Devin Nunes Archives - Page 10 of 12

Posts

Raw Versus Cooked: Could NSC Monitor FBI’s Investigation?

March 31, 2017/16 Comments/in EO 12333, FISA, Mueller Probe, Russian hacks /by emptywheel

Multiple people,including Bart Gellman and Josh Marshall, are now arguing that the reason Ezra Cohen-Watnick and Michael Ellis found intercepts involving Trump’s people is that they were monitoring FBI’s investigation of the investigation.

I certainly think the Trump people would like to do that — and would be willing to stoop to that. I even believe that the response to the Russian hack last year had some counterintelligence problems, though probably not on the FBI side.

But there are some details that may limit how much the NSC can monitor the investigation.

First, Devin Nunes has always been very clear: the intercepts he was shown have nothing to do with Russia. That’s not, itself, determinative. After all, Cohen-Watnick and Ellis might have found a bunch of Russian intercepts, but only shared the non-Russian ones so Nunes could make a stink without being accused of endangering the investigation. Also, it’s possible that intercepts involving other countries — most notably Turkey, but there are other countries that might be even more interesting, including Ukraine or Syria — would impact any Russian investigation.

Also note that among the many things Nunes appears not to understand about surveillance is that there are two ways an American’s name can be visible outside the circle of analysts doing the initial review of them: their names can be put into finished intelligence reports that get circulated more broadly, with customers asking to have the name unmasked after the fact. Alternately, their names can be found off of subsequent searches of raw data. At the NSA and CIA, searches for US person content are somewhat controlled. At FBI they are not only not controlled, but they are routine even for criminal investigations. So if, say, General Flynn (or Paul Manafort) were under investigation for failing to register as a foreign agent, the FBI would routinely search their database of raw FISA material on his name. (These are the “back door searches” Ron Wyden has been screaming about for years, concerns which people like Devin Nunes have previously dismissed on national security grounds.) And we have every reason to believe that counterintelligence intercepts of Russians in the US are among the raw feeds that the FBI gets. So if Flynn had conversations with Russians (or Turks) in the US, we should assume that FBI saw them as a routine matter if Flynn became the subject of an investigation at all. We should also assume that the FBI did a search on every Sergey Kislyak intercept in their possession, so they will have read everything that got picked up, including all recorded calls with Trump aides.

On March 15, the House Intelligence Committee asked the NSA, CIA, and FBI for information on unmasking. I don’t believe that request asked about access to US person names on subsequent searches or raw material. Furthermore, at least as of last week, the FBI was not rushing to comply with that request. As I noted after the Jim Comey hearing before HPSCI, none of the Republicans concerned about these issues seemed to have any basic clue about FBI’s searches on raw data. If Nunes doesn’t know (and he appears not to), it’s unlikely Ellis knows, who was until this month Nunes’ aide.

But there’s one other thing that may prevent NSC from obtaining information about the investigation: FBI sometimes uses what are called “ad hoc databases” that include raw FISA data (and probably, post EO 12333 sharing rule changes, raw EO 12333 data) tied to particular investigations. It’s unclear what conditions might necessitate the use of an ad hoc database (see page 25ff for a discussion of them), but if security concerns would encourage their use, it would be likely to have one here, an investigation which Comey described as being so sensitive he delayed briefing the Gang of Four. Ad hoc databases are restricted to those working on investigations, and include specific records of those authorized to access the database. So if FBI were using an ad hoc database for this investigation, it would be even harder for the NSC to learn what they were looking at.

If the FBI’s investigation relies on raw intelligence — and it would be unfathomable that it does not, because it would probably receive the raw FISA data tied to such an investigation routinely, and EO 12333 sharing rules specifically envision the sharing of raw data associated with counterintelligence investigations — then the NSC’s access to finished intelligence reports would provide little insight into the investigation (Nunes was a bit unclear on whether that’s what he was looking at, but the entire premise of his complaints is that these were finished reports).

But while we’re worrying about whether and how Trump would monitor an investigation into his aides, remember that in 2002, Jay Bybee wrote a memo authorizing the sharing of grand jury information with the President and his close advisors including for counterintelligence investigations.

In addition, the Patriot Act recently amended 6(e) and Title III specifically to provide that matters involving foreign intelligence or counterintelligence or foreign intelligence information may be disclosed by any attorney for the government (and in the case of Title III, also by an investigative or law enforcement officer) to certain federal officials in order to assist those officials in carrying out their duties. Federal officials who are included within these provisions may include, for example, the President, attorneys within the White House Counsel’s Office, the President’s Chief of Staff, the National Security Advisor, and officials within the Central Intelligence Agency and the Department of Defense.

[snip]

Although the new provision in Rule 6(e) permitting disclosure also requires that any disclosures be reported to the district court responsible for supervising the grand jury, we conclude that disclosures made to the President fall outside the scope of the reporting requirement contained in that amendment, as do related subsequent disclosures made to other officials on the President’s behalf.

In other words, Trump could demand that he — or his National Security Advisor! — get information on any grand jury investigations, including those covering counterintelligence cases. And no judge would be given notice of that.

With Jeff Sessions’ recusal, that’s far less likely to happen than it might have been. But understand that the Executive Branch believes that the President can learn about the happenings in grand jury investigations of the sort that might target his aides.

Update: additional details have been added to this post after it was first posted.

Devin Nunes May Be a Buffoon and a Hack, But I Don’t Think He’s a Criminal

March 31, 2017/10 Comments/in FISA /by emptywheel

I believe that Devin Nunes is a buffoon and a political hack. I believe he needs to be removed from his position as Chair of the House Intelligence Committee — not just because he has been running interference for Trump, betraying his Article I duties, but also because he doesn’t understand the programs he oversees.

But I don’t believe he’s a criminal.

I say that in disagreement with Bart Gellman, who made just such an argument regarding the revelations in this NYT story here. Gellman argued, in part, that Nunes’ sources (about which I hope to say more later) violated nondisclosure laws by sharing reports outside of normal channels with Nunes.

Secrecy regulations, including SF312, the Classified Information Nondisclosure Agreement, do not permit [Michael] Ellis and [Ezra] Cohen-Watnick to distribute sensitive compartmented information through a back channel to Nunes. This is true, and their conduct no less an offense, even though Nunes holds clearances sufficient to receive the information through proper channels. The offense, which in some cases can be prosecuted as a felony, would apply even if the White House officials showed Nunes only “tearsheet” summaries of the surveillance reports. Based on what Nunes has said in public, they appear to have showed him the more sensitive verbatim transcripts. Those are always classified as TS/SI (special intelligence) or TS/COMINT (communications intelligence), which means that they could reveal sources and methods if disclosed. That is the first apparent breach of secrecy rules. The second, of course, is the impromptu Nunes news conference. There is no unclassified way to speak in public about the identity of a target or an “incidentally collected” communicant in a surveillance operation.

To be clear, I think Ellis and Cohen-Watnick may have violated access rules on searches. But I don’t think Nunes violated any laws in accessing that intelligence (I think he probably violated the intent of classification rules on intercepts, but by providing no details about who he saw referenced in these reports, he’ll get away with it.)

