Whistleblower Reality Winner was officially sentenced to 63 months in prison on Thursday, after a federal judge rubber-stamped a plea deal already agreed to by the prosecution and Winner’s lawyers. As the prosecution acknowledged, it is the longest sentence for a journalist’s source in federal court history. The defense agreed to the plea deal in part to bring closure to Winner and her family. Her mother, Billie Winner-Davis, said when the plea was first announced that it was in her daughter’s “best interest” since the Espionage Act does not afford her any public interest defense. But it should not bring closure to the crucial issues raised by this case, namely, the Justice Department’s contention that “national security” claims by the executive branch can never be challenged; that the executive branch has the sole authority to decide when information should be secret; and that the DOJ can prosecute journalists’ sources for “harming” national security with no public evidence whatsoever. At issue in Winner’s case is a document she leaked to a news outlet. The Intercept published an article on June 5, 2017 about a five-page National Security Agency (NSA) report that detailed how alleged Russian hackers targeted election vendors with phishing attacks in an attempt to access voters rolls in several states. The Intercept was not aware of the identity of the source who provided the document, though other news organizations connected it to Winner. In its sentencing memorandum two weeks ago, the prosecution made several dubious statements about why a sentence of this unprecedented length was necessary, chiefly that “the defendant’s unauthorized disclosure caused exceptionally grave harm to our national security,” a claim that was repeated several times. U.S. Attorney for the Southern District of Georgia Bobby Christine, who was appointed last year by President Donald Trump, went further on Thursday, calling Winner “a quintessential example of an insider threat.” “Winner will serve a term of incarceration that will give pause to others who are entrusted with our country’s sensitive national security information and would consider compromising it,” Christine told reporters after the sentencing at the federal courthouse in Augusta, Ga. “Anyone else who may think of committing such an egregious and damaging wrong should take note of the prison sentence imposed today and the very real damage done.” The government did not produce one iota of public evidence to back up its claims, citing only an unnamed “expert” whose comments are completely classified, and referring to the “top secret” marking on the document that they say “by definition” proves their point. But new evidence published by The Intercept for the first time today, along with one of Special Counsel Robert Mueller’s recent indictments, undercuts the government’s claims. When The Intercept first published the top-secret document, reporters and editors went to the government — as they do every time The Intercept publishes classified documents — to hear the NSA’s views about any information that might truly harm national security. After listening to the agency’s arguments, and out of an abundance of caution, The Intercept redacted a few pieces of information from the document before publishing it. A key phrase that the government wanted withheld was the specific name of the Russian unit identified in the document. The government was particularly insistent on that point. Since it wasn’t vital to the story that the unit’s name be revealed, nor was it clear — at least at the time — that revealing the unit’s name was in the public interest, The Intercept agreed to withhold it. But in the indictment of alleged Russian military intelligence operatives that Mueller’s office released last month, the Justice Department revealed the same name: GRU unit 74455. (The unit is also known as the Main Center for Special Technology or GTsST.) The indictment went on to reveal information almost identical to that contained in the document Winner admits to disclosing: In or around June 2016, KOVALEV and his co-conspirators researched domains used by U.S. state boards of elections, secretaries of state, and other election-related entities for website vulnerabilities. KOVALEV and his co-conspirators also searched for state political party email addresses, including filtered queries for email addresses listed on state Republican Party websites. In or around July 2016, KOVALEV and his co-conspirators hacked the website of a state board of elections (“SBOE 1”) and stole information related to approximately 500,000 voters, including names, addresses, partial social security numbers, dates of birth, and driver’s license numbers In or around August 2016, KOVALEV and his co-conspirators hacked into the computers of a U.S. vendor (“Vendor 1”) that supplied software used to verify voter registration information for the 2016 U.S. elections. KOVALEV and his co-conspirators used some of the same infrastructure to hack into Vendor 1 that they had used to hack into SBOE 1. The Justice Department is trying to have it both ways: It’s OK for Mueller to publicly release this information in an attempt to prosecute alleged Russian hackers because it’s in the public interest. But at the exact same time, the government is also claiming that a document including very similar information causes grave harm to national security when disclosed to the public by someone else. Maybe timing was the issue, you might say. Maybe the government is arguing that the Winner document, released more than a year before the Mueller indictment, somehow could have tipped off the accused Russian operatives that the NSA was spying on them. But the special counsel’s allegations point to a different conclusion. In the indictment of the alleged Russian intelligence officers, the Special Counsel’s Office describes how the FBI itself tipped off the GRU unit to the U.S. surveillance almost a year before The Intercept published the NSA document. As the indictment notes: In or around August 2016, the FBI issued an alert about the hacking of SBOE 1 and identified some of the infrastructure that was used to conduct the hacking. In response, KOVALEV deleted his search history. KOVALEV and his co-conspirators also deleted records from accounts used in their operations targeting state boards of elections and similar