Posts

Six Data Points about the CIA Dragnet

Last week, Ron Wyden and Martin Heinrich released a declassified letter they wrote last April, describing a CIA bulk program that had not been fully briefed to the Intelligence Committees, which violated the spirit and understanding of efforts to shut down bulk collection.

This history demonstrates Congress’s clear intent, expressed over many years and through multiple pieces of legislation, to limit, and in some cases, prohibit the warrantless collection of Americans’ records, as well as the public’s intense interest in and support for these legislative efforts. And yet, throughout this period, the CIA has secretly conducted it own bulk program [redacted]. It has done so entirely outside the statutory framework that Congress and the public believe govern this collection, and without any of the judicial, congressional or even executive branch oversight that comes with FISA collection.

I’ve been hesitating writing about it. That’s true, because it’s not the least little surprise to me. I’ve written a series of pieces describing how the self-congratulatory pieces claiming legislation passed in the wake of Snowden’s leaks won’t do what they say. I pointed out some of what PCLOB was likely to find when they started this review.

Then there’s bullet 4, which suggests CIA and/or NSA are collecting “within the United States or from U.S. companies.”

With regards collection “within the US,” Mayer’s post is helpful here too, pointing to loopholes for wireless and satellite communication.

The law that results is quite counterintuitive. If a communication is carried by radio waves, and it’s one-end foreign, it falls under Executive Order 12333. If that same communication were carried by a wire, though, it would fall under FISA. (Specifically, the Section 702 upstream program.)

As for how this Executive Order 12333 authority might be used beyond satellite surveillance, I could only speculate. Perhaps intercepting cellphone calls to or from foreign embassies?12 Or along the national borders? At any rate, the FISA-free domestic wireless authority appears to be even broader than the Transit Authority.

As far as collection outside the US, this may simply be a reference to providers voluntarily providing data under 18 U.S.C. § 2511(2)(f), as we know at least some of the telecoms do.

I pointed out that a consideration of the risks of surveillance under EO 12333 to US persons had to consider CIA’s use of it (then got yelled at because I pointed out enormous blindspots in “expert” reports). I noted that when cautioning about the dragnet Donald Trump would wield, you had to consider EO 12333.

I mean, there’s been a whole lot of self-congratulation since Snowden. And it has all been just that, something to brag to donors about. Because EO 12333 was always out there, and it was always possible to do virtually all of what Snowden exposed in the Section 215 program via EO 12333.

Add that to the list of unpopular things I have said over the years that leads “experts” to prefer to ignore me.

So I assume this will be ignored like all those other warnings of precisely this moment.

Here’s where I would propose to go find the CIA dragnet.

CIA always wanted to restore its Stellar Wind component

First, remember there was a CIA component to Stellar Wind, the first dragnet set up for counterterrorism (which this program is). CIA had to do its own IG Report on Stellar Wind.

Remember that one of Bill Binney’s gripes about how NSA repurposed his surveillance was that they eliminated the encryption hiding US person identifiers, effectively making it easy to spy on US persons.

Now consider that on July 20, 2004, the CIA took the lead on pushing for the adoption of “supplemental procedures” allowing the analysis of US person metadata under EO 12333. July 20, 2004 was days after Jack Goldsmith, who had shut down parts of Stellar Wind, resigned, and the agencies immediately moved to start turning all the programs he had shut down (including both surveillance and torture) back on.

It took years to restore that access to US person data (I have a theory that Alberto Gonzales was fired because he refused to reauthorize it). But starting in 2007, expanding  in 2009 (at a time when the Section 215 program was under threat), and then fully implementing in 2011 (after NSA had to shut down the PRTT program knowing full well it violated John Bates upstream order), SPCMA was rolled out.This meant that, so long as data was collected via whatever means overseas, US person metadata could be included in the analysis.

The government has been preserving its ability to use 18 U.S.C. § 2511(2)(f)

Over a series of IG Reports written by Glenn Fine, I honed in a memo that David Barron (the OLC head who, under Obama, played a similar role as John Yoo did for George Bush) wrote seemingly authorizing using 18 U.S.C. § 2511(2)(f) to get “international” data from telecoms provided voluntarily. In 2013, David Kris confirmed that that had been happening.

In March 2021 — so before he wrote the letter just declassified but after he was briefed by PCLOB on the report on the CIA dragnet — the Congressional Research Service wrote a report on 18 U.S.C. § 2511(2)(f) for Senator Wyden. It describes how it works as an exception to FISA and other criminal laws.

Accordingly, Section 2511(2)(f) identifies two broad categories of government activities that are exempt from Title III, the SCA, the Pen Register statute, and section 705 of the Communications Act of 1934:27 (1) the “acquisition by the United States Government of foreign intelligence information from international or foreign communications”; and (2) “foreign intelligence activities conducted in accordance with otherwise applicable Federal law involving a foreign electronic communications system.” These two categories are further qualified so that the exception only applies if: (3) the acquisition or the foreign intelligence activity is not “electronic surveillance” as defined under FISA; and (4) an “exclusivity” clause states that ECPA, the SCA, and FISA shall be the exclusive means by which electronic surveillance and the interception of domestic wire, oral, and electronic communications may be conducted. Each of these clauses is discussed in more detail below.

It describes that some things don’t count as an “acquisition” under FISA, such as something obtained from a telephone instrument being used in the ordinary course of business.

Therefore, some intelligence activities that qualify as “acquisitions” for purposes of Section 2511(2)(f) may not qualify as “electronic surveillance” under FISA because the acquisition is not accomplished through an electronic, mechanical, or other surveillance device. Although FISA does not define this phrase, ECPA provides a definition of “electronic, mechanical, or other device” to mean “any device or apparatus which can be used to intercept a wire, oral, or electronic communication.”46 However, this definition expressly excludes “any telephone or telegraph instrument, equipment or facility, or any component thereof” that is “being used by a provider of wire or electronic communication service in the ordinary course of its business.”47

This is the kind of language that was used to treat bulk metadata as a mere business record under Section 215 after the government stopped relying exclusively on voluntary production. The bulk telephony data of all Americans was just a business record.

The report written for Ron Wyden during the same period he was writing the now unclassified letter also notes that “exclusivity” only applies to “domestic” communications, not stuff acquired overseas.

The exclusivity clause is first directed at interception of domestic communications, which would not appear to be affected by the previous disclaimers regarding acquisition of foreign and international communications or foreign intelligence activities directed at foreign electronic communications systems.

In other words, if telephone companies want to voluntarily give the records they otherwise keep to the IC for the purpose of foreign intelligence, it fits in this loophole. And given the realities of telecommunication, a huge percentage of “domestic” communications can be obtained overseas.

In 2013, NYT reported that AT&T was providing CIA call records

In 2013, as a bunch of different dragnets were being disclosed while everyone was looking exclusively at Section 215 and right after Kris had confirmed this application of 18 U.S.C. § 2511(2)(f),  Charlie Savage described that the CIA had its own dragnet based on telephone records purchased from AT&T.

The C.I.A. is paying AT&T more than $10 million a year to assist with overseas counterterrorism investigations by exploiting the company’s vast database of phone records, which includes Americans’ international calls, according to government officials.

The cooperation is conducted under a voluntary contract, not under subpoenas or court orders compelling the company to participate, according to the officials. The C.I.A. supplies phone numbers of overseas terrorism suspects, and AT&T searches its database and provides records of calls that may help identify foreign associates, the officials said. The company has a huge archive of data on phone calls, both foreign and domestic, that were handled by its network equipment, not just those of its own customers.

Legally, this dragnet would fit solidly in the 18 U.S.C. § 2511(2)(f) loophole.

Obama’s codification of EO 12333 in his final days

Insanely, Obama finished the process of reconstituting the Stellar Wind program in his final days. He did so, I’ve been told, in an effort to put guidelines in place (for example, Loretta Lynch adopted rules that you couldn’t use EO 12333 data for political purposes, as if that would restrain Donald Trump). But I emphasized then precisely what Wyden and Heinrich are emphasizing now. There’s no oversight.

Which brings us to whether the EO sharing procedures, as released, might bind Trump anymore than EO 12333 bound Bush in 2001.

In general, the sharing procedures are not even as stringent as other surveillance documents from the Obama Administration. The utter lack of any reasonable oversight is best embodied, in my opinion, by the oversight built into the procedures. A key cog in that oversight is the Department of National Intelligence’s Privacy and Civil Liberties Officer — long inhabited by a guy, Alex Joel, who had no problem with Stellar Wind. That role will lead reviews of the implementation of this data sharing. In addition to DNI’s PCLO, NSA’s PCLO will have a review role, along with the General Counsels of the agencies in question, and in some limited areas (such as Attorney Client communications), so will DOJ’s National Security Division head.

What the oversight of these new sharing procedures does not include is any statutorily independent position, someone independently confirmed by the Senate who can decide what to investigate on her own. Notably, there is not a single reference to Inspectors General in these procedures, even where other surveillance programs rely heavily on IGs for oversight.

There is abundant reason to believe that the PATRIOT Act phone and Internet dragnets violated the restrictions imposed by the FISA Court for years in part because NSA’s IG’s suggestions were ignored, and it wasn’t until, in 2009, the FISC mandated NSA’s IG review the Internet dragnet that NSA’s GC “discovered” that every single record ingested under the program violated FISC’s rules after having not discovered that fact in 25 previous spot checks. In the past, then, internal oversight of surveillance has primarily come when IGs had the independence to actually review the programs.

Of course, there won’t be any FISC review here, so it’s not even clear whether explicit IG oversight of the sharing would be enough, but it would be far more than what the procedures require.

I’d add that the Privacy and Civil Liberties Oversight Board, which provided key insight into the Section 215 and 702 programs, also has no role — except that PCLOB is for all intents and purposes defunct at this point, and there’s no reason to believe it’ll become operational under Trump.

I guess I was wrong about PCLOB. It did get reconstituted, and seven years after the EO 12333 review started we’re getting dribbles about what it found!

And in fact if this whole discussion didn’t make me crabby, I’d point out details from the PCLOB report that suggest things aren’t as bad as I thought they’d get in 2017, when this dragnet was handed over to Donald Trump.

So I’m not entirely a pessimist!

PCLOB only has authority over counterterrorism programs

The only problem with being proven wrong about PCLOB, however, is even though there were efforts to expand its mandate during the Trump years, those efforts failed.

It can only look at counterterrorism programs.

So there could be a parallel program used for counterintelligence (indeed, the sharing rules make it quite clear there’s a CI purpose for it), and we’d never get oversight over it. So Wyden and Heinrich should be pushing to get a full briefing on the CI version of this, because it’s there, I would bet you a lot of money.

Anyway, if you want to find the CIA dragnet, you can look at my warnings over the last 9 years (or Charlie Savage’s report on it from 2013). Or you can look at the loophole that 18 U.S.C. § 2511(2)(f) creates, Ron Wyden was exploring closely when he was writing this letter. Another place you might look is AT&T’s earnings statements.

