Newly Declassified DOJ Watchdog Report Shows FBI Cut Corners in Clinton Email Investigation
I'm archiving "Clinton annex" here to make its text searchable. You can download the annex in PDF format via the link below:
Check my other posts for the previous parts. This is the second part.
II. (redacted) THE (redacted) COLLECTION
(redacted) Beginning in (redacted), the FBI obtained thumb drives from a (redacted) source Known as T1. These thumb drives contained (redacted) data, including (redacted) and content exfiltrated from the U.S. victims of (redacted) computer network intrusions. The FBI refers to all data acquired from T1 as (redacted) data. According to FBI witnesses and documents we reviewed, the obtained eight thumb drives from T1 between (redacted) and (redacted), all of which are in FBI custody at the Washington Field Office (WFO) Northern Virginia Resident Agency (NVRA). T1 continued to provide additional (redacted) communications and documents after the production of the thumb drives. This data is referred to as "Post-8 Data" or "Mission Ridge Data."
(redacted) Thumb Drives 1-5
(redacted) The first five thumb drives were obtained by the FBI in (redacted). These thumb drives primarily contain data exfiltrated by (redacted) from various U.S. victims, including the Executive Office of the President (EoP), the State Department, the U.S. House of Representatives, other federal agencies, and private sector and educational institutions. FBI employees told us that it was highly likely that data exfiltrated from other, unknown U.S. victims was also present on these thumb drives.
(redacted) In (redacted) FBI personnel (redacted) process (redacted) the first five thumb drives. (redacted), they reviewed data on the thumb drives and determined that it contained U.S. victim information. FBI personnel told us that the data on the first five thumb drives appeared to have been obtained from (redacted), because the FBI personnel could see (redacted) Examples of U.S. victim information that the analysis observed during this review included former President Barack Obama's emails, possible evidence of an (redacted) intrusion into the (redacted) advance intelligence about a planned FBI arrest of a Russian citizen, network infrastructure diagrams for U.S. government classified networks, and other potentially classified U.S. government information.
(redacted) One FBI employee told us that thumb drives 3 and 4 focused primarily on State Department communications, while another FBI witness stated that an estimated (redacted) percent of the data on the first five thumb drives pertained to the State Department. According to an FBI employee we interviewed, the (redacted) maintained an (redacted) cyber intrusion into State Department computer networks for approximately (redacted), which was the reason for the large quantity of State Department data in the collection.
(redacted) Witnesses told us that the FBI has never comprehensively reviewed thumb drives 1 through 5. Beginning in late (redacted) there were discussions within the FBI and with the Department about whether and how to review the data on the thumb drives. An FBI Office of General Counsel (OGC) lawyer told the OIG that there were concerns that exfiltrated victim data for EoP, the State Department, and the House of Representatives may be subject to Executive and Congressional Privileges. According to FBI witnesses and contemporaneous documents reviewed by the OIG, EoP officials raised privilege concerns with respect to certain U.S. victim data present on the thumb drives, precluding review by the FBI subject to limited exceptions discussed below.1
1 (redacted) Although beyond the scope of our current review, various FBI witnesses told us that the FBI Cyber Division has sought to obtain approval to conduct a comprehensive review of the (redacted) data since receiving the first five thumb drives in (redacted) FBI witnesses we interviewed identified different Department and FBI officials as responsible for the decision in late (redacted) to limit FBI access to the first five thumb drives; most of the officials they identified are no longer employed by the Department. However, all of the FBI and Department witnesses we interviewed agreed that the decision not to allow the FBI to review the data on the first five thumb drives was based on concerns that U.S. victim information exfiltrated by (redacted) was subject to various Executive and Congressional Privileges. Given the focus of this review, we have not sought to determine what happened or identify who was responsible for the ultimate decision not to review the thumb drives.
(redacted) Our limited investigation into this issue revealed additional efforts to obtain access to all eight thumb drives in (redacted), after the Midyear investigation concluded on July 5. In particular, we identified an August 31, 2016 memorandum from then Deputy Director Andrew McCabe to then DAG Sally Yates requesting permission to review all eight thumb drives for information related to attempts by the Russian Government to influence the U.S. political process. We were told by FBI witnesses that this memorandum resulted in two separate meetings about this issue that included McCabe, Yates, and White House Counsel W. Neil Eggleston, among others. The first meeting occurred on September 20, 2016, and the second on October 20, 2016.
(redacted) On September 30, 2016, after the first meeting, Comey and McCabe received an email from Eggleston that referenced review protocols that had been developed for thumb drive searches that the White House Counsel had agreed to in early 2016 (discussed below) related to (redacted). The email stated, "The proposal that is the subject of the current outreach differs materially from these prior efforts. In this case the FBI has not presented a clear idea of what it is searching for or any limitations on its access to the data." Eggleston’s email also expressed willingness to work with the FBI to discuss "possible ways forward." FBI witnesses stated that Eggleston told the FBI in the October 20 meeting that their proposal for reviewing the thumb drives was overly broad and did not include sufficient protections for privileged material, but that they would consider a proposal to conduct keyword searches. According to these witnesses, the FBI did not raise the issue again with EoP given the focus in October and November 2016 on the investigation into Russian election interference and the review of the Anthony Weiner laptop.
(redacted) On January 19, 2017, the last day of the Obama administration, Eggleston sent a letter to Comey and McCabe that referenced the October 20, 2016 briefing and stated, "To date, there has not been further contact concerning your request." The letter stated that there was a need to develop search protocols that would enable the FBI to review the thumb drives, while protecting the interests of EoP as a victim, and asserted a continuing right by representatives of former President Obama to protect the potentially privileged information in the exfiltrated victim data. Given the scope of our current review, we have not followed up on this information. In our limited review, we identified no other memoranda or proposals by the FBI to obtain access to the thumb drives until 2018, as we describe in Section IV.C. of this classified appendix.