There’s a detail about the Reality Winner case that I’ve been thinking about. She appears to have known to look for the report she ultimately leaked to The Intercept. From the SW affidavit:

On or about May 9. 2017. four days after the publication of the classified report, WINNER conducted searches on the U.S. Government Agency’s classified system for certain search terms, which led WINNER to identify the intelligence reporting. On or about May 9, 2017, WINNER also printed the intelligence reporting. A review of WINNER’S computer history revealed she did not print any other intelligence report in May 2017.

And the complaint:

On June 3, 2017, your affiant spoke to WINNER at her home in Augusta, Georgia. During that conversation, WINNER admitted intentionally identifying and printing the classified intelligence reporting at issue despite not having a “need to know,” and with knowledge that the intelligence reporting was classified.

So days after a report for which she didn’t have the need to know was completed, she knew the search terms to use to find it.

How did she learn about it?

I assume she heard about it from chatter among colleagues (I wonder whether anyone else who didn’t have a need to know searched for the report as well, perhaps only to read it to leak its substance?). But I find it striking that a somewhat innocuous report generated enough chatter for her to go looking for it.

Yesterday, former Homeland Security Secretary Jeh Johnson spent 90 minutes meeting with the Senate Intelligence Committee’s Russian investigators.

Today, Bloomberg reports that Russian probes of election-related targets was far more extensive than previously reported, reaching into 39 states. It relies on three unnamed sources for the story, either including, or in addition to, at least one former senior US official.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

[snip]

Another former senior U.S. official, who asked for anonymity to discuss the classified U.S. probe into pre-election hacking, said a more likely explanation is that several months of hacking failed to give the attackers the access they needed to master America’s disparate voting systems spread across more than 7,000 local jurisdictions.

[snip]

One former senior U.S. official expressed concern that the Russians now have three years to build on their knowledge of U.S. voting systems before the next presidential election, and there is every reason to believe they will use what they have learned in future attacks. [my emphasis]

The report also uses the document allegedly leaked by Reality Winner as corroboration and confirmation of one of the companies targeted, rather curiously included as a parenthetical comment.

(An NSA document reportedly leaked by Reality Winner, the 25-year-old government contract worker arrested last week, identifies the Florida contractor as VR Systems, which makes an electronic voter identification system used by poll workers.)

The Bloomberg story is critically important, as it should provide pressure on the Republicans for real protections for voting systems, even if they’ll probably ignore that pressure. It provides far more details than the Winner document did. That said, much of this information might come out formally in Jeh Johnson testimony before the House Intelligence Committee.

I raise all this to note that the treatment of Bloomberg’s sources will be dramatically different than that of Winner. I’d bet there won’t even be a referral for this story, especially if it relies on (as is likely) information shared by people protected by the speech and debate clause and/or people who might have been original classification authorities (OCAs — the people who get to decide whether something is classified or not) for this information in the past.

Perhaps that is as it should be. Perhaps our democracy has unofficially agreed that OCAs and congressional staffers should serve as kind of a relief valve, the place where classified information may be leaked without criminal penalty. Perhaps we believe those kinds of people have a better read on whether the interests of leaking outweigh the sensitivity of an issue. Though obviously, when OCAs like David Petraeus become impossible to punish (or former SSCI staff director Bill Duhnke, who was the FBI’s primary suspect for the Merlin leak, but who was protected by the Senate’s refusal to cooperate), that creates a profoundly unequal system of justice. Reality Winner can be prosecuted even while people leaking similar — perhaps even more sensitive — information within weeks might not even be investigated.

To be clear, I don’t want Bloomberg’s sources to be investigated. But we need to acknowledge the double standards for leakers in this country.

This post may make me some enemies in DC.

But the privacy community appears to be missing some critical points in this letter accusing Dan Coats of reneging on his promise to provide an estimate of how many Americans have been sucked up in Section 702 surveillance. The letter rehearses what it claims is the history of NSA counting or not counting how many Americans get collected under Section 702, going back to 2011.

This debate began in 2011 when Senator Wyden first asked Director Clapper to provide an estimate.2 In 2012, the Inspector General of the Intelligence Community claimed that such an estimate would not be possible because the process of establishing the estimate would violate the privacy of U.S. persons, and require too many resources.3

Yet in the same letter, it claims that NSA managed to do a count of Americans implicated in upstream surveillance in 2011.

First, the NSA previously undertook an effort to provide the Foreign Intelligence Surveillance Court (FISC) with a similar estimate, and “there is no evidence that this undertaking impeded any NSA operations.”5 There, in order to address the FISC’s concerns about the number of wholly domestic communications that were being collected under Section 702, the NSA “conducted a manual review of a random sample consisting of 50,440 Internet transactions taken from the more than 13.25 million Internet transactions acquired through the NSA’s upstream collection during a six month period.”6

It is absolutely true that NSA “undertook an effort” to provide the number of Americans implicated in upstream surveillance. But it was not “a similar estimate.” On the contrary, NSA only obtained an estimate of entirely domestic communications collected as part of multiple communication transactions, MCTs. It did not — not even after Bates asked — come up with an estimate of how many entirely domestic communications NSA collected via upstream collection as single communication transactions, much less an estimate of all the Americans collected.

Here’s how John Bates described it in the opinion cited in footnote 6.