DOJ’s Failures to Follow Media Guidelines on the WaPo Seizure

I wanted to add a few data points regarding the report that DOJ subpoenaed records from three WaPo journalists.

This post is premised on three pieces of well-justified speculation: that John Durham, after having been appointed Special Counsel, obtained these records, that Microsoft challenged a gag, and that Microsoft’s challenge was upheld in some way. I’m doing this post to lay out some questions that others should be asking about what happened.

An enterprise host (probably Microsoft) likely challenged a gag order

The report notes that DOJ did obtain the reporters’ phone records, and tried, but did not succeed, in obtaining their email records.

The Trump Justice Department secretly obtained Washington Post journalists’ phone records and tried to obtain their email records over reporting they did in the early months of the Trump administration on Russia’s role in the 2016 election, according to government letters and officials.

In three separate letters dated May 3 and addressed to Post reporters Ellen Nakashima and Greg Miller, and former Post reporter Adam Entous, the Justice Department wrote they were “hereby notified that pursuant to legal process the United States Department of Justice received toll records associated with the following telephone numbers for the period from April 15, 2017 to July 31, 2017.” The letters listed work, home or cellphone numbers covering that three-and-a-half-month period.

[snip]

The letters to the three reporters also noted that prosecutors got a court order to obtain “non content communication records” for the reporters’ work email accounts, but did not obtain such records. The email records sought would have indicated who emailed whom and when, but would not have included the contents of the emails. [my emphasis]

What likely happened is that DOJ tried to obtain a subpoena on Microsoft or Google (almost certainly the former, because the latter doesn’t care about privacy) as the enterprise host for the newspaper’s email service, and someone challenged or refused a request for a gag, which led DOJ to withdraw the request.

There’s important background to this.

Up until October 2017, when the government served a subpoena on a cloud company that hosts records for another, the cloud company was often gagged indefinitely from telling the companies whose email (or files) it hosted. By going to a cloud company, the government was effectively taking away businesses’ ability to challenge subpoenas themselves, which posed a problem for Microsoft’s ability to convince businesses to move everything to their cloud.

That’s actually how Robert Mueller obtained Michael Cohen’s Trump Organization emails — by first preserving, then obtaining them from Microsoft rather than asking Trump Organization (which was, at the same time, withholding the most damning materials when asked for the same materials by Congress). Given what we know about Trump Organization’s incomplete response to Congress, we can be certain that had Mueller gone to Trump Organization, he might never have learned about the Trump Tower Moscow deal.

In October 2017, in conjunction with a lawsuit settlement, Microsoft forced DOJ to adopt a new policy that gave it the right to inform customers when DOJ came to them for emails unless DOJ had a really good reason to prevent Microsoft from telling their enterprise customer.

Today marks another important step in ensuring that people’s privacy rights are protected when they store their personal information in the cloud. In response to concerns that Microsoft raised in a lawsuit we brought against the U.S. government in April 2016, and after months advocating for the United States Department of Justice to change its practices, the Department of Justice (DOJ) today established a new policy to address these issues. This new policy limits the overused practice of requiring providers to stay silent when the government accesses personal data stored in the cloud. It helps ensure that secrecy orders are used only when necessary and for defined periods of time. This is an important step for both privacy and free expression. It is an unequivocal win for our customers, and we’re pleased the DOJ has taken these steps to protect the constitutional rights of all Americans.

Until now, the government routinely sought and obtained orders requiring email providers to not tell our customers when the government takes their personal email or records. Sometimes these orders don’t include a fixed end date, effectively prohibiting us forever from telling our customers that the government has obtained their data.

[snip]

Until today, vague legal standards have allowed the government to get indefinite secrecy orders routinely, regardless of whether they were even based on the specifics of the investigation at hand. That will no longer be true. The binding policy issued today by the Deputy U.S. Attorney General should diminish the number of orders that have a secrecy order attached, end the practice of indefinite secrecy orders, and make sure that every application for a secrecy order is carefully and specifically tailored to the facts in the case.

Rod Rosenstein, then overseeing the Mueller investigation, approved the new policy on October 19, 2017.

The effect was clear. When various entities at DOJ wanted records from Trump Organization after that, DOJ did not approve the equivalent request approved just months earlier.

If DOJ withdrew a subpoena rather than have it disclosed, it was probably inconsistent with media guidelines

If I’m right that DOJ asked Microsoft for the reporters’ email records, but then withdrew the request rather than have Microsoft disclose the subpoena to WaPo, then the request itself likely violated DOJ’s media guidelines — at least as they were rewritten in 2015 after a series of similar incidents, including DOJ’s request for the phone records of 20 AP journalists in 2013.

DOJ’s media guidelines require the following:

  • Attorney General approval of any subpoena for call or email records
  • That the information be essential to the investigation
  • DOJ has taken reasonable attempts to obtain the information from alternate sources

Most importantly, DOJ’s media guidelines require notice and negotiation with the affected journalist, unless the Attorney General determines that doing so would “pose a clear and substantial threat to the integrity of the investigation.”

after negotiations with the affected member of the news media have been pursued and appropriate notice to the affected member of the news media has been provided, unless the Attorney General determines that, for compelling reasons, such negotiations or notice would pose a clear and substantial threat to the integrity of the investigation, risk grave harm to national security, or present an imminent risk of death or serious bodily harm.

But a judge can review the justifications for gags before issuing them (for all subpoenas, not just media ones).

Just as an example, the government obtained a gag on Twitter, Facebook, Instagram and Google when obtaining Reality Winner’s cloud-based communications a week after they had arrested her (at a time when she was in no position to delete her own content). After a few weeks, Twitter challenged the gag. A judge gave DOJ 180 days to sustain the gag, but in August 2017, DOJ lifted it.

That was a case where DOJ obtained the communications of an accused leaker, with possible unknown co-conspirators, so the gag at least made some sense.

Here, by contrast, the government would have been asking for records from journalists who were not alleged to have committed any crime. The ultimate subject of the investigation would have no ability to destroy WaPo’s records. The records — and the investigation — were over three years old. Whatever justification DOJ gave was likely obviously bullshit.

Hypothetical scenario: DOJ obtains cell phone records only to have a judge rule a gag inappropriate

Let me lay out how this might have worked to show why this might mean DOJ violated the media guidelines. Here’s one possible scenario for what could have happened:

  • In the wake of the election, John Durham subpoenaed the WaPo cell providers and Microsoft, asking for a gag
  • The cell provider turned over the records with no questions — neither AT&T nor Verizon care about their clients’ privacy
  • Microsoft challenged the gag and in response, a judge ruled against DOJ’s gag, meaning Microsoft would have been able to inform WaPo

That would mean that after DOJ, internally — Billy Barr and John Durham, in this speculative scenario — decided that warning journalists would create the same media stink we’re seeing today and make the records request untenable, a judge ruled that that a media stink over an investigation into a 3-year old leak wasn’t a good enough reason for a gag. If this happened, it would mean some judge ruled that Barr and Durham (if Durham is the one who made the request) invented a grave risk to the integrity of their investigation that a judge subsequently found implausible.

It would mean the request itself was dubious, to say nothing of the gag.

Once again, DOJ failed to meet its own notice requirements

And with respect to the gag, this request broke another one of the rules on obtaining records from reporters: that they get notice no later than 90 days after the subpoena. The Justice Manual says this about journalists whose records are seized:

  • Except as provided in 28 C.F.R. 50.10(e)(1), when the Attorney General has authorized the use of a subpoena, court order, or warrant to obtain from a third party communications records or business records of a member of the news media, the affected member of the news media shall be given reasonable and timely notice of the Attorney General’s determination before the use of the subpoena, court order, or warrant, unless the Attorney General determines that, for compelling reasons, such notice would pose a clear and substantial threat to the integrity of the investigation, risk grave harm to national security, or present an imminent risk of death or serious bodily harm. 28 C.F.R. 50.10(e)(2). The mere possibility that notice to the affected member of the news media, and potential judicial review, might delay the investigation is not, on its own, a compelling reason to delay notice. Id.
  • When the Attorney General has authorized the use of a subpoena, court order, or warrant to obtain communications records or business records of a member of the news media, and the affected member of the news media has not been given notice, pursuant to 28 C.F.R. 50.10(e)(2), of the Attorney General’s determination before the use of the subpoena, court order, or warrant, the United States Attorney or Assistant Attorney General responsible for the matter shall provide to the affected member of the news media notice of the subpoena, court order, or warrant as soon as it is determined that such notice will no longer pose a clear and substantial threat to the integrity of the investigation, risk grave harm to national security, or present an imminent risk of death or serious bodily harm. 28 C.F.R. 50.10(e)(3). In any event, such notice shall occur within 45 days of the government’s receipt of any return made pursuant to the subpoena, court order, or warrant, except that the Attorney General may authorize delay of notice for an additional 45 days if he or she determines that for compelling reasons, such notice would pose a clear and substantial threat to the integrity of the investigation, risk grave harm to national security, or present an imminent risk of death or serious bodily harm. Id. No further delays may be sought beyond the 90‐day period. Id. [emphasis original]

Journalists are supposed to get notice if their records are seized. They’re supposed to get notice no later than 90 days after the records were obtained. AT&T and Verizon would have provided records almost immediately and this happened in 2020, meaning the notice should have come by the end of March. But WaPo didn’t get notice until after Lisa Monaco was confirmed as Deputy Attorney General and, even then, it took several weeks.

DOJ’s silence about an Office of Public Affairs review

While it’s not required by guidelines, in general DOJ has involved the Office of Public Affairs in such matters, so someone who has to deal with the press can tell the Attorney General and the prosecutor that their balance of journalist equities is out of whack. At the time, this would have been Kerri Kupec, who was always instrumental in Billy Barr’s obstruction and politicization.

But it’s not clear whether that happened. I asked Acting Director of OPA Marc Raimondi (the guy who has defended what happened in the press; he was in National Security Division at the time of the request), twice, whether someone from OPA was involved. Both times he ignored my question.

The history of Special Counsels accessing sensitive records and testimony

There’s a history of DOJ obtaining things under Special Counsels they might not have obtained without the Special Counsel:

  • Pat Fitzgerald coerced multiple reporters’ testimony, going so far as to jail Judy Miller, in 2004
  • Robert Mueller obtained Michael Cohen’s records from Microsoft rather than Trump Organization
  • This case probably represents John Durham, having been made Special Counsel, obtaining records that DOJ did not obtain in 2017

There’s an irony here: Durham has long sought ways to incriminate Jim Comey, who is represented by Pat Fitzgerald and others. In 2004, as Acting Attorney General, Comey approved the subpoenas for Miller and others. That said, given the time frame on the records request, it is highly unlikely that he’s the target of this request.

