Month: March 2023

Source: United States Department of Justice

The Justice Department’s National Security Division was created in the wake of 9/11 to unify all of the Justice Department’s national security efforts. We investigate and prosecute spies and terrorists, combat nation-state cyber threats and foreign malign influence, enforce sanctions and export control laws, and more. NSD is also responsible for the Foreign Intelligence Surveillance Act, or FISA — we are the lawyers who represent the government before the Foreign Intelligence Surveillance Court, and we oversee the use of FISA authorities. 

I’ve been in this job, leading the National Security Division, for just over a year. But I’ve worked in national security for much of my career.

People often ask: What keeps you up at night? And usually that’s a hard question for me to answer — we face such a wide range of threats from nation-state adversaries, terrorists, and malicious cyber actors. And those threats are constantly evolving —  it’s difficult to point to just one.

But right now, I can answer that question without hesitation. What keeps me up at night is thinking about what will happen if we fail to renew Section 702 of FISA. This law will expire on December 31st of this year if Congress doesn’t act to reauthorize it. If 702 expires or is watered down, the United States will lose critical insights we need to protect the country.

Section 702 is the law that enables the U.S. government to obtain uniquely valuable intelligence by targeting non-Americans overseas, who are using U.S.-based communications services. Its value cannot be overstated. Without 702, we will lose indispensable intelligence for our decision makers and warfighters, as well as those of our allies. And we have no fallback authority that could come close to making up for that loss.

That is why this morning the Attorney General and the Director of National Intelligence sent a letter urging Congress to swiftly reauthorize 702, emphasizing that there is simply no way to replicate 702’s speed, reliability, and insight.

Section 702 enables the United States government to gain intelligence about our most pressing threats. Today, we are relentlessly focused on serious threats, such as:

• The Chinese government’s efforts to spy on us and steal our technology;
• Iran’s sanctions evasions;
• North Korea’s nuclear program; and
• Russia’s invasion of Ukraine.

Let me stress the point about the threat we face from China, in particular. At this moment, when China is ramping up its aggressive efforts to spy on Americans, it would be a grievous mistake to blind ourselves to that threat by allowing this critical authority to expire.

The bottom line is that Section 702 gives us the intelligence necessary to stay one step ahead of our adversaries. We cannot afford to allow it to lapse. And it is too important to the interests of the U.S. and our allies — and to our basic safety — to wait for the 11th hour to do so.

So, it is time to sound the alarm. We must act with urgency. Both the intelligence and law enforcement communities must partner with Congress. And we must make the case to the American people directly.

I see the urgency of this moment in my current position. But I also recognize the critical value of 702 from nearly two decades working in national security at DOJ and in the Intelligence Community. As a lawyer in the Justice Department and the FBI in the years after 9/11, I saw how the statutory framework that existed before 702 couldn’t keep pace with evolving technologies and dynamic threats.

When I first came to NSD in 2008, I was part of the team that helped craft Section 702. I went on to become the General Counsel at NSA where I oversaw NSA’s implementation of 702 and saw, in practice, both the power of 702 as a collection tool and the rigor of the oversight procedures that are built into it.

In my time as the Director of the National Counterterrorism Center, I benefited from 702 as an intelligence consumer — nearly every day it provided key insights that supported our ability to combat terrorism, al-Qaeda and ISIS in particular.

Section 702 has faced a sunset twice in the past decade. Both times Congress voted to reauthorize it, with strong bipartisan support. While 702 is more essential than ever before, the broad, bipartisan consensus supporting this, and other national security authorities, has frayed in recent years.

If we are going to preserve this vital tool, it is incumbent on the government to do more than just demonstrate that 702 is immensely important to national security. We must also earn and sustain the trust of the American public and demonstrate how the intelligence and law enforcement communities strive to uphold the confidence placed in our institutions.

The good news is that, at its core, FISA’s privacy and oversight framework is designed to sustain public confidence through rigorous, regular scrutiny by all three branches of government. FISA was created to constrain government surveillance activity in response to concerns about surveillance abuse. When Congress enacted the original FISA in 1978 — in response to the landmark Church Committee report — it marked the first time that the government’s surveillance for foreign intelligence was subject to affirmative judicial review. This was unprecedented, not just in the United States, but anywhere.

