Published by The Lawfare Institute
in Cooperation With
In an unexpected move, the Democratic National Convention turned political reprobation for election interference into formal legal action alleging conspiracy.
On April 20, the DNC filed a lawsuit in the Southern District of New York against various Russian state actors, WikiLeaks, and members of the Trump campaign and Trump family, though not the president himself. Reportedly, Democratic congressional leadership was just as surprised as Republicans by the action: The House and Senate Minority leaders only learned about the lawsuit as it was being filed. The 66-page complaint includes twelve separate causes of action, relying primarily on publicly available information about the related events.
The lawsuit names foreign actors, the disseminators of stolen DNC documents, and associates of the Trump campaign. The foreign actors include:
- the Russian Federation, as a foreign nation;
- the GRU, Russia’s military intelligence agency;
- “Guccifer 2.0,” identified as a GRU operative using a pseudonym and which the complaint refers to as GRU Operative #1, who originally disseminated DNC documents and allegedly interacted with Trump campaign officials;
- Aras Iskenerovich Agalarov, who, the lawsuit alleges, served as a liaison between Trump and Russian president Vladimir Putin, most recently for the real estate development used to gain Kremlin support for the campaign;
- Emin Araz Agalarov, Aras Agalarov’s son, who is a close relation to the Trump family, and a party to the June 2016 Trump Tower meeting discussing DNC email dissemination;
- Joseph Mifsud, an academic who allegedly worked as an agent of Russia in interactions with George Papadopoulos; and 10 unnamed parties for the unknown Russian officers who participated in the conspiracy.
The lawsuit also names as defendants Julian Assange, the founder of WikiLeaks, as well as the WikiLeaks organization itself, for the dissemination of DNC documents.
Finally, the lawsuit charges several formal and informal members of the Trump campaign, including:
- Donald J. Trump for President, Inc., the formal campaign corporation;
- Donald J. Trump Jr., son of President Trump and considered a close political adviser to the campaign, who was in the June 2016 Trump Tower meeting;
- Paul J. Manafort, Trump’s campaign manager;
- Roger J. Stone, Jr., a long time confidant and informal Trump adviser, who was allegedly in contact with GRU agents; Jared C. Kushner,
- Trump son-in-law and senior adviser to the President who was in the June 2016 Trump Tower meeting;
- George Papadopoulos, the first Trump foreign policy adviser who met with Russian agents following the DNC hack; and
- Richard W. Gates, III, employee of and partner to Manafort in support for the Trump campaign as well as for the work Manafort conducted in Ukraine.
The Alleged Conspiracy
The plaintiffs argue that the longstanding relationships between the Trump family and Russia, dating back as early as the 1980s, provided “fertile ground for a conspiracy.” The complaint includes a detailed history of President Trump’s business negotiations with and regarding Russia. The complaint also highlights Manafort and Gates’ indirect ties to Russia through work they conducted for the Ukrainian government, which at the time was headed by Kremlin-allied President Viktor Yanukovych. Additionally, it notes Manafort’s ties to Konstantin Kilimnik, who has been reported to likely be a GRU agent.
The complaint highlights the 2011 protests in Russia against suspected vote rigging and election fraud in the parliamentary elections. Putin’s motives, plaintiffs contend, arise out of his belief that the protests were engineered by then-Secretary of State Hillary Clinton. Moreover, Trump’s pro-Russia discourse on the campaign road led Putin to believe a Trump presidency would “benefit Russia’s political and financial interests.”
To establish Assange’s motives, the complaint points to anti-Clinton statements made by the WikiLeaks founder.
First DNC Attack
The complaint begins by summarizing the background of the purported election tampering conspiracy, focusing first on is the initial cyberattack on domestic DNC servers. This attack began a few weeks after Trump announced his candidacy on June 16, 2015. The “tens of thousands of documents and emails” obtained were exfiltrated from servers in Virginia and Washington D.C. for the purposes of “destabilizing the U.S. political environment, denigrating the Democratic presidential nominee, and supporting the campaign of Donald J. Trump” for his comparatively favorable policies vis a vis the Kremlin.
