Forget Collusion. Can Mueller Prove Russia Committed Cyberespionage? And if not, what’s the point of his investigation? By Andrew C. McCarthy
The rationale for Robert Mueller’s appointment as special counsel is that Russia conducted a cyberespionage attack — hacking — to interfere in the 2016 presidential campaign, and that the Trump campaign may somehow have “colluded” in this offense. Mueller has been at this for six months, and the FBI for a year before that. So isn’t it about time we asked: Could Mueller prove that Russia did it?
Forget Trump. What about Russia?
We have paid too much attention to the so-called collusion component of the probe — speculation about Trump-campaign coordination in Russia’s perfidy. There appears to be no proof of that sort of collusion. Because it has been our focus, though, Mueller has gotten a free pass on a defect that would be fatal to any related prosecution theory: He cannot prove beyond a reasonable doubt that Russia is guilty of hacking the Democratic National Committee and prominent Democrats.
This doesn’t mean it didn’t happen — like the U.S. intelligence agencies, I’m assuming it did, and that Russia should continue to be the subject of intense government counterintelligence efforts. The point is that Mueller can’t prove it in court, which is the only thing for which a prosecutor is needed. If he can’t establish to the required standard of proof that Russia conducted an espionage attack on the election, it is impossible to prove that anyone conspired with Russia to do so. There is no criminal case.
Plainly, that is why Deputy Attorney General Rod Rosenstein, to appease Democrats angered over former FBI director James Comey’s firing in May, appointed a special counsel without specifying any crimes that the Justice Department is purportedly too conflicted to investigate (as the pertinent regulations require). This infirmity was papered over by calling the probe a “counterintelligence” investigation — which is not a criminal investigation but an information-gathering exercise to defend the nation against foreign threats to American interests.
Rosenstein did not identify a crime because he did not have one. There are two reasons for this, but we have focused myopically on the wrong one: the fact that contacts between Trump associates and the Russian regime do not prove they conspired together in an espionage scheme. That simply shows that Mueller does not have a case. The more basic problem is that he cannot have a case. Russia’s espionage operation cannot be proved beyond a reasonable doubt, so it will never be possible to prove the Trump campaign colluded in it.
Let’s concede that there is some evidence — not much, but some — of contacts between Trump associates and operatives of the Russian regime. On its face, this is not incriminating — no more than the fact of contacts between the Clinton camp and the Russian regime. What would make the Trump-Russia contacts criminal would be indications that they facilitated Russia’s cyberespionage operation against the 2016 election.
This raises the question: What is the proof that Russia conducted a cyberespionage operation against the 2016 election? Here we get to the critical distinction between counterintelligence and criminal investigations — a distinction I have been harping on since before Mueller’s appointment.
The government, the media, and most of the public accept the premise that Russia interfered in the election. But not because this assertion has been proved in court. Instead, it is based on an intelligence judgment by three agencies, the FBI, CIA and NSA, announced under the auspices of a fourth, the Office of the Director of National Intelligence.
All four agencies were run by Obama appointees. The Obama administration had a history of politicizing intelligence to serve administration narratives, and the intelligence judgment in question cannot be divorced from politics because it was announced just as Obama’s party was fashioning a narrative that Russian espionage had stolen the election from Democratic candidate Hillary Clinton. Nevertheless, it is not my purpose here to make a partisan argument. The point is to consider the nature of intelligence judgments — to contrast them with courtroom findings. This dichotomy does depend on which party is running the executive branch.
The objective of a criminal investigation is a prosecution, not a national-security judgment. In a prosecution, each essential element of the offense charged must be proved beyond a reasonable doubt. It is virtually certain that Mueller could never establish, to this exacting standard of proof, that Russia is guilty of cyberespionage — at least in the absence of an accomplice witness involved in the hacking, which he apparently does not have despite the government’s 18 months of investigative effort.
The intelligence agencies may have high confidence in their judgment about Russian espionage. But that does not mean this judgment could ever be proved in a criminal prosecution. In fact, the intelligence agencies’ own January 6 report on “Russia’s Influence Campaign Targeting the 2016 Presidential Election” flatly states: “Judgments are not intended to imply that we have proof that shows something to be a fact.” (Report, p. 13, Annex B, explaining “Estimative Language.”)