In the 45 years since its enactment, FISA has proven remarkably durable. Its basic structure has effectively balanced operational needs with requirements to obtain court authorization and congressional approval. And, when necessary, Congress has amended the law to account for changes in technology and to enhance privacy and oversight.

Section 702 was the product of one such amendment. When FISA was originally passed, Congress intended for the law to regulate surveillance activities conducted within the United States. But with the advent of the internet, and as the technology supporting international communications evolved, FISA’s terms required the government to seek individualized court orders, even when the target of the collection was a foreign person based overseas. This situation became increasingly untenable in the aftermath of 9/11, as the government ramped up efforts to dismantle al-Qaeda and disrupt foreign terrorist plots. I saw this firsthand as an official in the newly created National Security Division.    

Here was the problem: NSA would be tracking a possible terrorist located overseas — not a U.S. citizen and not someone located inside the U.S. — who happened to be using a U.S. email service provider. Because that provider was based in the U.S., traditional FISA requirements meant we had to establish probable cause that the possible terrorist was an “agent of a foreign power” before we could get access to their communications.

That wasn’t operationally feasible. Often, we simply didn’t know enough about the overseas individual to make that kind of showing. Even in cases where we could get enough information, the process of obtaining individual court orders each time took too long, often requiring months of effort — it’s simply not something we can do at operational speed, let alone at the speed required to disrupt a cyber-attack.

This is not what Congress had intended. And this arrangement made no sense as a constitutional matter. Probable cause is a standard that protects the rights of Americans and others inside this country. But the Supreme Court has long held that the Fourth Amendment doesn’t apply to non-U.S. persons who are outside the U.S.

We needed to update FISA to reflect the legal and technological reality and nature of the threats, while protecting the rights of Americans. Section 702 was the solution.

This is the key point:  Section 702 only authorizes intelligence collection targeting non-U.S. persons who are outside the United States. In such cases, 702 provides the legal framework for the government to compel assistance from U.S. electronic communications service providers.

Section 702 strikes a balance. The government is not required to obtain court orders for each target. But the program is subject to judicial approval and oversight: The FISA court’s review ensures (1) that collection under 702 is reasonably designed to target only non-U.S. persons overseas; (2) that it is tailored to specific intelligence needs; and (3) that it is consistent with the Constitution. In fact, every court, including the FISA court, that has looked at 702 has found it constitutional.

And there are strict limits on handling any information that is incidentally collected about U.S. persons. Section 702 prohibits the intentional collection of U.S. person communications. And U.S. person information can only be incidentally collected under 702 in one of two ways: first, when a foreign target overseas is in touch with a U.S. person; or second, when two foreigners overseas, one of whom is a target, discuss a U.S. person during their communications.

This framework has worked effectively over the years. In the 15 years since enactment, Section 702 has become the Intelligence Community’s most valuable national security legal tool. And we must retain it to confront the evolving threats we will be facing ahead.

 Let me offer some hypothetical future scenarios in which 702 could prove critical:

• Suppose the FBI gets information that an individual overseas appears to be recruiting employees of a U.S. semiconductor company — possibly for the purpose of gaining access to sensitive U.S. technology for military uses. An FBI analyst could target the overseas individual’s email under 702 to help us figure out what technology they may have taken and whether it is being used to advance another country’s military.
• Or suppose a foreign partner tells us that an overseas individual is attempting to sell weapons to a rogue nation under U.S. sanctions. Under 702 — consistent with court-authorized procedures — we could move quickly to acquire that individual’s communications to gather more intelligence about his activities and who he’s dealing with, even if there was not probable cause to show that he was acting as an agent of a foreign power.
• Finally, suppose a foreign partner captures a terrorist on the battlefield — and shares a list of email address from the militant’s phone. With this information, intelligence analysts could use 702 to gain insights about the other overseas individuals in the militant’s network to disrupt ongoing plots.

In each example, Section 702 could provide the critical intelligence early in an investigation that is necessary to follow leads and get more information. And in each example, it would be either impractical or impossible to seek an individualized court order based on probable cause.