The complaint criticizes the Trump campaign for failing to report their knowledge about the hack, which was delivered through “multiple emails, meetings, and other communications.” Instead, the complaint alleges, the campaign “gleefully welcom[ed] Russia’s help.” Thus, according to the complaint, began the conspiracy to disseminate the DNC documents to advance the “common goal of damaging the Democratic party in advance of the election.
Campaign Ties to Russia
As evidence to support this theory, the complaint cites various interactions between individuals intimately tied to the Trump and Russian operatives over the course of the presidential campaign. The complaint cites “suspicious communications” between the Trump campaign and Russian officials flagged by European intelligence agencies from late 2015 through the summer of 2016.
The complaint first points to communication Felix Sater, a Russian emigre and Trump business partner, to Michael Cohen, Trump’s personal attorney, detailing a real estate development deal in Moscow that would also serve to secure Putin’s support for their candidate. Sater sent the email in question in late 2015, on the heels of the initial DNC hack.
The complaint proceeds to highlight the additions to the campaign of two individuals with ties to the Kremlin: Manafort, a named defendant, and Lt. Gen. Michael T Flynn. Manafort specifically maintained ties to the Kremlin after joining the campaign, the complaint alleges, and offered to brief an unnamed “Putin-connected Russian” on its activities.
Second DNC Attack
In April 2016, a separate set of Russian agents hacked the DNC for a second time. A few days after the attack, the report writes, Papadopoulos—Trump’s foreign policy adviser and a named defendant—met with defendant Mifsud and a separate Kremlin-linked agent who indicated that Russians “have dirt” on Clinton. Papadopoulos did not notify law enforcement.
The complaint writes that in June, Russians proactively contacted Trump Jr. to offer the “dirt.” Trump Jr. responded enthusiastically (“I love it especially later in the summer”) and did not notify law enforcement. Following this communication, Trump Jr., Manafort, and Kushner met with a Kremlin-linked Russian lawyer in Trump Tower—and less than a week later, the DNC documents were disseminated to the public.
Campaign Assistance in Dissemination
The documents continued to be released throughout July 2016, through the Republican National Convention, the complaint writes; WikiLeaks began to publish the DNC documents in late July, on the eve of the Democratic National Convention. The complaint alleges that during the Republican National Convention, members of the Trump campaign—at the encouragement of GRU agents—successfully amended the party foreign policy platform to remove a call for the U.S. to help Ukraine defend against Russia.
The complaint suggests that the Trump campaign was involved in the dissemination of the hacked DNC material. It points to defendant Stone’s secret communications with GRU Operative #1, the original purveyor of DNC documents, and Stone’s bragging about ties to Assange. As evidence that these communications included discussion of the Russian hacks, the complaint describes Stone’s ability to predict in late August that John Podesta, chairman of the Clinton campaign, would soon have his “time in the barrel.” Podesta’s emails were later released to the public by WikiLeaks. The complaint also mentions defendant Gates having had secret interactions with GRU-related agents.
The complaint ties WikiLeaks to the dissemination scheme, describing Assange’s communications with Trump Jr.: he both Trump Jr. the password to an anti-Trump website and requested that he retweet a link to hacked emails hosted on WikiLeaks. During this time, President Trump’s campaign rhetoric praised the dissemination of DNC documents and Podesta emails and expressed support for WikiLeaks’ role (“I love WikiLeaks!”).
As the final basis of support for this theory of the 2016 election, the complaint details the “jubilation” in Russia at President Trump’s victory, and the fact that one member of parliament congratulated his peers on the outcome.
The “Cover up”
The complaint argues that the repeated efforts to deny communications with Russians or Russian officials serve as evidence of guilt. It includes several statements by defendants and other individuals related to the campaign denying involvement in any election-tampering scheme.
Similarly, the Russian government has denied playing a role either directly or indirectly in the 2016 election, including in the cyberattacks. WikiLeaks further contends that the documents it received were not provided by Russia.
In January 2017, the complaint writes, the U.S. intelligence community released a report that confirmed Putin had ordered an “influence campaign” in 2016 to undermine faith in the democratic process in general and the Clinton campaign specifically. It further concluded that Russian operatives gained control to DNC servers in June 2015 and maintained control until at least June 2016, releasing the obtained documents to WikiLeaks.
