Category Archives: DOJ, DC and inside the Beltway

Ineligible Individuals Have Been Granted U.S. Citizenship

Posted on by

Sheesh….fingerprints eh? And those migrants, refugees and asylees don’t have any reference database for fingerprint history much less any travel documents applications.

As citizens they can vote, seek and hold sensitive jobs and more. Don’t you just wonder what DHS Secretary Jeh Johnson has to say on this? Oh wait….more money from Congress will solve it all.

Summary of the Inspector General’s report:

USCIS granted U.S. citizenship to at least 858 individuals ordered deported or removed under another identity when, during the naturalization process, their digital fingerprint records were not available. The digital records were not available because although USCIS procedures require checking applicants’ fingerprints against both the Department of Homeland Security’s and the Federal Bureau of Investigation’s (FBI) digital fingerprint repositories, neither contains all old fingerprint records. Not all old records were included in the DHS repository when it was being developed. Further, U.S. Immigration and Customs Enforcement (ICE) has identified, about 148,000 older fingerprint records that have not been digitized of aliens with final deportation orders or who are criminals or fugitives. The FBI repository is also missing records because, in the past, not all records taken during immigration encounters were forwarded to the FBI. As long as the older fingerprint records have not been digitized and included in the repositories, USCIS risks making naturalization decisions without complete information and, as a result, naturalizing additional individuals who may be ineligible for citizenship or who may be trying to obtain U.S. citizenship fraudulently.

As naturalized citizens, these individuals retain many of the rights and privileges of U.S. citizenship, including serving in law enforcement, obtaining a security clearance, and sponsoring other aliens’ entry into the United States. ICE has investigated few of these naturalized citizens to determine whether they should be denaturalized, but is now taking steps to increase the number of cases to be investigated, particularly those who hold positions of public trust and who have security clearances.

****

In July 2014,3 OPS provided the Office of Inspector General (OIG) with the names of individuals it had identified as coming from special interest countries or neighboring countries with high rates of immigration fraud, had final deportation orders under another identity, and had become naturalized U.S. citizens. OIG’s review of the list of names revealed some were duplicates, which resulted in a final number of 1,029 individuals. Of the 1,029 individuals reported, 858 did not have a digital fingerprint record available in the DHS fingerprint repository at the time U.S. Citizenship and Immigration Services (USCIS) was reviewing and adjudicating their applications for U.S. citizenship.  

USCIS checks applicants’ fingerprint records throughout the naturalization process. By searching the DHS digital fingerprint repository, the Automated Biometric Identification System (IDENT) and the Federal Bureau of Investigation (FBI) digital fingerprint repository, the Next Generation Identification (NGI) system,5 USCIS can gather information about an applicant’s other identities (if any), criminal arrests and convictions, immigration violations and deportations, and links to terrorism. When there is a matching record, USCIS researches the circumstances underlying the record to determine whether the applicant is still eligible for naturalized citizenship.

If USCIS confirms that an applicant received a final deportation order under a different identity, and there are no other circumstances to provide eligibility, USCIS policy requires denial of naturalization. Also, USCIS may refer the applicant’s case to U.S. Immigration and Customs Enforcement (ICE) for investigation. Likewise, if a naturalized citizen is discovered to have been ineligible for citizenship, ICE may investigate the circumstances and refer the case to the Department of Justice for revocation of citizenship. Read the complete report here.

 

Judge Blasts State Dept on Hillary Email Production, then this!

Posted on by

Judge blasts State Dept for slow-walking Hillary emails

WashingtonTimes: A federal judge blasted the Obama administration for slow-walking the release of some of former Secretary of State Hillary Clinton’s emails, saying in court Monday that the government appears to be withholding information from voters ahead of the election.

U.S. District Judge Richard Leon said the State Department in not “being all that cooperative,” and told the Justice Department lawyers to get the State Department to shape up and do its duty.

“Get with the program, so to speak, so that the people of this country can have the information they need,” he ordered. “The State Department needs to start cooperating to the fullest extent possible. They are not perceived to be doing that.”

Judge Leon, who has earned a reputation as a funny but caustic jurist, particularly when he finds government bungling, said the Justice Department, by not forcing the State Department to cooperate better, is risking its own storied reputation.

He specifically called out the federal programs branch that acts as the lawyer for the rest of the government, and the head of that division, Marcia Berman. Ms. Berman wasn’t in the courtroom Monday, but has been a frequent figure at the courthouse over the last year as the administration has had to defend its handling of Mrs. Clinton’s emails.

