Today in the Ben Wittes (And Friends) Utter Lack of Self-Awareness File: Family and Friends Edition

/10 Comments/in , , /by

This morning, Ben Wittes called Ashley Feinberg’s discovery of the Twitter account that Jim Comey had himself disclosed the existence of publicly, “a creepy stalking effort.”

Shortly thereafter he went on to backtrack a bit, calling Feinberg’s work “very impressive,” but then pitching his privacy concern as pertaining to Comey’s adult-aged son.

Later in the day he defended against claims he was “being mean” to her by pointing to the time she used his name to get Comey to click on a test phish.

Then Matt Tait weighed in, reaffirming that tracking Comey down through his adult-aged son was very stalkery.

Ultimately, though, they (and Susan Hennessey) end up asking what the news value of Feinberg identifying Comey’s Twitter account was.

Let’s review, shall we? We’re talking about whether it is acceptable for a journalist to use public means (facilitated by a loophole in Instagram), hopping through a public figure’s 22-year old son, to find the public figure’s Twitter account, which he revealed in a televised appearance.

And not just any public figure. This is Jim Comey, the man who, in 2004, declined to reauthorize a bulk Internet metadata dragnet (Comey showed no such compunction about reauthorizing a phone metadata dragnet), only to run to the FISA Court and tell Colleen Collar-Kotelly that she had no discretion but to approve it.

And thus was born the legal codification of the definition of “relevant to” that holds that the metadata of all Americans can be considered “relevant to” FBI’s standing terrorism investigations, the definition that, two years later, would be used to justify collection aspiring to obtain the metadata of all phone calls placed in this country. Not just those who talk to terrorists, but those who talk to the people who talk to them and the people who talk to those who talk to those who talk to them. Including their children.

The Internet dragnet (and the upstream collection that replaced it) collects things like what people get tagged or favorited in Instagram and Twitter accounts — precisely the kind of metadata that led Feinberg to identify Comey’s account.

But that’s not all that’s “relevant to” whether there is any news value to using publicly available metadata to identify a Twitter account that Comey himself revealed.

In 2014, when Jim Comey headed the FBI, DOJ’s Inspector General argued for at least the second time (with the first including practices that occurred while Comey was DAG) that FBI should not be obtaining all records associated with the Friends and Family account of a target.

[T]he significance of the FBI’s request for “associated” records is that the FBI has sought and in some cases received not only the toll billing records and subscriber information of the specific telephone number identified in the NSL, but also the toll billing numbers that belong to the same account — such as numbers in a group or family plan account — without a separate determination and certification by the FBI that the additional records are relevant to an authorized international terrorism investigation. Yet before the FBI may specifically request in an NSL the records of a subject’s family member or partner, Section 2709 would require an authorized official to certify that such records are relevant to a national security investigation. (158)

That is, DOJ’s IG had to tell the FBI for the second time, when Comey was running it, that they shouldn’t be collecting the phone records of a target’s mom or (dependent aged) child or girlfriend because they were associated with accounts relevant to an investigation.

The FBI accepted DOJ IG’s recommendation to ensure that records “associated to” those “relevant to” investigations not be collected, but had only implemented it thus far on the non-automated side of NSL submissions by the time of the report.

Now that we’ve reviewed Jim Comey’s great tolerance for using three hop metadata records as an investigative technique (if not the more targeted collection of records “associated to” those “relevant to” investigations) as well as the mind-numbing definition of what constitutes “relevant to,” let’s return to the context of his discussions about social media. While the Twitter revelation served as evidence for a story that he’s non-partisan, the Instagram one he likes to tell serves to support his claim to care about privacy. Here’s the quote Feinberg included in her piece, but Comey has made this speechlet numerous times over the years.

I care deeply about privacy, treasure it. I have an Instagram account with nine followers. Nobody is getting in. They’re all immediate relatives and one daughter’s serious boyfriend. I let them in because they’re serious enough. I don’t want anybody looking at my photos. I treasure my privacy and security on the internet.

Nobody is getting into his Instagram account (with its loophole permitting people like Feinberg or FBI agents to get to his metadata), Comey said. With respect to content, that seems to be true.

Presumably, he also believed nobody was getting into his Twitter account that at that point just one person — the weak link, Ben Wittes — had followed.

He was wrong.

Jim Comey’s understanding of his own well guarded privacy was overblown, in part because of the inherent insecurity of the platforms he uses and in part because of the OpSec practices of his friend and his son’s friend. I don’t think Comey much cares — in his business, the likelihood that a dumb associate might thwart otherwise admirable operational security (especially on the part of a 22-year old) of a target is a blessing, not a curse.

But it is an awesome illustration of the power and danger of this metadata soup that, under Comey, the government got far more access to.

Now, in threads where I’ve made this argument, people have rightly pointed out that the power of the FBI (which gets far more metadata) and a reporter is somewhat different, as might be the necessity for avoiding any chains involving children. Though the frequency with which Trump and his associates’ own (admittedly older) spawn get included in stories of his corruption demonstrates how important such connections are, even for journalists.

But the contention that FBI’s contact chaining and a journalist’s contact chaining are that different is belied by Comey’s own reaction, his first tweet ever.

Not only did he say he wasn’t mad and compliment her work, but he posted the link to FBI jobs.

I’d say Jim Comey sees a similarity in what Feinberg did.

I’m all in favor of protecting the accounts of children from such contact chaining — and am really not a big fan of contact chaining, generally. But those who, like Comey and Wittes and Hennessey and Tait, have championed a system that endorses at least two hop chaining irrespective of who gets hopped, not to mention those who’ve tolerated the collection on family members in even more targeted surveillance, I’m not all that interested in complaints about the privacy of a 22-year old son.

Or rather, I point to it as yet another example of surveillance boosters not understanding what the policies they embrace actually look like in practice.

Which is precisely why this “doxing” was so newsworthy.

Update: For the benefit of Al, I’m including this link to Comey introducing his children (Brian was 19 at the time, his youngest was 13) at his FBI Director confirmation hearing in 2013; a screencap is above. It sounds like he did the same at his DAG hearing 10 years earlier.

So if you’ve got a concern about their safety you might want to talk to the Senate about the practice of featuring families during confirmation hearings.

Update: Here we are Monday and Gates and Manafort still haven’t found anything liquid to put up as bail. Not only that, but in a filing raising a potential conflict with one of Gates’ money laundering expert lawyers, prosecutors reveal Gates is trying to have his partner from a movie-related firm’s brother serve as surety while also doing so for the partner.

Marc Brown, the brother of defendant Steven Brown, was proposed by Gates as a potential surety despite the facts that they seemingly do not have a significant relationship, they have not had regular contact over the past ten years, and Marc Brown currently serves as a surety for his brother Steven in his ongoing criminal prosecution in New York. In an interview with the Special Counsel’s Office on November 16, Marc Brown listed as a reason for seeking to support Gates that they belonged to the same fraternity (although they did not attend the same college) and that, as such, he felt duty bound to help Gates. Of note, Marc Brown’s financial assets were significantly lower, almost by half, than previously represented by Gates.

Fifteen Years Fighting the War on Terror Would Have Inured Mike Flynn to Kidnapping

/20 Comments/in , , , , /by

As the Wall Street Journal reported this morning, in December 2016, Mike Flynn had a second meeting with representatives of Turkey to discuss a plan to help them kidnap Fethullah Gulen.

Federal Bureau of Investigation agents have asked at least four individuals about a meeting in mid-December at the ‘21’ Club in New York City, where Mr. Flynn and representatives of the Turkish government discussed removing Mr. Gulen, according to people with knowledge of the FBI’s inquiries. The discussions allegedly involved the possibility of transporting Mr. Gulen on a private jet to the Turkish prison island of Imrali, according to one of the people who has spoken to the FBI.

The report has led to some gleeful hand-wringing (and, as always, baby cannon eruptions) from interesting quarters.

For those of us who have opposed the US practice of extraordinary rendition, sure, the notion that Flynn would work with a foreign country to assist in the illegal kidnapping of someone that country considered a terrorist does seem outrageous. But for those who, not so long ago, worried that counterterrorism success might lead us to eschew things like extraordinary rendition, I’m not sure I understand the hand-wringing.

Yet the more effectively we conduct counterterrorism, the more plausible disbelief becomes and the more uncomfortable we grow with policies like noncriminal detention, aggressive interrogation, and extraordinary rendition. The more we convince ourselves that the Devil doesn’t really exist, the less willing we are to use those tools, and we begin reining them in or eschewing them entirely. And we let the Devil walk out of the room.

Especially not when you consider Mike Flynn’s service to the country. For fourteen years, Flynn played a key role in counterterrorism policy, serving in an intelligence role in Afghanistan when we were paying Pakistan bounties just to have enough Arabs to fill Gitmo, serving as Director of Intelligence for JSOC for some of the bloodiest years of the Iraq War, then serving in another intelligence role in Afghanistan during a period when the US was handing prisoners off to Afghanistan to be tortured.

That’s what two presidents, one a Nobel Prize winner, and another increasingly rehabilitated, asked Mike Flynn to do. And in that role, I have no doubt, he was privy to — if not directly in the chain of command — a whole lot of legally dubious kidnapping, including from countries with respectable institutions of law. (In related news, see this report on MI6 and CIA cooperation with Gaddafi, including kidnapping, after 9/11.)

So having spent 14 years kidnapping for the United States, why is it so odd that Flynn would consider it acceptable to help one of our allies in turn, to help them kidnap the kinds of clerics we ourselves have targeted as terrorists.

There is, of course, something different here: the suggestion that Flynn and his son might profit mightily off the arrangement, to the tune of $15 million.

Under the alleged proposal, Mr. Flynn and his son, Michael Flynn Jr., were to be paid as much as $15 million for delivering Fethullah Gulen to the Turkish government, according to people with knowledge of discussions Mr. Flynn had with Turkish representatives. President Recep Tayyip Erdogan, who has pressed the U.S. to extradite him, views the cleric as a political enemy.

But even the notion of bribery to facilitate human rights abuses is not something the US forgoes. One of the biggest disclosures from the SSCI Torture Report, for example, is how the Bush Administration worked to bribe other countries to let us build torture facilities in their countries.

The buddies of those now scolding such arrangements were part of that bribery operation.

The big question with Flynn is whether the similar bribe for this kidnapping operation would have been different from those under the table bribes we paid for our torture facilities. Did they go into the countries’ populace, or did they get pocketed by the national security officials doing the dirty deeds?

I actually don’t mean it to be a gotcha — though I would sure appreciate a little less hypocritical squeamishness from those who elsewhere view such irregular operations as the cost of keeping the country safe (as Erdogan claims to believe to be the case here).

Rather, I raise it to suggest that Mike Flynn knows where the bodies are buried every bit as much as David Petraeus did, when he was facing a criminal prosecution to which the best response was graymail. Flynn surely could demand records of any number of kidnapping operations the United States carried out, and he might well be able to point to bribes paid to make them happen, if Robert Mueller were to charge him for this stuff. It’s different, absolutely, that it happened on US soil. It may (or may not be) different that an individual decided to enrich himself for this stuff.

But this is the kind of thing — Mike Flynn knows well — that the US does do, and that certain hawks have in the past believed to be acceptable.

