John Durham’s Salad Shooter - The American Spectator | USA News and Politics
John Durham’s Salad Shooter
Salad spinner art (Ann Arbor District Library/YouTube screenshot)

This is the sixth in a series of articles analyzing the federal grand jury indictment charging lawyer Michael Sussmann with making a materially false statement to the FBI’s General Counsel. The indictment spelled out Sussmann’s involvement in a thus-far uncharged conspiracy to create a false narrative that was calculated to demonstrate a secret channel of internet communications between the Trump Organization and the Russian Alfa-Bank.

Recently Sussmann’s lawyers moved for a bill of particulars alleging that the indictment lacks sufficient detail and clarity for their  client  to prepare his defense.

Special Counsel John Durham’s brief in opposition pointed out that the 27-page indictment amply satisfies the legal requirement that it need only include a plain, concise, and definitive written statement of the essential facts constituting the offense charged. Moreover, Durham’s opposing brief also points out that the prosecution has already provided the defense with ample clarification by way of expansive and massive discovery.

According to Durham, on October 7, the government “made its first production of discovery to the defense” which “included more than 6,000 documents, comprising approximately 81,000 pages.” The documents were “received in response to grand jury subpoenas issued to fifteen separate individuals, entities, and organizations — including among others, political organizations, a university, university researchers, an investigative firm, and numerous companies.”

The prosecution is also “working expeditiously to declassify large volumes of materials” which it expects to provide to the defense “[w]ithin approximately two weeks” which will include, “among other things,” the following:

  • More than 30 declassified reports of interviews conducted in the course of Durham’s investigation;
  • Emails and other documents shown to witnesses during the interviews;
  • Investigators’ notes taken during the interviews;
  • Transcripts of grand jury testimony for multiple witnesses;
  • The majority of the FBI’s electronic “case file” pertaining to its investigation of the now discredited Trump-Alfa Bank allegations which Sussmann is accused of presenting to the FBI’s General Counsel;
  • Emails, memoranda, reports, and other records obtained from “Agency-2” (identified elsewhere as the CIA), including “write-ups” of Sussmann’s meetings with CIA personnel in which Sussmann is accused of providing the false Trump-Alfa Bank allegations.

Moreover, Durham’s brief in opposition avers that “the government is substantially exceeding” its discovery obligations and is “engaged in ongoing conversations with the defense regarding outstanding discovery, further defense requests, and declassification issues. After producing the above-described materials, the government expects to produce additional materials in subsequent productions, which will include additional interview memoranda, emails and other records. The government will continue to meet and confer regularly with the defense on discovery matters.”

So, what does all this mean? Here are some key takeaways.

First, where, as here, you see a prosecutor bury the defense in discovery, that is a sign that he has great confidence in his case and nothing to hide. In the old Justice Department, we compared this type of eager and unbridled document production to happily using a salad shooter to spray the defense head-to-toe with incriminating evidence. As in “read it and weep.”

Second, the breadth and depth of the discovery as well as the obviously extensive and intensive efforts of the investigators to gather it indicate that there is far more to this matter than just the presently charged single count of making a false statement. Accordingly, we should expect an indictment or indictments commensurate with the scope of the present and promised discovery.

What will those charges entail? Based on what we know so far, they will most likely aver, among other crimes, a conspiracy to defraud the United States.

Federal law defines a conspiracy as a combination of persons to accomplish by concerted action a criminal purpose or to accomplish a lawful objective by unlawful means. Conspiracy to defraud the United States means primarily to cheat the government out of money or property, but it also includes interference with or obstruction of one of its lawful governmental functions by deceit, trickery, or dishonest means.

An indictment charging a conspiracy must allege the agreement, the unlawful object of the conspiracy (e.g., to defraud the United States), and at least one overt act in furtherance of the conspiracy. An overt act need not itself be a crime. It may be an act such as having a conversation or sending an email. Whether or not the overt act is in furtherance of the conspiracy will be for a jury to decide. But proving only one overt act will be sufficient for conviction.

