Walt Nauta and the Single Box

/148 Comments/in , , /by

The section of the less redacted search warrant affidavit showing when Walt Nauta moved boxes in and out of the storage room differs from the timeline shown in the indictment in one key way.

The search warrant affidavit used to demonstrate probable cause doesn’t describe how, on May 22 of last year, the former valet spent over half an hour in the storage room, and then left carrying a single box.

53. On May 22, 2022, NAUTA entered the Storage Room at 3:47 p.m. and left approximately 34 minutes later, carrying one of TRUMP’s boxes.

There are several possible explanations why that description may not be in the search warrant affidavit.

Perhaps investigators didn’t think it important — though that would be hard to believe, given that the affidavit observes something that the indictment does not as explicitly: that all this box moving happened in the same period when Nauta disavowed any knowledge of box movement.

On May 30, 2022, four days after WITNESS 5’s interview with the FBI during which the location of boxes was a significant subject of questioning, WITNESS 5 is observed exiting the ANTEROOM doorway with approximately fifty Bankers boxes, consistent with the description of the FPOTUS BOXES. [my emphasis]

Perhaps investigators simply didn’t see Nauta and the single box on May 22. But note that the surveillance video was motion activated, so any movement on May 22 should show up just like all the other movement did, and in close proximity to his movements captured two days later.

[T]he FBI determined that the drive contained video footage from four cameras in the basement hallway of the PREMISES in which the door to the STORAGE ROOM is located. The footage on the drive begins on April 23, 2022, and ends on June 24, 2022. The recording feature of the cameras appears to be motion activated, so that footage is only captured when motion is detected within each camera’s field of view.

Or perhaps this movement, Nauta spending half an hour in the storage room then leaving with a single box, is one of the surveillance footage gaps that investigators spent much of a year trying to fill and explain.

The different treatment of this one box is more interesting given other details of the timeline.

For example, Nauta retrieved that single box just two days before the original deadline for the subpoena, May 24.

The return date of the subpoena was May 24, 2022.

Nauta retrieved that box the day before Trump met with Corcoran and another attorney who hasn’t been IDed yet, but who may be Boris Epshteyn. At the meeting, a day after presumably getting a box that didn’t show up in the search warrant affidavit, Trump whined that, “I don’t want anybody looking through my boxes!”

54. On May 23, 2022, TRUMP met with Trump Attorney 1 and Trump Attorney 2 at The Mar-a-Lago Club to discuss the response to the May 11 Subpoena. Trump Attorney 1 and Trump Attorney 2 told TRUMP that they needed to search for documents that would be responsive to the subpoena and provide a certification that there had been compliance with the subpoena. TRUMP, in sum and substance, made the following statements, among others, as memorialized by Trump Attorney 1:

a. I don’t want anybody looking, I don’t want anybody looking through my boxes, I really don’t, I don’t want you looking through my boxes.

b. Well what if we, what happens if we just don’t respond at all or don’t play ball with them?

c. Wouldn’t it be better if we just told them we don’t have anything here?

d. Well look isn’t it better if there are no documents?

Amidst all that whining, Trump agreed to let Corcoran search for documents, but only after a ten day delay. And then Trump delayed his departure to Bedminster so he would be at Mar-a-Lago to sort boxes and to see the scheme through.

56. On May 23, TRUMP also confirmed his understanding with Trump Attorney 1 that Trump Attorney 1 would return to The Mar-a-Lago Club on June 2 to search for any documents with classification markings to produce in response to the May 11 Subpoena. Trump Attorney 1 made it clear to TRUMP that Trump Attorney 1 would conduct the search for responsive documents by looking through TRUMP’s boxes that had been transported from the White House and remained in storage at The Mar-a-Lago Club. TRUMP indicated that he wanted to be at The Mar-a-Lago Club when Trump Attorney 1 returned to review his boxes on June 2, and that TRUMP would change his summer travel plans to do so. TRUMP told Trump Attorney 2 that Trump Attorney 2 did not need to be present for the review of boxes.

57. After meeting with Trump Attorney 1 and Trump Attorney 2 on May 23, TRUMP delayed his departure from The Mar-a-Lago Club to The Bedminster Club for the summer so that he would be present at The Mar-a-Lago Club on June 2, when Trump Attorney 1 returned to review the boxes.

Something that doesn’t show up in the indictment but does in the affidavit is that Corcoran then pushed for an extension on the subpoena deadline.

On May 25, 2022, while negotiating for an extension of the subpoena, FPOTUS COUNSEL 1 sent two letters to DOJ COUNSEL. In the second such letter, which is attached as Exhibit 1, FPOTUS COUNSEL 1 asked DOJ to consider a few “principles,” which include FPOTUS COUNSEL 1’s claim that a President has absolute authority to declassify documents. In this letter, FPOTUS COUNSEL 1 requested, among other things, that “DOJ provide this letter to any judicial officer who is asked to rule on any motion pertaining to this investigation, or on any application made in connection with any investigative request concerning this investigation.”

Just one of the two letters Corcoran sent that day has been released — the one falsely claiming Trump had returned documents in good faith earlier that year, though Corcoran may not have known that was false. Nauta would repeat a version of that claim the next day, on May 26, in his FBI interview, though unlike Corcoran, he is credibly accused of knowing well that was a lie.

All the other movement of boxes, then, occurs during that subpoena extension (and this might be another reason why the May 22 movement is not included on the affidavit — perhaps investigators focused on what happened during the subpoena extension). Nauta empties the storage closet of 64 more boxes, moving all these boxes in the same week when, in an FBI interview, he allegedly denied knowing anything about an earlier scheme to sort through boxes.

On May 24, 2022, WITNESS 5 is observed exiting the ANTEROOM doorway with three boxes.

On May 30, 2022, four days after WITNESS 5’s interview with the FBI during which the location of boxes was a significant subject of questioning, WITNESS 5 is observed exiting the ANTEROOM doorway with approximately fifty Bankers boxes, consistent with the description of the FPOTUS BOXES. FBI did not observe this quantity of boxes being returned to the STORAGE ROOM through the ANTEROOM entrance in its review of the footage.

The next day, on June 1, 2022, WITNESS 5 is observed carrying eleven brown cardboard boxes out the ANTEROOM entrance. One box did not have a lid on it and appeared to contain papers.

And then, after Nauta told a female Trump that Trump wanted to pick from all those boxes, Nauta loaded up several of the boxes withheld from Corcoran’s search onto Trump’s plane to take to Bedminster, never to be seen again.

72. Earlier [on June 3], NAUTA and others loaded several of TRUMP’s boxes along with other items on aircraft that flew TRUMP and his family north for the summer.

So it may or may not be a significant detail, but the day before Trump orchestrates this scheme to keep 35 boxes shielded from Corcoran’s search, Nauta spent half an hour in the storage room retrieving a single box.

Some weeks after this scheme, on June 21, the day before DOJ asked Trump Organization for surveillance footage, per the discovery letter, Nauta appeared before a grand jury, his second (and only other) interview with investigators.

A bunch of reports last year, such as this one from Devlin Barrett that likely confuses Nauta with Molly Michael, described that Nauta changed his testimony in what would be this grand jury appearance, admitting that Trump ordered him to move boxes.

When FBI agents first interviewed Nauta, he denied any role in moving boxes or sensitive documents, the people familiar with the situation said in interviews before Nauta’s name became public. But as investigators gathered more evidence, they questioned him a second time and he told a starkly different story — that Trump instructed him to move the boxes, these people said.

But those reports came at a time when DOJ was still trying to get more testimony from Nauta.

Prosecutors have indicated they are skeptical of an initial account Mr. Nauta gave investigators about moving documents stored at Mar-a-Lago and are using the specter of charges against him for misleading investigators to persuade him to sit again for questioning, according to two people briefed on the matter.

So, particularly given that a grand jury appearance would have been in — and so would be charged — in DC, it’s not really clear whether Nauta did correct his story before the grand jury. If he didn’t, Jack Smith could prosecute Nauta individually on a perjury charge that might go to trial within months, not the year the Espionage Act trial is expected to take.

Whether or not he cleaned up his testimony, on June 21, Nauta appeared before the grand jury.

Having locked that testimony in, on June 22 prosecutors asked Trump Organization — probably Alan Garten, from whom discovery has been deficient in past investigations — for surveillance footage.

DOJ COUNSEL has advised me that on or about June 22, 2022, counsel for the Trump Organization, a group of business entities associated with FPOTUS, confirmed that the Trump Organization maintains security cameras in the vicinity of the STORAGE ROOM and that on June 24, 2022, counsel for the Trump Organization agreed to accept service of a grand jury subpoena for footage from those cameras.

Shortly after that, per reporting on some of the last grand jury testimony banked in DC before DOJ took steps to charge the Espionage charges in Florida, Nauta called Chief of Operations for Trump Organization, Matthew Calamari Sr.

To resolve the issue about the gaps in the surveillance footage, the special counsel last week subpoenaed Matthew Calamari Sr, the Trump Organization’s security chief who became its chief operating officer, and his son Matthew Calamari Jr, the director of corporate security.

Both Calamaris testified to the federal grand jury in Washington on Thursday, and were questioned in part on a text message that Trump’s valet, Walt Nauta, had sent them around the time that the justice department last year asked for the surveillance footage, one of the people said.

The text message is understood to involve Nauta asking Matthew Calamari Sr to call him back about the justice department’s request, one of the people said – initially a point of confusion for the justice department, which appears to have thought the text was to Calamari Jr.

Then, less than two weeks later, on July 6, Trump Organization provided DOJ with surveillance footage showing Nauta moving a great many boxes out of the storage room, and moving fewer than half of them back in before Evan Corcoran searched them. That’s pretty damning stuff! It provided some of the most compelling evidence in the affidavit justifying a search on the former President’s beach resort.

DOJ only got two months of footage, not the five they had asked for (which would have covered the tail end of the earlier sort of boxes). That’s unsurprising: even normal businesses only retain such footage for a limited period of time.

But in addition to obtaining fewer months than they had requested, the footage Trump Org turned over reportedly had other gaps, gaps that have not yet been charged or even mentioned, at least in unsealed form, in any official DOJ filing.

What’s unclear is whether that May 22 footage, showing that Nauta spent half an hour in the storage closet only to come out with a single box, was originally one of those surveillance gaps or not.

Serving as Julian Assange’s Unwitting Data Mule to Israel Shamir Is Not Journalism

/21 Comments/in , , , /by

It’s a testament to how effective WikiLeaks’ propaganda is that almost none of the people implicated by things Julian Assange did years ago and almost none of the people who brainlessly repeat Julian Assange’s propaganda now know about this May 16, 2022 filing, submitted last year in the Josh Schulte case, which I wrote about here.

The redacted bits of the filing almost certainly describe things obtained in an ongoing investigation of WikiLeaks that pertain to how the data stolen by Schulte was used. The unredacted parts, however, describe that what must be the WikiLeaks investigation is both ongoing and has a scope that, “is neither known to the public nor to all of the targets of the investigation.”

“All of the targets.” That phrase is telling. At least one target — Assange — knows he is a target. The other targets (and DOJ uses the jargon to describe people who almost certainly will be charged, not just people who might be) don’t know.

The WikiLeaks investigation — which is ongoing and not just, as many boosters claim, an attempt to shore up the case against Assange — is not an investigation into Assange, exclusively. There are other targets.

Key WikiLeaks people almost certainly know about this filing, because they treated Schulte’s second trial — where he defended himself and repeatedly tried to publicly share classified information, almost certainly including details of the discovery about the ongoing WikiLeaks investigation he had received — differently than the first.

They’re just not telling you that there are other targets of the WikiLeaks investigation.

They’re not telling you, in part, because it ensures that when the Met or FBI or other investigators approach people to obtain information about those other targets, they’ll refuse, because they don’t want to be part of a prosecution of Julian Assange for what they’re telling themselves is journalism.

James Ball is the latest person describing how that happened.

In a Rolling Stone post describing the two year effort to obtain his cooperation, he claims journalists are being asked to cooperate against Assange.

And he claims he’s being approached — for information that clearly pertains to Israel Shamir — as a journalist.

He asserts that he’s being approached as a journalist by claiming that DOJ wants to talk to him about this 2013 article, rather than about his own conduct described in the article.

As the article described, in 2010, he unwittingly served as Assange’s data mule, handing off 90,000 State Cables to Israel Shamir, who then exploited them — by sharing them with Belarusian dictator Alexandr Lukashenko and/or selling them — before the entire Cable set was released.

Shamir is an anti-Semitic writer, a supporter of the dictator of Belarus, and a man with ties and friends in Russian security services. He and Julian—unknown to us—had been in friendly contact for years. It was a friendship that would have serious consequences.

Introduced to WikiLeaks staff and supporters under a false name, Shamir was given direct access to more than 90,000 of the U.S. Embassy cables, covering Russia, all of Eastern Europe, parts of the Middle East, and Israel. This was, for quite some time, denied by WikiLeaks. But that’s never a denial I’ve found convincing: the reason I know he has them is that I gave them to him, at Assange’s orders, not knowing who he was.

Why did this prove to be a grave mistake? Not just for Shamir’s views, which are easy to Google, but for what he did next. The first hints of trouble came through contacts from various Putin-influenced Russian media outlets. A pro-Putin outlet got in touch to say Shamir had been asking for $10,000 for access to the cables. He was selling the material we were working to give away free, to responsible outlets.

Worse was to come. The NGO Index on Censorship sent a string of questions and some photographic evidence, suggesting Shamir had given the cables to Alexander Lukashenko of Belarus, Europe’s last dictator. Shamir had written a pro-Belarus article, shortly before photos emerged of him leaving the interior ministry. The day after, Belarus’s dictator gave a speech saying he was establishing a WikiLeaks for Belarus, citing some stories and information appearing in the genuine (and then unpublished) cables. [my emphasis]

As he admits, at least by 2013, Ball was aware that Shamir had ties to Russian spooks.

What Ball describes in the piece is that he entered into an agreement with Assange to provide data to someone, Shamir, that Shamir did not publish, but instead shared with a repressive dictator and, probably, with Russian intelligence services.

That’s not journalism. That’s spying.

To be sure: as Ball describes, he realized his error and promptly left WikiLeaks (and, as he described in the 2013 article, refused to sign some of the NDAs Assange was pushing). That’s why he was approached as a witness and not a subject, because he made affirmative efforts to leave the conspiracy that has already been charged against Assange and almost certainly will be charged against Shamir, if it hasn’t already been, under seal.

After having served as an unwitting data mule for Assange in a handoff that would result in Lukashenko (and possibly Russian spies) getting advance access to the content of the Cables, Ball subsequently became a journalist. But that does not retroactively change what happened in 2010. Nor does that mean FBI approached him as a journalist. They approached him as a guy who once unwittingly served as a data mule for the part of the Cable releases that undermines all the claims that Assange is nothing but a publisher.

Here’s what people miss about the publication charges against Julian Assange, including the Cable count. They charge him for, “distributing them and then by publishing them.” Proving that Assange distributed the State Cables via unwitting data mule James Ball to Shamir is all DOJ would have to do to prove that charge against Assange, to prove that Assange shared them with someone not authorized to receive them. At a hypothetical trial of Assange (and whoever else gets charged), they’ll undoubtedly explain that after first giving privileged access to the Cables to Shamir, who handed them onto people who would use them to suppress dissent, Assange published all of them. That’s part of the cover. That’s part of what leads people like Ball to imagine he was involved in journalism when he shared the Cable files with Shamir.