“The Goals That Are Being Scored” … the Carter Page Saga

/54 Comments/in , , /by

In the middle of the Carter Page testimony to the House Intelligence Committee last week, Adam Schiff tried to get him to answer whether he spoke about buying a stake of Rosneft during his July 2016 trip to Moscow — a key claim from the Steele dossier. Page professed that it might be possible, but he couldn’t remember such a discussion because he was watching Ronaldo on TV at the time.

He may have briefly mentioned it when we were looking up from this Portugal — Ronaldo, whoever the — you know, the goals that are being scored. That may have come up. But I have no definitive recollection of that.

Page comes off, often, as someone utterly clueless about how both the Trump campaign officials and the Russians trying to use him were doing so.

It depends on the definition of meet

That said, the most interesting bits involve the things Page tried to hide or obfuscate, such as his claim he never met Trump even after having been in a lot of meetings with him.

Mr. Rooney: Did you ever meet Mr. Trump?

Mr. Page: I have never met him in my life. I’ve been in a lot of meetings with him, and I’ve learned a lot from him, but never actually met him face-to-face.

He does the same with Arkadiy Dvorkovich, Russia’s Deputy Prime Minister, when Adam Schiff tries to point out that meeting him in July 2016 would amount to meeting a senior official.

Mr. Schiff: And you don’t consider him to be a high-up official or someone in an official capacity?

Mr. Page: I — nothing I — it was — again, I did not meet with him. I greeted him briefly as he was walking off the stage after his speech.

Page even compares these two instances of not-meetings later in his testimony.

[I]t goes back to the point I mentioned with listening to speeches, listening to particularly Arkadiy Dvorkovich’s speech, right. Again, great insights just like I learned great insights — even though I’ve met — I’ve never met Donald J. Trump in my life, I’ve learned a lot from him.

Ultimately, even Trey Gowdy finds this obfuscation around the word “meet” to be too much.

Mr. Gowdy: All right. I’ve written down four different words. I didn’t think I’d ever be going through this with anyone, but we’ve got to, I guess. You seem to draw a distinction between a meeting, a greeting, a conversation, and you hearing a speech.

JD Gordon’s central role

I pointed out last week how JD Gordon was playing the press in the wake of the Papadopoulos plea agreement being unsealed. Page’s testimony may explain why: because Gordon was the key person coordinating Page’s activities.

Page at first tries to hide this, before he admits that JD Gordon was his supervisor on the campaign.

And J.D. Gordon was brought in, and he was sort of the de facto organizers [sic] for our group, although not — there was no official command structure, because, again, it was an informal quasi think tank, if you will.

Page later describes Gordon as the most formal of the foreign policy group.

[T]he thing with J.D. is that — again, we’re an informal group, right. He was probably the most formal. I believe he may have even had — if I’m not mistaken, he may have had a Trump campaign email address. I had spoken with him on that — a few occasions that are — you know, we’d get together for a dinner. I may have sent an email or two to him on that. And again, he never definitively answered one way or another.

And Page seems to have treated his conversations with Gordon with some sensitivity (though there’s any number of reasons why this might be true, including that they were running a cutthroat political campaign). Eric Swalwell walks Page through an email in which he warned Gordon, in advance of a call, that he’d be in the “Third World” Laguardia Sky Club so could only listen, not speak.

Mr. Swalwell: In a May 24th, 2016, email to J.D. Gordon, Bates stamped [redacted], you wrote: “FYI: At the Newark Sky Club, Delta has a private room when you can have a confidential conversation, but, unfortunately, no such luck at Third World LaGuardia. So I’ll mostly be on receive mode, since there are a significant number of people in the lounge.”

Later in testimony, Schiff describes an email Page sent two days later, telling Gordon, “I’m planning to speak alongside the chairman and CEO of Sberbank as we’ll both be giving commencement addresses as Mosscow’s New economic School on July 8” (in fact the meeting never happened; though that may be because Dvorkovich replaced him).

Perhaps most damning of all, when Page “mentioned to [Jeff Sessions] in passing” (yet another exchange that shows Sessions perjured himself before the Senate) that he was about to go to Moscow, Gordon and Papadopoulos were present as well.

Mr. Schiff: Let me take you back to what we were discussing before our break, the meeting you had at the Republican National Headquarters I think is the building you’re referring to, if I understand correctly. What was the nature of the discussions at that meeting with Mr. Sessions, then-Senator Sessions — was J.D. Gordon present?

Mr. Page: I believe he was.

Mr. Schiff: And George Papadopoulos you believe was there?

Mr. Page: I believe, yes, to the best of my recollection.

This puts some of the key players together, discussing how Page’s trip to Moscow might benefit the campaign.

Finally, in spite of his efforts to downplay his exchange with Dvokovich, Page’s letter to Gordon boasting about it was a key focus.

Mr. Schiff: And in that [email], Dr. Page, didn’t you state, on Thursday and Friday, July 7 and 8, 2016: “Campaign Adviser Carter Page” — you’re referring to yourself in the third person — “presented before gatherings at the New Economic Schoo, NES, in Moscow, including their 2006 [sic] commencement ceremony. Russian Deputy Prime Minister and NES Board Member Arkadiy Dvorkovich also spoke before the event. In a private conversation, Dvorkovich expressed strong support for Mr. Trump and a desire to work toward devising better solutions in response to the vast range of current international problems”?

The others

While less substantive than the focus on JD Gordon, it’s clear Democratic members were interested in the roles of others: Corey Lewandowski, who “hired” Page and okayed his trip to Russia, Hope Hicks, who was in the loop, Sam Clovis, who made him sign an NDA and had another meeting with him before he left for Russia, and Michael Cohen, who kept the NDA (and in fact didn’t provide Page his promised copy). Schiff also got the list of those responsible for changing the platform (which I think is overblown) into the record: in addition to Gordon, Joseph Schmitz, Bert Mizusawa, Chuck Kubic, Walid Phares, and Tera Dahl.

But the most interesting exchange came right at the end, when Schiff walked Page through a list of people he might have interacted when. When he asked about Eric Trump, Page admitted to sending his resignation to the son.

Mr. Schiff: Eric Trump.

Mr. Page: I — when I sent in my letter of — saying that I am taking a leave of absence from the campaign, I sent an email to him and a bunch of other individuals. So that was on — late Sunday night, after I sent the letter to James Comey. I sent a copy of that to them.

Mr. Schiff: So you sent a letter to Eric Trump, but you have had no other interaction with him apart from that?

Mr. Page: No. No.

Mueller probably interviewed Page during the Papadopoulos lag

Finally, there is perhaps the most important detail. Page admits he has spoken with the FBI this year 4-5 times (he appears to have been represented by a lawyer earlier this year, but he’s now draining his savings and representing himself). When asked if he has met with Mueller’s investigators, he notes what I did: his October 10 letter sort of pleading the Fifth was addressed, first and foremost, to Robert Mueller, which would put his testimony between the time George Papadopoulos pled guilty to false statements and the time it was unsealed — the time when Mueller was locking in the testimony of everyone implicated by Papadopoulos’ cooperation.

As I noted the other day, in the affidavit the FBI wrote explaining why they wanted to seal any notice of Papadopoulos’ plea deal, they described their plans to get the testimony of the people who had knowledge between Russians and the campaign.

The investigation is ongoing and includes pursuing leads from information provided by and related to the defendant regarding communications he had, inter alia, with certain other individuals associated with the campaign. The government will very shortly seek, among other investigative steps, to interview certain individuals who may have knowledge of contacts between Russian nationals (or Russia-connected foreign nationals) and the campaign, including the contacts between the defendant and foreign nationals set forth in the Statement of Offense incorporated into the defendants plea agreement.

All the people interviewed in what I’ll call the Papadopoulos lag — the time between when he pled guilty and the time they unsealed his plea — likely operated with the false confidence that the Mueller team would not know of conversations among campaign staffers. It appears that Page (like Sam Clovis, and, probably,JD Gordon) was interviewed in that period.

Be Wary of Jumping on the Changing Veselnitskaya Claims

/33 Comments/in , , /by

Boy oh boy, Natalia Vesenitskaya continues to work the press.

Veselnitskaya reverses a previous claim that the June 9, 2016 meeting didn’t mention the election

Bloomberg has a story based on a two and a half hour interview — on an unspecified date — with the Russian lawyer who met with Don Jr, Jared Kushner, and Paul Manafort at Trump Tower on June 9, 2016. In it, she adds to the story she has told in the past to claim that Don Jr suggested the US might revisit the Magnitsky sanctions if his dad got elected.

A Russian lawyer who met with President Donald Trump’s oldest son last year says he indicated that a law targeting Russia could be re-examined if his father won the election and asked her for written evidence that illegal proceeds went to Hillary Clinton’s campaign.

The lawyer, Natalia Veselnitskaya, said in a two-and-a-half-hour interview in Moscow that she would tell these and other things to the Senate Judiciary Committee on condition that her answers be made public, something it hasn’t agreed to. She has received scores of questions from the committee, which is investigating possible collusion between Russia and the Trump campaign. Veselnitskaya said she’s also ready — if asked — to testify to Special Counsel Robert Mueller.

Here’s the line of the story that, if accurate, introduces a damning new aspect of the story.

“Looking ahead, if we come to power, we can return to this issue and think what to do about it,’’ Trump Jr. said of the 2012 law, she recalled. “I understand our side may have messed up, but it’ll take a long time to get to the bottom of it,” he added, according to her.

Perhaps my favorite detail of the story, however, is that she suggests Paul Manafort (the only one known to have taken contemporaneous notes from the meeting) appeared to have been asleep, leaving Don Jr as the only woke witness to what went down.

Kushner left after a few minutes and Manafort appeared to have fallen asleep. “The meeting was a failure; none of us understood what the point of it had been,’’ Veselnitskaya said, adding she had no further contacts with the Trump campaign.

As Bill Browder noted, this marks a change in her story, one which must be contextualized with recent events.

In the days immediately after the story broke, Veselnitskaya released a statement saying nothing about the presidential election came up.

Ms. Veselnitskaya said in a statement on Saturday that “nothing at all about the presidential campaign” was discussed at the Trump Tower meeting. She recalled that after about 10 minutes, either Mr. Kushner or Mr. Manafort left the room.

She said she had “never acted on behalf of the Russian government” and “never discussed any of these matters with any representative of the Russian government.”

Now, she’s claiming different. I’d suggest that this claim, like all that have gone before, should be treated really really skeptically — especially published in the wake of allegations that campaign officials would have walked into that meeting expecting “dirt” to mean emails, not to mention as Veselnitskaya makes another bid to come to the US and Trump prepares to meet directly with Putin.

Veselnitskaya makes this claim as she tries to come to the US and Agalarov attempts to shape the story

Here’s what the recent timeline looks like:

October 4: Burr was asked last month about Veselnitskaya, and suggested SSCI had already reached out.

Q: Is the Russian attorney going to come through, the Russian who met with Donald Trump Jr., she’s offered to come in open committee. Have you reached out to her? Is she one of the 25 on your list?

Burr: How do you know we haven’t already [heard from] her?