The statute of limitations runs from the last overt act which is alleged and proven. And prosecution for conspiracy may be had in any federal district where the agreement was made or an overt act was committed. Where use of the mails, emails, interstate, or foreign commerce is involved, prosecution may be instituted in any federal district from, through or into which the matter involved (such as an email) moved.

Now let’s apply the above-law to the Sussmann indictment which avers how Sussmann and others knowingly and illegally concocted a fake narrative of a secret internet communications channel between the Trump Organization and the Russian Alfa Bank which was presented to the FBI and the CIA.

While Sussmann and the Clinton Campaign are identified in the indictment by name, the other participants are identified only by titles such as “Tech Executive-1,” “Campaign Lawyer-1,”  “Internet Company -1,” etc.

However, over the past month, various sources have named many of the persons and entities designated in the indictment. For example,  “Russian Bank-1” has been identified as the Alfa Bank which has ties to the Kremlin, “Law Firm-1” as the Perkins Coie firm that represented the Clinton Campaign, “U.S. Investigative Firm” as Fusion GPS, and “Campaign Lawyer-1” as Marc Elias, who was the Perkins Coie partner who represented the Clinton Campaign, and “Tech Executive-1” as Rodney L. Joffe who was the chief cybersecurity officer at Neustar, Inc., a longtime client of Sussmann’s law firm, Perkins Coie.

Sources have also identified the “university” in the indictment as Georgia Tech and the “university researchers” as Georgia Tech researchers who were receiving and analyzing internet data in connection with a government cybersecurity research contract.

For purposes of clarity, wherever possible, these and other persons and entities so identified will be referred to by name instead of by the titles used in the indictment.

As stated in the indictment, Sussmann, a partner at Perkins Coie, worked in concert with others to concoct a false but “plausible” narrative that the “Trump Organization, owned by Donald J. Trump” was using a “secret channel of communications” to interact with “a particular Russian bank” i.e., the Alfa Bank.

Sussmann is accused of making a false statement to FBI General Counsel James Baker in a September 19, 2016, meeting at FBI headquarters in Washington. At that meeting, Sussmann is alleged to have presented a so-called “white paper,” “documents,” and “data,” which purported to show secret internet communications between the Trump Organization and Alfa Bank as well as a “white paper” by Fusion GPS alleging Alfa Bank’s ties to the Kremlin. In doing so, Sussmann is alleged to have lied to Baker when he said that he was not providing the material on behalf of a client when, in fact, he was doing so as part of his firm’s representation of the Clinton campaign.

As the indictment makes clear, the purpose of the meeting was to induce the FBI to launch an investigation of Trump’s possible ties to Russia. While the conspirators expressed doubts that their false narrative would survive serious scrutiny, they believed that it would be “plausible” enough to get the FBI to open an investigation of Trump. Once that happened, word of the investigation would be (and, in fact, was) disseminated to the news media in time to produce an electoral backlash against Trump.

Sussmann’s lie to the FBI is subject to a five-year statute of limitations. Accordingly, he had to be charged before September 19, 2021. Moreover, since the alleged crime took place at FBI headquarters, the charge had to be brought in the District of Columbia, a less-than congenial venue for prosecuting prominent Democrats.

Nevertheless, the indictment also sets forth in detail how Sussmann met with employees of the CIA “at a location outside the District of Columbia.” This meeting took place on or about February 9, 2017, at which time “Sussmann provided to the CIA “(i) several white papers, and (ii) multiple data files containing purported DNS data, ranging from 2016 through early 2017.”

This meeting was one more overt act in furtherance of the conspiracy to impair, obstruct, and defeat the lawful functions of the United States government by dishonest means. Consequently, the five-year statute of limitations for charging Sussmann and the others for conspiracy will not run until February 9, 2022, at the earliest. Moreover, the conspiracy charge can and likely will be filed outside the District of Columbia in a court more likely to accord fair treatment to the prosecution.

