The IC Can’t Even Decide What Is Classified in Hillary’s Emails But They’re Attempting To Do Same on the Internet

/2 Comments/in /by

Yesterday, Steven Aftergood noted that, rather than prosecute leakers, the Intelligence Community is instead taking administrative measures against people who leak information. We’ve know they were moving in that direction for some time (largely through Aftergood’s efforts). But he posts now de-classified testimony obtained via FOIA that Bob Litt gave in 2012 explaining the change.

“This Administration has been historically active in pursuing prosecution of leakers, and the Intelligence Community fully supports this effort,” said ODNI General Counsel Robert S. Litt in testimony from a closed hearing of the Senate Intelligence Committee in 2012 that was released last week in response to a Freedom of Information Act request.

But, he said, “prosecution of unauthorized disclosure cases is often beset with complications, including difficult problems of identifying the leaker, the potential for confirming or revealing even more classified information in a public trial, and graymail by the defense.”

Therefore, Mr. Litt said, in 2011 Director of National Intelligence James Clapper ordered intelligence agencies “to pursue administrative investigations and sanctions against identified leakers wherever appropriate. Pursuant to this DNI directive, individual agencies are instructed to identify those leak incidents that are ripe for an administrative disposition….”

As Aftergood notes, such measures sure didn’t dissuade Edward Snowden.

There are two more interesting details of note in the testimony Aftergood liberated. First, Litt provides a somewhat redacted assessment of whether IC elements have the ability to audit employee activities on their networks. Most members of the IC has some audit and monitoring in place. Whereas some are what Litt describes as “robust,” he admitted that “other agencies have less mature programs, but some ability to track employee online activity.”

I do hope for Litt’s sake he didn’t tell SSCI, a year before Snowden’s leaks, that the NSA was among the agencies with robust systems, because they ended up having no ability to track what he took, much less see him taking huge amounts of data in real time.

Perhaps most interesting, though, is Litt’s reference to the development of “automated systems … that will assist in identifying classified information published on the Internet.” By Litt’s testimony on February 9, 2012, an IC study had “concluded that it would be beneficial and feasible for ONCIX/S to implement a centralized and automated capability to identify potential unauthorized disclosures of classified information published electronically on the Internet.” The IC was looking for funding to develop a pilot program to do just that in 2012.

The example of Hillary’s email is testament to one of many problems with such a plan. Various intelligence agencies accused her aides of sharing classified information. But in at least some cases, the same information was available via open source (not to mention that it’s easy to suss out what the IC thinks its biggest secrets are).

So the IC will be scanning the Internet for stuff they think is theirs. But short of tracking classification markings, this will necessarily involved scanning for either known leaked information (so imagine them currently tracking everyone discussing a document Snowden leaked, anywhere in the world), or scanning for information that looks to have the particular syntax (heh) of an intelligence report.

There are a range of problems I can imagine that would result.

But that likely won’t stop the IC from trying to hold their glut of classified information inside their fences, or to hunt down people who seem to understand the same things the IC knows, in case that person can be caught talking to some person the IC would also like to enclose behind that fence.

In Exchange about Clinton Email Investigation, Lynch Forcefully Reminds She Is FBI’s Boss

/8 Comments/in /by

There’s one last exchange in Wednesday’s Senate Judiciary Committee hearing with Attorney General Loretta Lynch that deserves closer focus. It came during John Cornyn’s round of questioning.

He structured his questions quite interestingly. He started by using the example of the Apple All Writs Act order to emphasize that FBI can’t do anything without DOJ’s approval and involvement. “I just want to make sure people understand the respective roles of different agencies within the law enforcement community — the FBI and the DOJ.”

He then turned to an unrelated subject — mental health, particularly as it relates to gun crime — ending that topic with a hope he and Lynch could work together.

Then he came back to the respective roles of the FBI and DOJ. “So let me get back to the role of the FBI and the Department of Justice.”

He did so in the context of Hillary’s email scandal. He started by reminding that Hillary had deleted 30,000 emails rather than turning them over to State for FOIA review. Cornyn then raised reports that the government had offered Bryan Pagliano immunity (Chuck Grassley argued elsewhere in the hearing that that should make it easy for Congress to demand his testimony, as the WSJ has also argued). “It’s true, isn’t it, that immunity can’t be granted by the FBI alone, it requires the Department of Justice to approve that immunity.”

Lynch filibustered, talking about different types of immunities, ultimately ceding that lawyers must be involved. She refused to answer a question directly about whether they had approved that grant of immunity. Which is when Cornyn moved onto trying to get the Attorney General to admit that she would have the final decision on whether to charge anyone in the email scandal.

Cornyn: Let me give you a hypothetical. If the FBI were to make a referral to the Department of Justice to pursue a case by way of an indictment and to convene a grand jury for that purpose, the Department of Justice is not required to do so by law, are they?

Lynch: It would not be an operation of law, it would be an operation of our procedures, which is we work closely with our law enforcement partners–

Cornyn: Prosecutorial discretion–

Lynch: –it would also be consulting with the Agents on all relevant factors of the investigation, and coming to a conclusion.

Cornyn: But you would have to make to the decision, or someone else working under you in the Department of Justice?