October 9: A CNN story produced with involvement of Scott Balber, who is currently representing Aras and Amin Agalarov (who set up the June 9 meeting in the first place), but who has represented Trump in the past, attempts to rebut the public comments and presumed testimony of Rod Goldstone on two points. First, that the meeting was about dealing dirt, and second, that it was about anything but the Magnitsky sanctions.

The documents were provided by Scott Balber, who represents Aras and Emin Agalarov, the billionaire real estate developer and his pop star son who requested the June 2016 meeting.

Balber, who went to Moscow to obtain the documents from Veselnitskaya, said in an interview with CNN that the emails and talking points show she was focused on repealing the Magnitsky Act, not providing damaging information on Clinton.
The message was muddled, Balber said, when it was passed like a game of telephone from Veselnitskaya through the Agalarovs to Goldstone.

Balber also suggested that Goldstone “probably exaggerated and maybe willfully contorted the facts for the purpose of making the meeting interesting to the Trump people.”

Goldstone declined to comment for this story.

“The documents and what she told me are consistent with my client’s understanding of the purpose of the meeting which was from the beginning and at all times thereafter about her efforts to launch a legislative review of the Magnitsky Act,” Balber said.

October 18: Chuck Grassley sends a long list of questions to Veselnitskaya, demanding a response to schedule a transcribed, non-public interview, by October 20. Incidentally, I find this to be the most curious of the questions.

Did Mr. Goldstone or anyone else discuss a proposal regarding Vkontakte (VK) during the June 9, 2016 meeting?

October 19: In remarks in Sochi, amid a complaint about Magnitsky sanctions, Putin tells listeners to look at American sources for details of Ziff political contributions, closely mirroring the talking points now claimed to derived from Veselnitskaya.

What do I think about what you have just said, about Canada joining or wanting to join, or about somebody else wanting to do it? These are all some very unconstructive political games over things, which are in essence not what they look like, to be treated in such a way or to fuss about so much. What lies underneath these events? Underneath are the criminal activities of an entire gang led by one particular man, I believe Browder is his name, who lived in the Russian Federation for ten years as a tourist and conducted activities, which were on the verge of being illegal, by buying Russian company stock without any right to do so, not being a Russian resident, and by moving tens and hundreds of millions of dollars out of the country and hence avoiding any taxes not only here but in the United States as well.

According to open sources, I mean American open sources, please look up Ziff Brothers, the company Mr Browder was connected with, which has been sponsoring the Democratic Party and, substantially less, the Republican Party during recent years. I think the latest transfer, in the open sources I mean, was $1,200,000 for the Democratic Party. This is how they protect themselves.

In Russia, Mr Browder was sentenced in his absence to 9 years in prison for his scam. However, no one is working on it. Our prosecution has already turned to the appropriate US agencies such as the Department of Justice and the Office of the Attorney General for certain information so we can work together on this. However, there is simply no response. This is just used to blow up more anti-Russian hysteria. Nobody wants to look into the matter, into what is actually beneath it. At the bottom of it, as usual, is crime, deception and theft.

October 27: Stories that note Veselnitskaya crafted the talking points on Browder and Ziff, which were then picked up by Russia’s prosecutor general Yuri Chaika, are used to suggest that that means Veselnitskaya got the talking points she wrote from Chaika. In conjunction, several iterations of the talking points are released (but not the ones she originally wrote). Also, Balber again weighs in to distance Agalarov.

Donald Trump Jr. has dismissed Mr. Goldstone’s emails as “goosed-up.” Mr. Balber blamed miscommunication among those arranging the meeting. “Mr. Agalarov unequivocally, absolutely, never spoke to Mr. Chaika or his office about these issues,” he said.

October 30: George Papadopoulos plea makes it clear that that Papadopoulos originally lied to the FBI to hide two things: 1) attempts in the weeks and months after March 31, 2016 to set up meetings with Russians, and 2) knowledge that Russians had dirt on Hillary Clinton in the form of thousands of emails. On the same day, Paul Manafort is indicted, raising the possibility he’ll flip on Trump. Also on same day, government informs SDNY that Prevezon has not paid its fine from May settlement, and asks for the case to be reopened.

October 31: Quinn Emanuel, representing Prevezon, asks that Veselnitskaya be given immigration parole for hearing.

November 2: Government objects to Prevezon request for immigration parole for Vesenitskaya, reiterating in the process they had objected to her entry in 2016, but that she got immigration parole in any case, which she used to attend the June 9 meeting.

The Government, however, has previously refused to extend immigration parole to Katsyv and Veselnitskaya during time periods when they were not to be witnesses. In particular, in the spring of 2016, then-counsel for Prevezon asked the Government to consent to parole for Katsyv and Veselnitskaya to prepare for and attend oral arguments in the Second Circuit on Hermitage’s motion to disqualify Prevezon’s counsel. Because there was no testimony to be given at a Second Circuit oral argument, the Government refused to grant parole to Katsyv or Veselnitskaya for that period. See Ex. A (March 9, 2016 letter to John Moscow).1

Subsequently, according to public news reports, Veselnitskaya obtained a visa from the State Department allowing her to enter the United States to attend the oral argument on June 9, 2016, a day on which she also reportedly engaged in a meeting with representatives of the Trump presidential campaign. See Brook Singman, Mystery Solved? Timeline Shows How RussianLawyer Got into U.S. for Trump Jr. Meeting, Fox News (July 14, 2017), available at http://www.foxnews.com/politics/2017/07/14/mystery-solved-timeline-shows-how-russianlawyer-got-into-us-for-trump-jr-meeting.html. This Office had no involvement in the granting of that visa and has no knowledge of whether Veselnitskaya has attempted to obtain another such visa to enter the country for these proceedings.

[snip]

If a testimonial hearing is ultimately required, and if it features Veselnitskaya or Katsyv as witnesses, the Government can revisit its parole determination at that time.2

2 The Government may not, however, again admit Veselnitskaya into the country to assist in witness preparation if she is not herself a witness. Although the Government did so previously, Veselnitskaya’s reported meeting with presidential campaign officials in June of 2016 (of which this Office was not aware prior to its public reporting) or other factors may alter this assessment. In any event, it is premature to reach this issue where no testimonial hearing is currently scheduled, and none is likely ever to be scheduled.

November 3: Judge Pauley denies Prevezon’s bid for immigration parole for Veselnitskaya.

November 6: Bloomberg story for the first time says Don Jr said he might consider lifting Magnitsky sanctions. It also repeats Veselnitskaya’s promise to answer SJC questions if her answers can be made public.

Senator Chuck Grassley, an Iowa Republican who chairs the Senate Judiciary Committee, has sent her more than 90 questions concerning the meeting, asking whether she knows Putin, Manafort and Kushner, and requesting information about Russian hacking and interference, she said. “That I definitely don’t have!” the lawyer said. “I made up my mind a long time ago: My testimony must be honest, full and public.”

Taylor Foy, a Grassley spokesman, said, “We are encouraged that she is planning to cooperate and look forward to receiving the information.” He wouldn’t comment on whether the committee would comply with her request to make her answers public.

November 10-11: Trump and Putin will meet in Danang, Vietnam, purportedly to talk about North Korea.

This feels like a limited hangout

All of which is to say that the efforts of the last month feel like a limited hangout — an attempt to avoid potentially more damaging revelations with new admissions about Magnitsky. That’s not to say the Magnitsky discussion didn’t happen. It’s to say the potential admissions — down to Veselnitskaya’s claim that, “I definitely don’t have!” information on Russian hacking and interference — have gotten far more damaging since when, in July, she claimed the election didn’t come up.

At the very least, it seems the players — particularly the Trump sponsor Agalarovs  are concerned about what Rob Goldstone has had to say to whatever investigative body — and are now trying to cement a different more damning one, yet one that still stops short of what they might admit to.

In either case, another thing seems clear: Veselnitskaya attempted to come to the country, using the same method she did when she actually used her presence to pitch Don Jr. After that meeting was denied, Trump went from suggesting he might meet with Putin to confirming that he plans to.

Reasons Why Dems Have Been Fucking Stupid on the Steele Dossier: a Long Essay

/93 Comments/in , /by

Let me start this post by reposting in full my explanation of why Trump opponents are idiots for clinging to the Steele dossier, so I can add to that with an explanation of why the disclosure that Marc Elias paid for the dossier on behalf of Hillary and the DNC makes it far, far worse.

I have zero doubt that the Russians attempted to influence the election. I think it likely Robert Mueller will eventually show evidence that senior people in Trump’s camp attempted to and may have coordinated with people working for Russia, and people more tangential to the campaign sought out Russians for help. I think if the full story of the Russian involvement in the election comes out, it will be worse than what people currently imagine.

I also think Trump opponents have made a really grave error in investing so much in the Steele dossier. That’s true because, from the start, there were some real provenance questions about it, as leaked. Those questions have only grown, as I’ll explain below. The dossier was always way behind ongoing reporting on the hack-and-leak, meaning it is utterly useless for one of the most important parts of last year’s tampering. The dossier provides Trump officials a really easy way to rebut claims of involvement, even when (such as with Michael Cohen) there is ample other evidence to suggest inappropriate ties with Russia. Most importantly, the dossier is not needed for the most common reason people cling to it, to provide a framework to understand Trump’s compromise by Russia. By late January, WaPo’s reporting did a far better job of that, with the advantage that it generally proceeded from events with more public demonstrable proof. And (again, given the abundance of other evidence) there’s no reason to believe the Mueller investigation depends on it.

But because Trump opponents have clung to the damn dossier for months, like a baby’s blanket, hoping for a pee tape, it allows Trump, Republicans, and Russians to engage in lawfare and other means to discredit the dossier as if discrediting the dossier will make the pile of other incriminating evidence disappear.

So let’s see how the Marc Elias disclosure makes this far, far worse.

The WaPo reports that Elias’ firm, Perkins Coie, acting on behalf of both Hillary and the DNC, paid Fusion GPS. And they did so much earlier than previously reported, starting in April.

Marc E. Elias, a lawyer representing the Clinton campaign and the DNC, retained Fusion GPS, a Washington firm, to conduct the research.

After that, Fusion GPS hired dossier author Christopher Steele, a former British intelligence officer with ties to the FBI and the U.S. intelligence community, according to those people, who spoke on the condition of anonymity.

Elias and his law firm, Perkins Coie, retained the company in April 2016 on behalf of the Clinton campaign and the DNC. Before that agreement, Fusion GPS’s research into Trump was funded by an unknown Republican client during the GOP primary.

Given the numbering of the dossier, the April date makes far better sense than the June date. In fact, on January 13, I said, “It must have started sometime in April.” Yay me — that’s the one piece of prescience I’ll write about here I’m happy about.

The news comes as Fusion has been digging itself deeper and deeper into a perjury hole in an effort to protect Elias and the Democrats, just as they would have had to release financial documents showing Perkins Coie’s involvement in any case (I’ll do a follow-up to show that Fusion seems to have been using a cute definition of “client” in its sworn legal declarations about the dossier).

Some of the details are included in a Tuesday letter sent by Perkins Coie to a lawyer representing Fusion GPS, telling the research firm that it was released from a ­client-confidentiality obligation. The letter was prompted by a legal fight over a subpoena for Fusion GPS’s bank records.

