Posts

DOJ Put Someone Who Enabled Sidney Powell’s Lies — Jocelyn Ballantine — in Charge of Prosecuting the Proud Boys

Because of Joe Biggs’ role at the nexus between the mob that attacked Congress and those that orchestrated the mob, his prosecution is the most important case in the entire January 6 investigation. If you prosecute him and his alleged co-conspirators successfully, you might also succeed in holding those who incited the attack on the Capitol accountable. If you botch the Biggs prosecution, then all the most important people will go free.

Which is why it is so unbelievable that DOJ put someone who enabled Sidney Powell’s election season lies about the Mike Flynn prosecution, Jocelyn Ballantine, on that prosecution team.

Yesterday, at the beginning of the Ethan Nordean and Joe Biggs hearing, prosecutor Jason McCullough told the court that in addition to him and Luke Jones, Ballantine was present at the hearing for the prosecution. He may have said that she was “overseeing” this prosecution. (I’ve got a request for clarification in with the US Attorney’s office.)

Ballantine has not filed a notice of appearance in the case (nor does she show on the minute notice for yesterday’s hearing). In the one other January 6 case where she has been noticeably involved — electronically signing the indictment for Nick Kennedy — she likewise has not filed a notice of appearance.

Less than a year ago when she assisted in DOJ’s attempts to overturn the Mike Flynn prosecution, Ballantine did three things that should disqualify her from any DOJ prosecution team, much less serving on the most important prosecution in the entire January 6 investigation:

  • On September 23, she provided three documents that were altered to Sidney Powell, one of which Trump used six days later in a packaged debate attack on Joe Biden
  • On September 24, she submitted an FBI interview report that redacted information — references to Brandon Van Grack — that was material to the proceedings before Judge Emmet Sullivan
  • On October 26, she claimed that lawyers for Peter Strzok and Andrew McCabe had checked their clients’ notes to confirm there were no other alterations to documents submitted to the docket; both lawyers refused to review the documents

After doing these things in support of Bill Barr’s effort to undermine the Flynn prosecution (and within days of the Flynn pardon), Ballantine was given a confidential temporary duty assignment (it may have been a CIA assignment). Apparently she’s back at DC USAO now.

Three documents got altered and another violated Strzok and Page’s privacy

As a reminder, after DOJ moved to hold Mike Flynn accountable for reneging on his plea agreement, Billy Barr put the St. Louis US Attorney, Jeffrey Jensen, in charge of a “review” of the case, which DOJ would later offer as its excuse for attempting to overturn the prosecution.

On September 23, Ballantine provided Powell with five documents, purportedly from Jensen’s investigation into the Flynn prosecution:

I outlined the added date on the first set of Strzok notes here:

There was never any question that the notes could have been taken no earlier than January 5, because they memorialized Jim Comey’s retelling of a meeting that other documentation, including documents submitted in the Flynn docket, shows took place on January 5. Even Chuck Grassley knows what date the meeting took place.

But DOJ, while using the notes as a central part of their excuse for trying to overturn the Flynn prosecution, nevertheless repeatedly suggested that there was uncertainty about the date of the notes, claiming they might have been taken days earlier. And then, relying on DOJ’s false representations about the date, Sidney Powell claimed they they showed that Joe Biden — and not, as documented in Mary McCord’s 302, Bob Litt — was the one who first raised the possibility that Flynn may have violated the Logan Act.

Strzok’s notes believed to be of January 4, 2017, reveal that former President Obama, James Comey, Sally Yates, Joe Biden, and apparently Susan Rice discussed the transcripts of Flynn’s calls and how to proceed against him. Mr. Obama himself directed that “the right people” investigate General Flynn. This caused former FBI Director Comey to acknowledge the obvious: General Flynn’s phone calls with Ambassador Kislyak “appear legit.” According to Strzok’s notes, it appears that Vice President Biden personally raised the idea of the Logan Act.

During the day on September 29, Powell disclosed to Judge Sullivan that she had spoken to Trump (as well as Jenna Ellis) about the case. Then, later that night, Trump delivered a prepared attack on Biden that replicated Powell’s false claim that Biden was behind the renewed investigation into Flynn.

President Donald J. Trump: (01:02:22)
We’ve caught them all. We’ve got it all on tape. We’ve caught them all. And by the way, you gave the idea for the Logan Act against General Flynn. You better take a look at that, because we caught you in a sense, and President Obama was sitting in the office.

In a matter of days, then, what DOJ would claim was an inadvertent error got turned into a campaign attack from the President.

When DOJ first confessed to altering these notes, they claimed all the changes were inadvertent.

In response to the Court and counsel’s questions, the government has learned that, during the review of the Strzok notes, FBI agents assigned to the EDMO review placed a single yellow sticky note on each page of the Strzok notes with estimated dates (the notes themselves are undated). Those two sticky notes were inadvertently not removed when the notes were scanned by FBI Headquarters, before they were forwarded to our office for production. The government has also confirmed with Mr. Goelman and can represent that the content of the notes was not otherwise altered.

Similarly, the government has learned that, at some point during the review of the McCabe notes, someone placed a blue “flag” with clear adhesive to the McCabe notes with an estimated date (the notes themselves are also undated). Again, the flag was inadvertently not removed when the notes were scanned by FBI Headquarters, before they were forwarded to our office for production. Again, the content of the notes was not otherwise altered.

There are multiple reasons to believe this is false. For example, when DOJ submitted notes that Jim Crowell took, they added a date in a redaction, something that could in no way be inadvertent. And as noted, the January 5 notes had already been submitted, without the date change (though then, too, DOJ claimed not to know the date of the document).

But the most important tell is that, when Ballantine sent Powell the three documents altered to add dates, the protective order footer on the documents had been removed in all three, in the case of McCabe’s notes, actually redacted. When she released the re-altered documents (someone digitally removed the date in the McCabe notes rather than providing a new scan), the footer had been added back in. This can easily be seen by comparing the altered documents with the re-altered documents.

The altered January 5, 2017 Strzok notes, without the footer:

The realtered January 5, 2017 Strzok notes, with the footer:

The second set of Strzok notes (originally altered to read March 28), without the footer:

The second set of Strzok notes, with the footer.

The altered McCabe noteswith the footer redacted out:

The realtered McCabe notes, with the footer unredacted:

This is something that had to have happened at DOJ (see William Ockham’s comments below and this post for proof in the metadata that these changes had to have been done by Ballantine). The redaction of the footers strongly suggests that they were provided to Powell with the intention of facilitating their further circulation (the other two documents she shared with Powell that day had no protective order footer). In addition, each of these documents should have a new Bates stamp.

DOJ redacted Brandon Van Grack’s non-misconduct

On September 24, DOJ submitted a report of an FBI interview Jeffrey Jensen’s team did with an Agent who sent pro-Trump texts on his FBI-issued phone, Bill Barnett. In the interview, Barnett made claims that conflicted with actions he had taken on the case. He claimed to be unaware of evidence central to the case against Flynn (for example, that Flynn told Sergey Kislyak that Trump knew of something said on one of their calls). He seemed unaware of the difference between a counterintelligence investigation and a criminal one. And he made claims about Mueller prosecutors — Jeannie Rhee and Andrew Weissmann — with whom he didn’t work directly. In short, the interview was obviously designed to tell a politically convenient story, not the truth.

Even worse than the politicized claims that Barnett made, the FBI or DOJ redacted the interview report such that all reference to Brandon Van Grack was redacted, substituting instead with the label, “SCO Atty 1.” (References to Jeannie Rhee, Andrew Weissmann, and Andrew Goldstein were not redacted; there are probable references to Adam Jed and Zainab Ahmad that are not labeled at all.)

The result of redacting Van Grack’s name is that it hid from Judge Sullivan many complimentary things that Barnett had to say about Van Grack:

Van Grack’s conduct was central to DOJ’s excuse for throwing out the Flynn prosecution. Powell repeatedly accused Van Grack, by name, of engaging in gross prosecutorial misconduct. Yet the report was submitted to Judge Sullivan in such a way as to hide that Barnett had no apparent complaints about Van Grack’s actions on the Flynn case.

I have no reason to believe that Ballantine made those redactions. But according to the discovery letter she sent to Powell, she sent an unredacted copy to Flynn’s team, while acknowledging that the one she was submitting to the docket was redacted. Thus, she had to have known she was hiding material information from the Court when she submitted the interview report.

Ballantine falsely claimed Strzok and McCabe validated their notes

After some of these alterations were made public, Judge Sullivan ordered DOJ to authenticate all the documents they had submitted as part of their effort to overturn the Flynn prosecution. The filing submitted in response was a masterpiece of obfuscation, with three different people making claims while dodging full authentication for some of the most problematic documents. In the filing that Ballantine submitted, she claimed that Michael Bromwich and Aitan Goelman, lawyers for McCabe and Strzok, “confirmed” that no content was altered in the notes.

