SELECT COMMITTEE ON INTELLIGENCE UNITED STATES SENATE Additional Pre-Hearing Questions for Matthew G. Olsen upon his nomination to be Assistant Attorney General for the National Security Division, Department of Justice Keeping the Intelligence Committee Fully and Currently Informed QUESTION 1: Section 502 of the National Security Act of 1947 provides that the obligation to keep the congressional intelligence committees fully and currently informed of all intelligence activities applies not only to the Director of National Intelligence (DNI) but also to “the heads of all departments, agencies, and other entities of the United States Government involved in intelligence activities.” Section 503 establishes a similar requirement concerning covert actions. Sections 502(a)(2) and 503(b)(2) provide that these officials shall “furnish to the congressional intelligence committees any information or material” concerning intelligence activities or covert actions, including the legal basis for them, that is requested by either of the committees in order to carry out its authorized responsibilities. Finally, 28 C.F.R. § 0.72(a)(1) provides that the Assistant Attorney General for National Security (AAG/NS) shall conduct, handle, or supervise the “brief[ing] of Congress, as appropriate, on matters relating to the national security activities of the United States[.]” a. What is your understanding of the obligation of the Attorney General and the Director of the Federal Bureau of Investigation (FBI) to keep the congressional intelligence committees, including all their Members, fully and currently informed? RESPONSE: Section 502 of the National Security Act of 1947 imposes an obligation on the Director of National Intelligence and the heads of all agencies involved in intelligence activities to keep the congressional intelligence committees "fully and currently informed of all intelligence activities ... including any significant anticipated intelligence activity and any significant intelligence failure." I understand that the National Security Act also provides that this responsibility be exercised "to the extent consistent with due regard for the protection from unauthorized disclosure of classified information relating to sensitive intelligence sources and methods or other exceptionally sensitive matters." These obligations apply to intelligence activities undertaken by the FBI and DEA components that are part of the Intelligence Community. The Attorney General, like all department heads, has responsibility for ensuring that Intelligence Community elements within the Department fulfill this obligation with respect to their activities. In addition, applicable regulation provides that the Assistant Attorney General for National Security shall “brief Congress, as appropriate, on matters relating to the national security activities of the United States,” and shall “advise and assist the Attorney General in carrying out his responsibilities…related to intelligence, counterintelligence, or national security matters.” b. To what activities of the Department of Justice (Department), including the FBI, does this obligation ordinarily apply? RESPONSE: The FBI and DEA have obligations to keep the congressional intelligence committees fully and currently informed about their intelligence activities, as set forth in Section 502 of the National Security Act. These pertain to certain activities of the FBI's National Security Branch and the Drug Enforcement Administration (DEA)'s Office of National Security Intelligence, both of which are Intelligence Community elements. 1 c. What is your understanding of the Attorney General’s obligation to provide to the congressional intelligence committees any information or material concerning the legal basis for intelligence activities or covert actions, which either committee requests in order to carry out its legislative or oversight responsibilities? RESPONSE: The congressional intelligence committees play an essential role in overseeing and authorizing the Executive Branch's intelligence activities. To effectively discharge that function, the committees must receive timely information concerning the legal basis for intelligence activities or covert actions, as Sections 502 and 503 provide. The intelligence agencies are required to provide information or material relating to their own intelligence activities to the committees as set forth in the National Security Act. The Attorney General is responsible for ensuring that Intelligence Community elements within the Department fulfill this obligation with respect to their activities. d. The Committee utilizes detailed information on the overall national security threat environment and other intelligence matters to fulfill its intelligence authorization and oversight functions. Do you agree that the Department and the FBI should fully notify and brief the congressional intelligence committees on potential counterterrorism and counterintelligence threats to the United States, as well as FBI intelligence-related activities to thwart such threats? RESPONSE: Yes. I agree that the Department, including the FBI, should fully notify and brief the congressional intelligence committees on potential counterterrorism and counterintelligence threats to the United States, as well as the Department's intelligence­related activities to thwart such threats. e. The Committee’s legislative and oversight responsibilities include assessing the utility and effectiveness of counterterrorism and counterintelligence authorities, as well as the legality of those authorities as applied. Do you agree that the Department’s and FBI’s notifications and briefings should include detailed information on these authorities, as well as their use in ongoing and completed investigations? RESPONSE: Yes. I agree that the notifications and briefings of the Department, including the FBI, should include detailed information on these authorities. These intelligence briefings must be conducted in a manner which keeps the intelligence committees fully informed as required, consistent with law enforcement and intelligence responsibilities. Ensuring meaningful oversight of these activities is critical to public confidence that these authorities are being used appropriately and effectively. 2 Liaison to the Director of National Intelligence QUESTION 2: Pursuant to 28 U.S.C. § 507A(b)(2), the AAG/NS “shall serve as primary liaison” to the DNI for the Department. a. What is your understanding of how past AAG/NS’s have performed this responsibility? Describe the principal ways in which the AAG/NS should carry out this responsibility and the principal matters that the AAG/NS should address in performing this responsibility. RESPONSE: As the Department's primary liaison to the DNI, the AAG/NS, supported by the National Security Division, works closely with the Office of the Director of National Intelligence (ODNI) and the Office of General Counsel for ODNI. NSD was created, in part, to better align law enforcement and intelligence efforts countering national security threats and to ensure appropriate coordination and deconfliction of efforts. The AAG/NS plays a critical role in ensuring that intelligence equities are appropriately considered when making decisions in law enforcement matters, and similarly, ensuring that equities related to criminal investigations and cases are appropriately considered when making decisions in intelligence matters. The AAG/NS carries out this responsibility through regular consultations and coordination with ODNI and its Office of General Counsel, thereby facilitating protection of national security consistent with the law. b. Have you discussed with the DNI, and with personnel in the Office of the Director of National Intelligence (ODNI), your respective understandings of that responsibility? If so, please describe. RESPONSE: No, I have not had the opportunity to speak to the Director of National Intelligence regarding our respective understandings of this responsibility. If confirmed, I look forward to working in partnership with DNI Haines and ODNI to discharge this critical role. Priorities of the National Security Division and the Attorney General QUESTION 3: Have you discussed with the Attorney General his specific expectations of you, if confirmed as Assistant Attorney General, and his expectations of the National Security Division (NSD) as a whole? If so, please describe those expectations. RESPONSE: I have not had the opportunity to speak with the Attorney General about his specific expectations of the AAG/NS or the National Security Division as a whole. However, the Attorney General and I have discussed his general views regarding the important role of the Assistant Attorney General for National Security and the National Security Division. Based on that conversation, I know that the Attorney General and I share the belief that NSD plays an essential role in safeguarding the nation and that the Division must always pursue its mission to seek justice based only on the facts and the law. 3 QUESTION 4: Based on your experience in, and current understanding of, NSD, please provide any observations or recommendations related to the strengths or weaknesses of NSD, including its organization, responsibilities, personnel, allocation of resources, and any other matters that you believe are relevant to strengthening NSD. RESPONSE: I am not familiar with changes to the organizational structure, responsibilities, personnel, and allocation of resources of the National Security Division that may have occurred since I was last in government. If confirmed, I will prioritize efforts to support and strengthen the Division’s work. Oversight of Intelligence Activities QUESTION 5: Pursuant to 28 C.F.R. § 0.72(17), the AAG/NS shall “[p]rovide oversight of intelligence, counterintelligence, or national security matters by executive branch agencies to ensure conformity with applicable law, executive branch regulations, and Departmental objectives and report to the Attorney General on such activities.” a. What is your understanding of NSD’s oversight role, including the manner in which it has been exercised, concerning the FBI’s intelligence activities? RESPONSE: To ensure compliance with the Constitution, statutes, and Executive Branch policies, the Office of Intelligence Oversight Section is responsible for the legal oversight of IC agencies’ implementation of FISA authorities and certain other national security activities conducted by FBI. In fulfilling this responsibility, the Oversight Section conducts oversight reviews or audits at certain IC agencies, including the FBI, and investigates and reports compliance matters to the FISC and Congress. As part of its compliance work, the Oversight Section identifies individual and systemic incidents of non-compliance and works with the responsible agencies to correct existing problems and limit the occurrence of future incidents. In addition to its broad intelligence collection oversight responsibilities, the Oversight Section also fulfills various reporting obligations of the Department. b. What is your understanding of NSD’s oversight role undertaken in the offices of United States Attorneys, including the manner in which it has been exercised? RESPONSE: Based upon my experience as a Deputy Assistant Attorney General and the Acting Assistant Attorney General in the National Security Division, my understanding is that NSD is responsible for ensuring that national security activities conducted by United States Attorney's Offices are coordinated as part of a national program. To fulfill that responsibility, NSD supervises the application of most federal criminal laws related to counterterrorism and counterespionage. Through its authority to approve the use of certain statutes in national security prosecutions, NSD seeks to ensure a coordinated and consistent approach in combating national security threats. NSD also ensures that the Department's national security activities are coordinated with the Intelligence Community and other members of the Executive Branch's national security apparatus. 