John Durham Says Election-Hack Victims Should Wait Until After the Election to Report Tips
Even as Russia assaults a peaceful democracy (which invasion, in a separate filing, Durham calls, “recent world events in Ukraine”), John Durham suggests that a political campaign victimized by Russia should expect to wait until after the election before the FBI opens an investigation into a cybersecurity anomaly potentially implicating her opponent.
Durham even asserts that such a cybersecurity anomaly is not a cybersecurity matter, but instead a political one.
Almost six years after Trump’s request, “Russia are you listening,” was met with a renewed Russian attack on Hillary Clinton, John Durham continues to treat Hillary’s attempts to run a campaign while being attacked as a greater threat than that nation-state attack by Russia.
Durham’s latest contortions come in a response to Micheal Sussmann’s motion to dismiss the indictment.
Sussmann argued that the alleged lie he told (motions to dismiss must accept the alleged facts as true), could not have affected the single decision facing the FBI when he shared information about a DNS anomaly: whether to open an investigation or not.
Following the Supreme Court’s clear instruction in Gaudin, in order to assess the materiality of the false statement that Mr. Sussmann is alleged to have made, this Court must ask what statement he is alleged to have made to the FBI; what decision the FBI was trying to make; and whether the false statement could have influenced that decision. Here, even accepting all the allegations in the Indictment as true—and the evidence would prove otherwise—the only decision the FBI was trying to make was the decision whether or not to commence an investigation into the allegations of suspicious internet data involving the Trump Organization and Russian Bank-1. Ample precedent—and the Special Counsel’s own allegations in this case—make clear that Mr. Sussmann’s purported false statement did not influence, and was not capable of influencing, that decision.
Predictably and reasonably, Durham’s response cited the precedent that leaves it up to juries to determine whether something is material or not.
In any event, the defendant’s arguments on the materiality of his statement are also premature. The Supreme Court in Gaudin held that materiality is an essential element of Section 1001 that must be resolved by a jury.
As I noted back in October, “Prosecutors will argue that materiality is a matter for the jury to decide.”
Prosecutors also noted what I did: a long list of precedents about materiality that Sussmann cited in his motion are all post-trial challenges to materiality, not pretrial motions to dismiss.
The defendant cites to multiple cases where the Supreme Court and Circuit Courts have held that the false statements and misrepresentations at issue were immaterial as a matter of law. See Def. Mot. at 7-10. But critically, all of those cases involved post-conviction appeals or motions to vacate the conviction after the Government presented its case at trial. Accordingly, none of these cases support the defendant’s requested relief here – that is, that the court dismiss the Indictment before trial because it fails to sufficiently allege that the defendant’s false statement is material. What the cases do show is that courts have routinely declined to usurp the jury’s role in making the determination on whether a false statement is material.
For those two reasons, Sussmann’s motion to dismiss is unlikely to succeed, and should instead be viewed as an opening bid to frame his defense and establish issues for appeal.
Those two arguments are all Durham really needed to respond to Sussmann’s motion to dismiss. Instead of leaving it with responsible lawyering, however, Durham instead launches into an illogical attempt to criminalize tip reporting.
Take his attempt to dismiss Rodney Joffe’s real cybersecurity expertise. In the three months since he charged Sussmann, Durham belatedly (at Sussmann’s request) discovered how closely Joffe had worked with the FBI on other investigations. As Sussmann scoffed in an earlier filing, “The notion that the FBI would have been more skeptical of the information had it known of Tech Executive-1’s involvement is, in a word, preposterous.” Now that Durham has discovered the close ties between Joffe and the FBI, he claimed that that history of reliability was itself something the FBI needed to know.
Namely, as the defendant’s motion reveals (Def. Mot. at 18-19, fn. 8), Tech Executive-1 had a history of providing assistance to the FBI on cyber security matters, but decided in this instance to provide politically-charged allegations anonymously through the defendant and a law firm that was then-counsel to the Clinton Campaign. Given Tech Executive-1’s history of assistance to law enforcement, it would be material for the FBI to learn of the defendant’s lawyer-client relationship with Tech Executive-1 so that they could evaluate Tech Executive-1’s motivations. As an initial step, the FBI might have sought to interview Tech Executive-1. And that, in turn, might have revealed further information about Tech Executive-1’s coordination with individuals tied to the Clinton Campaign, his access to vast amounts of sensitive and/or proprietary internet data, and his tasking of cyber researchers working on a pending federal cybersecurity contract.