I can also give you a few real-world examples. Famously, 702 was used to foil an active plot in 2009 to bomb the New York City subway. NSA analysts relied on Section 702 to target an email address used by a suspected al-Qaeda courier in Pakistan and discovered a message sent by someone in the U.S. seeking advice about making explosives. The FBI identified that person as Najibullah Zazi and was able to disrupt his plot in time to save countless lives.

And just last summer, 702 collection contributed to the successful operation against Ayman al-Zawahiri, who had served as al-Qaeda’s leader since Osama bin Laden’s death.

702 has also played a key role in countering threats from China — as well as Russia, Iran, and North Korea. We have used it to identify and disrupt hostile foreign actors’ attempts to recruit spies or send their operatives to the U.S. We’ve relied on 702 to mitigate and prevent foreign ransomware attacks on U.S. critical infrastructure. We’ve also used 702 to get information on efforts to evade U.S. sanctions, enabling us to prevent components for weapons of mass destruction from reaching foreign actors.

In short, this is a tremendously powerful legal tool. Which makes it all the more critical that we maintain the trust and confidence of Congress and the American people. This is the challenge we face today.

We build trust through judicial and congressional oversight, as well as our own oversight and accountability mechanisms within the executive branch. And by being as transparent as possible about how the law is used and when we make mistakes.

Agencies that use 702 have internal compliance processes, and DOJ and ODNI conduct independent oversight to assess collection decisions, review queries, examine disseminations of Section 702 intelligence that may contain U.S. person information, and address incidents of non-compliance so that we don’t repeat them. The oversight attorneys in NSD review every single targeting decision — 100 percent of them.

Still, in recent years, the Justice Department and ODNI have found serious compliance issues with the FBI’s queries of FISA collection for information about U.S. persons. Those problems were reported to the FISC and Congress, and the court has described them in public opinions.

I want to talk more about those issues now.

Every compliance incident matters, of course, but incidents involving U.S. person information are especially damaging to public trust. Congress authorized the government to collect foreign intelligence under Section 702 without obtaining individual court orders because 702 targets non-U.S. persons who are outside the United States. While the Intelligence Community has collected the foreign intelligence information because of the need to protect national security, we still need strong guardrails when the Intelligence Community searches this data for information about Americans.

To be clear, it is critically important that the government is able to do exactly that. When we examine 702 information using query terms associated with U.S. persons, we are often trying to identify U.S. person victims of foreign hacking or spying. That’s what lets us warn and protect them. If we are to keep protecting Americans from escalating cyber and espionage threats, we need to maintain the capacity to conduct U.S. person queries. ​​ This is especially true for the FBI, which is responsible for protecting the homeland from national security threats emanating from overseas.

The Zazi example I mentioned earlier shows how important it is that we can connect the dots between foreign-based threats and individuals in the U.S. That was a key lesson of 9/11, and we can’t forget it.

Here are a couple of additional hypotheticals: 

• Suppose a Chinese citizen overseas is suspected based on intelligence reporting of plotting to assault dissidents living in the U.S., who are speaking out against the PRC government. The investigation reveals that the Chinese citizen is in frequent contact with an associate in the U.S. Again, at this very early stage of an investigation, FBI analysts are likely to want to query 702 information — data that has been lawfully collected — using the name of this U.S.-based associate.
• Or, to give another scenario: suppose the FBI learns that a foreign actor has hacked into an American energy company and exfiltrated data. The FBI may want to immediately query 702 data, using the company’s name or other U.S. person information, to figure out the scope of the breach, what happened to the data, and whether there were other U.S. victims.

This is logical and lawful investigative activity. It also directly implicates the rights of Americans and so we need to be exceptionally careful. Unfortunately, in this highly sensitive area, we’ve made mistakes in recent years that have undermined trust.

Many of those mistakes resulted from misunderstandings by FBI personnel about the rules governing U.S. person queries. In other instances, FBI personnel queried raw Section 702 information inadvertently, without realizing that the 702 dataset was included in the query as a default.

Understanding that context is important to fixing the issues, but at the end of the day, these mistakes are not acceptable. They aren’t acceptable to us, are not acceptable to the court or Congress, and not acceptable to the public. Nor should they be.