NSA’s manual review focused on examining the MCTs acquired through NSA’s upstream collection in order to assess whether any contained wholly domestic communications. Sept. 7, 2011 Hearing Tr. at 13-14. As a result, once NSA determined that a transaction contained a single, discrete communication, no further analysis of that transaction was done. See August 16 Submission at 3. After the Court expressed concern that this category of transactions might also contain wholly domestic communications, NSA conducted a further review. See Sept. 9 Submission at 4. NSA ultimately did not provide the Court with an estimate of the number of wholly domestic “about” SCTs that may be acquired through its upstream collection. Instead, NSA has concluded that “the probability of encountering wholly domestic communications in transactions that feature only a single, discrete communication should be smaller — and certainly no greater — than potentially encountering wholly domestic communications within MCTs.” Sept. 13 Submission at 2.

The Court understands this to mean that the percentage of wholly domestic communications within the universe of SCTs acquired through NSA’s upstream collection should not exceed the percentage of MCTs within its statistical sample. Since NSA found 10 MCTs with wholly domestic communications within the 5,081 MCTs reviewed, the relevant percentage is .197% (10/5,081). Aug. 16 Submission at 5.

NSA’s manual review found that approximately 90% of the 50,440 transactions in the same were SCTs. Id. at 3. Ninety percent of the approximately 13.25 million total Internet transactions acquired by NSA through its upstream collection during the six-month period, works out to be approximately 11,925,000 transactions. Those 11,925,000 transactions would constitute the universe of SCTs acquired during the six-month period, and .197% of that universe would be approximately 23,000 wholly domestic SCTs. Thus, NSA may be acquiring as many as 46,000 wholly domestic “about” SCTs each year, in addition to the 2,000-10,000 MCTs referenced above.

Now, ODNI might raise this detail and say that the 2011 review was not as intensive as the one the privacy community wants to conduct. They’d be right, not least because the upstream review should be easier to conduct than the PRISM review, even though there should be less upstream collection under the new rules (under 702, anyway — much of it would have just gone to EO 12333 collection).

But the other critical point is that, having done the sampling, NSA wasn’t even willing to give Bates the information he requested t0 explain the scope of illegal collection under Section 702.

NSA’s refusal to count all the entirely domestic communications collected in their own right is particularly important given another point that would be worth mentioning here.

It’s not so much that this debate started when Ron Wyden made his request. Rather, Ron Wyden, with Mark Udall, made a written request for such a count on the very same day, July 14, 2011, that DOJ obtained an extension to conduct the count for John Bates.

In April 2011, Wyden and Mark Udall asked for the number.

In April of 2011, our former colleague, Senator Mark Udall, and I then asked the Director of National Intelligence, James Clapper, for an estimate.

According to Clapper’s response, they sent a written letter with the request on July 14, 2011. The timing of this request is critically important because it means Wyden and Udall made the request during the period when NSA and FISA Judge John Bates were discussing the upstream violations (see this post for a timeline). As part of that long discussion Bates had NSA do analysis of how often it collected US person communications that were completely unrelated to a targeted one (MCTs). Once Bates understood the scope of the problem, he asked how many US person communications it collected that were a positive hit on the target that were the only communication collected (SCTs).

But the timing demands even closer scrutiny. On July 8, John Bates went to DOJ to express “serious concerns” — basically, warning them he might not be able to reauthorize upstream surveillance. On July 14 — the same day Wyden and Udall asked Clapper for this information — DOJ asked Bates for another extension to respond to his questions, promising more information. Clapper blew off Wyden and Udall’s request in what must be record time — on July 26. On August 16, DOJ provided their promised additional information to Bates. That ended up being a count of how many Americans were affected in MCTs.

So this debate started when Wyden, simultaneously with the FISC, asked for numbers on how many Americans were affected. But the NSA proceeded to do a count that was only partially responsive to Bates’ concerns and barely responsive to Wyden’s.

NSA did a count in 2011. But even though they had requests for a number from both other co-equal branches of government, they refused to do a responsive count, even as they were already committing the resources to doing the count.

The claim about resources made in 2011 rings hollow, because the resources were expended but the scope was narrowly drawn.

Which brings me to the last critical point here: the most likely motive for drawing the scope so narrowly even as both other co-equal branches of government were requesting the number.

In July 2010, John Bates wrote another opinion. On its face, it addressed the NSA’s collection of prohibited categories under the PR/TT Internet dragnet. But in reality, that collection was just upstream collection with some filtering to try to get down to the part of the packets that constituted metadata under rules set in 2004. Effectively, then, it was also an opinion about the deliberate collection of domestic content via upstream collection. And in that opinion, he weighed the government’s request to let it keep data it had collected that might contain entirely domestic content. Ultimately, Bates said that if the government knew it had obtained domestic content, it had to delete the data, but if it didn’t know, it could keep it.

When it is not known, and there is no reason to know, that a piece of information was acquired through electronic surveillance that was not authorized by the Court’s prior orders, the information is not subject to the criminal prohibition in Section 1809(a)(2). Of course, government officials may not avoid the strictures of Section 1809(a)(2) by cultivating a state of deliberate ignorance when reasonable inquiry would likely establish that information was indeed obtained through unauthorized electronic surveillance.

