A Dangerous Escalation in “The War on Leaks”

Last night, The New York Timesreported that a former Senate Intelligence Committee staffer, James Wolfe, was arrested Thursday after a grand jury indicted him on charges of lying to the FBI about his contacts with Times reporter Ali Watkins and other journalists. Watkins, a rising star in national security reporting, and Wolfe, who led the Committee’s efforts to safeguard the classified and sensitive information shared with Members, had a three-year romantic relationship.

During that time, Watkins broke a number of high-profile scoops about the Committee’s operations. While Watkins told the Times Wolfe was not a source of classified information for her reporting during their relationship, the optics are concerning. But beyond the journalism ethics questions about the relationship, there’s a major threat to First Amendment rights. During the investigation into Wolfe and leaks from the Committee, the Justice Department went after Watkins’ data—seizing years of records related to her email accounts and phone number, according to a letter the agency sent to Watkins.

News media advocacy groups warn that the move sets a dangerous legal precedent for journalists’ ability to protect their sources. “Efforts by government that undermine this ability therefore represent a fundamental threat to press freedom,” the Committee to Protect Journalists’ North America Program Coordinator Alexandra Ellerbeck said in a statement Friday.

The Justice Department’s statement to the Times about the data grab also suggests the agency is potentially widening the scope of leak investigations beyond exposure of classified information by taking the unprecedented step of looking into the “unauthorized disclosure of controlled information" (emphasis added). That’s a much broader standard that could apply to leaking that is in no way criminal conduct, and which could have a chilling effect on whistleblowers who already face potential professional repercussions—such as being fired—for taking their concerns to the media.

Of course, it’s no secret this Administration doesn’t like “leaks.” Attorney General Jeff Sessions testified last fall that the agency had 27 open investigations into unauthorized releases of classified information, a massive increase from the three such cases Sessions said the agency had open the previous year.

But while this is the first known example of the Justice Department targeting a journalist to uncover the source of unlawful leaking during the Trump Administration, it’s an extension of aggressive methods used by the Obama Administration’s Justice Department. In 2013, the Justice Department employed the same general tactic to secretly acquire two months' worth of information about 20 phone lines related to the Associated Press and its journalists in a leak probe—an action then-businessman Trump criticized at the time. Obama’s tenure also saw a substantial increase in the use of a World War I-era anti-espionage law to go after reporters’ alleged sources.

Those policy decisions raised the hackles of news media and whistleblower advocates, ultimately resulting in narrower guidelines for when the Justice Department would go after journalists’ records—a compromise that fell short of enshrining protections for journalists into statute via a shield law.

Among other things, the guidelines generally called for giving reporters a heads-up and a chance to negotiate or challenge the scope of a data seizure before it was carried out. But they still allow for an exception, when investigators can convince the Attorney General that it’s “essential to a successful investigation, that other reasonable alternative investigative steps to obtain the information have been exhausted, and that the request has been narrowly tailored to obtain only the information necessary for the investigation.”

The letter Watkins received in February informed her that the Justice Department obtained customer records related to some email accounts and phone numbers she used. The exact scope of the information isn’t clear, but the letter suggests that the government obtained a substantial amount of metadata (who she made calls to and received them from, when, and for how long), but not content, related to some of Watkins’ communications from when the accounts were created through November 2017.

The communications records were obtained via a commonly used investigative tool that merely requires the government to provide “specific and articulable facts” to show a judge that the records at issue are “relevant and material” to its investigation. The government must limit its request to a certain time period, but can usually obtain all of an individual’s communications records within the specified period.

If the Justice Department did receive a wholesale archive of Watkins’ communication metadata—such as call logs or email records showing who she communicated with and when—over that time period, the agency could produce a detailed portrait of Watkins’ life while she covered sensitive topics and may jeopardize sources unrelated to the Wolfe investigation. And Watkins is only one of four reporters referenced in Wolfe’s indictment, leaving open the possibility that the government sought information about other journalists he was in contact with.

It seems likely Watkins’ (or the other journalists’) communications records weren’t even necessary for the government to build its case against Wolfe: that he lied to the FBI about his communications with the reporters. Notably, the indictment includes content of messages between Wolfe and reporters using encrypted messaging apps Signal and WhatsApp, which indicates the government very likely seized and accessed Wolfe’s phone, something that would provide much stronger and more direct evidence. Perhaps obtaining Watkins’ records was a stepping stone to this, but it’s hard to believe it was the only investigatory avenue open. Pursuing that avenue threatens to chill First Amendment-protected activity in the future.

Signal and other encrypted messaging apps protect messages by creating a secure channel between users’ devices that not even the developers can penetrate, commonly called “end-to-end encryption.” Signal also includes features like the ability to require an additional app-specific passcode and to set messages to automatically be deleted after a certain period of time. However, if messages aren’t manually deleted or set to automatically expire, they can potentially be compromised by someone who is able to unlock and gain access to the device. However, there have also been recent reports of a malfunction of the message expiration feature that prevents the app from properly deleting messages.

In that sense, the Wolfe indictment serves as an immediate warning to journalists—and sources—to carefully consider how they communicate, and to remember that they ultimately do not have control over the information sent to others.

It should also be a wake-up call for everyone who cares about the First Amendment: we’re witnessing the erosion of the protections that bolster America’s free press—and the worst may be yet to come, according to the Committee to Protect Journalists’ Ellerbeck.

“We fear it could be an opening salvo in an ongoing battle over reporters' ability to protect their sources," she said.