Mondays’s case, filed by the Daily Caller News Foundation, concerned documents detailing Mrs. Clinton’s access to top secret programs. The State Department said it has found more than 1,000 documents dealing with the subject, but said it would take nearly a month to process 450 unclassified documents, and couldn’t say how long it would take to process the classified ones.

The case is one of dozens pending where the department has been accused of slow-walking, keeping information out of public view for far longer than is allowed under the Freedom of Information Act.

The State Department says it is overwhelmed by the requests and its own limited budget and manpower. Officials also say the Clinton emails are complicated because they involved classified information that requires a stricter, more time consuming process to clear for the public.

But the government has also been reluctant to divulge important details. At one point on Monday the government lawyer on the case, Jason Lee, said he didn’t know how many pages were in the documents, sparking the judge’s ire.

Judge Leon ordered a faster production of the 450, and when Mr. Lee said they would do their best, Judge Leon pounced.

“Do better than your best. Do it,” he ordered, then proceeded to scold the government for its bungling, and said it was something other judges at the courthouse had noticed.

“You have a client that, to say the least, is not impressing the judges on is court … at being all that cooperative,” he said. “This way of doing business needs to stop.”

He said this was the first open-records case he’d seen where time was so much of the essence, given Mrs. Clinton’s candidacy for the White House, and said the administration needed to realize that.

SMOKING GUN: “BleachBit” Paul Combetta ASKED TO STRIP OR REPLACE VIP’s EMAIL ADDRESS!

The electronic exchange as noted here.

[–]GateheaD 1 point2 points  (0 children)

Add the VIPs email to a generic contact and hide it in plain sight.

[–]exproject 0 points1 point  (5 children)

To my knowledge, there’s no way to edit existing messages, that’s a possibility for a discovery nightmare.

To strip/rename on outbound/inbound you could rewrite it with a transport rule.

[–][deleted]  (4 children)

[deleted]

[–]exproject 0 points1 point  (3 children)

No, a transport rule would only affect future messages.

[–]borismkv 0 points1 point  (2 children)

And it requires an Edge Transport server. Address Rewrite isn’t available on any other role.

[–]exproject 0 points1 point  (1 child)

True. I’ve seen people roll their own Transport Agents for hubs that can do rewrites, but that always looked a bit overkill.

Expanding on what /u/GateheaD said, you could give the VIP a “relay” mailbox. i.e. [email protected] forwards to [email protected]. All your users would mail VIP and Exchange would pass it in the backend so that the forwarding email address was not exposed. Meeting Forward Notifications might give it away though, I’ve never had the requirement of the sender can’t know who the end recipient is so I never actually quantified that behavior.

[–]borismkv 0 points1 point  (0 children)

The Relay mailbox thing is a good solution, but you just know the VIP is going to respond to emails that get forwarded to his personal email by using his personal email, which would of course result in the personal email getting added. I’d just give him a regular mailbox and ask him to use that if he wants his private address to be private. Ultimately, the privacy of the VIP’s personal email address is something the VIP should be responsible for, not the people that person emails.

[–]odoprasm 0 points1 point  (1 child)

Is there no way to access and edb manually?

[–]brkdncr 0 points1 point  (0 children)

If you need to control who gets to email the vip, just set up stringent spam filtering where only whitelisted people or people the vip has emailed are allowed.

[–]borismkv 0 points1 point  (2 children)

There is no supported way to do what you’re asking. You can only delete emails after they’re stored in the database. You can’t change them. If there was a feature in Exchange that allowed this, it could result in major legal issues. There may be ways to hack a solution, but I am not aware of any.

[–][deleted]  (1 child)

[deleted]

[–]borismkv 0 points1 point  (0 children)

As a PST file, probably not. MSG files maybe, but you would need a utility to do it, and it would be a one off kind of thing where you’d have to manually modify each email.

Moving forward, though, I would recommend that you create a mailbox for the VIP if they communicate with your environment on a regular basis. That way they aren’t using their personal email and you don’t have to worry about hiding it on future emails. There might not be much you can do about the past ones besides deleting them from all the mailboxes in your environment, which is possible.