Lynch: It’s done in conjunction with the Agents. It’s not something that we would want to cut them out of the process. That has not been an effective way of prosecuting in my experience.

Cornyn: Yeah, I’m not suggesting that you would cut them out. I’m just saying, as you said earlier, you and the FBI would do that together, correct? Just like the Apple case?

Lynch: We handle matters together of all types.

Cornyn: If the FBI were to make a referral to the Department of Justice to pursue criminal charges against Mr. Pagliano or anyone else who may have been involved in this affair, does the ultimate decision whether to proceed to court, to ask for the convening of a grand jury, and to seek an indictment, does that rest with you, or someone who works for you at the Department of Justice?

Lynch: So Senator with respect to Mr. Pagliani [sic] or anyone who has been identified as a potential witness in any case, I’m not able to comment on the specifics of that matter and so I’m not able to provide you–

Cornyn: I’m not asking you to comment on the specifics of the matter, I’m asking about what the standard operating procedure is, and it seems pretty straightforward. The FBI does a criminal investigation, but then refers the charges to the Department of Justice, including US Attorneys, perhaps in more celebrated cases goes higher up the food chain. But my simple question is doesn’t the buck stop with you, in terms of whether to proceed, to seek an indictment, to convene a grand jury, and to prosecute a case referred to you by the FBI?

Lynch: There’s many levels of review, at many stages of the case, and so I would not necessarily be involved in every decision as to every prosecutorial step to make.

Cornyn: It would be you or somebody who works for you, correct?

Lynch: Everyone in the Department of Justice works for me, including the FBI, sir.

Cornyn: I’m confident of that.

Grassley: Senator Schumer.

Schumer: Well done, Attorney General, well done.

I’m not entirely sure what to make of this: whether Cornyn was setting this up for the future, or whether he was trying to lay out Lynch’s responsibility for a decision already made. But given the reports that FBI Agents think someone should be charged (whether because of the evidence or because Hillary is Hillary), it sure felt like Cornyn was trying to pressure Lynch for her role in decisions already discussed. Indeed, I wonder whether Cornyn was responding to direct entreaties from someone at the FBI, possibly quite high up at the FBI, about Lynch’s role in this case.

Whatever he was trying to do, it may lead to some folks in the FBI getting a stern talking to from their boss, Loretta Lynch.

FBI Can’t Have Whistleblower Protection Because It Would Encourage Too Many Complaints

/4 Comments/in , /by

The Department of Justice is undercutting Chuck Grassley’s efforts to provide FBI employees whistleblower protection. That became clear in an exchange (2:42) on Wednesday.

The exchange disclosed two objections DOJ has raised to Grassley’s FBI Whistleblower Protect Act. First, as Attorney General Loretta Lynch revealed, DOJ is worried that permitting FBI Agents to report crimes or waste through their chain of command would risk exposing intelligence programs.

What I would say is that as we work through this issue, please know that, again, any concerns that the Department raises are not out of a disagreement with the point of view of the protection of whistleblowers but again, just making sure that the FBI’s intelligence are also protected at the same time.

I suspect (though am looking for guidance) that the problem may be that the bill permits whistleblowers to go to any member of Congress, rather than just ones on the Intelligence Committees. It’s also possible that DOJ worries whistleblowers will be able to go to someone senior to them, but not read into a given program.

Still, coming from an agency that doesn’t adequately report things like its National Security Letter usage to Congress, which has changed its reporting to the Intelligence Oversight Board so as to exempt more activities, and can’t even count its usage of other intelligence programs, it seems like a tremendous problem that DOJ doesn’t want FBI whistleblowers to have protection because it might expose what FBI is doing on intelligence.

That’s sort of the point!

Especially given Grassley’s other point: apparently, DOJ is opposed to the bill because it will elicit too many complaints.

One of the issues that your department has raised is that allowing FBI employees to report wrong-doing to their chain of command could lead to too many complaints. You know? What’s wrong with too many complaints? … Seems to me you’d invite every wrong doing to get reported to somebody so it could get corrected.

Apparently, DOJ knows there are so many problems FBI employees would like to complain about that things would grind to a halt if they were actually permitted to complain.

This is the FBI! Not only a bureau that has tremendous power over people, but also one with a well-documented history of abuse. It should be the first entity that has whistleblower protection, not the last!

Grassley raised two more points. First, in April 2014, DOJ promised to issue new guidelines on whistleblowing for FBI, clarifying who employees could go to. That hasn’t been done yet.

FBI has, however, created a video about whistleblowing which is, according to what Grassley said, pretty crappy. He’s asking for both those things as well.

The Leak Hypocrisy of the Hillary Shadow Cabinet

/17 Comments/in /by

In what has become a serial event, the State Department and Intelligence Community people handling Jason Leopold’s FOIA of Hillary Clinton emails have declared yet more emails to be Top Secret.

The furor over Hillary Clinton’s use of a private email account grew more serious for the Democratic presidential front-runner Friday as the State Department designated 22 of the messages from her account “top secret.”

It was the first time State has formally deemed any of Clinton’s emails classified at that level, reserved for information that can cause “exceptionally grave” damage to national security if disclosed.