Let that sink in.
A comparison is in order: If a prosecutor presenting an indictment were to say, “This allegation is not intended to imply that we have proof that shows the allegation to be a fact,” the jury would say, “Not guilty.” Indeed, the judge would dismiss the case before it ever got to jury deliberations.
Still, if you think about what intelligence agencies are for, their humility about the uncertainty of their judgments makes sense. They are protecting national security. When American lives are at stake, we do not wait to take action until the threats against us can be proved beyond a reasonable doubt. We make judgments, as the agencies’ Russia report admits, based on sources of information and analytic reasoning.
The information on which these judgments are based is often fragmentary and so highly sensitive — e.g., covert agents who would be killed if revealed — that it cannot be exposed publicly without compromising top-secret intelligence operations, which would endanger the nation. The analytic reasoning gives us not courtroom proof of fact but the intelligence agencies’ perceptions of probability. Intel analysts are highly trained and expert in their field; nevertheless, their conclusions are often highly debatable or wrong — which is to be expected: The information inputs are of varying quality, so the best output they can give you is often mere probability.
Prosecutors are not in the probability biz. They are not directly responsible for national security, even if their cases promote it. The prosecutor’s remit is to prove facts to a near certainty because the result of a prosecution is the removal of fundamental freedoms: liberty, property, and in a capital case, even life. This is why evidentiary rules suppress evidence that fails the tests of authenticity and reliability (while intelligence analysts can factor such evidence in, so long as they account for its suspect nature). It is also why the “beyond a reasonable doubt” standard is imposed in criminal cases — more demanding than the “preponderance of the evidence” standard in civil cases and the “probable cause” standard that applies to arrests or search warrants, both of which are themselves much more demanding than the supposition that frequently supports intelligence judgments.
The agencies’ Russia report informs us from the get-go that the full extent of their knowledge and the bases for their assessments cannot be demonstrated publicly because “the release of such information would reveal sensitive sources or methods and imperil the ability to collect critical foreign intelligence in the future.”
Mueller thus can’t prove what the agencies claim to know. But this limitation is not the half of it.
The most critical physical evidence of Russian cyberespionage is the DNC server system alleged to have been hacked. Inexplicably (given how central the server system is to the controversy that has roiled the nation for a year), the Justice Department never compelled the surrender of this server system to the government so the FBI could conduct a forensic examination. Instead, for this essential analysis, we are expected to rely on CrowdStrike, a private DNC contractor.
Think about that: We’re to expect a jury in a criminal trial would simply accept non-law-enforcement conclusions paid for by the DNC, under circumstances in which (a) the DNC is invested in the storyline that Russia is the culprit in its effort to steal the election from Mrs. Clinton; (b) the DNC declined requests by the government to surrender its server system for FBI examination; and (c) the incumbent Democratic administration’s Justice Department unaccountably refrained from demanding — by grand jury subpoena or search warrant — that the DNC’s server system be turned over to the FBI.
Not likely.
This, of course, does not mean it was wrong for the intelligence agencies to accept a private contractor’s analysis. CrowdStrike has a good reputation. But this state of play would not fly in a criminal prosecution — a point that is so obvious that no experienced prosecutors or investigators would be confident that they could make the case without seizing the physical evidence and conducting the government’s own investigation. And you’ll notice that Mueller has brought no so case.
Besides the remorseless fact that the intelligence agencies’ judgment is just a probability assessment, not a fact, there are ongoing private investigations that cast doubt on the judgment’s probability.
The best known of these, to date, has been produced by the left-leaning Veteran Intelligence Professionals for Sanity (VIPS), given notoriety by the left-leaning publication The Nation. The VIPS naysayers, who are primarily former NSA officials, contend that the operation against the DNC was a not an overseas hack but an insider theft — “a download executed locally with a memory key or a similar portable data-storage device.” This probability assessment is largely based on the transfer speeds of megabytes of DNC data. The speeds have been deduced from analyzing metadata in files published by the persona Guccifer 2.0, who claims to have hacked the DNC and whom our spy agencies conclude is a proxy for two Russian intelligence services.