[–][deleted]  (1 child)

[deleted]

[–]exproject 0 points1 point  (0 children)

Just because you have the messages available in multiple formats and locations doesn’t change that it’s an attribute of the envelope not meant to be rewritten. The functionality is just not built into any tool I know of. Having that functionality would create the ability to screw with discovery (I mean, there could be mitigation with versioning, but that would need other configuration)

While it may not be a read-only part of the envelope(I’m not actually sure), the only tool that MIGHT be able to do what you want is MFCMapi, and I don’t think you want to play with that for this job. The chance of getting it wrong would be pretty high I think and it is not a particularly friendly tool. I’m not sure it could be scripted with it either.

My recommendation would be what /u/borismkv said. Making a mailbox for VIP and telling them to use that. Forwarding to VIPs mailbox would be ripe for them to just respond directly instead of responding through his relay mailbox.

As for your existing messages, if the current users absolutely cannot see the existing messages, you’ll need to do a search and export and just forcibly remove the messages from their mailboxes. It’s not clean and not advised by me, but if they don’t want VIPs address out there it will need to be removed. I would do a search with his email address as the query with -LogOnly -LogLevel Full and see what kind of results you get.

Happy Constitution Day, Every Day?

Posted on by

Appreciate Checks and Balances on Constitution Day

This Constitution Day marks 229 years since the Framers signed the U.S. Constitution following more than four months of debate, votes, and revisions in Philadelphia.

The Constitution deserves celebration.

Civil rights enshrined in the Bill of Rights ensure numerous freedoms absent in other parts of the world. We are not kidnapped and detained without cause. We are free to practice our faith, and wear religious garments as suits our conscience. And we are free to group together and participate in political debate.

But we often overlook the benefit of a checked and balanced government. The Constitution prescribed a three-branched government to ensure that no faction could unaccountably overstep its authority. As children learn, the legislative branch makes law, taxes, and spends (Article I), the executive branch enforces law (Article II), and the judicial branch resolves cases and controversies before it (Article III).

For most of the our history, the Constitution has limited the federal government’s capacity to create law, tax, regulate, and criminalize. The three branches have the power to check each other, and the ballot box ultimately holds politicians accountable.

But the Framers could not foresee the emergence of the regulatory state, which has effectively become the fourth branch of U.S. government.

Congress abdicated its lawmaking powers to literally countless agencies from the New Deal era to the present day. Agency bureaucrats can and do generate regulations autonomously. In 1946, Congress passed the Administrative Procedures Act, which prescribed the “notice-and-comment” process to constrain agency rulemaking, but this is a poor substitute for the accountable and divided government framed by the Constitution. While the public may comment on proposed regulations before enactment, regulators may ignore opposition to costly new rules, or even fabricate public support in favor of regulation.

Agencies increasingly avoid notice-and-comment rulemaking altogether using what Clyde Wayne Crews calls “regulatory dark matter”: industry guidance, opinions, and interpretations. Because many agencies have enforcement power, guidance and opinion letters—even blog posts—may effectively impose new requirements and certainly new compliance costs of businesses. Through new “interpretations,” agencies take advantage of the deference courts give them. Interpretations can effectively announce new rules by decree, as when the Department of Labor unexpectedly decided that a 1938 law makes certain independent contractors into employees.

Some agencies have also become adept at usurping legislative and judicial powers by settling lawsuits with non-government organizations, which creates de facto law without formal rulemaking or appropriation. For example, the EPA currently hopes to expand its authority by imposing clean fuel standards on Volkswagen to settle unrelated diesel fraud claims. The EPA has a track record of setting policy though settled litigation.

While the three canonical branches of government counterbalance each other, the “fourth branch” simply accumulates regulations and dark matter rules over time. Layers accumulate like debris in a neglected gutter. Regulations fossilize over time, as once-burdensome rules become the expectations of industry, deterring competition and hindering innovation. Volumes of code can block the flow of economic development indefinitely.

But there is hope: the Framer’s original design is still intact. Congress and the President can scrape off regulatory debris, banish regulatory dark matter, and prevent more from accumulating.

It would be a fitting tribute to the Constitution.

Due to Date Lines, Lies and Immunity Proven on Hillary’s Server

Posted on by

It is looking much worse for how the FBI led this investigation while Director Comey has moved on, sorta:

Asked whether he knew if Clinton’s attorneys saw classified information, Comey said he did not know the answer.

Chaffetz was more certain. “It has to be yes, director,” he said. “You came across 110 and they said they went through all of them.”

Comey referred Chaffetz to his statement Tuesday in which he said Clinton’s attorneys sorted the emails for classified information using headers and search terms.