[snip]

In light of the government’s assertions of need, and in heavy reliance on the assurances of the responsible officials, the Court is prepared — albeit reluctantly — to grant the government’s request with respect to information that is not subject to Section 18099a)(2)’s prohibition. Hence, the government may access, use, and disseminate such information subject to the restrictions and procedures described above that will apply to future collection.

From that point forward, it was a precedent in the FISC that the government could obtain entirely domestic communications, provided that they didn’t know they were collecting it. But they couldn’t cultivate deliberate ignorance of what they were doing. (They still violated the precedent, but quickly destroyed all the data before they got caught in 2011.)

If the NSA knows they’re intentionally collecting entirely domestic communications, it is illegal. If the NSA doesn’t know they’re intentionally collecting entirely domestic collections, it’s not illegal.

You can see how, even with Bates’ stern warning not to deliberately cultivate ignorance, this provided a huge incentive to deliberately cultivate ignorance.

Of course, Dan Coats performed just that deliberate ignorance the other day, when Wyden made it clear Coats had signed the reauthorization certification for 702 even though the accompanying memo made it clear that the NSA would still be collection entirely domestic communications. Coats claimed they wouldn’t collect Americans’ communications even in spite of the fact that the memo accompanying his certification said it would do just that.

This is a concept the privacy community really needs to learn, quickly. Because Ron Wyden is laying all the ground work to make it clear that this is about deliberate ignorance, of just the sort that Bates said was improper, not actually a concern about resources.

Mr. EW doesn’t follow my work all that closely. He’s most apt to read something I wrote if it gets cited in TechDirt, a fact that occasionally makes me fantasize about getting Mike Masnick to publish secret messages about fixing leaky toilets or broken screen doors.

So I was pretty interested in Mr. EW’s take on the Reality Winner story. He believes, as many people do, that Winner was caught using the printer dot technology that Rob Graham laid out here.

I don’t doubt that the FBI or NSA used the printer dot technology to confirm that they had gotten the right person before they charged Winner. But it’s not mentioned at all in DOJ’s narrative of how they caught Winner (who, remember, pled not guilty even though she confessed to the FBI). They cite the following steps (search warrant affidavit, complaint affidavit):

1. May 30: The Intercept contacts NSA and provides a copy of the document. NSA confirms for itself that it is real and classified.
2. June 1: NSA makes a leak referral to the FBI.
3. Undated:
   1. NSA notes that the document has been folded, suggested it was printed off.
   2. NSA checks who has accessed and printed the document.
   3. NSA checks the work computers of the six people who have printed the document, including Winner.
   4. NSA finds a direct email, from March, from Winner’s work computer to The Intercept using her personal Gmail account pertaining to TI’s podcast.
4. June 1: For the second time, The Intercept contacts a contractor to validate the document (he or she had told them it was fake on May 24), telling the contractor that the NSA has confirmed its authenticity. The contractor provided a document number to The Intercept, and on the same day, the contractor informed the NSA about the May 24 and June 1 interactions, probably also passing on the detail that the document had been sent from Augusta, GA.
5. June 2: FBI verifies Winner’s residence for a search warrant.
6. June 3: FBI interviews Winner, who admits to “removing the classified intelligence reporting from her office space, retaining it, and mailing it from Augusta, Georgia.”

Winner was arrested on June 3; her arrest was unsealed on June 5, just after The Intercept published the document.

On June 5, Graham posted a piece explaining how the hidden dots on the hard copy of the document would have told NSA that the document had been printed out on May 9, making it even easier for the NSA to pinpoint who had printed out the document.

The document leaked by the Intercept was from a printer with model number 54, serial number 29535218. The document was printed on May 9, 2017 at 6:20. The NSA almost certainly has a record of who used the printer at that time.

As I explained to Mr. EW last night, nothing in the official record says the NSA used this hidden dot technology in its hunt for the leaker. I explained that while my friends started talking about the hidden dots almost immediately, there was nothing in the public record about it.

Clearly, the government didn’t exactly want that (and no doubt a number of other investigative methods, presumably including at a minimum checks on the non-government computer communications of the six people who printed out the document, and potentially also a check of postal records) detail to become public.

Yet, as a result of the reporting on this, people like Mr. EW not only know about the dot technology, but believe it was the key factor in identifying Winner. If they follow Rob Graham closely, they’ll also know that (in response to my question) another presumed leaker to The Intercept had managed to pass on a printed (and frankly far more important leaked) document — FBI’s Domestic Investigations and Operations Guide — without including the telltale dots (I told Mr. EW about the follow-up but he’s more likely to read it if TechDirt links so…) So they would have learned that the dots are an operational security issue, but there are as yet unknown ways to mitigate that problem.

As I’ve stated several times, while the document Winner leaked to The Intercept provides new details about Russian attempts to hack the election, it simply adds to the widely known narrative already in the public (though the redacted details would no doubt be even more interesting). The secret dots though! — that was news to most people (including me).

Which secret do you think the government is most grumpy about having been made public?

There appears to be a misunderstanding about details revealed at the bail hearing for Reality Winner last week, where Magistrate Judge Brian Epps denied her bail. Epps did so because she allegedly said she said wanted to burn the White House down and because prosecutor Jennifer Solari — who sounds like she made some pretty inflated claims — suggested Winner might have more to leak. There’s no written record for this yet, but it appears from one of the less-shitty reports on the hearing that the claim is based on three things: First, Winner stuck a thumb drive in a Top Secret computer last year.