State did not provide details on the subject of the messages, which represent seven email chains and a total of 37 pages. However, State spokesman John Kirby said they are part of a set the intelligence community inspector general told Congress contained information classified for discussing “Special Access Programs.”

Now, as I have said before, one thing that is going on here is that CIA is acting just like CIA always does when it declares publicly known things, including torture and drones, to be highly secret. It appears likely that these Top Secret emails are yet another set of emails about the worst kept secret in the history of covert programs, CIA’s drone killing in Pakistan. And so I am sympathetic, in principle, to Hillary’s campaign claims that this is much ado about nothing.

But they might do well to find some other spokesperson to claim that this is just overclassification run amok.

“This is overclassification run amok. We adamantly oppose the complete blocking of the release of these emails,” campaign spokesman Brian Fallon said on Twitter. Appearing on MSNBC after the news broke, Fallon vowed to fight the decision.

“You have the intelligence community, including an Intelligence Community Inspector General, as well as the inspector general at the State Department, that have been insisting on certain ways of deciding what is classified and what’s not,” he said. “We know that there has been disagreement on these points, and it has spilled out into public view at various points over the last several months. It now appears that some of the loudest voices in this interagency review that had some of the strongest straightjacket-type opinions on what should count as classified, have prevailed. That’s unfortunate. We strongly disagree with the finding that has been reached today, and we are going to be contesting it and seeking to have these emails released.”

Alternately Hillary can declare that if she is elected, she’ll pardon both Jeffrey Sterling and Chelsea Manning.

Sterling’s prosecution for, in part, having 3 documents about dialing a rotary phone in his home that were retroactively classified Secret, happened while Brian Fallon presided over DOJ’s Office of Public Affairs; Fallon sat by as James Risen got questioned about his refusal to testify. Sterling’s retention of documents that weren’t marked Secret is surely the same kind of “overclassification run amok,” and by the same agency at fault here, that Fallon is now complaining about. So shouldn’t Fallon and Clinton be discussing a pardon for Sterling?

Then there’s Manning. As Glenn Greenwald noted, in that case Clinton had a different attitude about the sensitivity of documents classified Secret or less.

Manning was convicted and sentenced to 35 years in prison. At the time, the only thing Hillary Clinton had to say about that was to issue a sermon about how classified information “deserves to be protected and we will continue to take necessary steps to do so” because it “affect[s] the security of individuals and relationships.”

So if the nation’s secrets aren’t really as secret as DOJ and State and DOD have claimed, shouldn’t these two, along with people like Stephen Jin-Woo Kim, be pardoned?

Amid Fallon and Clinton’s prior support for this level of classification, there’s something else odd about the response to this scandal (which I have said is largely misplaced from the stupid decision to run her own server to the issue of classified information).

First, the response from many supporters — and it’s a point I’ve made too — is that this doesn’t reflect on Hillary because she mostly just received these emails, she didn’t send them. That’s true. And it largely limits any legal liability Hillary herself would have.

But this particular response comes against the backdrop of Hillary attacking Bernie for not giving a foreign policy speech before Iowa (a critique I’m somewhat sympathetic with, although debates have been focused on it), and against this approving story in the Neocon press on Hillary forming a shadow cabinet.

Team Hillary is in the process of setting up formal advisory teams and working groups divided into regional and thematic subjects, similar to the structure of the National Security Council, several participants in the project told me. Unlike in 2008, when Clinton and Barack Obama competed for advisers, this time around all the Democratic foreign-policy types are flocking to her team because Clinton is the only game in town.

The groups report up to the campaign’s senior foreign policy adviser, Jake Sullivan, who was Clinton’s deputy chief of staff and director of policy planning when she was secretary of state.

As it notes, this shadow cabinet reports to Jake Sullivan. Sullivan is, according to one report, the staffer who sent the most emails that have since been declared classified.

Nearly a third of the classified messages released so far from former Secretary of State Hillary Rodham Clinton’s emails came from one man: Jake Sullivan, who served as her deputy chief of staff in the department, and is now the top foreign policy adviser to her presidential campaign.

If Hillary’s supporters argue that she can’t be held responsible because she didn’t send these, does that mean they would hold Sullivan, Hillary’s presumptive National Security Advisor, responsible instead?

Then there’s this detail about outside advisors to this shadow cabinet: it includes Leon Panetta, who not only leaked highly classified information in his memoir, but also would have been busted for exposing the Navy SEALs who offed Osama bin Laden if the game weren’t so rigged to excuse senior leakers.

In addition to the working groups, Sullivan relies on a somewhat separate group of senior former officials who have more frequent interaction with the campaign leadership and Clinton herself. Many of these advisers aren’t publicly affiliated with the campaign because they have leadership roles with organizations that have not endorsed any candidate for president.

But sources close to the campaign told me that Clinton, Sullivan and campaign chairman John Podesta are in regular contact with former National Security Advisor Tom Donilon, former Defense Secretary Leon Panetta and former Secretary of State Madeleine Albright.

Is the effort to keep the identities of the men who killed OBL secret also, “overclassification run amok”? Or does Panetta’s role in Hillary’s foreign policy team suggest her crowd really is that hypocritical about who can leak classified information?