“Did Hillary Clinton give non-cleared people access to classified information?” Chaffetz asked.

“Yes,” Comey said, repeating, “Yes.”

Chaffetz asked, “What do you think her intent was?”

“I think that was to get good legal representation and to make the production to the State Department,” Comey responded. “I think it would be a very tall order in that circumstance, if I don’t see the evidence to make a case that she was acting with criminal intent in her engagement with her lawyers.”  More here from Politico. 

Judicial Watch: New State Department Documents Reveal Top Agency Officials Raised Questions about Clinton Emails in Early August 2013

‘Finally, John, you mentioned yesterday requests for Secretary Clinton’s emails; may I get copies.’ – Margaret Grafeld, Deputy Assistant Secretary, Global Information Services to John Hackett, Deputy Director, Office of Information Programs and Services, August 7, 2013

 Documents Reveal that in Early August 2013, State had 17 Freedom of Information Requests relating to requests for Clinton correspondence

(Washington, DC) – Judicial Watch today released 113 pages of new State Department documents, revealing that in early August 2013, top State Department officials raised questions about former Secretary of State Hillary Clinton’s emails and the number of Freedom of Information Act (FOIA) requests seeking information about them.

According to the newly obtained emails, in August 2013, State Department officials were aware of 17 FOIA requests relating to requests for Clinton correspondence, including four that “specifically mention Emails or Email accounts.” Despite the large number of FOIA requests and growing concern among top agency officials, the State Department did not formally request that the former secretary of state produce the emails on the clintonemail.com server until October 2014.

Included among the 17 FOIA requests was a Judicial Watch lawsuit seeking records pertaining to possible conflicts of interest between the actions taken by Hillary Clinton as Secretary of State and Bill Clinton’s activities. The lawsuit produced 276 pages of internal State Department records revealing that within two days of the deadly terrorist attack on Benghazi, Mohamed Yusuf al-Magariaf, the president of Libya’s National Congress, asked to participate in a Clinton Global Initiative function and “meet President Clinton.”  The records also show Hillary Clinton’s staff coordinated with the Clinton Foundation’s staff to have her thank Clinton Global Initiative project sponsors for their “commitments” during a Foundation speech on September 25, 2009.  The lawsuit (Judicial Watch v. U.S. Dept. of State (No. 1:13-cv-00772)) was filed on May 28, 2013.

In a 2014 joint expose with the Washington Examiner Judicial Watch’s Chief Investigative Reporter Micah Morrison reported:

[F]ormer President Clinton gave 215 speeches and earned $48 million while his wife presided over U.S. foreign policy, raising questions about whether the Clintons fulfilled ethics agreements related to the Clinton Foundation during Hillary Clinton’s tenure as secretary of state.

According to documents obtained by Judicial Watch and released … in an ongoing Freedom of Information Act case, State Department officials charged with reviewing Bill Clinton’s proposed speeches did not object to a single one.

The new State Department documents records were obtained by Judicial Watch under court order in a March 2016, FOIA lawsuit against the agency for all records “about the processing of a December 2012 FOIA request filed by Citizens for Responsibility and Ethics in Washington [CREW]” (Judicial Watch, Inc. v. U.S. Department of State (No. 1:16-cv-00574)).In December 2012, CREW filed a FOIA request with the Department of State for “records sufficient to show the number of email accounts of or associated with Secretary Hillary Rodham Clinton.” In May 2013, the agency responded that “no records responsive to your request were located.”  Earlier this year, the State Department Office of Inspector General concluded that the “no records response” sent in response to this request was “inaccurate and incomplete.”

According to the newly obtained records, by early August 2013, top State Department officials raised questions about FOIA requests seeking information related to the Clinton emails:

From: Grafeld, Margaret P

Sent: Wednesday, August 07, 2013 10:47 AM

To: Walter, Sheryl; Hackett, John

Subject: Fw: IPS significant FOIA Report

… Finally, John, you mentioned yesterday requests for Secretary Clinton’s emails; may I get copies, pls and thx.

[Margaret Grafeld was the Deputy Assistant Secretary for Global Information Services. Sheryl Walter was the State Department Director, Office of Information Programs and Services/Global Information Services. John Hackett was the Deputy Director, Office of Information Programs and Services.]