4 c. What is your understanding of NSD’s oversight role, including the manner in which it has been exercised, concerning the IC’s intelligence activities outside of the Department? RESPONSE: Based upon my experience as a Deputy Assistant Attorney General and the Acting Assistant Attorney General in the National Security Division, my understanding is that NSD exercises its oversight responsibilities with respect to elements of the Intelligence Community outside the Department of Justice in several ways. First, through its role as the government's representative before the FISC, NSD reviews and submits all FISA applications on behalf of the applicable Intelligence Community agencies and monitors compliance by these Intelligence Community agencies with orders from the FISC. In addition, together with ODNI, NSD oversees FISC-approved legal procedures. The Office of Intelligence Oversight Section is responsible for the legal oversight of IC agencies’ implementation of FISA authorities. That includes working with ODNI to review acquisition under Section 702 of FISA to ensure compliance with targeting, minimization, and querying procedures established pursuant to the statute. Additionally, NSD performs oversight through its role as the liaison to the Director of National Intelligence. In that role, NSD reviews policies that require consultation and approval by the Attorney General under Executive Order 12333. Lastly, NSD, along with other Department components, may participate in National Security Council policy development and decision-making meetings in which intelligence activities are subject to legal and policy discussion. d. Are there improvements, in terms of resources, methodology, and objectives in the conduct of this oversight that you believe should be considered? RESPONSE: I am not currently at the Department and do not know the specific details regarding the existing resources, methodology, and objectives with respect to oversight activity. If confirmed, I look forward to managing the important oversight function of the Division and will determine if additional resources or other improvements are needed. Foreign Intelligence Surveillance Act QUESTION 6: Pursuant to 28 C.F.R. § 0.72(6), the AAG/NS shall administer the Foreign Intelligence Surveillance Act (FISA). a. What responsibility does NSD have with regard to ensuring that representations made to the United States courts, both by other Department elements and by Intelligence Community (IC) elements, are accurate and complete with regard to intelligence activities and other classified matters? What responsibility does NSD have to correct any inaccurate or incomplete representations? Please describe how NSD fulfills this responsibility. 5 RESPONSE: NSD has the responsibility to ensure that the Division’s representations in court are accurate and complete, and to strive to ensure that the same is true of representations made by the Intelligence Community in matters handled by NSD. If there are material mistakes, NSD must inform the courts promptly and work with the Intelligence Community to correct them. To fulfill this responsibility, NSD attorneys must work diligently to understand the facts of intelligence activities and other national security-related matters that may be at issue in litigation or other matters for which they are responsible. With regard to FISA applications in particular, I am aware that NSD and the FBI have undertaken a number of measures in recent months to improve the accuracy of information presented to the court b. Based on your experience in and current understanding of NSD, what improvements, if any, would you make to the administration of FISA, in terms of policies, resources, technology, and relations with both the Foreign Intelligence Surveillance Court (FISC) and IC elements? RESPONSE: I am not currently at the Department and do not know the current policies, resources, technology, and relations the National Security Division has with the Foreign Intelligence Surveillance Court and Intelligence Community elements. If confirmed, I will ensure that the Division continues to implement policies designed to improve the accuracy of information presented to the FISC and that the Division has the appropriate policies, resources and technology. c. The former Chairman of the Privacy and Civil Liberties Oversight Board recently released a White Paper titled, Oversight of the Foreign Intelligence Surveillance Act in which he recommended that DOJ pursue opportunities to make the FISA oversight process more efficient, stating, “Congress should support and provide greater funding for DOJ’s efforts to deploy automated oversight tools augment manual reviews.” What improvements, if any, would you make to improve the efficiency of FISA oversight? RESPONSE: If confirmed, I will work with the oversight personnel in NSD to determine whether additional funding is needed to develop automated tools to assist the Division’s oversight and compliance work. d. What is the role of NSD in the declassification of FISC opinions? What changes, if any, would you make to this process? RESPONSE: Because I am not currently working at the Department, I am not privy to the current role of NSD in the declassification of FISC opinions. I am aware that the Department is required by existing law to conduct a declassification review of significant opinions and orders, and that the government has released many such opinions. If confirmed, I will ensure the Division meets this obligation and supports meaningful transparency in the FISA process, where it can be achieved consistent with the need to protect national security information. If confirmed, I will review the current declassification review process to determine if any changes are needed. 6 QUESTION 7: On March 15, 2020, three FISA authorities expired, known as the Business Records, Lone Wolf, and Roving authorities. a. If confirmed, how will you pursue reauthorizing these intelligence tools? RESPONSE: If confirmed, I will work with the Department’s leadership and with Congress to evaluate the operational effects of the expiration of these authorities, as well as the potential operational effects of any legislative proposals to reauthorize them. b. If confirmed, how do you plan to prioritize these efforts, particularly with regard to our foreign adversaries, such as China, Russia, Iran, and North Korea? RESPONSE: If confirmed, I will request a briefing from the FBI and NSD personnel to better understand how the expired authorities were used to counter national security threats posed by foreign adversaries. QUESTION 8: Title VII of FISA, which includes foreign-based collection authorities, expires at the end of 2023. Do you support reauthorization for a period of years or making these provisions permanent? Please provide the principal reasons for your support. RESPONSE: Based on my previous experience at the Department, the National Security Agency, and the National Counterterrorism Center, I believe that Title VII of FISA, including Section 702, is a vital national security tool. Section 702 provides critical authorities for collecting foreign intelligence to protect our national security. The Title VII authorities have been reauthorized twice since 2008 in a bipartisan manner by Congress. Permanent reauthorization would ensure that these important tools remain available to the Intelligence Community to counter international terrorism activities and other national security threats such as international terrorism and espionage. Should the Title VII authorities be permanently reauthorized, Congress would maintain oversight of the implementation of these tools through various reporting requirements in Title VII. Encryption QUESTION 9: Our adversaries’ abilities to evade lawful surveillance authorities by using various encryption methods has hindered our intelligence collection and poses risks to our national security. The Intelligence Community and Department of Justice have been vocal in their challenges caused by encryption. a. If confirmed, what position will you take regarding encryption in general, and specifically regarding mandatory decryption for national security and law enforcement investigations? 7 RESPONSE: Strong encryption is an essential element of protecting individual privacy and security from evolving cyber threats. However, encryption that is implemented without the ability to respond to lawful orders from law enforcement may pose a significant challenge to federal, state, and local authorities in investigations ranging from international terrorism to child exploitation. If confirmed, I will work with this Committee and others in Congress to identify potential solutions that address law enforcement’s legitimate and demonstrated needs to protect public safety, while respecting the civil liberties, economic, and cybersecurity imperatives that have driven the widespread adoption of strong encryption globally. b. If confirmed, in your role as AAG, how will you consider and give deference to the encryption challenges faced by Intelligence Community agencies and the Department of Justice in their national security and law enforcement investigations? RESPONSE: If confirmed, I will examine the various legislative proposals that have been introduced on encryption and lawful access, and will work with the Criminal Division, the FBI. and other components of the Justice Department to understand how the challenge has evolved for law enforcement at both the federal and state/local levels in national security, child exploitation, and other cases. I will also work with the DNI to understand the particular challenges faced by the Intelligence Community. Ransomware and Digital Extortion QUESTION 10: If confirmed, what are your plans for implementing, on NSD’s behalf, the Ransomware and Digital Extortion Guidance, as described in Deputy Attorney General Monaco’s June 3, 2021 Memorandum? RESPONSE: I am not at the Department and cannot speak to plans for implementing the Deputy Attorney General’s recent guidance. I know the Department is committed to combatting ransomware and that NSD plays an important role in those efforts. Ransomware is a serious threat to public safety. The government must help victims fight ransomware, including by working with foreign partners and the private sector. Criminal deterrence through investigation and prosecution is also a critical part of addressing this threat. Law enforcement must also target the infrastructure that supports ransomware. This includes vendors that sell malware, services that help conceal malware from antivirus software, and money launderers. The international reach of ransomware means countries must work together to prevent these attacks. If confirmed, I would look to learn more about work already underway and building on DOJ’s successes in working with foreign partners to disrupt ransomware attacks and other malicious cyber activities. 