’s why the confirmation that Trump had FISA materials in his stolen boxes could present additional headaches for the former President and his flunkies.

On CIPA and Sequestration: Durham’s Discovery Deadends

In this post, I laid out the range of highly classified or other potentially unavailable information that Igor Danchenko will be able to make a credible claim to need to defend himself against charges he knowingly lied to the FBI.

That list includes:

  • Details about a Section 702 directive targeting Danchenko’s friend, Olga Galkina
  • Extensive details about Sergei Millian’s Twitter account, including proof that Millian was always the person running it
  • Details of the counterintelligence investigation into Millian
  • Materials relating to Millian’s cultivation, in the same weeks as a contested phone call between Danchenko and Millian, of George Papadopoulos
  • Evidence about whether Oleg Deripaska was Christopher Steele’s client for a project targeting Paul Manafort before the DNC one
  • All known details of Deripaska’s role in injecting disinformation into the dossier, up through current day
  • Details of all communications between Deripaska and Millian
  • Details of the counterintelligence investigation into Carter Page
  • Both the FISA applications targeting Page and the underlying discussions about them
  • FISA-obtained collection that is helpful and material to Danchenko’s defense, including all substantive collection incriminating Page obtained before Danchenko’s January interviews, and all intelligence relating to the specific alleged lies in the indictment
  • Materials relating to FBI’s attempt to corroborate the dossier, including materials from Page’s FISA collection that either corroborated or undermined it

As I noted, I know of no prior case where a defendant has had notice of two separate FISA orders as well as a sensitive ongoing counterintelligence investigation and a credible claim to need that information to mount a defense. Durham has committed to potentially impossible discovery obligations, all to prosecute five (or maybe two) lies that aren’t even alleged to have willingly obstructed an investigation. For reasons I lay out below, Durham may not, legally, be able to do that.

To be quite clear: that Danchenko can make a credible claim to need this stuff doesn’t mean he’ll get it, much less be permitted to present it at trial. But, particularly given that the two FISA orders and the counterintelligence investigations have all been acknowledged, DOJ can’t simply pretend they don’t have the evidence. For perhaps the first time ever, DOJ doesn’t get to decide whether to rely on FISA information at trial, because the indictment was written to give the defense good cause to demand it.

Still, much of this stuff will be dealt with via the Classified Information Proecdures Act, CIPA. CIPA is a process that purports to give the government a way to try prosecutions involving classified information, balancing discovery obligations to a defendant with the government’s need to protect classified information. (Here’s another description of how it works.)

Effectively, Danchenko will come up with a list similar to the one above of classified information he believes exists that he needs to have to mount a defense. The government will likewise identify classified information that it believes Danchenko is entitled to under discovery rules. And then the judge — Anthony Trenga, in this case — decides what is material and helpful to Danchenko’s defense. Then the government has the ability to “substitute” language for anything too classified to publicly release, some of it before ever sharing with the defendant, the rest after a hearing including the defense attorneys about what an adequate substitution is.

Here’s a fragment of an exhibit from the Joshua Schulte case that shows the end product of the CIPA process: The CIA was able to replace the name of a vendor the CIA used (presumably as a cover) with the generic word, “vendor,” thereby preventing others from definitively attributing the cover with the CIA. It replaced the description of those who would use the hacking tool with “operators.” Elsewhere, the same exhibit replaced the name of one of Schulte’s colleagues. It redacted several other words entirely.

Here are some more exhibits — CIA Reports submitted at the Jeffrey Sterling trial — that show the outcome of the CIPA process.

On top of the fact that CIPA adds a way for the government to impose new roadblocks on discovery (and discovery only begins after a defendants’ attorneys are cleared), it can end up postponing the time when the defendant actually gets the evidence he will use at trial. So it generally sucks for defendants.

But the process is also onerous for the prosecutor. Basically, the prosecutor has to work with classification authorities from the agency or agencies that own particular classified information and cajole them to release enough information to get past the CIPA review. In my earlier post, I described that Patrick Fitzgerald had to do this with the Presidential Daily Briefs, and it took him several attempts before he had declassified enough information to satisfy Judge Reggie Walton that it provided Scooter Libby with the means to make his defense. If the agency involved in the CIPA process hasn’t totally bought off on the importance of the prosecution, they’re going to make the process harder. Often, the incentive for agencies to cooperate stems from the fact that the defendant is accused of leaking secrets that the agency in question wants to avenge.