So, let’s take a look at the cast of characters and their roles in fabricating the materials Sussmann allegedly provided to the FBI, the CIA, and the media.

First is Sussmann who, according to the indictment, represented the Democratic National Committee in connection with the claimed hacking of its email servers by Russians. In that capacity, he met and regularly communicated with the FBI, the Justice Department, and other government agencies. Sussmann also advised the Clinton campaign on cybersecurity issues. His law partner, Marc Elias, represented the Clinton campaign generally.

According to the indictment, one of Sussmann’s clients, Rodney L. Joffe, was an executive of Neustar, Inc., a cybersecurity firm. According to outside sources, Joffe was also a cybersecurity adviser to the Obama White House. By virtue of his position at Neustar and other internet companies, he had access to “large amounts of internet and cybersecurity data” including so-called Domain Name System (“DNS”) data.

According to the indictment, Joffe claimed to have been offered a position in the government in the event Hillary Clinton won the Presidency and stated in a  post-election email, “I was tentatively offered the top [cybersecurity] job by the Democrats when it looked like they’d win. I definitely would not take the job under Trump.”

The indictment alleges that, in late July 2016, “Originator-1” [identified elsewhere as April Lorenzen, a resident of Rhode Island who helped found two tech firms that have government cybersecurity contracts] was a business associate of Joffe and “had assembled purported DNS data reflecting apparent DNS lookups” between the Alfa Bank and an email domain, “”

But, according to the indictment, the significance of these data was doubtful since “” was not a Trump Organization server. Instead, it was an outside domain operated by a customer relationship management company used by the Trump Organization to send out marketing emails. As for the “DNS lookups,” they were generated by the Alfa Bank server trying to validate the sender of the emails. This sort of “look up” is commonly used by computer servers to sort out junk emails.

The indictment states that Joffe tasked Lorenzen and two Georgia Tech researchers to “search broadly through Internet data for any information about Trump’s potential ties to Russia.” His announced goal was to support an “inference” and “narrative” regarding Trump that would please certain “VIPs.”

But, despite their best efforts, they were unable to find any communications between Trump, his campaign, companies, or associates and Russian interests.

All they had was the virtually meaningless DNS data collected by Lorenzen which Joffe had already provided to Sussmann.

According to the indictment, “[o]n or about August 20, 2016,” Lorenzen emailed Joffe and the Georgia Tech researchers stating in regard to the DNS data that “even if we found what Joffe asks us to find, we don’t see the money flow, and we don’t see the content of some message saying ‘send the money here.’”

She then explained that it would be possible to “fill out a sales form on two web sites, faking the other company’s email address in each form,” and thereby cause them “to appear to communicate with each other in DNS.” Lorenzen then concluded that, if Joffe “can take the *inference* [sic] we gain through this team exercise … then work to develop even an inference may be worthwhile…”

Joffe replied by email that the “task” he had given the group was “indeed broad” and then stated:

“Being able to provide evidence of *anything* [sic] that shows an attempt to behave badly in relation to this, the VIPs would be happy. They’re looking for a true story that could be used as a basis for closer examination.”

Regarding the Alfa Bank allegations that he had provided to Sussmann, Joffe’s email stated: “[T]he prior hypothesis was all that they needed: [a] mailserver dedicated or related to [T]rump … and with traffic almost exclusively with” the Alfa Bank “was sufficient to do the job.” He continued, “Trump has claimed he and his compan[ies] have had NO dealings with .ru  [Russia] other than the failed Casino, and the Miss Universe pageant. He claims absolutely NO interaction with any financial institutions. So any potential like that would be jackpot.” (Emphasis added.)

The next day, Joffe emailed Lorenzen and the Georgia Tech researchers urging them to “push forward” with additional research concerning Trump, which he stated would “give the base a very useful narrative.” He then expressed his belief that the “” domain was not a secret communications channel with the Alfa Bank, but a “red herring” noting that the host for the Trump domain “is a legitimate valid [customer relationship management] company.” He concluded that “we can ignore it, together with others that seem to be part of the marketing world.”