The DNC hired Crowdstrike, a forensic cybersecurity firm, who reported that the affected systems had been subjected to two independent Russian-sponsored attacks, code-named “Cozy Bear” and “Fancy Bear,” “both with a nexus to Russia’s intelligence services.” The complaint notes that the analysis also uncovered the fact that hackers had accessed the DNC’s Voice-over Internet Protocol (VOIP) transfers, which would have given the ability to monitor phone calls, voicemails, and possibly video calls.
The plaintiffs argue that the alleged conspiracy undermined the DNC’s ability “to communicate party values and vision to the American electorate” and “sowed discord … at a time when party unity was essential to electoral success.”
Financially, plaintiffs cite a “dramatic drop in donations” due to concerns about the privacy of donations and the cost, over a million dollars, for system repairs and improvements.
They also cite the harassment and death threats that ensued from the release of personal information about DNC employees, which negatively affected their wellbeing and job performance.
Jurisdiction and Venue
The plaintiffs argue federal question jurisdiction because the bulk of the causes of action arise under federal statutes, warranting supplemental jurisdiction for the state law claims. The complaint further claims subject matter jurisdiction over Russian operatives because Russia is a foreign state under 28 U.S.C. § 1603(a), and the GRU is an “agency or instrumentality” of the state under 28 U.S.C. § 1603(b). Plaintiffs argue venue in New York City due to the meetings that occurred in Trump towers and the fact that the Trump campaign was headquartered in the city.
According to the plaintiffs, Russia is not entitled to sovereign immunity under the theory that the allegedly tortious DNC hacks took place on domestic servers; furthermore, by stealing trade secrets and committing economic espionage, the country directly affected U.S. commerce. Read Ingrid Wuerth’s deeper analysis of Russia’s inability to rely on the foreign sovereign immunity.
Causes of Action
The plaintiffs accuse Russia, the GRU and GRU Operative #1 of accessing DNC computers without authorization and obtaining valuable information from those computers under § 1030(a)(2)(C), for knowingly causing the transmission of a program to hack the DNC servers under § 1030(a)(5)(A), intentionally hacking the DNC servers thereby causing damage and economic loss under § 1030(a)(5)(C), and intentionally hacking DNC servers in a way that recklessly causes damage under § 1030(a)(5)(B). A showing under § 1030(a)(5)(C) only requires that plaintiffs prove the hack caused the damage and loss, but a showing under § 1030(a)(5)(C) requires that plaintiffs meet the higher bar of showing the hack was reckless but they do not need to show loss, only damage. The statute defines damage as “any impairment to the availability of data, a program, a system, or information” but courts have read loss to require some showing of economic harm as a result of the hack, so plaintiffs generally bring both claims in the alternative. Plaintiffs also bring charges for trafficking passwords and similar information with an intent to defraud under 18 U.S.C. 1030(a)(6)(A).
To raise the charge to a felony under the statute, plaintiffs claim “well over $5,000” in loss over a one-year period due to the cost of investigation, responding to the breach, conducting damage assessments, repairing the system, harm to the DNC’s business operations, and the loss of the DNC’s trade secrets, which plaintiffs claim were included in the stolen documents.
This count proposes two RICO theories, in the alternative. First, plaintiffs claim the Trump campaign was a RICO enterprise formed in June 2015 with the purpose of interfering with the election. Given that the campaign expended millions of dollars over the course of the election, some of which was spent in furtherance of the enterprise’s activities, plaintiffs conclude an impact on interstate and foreign commerce. Second, plaintiffs claim the Trump campaign was part of an association-in-fact enterprise composed all the defendants including additional entities known and unknown. The association-in-fact enterprise was formed by at least in June 2016, the height of the DNC dissemination activities, and persisted through Election Day.
As predicate offenses for either theory, the plaintiffs suggest that the enterprise engaged in trade secret theft and economic espionage. In so arguing, the complaint assumes that the information contained in the DNC documents obtained through the two hacks qualifies as protected trade secrets and that each release of these documents through WikiLeaks and other avenues constitutes a separate act of economic espionage, because each release would benefit the the interests of a foreign actor—that is, the Russian government.
This count accuses all defendants for conspiracy to commit RICO under the same two theories of what constitutes the RICO enterprise. This would hold defendants accountable for their actions even if the court is unconvinced that the scheme successfully perpetrated trade secret theft or economic espionage, as long as plaintiffs can show that was the intended goal.