For a number of WikiLeaks releases, there’s some story like this, about how before publication, files were either removed from the publication set or provided exclusively to someone in advance. The publication is, in part, cover for that earlier sharing. Schulte even described how if Russia got the source code he shared with WikiLeaks but which WikiLeaks, with limited exceptions, did not publish, they would never publish it, because it would be more useful to reverse engineer what the CIA had been doing.

These tools are MUCH more valuable undiscovered by the media or the nation that lost them. Now, you can secretly trace and discover every operation that nation is conducting.

Schulte is one of the people that anyone charged in a larger WikiLeaks conspiracy would be charged with conspiring with.

That’s the tough thing about US conspiracy law: Once you enter into a conspiracy, you’re on the hook for the actions of anyone who later enters into that conspiracy — like Shamir or Schulte — whether or not you know about it personally. You’re on the hook unless and until you take affirmative actions to leave the conspiracy. Lots of people with ties to WikiLeaks want no tie to Assange’s relationship with Shamir, but if DOJ adds him as a co-conspirator, then they’re not going to have much choice in the matter.

In any case, because so few of WikiLeaks’ boosters know that there are other targets in this investigation, they seem to be getting unfortunate legal advice, such as regarding the import of the detail that FBI obtained a statement from Shamir — whose statements, if and when he is charged as a co-conspirator, can be entered at trial — stating that Ball provided Cables, which he claimed to be about “the Jews,” to him.

The U.S. government cannot make much use of what I revealed in the article in a court of law unless I testify to it — and it is not hard to see how I could be useful if they were trying to strengthen the political case against Assange. In the article, I admit that I was the one who gave Shamir the material, albeit on Assange’s orders, without knowing who he was. If I testified to all this, it could, at least in theory, open me to criminal charges of my own.

[snip]

When, after months of delaying tactics had run out of road, we said a final “no”, there was a small sting in the tale from a DOJ prosecutor to my lawyers. Sending a statement in which Shamir had falsely claimed I had provided him with cables on “the Jews,” the prosecutor noted:

“Upon seeing those words from Shamir, I cannot help but ask whether Mr. Ball would reconsider his decision about speaking to the investigators, even if only just to respond to Shamir’s allegations.”

Yeah, it was a sleazy tactic, but also one designed to alert his lawyer that Ball does not currently have exposure but at a trial in which Shamir is a co-conspirator, Ball’s own conduct will be introduced at trial as part of proving that Cable charge and can be introduced without the article Ball wrote in 2013. Ball was advised they can’t use his article without his testimony — and because he had already left any agreement with Assange that’s probably right — but FBI can certainly introduce Shamir’s claims that he got the Cables from Ball, along with whatever other evidence they have about what Shamir did with them afterwards.

One more reason the fact that this is an ongoing investigation into targets not publicly identified matters: DOJ may or may not  or may already have gotten the UK to approve superseding the existing indictment against Assange, the one that has led people to believe he is the only target of it. But they certainly have the ability to charge a conspiracy in which Assange is an uncharged co-conspirator, showing a seven year conspiracy involving Russian spooks — starting no later than that handoff of cables to Shamir — charging everyone else that entered into a conspiracy via Assange with Russian spooks. Back in 2020, prosecutors implied to Jeremy Hammond that the long extradition process of Assange would provide the opportunity to charge Assange’s involvement in the 2016 Russian hack-and-leak. And because at least one of the people who would be charged in such a conspiracy, Josh Schulte, appears to have continued his efforts to leak through last year, any statute of limitations might go through 2027. That’s why they’re in no rush to charge Shamir publicly: because the way conspiracy law works in the US, they can charge everyone who didn’t affirmatively leave the WikiLeaks conspiracy so long as the conspiracy remains ongoing.

Ball may well be right that the other people the FBI has approached are being approached for coverage of WikiLeaks they did, as journalists (though there are some edge cases). But of the descriptions I’ve seen, there’s always another as yet uncharged target about whom the FBI is asking. That may not change their calculus about whether they want to cooperate, but it means, whether they know it or not, that their refusals are not limited to a bid to protect Assange’s conduct.

I think the people approached for their coverage of WikiLeaks should definitely tell the FBI to fuck off.

But there’s more going on here, particularly with the request to Ball.

Double Booked: Whistleblower X Described Inappropriate Presidential Interference … Back in 2019

/19 Comments/in , , /by

There’s a line in Whistleblower X’s testimony that hasn’t gotten enough attention amid the uncritical treatment of Gary Shapley’s media tour claiming improper political interference in the investigation of Hunter Biden.

Whistleblower X described that when investigators asked late last year why prosecutors hadn’t yet charged Hunter Biden, they learned that the attorneys had “found some emails” that made them question whether “they could actually charge the case.”

So we found out through talking with our SAC that the attorneys had found — we were always asking for updates on charging. When are we going to charge? When are we going to charge? We were told that the prosecutors had found some emails that concerned them if they could actually charge the case. That’s what they said to us.

This explanation — that prosecutors had discovered emails that made them question whether they could charge the case, at all — would present an entirely different explanation for the delayed (and seemingly softball) charging decision with regards to Hunter Biden, one for which there is abundant evidence in the two transcripts, yet one that has been ignored by lazy journalists.

It suggests there may be evidence of past misconduct that, if shared with Hunter Biden’s lawyers in discovery, would lead to dismissal of the entire case, or at least an acquittal.

Non-Virgin Birth

Start with how the investigation was set up. Shapley described that the investigation into Hunter Biden was spun off of an investigation into what he called a “foreign-based amateur online pornography platform.”

The investigation into Hunter Biden, code name Sportsman, was first opened in November 2018 as an offshoot of an investigation the IRS was conducting into a foreign-based amateur online pornography platform.

Whistleblower X, who opened the case immediately after joining the International Tax and Financial Crimes group, described that “amateur online pornography platform” differently; he described it as a “social media company” that may have hosted a prostitution ring.

I started this investigation in November of 2018 after reviewing bank reports related to another case I was working on a social media company. Those bank reports identified Hunter Biden as paying prostitutes related to a potential prostitution ring.

Also included in those bank reports was evidence that Hunter Biden was living lavishly through his corporate bank account. This is a typical thing that we look for in tax cases — criminal tax cases, I should say.

Remember that Whistleblower X has a habit of seeing sex workers everywhere he looks.

Whistleblower X then went from there to look for evidence of crime in public reporting on Hunter Biden’s divorce proceedings.

In addition, there was media reporting related to Hunter Biden’s wife, ex-wife, divorce proceedings basically talking about his tax issues. And I wanted to quote some of the things that were said in her divorce filing which was public record.

“Throughout the parties’ separation, Mr. Biden” — referring to Hunter Biden — “has created financial concerns for the family by spending extravagantly on his own interests, including drugs, alcohol, prostitutes, strip clubs, gifts for women with whom he had sexual relationships with, while leaving the family with no funds to pay legitimate bills.

“The parties’ outstanding debts are shocking and overwhelming. The parties have maxed-out credit card debt, double mortgages on both real properties they own, and a tax debt of at least $300,000.” [my emphasis]

Then, in response to questioning from Minority Counsel, Whistleblower X described how, on his third attempt to open the investigation, he ran bank reports for Burisma, which is what convinced his supervisor to permit him to open the investigation.

Mr. X. My initiation packet, so sending the case forward to get — we call it subject case. It’s an SCI. It’s elevating the case to actually working the investigation. My first one showed the unfiled returns and the taxes owed for 2015 and that was it on my first package. So that was the wrongdoing that we were alleging.

And my supervisor goes: You don’t have enough. You need to find more.

So I kept digging for more and more. And even after that point, he goes: You haven’t found enough. So I ended up searching bank reports that [I] ran on the periphery of what we were looking at.

So I ran bank reports for Burisma, and in those bank reports I had found additional payments that Hunter had received. And then at that point I had found that Hunter did not report the income for 2014 related to Burisma.

So now I had a false return year. So that alone — it was basically so much evidence that I put in there — allowed us to elevate the case.

A potentially “amateur” sex worker site, to divorce proceedings, to Burisma. It all sounds like an effort to find a crime, and finding that crime has been a significant focus of a 12-person international tax group supposedly tasked to find much more significant tax crime ever since.

I don’t think anyone asked how long this process of making three bids to open an investigation into Hunter Biden took. So it’s actually unclear how the timing works with the investigation in Delaware opened in January 2019.

So in [or] around March or April of 2019, the case went up to DOJ Tax. And at that time we were told that William Barr made the decision to join two investigations together. So at that point in time I had found out that Delaware had opened up an investigation related to the bank reports and that that occurred in January of 2019, so 2 months after I started mine.

Likewise, there has never been an explanation for what predicated the separate investigation in Delaware opened in 2019, though NYT describes that an existing civil review of Hunter Biden’s tax problems became a criminal investigation that also included the foreign influence peddling, largely, Burisma, that appears to have since been dropped.

Then, we learn, that shortly after Barr was confirmed, and in a period when he was trying to reverse the prosecution of Michael Cohen, sustaining investigations into Greg Craig and Andrew McCabe, perpetuating efforts to seed an investigation into John Kerry, and launching a four year witch hunt based off fabricated claims about Hillary Clinton, the Attorney General consolidated everything in Delaware — the perfect venue if Joe Biden is your target but (as Whistleblower X noted), the wrong place for Joe Biden’s son, who lived in LA or DC during the alleged crimes in question.

Documented Sixth Amendment Concerns

How all this got started matters, because this early period may be when adverse emails that could make it impossible to prosecute Hunter Biden at trial got put into the record.

That’s because Whistleblower X’s supervisor for the first period of the investigation — for a period that may have spanned over 14 months — believed there were Sixth Amendment and political influence problems with the investigation.

When describing how this perturbed him, Whistleblower X freely admitted that he was reading everything in the press about Hunter Biden (that detail will become important later) and that he went to his supervisor’s boss to get his boss to stop raising concerns about Trump’s tweets.

Whistleblower X described his supervisor Matt Kutz’ concern about Trump’s tweets — a direct example of precisely what Republicans are searching for, inappropriate Presidential interference!! — as exhibiting a liberal viewpoint.

From what I was told by various people in my agency, my IRS supervisor, Matt Kutz, created memos which he put in the investigative files regarding the investigation potentially violating the subject’s Sixth Amendment rights. He also referred to Donald Trump’s tweets at the time.

I recall that at one point I had to go around my supervisor and ask his boss, ASAC George Murphy, to tell him to stop sending me and the Hunter Biden prosecution team these emails and that I was searching media articles on a weekly basis and was aware of everything being written in the media regarding the case.

[snip]

A So it was actually Matthew Kutz. He was my supervisor at the time and from the articles that he was sending me, I would say he had more of a liberal view than I had and it was pretty obvious from the things he would send me and discuss. And that’s just me making an observation.

So I later found out about these memos that were put in the file regarding the issues that he saw with the investigation, the fact that we even had it opened. So I only learned about those after.

And then it came to a point to where he’s sending us so many media articles about different issues that I had to tell him stop, please. And I had to go around him. And that’s when I went to my ASAC at the time, George Murphy, who was above him. [my emphasis]

After learning of an example of Presidential interference, but from Trump, GOP staffers in the interview interrupted the Minority’s questioning by going off the record about something, as if they were the witness.

MAJORITY COUNSEL 2. Off the record.

MAJORITY COUNSEL 1. Off the record.

[Discussion off the record.]

MAJORITY COUNSEL 1. On the record.

That off the record discussion appears to have discussed why Whistleblower X believed that his supervisor’s concerns about the Sixth Amendment were proof of liberal bias, because that’s what Whistleblower X explained immediately after going back on the record. And then, Whistleblower X explained to Minority Counsel, that Matt Kutz raised concerns four years ago about whether this could ever be prosecuted.

Mr. X. So these articles were a lot about — were a lot of articles regarding Trump and getting a fair investigation and things related to that, Trump’s tweets and stuff like that. So, that’s what drew me to my conclusion.

BY MINORITY COUNSEL 1: Q What was the purpose behind him sending you the Trump tweets? What was he trying to get at, or was he trying to give you more information for your case? Why would he send those, or do you know?

A Yeah, I think he was bringing up concerns with potentially us prosecuting the case down the road, potential issues we’re going to incur. I don’t remember the exact email that he sent that caused me to be — that he had to stop sending me some of the news articles, because it wasn’t even the fact that he was sending me these news articles.

It was the opinion he was providing in those emails that I did not agree or that I did not — not agree with but did not think was appropriate. [my emphasis]

Whistleblower X told us in one part of the interview that prosecutors had found something in the email record that led them to worry they could not prosecute this case at all, and then in another part of the interview he told us that the supervisor for the first year or so of this investigation believed they would have problems prosecuting it down the road because of Trump’s constant badgering for precisely this investigation.

Maybe, just maybe, the reason no US Attorney’s Office wanted to take this to trial is because this investigation was plagued by inappropriate tampering from the other President from the start?

Gary Shapley’s Involvement

In January 2020, in the same period when Bill Barr was setting up an alternative channel via which DOJ could ingest dirt about Hunter Biden that Russian spies shared with Rudy Giuliani, Gary Shapley became Whistleblower X’s supervisor, overseeing the 12-person International Tax group that would hunt Hunter Biden for five years.

Now is probably a good time to note that Shapley — who splits his time between Baltimore and DC — seems to have a good relationship with Rod Rosenstein, a Maryland AUSA who went on to become US Attorney and then Deputy Attorney General during a period when DOJ was launching politicized investigations into Trump’s enemies.

Mr. Shapley. No. I think I’ve said it, that this is not the norm. This is — I’ve worked with some great guys, some great prosecutors that went on to be U.S. attorneys and went on to be the deputy attorney general and, I think I have experience enough to where it means something.

As noted, Shapley became Whistleblower X’s supervisor just as Barr was setting up a protected means to ingest dirt pertaining to Burisma. But by his own description, Shapley didn’t start liaising more closely with David Weiss until later….

… Until Rudy Giuliani released the laptop.

From around October 2020 through October 2022, I was the IRS CI manager who interacted directly with the United States Attorney, David Weiss, and individuals at DOJ Tax Division the most.

This coincidence — that Shapley became more involved just after Rudy disclosed that a blind computer repairman had shared a laptop with the FBI before he himself, the President’s personal lawyer, got a copy — may be significant.

The Really Really Really Dated Claim about the Laptop

By Shapley’s description, he contacted the AUSA on the case, Lesley Wolf, and not only complained that the FBI was misrepresenting the laptop (when in fact they were mostly no-commenting), but also raised the possibility that John Durham may have searched the laptop.

On October 19th, 2020, I emailed Assistant United States Attorney Wolf: “We need to talk about the computer. It appears the FBI is making certain representations about the device, and the only reason we know what is on the device is because of the IRS CI affiant search warrant that allowed access to the documents. If Durham also executed a search warrant on a device, we need to know so that my leadership is informed. My management has to be looped into whatever the FBI is doing with the laptop. It is IRS CI’s responsibility to know what is happening. Let me know when I can be briefed on this issue.”

In his congressional testimony Durham specified that Hunter was the one Trump enemy he hadn’t been ordered to investigate — but remember that there were reports Ukrainians brought dirt to him.

In his testimony, Shapley admitted that the investigative team called this meeting because, “we were just making sure that everything was being handled appropriately.” But he emphasized Whistleblower X’s complaints that parts of the laptop had been withheld from investigators.

As I noted in this post, per Shapley’s own notes, that’s not what the bulk of the meeting was about.

