North Carolina Election Agencies First Learned They'd Been Hacked From Leaked Documents Published By The Intercept

Failures

from the accelerated-disclosure dept

At the time, the documents leaked by NSA contractor Reality Winner — showing Russian interference in the recent election — didn’t seem to be of much importance. They showed something that had long been suspected, but also showed the NSA performing the sort of surveillance no one really disapproves of. The documents were in the public’s interest, but weren’t necessarily of the “whistleblower” variety.

That aspect of the documents hasn’t changed, but public interest in the unauthorized disclosure certainly has. In a post for Emptywheel, Marcy Wheeler takes on an NPR story about actions taken by electoral agencies as a result of the leak.

The company that provided the software for the poll books is VR Systems — the company that the document Reality Winner leaked showed had been probed by Russian hackers.

[S]usan Greenhalgh, who’s part of an election security group called Verified Voting, worried that authorities underreacted. She was monitoring developments in Durham County when she saw a news report that the problem pollbooks were supplied by a Florida company named VR Systems.

“My stomach just dropped,” says Greenhalgh.

She knew that in September, the FBI had warned Florida election officials that Russians had tried to hack one of their vendor’s computers. VR Systems was rumored to be that company.

Now, there’s an investigation underway in North Carolina, linked directly to the documents leaked by Reality Winner. Josh Lawson, general counsel for the state’s board of elections, said it first learned about the hacking from the Intercept’s article.

Which makes you wonder when the federal government was going to get around to notifying affected state agencies. When local agencies are learning about Russian hacking from leaked documents rather than straight from the source, the downward flow of pertinent information seems to be more than a little broken.

Not that this news will do Winner any good as she heads to court. As noted by Ed Snowden earlier, and reaffirmed here by Marcy Wheeler, any positive outcomes resulting from leaked documents can’t be raised by the defendant.

Last week, Magistrate Judge Brian Epps imposed a protection order in her case that prohibits her or her team from raising any information from a document the government deems to be classified, even if that document has been in the public record. That includes the document she leaked.

The protective order is typical for leak cases. Except in this case, it covers information akin to information that appeared in other outlets without eliciting a criminal prosecution. And more importantly, Winner could now point to an important benefit of her leak, if only she could point to the tie between her leak and this investigation in North Carolina.

With the protection order, she can’t.

This is generally how things go in espionage cases. This is what Snowden detractors ignore when they argue he should just return home and face a “fair trial.” There are no fair trials in espionage cases. In Winner’s case, the order is so broad it forbids her legal reps from discussing any classified document or any document they believe might be classified (or derived from classified documents), even if those documents have been leaked and published by journalistic entities.

The info in the leaked documents led to an investigation. This may excuse the leak in the minds of those whose first encounter with evidence of Russian hacking came from a site known for publishing leaks, rather than the federal government performing the surveillance that uncovered it. But this is of no use to Reality Winner, or any leaker in her position. No matter how much good may result from unauthorized disclosures, the government only cares about the authorization.

Filed Under: hacking, leak, north carolina, nsa, reality winner