Constant's pations

If it's more than 30 minutes old, it's not news. It's a blog.

Thursday, October 26, 2006

Draft Grand Jury Indictment: Blue Ridge Thunder

Followup to this.

Ref DoJ Criminal Division, which interfaces with BRT, smacked (again): Keisler's name withdrawn despite the second POTUS effort.

Ref: DoJ is accustomed to broad computer asset seizure. How many errors in a warrant get ignored when DoJ/BRT can broadly apply a subpoena, despite the errors, to anything in a computer, and procure new evidence unrelated to the online information, original data captures, or terms of the warrant?

* * *


A. J. Nuckols reported information forming the basis for these allegations in this draft grand jury indictment.

Defendants

[To be added]

Allegations



Ref Conspiracy

Ref Conspiracy in re claims against US government [Federal Grants]

Ref Contempt: Misbehavior of law enforcement officials in re court proceedings.

Ref Obstruction.

Ref Interference with federal grant oversight process.

Ref Witness tampering.

Ref Alternation of documents related to federal investigation.

Ref Obstruction of federal audit: Misleading information to DoJ, DHS, and other Federal auditors.

Ref Investigators and judicial officers, having a responsibilty to work on a federal contract, have a relationship with a general partner and CEO officer and financial benefits by (a) the award of the contract; and (b) the relationship between the investigator and commercial entity.

Ref Malicious procurement of warrants, without adequate safeguards ensuring the data, evidence, or other information used in the affidavit was correct, not corrupted, or not altered after data capture.

Ref Warrant executed with unnecessary severity.

Ref Destruction, concealment, and falsification of records and test data used to illegally procure warrants.

Ref Concealment of adverse test data related to allegedly faulty data capture system which should have been disclosed as required under Brady.

Ref Failure of auditors, investigators, and law enforcement to correctly report, as required, to Congress and Federal officials evidence and infromation realted to alleged fraud in re federal grants that they knew, or should have known, was under their control.

Ref False declarations before court related to data they knew, or should have known, was not relaible; could ahve been tampered; was not secure; or was not collected and retained under the rules of evidence as required.

Ref Fraudulent transfer and delivery to the US Government data personnel knew or should have known was not reliable, not properly tested, and improperly certified as meeting the rules of evidence.

Ref Fraud in re computers.

Ref Fraud against the United States.

Malfeasance

Ref Perjury

Obstruction of Justice

Witness Tampering

Fraud [Federal Grants]

Evidence Destruction

Brady Violations

Falsified Software Test



* * *


Allegations

1. Blue Ridge Thunder [BRT] is a federally funded, online intelligence gathering activity. The team relies on software data captures for evidence collection. BRT management has been widely acclaimed in the open media, Virginia State officials, and federal officials for excellence in prosecuting criminals.

2. Software specification reviews [SSR] which DoJ and DEA personnel knew, or should have reviewed during the audits of BRT, reviewed or should have reviewed the data item descriptions and data capture protocols to ensure data could not be corrupted. BRT received high marks from DEA and DOJ review teams.

3. BRT is responsible for capturing data to satisfy state and federal rules of evidence. Online chats are logged, evidence stored, and information is electronically shared using the IDEX system. An incorrect IP would indicate either the online capture system was defective; or manual changes to evidence were possible; or management had failed to devise a software system and oversight system to prevent retroactive changes to data.

4. On or about 18 Sept 2006, A. J. Nuckols and his family were allegedly incorrectly seized, detained, and interrogated. Within hours, personnel used BRT data to confirm the error and released Nuckols and his family. Nuckols reports the BRT team indicated there was an IP error. BRT team explanation defies plausibility. If the BRT explanation were true, the software would impermissibly do two things: Capture data linking incorrect personnel to online communications; but permit manual, retroactive changes to data.

5. BRT Management knew they had a problem: An innocent person had been seized, detained, and interrogated; the seizure could present a problem for the widely acclaimed BRT team, compromise federal funding, risk increased oversight, and call into question the integrity of the original software audits which DOJ and DEA relied.

6. Rather than correctly report the series of errors leading to the incorrect warrant, seizure, and interrogation, BRT management relied on electronic communications, the wires, and other communication methods to mislead Nuckols. These incorrect disclosures were made with the intent to mislead, avoid increased oversight of the BRT federal grants, avoid jeopardizing prosecutions, and continue the original frauds related to the incorrect software testing.

7. Key to the conspiracy being implemented was the false, misleading, and incorrect explanation related to Nuckols seizure, detention and interrogation.

8. BRT Management failure was the speedy discovery, using internal BRT data, that there was an incorrect seizure. Credible pre-warrant request reviews should have reviewed this data prior to requesting the seizure. The time to complete a thorough review of the failure modes is far greater than the BRT could accomplish. The alleged co-conspirators agreed to a story they knew was false with the hopes of avoiding additional questions.

Count 1: Conspiracy, obstruction of justice, witness tampering, unlawful evidence destruction, perjury

9. Central to the conspiracy was the agreed to story related to the error. Management, had they reviewed all failure modes, would have required several months to review the software lines of code [SLOC] to establish the failure mode, and corrective action plan. The Lynchburg and Country officials did not approve additional funds for this software audit after Nuckols was seized; and the audit was not completed prior to Nuckols’ release. Within the BRT data was sufficient information to establish Nuckols’ identify, and confirm the error was within the BRT data.

10. BRT management did not want to let outside investigators know the extent to which commercial contractors and other intermediaries were used to process warrants using non-automated method. These methods would break the link between original data capture, subsequent warrant processing, and illegally permit retroactive and manual adjustments to evidence presented to the court.

Count 2: Falsified Software Tests In Federal Grants Program

10. DEA and DoJ auditors awarded high marks to the BRT team. BRT failed to correctly report the scope of software errors and other internal control problems permitting retroactive changes to data.

Count 3: Brady Violations

11. BRT knew, or should have known, that claims that data could be manually changed would put prosecutions at risk, and require disclosures to defendants.

Count 4: Malfeasance

12. BRT management knew or should have known of the software errors and other internal control procedures within IDEX that would permit incorrect warrants, and fail to ensure that warrants were issued only on the basis of admissible evidence, not errors.