Of 43 numbered entries, just eight deal in part or in whole with access Whistleblower X had, and some of that is conflicting [note that Shapley misspells Cellebrite “cellabright” throughout]. Here’s what those eight numbered entries describe:

  • 14a. Describing that the John Paul Mac Isaac 302 about what he saw on the laptop was being withheld from the prosecution team (as a whole), even though the taint team had found no privileged items discussed in it
  • 25. Describing that Whistleblower X had never seen a PDF version of the Cellebrite report from the drive, but instead had to look at the device itself
  • 29. Describing Whistleblower X asking whether all the iMessages that were relevant and non-privileged had been reviewed, the answer to which the team didn’t know immediately [this seems to confirm the IRS was not doing the scope review of the laptop]
  • 30. Describing that all messages from the hard drive had been shared in the third disclosure to investigators in February 2020, which seems to partially address item 29
  • 33. Discussing a March 2020 email describing limits on the quality and completeness of the recovery of the hard drive; in response to Whistleblower X’s complaint that he hadn’t seen it, an AUSA (probably Wolf) said they would eventually see a redacted version of the report
  • 40c. Quoting Whistleblower X complaining [it’s unclear whether this is in an April 2020 email or live] that he never saw the Cellebrite file
  • 41. Describing that the Cellebrite file was uploaded sometime in May [which may refute 40c]
  • 42. Describing Whistleblower X stating that if they’re going to testify, they need to see everything, in response to which Lesley Wolf said they would return to that issue

Most of the report seems to be an effort to ascertain legal chain of custody, given the discovery that the original source of the laptop had just spent the last few months turning it into a campaign season political hit job. But amid that discussion, Whistleblower X appears to have aired a series of complaints about decisions DOJ made about access in the interim year.

In his testimony, Shapley also made much of the final bullet point in his notes — the only part of the memo, aside from Whistleblower X’s complaints, that memorializes contemporaneous discussion. In his testimony, Shapley quoted AUSA Lesley Wolf stating, just over a week after NYPost released their first story on the laptop, that there was no reason to think anything had been added to the laptop.

We have no reason to believe there is anything fabricated nefariously on the computer or hard drive. There are emails and other items that corroborate the items on the laptop and hard drive.

Shapley repeated that judgment from October 2020 in May 2023 uncritically, as if it is remotely definitive.

AUSA Wolf acknowledged that there was no reason to believe that any data was manipulated on devices by any third party. She further supported this belief by mentioning that they corroborated the data with other sources of information received.

Right wingers are predictably going nuts over this, claiming it proves something it does not.

Even ignoring the timing of Wolf’s comment, just days after the initial disclosure of the laptop, this comment falls far short of validating authenticity of the laptop. Wolf was only validating the laptop — all of it!! — by matching data points. Importantly, “the computer guy” at the meeting (who could probably spell Cellebrite correctly) proposed doing a report showing document creation date.

If the FBI did that after that meeting, Shapley chose not to disclose the outcome. Given what we know about Mac Isaac’s treatment of the laptop, such a step might have showed whether the blind computer repairman’s failure to airgap the machine resulted in email updates — including from the recently hacked Burisma — being loaded to the laptop.

More importantly, the discussion shows that a year after the government obtained the laptop, no one had yet done this kind of validation of the laptop (and given the recovery problems with it, it’s not entirely clear they could).  A year after obtaining the laptop, the government was still just working off trust in Mac Isaac’s sketchy and changing story.

Plus, it’s one thing to say the laptop as Mac Isaac delivered it to the FBI had nothing added, if that’s true, but we know that the laptop as released by Rudy did have alterations. And the fact that Rudy altered the laptop in the midst of launching an election-year attack discredits any claim that anyone makes about the laptop as released by him.

Whistleblower X’s Hot and Cold Affection for Forensic Reports

One of Whistleblower X’s serial complaints about the laptop — that he couldn’t get the Cellebrite report of the laptop itself, items 25, 40c, and 41, above — is of particular interest: That’s because the WhatsApp messages that Shapley shared with the Committee, showing Hunter Biden invoking his father in an attempt to get business in China, also did not come from the forensic format in which they’d be received from Apple.

In fact, they’re not even direct copies of the report from Apple — they are summaries, as Shapley admitted to the Committee. Shapley doesn’t even know who did the summary.

Q Could you tell us about this document, what is it, and how was it obtained —

A Sure. So there was an electronic search warrant for iCloud backup, and these messages were in that backup and provided —

Q Okay.

A — from a third party, from iCloud.

Q Okay. Who was it provided to?

A The — the investigative team from —

Q Okay. A It would go through all the same processes of — since it’s electronic, it would go to one of the computer analysis folks, and then they would put it in a readable format, and then it would go through filter review.

Q Okay. And these aren’t WhatsApp messages, these are summaries of WhatsApp messages, correct?

A Yeah, that’s correct. Because it was something about the readability of the actual piece, right? It was easier to summarize in a spreadsheet.

Q Okay. And who did the summary? Who prepared this document?

A It was either the computer analysis guy or [redacted, probably Whistleblower X], one or the other

This is the content that the Committee tried to recreate to look like real messages, only to mix message type and appearance.

Here’s what an FBI production from WhatsApp messages obtained from an iCloud warrant would look like in official admissible form, from an exhibit in Vladislav Klyushin’s trial.

It is also a reconstruction (and includes translations), but one that has enough information to afford reliability. It’s also entirely readable.

There’s simply no reason to further summarize from there, much less to do so without all the metadata included, as the IRS reportedly did. It’s not the Committee that first did sketchy reconstructions. Shapley, or Whistleblower X, did, off material they claimed to obtain directly from a warrant return.

These WhatsApp messages from Hunter Biden’s iCloud are important for several reasons: notably, that investigators reportedly had them in hand, directly from Apple, by August 2020, possibly relying on the laptop they had not yet fully validated to get them, then using them to validate the laptop content, the kind of investigative bellybutton that can get a case thrown out.

Further, when discussing them, Whistleblower X makes much of the fact that he wasn’t able to get location data to see whether Hunter was with his father when he sent these emails.

They had just served a search warrant on Apple, which should have gotten a good deal about Hunter Biden’s data — at the very least, the IP from which he was logging in. But given that they had an Apple return in hand, Whistleblower X’s complaint that they weren’t able to get it … almost certainly means he’s complaining that they weren’t able to get Joe Biden’s location data.

In 2020.

During the election.

Taint

With that in mind, go back to Whistleblower X’s complaints, over and over, that he didn’t have all the content from the laptop.

As Shapley explained in response to questioning, the investigative team was instructed not to look at anything from the Internet that was otherwise available, including — especially — the laptop.

Q Now, was your team, were they permitted to use open-source methods for looking at the materials for this case? Like, if materials were published on the internet related to Hunter Biden or related to Hunter Biden’s business concerns, were you allowed to consult that?

A No. We were directed that if there’s anything from the laptop from other sources to not look at it because then it’s potential for it to be tainted.

Q Okay. So if it’s posted on the internet, if it’s written about in the newspaper, you were not allowed to consult that open source method?

A Yeah. We were directed not to.

Q Is that customary?

A I would say yes. Yes.

Whistleblower X, however — after describing that the case predication itself came from press coverage of Hunter Biden’s messy divorce and that he was referencing press coverage of Hunter Biden’s messy life on a weekly basis — described seeing videos on Twitter that he had not received from the laptop.

And one thing that I want to be clear on, that there was information — and I don’t know the detail of that information that was withheld from us — but there was information withheld from the investigators.

And some of that was withheld for privilege. But there was other things — we went out and talked to one of the potential prostitutes. And there were videos that I’ve seen out there on Twitter, on the internet, and information related to that person that I had never seen before.

And I brought this up as an issue. I’m like: I’m seeing things here. Why am I not seeing that from you guys? And when I say “you guys,” the prosecutors. And there was a notion that some information was being held back from us, and I don’t know what that information was.

Whistleblower X, who chased down every one of Hunter Biden’s known sex partners for interviews, complained there were videos online — videos that would have come from a laptop that had been altered — that he had never seen.

Attorney-Client Taint

Whistleblower X risked tainting the investigation by reviewing material released on a laptop that had been altered.

That wasn’t the only taint concern though.

Twice in the interview, Congressional investigators introduced exhibits that Shapley hadn’t seen before: first an email from Eric Schwerin to Hunter Biden, which Shapley explained that he “ha[d]n’t seen it in this form, but I’ve seen excerpts of this document.” Then they showed Shapley an email involving — in addition to Schwerin and Hunter Biden — George Mesires, an email clearly marked as “Re: Tax Analysis — Attorney Communication.”

When Majority Counsel asked Shapley if he has seen that email, he and his attorney went off the record.

Have you seen this document before?

Mr. Lytle. Can we talk to our client just briefly.

MAJORITY COUNSEL 2. Of course. We can go off the record.

[Discussion off the record.]

MAJORITY COUNSEL 2. We’re back on the record.

Having had to consult his attorney about what the simple yes or no response was, Shapley came back to note that this was privileged.

BY MAJORITY COUNSEL 2: Q The question is whether you’ve seen this document before.

A No. Anything from George Mesires was considered privileged —

Q Okay.

A — attorney-client privilege and was not provided to us.

Q Okay. And so that was kept from you by the FBI?

A No. It would be a filter team.

Q Okay.

A When we get any information, and even from the laptop and hard drive, it went through filter reviews, and we only saw what came back as nonprivileged.

A long discussion ensued in which Republican lawyers complained that DOJ conducted privilege reviews for lawyers and accountants working for lawyers. It was immediately after that discussion that Majority Counsel asked whether the investigative team could review material made public from the laptop, as described above.

No, they couldn’t, Shapley explained, because they might see something that would taint the prosecution.

In response to a later question from the Minority, Shapley admitted that if he remained on the prosecution team, reviewing the Mesires letter would amount to taint.

In his response, he referred to Mesires as a “quote-unquote” attorney.

Q Okay. And this was back in 2017. Okay. And then on exhibit 5, it’s the same question, George Mesires, and I think you might have mentioned him earlier, do you know his relationship?

A Yeah. I know him to be a personal, quote, unquote attorney to Hunter Biden. And if I wasn’t taken off the case, I would have been tainted by this document

For example, in August 2020, we got the results back from an iCloud search warrant. Unlike the laptop, these came to the investigative team from a third-party record keeper and included a set of messages. The messages included material we clearly needed to follow up on. [my emphasis]

That’s how Shapley “quote-unquote” dealt with Mesires.

Whistleblower X, who admitted seeing videos online he hadn’t seen in material shared from the filter team, was different though.

As he was reading from an email that, he said, showed Lesley Wolf refusing to get approval for interviews, Whistleblower X stopped himself from reading one particular name.

Lesley Wolf says to me on September 9th, 2021: “I do not think that you are going to be able to do these interviews as planned. The document requests require approval from Tax Division. At present, Jack and Mark are racing to get the EWC motion on Stuart’s desk” — so Stuart was the [Acting] Deputy [Assistant] Attorney General, Stuart Goldberg at Tax Division — “Stuart’s desk for approval before he leaves town for a week. “Along with the approval for the” — and I’m going to leave the name out of that — “both of these items are higher priority and we can’t pull time and attention away to move these subpoenas through. [my emphasis]

In follow-up, Minority counsel asked Whistleblower X what name he had asked to leave out.

It was George Mesires.

Q Okay. You mentioned — this is a little ways later — I believe on September the 9th of 2021 that you had an email. You were reading through it, and you had mentioned that Stuart Goldberg was leaving town. You said there was a name that you wanted to leave out when you were reading the email. What was that name?

A So it was the name of Hunter’s personal counsel, George Mesires.

A year after complaining loudly that he hadn’t been provided stuff he saw on Twitter, he tried to subpoena Hunter Biden’s “quote unquote attorney.”

Whistleblower X’s Unclean Dirt

There’s one more detail that suggests whatever prosecutors found in email could have made the case unsustainable — and also makes Whistleblower X’s urgent concerns, in a meeting just over a week after NYPost reported on Rudy’s version of the laptop — far more suspect.

In what appears to be the last of his complaints about not getting information on the laptop (item 42), he said, as recorded by Shapley,

42 SA [redacted, probably X] — For items not seen by agents shouldn’t they see everything because if they have to testify to it they need to see it

a. Lesley response is that this is a historical review and we can discuss that later.

To get access to the entirety of the laptop, Whistleblower X made an argument about what he would need to do to prepare to be the key witness against Hunter Biden at trial.

That argument is 180 degrees the reverse from what he explained over and over in his testimony, about how he was avoiding anything that might taint him as a witness.

For example, he said he had been avoiding testimony to Congress to preserve his ability to testify.

I’d like to note that I wasn’t present at the leadership meeting on October 7th, 2022, that Mr. Shapley and leaders from the IRS were a part of with U.S. Attorney David Weiss, the meeting where he made the statements about not being in charge.

I also wanted to continue to protect the record and my ability to testify as the case agent in the future, which is also a part of the reason I didn’t come forward to you.

[snip]

I was interviewed by an investigator — I think they were with TIGTA. I told them, I didn’t leak anything. I thought that the leak might have come from either defense counsel, or from DOJ like the other ones came. But what I can tell you, and I’ve told this to the prosecution team, I’ve done everything that I can to keep my record clean and to keep my ability to testify as the case agent as clean as I possibly can.

He explained that he purposely wouldn’t write stuff down to preserve his ability to be summary witness.

Mr. X. On the record.

I just want to say that I made every effort to — when we work these cases, you have to be careful of what you might say that could be used against you if you were to go to trial or if you were to go in front of a grand jury. Usually, the IRS special agent is the final witness, the summary witness. So things that you put out there in emails, they can attack you at a later date.

So I did everything that I could to possibly make the record as clean as it possibly could, investigated the case, but in doing that, here’s all the things that happened because of that.

Shapley, on the other hand, did put all that in writing. When Minority Counsel pressed him on the fact that he really hadn’t disclosed any of this to supervisors, he described that he kept taking notes of bitch sessions so that the others could testify.

Q No one at IRS above — other than CI, no deputy commissioners, no commissioner? A That is correct. And, there was a common theme that and the co-case agent Christine Puglisi would — after all these pros team calls we would have a follow-up call. And sometimes FBI agents would be on there as well. And it was basically talking about the strategy and it often became like, Wow, they are not letting us do this. Can you believe they said that? Like that type of thing.

And we — in order to protect the record of the investigation basically it was me that could only document that, right? Because we wanted to make sure that the agents weren’t documenting things that would eventually be turned over in discovery and could somehow affect the viability of the case.

So that is something that I documented moving forward. And each time we were, like, Wow, they didn’t let us do the search warrant. Like she said — to overcome probable cause with a search warrant is, like, that is it, right? That is really, like, okay, well, you are going to go do it, because we want evidence that is unfiltered, right? But the whole point is we were like, well, there is no way they are not going to charge us. The evidence is there. They say the evidence is there. And we just really couldn’t believe that they would be doing something wrong. It was a very heavy burden to overcome from my experience and training to be, like, wow, there is something going on here.

[snip]

Now I want to talk about exhibit 6, which is your memo about the laptop and the hard drive. Was this memo provided to anyone?

A This memo was discussed in length with the case agent and co-case agent, but to protect the record, these I couldn’t send to them.

Q Okay.

A So after each time we had calls like this, I would have conversations with them. There was even a document that I produced where they were like, well, there was this problem, this problem, this problem. So I was like, I’ll record it, because we don’t want this to potentially be discoverable and have any issues in the future. So this is an example of that, where if there are at least two people that will say that we talked about this right after, and most of the conversation is to discuss what happened during that, to make sure that it was accurate.

Q But you don’t provide a copy to your supervisor or Mr. Fort or anyone else in your chain of command?

A No.

Q It just stays with you?

A That’s correct. [my emphasis]

Effectively, what Shapley and Whistleblower X described to Congress is that the IRS investigators were keeping a double set of books regarding the investigation.