8 Protection of Classified Information QUESTION 11: Describe your understanding of the personnel resources that NSD should devote to the prosecution of unauthorized disclosures of classified information, and how NSD should divide responsibility on these matters with the Criminal Division. Please describe any recommendations related to prosecutions connected to unauthorized disclosures of classified information with regard to Department policies and resources. RESPONSE: Unauthorized disclosures of classified information can pose a serious risk to the nation's security, including to the government’s sources of information and methods of information gathering. Effective enforcement of laws forbidding such disclosure has both a specific and general deterrent effect. Because I have not been with the Department since 2010, I am not privy to the personnel resources that NSD uses to investigate and prosecute unauthorized disclosures of classified information, nor am I aware of how responsibility for these matters may be shared with the Criminal Division. QUESTION 12: Pursuant to 28 C.F.R. § 0.72(a)(1), the AAG/NS has the responsibility to advise the Attorney General, the Office of Management and Budget, and the White House on matters relating to national security. In addition, pursuant to 28 C.F.R. § 0.72(a)(7), the AAG/NS has the responsibility to prosecute crimes involving national security, foreign relations, and terrorism. a. Describe your understanding of the personnel resources within NSD that should be devoted to the prosecution of media leak cases, and how NSD should divide responsibility on these matters with the Criminal Division. RESPONSE: Because I have not been with the Department since 2010, I do not know what personnel resources NSD uses to investigate and prosecute media leak cases. Nor do I know how responsibility for these matters is shared with the Criminal Division. I understand from public reporting that the Attorney General has announced a change in policy and longstanding practice that would prohibit DOJ from seeking subpoenas or other compulsory legal process in investigations into the unauthorized disclosure of classified information “to obtain source information from members of the news media who are doing their jobs.” If confirmed, I would ensure that the National Security Division adheres to the Department’s policy. b. Describe your understanding of the role that NSD has played since its inception in media leak prosecutions in United States district courts and on appeal to the United States courts of appeals. RESPONSE: The National Security Division is charged with the mission of protecting the United States from threats to our national security. This responsibility includes the protection of classified information against unauthorized disclosures, including by supporting, consistent with Departmental policies, investigations and prosecutions of violations of federal law. 9 c. Are there any steps that the Department could take to increase the number of individuals who are prosecuted for making unauthorized disclosures of classified information to members of the news media? If so, please describe. RESPONSE: Because I have not been with the Department since 2010, I am not familiar with steps the Department may be taking, or could take, to increase the number of prosecutions in such cases. If confirmed, I will study this issue and make any needed improvements to ensure the robust protection of classified information in a manner consistent with Department policy and our national values. d. Are there any additional steps that the U.S. government as a whole should take to prevent the unauthorized disclosures of classified information from occurring? If so, please describe. RESPONSE: Because I have not been with the Department since 2010, I am not familiar with steps the government as a whole may be taking, or could take, to combat unauthorized disclosures of classified information. If confirmed, I will study this issue and make any needed improvements to ensure the robust protection of classified information in a manner consistent with Department policy and our national values. e. Are there any additional steps that the U.S. government as a whole should take to prevent the unauthorized removal and retention of classified information from occurring? If so, please describe. RESPONSE: Because I have not been with the Department since 2010, I am not familiar with the steps the government as a whole may be taking to prevent the unauthorized removal and retention of classified information. I look forward to learning more about the steps the Department and government are taking and further studying this issue to determine whether more should be done. f. Please describe your understanding of NSD’s prepublication review responsibilities and the administrative and judicial review, which is available to an officer or employee, or former officer or employee, with respect to the Department’s exercise of prepublication authorities, including those applicable to the FBI. In answering this question, please provide your evaluation of the extent to which present and former officers and employees of the Department adhere to their prepublication obligations. RESPONSE: As a condition of obtaining a security clearance, individuals agree to submit to the government any materials intended for publication that may contain classified information, so that the government can review such materials to prevent the inadvertent disclosure of classified information. NSD conducts prepublication review for certain individuals, including current and former Department officials and employees. I am aware that there is some ongoing litigation related to the scope of the prepublication review process, brought by former government officials. I have always sought to uphold my own prepublication review obligations. 10 Obtaining Approvals from the Department/National Security Undercover Operations QUESTION 13: In general, if a particular investigative authority has been underutilized because of governmental administrative burdens, are you committed to eliminating unnecessary administrative burdens so that intelligence professionals are more willing to use the authority? RESPONSE: Yes. If confirmed, I am committed to eliminating unnecessary administrative burdens that may be inhibiting intelligence professionals from lawfully and appropriately using their authorities. a. What is your understanding of how long it takes for the FBI to obtain authority for exemptions in national security undercover operations? RESPONSE: Because I am not currently working at the Department, I do not know how long it takes for the FBI to obtain authority for exemptions in national security undercover operations. It is my understanding that the length of the process varies depending upon several factors, including the complexity of the undercover operation and the amount of information contained in the authorization request. If confirmed, I would seek to fully understand the current process and identify any areas where it could be more efficient. b. What additional steps should the Department take to ensure to eliminate unnecessary delays? RESPONSE: Because I am not currently working at the Department, I do not know the current process, or whether there are additional steps the Department should take to avoid unnecessary delay. If confirmed, I look forward to working on this issue and ensuring that there are no unnecessary administrative burdens Counterterrorism Prosecutions QUESTION 14: Pursuant to 28 C.F.R. § 0.72(a)(8), the AAG/NS has the responsibility to “[p]rosecute and coordinate prosecutions and investigations targeting individuals and organizations involved in terrorist acts at home or against U.S. persons or interests abroad, or that assist in the financing of or providing support to those acts[.]” a. Describe your understanding of the personnel resources that NSD should devote to the prosecution of terrorism cases. RESPONSE: The Department's highest priority is protecting the nation against acts of terrorism, espionage and other national security threats. The National Security Division plays a critical role in achieving that mission. Because I am not currently at the Department, however, I am not privy to the personnel resources of NSD that are dedicated to the prosecution of terrorism cases. If confirmed, I will work to ensure that resources are appropriately allocated to this work. 11 b. Describe your understanding of the role that NSD has played since its inception in terrorism prosecutions in United States district courts and on appeal to the United States courts of appeals. RESPONSE: Since its inception, the National Security Division has played a key role in terrorism prosecutions in the United States district courts. I am aware that the Division has also added an appellate capability in national security cases. Through its authority to approve the use of certain statutes in terrorism prosecutions, NSD seeks to ensure a coordinated and consistent approach in combating terrorism threats. NSD also ensures that the Department's counterterrorism activities are coordinated with other elements of the Intelligence Community. c. Describe what role NSD will play, if any, in prosecutions before military commissions. RESPONSE: NSD attorneys support the work of military prosecutors before the military commissions, and NSD is responsible for handling related appeals to the U.S. Court of Appeals for the District of Columbia. I expect that work to continue as the Division seeks justice for those who died on September 11, 2001, and in other attacks. Counterespionage Prosecutions QUESTION 15: Pursuant to 28 C.F.R. § 0.72(a)(7), the AAG/NS has the responsibility to “[p]rosecute federal crimes involving national security, foreign relations and terrorism[.]” a. Describe your understanding of the personnel resources that NSD should devote to the prosecution of espionage cases. RESPONSE: The Department's highest priority is protecting our nation against acts of terrorism, espionage and other national security threats. NSD plays a critical role in achieving that mission. Because I am not currently at the Department, however, I am not privy to the personnel resources of NSD that are dedicated to the prosecution of espionage cases. If confirmed, I will ensure personnel resources are appropriately allocated to this work. b. Describe your understanding of the role that NSD has played since its inception in espionage prosecutions in United States district courts and on appeal to the U.S. courts of appeals. RESPONSE: Based upon my experience as a Deputy Assistant Attorney General for the NSD and Acting Assistant Attorney General for National Security, NSD has played a key role since its inception in espionage prosecutions in the United States district courts. Through its authority to approve the use of certain statutes in espionage prosecutions, NSD seeks to ensure a coordinated and consistent approach in combating the threat of espionage. NSD also ensures that the Department's counterintelligence activities are coordinated with other elements of the Intelligence Community. 