election related materials. If the GRU was already aware that the U.S. was watching its activities in 2016 — thanks to the FBI and not the media — how could the Winner document have “gravely harmed” national security almost a year later? Even without the Mueller indictment, the claim that the release of the NSA document seriously endangered national security was specious to begin with. There were no “sources and methods” in anything The Intercept published. By the summer of 2017, Russia’s attempted cyberattacks around the 2016 election had been widely reported. Reality Winner walks out of the courthouse in Augusta, Ga., after her sentencing on Aug. 23, 2018. Photo: Dustin Chambers for The Intercept Regardless of the government’s claims, it should be crystal clear to anyone who reads the newspaper that there is significant public interest is the information that Winner has admitted to disclosing. Russian interference in the 2016 election is still front-page news almost two years later. The federal government kept several states allegedly targeted by hackers in the dark about the specifics of these attacks until The Intercept published its story. In fact, the day after The Intercept’s story came out, the Election Assistance Commission — the federal agency in charge of assisting state election officials — wrote an urgent bulletin to states, calling the report “credible” and urging state officials to read it. The EAC then provided advice on how to take action. (The commission, unbelievably, tweeted the hashtag #RealityWinner to promote its bulletin on social media). The long history of the U.S. government claiming that a document published by the press was a “closely held” secret — when in fact it was anything but — may be why J. William Leonard, the former classification czar under George W. Bush, agreed to act as a defense witness for Reality Winner on a pro bono basis. Since leaving office in the mid-2000s, Leonard has sought to draw attention to abuses within the U.S. government classification regime and has acted as an expert witness in several leak investigations. Leonard has also testified to Congress several times about our broken secrecy system. In 2016, he spoke before the House Oversight Committee about leak prosecutions similar to Winner’s: “The opaque nature of the classification system can give the government a unilateral and almost insurmountable advantage when it is engaged in an adversary encounter with one of its own citizens, an advantage that is just too tempting for many government officials to resist.” He went on to explain in his congressional testimony that even as government employees are regularly and harshly punished for revealing information that the government considers secret, “to my knowledge no one has ever been held accountable and subjected to sanctions for abusing the classification system or for improperly classifying information.” Leonard never got to testify in the Winner trial, so the court will never hear his expert opinion on the document at issue. What we do know is that the executive branch under both parties has insisted for decades that the classification of documents is virtually unreviewable by either the judiciary branch or Congress. And history is littered with examples of the government abusing its classification authority. If you want to understand how the government classifies virtually any information in the national security space, no matter how benign, just read this recent account from BuzzFeed’s Jason Leopold about an “illegal animal killing” on CIA property involving a government employee. After Leopold got wind of an Inspector General report on the subject, he filed a FOIA request for more information. The CIA stonewalled him and withheld the IG report on the incident in full, claiming it would “harm national security” to release it — or even to disclose the type of animal that was killed. So Leopold sued. Three years later, the government finally relented and revealed that the animal in question was a deer. The rest of the report remains classified. It is, of course, conceivable that some unknown detail in the document Winner disclosed could have caused consternation at NSA headquarters. But because the government will never tell the public how something “damaged” national security, and uses the secrecy system to ensure that its arguments cannot be challenged, we’ll never know. We’ll also never know exactly how much national security damage the government caused by not releasing this information to state election officials and the public much earlier. In Augusta on Thursday, Winner spoke about her now-deceased father, who she said “expected us to engage in intellectual discourse as soon as we were out of diapers.” She said that like many Americans, her family was deeply affected by the attacks of Sept. 11, 2001, which sparked her interest in“the languages and the cultures of the countries involved.” Winner joined the Air Force, then left to further her education and seek humanitarian work. She took a job at the government contractor Pluribus to “improve the language skills I developed in the Air Force.” In a small measure of relief for Winner and her advocates, Judge Randal Hall endorsed her request to be sent to FMC Carswell, a Forth Worth federal medical facility where she will be about a seven-hour drive from her family in Kingsville, Texas. In court, Winner mentioned her 12-year struggle with bulimia, calling it “the most pressing internal challenge in my day-to-day survival,” and said that seeking treatment is one of her top goals. Her defense attorneys requested the Fort Worth facility so Winner could receive adequate medical care and “further her humanitarian objectives” through assisting other inmates with “debilitating illnesses.” Taylor Barnes contributed reporting. Top photo: Reality Winner walks out of the Federal Courthouse in Augusta, Ga., on June 26, 2018. The post The Government’s Argument that Reality Winner Harmed National Security Doesn’t Hold Up. Here’s Why. appeared first on The Intercept.
Reality Winner, who pleaded guilty, “knowingly and intentionally betrayed the trust of her colleagues and her country,” the prosecutor said.
Government investigators suspect that Joshua A. Schulte provided WikiLeaks, the anti-secrecy organization, with a stolen archive of documents detailing the C.I.A.’s hacking operations.