To be fair, I think many — perhaps most! — government investigative teams do this. Short of that, they get an agent who investigated just a small corner of the whole, shielded from any ongoing investigation. Or a paralegal.

But if an investigator really really wants to take the stand against they guy they’ve been investigating for five years, they have to be sure to keep their books clean.

Reviewing the full Hunter Biden laptop would have tainted Whistleblower X as a witness, though. Even ignoring probable chain of custody problems with the laptop, reviewing the laptop as reviewed with a search warrant would have made Whistleblower X a tainted witness. Reviewing the laptop as Rudy released it after altering it, all the more so.

Plus, some of the details in the IRS’ double set of books about the Hunter Biden investigation raise questions not about DOJ approval processes, but about integrity of evidence, including the laptop and everything that came after that.

For example, because in September 2020, AUSA Lesley Wolf raised the possibility (and then debunked) that the investigation would shut down after the election, as this double set of books recorded, it raises real concerns about whether this investigation was nothing more than an election stunt, whether Bill Barr’s DOJ was simply investigating Hunter Biden for a campaign ploy. When Wolf described that DOJ was under fire for self-inflicted reasons, it’s unclear whether she was talking about past disclosures, like the Carter Page IG Report that focused on FBI’s conduct, or whether she was talking about Barr’s tampering in ongoing investigations, something that was quite pressing in September 2020.

Gary Shapley created a double set of books in the Hunter Biden investigation and described it as such. That double set of books raises ample questions about whether this investigation was about Hunter Biden … or his father.

Cleanup on Aisle Nine

The press release from Delaware US Attorney David Weiss’ office announcing two Informations as part of a plea deal stated the investigation into Hunter Biden was “ongoing.”

The team assigned to the plea deal includes two Special AUSAs, Leo Wise (who has been brought into troubled cases in the past) and Derek Hines, and includes Benjamin Wallace from DE USAO rather than the AUSA at the center of allegations of abuse, Lesley Wolf.

Whistleblower X — a big fan of hearsay — told the House Ways and Means Committee that FBI Agents were being treated the same way IRS Agents are: requiring that they report through their Special Agent in Charge to Weiss.

A I did hear from FBI that they were being treated the exact same way — that they had to communicate through their SAC to the U.S. Attorney in Delaware.

So in spite of Gary Shapley’s wails that his team got cut off as retaliation, there’s some reason to believe everyone did.

Whistleblower X also referenced two topics into which there might be an ongoing investigation. The first was a CEFC deal with Hunter Biden in 2017 and 2018.

MAJORITY COUNSEL 1. Can I go off the record? Mr. X. Yeah. Off the record.

[Discussion off the record.]

MAJORITY COUNSEL 1. Back on the record?

Mr. X. I don’t feel comfortable disclosing anything further on that issue.

The other involves the circumstances of how Kevin Morris paid off Hunter Biden’s tax debt in 2000.

A So on his 2020 tax return, personal tax return, Hunter stated: “See statement in 2020. The taxpayer received financial support from a personal friend totaling approximately $1.4 million. The parties agreed in 2020 to treat the support as a loan and later documented their agreement in a promissory note in the amount of $1.4 million, 5 percent interest. “The promissory note requires periodic payments between 2025 and 2027. The promissory note was executed by both parties on October 13th, 2021. “The taxpayer is treating this amount as a loan for tax purposes. The balance of the financial support is treated as a gift. No amount of the support is treated as a reported taxable event on this tax return.” So that’s what was filed with the return.

Q And has that transaction been investigated or —

A I’m no longer a part of an investigation related to that.

[snip]

Q It’s a voluntary interview. If you’re not comfortable saying, you don’t have to answer the question, any of our questions.

A It goes back to one of my — if there is potentially a current investigation that’s out there to —

Mr. Zerbe. Let’s go off the record.

[Discussion off the record.]

MAJORITY COUNSEL 2. Go back on the record?

Statutes of limitation on the latter event would not expire until at least 2025 (though, as noted, the terms of the loan only require that the President’s son start repaying the loan in 2025). It could well be that Hunter Biden, or his benefactor, will eventually be charged with a serious felony — potentially include campaign finance violations — for the way Joe Biden’s son eliminated some of his past tax exposure (though this post-dated the election).

So I think it very possible that Weiss effectively reset the Hunter Biden investigation as a way to move past a great deal of dodgy shit that went down in the last five years.

But amid the media attention Shapley has generated, there are signs that something else — not lefty political bias — undermined the case against Hunter Biden, potentially up to and including outright misconduct. There is a whole range of communications that may have made a prosecution of Hunter Biden unsustainable: documentation of political pressure from Trump, concerns about the sources of leads, evidence of potential taint, and a clear obsession with investigating Joe, not just Hunter.

Those thing should make a Hunter Biden prosecution unsustainable. And the people who kept a double set of books recording some of it are now wailing as if someone else blew the case.

When they may have.

The leaks that seem to have been the proximate cause of the turmoil may make — may already have made — such misconduct more apparent.

SCOTUS Takes Over

/88 Comments/in , /by

Good boy, Congress! Now it’s your turn President

SCOTUS has set itself up as the sole arbiter of the constitutional limits on the power of the federal government. We say we have a federal government of limited powers. As I’ve noted in this series, one of the goals of the Founders was to keep the federal government from interfering in the internal affairs of the states. In the debates on the Reconstruction Amendments, there is a constant return to the idea that the feds shouldn’t infringe state power. And there’s the 10th Amendment:

The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

Our federalism, or dual sovereignty, may have served political purposes in the late 18th Century, but now it’s created monstrous problems. By narrowly construing the limits of federal power and asserting control over congress and the president, SCOTUS has created or ignored horrifying problems and made it almost impossible for us to solve them. In this post I’ll look at several of them.

1. Democracy In Citizens United, the right-wing members of SCOTUS held that laws limiting PAC spending on elections were somehow unconstitutional. Now billions of dollars are spent on dark money contributions that benefit campaigns, and while we can assume these people are filthy rich, we don’t know who they are, and we have no to find out what they expect in return. (Hint: it’s not good government.)

In Shelby County v. Holder SCOTUS struck down Section 5 of the Voting Rights Act, the pre-clearance provision,

… because the coverage formula was based on data over 40 years old, making it no longer responsive to current needs and therefore an impermissible burden on the constitutional principles of federalism and equal sovereignty of the states. Fn omitted.

In Rucho v. Common Cause SCOTUS allowed partisan gerrymandering.

The Court ruled that while partisan gerrymandering may be “incompatible with democratic principles”, the federal courts cannot review such allegations, as they present nonjusticiable political questions outside the remit of these courts. Fn omitted.

In Brnovich v. DNC, SCOTUS upheld two Arizona laws making voting harder. The two laws had a disparate negative impact on poor people, mostly minorities. The explanation for this decision even in Wikipedia doesn’t make sense to me, but then, I’m in favor of voting. It was generally seen as the last step before complete dismantling of the Voting Rights Act.

That destruction was narrowly avoided in the recent Allen v. Milligan decision, where John Roberts didn’t reverse an earlier case, Gingles, discussed here. Gingles is a very narrow reading of §2 of the VRA, meeting Robert’s lifelong goal of making it really hard to win a VRA case.

A majority of SCOTUS has now decided not to further attack democracy by adopting the ridiculous independent state legislature silliness. Of course they reserved their own supremacy.

These cases make voter suppression easy, and Red states have imposed a startling array of limitations. For example, Texas passed a law limiting drop boxes for mail-in ballots to one per county. In this interview Rep. Terri Sewell of Alabama, a sponsor of the John Lewis Voting Rights Advancement Act, describes some more.

The intent is clear. Continuing centuries of practice, SCOTUS revanchists rule that states are free to restrict voting any way they see fit, no matter the impact on democracy. As a result, SCOTUS is enabling minority rule.

The main impact is on cities, which are routinely cracked and packed to restrict their political power. For example, Texas tightly controls the ability of large cities to govern themselves. Recently cities were forbidden from requiring water breaks for workers as they swelter under a heat dome for the third week.

How long are Dallas, Houston, Austin and San Antonio residents willing to see their taxes spent in small country towns while rural religious fanatics control their personal lives?

2. Women’s Health As I’ve noted Alito’s decision in Dobbs doesn’t comport with constitutional law as I learned it in the long ago. But its consequences have been sickening. Jessica Valenti tries to keep track of attacks on women in her substack. Pregnant women are rufusing to travel to Red states or plan to leave them over health concerns.

Not content with controlling the lives of women who seek treatment inside their jurisdictions, the anti-women states pass laws with extra-territorial effects, like Texas’ SB 8, the Bounty law. These states claim the right to attack citizens of other states who provide care. Blue states are responding by enacting shield laws, refusing to recognize the demands of the aggressors. Here’s an explainer from Vox. Shield laws typically operate to protect all kinds of health care criminalized by legislators in Red States, including gender-affirming care.

This sets up a serious conflict between the states, perhaps reminiscent of the fury over the Fugitive Slave laws. How long will normal people put up with these assaults?

3. Taking away Congressional power SCOTUS is working to hamstring Congress. One obvious example is Shelby County v. Holder, where SCOTUS said Congress didn’t work hard enough to justify renewal of the VRA.

In the middle of the Covid crisis, Congress indicated OSHA should adopt a rule under its emergency authority requiring larger employers to protect their workers. OSHA complied. SCOTUS struck that down on the shadow docket. SCOTUS ruled that Congress couldn’t delegate the management of the crisis to an agency but had to do something specific to prove to SCOTUS Congress did its homework.

In EPA v. West Virginia, SCOTUS said Congress had to pass a new bill if it wanted to do anything serious about climate change. It created a brand-new constitutional rule to explain its decision, which the creators gave the laughable title major questions doctrine. It says that if 5 members of SCOTUS think something is a big deal, Congress can’t delegate authority to an agency under general language, but must specifically authorize the agency to act in a way those 5 oracles think conclusive.

We’re told the solution is through the ballot box. How long will we put up with this sham voting regime when SCOTUS feels free to slap down laws that don’t meet its ever-changing standards?

4. Controlling executive powers In the middle of the Covid crisis, district court judges enjoined enforcement of vaccine mandates for health care workers and rebellious members of the military. The injunctions were upheld by appellate courts. Then SCOTUS overturned them after an emergency hearing. The lower courts set themselves up as arbiters of the nation’s military and health care policies. SCOTUS implicitly agreed that lower courts were entitled to do so, even as it overruled these outrageous decisions.

Shortly after taking office, Biden established immigration enforcement priorities. Ken Paxton, the indicted, impeached, and wildly partisan Attorney General of Texas, filed suit to block those priorities and establish priorities he liked. The lower courts granted a stay and SCOTUS allowed that stay to remain in effect for a year. Then in US v. Texas, a recent decision I haven’t read, SCOTUS overruled the 5th Circuit. This is typical for any decision of the executive. Courts at all levels feel free to impose stays and screw around for months while the problem festers.

How long can we let the judiciary prevent us from dealing with massive problems before we protect ourselves from their ignorance and their dangerous ideology?

Note: Please remember that you should not say, or even think, that SCOTUS is an illegitimate power-grabbing rabble intent on imposing their minority views. It hurts their feelings and detracts from the sanctity of their holy calling.

A Guide to the False Claims John Durham Will Tell Congress

/37 Comments/in , , /by

I finally finished my last post on the Durham Report last week before heading off for a visit with family for a week. This post gathers them all together in one place.

John Durham’s investigation was a four year effort to flip the script: to make Hillary Clinton — the victim of a nation-state attack in 2016 — its villain.

Durham and his sponsor, Bill Barr, did so as part of a larger effort — one that also included Barr’s sabotage of both the release of the Mueller Report and the ongoing investigations into Trump’s people — to discredit the investigation started because Trump’s Coffee Boy bragged about learning of the Russian attack in advance, and he wasn’t the only one. The Rat-Fucker, too, got advance notice, the Rat-Fucker, too, bragged about Russia’s assistance to the campaign, though because the FBI didn’t investigate Guccifer 2.0 aggressively enough in real time, it took several years to unpack Roger Stone’s advance knowledge.

And so, in an attempt to negate the results of a very real and very productive investigation, Durham sought out targets via whom he could avenge that investigation into Trump. The investigation itself failed to Lock Her Up, to say nothing of jailing any of the men and women of “the Deep State” who believed that enthusiastic foreknowledge of a Russian attack on a presidential candidate was an important thing to investigate, right along with Emirati efforts to cultivate politicians of both parties, the improper handling of classified information, and suspected (but ultimately uncorroborated) corruption.

Durham tried, but failed, to criminalize efforts to keep the country safe from Russian influence operations. Likewise, he tried, but failed, to criminalize political speech, a political candidate’s effort to raise concerns about her opponent’s very real ties to the country that had targeted her. The two prosecutions Durham brought in an attempt to obtain evidence to support the conspiracy theory that animated his entire investigation — or, short of that, to lead the public to believe in his conspiracy theory, regardless of the evidence — ended in embarrassing acquittals, but not before devastating the livelihoods of his targets and others, many of whom had previously played valuable roles in keeping the US safe.

In a sane world, with a diligent press, that should have ended it. In a sane world, with a diligent press, this four year effort would be recognized as the weaponization of DOJ that Trump-whisperers imagine might only happen in the future, or that Republican supporters of fascism set up a committee to falsely claim happened, only to Republicans, in the past.

But that didn’t happen.

So here we are, six months after Durham’s second humiliating trial loss, that of Igor Danchenko, the one where Durham personally led the prosecution, and he finally released the required report on his investigation. By regulation the report is supposed to be just a record of his prosecutions and declinations. Rather than admit that there had been no there there to his conspiracy theory, Durham engaged in omissions and false claims to bolster his conspiracy theory.

Tomorrow, Republicans on the House Judiciary Committee will invite Durham to repeat his false claims.

Here’s a guide to some of the false claims he may make before Congress.

 

John Durham Lied about Who Told the False Stories

Eight Things Not Mentioned in the Durham Report

John Durham Committed the “Crime” of “Inferring” of Which He Accused Rodney Joffe

“Ridiculous:” Durham’s Failed Clinton Conspiracy Theory

John Durham Fabricated His Basis to Criminalize Oppo Research

John Durham’s Disinformation Problem

 

John Durham covered up what really happened with the Alfa Bank investigation

The Dishonest and Incompetent FBI Work John Durham Learned to Love

FBI Cyber Division’s Enduring Blue Pill Mystery

John Durham’s Blind Man’s Bluff on DNS Visibility

 

John Durham committed the prosecutorial errors he attacked when the FBI made them, but worse

Doo-Doo Process: John Durham Claims to Know Better than Anthony Trenga and Two Juries

John Durham, High Priest of the Cult of the Coffee Boy

 

The press hasn’t called out Durham even while they’ve identified his false claims

How Jonathan Swan Covered [Up] John Durham’s Corruption

How CNN Inculpated John Durham While Purportedly Exonerating Trump

Republicans Demanded Independence for John Durham and Got Robert Hur and Jack Smith in the Bargain

 

Bonus track!

Trophy Documents: The Entire Point Was to Make FBI Obedient

John Durham’s Disinformation Problem

/44 Comments/in , , /by

The only person about whose ties to Christopher Steele John Durham showed no curiosity was Oleg Deripaska.

