After President Trump launched a firestorm with his tweets this weekend about the Obama administration “wiretapping” Trump Tower, officials who served in the Obama administration denied that it had happened.
Well, in a manner of speaking, they denied it. As Rick Moran suggests at PJ Media, FBI Director James Comey’s denial is a little odd. It is couched in the form of a request to the Department of Justice (Comey’s boss) to deny it. Moran postulates the following:
Why didn’t Comey just release the statement of denial himself? He’s a senior Justice Department official and presumably would be in the know about any surveillance warrants issued by intelligence agencies. Perhaps the director believed such a statement would be too self-serving. He would be seen as trying to exonerate himself when it would be more effective if the denial came for the department itself.
It’s an interesting way to look at it. But the end result it still this: Comey hasn’t issued a categorical denial. That’s the full-stop bottom line. Asking DOJ to issue a denial sounds like a denial, of course – but it also sounds like something that would have been better communicated in an interoffice memorandum, rather than via a public statement.
Will this presidential election be the most important in American history?
It’s possible that Comey is signaling something different from what Moran suggests: not that a denial from DOJ would be more “effective,” but that DOJ is going to have to deny it on DOJ’s behalf, because Comey can only speak for the FBI, to the extent he is aware of what his agents have been doing. He doesn’t know what people on the DOJ staff have been doing.
Why does that matter, when it comes to “wiretapping”? We’ll get to that in a moment.
Meanwhile, James Clapper, the former Director of National Intelligence, issued a specific – and narrow – denial:
Former Director of National Intelligence James Clapper told NBC this morning that as far as his agencies, “there was no such wiretap activity mounted against the president, the president-elect at the time, or as a candidate, or against his campaign.”
Asked if there was a FISA order to monitor Trump Tower, Clapper replied, “Not to my knowledge.”
“I can’t speak for other authorized entities in the government or a state or local entity,” he added.
The narrowness here lies not in Clapper’s caveat that he’s not speaking for other agencies, but in his statement that there was no wiretap activity against Trump, his campaign, or Trump Tower.
That matters for the same reason that Comey’s interesting appeal to DOJ matters. But perhaps it’s not the reason you imagine.
It’s quite possible that the Obama administration sought to obtain “wiretap”-quality intelligence on Trump and his staffers by a method no one has mentioned yet. The method existed the entire time – throughout 2016 – but did not depend on a FISA warrant to authorize the FBI or NSA to target the Trump campaign or Trump Tower for collection.
I emphasize those words because they’re the ones that matter. Everyone writing about this in the mainstream media is focused on whether the FBI was targeting Trump/Trump Tower for collection (i.e., literal wiretapping or other focused collection against emails, etc.) under a FISA warrant. It has been extensively reported that the FBI sought such warrants, for collateral purposes relating to two Russian banks, in June and October of 2016. The first request was denied, but the FISA court granted the request in October.
When Comey seems to deny that the FBI wiretapped Trump Tower or the campaign, that’s what people have in their minds. So it sounds like someone is not being straight with us. Was there, or was there not, collection against Trump-related communications in Trump Tower? If there was, under the FISA warrant reportedly issued in October, why the coy evasions now?
The “back door” to collecting against the Trump campaign
But there’s another possibility, and in my view, it’s a more likely one. It fits all the facts, just for starters. It’s this: NSA doesn’t need a FISA warrant to target the Russian banks – or any other foreign entity connected with those banks, or doing business in Trump Tower.
In fact, NSA is, as we know, sucking in trons from billions of online transactions worldwide every day. NSA can look at quite a bit in the Russian bank’s email or commercial server communications without getting a warrant. NSA can also review and make available the metadata for the related communications of U.S. persons without a warrant.
There are bases for recording voice communications as well, for which the rules govern what NSA stores and makes available to other agencies on similar principles, although the specific requirements are not the same as for textual communications. If the focus is narrowly on “phone calls,” as alluded to in Trump’s tweets, the analysis here would still apply.
The trove of IT data is stored for five years, out at that now-infamous complex in Utah, and available for retrieval. It’s only if the FBI, DEA, etc. – some entity with a lawful purpose for retrieving the data – wants to look at the message content of data relating to U.S. persons that a FISA warrant is supposed to be obtained.
We’re in a new world now, in which wanting to look at the content of a U.S. person’s communications is more likely to come up after the fact than before the comms occur. We’re in the world of Big Data.
