Binney claims the U.S. intelligence community's assessment that Russia interfered in the 2016 presidential election is false, and that the Democratic National Committee e-mails were leaked by an insider instead. He has appeared on Fox News at least ten times between September 2016 and November 2017 to promote this theory. Binney said that the "intelligence community wasn't being honest here". He has also been frequently cited on Breitbart News. In November 2017 it was reported that a month earlier, Binney had met with CIA Director Mike Pompeo at the behest of President Trump.
Stone's motion to suppress contains two attachments that provide technical support for his position. The first is a Declaration by Binney that provides his background and expertise hand his opinions and conclusions regarding the purported hack of the DNC server. The second attachment is the statement of another acknowledged expert who presents his analysis and conclusions, which agree with those of Binney.
Sundance makes important points about this:
In essence Roger Stone is challenging the U.S. government to prove the DNC was hacked by Russians; and further he is refuting the validity of the FBI using a private organization, Crowdstrike, as a valid investigative and determinative body.
The suppress motion argues it was the responsibility of the FBI to secure and investigate the hacking evidence and not rely upon the word of a private party hired by the DNC (an opposing political entity). If the government cannot prove the Russian’s hacked the DNC, and subsequently attempted to work with Wikileaks for the distribution therein, then the basis for government claims about Stone seeking to engage with Wikileaks diminishes.
If the DOJ and FBI are independently certain Russian’s hacked the DNC servers, there should be no issue in providing the evidence toward that claim. It will be interesting to see how the DOJ responds; and how the judge rules on the responsibilities of the FBI.
I'm not going to claim expertise regarding the presentation of evidence at a trial, but it does appear to me that when the government has the greatest expertise in the subject matter that the evidence in question pertains to, the government should not be allowed to present as evidence the claims of a private firm (Crowdstrike) that was paid by an interested party (the DNC and Clinton campaign). In my view, the government should be required to demonstrate that their far greater expertise has been used to examine and confirm the evidence in question.
The reasoning in Stone's motion to suppress evidence deriving from government searches is roughly as follows.
While Stone is being charged with obstruction, in fact the government was investigating Stone on various legal theories and relied on its assumptions regarding the DNC server "hack" in obtaining its search warrants:
The search warrant applications however, allege that the FBI was investigating various crimes at different times, such as Stone for accessory after the fact, misprision of a felony, conspiracy, false statements, unauthorized access of a protected computer, obstruction of justice, witness tampering, wire fraud, attempt and conspiracy to commit wire fraud, and foreign contributions ban. The uncharged conduct particularly relied upon the assumptions the Russian state is responsible for hacking the DNC, DCCC,1 and even (although not as clear) Hillary Clinton campaign manager, John Podesta.
However, the government is arguing that it need not prove the Russian hacking--which their search warrants assumed to be fact based on an examination by a private party:
The Government stated in its Opposition to Stone's Motion to Dismiss (Dkt # 99) that it will not be required to prove that the Russians hacked either the Democratic National Committee (“DNC”) or Democratic Congressional Campaign Committee (“DCCC”) from outside their physical premises or that the Russians were responsible for delivering the data to WikiLeaks. These assumptions formed the inadequate basis for the search warrants conducted in this case and the Indictment of Defendant.
Stone then argues that the government has failed to preserve the evidence that it relied upon and that Crowdstrike failed to follow standard procedures for preserving the evidence in its original form. Therefore, Stone concludes, all material seized in the searches must be suppressed as fruit of the poisonous tree:
There is a certain forensic methodology that the FBI, Secret Service, or any other law enforcement agency conducting a computer forensic analysis follows. The first, and arguably most crucial step in the evidence gathering process, is to preserve the evidence. The imaging of the forensic data in its native format is key to preserving forensic evidence so as to allow agents to present authentic evidence in Court. Federal Rule of Evidence 902(14) permits authentication through a “process of digital identification by a qualified person” as long as it complies with Rule 902(11).2 That Rule requires compliance with the business records exception of hearsay: “the record was made at or near the time by – or from information transmitted by someone with knowledge.” Fed.R.Evid. 803(6)(a). Neither the Mueller report (from what we can tell), nor the CrowdStrike Reports (also heavily redacted) provide sufficient indicia of authenticity.
... It is clear, however, that the government has relied on the assumptions made by a source outside of the U.S. intelligence community that the Russian State was involved in the hacking and that the data taken from the various servers were given to WikiLeaks. The government cannot prove either since it did not participate in the investigation at the earliest stage. The government does not have the evidence, and it knew it did not have the evidence, when it applied for these search warrants. Now the government confesses: “The Office cannot rule out that stolen documents were transferred to WikiLeaks through intermediaries who visited during the summer of 2016.” (Mueller Report at 47). ...
... The first step in any computer fraud case is to encase and image the "attacked" computer. (Exhibit, DOJ Digital Forensic Analysis Methodology). CrowdStrike failed to encase the subject computers. This failure was fatal to any effort undertaken to ensure that investigation about whether the Russian government hacked the DNC, DCCC, or Podesta's computers was competent, thorough, and done by the book.
The raison d'etre of the Special Counsel's investigation was to pursue the claims that the Russians hacked and delivered the stolen data to WikiLeaks. (See Order appointing Special Counsel, Dkt. # 69-4). The foundation of all the search warrants was similar. If that foundation collapses, then the warrants must fail for lack of probable cause.
And, separately, in a footnote, Stone notes;
CrowdStrike is not a government agency. It did not conduct its investigation at the behest of the government. The DNC and DCCC hired CrowdStrike to investigate the alleged theft of its data from its servers. (Indictment, ¶¶ 1-3). The CrowdStrike draft reports do not support its conclusions with evidence. In short, if this were an elementary school math problem, CrowdStrike not only does not show its work, it does not show the question – only its answer.
To me, this appears to be a very strong argument, and one that is long overdue.