The only person whose ties to the creator of the dossier that led the FBI to adopt false claims against Trump aides that Durham didn’t pursue was the guy, on whose behalf, Trump’s campaign regularly sent out internal polling data starting in May 2016, the guy, on whose behalf, Trump’s campaign manager briefed Russian agent Konstantin Kilimnik on the campaign’s plan to win swing states. The 2021 Treasury filing that stated, as fact, that Kilimnik is a, “known Russian Intelligence Services agent implementing influence operations on their behalf,” also stated, as fact, that in 2016, “Kilimnik provided the Russian Intelligence Services with sensitive information on polling and campaign strategy,” the very same polling data and campaign strategy he obtained from Trump’s campaign manager on Oleg Deripaska’s behalf. As I’ve laid out, John Durham never mentioned Kilimnik in his report, not once, to say nothing of how Kilimnik obtained internal polling data and a campaign strategy briefing and delivered it to Russian spies.

Everyone else who had the least little tie to Christopher Steele, Durham pursued relentlessly. He charged Igor Danchenko, even though the FBI used Danchenko to, “fish information from Mr. Steele about what Mr. Steele was up to,” as the former British spook pursued a second dossier against Trump in 2017. He charged Danchenko even though Danchenko neither wrote the dossier nor shared it (or even knew it was being shared) with the FBI. Durham not only charged Steele’s primary source, but he caused Danchenko to be burned as an FBI informant, even though Danchenko’s subsource network had reportedly proven incredibly valuable to the FBI. Durham even helped to ensure that the FBI would not pay a significant lump sum payment to Danchenko for his assistance after Republicans in Congress led to his exposure.

Durham’s report aired, at length, details of the earlier counterintelligence investigation into Danchenko; he didn’t include the reasons Danchenko’s handler found the allegations unreliable (indeed, an undated referral in his report suggests Durham retaliated against Danchenko’s handler Kevin Helson for providing those details at trial). Once again, Durham failed his own standards of including exculpatory information. Durham also falsely claimed that Danchenko never told the FBI that his source network knew of his tie to Steele. In reality, as I’ll return to below, in his first interview with the FBI, Dancehnko described that two of them did.

Durham also conducted the investigation into Charles Dolan he believed Robert Mueller’s team should have done in 2017. Durham obtained Dolan’s email, his work email, his phone records, and his Facebook records. Durham still found no proof that Dolan was the source for any of the Russia-related reports in the dossier. After not getting the answers he wanted in Dolan’s first interview, Durham made him a subject and had him review an email Dolan sent, passing on information he had read in public sources, with a report in the dossier, which Dolan conceded might have come from his email. But Dolan still testified that Danchenko never asked Dolan for information about Trump’s connection to Russia.

It wasn’t just Danchenko and Dolan, though. A key part of Durham’s conspiracy theory against Michael Sussmann depended on the fact that — shortly after Sussmann got the Alfa Bank anomaly independent of the Hillary campaign — Sussmann asked Steele about the bank during a meeting where Marc Elias asked Sussmann to help vet Steele. Durham tried to introduce Steele’s subsequent report on Alfa Bank based on that meeting, even though all the evidence shows that if the Brit did provide the report to the FBI, he did so on his own, and it’s not even clear that he himself did provide that particular report directly to his FBI handler.

Durham compelled Fusion’s tech expert Laura Seago to testify because a meeting and four emails she exchanged with Rodney Joffe were the one link between Joffe and the dossier. Seago testified that the Alfa Bank allegations were not a big part of the work she did on Trump-related issues.

Durham had Deborah Fine testify because, as one of the Hillary Campaign’s Deputy General Counsels, she was the only person associated with the campaign — aside from Marc Elias — who regularly met with Fusion GPS. Durham made her testify even though she knew nothing about research relating to Alfa Bank and didn’t remember any conversations about Trump and Russia. Instead, Fine testified, her interaction with Fusion pertained to lawsuits filed against Trump, his company, and his family that Fusion helped to research.

Durham used every method at his disposal — including getting Judge Christopher Cooper to override the Hillary campaign’s claim of privilege over some Fusion emails — to unpack any possible relationship that subjects of his investigation had with Christopher Steele.

Except Oleg Deripaska.

In fact, Durham did the opposite: he obscured the import of Deripaska’s ties to Steele.

In his report, Durham asserted, as fact, something that had only been implied before: Oleg Deripaska paid Steele in spring 2016 to collect information on Paul Manafort.

When interviewed by the FBI in September 2017, Steele stated that his initial entree into U.S. election-related material dealt with Paul Manafort’s connections to Russian and Ukrainian oligarchs. In particular, Steele told the FBI that Manafort owed significant money to these oligarchs and several other Russians. 890 At this time, Steele was working for a different client, Russian oligarch Oleg Deripaska, often referred to as “Putin’s Oligarch” in media reporting, on a separate litigation-related issue. 891

In the same way that Paul Singer initiated the open source research into Trump done by Fusion GPS before the Democrats took it over, Oleg Deripaska — the person on whose behalf Russian intelligence obtained inside dirt, via Konstantin Kilimnik, from Trump’s campaign — initiated the HUMINT collection on Trump’s team, lasting at least until April 18, 2016, even after the Russian attack on Hillary Clinton had already started.

Oleg Deripaska started the dossier project and only later did the Democrats pick it up, unwitting to the fact that it was started by a guy who was busy playing a key role in Russia’s influence operation targeting Hillary’s campaign.

It’s bad enough that Durham didn’t pursue the tie between the dossier and Russia’s later efforts to obtain inside dirt from Trump’s campaign.

But when he described the evidence that Russia likely learned of Steele’s work for the DNC by July 2016, before Steele did virtually all but one of the substantive reports on Trump, Durham did so in a section almost 100 pages earlier than his description of Deripaska’s ties to Steele, and by adopting the moniker the DOJ IG Report used for Deripaska, “Oligarch 1,” he hid that the source of that knowledge was Deripaska himself.

As the record now reflects, at the time of the opening of Crossfire Hurricane, the FBI did not possess any intelligence showing that anyone associated with the Trump campaign was in contact with Russian intelligence officers at any point during the campaign. 251 Moreover, the now more complete record of facts relevant to the opening of Crossfire Hurricane is illuminating. Indeed, at the time Crossfire Hurricane was opened, the FBI (albeit not the Crossfire Hurricane investigators) was in possession of some of the Steele Reports. However, even if the Crossfire Hurricane investigators were in possession of the Steele Reports earlier, they would not have been aware of the fact that the Russians were cognizant of Steele’s election-related reporting. The SSCI Russia Report notes that”[s]ensitive reporting from June 2017 indicated that a [person affiliated] to Russian Oligarch 1 was [possibly aware] of Steele’s election investigation as of early July 20 l 6.” 252 Indeed, “an early June 2017 USIC report indicated that two persons affiliated with [Russian Intelligence Services] were aware of Steele’s election investigation in early July 2016.”253 Put more pointedly, Russian intelligence knew of Steele’s election investigation for the Clinton campaign by no later than early July 2016. Thus, as discussed in Section IV.D. l .a.3, Steele’s sources may have been compromised by the Russians at a time prior to the creation of the Steele Reports and throughout the FBI’s Crossfire Hurricane investigation.

Steele’s source network may have been compromised before the project started, Durham charged. But Durham hid the evidence that if it was compromised, it was compromised by the guy on whose behalf Trump’s campaign manager shared campaign information with Russian intelligence.

In fact, the DOJ IG Report, finished in December 2019 and from which Durham adopted that moniker, Oligarch 1, strongly suggests that Deripaska himself and his “known Russian Intelligence Services agent implementing influence operations on their behalf” sidekick, Konstantin Kilimnik, were the source of any disinformation in the dossier.

Durham did not pursue that evidence, at all, in his report. As I said, he never once mentioned Kilimnik.

He ignored Deripaska’s likely role in disinformation in 2016, even though he focused repeatedly on disinformation in his report. He complained, for example, that the FBI didn’t unpack any potential disinformation in the dossier before using it in the Carter Page FISA applications.

The failure to identify the primary sub-source early in the investigation’s pursuit of FISA authority prevented the FBI from properly examining the possibility that some or much of the non-open source information contained in Steele’s reporting was Russian disinformation (that wittingly or unwittingly was passed along to Steele), or that the reporting was otherwise not credible.

He suggested Danchenko’s unresolved counterintelligence investigation — and not Oleg Deripaska — was the source of potential disinformation.

Our review found no indication that the Crossfire Hurricane investigators ever attempted to resolve the prior Danchenko espionage matter before opening him as a paid CHS. Moreover, our investigation found no indication that the Crossfire Hurricane investigators disclosed the existence of Danchenko’s unresolved counterintelligence investigation to the Department attorneys who were responsible for drafting the FISA renewal applications targeting Carter Page. As a result, the FISC was never advised of information that very well may have affected the FISC’s view of Steele’s primary sub-source’s (and Steele’s) reliability and trustworthiness. Equally important is the fact that in not resolving Danchenko’s status vis-a-vis the Russian intelligence services, it appears the FBI never gave appropriate consideration to the possibility that the intelligence Danchenko was providing to Steele -which, again, according to Danchenko himself, made up a significant majority of the information in the Steele Dossier reports – was, in whole or in part, Russian disinformation.

He falsely used one answer Danchenko gave in his first meeting with the FBI to suggest that might be a source of disinformation.

Danchenko’s uncharged false statements to the FBI reflecting the fact that he never informed friends, associates, and/or sources that he worked for Orbis or Steele and that “you [the FBI] are the first people he’s told.” In fact, the evidence revealed that Danchenko on multiple occasions communicated and emailed with, among others, Dolan regarding his work for Steele and Orbis, thus potentially opening the door to the receipt and dissemination of Russian disinformation;

The claim was grossly dishonest, because at the same meeting, Danchenko described that Olga Galkina knew he worked in business intelligence, and also revealed how he asked Orbis for help setting up another of his sources with language instruction in the UK. Danchenko told the FBI enough, from his first interview, that gave them reason to think his sources might know for whom he reported. But Durham accused Danchenko of lying about it anyway, because he needed to blame Danchenko, and not Deripaska, for any disinformation in the dossier.

Durham even complained that Peter Strzok had not considered whether the original Australian report about George Papadopoulos could be disinformation. Maybe it’s the Australians’ fault, Durham suggests, not Deripaska’s!

Durham looked for disinformation in every source but the one place where — even by early in his investigation — the FBI already suspected it, in the guy who kicked off the dossier project in 2016, before the Democrats even got to it.

Durham’s treatment of Deripaska’s suspected role in disinformation in 2016 is all the more astounding given how quickly Durham dismissed the possibility that the foundation of his own investigation was disinformation.

Durham built his entire project on a source that the intelligence community warned him might be a fabrication, the Russian intelligence report claiming that Hillary had a plan to hold Trump accountable for his ties to Russia. Durham dismissed that warning in two short paragraphs.

As was declassified and made public previously, the purported Clinton Plan intelligence was derived from insight that “U.S. intelligence agencies obtained into Russian intelligence analysis.” 394 Given the origins of the Clinton Plan intelligence as the product of a foreign adversary, the Office was cognizant of the statement that DNI Ratcliffe made to Senate Judiciary Chairman Lindsey Graham in a September 29, 2020 letter: “The [intelligence community] does not know the accuracy of this allegation or the extent to which the Russian intelligence analysis may reflect exaggeration or fabrication.” 395

Recognizing this uncertainty, the Office nevertheless endeavored to investigate the bases for, and credibility of, this intelligence in order to assess its accuracy and its potential implications for the broader matters within our purview.

Remember: Durham made this report the cornerstone of his investigation starting around February 2020, three months after the DOJ IG Report, in December 2019, publicly gave reason to believe that Deripaska had been feeding the dossier with disinformation starting at least by July 2016, the month of this purported Russian intelligence report. Durham made this report the cornerstone of his investigation in spite of his confirmation that Deripaska initiated the dossier project in March 2016 and continued it until weeks before the Democrats took it over.

And Durham made this report the cornerstone of his investigation by fabricating a claim that even the Russians didn’t make about Hillary: that she wanted to promote a false narrative about Trump, rather than demonstrate all the true and damning Russian ties Trump had that Fusion had already fed to Franklin Foer by early July 2016.

Hillary Clinton had no incentive to pay a lot of money for false information — and nor did anyone need to fabricate Trump’s ties to Russia. Paying for false information predictably could — and did, and hasn’t stopped doing in the interim seven years — backfire stupendously. Plus, as I have shown, paying for false information demonstrably led to complacency about the possibility that the material stolen in the earlier hack would be used later in the campaign.

Hillary Clinton had no incentive to pay for disinformation! And Durham utterly fabricated the claim that she did!

But Oleg Deripaska would have an incentive to pay for disinformation.

Not only did that false information in the dossier send the FBI looking at Carter Page as Paul Manafort’s liaison with Russia instead of Konstantin Kilimnik — who then waltzed into a cigar bar in New York to hear how Trump planned to win Pennsylvania. Not only did the false information in the dossier lead the FBI to spend valuable time vetting the dossier rather than pursuing the hundreds of real ties Trump had to Russia.

But the false information in the dossier — and the way that Trump, in the wake of a January 2017 Manafort meeting with another Deripaska associate, attacked the dossier as a way to discredit the larger Russian investigation —  undermined the investigation and ultimately did untold damage to the FBI.

The false information in the dossier has been one of the most singular sources of partisan antagonism in the United States ever since. It has ripped the country apart. One right wing influencer even blamed the dossier for the January 6 attack on the Capitol.

Hillary Clinton had no incentive to pay for that. But Oleg Deripaska did.

And rather than laying out Deripaska’s likely role in the disinformation in the dossier, the known disinformation behind claims about Trump, Durham simply invented a claim that after such time as Deripaska had kicked off the dossier project and the Democrats picked it up, after such time as Deripaska knew that Democrats were funding the dossier, Hillary decided to make up false claims about Trump.

Rather than honestly laying out the public evidence that Deripaska was playing a ruthless double game — using Steele to make Manafort legally and financially less secure while using Manafort’s insecurity to win his cooperation with the influence operation — Durham did the one thing that could continue the wild success of Deripaska’s disinformation project: Blame Hillary for the disinformation, rather than Deripaska himself.

I don’t know whether Durham wittingly decided he was going to play Oleg Deripaska’s flunkie from inside the federal government (to say nothing of Alfa Bank, with whose investigation Durham shared a script). But everything he did with his investigation, every misrepresentation he makes in his report, all the human carnage Durham has done since, simply continues the disinformation project Deripaska kicked off seven years ago.

And that’s why his singular lack of curiosity about Deripaska’s ties to Steele is so telling.

Republicans Demanded Independence for John Durham and Got Robert Hur and Jack Smith in the Bargain

/70 Comments/in , , , , /by

Even before Trump’s Espionage Act indictment was made public, Trump was attempting to politicize his stolen documents prosecution by demanding — via a Truth Social post— a meeting with Merrick Garland, who is not overseeing the case. Virtually every journalist fell for Trump’s bait, reporting the demand without noting that Jack Smith is the prosecutor overseeing the investigation into Trump, not Merrick Garland.

Garland rightly refused the meeting.

Since then, paid propagandists have been chanting out “Joe Biden Merrick Garland Joe Biden Merrick Garland” talking points like wind-up toys, because repetition is how you get low-information Trump supporters and members of Congress to believe false claims.

This strand of propaganda has worked. The other day, WSJ’s Sadie Gurman, after reviewing how assiduously Merrick Garland remained out of the process, stated as fact that this is a political prosecution.

When a grand jury returned the first-ever federal indictment of a former president last week, Attorney General Merrick Garland made a point of suggesting he was nowhere near the team handling the case.

He strolled into Justice Department headquarters in downtown Washington with his deputy late Thursday afternoon amid intense speculation about charges against Donald Trump and told a Wall Street Journal reporter he had been out getting a Covid vaccine.