12 Foreign Investment Review Section/CFIUS QUESTION 16: What is your vision for the Foreign Investment Review Section (FIRS)? RESPONSE: I am aware that the Foreign Investment Review Section (FIRS) has grown rapidly in recent years, in particular due to expanded CFIUS jurisdiction as a result of the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA); and the issuance of Executive Order 13913, which established the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (also known as Team Telecom) and established the Attorney General as the Chair of that Committee. If confirmed, I will ensure that the Section continues to represent DOJ as an active member of CFIUS; enable the Attorney General to execute his duties as Chair of Team Telecom, and help protect U.S. telecommunications networks from exploitation by foreign adversaries; and conduct robust compliance and enforcement activities to help ensure that mitigation agreements effectively address national security risks presented by CFIUS and Team Telecom matters. QUESTION 17: What foreign investment, if any, requires extra scrutiny in order to protect national security interests? From which countries and in what sectors? RESPONSE: Because I am not currently working at the Department, and much has changed since I was last in government, I am not in a position to opine on what foreign investment requires extra scrutiny. I do know, however, that among the foreign investment that is of particular interest to the Department are transactions that implicate telecommunications equipment and services, and transactions that implicate the privacy of the sensitive personal data of U.S. persons. If confirmed, I will ensure that the Department scrutinizes foreign investment based on robust risk assessments of the threat, vulnerabilities, and consequences posed by each transaction under review. QUESTION 18: As the Attorney General’s representative on the Committee on Foreign Investment in the United States, if confirmed, what would be your approach to CFIUS reviews? RESPONSE: Because I am not currently working at the Department, and much has changed since I was last in government, I am not specifically familiar with the Attorney General’s approach to CFIUS reviews. However, I understand that the Department is among the most active members of CFIUS, and devotes considerable resources to that part of the Department’s mission. If confirmed, I would certainly embrace the Department’s foreign investment review work as a significant part of my role, and would prioritize the Department’s work to appropriately balance the nation’s open investment climate with the need to ensure that foreign investment does not harm the national security interests of the United States. 13 China QUESTION 19: What threat does the Chinese Communist Party (CCP) pose to the national security of the United States? RESPONSE: I agree with Secretary of State Blinken who has said that China represents the most significant challenge to the United States of any country in the world. If confirmed, I will assess the Department’s current structure and capacity to counter such threats and fully support the President’s national security team in protecting the American people’s security, prosperity, health, and way of life against all enemies. QUESTION 20: What is your assessment of the CCP’s tactics to achieve global dominance, particularly as it relates to their efforts within the United States? RESPONSE: Because I am not currently in government, I cannot speak to current intelligence assessments. However, the public record makes clear that China is engaging in increasingly aggressive behavior, including stealing our intellectual property, conducting espionage, repressing its own citizens at home and around the world, and asserting power globally. QUESTION 21: What role does the Department of Justice play, and specifically the Assistant Attorney General for the National Security Division, in ensuring our national security interests are protected? RESPONSE: The mission of the National Security Division is to carry out the Department’s highest priority to protect the United States from threats to our national security by pursuing justice through the law. NSD is designed to ensure greater coordination and unity of purpose between prosecutors and law enforcement agencies, on the one hand, and intelligence attorneys and the Intelligence Community, on the other, thus strengthening the effectiveness of the federal government's national security efforts. More specifically, the Assistant Attorney General is responsible for supervising the prosecutions of counterterrorism and counterespionage cases; advising the Attorney General and the White House, and briefing Congress on matters relating to the national security activities of the United States; overseeing Department policy with regard to intelligence, counterintelligence, or national security matters; administering the Foreign Intelligence Surveillance Act; representing the Department on the Committee on Foreign Investment in the United States, and executing the Attorney General’s responsibilities as Chair of the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (also known as Team Telecom); and providing oversight of intelligence, counterintelligence, or national security matters by executive branch agencies to ensure conformity with applicable law, executive branch regulations, and Departmental objectives, among other duties. 14 QUESTION 22: What is your assessment of Huawei? Do you consider it to be a national security threat to the United States? Why or why not? RESPONSE: I am not in government and am not familiar with current intelligence information. I have stated previously, including before Congress in testimony citing intelligence assessments, that Chinese-backed companies like Huawei pose national security risks to the United States. Those risks are well documented. I agree with FBI Director Wray that the United States must “consider carefully the risk that companies like Huawei pose if we allow them into our telecommunications infrastructure.” Iran and the Western Hemisphere QUESTION 23: Iran continues to take provocative actions worldwide, including in the Western Hemisphere through at least some coordination with the illegitimate Maduro regime in Venezuela and the communist dictatorship in Cuba. If confirmed, will you commit to maximizing all tools at your disposal as Assistant Attorney General for National Security to penalize and deter Iranian aggression in the Western Hemisphere? RESPONSE: Iran remains the foremost state sponsor of terrorism and a threat to our forces and partners in the region. The same is true of the Islamic Revolutionary Guard Corps (IRGC), which is a designated terrorist organization and serves as a branch of Iran’s military. The Department plays an important role in investigating and prosecuting material support to terrorist organizations such as the IRGC, and enforcing sanctions against Iran and designated terrorist organizations. Iran also has the expertise and willingness to conduct aggressive cyber operations, including attacks against critical infrastructure, such as the April and July 2020 attacks against Israeli water facilities, as well as to conduct espionage and influence activities. If confirmed, I will continue efforts to disrupt Iran’s malicious activities across the board through all available tools. QUESTION 24: If confirmed, will you commit to maximizing all tools at your disposal as Assistant Attorney General for National Security to bring to justice members of the Maduro regime? RESPONSE: I am aware that the Department of Justice last year brought an indictment against Former President of Venezuela Nicolás Maduro Moros, Venezuela’s vice president for the economy, Venezuela’s Minister of Defense, and Venezuela’s Chief Supreme Court Justice, along with additional current and former Venezuelan government officials. If confirmed, I stand ready to offer any support needed from the National Security Division to bring those individuals to justice in accordance with the rule of law. 15 Publications QUESTION 25: In March 2019, you coauthored an article in Politico Magazine titled What Emergency? in which you stated, in part, “[i]n fact, there is no evidence that terrorists are intent on exploiting the border with Mexico to enter the United States.” Is this your assessment today? RESPONSE: My statement was based on the 2018 State Department finding that there was “no credible evidence indicating that international terrorist groups [had] established bases in Mexico” or that terrorist groups were working with drug cartels or sending operatives into the U.S. via the southern border. I am not aware if the State Department or Intelligence Community publicly revised that assessment. I firmly believe it is essential that U.S. national security strategy be driven by data and based on expert, nonpartisan assessment of threats. If confirmed, that belief would guide my leadership of the National Security Division. Professional Experience QUESTION 26: For each of the following, describe specifically how your experiences will enable you to serve effectively as the AAG/NS. Include within each response a description of issues relating to NSD that you can identify based on those experiences. a. Chief Trust and Security Officer at Uber Technologies, Inc.; RESPONSE: As the Chief Trust and Security Officer at Uber, I have led a global team with responsibility across a wide range of security-related areas, including cyber security, physical security, public safety operations, and corporate investigations. This experience has provided me with a deep appreciation of the challenges global companies face operating in a dynamic threat environment and of the importance of cooperation between the public sector and the private sector in confronting these challenges. I also have gained valuable management experience leading a large and diverse team operating in hundreds of cities around the world. b. President of IronNet Cybersecurity, Inc. RESPONSE: In 2014 when I left government service, I co-founded IronNet Cybersecurity, along with former NSA director Keith Alexander and others. Our goal was to build a company that would provide products and services to companies and governments to enable them to confront advanced cyber threats and prevent cyber attacks. This experience provided me with a greater understanding of the nature of the cyber threat landscape and the challenges companies face in this context. I also expanded my network of government and business leaders and innovators in the cyber security field. 