Whoever sought these records, it is virtually certain that the prosecutor only obtained them after making decisions that DOJ chose not to make when these leaks were first investigated in 2017, after Jeff Sessions announced a war on media leaks in the wake of having his hidden meeting with Sergey Kislyak exposed.

That suggests that DOJ decided these records, and the investigation itself, were more important in 2020 than Jeff Sessions had considered them in 2017, when his behavior was probably one of the things disclosed in the leak.

The dubious claim that these records could have been necessary or uniquely valuable

Finally, consider one more detail of DOJ’s decision to obtain these records: their claims, necessary under the media policy, that 3-year old phone and email records were necessary to a leak investigation.

When these leaks were first investigated in 2017, DOJ undoubtedly identified everyone who had access to the Kislyak intercepts and used available means — including reviewing the government call records of the potential sources — to try to find the leakers. If they had a solid lead on someone who might be the leaker, the government would have obtained the person’s private communication records as well, as DOJ did do during the contemporaneous investigation into the leak of the Carter Page FISA warrant that ultimately led to SSCI security official James Wolfe’s prosecution.

Jeff Sessions had literally declared war within days of one of the likely leaks under investigation here, and would approve a long-term records request from Ali Watkins in the Wolfe investigation and a WhatsApp Pen Register implicating Jason Leopold in the Natalie Edwards case. After Bill Barr came in, he approved the use of a Title III wiretap to record calls involving journalists in the Henry Frese case.

For the two and a half years between the time Sessions first declared war on leaks and the time DOJ decided these records were critical to an investigation, DOJ had not previously considered them necessary, even at a time when Sessions was approving pretty aggressive tactics against leaks.

Worse still, DOJ would have had to claim they might be useful. These records, unlike the coerced testimony of Judy Miller, would not have revealed an actual source for the stories. These records, unlike the Michael Cohen records obtained via Microsoft would not be direct evidence of a crime.

All they would be would be leads — a list of all the phone numbers and email addresses these journalists communicated with via WaPo email or telephony calls or texts — for the period in question. It might return records of people (such as Andy McCabe) who could be sources but also had legal authority to communicate with journalists. It would probably return a bunch of records of inquiries the journalists made that were never returned. It would undoubtedly return records of people who were sources for other stories.

But it would return nothing for other means of communication, such as Signal texts or calls.

In other words, the most likely outcome from this request is that it would have a grave impact on the reporting equities of the journalists involved, with no certainty it would help in the investigation (and an equally high likelihood of returning a false positive, someone who was contacted but didn’t return the call).

And if it was Durham who made the request, he would have done so after having chased a series of claims — many of them outright conspiracy theories — around the globe, only to have all of those theories to come up empty. Given that after years of investigation Durham has literally found nothing new, there’s no reason to believe he had any new basis to think he could solve this leak investigation after DOJ had tried but failed in 2017. Likely, what made the difference is that his previous efforts to substantiate something had failed, and Barr needed to empower him to keep looking to placate Trump, and so Durham got to seize WaPo’s records.

Billy Barr has been hiding other legal process against journalists

Given the disclosure that Barr approved a request targeting the WaPo about five months ago and that under Barr DOJ used a Title III wiretap in a leak investigation (albeit targeting the known leaker), it’s worth noting one other piece of oversight that has lapsed under Barr.

In the wake of Jeff Sessions declaring war on leaks in 2017 (and, probably, the leak in question here), Ron Wyden asked Jeff Sessions whether the war on leaks reflected a change in the new media guidelines adopted in 2015.

Wyden asked Sessions to answer the following questions by November 10:

  1. For each of the past five years, how many times has DOJ used subpoenas, search warrants, national security letters, or any other form of legal process authorized by a court to target members of the news media in the United States and American journalists abroad to seek their (a) communications records, (b) geo-location information, or (c) the content of their communications? Please provide statistics for each form of legal process.
  2. Has DOJ revised the 2015 regulations, or made any other changes to internal procedures governing investigations of journalists since January 20, 2017? If yes, please provide me with a copy.

In response, DOJ started doing a summary of the use of legal process against journalists for each calendar year. For example, the 2016 report described the legal process used against Malheur propagandist Pete Santilli. The 2017 report shows that, in the year of my substantive interview with FBI, DOJ obtained approval for a voluntary interview with a journalist before the interview because they, “suspected the journalist may have committed an offense in the course of newsgathering activities” (while I have no idea if this is my interview, during the interview, the lead FBI agent also claimed to know the subject of a surveillance-related story I was working on that was unrelated to the subject of the interview, though neither he nor I disclosed what the story was about). The 2017 report also describes obtaining Ali Watkins’ phone records and DOJ’s belated notice to her. The 2018 report describes getting retroactive approval for the arrest of someone for harassing Ryan Zinke but who claimed to be media (I assume that precedent will be important for the many January 6 defendants who claimed to be media).

While I am virtually certain the reports — at least the 2018 one — are not comprehensive, the reports nevertheless are useful guidelines for the kinds of decision DOJ deems reasonable in a given year.

But as far as anyone knows, DOJ stopped issuing them under Barr. Indeed, when I asked Raimondi about them, he didn’t know they existed (he is checking if they were issued for 2019 and 2020).

So we don’t know what other investigative tactics Barr approved as Attorney General, even though we should.

Avril Haines Committed to Reviewing Past Redactions of Intelligence on Russia’s Support for Trump

In the wake of the confirmation that Konstantin Kilimnik did, in fact, share campaign data with Russian Intelligence, some people are asking whether Trump withheld information confirming that fact from Mueller or SSCI.

There are other possible explanations. After all, DOJ stated publicly in 2019 they were still working on decrypting communications involving Manafort and Kilimnik. There are likely new sources of information that have become available to the government.

It’s also certain that the government did share some information with SSCI that was not publicly released in its report last year. Indeed, we’re still waiting on information in the SSCI Report that probably will be made public.

Ron Wyden complained about the overclassification of the report when it came out, and — in his typical fashion — provided bread crumbs of what we might learn with further declassification.

(U) The report includes new revelations directly related to the Trump campaign’s cooperation with Russian efforts to get Donald Trump elected. Yet significant information remains redacted. One example among many is the report’s findings with regard to the relationship between Trump campaign manager Paul Manafort and Russian intelligence officer Konstantin Kilimnik.

(U) The report includes significant information demonstrating that Paul Manafort’s support for Russia and pro-Russian factions in Ukraine was deeper than previously known. The report also details extremely troubling information about the extent and nature of Manafort’s connection with Kilimnik and Manafort’s passage of campaign polling data to Kilimnik. Most troubling of all are indications that Kilimnik, and Manafort himself, were connected to Russia’s hack-and-leak operations.

(U) Unfortunately, significant aspects of this story remain hidden from the American public. Information related to Manafort’s interactions with Kilimnik, particularly in April 2016, are the subject of extensive redactions. Evidence connecting Kilimnik to the GRU’s hack-and-leak operations are likewise redacted, as are indications of Manafort’s own connections to those operations. There are redactions to important new information with regard to Manafort’s meeting in Madrid with a representative of Oleg Deripaska. The report also includes extensive information on Deripaska, a proxy for Russian intelligence and an associate of Manafort. Unfortunately, much of that information is redacted as well.

(U) The report is of urgent concern to the American people, in part due to its relevance to the 2020 election and Russia’s ongoing influence activities. The public version of the report details how Kilimnik disseminated propaganda claiming Ukrainian interference in the 2016 election, beginning even before that election and continuing into late 2019. [one sentence redacted] And the report includes information on the role of other Russian government proxies and personas in spreading false narratives about Ukrainian interference in the U.S. election. This propaganda, pushed by a Russian intelligence officer and other Russian proxies, was the basis on which Donald Trump sought to extort the current government of Ukraine into providing assistance to his reelection efforts and was at the center of Trump’s impeachment and Senate trial. That is one of the reasons why the extensive redactions in this section of the report are so deeply problematic. Only when the American people are informed about the role of an adversary in concocting and disseminating disinformation can they make democratic choices free of foreign interference.

Redactions suggest there was more to an April exchange of information between Kilimnik and Manafort involving Oleg Deripaska than has been made public, describing something else that happened almost simultaneously with that exchange. SSCI learned about that even without obtaining information from Manafort’s email server, which Kilimnik was using long after he stopped working for Manafort and which they subpoenaed unsuccessfully, but Mueller did obtain it.

There’s also a very long redacted passage in the more general Additional Views from Democrats on the committee that laid out the significance of the SSCI findings for the 2020 election (ostensibly what yesterday’s sanctions addressed).

Also in typical Wyden fashion, he already took steps to liberate such information as could be released. In his Questions for the Record for both Avril Haines and William Burns, Wyden asked that this information be declassified. He also asked that more information behind Treasury’s sanctions imposed on Andrii Derkach last September be declassified. Haines committed to ordering a new declassification review of both.

QUESTION 150: If confirmed, will you review the Committee’s Report on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election, in particular Volume 5, for additional declassification?

Yes, if confirmed, I will order a review of the Committee’s report to determine whether additional declassification is possible consistent with the need to protect national security.

QUESTION 151: If confirmed, will you review intelligence related to foreign interference in the 2020 U.S. election, including with regard to Russian agents referenced in the Treasury Department’s September 10, 2020, sanctions announcement, for additional declassification and public release?

Yes, if confirmed I will order a review of these materials to determine whether additional declassification is possible consistent with the need to protect national security.

So we should be getting a newly declassified version of the SSCI Report that will reveal what the Trump Administration did share, but buried under redactions.

Which will also reveal what Trump knew about Manafort’s affirmative ties to Russian intelligence when he pardoned Manafort to pay off Manafort’s silence about all that during the Mueller investigation.

Rat-Fucker Rashomon: Four Stories about Roger Stone (Introduction)

As background for some other things and because I’m a former scholar of narrative, I want to lay out the four different stories that have been told of Roger Stone’s actions in 2016 and after:

One day there might be a fifth story, the investigative records, but those are still so redacted (and the subjects were such committed liars) to be of limited use right now, so while I will integrate them and other public records into this series, I won’t treat them as a separate story.

I observed in this post that a September 2018 affidavit revealed that the Stone indictment and trial were, in part, investigative steps in a larger investigation, an investigation that Bill Barr appears to have since substantially killed. The affidavit asked for (and received) a gag because, it explained, investigators were trying to keep Stone from learning that the investigation into him was broader than he thought.

It does not appear that Stone is currently aware of the full nature and scope of the ongoing FBI investigation. Disclosure of this warrant to Stone could lead him to destroy evidence or notify others who may delete information relevant to the investigation.