That’s because minimization procedures pertaining to FISA materials specifically envision access to information — sometimes even raw data — for oversight purposes. The 2015 702 Minimization Procedures for NSA, for example, state,

Nothing in these procedures shall restrict NSA’s performance of lawful oversight of its personnel or systems, or lawful oversight function of the Department of Justice’s National Security Division, Office of the Director of National Intelligence, or the applicable Offices of the Inspectors General. Similarly, nothing in these procedures shall prohibit the retention, processing, or dissemination of information reasonably necessary to comply with specific constitutional, judicial,or legislative mandates.

At times, minimization procedures have been even more explicit. Starting in 2014, for example, the Section 215 phone dragnet minimization procedures explicitly permitted the sharing of query results “to facilitate lawful oversight functions.”

Notwithstanding the above requirements, NSA may share results from intelligence analysis queries of the BR metadata, including U.S. person identifying information, with Executive Branch personnel (1) in order to enable them to determine whether the information contains exculpatory or impeachment information or is otherwise discoverable in legal proceedings or (2) to facilitate their lawful oversight functions. Notwithstanding the above requirements, NSA may share the results from intelligence analysis queries of the BR metadata, including United States person information, with Legislative Branch personnel to facilitate lawful oversight functions.

The FISC even excluded such sharing from reporting requirements, so Congress could be doing a lot of this and it would never show up in annual reporting.

In other words, at least for FISA-governed data, the court has permitted the sharing of information — and remember, these are supposed to be finished intelligence reports, not raw data or queries — for people in an oversight role. The 702 procedures leave a lot of room for interpretation, too, about what might be a “constitutional” mandate, the kind of language that White Houses of both parties have been prone to abuse.

If these reports were collected under 12333, the new sharing rules explicitly prohibit the sharing of intelligence for political purposes.

Any IC element that obtains access to raw SIGINT under these Procedures will:

[snip]

Political process in the United States. Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States. The IC element will comply with the guidance applicable to NSA regarding the application of this prohibition. Questions about whether a particular activity falls within this prohibition will be resolved in consultation with the element’s legal counsel and the General Counsel of the Office of the Director of National Intelligence (ODNI) (and the DoD’s Office of the General Counsel in the case of a DoD IC element).

Even if this covered what happened, NSC lawyer John Eisenberg was in the loop on this caper, so they effectively did consult with the element’s legal counsel. Moreover, we know that Presidents can pixie dust executive orders at will.

Nunes, at least, pretends he was functioning in an oversight role in raising questions about whether SIGINT had been properly minimized. He appears to have no clue about the authorities he’s talking about, he appears to have misrepresented what the problem is, and he clearly was doing all this with an eye towards making political accusations against Obama.

But nevertheless, he claims to believe he was functioning in an oversight role.

Which is part of the problem! I’ve long pointed to how unrestricted this language is. It invites abuse. It should be tightened going forward (though neither the Trump Administration nor Congress has incentive to do that at this point).

If you’re bothered by Devin Nunes’ information operation — and I am — then you should be calling to tighten up the language governing how intelligence can be shared for oversight and other “constitutional” purposes. Because they appear to envision something like this happening.

What Was the Relationship Between FSB and GRU in the DNC Hack, Redux?

March 28, 2017/27 Comments/in Cybersecurity, Russian hacks /by emptywheel

I want to return to last week’s House Intelligence Hearing on Russia (because that fecker Devin Nunes canceled my birthday hearing with James Clapper and John Brennan today), to revisit a question I’ve asked a number of times (in most detail here): what was the relationship between Russia’s FSB and GRU intelligence services in the DNC hack?

The public narrative (laid out in this post) goes like this: Sometime in summer 2015, APT (Advanced Persistent Threat) 29 (associated with FSB, Russia’s top intelligence agency) hacked the DNC along with 1,000 other targets and because DNC ignored FBI’s repeated warnings, remained in their network unnoticed. Then, in March 2016, APT 28 (generally though not universally associated with GRU, Russia’s military intelligence) hacked DNC and John Podesta. According to the public story, GRU oversaw the release (via DC Leaks and Guccifer 2.0) and leaking (to Wikileaks via as-yet unidentified cut-outs) of the stolen documents.

Under the public story, then, FSB did the same kind of thing the US does (for example, with Enrique Peña Nieto in 2012), collecting intelligence on a political campaign, whereas GRU did something new (though under FBI-directed Sabu, we did something similar to Bashar al-Assad in 2012), leaking documents to Wikileaks.

Obama’s sanctions to retaliate for the hack primarily focused on GRU, but did target FSB as well, though without sanctioning any FSB officers by name. And in its initial report on the Russian hack, the government conflated the two separate groups, renaming attack tools previously dubbed Cozy and Fancy Bear the “Grizzly Steppe,” making any detailed discussion of how they worked together more confusing. As I noted, however, the report may have offered more detail about what APT 29 did than what APT 28 did.

Last week’s hearing might have been an opportunity to clarify this relationship had both sides not been interested in partisan posturing. Will Hurd even asked questions that might have elicited more details on how this worked, but Admiral Mike Rogers refused to discuss even the most basic details of the hacks.

HURD: Thank you, Chairman.

And gentlemen, thank you all for being here. And thank you for your continued service to your country. I’ve learned recently the value of sitting in one place for a long period of time and listening and today I’m has added to that understanding and I’m going to try to ask questions that y’all can answer in this format and are within your areas of expertise. And Director Rogers, my first question to you — the exploit that was used by the Russian’s to penetrate the DNC, was it sophisticated? Was it a zero day exploit? A zero day being some type of — for those that are watching, an exploit that has never been used before?

ROGERS: In an open unclassified forum, I am not going to talk about Russian tactics, techniques or procedures about how they executed their hacks.

HURD: If members of the DNC had not — let me rephrase this, can we talk about spear fishing?

ROGERS: Sure, in general terms, yes sir.

HURD: Spear fishing is when somebody sends an email and they — somebody clicks on something in that email…

ROGERS: Right, the user of things (inaudible) they’re receiving an email either of interest or from a legitimate user, they open it up and they’ll often click if you will on a link — an attachment.

HURD: Was that type of tactic used in the…

ROGERS: Again, I’m not in an unclassified forum just not going to be…

The refusal to discuss the most basic details of this hack — even after the government listed 31 reports describing APT 28 and 29 (and distinguishing between the two) in its updated report on the hacks — is weird, particularly given the level of detail DOJ released on the FSB-related hack of Yahoo. Given that the tactics themselves are not secret (and have been confirmed by FBI, regardless of what information NSA provided), it seems possible that the government is being so skittish about these details because they don’t actually match what we publicly know. Indeed, at least one detail I’ve learned about the documents Guccifer 2.0 leaked undermines the neat GRU-FSB narrative.

Comey did confirm something I’ve been told about the GRU side of the hack: they wanted to be found (whereas the FSB side of the hack had remained undiscovered for months, even in spite of FBI’s repeated efforts to warn DNC).

COMEY: The only thing I’d add is they were unusually loud in their intervention. It’s almost as if they didn’t care that we knew what they were doing or that they wanted us to see what they were doing. It was very noisy, their intrusions in different institutions.

There is mounting evidence that Guccifer 2.0 went to great lengths to implicate Russia in the hack. Confirmation GRU also went out of its way to make noise during the DNC hack may suggest both within and outside of the DNC the second hack wanted to be discovered.