The government acknowledges its obligation to produce true and accurate copies of documents. The government has fully admitted its administrative error with respect to the failure to remove three reviewer sticky notes containing estimated date notations affixed to three pages of undated notes (two belonging to former Deputy Assistant Director Peter Strzok, and one page belonging to former Deputy Director Andrew McCabe) prior to their disclosure. These dates were derived from surrounding pages’ dates in order to aid secondary reviewers. These three sticky notes were inadvertently not removed when the relevant documents were scanned by the FBI for production in discovery. See ECF 259. The government reiterates, however, that the content of those exhibits was not altered in any way, as confirmed by attorneys for both former FBI employees. [underline original]

According to an email Bromwich sent Ballantine, when Ballantine asked for help validating the transcripts DOJ did of McCabe’s notes, McCabe declined to do so.

I have spoken with Mr. McCabe and he declines to provide you with any information in response to your request.

He believes DOJ’s conduct in this case is a shocking betrayal of the traditions of the Department of the Justice and undermines the rule of law that he spent his career defending and upholding. If you share with the Court our decision not to provide you with assistance, we ask that you share the reason.

We would of course respond to any request that comes directly from the Court.

And according to an email Goelman sent to Ballantine, they said they could not check transcriptions without the original copies of documents.

Sorry not to get back to you until now.  We have looked at the attachments to the email you sent yesterday (Sunday) afternoon.  We are unable to certify the authenticity of all of the attachments or the accuracy of the transcriptions.  To do so, we would need both more time and access to the original notes, particularly given that U.S. Attorney Jensen’s team has already been caught altering Pete’s notes in two instances.  However, we do want to call your attention to the fact that Exhibit 198-11 is mislabeled, and that these notes are not the notes of Pete “and another agent” taken during the Flynn interview.

Additionally, we want to register our objection to AUSA Ken Kohl’s material misstatements to Judge Sullivan during the September 29, 2020, 2020, [sic] telephonic hearing, during which Mr. Kohl inaccurately represented that Pete viewed himself as an “insurance policy” against President Trump’s election.

I have no reason to believe the content was altered, though I suspect other things were done to McCabe’s notes to misrepresent the context of a reference in his notes to Flynn. But not only had McCabe and Strzok not validated their notes, but they had both pointedly refused to. Indeed, during this same time period, DOJ was refusing to let McCabe see his own notes to prepare for testimony before the Senate Judiciary Committee. Nevertheless, Ballantine represented to Judge Sullivan that they had.

It baffles me why DOJ would put Ballantine on the most important January 6 case. Among other things, the conduct I’ve laid out here will make it easy for the defendants to accuse DOJ of similar misconduct on the Proud Boys case — and doing just that happens to be Nordean’s primary defense strategy.

But I’m mindful that there are people in DC’s US Attorney’s Office (not Ballantine) who took actions in the past that may have made the January 6 attack more likely. In a sentencing memo done on Barr’s orders, prosecutors attempting to minimize the potential sentence against Roger Stone suggested that a threat four Proud Boys helped Roger Stone make against Amy Berman Jackson was no big deal, unworthy of a sentencing enhancement.

Second, the two-level enhancement for obstruction of justice (§ 3C1.1) overlaps to a degree with the offense conduct in this case. Moreover, it is unclear to what extent the defendant’s obstructive conduct actually prejudiced the government at trial.

Judge Jackson disagreed with this assessment. In applying the enhancement, she presciently described how dangerous Stone and the Proud Boys could be if they incited others.

Here, the defendant willfully engaged in behavior that a rational person would find to be inherently obstructive. It’s important to note that he didn’t just fire off a few intemperate emails. He used the tools of social media to achieve the broadest dissemination possible. It wasn’t accidental. He had a staff that helped him do it.

As the defendant emphasized in emails introduced into evidence in this case, using the new social media is his “sweet spot.” It’s his area of expertise. And even the letters submitted on his behalf by his friends emphasized that incendiary activity is precisely what he is specifically known for. He knew exactly what he was doing. And by choosing Instagram and Twitter as his platforms, he understood that he was multiplying the number of people who would hear his message.

By deliberately stoking public opinion against prosecution and the Court in this matter, he willfully increased the risk that someone else, with even poorer judgment than he has, would act on his behalf. This is intolerable to the administration of justice, and the Court cannot sit idly by, shrug its shoulder and say: Oh, that’s just Roger being Roger, or it wouldn’t have grounds to act the next time someone tries it.

The behavior was designed to disrupt and divert the proceedings, and the impact was compounded by the defendant’s disingenuousness.

The people at DOJ who claimed that this toxic team was not dangerous in the past may want to downplay the critical role that Stone and the Proud Boys played — using the same kind of incendiary behavior — in the January 6 assault.

Whatever the reason, though, it is inexcusable that DOJ would put someone like Ballantine on this case. Given Ballantine’s past actions, it risks sabotaging the entire January 6 investigation.

DOJ quite literally put someone who, less than a year ago, facilitated Sidney Powell’s lies onto a prosecution team investigating the aftermath of further Sidney Powell lies.

Update: DC USAO’s media person refused to clarify what Ballantine’s role is, even though it was publicly acknowledged in court.

We are not commenting on cases beyond what is stated or submitted to the Court. We have no comment in response to your question.

Update: Added links to William Ockham’s proof that Ballantine made the realteration of the McCabe notes.

Update: One more point on this. I am not claiming here that anyone at DOJ is deliberately trying to sabotage the January 6 investigation, just that putting someone who, less than a year ago, made multiple representations to a judge that could call into question her candor going forward could discredit the Proud Boys investigation. I think it possible that supervisors at DC USAO put her on the team because they urgently need resources and she was available (possibly newly so after the end of her TDY). I think it possible that supervisors at DC USAO who are also implicated in Barr’s politicization, perhaps more closely tied to the intervention in the Stone case, put her there with corrupt intent.

But it’s also important to understand that up until February 2020, she was viewed as a diligent, ruthless prosecutor. I presume she buckled under a great deal of pressure after that and found herself in a place where competing demands — her duty of candor to the Court and orders from superiors all the way up to the Attorney General — became increasingly impossible to square.

Importantly, Lisa Monaco’s chief deputy John Carlin, and probably Monaco herself, would know Ballantine from their past tenure in the National Security Division as that heretofore ruthless national security prosecutor. The only mainstream outlet that covered anything other than DOJ’s admission they had added post-its to the notes was Politico. And the instinct not to punish career employees like Ballantine would mean what she would have avoided any scrutiny with the transition. So her assignment to the case is not itself evidence of an attempt to sabotage the prosecution.

The Most Counterproductive Letter in Defense of Julian Assange

How seriously do you think the Joe Biden Administration is going to take a letter that,

  • Implicitly treats helping Edward Snowden flee Hong Kong to Russia (one of the overt acts Julian Assange is currently charged with) as a journalistic activity
  • Was written by an organization on the board of which Edward Snowden serves, without any disclosure of the relationship (or that another Freedom of the Press Foundation board member, Laura Poitras, decided in real time that such activities weren’t journalism, thereby eliminating the New York Times problem the letter claims still exists)
  • Treats the Julian Assange extradition request as a Trump Administration decision at a time when Biden is trying to emphasize that DOJ represents the country, not one president
  • Ties the Assange prosecution to Trump’s other politicization of DOJ when the evidence shows the opposite happened, that Trump abused power to attempt to protect Assange (in her ruling, Judge Baraitser also noted that Trump in no way treated WikiLeaks like he treated journalistic outlets)
  • Relies on dated 2013 reporting about the sum total of WikiLeaks’ actions targeting the US, ignoring much of the public record since, not to mention the grave damage incurred by a release — Vault 7 — that had almost no news value, which was allegedly leaked while Acting Deputy Attorney General John Carlin (who will probably field this letter) was in charge of DOJ’s National Security Division
  • Exhibits zero familiarity with the 54-page report — citing testimony from Biden Administration members Avril Haines, Lisa Monaco, Susan Rice, Tony Blinken, Samantha Power, Denis McDonough, and John Kerry — that concluded one reason the Obama Administration didn’t respond in more timely fashion to Russia’s attack on the 2016 election was because of a delayed understanding of how WikiLeaks had been “coopted” by Russia:

Despite Moscow’s history of leaking politically damaging information, and the increasingly significant publication of illicitly obtained information by coopted third parties, such as WikiLeaks, which historically had published information harmful to the United States, previous use of weaponized information alone was not sufficient for the administration to take immediate action on the DNC breach. The administration was not fully engaged until some key intelligence insights were provided by the IC, which shifted how the administration viewed the issue.

[snip]

The executive branch struggled to develop a complete understanding of WikiLeaks. Some officials viewed WikiLeaks as a legitimate news outlet, while others viewed WikiLeaks as a hostile organization acting intentionally and deliberately to undermine U.S. or allies’ interests.

The letter claims to want to protect a “robust” press. But this letter fails to meet journalistic standards of transparency or accuracy.