Partly, the larger investigation must have been an effort to determine — and if possible, obtain proof beyond a reasonable doubt — of how Stone optimized the release of (at least) the Podesta emails. I think the evidence shows Stone did partly optimize the release, though I also believe doing so served as much to compromise Stone and others as to help Trump get elected. In an unreliable Paul Manafort interview, Trump’s former campaign chair describes a conversation (this may have taken place in spring 2018, during a period when Manafort unconvincingly claims he was not engaged in concocting a cover story with his lifelong buddy) where Stone clarified that he was just a conduit in the process of optimizing the Podesta release, not the decision maker.

Stone said to Manafort that he was not the decision maker or the controller of the information. Stone said he may have had advance knowledge, but he was not the decision maker. Stone was making clear to Manafort that he did not control the emails or make decisions about them. Stone said he received information about the Podesta emails but was a conduit, not someone in a position to get them released.

That’s Stone and Manafort’s less damning explanation, that Stone did have advance knowledge but didn’t control the process! It may also be true, though Stone likely believed he was controlling things in real time, when he was making stupid promises. Being a reckless rat-fucker can make a guy vulnerable to rat-fuckery himself.

I also believe that prosecutors did confirm how Stone got (information on) the emails and what stupid promises he had to make to get them, though not until after Stone was charged in his cover-up and probably not beyond a reasonable doubt. But, likely for a variety of reasons, they never told us that in any of the four stories that have been released about Stone.

So I want to examine what story each of the four narratives tell, because what an author withholds [wink] is always at least as interesting as what storyline the author uses to engage her readers.

The Mueller Report

All these stories are constrained, in part, by their genre.

For example, legally, the Mueller Report fulfills a requirement of the regulation under which Mueller was appointed.

Closing documentation. At the conclusion of the Special Counsel’s work, he or she shall provide the Attorney General with a confidential report explaining the prosecution or declination decisions reached by the Special Counsel.

You finish your work, and you tell the Attorney General overseeing your work whom you charged, whom you didn’t, and why. The Mueller Report, consisting of two volumes and some appendices laying out referrals from the investigation itself, therefore had to tell a story to support these decisions:

  • To charge a bunch of IRA trolls but none of the Americans unwittingly cooperating with them
  • To charge a bunch of Russian intelligence officers but not WikiLeaks or Roger Stone (though note that Rod Rosenstein has said the WikiLeaks investigation always remained at EDVA)
  • Not to charge Don Jr and Stone for accepting or soliciting illegal campaign donations from foreigners
  • Not to charge a bunch of Trumpsters for their sleazy influence peddling
  • To charge a bunch of Trumpsters with lying and (in the case of Manafort and Gates) various kinds of financial fraud, but not to charge other Trumpsters for equally obvious lying
  • Effectively (and this is my opinion), to refer Trump to Congress for impeachment
  • To refer a bunch of other matters, ranging from Trumpsters’ financial fraud, George Nader’s child porn (though given the releases from the other day, it’s not clear that’s formally in the report), and a number of counterintelligence matters, for further investigation

That’s not all. Technically, one investigation into someone either close to or Trump himself wasn’t even done at the time Mueller finished. Documents show a campaign finance investigation–AKA bribery–involving a bank owned by a foreign country was ongoing; Bill Barr has recently publicly bitched about the legal theory behind the investigation (one SCOTUS approved) and it has been closed. And, significantly, for the purpose of this series, Mueller had not obtained Stone aide Andrew Miller’s testimony when the Report got written either, though at the minute Miller agreed to testify, Mueller was giving a presser closing up shop, presumably (though not definitely) making Miller’s testimony part of the ongoing investigation related to Stone.

Aside from those two details, the story the Mueller Report has to tell has to explain those prosecutorial decisions. For the sake of this series, then, the story has to tell why Stone wasn’t charged for soliciting illegal campaign donations from WikiLeaks, why he was charged for lying to obscure who his go-between was and whether he had discussed all that with Trump and others on the campaign, and why Trump should be impeached for his promises to pardon Stone (among others) for covering up what really happened in 2016.

Significantly for this story, Stone was not charged because he lied about having a go-between (he lied to Congress to cover up who it was), nor was he charged for any actions he took with his go-between to get advance information. I’m not certain, but such charges may actually not be precluded by double jeopardy; if not, this story may have been written to ensure no double jeopardy attached. In any case, we shouldn’t expect details of his go-between to be fully aired in the report (or encompassed by it), because it was not a prosecutorial decision that needed to be explained.

The timeline of the Stone part of this story starts in early June 2016, and (for the main part of his story) ends the day the Podesta emails got released, October 7, leaving out a bunch of Stone activities that were key prongs of the investigation.

The Stone prosecution

The story told by the Stone prosecution unsurprisingly adopts the same general scope as the Mueller Report.

As noted above, the government took a number of investigative steps in 2018 that they kept secret from Stone, explicitly because they wanted Stone to continue to believe he was only under investigation for his lies about his claims about having a go-between with WikiLeaks. Because of that, I think the story the Stone prosecution told is best understood as a way to use the prosecution to advance a larger investigation, without compromising the rest of it. As such, it makes the way in which prosecutors controlled this narrative all the more interesting. That dual objective — advancing the larger investigation but keeping secrets –meant that prosecutors needed to provide enough detail to win the case — possibly even to get testimony about specific details to achieve other objectives in their investigation — but not disclose details that would give away the rest or require unreliable witnesses.

The Stone prosecutors provided us a handy timeline to show the scope of its story, split into two sections. The first starts with Assange’s promise of additional Hillary files on June 12, 2016 and ends on October 7, 2016.

While Rick Gates did testify that Stone predicted a WikiLeaks drop even before June 12, his testimony focused far more closely on discussions they had in the wake of the June 14 DNC announcement they’d been hacked. So the prosecution left out interesting details about what Stone was up to in spring 2016.

By ending the earlier, election-related timeline on October 7, prosecutors didn’t include a presumed Stone meeting with Trump on October 8 or the evidence that he and Corsi had advance knowledge of certain Podesta files, which became clear around October 13, to say nothing of what happened in the days after the election.

Then, the prosecution adopted a later timeline covering obstruction and witness tampering. It starts on January 6, 2017 and — at least on this timeline — goes through January 28, 2018 (though FBI Agent Michelle Taylor introduced evidence and Randy Credico testified to events that took place after that date).

That’s the scope of the story: an abbreviated version of 2016, starting after Stone first starting claiming to have advance warning of the email dumps, and ending well before things started to get interesting in the lead-up to and aftermath of the election.

A simplified version of the plot this story tells is how Stone used Credico to make sure no one would look too closely at what he had been up to with Corsi.

The SSCI Report

As I said, most of these stories were dictated, in part, by genre and a specific goal. Prosecutors writing the Mueller Report could only tell a story that explained prosecutorial decisions, and in this case, they had an ongoing investigation to protect (which Barr appears to have since substantially killed). Prosecutors scoping the Stone prosecution only had to present enough evidence to get their guilty verdict, and presumably didn’t want to produce evidence that would disclose the secrets they were trying to keep or expose a weakness in an otherwise airtight case. As for the warrants, every affidavit an FBI agent writes notes that they are including only as much as required to show probable cause. With a caveat laid out below, the FBI agents wouldn’t want to include too much for fear of giving defendants reason to challenge the warrants in the future. So the Stone affidavits, like all probable cause affidavits, are an exercise in careful narrative, telling a story but not telling too much.

Thus, the SSCI Report (clocking in at almost 1,000 pages) is the only one of these four stories that even pretends to be revealing all it knows. But it also didn’t try to tell the whole story. It limited the scope of the investigation in various ways (most notably, by refusing to investigate Trump’s financial vulnerabilities to Russia). And over and over again, the SSCI Report pulled punches to avoid concluding that the President is a glaring counterintelligence risk. The imperative of protecting the President (and getting Republican votes in Committee to actually release it) affected the way SSCI told its story in very tangible ways.

Because it is a SSCI Report, this story has a ton of footnotes which are (as they are in most SSCI Reports) a goldmine of detail. But the decision of what to put in the main body of a story and what to relegate to a footnote is also a narrative question.

Importantly, SSCI had outside limitations on its investigation — and therefore its story — that the FBI did not have. Rick Gates, Jerome Corsi, and Paul Manafort largely invoked the Fifth Amendment. Stone refused to testify. SSCI only received a limited subset of Mueller’s 302s, and none pertaining to the GRU investigation. SSCI had limited ability to demand the content of communications. The White House and the Trump Org withheld documents, even some documents they otherwise provided to Mueller. Plus, the version of the report we have is heavily redacted (including much of the discussion about WikiLeaks), sometimes for classified reasons but also sometimes (if you trust Ron Wyden’s additional views) to protect the President. That means we don’t even get the full story SSCI told.

Nevertheless, while SSCI left out parts of the story that the FBI seems to have considered important, the SSCI Report also includes a lot that DOJ and FBI had to have known, but for reasons that likely stem, in part, from the stories they wanted or were obligated to tell, they chose not to disclose. That makes the SSCI Report really useful to identify what must be intentional gaps in the other stories.

Like the Mueller Report (in part because it relied heavily on it), the story that the SSCI Report tells about Stone adopts an uneven timeline, narrowly focusing on Stone’s election season activities even while for others it adopts a broader timeframe. More generally, though, the SSCI Report tells a story about the dangerous counterintelligence threats surrounding the President, while stopping short of fully considering how he is himself a counterintelligence threat.

The warrant affidavits

As noted, FBI warrants deliberately and explicitly try to find a sweet spot, establishing probable cause but not including stuff that either might be challenged later or might give away investigative secrets. That said, Andrew Weissmann’s book reveals that Mueller’s team included more detail than needed in affidavits to provide a road map if they all got fired.

We also realized we could use the courts as a kind of external hard drive to back up our work. The applications for search warrants we filed with the court only had to set out a minimum of facts from which the court could find probable cause—a fairly low standard. But by packing those documents with up-to-date details of our investigation, we could create a separate record of our activities—one that would be deposited securely in the judicial system, beyond the reach of the Department of Justice, the White House, or Congress. (Putting such a substantial record before the court had the added benefit of eliciting quick rulings on our applications and demonstrating that we were not tacking too close to the line in establishing the necessary probable cause.)

The affidavits in the Stone case — written by at least 5 different FBI agents — actually tell two stories: The first is a narrative of how allegations were made and then removed, often for emphasis but also, probably in some cases, because suspicions were answered. The second is an evolving narrative of some of the core pieces of evidence that Stone did have advance notice of the releases, and so may have had legal liability — either as a co-conspirator, or someone who abetted the operation — for the hack-and-leak. It came to double in on itself, investigating Stone’s extensive efforts to thwart the investigation. Near the end of the investigation, that story came to incorporate Foreign Agent charges (though it’s not entirely sure how much Stone, or other people like Assange, are the target of those warrants, and virtually all that story is redacted). I lay out how these two narratives intersect here.

For some of the investigation, the affidavits adopted a timeline starting in June 2015 (when Stone worked on the Trump campaign) and continuing through the election, but ultimately that timeline extended through to the present in 2018 and 2019, ostensibly to support the obstruction investigation.