We knew we had work to do. So, we’ve implemented key reforms including:

• Changing default settings in FBI systems so that you must affirmatively “opt in” to query 702 information;
• Requiring FBI personnel to record specific, written justifications before accessing 702 information from a U.S. person query;
• Imposing pre-approval requirements for certain types of sensitive U.S. person or large-scale questions; and
• Improving guidance and training.

We are already seeing concrete improvements as a result of these efforts. There has been a dramatic decrease in the total number of U.S. person queries since the FBI adopted these reforms in 2021, along with a significant reduction in the number of inadvertent queries of 702 data. And we’ve made these advances, without undermining the value of Section 702. ​

But I want to be clear, this is about more than just imposing a checklist of new requirements.

Our fundamental task is to ensure that we are building a culture of compliance—a culture that recognizes the harm caused by even the smallest mistakes. Of course, there are going to be compliance incidents in a complex system, involving human beings, trying to work on tremendously difficult problems under time pressure. But the reality is that every mistake undermines public trust and confidence in how we use these tools.

Here’s the key point for me: all of us in these jobs need to recognize that the American people are entrusting us with the immense responsibility of keeping them safe and protecting their liberties. Speaking personally, I feel honored by that, and I feel the weight of that responsibility. I know my colleagues in the FBI and across the Intelligence Community approach their jobs in exactly the same way. Just as we are determined to protect the American people, and to defend our Constitution, so too are we determined to be worthy of the trust placed in us every day.

The stakes are so high. Repressive and authoritarian regimes, like China, Russia, North Korea, and Iran pose a range of threats to our country and our allies, while terrorist groups continue to plot violent attacks in secret. These are not just threats to our safety, but threats to our freedoms and democracy and to fundamental American values around the world.

Against this backdrop, renewing 702 is a national security imperative. That’s really beyond dispute. And going forward this year, we share the responsibility with Congress to preserve it. This requires us to be strong partners with Congress and to be as transparent as possible with the American people. Welcoming hard questions; being open and candid about our mistakes, even as we’re relentlessly determined to fix them; and fulfilling our role as stewards of the public’s trust.

This is what the American people expect and deserve.

Source: United States Department of Justice Criminal Division

A California woman who fled to Montenegro to avoid serving a lengthy prison sentence has been returned to the United States after spending approximately one year as a fugitive.

Tamara Dadyan, 43, of Encino, was extradited by Montenegro and arrived in Los Angeles Monday evening. She is expected to appear this afternoon in the U.S. District Court in Los Angeles.

According to court documents, Dadyan was a member of a Los Angeles-based fraud ring who engaged in a scheme to fraudulently obtain more than $20 million in Paycheck Protection Program (PPP) and Economic Injury Disaster Loan (EIDL) COVID-19 relief funds. Dadyan and her co-conspirators used dozens of fake, stolen, or synthetic identities – including names belonging to elderly or deceased people and foreign exchange students who briefly visited the United States years ago and never returned – to submit fraudulent applications for approximately 150 PPP and EIDL loans.

In support of the fraudulent loan applications, Dadyan and her co-conspirators also submitted false and fictitious documents to lenders and the Small Business Administration (SBA), including fake identity documents, tax documents, and payroll records. Dadyan and her co-conspirators then used the fraudulently obtained funds as down payments on three luxury homes in California. They also used the funds to buy gold coins, diamonds, jewelry, luxury watches, designer handbags, cryptocurrency, securities, and a Harley-Davidson motorcycle.

In June 2021, Dadyan pleaded guilty to one count of conspiracy to commit wire fraud and bank fraud, one count of conspiracy to commit money laundering, and one count of aggravated identity theft. She was sentenced in December 2021 to 10 years and 10 months in prison.

In January 2022, Dadyan fled the United States. U.S. authorities determined Dadyan had fled to Montenegro where she joined Richard Ayvazyan and Marietta Terabelian, two other participants in the scheme and conspiracy who also fled after their convictions. Ayvazyan and Terabelian, who were respectively sentenced to 17 years and six years in prison, were extradited to the United States from Montenegro in November 2022. 

Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division; U.S. Attorney Martin Estrada for the Central District of California; Assistant Director Luis Quesada of the FBI’s Criminal Investigative Division; Special Agent in Charge Tyler Hatcher of the IRS Criminal Investigation (IRS-CI) Los Angeles Field Office; Special Agent in Charge Weston King of the SBA Office of Inspector General (SBA-OIG), Western Region; and Special Agent in Charge Jay N. Johnson of the Federal Housing Finance Agency Office of Inspector General (FHFA-OIG), Western Region, made the announcement.

The Government of Montenegro, including the Ministry of Justice, provided significant assistance in the extradition of Dadyan to the United States. The Justice Department’s Office of International Affairs also provided substantial assistance in securing the arrest and extradition of Dadyan.

The FBI Los Angeles Field Office, IRS-CI, SBA-OIG, and FHFA-OIG investigated the case. The U.S. Marshals Service transported Dadyan from Montenegro to the United States.

Trial Attorney Christopher Fenton of the Criminal Division’s Fraud Section and Assistant U.S. Attorneys Brian Faerstein and Scott Paetty for the Central District of California are prosecuting the case. Assistant U.S. Attorney Dan Boyle for the Central District of California is handling forfeiture. Trial Attorney Goran Krnaich and International Affairs Specialist Marina Shimarova of the Justice Department’s Office of International Affairs handled the extraditions with assistance from Assistant U.S. Attorney John Lulejian for the Central District of California.

The Fraud Section leads the Criminal Division’s prosecution of fraud schemes that exploit the PPP. Since the inception of the CARES Act, the Fraud Section has prosecuted more than 200 defendants in more than 130 criminal cases and has seized over $78 million in cash proceeds derived from fraudulently obtained PPP funds, as well as numerous real estate properties and luxury items purchased with such proceeds. More information can be found at https://www.justice.gov/criminal-fraud/ppp-fraud.

In May 2021, the Attorney General established the COVID-19 Fraud Enforcement Task Force to marshal the resources of the Department of Justice in partnership with agencies across government to enhance efforts to combat and prevent pandemic-related fraud. The Task Force bolsters efforts to investigate and prosecute the most culpable domestic and international criminal actors and assists agencies tasked with administering relief programs to prevent fraud by augmenting and incorporating existing coordination mechanisms, identifying resources and techniques to uncover fraudulent actors and their schemes, and sharing and harnessing information and insights gained from prior enforcement efforts. For more information on the department’s response to the pandemic, please visit https://www.justice.gov/coronavirus.

Anyone with information about allegations of attempted fraud involving COVID-19 can report it by calling the Department of Justice’s National Center for Disaster Fraud (NCDF) Hotline via the NCDF Web Complaint Form at https://www.justice.gov/disaster-fraud/ncdf-disaster-complaint-form.

Source: United States Department of Justice News

            WASHINGTON – An indictment, unsealed today, charges a Coraopolis, Pennsylvania man with running a counterfeit drug conspiracy that sold fentanyl and methamphetamine disguised as Oxycontin, Xanax and Adderall on a Darknet Marketplace. Jacob Blair, 25, is also charged in a parallel indictment in the Western District of Pennsylvania with possession of fentanyl and methamphetamine related to a February 24, 2022, search warrant. Blair was arrested by FBI and Drug Enforcement Administration (DEA) agents on February 24, 2023, in Aliquippa, Pennsylvania. The indictments were announced by United States Attorney Matthew M. Graves, of the U.S. Attorney’s Office for the District of Columbia and Acting United States Attorney Troy Rivetti, of the U.S. Attorney’s Office for the Western District of Pennsylvania.

            In the District of Columbia, Blair is charged with conspiracy to distribute and possess with intent to distribute fentanyl, methamphetamine, and metonitazene along with money laundering. According to the indictment, since at least May 2022, Blair and his co-conspirators ran a Darknet narcotics trafficking business. Blair and his network operated under the profile name YourVendorsSupplier (“YVS”). Blair’s YVS Darknet marketplace profile page lists over 459 successful drug sales in that time period. YVS was advertised on one darknet market as “a syndicate of professionals that specialize in making the best products the markets have to offer. We focus on quality, consistency, stealth, and speed. Nothing but the best. . . now vending on 5 markets, time will show that we mean business, and we’re here to stay.” YVS listed a variety of drugs for sale on their darknet market vendor account, to include several varieties of counterfeit oxycodone, Adderall and Xanax which, in reality, were fentanyl and methamphetamine. The counterfeit oxycodone pills Blair sold contained fentanyl and metonitazene; the counterfeit Adderall pills contained methamphetamine.

