In the last article on this topic, we looked at how unlikely it is that the well-synchronized story of James Comey, Andrew McCabe, and the FBI leakers from early 2017 is actually true. My own assessment is that the FBI is indeed the agency that reported the Kislyak-Flynn phone calls to the other Obamagate principals. But it’s very improbable that the FBI had to go hunt the phone calls down, in response to a community-wide appeal inserted in the presidential daily briefing (PDB) on 30 December 2016.
There’s really no scenario in which that claim makes sense. But it especially doesn’t make sense given that the FBI obviously had to have the contents of the phone calls in order to know – as claimed from the beginning – that Kislyak and Flynn discussed sanctions. You can’t glean that from metadata about the phone calls. You have to have the voices talking to each other.
There is actually a scenario in which it’s conceivable that the FBI discovered the calls had occurred, and then went back and exploited the audio. It’s not technically impossible. But it’s also not a good scenario for the FBI – not in the sense of strict lawfulness, and dotting i’s and crossing t’s.
Will this presidential election be the most important in American history?
Let’s briefly inspect a couple of scenarios, so that we have a common framework of understanding.
The conventional “monitoring Kislyak” scenario
When FBI agent Mark Wauck spoke of FISA monitoring of Sergey Kislyak, he had in mind wiretapping the Russian embassy. That, per se, may not have been what happened; for one thing, the media reporting from 2017 indicated that Kislyak got the news about the newly imposed sanctions at the State Department on 29 December, and on leaving the State Department called Flynn. (The two reportedly had five phone exchanges that day.) For another thing, the practical scope of a physically static wiretap capability would have obvious, and severe, limits.
We can assume it was normal for the ambassador to make cell phone calls as implied in the “leaving Foggy Bottom” scenario. Perhaps we have coverage of whatever car-phone set-up Kislyak has as well, arranged for him by the Russian foreign ministry.
In either case, the conventional assumption – if we extrapolate from Wauck’s supposition – is that the FBI is monitoring those comms in real time, as it would a wiretap of the embassy.
And on the day sanctions were imposed, in the period right after Kislyak got the bad news at the State Department, it’s unconvincing to suggest that his comms were not being monitored in real time, assuming we had the means to do it. The Obama administration was reportedly desperate to detect a Russian reaction. Our intel collection would have been bore-sighted on Kislyak, the sight visor fogged up from the sweat and heavy breathing.
Before declaring this scenario fully baked, we can briefly mention another conceivable possibility for getting at the contents of the Kislyak phone calls. That would be monitoring them (listening in on them) through the telecom service provider’s front door. There would be different considerations depending on whether the purpose was counterintelligence or counterespionage (the latter of which might or might not be held to apply to the ambassador, but changes the rules a bit).
As a general matter, we can dislike this “front-door telecom monitoring” refinement, at least as a possibility, because it would mean the telecom knows and cooperates in what the FBI is doing (and here I’m thinking mainly of the possibility of monitoring cell phone calls). That’s not the favorite position of either the telecom or the FBI, and the FBI would probably limit or avoid it unless it was absolutely necessary.
An unconventional scenario that fits a lot of the clues
Acting DNI Grenell set the cat amongst the pigeons with a tweet on Friday about his project to get the Kislyak-Flynn transcripts released.
https://twitter.com/RichardGrenell/status/1263856362133520385
This tweet is very informative. It does not tell us the intelligence came from a foreign source. The most useful shorthand way of expressing it is that the tweet tells us the intelligence didn’t come from a normal FISA source.
If one of the “5 eyes” allies collected it, it would enter the U.S. system through the NSA (perhaps, although it’s very unlikely, through the CIA), not the FBI. It would be considered a U.S. IC product for handling purposes like public discussion of its origins. The DNI might consult with a 5 eyes partner before releasing it, but he wouldn’t tell the public he had to do that. The foreign partner producers are protected from exposure in that regard.
And any of the 17 intelligence agencies with a primary collection capability, operating under FISA rules, would be considered an IC producer, including the FBI.
But the FBI collects against comms in another, non-FISA capacity all the time, the bulk of the time being in criminal investigations (i.e., with a Title III warrant). That doesn’t appear to be what it was formally doing in this case, or at least that not what its officials claim. But the mechanics of such collection are the FBI’s bread and butter.
Now all we need is a collection scenario attended by enough ambiguity in its rules to accommodate the events of 29 December 2016.