I’d really love it if Hillary came out strongly against the paranoid secrecy that stifles our foreign policy (and just yesterday led to Ashkan Soltani losing a position as a technical advisor for the White House, presumably because of his role in reporting the Snowden documents).

But thus far that’s not what she’s doing: her campaign is making a limited critique of this paranoid secrecy, only applicable when it impacts those close to her.

DOJ’s Double Standard on Osama Bin Laden Trophy Photos

/5 Comments/in , /by

Two and a half years ago, I first started pointing to the evidence that several of the guys on the Osama bin Laden operation took trophy photos.

[O]n February 15, 2013, DOJ informed Judicial Watch that CIA had found 7 more photos responsive to their FOIA. That happened just 4 days after Esquire published a splashy story about the guy who claimed to have been the SEAL who actually killed OBL. The current version includes this line.

In the compound, I thought about getting my camera, and I knew we needed to take pictures and ID him.

I had made the connection at the time, and I have a distinct suspicion the language was slightly different in the original (Esquire was making factual corrections along the way but the original is not on Internet Archive), making it clear that the Shooter and possibly others did take pictures, though perhaps not for operational purposes.

What kind of amped up warrior who had just helped kill the bogeyman could resist taking souvenir pictures? Could you blame them, if so?

In any case, I suspected at the time that the reason CIA “located” new photos was because they read about another set of photos in the possession in one of the guys who participated in the op, if not shot the lethal bullet. The ambiguity in the description of McRaven’s order seems to support that.

That is, what SOCOM and CIA appear to be protecting are — in significant part — the personal photos taken by the guys who did the operation.

The Intercept has a story describing how Matt Bissonnette — the guy who wrote No Easy Day — is under continued investigation as a result of having done just that.

It appears the government went after Bissonnette after he published his book, and demanded a cut of his profits and that he turn over a hard drive that had an “unauthorized” picture of OBL.

The retired SEAL voluntarily provided investigators with a copy of his hard drive as part of an agreement not to prosecute him for unlawfully possessing classified material, according to the two people familiar with the deal.

[snip]

Luskin said that he had negotiated a deal in 2014 with the Pentagon and the Justice Department to hand over to the government some of the millions of dollars in book profits Bissonnette had received.

He would not confirm Bissonnette’s possession of the bin Laden photo or whether any investigation still remains open.

But once DOJ got Bissonnette’s hard drive — which according to the Intercept was technically turned over voluntarily (meaning there’d be no warrant to limit the scope of what the government could do with it), they found evidence he may have had side deals associated with his procurement role for the team.

During their search of his hard drive, investigators subsequently found emails and records dealing with Bissonnette’s work as a consultant while he was on active duty at SEAL Team 6. Those records, which were not part of the non-prosecution agreement, led to the widening probe. Federal investigators then became interested in whether Bissonnette’s business ventures with companies that supply military equipment — including companies whose products were used by SEAL Team 6 — were helped by his role in the elite unit’s procurement process, according to one of the people familiar with the case.

Element Group, a company Bissonnette helped set up in Virginia Beach about five years ago, is among the companies NCIS is said to be investigating. According to a former SEAL Team 6 operator familiar with Element Group’s business arrangements, the firm, which has since been shut down, designed prototypes for, and advised, private companies that make sporting and tactical equipment.

According to several former SEAL Team operators familiar with the company, Element Group also did business with at least one Defense Department contractor that sold equipment to SEAL Team 6. The defense contractor, Atlantic Diving Supply, or ADS, has military supply and equipment contracts with SEAL Team 6, according to several former SEAL Team 6 operators, as well as other parts of the departments of Defense and Homeland Security. Federal investigators have been looking into the business relationship between Element Group and ADS.

I don’t defend Bissonnette if his side deals were corrupt. But this is bullshit on several levels.

Of course, many people, including me, have noted that Bissonnette’s book was an attempt to push back on the information asymmetry — and with it, propaganda — that the government uses classification to pull off.

Prosecuting Bissonnette would require admitting that the government used its unilateral authority over the nation’s secrets to tell a fiction–not an egregious one, but still one that served a significant political objective.

Now there are probably legal ways around that problem (they could prosecute Bissonnette for revealing obscure details that no one really cares about, for example). But probably not political ways around it, because at best, it would seem like retaliation for exposing the Administration’s fluffing of the facts.

It appears that Bissonnette has shown that the Administration used its control over secrecy as a political tool, not just an operational one, and to prosecute him, they’d have to make that point even more clear.

In addition, as I noted in a series of posts, DOD did a lot of things that arguably violate classification laws to hide those trophy photos by retroactively classifying them and sending them over to CIA where they’d be further hidden from Judicial Watch and other FOIAs that had already been filed.

[I]f the photos were classified after their FOIA, they would have had to have been classified on a photo by photo basis by the Director of CIA, Deputy Director, or a Senior Agency Official in charge of classifications, the CIA responded by saying that, after the CIA got the photos (which by all appearances happened after the FOIA), they were derivatively classified in accordance with the SAO’s guidance.