Nevertheless, the following organizations signed onto such a (in my opinion) counterproductive letter:

  • Access Now
  • American Civil Liberties Union
  • Amnesty International – USA
  • Center for Constitutional Rights
  • Committee to Protect Journalists
  • Defending Rights and Dissent
  • Demand Progress
  • Electronic Frontier Foundation
  • Fight for the Future
  • First Amendment Coalition Free Press
  • Freedom of the Press Foundation
  • Human Rights Watch
  • Index on Censorship
  • Knight First Amendment Institute at Columbia University
  • National Coalition Against Censorship
  • Open The Government
  • Partnership for Civil Justice Fund
  • PEN America
  • Project on Government Oversight
  • Reporters Without Borders
  • Roots Action
  • The Press Freedom Defense Fund of First Look Institute
  • Whistleblower & Source ProtectionProgram (WHISPeR) at ExposeFacts

I have a great deal of respect for these organizations, have worked for several of them, and have received funding in the past from Freedom of the Press Foundation. I agree with the sentiment of the letter that some of the current charges against Assange pose a risk to journalism. I believe these organizations could have written an effective letter to Acting Attorney General Monty Wilkinson (or, more effectively and with better targeting, to Carlin).

Instead, they signed onto a letter that violates several of the principles of journalism they claim to want to defend.

While Lindsey Graham Was Stalling Merrick Garland’s Confirmation He Was Hoping for Imminent Hunter Biden and John Durham News

One of the very last things Lindsey Graham did as Senate Judiciary Chair was to send a letter to Acting Attorney General Monty Wilkinson urging him not to do anything about two investigations that — according to his addled little brain — “Democrats would rather go away.” In addition to the Delaware investigation of Hunter Biden, Lindsey included the John Durham investigation in that.

I was even the primary sponsor of bipartisan legislation, favorably reported out of the Senate Judiciary Committee, to protect Special Counsel Mueller’s probe from being terminated. Special Counsel Mueller of course found no evidence of collusion between the Trump campaign and Russia, but it was important for public trust that the probe be completed without interference.

We now find the shoe on the other foot. We have two properly predicated, ongoing investigations Democrats would rather go away: Special Counsel John Durham’s investigation of the Crossfire Hurricane investigation and the investigation by the Delaware U.S. Attorney’s Office into Hunter Biden. Special Counsel Durham’s probe has already yielded a felony conviction.

I am writing to respectfully request that you refrain from interfering in any way with either investigation while the Senate processes the nomination of Judge Merrick Garland to the position of Attorney General. The American public deserve the truth and must know that these investigations will continue without political interference.

There’s a lot that’s ridiculous about this letter. It is laughably false to claim that Mueller “found no evidence of ‘collusion,'” — that would be a false claim even if Lindsey had used the legally relevant term of “conspiracy.”

The shoe is not on the other foot. In contradistinction to Trump’s incessant focus on the Russian investigation, there has been no peep about these investigations from the Biden White House. Instead, Hunter Biden rolled out a book deal the other day, which led his father to focus on the import of recovery from addiction, not legal risk.

Lindsey waves Durham’s single felony conviction around — as compared to Mueller’s much more productive investigation and based on evidence entirely derived from Michael Horowitz’ investigation — even after presiding FISA Judge James Boasberg concluded that Kevin Clinesmith did not commit that crime out of any ill-will and sentenced him to a year of probation.

It’s just such a pathetic effort to sustain conspiracy theories Trump chased, and in spite of the Fox News piece on this letter quoting someone that sounds remarkably like Lindsey Graham talking about an ongoing investigation he shouldn’t know about off the record, it’s not actually clear that either of these will result in a showy prosecution. Hell, for all we know, Durham has shifted his focus to what the FBI Agents who were sending pro-Trump tweets on their phones did during the investigation or why Bill Barr’s DOJ submitted altered documents to a criminal docket, precisely the crime Clinesmith pled guilty to.

To repeat, Graham wrote this to urge Wilkinson, who remains in charge of DOJ and oversees the Durham investigation (Acting Deputy Attorney General John Carlin probably oversees the Hunter Biden one) because Merrick Garland remains the most senior Cabinet official who hasn’t been confirmed yet. This was one of his last acts as Chair of SJC.

But the other major final stunt before handing his gavel over to Dick Durbin was precisely that delay. In spite of Garland’s bipartisan support and in spite of Durbin’s exhortations to stop delaying, Lindsey simply didn’t take up Garland’s nomination when he counterparts were doing so. And so DOJ may not get a confirmed Attorney General until late February or early March.

Probably, Lindsey primarily stalled this confirmation just to impose a price on Democrats for impeaching the former President.

But I had been wondering whether Lindsey didn’t have more in mind, perhaps the delay of charges that DOJ would not unseal without Garland’s sanction. And that may be the case.

But along with that delay, Lindsey has also delayed his opportunity to obtain assurances from Garland that he’ll leave these two investigations Lindsey is obsessed about untouched.

The January 6 Investigation Remains in an Early Stage

A lot of people are talking about this report comparing the demographics of the January 6 arrestees with those of past right wing extremist arrests. The report has interesting data — most notably showing that those arrested after January 6 were disproportionately from counties that Biden won.

That said, the methodology behind the comparison is flawed because what would get someone arrested at a normal white supremacist event and what would get them arrested in the wake of January 6 are totally different.

Partly as a way to explain why — and to answer some questions I keep getting — I’d like to talk about what we know of the investigation.

Chain-of-command

First, let’s review who is in the chain-of-command of the investigation.

The investigation is being conducted out of FBI’s Washington Field Office, overseen by Steven M. D’Antuono, and the DC US Attorney’s Office, led by Acting US Attorney Michael Sherwin. Sherwin was Jeffrey Rosen’s hand-selected replacement for Bill Barr flunky Timothy Shea (who in turn replaced Jesse Liu, who did a good job and so was ousted), but unlike Shea (and Barr and Rosen), Sherwin is a career prosecutor with a background on national security cases. And while Sherwin oversaw some politicized shit (notably the later parts of the Mike Flynn gambit), others were involved in the day-to-day, which means, in part, that Sherwin doesn’t necessarily know about the altered documents and whatnot.

In any case, Ken Kohl, a fairly problematic career prosecutor in DC who was personally involved in the Flynn corruption, hasn’t been seen in any of the statements or court filings since the first days of the investigation, when he claimed the investigation wouldn’t incorporate those who incited the attack.

There might have been a concern in the first weeks of investigation that Trump’s dead-enders would limit it. But at this point, such a move would be reported on. Moreover, the top political appointee in DOJ until Merrick Garland or Lisa Monaco are confirmed is John Carlin, who served as Obama’s National Security Division head for the last two years of his Administration. He was a long-time prosecutor himself and would be as comfortable overseeing a terrorism investigation like the DC one as Monaco will be.

It’s unclear when Biden will get around to replacing Trump’s US Attorneys, including Sherwin. But until that time, every single indictment of a Trump terrorist will be signed by a Trump appointee, which may undercut any claims of politicization. And the pace or focus of the investigation is unlikely to change when Garland is finally confirmed (which might be just days away in any case). The major thing he might approve would be the inclusion of Trump or any other political target, and possibly of a broader seditious conspiracy case — but the latter, at least, already seems likely under Sherwin’s supervision.

The prosecution teams are still falling into place right now. Among the prosecutors for the Zip-Tie guy, though, is one of the people who prosecuted Maria Butina. Among the prosecutors for the Oath Keeper conspiracy is one of the women brought into the Mueller team to deal with the Russian defendants.

Triage

I get asked a lot whether the investigation will pick up once Garland is confirmed.

No.

One reason it won’t is because the investigation is already moving at a remarkable clip; even without certain bottlenecks due to COVID (such as limited grand jury time and the difficulties created by dial-in court hearings), it would be hard to investigate much more quickly.

I think people may misunderstand that because of the steady clip of arrests since the attack, with around 178 of around 800 people who were in the Capitol during the attack (181 have been charged so far, but that includes a few people who issued threats but didn’t make it into the Capitol).

DOJ has said that they’ve been mostly arresting the people who mugged on social media bragging about the insurrection. What DOJ did in these first weeks, then, is to focus on all the people whose Facebook friends tipped off the FBI or who did interviews or who otherwise came to easy attention. Many of those people (about half of all the people who’ve been arrested so far) have been charged with just the two trespassing statutes that everyone who stepped foot in the Capitol got charged with, 18 USC 1752 and 40 USC 5104. This is one reason why the study on demographics is not a sound comparison: because literally everyone who stepped in the Capitol committed that trespassing crime, and many of the people who did will never be charged with anything but misdemeanor trespassing charges.

Those people may have loathsome beliefs or be adherents to a cult (whether QAnon or Trump). But it seems that if people just rushed in with the crowds and didn’t damage anything and didn’t assault cops and weren’t privy to or instrumental in a plan to disrupt the vote, it’ll end there, with misdemeanor charges.

That said, as I laid out here, DOJ seems to be adding, at a minimum,  18 USC 1512(c)(2) charges for interfering with the certification of the vote to a subset of those initially charged with just the misdemeanors. They seem to be doing so with those who had a bigger role in delaying the vote count. If that’s all these people are charged with (a number are also charged with property damage or assault) and they don’t have a record, they might be facing 41 to 51 months in prison. I imagine there are some borderline people whom DOJ is suggesting should plead now to those misdemeanor charges to avoid the felony, and I imagine the felony charge(s) will be used to get some people to cooperate and to support keeping others in jail pre-trial.