Because the process is so onerous, DOJ works especially hard to get defendants to plead before the CIPA process, and often because the defendant is facing the kind of stiff sentence that comes with Espionage charges, CIPA makes it more likely they’ll plead short of trial.

Those two details already make Danchenko’s trial different from most CIPA cases. That’s true, first of all, because Danchenko never had any agency secrets, and prosecutors will be forced to persuade multiple agencies (at least the FBI and NSA, and possibly CIA and Treasury) to give a Russian national secrets even though his prosecution will set no example against leaking for the agencies. Indeed, the example Danchenko will be setting, instead, is that the FBI doesn’t honor its commitments to keep informant identities safe. Additionally, there’s little reason for Danchenko to plead guilty, as the punishment on five 18 USC 1001 charges would not be much different than one charge (remember, Kevin Clinesmith got probation for his 18 USC 1001 conviction), and Danchenko would still face deportation after he served any sentence, where he’s likely to face far greater retaliation than anything US prisons would pose. That will influence the CIPA process, too, as a successful prosecution would likely result in the Russian government coercing access to whatever secrets that intelligence agencies disclose to Danchenko during the prosecution.

CIPA always skews incentives, but this case skews incentives differently than other CIPA cases.

Add in that Judge Trenga, the judge in this case, has been pondering CIPA issues of late in the case of Bijan Kian, Mike Flynn’s former partner, who was prosecuted on Foreign Agent charges. Trenga was long unhappy with the way DOJ charged Kian’s case, and grew increasingly perturbed with DOJ’s attempts to salvage the case after Flynn reneged on his cooperation agreement. Trenga overturned the jury’s guilty verdict, but was subsequently reversed on that decision by the Fourth Circuit. Since then, Kian has been demanding two things: more access to classified materials underlying evidence he was given pursuant to the CIPA process right before trial showing previously undisclosed contacts between Flynn and Ekim Alptekin not involving Kian, and a new trial, partly based on late and inadequate disclosure of that CIPA information.

Following a series of ex parte hearings regarding classified evidence pursuant to the Confidential Information Procedures Act (“CIPA”), the government, on the eve of trial, handed Rafiekian a one-sentence summary, later introduced as Defendant’s Exhibit 66 (“DX66”), informing Rafiekian that the government was aware of classified evidence relating to interactions between Flynn and Alptekin that did not “refer[] to” Rafiekian. DX66.1 Following receipt of DX66, Rafiekian immediately sought access to the underlying information pursuant to CIPA because “[i]t goes right to the question of what happened and what he knew and what statements were made and who was making them,” and “[i]f Mr. Rafiekian is convicted without his counsel having access to this exculpatory evidence, we believe it will go right to the heart of his due process and confrontation rights.” Hr’g Tr. 31 (Jul. 12, 2019), ECF No. 309. The Court took the request under advisement, noting that it “underst[ood] the defense’s concern and w[ould] continue to consider whether additional disclosure of information” would be necessary as the case developed. Id. at 32. At trial, the government used DX66 in its rebuttal argument in closing to show that Rafiekian participated in the alleged conspiracy—“even though the information in that exhibit related solely to Flynn and explicitly excluded Rafiekian.” Rafiekian, 2019 WL 4647254, at *17.

1 DX66 provides in full: The United States is in possession of multiple, independent pieces of information relating to the Turkish government’s efforts to influence United States policy on Turkey and Fethullah Gulen, including information relating to communications, interactions, and a relationship between Ekim Alptekin and Michael Flynn, and Ekim Alptekin’s engagement of Michael Flynn because of Michael Flynn’s relationship with an ongoing presidential campaign, without any reference to the defendant or FIG.

With regards to the first request, Trenga has ruled that Kian can’t have the underlying classified information, because (under CIPA’s guidelines) the judge determined that, “the summary set forth in DX Exhibit 66 provides the Defendant with substantially the same ability to make his defense as would disclosure of the specific classified information.” But his decision on the second issue is still pending and Trenga seems quite open to Kian’s request for a new trial. So Danchenko and Durham begin this CIPA process years into Trenga’s consideration about how CIPA affects due process in the Kian case. I don’t otherwise expect Trenga to be all that sympathetic to Danchenko, but if Trenga grants Kian a new trial because of the way prosecutors gained an unfair advantage with the CIPA process (by delaying disclosure of a key fact), it will be a precedent for and hang over the CIPA process in the Danchenko case.

