Armed Conflict Congress Criminal Justice & the Rule of Law Terrorism & Extremism

9/18 Session #3: More Mayberry

Wells Bennett
Wednesday, September 18, 2013, 1:04 PM

The morning’s second session picks up where the first left off: with Bin Attash attorney Cheryl Bormann, with her witness, Air Force Col. Karen Mayberry, the Chief Defense Counsel, and with a discussion on the deteriorating information technology and defense confidentiality situations, in late spring of 2012.

Published by The Lawfare Institute
in Cooperation With

The morning’s second session picks up where the first left off: with Bin Attash attorney Cheryl Bormann, with her witness, Air Force Col. Karen Mayberry, the Chief Defense Counsel, and with a discussion on the deteriorating information technology and defense confidentiality situations, in late spring of 2012.

The witness conferred with other defense officials in April, including---for the first time---Defense Department IT personnel in charge of the ill-fated replication process.  The Convening Authority, Paul Oostburg-Sanz, also joined in.  Their topic was the sanctity of defense materials, and the disappearance of defense stuff from network drives.  Mayberry was surprised to learn, during the discussion, that other attendees had only recently become aware of the defense’s massive loss of data in December (some 7 gigabytes in all).  Moreover, there was an evident disconnect among the participants about how badly the network drives had been affected.  That, Mayberry testifies, frustrated efforts to arrive at a mutually agreed solution.  In any event, Mayberry asked for a defense-only, protected network that would keep her office’s materials safe.  There was, however, no timeline given at the meeting, for when this or any other fix would be forthcoming.

In July, Defense Department IT folks proposed to use special software, in order to compare the contents of June 2013 shared drives with the contents of the drives as of December.  This process showed hundreds of thousands of missing files, Mayberry tells Bormann.  The results were incomplete, in that some defense files created in the interim---from December to June---might not be accounted for.   To aid in the forensic, figure-out-what-we-lost process, Mayberry provided some recent, non-privileged file paths and document names to IT officials---but she never heard back from those officials about where the files in question had gone.  Moreover, defense teams knew that certain historical files had existed, but were not recorded on backup tapes from December---and thus could tell that more files had gone missing than the initial comparison suggested. The foregoing caused Mayberry to have even greater concerns about the effort to obtain a complete picture of which files had been compromised, from December onward.  Those concerns remain.  To date, the Defense Department’s IT office has not signed a defense counsel-proposed non-disclosure agreement, so as to facilitate the recovery of any privileged files that disappeared from the defense’s network drives.  In fact, the IT office has not responded to follow up requests from Mayberry’s deputy, Bryan Broyles.  

Emails became a problem, too, in August.  Mayberry and company earlier had been advised that their office would not be affected by a large-scale migration of other Defense Department email systems, from the “” profile to another one, “”  (When asked by the military judge, Mayberry explains that the decision not to move the defense counsel email profile was taken by Defense Department IT personnel, not her, in light of the data losses and other problems that had taken place earlier on.)  Nevertheless, the defense’s Outlook accounts saw problems almost immediately.  For example, emails sent from Mayberry’s shop would not reach other ones elsewhere in the Office of Military Commissions.  In other instances, attachments would disappear, or the defense would not receive emails sent from prosecutors and the trial judiciary.  (Some of these apparently landed in accounts entirely unknown to the addressee, though belonging to him or her---but, Mayberry stresses, those accounts too were plagued by intermittent data losses.)  As before, IT officials responded oddly to the defense’s complaints about IT breakdowns.  Mayberry explained that the officials---in a wrongheaded effort to resolve matters---would simply ask Mayberry identify the emails she wasn’t getting, something that was obviously beyond Mayberry’s knowledge or capability.  When prompted by Bormann, the witness affirms that the defense’s email issues are ongoing.  For one thing, at least nine members of Mayberry’s office were mistakenly migrated to other the “” profile, in error---and are also still missing a number of emails from those accounts.  (Apparently, DoD IT staffers sought to replace some of these, by accessing the desktop of one defense lawyer---but without the consent of the lawyer in question.)

Bormann asks about Defense Department investigative search requests.  Mayberry and her Deputy were to be advised of these, any time a search might implicate accounts or files belonging to defense attorneys.  But that regime obviously cannot work, when an email account---migrated or otherwise---doesn’t indicate someone’s affiliation with Mayberry’s office in the first place.  And that, Mayberry says, is the situation confronting her to this day.  The email might also be stored, electronically, in a bucket not associated with the Office of the Chief Defense Counsel.  Take Maj. Wright, defense lawyer in this case: his “” account contains no identifier, and thus might well be searched inadvertently, despite the existing safeguards.

Mayberry, when asked, explains that she has not rescinded her order not to use shared networks, because those networks are still problematic from her standpoint. As for the path forward, the witness says that she plans to issue recommendations, soon, about a course of remedial action recently put forward by DoD IT staffers. This marks the second such plan, the first having been issued in June; but Mayberry’s and the Convening Authority’s offices had concerns about the first proposal. IT officials thus proposed another possible solution, which Mayberry is reviewing.  So when does Mayberry think the system might be made safe?  She can’t say for sure.  The witness has one approximate,  65-day timetable for one proposed solution, and another 111-day timetable for another solution.  But both are subject to approval and funding beyond her control.

Bormann: in the last eight months that this problem has been in play, how hard has it been for, say, counsel to draft and file a pleading?  Mayberry answers that it depends, but estimates that the IT burden means that drafting and filing will take three times as long as they would otherwise---even longer, she says, for employees who are not formally part of Mayberry’s office, and still longer, when we’re talking about a joint filing (as we often are in this case).

Bin Attash’s lawyer, still audibly under the weather, is now a bit more hoarse from a long direct examination.  She wraps up.

Wells C. Bennett was Managing Editor of Lawfare and a Fellow in National Security Law at the Brookings Institution. Before coming to Brookings, he was an Associate at Arnold & Porter LLP.

Subscribe to Lawfare