Already for these defendants, we may not discover what DOJ saw that led them to believe the person merited more than a trespassing charge. In most cases, the FBI will be obtaining more legal process to understand better why a person showed up at the Capitol, what they did there, and what network got them to go to the riot in the first place, as well as any substantial ties to that network.

In other words, it’s likely the 1512 charge is itself a midway point, perhaps a terminal charge for those who were conspiring with others to overturn democracy, perhaps a bookmark as DOJ conducts further investigation.

Sealed investigative steps

Meanwhile, the FBI is conducting further investigation of the right wing networks that planned this attack, steps we’re just seeing hints of, such as with this report on a search of the homes of two people who organized the January 5 rally (and I’ve heard of a few more that haven’t been publicly reported).

The FBI recently raided the homes of two men who sponsored an invective-laced rally near the US Capitol a day before the deadly insurrection, the first known search warrants involving people who organized and spoke at rallies preceding the attack.

[snip]

FBI spokeswoman Laura Eimiller confirmed that federal agents executed search warrants last week at two properties in Orange County, California, which public records indicate belong to Russell Taylor and Alan Hostetter. The two men run the American Phoenix Project, which co-sponsored a pro-Donald Trump rally near the Supreme Court on January 5, one day before the attack.
Neither man has been charged with any crimes.
Footage of the rally shows the men spewing militant vitriol: Hostetter told the crowd to prepare for “war tomorrow” against “vipers” in Congress who refused to nullify President Joe Biden’s win. Taylor said, “We will not return to our peaceful way of life until this election is made right.”

With anyone who didn’t make it inside the Capitol, the government would need to do more to charge them. And for some networks (for example, we know there were around 40 Oath Keepers at the rally, yet only 3 have been charged), the government may want to wait before it starts charging one after another person. It may pick and choose which members of a known network — like the Proud Boys — it charges when.

The thing is, a lot of these people are going to have better operational security than the people who posed for selfies (or managed to destroy evidence). A lot of them are going to be somewhat more difficult to implicate in the insurrection. And a lot of the investigative work will take more time, potentially a lot more time (and require cooperators). You shouldn’t want DOJ to rush it because it’s the kind of thing that good lawyers will mount a First Amendment challenge to.

It will take some time. But that’s not because Billy Barr has come back from whatever corporate boardroom he’s sitting in and sabotaged things. It will take some time because it will take some time.

The Scope of DOJ IG’s FISA Review

A seeming millennium ago, last Tuesday, DOJ’s Inspector General released a Management Advisory Memo describing the interim results of its effort to assess whether problems identified in Carter Page’s FISA application were unique, or reflected a more general problem with FISA. Based on the results from two prongs of DOJ IG’s ongoing investigation, DOJ IG believed they needed to alert FBI right away of their preliminary results in hopes they would inform FBI’s efforts to fix this and to offer two additional recommendations on top of the ones they made in December.

Unsurprisingly, a bunch of mostly right wingers have misrepresented the MAM. I wanted to use this post to explore what the MAM shows about the two prongs of investigation, the significance of the results, and the review of FISA generally. As a bonus track, I’ll talk about what role Intelligence Community Inspector General Michael Atkinson, who was fired on Friday, did not have in the FISA application reviews discussed in the MAM, contrary to what a bunch of wingnuts are claiming to justify his firing.

The universe of FISA

Before getting into what the review showed, some background on the universe of FISA may be helpful.

Both prongs of DOJ IG’s investigation examine probable cause FISA applications from 8 FBI offices submitted over the 5 year period ending last September (the end of Fiscal Year 2019).

The last three years’ transparency reports from the Office of Director of National Intelligence have broken down how many of the probable cause FISA applications were known to target US persons. While there’s been some flux in the number of total probable cause applications, the ones targeting US persons have been going down (perhaps not coincidentally, as scrutiny of the process has increased), from 336 in CY 2016 to 232 in CY 2018.

Using 300 applications targeting US persons as an estimate, that says for the 5-year period DOJ IG is examining, there would have been roughly 1,500 that targeted US persons. The MAM says that the 8 offices included in the review thus far submitted more than 700 FISA applications “relating to U.S. Persons.”

The FBI has 56 field offices. Some states (CA, TX, FL, NY, PA) have multiple FBI offices. Some offices cover multiple states.

In any given year, National Security Division’s Office of Intelligence only does FISA reviews in a fraction of the FBI offices — 25-30, per a recent court filing (FISA 702 reviews covered a smaller number of offices during the early years of the 5-year period, but it’s unclear whether NSD does the reviews at the same time). A James Boasberg opinion on 702 reauthorization from last year confirmed that, “OI understandably devotes more resources to offices that use FISA authorities more frequently.”  That would presumably include DC, NY, and LA (all of which are big enough to be led by an Assistant Director). Cities with large numbers of Chinese-Americans (like SF) or Muslims (like Minneapolis and Detroit) likely do disproportionately more FISA than other large city offices, and I assume offices in TX and FL do a lot as well.

Prong One: Reviewing Woods Files

DOJ IG described that one prong of their review — their own review of Woods Files — involved visiting those 8 field offices “of varying sizes” and reviewing “judgmentally selected sample” of 29 applications to review.

over the past 2 months, we visited 8 FBI field offices of varying sizes and reviewed a judgmentally selected sample of 29 applications relating to U.S. Persons and involving both counterintelligence and counterterrorism investigations. This sample was selected from a dataset provided by the FBI that contained more than 700 applications relating to U.S. Persons submitted by those 8 field offices over a 5-year period.

Between them, those 8 field offices submitted 700 applications in the 5-year period studied, which says that even with some smaller offices included, the field offices still submitted almost half of the US person applications in the period (meaning DOJ IG likely included at least a few of the biggest offices).

This review is ongoing. But thus far, assuming my 1,500 estimate is fair, DOJ IG reviewed around 2% of the applications submitted by the FBI, or 4% of those submitted by these offices. By definition, those 29 files could not have included an application from each office for each year.

For each of these 29 applications, DOJ IG reviewed the Woods File associated with the application to see if there was, as intended, back-up for each of the factual claims in the application; that’s all they’ve done so far. This prong of the review was a strictly paperwork review: DOJ IG did not review whether the claims in the application could be backed up elsewhere, or if there were things in the case file targeting a person that should have been included in the application (which was actually the far bigger problem in the Carter Page applications).

[I]nitial review of these applications has consisted solely of determining whether the contents of the FBI’s Woods File supported statements of fact in the associated FISA application; our review did not seek to determine whether support existed elsewhere for the factual assertion in the FISA application (such as in the case file), or if relevant information had been omitted from the application.

But they didn’t have to keep reviewing to conclude that Woods Files are not functioning like they’re supposed to. Not only was there not a Woods File for 4 of the applications, but the remaining 25 all had problems.

(1) we could not review original Woods Files for 4 of the 29 selected FISA applications because the FBI has not been able to locate them and, in 3 of these instances, did not know if they ever existed; (2) our testing of FISA applications to the associated Woods Files identified apparent errors or inadequately supported facts in all of the 25 applications we reviewed, and interviews to date with available agents or supervisors in field offices generally have confirmed the issues we identified;

[snip]

[F]or all 25 FISA applications with Woods Files that we have reviewed to date, we identified facts stated in the FISA application that were: (a) not supported by any documentation in the Woods File, (b) not clearly corroborated by the supporting documentation in the Woods File, or (c) inconsistent with the supporting documentation in the Woods File. While our review of these issues and follow-up with case agents is still ongoing—and we have not made materiality judgments for these or other errors or concerns we identified—at this time we have identified an average of about 20 issues per application reviewed, with a high of approximately 65 issues in one application and less than 5 issues in another application.

By comparison, DOJ IG found just 8 Woods File errors in the first Carter Page application and 16 in last two, most problematic, renewals (see PDF 460-465). So the applications DOJ IG reviewed were, on average, worse than the Page application with respect to the Woods compliance.

These applications also didn’t all have the required paperwork from an informant’s handling agent — though in some cases, the agent was the same.

About half of the applications we reviewed contained facts attributed to CHSs, and for many of them we found that the Woods File lacked documentation attesting to these two requirements. For some of these applications, the case agent preparing the FISA application was also the handling agent of the CHS referenced in the application, and therefore would have been familiar with the information in CHS files.

It’s actually somewhat notable that just half of this very small sample of applications included information from an informant. And only some of these files were lacking the required paperwork for informants. That suggests, to the degree that the FISA application might hide problems with informants that otherwise might have been found in a criminal warrant affidavit (though even there, FBI has a lot of ways to protect these details), that may not be as big of a problem as defense attorneys have suspected (though that’s an area where I’d expect bigger problems on the CT side than the CI one).

The findings on the third problem identified in the Carter Page applications — that the Woods File did not get a fresh review with each application — are less definitive.

based on the results of our review of two renewal files, as well as our discussions with FBI agents, it appears that the FBI is not consistently re-verifying the original statements of fact within renewal applications. In one instance, we observed that errors or unsupported information in the statements of fact that we identified in the initial application had been carried over to each of the renewal applications. In other instances, we were told by the case agents who prepared the renewal applications that they only verified newly added statements of fact in renewal applications because they had already verified the original statements of fact when submitting the initial application.