As the WaPo and an army of Dem flacks have noted since this story broke, it is totally normal to pay oppo research firms for dirt on opponents.

It is!!

Which ought to raise really big questions why Elias didn’t come forward before now to simply admit that Hillary and the Dems — rather than some unnamed big donor as has always been intimated — were doing what every campaign normally does.

And there are several likely reasons for that.

First, consider what position this puts the FBI in. Steele started sharing his information with the FBI during the summer, possibly before the FBI opened an investigation into Trump’s Russian ties (though the CIA claims to have had a report in June about such ties, so the investigation doesn’t derive exclusively from the dossier). It’s still unclear — not even given Steele’s legal statements on this fact — whether Steele shared the information on his own, or whether Fusion permitted him to share. It’s also not clear whether Steele disclosed to FBI who was paying for his work (or even if he actually knew). But it is qualitatively different for the FBI to accept and respond to information from a political party than it is to respond to information paid for by — say — a rich private person like George Soros. That is, admittedly, how the Whitewater investigation got started (so I can appreciate the irony), but it was wrong then and it’s wrong now.

Note, this detail also provides a much better explanation for why the FBI backed out of its planned relationship with Steele in October, one that matches my supposition. As soon as it became clear Elias was leaking the dossier all over as oppo research, the FBI realized how inappropriate it was to use the information themselves, no matter how credible Steele is. This also likely explains why FBI seeded a story with NYT, one Democrats have complained about incessantly since, reporting “none of the investigations so far have found any conclusive or direct link between Mr. Trump and the Russian government.” Ham-handed? Sure. But in the wake of Harry Reid and David Corn’s attempts to force FBI to reveal what Democratic oppo research had handed to FBI, the FBI needed to distance themselves from the oppo research, and make sure they didn’t become part of it. Particularly if Steele was not fully forthcoming about who was paying him, the FBI was fucked.

And consider what Hillary and the DNC did. Back when the June 9 Trump Tower meeting first broke, I warned Democrats who were screaming that this was proof of collusion to be very careful of how they defined it.

[T]hus far, it is not evidence of collusion, contrary to what a lot of people are saying.

That’s true, most obviously, because we only have the implicit offer of a quid pro quo: dirt on Hillary — the source of which is unknown — in exchange for sanctions relief. We don’t (yet) have evidence that Don Jr and his co-conspirators acted on that quid pro quo.

But it’s also true because if that’s the standard for collusion, then Hillary’s campaign is in trouble for doing the same.

Remember: A supporter of Hillary Clinton paid an opposition research firm, Fusion GPS, to hire a British spy who in turn paid money to Russians — including people even closer to the Kremlin than Veselnitskaya — for Russia-related dirt on Don Jr’s dad.

Yes, the Clinton campaign was full of adults, and so kept their Russian-paying oppo research far better removed from the key players on the campaign than Trump’s campaign, which was run by incompetents. But if obtaining dirt from Russians — even paying Russians to obtain dirt — is collusion, then a whole bunch of people colluded with Russians (and a bunch of other foreign entities, I’m sure), including whatever Republican originally paid Fusion for dirt on Trump.

Breaking: Our political process is sleazy as fuck (but then, so are most of our politicians).

I assumed at the time that Democrats were adults and provided Hillary some plausible deniability and distance from the payments to ex-spooks who in turn paid Russian spies.

Serves me right for underestimating, yet again, Hillary’s ability to score own goals, because Nope! They’re not that adult! And so while it pains me greatly to have to say this, the Dems who screamed “COLLUSION!!!!!!!!” after evidence of a meeting but not payment have earned this attack from Ari Fleischer, accusing them of colluding, because that’s the standard they adopted at the time.

Finally, there’s the most interesting thing implicated by the disclosure that Perkins Coie partner Marc Elias paid for the dossier.

As noted, the WaPo explains Elias started to do so in April, which makes far more sense given the numbering of the dossier. But Steele, we know, was brought in in June; his first report, about whether Russia had kompromat on Hillary, was June 20. That means Steele’s involvement, paid for by Perkins Coie, postdates the involvement of Perkins Coie partner (and former DOJ prosecutor who should have known better than to do this) Michael Sussman in the DNC’s response to learning they were hacked by Russia, starting around April 29.

“Not sure it is related to what the F.B.I. has been noticing,” said one internal D.N.C. email sent on April 29. “The D.N.C. may have been hacked in a serious way this week, with password theft, etc.”

No one knew just how bad the breach was — but it was clear that a lot more than a single filing cabinet worth of materials might have been taken. A secret committee was immediately created, including Ms. Dacey, Ms. Wasserman Schultz, Mr. Brown and Michael Sussmann, a former cybercrimes prosecutor at the Department of Justice who now works at Perkins Coie, the Washington law firm that handles D.N.C. political matters.

“Three most important questions,” Mr. Sussmann wrote to his clients the night the break-in was confirmed. “1) What data was accessed? 2) How was it done? 3) How do we stop it?”

It also means that Steele’s involvement — paid for by Perkins Coie — roughly coincides with the time Democrats and Perkins Coie partner Michael Sussman first sat down with the FBI and pushed the FBI to “tell the American public that” Russia had attacked the Democrats.

The D.N.C. executives and their lawyer had their first formal meeting with senior F.B.I. officials in mid-June, nine months after the bureau’s first call to the tech-support contractor. Among the early requests at that meeting, according to participants: that the federal government make a quick “attribution” formally blaming actors with ties to Russian government for the attack to make clear that it was not routine hacking but foreign espionage.

“You have a presidential election underway here and you know that the Russians have hacked into the D.N.C.,” Mr. Sussmann said, recalling the message to the F.B.I. “We need to tell the American public that. And soon.”

Shortly thereafter, Steele, paid for by Perkins Coie, started sharing reports with the FBI, with as yet unknown disclosure to them about who was paying his bills. Do you see why this is a problem yet?

Note, too, the irony. The DNC was unwilling to share their server directly with the FBI. But they were willing to launder their intelligence to it.

Not cool, Democrats. Also, not smart.

Now, add to this massive own goal the Democrats have scored on themselves. The second report in the released dossier, is dated July 26, released four days after WikiLeaks started releasing the DNC emails, making it clear the Democrats had a far bigger hack-and-leak problem on their hands than they had let on in a June 14 story to the WaPo. It is an incredibly back-assward report on Russian hacking that proved unaware of the most basic publicly known details about Russia’s hacking (the Democrats would have been better served reading this report that had been released ten months before, which is almost certainly what FBI was trying to point them to when they first warned of the hack in September). That is, in the wake of the DNC hack, the Democrats’ lawyer paid for private intelligence about Russian involvement with Trump, and they ended up paying someone whose sources (because Steele is a follow-the-money guy, not a follow-the-packets guy) consistently were months and months behind the public knowledge on the hack.

Yikes.

Finally, one more point. It has been clear for some time that Steele’s reports had some kind of feedback loop, responding to information the Democrats got. That was most obvious with respect to the September 14 Alfa Bank report, which was obviously written after first news of the Alfa Bank/Trump Tower story, which was pushed by Democratic partisans. Particularly given that we know the released report is a selective release of just some reports from the dossier, the inclusion of Alfa Bank in that release makes no sense. Even if reports about old corrupt ties between Alfa and Putin are true (as if Democratic politicians and corrupt American banks never have old ties), the inclusion of the Alfa report in the dossier on Trump made zero sense.

Which is why Alfa Bank decided — after consulting with big Republican lawyers like Viet Dinh and soon-to-be DOJ Criminal Division Chief Brian Benczkowski — to sue for defamation. Now I understand why (particularly given that Republicans seem to have known who paid for the dossier for some time). I’m not sure Alfa Bank executives pass the bar for defamation here (though the publication of a report that misspelled Alfa’s name is pretty damning), but the fact that Elias paid for this dossier on behalf of the Democrats is going to make that defamation case far more explosive (and I’ll be surprised if Elias doesn’t get added into the mix).

As I said when I began this: I have no doubt Russia tampered with the election, and if the full truth comes out I think it will be more damning than people now imagine.

But the Democrats have really really really fucked things up with their failures to maintain better ethical distance between the candidate and the dossier, and between the party and the FBI sharing. They’ve made things worse by waiting so long to reveal this, rather that pitching it as normal sleazy political oppo research a year ago.

The case of Russian preference for Trump is solid. The evidence his top aides were happy to serve as Russian agents is strong.

But rather than let FBI make the case for that, Democrats instead tried to make their own case, and they did in such a way as to make the very solid case against Trump dependent on their defense of the dosser, rather than on better backed claims released since then.

Boy it seems sadly familiar, Democrats committing own goals like this. And all that’s before where the lawfare on this dossier is going to go.

Update, 12/6/17: This, from April, is a really interesting claim by claim debunking of the dossier.

Christopher Wray and the Myth Created by Parallel Construction

/7 Comments/in , /by

At the Friday Heritage Foundation Section 702 event, FBI Director Christopher Wray argued that reforming Section 702 (he suggested, illogically, making any reforms) would rebuild the wall taken down after 9/11. (Here’s the transcript, which unfortunately doesn’t include the Q&A period.)

I think back to the time that I was in government before on 9/11, right before 9/11, right after 9/11. I think about how hard dedicated men and women throughout the intelligence community worked to try to tear down the walls that had prevented us from connecting all the information that might have been able to prevent those attacks. As I said at the beginning, listening to this debate right now, watching some of the potential ideas that are being floated strikes me as eerily similar to people, well-intentioned, starting to put bricks into a wall.

There are problems with that argument (which have as much to do with our national myopia about the risks we face and how we’ve combatted them as anything else). But I’m grateful Wray made an effort to avoid the ad hominem attacks some of Section 702’s other boosters have resorted to.

Still, Wray’s response to concerns about using Section 702 in criminal prosecutions got dangerously close to that. In response to a question from David Shedd, Wray said that concerns about the topic derive from a myth. Those of us with such concerns, Wray said, are just “confused.”

There’s been a little bit of myth development in that space. When we talk about the criminal side, I think it’s important to distinguish between the tip and lead kind of scenario that I’m describing, which is where Section 702 is so important, and the prosecution end of it, where the information of any sort is being used. Section 702 has not been used for any traditional criminal case as evidence in a trial or anything like that ever, except in about 10 terrorism prosecutions. So the notion that there are criminal agents using Section 702 to make garden variety criminal cases, that’s just myth. It is not happening.

I’m reluctant to try to guess as to how people who are confused get confused. My goal is to get them straight.

To claim this is a myth, of course, Wray has to rely on a bogus number of defendants who have gotten their legally required 702 notice — ten counterterrorism cases — thereby pretending that 702 hasn’t had a key role in far, far more criminal cases, and not just in counterterrorism cases, but also counterespionage (including nation-state hacking) and counterproliferation cases.  (Interestingly, defendants are only known to have gotten notice in eight cases, meaning Wray may have revealed two more where defendants got non-public notice.) Plus, as I’ve noted, FBI submitted notice about attorney-client violations to FISC in nine cases in the time since DOJ largely stopped giving defendants notice.

The numbers just don’t add up.