I have previously pointed to a conflict between what Crowdstrike claimed in its report on the DNC hack and what the FBI told FireEye. Crowdstrike basically said the two hacking groups didn’t coordinate at all (which Crowdstrike took as proof of sophistication). Whereas FireEye said they did coordinate (which it took as proof of sophistication and uniqueness of this hack). I understand the truth is closer to the latter. APT 28 largely operated on its own, but at times, when it hit a wall of sorts, it got help from APT 29 (though there may have been some back and forth before APT 29 did share).

All of which brings me to two questions Elise Stefanik asked. First, she asked — casually raising it because it had “been in the news recently” — whether the FSB was collecting intelligence in its hack of Yahoo.

STEFANIK: Thank you. Taking a further step back of what’s been in the news recently, and I’m referring to the Yahoo! hack, the Yahoo! data breech, last week the Department of Justice announced that it was charging hackers with ties to the FSB in the 2014 Yahoo! data breech. Was this hack done to your knowledge for intelligence purposes?

COMEY: I can’t say in this forum.

STEFANIK: Press reporting indicates that Yahoo! hacked targeted journalists, dissidence and government officials. Do you know what the FSB did with the information they obtained?

COMEY: Same answer.

Again, in spite of the great deal of detail in the indictment, Comey refused to answer these obvious questions.

The question is all the more interesting given that the indictment alleges that Alexsey Belan (who was sanctioned along with GRU in December) had access to Yahoo’s network until December 2016, well after these hacks. More interestingly, Belan was “minting” Yahoo account credentials at least as late as May 20, 2016. That’s significant, because one of the first things that led DNC to be convinced Russia was hacking it was when Ali Chalupa, who was then collecting opposition research on Paul Manafort from anti-Russian entities in Ukraine, kept having her Yahoo account hacked in early May. With the ability to mint cookies, the FSB could have accessed her account without generating a Yahoo notice. Chalupa has recently gone public about some, though not all, of the other frightening things that happened to her last summer (she was sharing them privately at the time). So at a time when the FSB could have accomplished its goals unobtrusively, hackers within the DNC network, Guccifer 2.0 outside of it, and stalkers in the DC area were all alerting Chalupa, at least, to their presence.

While it seems increasingly likely the FSB officers indicted for the Yahoo hack (one of whom has been charged with treason in Russia) were operating at least partly on their own, it’s worth noting that overlapping Russian entities had three different ways to access DNC targets.

Note, Dianne Feinstein is the one other person I’m aware of who is fully briefed on the DNC hack and who has mentioned the Yahoo indictment. Like Comey, she was non-committal about whether the Yahoo hack related to the DNC hack.

Today’s charges against hackers and Russian spies for the theft of more than 500 million Yahoo user accounts is the latest evidence of a troubling trend: Russia’s sustained use of cyber warfare for both intelligence gathering and financial crimes. The indictment shows that Russia used these cyberattacks to target U.S. and Russian government officials, Russian journalists and employees of cybersecurity, financial services and commercial entities.

There seems to be a concerted effort to obscure whether the Yahoo hack had any role in the hack of the DNC or other political targets.

Finally, Stefanik asked Comey a question I had myself.

STEFANIK: OK, I understand that. How — how did the administration determine who to sanction as part of the election hacking? How — how familiar with that decision process and how is that determination made?

COMEY: I don’t know. I’m not familiar with the decision process. The FBI is a factual input but I don’t recall and I don’t have any personal knowledge of how the decisions are made about who to sanction.

One place you might go to understand the relationship between GRU and FSB would be to Obama’s sanctions, which described the intelligence targets this way.

The Main Intelligence Directorate (a.k.a. Glavnoe Razvedyvatel’noe Upravlenie) (a.k.a. GRU) is involved in external collection using human intelligence officers and a variety of technical tools, and is designated for tampering, altering, or causing a misappropriation of information with the purpose or effect of interfering with the 2016 U.S. election processes.

The Federal Security Service (a.k.a. Federalnaya Sluzhba Bezopasnosti) (a.k.a FSB) assisted the GRU in conducting the activities described above.

[snip]

Sanctioned individuals include Igor Valentinovich Korobov, the current Chief of the GRU; Sergey Aleksandrovich Gizunov, Deputy Chief of the GRU; Igor Olegovich Kostyukov, a First Deputy Chief of the GRU; and Vladimir Stepanovich Alexseyev, also a First Deputy Chief of the GRU.

Remember, by the time Obama released these sanctions, several FSB officers, including Dmitry Dokuchaev (who was named in the Yahoo indictment) had been detained for treason for over three weeks. But the officers named in the sanctions, unlike the private companies and individual hackers, are unlikely to be directly affected by the sanctions.

The sanctions also obscured whether Belan was sanctioned for any role in the DNC hack.

Aleksey Alekseyevich Belan engaged in the significant malicious cyber-enabled misappropriation of personal identifiers for private financial gain. Belan compromised the computer networks of at least three major United States-based e-commerce companies.

Again, all of this suggests that the intelligence community has reason to want to obscure how these various parts fit together, even while publicizing the details of the Yahoo indictment.

Which suggests a big part of the story is about how the public story deviates from the real story the IC is so intent on hiding.

Did Devin Nunes Just Reveal NSC Is Monitoring Agency Response to Congress?

March 27, 2017/35 Comments/in FISA, Russian hacks /by emptywheel

Multiple outlets this morning are covering Devin Nunes’ admission that he was on “White House grounds” last Tuesday, leading up to his Wednesday announcement that Trump officials’ identities may (or may not have) been unmasked in intelligence reports unrelated to Russia.

One source told CNN that Nunes, a California Republican, was seen on the White House grounds the day before his announcement. In a phone interview, Nunes confirmed to CNN that he was on the White House grounds that day — but he said he was not in the White House itself. (Other buildings, including the Eisenhower Executive Office Building, are on the same grounds.)

No one in the White House was aware that he was there, Nunes said.

The California Republican said he was there for additional meetings “to confirm what I already knew” but said he wouldn’t comment further so as to not “compromise sources and methods.”

He told CNN he wanted to “reiterate this has nothing to do with Russia.”

Nunes went to the building because he needed a secure area to view the information, he told CNN. A government official said Nunes was seen Tuesday night at the National Security Council offices of the Eisenhower building which, other than the White House Situation Room, is the main area on the complex to view classified information in a secure room.

Nunes explained to Eli Lake he couldn’t use HPSCI’s own SCIF, just two miles away, because it didn’t have networked access to the reports that he was being shown.

In an interview Monday, Nunes told me that he ended up meeting his source on the White House grounds because it was the most convenient secure location with a computer connected to the system that included the reports, which are only distributed within the executive branch. “We don’t have networked access to these kinds of reports in Congress,” Nunes said. He added that his source was not a White House staffer and was an intelligence official.

Laura Rozen notes that Nunes’ former aide, Michael Ellis, now works as NSC Deputy Legal Adviser.

New special assistant to the president, NSC deputy legal adviser Michael Ellis served as Nunes’ aide, HPSCI gen. counsel til early March 3/

Whether or not Ellis is Nunes’ source, it seems clear that someone in the EEOB first told, then shared, intercepts with Nunes.

That raises questions about how said source obtained the intercepts. That’s true particularly given that by Nunes’ later admission that some of the names weren’t unmasked per se, but rather described in such a way that would make the US person (that is, the Trump associate) clear, so it’s not like the NSC could just search on all of Trump’s top aides to find out if their names had been unmasked.