This could represent as few as 3 of the 25 files for which there were Woods Files.

In any case, the larger point seems to be the more important one: the FBI has not been using Woods Files like they’re supposed to, making sure that the paperwork to back up any claim made in a FISA application actually reflects the underlying documentation and thereby making sure the claims they make to the FISC are valid.

Presiding FISA Judge James Boasberg issued an order today, requiring the government to figure out whether any of the problems identified in this review were material, with an emphasis on the 4 applications for which there was no Woods File.

Reviewing Accuracy Reviews

As noted, the FBI has not been using Woods Files like they’re intended to be used. But neither is DOJ’s National Security Division.

The other part of DOJ IG’s audit involved reviewing the Accuracy Reviews done by the FBI and NSD as part of the existing FISA oversight process.

There are two kinds of Accuracy Reviews done as part of FISA oversight. First, the FBI requires that lawyers in its field offices review at least one application a year.

FBI requires its Chief Division Counsel (CDC) in each FBI field office to perform each year an accuracy review of at least one FISA application from that field office.

As noted below, these are sent to FBI OGC. NSD’s Office of Intelligence doesn’t get them.

In addition, NSD OI does their own reviews for a subset of offices.

Similarly, NSD’s Office of Intelligence (OI) conducts its own accuracy review each year of at least 1 FISA application originating from each of approximately 25 to 30 different FBI field offices.

Remember there are 56 field offices and roughly 300 US person applications. So in practice, IO could review as few as 8% of the applications in a given year (though it’s probably more than that).

Here’s how DOJ described the OI reviews to FISC in December.

OI’s Oversight Section conducts oversight reviews at approximately 25-30 FBI field offices annually. During those reviews, OI assesses compliance with Court-approved minimization and querying procedures, as well as the Court orders. Pursuant to the 2009 Memorandum, OI also conducts accuracy reviews of a subset of cases as part of these oversight reviews to ensure compliance with the Woods Procedures and to ensure the accuracy of the facts in the applicable FISA application. 5 OI may conduct more than one accuracy review at a particular field office, depending on the number of FISA applications submitted by the office and factors such as whether there are identified cases where errors have previously been reported or where there is potential for use of FISA information in a criminal prosecution. OI has also, as a matter of general practice, conducted accuracy reviews of FISA applications for which the FBI has requested affirmative use of FISA-obtained or -derived information in a proceeding against an aggrieved person. See 50U.S.C. §§ 1806(c), 1825(d).

(U) During these reviews, OI attorneys verify that every factual statement in the categories of review described in footnote 5 is supported by a copy of the most authoritative document that exists or, in enumerated exceptions, by an appropriate alternate document. With regard specifically to human source reporting included in an application, the 2009 Memorandum requires that the accuracy sub-file include the reporting that is referenced in the application and further requires that the FBI must provide the reviewing attorney with redacted documentation from the confidential human source sub-file substantiating all factual assertions regarding the source’s reliability and background. 6

5 (U) OI’s accuracy reviews cover four areas: (1) facts establishing probable cause to believe that the target is a foreign power or an agent of a foreign power; (2) the fact and manner of FBI’s verification that the target uses or is about to use each targeted facility and that property subject to search is or is about to be owned, used, possessed by, or in transit to or from the target; (3) the basis for the asserted U.S. person status of the target(s) and the means of verification; and (4) the factual accuracy of the related criminal matters section, such as types of criminal investigative techniques used (e.g., subpoenas) and dates of pertinent actions in the criminal case. See 2009 Memorandum at 3.

6 (U) If production of redacted documents from the confidential human source sub-file would be unduly burdensome, compromise the identity of the source, or otherwise violate the Attorney General Guidelines for Confidential Human Sources or the FBI’s Confidential Human Source Manual, FBI personnel may request that the attorney use a human source sub-file request form. Upon receipt of that form, the relevant FBI confidential human source coordinator will verify the accuracy of the source’s reliability and background that was used in the application, and transmit the results of that review to the reviewing or attorney.

So in December, DOJ claimed that these reviews served to “ensure compliance with the Woods Procedures and to ensure the accuracy of the facts in the applicable FISA application.” They claimed that “OI attorneys verify that every factual statement in the categories of review described in footnote 5” — pertaining to 1) facts establishing probable cause 2) the target actually uses the targeted facilities 3) the target is a US person and 4) the criminal investigative techniques are accurately described —  are “supported by a copy of the most authoritative document that exists or, in enumerated exceptions, by an appropriate alternate document.” In theory, the easiest way to verify bullet point 1 (the case for probable cause) would be for the OI lawyers to check whether the Woods Files were complete.

Before I get into results, a word about the numbers.

Altogether, DOJ IG reviewed 34 FBI CDC and NSD OI reports and those reports covered 42 US person FISA applications.

Specifically, in addition to interviewing FBI and NSD officials, we reviewed 34 FBI and NSD accuracy review reports covering the period from October 2014 to September 2019—which originated from the 8 field offices we have visited to date and addressed a total of 42 U.S. Person FISA applications, only one of which was also included among the 29 FISA applications that we reviewed.

These numbers are bit confusing. For starters, the base number of accuracy reports, 34, is less than 40 (what it would be if there were a review for all 8 field offices for each of 5 years, which is supposed to be mandated for each FBI office). DOJ IG did not review one application per year per FBI office. I asked DOJ IG why that was; they said only “there may be many reasons why this is the case,” emphasizing multiple times that this audit is in its earliest phases (I’ve got requests for comment in with both NSD and FBI). Some of those many reasons might be:

  • Smaller offices reviewed don’t submit a FISA application every year, so for some offices there was none to review
  • OI doesn’t review most FBI offices every year, so for less frequently reviewed offices, there won’t be a review every year (but there should be an FBI one if the office did any FISA applications)
  • DOJ IG was only interested in US person FISA applications; some of the ones that FBI and OI reviewed would likely not target US persons
  • Only applications for which FISA coverage had ended were reviewed; for the later applications, FISA coverage might be ongoing and therefore excluded from the DOJ IG review
  • DOJ IG may not have finished its review of all these Accuracy Reviews reviews yet, so didn’t include them in the MAM

Additionally, the references to this part of review seems to suggest that the NSD reviews the same FISA application that each FBI field office reviews each year, as well as any problematic ones or ones being used in a prosecution, though that’s something I’m trying to get clarity on. Likewise, I’m trying to figure out whether FBI and OI similarly try to pick a “judgmentally selected sample” to ensure both the counterterrorism and counterintelligence functions are reviewed.

One detail makes this process a really bad measure of Woods File compliance (which is different from whether they measure the accuracy of the application effectively). Before any of these reviews happen, the field offices are told which applications will be reviewed, which gives the case agents a chance to pull together the documentary support for the application.

Thus, prior to the FBI CDC or NSD OI review, field offices are given advance notification of which FISA application(s) will be reviewed and are expected to compile documentary evidence to support the relevant FISA.

If the Woods Procedures were being followed, it should never be the case that the FBI needs to compile documentary evidence before the review; the entire point of it is it ensure the documentary evidence is in the file before any application gets submitted. Once you discover that all the FBI and OI reviews get advance notice, you’re not really reviewing Woods Procedures, it seems to me, you’re reviewing paperwork accuracy.

Nevertheless, even with the advance notice, the 93% of the 42 applications DOJ IG reviewed included problems.

[T]hese oversight mechanisms routinely identified deficiencies in documentation supporting FISA applications similar to those that, as described in more detail below, we have observed during our audit to date. Although reports related to 3 of the 42 FISA applications did not identify any deficiencies, the reports covering the remaining 39 applications identified a total of about 390 issues, including unverified, inaccurate, or inadequately supported facts, as well as typographical errors. At this stage in our audit, we have not yet reviewed these oversight reports in detail.

Keep in mind, OI is reviewing for four things — whether there’s paperwork present to support  that the application shows 1) facts establishing probable cause 2) the target actually uses the targeted facilities 3) the target is a US person (or, for applications targeting under the lower foreign power standard, that the target is not a US person, but that shouldn’t be relevant here) and 4) the criminal investigative techniques used already are accurately described. The second bullet point is actually at least as important as the probable cause, because if the wrong person is wiretapped, then a completely innocent person ends up compromised. That’s the kind of thing where typographical errors (say, transposing 2 digits in a phone number) have had serious ramifications in the past.

The lack of clarity regarding numbers makes one other point unclear. The memo setting up this process envisions NSD’s involvement in assessing whether problems with FISA applications are material. But in practice, the FBI doesn’t consult with them. And in the set of applications that DOJ IG Reviewed (again, it’s unclear whether OI reviewed all the FBI files, along with a select few more, or not), FBI found more problems than OI did, 250 as compared to 140 (for a total of 390 problems).

The 2009 joint FBI-NSD policy memorandum states that “OI determines, in consultation with the FBI, whether a misstatement or omission of fact identified during an accuracy review is material.” The 34 reports that we reviewed indicate that none of the approximately 390 identified issues were deemed to be material. However, we were told by NSD OI personnel that the FBI had not asked NSD OI to weigh in on materiality determinations nor had NSD OI formally received FBI CDC accuracy review results, which accounted for about 250 of the total issues in the reports we reviewed.