Which means that, in the course of business as it is now done, NSA was certainly busy collecting at least some communications that ran through Trump Tower, throughout 2016.
The purpose was not to target Trump, his campaign, or “Trump Tower.” So James Clapper probably told the exact truth on Sunday. But if someone, naming no names, wanted to dig into the gigantic data trove in Utah to see what comms there were to pull up on Trump, his campaign, or “Trump Tower” – well, the data was there. It didn’t have to be specially collected. It just had to be retrieved.
A fresh analysis
With that in mind, consider how the New York Times reported (on 1 November 2016) on findings by the FBI about the potential connection of the Russian bank’s servers to the Trump campaign:
F.B.I. officials spent weeks examining computer data showing an odd stream of activity to a Trump Organization server and Alfa Bank. Computer logs obtained by The New York Times show that two servers at Alfa Bank sent more than 2,700 “look-up” messages — a first step for one system’s computers to talk to another — to a Trump-connected server beginning in the spring. But the F.B.I. ultimately concluded that there could be an innocuous explanation, like a marketing email or spam, for the computer contacts.
That’s a forensic analysis of metadata. It’s not a description of what you get from a “wiretap.” My guess would be that this was the nature of most, if not all, of what was suggested last year to be the evidentiary basis for the FBI requesting FISA warrants.
In light of that mental adjustment, we can think about what the FISA warrant granted in October actually meant. It meant the FBI could retrieve existing communications data on U.S. persons interacting with the Russian bank (along with whatever else was enumerated in the warrant), and actually look at the identifying content.
It may also have meant that the FBI could target such persons with new collection. But that may or may not have had any utility in October. The real bonanza, if there was one at all, was likely to be in analyzing data collected and stored earlier.
Apparently, there was no bonanza, in the FBI’s estimation. Nothing has ever come of that October warrant. So this is where the story gets more interesting, and seems to point to something that would complete one very particular circle for us.
The 11 January theme burst
We knew in November 2016 that the FBI had obtained a FISA warrant, and basically didn’t think it had found anything that implicated the Trump organization. Yet on 11 January – which incidentally was the day before David Ignatius’s initial story on Michael Flynn’s phone calls with the Russian ambassador – there was an onslaught of supposed intelligence disclosures about Trump, including not just the notorious “dossier” said to have been compiled from Russian intelligence on him, but a rehash by the Guardian of the old news about the FBI obtaining a FISA warrant. David French’s radar went up due to the size of the onslaught – as did Andrew McCarthy’s (link above).
French also suggested that it was a little weird for the Guardian to write as if the FISA requests made in 2016 were a new wrinkle, when that information had been out there for over two months. The emphasis seemed off-key.
And in terms of radar picking stuff up, a couple of aspects of the Guardian’s story about the dossier are also arresting. Think first about two things: what we know about the timeframe of the FISA requests, and what we know about the calendar limitations of the NSA data trove. Now consider the Guardian’s story about the dossier:
Some of the reports [in the dossier] – which are dated from 20 June to 20 October last year – also proved to be prescient, predicting events that happened after they were sent.
One report, dated June 2016, claims that the Kremlin has been cultivating, supporting and assisting Trump for at least five years, with the aim of encouraging “splits and divisions in western alliance”.
It looks awful darn coincidental that the “prescient” reports in the dossier cover the exact period bracketed by the FBI requests for FISA warrants, and that one refers to a Kremlin history with Trump going back for “at least five years.” If this weren’t real life, you’d snort at the simplistic screenwriting and tell your staff to come back with something cleverer and less ridiculously transparent.
But that’s a general, literary impression – one that is not dispositive, even if it serves to strengthen an overall impression of a propaganda theme being concocted.
The intervening move by the Obama administration
With all that in mind, here’s where the circle might be completed. Something very significant, and very related to NSA comms data retrieval, happened in the weeks just before the big 11 January rollout of purported intelligence disclosures about snooping on Trump, Flynn, and the Trump campaign. I wrote about it back on 23 February. It was a quiet – even sneaky – loosening of the rules governing how the intelligence agencies gain access to NSA’s trove of identifying (“unminimized”) communications data on U.S. persons.