CIA doesn’t say whether that official reviewed the photos individually or not. Nor does it explain who wrote “TOP SECRET” on them, without adding all the other required classification markers.

And note how the CIA claims these photos “were always considered to be classified” by them — but not necessarily by SOCOM, which originally had the photos. But they don’t even claim they were always considered to be Top Secret.

If I’m right about the DOD’s efforts to avoid its obligation under FOIA, then it basically went after Bissonnette for improperly handling classified information while it was doing the same thing (albeit to withhold previously unclassified information). Plus, if these photos were unauthorized, classifying them to hide them would amount to classification to hide misconduct.

Finally, whatever the ethical conflicts with Bissonnette’s side deals (they remain under investigation and it’s not clear there was a conflict, in which case this feels like DOJ’s pursuit of NSA whistleblowers Bill Binney et al for their effort to start a business), they’re being investigated at a time when the Intelligence Community has just eliminated some measures designed to facilitate oversight of precisely this kind of conflict. I sure take from that that the powers that be in our IC want to continue to engage in the kind of conflicted business deals that Bissonnette is being investigated for.

Here’s the irony though: I noted James Clapper had pushed that conflict change through, in part because it is so much work to ride herd on conflicts, even while accepting a requirement that his office increase its surveillance of line personnel. I concluded that Clapper has some really funny ideas about insider threats, finding abusive incompetents trading on their position to be less of a problem than leakers.

Clapper’s perfectly willing to expand his bureaucracy to look for leakers, but not to weed out the dangerously incompetent people ordering potential leakers around.

Bissonnette’s problem, I guess, is he was allegedly both, someone who shared information that undercut official propaganda, and someone who traded on his position.

Had he just done the latter everything would have been fine, I guess.

James Clapper’s Twisted Definition of an Insider Threat

/40 Comments/in , /by

Back when I reviewed the goodies the House Intelligence Committee had given James Clapper in this year’s Intelligence Authorization, I noted the bill eliminated this report on potential conflicts in outside employment (see clause u).

The Director of National Intelligence shall annually submit to the congressional intelligence committees a report describing all outside employment for officers and employees of elements of the intelligence community that was authorized by the head of an element of the intelligence community during the preceding calendar year.

That change — which will make it harder for people to track the kinds of conflicts of interest a number of top NSA officials recently got caught with — survived in the Omnibus into which the Intelligence Authorization got integrated. Which probably means we’ll be seeing more spooks getting paid by contractors on the side.

Yesterday, WaPo described a reporting requirement that had been in the Senate Intelligence Authorization, but got watered down in the Omnibus: a report on promotions revealing whether those being promoted were “unfit or unqualified.”

Under a provision drafted by the Senate Intelligence Committee this year, intelligence agencies would have been required to regularly provide names of those being promoted to top positions and disclose any “significant and credible information to suggest that the individual is unfit or unqualified.”

As WaPo explained, the measure was an effort by Dianne Feinstein to prevent the kinds of things reported in the SSCI Torture Report, where people with a history of abuse were put in charge of interrogation programs, or the example of Alfreda Bikowsky (whom WaPo describes but doesn’t name), whose series of failures qualified her for increasingly senior positions at CIA. WaPo makes clear this kind of failing upwards continues at CIA.
More recently, a top CIA manager who had been removed from his job for abusive treatment of subordinates was reinstated this year as deputy chief for counterintelligence at the Counterterrorism Center.
In short, the measure was meant to ensure that CIA (and other agencies) weren’t led by a bunch of abusive incompetents. But James Clapper couldn’t allow that apparently, because abusive incompetents would apparently decline promotion if they would be revealed to oversight committees as abusive incompetents.

U.S. officials offered multiple explanations for Clapper’s objections. Several said that his main concern was the bureaucratic workload that would be generated by legislation requiring so much detail about potentially hundreds of senior employees across the U.S. intelligence community.

But others said that U.S. spy chiefs chafed at the idea of subjecting their top officials to such congressional scrutiny and went so far as to warn that candidates for certain jobs would probably withdraw.

Lawmakers were told that “some intelligence personnel would be reluctant to seek promotions out of concern that information about them would be presented to the Hill,” said a U.S. official involved in the discussions.

So he balked and Congress watered down the requirement. Here’s what remains of the measure:

(a) DIRECTIVE REQUIRED.—The Director of National Intelligence shall issue a directive containing a written policy for the timely notification to the congressional intelligence committees of the identities of individuals occupying senior level positions within the intelligence community.

The fine print on the requirement probably provides ways for Clapper to squish out of it in many cases by invoking covert status (which, in turn, likely means CIA will expand its current practice of pretending top managers are covert to protect them from scrutiny) or otherwise claiming senior people are not sufficiently senior to require notice.

So rather than preventing the CIA and other agencies from promoting abusive incompetents, the measure will likely lead to them being hidden further behind CIA’s secrecy.

Which is interesting, especially given another Intel Authorization measure that survived in the Omnibus, that I earlier described as an effort to make sure spooks and those in sensitive positions aren’t joining EFF or similar organizations.

The committee description of this section explains it will require DNI to do more checks on spooks (actually spooks and “sensitive” positions, which isn’t full clearance).