16 c. Director of the National Counterterrorism Center; RESPONSE: I served for three years as the Director of the National Counterterrorism Center under President Obama. Created by Congress in response to the attacks of September 11, 2001, NCTC is responsible for the integration and analysis of terrorism information and strategic operational planning of counterterrorism activities. In this role as a leader in the Intelligence Community, I worked closely with the Department of Justice and National Security Division and gained directly relevant experience on the critical interaction between NSD and the intelligence agencies, particularly in the context of counterterrorism activities. d. General Counsel for the National Security Agency; RESPONSE: As the NSA General Counsel, I Served as the chief legal officer for NSA, providing advice and representation on all of NSA’s missions, including intelligence and counterterrorism operations and cybersecurity. I worked closely with the National Security Division and other elements of the Intelligence Community and gained invaluable experience relating to a range of legal, policy, and compliance issues facing national security officials and operators. e. Associate Deputy Attorney General, RESPONSE: As Associate Deputy Attorney General, I helped to supervise the national security functions of the Department, including the National Security Division, United States Attorney’s Offices, and the FBI. I assisted the Deputy Attorney General in the oversight and management of counterterrorism and espionage prosecutions, the litigation before the Foreign Intelligence Surveillance Court. f. Special Counselor to the Attorney General, Executive Director, Guantanamo Review Task Force RESPONSE: As the head of the Guantanamo Review Task Force within the Attorney General’s Office, I led the review of detainees at Guantanamo in accordance with an executive order. In this capacity, I was responsible for establishing and supervising an interagency task force of national security professionals from across the federal government and for managing the process for compiling and analyzing the relevant intelligence information on each detainee. I worked in close coordination with the Department of Justice, including NSD and the Civil Division. I gained experience bringing together a diverse group of officials from multiple agencies, with a range of perspectives, to reach consensus on the challenging legal, policy, and operational issues relating to detainees. 17 g. Deputy Assistant Attorney General, National Security Division at the Department of Justice RESPONSE: As a senior career official in the Department of Justice’s National Security Division—a newly formed division in the Department—I managed intelligence and surveillance operations and the oversight of these activities. In this role, I managed over 125 attorneys and support staff members dedicated to the Department’s intelligence operations and oversight units. In addition, I was responsible for managing the Department of Justice’s implementation of landmark changes in the Foreign Intelligence Surveillance Act and worked in close collaboration with the Intelligence Community to interpret new statutory provisions, address policy and technical challenges, and adopt new oversight mechanisms to ensure the effective and lawful use of the government’s new surveillance authority. During the 2009 Presidential transition, I served as the acting Assistant Attorney General for National Security, overseeing the work of the entire division. QUESTION 27: Since leaving government service in 2014, you have been employed by numerous private sector companies and organizations. For each of the following, please describe specifically the nature of the company or organization and the work you performed on behalf of the company or organization. a. Uber Technologies, Inc.; RESPONSE: Uber is a global technology company based in San Francisco that provides mobility and delivery services. I manage a global team that is responsible for cyber security, physical security, public safety operations, and corporate investigations. b. Hart InterCivic, Inc.; RESPONSE: Hart InterCivic Inc. is a privately held company based in Texas that provides election technologies and services to government jurisdictions. I am a member of the board of directors. c. WestExec Advisors; RESPONSE: WestExec Advisors is a strategic advisory firm that offers geopolitical and policy advice on trends and risks, economic developments, and the evolving technological landscape. I was a part-time consultant for the firm and focused on cyber security matters. d. Fairfax National Security Solutions; RESPONSE: Fairfax National Security Solutions provides strategic consulting and advisory services to select government clients. I was a part-time consultant for the firm and worked on a matter involving defensive cyber security advice for the Saudi Arabian government. 18 e. IBM; RESPONSE: IBM is a multinational technology company headquartered in New York. I was a part-time consultant for IBM, where I focused on IBM’s i2 threat intelligence platform. f. Booz Allen Hamilton RESPONSE: Booz Allen Hamilton is a multinational management and information technology consulting firm headquartered in Virginia. I was a part-time consultant for Booz Allen Hamilton, where I worked on a project involving advice to the Saudi Arabian government on establishing a counterterrorism analytic center. QUESTION 28: What, if any, conflicts might arise from your private sector positions if you are confirmed as Assistant Attorney General, and how would you address these conflicts? RESPONSE: I am not aware of any conflicts of interest arising from my private sector positions. In connection with the nomination process, I have consulted with the Office of Government Ethics and the Department of Justice’s designated agency ethics official. If I am confirmed, any potential conflict of interest will be resolved in accordance with the terms of an ethics agreement that I have entered with the Department of Justice’s designated agency ethics official, and I will continue to consult with the Department’s ethics office. QUESTION 29: Since leaving government service in 2014, you have been affiliated with numerous organizations. For each of the following, please describe specifically both the nature of the company or organization and your role with the company or organization. a. Human Rights First; RESPONSE: Human Rights First is a non-profit, nonpartisan international human rights organization based in New York, Washington D.C., Houston, and Los Angeles. I am a member of the board of directors. b. Center for a New American Security; RESPONSE: The Center for a New American Security is a Washington, D.C. based think tank that focuses on U.S. national security. As an adjunct senior fellow, I have focused on issues such as cyber security, counterterrorism, and surveillance. c. National Security Institute; RESPONSE: The National Security Institute is a non-profit advocacy organization affiliated with George Mason University. I am member of their advisory board. 19 d. Foreign Policy for America; RESPONSE: Foreign Policy for America is a nonpartisan advocacy organization based in Washington, D.C., focused on U.S. foreign policy. I am a member of their advisory board. e. Center for American Progress; RESPONSE: The Center for American Progress is an independent nonpartisan policy institute based in Washington, D.C. I am a nonresident senior fellow and have focused on national security issues. f. Noblis; RESPONSE: Noblis is a non-profit science, technology, and strategy organization based in Washington, D.C. I am a member of Noblis’s national security advisory board. g. Enlightenment Capital RESPONSE: Enlightenment Capital is a private investment firm that provides capital and strategic support to middle market businesses in the aerospace, defense, government and technology sectors. I am a member of their advisory board. h. Wickr RESPONSE: Wickr is an American software company based in New York City that has developed several secure messaging apps. I am a member of their federal advisory board. QUESTION 30: What, if any, conflicts might arise from your affiliations if you are confirmed as Assistant Attorney General, and how would you address these conflicts? RESPONSE: I am not aware of any conflicts of interest arising from my private sector positions. In connection with the nomination process, I have consulted with the Office of Government Ethics and the Department of Justice’s designated agency ethics official. If I am confirmed, any potential conflict of interest will be resolved in accordance with the terms of an ethics agreement that I have entered with the Department of Justice’s designated agency ethics official, and I will continue to consult with the Department’s ethics office. 20 Additional Questions from Senator Wyden Investigations of members and staff of Congress QUESTION 1: On March 29, 2013, the DNI issued a memorandum on Dissemination of Congressional Identity Information within the Executive Branch, also known as the “Gates Procedures.” Those Procedures, which include a section on congressional notification, also indicate that they do not apply in the following circumstances: “The dissemination of Congressional identity information for law enforcement purposes, when required by law or when such dissemination is necessary for an IC element to fully satisfy its obligation to report possible violations of federal criminal law, consistent with applicable policies and procedures.” a. Under what circumstances do you believe that Congress should be notified of criminal investigations of current or former members and staff? RESPONSE: The Gates Procedures contain rules that generally govern the dissemination of information by the Intelligence Community that identifies members of Congress or Congressional staff. While I am not familiar with the current operation of these procedures in detail, I understand that the Attorney General and Deputy Attorney General have started a process to evaluate and strengthen the Department’s own policies and procedures for obtaining records related to members of Congress. In light of that ongoing process and given that policies and procedures may have changed since I last served in government, I am not in a position to opine on the circumstances in which notice should be provided to Congress about criminal investigations of current or former members and staff. If confirmed, I will work with Department leadership to evaluate its existing policies and procedures and consider whether any modifications are appropriate. b. Who should be the recipient of such notifications? See above answer. c. At what stage in the investigation should the notification occur? See above answer. d. How detailed should the notification be with regard to the predicate for the investigation and nature and legal basis for collection? See above answer. 