            Blair only accepted cryptocurrency in exchange for controlled substance. Once an order came in, Blair took payment in the form of Bitcoin or Monero (cryptocurrencies) on the marketplaces. After the payment was confirmed, Blair and his network would pack the controlled substances in vacuum-sealed packaging, packaging materials, and padded shipping envelopes to disguise the substance, and would drop the packages in various United States Postal Service drop boxes in West Virginia and Pennsylvania for shipment throughout the United States.

            Blair is also charged with money laundering. According to the indictment, between August of 2022 and at least February 1, 2023, Blair knowingly conducted cryptocurrency transactions, consisting of drug trafficking proceeds, through various cryptocurrency wallets and cryptocurrency exchange businesses in order to conceal that the transactions were from drug trafficking.

            Law enforcement executed a series of search warrants on February 24, 2023, at residences associated with Blair and a storage unit owned by Blair. They seized over 10,000 suspected fentanyl pills, plastic tubs of raw powder, a pill press, and 11 firearms including an AK-47 and AR-15. 

            A separate indictment was filed against Blair in the Western District of Pennsylvania. According to that three-count indictment, Blair attempted to possess over 100 grams of a mixture and substance containing a detectable amount of a fentanyl analogue; possessed with intent to distribute over 40 grams of a mixture and substance containing a detectable amount of fentanyl and 50 grams of a mixture and substance containing methamphetamine; and possessed with intent to distribute over 400 grams of a mixture and substance containing a detectable amount of fentanyl.

            An indictment is merely a formal charge that a defendant has committed a violation of criminal laws and every defendant is presumed innocent until, and unless, proven guilty.

            The conspiracy charge carries a statutory maximum sentence of life in prison. The money laundering charge carries a statutory maximum of 10 years in prison. The charges also carry potential financial penalties, and the indictment contains a notice of forfeiture for all illegal gains. The maximum statutory sentence for federal offenses is prescribed by Congress and is provided here for informational purposes. The sentencing will be determined by the court based on the advisory Sentencing Guidelines and other statutory factors.

            This case is being investigated by the Pittsburgh and Washington, D.C. offices of the FBI, the DEA, the U.S. Postal Inspection Service, and Homeland Security Investigations. Valuable assistance was provided by the Pittsburgh Bureau of Police and the Moon Township Police Department.

            The District of Columbia case is being prosecuted by AUSA Kevin Rosenberg, of the Violence Reduction and Trafficking Offenses Section. The Western District of Pennsylvania indictment is being prosecuted by DeMarr Moulton.

            An indictment is merely an allegation, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Source: United States Department of Justice News

ANCHORAGE – A Minto woman entered a guilty plea for embezzling, stealing, and obtaining by fraud money that was owned and under the care, custody, and control of an Indian tribal government.

According to court documents, Melanie Gail Titus, 52, of Minto, was employed as the bookkeeper for the Minto Village Council, which is the federally recognized native governing body for the Native Village of Minto. The Minto Village Council receives federal funding from various federal agencies. The defendant embezzled a total of $55,753.99 between January 2015 and June 2019 from the Minto Village Council.  As its bookkeeper, she developed several schemes during her employ including issuing herself multiple payroll checks for the same pay periods, tendering duplicative deposits, and issuing duplicative reimbursements for work expenses. 

The defendant is scheduled to be sentenced on June 1, 2023, for the federal charge of theft concerning programs receiving federal funds, and faces a maximum penalty of 10 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

U.S. Attorney Lane S. Tucker of the District of Alaska made the announcement.

The Federal Bureau of Investigation, with assistance from the Alaska State Troopers, investigated the case.

Assistant U.S. Attorney George Tran is prosecuting the case.