Winner inserted a portable hard drive in a top-secret Air Force computer before she left the military last year. She said authorities don’t know what happened to the drive or what was on it.

Second, because Solari portrayed the 25-year old translator’s knowledge as a danger unto itself (more ridiculously, she painted Winner’s knowledge of Tor — which Winner didn’t use to look up sensitive information — as a means by which she might flee).

“We don’t know how much more she knows and how much more she remembers,” Solari said. “But we do know she’s very intelligent. So she’s got a lot of valuable information in her head.”

And finally, because Winner told her mother, in a conversation from jail that was recorded, that she was sorry about the documents, plural.

Solari said Winner also confessed to her mother during a recorded jailhouse phone call, saying: “Mom, those documents. I screwed up.”

Solari apparently emphasized the latter point as a way to suggest Winter might still have documents to leak.

Solari stressed that Winner referred to “documents” in the plural, and that federal agents were looking to see whether she may have stolen other classified information.

The idea is that because Winner used the plural and she only leaked one document, there must be more she’s planning on leaking.

Except that doesn’t appear right.

It appears Winner actually already leaked two documents.

While the Intercept article describes a document, singular, what they actually appear to have gotten are two documents — the report on the Russian hacking, and one page of a two-page document laying out the hacks. The Intercept calls the second document “an overview chart.”

But the “chart” actually has its own separate pagination (indeed, its own separate pagination format). The “document” paginates by page number,

Whereas the “chart” paginates by pages out of total.

Moreover, the “chart” also uses a different title than the report.

That’s not to say they’re not related. It’s just two say that we already appear to have documents, plural, from Winner.

Moreover, are we really led to believe that 3 years after Edward Snowden succeeded in loading a bunch of documents onto a flash drive because he was in a remote facility where insider threat programs hadn’t yet been fully implemented, had SysAdmin access, and had pulled some strings to retain an outdated computer that had a port, a translator in an NSA or other military facility could use a flash drive without a very close accounting of what she downloaded?

Mind you, her attorney should have argued as much in the detention hearing if Winner really thinks these are multiple documents. But appears they are.

Jim Comey made a comment in his testimony the other day I’ve not seen others mention. Mark Warner asked him to explain this comment on patronage from his written testimony.

The President began by asking me whether I wanted to stay on as FBI Director, which I found strange because he had already told me twice in earlier conversations that he hoped I would stay, and I had assured him that I intended to. He said that lots of people wanted my job and, given the abuse I had taken during the previous year, he would understand if I wanted to walk away.

My instincts told me that the one-on-one setting, and the pretense that this was our first discussion about my position, meant the dinner was, at least in part, an effort to have me ask for my job and create some sort of patronage relationship. That concerned me greatly, given the FBI’s traditionally independent status in the executive branch.

I replied that I loved my work and intended to stay and serve out my ten-year term as Director. And then, because the set-up made me uneasy, I added that I was not “reliable” in the way politicians use that word, but he could always count on me to tell him the truth. I added that I was not on anybody’s side politically and could not be counted on in the traditional political sense, a stance I said was in his best interest as the President. A few moments later, the President said, “I need loyalty, I expect loyalty.”

When Warner asked Comey to explain this comment at Thursday’s hearing, Comey explained he thought that Trump was belatedly trying to get something from Comey in exchange for letting him stay on his job.

WARNER: Let me move to the January 27th dinner, where you said “The president began by asking me whether I wanted to stay on as FBI director.”

He also indicated that “lots of people” again your words, “Wanted the job.” You go on to say the dinner itself was “Seemingly an effort to” to quote have you ask him for your job and create some “patronage” relationship. The president seems from my reading of your memo to be holding your job or your possibility of continuing your job over your head in a fairly direct way. What was your impression, and what did you mean by this notion of a patronage relationship?

COMEY: Well, my impression, and again it’s my impression, I could always be wrong but my common sense told me what was going on is, either he had concluded or someone had told him that you didn’t, you’ve already asked Comey to stay, and you didn’t get anything for it. And that the dinner was an effort to build a relationship, in fact, he asked specifically, of loyalty in the context of asking me to stay. As I said, what was odd about that is we’d already talked twice about it by that point and he said I very much hope you’ll stay. In fact, I just remembered sitting a third, when you’ve seen the. IC tour of me walking across the blue room, and what the president whispered in my ear was “I really look forward to working with you.” So after those encounters —

WARNER: That was a few days before your firing.

COMEY: On the Sunday after the inauguration. The next Friday I have dinner and the president begins by wanting to talk about my job and so I’m sitting there thinking wait a minute three times we’ve already, you’ve already asked me to stay or talked about me staying. My common sense, again I could be wrong but my common sense told me what’s going on here is, he’s looking to get something in exchange for granting my request to stay in the job. [my emphasis]

Comey explained that — after already having been assured three times that he would remain in his position — Trump raised the issue anew in a private dinner. Comey didn’t say this, but this happened the day after Sally Yates first told White House Counsel Don McGahn that Mike Flynn had misrepresented his comments to Sergey Kislyak. And in that dinner, Trump implied that if Comey wanted to stay in the job he’d been offered three times already, he had to give Trump loyalty.