From: Walter, Sheryl L

Sent: Wednesday, August 07, 2013 10:51 AM

To: Hermesman, Geoffrey F [and others]

Subject: FW: IPS Significant FOIA Report

… Geoff, can you get a copy of all requests related to Clinton’s emails?

[Geoffrey Hermesman was a State Department program analyst.]

From: Hermesman, Geoffrey F

Sent: Wednesday, August 07, 2013  12:54 PM

To: Sheryl Walter [and others]

Subject: RE: IPS significant FOIA Report

A search of the F2 database identified 17 FOIA cases that contain Clinton in the subject line and can be further construed as requests for correspondence between the Secretary and other individuals and/or organizations. Of these, four specifically mention Emails or Email accounts.

From: Finnegan, Karen M

Sent: Wednesday, August 07, 2013 4:10 PM

To: Walter, Sheryl L [and others]

Subject: RE: IPS Significant FOIA Report

Sheryl: To follow-up on my early response, Cristina is handling the Judicial Watch case, CA No. 2013-772 (DDC) (J. Kollar-Kotelly), that seeks access to all communications (including e-mail) between the Department and President Clinton and/or his foundation regarding clearing his speeches [Redacted]

[Karen Finnegan was division chief of the State Department’s freedom of information program.]

Last month, Judicial Watch released 10 pages of Department records that included an email sent by State Department spokesman Brock Johnson alerting Cheryl Mills, Hillary Clinton’s then Chief of Staff, that a “significant” Freedom of Information Act (FOIA) request had been made for records showing the number of email accounts used by then-Secretary of State Hillary Clinton.

“These new emails suggest that the Obama State Department knew about the Clinton email problem at least three years but covered it up,” said Judicial Watch President Tom Fitton.  “Any criminal investigation of the Clinton email scandal must include officials in the Obama administration.”

###

 

LawNewz: The New York Times first reported on Combetta’s immunity deal in an article published late Thursday evening.  The article states Combetta’s actions with respect to his work on the Clinton email server were referenced in the FBI investigation summary released on September 2 — but his name was redacted.

According to the FBI investigation summary, Combetta appears to be the individual who deleted Clinton’s email archives from the PRN systems in late March 2015.  The FBI also uncovered evidence of a work ticket referencing a conference call between PRN and Clinton’s attorneys on March 31, 2015, but Combetta was advised by PRN lawyers not to answer questions about the conference call, citing attorney-client privilege.

During his second interview with the FBI in May 2016, Combetta told investigators that he deleted the emails in late March 2015 after recalling an order from Clinton’s team in December 2014 to delete all of the emails that may still exist.  He referred to this recollection as an “oh shit” moment and decided to delete the emails, all the while knowing the preservation order existed.  Combetta also told investigators he used the BleachBit program tool, ensuring the emails could not be recovered by investigators or anyone else.

However, during his previous interview in February 2016, he told investigators that the December 2014 deletion order played no role in his decision to delete the emails.

Despite lying to investigators, Combetta reportedly received immunity from prosecution.

Before Combetta’s identity or immunity deal was reported, the Denver Post published an editorial calling the circumstances surrounding the deletion of the emails a “hard-to-believe shocker that ought to give reasonable people pause.”  PRN is a Colorado based company.

The timing of the deletion is important because it was done after Congress requested Clinton retain all of the emails that still existed.  On Tuesday, Congressman Jason Chaffetz asked the Department of Justice to conduct an obstruction of justice investigation into the deletion of the emails.

However, if reports of the immunity deal are true, it seems unlikely that any sort of obstruction of justice investigation case can go forward.  Combetta would seemingly be protected from prosecution.

That seems to be the conclusion of the Clinton campaign, at least according to what spokesman Brian Fallon told the newspaper.  Fallon said all of this had already been “thoroughly examined by the F.B.I. prior to its decision to close out this case.”

He added, “As the F.B.I.’s report notes, neither Hillary Clinton nor her attorneys had knowledge of the Platte River Network employee’s actions. It appears he acted on his own and against guidance given by both Clinton’s and Platte River’s attorneys to retain all data in compliance with a congressional preservation request.”

House Office Report on Edward Snowden

Posted on by

Edward Snowden, Defending His Patriotism, Says Disclosures Helped Privacy

In this file photo, American whistleblower Edward Snowden delivers remarks via video link from Moscow to attendees at a discussion regarding an International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers in New York City on Sept. 24, 2015. © REUTERS/Andrew Kelly

In this file photo, American whistleblower Edward Snowden delivers remarks via video link from Moscow to attendees at a discussion regarding an International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers in New York City on Sept. 24, 2015.  More here.