Which means, in significant part, what Wray calls a myth is, in reality, parallel construction, a myth of a different sort, the myth that law enforcement tells defendants about where their cases came from or why certain approaches were used with the case, the myth created by DOJ’s secret interpretations about how they deal with legally mandated FISA notice. The myth that decides Keith Gartenlaub is a counterintelligence threat because of the conversations he conducts on Skype, a PRISM provider, with his in-laws, only to scrub all mention of those Skype conversations (and, DOJ presumably maintains in its secret policies on the issue, the legal obligation to give notice) once you go to trial.

Wray goes on to blithely describe how content collected without a warrant comes to define the tips FBI Agents get, even before any evidence has been collected.

There’s the information over here, that the Agent is seeing in real time in the US. That’s the tip or the lead. And then there’s the information in the database. And it’s the connection that’s important. Let me talk about what’s in the database, first, and what isn’t. What’s in the database — that 4.3% [of the NSA’s targets] — that’s not evidence of garden variety criminal conduct. The only stuff that’s in that is information about foreigners, reasonably believed to be overseas, for foreign intelligence purposes. So that’s foreign intelligence information in there. That’s not evidence of … I don’t know, pick an example, you know, child porn, or something else. It could be very serious, but that’s not what’s in there. So the Agent over here, if he’s in national security investigator is connecting national sec–something that he thinks is national security information with foreign intelligence information. The criminal agent, who is not doing anything related to national security, he’s not looking to try to find some national security hook for his case. He’s just trying to make sure — let’s say he’s got a cigarette smuggling case — one of the things we know is that terrorist groups have used things like cigarette smuggling to finance their activities. There are cases that Department of Justice has brought over the years on that very thing. Cigarette smuggling is a crime. Well, it could be handled one way but if it turns out that cigarette smuggling that’s designed to support Hezballah, that’s different. It needs to be viewed differently. But we won’t know if we just build a wall between the Agent and the information that’s sitting right over here in the FBI database. [my emphasis]

Wray makes another error here, in claiming that “That’s not evidence of … I don’t know, pick an example, you know, child porn,” in the information FBI deems foreign intelligence information. Either that, or the government should very quickly inform the Ninth Circuit of that fact, because Keith Gartenlaub is as we speak challenging the use of a physical search FISA order to turn nine-year old child porn lying unaccessed on his hard drives into foreign intelligence information and thereafter into a criminal prosecution.

But it’s not just Gartenlaub and a traditional FISA search. Given that 702 PRISM collection obtains not only emails, but also attachments and data stored in the cloud, it will obtain a lot more than communications, including photos. Those photos may be garden variety sexy photos shared between adults (indeed, photos of that kind were also introduced in Gartenlaub’s case). But they also may be abusive photos of children. The Intelligence Community will use both kinds — as well as all the other kinds of non-email information obtained by targeting email accounts — for its foreign intelligence purposes.

It’s fairly unfortunate that, three years after FBI asked for and obtained a change in its Section 702 minimization procedures so as to be able to easily deal with child porn discovered using it, the FBI Director claimed publicly that Section 702  data doesn’t include child porn.

Of course it does.

Whether we should want the FBI to immediately prosecute child porn discovered in the name of foreign intelligence information or, first (as happened with Gartenlaub) use it to try to flip someone to become an informant, is a policy discussion we’re not having.

But the reason we’re not having that discussion is because of the other myth being told, the myths about prosecutions that have used parallel construction to hide the whys and wherefores of the case, in large part to sustain the myth Wray is telling here, that those tips and that warrantless collection have nothing to do with each other.

I appreciate Wray’s efforts to avoid dodging the key issues by attacking those of us who recognize the 702 needs reform. But what is really going on is that the myths the government tells about how intelligence is used serves to make a real policy discussion difficult (for people like me, who know the criminal cases) and impossible (for staffers and members of Congress, who don’t). Wray and others in the intelligence community have grown so accustomed to these myths (see this Bob Litt exchange for an example), that they don’t even seem to see the implications of parallel construction for our claims to due process anymore. If we’re confused about the use of 702 information in criminal proceedings, the government is confused about how metasticizing parallel construction rots the guarantees in our Constitution.

I imagine FBI would like to defer this discussion once again; pretending reformers are the ones inventing myths is a good way to do that. But it’s important, this time around, that we call the government on the myths they tell, even while they claim we’re the ones who’re confused.

Update: When I asked FBI about the discrepancy in numbers (8 versus 10), a spox emphasized that Wray said “about” 10 cases have used 702 evidence.

The Slow Death of Neoliberalism: Part 2

/62 Comments/in , , /by

The Slow Death of Neoliberalism Part 1.

This post focuses on the failings of neoliberal economic theory. Neoliberalism arises out of positivist philosophy, defined in Part 1. Positivism is the theory that the only true knowledge comes from the scientific process.

There are five main principles behind Positivism:

1. The logic of inquiry is the same across all sciences (both social and natural).

2. The goal of inquiry is to explain and predict, and thereby to discover necessary and sufficient conditions for any phenomenon.

3. Research should be empirically observable with human senses, and should use inductive logic to develop statements that can be tested.

4. Science is not the same as common sense, and researchers must be careful not to let common sense bias their research.

5. Science should be judged by logic, and should be as value-free as possible. The ultimate goal of science is to produce knowledge, regardless of politics, morals, values, etc.

Economists created a group of sayings which they put in their introductory textbooks and teach as laws and principles to their students at all levels. For example, N. Gregory Mankiw, economics professor at Harvard, starts his introductory economics textbook Principles of Macroeconomics with a list of ten Principles he claims almost all economists agree are true. Any thoughtful person reading this list will see that these ten statements are either tautological (you can’t do two things at once) or are mere rules of thumb. The idea that you could build a positivist science on this foundation is absurd. But Mankiw disagrees, and so does everyone who took Econ 101 and stopped, and especially so do the elites from our top schools.

It’s not surprising, then, that this version of economics is failing. It cannot perform the basic goal of a scientific theory, making accurate predictions. Economic models have failed and will continue to fail to predict disasters; and there isn’t much hope that they will ever be able to predict anything of interest.

In Part 1 I pointed out that the positivist program can’t be easily adapted to the social sciences. David Andolfatto of the St. Louis Fed agrees, and tells us what we can expect from economics:

But seriously, the delivery of precise time-dated forecasts of events is a mug’s game. If this is your goal, then you probably can’t beat theory-free statistical forecasting techniques. But this is not what economics is about. The goal, instead, is to develop theories that can be used to organize our thinking about various aspects of the way an economy functions. Most of these theories are “partial” in nature, designed to address a specific set of phenomena (there is no “grand unifying theory” so many theories coexist). These theories can also be used to make conditional forecasts: IF a set of circumstances hold, THEN a number of events are likely to follow. The models based on these theories can be used as laboratories to test and measure the effect, and desirability, of alternative hypothetical policy interventions (something not possible with purely statistical forecasting models).

This obvious straw man at the beginning of this quote is typical of the arrogant economist described by Marion Fourcade. But let’s see how well the economist business does at the weak test of effectiveness offered by Andolfatto.

For decades economists taught the Kuznets Curve which they said shows that as industrialization proceeds, economic inequality first rises and then falls.
Thomas Piketty takes up this theory in Capital In The Twenty-First Century, and extends the data forwards and backwards from the early 1950s. Here’s a graph of top decile income share from 1910 to 2010 from Wikipedia.

Looking at that graph through the time Kuznets wrote, the early 50s, it might be read to support that hypothesis. The sudden rise, starting under Reagan and continuing ever since, completely contradicts the hypothesis. That didn’t stop people from teaching it.

The Phillips Curve asserts that there is a connection between inflation and unemployment: as the unemployment rate drops, inflation increases. It’s one of Mankiw’s 10 principles; and it’s deeply embedded in the models used by the Fed to decide interest rates. It’s mostly wrong. Here’s a recent debunking from the Philadelphia Fed, concluding that the Phillips Curve might help forecast inflation in a weak economy, but does not work in an expanding economy.

The Wikipedia Page for Phillips Curve says that:

The original Phillips curve literature was not based on the unaided application of economic theory. Instead, it was based on empirical generalizations. After that, economists tried to develop theories that fit the data.

A 2008 paper, The History of the Phillips Curve: Consensus and Bifurcation, Economica (2008), P. 10, lays out the history in detail. Roughly speaking, it begins with the observation by William Phillips that in the UK there was a stable relation between the rate of wage growth and inflation over a substantial period of time, and deviations could be explained reasonably. This paper was picked up by Paul Samuelson and Robert Solow and turned into the earliest mathematical formula in 1958. Since then there have been a number of occasions where the Phillips Curve failed, and each time economists just grab some more of their existing tools and try to fix it or explain the failure, in each case after policy-makers have gone on as if it were right and forced bad results on the economy and especially the wages of workers.

Here’s a third example. Economists say that the reason wages are stagnant is that productivity is flat, as if there were a relation between wages and productivity. Anyone who looks at this chart and reads this article from the Economic Policy Institute will have a huge question about that.

And that isn’t just the right-wing. Plenty of centrist Democrats make the same argument. And by the way, what does this say about the central theory of free market economics that supply and demand for labor set prices?

As I say here and here, neoliberal economists used their ideology of free markets to influence policy and to change the entire way we think about society without having the slightest idea of the consequences of their meddling because their models aren’t designed to deal with changes in societies or economies. As my examples show, they just keep on regardless of the success or failure of their predictions, and politicians and rich people ignore the failings and continue to follow their foolish advice.

Neoliberal economics obviously fails to measure up to the standards of positivism. It can’t predict anything useful, and it barely is able to explain itself coherently. That’s a problem with positivism too. People are slowly, slowly coming to grips with these failures and the damage they have done. It’s adherents are dying off, and their replacements are into it for the money and the power. Stupid ideas never die, but maybe they will lose their influence.

Updated to correct link to EPI article and chart.

Section 702 Reauthorization Bill: The Very Narrowly Scoped Back Door Search Fix

/1 Comment/in , /by

This is my second post on the draft House Judiciary Committee version of the Section 702 reauthorization. In this post, I’ll look at how the bill tries to fix the back door search loophole. In two followup posts I’ll explain why this fix is inadequate legislatively, and why it is inadequate legally.

The back door fix:

  • Requires a court order to access content “for evidence of a crime”
  • Requires an AG relevance statement to access metadata-plus
  • Creates exceptions that swallow the rule
  • Prevents reverse targeting
  • Mandates simultaneous access to FBI databases
  • Permits broad delegation
  • Creates auditable records with big loopholes
  • Invites the government to define foreign intelligence information

Requires a court order to access content “for evidence of a crime”

Here’s the language that requires the government to obtain a court order when accessing Section 702 data.

(j) REQUIREMENTS FOR ACCESS AND DISSEMINATION OF COLLECTIONS OF COMMUNICATIONS.—

(1) COURT ORDERS AND OTHER REQUIREMENTS.—

(A) COURT ORDERS TO ACCESS CONTENTS.—Except as provided by subparagraph (C), in response to a query for evidence of a crime, the contents of queried communications acquired under subsection (a) may be accessed or disseminated only upon—

(i) an application by the Attorney General to a judge of the Foreign Intelligence Surveillance Court that describes the determination of the Attorney General that—

(I) there is probable cause to believe that such contents may provide evidence of a crime specified in section 2516 of title 18, United States Code (including crimes covered by paragraph (2) of such section);

(II) noncontents information accessed or disseminated pursuant to subparagraph (B) is not the sole basis for such probable cause;

(III) such queried communications are relevant to an authorized investigation or assessment, provided that such investigation or assessment is not conducted solely on the basis of activities protected by the first amendment to the Constitution of the United States; and

(IV) any use of such queried communications pursuant to section 706 will be carried out in accordance with such section;

(ii) an order of the judge approving such application.