[snip]

FBI CDC and NSD OI accuracy review reports had not been used in a comprehensive, strategic fashion by FBI Headquarters to assess the performance of individuals involved in and accountable for FISA applications, to identify trends in results of the reviews, or to contribute to an evaluation of the efficacy of quality assurance mechanisms intended to ensure that FISA applications were “scrupulously accurate.” That is, the accuracy reviews were not being used by the FBI as a tool to help assess the FBI’s compliance with its Woods Procedures.

This is one of the complaints and recommendations in the MAM: it complains that the FBI reviews are basically going into a file somewhere, without a lessons learned process. It recommends that change. It also recommends that OSD get FBI’s reports, so they can integrate them into their own “trends reports” that they do based on their own reviews.

DOJ IG describes its finding that these results aren’t being used in better fashion.

(4) FBI and NSD officials we interviewed indicated to us that there were no efforts by the FBI to use existing FBI and NSD oversight mechanisms to perform comprehensive, strategic assessments of the efficacy of the Woods Procedures or FISA accuracy, to include identifying the need for enhancements to training and improvements in the process, or increased accountability measures.

At least given their description, however, I think they’ve found something else. They’ve confirmed that — contrary to DOJ’s description to FISC that,

OI also conducts accuracy reviews of a subset of cases as part of these oversight reviews to ensure compliance with the Woods Procedures and to ensure the accuracy of the facts in the applicable FISA application.

OI is actually only doing the latter part, measuring the accuracy of the facts in an applicable FISA application. To check the accuracy of the Woods Files, they should with no notice obtain a subset of them, as DOJ IG just did, and see whether the claims in the report are documented in the Woods File, and only after that do their onsite reviews (with notice, to see if there was documentation somewhere that had not been included in the file). That might actually be a better way of identifying where there might be other kinds of problems with the application.

With regards to the lessons learned problem, there seems like an obvious solution to this: Congress mandates that DOJ complete semiannual reviews of 702 practices (which includes reviews of NSA and CIA practices, as well as those of FBI), and they include precisely this kind of trend analysis. Even in spite of their heavy redaction in public form, I’ve even been able to identify problems with 702 and related authorities in the same time frame as NSA was doing so. There’s no reason that semiannual reports couldn’t be expanded (or replicated) to include probable cause targeting. At the very least it’d be a way to force OI and FBI to have this lessons learned discussion. Republican members of Congress have claimed that more oversight should be shifted to Congress (not a very good idea given that no one in Congress seemed to be conducting the close read that I had been), and this is an easy way to play a more active role.

DOJ IG has not reviewed the most important things yet

The MAM is explicit that it has not reviewed the import of the errors it found.

[W]e have not made judgments about whether the errors or concerns we identified were material. Also, we do not speculate as to whether the potential errors would have influenced the decision to file the application or the FISC’s decision to approve the FISA application. In addition, our review was limited to assessing the FBI’s execution of its Woods Procedures, which are not focused on affirming the completeness of the information in FISA applications.

Nor has it reviewed FBI’s own decisions regarding the 290 errors they found in their own reviews to determine if the FBI’s judgment that they were not material was valid. If it compared its results for the one application that FBI and/or OI also reviewed, it doesn’t say so explicitly (which would seem a really important measure about the integrity of the standard reviews).

And while it’s significant that there are so many errors, regardless of the review, it still doesn’t address what the Carter Page case said was the far more important issue: what got left out. Of the 8 to 18 Woods Files errors in the Carter Page investigation, for example, just one got to the core of the problem with the application, that Page was making denials, denials that — before later applications were submitted — the FBI had reason to know were correct (another of the Woods File errors might have raised questions about Steele, but did not go to the heart of the problems with his reporting). The other problems had to do with paperwork, not veracity. And none of the Woods File problems related to CIA’s contact approval of Page for some but not all of his willful sharing of non-public information with known Russian intelligence officers.

DOJ IG says it will conduct further analysis of the problems it has thus far found.

In connection with our ongoing audit, the OIG will conduct further analysis of the deficiencies identified in our work to date and of FBI FISA renewals. In addition, we are expanding the audit’s objective to also include FISA application accuracy efforts performed within NSD. Consistent with the OIG’s usual practices, we will keep the Department and the FBI appropriately apprised of the scope of our audit, and we will prepare a formal report at the conclusion of our work.

But it’s not yet clear that this will include picking a subset of the files already reviewed to do the kind of deep dive that was done with Carter Page.

Further, at this point, DOJ IG seems not to be seeing one of the more obvious conclusions. As explained above, it recommends that the FBI and NSD use their accuracy reviews better to better do lessons learned.

We recommend that the FBI institute a requirement that it, in coordination with NSD, systematically and regularly examine the results of past and future accuracy reviews to identify patterns or trends in identified errors so that the FBI can enhance training to improve agents’ performance in completing the Woods Procedures, or improve policies to help ensure the accuracy of FISA applications.

But it specifically speaks in terms of improving performance with the Woods Procedures.

If the Woods Procedures are meant to be a tool, it would be necessary to conduct no-notice reviews of the files. Otherwise, you’re not reviewing the Woods Procedures. That would need to be a recommendation.

But it seems to be possible if not likely that fixing the problems IDed back before 2000 with a paperwork requirement that doesn’t go to the core of the issue hasn’t worked (and, as described, has never been used as a key measure for the existing OI reviews), then it seems other solutions are necessary — including that criminal defendants get some kind of review. Though even that would be inadequate to the task, given that before DOJ makes the decision to permit FISA materials to be used in a prosecution, they review whether the files would sustain a judge’s review first.

The goal here is not to placate FISC, nor is it to check some boxes as part of the application process. It’s to ensure that absent the threat of review by a defense attorney, the benefits (which already have serious limits) of adversarial review are achieved via other means. And there’s good reason to believe that absent more significant changes in the oversight process, the Woods Procedures are never going to achieve that result.

The Michael Atkinson conspiracy theory

As I was already writing this, it became clear that the frothy right was using this report, released on Tuesday, to provide a non-corrupt excuse for Trump’s firing of Intelligence Community Inspector General Michael Atkinson late on Friday night.

The basis for such a claim is not entirely clear to me. Frothers in my Twitter timeline at first seemed to confuse Atkinson with DOJ’s IG, Michael Horowitz, or believed that the ICIG had a central role in FISA. Then they seized on the fact that, for the two years before he became ICIG, Atkinson was at National Security Division, which both oversees some cases likely to have a FISA component and oversees the submission of applications and then conducts the oversight reviews.

Atkinson’s confirmation materials provide some exactitude for what he did at DOJ when:

September 2002 to March 2006: Trial Attorney for DOJ’s Fraud Section

March 2006 to March 2016: AUSA in DC USAO working on Fraud (including in oversight positions)

March 2016 to June 2016: Acting DAAG, National Asset Protection at NSD

July 2016 to May 2018: Senior Counsel to AAG for NSD

There would be little imaginable reason for a fraud prosecutor, as Atkinson was for the majority of his DOJ career, to use FISA (two of the highest profile cases he worked on were the prosecution of Democratic Congressmen William Jefferson and Jesse Jackson Jr), though he said he worked on some espionage, sanctions, and FARA cases. As Acting DAAG, he worked in a different part of NSD than the unit that handles FISA applications and oversight.

As he described it in his confirmation materials, he would have been a consumer of FISA information, but not the person doing the reviews.

As Senior Counsel to the AAG (serving under John Carlin, Mary McCord, Dana Boente, and John Demers), he might have visibility into review processes on FISAs, though at that level, managers assumed the Woods Procedure worked as required (meaning, Atkinson would not have known of these problems).

In his confirmation materials, however, Atkinson suggested he spent far more time as Senior Counsel overseeing the response to unauthorized disclosures, which likely still included Snowden when he started in 2016, added Shadow Brokers that year, and would have focused closely on Vault 7 in 2017 and 2018.

My experience in helping to coordinate the responses to unauthorized disclosures while serving as the Senior Counsel to the Assistant Attorney General, U.S. Department of Justice, National Security Division (NSD), should assist me in serving effectively as the IC IG. As part of this position, I have assisted in coordinating the Department’s efforts to investigate and prosecute unauthorized disclosures across the IC enterprise. This experience has reinforced for me the important role that fair, impartial, and effective whistleblower protection processes play in maximizing the IC’s effectiveness and minimizing the risks of unauthorized disclosures and harm to our national security. As part of this experience, I have also been a consumer and user of intelligence from multiple intelligence sources, and I have seen first-hand the benefits to our country when there is a unity of effort by the Intelligence Community to address national security needs.

For Vault 7, at least, the investigation into Joshua Schulte — who was always the prime suspect — used criminal process from the very start (though it’s possible that the increased surveillance of Julian Assange involved FISA). And while there are less spectacular cases of unauthorized disclosure that might involve some nexus with a foreign country, raising FISA issues, many of these leaks cases were criminal cases, seemingly not reliant on FISA. Which would mean some of the most sensitive cases Atkinson worked on didn’t involve FISA.