The gaps

The differences between the stories may be easiest to identify by observing what each leaves out. Each of these stories leaves out some pieces of evidence of one or more of the following:

  • The extent and nature of Stone’s provable interactions about WikiLeaks with Trump: While all of these stories do include evidence that Stone kept Trump apprised of his efforts to optimize the Podesta release, the SSCI Report — completed without Trump’s phone records or those of many others, with a very limited set of witness 302s, and limited power to access evidence of its own — describes damning interactions that none of the other stories do.
  • The extent to which either Corsi or Stone succeeded in dictating the release of the Podesta emails on October 7, 2016 and why: Several stories consider only whether Corsi managed to get WikiLeaks to drown out the Access Hollywood video, without considering whether Stone did.
  • What Stone and Corsi did with advance knowledge that WikiLeaks would release information on John Podesta’s ties with Joule holdings: Manafort’s unreliable testimony (and a bunch of other evidence) seems to confirm that Stone and Corsi had at least advance notice of, if not documents themselves, on Podesta’s ties with Joule Holdings that were later released by WikiLeaks. Only one of these four stories — the affidavits — include this process as a central story line, but it’s one way to show that the rat-fucker and the hoaxster did have advance knowledge (and show what their fevered little brains thought they were doing with it).
  • Proof that Stone had foreknowledge: While much of this is inconclusive, the affidavits make it clear that investigators believed Stone’s knowledge went beyond and long preceded what Corsi obtained in early August 2016. Once you establish that foreknowledge, then all question of Corsi versus Credico is substantially meaningless window-dressing (albeit convenient window dressing if you’re trying to hide a larger investigation).
  • Steve Bannon’s knowledge of and possible participation in Stone’s schemes shortly after he came on as campaign manager: The government almost certainly has grand jury testimony laying this out. But we’ve only seen glimpses of what happened after Stone wrote Bannon and floated a way to win the election the day he came onto the campaign, and not all of these stories were even curious about what happened.
  • Stone’s social media efforts to undermine the Russian attribution: I’m agnostic at this point about the significance of investigators’ focus on Stone’s efforts to undermine the Russian attribution for the operation, but some stories cover it and others ignore it conspicuously.
  • Stone’s extended effort to get a pardon for Julian Assange: It is a fact that Stone pursued a pardon for Julian Assange after Trump won. While it’s not yet proven whether Stone reached out to WikiLeaks on or even before November 9 or waited until days later, several of these stories incorporate details of that effort. Others ignore it.
  • Stone’s interactions with Guccifer 2.0: This story is virtually identical, albeit with additive bits, in three of the four stories. It is — almost — entirely absent from the prosecution.

The Manafort-Stone connection

One other detail to consider as you look at the different stories told here: Not a single one of them treats Manafort and Stone as a unit or a team. Partly this is just convenience. It’s hard to tell a story with two villains, and there is so much dirt on both Manafort and Stone, there’s more than enough material for one story for each. We also know that from the very beginning of the investigation, the Mueller team largely kept these strands separate, a team led by Andrew Weissmann focusing on Manafort and a team led by Jeannie Rhee focusing on Russian outreach (though 302s and other documents show that Rhee definitely participated in both, and Weissmann describes working closely with Rhee in his book).

But Roger Stone played a key role in getting Manafort hired by the Trump campaign. They were friends from way back. They used each other to retain a presence on the campaign after they got booted. Stone made reckless efforts to obtain the Podesta files partly in a bid to save Manafort. So while it’s easy to tell a story that keeps the Manafort corruption and the Stone cheating separate, that may not be the correct cognitive approach to understand what happened.

None of these stories tell the complete story. Most deliberately avoid doing so, and the one that tried, the SSCI Report, stopped short of telling all that’s public and didn’t have access to much that remains secret. Reading them together may point to what really happened.

Links to all posts in the series

Billy Barr Released Someone with a History of Conspiring from Prison to Home Confinement

One thing the Senate Intelligence Committee Report on Russia does is confirm there’s a continuity between the efforts to carve up Ukraine pitched to Paul Manafort on August 2, 2016 — at a meeting where he also discussed how he would win Michigan — and the propaganda efforts implicating Ukraine that got the President impeached.

The report has a forty page section describing “Manafort’s Activities After the Election.”

The narrative starts with Kilimnik attempting to leverage his ties to Manafort (in part exploiting Sam Patten). It then describes some of the events described in the Mueller Report: the December 8, 2016 foldered email, a heavily redacted description of his meeting in Madrid with Georgiy Oganov, Konstantin Kilimnik’s trip to the inauguration where he had a meeting with Manafort he kept secret from Patten, a second meeting in Madrid — this time with Kilimnik — where they discussed how to undermine the narrative about Russia.

Then it takes a seeming deviation, spending sixteen pages describing Russia’s efforts — significantly led by Kilimnik — to undermine investigations into Russian interference. Much of this is unredacted. But a section describing Kilimnik’s follow-up contact with US Government officials and including descriptions of John Solomon’s propaganda is heavily redacted.

Then the narrative returns to Manafort and Kilimnik’s joint efforts to carve up Ukraine for Russia. The SSCI Report introduces an eight page section — which is almost entirely redacted save two mentions of Andrii Telizhenko’s role in the effort — by describing Kilimnik’s parallel efforts to blame Ukraine for the 2016 interference and to bring back Yanukovych.

Kilimnik, however, continued efforts to reestablish Yanukovych as part of a peace settlement. Kilimnik worked with associates inside Russia, Ukraine, and elsewhere to affect U.S. perceptions of the conflict in Ukraine. These plans blended Kilimnik’s efforts to bring about Yanukovych’s return-including his exoneration related to the violence in the Maydan in February 2014—with the aforementioned themes promoting the narrative that Ukraine, not Russia, had interfered in the 2016 U.S. elections .

The inclusion of Telizhenko and Solomon in this discussion — right in the middle of a long discussion of Manafort’s ties to Kilimnik — definitively tie the events leading up to impeachment and Ron Johnson’s current efforts to spew Russian disinformation to Manafort’s efforts with Kilimnik.

This is part of a section that Ron Wyden complained, in his separate views on the report, was overly classified.

(U) Unfortunately, significant aspects of this story remain hidden from the American public. Information related to Manafort’s interactions with Kilimnik, particularly in April 2016, are the subject of extensive redactions. Evidence connecting Kilimnik to the GRU’s hack-and- . . leak operations are likewise redacted, as are indications of Manafort’s own connections to those operations. There are redactions to important new information with regard to Manafort’s meeting in Madrid with a representative of Oleg Deripaska. The report also includes extensive information on Deripaska, a proxy for Russian intelligence and an associate of Manafort. Unfortunately, much of that information is redacted as well.

(U) The report is of urgent concern to the American people, in part due to its relevance to the 2020 election and Russia’s ongoing influence activities. The public version of the report details how Kilimnik disseminated propaganda claiming Ukrainian interference in the 2016 election, beginning even before that election and continuing into late 2019. [redacted sentence] And the report includes information on the role of other Russian government proxies and personas in spreading false narratives about Ukrainian interference in the U.S. election. This propaganda, pushed by a Russian intelligence officer and other Russian proxies, was the basis on which Donald Trump sought to extort the current government of Ukraine into providing assistance to his reelection efforts and was at the center of Trump’s impeachment and Senate trial. That is one of the reasons why the extensive redactions in this section of the report are so deeply problematic. Only when the American people are informed about the role of an adversary in concocting and disseminating disinformation can they make democratic choices free of foreign interference.

(U) As the Committee stressed .in Volume 3 of its investigation, the public must be informed as soon as possible about ongoing foreign influence campaigns. The American people are not served by aggressive redactions to a narrative describing the continuity of Russian interference before and after the 2016 election. The American people also deserve better than a double standard in which information related to Russian interference in U.S. elections remains heavily redacted while information that might cast doubton investigations into that interference is released wholesale.

After a short description of Manafort’s discussions of the investigations with Rick Gates, the Report begins an entirely new, thirty-some page section detailing Manafort’s ties — through Deripaska — to Russian intelligence, specifically GRU. That’s another section that Wyden complained was overly redacted.

I’m not aware of any place where the Report describes a document, seemingly titled with the date, August 27, 2018 (but with a last modification date of May 15, 2018), describing “Info.”

The document was revealed as part of Manafort’s breach determination Judge Amy Berman Jackson has been mulling how much of this to unseal for over a month.

In any case, Paula Manafort and Konstantin Kilimnik appear to have been planning something for August 27, 2018.

Which is interesting, given something disclosed in the last two Mueller FOIA releases. On August 21, 2018, Marshals at the Alexandria jail informed the Sheriff that a laptop provided to Paul Manafort for legal review had had its administrative password changed. That same day, per the Sheriff’s office, someone brought Manafort two USB drives. One — marked “Blank” — had a bunch of hidden files in its trash folder.

The day a jury found Manafort guilty of his VA crimes, someone helped sneak files to Manafort. That also happens to be just a week before whatever event Manafort had been planning back in May was scheduled.

And for some reason, even though they learned he was still conspiring from jail, Mueller’s team went ahead and signed a cooperation agreement with the guy.

And yet, after multiple instances where Manafort’s jailers discovered he was communicating covertly from prison, Bill Barr’s DOJ used COVID as an excuse to release him from a prison with no COVID cases, and put him in home confinement. It’s not just that Billy Barr has made sure that Manafort won’t face his full punishment for money laundering and cheating on his taxes. It’s that Barr has made it easier for a guy with abundant ties to Russian intelligence to continue communicating with Russian intelligence.

There’s one other detail in the SSCI Report that makes all of this much more interesting: Just before Manafort snuck off to meet with Kilimnik on August 2, 2016 to share his campaign strategy and discuss carving up Ukraine to Russia’s liking, Manafort had a meeting at Trump Tower with Rudy Giuliani and Donald Trump.

Both Rod Rosenstein and Richard Burr Chose Not to Investigate Trump’s Biggest Counterintelligence Vulnerability

Mike Schmidt has a story describing that Rod Rosenstein led Andrew McCabe to believe that the Deputy Attorney General had tasked Robert Mueller to investigate the counterintelligence risk posed by Trump’s financial vulnerabilities, even though Rosenstein told Mueller to limit his own investigation to criminal matters.

The Justice Department secretly took steps in 2017 to narrow the investigation into Russian election interference and any links to the Trump campaign, according to former law enforcement officials, keeping investigators from completing an examination of President Trump’s decades-long personal and business ties to Russia.

[snip]

Mr. Rosenstein concluded the F.B.I. lacked sufficient reason to conduct an investigation into the president’s links to a foreign adversary. Mr. Rosenstein determined that the investigators were acting too hastily in response to the firing days earlier of James B. Comey as F.B.I. director, and he suspected that the acting bureau director who approved the opening of the inquiry, Andrew G. McCabe, had conflicts of interest.