21 Investigations and the news media QUESTION 2: On May 21, 2021, President Biden referred to subpoenas to seize journalists’ communications records in leak investigations as “simply, simply wrong.” On June 5, 2021, the Department of Justice announced that it “will not seek compulsory legal process in leak investigations to obtain source information from members of the news media doing their jobs.” a. How do you intend to implement and enforce this policy within the National Security Division? RESPONSE: Based on public statements, I understand that the Attorney General plans to issue a memorandum with further guidance about the implementation of this policy, including definitions of key terms. I would await the issuance of that memorandum and, if confirmed, I will ensure that the Division adheres to Department policy. b. Will you release to the public any implementing guidelines related to this policy? RESPONSE: Because the guidance related to implementation of this policy will be issued by the Attorney General, I would defer to the Attorney General regarding its release to the public. c. Do you believe that the government should seek information on members of the news media to obtain source information through means other than “compulsory legal process”? If yes, please describe those means. RESPONSE: I understand the Department’s policy to mean that prosecutors generally will not be permitted to use subpoenas or other compulsory legal processes to obtain information about sources from members of the media or from third parties such as internet or telephone service providers with which media members have accounts. I would not want to speculate about other circumstances in which Department officials could potentially seek information from members of the news media, such as on a voluntary basis. QUESTION 3: In a November 5, 2014, letter to the New York Times, then-FBI Director James Comey described how an FBI employee communicating online with a suspect portrayed himself as an employee of the Associated Press. Director Comey described this tactic as “legal” and “appropriate.” Do you believe it is appropriate for the government to impersonate news organizations? RESPONSE: I am not familiar with the specific circumstances involved in the abovereferenced letter. I understand the concerns that may arise in connection with an undercover operation of this nature and, if confirmed, I will review this issue in more detail. 22 Title V of FISA QUESTION 4: If Section 215 of the USA PATRIOT Act were to be reauthorized, do you believe it should be used to collect “tangible things” if they do not pertain to: (1) a foreign power or an agent of a foreign power; (2) the activities of a suspected agent of a foreign power who is the subject of an authorized investigation; or (3) an individual in contact with, or known to, a suspected agent of a foreign power who is the subject of an authorized investigation? a. If yes, under what circumstances do you believe the application for a Section 215 order could be based on the “relevance” standard without satisfying any of the above three requirements for presumptive relevance? RESPONSE: As stated previously, because I am not currently working at the Department, I am not privy to such circumstances. I will ensure that the nation’s surveillance activities comply with laws passed by Congress and our Constitution. QUESTION 5: In a November 6, 2020, letter, then-DNI Ratcliffe wrote that, “with respect to the use of Title V [of FISA] to obtain records from ISPs, the FBI does not request and obtain pursuant to Title V the content of any communication, to include search terms submitted to an online search engine.” a. Do you agree that internet search information constitutes content of communications and thus can only be obtained with a probable cause warrant? RESPONSE: Because I am not in the Department, I do not know all of the relevant facts. It is certainly true that the government must safeguard the constitutional rights of all Americans. Congress created the FISC so that the judicial branch is fully empowered to make determinations regarding the appropriate constitutional and statutory requirements. b. Does this warrant requirement apply regardless of how or from whom the information might be obtained? RESPONSE: See above answer (a.). QUESTION 6: On November 25, 2020, then-DNI Ratcliffe sent a letter stating that an order pursuant to Title V of FISA had “directed the production of log entries for a single, identified U.S. web page reflecting connections from IP addresses registered in a specified country that occurred during a defined period of time.” a. During her confirmation process, Director Haines stated that the ODNI would brief the Committee on this collection pending the outcome of a Department of Justice review. If confirmed, will you prioritize the completion of that review and ensure that the Committee is briefed? 23 RESPONSE: I am not familiar with the order mentioned in Director Ratcliffe’s letter, but, if confirmed, I will have an opportunity to better understand how Title V authorities are exercised in practice, and I pledge to work with my counterparts across the government to ensure Congress is fully informed of the circumstances of the matter. When it comes to FISA, it is important that the Committee is appropriately briefed on the incident referenced in the letter. If confirmed, I will work to ensure that all IC activities are carried out in accordance with the Constitution and federal law. b. Does the government have the authority now, or in the event of a reauthorization of Section 215 of the USA PATRIOT Act, to collect log entries for web pages reflecting connections to persons inside the United States? RESPONSE: See above answer (a). Section 702 of FISA QUESTION 7: For years, the FBI’s U.S. person queries of data collected pursuant to Section 702 has included extensive documented abuses, including numerous queries unrelated to national security and “batch queries” of large numbers of individuals. In its November 18, 2020, Memorandum and Opinion, the FISA Court wrote that it remained “concerned about the apparent widespread violations of the querying standard,” and noted that it lacked information to confirm that changes promised by the FBI had been implemented. Given the failure of the FBI to resolve this long-standing problem, do you agree that probable cause warrants should be required for U.S. person queries of Section 702 data? RESPONSE: Based on my years of service in the Department of Justice and Intelligence Community, I believe that Section 702 is a critical tool to protecting our national security. If confirmed, I examine the concerns that the FISC noted in its November opinion to determine the cause and implement solutions to help ensure the problem does not recur. From what I have read in the publicly released FISC opinion, these FBI queries were conducted against unminimized data lawfully acquired by the government pursuant to Section 702. The opinion also discusses remedial actions taken by the FBI to address their noncompliant queries. If confirmed, I will seek a briefing on these remedial measures to determine if I believe they are sufficient to address the compliance issues. QUESTION 8: During his confirmation process, Assistant Attorney General for National Security John Demers was asked about the prohibition on reverse targeting in Section 702. He responded: “As I understand it, determining whether a particular known U.S. person has been reverse targeted through the targeting of a Section 702 target necessitates a fact specific inquiry that would involve consideration of a variety of factors. For example, as the Privacy and Civil Liberties Oversight Board noted in its 2014 report, if a Section 702 tasking resulted in substantial reporting by the Intelligence Community regarding a U.S. person, but little reporting about a Section 702 target, that might be an indication that reverse targeting may have occurred.” 24 How should this “fact specific inquiry” be implemented through the Section 702 nominations and querying processes of Intelligence Community entities? RESPONSE: If confirmed, I will study this issue carefully and consult with Intelligence Community lawyers and the Attorney General to ensure that all collection activities are conducted in accordance with the Constitution and the law. If confirmed, I look forward to managing the important Section 702 oversight function of the Division and will endeavor to ensure a robust effort aimed at preventing reverse targeting. QUESTION 9: Do you believe Section 702 of FISA authorizes the collection of communications known to be entirely domestic? RESPONSE: It is my understanding from my time working in NSD that Section 702 explicitly prohibits the government from intentionally acquiring any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States. QUESTION 10: The 2018 legislation reauthorizing Section 702 of FISA codified limitations on the use of U.S. person information in criminal proceedings. a. Do you believe these limitations should be extended to other provisions of FISA? b. The limitations include an exception for “transnational crime, including transnational narcotics trafficking and transnational organized crime.” Please describe the full scope of “transnational crime” in this context. RESPONSE: I have not worked in government since the passage of the 2018 reauthorization of Section 702. If confirmed, I will review the implementation of the provision and consult with the Department leadership and others on whether its limitations should be extended to other provisions of FISA or if there are areas where further amendments to FISA are needed. QUESTION 11: Under Section 702 of FISA, the government can direct an electronic communications service provider to provide “assistance necessary to accomplish the acquisition.” Under Section 702(h)(5), if the provider does not comply with a directive, the government may seek an order from the FISA Court to compel compliance. Prior to the reauthorization of Section 702 in 2018, the government stated that it had “not to date sought an order pursuant to Section 702(h) seeking to compel an electronic communications service provider to alter encryption afforded by a service or product it offers.” a. Do you believe that the government should inform the FISA Court should it issue a directive to a provider to alter the encryption afforded by a service or a product, regardless of whether the government files a motion to compel compliance? 