Published by The Lawfare Institute
in Cooperation With
Do other counsel want to talk to Mayberry? One of Khalid Sheikh Mohammed’s lawyers, David Nevin, does.
He’s based in Boise Idaho---a goodly ways away from the defense hub in Rosslyn. Surely that arrangement can make, as Mayberry suggested during her colloquy with Bormann, for a longer time in writing and submitting legal documents. In this regard, Mayberry says she knows Nevin doesn’t often receive emails, and that his team has devised a makeshift if unwieldy system for communicating about draft legal materials. As for that system, Mayberry has had to authorize offsite worksite capabilities for Nevin and company. Thus Maj. Wright, another of KSM’s lawyers, may generate work product on his home computer, and send it to Nevin via an offsite email; Nevin then will respond with his official, military commissions account, but then the recipient must find an alternate location to correspond with Nevin.
Nevin then asks about real-time monitoring, in particular defense declarations attesting to the monitoring of defense team members’ internet use. Two defense staffers had received phone calls from information security officials, who expressed concern about (and thus knowledge of) what the staffers had been reviewing on the internet. Mayberry doesn’t know precisely when that happened, but knows that the security calls quickly followed the staffers’ visits to certain websites. The witness understands that the monitoring here is initially electronic, in that an automated computer process seeks out anomalous or concerning internet activities. The human element comes after this. Nevin wants to know: is it possible that defense researchers, in the course of investigating this case, would have to access internet websites containing information about terrorism? Absolutely, answers Mayberry, she would expect exactly that---and agrees that, yes, that is precisely what happened here. The witness is also aware of a claim by IT personnel, who insist that _all_ computer systems within the Defense Department must be monitored in real time. Mayberry finally understands that human officials can acquire information swept up by automated monitoring processes---including the name of the person in question, the location of his or her computer, and the address of any website visited. All that, she says, can implicate materials protected by the work product privilege.
The court interrupts: so to resolve this, you envision a standalone system that would be monitored by an electronic process, but that humans---within the privilege bubble---could enter? Yes, she says. (That arrangement is employed for the Defense Department’s Inspector General’s Office, according to Mayberry.)
KSM’s learned counsel asks about the replication process, in particular regarding shared drive access for the KSM defense team. Users, Mayberry says, only have permission to access certain folders on the network drives---thus Nevin’s crew can access only KSM-related folders, but not to Bin Attash-related folders. Lawyer and witness refer to this as “mapping.” But, Nevin asks, Nevin’s group could not access its folders in January and February of this year, could they? Right, says Mayberry. And Nevin’s co-counsel also had a folder that was, unfortunately, mapped to some other person in some other agency? Right again. Also right, according to Mayberry, are Nevin’s suggestions, first that even some allegedly “restored” folders often had no contents, in some instances; and second, that in others, the contents reflected modification on days when counsel had not, in fact, worked with the files. When asked by Nevin, Mayberry confirms that, yes, all this gives her serious concern about whether defense communications and work product genuinely are protected. Thus her “don’t use the system” order, which she took as a consequence of her professional obligations.
Nevin has a question or three more about investigative search requests, like that issued in connection with the Al Qosi case. Such requests can come from the Secretary of Defense’s office, or from FOIA requests, Mayberry says. Regardless of the request’s source, the question for present purposes is whether the information sought is subject to control by Defense Department IT personnel. The Chief Information Officer for DoD previously claimed, in a different case in 2011, that any search of defense materials presumably would implicate a privilege. Well, Nevin asked, if that is true, then does Mayberry think possible searches to be acceptable? No, it wouldn’t. Mayberry also explains that she is aware of a “legal sufficiency review,” which must precede any search conducted by DoD IT people---but emphasizes, as before, that these reviews often cannot determine, in advance, whether searched folders and email accounts will belong to defense lawyers. Driving home the point, Mayberry once more tells defense counsel that the Al-Qosi search could have been done in a privilege-respecting, not-digging-around-in-defense-accounts manner---but was not. When asked by the court, Mayberry explains that, now, a firewall precludes the searching of defense emails without further action.
The court’s inquiry prompts a look at the time, which in turn prompts a lunch break.