Posts

The Clear Precedent for Carrie Cordero’s “Uncharted Territory” of Destruction of Evidence

Shane Harris has a report on the government’s odd behavior in regards to preserving the phone dragnet data in light of the suits challenging its legality.

It’s surprising on three counts. First, because he claims the legal back and forth has not previously been reported.

Now, that database will include phone records that are older than five years — not exactly the outcome that critics of the NSA program were hoping for. A dramatic series of legal maneuvers, which have not been previously reported, led the outcome.

It’s surprising not just because the “legal maneuvers” have in fact been reported before (though not the detail that James Cole got involved, though it’s not yet clear how his involvement affected the actual legal maneuvers rather than the internal DOJ communication issues). But also because Harris neglects to mention key details of those legal maneuvers — notably that EFF reminded DOJ, starting on February 26, that it had preservation orders that should affect the dragnet data, reminders which DOJ stalled and then ignored.

Harris’ piece is also surprising because of the implicit suggestion that NSA hasn’t been aging off data regularly, as it is supposed to be.

A U.S. official familiar with the legal process said the question about what to do with the phone records needn’t have been handled at practically the last minute. “The government was coming up on a five-year deadline to delete the data. Lawsuits were pending. The Justice Department could have approached the FISC months ago to resolve this,” the official said, referring to the Foreign Intelligence Surveillance Court.

There should be no “deadline” here — aside from the daily “deadline” that should automatically age off the five year old data. Now, the WSJ had previously reported that that’s not actually how age-off works.

As the NSA program currently works, the database holds about five years of data, according to officials and some declassified court opinions. About twice a year, any call record more than five years old is purged from the system, officials said.

But even assuming NSA only ages off data twice a year (in which case they should stop claiming they only “keep” data for 5 years because they already keep some of it for 5 1/2 years), most of these suits are well older than 6 months old, predating what might have been an August age-off, which means unless NSA already deviated from its normal pattern, it deleted data relevant to the suits.

By far the most surprising detail in Harris’ story, however, is this response from former DOJ National Security Division Counsel Carrie Cordero to the news that Deputy Attorney General James Cole has gotten involved. This is, Cordero claims, “uncharted territory.”

“This is all uncharted territory,” said Carrie Cordero, a former senior Justice Department official who recently served as the counsel to the head of the National Security Division. “Given the complexity and the novelty of this chain of events, it’s a good thing that the deputy attorney general is personally engaged, and it demonstrates the significant attention that they’re giving to it.”

To be more specific about Cordero’s work history, from 2007 to 2011, she was deeply involved in FISA-related issues, first at ODNI and then at DOJ’s NSD.

In 2009, I served as Counsel to the Assistant Attorney General for National Security at the Unit ed States Department of Justice, where I co – chaired an interagency group created by the Director of National Intelligence (DNI) to improve FISA processes. From 2007 – 2009, I served in a joint duty capacity as a Senior Associate General Counsel at the Office of the Director of National Intelligence, where I worked behind the scenes on matters relating to the legislative efforts that resulted in the FISA Amendments Act of 2008.

Given her position in the thick of FISA-related issues, one would think she was at least aware of the protection order Vaughn Walker issued on November 6, 2007 ordering the preservation of evidence, up to and including “tangible things,” in the multidistrict litigation issues pertaining to the dragnet.

[T]he court reminds all parties of their duty to preserve evidence that may be relevant to this action. The duty extends to documents, data and tangible things in the possession, custody and control of the parties to this action,

And Cordero presumably should be aware that Walker renewed the same order on November 13, 2009, extending it to cover the Jewel suit, which had an ongoing focus.

Cordero is presumably aware of two other details. First, there should be absolutely no dispute that the phone dragnet was covered by these suits. That’s because at least as early as May 25, 2007 (and again in a declaration submitted October 2009), Keith Alexander included the phone dragnet among the things he considered related to the EFF and other suits over which he claimed state secrets.

In particular, disclosure of the NSA’s ability to utilize the TSP (or, therefore, the current FISA Court-authorized content collection) in conjunction with contact chaining [redacted–probably relating to data mining] would severely undermine efforts to detect terrorist activities.

[snip]

To the extent that the NSA’s bulk collection and targeted analysis of communication meta data may be at issue in this case, those activities–as described in paragraphs 27 and 28 above–must also be protected from disclosure.