Remember, too, that this takes place against the background of HPSCI’s requests to NSA, CIA, and FBI for details on all the US persons who had been unmasked between June 2016 and January 2017. NSA had provided a partial response (basically deferring an answer until they could do more research) before last week’s hearing and Nunes’ press conference. But it’s not clear whether FBI intended to reply — it would have several possible reasons for refusing to do so, both to protect an ongoing investigation but also because unmasking is not the question to ask FBI, database searches are (it’s not clear how many of HPSCI’s Republicans understand this, which is pathetic).

In any case, NSA and CIA (at least) are already in the process of responding to this request. But someone worked his or her own angles to respond to the same request for Nunes.

Republicans Prepare to Accuse Hillary of Russian Ties

March 24, 2017/27 Comments/in 2016 Presidential Election, Russian hacks /by emptywheel

In Monday’s hearing, Devin Nunes asked Jim Comey for reassurances that if anyone — including a member of the public — brought allegations of Russian attempts to infiltrate the Hillary campaign to the FBI, the FBI would expand the investigation to include those efforts as well.

NUNES:Director Comey, you announced this morning that there’ll be an investigation into Trump associates possible and President Trump and anyone around the campaign and any association with the Russian government.

If this committee or anyone else for that matter, someone from the public, comes with information to you about the Hillary Clinton campaign or their associates or someone from the Clinton Foundation, will you add that to your investigation? They have ties to Russian intelligence services, Russian agents, would that be something of interest to you?

COMEY: People bring us information about what they think is improper unlawful activity of any kind, we will evaluate it. Not just in — not just in this context. Folks send us stuff all the time. They should keep going that.

NUNES: Do you think it’s possible that the Russians would not be trying to infiltrate Hillary Clinton’s campaign, get information on Hillary Clinton and try to get to people that are around that campaign or the Clinton Foundation?

COMEY: I’m not prepared to comment about the particular campaigns but the Russians in general are always trying to understand who the future leaders might be and what levers of influence there might be on them.

NUNES: I just hope that if — if information does surface about the other campaigns, not even just Hillary Clinton’s but any other campaigns, that you would take that serious also if the Russians were trying to infiltrate those campaigns around them.

COMEY: Of course we would.

Yesterday, Politico reported that the RNC paid an intelligence firm that employs a former KGB officer dig up dirt on Hillary.

The payments attracted attention in political and intelligence circles, largely because the Virginia-based firm, Hamilton Trading Group, had particular expertise in Russia, which was emerging as a major campaign issue at the time.

RNC officials and the president and co-founder of Hamilton Trading Group, an ex-CIA officer named Ben Wickham, insisted the payments, which eventually totaled $41,500, had nothing to do with Russia.

[snip]

But RNC officials now acknowledge that most of the cash — $34,100 — went towards intelligence-style reports that sought to prove conflicts of interest between Democratic presidential candidate Hillary Clinton’s tenure as Secretary of State and her family’s foundation.

The firm produced two dossiers that tried to make the case that Clinton intervened in Bulgaria and Israel, respectively, on behalf of energy companies that had donated to the Clinton Foundation, according to people briefed on the reports.

The oppo firm’s story has been evolving, but thus far, it seems that the former KGB officer, Gennady Vasilenko, did not work on the Hillary project. That said, remember that the Christopher Steele dossier (which is effectively the Clinton counterpart to this oppo project) indicated that Russia held compromising information on Hillary. We don’t know if that was included in the earlier reports shared with Steele’s first, Republican client. If it was, I could imagine the RNC trying to replicate the same information via a different source.

Meanwhile, serial fabulist oppo hit man Jerome Corsi has a piece at Infowars purporting to explain Roger Stone’s August 21, 2016 tweet stating “it would soon be Podesta’s time in the barrel.” Corsi includes two reports from last summer — one done by Government Accountability Institute and another by himself in response to the Paul Manafort allegations — alleging ties between Hillary and Podesta and Russia.

When this article was published, I suggested to Roger Stone that the attack over Manafort’s ties to Russia needed to be countered.

My plan was to publicize the Government Accountability Institute’s report, “From Russia With Money,” that documented how Putin paid substantial sums of money to both Hillary Clinton and John Podesta.

Putin must have wanted Hillary to win in 2016, if only because Russian under-the-table cash payments to the Clintons and to Podesta would have made blackmailing her as president easy.

On Aug. 14, 2016, I began researching for Roger Stone a memo that I entitled “Podesta.”

I completed that memo on Aug. 31, 2016, and is embedded here in its entirety.

It’s not clear Corsi’s explanation works to absolve Stone: while the earlier (July 31) report does focus on John Podesta, Corsi’s August 31 report focuses primarily on John’s brother Tony.

But it does dig out these Russian allegations just after Nunes raised the possibility private citizens might provide FBI with evidence implicating the Hillary campaign.

I’d say this is all ridiculous, and within the counterintelligence department it probably is, but remember that similar allegations from Steve Bannon got the NY office of the FBI chasing after the Clinton Foundation for months and months.

Devin Nunes Commits “Felonious Leaking”

March 22, 2017/31 Comments/in 2016 Presidential Election /by emptywheel

As I laid out here, Trey Gowdy spent much of Monday’s Russia hearing talking about how, if someone reveals details of FISA collection, that person has violated sacred trust and also committed felonious leaking. House Intelligence Chair Devin Nunes was present for some, if not all of Gowdy’s tirade.

Yet that didn’t stop Nunes from engaging in precisely the kind of felonious leaking that Gowdy claims violates that sacred trust. At a press conference today, Nunes gave the following statement:

At our open hearing on Monday, I encouraged anyone who has information about relevant topics—including surveillance on President-elect Trump or his transition team—to come forward and speak to the House Intelligence Committee. I also said that, while there was not a physical wiretap of Trump Tower, I was concerned that other surveillance activities were used against President Trump and his associates.

I recently confirmed that, on numerous occasions, the Intelligence Community incidentally collected information about U.S. citizens involved in the Trump transition.

Details about U.S. persons associated with the incoming administration—details with little or no apparent foreign intelligence value—were widely disseminated in intelligence community reporting.

I have confirmed that additional names of Trump transition team members were unmasked.

To be clear, none of this surveillance was related to Russia or any investigation of Russian activities or of the Trump team.

The House Intelligence Committee will thoroughly investigate this surveillance and its subsequent dissemination to determine:

Who was aware of it

Why it was not disclosed to Congress

Who requested and authorized the additional unmasking

Whether anyone directed the intelligence community to focus on Trump associates; and

Whether any laws, regulations, or procedures were violated

I’ve asked the Directors of the FBI, NSA, and CIA to expeditiously comply with my March 15 letter, and to provide a full account of these surveillance activities. I informed Speaker Ryan this morning of this new information, and I will be going to the White House this afternoon to share what I know with the President.

Nunes went on to say this was normal incidental collection, possibly including Trump’s communications. He said it was all obtained legally. He said the communications were collected in November, December, and January. He stated he was unsure whether these were wiretapped phone calls, or something else. He wondered why the identities of Trump people were unmasked (though his later statements suggested it may have been circulated in raw form) and said “it bothers me that that would have any foreign intelligence value whatsoever.”

