Tuesday, July 17, 2018

FOUR COINCIDENCES: FISA Abuse and Unanswered Questions About the DNC Server

By Jeff Carlson

I won’t say it started here.

That’s far too simplistic and much had already been done.

But this July 20, 2015 Memorandum on behalf of Sally Yates set the stage for much of what was to come.

The Sally Yates Memorandum that refused Inspector General Oversight of information collected by the DOJ & FBI under Title III.

Bypassing the Inspector General – Sally Yates and the DOJ’s National Security Letter Carveout

This policy actually began back in 2010. From Congressional testimony by Horowitz:

We got access to information up to 2010 in all of these categories. No law changed in 2010. No policy changed…It was simply a decision by the General Counsel’s Office in 2010 that they viewed now the law differently. And as a result, they weren’t going to give us that information.

These new restrictions were put in place by Attorney General Eric Holder and former Deputy Attorney General James Cole.

On August 5, 2014, DOJ Inspector General Michael Horowitz and other Inspector Generals had sent an “IG Access Letter” to Congress asking for unimpeded access to all records.

Deputy Attorney General Sally Yates responded on July 20, 2015 with a 58 page Memorandum, that effectively told the Inspector Generals to go away.

The July 20, 2015 Opinion, titled Memorandum for Sally Quillian Yates Deputy Attorney General, was written by Karl R. Thompson, the Principal Deputy Assistant Attorney General of the Office of Legal Counsel (OLC).

The Opinion specifically allowed the DOJ & FBI to refuse Inspector General access to information collected under Title III:

In our view, the text of the IG Act contains no clear indication that Congress intended section 6(a)(l) to override Title III, Rule 6(e), or section 626. The Act’s legislative history, moreover, affirmatively indicates that Congress expected an inspector general’s right of access to be subject to statutory limits on disclosure.

Contrast this with actual language Congress placed into the original Inspector General Act:

[Inspector Generals shall] “have access to all records, reports, audits, reviews, documents, papers, recommendations, or other material available to the applicable establishment which relate to programs and operations with respect to which that Inspector General has responsibilities under this Act.”

The July 20, 2015 Opinion was widely criticized. But it did the job it was intended to do.

The Opinion limited IG Horowitz’s oversight from extending to any information collected under Title III – including intercepted communications and…National Security Letters.

Horowitz continued to push Congress to pass the Inspector General Empowerment Act.

Horowitz would ultimately win his battle (see here), but only as Obama was finally leaving office. On December 16, 2016, Obama signed the Inspectors General Empowerment Act into law.

It might have ended there – unnoticed by most.

Except for the heroic actions of one man: Admiral Mike Rogers – the Director of the NSA.

The Uncovering – Mike Rogers’ Investigation, Section 702 FISA Abuse & the FBI

Even then, we might never have known of actions taken by Rogers if not for the unsealing of a FISA Court Ruling by newly confirmed Director of National Intelligence Dan Coats.

Judge Collyer’s April 26, 2017 FISA Court Ruling revealed some grave Section 702 abuses that otherwise might never have come to light.

The violations were many. They had been occurring since at least November 2015.

But as the FISA Court noted in the Ruling, there was no reason to believe they had not been going on for longer:

The government orally apprised the Court of significant non-compliance with the NSA’s minimization procedures involving queries of data acquired under Section 702 using U.S. person identifiers.

There is no apparent reason to believe the November 2015-April 2016 period coincided with an unusually high error rate.

Rogers verbally notified the FISA Court on October 24, 2016.

From the Ruling:

NSA analysts had used U.S.-person identifiers to query the results of Internet “upstream” collection.

NSA analysts had been conducting such queries in violation of that prohibition, with much greater frequency than had previously been disclosed to the Court.

NSA estimates that approximately eighty-five percent of those queries, representing [Redacted] queries conducted by approximately [Redacted] targeted offices, were not compliant with the applicable minimization procedures.


From the Ruling:

The FBI had disclosed raw FISA information, including but not limited to Section 702-acquired information,…to private contractors.

Private contractors had access to raw FISA information on FBI storage systems.

Contractors had access to raw FISA information that went well beyond what was necessary to respond to the FBI’s requests.

The FISA Court was particularly focused on the FBI:

The Court is concerned about the FBI’s apparent disregard of minimization rules and whether the FBI may be engaging in similar disclosures of raw Section 702 information that have not been reported.

This seems to have been the result of deliberate decision-making. Access to FBI systems was the subject of an interagency memorandum of understanding.

No notice of this practice was given to the FISC until 2016.

It was Mike Rogers who informed the FISA Court. Verbally on October 24, 2016. And more formally in writing on October 26, 2016.

But the story does not end there.