Section 306 directs the Director of National Intelligence (DNI) to develop and implement a plan for eliminating the backlog of overdue periodic investigations, and further requires the DNI to direct each agency to implement a program to provide enhanced security review to individuals determined eligible for access to classified information or eligible to hold a sensitive position.

These enhanced personnel security programs will integrate information relevant and appropriate for determining an individual’s suitability for access to classified information; be conducted at least 2 times every 5 years; and commence not later than 5 years after the date of enactment of the Fiscal Year 2016 Intelligence Authorization Act, or the elimination of the backlog of overdue periodic investigations, whichever occurs first.

Among the things ODNI will use to investigate its spooks are social media, commercial data sources, and credit reports. Among the things it is supposed to track is “change in ideology.” I’m guessing they’ll do special checks for EFF stickers and hoodies, which Snowden is known to have worn without much notice from NSA.

Remember, one complaint Clapper had about the gutted requirement he identify the abusive incompetents being promoted at intelligence agencies is the added bureaucracy of tracking just those being promoted in management ranks. But he apparently had no problem with a requirement that ODNI track the social media of everyone at all agencies to make sure they’re going to keep secrets and don’t harbor any “ideology” changes like support for the Bill of Rights.

That is, Clapper’s perfectly willing to expand his bureaucracy to look for leakers, but not to weed out the dangerously incompetent people ordering potential leakers around.

Apparently, to James Clapper, people who might leak about those unfit for management are more dangerous insider threats than having entire centers run by people unfit for management.

Marco Rubio Leaks Classified Information for Political Gain Again

/3 Comments/in , /by

Last week, Marco Rubio leaked the classified detail that the new metadata program authorized by USA Freedom Act obtains records from “a large number” of companies. Yesterday, he leaked more classified details about the program, revealing that some of the companies in question aren’t subject to FCC regulations on phone companies (which require companies hold records for 18 months).

CHUCK TODD:

Your campaign has been pretty critical of one of your rivals, Senator Ted Cruz, for his vote on the U.S.A. Freedom Act. And Senator Mike Lee of Utah, somebody that you have a tax plan with, you guys are certainly allies on a lot of things, he has said that your rhetoric has been not based in fact and that it is not true, what you’ve been saying, that somehow federal officials can’t use the U.S.A. Freedom Act, use the courts to track the phone numbers that are necessary.

MARCO RUBIO:

Well on this issue, not only is he wrong, but others that argue that are wrong. We had a program that allowed us to collect the phone records, basically the phone bill. Not the content of your conversations or your emails or anything like that. Just your phone bill of every American. And it was stored.

Only 16 people in the U.S. government could look at that. And they could only look at it if they got a court order from a privacy court, from a FISA court to go in and look at those phone records. And they retained them for a significant period of time. Under this new law, we are trusting the phone companies to hold those records.

And all of these phone companies have different periods of time that they hold it. Some will hold it for 18 months. Some will hold it for six months. This is a valuable tool. If in fact you have identified someone as a potential terrorist or if in fact someone carries out a terrorist activity, the ability to look at who they’ve been calling and who they’ve been talking to is part of a larger puzzle that you can put together to see what network they’ve been working with, who they’ve been communicating with.

We have now lost that capacity in many cases.

For a guy who’s trying to out-hawk his presidential rivals, Marco Rubio sure leaks classified information frequently. And make no mistake. He’s leaking this classified information for political gain, after having been read into that classified information while serving on the Senate Intelligence Committee.

I don’t know why Rubio thinks revealing the details of this program that the Administration deliberately misled the public about qualifies him to be President.

I just want to know when he’s going to be kicked off the Intel Committee.

Author of Story Based on Leaks about Surveillance Parrots Brennan Condemning Leaks about Surveillance

/7 Comments/in , /by

Josh Rogin is among many journalists who covered John Brennan’s complaints about how “a number of unauthorized disclosures”and hand-wringing about our surveillance capabilities this morning (which was a response to Rogin asking “what went wrong” in Paris in questions).

But Brennan also said that there had been a significant increase in the operational security of terrorists and terrorist networks, who have used new commercially available encryption technologies and also studied leaked intelligence documents to evade detection.

“They have gone to school on what they need to do in order to keep their activities concealed from the authorities,” he said. “I do think this is a time for particularly Europe as well as the U.S. for us to take a look and see whether or not there have been some inadvertent or intentional gaps that have been created in the ability of intelligence services to protect the people that they are asked to serve.”

The FBI has said that Internet “dark spaces” hinder monitoring of terrorism suspects. That fuels the debate over whether the government should have access to commercial applications that facilitate secure communications.

Brennan pointed to “a number of unauthorized disclosures” over the past several years that have made tracking suspected terrorists even more difficult. He said there has been “hand wringing” over the government’s role in tracking suspects, leading to policies and legal action that make finding terrorists more challenging, an indirect reference to the domestic surveillance programs that were restricted after leaks by Edward Snowden revealed their existence.

I find it interesting that Rogin, of all people, is so certain that this is an “indirect reference to the domestic surveillance programs that were restricted after leaks by Edward Snowden revealed their existence.” It’s a non-sensical claim on its face, because no surveillance program has yet been restricted in the US, though FBI has been prevented from using NSLs and Pen Registers to bulk collection communications. The phone dragnet, however, is still going strong for another 2 weeks.