Though the frothy right may think Atkinson had a central role because the title of the person at FBI field offices who must conduct a review is “Chief [Division] Counsel,” and they confused both the agency and the location.

In any case, there’s one more piece missing from this: while I happen to think DOJ IG has not focused closely enough on what NSD should be doing in its oversight role, thus far, DOJ IG has not investigated it. And so there’s actually no allegation of wrong-doing from anyone at NSD in either of these two reports, not even the NSD people who actually work on FISA. On the contrary, DOJ IG simply describes OI doing reviews where they identified problems and wrote them up. Yes, OI likely should have been more involved in determining whether the errors FBI found were material. Given that Boasberg has mandated materiality reviews of the 29 files reviewed by DOJ IG, now would be a good time to implement that practice.

Still, compliance or not with Woods Files remains a distraction from a deeper review of whether these files included all pertinent information. And if FISA is going to remain viable, that’s the examination that needs to happen.

Annual FISC Report Suggests the Court Did Not Approve ANY Section 702 Certificate in 2016

The Administrative Office of the Courts just released the FISC annual report, the first full year report issued after USA Freedom Act.

I’ll work on more analysis in a moment, but wanted to point to something that is fairly remarkable, if I’m reading the report correctly.

Here’s the top line report for the year. Note, in particular, the 1881a line.

As last year’s report did, this year’s redacts the number of certificates the government applied for. But then the footnote reads, in part,

The government submitted this number of certification(s) during calendar year 2016 but the Court did not take action on any such certification(s) within the calendar year.

That, plus the “0”s in the table, seems to state clearly that the FISC did not approve last year’s Section 702 application.

What that likely means, given the precedent set in 2011, is that the government submitted applications (usually they do this with a month of lead time), but the court would not approve the applications as submitted. In 2011, the government got a series of extensions, so 702 never lapsed. The prior approval before last year was November 6, 2015, so it would only have had to have been extended 2 months to get into this year. So that seems to suggest there was at least a three month (application time plus extension) delay in approving the certifications for this year.

Note, too, that the report shows the only amicus appointed last year was Marc Zwillinger for a known PRTT application, so this hold up wasn’t even related to an amicus complaint.

In any case, this may reflect significant issues with 702.

Update: Here’s the 2011 702 opinion, which documents the last known time this happened (though there must have been a roughly month-long delay once since then). After submitting an application in April for May reauthorization, the government got two 60-day extensions, and one more month-long extensions, with final approval on October 3, 2011. It appears there was no big problem with getting the extensions (though at one point, Bates had a meeting with DOJ to tell them he was serious about the reapproval process), so presumably any extension in November would have been granted without much fuss.

One other thing that is worth noting. On September 27, 2016, then Assistant Attorney General John Carlin announced he would be leaving in a month. Mary McCord (who announced her own departure today) took over on October 15. So the transition between the two of them would have happened in the weeks before the certificates would have normally been reauthorized. Whatever Carlin’s reasons for leaving (which has never been made public, as far as I know) the transition between the two of them may have exacerbated any delay.

While It Is Reauthorizing FISA Amendments Act, Congress Should Reform Section 704

On Tuesday, the Senate Judiciary Committee had a public hearing on FISA Amendments Act reauthorization, which will take place in the next year. The hearing was treated as solely the reauthorization of Section 702 of FAA. But in fact, all of Title VII needs to be reauthorized. Which is why I think Congress should reform Section 704 — or at the very least, as a whole lot more question about how it (and by association EO 12333) is used against Americans.

As a reminder, here are the parts of Title VII authorizing collection (there are also some transparency provisions):

  • 702: Permits the government to target non-US persons located overseas based on only a FISA review of broad certifications; includes PRISM and upstream
  • 703: Requires NSA to obtain an individualized order when targeting electronic communications of US persons overseas; this is basically for collection on US persons overseas with the assistance of providers in the US
  • 704: Requires NSA to obtain an individualized order when targeting US persons overseas using means for which they’d have a reasonable expectation of privacy in the US; this is basically for spying on US persons overseas collecting overseas
  • 705a: Permits the government to apply for joint applications, effectively permitting them to do both 703 and 704 authorized spying
  • 705b: Permits the Attorney General to approve spying for US persons targeted under traditional FISA when they are located overseas

My interest in Section 704 stems from a fact that no one appears to know: NSA doesn’t use Section 703 of FAA. At all.

There’s a still-unreleased Snowden document that states that explicitly (something to the effect of, “to date [which date was probably 2012], the NSA has not used this authority”). But even some public documents make this clear. For example, the Q1 2012 Intelligence Oversight Board report, which broke out reporting for all FISA authorities used (the hidden authority is probably Title IV), lists only 704 and 705b, not 703 or 705a. More starkly, a 2010 NSA IG Report (PDF 10) discussing FISA authorities only names traditional FISA, Section 704, and Section 705b, which may mean 705a is not used either.

Screen Shot 2016-05-13 at 3.38.08 AM

I’ve been asking what this means since I first figured this out (so for two years) and not a single person has been able to explain it to me. To be fair, most simply don’t believe me that Section 703 is not used and so just blow off my question.

I think this means one (or a combination) of several things:

  • No surveillance of Americans overseas takes place with the assistance of US providers (which would trigger 703)
  • The government has some interpretation — perhaps a corollary to their claim that Americans have no expectation of privacy for any international communications — that claims they can use a lower standard for people overseas
  • The government uses traditional FISA even on people located overseas

I used to think it was this last one: that the government just went through the trouble of getting a traditional order every time it targeted a US person, meaning they’d also give the person full FISA notice if that person were prosecuted. Except I think using a traditional order to target an American overseas is actually a violation (!) that gets reported to IOB.

If it’s not that, then you would think it’d have to be the wacky interpretation, the middle option. After all, Americans are at least as likely to use Gmail as foreigners are, so to get the Gmail of Americans overseas, the NSA would presumably ask Google for assistance, and therefore trigger 703, unless there were a wacky legal interpretation to bypass that. There are things that make it clear NSA has a great deal of redundancy in its collection, even with PRISM collection, which makes it clear they do double dip, obtaining even Gmail overseas and domestically (which is why they’d have GCHQ hack Google’s overseas fiber). It’s possible, though, that the NSA conducts so much bulk collection overseas it is actually easier (or legally more permissive) to just collect US person content from bulk collections obtained overseas, thereby bypassing any domestic provider and onerous legal notice. I suppose it’s also possible that NSA now uses 703 (my proof they don’t dates to 2012 or earlier), having had to resort to playing by the rules as more providers lock up their data better in the wake of the Snowden revelations. (Note, Mieke Eoyang has an interesting FAA suggestion that would require exclusivity when NSA accesses content from US providers, thereby preventing them from stealing Google data overseas.)

My first point, then, in raising 704 is to say Congress and advocates should use this opportunity to figure out which of these options it is. Why is it that members of Congress still brag about having got NSA to accede to 703 when 703 is not used? What does it mean that they’re not using it?

But here’s my other concern. If the first option is the answer — that is, if overseas collection is so thorough that NSA can collect on someone, if there are reasons to, without using any provider, it means there’s a shit-ton of American content — both of people located in the US and overseas — accessible in NSA’s collections. We knew that. But it’d say even US provider content is available in great volume (which would be doable for any of them not using encryption in motion).

My other concern is that Americans overseas may actually have more protections than Americans in the US.

FISA is pretty strict about location: the 700s only apply to people overseas, except for 705b, which is supposed to be tied to someone mostly in the US but heading to China on a business trip. Screwing that up is a violation that gets reported to the IOB.

Add to that the fact that (as I understand it) NSA can access already-collected US person content collected under EO 12333 with the approval of the Attorney General.

If I’m right about all this (a big if, given how little anyone knows about this), then it would say accessing the bulk collected communications of an American overseas would require a 704 order, whereas accessing the bulk collected communications of an American who was herself located in the US, but whose communications were located overseas, would only require AG approval. That can’t be right, can it? Perhaps 704 gives the government some added authorities, such as the ability to target someone using XKeyscore. But we know NSA has collected “vast troves” of US person data overseas, and we know that Assistant Attorney General John Carlin doesn’t think his department should oversee that collection at all! Carlin stated clearly in February 2014 that even “vast troves” of US person data collected “incidentally” (which, under bulk collection, would mean all of it transiting overseas) get no FISA protection.

So in addition to politely requesting that Congress figures out how it is that NSA doesn’t use Section 703, at all, I’d also like to politely suggest that 704 protections or the equivalent be extended to Americans who are located in the US but whose communications have gone to Europe without them.

There has been a lot of discussion about how the NSA accesses the content of US persons who are themselves located in the US but whose communications get collected “overseas.” That has been treated as an EO 12333 issue (and as such, something that would take pulling teeth to get the Executive to agree to change). But there’s a mirror image of that problem, I think, in the Section 704 question. So perhaps shoring up Section 704 is the way to deal with both?