Executive Summary of Review of the Unauthorized Disclosures of Former National Security Agency Contractor Edward Snowden

UNCLASSIFIED

In June 2013, former National Security Agency (NSA) contractor Edward Snowden

perpetrated the largest and most damaging Public release of classified information in U.S.

intelligence history. In August 2014, the Chairman and Ranking Member of the House

Permanent Select Committee on Intelligence (HPSCI) directed Committee staff to carry out a

comprehensive review of the unauthorized disclosures. The aim of the review was to allow the

Committee to explain to other Members of Congress-and, where possible, the American

people-how this breach occurred, what the U.S. Government knows about the man who

committed it, and whether the security shortfalls it highlighted had been remedied.

Over the next two years, Committee staffrequested hundreds ofdocuments from the

Intelligence Community (IC), participated in dozens ofbriefings and meetings with IC

personnel, conducted several interviews with key individuals with knowledge of Snowden’s

background and actions, and traveled to NSA Hawaii to visit Snowden’s last two work locations.

The review focused on Snowden’s background, how he was able to remove more than 1.5

million classifled documents from secure NSA networks, what the 1.5 million documents

contained, and the damage their removal caused to national security.

The Committee’s review was careful not to disturb any criminal investigation or future

prosecution of Snowden, who has remained in Russia since he fled there on June 23, 2013.

Accordingly, the Committee did not interview individuals whom the Depatment of Justice

identified as possible witnesses at Snowden’s trial, including Snowden himself, nor did the

Committee request any matters that may have occurred before a grand jury. Instead, the IC

provided the Committee with access to other individuals who possessed substantively similar

knowledge as the possible witnesses. Similarly, rather than interview Snowden’s NSA

coworkers and supervisors directly, Committee staffinterviewed IC personnel who had reviewed

reports o finterviews with Snowden’s co-workers and supervisors. The Committee remains

hopeful that Snowden will retum to the United States to face justice.

The bulk of the Committee’s 36-page review, which includes 230 footnotes, must remain

classified to avoid causing further harm to national security; however, the Committee has made

a number of unclassified findings. These findings demonstrate that the public narrative

popularized by Snowden and his allies is rife with falsehoods, exaggerations, and crucial

omissions, a pattem that began befiore he stole 1.5 million sensitive documents.

First, Snowden caused tremendous damage to national security, and the vast

majority of the documents he stole have nothing to do with programs impacting individual

privacy interests-they instead pertain to military, defense? and intelligence programs of

great interest to America,s adversaries. A review ofthe materials Snowden compromised

makes clear that he handed over secrets that protect American troops overseas and secrets that

provide vital defienses against terrorists and nation-states. Some of Snowden’s disclosures

exacerbated and accelerated existing trends that diminished the IC’s capabilities to collect

against legitimate foreign intelligence targets, while others resulted in the loss of intelligence

streams that had saved American lives. Snowden insists he has not shared the full cache of 1.5

million classified documents with anyone; however, in June 2016, the deputy chairman of the

Russian parliaments defense and security committee publicly conceded that “Snowden did

share intelligence” with his govemment. Additionally, although Snowden’s professed objective

may have been to inform the general public, the infiormation he released is also available to

Russian, Chinese, Iranian, and North Korean govemment intelligence services; any terrorist

with Internet access; and many others who wish to do harm to the United States.

The full scope ofthe damage inflicted by Snowden remains unknown. Over the past

three years, the IC and the Department ofDefiense (DOD) have carried out separate

reviews with differing methodologies-fthe damage Snowden caused. Out of an abundance of

caution, DOD reviewed all 1.5 million documents Snowden removed. The IC, by contrast, has

carried out a damage assessment fior only a small subset ofthe documents. The Committee is

concerned that the IC does not plan to assess the damage ofthe vast majority of documents

Snowden removed. Nevertheless, even by a conservative estimate, the U.S. Govemment has

spent hundreds of millions of dollars, and will eventually spend billions, to attempt to mitigate

the damage Snowden caused. These dollars would have been better spent on combating

America’s adversaries in an increasingly dangerous world.