What I’m especially interested in is what Comey believed elicited this: Comey figured that “either [Trump] had concluded or someone [else] had told [Trump] that you didn’t, you’ve already asked Comey to stay, and you didn’t get anything for it” which is what led Trump to invite Trump for dinner.

Given the timing, it would be interesting all by itself if Trump had decided on his own to get some kind of commitment from Comey in order to keep his job, because it would make it far more likely that McGahn told Trump about Yates’ concerns.

But Comey testified that he thought that perhaps someone else went to Trump and suggested he should go back to Comey and try to demand loyalty to keep his job.

Who?

Does Comey think Mike Flynn did this? Don McGahn (which would be downright shocking)? Or did he think that one of the two people who lingered at the next weird meeting alone with Trump — Attorney General Sessions or Son-in-Law-in-Chief Jared Kushner — made the suggestion?

He didn’t say. But I find the suggestion that Comey believes someone may have — at the same time as DOJ was telling the White House that Mike Flynn was in trouble — encouraged Trump to go make demands from Comey.

Back on June 1, I asked why Shadow Brokers had picked a new cryptocurrency to not make a profit with rather than Bitcoin. For its new leak of the month club, it started by asking for payment in Zcash, a currency with better privacy features. I speculated three possibilities:

First, currencies have been bouncing around in response to some of this stuff. So it’s possible this is an attempt to flood the market.

Certainly, too, the invocation of DARPA seems about increasing distrust, just as SB did in its efforts to increase the distrust between Microsoft and the government.

More interestingly, though, perhaps this is SB’s way of adding to the risk to NSA of any releases. While some people believe NSA has already disclosed all the vulnerabilities it believes SB to have (indeed, SB’s last post suggested as much as well), if there’s any doubt about that, by using a more secretive currency, it will add the risk to NSA of not knowing who has anything SB sells.

My first suggestion wasn’t very coherent: I meant it was possible SB’s backers were trying to drive up the value of one currency versus the other.

After I wrote that first post, SB decided to add Monero to its currencies of choice — though the way in which SB asked for payment here was even more fucked up than normal (if you’re assuming the goal is to actually obtain anonymous payment). As has been explained to me, the way SB asked for funds would leave the payment ID visible to the blockchain.

In any case, given that SB has now used three different currencies, all in ways that seem designed not to make any money, I find it very interesting that Vladimir Putin was sidling up to the founder of yet another cryptocurrency this week, talking about adopting it as a national model.

Putin met Ethereum founder Vitalik Buterin on the sidelines of the St. Petersburg Economic Forum last week and supported his plans to build contacts with local partners to implement blockchain technology in Russia, according to a statement on Kremlin’s website.

“The digital economy isn’t a separate industry, it’s essentially the foundation for creating brand new business models,” Putin said at the event, discussing means to boost growth long-term after Russia ended its worst recession in two decades.

Virtual currencies could help the economy by making transactions happen more quickly and safely online.

[snip]

Russia’s central bank has already deployed an Ethereum-based blockchain as a pilot project to process online payments and verify customer data with lenders including Sberbank PJSC, Deputy Governor Olga Skorobogatova said at the St. Petersburg event. She didn’t rule out using Ethereum technologies for the development of a national virtual currency for Russia down the road.

VEB, the bank that was cozying up to Jared Kushner, has also apparently integrated Ethereum into its business model.

Remember, too, SB hasn’t necessarily promised exploits. They’ve also suggested they might release more details on NSA’s hacking of SWIFT-related facilities, a financial regime that has been used to pressure Russia.

Along with all the other functions that SB seems to serve, is one of them about degrading potential competitor currencies?

Back when Jeff Sessions recused from the investigation into Trump, I noted that it was actually fairly narrow. He recused from election-related issues, but said nothing about Russia.

[T]he only thing he is recusing from is “existing or future investigations of any matters related in any way to the campaigns for President of the United States.”

There are two areas of concern regarding Trump’s ties that would not definitively be included in this recusal: Trump’s long-term ties to mobbed up businessmen with ties to Russia (a matter not known to be under investigation but which could raise concerns about compromise of Trump going forward), and discussions about policy that may involve quid pro quos (such as the unproven allegation, made in the Trump dossier, that Carter Page might take 19% in Rosneft in exchange for ending sanctions against Russia), that didn’t involve a pay-off in terms of the hacking. There are further allegations of Trump involvement in the hacking (a weak one against Paul Manafort and a much stronger one against Michael Cohen, both in the dossier), but that’s in no way the only concern raised about Trump’s ties with Russians.

Which is why I was so interested that Jim Comey emphasized something else in his testimony (see this post on this topic) — issues pertaining to Russia. [my emphasis throughout]

We concluded it made little sense to report it to Attorney General Sessions, who we expected would likely recuse himself from involvement in Russia-related investigations. (He did so two weeks later.)

This came up in his hearing yesterday, as well. First Wyden asked why Sessions was involved in Comey’s firing if he got fired for continuing to investigate Mike Flynn’s ties to Russia.

WYDEN: Let me turn to the attorney general. In your statement, you said that you and the FBI leadership team decided not to discuss the president’s actions with Attorney General Sessions, even though he had not recused himself. What was it about the attorney general’s interactions with the Russians or his behavior with regard to the investigation that would have led the entire leadership of the FBI to make this decision?