The method had to include the capability to monitor the phone call audio. It wasn’t just about obtaining metadata. Ideally, it would allow for the claimed if unlikely tale of having to go hunt for calls after the fact. (Perhaps it would be good enough to have the calls exploited in real time, but not anticipated by senior officials because the collection source was unconventional. I still can’t convince myself on that one, but we can make it a thought experiment.) If we take at face value the repeated statement that the calls were being collected to monitor Ambassador Kislyak, then the scenario is not a criminal investigation. Nevertheless, it should also not be conventional FISA collection against Kislyak. ODNI could claim that type of collection as “our product.” It’s accessible on a standard basis, and shouldn’t require the seemingly anguished process that decided the DOJ against handing it over to the court during the Flynn proceeding, or the DNI’s current exertions to pry it out of the FBI.
There is, it turns out, a candidate for such a method. It’s the cell-phone intercept “black box”; namely, the StingRay family of devices increasingly used by federal and other law enforcement agencies, including the FBI.
StingRay!
The first thing to know about the StingRay is that it fits one of the criteria referred to above. If there’s a constraint to use it under the rules for criminal-investigation monitoring, that’s not apparent to the public.
There’s no PowerPoint slide with a bullet point telling us that. We have to derive that premise from how the devices are approved for deployment,* and the fact that the FBI has repeatedly sought to protect the secrecy surrounding its StingRay use, rather than use it in court. The feds even impose rigorous non-disclosure agreements on local law enforcement covering the use of StingRay devices, to the extent that state and county prosecutors have pled out criminal cases to avoid disclosing the use of StingRay incident to them. (See additional in-depth reporting here, here, here, and here.)
When the priority is not having your method inspected by a court, it’s clear that conforming with constitutional requirements is not the priority. The situation is ambiguous from a legal standpoint; although there’s been a case in which evidence obtained via StingRay was allowed in a criminal proceeding, there have also been some cases with evidence thrown out because StingRay was used. There’s been an appeals court ruling that law enforcement would need a warrant to use StingRay in a criminal case. But there isn’t a mature, settled body of jurisprudence on the matter.
Now, pair that point with the fact that monitoring Sergey Kislyak is about counterintelligence. That national security purpose doesn’t intersect with rules of evidence for criminal court proceedings to begin with. It’s not a black-and-white violation of evidence rules, to use StingRay devices to monitor a national security target.
You would, of course, think the FISA rules for monitoring foreign targets in the United States would still apply. (There are limitations in that case, and accountability requirements.)
But with the StingRay, it’s possible to hide from eyes outside the FBI that it’s happening, even more effectively than with wiretapping. It’s certainly not collection in which systems are at issue that leave an audit trail someone else – an agency, a private company – is either inherently involved in, or bound to detect.
The case I’m making here is not that this must have been what happened. It’s that it could have been what happened.
Maybe the calls were monitored via literal wiretap of the embassy. Maybe at least one of them was: the one with the most in-depth sanctions discussion. This scenario still doesn’t fit the repeated FBI claim that the calls had to be found after the fact. They could have been recorded from a wiretap, and played back for exploitation afterward. But on the day the ambassador was summoned to the State Department to be told about the sanctions – 29 December – that is extraordinarily unlikely.
It’s possible, and I think as likely, that the odd coyness about this set of phone calls is due to the collection being done via an unconventional method. The StingRay scenario has the merit of fitting each of the clues we currently have.
Here are some additional factors to ponder for the StingRay scenario. One is that it is well-known they are all over the Washington, D.C. metro area (including suburban Virginia and Maryland).
We are periodically treated to media reports suggesting that foreign powers (and perhaps American groups with fell intents) have been placing these devices in the District. But if news crews can drive by and take pictures of them, the devices have no chance of remaining in place unless they are approved by an agency of the U.S. federal government.
If they’re there and they don’t get removed immediately, they’re boxes sanctioned by the U.S. government. There appear to be plenty of them and then some, to keep up with the wanderings of the Russian ambassador (or any other mobile target).
Another factor is that the FBI is well-known in law enforcement circles for shepherding the introduction of these devices into local L/E activities. (See links above.) This doesn’t get much mainstream press, but there have still been a number of reports about it in specialty media.