Count Four: Wiretap Act 18 U.S.C. §§ 2510-22
This count accuses GRU Operative #1, WikiLeaks, Assange, the Trump Campaign, and the Trump Associates of intercepting private channels of wire, oral, and electronic communications without authorization and prospectively monitoring communication. The complaint argues that the “irreparable harm” sustained by the DNC justifies an award of the greater of statutory or actual damages and that the “egregious nature” of the operation entitles defendants named in this count to punitive damages.
Court Five: Stored Communications Act (SCA) 18 U.S.C. §§ 2701-12
This count accuses Russia, the GRU, and GRU Operative #1 for accessing facilities that store past communications without authorization. Similar to the previous count, plaintiffs seek an award of the greater of the actual damages suffered or the statutory damages, as well as punitive damages and appropriate equitable relief.
This count holds Russia, the GRU, and GRU Operative #1 accountable for circumventing technological barriers in obtaining copyrighted material. To succeed in this claim, plaintiffs must carry the burden of demonstrating that the leaked material—for the purposes of this count, including strategy documents and opposition research—constitutes copyrightable material under federal intellectual property law.
This count contends that Russia, the GRU, GRU Operative #1, WikiLeaks, and Assange misappropriated trade secrets in violation of civil trade secret law.
This claim relies on a court finding that donor information, opposition research, strategic information about political event planning—all of which were hacked and leaked—are in fact trade secrets under the meaning of the law. Plaintiffs argue they are because this information is not commonly known, the DNC took measures to ensure its confidentiality. Furthermore, this information helps the DNC carry out its work, which involves interstate commerce. The complaint further contends that defendants named in this count knew or had reason to know that the trade secrets in question were acquired by inappropriate means when they chose to disclose them to the public.
This count is brought against all defendants and acts as the D.C. law corollary to the federal trade secret misappropriation claim. Under D.C. law, plaintiffs argue that the misappropriation of trade secrets was “willful and malicious,” which entitles them to “exemplary damages in an amount up to twice actual damages awarded.”
Count Nine: Washington D.C. Common Law: Trespass
This count is brought against Russia, the GRU, and GRU Operative #1 and acts as the D.C. law corollary to the CFAA violation, arguing that the two DNC hacks were trespasses on private property.
Count Ten: Virginia Common Law: Trespass to Chattels
This count is brought against Russia, the GRU, and GRU Operative #1 and acts as the Virginia law corollary to the CFAA violation, arguing that the two DNC hacks were trespasses on private property.
Count Eleven: Virginia Common Law: Conspiracy to Commit Trespass to Chattels
This count brought against all defendants for engaging in a scheme to denigrate the Clinton campaign, in part by orchestrating the DNC hack, which qualifies as a trespass. To support the claim of conspiracy, the complaint cites activities taken in furtherance of the common scheme such as coordinated meetings, encouraging the scheme, and releasing the information.
This count charges all defendants under Virginia state law for prohibiting computer crimes. The complaint holds accountable Russia, the GRU, and GRU Operative #1 for “malicious intent” in perpetrating the hack on the DNC computers, causing them damage, deleting information, copying information, and tracking activity from the network. It holds all defendants accountable for knowingly aiding, abetting, encouraging, inducing, instigating, contributing to, or assisting the aforementioned hack in violation of the state computer crime law.
Prayer for Relief
The complaint does not set forth estimates for damages, but states that it seeks relief to the extent available under law in the form of statutory damages, compensatory damages, punitive damages, attorneys fees, pre-and post-judgment interest and “any other relief as the Court may deem just and proper.”
It also seeks a declaration that the defendants conspired to and engaged in a scheme interfere with the 2016 election. Finally, it requests an injunction to bar defendants and any party working with defendants from accessing computer systems belonging to the plaintiffs, engaging in any activity that compromises those systems, using the information obtained from those systems without their authorization, and removing more information from those systems. This injunction is presumably in response to the concern that Fancy Bear still maintains access over the tool used to infiltrate the DNC’s systems, and that there may be DNC documents from the original two hacks that have not yet been released but could be harmful.
The lawsuit has been met with a great deal of controversy, specifically raising concerns about opening the door for members of the Trump administration to probe the DNC through discovery. We are likely to soon see motions by the defendants to dismiss the suit.