In paragraphs 27 and 28 and the following paragraphs, Alexander named the FISC Pen Register and Telephone Records Orders by name.

Thus, as far back as 2007, the NSA acknowledged that it used its content collection in conjunction with its metadata dragnets, including data obtained pursuant to the FISA dragnet orders.

Read more

NSA’s Latest Claim: It Only Gets 30% of “Substantially All” the Hay in the Haystack

SIGINT and 215In December 2007, the FBI began intercepting MOALIN’s cell phone.

FBI search warrant affidavit seeking (among other things) additional cell phones, October 29, 2010

Yesterday, Siobhan Gorman reported that NSA’s “phone-data program” collects 20% or less of the phone data in the US. She explains that the program doesn’t collect cell phone data, and so has covered a decreasing percentage of US calls over the last several years.

The National Security Agency’s phone-data program, which has been at the center of controversy over the NSA’s surveillance operations, collects information from about 20% or less of all U.S. calls—much less than previously described by lawmakers.

The program had been described as collecting records on virtually every phone call placed in the U.S., but in fact, it doesn’t cover records for most cellphones, the fastest-growing sector in telephony and an area where the agency has struggled to keep pace, according to several people familiar with the program.

Ellen Nakashima’s report places the percentage between 20 and 30%, echoing Gorman’s claim about limits on cell data.

The actual percentage of records gathered is somewhere between 20 and 30 percent and reflects Americans’ increasing turn away from the use of land lines to cellphones. Officials also have faced technical challenges in preparing the NSA database to handle large amounts of new records without taking in data such as cell tower locations that are not authorized for collection.

[snip]

The bulk collection began largely as a land-line program, focusing on carriers such as AT&T and Verizon Business Network Services. At least two large wireless companies are not covered — Verizon Wireless and T-Mobile U.S., which was first reported by the Wall Street Journal.

Industry officials have speculated that partial foreign ownership has made the NSA reluctant to issue orders to those carriers. But U.S. officials said that was not a reason.

“They’re doing business in the United States; they’re required to comply with U.S. law,” said one senior U.S. official. “A court order is a court order.”

Rather, the official said, the drop in collection stems from several factors.

Apart from the decline in land-line use, the agency has struggled to prepare its database to handle vast amounts of cellphone data, current and former officials say. For instance, cellphone records may contain geolocation data, which the NSA is not permitted to receive.

These reports offer a more credible explanation than Geoffrey Stone’s multiple claims to this effect about why the program misses data. So they may be true.

But I think they instead point to the legal range of authorities NSA uses to collect phone records, not to what records they actually have in their possession.

These reports are commenting (though without specifying, or even seeming to be aware they need to specify) on what the government claims it collects under Section 215. These reports are not commenting on what NSA collects under all authorities.

In this post I will show why I believe these reports to be credible only in a very narrow sense. In a follow-up post I will point to the legal issues that underlie the Administration’s conflicting claims about what it collects.

Read more

The Common Commercial Services OLC Memo and Zombie CISPA

Some time last summer, Ron Wyden wrote Attorney General Holder, asking him (for the second time) to declassify and revoke an OLC opinion pertaining to common commercial service agreements. He said at the time the opinion “ha[d] direct relevance to ongoing congressional debates regarding cybersecurity legislation.”

That request would presumably have been made after President Obama’s April 25, 2012 veto threat of CISPA, but at a time when several proposed Cybersecurity bills, with different information sharing structures, were floating around Congress.

Wyden asked for the declassification and withdrawal of the memo again this January as part of his laundry list of requests in advance of John Brennan’s confirmation. Then, after having been silent about this request for 8 months (at least in public), Wyden asked again on September 26.

It appears that Wyden had intended to ask the question of one of the witnesses at an open Senate Intelligence Committee hearing (perhaps Deputy Attorney General James Cole), but — having had warning of his questions (because he sent them to the witnesses in advance) — Dianne Feinstein and Susan Collins ensured there would not be a second round of questions.

As it happens, Wyden made the request for the memo two days after DiFi told The Hill she was preparing to advance her version of CISPA, and the day after Keith Alexander started calling for cybersecurity legislation again.

In a brief interview with The Hill in the U.S. Capitol on Tuesday, Feinstein said she has prepared a draft bill and plans to move it forward.