* * *


Discussion

It is serious business when electronically-captured data can be manually adjusted, but this not detected and prevented prior to using deadly force. It remains to be understood which commercial intermediaries process the warrants, and how electronically captured data is adjusted, manually entered, or otherwise not protected when using commercial contractors to process warrants, subpoenas, and other documents the court uses to adjudicate illegal activity.

Central to the concealment of the conspiracy was the known public outrage against the defendants. BRT did not anticipate that outside auditors would secretly pretend to be online predators, capture copies of the online communications, then present the information to court to show that the BRT representations were not consistent with the online data captures.

During the DOJ and DEA audits, the BRT provided misleading timelines and assurance related to the integrity of the data captures. Nuckols’ revelations defies the representations made to federal investigators and auditors. Nuckols reports the BRT management stated they knew that there was an error, yet this was accomplished without an extensive audit of the BRT software. Something within the existing data, IDEX procedures was sufficient to conclude there had been an error, yet no extensive software auditing was completed prior to Nuckols release.

When capturing evidence to satisfy the federal and state rules of evidence, the BRT software would have to ensure data integrity. The BRT explanation impermissibly requires manual, non-automated steps. BRT does not appear to be able to explain its high marks before DOJ-DHS auditors, yet the unacceptable changes to the electronically captured data.

Firewalls exist to ensure data and graphic images captured during intelligence are not used as a pretext to inflict abuse on defendants. Until BRT management effectively demonstrates they have resolved the software data capture issues, and that all BRT personnel assigned to the interrogations are mentally stable, nobody who has observed the online chats or graphic images should be permitted to directly access any defendant after a home seizure during custody or interrogation.

The committee and grand jury should recommend there be created a firewall between online data capture; and those who execute the search warrants. Personnel who have allegedly been tainted by evidence appear to have insufficient oversight to ensure they are professionally interacting with defendants. Until there are sufficient firewalls to prevent BRT interrogators from being tainted by graphic images, the public should reasonably expect more reports of abuse.

* * *


___ Why did one of the officers misprepresent whether they had or had not been on teh raid?

___ Which direction did the data flow: From the officers to the IP; or from the IP firm to the officers.

___ What was the computer associated with the transmission of the alleged illegal material, not the computer that downloaded or received the data: "received a download of child pornography in July and began the search for the computer used to send it"

___ What was the process, after the data was received in July 2006; what happened after the raid, that could not have been accomplished between July and Sept; how was the information correct quickly, in a matter of hours, but it took two months to do these steps: What other events, data transmissions, and personnel were involved with the review between July and Sept 2006?

___ What IP information, or identifying information was placed on the warrant/court order/subpoena and used as the basis for the search of the company's records?

___ Where did this information come from; how was it captured; was the captured data, given to the company to review, in error; or did the company make the error?

___ We've heard two conflicting stories: One was that the IP was wrong; the second was that the address was wrong. For the IP to have been wrong, this indicates that there's a third company invlolved, other than Fairpoint Communications of Dodge City, Kan. What is the name of the company that provided the BRT team the IP number?

___ How did the company get the IP information: Did the officers give the company the IP number; "Internet service provider in Kansas gave them the wrong name and address"

___ What was the basis for the change; why was this information not verified prior to the raid; what will be done to ensure this error does not occur again: "Kansas company later gave sheriff's investigators a different name and address in Pittsylvania County"

[ Ref; Bedford explains mistaken porn raid
Sheriff's department confirms the presence of Shaquille O'Neal; BY KATHRYN ORTH; TIMES-DISPATCH STAFF WRITER ]

_ _


___ What information was provided to secure the IP address

___ How was the IP number used to get the physical address: Which documents were involved; how was the data reviewed/secured; and how was the data used to cross reference with the indexign system.

___ There were reports of multiple downloads. Hat other download points were established; what were the other computers involved; who receieved the data; how was it transferred; how many other locations received the data; why weren't multiple receiving-locations used to confirm the original sender; how did all the data get traced to the wrong location; why wasn't multiple data, sent to mahy different computers traced, to confirm the original sender was correct?

"He said the sheriff's office conducted a successful search on the correct home Friday, finding child pornography and securing a statement from a man saying he knowingly distributed it"

By TRAVIS REED Associated Press Writer, "Authorities later realized they had been given the wrong IP address, which Internet service providers can use to identify users, leading them to the wrong physical address, Harmony said. It was the Internet company's mistake, he said." [ `Deputy Shaq' Part of Botched Va. Raid
Oct 25th - 9:50am ]



* * *


Grand Jury Discovery, Judiciary Committee Audit of BRT

___ How was the data manually changed after initial data capture?

___ Which software firm by name conducted the preliminary and final audit of the IDEX software data capture system?

___ What is the name of the software firm which did the final audit of the software used to electronically capture the data; how was their report and expert testimony used during court to ensure convictions?

___ What was the result of the software specification review done prior to BRT deploying the software?

___ Which logic diagrams were presented to DOJ and DEA auditors who reviewed the BRT data capture system?

___ How does the current failure mode which BRT management describes square with the possible failure modes inherent within the existing software design?

___ How does BRT explain the disparity between (a) the software requirements to successfully satisfy DoJ and DOE auditors; (b) the existing BRT software deployed and its failure modes; and (c) The failure modes BRT would like the public and Committee believe existed in the Nuckols incident?

___ How much time is required to thoroughly review the BRT data capture code, identify the failure modes within the software, correct these deficiencies, and then satisfactorily pass a software critical design review [CDR]?

___ How was the electronically captured data subsequently adjusted prior to issuing a warrant?

___ What is the name of the commercial entity which accepts the data, manually transcribes data, changes originally captured data, and converts the electronically captured data into a warrant?

___ How many prior convictions are at risk of being overturned if this failure mode is known, and the existence of this failure mode is challenged?

___ How many man-hours are required to fully support the BRT Brady requirements?

* * *


___ Which personnel accessed the IDEX system after Nuckols was seized?

___ Which IDEX procedures and policies were accessed after the data was originally captured, then reviewed after Nuckols was seized?

___ Which e-mail, telecom, and IDEX communications occurred between the secure facility, BRT management, and the County Sherriff?

___ Once BRT management was aware of the incorrect seizure, which IDEX procedures were put under review, changed, or modified; what method was used to ensure the BRT investigators and others with access to the IDEX system were aware of the new procedures

___ What is the timeline of the events to update, make changes to IDEX, then ensure that all BRT investigators were aware of the new procedures.