COMEY: Our judgment, as I recall, is that he was very close to and inevitably going to recuse himself for a variety of reasons. We also were aware of facts that I can’t discuss in an opening setting that would make his continued engagement in a Russia-related investigation problematic. So we were convinced — in fact, I think we’d already heard the career people were recommending that he recuse himself, that he was not going to be in contact with Russia-related matters much longer. That turned out to be the case.

WYDEN: How would you characterize Attorney General Sessions’s adherence to his recusal? In particular, with regard to his involvement in your firing, which the president has acknowledged was because of the Russian investigation.

COMEY: That’s a question I can’t answer. I think it is a reasonable question. If, as the president said, I was fired because of the Russia investigation, why was the attorney general involved in that chain? I don’t know.

Then Kamala Harris asked whether there had been any official guidance on recusal.

HARRIS: Thank you. As a former attorney general, I have a series of questions in connection with your connection with the attorney general while you were FBI director. What is your understanding of the parameters of Attorney General Sessions’ recusal from the Russia investigation?

COMEY: I think it’s described in a written release from DOJ which I don’t remember sitting here but the gist is he will be recused from all matters relating to Russia or the campaign. Or the activities of Russia and the ’16 election or something like that.

HARRIS: So, is your knowledge of the extent of the recusal based on the public statements he’s made?

COMEY: Correct.

HARRIS: Is there any kind of memorandum issued from the attorney general to the FBI outlining the parameters of his recusal?

COMEY: Not that I’m aware of.

In every comment, Comey emphasized the Russian aspect. Indeed, most of his comments only mention Russia; just one instance mentions the election.

Indeed, yesterday’s hearing made it clear that Comey believed Sessions should be recused from Russia-related issues because of unclassified issues that include his undisclosed two (now three) conversations with Russian Ambassador Sergey Kislyak.

After yesterday’s hearing, DOJ issued a statement (reproduced in its entirely below), and also released an email that appears to serve as the written guidance on Sessions’ recusal. Yesterday’s statement makes the limitation to election-related issues even more explicit.

Given Attorney General Sessions’ participation in President Trump’s campaign, it was for that reason, and that reason alone, the Attorney General made the decision on March 2, 2017 to recuse himself from any existing or future investigations of any matters related in any way to the campaigns for President of the United States.

So while the email directive does state Sessions’ recusal “extends to Department responses to Congressional and media inquiries related to any such investigations,” not a single thing from DOJ ever mentions the word Russia.

There are actually many important potential implications of this.

It may mean, for example, that Sessions feels he had every right to help Trump fire Comey for his aggressive investigation in Russian issues — even in spite of the fact that his own actions may be reviewed in the Russian investigation — because the Flynn investigation pertained to issues that happened after the election.

More alarmingly, it may mean that there will be a squabble about the scope of Robert Mueller’s special counsel investigation, which has already started digging into matters of Russian corruption that go back years, because Rod Rosenstein overstepped the scope of his own authority based on the limits of Sessions’ recusal.

Jim Comey thinks that as soon as February 14, it was clear that Sessions had to recuse from Russian related issues. Instead (all the evidence suggests) he recused only from election related issues.

The difference in understanding here is troubling.

Update: A friend notes that Jeff Sessions basically relied on Rod Rosenstein’s letter in recommending Trump fire Comey.

[F]or the reasons expressed by the Deputy Attorney General in the attached memorandum, I have concluded that a fresh start is needed at the leadership of the FBI.

The friend suggested that because Comey’s actions implicated the election, that means Sessions intervened in matter pertaining to the election (albeit for Trump’s opponent).

I’m not so sure. The phrasing of Rosenstein’s letter here is critical. Democrats may be angry at Comey for reopening the investigation (and sending a sure-to-leak letter to a stable of GOP Committee Chairs) days before the election. So to Democrats, Comey’s handing of the Hillary investigation pertains to the election.

But Rosenstein frames the issue in terms of “usurp[ing] the Attorney General’s authority” and “supplant[ing] federal prosecutors and assum[ing] control of the Justice Department.” While Rosenstein cites Eric Holder and Donald Ayer describing how Comey’s actions violated long-standing policies pertaining to comments in advance of elections, the Deputy Attorney General himself pitches it as insubordination.

Update: On Twitter Charlie Savage suggested the scope of the recusal could be taken from the language of Comey’s confirmation of the investigation in a HPSCI hearing on March 20, arguing that on March 2, when Sessions recused, the investigation and its ties to campaign members who spoke to Russians had not yet been disclosed.

I have been authorized by the Department of Justice to confirm that the FBI, as part of our counterintelligence mission, is investigating the Russian government’s efforts to interfere in the 2016 presidential election and that includes investigating the nature of any links between individuals associated with the Trump campaign and the Russian government and whether there was any coordination between the campaign and Russia’s efforts. As with any counterintelligence investigation, this will also include an assessment of whether any crimes were committed.

Except this statement says nothing about Jeff Sessions’ recusal, and in Thursday’s testimony, Comey said he was unaware of a memo aside from Sessions public statement. As noted above, the email that DOJ has now pointed to says nothing about Russia.