Remember the name John Carlin.

John Carlin – The Former NSD Head Who Enabled the FBI’s Carter Page FISA Warrant

John Carlin was an Assistant Attorney General – and Head of the Department of Justice’s National Security Division (NSD).

Carlin had previously served as chief of staff to then-FBI Director Robert S. Mueller.

Section 702 requires the Attorney General and the Director of National Intelligence to provide the FISA Court with annual certifications that specify categories of foreign intelligence information the government is authorized to acquire pursuant to Section 702.

The Attorney General and the Director of National Intelligence must also certify that Intelligence Community elements will follow targeting procedures and minimization procedures that are approved by the FISA Court as part of the annual certification.

The National Security Division and Office of the Director of National Intelligence (ODNI) are jointly required to routinely review all Intelligence Agency U.S. person queries of content to ensure Section 702 queries satisfy the legal standard.

The NSD – with notice to the ODNI – is required to report any incidents of Agency noncompliance or misconduct to the FISA Court.

Again, John Carlin was Head of the NSD.

Carlin announced his resignation exactly one day after he filed the Government’s proposed 2016 Section 702 certifications – on September 26, 2016.

Here’s what happened.

On March 9, 2016, NSA Director Rogers became aware of improper contractor access to raw FISA data (Page 83 of Court Ruling).

In April of 2016, Rogers directed the NSA’s Office of Compliance to conduct a “fundamental baseline review of compliance associated with 702” (Senate testimony & Page 83-84 of Court Ruling).

On April 18, 2016, Rogers shut down all outside contractor access to raw FISA information – specifically outside contractors working for the FBI.

The March 9, 2016 discovery that outside contractors were accessing raw FISA data is almost certainly the event that precipitated Rogers ordering a full compliance review (Page 84 of Court Ruling).

On April 18, 2016, both the FBI and DOJ’s NSD become aware of Rogers’ compliance review. They may have known earlier but they were certainly aware after outside contractor access was halted.

On September 26, 2016, National Security Division Head John Carlin filed the Government’s proposed 2016 Section 702 certifications. Carlin knew the general status of Rogers’ compliance review. The NSD was part of the review.

Carlin failed to disclose the January 7, 2016 Inspector General Report and associated FISA Abuse to the FISA Court in his 2016 Certification. Carlin also failed to disclose Rogers’ ongoing Compliance Review.

The NSD and ODNI perform the ongoing reviews of Intelligence Agency Section 702 use. It is simply not possible they were unaware of the NSA Inspector General’s Report.

On October 4, 2016, a standard follow-up hearing on the 2016 Section 702 Certification was held (Page 19). Carlin was present at the hearing. Again, Carlin made no disclosure of FISA Abuse. This would be noted by the Court later.

On October 15, 2016, Carlin formally left the NSD.

On October 20 2016, Rogers was briefed by the NSA compliance officer on findings from the 702 NSA compliance audit. The audit had uncovered numerous “About” Query violations (Senate testimony).

On October 21, 2016, Rogers shut down all “About Query” activity. He reported his findings to the DOJ (Senate testimony & inferences from Court Ruling).

On October 21 2016, the DOJ & FBI sought and received a Title I FISA probable cause order authorizing electronic surveillance on Carter Page from the FISA Court.

At this point, the FISA Court was still unaware of the Section 702 violations.

On October 24, 2016, Rogers verbally informed the FISA Court of his findings (Page 4 of Court Ruling).

On October 26, 2016, Rogers appeared formally before the FISA Court and presented the written findings of his audit (Page 4, 14 & 19 of Court Ruling & Senate testimony).

The FISA Court was unaware of the FISA/Query violations until they were presented to the Court by NSA Director Rogers.

The government knew Rogers was conducting his own compliance review. Rogers knew the government was finalizing its 2016 Certification.

The government knew its 2016 Certification lacked material and legally required disclosure.

There is only one explanation that makes sense to me.

Carlin didn’t disclose his knowledge of FISA Abuse in the annual Section 702 Certifications in order to avoid raising suspicions at the FISA Court ahead of the Carter Page FISA Warrant.

The FBI and DOJ’s NSD were quite literally racing against Rogers’ Investigation in order to obtain a FISA Warrant on Carter Page.

While all this was transpiring, DNI James Clapper & Defense Secretary Ash Carter submitted a recommendation that Rogers be removed from his post as NSA Director.

The move to fire Rogers – which failed – originated sometime in mid-October 2016.

Exactly when Director Rogers was preparing to present his findings to the FISA Court.

There is a small postscript to this portion of the story.

On November 17, 2016, Rogers traveled to meet President-Elect Trump and his Transition Team in Trump Tower. Rogers did not inform his boss, DNI James Clapper.