The legislation would be the Senate’s counterpart to the Cyber Intelligence Sharing and Protection Act, known as CISPA, which cleared the House in April.

CISPA would remove legal barriers that prevent companies from sharing information with each other and the government about cyber attacks. It would also allow the government to share more information with the private sector.

Since then, Alexander has pitched new cybersecurity legislation in an “interview” with the NYT, admitting he needs to be more open about his places for cybersecurity.

Now, the Executive Branch’s unwillingness to actually share the law as it interprets it with us mere citizens prevents us from understanding precisely what relationship this OLC memo has with proposed cybersecurity legislation — but Wyden made it clear in January that it does have one. But here are some things we might surmise about the memo:

  • The Administration is currently relying on this memo. If it weren’t using it, after all, it wouldn’t need to be revoked. That means that since at least January 14, 2011 (before which date Wyden and Russ Feingold first asked it be revoked), the Administration has had a secret interpretation of law relating in some way to cybersecurity.
  • The interpretation would surprise us. As Wyden notes, “this opinion is inconsistent with the public’s understanding of the law” (he doesn’t say what that law is, but I’ll hazard a guess and say it pertains to information sharing). It’s likely, then, that some form of online provider has been sharing cyber-intelligence with the federal government under some strained interpretation of our privacy protections (and, probably, some kind of Attorney General assurances everything’s cool).

Let’s use the lesson we learned during the FISA Amendments Act where the telecoms were clambering for the legislation and the retroactive immunity, but the Internet companies were grateful for “clarity,” but explicitly opposed to retroactive immunity. When we learned the telecoms had been turning over the Internet companies metadata and content, this all made more sense. The Internet Companies wanted the telecoms to be punished for stealing their data.

In this case, in the first round of CISPA (which had broad immunity protections), Facebook and Microsoft were supporters. But in this go-around (which has still generous but somewhat more limited immunity), the big supporters consist of:

  • Telecoms (AT&T, Verizon; interestingly, Sprint did not sign a letter of support)
  • Broadband and other backbone providers (Boeing, Cisco, Comcast, TimeWarner, USTelecom)
  • Banks and financial transfer
  • Power grid operators and other utilities

Now, who knows with which of these entities the government is already relying on this common commercial services memo, which of our providers we believe have made some assurances to us but in fact they’ve made entirely different ones.

But I will say the presence of the telecoms, again, angling for immunity for information sharing, along with their analogues the broadband providers does raise questions. Especially considering Verizon Exec’s trash talking about consumer-centric Internet companies that don’t prioritize national security.

Stratton said that he appreciated that “consumer-centric IT firms” such as Yahoo, Google, Microsoft needed to “grandstand a bit, and wave their arms and protest loudly so as not to offend the sensibility of their customers.”

“This is a more important issue than that which is generated in a press release. This is a matter of national security.”

After all, the telecoms have a history of willingly cooperating with the government, even if it bypassed the protections offered by Internet companies, even if it violated the law. Have they been joined by big broadband?

Well, DOJ could clear all this up by revoking and releasing the memo. Until they do, though, my wildarsed guess is that those operating the Toobz in the country — the telecom and broadband companies — have already started sharing consumers’ data that a plain reading of the law seemingly wouldn’t permit them to do.

David Kris Outlines the Internet Dragnet Elephant

Way back on page 64 (of 67) of former Assistant Attorney General for National Security David Kris’ paper “On the Bulk Collection of Tangible Things,” he invokes the elephant metaphor the President used to promise more NSA disclosures on multiple programs.

What I’m going to be pushing the IC to do is rather than have a trunk come out here and leg come out there and a tail come out there, let’s just put the whole elephant out there so people know exactly what they’re looking at.

In keeping with the President’s direction, the Intelligence Community has released many new details about the bulk telephony metadata collection program, as described above. In addition, as also noted above, the FISC itself has released significant new information. The key remaining question is whether there will be additional, authorized releases concerning intelligence activity that has not been subject to prior, unauthorized releases. [my emphasis]

Kris uses the President’s elephant to ask whether they really will disclose their intelligence programs. He mentions just the phone dragnet (even though the Administration, in response to two FOIAs, also released information about their Section 702 upstream collection programs), even as he suggests the Administration might do well to admit to other programs before they are exposed by an Edward Snowden leak.