Then there are unique challenges Durham will face even finding everything he has to provide Danchenko under Brady. In the Michael Sussmann case, I’ve seen reason to believe Durham doesn’t understand the full scope of where he needs to look to find evidence relevant to that case. But given the centrality of investigative decisions in the Danchenko case — and so the Mueller investigation — to Durham’s materiality claims, Durham will need to make sure he finds everything pertaining to Millian, Papadopoulos, and Kiliminik and Deripaska arising out of the Mueller case. In the case of Steve Calk, that turned out to be more difficult than prosecutors initially imagined.

But all of these things — the multiple sensitive investigations relevant to Danchenko’s defense, normal CIPA difficulties, unique CIPA difficulties, and the challenges of understanding the full scope of the Mueller investigation — exist on top of another potential problem: DOJ doesn’t control access to some of the most important evidence in this case.

As I noted in my earlier post, there are multiple things FBI obtained by targeting Carter Page that Danchenko will be able to demand to defend himself against Durham’s materiality claims. For example, FBI obtained information under FISA that seems to undercut Page’s claims that he didn’t meet with Igor Diveykin, a claim Danchenko sourced to Olga Galkina, who is central to Durham’s materiality claims.

If this information really does show that Page was lying about his activities in Russia, it would provide proof that after the initial FISA order, FBI had independent reason to target Page.

Similarly, FBI believed that Page’s explanation for how he destroyed the phone he was using in Fall 2016 was an excuse made up after he knew he was being investigated; that belief seems to be based, in part, on information obtained under FISA.

The FBI’s suspicions about that broken phone seem to be related to their interest in collecting on an encrypted messaging app Page used, one of the two reasons why FBI sought reauthorization to target Page in June 2017. Danchenko will need this information to prove that the June 2017 reauthorization was driven entirely by a desire to get certain financial and encrypted communication evidence, and so could not have been affected by Danchenko’s May and June 2017 interviews.

Information obtained from targeting Page under FISA will similarly be central to Danchenko’s defense against Durham’s claims that his alleged lies prevented FBI from vetting the dossier. That’s because the spreadsheet that FBI used to vet the dossier repeatedly relied on FISA-collected information to confirm or rebut the dossier. Some of that pertains to whether Page met with Igor Diveykin, an allegation Danchenko sourced to Olga Galkina, making it central to his defense in this case.

Other FISA-collected material was used to vet the Sergei Millian claim, which Durham charged in four of five counts.

Some of this may not be exculpatory (though some of it clearly would be). But it is still central to the case against Danchenko.

The thing is, Durham may not be legally able to use this information in Danchenko’s prosecution, and even if he is, it will further complicate the CIPA process.

Back on January 7, 2020, James Boasberg — acting in his role as the then-presiding FISA Judge — ordered that the FBI adopt limits on the use of any information obtained via the four Carter Page FISA orders. Such orders are one of the only tools that the FISA Court has to prohibit the use of information that the Executive collects but later determines did not comply with FISA (the government only retracted the probable cause claims for the third and fourth FISA orders targeting Page, but agreed to sequester all of it). A subsequent government filing belatedly obtaining permission to use material obtained via those FISA orders in conjunction with Carter Page’s lawsuit laid out the terms of that sequester. It revealed that, according to a June 25, 2020 FISA order, the government can only legally use material obtained under those FISA orders for the following purposes:

  1. Certain identified ongoing third-party litigation pursuant to the Freedom of Information Act (FOIA)
  2. Ongoing and anticipated FOIA and civil litigation with Page
  3. FBI review of the conduct of its personnel involved in the Page investigation
  4. DOJ OIG monitoring of the implementation of one of the recommendations stemming from the OIG Report
  5. The review of the conduct of Government personnel in the Page and broader Crossfire Hurricane investigations [my emphasis]

On November 23, 2020, Boasberg issued a follow-up order in response to learning, on October 21, 2020, that DOJ had already shared sequestered FISA information with the US Attorney for Eastern Missouri (the Jeffrey Jensen review), the US Attorney for DC (possibly, though not certainly, the Durham case), and the Senate Judiciary Committee (FISC may have learned of the latter release when the vetting spreadsheet was publicly released days before DOJ informed FISC of that fact). Effectively, Bill Barr’s DOJ had confessed to the FISA Court that it had violated FISA by disseminating FISA-collected information later deemed to lack probable cause without first getting FISC approval. Boasberg ordered DOJ to “dispossess” the MOE USAO and DC USAO of the sequestered information and further ordered that those US Attorneys, “shall not access materials returned to the FBI … without the prior approval of the Court.”