The requirement only applies to evidence of crime. It requires the crime to be one of the ones listed in the Wiretap Act, but includes state crimes, which in turn includes drug crimes (and child pornography, which of course is now in Section 702’s minimization procedures).

For some reason, it requires this application to go to FISC, rather than a regular magistrate, which is problematic both from a time management issue for FISC but also for reasons of standardization among magistrates. That’s all the more concerning given that the bill doesn’t explain what kind of review the FISC judge can do — whether the judge can actually review for probable cause, or whether she doesn’t have that authority. This is a big concern, because DOJ has repeatedly told FISC judges in secret that they don’t have authority specifically laid out in law, not even when they were asking judges to approve programmatic spying.

One good part of this language is that it requires something beyond metadata from a 702 search to support a probable cause review.

As I’ll write in a follow-up, though, the limitation of this to criminal purposes makes it absolutely meaningless — it simply misunderstands how FBI conducts these queries (and obviously doesn’t apply to how NSA and CIA do it).

Requires an AG relevance statement to access metadata-plus

In addition to the controls on content, this reauthorization also imposes new controls on access to metadata-plus.

(B) RELEVANCE AND SUPERVISORY APPROVAL TO ACCESS NONCONTENTS INFORMATION.—Except as provided by subparagraph (C), in response to a query for evidence of a crime, the information of queried communications acquired under subsection (a) relating to the dialing, routing, addressing, signaling, or other similar noncontents information may be accessed or disseminated only upon a determination by the Attorney General that—

(i) such queried communications are relevant to an authorized investigation or assessment, provided that such investigation or assessment is not conducted solely on the basis of activities protected by the first amendment to the Constitution of the United States; and

(ii) any use of such queried communications pursuant to section 706 will be carried out in accordance with such section.

This imposes an Attorney General certification of relevance for access to 702-derived “metadata-plus.” I’m using that term to refer to the broadened definition of metadata that presumably invokes John Bates’ definition adopted in a series of opinions, but which remains entirely redacted.

Consider the absurdity of the proposition that the government can search “just metadata” but metadata is so sensitive it can’t be publicly defined. And Congress chooses not to define it here either.

If we need to revisit the definition of metadata, then Congress should do it here, not just nod blindly to redacted opinions at FISC.

And, again, this applies only to crimes.

Creates exceptions that swallow the rule

As I keep saying, the back door search fix only applies to criminal searches. Here’s what is not included.

(C) EXCEPTIONS.—The requirement for an order of a judge pursuant to subparagraph (A) and the requirement for a determination by the Attorney General under subparagraph (B), respectively, shall not apply to accessing or disseminating queried communications acquired under subsection (a) if one or more of the following conditions are met:

(i) Such query is reasonably designed for the primary purpose of returning foreign intelligence information.

(ii) The Attorney General makes the determination described in subparagraph (A)(i) and

(I) the person related to the queried term is the subject of an order or emergency authorization that authorizes electronic surveillance or physical search under this Act or title 18 United States Code; or

(II) the Attorney General has a reasonable belief that the life or safety of a person is threatened and such contents are sought for the purpose of assisting that person.

(iii) Pursuant to paragraph (5), the person related to the queried term consents to such access or dissemination.

First, the bill exempts emergency or threat to life queries.

But before it does that, it exempts all requests “designed for the primary purpose of returning foreign intelligence information.” In a different section, HJC punts on the issue of defining what “foreign intelligence information” means, directing the government to do that in minimization procedures.

It punts on more than that. How can you have one category for “primary purpose” FI information, but then not treat criminal searches as primary? Where does that line end? Especially given that this is permitted, for both criminal and intelligence purposes, at the assessment level, which is before the government has any evidence.

In short, even where it is writing exceptions, the bill does it in such a way as to let the split swallow the rule.

Prevents reverse targeting

I think this language prohibits reverse targeting.

(D) LIMITATION ON ELECTRONIC SURVEILLANCE OF UNITED STATES PERSONS.—If the Attorney General determines that it is necessary to conduct electronic surveillance on a known United States person who is related to a term used in a query of communications acquired under subsection (a), the Attorney General may only conduct such electronic surveillance using authority provided under other provisions of law.

As I read it, if the FBI queries 702 data and finds evidence of a crime, they cannot then develop that evidence using already collected (or newly targeted) 702 data. They have to get a criminal warrant to do it.

Mind you, this is the kind of authorities laundering they do anyway, but this prohibition is worthwhile.

Mandates simultaneous access to FBI databases

The most interesting — and potentially dangerous — language in this section mandates that when the FBI does queries, all the data they have be accessible.

(E) SIMULTANEOUS ACCESS OF FBI DATABASES.—The Director of the Federal Bureau of Investigation shall ensure that all available investigative or intelligence databases of the Federal Bureau of Investigation are simultaneously accessed when the Bureau properly uses an information system of the Bureau to determine whether information exists in such a database. Regardless of any positive result that may be returned pursuant to such access, the requirements of this subsection shall apply.

I say it’s dangerous, because it might require very compartmented data to be more broadly accessible.

But the other thing that’s interesting about it is it will ensure that if there’s any multiplicitous data in the databases, FBI will have options to bypass the intent of the back door fix.

Consider: a great deal of individually targeted FISA data will replicate data obtained using 702 (which may in fact be the data the government used to obtain a targeted FISA order). A search on such data will return both the traditional FISA data and the 702 data. In cases where the FBI can use the former, they don’t have to bother with a “warrant” from FISC. As FBI obtains more and more raw EO 12333 data, that will be even more true there.

So while there may be an interesting operational reason for this — perhaps FBI even missed information in some sensitive investigation because not all data was accessible? — there are also clear downsides and the likelihood this will turn into a workaround to make the back door search even less meaningful.

Permits broad delegation

Another thing HJC doesn’t bother to specify is how broadly the Attorney General can delegate the authority for these various declarations.

(F) DELEGATION.—The Attorney General shall delegate the authority under this paragraph to the fewest number of officials that the Attorney General determines practicable.

(2) AUTHORIZED PURPOSES FOR QUERIES.—A collection of communications acquired under subsection (a) may only be queried for legitimate national security purposes or legitimate law enforcement purposes.

This was a significant problem behind the early NSL abuses. Letting the AG decide how much authority he wants to delegate invites similar abuses and is not why we’re paying Congress.

Creates auditable records with big loopholes

As always with transparency provisions, the loopholes are far more interesting than the provisions themselves, because they reveal where the interesting stuff is hiding. This requirement applies to all four agencies that get raw 702 traffic: NSA, CIA, NCTC, and FBI.

NSA is already doing this kind of record-keeping (sort of, though given the violations discovered last year, there’s reason to doubt it). But once they set the requirement, they create big problematic loopholes.

(3) RETENTION OF AUDITABLE RECORDS.— The Attorney General and each Director concerned shall retain records of queries that return a positive result from a collection of communications acquired under subsection (a). Such records shall—

(A) include such queries for not less than 5 years after the date on which the query is made; and

(B) be maintained in a manner that is auditable and available for congressional oversight.

With this language, HJC exempts Congressional queries (which I’m fine with), but also tech queries.

(4) COMPLIANCE AND MAINTENANCE.—The requirements of this subsection do not apply with respect to queries made for the purpose of—

(A) submitting to Congress information required by this Act or otherwise ensuring compliance with the requirements of this section; or

(B) performing maintenance or testing of information systems.

Until at least 2010, NSA was using tech queries to do metadata searches that weren’t authorized by the phone dragnet (which was facilitated by having tech people co-located with analysts, which made it easy for the analysts to as for help). If you exempt tech people, you will have abuses on any restriction.

In addition, the auditable record requirement doesn’t count for those who’ve given consent, which includes informants.

(5) CONSENT.—The requirements of this subsection do not apply with respect to—

(A) queries made using a term relating to a person who consents to such queries; or

(B) the accessing or the dissemination of the contents of queried communications of a person who consents to such access or dissemination.

From this I assume that a great many of these queries (especially those at CIA that aren’t now being counted) are being done for Insider Threat detection, which tracks a bunch of people who, by obtaining a clearance, have given consent for this kind of searching. I assume there are a great many of them too, since they need to be hidden.

(6) DIRECTOR CONCERNED.—In this subsection, the term ‘Director concerned’ means the following:

(A) The Director of the National Security Agency, with respect to matters concerning the National Security Agency.

(B) The Director of the Federal Bureau of Investigation, with respect to matters concerning the Federal Bureau of Investigation.

(C) The Director of the Central Intelligence Agency, with respect to matters concerning the Central Intelligence Agency.

(D) The Director of the National Counterterrorism Center, with respect to matters concerning the National Counterterrorism Center.

Invites the government to define foreign intelligence information

Finally, the bill requires the government to adopt a meaning for “query reasonably designed for the primary purpose of returning foreign intelligence information” in yearly certifications, rather than doing it themselves.

(b) PROCEDURES.—Subsection (e) of such section 6 (50 U.S.C. 1881a(e)) is amended by adding at the end the following new paragraph:

(3) CERTAIN PROCEDURES FOR QUERYING.— The minimization procedures adopted in accordance with paragraph (1) shall describe a query reasonably designed for the primary purpose of returning foreign intelligence information pursuant to subsection (j)(1)(C)(i).’’.

Again, it is the job of Congress to do this. Once the IC defines this in such a way that will further swallow up the rule, what then? We wait until 2023 (which is when this law would next get reauthorized) to define the term meaningfully? At some point we need to have an explicit discussion about the foreign intelligence purposes that drive a lot of these queries, and talk about whether they’re permissible under the Fourth Amendment. Now would be a good time, but this language just punts the question.

Other 702 posts

702 Reauthorization Bill: The “About” Fix (What Is A Person?)

Kaspersky and the Third Major Breach of NSA’s Hacking Tools

/19 Comments/in , /by

The WSJ has a huge scoop that many are taking to explain why the US has banned Kaspersky software.

Some NSA contractor took some files home in (the story says) 2015 and put them on his home computer, where he was running Kaspersky AV. That led Kaspersky to discover the files. That somehow (the story doesn’t say) led hackers working for the Russian state to identify and steal the documents.

Hackers working for the Russian government stole details of how the U.S. penetrates foreign computer networks and defends against cyberattacks after a National Security Agency contractor removed the highly classified material and put it on his home computer, according to multiple people with knowledge of the matter.

The hackers appear to have targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said.

The theft, which hasn’t been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S.

The incident occurred in 2015 but wasn’t discovered until spring of last year, said the people familiar with the matter.

The stolen material included details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the U.S., these people said.

Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said.

Way down in the story, however, is this disclosure: US investigators believe Kaspersky’s AV identified the files, but isn’t sure whether Kaspersky told the Russian government.