Nunes said he saw dozens of reports and that the information he saw has nothing to do with Russia or the Russia investigation, or any discussions with Russians.

Nunes then said he was headed to the White House to tell Trump which, if there is any legal interest in any of these intercepts (as there might be if they pertained to Mike Flynn’s communications with Turkey, for example), then Nunes just committed obstruction of justice.

“It’s all classified information,” Nunes explained.

And Nunes so lacks any self-awareness, he seemed completely oblivious to the ways he had violated everything the Republicans were wailing about on Monday.

The presser ended with this exchange, which may totally upend the debate over Section 702 reauthorization this year:

Reporter 1: Do you think right now the NSA — or a member of the intelligence community — was spying on Trump during the transition period?

Nunes: Well, I guess it all depends on one’s definition of spying. Clearly it bothers me enough, I’m not comfortable with it.

Reporter 2: But you think he might have been spied on?

Nunes: I’m not going to get into legal definitions here, but clearly I have a concern.

When a White Republican Gets Spied On, Privacy Suddenly Matters

March 20, 2017/38 Comments/in Cybersecurity, FISA, Russian hacks /by emptywheel

As expected, much of today’s hearing on the Russian hack consisted of members of Congress — from both parties — posturing for the camera.

At first, it seemed that the Republican line of posturing — complaining about the leak that exposed Mike Flynn’s conversations with Ambassador Sergey Kislyak — tracked Donald Trump’s preferred approach, to turn this into a witch hunt for the leakers.

But it was actually more subtle than that. It appears Republicans believe the leaks about Flynn have (finally) made Congress skittish about incidental collection of US person communications as part of FISA collection. And so both Tom Rooney and Trey Gowdy spent much of their early hearing slots discussing how much more difficult the leak of Flynn’s name will make Section 702 reauthorization later this year. In the process, they should have created new fears about how painfully ignorant the people supposedly overseeing FISA are.

Rooney, who heads the subcommittee with oversight over NSA, started by quizzing Mike Rogers about the process by which a masked US person identity can be disclosed. Along the way, it became clear Rooney was talking about Section 702 reauthorization even while he was talking traditional FISA collection, which doesn’t lapse this year.

Rooney: If what we’re talking about is a serious crime, as has been alleged, in your opinion would leaking of a US person who has been unmasked and disseminated by intelligence community officials, would that leaking hurt or help our ability to conduct national security.

Rogers: Hurt.

Rooney: Ok, if it hurts, this leak, which through the 702 tool, which we all agree is vital–or you and I at least agree to that–do you think that that leak actually threatens our national security. If it’s a crime, and if it unmasks a US person, and this tool is so important it could potentially jeopardize this tool when we have to try to reauthorize it in a few months, if this is used against our ability to reauthorize this tool, and we can’t get it done because whoever did this leak, or these nine people that did this leak, create such a stir, whether it be in our legislative process or whatever, that they don’t feel confident a US person, under the 702 program, can be masked, successfully, and not leaked to the press, doesn’t that hurt–that leak–hurt our national security.

Eventually Admiral Rogers broke in to explain to his congressional overseer very basic facts about surveillance, including that Flynn was not and could not have been surveilled under Section 702.

Rogers: FISA collection on targets in the United States has nothing to do with 702, I just want to make sure we’re not confusing the two things here. 702 is collection overseas against non US persons.

Rooney: Right. And what we’re talking about here is incidentally, if a US person is talking to a foreign person that we’re listening to whether or not that person is unmasked.

Nevertheless, Rooney made it very clear he’s very concerned about how much harder the Flynn leak will make it for people like him to convince colleagues to reauthorize Section 702, which is even more of a privacy concern than traditional FISA.

Rooney: But it’s really going to hurt the people on this committee and you in the intelligence community when we try to retain this tool this year and try to convince some of our colleagues that this is really important for national security when somebody in the intelligence community says, you know what the hell with it, I’m gonna release this person’s name, because I’m gonna get something out of it. We’re all gonna be hurt by that. If we can’t reauthorize this tool. Do you agree with that?

A little later, Trey Gowdy got his second chance to complain about the leak. Referencing Rogers’ earlier explanation that only 20 people at NSA can unmask a US person identity, Gowdy tried to figure out how many at FBI could, arguing (this is stunning idiocy here) that by finding a finite number of FBI officials who could unmask US person identities might help assuage concerns about potential leaks of US persons caught in FISA surveillance.

Comey: I don’t know for sure as I sit here. Surely more, given the nature of the FBI’s work. We come into contact with US persons a whole lot more than the NSA does because we may be conducting — we only conduct our operations in the United States to collect electronic surveillance. I can find out the exact number. I don’t know it as I sit here.

Gowdy: I think Director Comey given the fact that you and I agree that this is critical, vital, indispensable. A similar program is coming up for reauthorization this fall with a pretty strong head wind right now, it would be nice to know the universe of people who have the power to unmask a US citizen’s name. Cause that might provide something of a road map to investigate who might have actually disseminated a masked US citizen’s name.

Here’s why this line of questioning from Gowdy is unbelievably idiotic. Both for traditional FISA, like the intercept targeting Kislyak that caught Flynn, and for Section 702, masking and unmasking identities at FBI is not the concern. That’s because the content from both authorities rests in FBI’s databases, and anyone cleared for FISA can access the raw data. And those FBI Agents not cleared for FISA can and are encouraged just to ask a buddy who is cleared to do it.

In other words, every Agent at FBI has relatively easy way to access the content on Flynn, so long as she can invent a foreign intelligence or criminal purpose reason to do so.

Which is probably why Comey tried to pitch something he called “culture” as adequate protection, rather than the very large number of FBI Agents who are cleared into FISA.

Comey: The number is … relevant. What I hope the US–the American people will realize is the number’s important but the culture behind it is in fact more important. The training, the rigor, the discipline. We are obsessive about FISA in the FBI for reasons I hope make sense to this committee. But we are, everything that’s FISA has to be labeled in such a way to warn people this is FISA, we treat this in a special way. So we can get you the number but I want to assure you the culture in the FBI and the NSA around how we treat US person information is obsessive, and I mean that in a good way.

So then Gowdy asks Comey something he really has a responsibility to know: what other agencies have Standard Minimization Procedures. (The answer, at least as the public record stands, is NSA, CIA, FBI, and NCTC have standard minimization procedures, with Main Justice using FBI’s SMPs.)

Gowdy: Director Comey I am not arguing with you and I agree the culture is important, but if there are 100 people who have the ability to unmask and the knowledge of a previously masked name, then that’s 100 different potential sources of investigation. And the smaller the number is, the easier your investigation is. So the number is relevant. I can see the culture is relevant. NSA, FBI, what other US government agencies have the authority to unmask a US citizen’s name?

Comey: Well I think all agencies that collect information pursuant to FISA have what are called standard minimization procedures which are approved by the FISA court that govern how they will treat US person information. So I know the NSA does, I know the CIA does, obviously the FBI does, I don’t know for sure beyond that.

Gowdy: How about Main Justice?

Comey: Main Justice I think does have standard minimization procedures.

Gowdy: Alright, so that’s four. NSA, FBI, CIA, Main Justice. Does the White House has the authority to unmask a US citizen’s name?