___ How does BRT management reconcile the inconsistent timelines: (a) One timeline to research the BRT-captured data, understand the failure mode, and determine Nuckols was incorrectly seized; with (b) the timeline to thoroughly review the software errors, and complete the requirements for a CDR?

* * *


___ Who was the BRT-assigned team leader tasked to review the Nuckols data?

___ What is the name of the civilian contractor – by name, identifying information, and relationship with the BRT team – who reviewed the software after Nuckols was initially detained.

___ Please provide a copy of the training document, and record of changes which IDEX users were required to learn; identify how these changes were incorporated into online training and testing for current and prospective BRT team members.

___ Which specific BRT and IDEX checklists were updated to ensure this error was not repeated

___ How were internal concerns with the larger software, manual data transfer reconciled

___ What method was used to verify the BRT team members were aware of the new procedures; how was BRT management aware that all personnel assigned to BRT were aware of the discrepancy, and fully informed and trained that new procedures would be required.

___ What communication, changes to contracts, or other modifications to work orders were issued to contractors who processed subpoenas, accessed data, or transcribed electronically captured data into evidence and warrants?

___ When was the US Attorney, FBI, and court officers notified of the potential data capture problems.

___ How were issues related to the DEA and DoJ audits incorporated into the oversight plans provided for the DOJ IG and DHS IG.

___ What method was used to notify the DoJ Attorney General of the potential risk to prosecutions before federal court

___ Were the US Attorneys aware of the Brady implications of having a system in place that could have errors; what method did the US Attorney plan to use to ensure defendants were aware of the errors within the BRT software capture system as required under Brady?

___ How often does the BRT team make errors like this?

___ Is it the expectation that BRT team, when they conduct raids, will find other evidence, ensuring that the defendants do not complain about their treatment?

___ If there is an error in the warrant, how many times has BRT found evidence unrelated to the original communications?

___ Is it the expectation of BRT management that if there are errors on the warrant, that these can be explained away by blaming software?

__ Is it the expectation of BRT management that even if they detain the wrong person, they will most likely find incriminating evidence on an individual’s computer?

___ How much public outrage at the original online abuses does BRT rely to avoid scrutiny to the BRT management practices, warrant process, and data capture?

* * *


___ Can BRT management explain how they were able to quickly determine within hours that there had been an error, but cannot explain why the thorough software checks could not have been completed?

___ Is there a reason that the changes to the BRT IDEX procedures had not been previously included to ensure that this problem did not occur?

___ What was the basis to conclude that the BRT IDEX procedures did not require an investigation previously based on other reported errors and known problems?

___ Can BRT management explain why there were no previous changes or other investigations on issues known to introduce manual, non-automated changes to captured evidence?

___ How many times has a defendant presented to a grand jury a copy of the online data originally transmitted and showed that the transcript provided to the court had been manually changed after original data capture?

___ Based on the failure mode BRT presented to Nuckols, can BRT explain why this failure mode was not discovered prior to final CDR?

___ What was the reason that the commercial contactor that reviewed the BRT software did not identify this failure mode or risk within the original test review?

___ How were the known software problems permitting manual, retroactive, and incorrect data factored into the IDEX procedures?

___ Is there a reason that these IDEX procedures had not been previously challenged in court as permitting changes to evidence after original data capture?

___ Is there a reason that the BRT IDEX procedures used to process a warrant were not fully followed prior to executing the warrant?

___ How do we explain the BRT management relatively fast ability to discover the error, but this error was not caught prior to requesting the warrant?

___ Which steps and reviews conducted after Nuckols was detained should have been done prior to requesting the warrant?

___ Please provide a copy of the checklist used to verify the warrant was complete; and how this check sheet was used after Nuckols was detained.

___ BRT management was informed by the Lynchburg secure location that they had information to support releasing Nuckols. Is there a reason that BRT management did not conduct these communications, reviews, confirmations, or coordination prior to executing the warrant?

___ Please discuss the discrepancy between (a) the software requirements to conduct this data capture and ensure the evidence remained admissible; with (b) the failure mode the BRT management says occurred; with (c) the documented, known software and internal control procedures. In y our response please discuss the software reviews, logic diagrams, and known risks. Please state which failures modes were missed, detected, documented; or the reason that the software review did not detect, report, or mitigate this defect during the software review.

___ Were all software discrepancies identified at the CDR satisfactorily resolved prior to DEA and DOJ issuing their audit findings?

___ Please provide a summary table to state (a) number of people assigned; (b) number of personnel authorized access; (c) average number of inputs to IDEX per day between 2004-2006; (d) the amount of data in MegaBits the IDEX system contains on a monthly basis between original deployment and Sept 2006; (e) the average number of reviews of the IDEX system per day between 2004-20006; (f) discussion of the known error modes within the IDEX system; (g) Discussion of the known error modes within the BTF data capture system used to secure evidence.

___ Which defendants have raised issues of data accuracy during their pre-sentencing discussions with the city and county attorneys?

___ How are these error rates factored into the DoJ and DoD audits?

___ What is the known error rate of the BRT data capture system?

___ Is there a reason that this error rate has not been used as a challenge during BRT prosecutions?

___ How many times has a defendant requested via Brady data on the error rate in the IDEX or BRT data capture systems?

___ Please discuss the number of errors BRT made in incorrectly opening and contaminating evidence sent via FED EX.

___ What process is used within IDEX and BRT to ensure that there are no errors related to FED EX delivery of evidence; how are these procedures and lessons learned promulgated to the BRT staff, front officer, and on duty supervisor.

___ What is the process for FED EX to use if the office is closed during a holiday; how is the FED EX instructed to handle the packages; is evidence left at the door; are the packages for BRT held in a secure location; how are the FED EX packages logged, tracked, and handled after FED EX delivers the package, but there is no one at BRT to receive the package; does FED EX have instructions never to leave a package outside the BRT secure facility in Lynchburg?

* * *


___ Please provide a summary logic flow diagram of the steps used to process data by the BRT team. Include a summary of the method used to store data, ensure that it is not changed, and there are no retroactive changes to the data. Please describe the points in the data transmission process where non-automated steps are used to transfer, record, or move data from one computer to another. Include in your response a discussion of how electronically captured data is manually transcribed, indexed, checked, then re-entered into a second or alternative database.