U.S. investigators believe the contractor’s use of the software alerted Russian hackers to the presence of files that may have been taken from the NSA, according to people with knowledge of the investigation. Experts said the software, in searching for malicious code, may have found samples of it in the data the contractor removed from the NSA.

But how the antivirus system made that determination is unclear, such as whether Kaspersky technicians programed the software to look for specific parameters that indicated NSA material. Also unclear is whether Kaspersky employees alerted the Russian government to the finding.

Given the timing, it’s worth considering several other details about the dispute between the US and Kaspersky. (This was all written for another post that I’ll return to.)

The roots of Kaspersky’s troubles in 2015

Amid the reporting on Eugene Kaspersky’s potential visit to testify to Congress, Reuters reported the visit would be Kaspersky’s first visit to the US since spring 2015.

Kaspersky told NBC News in July that he was not currently traveling to the United States because he was “worried about some unexpected problems” if he did, citing the “ruined relationship” between Moscow and Washington.

Kaspersky Lab did not immediately respond when asked when its chief executive was last in the United States. A source familiar with U.S. inquiries into the company said he had not been to the United States since spring of 2015.

A link in that Reuters piece suggests Kaspersky’s concern dates back to August 2015 Reuters reporting, based off leaked emails and interviews with former Kaspersky employees, that suggests the anti-virus firm used fake files to trick its competitors into blocking legitimate files, all in an effort to expose their theft of Kaspersky’s work. A more recent reporting strand, again based on leaked emails, dates to the same 2009 time period and accuses Kaspersky of working with FSB (which in Russia, handles both spying and cybersecurity — though ostensibly again, that’s how the FBI works here).

But two events precede that reporting. In June 2015, Kaspersky revealed that it (and a bunch of locales where negotiations over the Iran deal took place) had been infected by Duqu 2.0, a thread related to StuxNet.

Kaspersky says the attackers became entrenched in its networks some time last year. For what purpose? To siphon intelligence about nation-state attacks the company is investigating—a case of the watchers watching the watchers who are watching them. They also wanted to learn how Kaspersky’s detection software works so they could devise ways to avoid getting caught. Too late, however: Kaspersky found them recently while testing a new product designed to uncover exactly the kind of attack the intruders had launched.

[snip]

Kaspersky is still trying to determine how much data the attackers stole. The thieves, as with the previous Duqu 2011 attack, embedded the purloined data inside blank image files to slip it out, which Raiu says “makes it difficult to estimate the volume of information that was actually transferred.” But at least, he says, it doesn’t appear that the attackers were out to infect Kaspersky customers through its networks or products. Kaspersky claims to have more than 400 million users worldwide.

Which brings us to what the presumed NSA hackers were looking for:

The attackers were primarily interested in Kaspersky’s work on APT nation-state attacks–especially with the Equation Group and Regin campaigns. Regin was a sophisticated spy tool Kaspersky found in the wild last year that was used to hack the Belgian telecom Belgacom and the European Commission. It’s believed to have been developed by the UK’s intelligence agency GCHQ.

The Equation Group is the name Kaspersky gave an attack team behind a suite of different surveillance tools it exposed earlier this year. These tools are believed to be the same ones disclosed in the so-called NSA ANT catalogue published in 2013 by journalists in Germany. The interest in attacks attributed to the NSA and GCHQ is not surprising if indeed the nation behind Duqu 2.0 is Israel.

Kaspersky released its Equation Group whitepaper in February 2015. It released its Regin whitepaper in November 2014.

One thing that I found particularly interesting in the Equation Group whitepaper — in re-reading it after ShadowBrokers released a bunch of Equation Group tools — is that the report offers very little explanation of how Kaspersky was able to find so many samples of the NSA malware that the report makes clear is almost impossible to find. The only explanation is this CD attack.

One such incident involved targeting participants at a scientific conference in Houston. Upon returning home, some of the participants received by mail a copy of the conference proceedings, together with a slideshow including various conference materials. The compromised CD-ROM used “autorun.inf” to execute an installer that began by attempting to escalate privileges using two known EQUATION group exploits. Next, it attempted to run the group’s DOUBLEFANTASY implant and install it onto the victim’s machine. The exact method by which these CDs were interdicted is unknown. We do not believe the conference organizers did this on purpose. At the same time, the super-rare DOUBLEFANTASY malware, together with its installer with two zero-day exploits, don’t end up on a CD by accident.

But none of the rest of the report explains how Kaspersky could have learned so much about NSA’s tools.

We now may have our answer: initial discovery of NSA tools led to further discovery using its AV tools to do precisely what they’re supposed to. If some NSA contractor delivered all that up to Kaspersky, it would explain the breadth of Kaspersky’s knowledge.

It would also explain why NSA would counter-hack Kaspersky using Duqu 2.0, which led to Kaspersky learning more about NSA’s tools.

So to sum up, Eugene Kaspersky’s reluctance to visit the US dates back to a period when 1) Kaspersky’s researchers released detailed analysis of some of NSA and GCHQ’s key tools, which seems to have led to 2) an NSA hack of Kaspersky, which in turn shortly preceded 3) some reporting based off unexplained emails floating accusations of unfair competition dating back to 2009 and earlier.

We now know all that came after Kaspersky found at least some of these tools sitting on some NSA contractor’s home laptop.

This still doesn’t explain how Russian hackers figured out precisely where Kaspersky was getting this information from — which is a real question, but not one the WSJ piece answers.

But reading those reports again, especially the Equation Group one, should make it clear how the Russian government could have discovered that Kaspersky had discovered these tools.

How Keith Gartenlaub Turned Child Porn into Foreign Intelligence

/5 Comments/in , /by

As I mentioned in this post on FISA and the space-time continuum, I’m going to be focusing closely on the FISA implications of Keith Gartenlaub’s child porn prosecution.

Gartenlaub was a Boeing engineer in 2013 when the FBI started investigating him for sharing information with China (see this and this story for background). He was suspected, in significant part, because of relationships and communications tied to his wife, who is a naturalized Chinese-American and whose family appears well-connected in China. The case is interesting for the way the government used both FISA and criminal searches to prosecute him for a non-national security related crime.

The case is currently being appealed to the 9th Circuit; it will be heard on December 4. His defense is challenging several things about his conviction, including that there was insufficient evidence to deem him an Agent of a Foreign Power (and therefore to obtain the ability to conduct a broader search than might be permitted under a criminal warrant), as well as that there was insufficient evidence offered at trial that he knowingly possessed the 9-year old child porn on which his conviction rests. I think there’s some merit to the latter claim, but I’m going to bracket it for my discussion, both because I think the FISA issues would remain important even if the government’s case on the child porn charge were far stronger than it is, and because I think the government may be sitting on potentially inculpatory evidence.

In this post, I’m going to show that it is almost certain that the government changed FISA minimization procedures to facilitate using FISA to prosecute him for child porn.

Timeline

The public timeline around the case looks like this (and as I said, I believe the government is hiding some bits):

Around January 28, 2013: Agent Wesley Harris reads article that leads him to start searching for Chinese spies at Boeing

February 7, 8, and 22, 2013: Harris interviews Gartenlaub

June 18, 2013: Agent Harris obtains search warrant for Gartenlaub and his wife, Tess Yi’s, Google and Yahoo accounts

Unknown date: Harris obtains a FISA order

January 29, 2014: Using FISA physical search order, FBI searches Gartenlaub’s home, images three hard drives

June 3, 2014: Harris sends files to National Center for Missing and Exploited Children, which confirms some files display known victims

August 22, 2014: Criminal search warrant obtained for Gartenlaub’s premises

August 27, 2014: FBI searches Gartenlaub’s properties, seizing computers used as evidence in trial, arrests him

August 29, 2014: Government reportedly says it will dismiss charges if Gartenlaub will cooperate on spying

October 23, 2014: Grand jury indicts

December 10, 2015: Guilty verdict

FBI used a criminal search warrant to obtain evidence, then obtained a FISA order

As you can see from the timeline, the government first obtained a criminal search warrant for access to Gartenlaub and his wife’s email accounts (Gartenlaub also got an 1806 notice, meaning they used a FISA wiretap on him at some point). Only after that did they execute a FISA physical search order to search his house and image his computers. Which means — unless they had a FISA order and a criminal warrant simultaneously — they had already convinced a judge it was likely Gartenlaub’s emails would provide evidence he was “remov[ing ] information, including export controlled technical data, from Boeing’s computer networks to China.” In his affidavit, Agent Harris cited violations of the Arms Export Control Act and Computer Fraud and Abuse Act.

Then, after probably months of reviewing emails later, having already shown probable cause that could have enabled them to get a search warrant to search Gartenlaub’s computer for those specific crimes — that is, proof that he had exploited his network access at Boeing in order to obtain data he could share with his wife’s Chinese associates — the government then went to FISA and convinced a judge they had probable cause Gartenlaub (or perhaps his wife) was acting as an agent of a foreign power for what are assumed to be the same underlying activities.

The government insists it still had adequate evidence Gartenlaub or his wife was an agent of a foreign power under FISA

The government’s response to Gartenlaub’s appeal predictably redacts much of the discussion to support its claim that it had sufficient probable cause, after months of reading his emails, to claim he or his wife was an agent of China. But the structure of it — with an unredacted paragraph addressing weaknesses with the criminal affidavit, followed by a redacted passage of unknown length, as well as a redacted footnote modifying the idea that the criminal affidavit “merely ‘recycled’ details that were found in the Harris affidavit” (see page 38-39) — suggests they raised evidence beyond what got included in the criminal affidavit. That’s surely true; it presumably explains what was so interesting about Yi’s family and associates in China as to sustain suspicion that they would be soliciting Boeing technology.

In any case, in a filing in which the government admits that “the [District] court expressed ‘some personal questions regarding the propriety of the FISA court proceeding even though that certainly seems to be legally authorized’,” the government pushed the Ninth Circuit to adopt a deferential standard on probable cause for FISA orders, in which only clear error can overturn the probable cause standard.

The Court has not previously articulated the standard of review applicable to an underlying finding of probable cause in a FISA case. In the analogous context of search warrants, this Court gives “great deference” to an issuing magistrate judge’s findings of probable cause, reviewing such findings only for “clear error.” Krupa, 658 F.3d at 1177; United States v. Hill, 459 F.3d 966, 970 (9th Cir. 2006) (same); United States v. Clark, 31 F.3d 831, 834 (9th Cir. 1994) (same). “In borderline cases, preference will be accorded to warrants and to the decision of the magistrate issuing it.” United States v. Terry, 911 F.2d 272, 275 (9th Cir. 1990). The same standard applies to this Court’s review of the findings in Title III wiretap applications. United States v. Brown, 761 F.2d 1272, 1275 (9th Cir. 2002).

Consistent with these standards and with FISA itself, the Second and Fifth Circuits have held that the “established standard of judicial review applicable to FISA warrants is deferential,” particularly given that “FISA warrant applications are subject to ‘minimal scrutiny by the courts,’ both upon initial presentation and subsequent challenge.” United States v. Abu-Jihaad, 630 F.3d 102, 130 (2d Cir. 2010); accord United States v. El-Mezain, 664 F.3d 467, 567 (5th Cir. 2011) (noting that representations and certifications in FISA application should be “presumed valid”). Other courts, reviewing district court orders de novo, have not discussed what deference applies to the FISC. See, e.g., Demeisi, 424 F.3d at 578; Squillacote, 221 F.3d at 553-54.