Comey: I think other elements of the government that are consumers of our can ask the collectors to unmask. The unmasking resides with those who collected the information. And so if Mike Rogers’ folks collected something, and they send it to me in a report and it says it’s US person #1 and it’s important for the FBI to know who that is, our request will go back to them. The White House can make similar requests of the FBI or NSA but they don’t on their own collect, so they can’t on their own unmask.

That series of answers didn’t satisfy Gowdy, because from his perspective, if Comey isn’t able to investigate and find a head for the leak of Flynn’s conversation with Kislyak — well, I don’t know what he thinks but he’s sure an investigation, possibly even the prosecution of journalists, is the answer.

Gowdy: I guess what I’m getting at Director Comey, you say it’s vital, you say it’s critical, you say that it’s indispensable, we both know it’s a threat to the reauthorization of 702 later on this fall and oh by the way it’s also a felony punishable by up to 10 years. So how would you begin your investigation, assuming for the sake of argument that a US citizen’s name appeared in the Washington Post and the NY Times unlawfully. Where would you begin that investigation?

This whole series of questions frankly mystifies me. I mean, these two men who ostensibly provide oversight of FISA clearly didn’t understand what the biggest risk to privacy is –back door searches of US person content — which at the FBI doesn’t even require any evidence of wrong-doing. That is the biggest impediment to reauthorizing FISA.

And testimony about the intricacies of unmasking a US person identity — particularly when a discussion of traditional FISA serves as stand-in for Section 702 — does nothing more than expose that the men who supposedly oversee FISA closely have no fucking clue — and I mean really, not a single fucking clue — how it works. Devin Nunes, too, has already expressed confusion on how access to incidentally collected US person content works.

Does anyone in the House Intelligence Committee understand how FISA works? Bueller?

In retrospect, I’m really puzzled by what is so damning about the Flynn leak to them. I mean, don’t get me wrong, I’m very sympathetic to the complaint that the contents of the intercepts did get leaked. If you’re not, you should be. Imagine how you’d feel if a Muslim kid got branded as a terrorist because he had a non-criminal discussion with someone like Anwar al-Awlaki? (Of course, in actual fact what happened is the Muslim kids who had non-criminal discussions with Awlaki had FBI informants thrown at them until they pressed a button and got busted for terrorism, but whatever.)

But Rooney and Gowdy and maybe even Nunes seemed worried that their colleagues in the House have seen someone like them — not a young Muslim, but instead a conservative white man — caught up in FISA, which has suddenly made them realize that they too have conversations all the time that likely get caught up in FISA?

Or are they worried that the public discussion of FISA will expose them for what they are, utterly negligent overseers, who don’t understand how invasive of privacy FISA currently is?

If it’s the latter, their efforts to assuage concerns should only serve to heighten those concerns. These men know so little about FISA they don’t even understand what questions to ask.

In any case, after today’s hearing I am beginning to suspect the IC doesn’t like to have public hearings not because someone like me will learn something, but because we’ll see how painfully little most of the so-called overseers have learned in all the private briefings the IC has given them. If these men don’t understand the full implications of incidental collection, two months after details of Flynn’s conversations have been leaked, then it seems likely they’ve been intentionally mis or underinformed.

Or perhaps they’re just not so bright.

How Trump’s Tantrum May Lead Trump Transition Official Devin Nunes to Delegitimize the Investigation

March 5, 2017/35 Comments/in 2016 Presidential Election, Russian hacks /by emptywheel

There are three developments in the wake of President Trump’s twitter rant claiming “Obama had my ‘wires tapped’ in Trump Tower” yesterday.

James Clapper denies a wiretap on Trump or his campaign

First, James Clapper went on Meet the Press and denied there was FISA-authorized wiretap activity mounted against Trump or his campaign.

CHUCK TODD: Let me start with the President’s tweets yesterday, this idea that maybe President Obama ordered an illegal wiretap of his offices. If something like that happened, would this be something you would be aware of?

JAMES CLAPPER: I would certainly hope so. I can’t say– obviously, I’m not, I can’t speak officially anymore. But I will say that, for the part of the national security apparatus that I oversaw as DNI, there was no such wiretap activity mounted against– the president elect at the time, or as a candidate, or against his campaign. I can’t speak for other Title Three authorized entities in the government or a state or local entity.

CHUCK TODD: Yeah, I was just going to say, if the F.B.I., for instance, had a FISA court order of some sort for a surveillance, would that be information you would know or not know?

JAMES CLAPPER: Yes.

CHUCK TODD: You would be told this?

JAMES CLAPPER: I would know that.

CHUCK TODD: If there was a FISA court order–

JAMES CLAPPER: Yes.

CHUCK TODD: –on something like this.

JAMES CLAPPER: Something like this, absolutely.

CHUCK TODD: And at this point, you can’t confirm or deny whether that exists?

JAMES CLAPPER: I can deny it.

CHUCK TODD: There is no FISA court order?

JAMES CLAPPER: Not– not to know my knowledge.

CHUCK TODD: Of anything at Trump Tower?

JAMES CLAPPER: No.

As always with Clapper, it pays to look at what he denies: “wiretap activity” of Trump or his campaign and a FISA court order “of anything at Trump Tower.” That still leaves open wiretaps directed at people deemed not to to be tied to his campaign — would Paul Manafort count, for example, after he had purportedly left the campaign? It leaves open the possibility of other kinds of collection, such as financial transfers (which they have multiple other ways of getting, like SWIFT and Section 215 and SARs from banks) affecting Trump’s campaign. It also leaves open a whole range of targeting of Russians that happen to pick up Trump’s campaign officials.

Clapper also excludes, in his denial, Title III warrants. That’s important because of reporting that the investigation of Manafort started as a criminal investigation.

Note, Clapper goes on to state clearly that, at least as of the time he left, there was no evidence of collusion between Trump’s campaign and the Russians. “[A]t the time [of the IC report], we had no evidence of such collusion,” though he allows such evidence could have “become available in the time since I left the government.”

Sean Spicer asks Congress to find out which Trump aides were wiretapped

Also this morning, Sean Spicer released a curious statement. It starts by stating that certain “reports” are “very troubling.”

Reports concerning potentially politically motivated investigations immediately ahead of the 2016 election are very troubling.

Not only does this attempt to absolve the President of his unhinged tweeting, but it backs my argument that Trump was responding to the Breitbart article which was itself based off misleading information.

Spicer then states the Trump “is requesting” that the intelligence committees “determine whether executive branch investigative powers were abused in 2016.”

President Donald J. Trump is requesting that as part of their investigation into Russian activity, the congressional intelligence committees exercise their oversight authority to determine whether executive branch investigative powers were abused in 2016.

White House Counsel Don McGahn reportedly spent yesterday trying to chase down a purported FISA warrant targeting Trump. Trump has the ability to do this himself (though it would be improper). Either McGahn learned there was nothing, or Trump wants to have the Intelligence Committees — led by Trump national security advisor Richard Burr and Trump transition official Devin Nunes — check into his claims.

And with that, Spicer says neither Trump nor anyone else will comment on Trump’s unhinged twitter rant until the intelligence committees are done.

Neither the White House nor the President will comment further until such oversight is conducted.

Let’s see whether Spicer can prevent Trump from going on another rant.

Devin Nunes takes up Trump’s request

Finally, Devin Nunes released a statement saying that the House Intelligence Committee would do what the President asked.