[snip]

In keeping with that philosophy, Garland kept details of the indictment and its timing secret from Biden, who said Friday, “I have not spoken to him at all, and I am not going to speak with him.”

The attorney general also declined to meet with Trump’s lawyers, who requested a sit-down in the days leading up to the indictment, leaving the gathering instead to Smith and other Justice Department officials.

[snip]

Yet Garland now presides over what may be the highest-profile political prosecution ever, which is certain to be a prominent factor in the 2024 election. [my emphasis]

Gurman also suggested that Garland somehow engaged in politics by letting Jack Smith unseal the indictment that was sealed to protect security, not to let Trump sow violence in a vacuum.

But Garland didn’t object to prosecutors asking a court to unseal the indictment on Friday, well before Trump’s Tuesday arraignment when it would normally be made public, a person familiar with the matter said.

Finally, Gurman immediately — and, possibly, falsely — suggested that Garland “faces a call” on whether DOJ should charge Hunter Biden.

Adding to the political overtones, Garland also faces a call on whether the Justice Department should file charges against Biden’s son, Hunter, who is under investigation related to his taxes and whether he made a false statement in connection with a gun purchase. Hunter Biden has said he acted legally and appropriately.

Garland only faces a call if he has to approve an indictment. If David Weiss chooses not to prosecute, Garland is not going to override the Trump-appointed US Attorney who has been retained to make this decision himself.

Since yesterday’s arraignment, the false claim that Joe Biden and Merrick Garland have pursued the prosecution of Biden’s rival has gotten crazier still, especially on Murdoch properties other than the one where Gurman invented a political prosecution where there is none. As Trump wailed about his plight at his club yesterday, for example, Fox’s chyron accused Biden of being a “wannabe dictator” because a process entirely insulated from Biden resulted in Trump’s arrest. (Natasha Korecki posted this screen cap.)

There’s something especially noxious about the degree to which actual journalists like Gurman are parroting this line (Jamison Fraser notes a similar example in polling coverage).

Donald Trump is being treated no differently than Biden himself, to say nothing of the targets of John Durham’s abusive four year investigation.

Consider how absurd it is that Trump, lashing out, promised to appoint “a real special ‘prosecutor'” to go after Biden and “the entire Biden crime family.”

The Biden Administration already did that, Bucko!!! It currently has two Trump appointed prosecutors, David Weiss and Robert Hur, conducting investigations into Biden’s son and Biden himself. You’re so inadequate you can’t even out-prosecute Biden than Biden himself is already doing!

Yet, in response to this tweet, almost no journalists noted that Joe Biden’s Administration already did that — retain or appoint two separate Trump-appointed prosecutors to investigate Biden himself.

And that’s a hint of what is affirmatively missing from the coverage of real journalists like Gurman.

It’s that Republicans, and Trump himself, have demanded what they’ve gotten with Merrick Garland’s distance from Jack Smith’s prosecution. Republicans, and Trump himself, have repeatedly demanded that Garland stay out of Weiss’ investigation. They even wailed that Biden was being treated specially after the discovery of classified documents at the Penn Biden Center, until it became clear a preliminary Special Counsel had been appointed within days, in Biden’s case, not months.

Most importantly, none of these Republicans wailing about Garland’s distance from the Jack Smith investigations (wailing because it demonstrates their claims that this is a political prosecution to be obvious bullshit) complained at all after John Durham used the independence Garland afforded him to engage in one after another instance of shocking prosecutorial abuse.

Republicans, and Trump himself, did not complain that Durham investigated for four years even though no crime predicated his investigation (a far worse abuse than Durham’s complaint that Crossfire Hurricane was opened as a Full rather than Preliminary investigation).

Republicans, and Trump himself, did not complain that Durham threatened witnesses and lawyers (and lawyers complained to Merrick Garland in real time; they didn’t wait until a target letter went out to try to excuse their own counterproductive legal advice).

Republicans, and Trump himself, did not complain that in both trials, first his lead prosecutor and then Durham himself, were caught scripting improbable or affirmatively misleading testimony from witnesses.

Republicans, and Trump himself, did not complain that Durham charged Michael Sussmann for coordinating with Hillary’s top staffers months before interviewing any of those staffers and discovering it wasn’t true.

Republicans, and Trump himself, did not complain that Durham charged Igor Danchenko relying, in significant part, on the rants Sergei Millian made on his Twitter feed, only to discover, months later, that Millian was unwilling to repeat the same claims at trial under oath.

Republicans, and Trump himself, did not complain that Durham prosecuted a man for making a literally true statement to the FBI.

Republicans, and Trump himself, did not complain when John Durham accused Sussmann and Danchenko anew of lying to the FBI after two juries told him he couldn’t prove that claim.

Republicans, and Trump himself, did not complain that John Durham fabricated a claim that even the Russians didn’t make against Hillary and used it as his excuse to continue his investigation for three more years.

Republicans, and Trump himself, did not complain when John Durham affirmatively misrepresented the YotaPhone white paper; instead, Trump used Durham’s misrepresentation to justify making death threats against Michael Sussmann.

Republicans, and Trump himself, knew how much independence Merrick Garland was giving Jack Smith, because Durham told them that he committed all that abuse and yet Garland let him continue unimpeded.

Finally, we want to thank you and your Office for permitting our inquiry to proceed independently and without interference as you assured the members of the Senate Judiciary Committee would be the case during your confirmation hearings to become Attorney General of the United States.

And long after it was clear that Garland had given Durham precisely the independence that Republicans, and Trump himself, had demanded, Trump is the one who forced the appointment of a Special Counsel by announcing his run six months ahead of his competitors. Trump took steps that led to someone completely independent investigating his suspected crimes, not Joe Biden, not Merrick Garland. And now he’s trying to pretend that he himself didn’t ensure someone independent would investigate his suspected crimes.

Jack Smith has been living by the rules Republicans demanded, and got, for John Durham.

I don’t expect Trump to care that Jack Smith has been operating under the same rules of independence that Garland gave Durham. Trump needs to claim this is political, to provide his boosters — and probably his own fragile ego — some explanation for this indictment other than that a grand jury of South Floridians determined there was probable cause he committed an unprecedented crime that made this country less safe. I expect Mike Davis to continue reeling out his knowingly false claims, Joe Biden Merrick Garland Joe Biden Merrick Garland. It’s what he is paid to do.

But journalists like Sadie Gurman should know better. Journalists like Sadie Gurman, after presenting proof that Jack Smith is operating with the same independence that John Durham did, owe their readers a description of what it means that this investigation has operated with independence. Journalists like Sadie Gurman should not be drawn in by attempts to delegitimize a prosecution only because Trump belatedly wants to change the rules he himself demanded.

Update: I’ve updated my stolen documents investigation resource page, with key documents, a bit of a timeline, all our posts on the case, plus other useful links (including to dockets of other 18 USC 793 cases).

Trump’s “Beautiful Mind Paper Boxes:” Jack Smith’s Points of Leverage

/121 Comments/in , , , /by

In this post, I laid out how DOJ really really really tries to plead out 18 USC 793(e) cases if it can do so, to avoid doing any more damage to national security, on top of the original compromise. That’s true even with a garden variety Green Beret who brought classified documents about a gripe home from work. All the more so if it’s the former President who compromised hundreds of highly sensitive documents.

But as we’ve seen over the ten months since the search of his beach resort, Trump is highly unlikely to do that.

What would it take — Jack Smith’s team may have brainstormed before they filed this — to get Trump to enter into a plea agreement?

So I want to return to my argument that the Mar-a-Lago case is tactical — a tactical nuke, I called it. Partly, I think it is designed to give Walt Nauta very good reason to plead and cooperate, to what end and import I only have guesses.

Partly, I think charging 31 incredibly sensitive documents is a different kind of threat to Trump than it is to most people, because of his narcissism.

Those 31 charged documents are, taken together, a bunch of stories that prosecutors can tell about why Trump stole classified documents. The reason prosecutors included some are pretty easy to guess. Document 19, which concerns US nukes, is classified Formerly Restricted. Under the Atomic Energy Act it could not be declassified by the President alone, so that document will be legally easier to prove to be National Defense Information covered by the Espionage Act than others might, even if jurors don’t get the import of protecting information on America’s nuclear weapons. Some, like document 11, an unmarked document that captures military contingency planning of the United States, seem to be another example of stuff that is obviously NDI, information that is closely held precisely because doing so is necessary to protect US security, regardless of classification level (and may have been selected because it doesn’t include classification marks). Others, like document 3 and document 23, appear to have Sharpie notes, which may provide some hints about why Trump stole them. Matt Tait thinks document 7, memorializing October  28, 2018 communications with a foreign leader, might record a call with Putin or Mohammed bin Salman, post Khashoggi execution, both of which could be highly embarrassing for Trump. Based on its date, Tait argues that the other document pertaining to nukes in Trump’s stash, document 5, likely pertains to Russia. Brian Greer thinks the charged documents turned over on June 3, most of which are from the fall 2019 period during impeachment, could be a coherent set. Whatever else document 8 is — it is described as an October 4, 2019 Five Eyes document — the spillage picture from the storage closet would amount to proof that by storing it insecurely, Trump made it accessible to at least two people who no longer had clearances.

Whatever these documents are, his closest aides considered him to be obsessed with them. Employee 2 — according to WaPo, this is Trump’s then-Executive Assistant, Molly Michael — described the boxes as Trump’s “beautiful mind paper boxes” as she debated with a colleague about where to stash them. Trump went to great lengths to curate and keep these documents; they became tied to his self-imagination of power, it seems. He told Evan Corcoran, “I don’t want anybody looking, I don’t want anybody looking through my boxes, I really don’t, I don’t want you looking through my boxes.” As bad as it is for Trump that the government seized these documents from him, it might pose a far greater injury to his ego if they were shared in court for all the world to see who he really was. We’re all going to get to look at Trump’s boxes if this goes to trial. All of us.

And while the timing of this prosecution cannot be predicted (aside from that the CIPA process will take a lot of time), such an injury to Trump’s ego might be greater if “his” boxes were to become public in the middle of the general election, which is about the earliest that might happen.

So, bizarrely, as hard as it would be for the spooks to declassify these for trial, it might do as much damage to Trump’s psyche to have the contents of “his” “beautiful mind paper boxes” shared for the entire world to see. It would shred the sense of power that he derived from them (and in many cases, would show that many of his public claims about what — say — Mark Milley had really said were false). And so keeping them secret might be something about which Trump and DOJ could come to some kind of agreement.

But that’s not the only point of leverage that Smith has.

Because Trump decided to announce his Presidential run early in a bid to stave off criminal charges, Merrick Garland appointed Jack Smith to oversee both criminal investigations into Trump, the stolen documents case and the January 6 case. At the very least, that means that in the not-too-distant future, Smith will file additional charges against Trump and his close associates, in DC. Since Trump will be dealing with the same prosecutor, Smith, in both, if he wanted to settle one case — say to stave off having his “beautiful mind paper boxes” exposed in Florida — Smith could attempt to include a settlement in a second case in any negotiation.

You still have to get Trump to a position where he wants to settle, but having the same prosecutor oversee both cases simply gives him more flexibility, flexibility that might be able to find a just result for the country.

And the way in which these cases intersect may provide Smith additional tools. Several witnesses in the stolen documents case also have exposure in one or another aspect of the January 6 case. Trump Representative 1 is — again, per the WaPo — Alex Cannon. The January 6 Committee documents showed Cannon to be a key player in (not) vetting fundraising pitches for false claims; but he was also involved in attempts to limit the damage of Cassidy Hutchinson’s testimony.

No one has yet identified Trump Attorney 2, but it may be Boris Epshteyn, who had his phone seized last September and already sat for two days of interviews with Smith’s prosecutors. Trump will go to court today represented by Todd Blanche, who also represents Boris. And Boris’ close associate and partner in crypto-corruption, Steve Bannon, received a subpoena from the Special Counsel last month.

Perhaps the most important of these players common to both criminal investigations, however, is Michael, and that enigmatic comment, “Oh no oh no … I’m sorry potus had my phone” is one of the reasons why. Michael was one of Trump’s most important gatekeepers leading up to January 6, and the logs of his calls from that period were mysteriously not kept. When the January 6 Committee questioned her about events, Michael professed not to remember a lot of things from that period. When the January 6 Committee asked her about her phone — the phone that Trump would sometimes use — she explained that her lawyer had pulled off any texts relevant to the event, but did not provide more. Because Trump made Michael a central player in his effort to steal classified documents, Jack Smith appears to have obtained her phone, a phone that would show some of Trump’s communications, as well as her own.

Indeed, that reference to Trump having her phone on December 7, 2021, may be as much about what he was doing with it as what she said to Nauta once she got it back.

More importantly, these overlapping players have witness testimony about more than the attack. Most if not all of them, as well as most if not all of their known attorneys, are the beneficiaries of the suspected campaign finance fraud that has become a second prong of Jack Smith’s investigation — the investigation into how Trump raised money from small donors promising to use it on election integrity and instead used it on paying lawyers for other criminal exposure (and, as noted, that’s the area where Cannon’s known legal exposure is greatest). We may learn more about how DOJ feels about that today, if DOJ asks for a conflict review of Stan Woodward’s representation of Walt Nauta.

The indictment charged Nauta. But it is very coy about the degree to which the other named witnesses, especially Michael and Epshteyn, have cooperated or might be exposed elsewhere.

And that’s important because of the other elements that don’t show up in this indictment. Michael is the one who ordered Chamberlain Harris to make copies of Trump’s schedules, for example, which in the process resulted in the dissemination of classified information. Michael is the most likely candidate to be the person who compiled one Secret and one Confidential document into one with messages from a pollster, a faith leader, and a book author. One uncharged crime in Trump’s existing indictment describes him sharing classified information with a representative of his PAC (and the paragraph immediately following that one hints that the information may have subsequently been shared with the press). The last thing Jay Bratt did before obtaining this indictment was to interview Taylor Budowich about shared knowledge of Trump’s employees that he was hoarding documents.

As far as we know, Trump appears to have kept the most spectacular of these documents for himself. “I don’t want anybody looking, I don’t want anybody looking through my boxes, I really don’t, I don’t want you looking through my boxes,” Trump told the attorney he had hired to search them. But the more mundane documents — such as the Iran document that disappeared forever after it was publicly aired at Bedminster in July 2021 — appear to have been exploited by the same Political Action Committee that was already the subject of Smith’s increasingly interlocking inquiries.

Trump lied to his small donors about how he was going to use their money. But he also appears to have taken documents when he left the White House — documents that belong to you and me — that he has since put to his own personal and political benefit. Some of those documents are classified.

And so — especially given the suggestion that Smith needed his indictment to go back to a grand jury still working in DC — Jack Smith may have more points of leverage over Trump and his closest associates, including points of leverage that remain almost entirely hidden.

Update: As I was writing this, Lawfare published a similar piece on shoes yet to drop.

John Durham’s Blind Man’s Bluff on DNS Visibility

/17 Comments/in , , /by

On September 16, 2021, John Durham indicted Michael Sussmann on a single count of lying to the FBI, just days before the statute of limitations for that crime expired. Durham accused Sussmann of lying to hide that he had a client or clients on whose behalf he was sharing allegations about DNS anomalies involving Trump Organization and Alfa Bank.

Durham adopts the “DNC fabrication” theory from agents who badly screwed up the original investigation

As I laid out here, the indictment adopted the “DNC fabrication” theory, the “fabrication” part of which was initially espoused in a hasty review by FBI Cyber agents Nate Batty and Scott Hellman by September 21, 2016, just two days after Sussmann shared a white paper describing anomalies involving Alfa Bank.