The government submits that the appropriate standard should be deferential. Consistent with findings of probable cause in other cases, the Court should review only for “clear error,” giving “great deference” to the initial conclusion that a FISA application established probable cause.

And, of course, the government argues that even if it didn’t meet the standards required under FISA, it still operated in good faith.

By using a FISA rather than a criminal search warrant, the FBI had more leeway to search for unrelated items

Nevertheless, having read Gartenlaub’s email for months and presumably having had the opportunity to obtain a warrant to search his computers for those specific crimes, the government instead obtained a FISA order that allowed the FBI to search his devices far more broadly, opening up decades old files named with sexually explicit names in the guise of finding intelligence on stealing Boeing’s secrets. Here’s how Gartenlaub’s lawyers describe the search in his appeal, a description the government largely endorses in their response:

The FISC can only authorize the government to search for and seize “foreign intelligence information.” 50 U.S.C. §§ 1822(b), 1823(a)(6)(A), 1824(a)(4). The order authorizing the January 2014 search of Gartenlaub’s home and computers presumably complied with this restriction. “Foreign intelligence information” (defined at 50 U.S.C. §§ 1801(e) and 1821(1)) does not include child pornography. Nonetheless, as detailed in the government’s application for the August 2014 search warrant, the agents imaged Gartenlaub’s computers in their entirety, reviewed every file, and–upon discovering that some of the files contained possible child pornography–subjected those and related files to detailed scrutiny, including sending them to the National Center for Exploited Children for analysis. ER248-56, 262-68. In an effort to establish that Gartenlaub had downloaded the child pornography, the agents also examined and analyzed a number of other files on the computers, none of which had anything to do with “foreign intelligence information.” ER255-62, 268-70.

As far as the record shows, the agents conducted this detailed, far-ranging analysis without obtaining any court authorization beyond the initial FISC order. In other words, after encountering suspected child pornography files, the agents did not stop their search and seek a warrant authorizing them to open and review those files and other potentially related files. Instead, they opened, examined, and analyzed the suspected child pornography files and a number of other files having nothing to do with foreign intelligence information. They then incorporated the results of that analysis into the August 2014 search warrant application. ER248- 49. That application, in turn, produced the warrant that gave the agents authority to search for and seize the very materials that they had already seized and searched under the purported authority of the January 2014 FISC order.

How did agents authorized to search for “foreign intelligence information” end up opening, examining, and analyzing suspected child pornography files and a number of other files that had nothing to do with the only authorized object of the search? The agents apparently relied on the following argument: To determine whether Gartenlaub’s computers contained foreign intelligence information, it was necessary to open and review every file; after all, a foreign spy might cleverly conceal such information in .jpg files with sex-themed names or in other non-obvious locations. And after opening the files, the child pornography and other information was in “plain view” and thus could be lawfully seized under the Fourth Amendment.

As a result of these broad standards, and of Gartenlaub’s habit of retaining disk drives from computers he no longer owned, the FBI found files dating back to 2005, from a computer Gartenlaub no longer owned.

Upon finding that those files included apparent child porn, the FBI sent them off to the National Center for Missing and Exploited Children, which confirmed some of the images included known victims. Almost two months later, FBI conducted further (criminal) searches, and arrested Gartenlaub for child porn.

In December 2015, Gartenlaub was found guilty on two counts of child porn, though one count was vacated by the judge after the verdict.

FBI changed standard minimization procedures to permit sharing with NCMEC

The timeline above is what would have been available to Gartenlaub’s defense team.

But in 2015 and 2017, two new details were added to the timeline.

First, on April 11, 2017, two months after Gartenlaub submitted his opening brief in the appeal on February 8, the government released an August 11, 2014 opinion approving the sharing of FISA-obtained data with NCMEC.

Congress established NCMEC in 1984 as a non-governmental organization and it is funded through grants administered by the Department of Justice. One of its purposes is to assist law enforcement in identifying victims of child pornography and other sexual crimes. Indeed, Congress has mandated Department of Justice coordination with NCMEC on these and related issues. See Mot. at 5-8. Furthermore, this Court has approved modifications to these SMPs in individual cases to permit the Government to disseminate information to NCMEC. See Docket Nos. [redacted]. Because of its unique role as a non-governmental organization with a law enforcement function, and because it will be receiving what reasonably appears to be evidence of specific types of crimes for law enforcement purposes, the Government’s amendment to the SMPs comply with FISA under Section 180l(h)(3).1

As noted, in the past the FISC had approved sharing FISA-collected data with NCMEC on a case-by-case basis. But in 2014, in the weeks while  it prepared to arrest Gartenlaub on child porn charges tied to a search that only found the child porn because it used the broader FISA search standard, the government finally made NCMEC sharing part of the standard minimization procedures.

Even on top of this coincidental timing, there are reasons to suspect DOJ codified the NCMEC sharing because of Gartenlaub’s case. For example, in the government’s response there’s a passage that clearly addresses how NCMEC got involved in the case that bridges the discussion of use of child porn evidence discovered in plain view in the criminal context and the discussion of its use here.

Non-FISA precedents also foreclose defendant’s claims. Analyzing a Rule 41 search warrant, this Court has held that using child pornography inadvertently discovered during a lawful search is consistent with the Fourth Amendment. Giberson, 527 F.3d at 889-90 (ruling that “the pornographic material [the agent] inadvertently discovered while searching for the documents enumerated in the warrant [related to document identification fraud] was properly used as a basis for the third warrant authorizing the search for child pornography”);

[additional precedents excluded]

[CLASSIFIED INFORMATION REMOVED] With the benefit of NCMEC’s assistance, the government then sought and obtained the August 2014 search warrants, authorizing the search of defendant’s residence and storage units for child pornography. (CR 73; GER 901-53). The fruits of this warrant were then used in defendant’s prosecution. The use of information discovered during the prior lawful January 2014 search in the subsequent search warrant application was proper. Giberson, 527 F.3d at 890.

The redacted discussion must include not only a description of how NCMEC was permitted to get involved, but in the approval approving this as part of the minimization procedures, which (after all) are designed to protect Americans under the Fourth Amendment.

Of particular interest, the government argued that one of the precedents Gartenlaub cited was not binding generally, and especially not binding on the FISC.

The concurring opinion in CDT, upon which defendant relies, does not aid him. That concurrence is not “binding circuit precedent” or a “constitutional requirement,” much less one binding on the FISC. Schesso, 730 F.3d at 1049 (the “search protocol” set forth in the CDT concurrence is not “binding circuit precedent,” not a[] constitutional requirement[],” and provides “no clear-cut rule”); see CDT, 621 F.3d at 1178 (observing that “[d]istrict and magistrate judges must exercise their independent judgment in every case”); Nessland, 601 Fed. Appx. at 576 (holding that “no special protocol was required” for a computer search). Defendant thus cannot demonstrate any error relating to any FISC-authorized search.

The FISC had, by the time of the search relying on the FISA-obtained child porn as evidence, already approved the use of child porn obtained in a FISA search. So the government could say the CDT case was not binding precedent, because it already had a precedent in hand from the FISC. Of course, it didn’t tell Gartenlaub that.

Of course, that’s not proof that the government codified the NCMEC sharing just for the Gartenlaub case. But there’s a lot of circumstantial evidence that that’s what happened.

The government still has not formally noticed this change to Gartenlaub

As I noted above, the government released the FISC order approving the change in the standard minimization procedures too late to be of use for Gartenlaub’s opening brief. That’s a point EFF and ACLU made in their worthwhile amicus submitted in the appeal.

For example, in this case, the government apparently refused to disclose the relevant FBI minimization procedures to Gartenlaub’s counsel even though other versions of those minimization procedures are publicly available. See Standard Minimization Procedures for FBI Electronic Surveillance and Physical Search Conducted Under FISA (2008). 8

We can debate whether the standard approval for NCMEC sharing is a good thing or whether it invites abuse, offering the FBI an opportunity to use more expansive searches to “find” evidence of child porn that it can then use as leverage in a foreign intelligence context (which I’ll return to). I suspect it is wiser to approve such sharing on a case-by-case basis, as had been the case before Gartenlaub.

But from this point forward, I would assume the FBI will routinely use this provision as an excuse to conduct particularly thorough searches for child porn, on the logic that obtaining any would provide great leverage against an intelligence target.

The timing of the approval of NCMEC sharing under Section 702

I have said repeatedly, I think the government is withholding some details.

One reason I think that is because of another remarkable coincidence of timing.

As I first reported here, the first notice that the government had approved the sharing with NCMEC in standard minimization procedures came in September 2015, when the government released the 2014 Thomas Hogan Section 702 opinion that approved such sharing under Section 702. The opinion relied on the earlier approval (by Rosemary Collyer), but redacted all reference to the timing and context of it, as well as a footnote relating to it.

I find the timing of both the release and the opinion itself to be of immense interest.

First, the government had no problem releasing this opinion back in 2015, while Gartenlaub was still awaiting trial (though it waited until almost two months after the District judge in his case, Christina Snyder, rejected his FISA challenge on August 6, 2015). So it was fine revealing to potential intelligence targets that it had standardized the approval of using FISA information to pursue child porn cases, just not revealing the dates that might have made it useful for Gartenlaub.

I’m even more interested in the timing of the order: August 26. The day before the FBI got its complaint approved and arrested Gartenlaub.

The FBI had long ago submitted FISA information to NCMEC. But it waited until both the standard minimization procedures for traditional FISA and for Section 702 had approved the sharing of data with NCMEC before they arrested Gartenlaub.

That’s one of several pieces of data that suggests they may have used Section 702 against Gartenlaub, on top of the other mix of criminal and FISA authorizations.

To be continued.

Updated timeline

Around January 28, 2013: Agent Wesley Harris reads article that leads him to start searching for Chinese spies at Boeing

February 7, 8, and 22, 2013: Harris interviews Gartenlaub

June 18, 2013: Agent Harris obtains search warrant for Gartenlaub and his wife, Tess Yi’s, Google and Yahoo accounts

Unknown date: Harris obtains a FISA order

January 29, 2014: FBI searches Gartenlaub’s home, images three hard drives

June 3, 2014: Harris sends files to National Center for Missing and Exploited Children, which confirms some files display known victims

August 11, 2014: Rosemary Collyer approves NCMEC sharing for traditional FISA standard minimization procedures

August 22, 2014: Search warrant obtained for Gartenlaub’s premises

August 26, 2014: Thomas Hogan approves NCMEC sharing for FISA 702

August 27, 2014: FBI searches Gartenlaub’s properties, seizing computers used as evidence in trial, arrests him

August 29, 2014: Government reportedly says it will dismiss charges if Gartenlaub will cooperate on spying

October 23, 2014: Grand jury indicts

August 6, 2015: Christina Snyder rejects Gartenlaub FISA challenge

September 29, 2015: ODNI releases 702 NCMEC sharing opinion

December 10, 2015: Guilty verdict

February 8, 2017: Gartenlaub submits opening brief

April 11, 2017: Government releases traditional FISA NCMEC sharing opinion