There’s no evidence that Durham obtained approval to access this information (though DOJ applications to FISC often don’t get declassified, so it’s not clear it would show up in the docket). And when I asked DOJ whether Durham had obtained prior approval to access this sequestered information even for his own review, much less for use in a prosecution, I got no response. While accessing the sequestered material for review of the conduct of Government personnel is among those permitted by the original order (bolded above), using it to review the conduct of non-governmental sources like Danchenko was not, to say nothing of prosecuting such non-governmental sources. To get approval to use sequestered information in the Danchenko case, Durham would have to convince FISC to let Durham share such information with a foreign national whose prosecution would lead to his deportation to Russia. And if he shared the information without FISC approval, then Durham himself would be violating FISA.

To be sure, it would be the most unbelievable kind of malpractice to charge the Danchenko case without, first, ascertaining how Durham was going to get this sequestered information. I’d be shocked if Durham hadn’t gotten approval first. But then, I was shocked that when Durham charged Kevin Clinesmith, he didn’t know what crimes FBI investigated Page for. I am shocked that Durham used Sergei Millian’s Twitter feed to substantiate a factual claim that Millian didn’t speak with Danchenko. So who knows? Maybe Durham has not yet read this evidence, to say nothing of ensuring he can share it with a Russian national in discovery. It would shock me, but I’m growing used to being shocked by Durham’s recklessness.

In any case, depending on what the FISC has decided about disseminating — and making public — this sequestered information, it will, at the very least, create additional challenges for Durham. Durham couldn’t just assert that DOJ IG had determined that the this information was not incriminating to Page and therefore not helpful to Danchenko to avoid sharing the sequestered FISA information. Under CIPA, Judge Trenga would need to review the information himself and assess whether information obtained under Page’s FISA was material and helpful to Danchenko’s defense. If he decided that Danchenko was entitled to it in his defense, then Durham might have to fight not just with FBI and NSA to determine an adequate substitution for that information, but also FISC itself.

CIPA assumes that the Executive owns the classification decisions regarding any information to be presented at trial, and therefore the Executive gets to balance the value of the prosecution against the damage declassifying the information would do. Here, as with Fitzgerald, a Special Counsel will be making those decisions, setting up a potential conflict with all the agencies that may object. But here, FISC has far more interest in the FISA information than it would if (say) it were just approving the use of FISA-obtained material to prosecute the person targeted by that FISA.

Again, John Durham is going to have to declassify a whole bunch of sensitive information, including information sequestered to protect Carter Page, to give it to a foreign national who never had those secrets such that, if Durham succeeds at trial, it may lead inevitably to Russia obtaining that sensitive information. All that for five shoddily-charged false statements charges. This is the kind of challenge that a prosecutor exercising discretion would not take on.

But Durham doesn’t seem to care that he’s going to damage all the people he imagines are victims as well as national security by bringing this case to trial.

Danchenko posts

The Igor Danchenko Indictment: Structure

John Durham May Have Made Igor Danchenko “Aggrieved” Under FISA

“Yes and No:” John Durham Confuses Networking with Intelligence Collection

Daisy-Chain: The FBI Appears to Have Asked Danchenko Whether Dolan Was a Source for Steele, Not Danchenko

Source 6A: John Durham’s Twitter Charges

John Durham: Destroying the Purported Victims to Save Them

John Durham’s Cut-and-Paste Failures — and Other Indices of Unreliability

Aleksej Gubarev Drops Lawsuit after DOJ Confirms Steele Dossier Report Naming Gubarev’s Company Came from His Employee

In Story Purporting to “Reckon” with Steele’s Baseless Insinuations, CNN Spreads Durham’s Unsubstantiated Insinuations

On CIPA and Sequestration: Durham’s Discovery Deadends

The Disinformation that Got Told: Michael Cohen Was, in Fact, Hiding Secret Communications with the Kremlin