The VIPS report is not without controversy, even within VIPS itself. Former intelligence agents associated with the group have published a spirited dissent from their colleagues’ report. But we should note that the driving objection of the dissenters is that the VIPS report goes too far by offering with excessive confidence the alternative theory of an insider theft (or “local leak”). That is, the dissenters agree with their VIPS colleagues on the matter of our concern: The government intelligence agencies’ judgment, they say, is extremely suspect.
To be clear, my point is not to broker the competing claims, or to contend that the U.S. intelligence agencies’ judgment is wrong and those of its detractors are correct. Cyber-analysis is not my area of competence, but I’m predisposed to believe our agencies. The point is that our agencies are not offering courtroom-quality proof, as they forthrightly acknowledge. If Mueller ever brought a case of espionage conspiracy, he would have to prove the Russians guilty beyond a reasonable doubt to the unanimous satisfaction of twelve jurors. That jury would be bombarded by defense lawyers with the government’s failure to inspect the server system, the inherent uncertainty of intelligence judgments, the government’s inability to produce intelligence sources as witnesses, and alternative theories of what happened posited by competent intelligence professionals (e.g., “It was an insider job, not a hack,” or “It was another hacker, not the Russians”).
Couple this with the fact that everyone else in the equation has denied culpability: Putin claims the Russians did not hack; Guccifer 2.0 claims no connection to the Russians; and Julian Assange of WikiLeaks, which disseminated most of the emails for publication, claims his source was not Russia. If your response to this is to scream at me that none of these sources is credible, you are totally correct about that — but you’re missing the point. In criminal litigation, a prosecutor cannot prove a positive fact solely by a negative inference. You may believe, as I do, that Putin, Guccifer, and Assange are inveterate liars; nevertheless, the thing they are denying is not proved by their having denied it. There has to be some solid proof that Russia did it; you don’t get there by establishing merely that a bunch of notorious liars say Russia didn’t do it.
We have noted with interest that the two Trump-campaign figures who are cooperating in Mueller’s investigation, Michael Flynn and George Papadopoulos, pled guilty to false-statements charges. As I’ve explained, this is not how a prosecutor builds a case on a major criminal scheme; to the contrary, he makes the accomplices plead guilty to the scheme and then earn sentencing leniency by cooperating against the other players — you don’t plan a jury trial by branding your main witnesses as convicted liars.
Our assumption has been that these defendants were not charged with offenses arising out of “Trump collusion with Russia” because their contacts with Russians, even if unsavory, did not amount to anything criminal, much less to an espionage conspiracy against the 2016 election. That is undoubtedly true. Yet it obscures the more elemental deficiency: Mueller cannot prove in court that Russia conducted the espionage operation, so how could he hope to prove that anyone conspired in Russian espionage?
I can think of one forum in which this flaw could be overcome, though: congressional impeachment proceedings.
As we’ve noted, impeachment is not a legal remedy, it is a political one. Congress has unreviewable authority to determine what constitutes high crimes and misdemeanors. Like our intelligence agencies, it is not bound by criminal-court standards of evidence and due process. The House and Senate could choose to rely on the intelligence agencies’ judgment, warts and all. Congress could take Russian espionage as a given. Since guilt beyond a reasonable doubt is not an impeachment standard, Democrats could posture that anyone who dares question whether Russia cyber-attacked the 2016 election is defaming American intelligence agents, not raising a defense it would be malpractice for a defense lawyer in a criminal prosecution to ignore.
That is another good reason to deduce that Mueller’s team is playing a long game — impeachment, not prosecution. As a practical matter, there is no prospect of articles of impeachment unless Democrats win the 2018 midterms. So, if you thought or hoped Mueller’s investigation would be winding down anytime soon, disabuse yourself.
Still, after 18 months of investigating, it would be worth putting two simple questions to Deputy Attorney General Rosenstein, who — at least nominally — supervises Special Counsel Mueller: 1) Does the Justice Department believe, contrary to the apparent concessions in the intelligence agencies’ Russia report, that the government can prove beyond a reasonable doubt that Russia is guilty cyberespionage against the 2016 election; and 2) if not, what is the point of Mueller’s investigation?
Comments are closed.