___ Describe the process used to ensure the original data-capture database evidence is consistent with the secondary and backup systems used to manually process warrants, compare notes, or provide investigators with assistance during their online data capture sessions.

___ Please outline the process used to ensure the original data capture matches what is subsequently audited, sampled, or reviewed by the Commonwealth of Virginia Oversight Board; DEA or DOJ; or other external auditors.

___ What method was used to certify that the originally captured data was wholly consistent with the data used by auditors, defendants, and others for purposes of evidence, cross examination, and reviews of the BRT and IDEX systems and data captures.

___ Is there a list of errors in the IDEX and BRT data capture system that the BRT and State Attorney Generals and US prosecutors do not want defendants to know prior to adjudication?

___ Is there a process in place in the US Attorney Manual to ensure that the Brady challenges of the BRT errors are adequately factored into US Attorney negotiations, settlements; or is there another method and procedure within DOJ to handle Brady challenges related to the IDEX and BRT data captures?

___ What is the law enforcement and interrogator access to the IDEX and BRT data captures prior to and during custodial interrogations?

___ What method does BRT management use to ensure that defendants are not abused, threatened with weapons, or have their Constitutional rights violated?

___ Is there a method in place to ensure that the data used by interrogators is accurate; or is there a chance that the BRT data captures can be in error?

___ How are these known error rates factored into the BRT training of interrogators, the IDEX procedures, or other procedures provided to contractors to handle the warrants, subpoenas?

___ How many times has an error within the BRT data capture system been avoided by finding other incriminating evidence on a computer, unrelated to the original basis for the warrant?

___ When there are errors in the warrants, but the computer seizure and interrogations produce other evidence or admissions, how is this error rate tracked internally within BRT?

___ What is the BRT estimate of the number of defendants that have been incorrectly targeted, but the errors were mitigated by other evidence unrelated to the original warrant?

___ Which ANSI and IEEE Standards were included in the software development contract for BRT and the IDEX system; how were these standards incorporated into the original contract language; what method was used during SPDR, SSR, and SCDR to ensure the ANSI/IEEE standards were fully met?

___ How many steps within the BTR data capture process permit manual input; or permit manual changes to data after original data capture?

___ What is the BRT-name for the data capture system: How was this name created, who first used this name with this data capture system.

___ The XEROX system associated with the BRT data capture system fully integrates with the rules of evidence. Please discuss how the XEROX system has been modified by BRT to permit online changes, or other adjustments.

___ After initial contact with the target, the BRT system captures data. This information is subsequently shared with the IDEX system, and other investigators can handle and use the data. Once the data is manually added and posted to IDEX, the data is assigned a tracking number. BRT engage in contact, share data, and a team is assigned. Where in this process does the electronically captured data get manually changed, indexed, updated, or cross referenced with data not housed within the IDEX or Xerox systems.

___ Once the target is acquired, data is electronically captured. Personnel including contractors have access to this data. BRT members use this information to plan their read. The data is used to plan physical and non-electronic intrusions into the targets computer. Please discuss what method is used to maintain data integrity. How were the lessons learned form the FED EX compromises incorporated into the data capture systems; how were subsequent problems, lessons, and other requirements incorporated by third party contractors into the original BRT data capture systems; was Xerox or the original contractor fully informed of the changes; and how were the software vendors included in periodic reviews to ensure BRT requirements were fully satisfied.

___ Nuckols reports that he has daughters, yet the BRT data capture system did not provide this information to the interrogators. Once there is online monitoring, how is the data captured, shared with other BRT investigators. When there are discrepancies between interactions, how are these error resolved. What method is used to ensure that the person making the online representations to BRT are doing so with the intent that they be relied upon, or are not pranks. What method does BRT use to communicate through IDEX suspected outside audits?

___ BRT captures data electronically. Data is verified and cross indexed to identify the target location. During online monitoring the target is given the opportunity to share details. Some information may suggest that the target be engaged using extreme force. IDEX is then consulted to evaluate what type of force is appropriate and avoid 42 USC 1983 litigation. Please discuss the checklists used to verify that these steps are complete; or that any problems or unresolved issues are reported to supervisors. Does BRT have an explanation why the discrepancies with the Nuckols-related interrogation were not resolved prior to first contact with Nuckols; if the discrepancies were resolved within hours, what prevented BRT management from resolving these issues prior to executing the warrant? Is there something that the American public should understand triggering a very quick response and possibly use of deadly force, but there is no credible evidence that the target of the warrant is engaged in any unlawful activity?

___ Please discuss the known errors with the data capture system, data assignment, and data posting to the IDEX system.

___ What is the method to acquire information, input that data, but not catch an error.

___ What method is used to verify that the procedures outlined in IDEX are followed?

___ If a failure mode occurs that repeats a known software problem identified during SCDR, how is this error factored into the oversight of the warrant issuing process; are these risks identified to the court in writing?

___ Please provide a copy of the IDEX and BRT policies related to confirming the identify of a target. IN your response include the time that the promulgated policy was taken from the IDEDX System.

___ When responding to questions related to the IDEX errors, what were the Lynchburg and County officials instructed to say?

___ When reviewing policies to ensure data accuracy, what are the steps to capture data, verify identity, verify that the online information has been correctly linked with a credible target; the method to update and ensure the IDEX information gets accurate information; the method to resolve inconsistencies between the online data captures and the assumed background of the target; and how information captured online is assigned and registered against a specific name. Please discuss the method to ensure the data captured online is correctly assigned to the correct file within IDEX.

___ Nuckols reports there was an error. What file did the BRT data capture get assigned to. Where is the other file where the correct information was assigned. Is there an explanation why the data was assigned to one target name; but the warrant was issued against an unrelated name?

___ In your response, please discuss the oversight and cross checks. What was the method to cross check the data captured from online with the data file in IDEX and the XEROX systems. Please discuss the check to ensure that the data is correctly inked, assigned, and referenced between the data capture sessions; the online IDEX files; and the name and data issued and assigned on the warrant.

___ Nuckols reports there was a known error. If the failure mode as the BRT management reports is correct, please discuss the other errors that were known, discovered. Was there a reason that the other data inconsistencies were not understood during the online data captures; a reason that the discrepancies and inconsistencies were not resolved prior to final online discussions with the target; and why these data integrity issues were not identified during the software specification reviews at SSR, PDR, and CDR.