This pattern facilitates a practice reported in at least a couple of instances, in Florida and the San Francisco Bay area: that is, the FBI fostering the local infrastructure and then making use of it for Bureau operations.
It’s no stretch to suggest that the D.C. Metro Police could have a top-of-the-line network of StingRay devices, of which the FBI avails itself at need. If the FBI does this for CI, neither the Metro Police nor the FBI is going to encounter a judge down the line asking what the authority was to perform collection through the StingRay network. Nevertheless, the FBI would be reluctant to have such details exposed in a big “intelligence reveal,” whether in a court case like Flynn’s or directly to the public.
A StingRay set-up with an audio access capability (see Wired link, above) would enable monitors to access both sides of a phone conversation from one location. That’s a point to keep straight in our minds. On 29 December 2016, StingRay devices in the D.C. area would have been enough to capture the Kislyak-Flynn calls in full.
And finally, it is reportedly possible, although it probably wasn’t necessary, to auto-record the audio from calls keyed on through StingRay intercept, so that they can be retrieved and exploited later. No tape reels would be harmed in this endeavor; it’s all digital now.
As the information at the links indicates, there is evidence of this from references cited by reporters. There is also a pair of NPR interviews with a retired FBI agent back in 2013, after the Boston Marathon bombing. He alluded to such a capability: recording of phone call audio content (even, implicitly, untargeted recording) for later exploitation. And without being specific, he assured the NPR interviewers that it was possible.
Although Agent Clemente may have been referring to recording done within a telecom provider’s systems, the Extreme Tech article indicates it apparently can be done with data streaming through a StingRay component. And in a technology sense, there should be no reason why it can’t be. Policy and law are one thing, but the technology side is a no-brainer. If you can tap the contents data stream, it’s all ones and zeroes.
Fitting the clues
Let’s look at two specific points before concluding.
One is that a StingRay scenario would fit the other clue we get from DNI Grenell’s tweet on Friday. The clue is that ODNI – or the intel community – received only partial transcripts on the Kislyak-Flynn phone calls. It sounds as if what ODNI has to work with is pretty limited.
That indicates the source of the collection indeed had to be outside the 17 agencies operating under FISA rules. Otherwise, ODNI would have full access to it – and there’d be someone other than the FBI to speak to what’s in the record of the event.
But there never has been. It’s been an FBI show from the beginning, and depicted as one by the FBI. Comey and his henchmen were quite categorical about that. So the FBI was the primary collector – but not under FISA constraints, including when briefing then-DNI James Clapper, as Comey said he did.
There’s a separate, interesting point to be derived from that. Apparently, no one outside the FBI demanded to know more from the phone calls than what’s in the limited material Grenell says he has. (ODNI seems to have what was supplied to respond to the PDB request for intel made on 30 December 2016.)
Does that sound like the attitude you’d expect if “Flynn and Kislyak” were considered by the top officials in multiple agencies to be a major national security concern?
Or does it sound more like the FBI gun-decked up just enough intelligence to smear tar on Michael Flynn – and that was good enough for the purposes of the Obama administration?
The other point is that the StingRay scenario actually does accommodate the “BS story” synchronized between Comey, McCabe, and the FBI leakers, about having to go back and find the Kislyak-Flynn phone calls. I mentioned up in the third paragraph, near the top, that there was such a scenario. The StingRay scenario fits. If it allows the FBI to auto-record phone call audio and retrieve it later for exploitation, but with no one else knowing about it, and an unusually low likelihood of being keyed on in real time, then everything we’ve been told, however improbable, could be accurate.
On the other hand, you wouldn’t call this scenario “by the book.” I would argue that the StingRay capability, used against a foreign CI target – but getting at a U.S. person target – can’t really be said to not fall under the implied scope of FISA. But it can apparently be said to evade the accountability infrastructure of the FISA system.
We’ll find out if this was what happened. Maybe it was just a classic wiretap, with Kislyak calling from the embassy. Meanwhile, however, in other situations as each day goes by, it could be what happens. That’s what American voters, taxpayers, and enjoyers of constitutional rights need to keep in mind.
* For the Justice Department, the authority for deploying (i.e., installing) the devices is obtained from court orders under Section 216 of the Patriot Act. The devices can be installed without demonstrating probable cause for a specific case, based on the existence of terrorist or other threats. Federal agencies obtain their court approval to deploy the devices under seal. The EPIC website explains it pretty well; look for “Section 216.”