That reference — as I hope to show by end of day — probably refers to tech companies efforts to stop the NSA and GCHQ from hacking them anymore, as well as European governments and the EU trying to distance themselves from the US dragnet. That’s probably true, especially, given that Brennan emphasized international cooperation in his response.

I’m also confused by Rogin’s claim Jim Comey said Tor was thwarting FBI, given that the FBI Director said it wasn’t in September.

Even more curious is that Rogin is certain this is about Snowden and only Snowden. After all, while Snowden’s leaks would give terrorists a general sense of what might not be safe (though not one they tracked very closely, given the Belgian Minister of Home Affair’s claim that they’re using Playstation 4 to communicate, given that one of Snowden’s leaks said NSA and CIA were going after targets use of gaming consoles to communicate at least as early as 2008).

But a different leak would have alerted terrorists that their specific communications techniques had been compromised. The leak behind this story (which was a follow-up on leaks to the NYT, McClatchy, and WaPo).

It wasn’t just any terrorist message that triggered U.S. terror alerts and embassy closures—but a conference call of more than 20 far-flung al Qaeda operatives, Eli Lake and Josh Rogin report.
The crucial intercept that prompted the U.S. government to close embassies in 22 countries was a conference call between al Qaeda’s senior leaders and representatives of several of the group’s affiliates throughout the region.

The intercept provided the U.S. intelligence community with a rare glimpse into how al Qaeda’s leader, Ayman al-Zawahiri, manages a global organization that includes affiliates in Africa, the Middle East, and southwest and southeast Asia.

Several news outlets reported Monday on an intercepted communication last week between Zawahiri and Nasser al-Wuhayshi, the leader of al Qaeda’s affiliate based in Yemen. But The Daily Beast has learned that the discussion between the two al Qaeda leaders happened in a conference call that included the leaders or representatives of the top leadership of al Qaeda and its affiliates calling in from different locations, according to three U.S. officials familiar with the intelligence. All told, said one U.S. intelligence official, more than 20 al Qaeda operatives were on the call.

[snip]

Al Qaeda leaders had assumed the conference calls, which give Zawahiri the ability to manage his organization from a remote location, were secure. But leaks about the original intercepts have likely exposed the operation that allowed the U.S. intelligence community to listen in on the al Qaeda board meetings.

That story — by Josh Rogin himself! (though again, this was a follow-up on earlier leaks) — gave Al Qaeda, though maybe not ISIS, specific notice that one of their most sensitive communication techniques was compromised.

It’s really easy for journalists who want to parrot John Brennan and don’t know what the current status of surveillance is to blame Snowden. But those who were involved in the leak exposing the Legion of Doom conference call (which, to be sure, originated in Yemen, as many leaks that blow US counterterrorism efforts there do) might want to think twice before they blame other journalism.

On the Leak Crackdown: Donald Sachtleben Was a Convenient Scapegoat

/1 Comment/in /by

I’m reading Charlie Savage’s Power Wars. While I disagree with some parts of it and have additional information that isn’t included in others (the book is already 700 pages, so it’s possible they were left out because of length), it is absolutely worth reading and provides a ton of insight about what Obama’s legal insiders were willing to share with Savage. Here’s a long interview with Glenn Greenwald about it.

As it happens, last year I wrote but never finalized a post on an area that is misleading in Savage’s chapter on the Obama Administration’s serial prosecution of leakers, about the prosecution of Donald Sachtleben, the retired FBI guy who, after being busted for kiddie porn, ultimately got prosecuted for being the leaker behind the AP’s UndieBomb 2.0 story. I’m tweaking it and posting it now. This post explains his bust.

Savage claims that Sachtleben never got IDed because he didn’t access any classified documents about the bomb and hadn’t signed the sign-in sheet of the room where it was being investigated — which is all stuff claimed in a Statement of Offense that is obviously designed to be misleading (though Sachtleben’s FBI badge did show him entering the examination space where the bomb was being examined; the Statement doesn’t say whether the specific room tracked badge entries). Savage states, Sachtleben “had visited the Quantico lab where the new underwear bomb was being examined on May 1, 2012, a few hours before Goldman and a colleague, Matt Apuzzo, first called government officials to say they knew the FBI had intercepted a new underwear bomb from Yemen” [that date of the call in the Statement is May 2]. That suggests (again, as the statement does) that Sachtleben was therefore the source for the things the AP told the government it knew on May 2.

As I’ve noted, Sacthleben contested this claim at his sentencing, which is actually consistent with what the text messages with him show: Goldman and Apuzzo were looking for confirmation of something they already knew.

“I was neither the sole nor the original source of information to ‘Reporter A’ about the suicide bomb,” Sachtleben said in a statement sent by his law firm. “The information I shared with Reporter A merely confirmed what he already believed to be true. Any implication that I was the direct source of a serious leak is an exaggeration.”