25 RESPONSE: I confirmed, I look forward to working with Congress to ensure that the government complies with its obligations under FISA. I am not familiar with the specific facts referenced in the question, but, if confirmed, I will have an opportunity to better understand how this authority is exercised in practice. I pledge to work with my counterparts across the government to ensure Congress is fully informed consistent with the government’s obligations under the National Security Act. b. Will you commit to notifying Congress of any such directive? RESPONSE: See above answer. c. Do you believe the public should be informed should the facts underlying the government’s public statement related to Section 702(h)(5) change? RESPONSE: See above answer. Other surveillance matters QUESTION 12: Title 50, section 1812, provides for exclusive means by which electronic surveillance and interception of certain communications may be conducted. During her confirmation process, Director Haines stated that, “the President must take care that the law be faithfully executed and Title 50, Section 1812 is no exception.” Do you agree that this provision is binding on the President? RESPONSE: Yes, I agree that the President must take care that the law be faithfully executed and Title 50, Section 1812 is no exception. QUESTION 13: Do you agree that the FISA Court amici play an important role in raising significant matters of law with the Court? If yes, do you believe that granting the amici access to all FISA information, as provided for in Section 215 reauthorization legislation passed by both houses of Congress, helps the amici fulfill the role of raising issues with the Court? RESPONSE: I believe that amici play an important role in rising significant legal matters with the FISC and FISC-R. The existing statute in Section 1803(h)(i)(6)(A) provides that the amicus curiae shall have access to any legal precedent, application, certification, petition, motion, or such other materials that the court determines are relevant to the duties of the amicus curiae. It is thus up to the FISC to determine those materials relevant to the amicus curiae. The amicus curiae may also ask the court for access to other materials, but ultimately it is the FISC that should decide whether those materials are relevant to the specific duties of the amicus curiae in the matter in which they were appointed. In addition, the current statute provides that an amicus curiae may have access to classified documents, information, and other materials or proceedings to the extent consistent with the national security of the United States. 26 QUESTION 14: The Privacy and Civil Liberties Oversight Board’s (PCLOB’s) March 5, 2021, report on Executive Order 12333 stated that, “[a]s technology and the law evolve at an everfaster pace, the IC’s review and revision of elements’ Attorney General-approved guidelines should proceed at a similar rate. Up-to-date guidelines will better safeguard U.S. persons’ privacy and civil liberties and support intelligence mission needs.” Do you agree to review the Attorney General-approved guidelines to ensure they are up to date with changes in law and technology? RESPONSE: If confirmed, I will review the Attorney General-approved guidelines to determine if updates should be made in light of changes in law and technology. QUESTION 15: The PCLOB’s March 5, 2021, report on EO 12333 stated: “As agencies implement their new or revised Attorney General-approved guidelines, such lower-level policies likewise must be updated to reflect new privacy and civil liberties safeguards. For instance, some agencies’ new or revised Attorney Generalapproved guidelines for the first time address ‘bulk collection.’ As a result, activityspecific policies that relate to such activities must be updated to address the safeguards now afforded by the revised procedures, as well as PPD-28 and other intervening developments in the law. These also may include, for example, new or revised training requirements and updated database user manuals.” Will you review Intelligence Community privacy and civil liberties safeguards, as well as policies, training, manuals and other guidance, and ensure that they are consistent with Attorney General-approved guidelines and the public’s understanding of the legal and policy framework for IC collection? RESPONSE: Yes, if confirmed I will review Intelligence Community privacy and civil liberties safeguards, as well as policies, training, manuals and other guidance, and ensure that they are consistent with Attorney General-approved guidelines and the public’s understanding of the legal and policy framework for IC collection. QUESTION 16: The PCLOB’s March 5, 2021, report on EO 12333 also stated that IC elements should review their legal and constitutional analysis regularly and revise them as necessary to reflect changes in the law and technology. For example, technological changes can affect the scope and nature of U.S. person information collected or how the IC queries and retains U.S. person information. Do you agree to conduct a review of IC entities’ legal analysis regarding EO 12333 collection to ensure that it reflects changes in the law and technology? RESPONSE: Yes. If confirmed, I agree to review legal analysis from the IC regarding 12333 collection in light of changes in law/technology. 27 QUESTION 17: According to a chart posted by the ODNI, only the Department of the Treasury Office of Intelligence and Analysis does not have finalized Attorney General-approved EO 12333 procedures. During their confirmation processes, Director Haines and DNI General Counsel Fonzone committed to prioritizing the completion and public dissemination of those procedures. Will you likewise make this a priority? RESPONSE: Yes. If confirmed, I will make this a priority. QUESTION 18: The Department of Justice has published policy guidance on the use of cellsite simulator technology, often referred to as stingrays. The guidance requires law enforcement to obtain a probable cause warrant for the use of stingrays, other than in emergencies. Do you believe that the IC should obtain a FISA probable cause warrant for the domestic use of stingrays consistent with the conduct of electronic surveillance under FISA? RESPONSE: I have not had occasion to consider this issue in depth. If confirmed, I look forward to doing so and would work with the Department of Justice and the General Counsels of the IC elements to ensure that the IC’s intelligence activities are conducted in conformity with the Constitution, applicable federal law, and Executive Orders. QUESTION 19: On August 1, 2017, Senators Leahy, Lee, Franken and I wrote to thenAttorney General Sessions asking about the impact on Americans of the use of stingrays and the Department of Justice’s representations about stingrays to the courts. The response was marked Law Enforcement Sensitive. If confirmed, will you release that response to the public, as requested in a May 17, 2018, letter from Senators Leahy, Lee and myself? RESPONSE: If confirmed, I look forward to looking into this issue in depth. Since I have not been in the government for a number of years, I am not privy to the Department’s position on this. QUESTION 20: In December 2020, the Department of Justice Office of the Inspector General released its Audit of the Federal Bureau of Investigation’s Strategy and Efforts to Disrupt Illegal Dark Web Activities. The audit described Network Investigative Techniques (NITs) which “require computer exploits that the FBI is increasingly developing for national security purposes but not for criminal investigations.” If confirmed, will you agree to make public annual statistics on the number of times these computer exploits have been used in national security cases and how often they have been used against Americans? RESPONSE: If confirmed, I look forward to studying this issue carefully to determine whether there are additional steps that can ensure security protections, consistent with the need to protect national security. I will ensure that all intelligence activities are conducted in conformity with the Constitution and federal laws. 28 QUESTION 21: In June 2018, in the case of Carpenter v. U.S., the U.S. Supreme Court found that the government’s collection of cell-site locational records was a Fourth Amendment search. In November 2019, the government acknowledged that it was not collecting cell-site or GPS information pursuant to Section 215 of the USA PATRIOT Act, which does not require a warrant. In 2020, both houses of Congress passed legislation reauthorizing Section 215 that prohibited such collection, although the legislation was not passed into law. a. Do you agree that, should Section 215 be reauthorized, it should not be used to collect cell-site or GPS information? RESPONSE: Because I am not currently in the Department, I do not know the relevant information necessary to offer an informed view of this issue. I am aware that previously proposed legislation to reauthorize Section 215 included a prohibition on collection of cellsite and GPS information. I know this is an important question and, if confirmed, I will seek to fully understand the relevant issues. b. Do you agree that the constitutional principles enunciated in Carpenter and reflected in the government’s decision with regard to collection under Section 215 applies generally to the IC’s collection under other provisions of FISA and EO 12333? RESPONSE: The government must abide by the Constitution and federal law in all of its intelligence activity. Because I am not currently in the Department, I cannot speak to the how the relevant Supreme Court precedent and government decisions apply to other provisions of FISA and EO 12333. c. Do you support transparency with regard to whether, and under what circumstances, Carpenter applies to the Intelligence Community? RESPONSE: As a general matter, I support transparency consistent with the need to protect national security information. d. Do you support the issuance of controlling guidance ensuring consistency with regard to the interpretation of Carpenter and its application to the Intelligence Community? RESPONSE: If confirmed, I commit to reviewing whether such guidance would be beneficial. Furthermore, if confirmed, I will seek opportunities to be transparent about the frameworks within which we collect information while protecting sources and methods. 