Mr. Rosenstein never told Mr. McCabe about his decision, leaving the F.B.I. with the impression that the special counsel would take on the investigation into the president as part of his broader duties. Mr. McCabe said in an interview that had he known Mr. Mueller would not continue the inquiry, he would have had the F.B.I. perform it.

“We opened this case in May 2017 because we had information that indicated a national security threat might exist, specifically a counterintelligence threat involving the president and Russia,” Mr. McCabe said. “I expected that issue and issues related to it would be fully examined by the special counsel team. If a decision was made not to investigate those issues, I am surprised and disappointed. I was not aware of that.”

The story is infuriating — except it also raises a number of questions it doesn’t answer, especially coming from a journalist who himself set Trump’s red line of a financial investigation just weeks after these decisions apparently took place.

Schmidt — who has obviously been fed stories by Andrew McCabe in the past — describes Rosenstein telling Mueller not to do a counterintelligence investigation.

But privately, Mr. Rosenstein instructed Mr. Mueller to conduct only a criminal investigation into whether anyone broke the law in connection with Russia’s 2016 election interference, former law enforcement officials said.

Except he doesn’t explain how that — or continued ignorance on the part of the FBI that Rosenstein had bracketed off such an investigation — is consistent with this passage from the Mueller Report:

From its inception, the Office recognized that its investigation could identify foreign intelligence and counterintelligence information relevant to the FBI’s broader national security mission. FBI personnel who assisted the Office established procedures to identify and convey such information to the FBI. The FBI’s Counterintelligence Division met with the Office regularly for that purpose for most of the Office’s tenure. For more than the past year, the FBI also embedded personnel at the Office who did not work on the Special Counsel’s investigation, but whose purpose was to review the results of the investigation and to send-in writing-summaries of foreign intelligence and counterintelligence information to FBIHQ and FBI Field Offices. Those communications and other correspondence between the Office and the FBI contain information derived from the investigation, not all of which is contained in this Volume.

Sometime before March 2018, a period that may entirely post-date McCabe’s resignation on January 29, 2018, Mueller embedded FBI Agents into his team who knew what he was and wasn’t doing on counterintelligence. It seems impossible that FBI had no idea about the scope of Mueller’s counterintelligence investigation after that point. I’m not suggesting that Schmidt is wrong (he must be right, because Adam Schiff has been saying the same thing). I’m suggesting this narrative (at least as presented in the NYT version of the story), has some gaps.

One gap appears in this passage, suggesting SSCI was simply helpless in the face of legal obstacles in obtaining information on Trump’s finances.

A bipartisan report by the Republican-led Senate Intelligence Committee released this month came the closest to an examination of the president’s links to Russia. Senators depicted extensive ties between Trump associates and Russia, identified a close associate of a former Trump campaign chairman as a Russian intelligence officer and outlined how allegations about Mr. Trump’s encounters with women during trips to Moscow could be used to compromise him. But the senators acknowledged they lacked access to the full picture, particularly any insight into Mr. Trump’s finances.

The single thing in the known scope of the SSCI Report that wasn’t also included in the Mueller Report — with the possible except of an investigation into several other allegations that Trump had been sexually compromised by Russia — is Aleksandr Torshin’s efforts to reach out to Trump via the NRA (but SSCI itself limited its investigation into NRA, and in a few cases wouldn’t have obtained material had Ron Wyden not obtained it on the Finance Committee). One weakness of the SSCI Report is an almost juvenile suggestion that sexual kompromat would the only kind of compromising information Russia had on Trump.

But to some degree, SSCI chose not to include Trump’s financial ties to Russia in their report — that was the most persistent complaint from most Democrats on the committee.

[T]he Committee did not cover all areas of concern. For example, the Committee’s investigation, for a variety of reasons, did not seek, and was not able to review, records regarding Donald Trump’s finance’s and the numerous areas where those financial interests appear to have overlapped with Russia. In tum, the reader should not interpret the Report’s absence of information on this topic to indicate that nothing of interest was found. Rather, it should be acknowledged that this was a potentially meaningful area that the Committee did not probe. [my emphasis]

BuzzFeed reported in 2018 that Richard Burr didn’t think Trump’s financial ties to be relevant.

Burr has dismissed Wyden’s complaints. “Whether every member has chosen to come and actually spend the time to go through [the documents] is a whole other question. I’m tired of hearing the fact that we don’t follow [the money],” Burr said. “We are investigating every avenue that gives us clarity into what the mission is of this investigation, but that’s not to fall outside the mission of the investigation. I could care less how they financed a deal 20 years ago somewhere because I don’t think it’s relevant.”

An earlier report described that Treasury was providing SARs to SSCI’s investigators; it just hadn’t been asked for those pertaining to Trump and his family.

Rod Rosenstein’s decision not to investigate Trump’s vulnerability to Russian compromise is one thing. Richard Burr’s decision to similarly constrain his investigation is another. Indeed, Burr’s decision is in many ways less defensible; as a co-equal branch, it is Congress’ job to ensure that the President doesn’t betray the country.

The fact that both men — who stayed on good terms with Trump while seeming to oversee an aggressive investigation into him — chose not to look into the most obvious source of compromise suggests that someone knows what they would find.

Update: Fixed timing of Mueller Report completion and McCabe resignation as Deputy Director.

Update:  On Twitter, Andrew Weissmann says key parts of the NYT story — the ones I raised questions about — are wrong.

NYT story today is wrong re alleged secret DOJ order prohibiting a counterintelligence investigation by Mueller, “without telling the bureau.” Dozens of FBI agents/analysts were embedded in Special Counsel’s Office and we were never told to keep anything from them.

Also erroneous is NYT claim “Rosenstein concluded the F.B.I. lacked sufficient reason to conduct an investigation into the president’s links to a foreign adversary.” See DOJ Special Counsel Appointment Order, para. (b)(i).

SSCI’s Timidity on Trump Tower Moscow

The SSCI Report on Russia is better, in some ways, than I expected (though weak in others).

But on a key issue — the multiple Trump Tower deals floated during the course of the election — it is inexcusably timid.

The report lays out the three offers we know from the Mueller Report:

  • A Trump Tower deal negotiated through Felix Sater, involving sanctioned banks and GRU-linked middle men and the involvement of people close to Putin
  • A deal brokered by Georgian-American Giorgi Rtskhiladze that included buy-off from the Mayor of Moscow
  • Outreach — in which Ivanka was a party — from the Director of a large energy company, Dmitry Klokov, which was tied to a meeting with Putin

Along the way, the report notes that Felix Sater (whose colorful background it lays out) was not entirely forthcoming even in his April 4, 2018 interview, long after he appears to have cleaned up some discrepancies with the Mueller team (though his later Mueller 302s have been withheld, in part for source endangerment issues, and it’s not clear the committee obtained them). Specifically, Sater was not clear who was involved in scheduling a possible trip for Cohen in December 2015, Felix Shmykov (who had ties to GRU) or Felix Dvoskin (who had ties to FSB and ran a bank operating in Crimea).

Sater told the Committee that although he never had direct communication with Kostin, Kostin was indirectly contacted about the project “through people in Moscow.”2719 Sater recalled that a contact in Moscow, whom he identified only as “Danny,” “indicated that he [Danny] spoke to people at VTB and that they would be on board.”2720 Sater also told the Committee that he used Evgeny Shmykov, the former Russian intelligence officer, as a conduit to VTB.2721

[snip]

On December 19, 2015, Sater emailed and sent a text message to Cohen requesting that Cohen call him because he had “Evgeny on the other line.”2778 Sater told the Committee in his interview prior to the release of the SCO Report that his references to Evgeny were, to his recollection, Evgeny Shmykov. According to the SCO, however, Sater’s reference to “Evgeny” on the December 19 message was a reference to Evgeny Dvoskin, who at the time was associated with a Russian bank operating in Crimea.2779 Through counsel, Sater later represented to the Committee that he may have used both Shmykov and Dvoskin at varying times.2780 As a result, while·this particular outreach appears to involve Dvoskin, the identity behind Sater’s other references to “Evgeny” remains unclear.

(U) Dvoskin is strongly connected to Russian organized crime and the Russian intelligence services, particularly the FSB.2781

There’s no unredacted discussion of whether Cohen was asked about the wisdom of pitching real estate deals with people involved in Russian intelligence. He was, however, asked about the wisdom of pitching real estate deals with sanctioned banks.

He didn’t much care.

As noted infra, both VTB Bank and GenBank were sanctioned by the U.S. Government under its Ukraine-related sanctions program targeting Russian government-connected entities. Cohen was unaware of these sanctions targeting either bank, and stated that, in addition, it “didn’t matter to me” whether the banks were sanctioned. Cohen explained that he believed the Russian developer, not the Trump Organization, would be responsible for financing the deal, and thus Cohen did not think that any sanctions “would have been a problem.”

And while the report twice laid out that the committee did not receive key emails showing high level Russian involvement in the deal, it didn’t chase down Cohen’s claim that Trump Organization managed that document request, not even when the report elsewhere admits that other documents were withheld from Trump Organization.

(U) On other matters, multiple emails between Michael Cohen and Russian government officials-which were responsive to the Committee’s document request-were never produced to the Committee. The withheld emails included outreach to the Kremlin’s press office seeking to speak with Putin’s chief of staff, Sergei Ivanov, as well as a response from Dmitri Peskov’ s assistant seeking to discuss the Trump Moscow project. During Cohen’s initial interview, , Cohen’s then-counsel Stephen Ryan told the Committee that Cohen was not involved in the production of documents to the Committee.3009 Ryan stated that Cohen’s emails from his Trump Organization account were produced to Cohen and his counsel by the Trump Organization “off the Trump [Organization] server.”3010 During that same interview, Cohen made false statements to the Committee about these communications with Russian government officials.3011 Cohen also transmitted his false statements about his outreach to the Kremlin on the project to the press and to the public generally; giving the false impression that Cohen had not communicated in a substantive way with the Russian government regarding the project.3012

(U) Cohen eventually pleaded guilty to making intentionally false statements to this Committee and to the HPSCI related to the Trump Tower project.3013 Cohen eventually admitted to receiving an email response from a Russian government employee; ultimately, he admitted contacting her and conducting a substantive conversation about the Trump Moscow project in January 2016.3014 Cohen told the Committee that the email response, which he never produced to the Committee, was never provided to him by the Trump Organization, another member of the alleged JDA.3015 The Committee was unable to determine the accuracy of this claim. However, if true, this lends support to the conclusion that Cohen’s initial false statements to the Committee were aided by other members of the alleged IDA, namely the Trump Organization.