One of the focus points of the House Intelligence Committee’s investigation is the U.S. government’s response to actions taken by Russian intelligence agents during the presidential campaign. As such, the Committee will make inquiries into whether the government was conducting surveillance activities on any political party’s campaign officials or surrogates, and we will continue to investigate this issue if the evidence warrants it.

In fact, that category “the U.S. government’s response” was supposed to be geared towards preventing a future attack; that bullet ended “what do we need to do to protect ourselves and our allies in the future?” in the scope of investigation agreed on with Adam Schiff just earlier this week.

Plus, what happened to the previously emphasized part of the HPSCI investigation, leaks?

What possible leaks of classified information took place related to the Intelligence Community Assessment of these matters?

After all, if Trump’s twitter rant yesterday had any basis in truth, he just told a bunch of people about a FISA wiretap.

But Nunes doesn’t appear to think Trump’s twitter rant did reveal classified information. Huh.

In any case, let’s review what has happened.

On Thursday, Jeff Sessions recused from the election-related parts of this investigation. In response, Trump went on a rant (inside the White House) reported to be as angry as any since he became President. The next morning, Trump responded to a Breitbart article alleging a coup by making accusations that suggest any wiretaps involved in this investigation would be improper. Having reframed wiretaps that would be targeted at Russian spies as illegitimate, Trump then invited Nunes to explore any surveillance of campaign officials, even that not directly tied to Trump himself.

And Nunes obliged.

If I’m someone tied to the Hillary campaign, here’s what I do: I immediately call on Devin Nunes to explain how a second set of Huma Abedin’s emails involving the Hillary server got targeted just days before the election. We still don’t know the circumstances of that discovery. And if Nunes is concerned about inappropriate surveillance, surely he’ll want to get to the bottom of that potentially election-altering surveillance.

Democrats Should Propose Susan Collins Serve as Acting Chair for Russian Hack Investigation

February 25, 2017/5 Comments/in Benghazi Attack, Russian hacks /by emptywheel

As I’ve been saying, the Intelligence Committees are the sensible place for any investigation into the Russian hack, but the current investigation is hampered because both Chairs — Devin Nunes in the House and Richard Burr in the Senate — have conflicts that prevent them from being independent.

The WaPo has an absolutely masterful article exposing their conflicts.

Better still, it shows that Benghazi truther Mike Pompeo has already abused his position as CIA Director in the pursuit of politics.

The part that has gotten the most notice is WaPo’s report that — after Reince Priebus failed to get FBI to issue a rebuttal to this NYT article — which claims “Phone records and intercepted calls show that members of Donald J. Trump’s 2016 presidential campaign and other Trump associates had repeated contacts with senior Russian intelligence officials in the year before the election” — he then arranged calls with the press and Nunes and Burr, so they could rebut the claims. As the WaPo reports, the calls were not persuasive enough to get WaPo to report on them.

The officials broadly dismissed Trump associates’ contacts with Russia as infrequent and inconsequential. But the officials would not answer substantive questions about the issue, and their comments were not published by The Post and do not appear to have been reported elsewhere.

Nunes’ comments actually were picked up by WSJ (which has discouraged reporters from doing hard reporting on this issue). Burr’s were not. Here’s how Burr — who normally leaks far less than other Gang of Four members, and who was a national security advisor for Trump during the campaign — defended his comments.

Burr acknowledged that he “had conversations about” Russia-related news reports with the White House and engaged with news organizations to dispute articles by the New York Times and CNN that alleged “repeated” or “constant” contact between Trump campaign members and Russian intelligence operatives.

“I’ve had those conversations,” Burr said, adding that he regarded the contacts as appropriate provided that “I felt I had something to share that didn’t breach my responsibilities to the committee in an ongoing investigation.”

More delectably, the WaPo obliquely reveals that an intelligence official was involved in the calls, and then makes it very clear that Pompeo was the guy. As WaPo points out, this not only makes Pompeo a raging hypocrite, given the way he politicized Benghazi, but it also suggests Pompeo inquired into the FBI’s counterintelligence investigation for the purpose of leaking details of it to the press.

CIA Director Mike Pompeo is the senior-most intelligence official in the administration, with former senator Dan Coats (R-Ind.) still awaiting confirmation as director of national intelligence.

As a Republican member of Congress, Pompeo was among the most fiercely partisan figures in the House investigation of Benghazi, which centered on accusations that the Obama administration had twisted intelligence about the attacks for political purposes.

It is not unusual for CIA leaders to have contact with news organizations, particularly about global issues such as terrorism or to contest news accounts of CIA operations. But involving the agency on alleged Trump campaign ties to Russia could be problematic.

The CIA is not in charge of the investigation. Given the history of domestic espionage abuses in the United States, CIA officials are typically averse to being drawn into matters that involve U.S. citizens or might make the agency vulnerable to charges that it is politicizing intelligence.

This is actually fairly breathtaking. It’s one thing to inquire into a past event, because the inquiry can’t change it. But this is an ongoing counterintelligence investigation! Russians are dying left and right, and at least one of them looks like he was a likely source for the Trump dossier. Two Russians have already been charged with treason and a Ukranian may well be as well. There are reasons you keep counterintelligence investigations secret.

But the CIA Director is more interested in helping Trump out politically.

It turns out that Senate Intelligence Vice Chair Mark Warner, who thus far has defended Burr’s role in this investigation, is not all that happy about this. Here’s what he had to say in response to WaPo’s disclosures.

Mark Warner, the ranking Democrat on the Senate Intelligence Committee, said he called CIA Director Mike Pompeo and Burr to express his “grave concerns about what this means for the independence” of the investigation.

“I am consulting with members of the Intelligence Committee to determine an appropriate course of action so we can ensure that the American people get the thorough, impartial investigation that they deserve, free from White House interference,” Warner said in a statement Friday night.

So here’s my suggestion: tell Mitch McConnell and Richard Burr that Susan Collins should serve as acting Chair for this investigation, and if they don’t agree the Democrats will demand an independent inquiry.

Collins is a perfect choice even beyond her comments from the other day, which among other things entertained the possibility of subpoenaing Trump’s tax returns. She has voted against Trump more than any other Senator (which is not much, but still). As Chair of Homeland Security, she conducted a number of credible investigations, working closely with Joe Lieberman.

So she surely could credibly lead this report.

To be clear: I’m suggesting this as a negotiating strategy. This hasn’t been done before and I suspect it wouldn’t be done here. But it is clear that Collins is independent and qualified to lead this investigation. The alternatives all involve more potential exposure for Trump.

Democrats should propose this — so McConnell and Burr can shoot it down, making it clear that Republicans want people who’ve already compromised their independence to lead this investigation.

Update: Here’s Collins’ comment on the new disclosures.

The Senate Intelligence Committee has the expertise, the cleared staff, and the bipartisan determination to follow the evidence wherever it leads in this investigation into malicious Russian activities. For the public to have confidence in our findings, it is important that the Committee work in a completely bipartisan fashion and that we avoid any actions that might be perceived as compromising the integrity of our work. It is also important that the Committee ultimately issue a public report on our findings.