___ Please discuss the IDEX data retention system in terms of multi-jurisdictions. Many locations across the United States can input data. Please discuss the central regulations, standards, or other federal guidelines BRT and IDEX system were operating under. When there is a multi-jurisdictions crossing state lines, which law enforcement oversight system is presumed to apply if there are errors; how are errors associated with a specific law enforcement officer reported to the correct state-level oversight system?

___ Please provide an estimate of the number of BRT-related prosecutions which might be overturned if the full failure modes were revealed to defendants and their counsel.

___ Please state the potential risk to BRT grants if the failure modes, which were or should have been identified ruing SSR, SCDR, and SPDR, were disclosed to the public. Describe the scope of the contract litigation issues, and potential liability which may attach to personnel involved with these software development efforts. Please discuss the relationship between these CEOs, software engineers, or testing contractors and BRT or IDEX and Xerox data capture systems.

___ Are the entities which produce the software engaging in self-certification to DOJ and DEA?

___ Is there a financial connection between BRT management and the software firms and officers involved with data capture, issuing warrants, or processing the data prior to issuing the warrants?

___ Are there retirement benefits, issues of decertification, or other valuable consideration that are at risk of the risks associated with the data capture system were known; or the problems with the software test proven to have been cursory, incomplete, or falsely certified to federal investigators?

___ Based on the steps BRT management have provides, is there a step within the process that would explain other problems Nuckols encountered?

___ Was the problem really a “wrong IP”, or was the problem related to multiple errors; or was the problem that the IP-captured was incorrectly processed, and the address on the warrant was not credibly checked with the data within IDEX, and the captured online communications? If this is the case, what is the reason that BRT management disclosed to Nuckols that the IP number was wrong, yet there were other problems that management knew, or should have known, that might have better resolved the issue?

___ How have the BRT management characterized the failure mode to hide previous violations of state law?

___ Has BRT satisfactorily provided a full map, diagram, illustration, or trace of the process, including step-by-step data captures; and satisfactorily explained all manual-data-inputs and adjustments to captured data?

___ Does the DOJ fear that problems with this data capture, as they relate to using intermediaries to process warrants, may shed light on the problems associated with the Verizon, AT&T, and NARUS systems?

___ What interest does the White House, DOJ OPR or Attorney General have in preventing a full investigation of the Nuckols issues to thwart public knowledge of the known data capture problems which the NSA-DoJ-FISA warrants use, but would have been prevented had the FISA oversight process been permitted to work as promulgated

___ What is the role of the intermediaries in the BRT warrant process; how does this commercial entity role match the intermediary process that Verizon, AT&T, and other NSA-affiliated billing companies used when interacting with AMDOCS, NARUS, Terremark, Telestrategies, Abraxas, or other entities involved with the Global Information Grid?

___ Please define the subcontractor process used in the BRT system: How do they capture identifying information, manually load information: Where in this process does the IP change; how is other information changed or modified or corrected without using automated data-transfers.

___ Please discuss the access the commercial contractors associated with BRT have with the read-only systems which interface with IDEX and the Xerox systems. Please discuss the basis to suggest that the IP was in error, yet this data capture is secured to meet the evidence requirements under the rules of evidence.

* * *


Audit

___ What procedures, oversight, and counseling are available to investigators to ensure they maintain their discipline despite exposure to graphic images or interrogator tactics.

___ Are guidelines appropriate of BRT

___ What methods have been used and documented in the IDEX system to ensure the evidence is accurate, not changed, and cannot be altered after capture.

___ How does the BRT management explain the evidence error which appear to be inconsistent with the Federal Rules of Evidence and other discovery standards of Federal Court.

___ How is the data captured, not tampered with, determined to be accurate, and determined to be admissible?

___ Please review the archived online chat conversations and transcripts to look for evidence that BRT investigators have been abusive of targets, changed evidence, engaged in entrapment, or induced otherwise innocent targets of doing something they would not normally do.

___ Please discuss the notification methods BRT investigators use when they suspect their team has been targeted by federal investigators, auditors, or outside personnel capturing data for purposes of issuing a grand jury indictment or ending federal funds for this activity.

___ Please review the post-raid notes and e-mail related to lessons learned. Is there a problem-resolution process to apply these lessons learned to other IDEX members.

___ Please review management reports of errors within the IDEX software system; how are these errors documented, provided to the software engineers with the vendor; how are the known software problems incorporated into change requests; how are the known software problems incorporated into the BRT strike team packages and interrogation scenarios.

___ Nuckols reports that he was detained for several hours. Please provide a timeline of all access to the IDEX system. In our response, please include a parallel timeline of all e-mail, telecom, and other planning meetings. Please discuss how personnel who were supposedly involved in one activity could possibly be involved in IDEX of software reviews.

___ Which responses and explanations has BRT management provided that are not consistent with (a) the known software errors; or (b) the claimed software errors?

___ Please describe the normal activities, functions, and taskings that personnel involved with the Nuckols review (prior to his release) would have been involved in had they not been distracted by this error; or called to review the failure mode. Please discuss the missed timelines, or other planned objectives that required overtime, or additional staffing to meet schedule requirements; which tasks were subsequently slipped to an additional data. Based on the slipped tasks, and personnel reassignments, does the claimed BRT review square with the actual manpower required to do a thorough review; what is the reason this review was not done prior to issuing or executing the warrant?

* * *


Software Stress Testing Veracity

___ Was the software BRT used using a software review process that followed IEEE or ANSI Standards?

___ How was it included in the software contract that the IEEE or ANSI standards were met?

___ What review by DoJ was accomplished to ensure the funding was properly allocated to a contract that had sufficient personnel; was this review and certification done outside the federal level; what method did DOJ and DEA auditors use to incorporate non-federal audits into the final audit report?

___ Was the software review done independently, blindly without regard to the activity, personnel, or government objective?

___ What method was used to ensure that the software testing and verification was not done by someone who had an interest in providing a favorable review to DoJ?

___ KMPG and other auditors have provided favorable reviews to various clients. Coopers and Lambert have also been implicated with various accounting scandals. The auditors were providing consulting services to audit clients. Please discuss the method the federal and state government used to ensure that software auditors did not have an interest in providing favorable results, when they had a duty to report all the errors. Was there a process in place to incorporate lessons learned from the Securities and Exchange Commission and AICPA on auditor independence?