The report also doesn’t address (as it does in the WikiLeaks section) Trump’s demonstrable lies about Trump Tower, even though those lies are even more clear cut than his lies on WikiLeaks. After Trump claimed to have no recollection of any of this, he went out to the press and said stuff that made it clear he had very clear recollections about the real estate deals he was negotiating while running for President.

In addition to the three well known deals, the SSCI Report describes a fourth, one pitched by Boris Epshteyn to Eric Trump.

Virtually the entire description of this deal is redacted in the report, suggesting either that it’s something Trump has ongoing interest in covering up or it’s something that the Intelligence Community believes has sensitive counterintelligence import.

In addition to the Epshteyn to Eric Trump channel, however, three details are not redacted:

Like the Rtskhiladze pitch, this one included involvement from the Moscow city government.

In the spring of 2016, Epshteyn received the proposal from contacts he had in the Moscow city government, and shared it with Eric Trump, with whom Epshteyn had long been friends.

[snip]

In early 2016, these same individuals affiliated with the Moscow city government reengaged Epshteyn about a potential Trump deal in Russia, ultimately sending him blueprints for a hotel.2998 According to the email chain produced by Epshteyn, the blueprints originated with a secretary for Cheremin in April 2016. Cheremin’s secretary forwarded the plans to an email address that included the name Shutenko, likely affiliated with Oleg Shutenko, Cheremin’s deputy in the Moscow city government.2999

According to a heavily redacted bullet, it appears to involve two people thrown out of the US in 2018 as part of sanctions imposed after the Skripal assassinations, which may suggest they were believed to be spies.

Finally, the deal had some tie to Rossotrudnichestvo, an NGO implicated in the false claims about a Michael Cohen meeting in Prague.

The Rossotrudnichestvo reference came in the last and most inflammatory dossier report:

[redacted] provided further details of these meeting/s and associated anti-CLINTON/Democratic Party operations. COHEN had been accompanied to Prague by 3 colleagues and the timing of the visit was either in the last week of August or the first week of September. One of their main Russian interlocutores was Oleg SOLODUKHIN, operating under Rossotrudnichestvo cover. According to [redacted], the agenda comprised questions on how deniable cash payments were to be made to hackers who had worked in Europe under Kremlin direction against the CLINTON campaign and various contingencies for covering up these operations and Moscow’s secret liaison with the TRUMP team more generally.

This doesn’t mean the Cohen reference is true!! But it is another tidbit that suggests that, to the extent the dossier was filled with disinformation, it served to muddle actual events that happened.

According to the SSCI Report, Eric Trump wasn’t all that enticed by this offer (which appears to have had none of the improbable grandeur of the Sater deal).

Except they didn’t bother to get him on the record saying that personally. It relied exclusively on Epshteyn’s representation of the deal.

(U) Epshteyn recalled sharing these blueprints with Eric Trump and discussing the offer with him. 3000 According to Epshteyn, Eric Trump said that he would “take a look” and that the opportunity “[c]ould be interesting,” but that his overall reaction was “extremely tepid.”3001 Epshteyn claimed that nothing ever came of the offer.3002

(U) The Committee did not seek to interview Eric Trump. The Committee does not have further information related to what action, if any, was taken by the Trump Organization on the proposal.

And it did so even though it had evidence that Trump Organization was part of an organized effort to lie to the committee about a different Russian real estate deal, in part by withholding responsive documents.

So it’s not, just, that SSCI declined to explain why it was so problematic from a counterintelligence standpoint that a Presidential candidate kept entertaining the kind of real estate deal in Russia he had been chasing for over a decade during the election, and at least two of those deals involved Russian intelligence operatives.

It’s that for one of the deals — a deal that, if the redactions are any indication, poses significant counterintelligence concern — SSCI just didn’t bother checking.

Ron Wyden has complained that the committee refused to follow the money of any of this. And with this fourth Trump Tower deal, they weren’t even willing to demand they got the paper trail.

Adam Schiff Makes Clear FBI Is Using Section 215 Like the 2014 Exception

For months, Congress has been debating the reauthorization of Section 215 of the PATRIOT Act. The House passed a compromise bill before COVID shut-downs really halted everything in Congress, though did so in such a way as to prevent Zoe Lofgren from offering any amendments. After the Senate failed to act, the provision (and two related ones lapsed). Then, a few weeks ago, the Senate passed a version that added an amendment from Mike Lee and Patrick Leahy that strengthened the amicus to the previously passed House bill. But an amendment offered by Ron Wyden and Steve Daines failed by one vote after Tom Carper said that Pelosi had warned him its passage would gut FISA (and after Bernie Sanders and Patty Murray didn’t make it for the vote). The operative language of their amendment read,

(C) An application under paragraph (1) may not seek an order authorizing or requiring the production of internet website browsing information or internet search history information.

Zoe Lofgren and Warren Davidson tried to pass that amendment in the House. Over a weekend of heated negotiations, they limited the Wyden-Daines language to apply just to US persons.

(C) An application under paragraph (1) may not seek an order authorizing or requiring the production of internet website browsing information or internet search history information of United States persons.

At first, Wyden endorsed the Lofgren-Davidson language. Except then Adam Schiff gave Charlie Savage a statement that suggested the amendment would only prevent the government from seeking to obtain Americans’ internet information, not prevent it altogether.

But in his own statement, Mr. Schiff put forward a narrower emphasis. Stressing the continued need to investigate foreign threats, he described the compromise as banning the use of such orders “to seek to obtain” an American’s internet information.

That led Ron Wyden to withdraw his support. Leadership withdrew that amendment from the Rule.

Schiff’s ploy seems to suggest one way the government is using Section 215.

Wyden had previously asked how each of three applications for Section 215 would appear in counts:

  • An order in which an IP address used by multiple people is the target
  • An order collecting all the people who visit a particular website
  • An order collecting all the web browsing and internet searches of a single user

I’ve argued in the past that the FBI wouldn’t go to the trouble of a Section 215 order for a person who was not otherwise targeted, the last bullet. Schiff’s willingness to limit collection to foreigners is consistent with that (because targeting non-US persons has a lower probable cause level), meaning that’s not the function the government is so intent on preserving.

Which leaves Wyden’s IP address used by multiple people and a website, what I have suggested might be VPNs and WikiLeaks. Those are the applications that Schiff (and Pelosi) are going to the mat to protect.

That makes something that happened in 2014 important. That year, FISC permitted the government to remain tasked on a selector under 702 (which can only target foreigners) even after finding that Americans were using the selector, provided the US person content was purged after the fact. Except ODNI made a list of enumerated crimes — virtually all of which exploit the Dark Web — that Section 702 content could be used to prosecute. Richard Burr codified that principle when the law was reauthorized in 2017.

Schiff has invoked the same principle — allowing the FBI to target a URL or IP, and in the name of obtaining foreign intelligence, obtaining the US person activity as well. Because this is not treated as “content,” the government may not be limited to instances where the US person activity is location obscured (though it’s possible this is just about obtaining VPN traffic, and not something like WikiLeaks).

Wyden called the resulting practice (remember, this is status quo), as “dragnet surveillance.”

“It is now clear that there is no agreement with the House Intelligence Committee to enact true protections for Americans’ rights against dragnet collection of online activity, which is why I must oppose this amendment, along with the underlying bill, and urge the House to vote on the original Wyden-Daines amendment,” Wyden said.

So once again — still — the government is using a foreign targeted law to obtain leads of Americans to investigate. That, apparently, is what Pelosi considers the key part of FISA: honey pots to identify Americans to investigate.

Meanwhile, DOJ doesn’t even like the changes Lee and Leahy implemented, falsely claiming that the law — which requires DOJ to meet the standards laid out voluntarily by FBI’s response to the DOJ IG Report — does nothing to address the problems identified by the IG Report.

The Department worked closely with House leaders on both sides of the aisle to draft legislation to reauthorize three national security authorities in the U.S.A. Freedom Act while also imposing reforms to other aspects of FISA designed to address issues identified by the DOJ Inspector General. Although that legislation was approved with a large, bipartisan House majority, the Senate thereafter made significant changes that the Department opposed because they would unacceptably impair our ability to pursue terrorists and spies. We have proposed specific fixes to the most significant problems created by the changes the Senate made. Instead of addressing those issues, the House is now poised to further amend the legislation in a manner that will weaken national security tools while doing nothing to address the abuses identified by the DOJ Inspector General.

Accordingly, the Department opposes the Senate-passed bill in its current form and also opposes the Lofgren amendment in the House. Given the cumulative negative effect of these legislative changes on the Department’s ability to identify and track terrorists and spies, the Department must oppose the legislation now under consideration in the House. If passed, the Attorney General would recommend that the President veto the legislation.

Trump, meanwhile, is opposing the bill because it doesn’t go far enough.

WARRANTLESS SURVEILLANCE OF AMERICANS IS WRONG!

Republicans are inventing reasons to oppose it after supporting it in March.

Back in March, Billy Barr said he could do what he needed to with EO 12333. It’s unclear how he’d coerce providers.

But Schiff’s efforts to defeat Wyden make it clear this is a function designed to identify Americans.

Update: I had thought a current vote was on FISA, but is on China sanctions, so I’ve deleted.

Ron Wyden Hints at How the Intelligence Community Hides Its Web Tracking Under Section 215

Ron Wyden had an amendment to Section 215 that would have limited the use of that provision to obtain web traffic information that fell one vote short in the Senate, partly because Nancy Pelosi whipped Tom Carper against it and partly because two Senators (Bernie Sanders and Patty Murray) didn’t get back for a vote. In an effort to resuscitate the amendment in the House under Zoe Lofgren and Warren Davidson’s leadership (which would surely pass if Section 215 got bounced back to the Senate), Ron Wyden released a letter to Ric Grenell trying to force some transparency about how the IC hides the scope of the use of Section 215 to get web search and Internet traffic information.

The letter asks Grenell to explain how Section 215 orders served on IP addresses, rather than email addresses, might get counted in transparency provisions.

How would the government apply the public reporting requirements for Section 215 to web browsing and internet searches? In this context, would the target or “unique identifier” be an IP address?

If the target or “unique identifier” is an IP address, would the government differentiate among multiple individuals using the same IP address, such as family members and roommates using the same Wi-Fi network, or could numerous users appear as a single target or “unique identifier”?

If the government were to collect web browsing information about everyone who visited a particular website, would those visitors be considered targets or “unique identifiers” for purposes of the public reporting? Would the public reporting data capture every internet user whose access to that website was collected by the government?

If the government were to collect web browsing and internet searches associated with a single user, would the public reporting requirement capture the scope of the collection? In other words, how would the public reporting requirement distinguish between the government collecting information about a single visit to a website or a single search by one person and a month or a year of a person’s internet use?

Wyden here lays out three use cases for how the IC might (one should assume does) use Section 215 to get web traffic.