Durham’s claim that “learning” how much data Joffe had access to (which is something the FBI undoubtedly knew — it is surely the reason why FBI partnered with him, because the volume of data Neustar had made their observations more useful) would make them more skeptical of the DNS tip is nonsensical. In fact, elsewhere (in tracking all the YotaPhone requests in the US over a three year period), Durham treated it as presumptively reliable.
Plus, Durham made no mention here of one of a number of the other things he belatedly learned: that the September 2016 tip Sussmann shared with FBI General Counsel James Baker was not the only one Joffe had shared via Sussmann anonymously. He shared a tip anonymously during this same time period with DOJ IG. Durham has no way of knowing, either, whether those two were the only ones, but his revised theory of materiality depends on an anonymous tip like this one being unique.
Similarly, Durham struggled to explain (including by citing an inapt precedent) why the FBI would need to be told that Sussmann represented Hillary when, in notes of Baker’s retelling of the meeting, Bill Priestap wrote that Sussmann represented the DNC and Clinton Foundation.
As he did with Joffe, Durham tried to flip Sussmann’s expertise, arguing that the former prosecutor’s recognized qualification as a cybersecurity expert, something that would help him assess whether DNS data were anomalous or not, is precisely why the Perkins Coie lawyer needed to disclose he was working for Hillary.
In an effort to downplay the materiality of this false statement, the defendant asserts that the FBI General Counsel was aware that the defendant represented the DNC. See Def. Mot at 18. But the Government expects that evidence at trial will establish that the FBI General Counsel was aware that the defendant represented the DNC on cybersecurity matters arising from the Russian government’s hack of its emails, not that he provided political advice or was participating in the Clinton Campaign’s opposition research efforts. Indeed, the defendant held himself out to the public as an experienced national security and cybersecurity lawyer, not an election lawyer or political consultant. Accordingly, when the defendant disclaimed any client relationships at his meeting with the FBI General Counsel, this served to lull the General Counsel into the mistaken, yet highly material belief that the defendant lacked political motivations for his work.
There are many crazy assumptions built into this statement: that, had Sussmann identified Hillary as his client, it would have required him to reveal her motives as political rather than security-related to the FBI, breaching privilege; that reporting an anomaly potentially involving Trump after Trump had begged Russia to further hack Hillary would not be a sound decision from a cybersecurity standpoint; that researching the context of an anomaly, such as Alfa Bank’s ties to Putin, is not part of cybersecurity. Effectively, Durham has unilaterally decided that pursuing this anomaly was a political act, with no basis in law or fact.
Which is how Durham espoused the claim that the FBI, facing an unprecedented attack by Russia on American elections in 2016, might have delayed investigation of a part of it that might have implicated one of the contestants.
The defendant’s false statement to the FBI General Counsel was plainly material because it misled the General Counsel about, among other things, the critical fact that the defendant was disseminating highly explosive allegations about a then-Presidential candidate on behalf of two specific clients, one of which was the opposing Presidential campaign. The defendant’s efforts to mislead the FBI in this manner during the height of a Presidential election season plainly could have influenced the FBI’s decision-making in any number of ways. The defendant’s core argument to the contrary rests on the flawed premise that the FBI’s only relevant decision was binary in nature, i.e., whether or not to initiate an investigation. But defendant’s assertion in this regard conveniently ignores the factual and practical realities of how the FBI initiates and conducts investigations. For example, the Government expects that evidence at trial will prove that the FBI could have taken any number of steps prior to opening what it terms a “full investigation,” including, but not limited to, conducting an “assessment,” opening a “preliminary investigation,” delaying a decision until after the election, or declining to investigate the matter altogether.
[snip]
Moreover, the Department of Justice and the FBI maintain stringent guidelines on dealing with matters that bear on U.S. elections. Given the temporal proximity to the 2016 U.S. presidential election, the FBI also might have taken any number of different steps in initiating, delaying, or declining the initiation of this matter had it known at the time that the defendant was providing information on behalf of the Clinton Campaign and a technology executive at a private company.