* * *


Post Nuckols Seizure

___ Once management was aware there was a problem what did they conclude failed and why.

___ What was this solution to this internally known problem.

___ What method did BRT use to verify the solution was correct.

___ How did BRT management ensure the address changes were real problems, not simply matching the BRT management-version of the story presented to Nuckols?

___ What method did BRT management use to sample, verity, and test the data was valid?

___ How were subsequent reviews, audits, and other observations done on a no-notice basis, then forward to the Commonwealth of Virginia Police Oversight Board?

* * *


Abu Ghraib, Guantanamo, Afghan Box Suffocation

___ How many refusals to meet with the BRT undercover investigator were responded with threats to publicly disclose embarrassing details about the target?

___ When BRT is aware of a sting operation, how is monitoring of the online discussions changed?

___ How are the topics, interactions, and range of discussions modified when BRT personnel suspect they are being observed or tested by outside auditors?

___ Please discuss how the online procedures in IDEX are more closely or loosely followed, applied, enforced depending on whether the BRT investigators suspect the target is an auditor or a bonafide threat.

___ When you review the transcripts, is the BRT investigator suggesting things that are strange, unusual, and are rebuffed; to what extent is the target pressured to agree to something that they would otherwise not agree?

___ TO what extent is an online conversation fabricated to create the false impression there is an emergency which the BRT investigator makes the target believe they have a fear of law enforcement, but desperately need assistance.

___ Can a case be made that the BRT investigator is violating the trust of the target and planting images of false abuse, imminent harm, or other false emergencies which law enforcement has not been responsive to?

___ When you review the transcripts, who is doing the real work to initiate the meeting – is the meeting something target wants; or is it something the BRT investigator pressures the target to assent to on the basis of implied threats of disclosure to others?

___ Does the outside audit team consider challenging the BRT investigator’s bluff; and encourage the BRT investigator to disclose information related to the online activity?

___ Can a case be made that the BRT investigator is adding to the problem of online abuse, and creating new problems that would otherwise not exist?

* * *


Exploring the BRT Management Explanation

___ By focusing on the IP-issue, Which issues does the BRT management hope do not get outside review?

___ By using this excuse for the error, what are the BRT management hoping outside investigators and auditors not talk about?

___ Which human-non-electronic errors are the BRT management not discussion?

___ Does the BRT management hope to avoid other verifications, reviews, or examination of contracts, software specifications, or IDEX information uploads?

___ What data does BRT management hope to prevent an examination of by focusing on the alleged IP-error.

___ Are there recorded conversations, other e-mails, or voice mail transcripts, or cached data within the Xerox or BRT-IDEX systems that BRT management is not aware are permanently archived, and cannot be erased?

___ Is there evidence the originally captured data has been tampered with, suffers a high loss rate, or is mysteriously not available, yet other data from other conversations is readily available?

___ Do the explanations for the data not being timely, available upon reasonable request match the quick resolution of the problem?

___ How does BRT management explain the relatively fast response in understanding that Nuckols was incorrectly detained; yet the inability to timely respond to a simple question about the events related to making that determination?

___ Does the BRT management team have an interest in focusing on the IP error to distract attention from other raids where there were errors, but more incriminating evidence was stumped upon, thereby shifting attention from the original errors in the original warrant?

___ Does BRT management hope to shift attention from the decision to assign BRT members to the strike team; the basis for targeting; or how they will approach a specific target.

___ Does the BRT management hope to shift attention from the interrogations that may require additional reviews, or inquiry into whether the interrogations should have been earlier ended because of similar problems.

___ Does BRT hope to shift attention from what they did after the raid, and not call attention to the expansive data verification that would have been required had they had a credible software system in place; or other reviews that should have been done before the software received a favorable audit by DoJ or DEA?

* * *


IP Failure Mode

___ Has the BRT management satisfactorily explained how a manual change to captured data is or is not consistent with the data captured and assigned to the interrogation.

___ How does the incorrect IP-failure-mode get factored into the software specifications, and DEA and DOJ audits.

___ How does the IP failure mode get factored into the logic diagram.

___ Is it reasonable to accept that manual changes to data capture can occur, but there be no challenges to the prosecutions, or Brady request?

___ How does the SSR logic diagram permit data assignment to the wrong name; how did the CDR and PDR not catch this problem?

___ How is a strike package/ warrant execution order generated without verifying the original contact information captured?

___ Please discuss the inherent errors within the software that are not checked; but the problem has been quickly designated to be an IP-error. How was it quickly determined this was the problem, but a complete review of the CDR-PDR software specification reviews could require a multi-million dollar software review?

___ How does the BRT management reconcile (a) the seamless data capture-retention requirements used for discovery, with (b) the fairly benign changes possible that would otherwise corrupt the data as is done with FED EX deliveries to BRT?

___ Please discuss the other files within the Xerox, BRT, and IDEX data capture system that are similarly jumbled, mixed, or improperly assigned to the correct data fields and files. What review did the DOJ and DEA software auditors do of these data files; was the SETA contractor in a position to benefit with additional DoJ or NSA software contracts if they gave a favorable review of the BRT software?

___ If the failure mode was a simple matter of an incorrect IP, what was the basis for not including this known failure mode within the SETA contract review; or a basis to reject the software as package that could reliably be used to meet program objectives and survive court scrutiny.

___ Please discuss the relationship between the software engineers used to review this BRT software, and their relationship with MITRE, NSA, and the Terremark fiber optic software integration system; does Abraxas have an explanation how software engineers were assigned to programs they may not have the experience; or is there another reason why the explanation of BRT management does not appear to be consistent with what one might have expected had FISA court had the opportunity to review the software data errors prior to issuing a warrant.

___ What software tests were done prior to deploying the software?

___ What identification risks in policies, software, and data capture were identified by the DOJ SETA contractors; how were errors documented by DHS and DOJ prior to awarding the grades to BRT?

___ How were the BRT software test results applied to the contracted requirements: Once the software was known to have a problem, how was this known failure mode incorporated into the award fee plan, or other criteria the Fee Determining Official used during original contact award?

___ Was there a reason that the software BRT uses was not rejected once these problems were identified?

___ What is the reason we do not have other reported errors?

___ How do we explain the multi-site input and data exchange of IDEX, but the error mode was quickly determined to be something unrelated to the secure data-capture requirements for a warrant?

