- By Shane Harris
Shane Harris is a senior staff writer at Foreign Policy, covering intelligence and cyber security. He is the author of The Watchers: The Rise of America's Surveillance State, which chronicles the creation of a vast national security apparatus and the rise of surveillance in America. The Watchers won the New York Public Library’s Helen Bernstein Book Award for Excellence in Journalism, and the Economist named it one of the best books of 2010. Shane is the winner of the Gerald R. Ford Prize for Distinguished Reporting on National Defense. He has four times been named a finalist for the Livingston Awards for Young Journalists, which honor the best journalists in America under the age of 35. Prior to joining Foreign Policy, he was the senior writer for The Washingtonian and a staff correspondent at National Journal.
The National Security Agency says that the telephone metadata it collects on every American is essential for finding terrorists. And that’s debatable. But this we know for sure: Metadata is very useful for tracking journalists and discovering their sources.
On Monday, a former FBI agent and bomb technician pleaded guilty to leaking classified information to the Associated Press about a successful CIA operation in Yemen. As it turns out, phone metadata was the key to finding him.
The prosecution of the former agent, Donald Sachtleben, brings the number of leaks prosecutions under the Obama administration to eight, nearly three times the number prosecuted under all previous administrations. What’s driving this record-breaking prosecution of leakers? Is it that this president especially despises loose talk with reporters and the time-worn culture of Washington backstabbing that they represent?
Not likely. The real reason the government is going after leakers is because it can. Investigators today have greater access to phone records and e-mails than they did before Obama took office, allowing them to follow digital data trails straight to the source.
After the AP published its big scoop on the Yemen operation, on May 7, 2012, FBI investigators started looking for the source of the story. They interviewed more than 550 officials, but they came up short.
So, in a highly controversial move, investigators secretly obtained a subpoena for phone records of AP reporters and editors. The records, which included the metadata of who had called whom, and how long the call lasted, covered a period in April and May of 2012. That was right around the time that the AP was reporting the Yemen story.
Once investigators looked at that phone metadata, they got their big break in the case.
"Sachtleben was identified as a suspect … only after toll records for phone numbers related to the reporter were obtained through a subpoena and compared to other evidence collected during the leak investigation," the Justice Department said yesterday in a statement. "This allowed investigators to obtain a search warrant authorizing a more exhaustive search of Sachtleben’s cellphone, computer and other electronic media…"
The reporter is not named in the court documents, but two of the AP’s best investigative journalists, Adam Goldman and Matt Apuzzo, wrote the Yemen story.
The phone metadata wasn’t just the key to Satchleben. It sped up the investigation dramatically. The FBI had conducted 550 fruitless interviews, and with one scan of a reporter’s phone record, they had their man. It’s no wonder that the Obama administration is going after leakers so often. Metadata is the closest thing to a smoking gun that they’re likely to have, absent a wiretap or a copy of an email in which the source is clearly seen giving a reporter classified information.
The subpoena of the AP’s records was roundly criticized by press groups. The Justice Department didn’t tell AP about the subpoena in advance, as is customary in these cases. And the department didn’t reveal until May 2013, a year after the story ran, that investigators had been combing through journalists’ phone logs.
The AP called the secret subpoena a "massive and unprecedented intrusion" into the news-gathering process. And it may have resulted in a backlash. Sources close to the Justice Department have said recently that investigators are unlikely to aggressively go after a leaker via a reporter’s phone records again because of the controversy over the AP case. They’ve also been chastened in another leaks investigation, in which a Fox News reporter was named as a potential co-conspirator because he asked his source for information, a move that drew similar howls from press advocates.
Of course, the FBI doesn’t just look at reporters’ phone records. They can examine government employees’ work phones and email accounts without a warrant. The FBI also had a stroke of unexpected luck in the Sachtleben case, because the government had already seized his cell phone and computer as part of a child pornography investigation. When the FBI found the link to the AP reporter in the phone records, they scanned Sachtleben’s devices. On his phone, they discovered text messages and records of calls between Sachtleben and an AP reporter — again, he’s not named in court documents — about a notorious Yemeni bomb maker. On May 2, Sachtleben visited a lab where U.S. technicians were examining a new underwear device that the bombmaker had built, and that had been captured by the CIA before it could be used, the documents say. This was the germ of the AP’s story, which ran five days later.
But the FBI would not have been tipped to Sachtleben as the AP’s source in the first place absent that link from the reporter’s phone records. If you’re looking for a case study in the power of metadata, you’ve found it.