The move was sneaky because the rules change was made to a longstanding presidential executive order – E.O. 12333 – in a document signed by James Clapper and Loretta Lynch. Previous changes to 12333, one of the best-known executive orders, were made by new executive orders: follow-ons signed by the president himself, containing administrative modifications to previous wording. Having Clapper and Lynch sign something, and implement it without fanfare, was an unusually stealthy and non-transparent method. Doing it in the last month of the Obama administration could have no defensible purpose.
The document went live with Lynch’s signature on 3 January. Clapper had signed it on 15 December. On 11 January, the flood of supposed “intelligence disclosures” to media figures was launched.
The blog emptywheel captured the specific effect of the Clapper-Lynch modifications to 12333:
As I laid out some weeks ago, on January 3, Loretta Lynch signed procedures that permit the NSA to share its data with any of America’s other 16 intelligence agencies. This gives CIA direct access to NSA data, including on Americans.
And this (emphasis added):
Understand: On January 3, 2017, amid heated discussions of the Russian hack of the DNC and public reporting that at least four of Trump’s close associates may have had inappropriate conversations with Russia, conversations that may be inaccessible under FISA’s probable cause standard, Loretta Lynch signed an order permitting the bulk sharing of data to (in part) find counterintelligence threats in the US.
This makes at least five years of information collected on Russian targets available, with few limits, to both the CIA and FBI. So long as the CIA or FBI were to tell DIRNSA or NSA’s OGC they were doing so, they could even keep conversations between Americans identified “incidentally” in this data.
The emptywheel editorial stance is anti-Trump, accepting prejudicial assumptions about him for which there is no evidence. But emptywheel’s analysis of the E.O. 12333 change is what matters. This post was published on 30 January. It could hardly be more on-point for explaining what Trump’s 4 March tweet-storm really means, if it had been written for just that purpose.
Basically, between 15 December and 3 January, Clapper and Lynch wrote the intel community a bulk “FISA warrant” allowing it to spy on Trump in Trump Tower – by retrieving data that had already been collected by NSA pursuant to national security objectives. It’s a good bet that that is the untoward thing that happened, as regards “Trump Tower being targeted by intelligence collection.”
Rooting through NSA’s database may be how intelligence officials obtained identifying data on Mike Flynn’s side of the phone calls with the Russian ambassador as well, even though we know that the FBI also investigated that particular matter (and has said multiple times it found nothing to pursue further).
Explanatory value, for those who have eyes to see
NSA watchdogs have complained for some years now that there has been a “back door” by which other agencies can too easily gain access to the identifying communications of U.S. persons stored in the NSA data base. A strong case is made here that the FBI was given such access, with a critically inadequate level of oversight, in March 2016.
I wrote on 23 February that the Clapper-Lynch rules-change basically codified that “back door” as an official basis for information sharing. It cannot be coincidence that the stampede of supposed “intelligence disclosures” to cooperative media outlets began a week later.
But notice this. There have been no damning specifics offered in these disclosures. If a lawless perusal of Trump’s or his people’s communications was done by someone in the Obama administration, under the Clapper-Lynch rules change, it sure doesn’t look like they found anything significant. If they had, they would certainly have put it out there it by now.
Rather, the interest of the timing is that it tends to point the finger at the CIA, and perhaps at National Security Council staffers. The analysis at emptywheel highlights the point that the CIA was the agency that really needed the rules change, to gain easy, “unminimized” access to the NSA data trove.
The FBI had already done extensive analysis in 2016 on some of the relevant metadata, as summarized in the November NYT article. The Bureau had gotten an actual FISA warrant to access identifying, “unminimized” data in October, and yet by January had not found anything it deemed worth pursuing. Given the ease with which the FBI could justify accessing unminimized data after March 2016 (see the Michael Holt analysis, linked above), it’s a good bet that the FBI had seen at least some other identifying data not covered by the FISA warrant as well.
So essentially, a picture emerges of the FBI being under the gun to make some rain against Trump, and coming up dry. Since the FBI wasn’t getting the job done, the leadership of the DOJ and intel community – Obama loyalists – wrote themselves a “FISA warrant” to get other agencies into the unminimized NSA database.
There would be a data trail on this. You’d just have to know where to look. If this is what the Trump administration has uncovered, it would mean (a) that Clapper is telling the truth with his denial about “wiretapping”; (b) James Comey has a reason to respond exactly as he has to the allegation (since he may not know what people on the Justice Department staff may have tried to do with NSA data); and (c) Trump is right. He was targeted by the intelligence apparatus operated by the Obama administration.