___ What was the basis to conclude that the problem, after Nuckols was incorrectly detained, was not something other than IP error?

___ What were the range of failure modes which BRT first reviewed; how were the most probable error modes eliminated; which SETA contractor was called into the Nexus for consultation; which contract are they on; do they have a 24-hour notification system; which faxes, e-mails, and other schematics were shared between the SETA contractor, DOJ, and the BRT personnel once the error was known.

* * *


Motivations of Management

___ Please discuss the BRT management concerns that the problem with the BRT=IDEX-data capture system would be much wider than understood, and require budget outside the original grant.

___ Was BRT management concerned that original software tests, that should have been done, would be known to have never occurred; or that the software was deployed prematurely before it could be adequately tested and integrated with the complete warrant requirements?

___ Was BRT management concerned that the software was reported in the DOJ or DEA audits to have publicly met a specific requirement, but management knew or should have known, that the software was not fully meeting the Commonwealth of Virginia requirements, as was otherwise part of the 1999 proclamation and recognition for BRT?

___ How much OSD, DOJ, or DHS funding was at risk if DOJ or DEA rejected the software or BRT implementation of the software into the BRT IDEX procedures?

___ How much unfavorable publicity did the BRT fear would be disclosed in the wake of the Foley House Ethics investigation?

___ Was the software vendor, SETA contractor, or other personnel assigned to the BRT-Xerox-IDEX system also part of the software notification which Speaker Hastert and the Page Oversight Board relied on for legal counsel notifications?

___ What level of loss of public standing did the BRT management fear they would suffer if the real problem were known; were they concerned they would be asked some pointed questions next time they appeared before Congress to discuss online data capture systems?

* * *


BRT Investigator Oversight

___ Is there a BRT management disinclination to restrain BRT team members when they target defendants?

___ How have the lessons of Abu Ghraib, Guantanamo, and Eastern Europe been factored into the methods BRT team members interrogate defendants?

___ How has DOJ OPR feedback been used to modernize, adjust, or update how BRT team members interact with defendants.

___ Can the Special Agents in Charge over the FBI agents involved with the BRT investigations show that they have adequately overseen the FBI agents; ors is there a tendency for the FBI and SACs to rebuff information showing or suggesting that BRT team members have been abusive to defendants?

___ Is there an attitude within the White House staff, US Attorneys Office, DOJ Staff Counsel, FBI, DOJ SACs, and law enforcement that persons targeted by the BRT team “get what they deserve” or “are appropriately disciplined” prior to adjudication;

___How are the lessons of Abu Ghraib, Guantanamo, and Eastern Europe factored into the White House, DOJ OPR, DoJ AG, FBI, SAC or DHS assessments of how targets are or are not treated prior to charges

___ How does the IDEX system comment on what methods BRT interrogators can use;

___ If there are violations of the IDEX procedures related to interrogations, how is the FBI and Commonwealth of Virginia Police Oversight Board provided with this information; is DOJ OPR satisfied with the results of these investigations; or are state level auditors dissuaded by court officials, court administrators, or other government officials from raising the issues?

___ When information related to alleged misconduct is brought to the attention of Lynchburg officials, does the County Board of Supervisors aggressively look into the information; or do they merely ask the attorney to comment in general matters without making any written certification that the investigation found no problem?

___ What types of abuses inflicted upon detainees at Guantanamo, Abu Ghraib, or Eastern Europe has been imposed on American citizens who have been targets of BRT investigations?

___ Please describe the cross flow of personnel between the military, CIA, and BRT; what is the training which formerly assigned CIA agents received on interrogations, and how is this training incorporated into how BRT targets are treated.

___ Is there evidence that the BRT investigators, while online, are ménage in abusive, inappropriate conduct towards innocent American civilians?

___ Does BRT management believe that few will want to admit that they’ve been induced to do something against their inclination by a teenager?

___ After you review the transcripts, is the approach of BRT crossing into entrapment?

___ Who is really making the first moves in the online discussion: Does the BRT investigator start with the suggestions; is the American public given a chance to reject the overtures?

___ How much pressure does the BRT team member put on the target to meet; is this pressure something that could be explained by something else; would adult intervention be warranted if the BRT-investigator fabricated-scenario was true?

___ What kinds of lessons learned would BRT prefer be implemented if there are inappropriate conversations; how has BRT provided lessons learned to DOJ Public Service Announcements so that adults are appropriately warned to rebuff inappropriate comments by people who may or may not be underage?

___ Does BRT incorrectly believe that an independent auditor will not keep a copy of the online data captures; or that nobody else will ever compare the transcripts presented to the court with those in the BRT-IDEX-XEROX system?

___ What is the BRT plan to handle the failure modes that permit manual adjustment and changes to evidence, while at the same time proving that the transcript had not been fabricated, or adjusted as was the concern with the FED EX package deliveries?

___ What is the method BRT management plans to implement to ensure that the IP-error-failure mode, as BRT management says occurs, does not occur with other manual-changes that would allow court-reviewed transcripts to be altered, or exposed to the same error-adjustment failure mode?

___ Cold the real error – other than the “IP was incorrect”-failure mode – result in a credible claim of evidence tampering or entrapment?

___ How many errors were similarly explained away with the “IP was incorrect”-explanation, because BRT unexpected found evidence on computers?

___ How many cases are at risk of being overturned if the truth were known about the full software specification problems?

* * *


Other Failure Mode

___ What are the other known problems, errors with the IDEX-Xerox-BRT software capture system

___ Which previous warrants were also in error

___ How may targets did not complain because they didn’t want to attract attention to something that they were doing, and knew they should not have been doing?

___ How many times were errors related to targets not understood or acknowledged because the BRT captured other incriminating information in the computers?

___ How many of the errors have been regularly explained away using similarly non-sense excuses, and there was never an outside review to challenge the explanations, or compare whether the software problems were correctly resolved?

* * *


NSA: Investigative leads to BRT

___ What adverse inferences does NSA make about personnel who refuse to engage in online discussions with BRT team members?

___ If NSA or JTTF have targeted someone for surveillance, but they rebuff attempts to entrap, what other methods are used?

___ Does JTTF use pre-text or known errors in the database to introduce uncertainty?

___ When BRT investigators are challenged for their conduct, how are known database errors used as an explanation to request more information, feign uncertainty, or complain the target is not satisfied, or that they have an attitude problem?