On August 22, 2016, one of the Georgia Tech researchers emailed the group expressing doubt about the Trump-Alfa Bank narrative that Sussmann was preparing to convey to the FBI and raised concerns about the group’s bias against Trump. Regarding the DNS data, he asked, “How do we plan to defend against the criticism that this is not spoofed traffic we are observing? There is no answer to that.” (Emphasis added.)

Addressing Joffe, he wrote, “you do realize that we will have to expose every trick we have in our bag to even make a very weak association?”

“The only thing that drive[s] us at this point is that we just do not like [Trump]. This will not fly in the eyes of public scrutiny. Folks, I am afraid we have tunnel vision. Time to regroup?”

Despite these expressed reservations and objections, Sussmann, Joffe, Lorenzen, and the Georgia Tech researchers began to draft, review, and revise a “white paper” summarizing the Alfa Bank allegations that Sussmann later provided to the FBI, the media, and the CIA.

Five days before Sussmann met with the FBI, Joffe sent Sussmann’s draft of the proposed “white paper” to Lorenzen and the Georgia Tech researchers, and asked their views as to whether the paper’s allegations would be “plausible” to “security experts,” even if the allegations were not demonstrably true.

“Please read as if you had no prior knowledge or involvement, and you were handed this document as a security expert (NOT a dns expert) and were asked: ‘Is this plausible as an explanation?’ NOT to be able to say that this is, without doubt, fact, but to merely be plausible.”

One of the Georgia Tech researchers emailed that the white paper achieved Joffe’s objective by “smartly” avoiding discussions of weaknesses or “holes” in the paper’s hypothesis.

“A DNS expert would poke several holes to [sic] this hypothesis (primarily around visibility, about which very smartly you do not talk about). That being said, I do not think even the top security (non-DNS) researchers can refute your statements. Nice!”

In a September 15, 2016 email, Lorenzen stated that the white paper’s conclusion was “plausible” in the “narrow scope” defined by Joffe.

The same day, one of the Georgia tech researchers  emailed that, although questions remained, the white paper should be shared with the government.

The next day, in discussing the narrative Sussmann was to convey to the FBI, Lorenzen emailed that Joffe “has carefully crafted a message that could work to accomplish the goals.”

What was their purpose? The conspirators recognized that their Trump Organization–Alfa Bank narrative didn’t hold water and couldn’t withstand analysis by DNS data experts. But they believed it would be plausible enough to trick the FBI into investigating. That was the whole point. Once the FBI started an inquiry, the fact that Trump was being investigated by the government for possible ties to Russia would be leaked to the news media.

And it was this concocted narrative with the supporting “white papers” and other documentation that Sussmann foisted on the FBI and the CIA.

In short, the conspirators’ alleged campaign dirty trick became a criminal matter once it was used to trick and deceive the government into wasting its time, energy and resources investigating the hoax. Think of it in terms of making a false report of a crime to the local police.

And, given the locations where the various conspirators allegedly committed overt acts, Durham has his choice of venues in which charges can be brought. The CIA headquarters are located in the Eastern District of Virginia. Georgia Tech is in the Northern District of Georgia. The email traffic passed through facilities all over the United States. In short, the conspiracy charges can be brought in any number of locations which will be far more receptive to the prosecution’s case than the District of Columbia where persons affiliated with the Democrat party are a seemingly protected species.

There’s much more to discuss, but it’s way past time to end this article. So that’s it for now.

Stay tuned.

George Parry is a former federal and state prosecutor. He blogs at and can be reached by email at

George Parry
Follow Their Stories:
View More
George Parry is a former federal and state prosecutor who practices law in Philadelphia and blogs at
Sign up to receive our latest updates! Register

By submitting this form, you are consenting to receive marketing emails from: The American Spectator, 122 S Royal Street, Alexandria, VA, 22314, You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Be a Free Market Loving Patriot. Subscribe Today!