After the release of C.I.A. hacking tools last year, The Times has learned the suspect’s identity. He’s been charged, but in a separate child pornography case.
Press coverage of Russian intelligence attempts to hack into U.S. voting systems during the 2016 election played an important role in alerting state elections officials to the threat because government warnings were inadequate, according to a bipartisan Senate Intelligence Committee report released this week. The most detailed such news story, based on a classified National Security Agency document, appeared in The Intercept last June. A former NSA contractor, Reality Winner, has been charged under the Espionage Act for allegedly leaking a top-secret document describing the Russian attempt to penetrate voting software. The Intercept received the document featured in its June 5, 2017 Russian hacking story anonymously. (This reporter is the director of the Press Freedom Defense Fund, a division of The Intercept’s nonprofit parent company, First Look Media Works, which has contributed funds to Winner’s defense.) In implicitly conceding the impact of The Intercept’s story, as well as other coverage, the new Senate report detailing the committee’s investigation of Russian election meddling makes the case that the leak helped state officials around the nation begin to address the threat of Russian hacking into American voting systems. It is a remarkable and paradoxical assertion from a government that has used the full force of the law to pursue Winner for allegedly sharing the document with a news organization. The committee’s conclusions offer strong support for the argument that disclosing the document was in the public interest. The Senate report states that Russian attempts to target U.S. voting infrastructure began “at least as early as 2014” and continued through the 2016 election. The Intercept story and others published earlier may have provided a wake-up call to state and federal officials about their vulnerability to the Russian cyber campaign. The Senate report says that “many state election officials reported hearing for the first time about the Russian attempts to scan and penetrate state systems from the press or from the public Committee hearing on June 21, 2017.” The Intercept story ran less than three weeks before that hearing. The report notes that the Department of Homeland Security and the FBI issued alerts that were “limited in substance and distribution” in the summer and fall of 2016. “States understood there was a cyber threat but did not appreciate the scope, seriousness or implication of the particular threat they were facing,” according to the report. “The Committee found that DHS’s initial response was inadequate to counter the threat,” the report says. The DHS’s notifications in the summer of 2016, coupled with a public statement by the DHS and the Office of the Director of National Intelligence in October 2016, “were not sufficient warning.” Although the DHS provided warning to IT staff in the fall of 2016, notifications to state election officials were delayed by nearly a year. It wasn’t until September 2017 – “and only under significant pressure from this Committee and others”— that the DHS told chief election officials in targeted states about “the scanning activity and other attacks and the actor behind them,” according to the report. Reality Winner’s military headshot. Photo: Stand With RealityProdded by the Senate committee and greater public awareness of the threat, the DHS is now working more effectively with state election officials, the report says. A so-called Election Infrastructure Information Sharing and Analysis Center has been established to share information with state and local election officials. The DHS has also hosted a classified briefing for state chief election officials and is working to provide security clearances for those officials. Among the recommendations of the Senate committee’s report is a call for the intelligence community to improve information-sharing on threats and to “put a high priority on attributing cyberattacks both quickly and accurately.” It adds that the DHS “must create clear channels of communication between the federal government and appropriate officials at the state and local levels.” It also sees a role for the media in disseminating information about such threats. “Election experts, security officials, cybersecurity experts, and the media should develop a common set of precise and well-defined election security terms to improve communication,” the report notes. Although other news outlets reported on threats of Russian intrusion into the U.S. elections system, The Intercept’s June 2017 story was distinctive in that it relied on government information not authorized for public release. The New York Times referred to The Intercept’s reporting in its own coverage of the Senate report, noting that a “National Security Agency analysis leaked last June concluded that Russian military intelligence launched a cyberattack on at least one maker of electronic voting equipment during the 2016 campaign, and sent so-called spear-phishing emails days before the general election to 122 local government officials, apparently customers of the manufacturer. The emails concealed a computer script that, when clicked on, ‘very likely’ downloaded a program from an external server that gave the intruders prolonged access to election computers or allowed them to search for valuable data.” The government appears to recognize that The Intercept’s story played a critical role in warning American elections officials about the threat, yet the Senate report comes at a time when the Trump administration has continued to take a draconian approach in its prosecution of Reality Winner. Prosecutors have successfully pushed to have her denied bail and have sought to argue that she caused significant damage to national security. While senior government officials like former CIA Director David Petraeus have been given what amount to slaps on the wrist in leak cases, Winner remains incarcerated even as the Senate is effectively lauding the leak for which she is charged. Top photo: Members of the Senate Intelligence Committee gather ahead of a press conference previewing the committee’s findings on Russian election meddling at the U.S. Capitol in Washington, D.C., on March 20, 2018. The post Senate Report Strongly Implies Russian Hacking Story Was a Public Service — but Whistleblower Reality Winner Remains in Jail appeared first on The Intercept.