Plus, even if the recusal originally intended to include the secret Russia investigation, the statement written on Thursday, very clearly in response to Comey’s testimony and repeated claims that Sessions had to recuse from Russia-related issues, said the only reason Sessions recused was because of the campaign tie. And as I noted in my original post on the scope of Sessions’ recusal, he played games in his admission of conversations with Sergey Kislyak as to whether they pertained to Russia.

Update: In a March 6 letter to SJC claiming he didn’t need to correct his false testimony on conversations with Sergey Kislyak, Sessions said that his recusal should cover Russian contacts with the Trump transition and administration.

The March 3, 2017, letter also asked why I had not recused myself from “Russian contacts with the Trump transition team and administration.” I understand the scope of the recusal as described in the Department’s press release would include any such matters.

This would seem to conflict with Thursday’s statement.

______________________________________________________________________________

FOR IMMEDIATE RELEASE

THURSDAY, JUNE 8, 2017

DEPARTMENT OF JUSTICE ISSUES STATEMENT ON TESTIMONY OF FORMER FBI DIRECTOR JAMES COMEY

WASHINGTON – In response to testimony given today by former FBI Director James Comey, Department of Justice Spokesman Ian Prior issued the following statement:

• Shortly after being sworn in, Attorney General Sessions began consulting with career Department of Justice ethics officials to determine whether he should recuse himself from any existing or future investigations of any matters related in any way to the campaigns for President of the United States.

Those discussions were centered upon 28 CFR 45.2, which provides that a Department of Justice attorney should not participate in investigations that may involve entities or individuals with whom the attorney has a political or personal relationship. That regulation goes on to define “political relationship” as:

“[A] close identification with an elected official, a candidate (whether or not successful) for elective, public office, a political party, or a campaign organization, arising from service as a principal adviser thereto or a principal official thereof ***”

Given Attorney General Sessions’ participation in President Trump’s campaign, it was for that reason, and that reason alone, the Attorney General made the decision on March 2, 2017 to recuse himself from any existing or future investigations of any matters related in any way to the campaigns for President of the United States.

• In his testimony, Mr. Comey stated that he was “not *** aware of” “any kind of memorandum issued from the Attorney General or the Department of Justice to the FBI outlining the parameters of [the Attorney General’s] recusal.” However, on March 2, 2017, the Attorney General’s Chief of Staff sent the attached email specifically informing Mr. Comey and other relevant Department officials of the recusal and its parameters, and advising that each of them instruct their staff “not to brief the Attorney General *** about, or otherwise involve the Attorney General *** in, any such matters described.”
• During his testimony, Mr. Comey confirmed that he did not inform the Attorney General of his concerns about the substance of any one-on-one conversation he had with the President. Mr. Comey said, following a morning threat briefing, that he wanted to ensure he and his FBI staff were following proper communications protocol with the White House. The Attorney General was not silent; he responded to this comment by saying that the FBI and Department of Justice needed to be careful about following appropriate policies regarding contacts with the White House.
• Despite previous inaccurate media reports, Mr. Comey did not say that he ever asked anyone at the Department of Justice for more resources related to this investigation.
• In conclusion, it is important to note that after his initial meeting with career ethics officials regarding recusal (and including the period prior to his formal recusal on March 2, 2017), the Attorney General has not been briefed on or participated in any investigation within the scope of his recusal.

# # #

17-631

As part of his testimony today, Jim Comey revealed he gave some or all of the nine memos he wrote documenting his interactions with President Trump to a friend, since confirmed to be Columbia Professor Dan Richman, who in turn shared one with the press.

COLLINS: Finally, did you show copies of your memos to anyone outside of the department of justice?

COMEY: Yes.

COLLINS: And to whom did you show copies?

COMEY: I asked — the president tweeted on Friday after I got fired that I better hope there’s not tapes. I woke up in the middle of the night on Monday night because it didn’t dawn on me originally, that there might be corroboration for our conversation. There might a tape. My judgement was, I need to get that out into the public square. I asked a friend of mine to share the content of the memo with a reporter. Didn’t do it myself for a variety of reasons. I asked him to because I thought that might prompt the appointment of a special counsel. I asked a close friend to do it.

COLLINS: Was that Mr. Wittes?

COMEY: No.

COLLINS: Who was it?

COMEY: A close friend who is a professor at Columbia law school.

The fact that Comey released the memo through Richman formed part of Trump lawyer Marc Kasowitz’s pushback after the hearing.

Of course, the Office of the President is entitled to expect loyalty from those who are serving in an administration, and, from before this President took office to this day, it is overwhelmingly clear that there have been and continue to be those in government who are actively attempting to undermine this administration with selective and illegal leaks of classified information and privileged communications. Mr. Comey has now admitted that he is one of the leakers.

Today, Mr. Comey admitted that he unilaterally and surreptitiously made unauthorized disclosures to the press of privileged communications with the President. The leaks of this privileged information began no later than March 2017 when friends of Mr. Comey have stated he disclosed to them the conversations he had with the President during their January 27, 2017 dinner and February 14, 2017 White House meeting. Today, Mr. Comey admitted that he leaked to his friends his purported memos of these privileged conversations, one of which he testified was classified. He also testified that immediately after he was terminated he authorized his friends to leak the contents of these memos to the press in order to “prompt the appointment of a special counsel.” Although Mr. Comey testified he only leaked the memos in response to a tweet, the public record reveals that the New York Times was quoting from these memos the day before the referenced tweet, which belies Mr. Comey’s excuse for this unauthorized disclosure of privileged information and appears to [sic] entirely retaliatory.