Second, Snowden was not a whistleblower. Under the law, publicly revealing

classifled information does not qualify someone as a whistleblower. However, disclosing

classified information that Shows fraud, Waste, Abuse, Or Other illegal activity to the

appropriate law enforcement or oversight personnel-including to Congressuloes make someone

a whistleblower and affords them with critical protections. Contrary to his public claims that he

notified numerous NSA officials about what he believed to be illegal intelligence collection, the

Committee found no evidence that Snowden took any official effort to express concems about

U.S. intelligence activities-legal, moral, or otherwise-to any oversight officials Within the

U.S. Govemment, despite numerous avenues for him to do so. Snowden was aware of these

avenues. His only attempt to contact an NSA attomey revolved around a question about the

legal precedence ofexecutive orders, and his only contact to the Central Intelligence Agency

(CIA) Inspector General (IG) revolved around his disagreements with his managers about

training and retention ofinfiormation technology specialists.

Despite Snowden’s later public claim that he would have faced retribution for voicing

concems about intelligence activities, the Committee found that laws and regulations in effect at

the time of Snowden’s actions afforded him protection. The Committee routinely receives

disclosures from IC contractors pursuant to the Intelligence Community Whistleblower

Protection Act of 1998 (IC WPA). If Snowden had been worried about possible retaliation for

voicing concerns about NSA activities, he could have made a disclosure to the Committee. He

did not. Nor did Snowden remain in the United States to flee the legal consequences of his

actions, contrary to the tradition of civil disobedience he professes to embrace. Instead, he fled

to China and Russia, two countries whose governments place scant value on their citizens’

privacy or civil liberties-and whose intelligence services aggressively collect information on

both the United States and their own citizens.

To gather the files he took with him when he left the country for Hong Kong, Snowden

infringed on the privacy of thousands of govemment employees and contractors. He obtained

his colleagues, security credentials through misleading means, abused his access as a systems

administrator to search his co-workers, personal drives, and removed the personally

identifiable information of thousands of IC employees and contractors. From Hong Kong he

went to Russia, where he remains a guest of the Kremlin to this day.

It is also not clear Snowden understood the numerous privacy protections that govern the

activities of the IC. He failed basic annual training for NSA employees on Section 702 of the

Foreign Intelligence Surveillance Act (FISA) and complained the training was rigged to be

overly difficult. This training included explanations of the privacy protections related to the

PRISM program that Snowden would later disclose.

Third, two weeks before Snowden began mass downloads of classified documents,

he was reprimanded after engaging in a workplace spat with NSA managers. Snowden was

repeatedly counseled by his managers regarding his behavior at work. For example, in June

2012, Snowden became involved in a fiery e-mail argument With a Supervisor about how

computer updates should be managed. Snowden added an NSA senior executive several levels

above the supervisor to the e-mail thread, an action that earned him a swift reprimand from his

contracting officer for failing to follow the proper protocol for raising grievances through the

chain of command. Two weeks later, Snowden began his mass downloads of classified

information from NSA networks. Despite Snowden’s later claim that the March 2013

congressional testimony of Director of National Intelligence James Clapper was a “breaking

point” for him, these mass downloads predated Director Clapper’s testimony by eight months.

Fourth, Snowden was, and remains) a serial exaggerator and fabricator. A close

review of Snowden’s official employment records and submissions reveals a pattern of

intentional lying. He claimed to have left Army basic training because of broken legs when in

fact he washed out because of shin splints. He claimed to have obtained a high school degree

equivalent when in fact he never did. He claimed to have worked for the CIA as a “senior

advisor,” which was a gross exaggeration of his entry-level duties as a computer technician. He

also doctored his performance evaluations and obtained new positions at NSA by exaggerating

his resume and stealing the answers to an employment test. In May 2013, Snowden informed

his supervisor that he would be out of the office receive treatment for worsening epilepsy. In

reality, he was on his way to Hong Kong with stolen secrets.

Finally, the Committee remains concerned that more than three years after the start

of the unauthorized disclosures, NSA, and the IC as a whole, have not done enough to

minimize the risk of another massive unauthorized disclosure. Although it is impossible to

reduce the chance of another Snowden to zero, more work can and should be done to improve

the security of the people and computer networks that keep America’s most closely held secrets.

For instance, a recent DOD Inspector General report directed by the Committee found that NSA

has yet to effectively implement its post-Snowden security improvements. The Committee has

taken actions to improve IC information security in the Intelligence Authorization Acts for

Fiscal Years 2014, 2015, 2016, and 2017, and looks forward to working with the IC to continue

to improve security.