  • An order in which an IP address used by multiple people is the target
  • An order collecting all the people who visit a particular website
  • An order collecting all the web browsing and internet searches of a single user

The government is required to report:

(5)the total number of orders issued pursuant to applications made under section 1861(b)(2)(B) of this title and a good faith estimate of—

(A)the number of targets of such orders; and

(B)the number of unique identifiers used to communicate information collected pursuant to such orders;

Taking each of his three scenarios, here’s what I believe the government would report.

An order in which an IP address used by multiple people is the target

In the first scenario, the government is trying to obtain everyone who “uses” a particular IP address. The scenario laid out by Wyden is a WiFi router used by family or friends, but both because the House Report prohibited such things in 2015 and because DOJ IG has raised questions about targeting everyone who uses a Friends and Family plan, I doubt that’s what the IC really does.

Rather, I suspect this is about VPNs and other servers that facilitate operational security. The government could hypothetically obtain four orders a year getting “VPNs,” requiring providers of each of the 10 major VPNs in the country to provide the IP addresses of all the incoming traffic, which would show the IP addresses of everyone who was using their location obscuring traffic.

In such a case, the targeted VPN IP addresses wouldn’t be communicating information at all. The users would get no information back. Therefore, the IC would only report the number of targets of such orders. If the “target” were defined as VPN, the number would be reported as 4 (for each of the 4 orders); if the “target” were defined as the specific VPN providers, the number of targets would be reported as 10.

The IC would entirely hide the number of individual Americans affected.

An order collecting all the people who visit a particular website

This application would seek to learn who visited a particular website. The classic case would be Inspire magazine, the AQAP propaganda. But I could also see how the IC might want to collect people who visit WikiLeaks’ submission page, or any number of sites that would offer information of interest to foreign spies (even DNI’s report on surveillance collection!). In such a use case, the government might ask not for the information provided to the user, but instead the incoming IP addresses of every request to the website. Again, this would not reflect a communication of information (and certainly not to the end user), so would not be reported under 5B.

If the targets were defined as “AQAP propaganda sites,” Inspire and all its affiliates might be reported as just one target (or might even be counted on a more generalized 215 order targeting AQAP or WikiLeaks, and so not as a unique 215 order at all).

The end users here would, again, not be counted if the collection request deliberately asked for something that did not “communicate information,” though I’m not sure precisely what technical language the government would use to accomplish this.

An order collecting all the web browsing and internet searches of a single user

This use case would ask how a 215 order targeting an individualized target (like Carter Page) shows up in transparency reports. If this were an order served on Google targeting a single account identifier for Google (say, Page’s Gmail account), the government might treat that Gmail identifier as the unique identifier, even though the government was getting information on every time this unique identifier obtained information.

Even in the criminal context, prosecutors don’t always target Google histories (for example, they did not with Joshua Schulte, and so got Google searches going back to before he joined the CIA). In the intelligence context, the FBI is given even more leeway to obtain everything, based off the logic that it’s harder to find clandestine activity.

In other words, Wyden has pointed to three use cases, all of which the IC is surely using, which existing transparency reporting requirements would entirely obscure the impact of.

After Years of Squealing about “FISA Abuse,” Trump’s DNI Nominee Won’t Rule Out Warrantless Wiretapping

As I noted earlier, in his confirmation hearing to be Director of National Intelligence, John Ratcliffe made it crystal clear he will lie to protect Trump by stating that he believed Trump has always accurately conveyed the threat of COVID-19.

Ratcliffe made some other alarming comments. For example:

  • He repeatedly said that Russia had not changed any votes in 2016. The Intelligence Community did not review that issue and Ratcliffe has no basis to make that claim.
  • Ratcliffe also repeatedly refused to back SSCI’s unanimous conclusion that Russia intervened to help Trump.
  • He dodged when Warner asked him to promise to brief the committee even if Russia were trying to help Trump.
  • When asked whether he supported Inspectors General, Ratcliffe said that he supported Michael Horowitz when others attacked him but then suggested he disagreed with Horowitz’ “opinion,” making it clear he does not accept Horowitz’ conclusions that he found no evidence that bias affected the investigation into Trump’s flunkies.
  • Ratcliffe claimed he didn’t have enough information to address Michael Atkinson’s firing.
  • When Dianne Feinstein read his quotes about the Ukraine whistleblower to him, Ratcliffe pretended those quotes were about something they weren’t.
  • He might not provide intelligence on COVID-19 that showed how Trump blew it off.
  • He suggested that if only the IC had reviewed open source data, they might have warned of the dangers of COVID-19, which they did warn of using both OSINT and classified intelligence.
  • He refused to answer whether he thought there was a Deep State in the IC, and later suggested a few members of the IC were Deep State.
  • Ratcliffe refused to agree to release a report showing that Mohammed bin Salman had Jamal Khashoggi executed and chopped into bits, as required by last year’s Defense Authorization. He suggested that it might have been properly classified; as DNI, he would be the Original Classification Authority to make that decision.
  • He refused to answer clearly on whether Trump’s policies on North Korea and Iran have worked.
  • He later suggested he might not share intelligence if it were too sensitive, again ignoring that as OCA he gets to decide whether it’s really classified.
  • After saying he would appear for a Global Threats hearing, he then dodged when later asked whether he would appear before the committee generally.

Ratcliffe made several comments to make it clear he would side with expansive Unitary Executive interpretations holding that:

  • There are limits to whistleblower protection.
  • If torture were deemed legal it would okay to do it.
  • The executive can use warrantless wiretapping.

There were a few additional hints about stuff going on right now:

  • Mark Warner said that intelligence professionals have been pressured to limit information they share with Congress.
  • Warner also said that Ric Grenell was undermining the IC’s election security group.
  • Both Warner and Richard Burr seemed concerned that the DNI would not declassify their 1000-page Volume V of their Report on Russia’s 2016 election interference (I’m not sure whether this assess the Steele dossier or lays out whether and how Trump “colluded” during 2016).
  • Martin Heinrich made it clear that Grenell is reorganizing the IC, without any consultation or approval from Congress.

It’s not just unqualified, he’s a sycophant. But it seems like there’s so much that Grenell is already screwing up, Republicans on the committee, at least, prefer Ratcliffe.

Update: Here are Ratcliffe’s Questions for the Record. They’re particularly troubling on sharing with Congress.

He twice refused to say that he wouldn’t impose loyalty tests.

QUESTION 39: Personnel decisions can affect analytic integrity and objectivity. A. Would you consider an individual’s personal political preferences, to include “loyalty” to the President, in making a decision to hire, fire, or promote an individual?

Answer: Personnel decisions should be based on qualifications, skills, merit, and other standards which demonstrate the ability, dedication and integrity required to support the central IC mission of providing unvarnished intelligence to policymakers.

B. Do you commit to exclusively consider professional qualifications in IC personnel decisions, without consideration of partisan or political factors?

Answer: Personnel decisions should be based on qualifications, skills, merit, and other standards that demonstrate the ability, dedication and integrity required to support the central IC mission of providing unvarnished intelligence to policymakers.

He refused to promise to keep the Election Threats Executive Office open.

QUESTION 45: Would you commit to keep the Election Threats Executive Office in place to ensure continuity of efforts, and build on the successes of the 2018 midterms?

Answer: If confirmed, I will work with IC leaders and ODNI officials to ensure the IC is well-positioned to address the election security threats facing our Nation.

He refused to promise to notify Congress if Russia starts helping Trump again.

QUESTION 53: Do you commit to immediately notifying policymakers and the public of Russian attempts to meddle in U.S. democratic processes, to include our elections?

Answer: If confirmed, I would work with the Committee to accommodate its legitimate oversight needs while safeguarding the confidentiality interests of the Executive Branch, including the protection from unauthorized disclosure of classified intelligence sources and methods

He suggested he had no problem with Section 215 being used to access someone’s browsing records.

QUESTION 7: Do you believe that Section 215 of the USA PATRIOT Act should be used to collect Americans’ web browsing and internet search history? If yes, do you believe there are or should be any limitations to “digital tracking” of Americans without a warrant, in terms of length of time, the amount of information collected, or the nature of the information collected (e.g., whether particular kinds of websites raise special privacy concerns)?

Answer: I believe it is important for the Intelligence Community to use its authorities appropriately against valid intelligence targets. The amendments to Title V of FISA made by Section 215 of the USA PATRIOT Act expired on March 15, 2020 and, to date, have not been reauthorized.

Ratcliffe dodged several questions about whether FISA was exclusive means to collect

Extra-Statutory Collection

QUESTION 9: Title 50, section 1812 provides for exclusive means by which electronic surveillance and interception of certain communications may be conducted. Do you agree that this provision of law is binding on the President?

Answer: If confirmed, I would work with the Attorney General to ensure that IC activities are carried out in accordance with the Constitution and applicable federal law.

QUESTION 10: Do you believe that the intelligence surveillance and collection activities covered by FISA can be conducted outside the FISA framework? If yes, please specify which intelligence surveillance and collection activities, the limits (if any) on extra-statutory collection activities, and the legal authorities you believe would authorize those activities.

Answer: If confirmed, I would work with the Attorney General and the heads of IC elements, as well as the General Counsels throughout the IC, to ensure that intelligence activities are conducted in accordance with the Constitution and applicable federal law. As set forth in Section 112 of FISA, with limited exceptions, FISA constitutes the exclusive statutory means by which electronic surveillance, as defined in FISA, and the interception of domestic wire, oral, or electric communications for foreign intelligence purposes may be conducted.

QUESTION 11: What would you do if the IC was requested or directed to conduct such collection activities outside the FISA framework? Would you notify the full congressional intelligence activities?

Answer: Consistent with the requirements of the National Security Act, I would keep the congressional intelligence committees informed of the intelligence activities of the United States, including any illegal intelligence activities. As you know, not all intelligence activities are governed by FISA.

If confirmed, I would work with the Attorney General and the heads of IC elements, as well as the General Counsels throughout the IC, to ensure that intelligence activities are conducted in accordance with the Constitution and applicable federal law.

Senator Wyden asked a question about the IC purchasing stuff they otherwise would need a warrant for.

QUESTION 12: Do you believe the IC can purchase information related to U.S. persons if the compelled production of that information would be covered by FISA? If yes, what rules and guidelines would apply to the type and quantity of the information purchased and to the use, retention and dissemination of that information? Should the congressional intelligence committees be briefed on any such collection activities?

Answer: Elements of the IC are authorized to collect, retain, or disseminate information concerning U.S. persons only in accordance with procedures approved by the Attorney General. As you know, not all intelligence activities are governed by FISA, and it is my understanding that in appropriate circumstances elements of the IC may lawfully purchase information from the private sector in furtherance of their authorized missions. Nonetheless, any intelligence activity not governed by FISA would be regulated by the Attorney General-approved procedures that govern the intelligence activities of that IC element. Consistent with the requirements of the National Security Act, if confirmed, I would keep the congressional intelligence committees informed of the intelligence activities of the United States.