Which is interesting, because Kris’ paper — in spite of his title and in spite of that reference to the phone dragnet — is really about what the government has declassified (the phone dragnet) as well as what the government has left partly hidden (the Internet dragnet and broader phone dragnet).

Kris discusses the PATRIOT-authorized Internet dragnet along with the phone dragnet

Kris, after all, provides the following facts about the PATRIOT-authorized Internet dragnet, citing the named sources:

  • Internet and telephony metadata was collected starting in 2001, until the 2004 hospital disagreement led to the former being moved to Pen Register/Trap & Trace authority in 2004, which was the first bulk order (“purported” NSA IG Report)
  • One company — which the “purported” IG report makes clear was an Internet one and is probably Yahoo — did not participate in the illegal wiretap program (“purported” NSA IG Report)
  • The Internet metadata collection ended in 2011 (an ODNI spokesperson in a Charlie Savage story)

Kris also points to four different Administration acknowledgements of the Internet metadata program. He refers to the 2009 and 2011 notice letters to Congress (though he focuses on the phone dragnet language in them), and the James Clapper response to Wyden and 25 other Senators. Perhaps most interestingly, Kris notes that government witness(es) have confirmed the program and the use of PR/TT to authorize it…

At a July 17, 2013 hearing of the House Judiciary Committee, government witnesses confirmed the pen-trap bulk collection.

But unlike just about every other comment in a hearing cited in his paper, Kris doesn’t quote the exchange, which went like this.

SUZAN DELBENE: The public also now knows that the telephone metadata collection is under Section 215, the Business Records provision of FISA, and that allows for the collection of tangible things. But we’ve also seen reports of a now-defunct program collecting email metadata. With regard to the email metadata program that is no longer being operated, can you confirm that the authority used to collect that data was also Section 215?

GEN. COLE: It was not. It was the Pen Register Trap and Trace Authority under FISA, which is slightly different, but it amounts to the same kind of thing. It does not involve any content. It is, again, only to and from. It doesn’t involve, I believe, information about identity. It’s just email addresses. So it’s very similar, but not under the same provision.

REP. DELBENE: And could you have used Section 215 to collect that information?

GEN. COLE: It’s hard to tell. I’d have to take a look at that.

The transcript from this hearing is up at the I Con the Record site, so it’s unclear why Kris didn’t quote it.  Read more

“Whoa Whoa Whoa, Stop!” Dianne Feinstein Misstates the 2011 Violations

One of the most enlightening aspects of yesterday’s Senate Intelligence Hearing on FISA came when Dianne Feinstein tried to rebut witness Tim Edgar’s categorization of the 2011 violations described in John Bates October 8, 2011 opinion. In her rebuttal, she proved she either doesn’t know, doesn’t understand, or chooses to misrepresent the opinion, which found that NSA had violated the law and Fourth Amendment in its Section 702 program.

Edgar was arguing (see page 5-6) that if the FISA Court opinions were publicly released, we’d know about ridiculous semantic definitions — like “relevant” — as those definitions were invoked, not years after the fact, which would lead to greater trust in the FISC.

As his second example, he cited NSA’s collection of US person communications on upstream collection. (After 2:20)

EDGAR: [T]he NSA’s interpretation of the requirement in Section 702, for content surveillance targeting foreign persons, that those procedures must target foreign persons is also surprising. The FISA court’s recently released opinions show that communications that target foreign persons include not only communications that are to or from that person, but also those that are merely about that person in a particular narrow sense, that the selection — the selector for that person appears in the communication.

Even communications which are not to or from, or about, the foreign target at all have been acquired as the result of the manner in which some NSA collection was conducted.

DiFi interrupted him (whoa whoa whoa stop!) — and (having read his statement in advance) started reading a written rebuttal to provide her version of the 2011 violations.

FEINSTEIN: Whoa, whoa, whoa, stop. Exactly what program are you talking about?

EDGAR: In the recently released FISA court opinion about upstream collection in the compliance incidents in 2011, it was documented how information from multiple communications — what they called “multiple communications transactions” — was obtained not by mistake, but because of the way the system was designed. That included any selector that was a foreign target in the entire multi- communications transaction.

And so that created a lot of controversy in the FISA court, and required the FISA court to work with the Justice Department and the intelligence community to narrow the minimization guidelines.

