Throughout the comments since last night’s breaking news regarding Robert Mueller’s Special Prosecutor’s investigation into Russian interference in the 2016 elections there is a lot of confusion and speculation, informed and uninformed, about what is actually going on. I wanted to make what I think is an important, but often forgotten point: Mueller’s investigation is rooted in/an outgrowth of a joint counterintelligence investigation.
Joint Publication 2-01/Joint and National Support to Military Operations defines counterintelligence as:
Counterintelligence (CI) uses collection techniques that are similar to HUMINT, but CI targets those entities that are targeting friendly forces, a more narrow focus than HUMINT. Nonetheless, exploitation of data collected by CI assets can yield information critical to I&W and force protection. Service component CI elements conduct CI collection using liaison; elicitation; passive collection; review of open sources; military CI collections; and screening, interviews, and debriefing of displaced persons, defectors, refugees, and US persons with access to information of CI interest. Additionally, law enforcement information and suspicious activity reports are important sources of information that need to be processed, exploited, and fused with other CI sources. Processing of CI information primarily involves report preparation by collection activities at both the joint force and component levels. At the joint force level, this processing may also be accomplished within the J-2X*.
For more detailed information regarding CI processing, exploitation, and reporting, see JP 2-01.2, Counterintelligence and Human Intelligence Support to Joint Operations.
Counterintelligence investigations are different from criminal investigations in several ways. For one thing, the goal of a counterintelligence investigation may be different from, and perhaps broader than, a criminal investigation. A criminal investigation would ordinarily pursue allegations of criminal conduct. A counterintelligence investigation, by contrast, may pursue allegations of “coordination” between U.S. persons and foreign hackers that may be unseemly and problematic if true, but potentially not criminal—such as, to use Professor Kent’s example, the possibility that a person within the United States coordinated to distribute material previously hacked by agents of a foreign government. As the Attorney General’s Guidelines for Domestic FBI Operations explain, the FBI is “not limited to ‘investigation’ in a narrow sense, such as solving particular cases,” but may also collect information to support “broader analytic and intelligence purposes.” In the case of the FBI, the line between counterintelligence and criminal investigations may not be a bright one. “In many cases,” as the Guidelines put it, “a single [FBI] investigation will be supportable as an exercise of a number of these authorities—i.e., as an investigation of a federal crime or crimes, as an investigation of a threat to the national security, and/or as a collection of foreign intelligence”—because the FBI has a role in enforcing both criminal law and “in collecting foreign intelligence as a member agency of the U.S. Intelligence Community.”
There’s a lot more at the link, but this, I think, is one of the most important portions for everyone to get their heads around. Mueller inherited the joint counterintelligence investigation that had begun during the summer of 2016 into Russian active measures and interference in the 2016 election. This means that Mueller and his team in the Special Prosecutor’s office have access to the full range of US, allied, and partner intelligence and counterintelligence related to the issues he’s investigating. It is this material that forms the bases of FISA warrant requests, not political oppo research like Fusion GPS’s Steele dossier.
In seeking to bring charges, which are not always the focus or outcome of a counterintelligence investigation, Mueller has to navigate from the world of intelligence and counterintelligence, from the classified world of need to know and special access programs to information that can be brought before a grand jury. This means that while Mueller, his team in the Special Prosecutor’s office, and those on the joint counterintelligence task force he inherited know the full depth, breadth, and scope of what happened, how it happened, why it happened, where it happened, and who it happened to it doesn’t mean he can just curate that into a compelling narrative and bring it to the grand jury. Like everyone else with a clearance and access he has to protect not just the information, but the sources and methods that were utilized to get the information. This means that whatever information he brings to the grand juries he has access to, and whatever charges he brings, are going to have to fit within the body of Federal criminal law.
As a result there is a lot of speculation that what he’s doing looks like a white collar investigation and prosecution or one of organized crime. And this may be true as far as appearances go. But it is true in that he and his team have to find evidence that can be presented to the grand jury and then utilized in a trial to prosecute those who are the target of his inquiries and the joint counterintelligence task force. We may never see a charge of espionage, because while it certainly happened with the hacking of Podesta’s emails, the DNC, the DSCC, and the DCCC, as well as similar hacking of GOP organizations and officials, Mueller may not be able to make that case without divulging sources and methods. Instead he’s got to find another way to get at those who engaged in these activities through more mundane charges. Hence all the speculation about leveraging Treasury’s Financial Crimes Enforcement Network (FINCEN), as well as other investigations into financial and business irregularities into Manafort, Flynn, etc. What we’re going to see play out in public – as a result of indictments and prosecutions – is really just a bit of what has actually happened and what Mueller and his team know. In this case the meme is very, very accurate.
* The J-2X is the staff element of the intelligence directorate of a joint staff that combines and represents the principal authority for counterintelligence and human intelligence support. See also counterintelligence; human intelligence. (JP 2-01.2) Adam here: J stands for Joint, 2 is the numerical code for the intelligence section in a US military unit, and the X here is referring to the counterintel and human intel personnel.