Kasowitz gets a lot wrong here. Comey said one memo was classified, but that’s the memo that memorialized the January 6 meeting, not the ones described here. And the NYT has already corrected the claim that the shared memos preceded the tweet.

And, as a number of people (including Steve Vladeck) have noted, even if this information were covered by executive privilege, even if that privilege weren’t waived with Trump’s tweet, it’s not a crime to leak privileged information.

Nevertheless, Kasowitz’ focus on purportedly privileged documents is all the more interesting given the pathetic conduct of Director of National Intelligence Dan Coats and NSA Director Mike Rogers at yesterday’s 702 hearing. After a great deal of obfuscation from both men about why they couldn’t answer questions about Trump’s request they intervene in the FBI’s Mike Flynn investigation, Angus King finally got Rogers to admit that he and Coats never got a conclusive answer about whether the White House was invoking privilege.

King: I think you testified, Admiral Rogers, that you did discuss today’s testimony with someone in the White House?

Rogers: I said I asked did the White House intend to invoke executive privilege with respect to interactions between myself and the President of the United States.

King: And what was the answer to that question?

Rogers: To be honest I didn’t get a definitive answer. Both myself and the DNI are still talking–

King: So then I’ll ask both of you the same question. Why are you not answering these questions? Is there an invocation by the President of the United States of executive privilege? Is there or not?

Rogers: Not that I’m aware of.

King: Then why are you not answering the question?

Rogers: Because I feel it is inappropriate, Senator.

King: What you feel isn’t relevant Admiral. What you feel isn’t the answer. The question is why are you not answering the questions. Is it an invocation of executive privilege? If there is, then let’s know about it, and if there isn’t answer the questions.

Rogers: I stand by the comments I’ve made. I’m not interested in repeating myself, Sir. And I don’t mean that in a contentious way.

King: Well I do mean it in a contentious way. I don’t understand why you’re not answering our questions. When you were confirmed before the Armed Services Committee you took an oath, do you solemnly swear to give the committee the truth, the full truth and nothing but the truth. You answered yes to that.

Rogers: I do. And I’ve also answered that those conversations were classified. It is not appropriate in an open forum to discuss those classified conversations.

King: What is classified about a conversation about whether or not you should intervene in the FBI investigation?

Rogers: Sir I stand by my previous comments.

King: Mr. Coats? Same series of questions. What’s the basis for your refusal to answer these questions today?

Coats: The basis is what I’ve previously explained, I do not believe it is appropriate for me to–

King: What’s the basis? I’m not satisfied with I do not believe it is appropriate or I do not feel I should answer. I want to understand a legal basis. You swore that oath to tell us the truth, the whole truth, and nothing but the truth, and today you are refusing to do so. What is the legal basis for your refusal to testify to this committee?

Coats: I’m not sure I have a legal basis.

In other words, these men admit they had no legal basis (they’re not classified, no matter what Rogers claimed) to dodge the Committee’s question. But nevertheless they’re invoking things like their feelings to avoid testifying.

Clearly, the White House is playing a game here, invoking loyalty rather than law to compel silence from its top officials.

Kasowitz’ claims are, on their face, bogus. But taken in conjunction with the dodges from Coats and Rogers, they’re all the more problematic.

Here’s another detail from Jim Comey’s testimony that deserves more attention. On February 14, the day that President Trump asked Comey to drop the investigation into Mike Flynn, Comey and his aides expected Jeff Sessions to recuse himself from the investigation.

We also concluded that, given that it was a one-on-one conversation, there was nothing available to corroborate my account. We concluded it made little sense to report it to Attorney General Sessions, who we expected would likely recuse himself from involvement in Russia-related investigations. (He did so two weeks later.) [my emphasis]

Obviously, Sessions should have recused in any case, since he was involved in the campaign. But Comey specifically framed this as “Russia-related investigations,” not Trump investigations generally. Comey doesn’t say why the top people at FBI believed he would recuse, but by this point, the FBI would have pulled all intercepts involving Sergey Kislyak, so would have discovered ones reflecting conversations with Sessions.

In any case, to have that belief, the FBI presumably had already talked to Sessions about his conflicts with the Russian investigation.

That’s consistent with something Sessions said in his recusal statement. He describes the recusal process as a several week series of meetings.

During the course of the last several weeks, I have met with the relevant senior career Department officials to discuss whether I should recuse myself from any matters arising from the campaigns for President of the United States.

Having concluded those meetings today, I have decided to recuse myself from any existing or future investigations of any matters related in any way to the campaigns for President of the United States.

Yet it took two more weeks (actually, 16 days) for Sessions to recuse, which suggests he didn’t do it just for the election-related reasons, and didn’t do it when FBI first talked to him about it. He only did it once the leaks about his ties to Kislyak came out.

Given Trump’s reported continued rage at Sessions for recusing — so much so he’s considering firing him (do it!!!) — I find that very significant. It makes it more likely that Sessions and Trump spoke about a potential recusal in the interim weeks, and more likely that Trump thought he had a plan in place to kill any investigation that Sessions recusal killed.