___ How does JTTF and BRT use online abuse to trigger public complaints, then use those complaints to target personnel for increased scrutiny?

___ Are lawyers always made available in a timely manner, or are personnel moved from other districts to Virginia, and left to wait for hours wondering what will happen?

___ How is the outrage over 9-11 and the smoldering WTC-Pentagon used as verbal armor to avoid questions related to Virginia-based BRT-JTTF interrogations and abuses against targets?

___ How are the BRT IDEX and Xerox data sets provided to the NSA, circumventing the FISA warrant requirements?

___ How are online discussions – which may be fabrications and hoaxes – reported to NSA, JTTF, or the Treasury Department; what effort does BRT make to screen the data or establish whether the source is joking; what does the BRT, NSA, CIA, and JTTF do when they suspect they have been the target on an online sting operation by GCHQ or a war crimes prosecutor; how is the data incorporated into decisions to request amnesty, travel plans, or other DOJ Staff counsel decisions; is there an effort to dissuade state attorneys from brining disbarment complaints to DOJ OPR or the state disciplinary board on matters related to NSA-BRT-JTTF online abuses; would this abuse be mitigated if the FISA court were adequately incorporated into the BRT-JTTF oversight?

* * *


BRT Risk Mitigation

___ Please discuss the BRT reasons for not having a firewall between (a) online investigators; and (b) those who execute the warrants. Is there a reason that those who engage in interrogations are reviewing the material directly; what is the reason that a firewall was rejected?

___ Is there a sense of satisfaction interrogators have, after engaging in online discussions with a target, to force the target to confront an adult?

___ Does BRT have a response to how they might respond to similar treatment under the Military Commission Bill; if BRT personnel were found to be complicit with illegal abuse, should other nations have the legal right to lawfully render BRT personnel to the Hague for war crimes prosecutions?

___ What method does BRT management have to ensure interrogators are not irrationally affected by graphic images?

___ What consideration has been given to the BRT access to graphic images have on the speed of action, and the failure modes; do the graphic images tend to accelerate the warrant request process or reduce the IDEX-related checks; how do the graphic images tend to accelerate reviews and not adequately catch errors that might otherwise be caught if there was a seamless data-capture system which BRT members could not adjust, affect, or change?

* * *


Congressional Oversight of BRT Grants

___ Please discuss the BRT management original explanations to Mr. Nuckols. Has there been adequate consideration whether this explanation is correct, true, and complete?

___ Is BRT prepared to fully cooperate with local investigators and war crimes prosecutors to fully disclose IDEX procedures, and other guidelines which may be related to the Intel Link system which the CIA put into effect in Eastern Europe?

__ Is BRT management prepared to cooperate with the VA state auditors to review this matter?

___ What is the BRT and local government attorney view on disbarment efforts directed at counsel who may have not effectively put into effect their American Bar Association model rules or the Commonwealth of Virginia requirements: Is there a concern that prosecutors may face disbarment for their apparent failure to review these issues or disclose Brady issues to defendants?

___ Is the BRT management concerned that public statements to Congress and the Commonwealth of Virginia might come back to haunt them; are they willing to stand by all their public statements related to BRT, IDEX, and all other testimony provided to Congress under oath?

___ Is BRT management confident that its IDEX procedures are fully consistent with the commonwealth of Virginia Constitution; and that the Constitution has been adequately protected by the BRT practices?

___ Is BRT fully prepared to cooperate with a House or Senate Judiciary Committee inquiry should they review the adequacy of SETA contractor support to the Department of Justice, JTTF, and software supporting Federal grant expenditures related to BRT?

___ How have the recurring lessons learned, errors, and other findings been given visibility or suppressed because of their sensitivity?

___ How have previous violations, that might be relevant to 42 USC 1983 or 5 USC 3331, been appropriately or inappropriately settled based on incorrect explanations for failure modes?

___ Have there been adequate error reporting to the House leadership?

___ How prepared is the BRT and Lynchburg in cooperating with a GAO audit on this matter?

___ Are funds going to multiple entities involved with BRT management, but there are problems with conflicts of interest, evidence, and Brady?

___ Is BRT willing to publicly discuss the changes to the IDEX system that will better educate IDEX users how the BRT management will effectively oversee the Federal Grants which support BRT?

___ How were the various terms papers which BRT management crated on use of force factored into the IDEX guidelines employed with Mr. Nuckols; is the use of force consistent with what is permissible under the military commission act?

___ Is it BRT position that Members of Congress are sufficiently competent on software issues to inquire into the credibility of the “changed IP error-mode”;

___ How are the BRT management responses to these issues shaped by the findings of Foley, the House Ethics committee, and the GAO best practices files?

___ How will the BRT management share the lessons, insights, and other software reviews with local officials in the Commonwealth of Virginia; or communicate these findings to other state legislators in a timely manner?

___Does BRT think that state-level law enforcement oversight is adequate or inadequate; would they prefer more no-notice visits, or additional guidance on how to work with contractors when processing warrants?

___ What is the BRT view of the credentials of the investigators: Fully qualified; partially qualified; not able to understand software; or is there another basis for assessment?

___ What method does BRT management think should be incorporated into the software reviews to increase the reliability of the information used to issue warrants?

___ Does BRT believe that 42 USC 1983 claims are sufficient catalysts to remedy management defects, software problems, or failure modes; or are other oversight methods needed to randomly sample online data captures using no-notice audits?

___ If there are punitive damages, but the Commonwealth of Virginia is awarded part of the damage award, should the money be expressly earmarked for BRT; or should BRT be required to go to the Judiciary Committee to request a supplemental in the OMNIBUS?

___ What are the BRT views on what should be done to remedy the apparent credibly problem; do they have ideas on what a solution might be; is there a data transfer problem that is common to JTTF, NSA, CIA that might explain the failures to prosecute detainees at Guantanamo;

___ Why, if the data capture systems are similar between JTTF and BRT, are there different levels of prosecutions: High prosecutions for BRT, but no prosecutions related to GTMO detainees; please comment on the evidence veracity differences between the GTMO prisoners of war and those the BRT captures. If the explanation for Nuckols detention is “simply” and IP error, why isn’t the same explanation readily provided to explain the GTMO, Abu Ghraib, or Eastern European detentions?