FEINSTEIN: OK. Because this is — this is important, may I interrupt this just — respond? [reading from prepared statement] In mid 2011, NSA notified the DOJ, the DNI, and the FISA court, and House and Senate Intelligence Committees, of a series of compliance incidents impacting a subset of NSA collection under Section 702 of FISA, known as upstream collection.

This comprises about 10 percent of all collection that takes place under 702, and occurs when NSA obtains Internet communications, such as e-mails, from certain U.S. companies that operate the Internet background;[sic] i.e., the companies that own and operate the domestic telecommunication lines over which Internet traffic flows.

In essence, the issue that arose in 2011 was that NSA, while trying to acquire e-mails to, from, or about an overseas target, realized it, and was inadvertent — that it was inadvertently acquiring other e-mails, including some e-mails sent between persons inside the United States that happened to be bundled with the e-mail messages NSA was trying to collect.

This bundling is done by Internet companies in order to make it easier to send information quickly over the telecom lines that make up the Internet. Unfortunately, NSA’s technical systems could not easily separate the individual messages within these bundles. And the result was that NSA collected some e-mail messages it did not intend to acquire.

OK. We held a lengthy hearing on the court’s ruling on October 20, 2011, at which General Alexander and Lisa Monaco — then the assistant attorney general for national security — described the court’s ruling and what they were doing to address it.

Here’s my point: It was a mistake. Action was taken immediately to correct it. It came to us. We took action. [bold mine, underline emphasis DiFi applied in delivery]

DiFi’s prepared statement misstates the facts as presented in Bates’ opinion in several ways:

  • The issue had existed since before July 2008
  • The collection was — according to the court ruling — not inadvertent
  • NSA only corrected the problem under threat of criminal referral, after months of delay

First, the issue did not arise in 2011.

As Bates made clear, “NSA has been collecting MCT’s since before the Court’s approval of the first Section 702 certification in 2008.” Read more

Senate Intelligence Committee Open Hearings: A Platform for Liars

Pentagon Papers era NYT Counsel James Goodale has a piece in the Guardian attracting a lot of attention. In it, he says the first step to reform NSA is to fire the liars.

The NSA has lied to the Congress, the courts, and perhaps even to the president himself, but no one seems to care.

The Director of National Intelligence James R Clapper admitted he lied to Congress about the NSA metadata collection program. He said the NSA had no such program – and then added that that was the least “untruthful” remark he could make. General Keith Alexander, director of the National Security Agency, lied in 2012 that the NSA does not hold data on US citizens, and repeated similar misstatements, under oath, to Congress about the program:

We’re not authorized to do it [data collection on US citizens], nor do we do it.

NSA lawyers lied to secret Fisa court Judges John D Bates and Reggie B Walton. In recently released opinions, Bates said he had been lied to on three separate occasions and Walton said he had been lied to several times also.

But Clapper and Alexander have not been held in contempt of Congress. Nor have the Justice Department attorneys, who lied to Judges Walton and Bates, been disciplined.

And while he links to many of the best examples of James Clapper and Keith Alexander lying, he misses this.

In just its third open hearing this year, the Senate Intelligence Committee has arranged the following witnesses for tomorrow’s hearing on NSA’s spying.

Senate Intelligence Committee Chairman Dianne Feinstein (D-Calif.) and Vice Chairman Saxby Chambliss (R-Ga.) today announced the committee will hold an open hearing to consider legislative changes to the Foreign Intelligence Surveillance Act, to include the NSA call records program, on Thursday, September 26, at 2 p.m.

WHAT:  Public hearing on FISA, NSA call records

WHO:

Panel I

  • Director of National Intelligence James Clapper
  • National Security AgencyDirector General Keith Alexander
  • Deputy Attorney General James Cole

Panel II

  • Ben Wittes, Brookings Institution
  • Tim Edgar, Watson Institute for International Studies, Brown University

So DiFi’s idea of an “open hearing” is to invite two established liars. And for her non-governmental witnesses, one keeps declaring Congress NAKED! in the face of evidence the government lies to them, and the other tells fanciful stories about how much data NSA shares.

It’s like DiFi goes out of her way to find liars and their apologists to testify publicly.