John Carlin Complains that ISIL Is Targeting Same Youth FBI Long Has Been

I’m reviewing some of the videos from the Aspen Security Forum. This one features DOJ Assistant Attorney General for National Security John Carlin and CIA General Counsel Caroline Krass.

I’m including it here so you can review Carlin’s complaints in the first part of the video. He explains to Ken Dilanian that ISIL’s recruiting strategy is different from Al Qaeda’s in that they recruit the young and mentally ill. He calls them children, repeatedly, but points to just one that involved a minor. 80% are 40 and under, 40% are 21 and under. In other words, he’s mostly complaining that ISIL is targeting young men who are in their early 20s. He even uses the stereotype of a guy in his parents’ basement, interacting on social media without them knowing.

Carlin, of course, has just described FBI’s targeting strategy for terrorist stings, where they reach out to young men — many with mental disabilities — over social media, only then to throw an informant or undercover officer at the target, to convince him to press the button that (the target believes) will detonate a bomb — though of course the bomb is an FBI-supplied inert bomb. He should know this, because before the end of the panel, he invokes Mohamed Osman Mohamud, the Portland youth convicted for pressing a button who was first targeted by FBI’s informant when he was 16 or so (and whose father asked FBI for help, only to have them target his son).

I’m not contesting the truth of Carlin’s claims. But if this is a new strategy — essentially adopting the strategy the FBI has used since 9/11 (and especially since 2009) — one that Carlin deems especially outrageous, then it ought to reflect back on FBI’s practice. If it is outrageous for ISIL to target young and in some cases mentally unstable men because they are so vulnerable because they’re not yet old enough to resist, then it should also be considered outrageous for FBI to do the same to fluff their terrorism conviction rates. Plus, Carlin’s depiction of this as a new strategy suggests all those earlier targeted young men may not have been recruited by core al Qaeda.

Not to mention, the vulnerability of this population ought to point to a different way of combatting terrorism (and domestic terrorism, which has been a bigger problem in recent weeks): to make this community less vulnerable.

 

The Emergency EO 12333 Fix: Section 309

In a last minute amendment to the Intelligence Authorization, the House and Senate passed a new section basically imposing minimization procedures for EO 12333 or other intelligence collection not obtained by court order. (See Section 309)

(3) Procedures.–

(A) Application.–The procedures required by paragraph (1) shall apply to any intelligence collection activity not otherwise authorized by court order (including an order or certification issued by a court established under subsection (a) or (b) of section 103 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1803)), subpoena, or similar legal process that is reasonably anticipated to result in the acquisition of a covered communication to or from a United States person and shall permit the acquisition, retention, and dissemination of covered communications subject to the limitation in subparagraph (B).

(B) Limitation on retention.–A covered communication shall not be retained in excess of 5 years, unless–

(i) the communication has been affirmatively determined, in whole or in part, to constitute foreign intelligence or counterintelligence or is necessary to understand or assess foreign intelligence or counterintelligence;

(ii) the communication is reasonably believed to constitute evidence of a crime and is retained by a law enforcement agency;

(iii) the communication is enciphered or reasonably believed to have a secret meaning;

(iv) all parties to the communication are reasonably believed to be non-United States persons;

(v) retention is necessary to protect against an imminent threat to human life, in which case both the nature of the threat and
the information to be retained shall be reported to the congressional intelligence committees not later than 30 days after the
date such retention is extended under this clause;

(vi) retention is necessary for technical assurance or compliance purposes, including a court order or discovery obligation, in which case access to information retained for technical assurance or compliance purposes shall be reported to the congressional
intelligence committees on an annual basis; or

(vii) retention for a period in excess of 5 years is approved by the head of the element of the intelligence community responsible for such retention, based on a determination that retention is necessary to protect the national security of the United States, in which case the head of such element shall provide to the congressional intelligence committees a written certification describing–
(I) the reasons extended retention is necessary to protect the national security of the United States; (II) the duration for which the head of the element is authorizing retention;

(III) the particular information to be retained; and

(IV) the measures the element ofthe intelligence community is taking toprotect the privacy interests of UnitedStates persons or persons locatedinside the United States.

The language seems to be related to — but more comprehensive than — language included in the RuppRoge bill earlier this year. That, in turn, seemed to arise out of concerns raised by PCLOB that some unnamed agencies had not revised their minimization procedures in the entire life of EO 12333.

Whereas that earlier passage had required what I’ll call Reagan deadenders (since they haven’t updated their procedures since him) to come up with procedures, this section effectively imposes minimization procedures similar to, though not identical, to what the NSA uses: 5 year retention except for a number of reporting requirements to Congress.

I suspect these are an improvement over whatever the deadenders have been using But as Justin Amash wrote in an unsuccessful letter trying to get colleagues to oppose the intelligence authorization because of the late addition, the section provides affirmative basis for agencies to share US person communications whereas none had existed.

Sec. 309 authorizes “the acquisition, retention, and dissemination” of nonpublic communications, including those to and from U.S. persons. The section contemplates that those private communications of Americans, obtained without a court order, may be transferred to domestic law enforcement for criminal investigations.

To be clear, Sec. 309 provides the first statutory authority for the acquisition, retention, and dissemination of U.S. persons’ private communications obtained without legal process such as a court order or a subpoena. The administration currently may conduct such surveillance under a claim of executive authority, such as E.O. 12333. However, Congress never has approved of using executive authority in that way to capture and use Americans’ private telephone records, electronic communications, or cloud data.

[snip]

In exchange for the data retention requirements that the executive already follows, Sec. 309 provides a novel statutory basis for the executive branch’s capture and use of Americans’ private communications. The Senate inserted the provision into the intelligence reauthorization bill late last night.

Which raises the question of what the emergency was to have both houses of Congress push this through at the last minute? Back in March, after all, RuppRoge was happy to let the agencies do this on normal legislative time.

I can think of several possibilities:

  • The government is imminently going to have to explain some significant EO 12333 collection — perhaps in something like the Hassanshahi case or one of the terrorism cases explicitly challenging the use of EO 12333 data and it wants to create the appearance it is not a lawless dragnet (though the former was always described as metadata, not content)
  • The government is facing new scrutiny on tools like Hemisphere, which the DOJ IG is now reviewing; if 27-year old data is owned by HIDTA rather than AT&T, I can see why it would cause problems (though again, except insofar as it includes things like location, that’s metadata, not content)
  • This is Dianne Feinstein’s last ditch fix for the “trove” of US person content that Mark Udall described that John Carlin refused to treat under FISA
  • This is part of the effort to get FBI to use EO 12333 data (which may be related to the first bullet); these procedures are actually vastly better than FBI’s see-no-evil-keep-all-data for up to 30 years approach, though the language of them doesn’t seem tailored to the FBI

Or maybe this is meant to provide the patina of legality to some other dragnet we don’t yet know about.

Still, I find it an interesting little emergency the intelligence committees seem to want to address.

PCLOB Member Rachel Brand Asked NSA General Counsel to Help Her Dissent from PCLOB

Let me say straight out: Privacy and Civil Liberties Oversight Board member Rachel Brand is no slouch. She’s very smart and very accomplished.

All that said, I am rather intrigued by the way she consulted NSA General Counsel Raj De several times — as illustrated by these emails Jason Leopold liberated from PCLOB —  as she worked on her dissent to the Democratic PCLOB members’ conclusion that the Section 215 dragnet is illegal.

On January 6, Brand emailed De. “Do you have a couple minutes to talk about a PCLOB matter today or tomorrow?” They scheduled some time to talk at midday the next day — though a request from Keith Alexander appears to have forced De to delay. Nevertheless, by 1:30 on January 7, it appears De and Brand spoke, because De forwarded two things: I Con the Record’s press release announcing the FISA Court had reauthorized the dragnet even after Judge Richard Leon ruled it unconstitutional (De makes no mention in his email, but the order had considered Leon’s ruling before reauthorizing the program), and the GPO transcript of Robert Mueller’s claim in a June 2013 House Judiciary Committee hearing that the dragnet would have prevented 9/11.

Ten days later, on January 17, Brand was emailing De again, after having seen each other that morning (that was the morning President Obama announced his own reforms to the dragnet, so it may have been in that context). She sent NSA’s General Counsel a paragraph, with one sentence highlighted, asking if it was accurate. He responded with “some suggestions for accuracy for your consideration … Feel free to give a call if you want to discuss, or would like more detail.”

Then, over that weekend, Brand and De exchanged the following emails:

Saturday, January 18, 12:31: Brand sends “the current draft of my separate statement” stating she wants “to be sure there is nothing factually or legally inaccurate in it;” she says it is currently 5 pages and tells De she needs to give PCLOB Chair David Medine the final by Sunday night

Saturday, January 18, 2:11: De responds, “happy to”

Sunday, January 19, 10:51: De responds, saying, “not that you need or want my validation, but for what’s [sic] it is worth it really reads quite well.” De then provides 3 “additional factual details” which “might fit in if you wanted to use them;” those bullets are redacted

Sunday, January 19, 3:47: Brand replies, stating that Beth (Elisebeth Collins Cook, the other Republican on PCLOB) “explicitly makes the first two in her separate statement” and that she’s “trying to keep this short, so have to forego making every available point”

Read more