Later that evening, the Trump Transition Team suddenly announced they were moving all transition activity to Trump National Golf Club in New Jersey…

A few days back I resent an article I had written on May 18, 2018:

It detailed the hacking of the DNC Server and provided a timeline of events. In the article I then overlayed the DNC timeline with that of Mike Rogers.

The results proved interesting. Here are a sequence of dates from the article.


  • July 20, 2015 – The Yates Memorandum denying Inspector General Access & Oversight of information collected by the DOJ & FBI under Title III is issued.
  • July 27, 2015 – Russia’s cyberattack on the DNC began only weeks after Trump announced his candidacy for President of the United States.
  • September 2015 – the FBI notified the DNC that hackers had compromised “at least one DNC server.” The FBI called the DNC Help Desk.
  • November 2015 – the FBI notified the DNC one of the DNC’s computers was now transmitting information to Russia.
  • November 2015-April 2016 – The FBI and DOJ’s National Security Division (NSD) used private contractors to access raw FISA information using “To” and “From” FISA-702(16) & “About” FISA-702(17) queries.

March 2016:

  • March 9, 2016 – NSA Director Rogers became aware of improper access to raw FISA data.
  • March 9 2016 – Page sends text referencing “HUGE f-up”.
  • March 10, 2016 – the first phishing attempts were made on the Clinton Campaign. All but one message bounced back unopened.
  • March 11, 2016 – a second round of more targeted emails were sent – this time to senior Clinton officials.
  • March 19, 2016 – John Podesta’s emails were hacked after Podesta clicked a link from a phishing scam.
  • Late March 2016 – FBI Agents visited the Clinton Campaign Headquarters in Brooklyn.

April 2016:

  • April 2016 – NSA Director Rogers ordered the NSA compliance officer to run a full audit on Section 702 compliance.
  • April 18 2016 – Rogers shut down FBI/NSD contractor access to the FISA Search System.
  • April 18, 2016 – Russia launched a second phase of its cyberattack on DNC servers located in Virginia and Washington DC. This attack was executed by GRU agents.
  • April 22, 2016 – Russian intelligence prepared massive amounts of data for exfiltration from DNC servers.
  • April 28, 2016 – DNC IT Staff detected and ultimately confirmed access to the DNC network by unauthorized users.
  • April 28, 2016 – DNC CEO Amy Dacy spoke with Michael Sussmann, a DNC lawyer and partner with Perkins Coie. Sussmann contacted Shawn Henry, CSO and President of Crowdstrike Services. Dacy “resigned” as CEO of DNC on August 2, 2016.

As I noted in the article:

The timing between Admiral Rogers’ discovery of outside contractors and the sudden problems with the DNC Servers appears far too coincidental.

Coincidence Number One:

  • July 20, 2015 – The Yates Memorandum is issued. It bars Inspector General Oversight of information collected by the DOJ & FBI under Title III.
  • July 27, 2015 – The DNC says a Russian cyberattack began – only weeks after Trump announced his candidacy for President of the United States.

Coincidence Number Two:

  • November 2015 – the FBI notified the DNC one of the DNC’s computers was now transmitting information to Russia.
  • November 2015-April 2016 – The FBI and DOJ’s National Security Division (NSD) used private contractors to access raw FISA information.

Coincidence Number Three:

Coincidence Number Four:

  • April 18 2016 – Rogers shut down FBI/NSD contractor access to the FISA Search System.
  • April 18, 2016 – Russia launched a second phase of its cyberattack on DNC servers located in Virginia and Washington DC.

I generally do not believe in coincidences.

Exactly what was on those DNC Servers that involved the need for such secrecy.

Yesterday, Sundance sent out this tweet:

Sundance: I am becoming increasingly suspicious the *actual 2015/2016 interface* accessing the FISA NSA/FBI database for unauthorized searches, was *also* through servers connected to the DNC, DCCC and Clinton campaigns.

I strongly share those same suspicions.

Again, exactly what was on those DNC Servers that involved the need for such secrecy.

There’s been a lot of Telling Noise from the Left – noticeably from the upper echelon of the Old Intelligence Community.

So much so, you have to wonder what’s got folks so…worried.

As I was finishing up a thread on this topic, Sundance noted possible upside from the uproar:

Sundance: It is my hope that Brennan, Clapper, Yates and Comey keep pushing Trump; keep provoking President Trump; until eventually DNI Dan Coats concedes and tells President Trump to go ahead and declassify it all.

1,000% what Sundance said.

I truly hope there may be more to be heard on this matter.

Sunlight would be most welcome indeed…


Unknown said...

Excellent work. Thank you.

Packers and Movers Noida said...
This comment has been removed by a blog administrator.