That’s nothing new, though. Those other two open hearings? The Global Threat Assessment hearing where Clapper assured Ron Wyden the NSA didn’t collect data on millions of Americans. And the confirmation hearing for John Brennan, who once claimed the US had killed no civilians in an entire year of drone strikes (and, if his odd mouth gestures were the tell they appeared to be, he lied about leaks to journalists including on UndieBomb 2.0 in the hearing as well.)

It’s DiFi’s committee. And if she wants every single open hearing to serve as a platform for accomplished liars, I guess that’s her prerogative.

But observers should be clear that’s the purpose of the hearings.

James Cole: “Of Course We’d Like Records of People Buying” Pressure Cookers

Now that the Suffolk cops have revealed they investigated Michele Catalano’s family because of a tip from her husband’s former employer about his Google searches and not FBI or NSA analysis of Google data themselves, a lot of people are suggesting it would be crazy to imagine that the Feds might have found Catalano via online searches.

Which is funny. Because just a day before this story broke, this exchange happened in the Senate between Senate Judiciary Chair Patrick Leahy and Deputy Attorney General James Cole. (after 1:45, though just before this exchange Leahy asks whether DOJ could use Section 215 to obtain URLs and bookmarks, among other records, which Cole didn’t deny)

Leahy: But if our phone records are relevant, why wouldn’t our credit card records? Wouldn’t you like to know if somebody’s buying, um, what is the fertilizer used in bombs?

Cole: I may not need to collect everybody’s credit card records in order to do that.

[snip]

If somebody’s buying things that could be used to make bombs of course we would like to know that but we may not need to do it in this fashion.

This is not a surprise. It comes two years after Robert Mueller confirmed they use Section 215 to collect “records relating to the purchase of hydrogen peroxide,” a TATP precursor.

So while we may not know how the government currently collects records relating to the purchase of fertilizer, acetone, hydrogen peroxide or — yes, after Boston, probably also pressure cookers and maybe even fireworks — and we don’t know just how broadly it collects such records, we do know that “of course” DOJ “would like to know … if somebody’s buying things that could be used to make bombs.”

So just one day ago, Cole didn’t deny they could use Section 215 to get search URLs, he affirmed they would want to get records of bomb-making materials.

He just didn’t tell us how they might do those things.

NSA: The “Half-Bacon Agency”

My mom’s in town, so I’ll be doing light posting over the next several days.

But I did want to emphasize the rather startling news that came out of yesterday’s House Judiciary Committee on the NSA spying programs.

NSA Director John Inglis revealed that the FISA Court permits the government to do three jumps from an initial number tied to a phone number reasonably believed to be tied to terrorism (or relevant to Iran, though that search criteria didn’t get mentioned at all in the parts of the hearing I watched).

Three degrees of separation!

Remember, some years ago, every single person in the US could be connected via six degrees — the old Kevin Bacon game. There’s some evidence that that number has become smaller — perhaps as small as 3 (I’ve seen more scientific numbers that say it is 4.5 or thereabouts).

In any case, if the US is using the excuse of terror to get three jumps deep into US person associations, then this program is even more intrusive then they’ve let on.

One thing I didn’t see disclosed yesterday? To what extent the government claims these 3- (or 2, which — IIRC — Deputy Attorney General James Cole said was their most productive layer) degrees of separation from someone claimed in an articulation not closely reviewed has ties to terrorism. Is talking to someone who talks to someone who talks to someone who is a terrorist used, in secret, to claim people are agents of a foreign power?

In any case, this means the NSA has been spending its time playing 3 degrees of separation from Kevin Bacon in secret.

Dear Eric Holder: You’re Doing Recusal Wrong

Let me start this post by saying I think it is absolutely appropriate for Eric Holder to have recused himself from the UndieBomb 2.0 investigation, in part because — as someone read into the UndieBomb 2.0 operation, he was interviewed by the FBI (though so was James Cole, who is now in charge of the investigation), and he turned over his own phone contacts to the FBI — but also because top Administration officials like John Brennan at least should be under close scrutiny in this investigation.

Nor do I think, in his recusal, Eric Holder did anything in bad faith. I have zero reason to believe Holder is tampering with this investigation, in any way shape or form.

But Jeebus, Holder is doing this entire recusal thing wrong.

That’s true, first of all, because with a rabid Congress (at the time he recused from the investigation and now) accusing him of wrongly delegating this investigation to Ronald Machen in an investigation that could net incredibly powerful people as suspects, Holder did not write his recusal — or a delegation of authority of Attorney General powers — to James Cole, who is overseeing the investigation.