Why We Should Remain Skeptical of the Five (!!) Congressional Investigations into the Russian Hack

February 20, 2017/5 Comments/in Russian hacks /by emptywheel

I was interviewed (on Thursday) about the Flynn resignation and larger investigation into the Russia hack for Saturday’s On the Media. In what made the edit, I made one error (which I’ll explain later), but a key point I made holds. The leaking about Flynn and other Russian events are hypocritical and out of control. But they may create pressure to fix two problems with the current investigations into the Russian hack: the role of Jeff Sessions overseeing the DOJ-led investigations, and the role of Trump advisory officials Devin Nunes and Richard Burr overseeing the most appropriate congressional investigations.

In this post I’ll look at the latter conflicts. In a follow-up I’ll look at what the FBI seems to be doing.

As I noted in the interview, contrary to what you might think from squawking Democrats, there are five congressional investigations pertaining to Russian hacks, though some will likely end up focusing on prospective review of Russian hacking (for comparison, there were seven congressional Benghazi investigations). They are:

Senate Intelligence Committee: After months of Richard Burr — who served on Trump’s campaign national security advisory council — saying an inquiry was not necessary and going so far as insisting any inquiry wouldn’t review the dossier leaked on Trump, SSCI finally agreed to do an inquiry on January 13. Jim Comey briefed that inquiry last Friday, February 17.
House Intelligence Committee: In December, James Clapper refused to brief the House Intelligence Committee on the latest intelligence concluding Russian hacked the DNC with the goal of electing Trump, noting that HPSCI had been briefed all along (as was clear from some of the leaks, which clearly came from HPSCI insiders). In January, they started their own investigation of the hack, having already started fighting about documents by late January. While Ranking Democratic Member Adam Schiff has long been among the most vocal people complaining about the treatment of the hack, Devin Nunes was not only a Trump transition official, but made some absolutely ridiculous complaints after Mike Flynn’s side of some conversations got legally collected in a counterintelligence wiretap. Nunes has since promised to investigate the leaks that led to Flynn’s forced resignation.
Senate Armed Services Committee: In early January, John McCain announced he’d form a new subcommittee on cybersecurity, with the understanding it would include the Russian hack in its focus. Although he originally said Lindsey Graham would lead that committee, within weeks (and after Richard Burr finally capitulated and agreed to do a SSCI inquiry), McCain instead announced Mike Rounds would lead it.
Senate Foreign Relations Committee: In December, Bob Corker announced the SFRC would conduct an inquiry, scheduled to start in January. At a hearing in February, the topic came up multiple times, and both Corker and Ben Cardin reiterated their plans to conduct such an inquiry.
Senate Judiciary Subcommittee on Crime and Terrorism: After Graham was denied control of the SASC panel, he and Sheldon Whitehouse announced they’d conduct their own inquiry, including a prospective review of “the American intelligence community’s assessment that Russia did take an active interest and play a role in the recent American elections.”

All the while, some Senators — McCain, Graham, Chuck Schumer, and Jack Reed — have called for a Select Committee to conduct the investigation, though in true McCainesque fashion, the maverick has at times flip-flopped on his support of such an inquiry.

Also, while not an investigation, on February 9, Jerry Nadler issued what I consider (strictly as it relates to the Russian hack, not the other conflicts) an ill-advised resolution of inquiry calling for the Administration to release materials relating to the hack, among other materials. Democrats in both the House and Senate have introduced legislation calling for an independent commission, but have gotten no support even from the mavericky Republicans.

As you can see from these descriptions, it took pressure from other committees, especially Lindsey Graham getting control of one of the inquiries, before Richard Burr let himself be convinced by SSCI Vice Chair Mark Warner to conduct an inquiry. Thus far, Mitch McConnell has staved off any Select Committee. As soon as SSCI did claim to be launching an investigation, a bunch of Republicans tried to shut down the others, claiming it was all simply too confusing.

Let me be clear: as I noted in the OTM interview, the intelligence committees are the appropriate place to conduct this investigation, as it concerns really sensitive counterintelligence matters — people who could be witnesses to it are getting killed! — and an ongoing investigation. The only way to conduct a responsible inquiry is to do so in secret, and unless a select committee with clearance is formed, that means doing so in the dysfunctional intelligence committees.

That’s made worse by Nunes and Burr’s obvious conflicts, having served on Trump’s pre-inauguration advisory teams (at a time when Mike Flynn was chatting about ongoing sanctions with Russia), and their equally obvious disinterest in conducting the investigation. Remember that the intelligence committees successfully bolloxed up the independent investigation into Iran-Contra. While neither Nunes nor Burr is as smart as Dick Cheney, who had a key role in that intentional bolloxing, Democrats should be cognizant of the ways that such bolloxing has happened in the past.

And now that SSCI has finally started its inquiry, Ali Watkins published an uncharacteristically credulous report on Burr’s role in the investigation, slathering on the colorful vocabulary — “brutally yanked;” “underground cohort;” “dark shadow of Langley;” “Wearily, they’re trudging forward on a probe littered with potential political landmines;” — before portraying the allegedly difficult position Burr is in:

That he’s now in charge of the sweeping Russia inquiry puts the North Carolina Republican in between a rock and a hard place. Since taking over the helm of the intelligence committee, Burr has pressed for more active and aggressive oversight, and has kept a rigorous travel schedule to match. But his decisive reelection victory in November came at a cost — throughout the contentious race, Burr towed Trump’s line, and hasn’t yet directly criticized the White House publicly.

But Burr has shown no indication that he’s ever angled for a Trump administration job, and says he’s not running for re-election. How seriously he takes his obligation to carry his president’s water remains to be seen.

Burr has been slammed by colleagues in recent days, who fear he’s slow-rolling an investigation into a fast-moving story. But much of the inquiry’s slow start was due to bureaucratic wrangling — some intelligence agencies insisted products be viewed on site rather than sent to the Hill, and some of the intelligence was so tightly controlled that it was unclear if staffers could even view it.

This is just spin. There is abundant public record that Burr has thwarted oversight generally (he has said things supporting that stance throughout his history on both the Senate and House Intelligence Committee, even ignoring his role in covering up torture, and Watkins’ earlier incorrect claims about Burr’s open hearings remain only partly corrected). There is no mention in this article that Burr was on Trump’s national security advisory committee. Nor that SSCI had reason to do hearings about this hack well before January 2017, back when it might have made a difference — at precisely the time when Burr apparently had time to advise Trump about national security issues as a candidate. Plus, it ignores all the things laid out here, Burr’s continued equivocation about whether there should even be a hearing.

There is no reason to believe Burr or Nunes intend to have a truly rigorous investigation (bizarrely, Warner seems to have had more success pushing the issue than Schiff — or Dianne Feinstein when she was Vice Chair — though that may be because the Ranking position is stronger in the Senate than in the House). And history tells us we should be wary that their investigations will be counterproductive.

As I noted, on Friday — the Friday before a recess — Jim Comey briefed the SSCI on the Russian hack. That briefing was unusual for the date (regular SSCI meetings happen on Tuesday and Thursday, and little business of any kinds happens right before a recess). Reporters have interpreted that, along with the presumed silence about the content of the briefing, as a sign that things are serious. That may be true — or it may be that that was the only time a 3-hour briefing could be scheduled. In the wake of the briefing, it was reported that the SSCI sent broad preservation requests tied to the inquiry (that is, they sent the request long after the inquiry was started). And while the press has assumed no one is talking, the day after the briefing, Reuters reported outlines of at least three parts of the FBI investigation into the Russian hack, attributed to former and current government officials.