But in CIA Public Affairs emails obtained by FOIA by The Intercept last year, there’s further support for this. The emails reveal that by April 25, 2012 — 5 days before talking to Sachtleben — Goldman was already asking roughly the same questions about Ibrahim al-Asiri asked of Sachtleben. (PDF 548-9)

Screen Shot 2015-11-09 at 6.49.23 PM

“We’re hearing about aqap activity that has USG spun up and Ibrahim al-asiri is back on agency’s radar.” None of that’s surprising, of course, since AP sourced the initial story to numerous officials, and it’s unlikely two Pulitzer Prize winners would single source a story.

The Statement misleadingly suggests that the when Goldman and Apuzzo called the government on May 2, two and a half hours after speaking with Sachtleben (and a full week after Goldman’s email to the CIA Public Affairs office), they stated for the first time that “they believed, but had not confirmed, that the bomb was linked to AQAP’s premier bomb-maker, Ibrahim al-Asiri.” Except the government knew, but did not reveal in the Statement, that the AP reporters had already reached out via official government channels a week earlier with some of that information. Contrary to what Savage suggests, the call on May 2 was not the “first” that government officials learned the AP was working on the story, though it may have been the first time they claimed to have confirmed details about the bomb.

The emails also show the extent of AP’s efforts to provide CIA an opportunity to weigh in on the story.

After several exchanges the week before (including a “chat” between Deputy CIA Director Mike Morell and an AP editor in which the AP agreed to hold the story), CIA’s press office set up a meeting between Goldman, Apuzzo, and Morell at 9:30 on the morning they released their story, May 7. An Apuzzo email describes the purpose. “[T]his meeting is just the one the DDCIA [Morell] suggested, to offer some details to the story we agreed to hold for a few days.” (PDF 308)

This confirms a point the AP long insisted on — that they heeded an administration request for a few days before they published the story. And in response, Apuzzo’s email makes clear, Morell had offered to provide further details on the plot. That of course means that Mike Morell was himself a source for the story, probably including for the detail that CIA had just drone-killed Fahd al-Quso. Last I checked, Morell is not in prison for leaking to the AP (though of course his influence on the story would be considered official declassification and therefore cool).

Apuzzo followed up on the meeting and the story later that day. “I know that there were some strained conversations between our bosses this evening, but as far as Adam and I are concerned, I hope you found the story fair, accurate and responsible.” (PDF 308)

Of course, CIA had no reason to be pissed, given that the AP story celebrated their successful interception of a plot. Indeed, there is a very high likelihood that the CIA talked the AP reporters out of including more sensitive details — such as that the plot was really a sting run by a Saudi asset — that detail came out in other outlets, thanks in part to John Brennan and Peter King (the latter of whom was in turn blabbing about something the CIA had just briefed him), within a day. Or, something implied by the story but not stated directly, that the Administration had deployed a bunch of Air Marshals to Europe to protect against a threat that had never really been a threat and that they had already neutralized anyway. Those are the damning details of the story, but they weren’t in the AP’s version of it.

But the government came after them anyway. And, after members of Congress — including Peter King, who had served as a source for journalists!! — demanded a head, Donald Sachtleben served as a convenient one to offer up.

The story the government has told about Sachtleben — that they found he had a Secret CIA cable among his kiddie porn but didn’t pursue it any further until they exposed the sources of the entire AP newsroom — has never made sense. But as a guy who had already confessed to kiddie porn charges and had actually only served as the confirming source for some of the least sensitive information in the leak, he was convenient.

And while Savage appropriately lays into the Administration for the damage they did to journalism with their pursuit of leakers, the back story behind the scapegoating of Sachtleben suggests DOJ has been far more cynical about leaks and who gets prosecuted for them than suggested in Savage’s chapter.

Read more

Government Still Hasn’t Cleared One of Jeffrey Sterling’s Appellate Lawyers

/6 Comments/in /by

Update, 12/13: Sterling’s team was finally cleared in the days leading up to the December status report deadline. But because of other scheduling issues and the difficulties of working with classified information, his team will not be able to submit their initial brief until February 12, 2016, a year after he was convicted. 

Former CIA officer Jeffrey Sterling appealed his conviction for purportedly leaking information on Project Merlin to James Risen on May 26, before he even reported to prison on June 16. Throughout the summer, the appeal crept along, as most appeals do, in this case, held up in the wait for transcripts from the trial. But in August, it ground to a halt.

Just days after the Fourth Circuit ordered Sterling’s lawyers to submit their first brief on September 28, they revealed that they still hadn’t been cleared to review the Classified Information Protection Act hearings that will apparently be central to his appeal (the delay was caused, in part, by the problems in the electronic filing system revealed by the OPM hack). By October 1, William Trunk had been informed he was eligible for clearance, but needed to undergo indoctrination. That didn’t happen until November 2, the day his lawyers were due to submit a second status report on the status of their clearance. And Lawrence Robbins, Sterling’s other appellate attorney, still hadn’t heard anything about his clearance by that day.

I get that this process sometimes takes a long time. But Sterling has already served almost 5 months of his 42 month sentence, and the government ultimately controls this clearance process.

I’ve heard indications that the government has similarly stalled or limited clearances of already-cleared lawyers in Gitmo cases, so it is not unreasonable to ask whether the delay is an intentional stall.