Durham adopted that theory in spite of proof, in their own summary, that the FBI agents had not closely reviewed the DNS logs included with the allegations, if they ever reviewed them at all. Durham adopted that theory in spite of irregularities in the chain of custody surrounding the handling of a Blue Thumb Drive that reportedly included DNS logs that were never reviewed. Durham adopted that theory in spite of the fact that Batty’s own Lync messages materially conflicted with a claim he made to Durham two years earlier: Batty claimed he had been refused information about the role of Sussmann in the allegations, when in fact his Lync messages showed he had been informed about Sussmann’s role from the start. Durham adopted that theory in spite of the fact that FBI started debunking parts of the “fabrication” story within hours of Batty and Hellman proposing it. Durham adopted that theory in spite of the fact that FBI’s own overt steps (during a pre-election period) and Alfa Bank’s curious lack of DNS logs made pursuing the allegations impossible.

That indictment was an insanely reckless thing for John Durham to do, building as it did on the investigative failures of Batty and Hellman, not to mention Batty’s own materially inconsistent claim.

Several things made that indictment even more reckless.

Durham fails to take basic investigative steps before indicting

First, in spite of the fact that Durham had already been investigating for 28 months by that point — Durham had already been investigating for six months longer than the entire Mueller investigation — there were a whole bunch of obvious investigative steps he had not yet taken. Between the indictment and the May 2022 trial, Durham would do the following:

Durham also revealed two other interviews he only conducted after charging Sussmann: one with someone identified as Listrak Employee-1 and other unidentified personnel on October 27, 2021 and another with the CEO and CTO of Cendyn on November 17, 2021. As described, their interviews pertained exclusively to email, not DNS, and Durham doesn’t appear to have asked Cendyn about the contacts via its Metron messaging product done for some other client with Alfa Bank in the same time period, nor about the contact that did exist between Cendyn and the affected Spectrum IP address. It also doesn’t mention that Listrak reported no emails to Alfa Bank, one of the Bank’s evolving explanations for the anomalies, and any mail to Spectrum was sent elsewhere.

In his report, Durham makes no mention of whether he interviewed anyone at Spectrum Health or Alfa Bank, though a DC judge would observe that it was almost like the Sussmann indictment and an Alfa Bank lawsuit, “were written by the same people in some way.” There were large gaps involved with both entities in the original investigation and it’s not clear Durham made any effort to close them.

Durham accused the FBI of skipping investigative steps on Crossfire Hurricane that might have discovered exculpatory evidence, but none of that comes close to the many investigative steps he had not yet pursued in the 28 months he had already been investigating before indicting Sussmann.

Durham’s indictment of Sussmann piled his own investigative failures on top of those by Batty and Hellman.

Durham discovers his DNC fabrication theory involves real data

More problematic than Durham’s investigative incompetence, though, the Special Counsel charged Michael Sussmann on September 16, 2021, in spite of the fact that a month earlier, by mid-August, 2021, Durham’s team learned that the data Rodney Joffe and others used to conduct their research was absolutely real. The nature of how this came about remains obscure, but in addition to debunking the most simplistic “DNC fabrication” theories, the discovery made it impossible for Durham to continue to rely on the expert his team had been using. The discovery that the data that Batty and Hellman had dismissed in just one day was real should have led Durham to reconsider everything about his case.

Instead, Durham barreled forward with his indictment.

Durham invites the guy who screwed up the investigation to be his expert

Instead of reassessing his case, Durham responded to losing his expert by proposing that Hellman serve as the replacement, even though by Hellman’s own admission he only knows the basics about DNS.

DeFilippis. How familiar or unfamiliar are you with what is known as DNS or Domain Name System data?

A. I know the basics about DNS.

[snip]

Berkowitz. And then, more recently, you met with Mr. DeFilippis and I think Johnny Algor, who is also at the table there, who’s an Assistant U.S. Attorney. Correct?

A. Yes.

Q. They wanted to talk to you about whether you might be able to act as an expert in this case about DNS data?

A. Correct.

Q. You said, while you had some superficial knowledge, you didn’t necessarily feel qualified to be an expert in this case, correct, on DNS data?

A. On DNS data, that’s correct.

Hellman was one of just two people, aside from John Durham himself, who had a stake in sustaining the “DNC fabrication” theory he had floated before closely reviewing the evidence. That Durham even considered making him his expert is a testament that Durham was interested in protecting his “DNC fabrication” theory, not interested in expertise, much less what the actual evidence said.

Durham includes two expert reviews unmoored from any prosecutorial decision

And that’s why Durham’s inclusion of two expert reviews of the allegations Sussmann shared with the government is of interest:

  • 1671 FBI Cyber Technical Operations Unit, Trump/Alfa/Spectrum/Yota Observations and Assessment (undated; unpaginated).
  • 1635 FBI Cyber Division Cyber Technical Analysis Unit, Technical Analysis Report (April 20, 2022) (hereinafter “FBI Technical Analysis Report”) (SCO _ 094755)

With one exception, Durham describes those reviews in a 13-page section of his report that purports to be about the ongoing efforts by Rodney Joffe and others to chase down the Alfa Bank anomalies and some unusual traffic probably reflecting the presence of Yota Phones in the US. The section itself has no place in a prosecutorial memo, because the only interaction with the government described in that section involved a Georgia Tech researcher refusing HPSCI’s request to help chase down these allegations. The rest involves Joffe continuing to chase this issue with his own data, which insofar as it demonstrates Joffe’s sustained concern about this, independent of any election, undermines pretty much all of Durham’s conspiracy theories. The declination decision regarding fraud — which Andrew DeFilippis used to claim that Joffe was still a subject of the investigation more than five years after the events in question, thereby keeping him off the stand in Sussmann’s trial — didn’t even mention Joffe.

But the description of these reviews in this section really doesn’t have a place where Durham put it, because along with the Cendyn and Listrak interviews, one of the reviews appears to have been last minute prep for the Sussmann trial and the other played a key role in an affirmatively misleading court filing that led Trump to make death threats against Sussmann.

These reviews in Durham’s report supported his last-ditch effort to cement the belief that Hillary framed Donald Trump. They’re here to prove, once and for all, that Sussmann was wrong.

Here’s how Durham introduces his efforts to redo the work Batty and Hellman and others botched so many years ago:

This subsection first describes what our investigation found with respect to the allegation that there was a covert communications channel between the Trump Organization and Alfa Bank. It includes the information we obtained from interviews of Listrak and Cendyn employees. It then turns to the allegation that there was an unusual Russian phone operating on the Trump Organization networks and in the Executive Office of the President. We tasked subject matter experts from the FBI’s Cyber Technical Analysis and Operations Section to evaluate both of these allegations.

But as with so much else in this report, they don’t do what they claim to. Durham ensured his experts sustained the blindness that Batty and Hellman willfully adopted so many years ago to avoid concluding that the allegations might be real.

As I noted here, the two reviews purport to review the Alfa Bank allegations — shared with both the FBI and (in updated form) the CIA — and the YotaPhone allegations shared with the CIA. In one place, Durham claims “the same FBI experts” did both reviews, though he attributes them to different groups. But that’s important because if they are the same experts, then they should know of both reviews.

Durham incites death threats because Joffe investigated Barack Obama

The YotaPhone review must have been done first because, as I noted above and show below, the analysis matches claims Durham made in a filing purporting to raise conflicts but mostly airing allegations for which the statute of limitations had just expired. Here’s how Durham describes the allegations in the report:

Specifically, Sussmann provided the CIA with an updated version of the Alfa Bank allegations and a new set of allegations that supposedly demonstrated that Trump or his associates were using, in the vicinity of the White House and other locations, one or more telephones from the Russian mobile telephone provider Yotaphone. The Office’s investigation revealed that these additional allegations relied, in part, on the DNS traffic data that Joffe and others had assembled pertaining to the Trump Tower, Trump’s New York City apartment building, the EOP,1558 and Spectrum Health. Sussmann provided data to the CIA that he said reflected suspicious DNS lookups by these entities of domains affiliated with Yotaphone.1559 Sussmann further stated that these lookups demonstrated that Trump or his associates were using a Yotaphone in the vicinity of the White House and other locations.1560

Durham’s description of these allegations relies on redacted sections of two trial exhibits (but not a related one that shows Sussmann was not hiding having a client). Because the section of these trial exhibits was redacted, it’s not clear whether Durham is representing how these CIA witnesses described Sussmann’s claims fairly. That’s important because — as we’ll see — Durham misrepresents the YotaPhone white paper.

As Durham described, Sussmann provided four documents and 6 data files to the CIA.

During the meeting, Sussmann provided two thumb drives and four paper documents that, according to Sussmann, supported the allegations. 1564

1564 The titles of the four documents were: (i) “Network Analysis of Yota-Related Resolution Events”; (ii) ·’YotaPhone CSV File Collected on December 11th, 2016″; (iii) “Summary of Trump Network Communications”; and (iv) “ONINT [sic] on Trump Network Communications.” The two thumb drives contained six Comma Separated Value (“.CSV”) files containing IP addresses, domain names and date/time stamps.

Unlike the Red and Blue Thumb Drive, Durham makes clear that his experts actually examined these thumb drives.

Here are three of the documents:

I understand the csv files include:

  • yota-eop
  • yota-cpwest
  • yota-spectrum
  • yota-trumporg
  • sipper
  • 2016-05-04_2017-01-15_Trump_server.csv

I’ll say more about them below.

Durham’s description of the analysis, titled, “Trump/Alfa/Spectrum/Yota Observations and Assessment,” generally obscures whether it is rebutting a claim (redacted in the trial exhibits) made by Sussmann (“the presentation”) or included in the white paper and data (“the above-quoted white papers about the Yotaphone allegations” and “Yotaphone-related materials”) provided, and he doesn’t repeat or address the Alfa Bank side of these observations (which have no tie to the YotaPhone claims).

But the technical analysis does not, at all, debunk the YotaPhone observations.

The FBI DNS experts with whom we worked also identified certain data and information that cast doubt upon several assertions, inferences, and allegations contained in (i) the above-quoted white papers about the Yotaphone allegations, and (ii) the presentation and Yotaphone-related materials that Sussmann provided to the CIA in 2017. In particular:

  • Data files obtained from Tech Company-2, a cyber-security research company, as part of the Office’s investigation reflect DNS queries run by Tech Company-2 personnel in 2016, 2017, or later reflect that Yotaphone lookups were far from rare in the United States, and were not unique to, or disproportionately prevalent on, Trump-related networks. Particularly, within the data produced by Tech Company-2, queries from the United States IP addresses accounted for approximately 46% of all yota.ru queries. Queries from Russia accounted for 20%, and queries from Trump-associated IP addresses accounted for less than 0.01 %.
  • Data files obtained from Tech Company-1, Tech Company-2, and University-1 reflect that Yotaphone-related lookups involving IP addresses assigned to the EOP began long before November or December 2016 and therefore seriously undermine the inference set forth in the white paper that such lookups likely reflected the presence of a Trump transition-team member who was using a Yotaphone in the EOP. In particular, this data reflects that approximately 371 such lookups involving Yotaphone domains and EOP IP addresses occurred prior to the 2016 election and, in at least one instance, as early as October 24, 2014. [bold and italics mine]

Compare that to the supposed debunking from the gratuitous conflicts filing that led to death threats.

The Indictment further details that on February 9, 2017, the defendant provided an updated set of allegations – including the Russian Bank-1 data and additional allegations relating to Trump – to a second agency of the U.S. government (“Agency-2”). The Government’s evidence at trial will establish that these additional allegations relied, in part, on the purported DNS traffic that Tech Executive-1 and others had assembled pertaining to Trump Tower, Donald Trump’s New York City apartment building, the EOP, and the aforementioned healthcare provider. In his meeting with Agency-2, the defendant provided data which he claimed reflected purportedly suspicious DNS lookups by these entities of internet protocol (“IP”) addresses affiliated with a Russian mobile phone provider (“Russian Phone Provider-1”). The defendant further claimed that these lookups demonstrated that Trump and/or his associates were using supposedly rare, Russian-made wireless phones in the vicinity of the White House and other locations. The Special Counsel’s Office has identified no support for these allegations. Indeed, more complete DNS data that the Special Counsel’s Office obtained from a company that assisted Tech Executive-1 in assembling these allegations reflects that such DNS lookups were far from rare in the United States. For example, the more complete data that Tech Executive-1 and his associates gathered – but did not provide to Agency-2 – reflected that between approximately 2014 and 2017, there were a total of more than 3 million lookups of Russian Phone-Provider-1 IP addresses that originated with U.S.-based IP addresses. Fewer than 1,000 of these lookups originated with IP addresses affiliated with Trump Tower. In addition, the more complete data assembled by Tech Executive-1 and his associates reflected that DNS lookups involving the EOP and Russian Phone Provider-1 began at least as early 2014 (i.e., during the Obama administration and years before Trump took office) – another fact which the allegations omitted. [bold mine]

The bolded narrative shows these are the same report. If 3 million is 46% of the total of around 6.521 million lookups globally, then 1,000 Trump-related queries would be .01% of the global total.

But it is an innumerate stat. I’m not the FBI, and definitely not a top FBI cyber expert. But even my humble little blog occasionally relies on William Ockham to explain things that should be bloody obvious to the Federal government, such as that 3 million DNS requests amount to one family’s worth of use.

Contra Durham, 3 million DNS requests for a related IP addresses over a four-year period means these requests are very rare.

For comparison purposes, my best estimate is that my family (7 users, 14 devices) generated roughly 2.9 million DNS requests just from checking our email during the same time frame. That’s not even counting DNS requests for normal web browsing.

If you’re going to make a federal case out of this, at least make some attempt to understand the topic.

Durham and his hand-picked experts in the FBI suggest that because, among the very rare number of global requests, almost half appear in the US, it means they aren’t rare. From that, Durham and his experts argue that the fact that Trump’s properties (and Spectrum and the Executive Office of the President) are part of this tiny club is not cause for concern.

They’re doing so even though among the domains included in the CSV tables is wimax-client-yota-ru, which shows up in Wordfence’s IOC lists for the GRU attack on the election. Durham and his FBI experts are arguing that it is not alarming that there would be several look-ups to such a domain in October 2016 from the Executive Office of the President, periodical look-ups to that domain from Trump Organization starting in August 2016, and persistent such look-ups from the suspect Spectrum IP address starting in November 2016.

And about those EOP look-ups. Durham claims, in the italicized language above, that there is an, “inference set forth in the white paper that such lookups likely reflected the presence of a Trump transition-team member who was using a Yotaphone in the EOP.” Sussmann may have said that. But it’s not in the white paper. In fact, there’s just one reference to the EOP in the white paper at all, and it’s not included in the speculative paragraph that there may be a tie between the Spectrum traffic and the Trump traffic.

Network traffic analysis strongly suggests communications between Russian networks and Trump Tower, associated Trump properties, with artifacts also present at EOP. Spectrum Health resolver IP 167.73.110.8 in Grand Rapids MI is also observed making similar queries.

The traffic data indicates: (a) There are Russian-made cellular devices on these networks, seldom seen elsewhere in the US; and (b) these networks appear to be at- tempting SIP-connections to Russian networks which very few IPs globally are seen trying to resolve.

It is possible that one or more devices is at times travelling between locations as there are sometimes gaps possibly correlated to newsworthy events such as New York NY to Grand Rapids MI, lifting of some sanctions on Russia, and the disappearance of the queries from New York in mid December and from Grand Rapids MI in mid January 2017.

In other words, as he did when he invented an allegation against Hillary that the Russians didn’t even make, he’s inventing an inference here, the kinds of inferences he tried to criminalize when Joffe did them. Further, he suggests that Sussmann and Joffe didn’t reveal that the lookups started before the election, even though the CSV data included shows lookups starting on October 2, 2016, which last I checked was before the election.