29 QUESTION 22: Do you believe that the privacy interests of Americans should depend on whether their information is purchased or obtained voluntarily by the government, as opposed to compelled through legal process? RESPONSE: I am dedicated to the protection of the privacy interests of Americans. If confirmed, I will have an opportunity to better understand how to ensure that information is obtained through the proper process consistent with the civil liberties and privacy interests of Americans. QUESTION 23: Do you support transparency with regard to the type of information on Americans that the Intelligence Community purchases or obtains voluntarily and the legal basis for that collection? RESPONSE: As a general matter, I support transparency, consistent with the need to protect national security information. If confirmed, I look forward to learning more about this issue and where there might be opportunities to increase transparency. QUESTION 24: NSA Director Nakasone has stated that, absent consent of the U.S. person or certain emergency situations, U.S. person queries of communications collected under Executive Order 12333 “normally must be approved by the Attorney General on a case-by-case basis after a finding of probable cause.” a. Is there any reason this requirement should not apply to other IC entities, particularly with regard to U.S. person queries of data collected in bulk? RESPONSE: Under Executive Order 12333, IC entities are required to operate in accordance with Attorney General-approved procedures that provide specific circumstances and limitations under which IC entities may lawfully collect, retain, and disseminate information concerning U.S. persons. These procedures are in place to ensure lawful intelligence activities are carried out in a manner that provides protection for the privacy and civil liberties of Americans. If confirmed, I will make the IC’s compliance with the Attorney General- approved procedures a priority and evaluate whether any additional requirements or other changes would be appropriate. b. How, if at all, should evidence of probable cause presented to the Attorney General differ than that required under FISA? RESPONSE: See above answer. c. Please describe any exceptions to this requirement. RESPONSE: See above answer. 30 QUESTION 25: Do you agree that no element of the IC can request that a foreign entity conduct any activity that it is not authorized to undertake itself? RESPONSE: Executive Order 12333 requires all intelligence activities to be consistent with the Constitutionand laws and provides that no element of the Intelligence Community may participate in or request any person (including a foreign entity) undertake activities it forbids. QUESTION 26: What limitations do you believe should apply to the receipt, use or dissemination of communications of U.S. persons collected by a foreign partner or source? How should those limitations address instances in which the foreign partner or source specifically targeted U.S. persons or instances in which the foreign partner or source has collected bulk communications known to include those of U.S. persons? RESPONSE: From my experience working in NSD and NSA, it is my understanding that the IC elements may not request any person, including a foreign entity, to undertake activities that the Constitution, federal laws, or Executive Orders, including Executive Order 12333, forbid the IC elements themselves to take. If foreign partners or sources collect and share information concerning U.S. persons consistent with this prohibition, IC elements are only authorized to collect, retain, or disseminate such information in accordance with procedures approved by the Attorney General consistent with Executive Order 12333. If confirmed, I look forward to working with the Department and my counterparts in the IC to make sure that all parties are following the procedures outlined by the AG consistent with EO 12333 in an effort to ensure that the privacy and civil liberties of U.S. persons are protected. I will also make it a priority to reevaluate the process to determine if any changes could make the process more effective. QUESTION 27: Do you believe that communications data collected in transit are or should be treated differently than communications data at rest? Please address any distinctions as they may apply to FISA, EO 12333, PPD-28, and USSID 18. RESPONSE: As mentioned above, it is critical that all IC activities involving communications data are carried out in accordance with the Constitution and applicable federal law, including FISA. This is also applicable to Presidential orders such as Executive Order 12333 and PPD-28, and their applicable implementing procedures, USSID 18. QUESTION 28: In March 2019, the Department of Justice Inspector General released its “Review of the Drug Enforcement Administration’s Use of Administrative Subpoenas to Collect or Exploit Bulk Data.” Do you believe that the subpoena authorities in question, and 21 U.S.C. § 876(a) in particular, allow for bulk collection? 31 RESPONSE: Because I haven’t been with the Department for a number of years, I am not familiar with the details of DEA’s use of administrative subpoenas outside of what was outlined in the Inspector General’s report. If confirmed, I would work to ensure that these intelligence activities are conducted in conformity with the Constitution, applicable federal laws, and Executive Orders. QUESTION 29: Do you believe that the government should be able to hack all visitors to a particular website with a single warrant, even when those visitors were not previously known and visits to the web site are not per se a crime? RESPONSE: I am not familiar with the specific nature of the activities described in the question. In general, the Fourth Amendment requires that any warrant must describe with particularity “the place to be searched, and the persons or things to be seized.” Whistleblowers QUESTION 30: The statutes governing Intelligence Community Inspectors General state that whistleblower complaints determined by the Inspectors General to be “urgent concerns” “shall” be transmitted to Congress. (50 U.S.C. 3033(k)(5)(C), 50 U.S.C. 3517(d)(5)(C), 5 U.S.C. App 8H(c)). a. Do you agree that the law requires that whistleblower complaints determined by the IC Inspector General to be an “urgent concern” be transmitted to Congress? RESPONSE: If confirmed, I commit to transmitting to Congress whistleblower complaints determined by the Inspector General to be an urgent concern. b. If yes, do you agree with the concerns expressed by 67 Inspectors General in an October 22, 2019, letter sent by the Council of the Inspectors General on Integrity and Efficiency (CIGIE) about the Office of Legal Counsel’s September 3, 2019, opinion? RESPONSE: I am not familiar with the letter referenced in the question but, if confirmed, I will seek to review to understand the concerns raised. QUESTION 31: The law states that whistleblowers must obtain from the DNI, through the IC Inspector General, “direction on how to contact the congressional intelligence committees in accordance with appropriate security practices.” Do you agree that this provision does not permit the DNI to deny whistleblowers direct access to Congress altogether? RESPONSE: I understand that the Director of National Intelligence has pledged to not deny the IC Inspector General direct access to the Congress. PCLOB QUESTION 32: Do you agree that the reports of the PCLOB should be released to the public, to the greatest extent possible, and that the public should have access to the three reports referenced in the PCLOB’s March 5, 2021, report on EO 12333? 32 RESPONSE: I believe transparency is important, consistent with the need to protect classified or otherwise sensitive information. I agree that the PCLOB’s reports should be made public, consistent with the protection of sources and methods, and, if confirmed, would support efforts to provide suchtransparency into the PCLOB’s work. QUESTION 33: Do you believe the mandate of the PCLOB should be expanded beyond counterterrorism so that it can review any IC program or activity that affects the privacy and civil liberties of Americans? RESPONSE: If I am confirmed, I will consult with the PCLOB about the effectiveness of its current mandate and assess whether changes to it should be instituted by working closely with Congress. Detention and interrogation QUESTION 34: Do you believe that any of the CIA’s former enhanced interrogation techniques are consistent with the Detainee Treatment Act, the U.S. statutory prohibition on torture, the War Crimes Act, or U.S. obligations under the Convention Against Torture or Common Article 3 of the Geneva Convention? RESPONSE: Waterboarding is torture, and all techniques that constitute inhumane and degrading treatment are prohibited by law. If confirmed, you have my commitment that I will ensure that I and the National Security Division will follow the law. Lethal authorities QUESTION 35: Please describe your view of the legal implications of targeting or otherwise knowingly killing a U.S. person in a U.S. government lethal operation. What additional transparency do you believe would be warranted in that situation? RESPONSE: I agree with the CIA Director that “[t]he decision to target a U.S. citizen with lethal force is one of the most serious decisions that the U.S. Government could confront and is generally contemplated by an Administration only in narrow circumstances – for example when a U.S. citizen is part of enemy forces within the scope of a force authorization. Any proposal must be lawful, authorized by the President under a framework approved by the Department of Justice, and take into account that person’s constitutional rights.” I believe that in these circumstances and elsewhere, the government should offer the maximum amount of transparency about national security matters possible consistent with the need to protect national security. 33 Transparency QUESTION 36: Will you support the declassification and public release of any interpretation of law that provides a basis for intelligence activities but is inconsistent with the public’s understanding of the law? RESPONSE: Yes, I support such declassification and release to the extent consistent with the protections of sources and methods. QUESTION 37: If you or any other individual from the National Security Division were to say something pertaining to national security that was factually inaccurate in public, would you correct the public record? RESPONSE: I would always strive to be factually accurate in my own statements and in other statements made by the National Security Division. If I were to later learn that a statement was factually inaccurate, I would take action to correct the record. If I were unable to make a public correction consistent with the requirement to protect classified information, I would inform the intelligence committees of the inaccuracy in a classified setting. State secrets QUESTION 38: In the state secret case of United States v. Zubaydah before the U.S. Supreme Court, the Department of Justice has represented that, in releasing its Study of the CIA’s Detention and Interrogation Program, the Senate Select Committee on Intelligence redacted the names of countries that hosted CIA detention sites. The Department made this representation in its December 2020 Petition for a Writ of Certiorari and its March 2021 Reply Brief. These representations are inaccurate on their face, as the Committee does not redact information, and are contradicted by the Study itself, which repeatedly emphasized not only the CIA’s redactions, but the Agency’s desire to mask the names of the countries in the classified version of the Study. If confirmed, will you ensure that these misrepresentations to the Court are corrected? RESPONSE: I cannot comment on pending litigation. However, I commit to always ensuring that our representations to the Court are accurate. 34