[snip]
And the evidence will show that it would have been all the more material here because the defendant was providing this information on behalf of the Clinton Campaign less than two months prior to a hotly contested U.S. presidential election. [my emphasis]
The first paragraph here is really telling, given Durham’s public complaint that the Crossfire Hurricane team should have opened the investigation as a preliminary investigation, not a full investigation (the investigation into Mike Flynn, specifically, wasn’t opened as a full investigation, but none of the techniques used would have otherwise been unavailable, not least because there was already a full investigation opened on Carter Page). This is an argument Durham may reprise in his report: That it was unreasonable for Hillary Clinton to ask the FBI to inquire into Trump’s campaign after he publicly asked a foreign country for help (even ignoring the tip from Australia).
Durham seems to think Hillary should have had no assistance from law enforcement when her opponent publicly asked Russia to hack her some more if people close to her found more reason to be concerned. He even mocked Sussmann as too powerful to choose to use anonymity.
[W]hile the defendant’s motion seeks to equate the defendant with a “jilted ex-wife [who] would think twice about reporting her ex-husband’s extensive gun-smuggling operation,” this comparison is absurd. Def. Mot. at 24
Far from finding himself in the vulnerable position of an ordinary person whose speech is likely to be chilled, the defendant – a sophisticated and well-connected lawyer – chose to bring politically-charged allegations to the FBI’s chief legal officer at the height of an election season.”
This also betrays pure insanity. The anomaly involving Trump could always have reflected disloyal insiders compromising the candidate, as could the YotaPhones potentially in use in Trump headquarters. In fact, Page did compromise Trump when he went to Russia in December 2016 and tell Russians there that he was representing Trump on matters pertaining to Ukraine, just as Mike Flynn did by selling his access to Trump to Turkey, just as Tom Barrack is accused of doing with the Emirates. The reason why Sussmann was providing this information less than two months before an election is because cybersecurity researchers had gone looking because there was an ongoing multi-faceted cybersecurity attack, one that continued right through the election, one that could have victimized Trump as well as Hillary.
Which brings me to the one point Sussmann made that Durham completely ignored. In his response, Durham’s response uses the word “purported” to describe the DNS allegations from Sussmann five times:
- The defendant provided the FBI General Counsel with purported data and “white papers” that allegedly demonstrated a covert communications channel between the Trump Organization and a Russia-based bank
- the purported data and white papers
- the purported DNS traffic that Tech Executive-1 and others had assembled
- the defendant provided data which he claimed reflected purportedly suspicious DNS lookups by these entities of internet protocol (“IP”) addresses affiliated with a Russian mobile phone provider (“Russian Phone Provider-1”)
- examine the origins of the purported data
What Durham did not do is ever address this point from Sussmann:
Indeed, the defense is aware of no case in which an individual has provided a tip to the government and has been charged with making any false statement other than providing a false tip. But that is exactly what has happened here.
In the fall of 2016, Michael Sussmann, a prominent national security lawyer, voluntarily met with the Federal Bureau of Investigation (“FBI”) to pass along information that raised national security concerns. He met with the FBI, in other words, to provide a tip. There is no allegation in the Indictment that the tip he provided was false. And there is no allegation that he believed that the tip he provided was false. Rather, Mr. Sussmann has been charged with making a false statement about an entirely ancillary matter—about who his client may have been when he met with the FBI—which is a fact that even the Special Counsel’s own Indictment fails to allege had any effect on the FBI’s decision to open an investigation.
[snip]
Again, nowhere in the Indictment is there an allegation that the information Mr. Sussmann provided was false. Nowhere is there an allegation that Mr. Sussmann knew—or should have known—that the information was false. And nowhere is there an allegation that the FBI would not have opened an investigation absent Mr. Sussmann’s purported false statement.
I could fund an entire Special Counsel investigation if I had $5 for every time in this prosecution Durham has used the word “purported.” For almost six months, his entire prosecution has been premised on this anomaly not being “real,” meaning unexplained traffic that might represent something serious.
And yet he has not charged that (though he seems to have bullied April Lorenzen, perhaps because he needs her to be something other than she was). Instead, he just keeps doing the work for which actual evidence is normally required by repeating the word “purported” over and over.
This motion to dismiss will likely fail, because juries get to decide what is material. But contrary to Durham’s claims, unless and until he can prove that Sussmann, Jofffe, and Lorenzen didn’t believe this was a real anomaly worth investigating given all the other attacks that, Sussmann especially, knew were ongoing, then he really will be prosecuting someone for reporting a valid national security concern.