Now, Holder claims not to remember whether he memorialized his recusal in past cases, including the John Edwards investigation — the most high profile case in which he has recused. And though George Holding, who conducted that investigation and now represents the Raleigh, NC, area in Congress, was in the room, I’m not sure they clarified whether he had written anything down there, either. Holder was, however, very clear about what authorities he delegated to Patrick Fitzgerald when he investigated the John Adams Society, which led to the prosecution of John Kiriakou, having sent 3 letters (1, 2, 3) memorializing the limits of Fitz’ authority.

I think part of the problem is that Holder didn’t really appoint special counsels to investigate this matter, even while he made a big deal of appointing the people who — US Attorney for DC Ronald Machen’s appointment rather then US Attorney for Eastern District of VA Neil MacBride aside — would have been investigating it anyway. Dumb. Congress was screaming for some kind of formality, and Holder didn’t establish that formality.

And then there’s the journalist-subpoenaing precedent of the Plame investigation where Fitz several times got letters clarifying his authority. The first of those reads,

By the authority vested in the Attorney General by law, including 28 U. S .C. §§ 509, 510, and 515, and in my capacity as Acting Attorney General pursuant to 28 U.S.C. § 508, I hereby delegate to you all the authority of the Attorney General with respect to the Department’s investigation into the alleged unauthorized disclosure of a CIA employee’s identity, and I direct you to exercise that authority as Special Counsel independent of the supervision or control of any officer of the Department.

This came in handy later in the investigation when Libby’s lawyers challenged Fitz’ authority.

Then, Holder’s recusal hasn’t been very strict. Most troublingly, Eric Holder reviewed the letter James Cole sent to the AP (though Holder saw a draft which, according to his press conference, included things like details on the specific scope of the subpoena that don’t appear in the final letter). NPR’s Carrie Johnson asked him about this.

Johnson: Is that normal practice when you’re recused from a case?

Holder: No, I just wanted to see the le–I saw I mean I saw saw the draft letter this morning. And I just wanted to have an opportunity to see what it looked like so I’d have at least some sense of the case in case there were things in the letter that I could talk about with the press.

Reviewing this letter — particularly before changes got made to it!! (changes which appear to have deprived the AP of full notice of the call record grab) — simply isn’t appropriate for someone recused from the case!

Again, I’m not suggesting malice here.

But the AP has already — rightly, in my opinion — challenged whether DOJ complied with its own guidelines on media subpoenas. In particular, AP complained that they had not been given notice and an opportunity to cooperate. That’s one of the guidelines that requires AG involvement.

Negotiations with the affected member of the news media shall be pursued in all cases in which a subpoena for the telephone toll records of any member of the news media is contemplated where the responsible Assistant Attorney General determines that such negotiations would not pose a substantial threat to the integrity of the investigation in connection with which the records are sought. Such determination shall be reviewed by the Attorney General when considering a subpoena authorized under paragraph (e) of this section.

Yet the guy who signed this subpoena and with it signed off on the claim that alerting AP to the subpoena would do grave damage to the investigation  — James Cole — apparently has no piece of paper giving him authority to sign it.

If DOJ ultimately decides to charge the AP’s sources, if that person has the kind of legal representation DC bigwigs often have, I fully expect them to challenge every bit of their prosecution. After all, by subpoenaing the AP, Cole claimed that DOJ could not get the information from any other source. So if AP’s sources are indicted, they can rest assured that their prosecution went through this bottleneck of an Acting AG who had no paperwork to prove he had the authority to sign off on the claims he was making to get information he was certifying was absolutely necessary to find them. And from this subpoena forward, everything else will be fruit of a tainted AG, at least if you’ve got fancy lawyers.

Dumb.

One last thing. Also in today’s hearing, Holder admitted that it probably would have been a good idea to write down this recusal thing in public. Which, if they do ever charge AP’s sources and if said sources have the resources to make this obvious challenge, they’ll cite in court to document that even the guy who delegated this authority thinks it would be smarter if he did so in writing.

Seriously, this entire recusal process has been an own goal. As I said, I don’t think DOJ is pulling anything fishy. But the entire point of recusing is to ensure there’s proof nothing fishy happened. And in this case, DOJ has anything but.