Durham, who admits in his report that these lookups inexplicably ended before Inauguration, nevertheless falsely insinuated in a court filing that Sussmann and Joffe had based their claims on lookups that post-date Trump’s inauguration. Durham is debunking Durham now! And that false claim from Durham led Trump to suggest that because Joffe found an IOC associated with the people who hacked the election within EOP, Sussmann should be put to death.

That’s one reason that it matters that this technical review is undated. Obviously, it’s crazy enough that an undated unpaginated report would show up in a report like this (I suspect it is intended to make the document hard to find).

But because it is undated and — it appears — Sussmann never got it, Durham doesn’t have to admit that he has included it in his report even after Sussmann pointed out that Durham’s inflammatory claims relied on getting the dates wrong himself.

For example, although the Special Counsel implies that in Mr. Sussmann’s February 9, 2017 meeting, he provided Agency-2 with EOP data from after Mr. Trump took office, the Special Counsel is well aware that the data provided to Agency-2 pertained only to the period of time before Mr. Trump took office, when Barack Obama was President.

After Sussmann and Joffe proved he was wrong, Durham dropped these claims. But then he resuscitated them for his report.

Durham blinds his expert so he can’t see any visibility

The second expert review Durham relied on, “FBI Cyber Division Cyber Technical Analysis Unit, Technical Analysis Report,” does have a date — April 20, 2022 — along with a Bates stamp showing that it was shared with Sussmann. The Cyber Technical Analysis Unit that wrote it is headed by David Martin, the guy who ultimately served as Durham’s expert witness at trial. After months of stalling, Durham first informed Sussmann that he would have an expert and Martin would be that expert on March 30, 2022, just weeks before trial.

Given that the Technical Analysis is dated three weeks after that, it seems exceedingly likely the Technical Analysis was a report done in preparation for Martin’s testimony.

As I noted in this post, this Technical Analysis focuses exclusively on the white paper Sussmann shared on September 19, 2016.

The citations to the Technical Analysis document in footnotes references just 13 pages of material, two pages of which is likely front matter, and one page describing the tasking Durham gave them.

Aside from the four pages of material that Durham doesn’t mention, there are really just two topics: addressing whether or not the Spectrum Health IP address was a Tor node, and using the answers obtained from Listrak (and possibly a broader set of logs than Alison Sands had available in 2016) to make an argument about the kind of visibility one needs to learn anything from DNS records.

These topics generally track Martin’s testimony as well (though Sussmann had opposed Martin’s comments on visibility, and given that it doesn’t appear in Martin’s Powerpoint from the trial, I’m not sure he was supposed to discuss it).

Now, Durham loves this technical analysis on Tor. He cited it first when he described how April Lorenzen was trying to figure out what the Spectrum IP address was in August 2016, and then quotes it again 30 pages later in his general technical discussion. The second time, he added an apostrophe-s which might be misread by the dim-witted people who are the audience of this propaganda to suggest that disproving that the Spectrum IP was a Tor node disproves the rest of the white paper, which it does not.

The FBI experts advised that historical TOR exit node data conclusively disproves this white paper allegation in its entirety and furthermore the construction of the TOR network makes the described arrangement impossible.

[snip]

The FBI experts who examined this issue for us stated that historical TOR exit node data conclusively disproves this white paper’s allegation in its entirety.

It’s really weird that Durham loves this analysis, because it would suggest that he didn’t learn that the Spectrum Health IP was not a Tor node until just weeks before trial — though that same judgement, that it was not a Tor node, is one of the main things the FBI got right when they first investigated this in 2016. There is almost nothing cited from this report that newbie counterintelligence agent Alison Sands hadn’t already laid out by October 5, 2016.

Durham’s fondness for this Tor node analysis is all the more hilarious because Durham tasked this expert review after the review of the files Sussmann shared with the CIA in February 2017. And neither of the files about the Alfa Bank anomaly that Sussmann turned over in 2017 (one, two) mention the Tor node. Researchers actually realized this was not a Tor node around the same time Sussmann originally shared the files. It was long gone, Durham knew it, yet that’s still the primary thing he relies on to claim he has debunked the allegations.

So Durham’s primary debunking of the white paper doesn’t address, at all, what was in the later documents. In fact, that was one effect of tasking the Cyber Technical Analysis Unit with reviewing just the stuff on the Red Thumb Drive: it gave some of FBI’s top experts a really easy way to debunk (part of) the white paper, albeit the only part that was entirely debunked in 2016.

It’s like congratulating yourself because the FBI’s top cyber experts managed to play tiddlywinks as well as a newbie counterintelligence agent did six years earlier during a rush investigation.

The second area of this technical review Durham cites that is still more telling. It purports to rely on information learned in Listrak email (not DNS) records to (effectively)  accuse Joffe and the others of cherrypicking the data.

In addition to investigating the actual ownership and control of the IP address, the Office tasked FBI cyber experts with analyzing the technical claims made in the white paper. 1650 This endeavor included their examination of the list of email addresses and send times for all emails sent from the Listrak email server from May through September 2016, which is the time period the white paper purportedly examined. 1651 The FBI experts also conducted a review of the historical TOR exit node data. 1652

The technical analysis done by the FBI experts revealed that the data provided by Sussmann to the FBI and used to support Joffe and the cyber researchers’ claim that a ‘”very unusual distribution of source IP addresses” was making queries for mail l.trump-email.com was incomplete. 1653 Specifically, the FBI experts determined that there had been a substantial amount of email traffic from the IP address that resulted in a significantly larger volume of DNS queries for the mail 1.trump-email.com domain than what Joffe, University-1 Researcher-2 and the cyber researchers reported in the white paper or included on the thumb drives accompanying it. 1654 The FBI experts reviewed all of the outbound email transmissions, including address and send time for all emails sent from the Listrak server from May through September 2016, and determined that there had been a total of 134,142 email messages sent between May and August 2016, with the majority sent on May 24 and June 23. 1655 The recipients included a wide range of commercial email services, including Google and Yahoo, as well as corporate email accounts for multiple corporations. 1656

Similarly, the FBI experts told us that the collection of passive DNS data used to support the claims made in the white paper was also significantly incomplete. 1657 They explained that, given the documented email transmissions from IP address 66.216.133.29 during the covered period, the representative sampling of passive DNS would have necessarily included a much larger volume and distribution of queries from source IP addresses across the internet. In light of this fact, they stated that the passive DNS data that Joffe and his cyber researchers compiled and that Sussmann passed onto the FBI was significantly incomplete, as it included no A-record (hostname to IP address) resolutions corresponding to the outgoing messages from the IP address. 1658 Without further information from those who compiled the white paper data, 1659 the FBI experts stated that it is impossible to determine whether the absence of additional A record resolutions is due to the visibility afforded by the passive DNS operator, the result of the specific queries that the compiling analyst used to query the dataset, or intentional filtering applied by the analyst after retrieval. 1660

1653 Our experts noted that the assertion of the white paper is not only that Alfa Bank and Spectrum Health servers had resolved, or looked up, the domain [mail-1.trump-email.com] during a period from May through September of 2016, but that their resolutions accounted for the vast majority of lookups for this domain. FBI Technical Analysis Report at 6.

1654 The USB drive that Sussman [sic] provided to the FBI on September 19, 2016, which was proffered as data supporting the claims in the white paper, contained 851 records of DNS resolutions for domains ending in trump-email.com. FBI Technical Analysis Report at 7.

I’ll leave it to William Ockham — who apparently is smarter than the entire FBI — to explain that by looking for emails sent out from an IP rather than DNS for a domain, the FBI was basically searching for all packages from one post office rather than stamps from one house that uses that post office (I’m still working on this analogy, but it’s a start). Plus, at least in real time, the newbie counterintelligence agent who figured out the Tor node information Durham claims to have only learned six years later, Alison Sands, kept complaining that Listrak didn’t provide the network logs they needed.

But as I pointed out here, not only does the FBI change its mind mid-sentence whether there was one thumb drive or two — a problem that has plagued FBI’s Cyber division for six years, apparently –but FBI doesn’t even claim to be looking at all the data that was submitted at trial. FBI’s experts only reviewed the exact same file that Scott Hellman emphasized was a portion of the data submitted; they didn’t review the larger set. They complain they only have 851 lines of data because they’re not reviewing the larger file, much less any csv records turned over on the Blue Thumb Drive, not because the logs didn’t exist.

Remember: these are supposed to be the same people who already reviewed the CIA material by February. And the equivalent of the white paper in those materials has a passage that addresses precisely the visibility of which FBI claims to be ignorant. And the Trump/Alfa csvs included on one of those thumb drives — 2016-05-04_2017-01-15_Trump_server — not only includes almost 25,000 lines of data, but it also shows the collection points. The FBI had a way, in hand, to get that visibility, but Durham told them to look away.

The only thing the FBI’s top experts offer to debunk, other than the Tor node claim that the FBI knew the researchers had dropped, was a complaint about visibility. But their complaints about visibility were entirely manufactured by the scope of the review Durham requested and possibly by the curious status of the Blue Thumb Drive, as well as (if Durham is telling the truth about these being the same experts) willful forgetting of a review they had done on related issues less than a year earlier.

Durham created this blindness. By ensuring all the experts remain blind to visibility, Durham ensured the review would conclude that the researchers didn’t have the visibility that, the FBI knew well, they had.

As I have described, way back in October 2016 — just days after Batty and Hellman did — I too thought that this was a set-up.

But I said that because (as I also noted) no one had seen the evidence. The FBI had the opportunity to look, but instead has spent the last six years deliberately blinding themselves so they can continue to claim it was a set-up.

Update: From pre-trial motions, here are two of the CIA summaries in which Sussmann’s claims about the YotaPhone allegations remain unredacted (one, two). They do tie the presence of the YotaPhone in EOP to Trump. But they also make it clear that the phone couldn’t have been Trump, because it didn’t always move with him, meaning these could easily have been (and still could be) someone attempting to compromise Trump.

Alfa Bank and Yotaphone Allegations

1.Factual background

a. Introduction

b. Sussmann’s attorney-client relationship with the Clinton campaign and Joffe

c. The Alfa Bank allegations

i. Actions by Sussmann, Perkins Coie, and Joffe to promote the allegation

ii. Actions by April Lorenzen and others and additional actions by Joffe

iii. Sussmann’s meeting with the FBI

d. The FBI’s Alfa Bank investigation

i. The Cyber Division’s review of the Alfa Bank allegations

ii. The opening of the FBI’s investigation

e. Actions by Fusion GPS to promote the Alfa Bank allegations

f. Actions by the Clinton campaign to promote the Alfa Bank allegations

g. Sussmann’s meeting with the CIA

h. Sussmann’s Congressional testimony

i. Perkins Coie’s statements to the media

j. Providing the Alfa Bank and Yotaphone allegations to Congress

k. Joffe’s company’s connections to the DNC and the Clinton campaign

l. Other post-election efforts to continue researching and disseminating the Alfa Bank and Yotaphone allegations

i. Continued efforts through Joffe-affiliated companies

ii. Efforts by Dan Jones and others

iii. Meetings by DARPA and Georgia Tech

iv. The relevant Trump Organization email domains and Yotaphone data

2. Prosecution decisions

This Indictment Will Likely Come Too Early for Trump to Consolidate the Party

/75 Comments/in , , , /by

After Trump propagandaist John Solomon published that Trump had been told he was a target of the Espionage Act investigation that has targeted him since last August, Trump did a post on his failing social media site. I’ve edited it down to the key bits:

Trump’s first response to the first public confirmation that he will soon be charged was not, as it turned out, to bellow, “Lock him up!” or even reconsider his past obstruction, but instead demand that the insurrectionists in Congress do something.

His first response was to demand that Republicans turn their focus — as they have for much of the last five years — on defending him at all costs, to the detriment of anything that better serves their interests (to say nothing of the interests of their constituents).

I’m not surprised. At some point, I will finally write a post describing how brilliantly Trump used the Russian investigation — assisted by a great deal of Russian disinformation — to successfully demand GOP loyalty to him over country. In the end, the Russian investigation was a tremendous tool Trump used to accrue power, all the while doing grave damage to the US.

His response to the public report he’ll soon be indicted was to attempt to do the same thing: make his own legal woes those of the entire GOP.

But this indictment — if it indeed gets filed in the next two weeks or so — may come too early for Trump.

That’s because, as I laid out here, there’s still plenty of time in the GOP primary for other Republicans to take advantage of Trump’s legal woes. Republicans seem to be sensing this opportunity. Chris Christie kicked off his undoubtedly doomed presidential race by focusing on Trump’s epic corruption. Mike Pence kicked off his equally doomed presidential run by emphasizing that he did his duty on January 6, unlike Trump (the presence of his brother Greg at the event undermined that message, because even after Trump almost got both he and the Vice President killed, Greg still challenged the election and voted against impeaching Trump). Asa Hutchinson called on Trump to step aside, noting he may be charged with Espionage [Act violations].

The point is not that these men will win the election. It’s that they’re using their candidacy to oppose Trump at a time when Christie and Pence and Hutchinson can anticipate that Jack Smith will soon give each a lot of material to work with. Many — not most, but many — Republicans are looking for permission to break with Trump and the timing of a potential indictment and the primary may give a way to do it.

Meanwhile, Joe Biden’s success at giving Kevin McCarthy a way out of the hostage situation he was forced to create just before the US credit rating was affected is having a remarkable effect on the House GOP.

Insurrectionists in Congress, who briefly considered trying to replace McCarthy, seem to have realized they don’t have the votes, and so have been trying to do something — anything — to look like they are tough. But it has only made them, and Republicans, look more ridiculous.

There are increasing reports that less radical Republicans want nothing to do with this chaos.

Greg Sargent wrote up what he describes as Biden’s deliberate attempt to marginalize the MAGAts, which is a good way of understanding it.

[I]n promising to restore “the soul of the nation” in the face of this threat, Biden has continually distinguished between MAGA Republicans and more conventional ones. This approach has been criticized by those of us who see much of the GOP as extreme and dangerous — after all, many elected Republicans helped whitewash Trump’s insurrection — and think Biden’s characterization of non-MAGA Republicans plays down that broader threat.

But Biden’s reading served him well in the debt limit standoff. Contrary to much criticism, Bidenworld believes that refusing to negotiate at the outset was key: It forced Republicans to offer their own budget, which created an opening to attack the savage spending cuts in it.

Notably, Biden and other Democrats relentlessly characterized those cuts as destructive and dangerous in the MAGA vein. Bidenworld did believe that some MAGA Republicans were willing to default and force global economic cataclysm to harm the president’s reelection, a senior Biden adviser tells me, but also that many non-MAGA Republicans ultimately could be induced not to go that far.

There’s no guarantee it’ll work. There’s no way to prevent some of the damage that Marjorie Taylor Greene, Matt Gaetz, Jim Jordan, and James Comer intend to do.

But there’s always the threat that if ten Republicans decide they’ve had enough of this chaos, it creates the opportunity for a Fred Upton or similar to come in to lead a House that will function as a legislative body again.

If Trump weren’t indicted until September or October — still a realistic timeline for January 6, particularly if interim charges must occur first — Trump might have had an opportunity to seal the GOP primary and force the GOP to defend whatever crimes he gets charged with, to own and normalize those crimes as their own, as the GOP has chosen to do for the past six years.

But at the moment, there are hints of a mood change, one in which at least a critical handful of Republicans will choose against the chaos they’ve been gripped by for six years.

Update: Added the Hutchinson tweet. h/t.