Less than two weeks ago, Sen. Chuck Grassley, R-Iowa, first revealed agents had marked Crossfire Hurricane documents with a “Prohibited Access” coding in the FBI’s Sentinel case management database and that that designation rendered the material invisible to other agents — including those investigating the individuals responsible for pushing the Russia collusion hoax.

In response to those recent revelations, The Federalist spoke with several high-level officials familiar with the various political investigations undertaken during Trump 1.0, including individuals familiar with the investigation into the origins of Crossfire Hurricane. These sources all maintain that they were unaware of the “Prohibited Access” functionality of the FBI’s Sentinel case management database.

Not only had these high-level DOJ appointees never heard of the “Prohibited Access” designation, they also did not know a coding in Sentinel existed that could render the evidence invisible during keyword searches for relevant documents. Further, no one from FBI Headquarters mentioned that functionality during conversations about obtaining access to relevant information related to Crossfire Hurricane and other political investigations, sources told The Federalist.

In contrast, the FBI Washington Field Office agents investigating whether Nellie Ohr had lied to Congress about her research related to Trump’s connections with Russia knew about the “Prohibited Access” functionality. Those agents also knew that Special Counsel Robert Mueller’s team had used that classification to shield the documents from discovery on Sentinel and had maintained the “Prohibited Access” classification even after the special counsel probe ended.

That the FBI agents in the Washington Field Office who were investigating Nellie Ohr knew about the “Prohibited Access” functionality of Sentinel and that Special Counsel Mueller had kept relevant Crossfire Hurricane information hidden behind that classification, while those same details were apparently unknown to several high-level DOJ appointees familiar with the Russia collusion hoax investigation, raises serious questions concerning internal control and oversight of the Sentinel case management system. And now further investigation suggests there were none.

Apparently, the last time the inspector general’s office audited the Sentinel case management system was more than a decade ago. That September 2014 report, entitled “Audit of the Status of the Federal Bureau of Investigation’s Sentinel Program,” followed the FBI’s implementation of the Sentinel case management system in July 2012, and represented the IG’s “tenth report on Sentinel.”

Neither the September 2014 audit nor the nine earlier IG reports suggested Sentinel included a “Prohibited Access”-type functionality that would render some materials uploaded to the new case management system invisible during key word searches for relevant information. Rather, the reports spoke broadly of the new case management system including both “search functionality” and “access controls,” with no indication that Sentinel’s “access controls” would prevent users from obtaining accurate results in searching for relevant documents.

While the IG reports auditing the FBI’s transition to Sentinel make no mention of the case management system allowing records to be coded “Prohibited Access” and thereby invisible to all but a few specific agents, a former FBI Special Agent in Charge maintains that the predecessor to Sentinel included a similar designation — something agents purportedly called “silent hits.” That now-retired FBI agent, who writes under the pseudonym F.X. Regan, explains that “[t]he major feature here is that a false negative is created when there is a search that ‘hits’ on one of those files.” Regan added that “[w]hoever is searching is told there is no file or reference to their query.” So, “[t]hat feature is not new.”

Regan further explained why a “Silent Hit” or “Prohibited Access” feature makes sense, namely, to prevent dishonest individuals within the Bureau from checking “indices for hits related to subjects of intelligence or terrorism cases for money or other reasons. Ditto for employees inclined to leak information to the media.” Or, as Regan put it, “[n]ot everyone with an FBI credential or clearance should have access to everything, or even knowledge of everything being done by others. Hence the ‘Silent Hit’ function.”

But, as Regan noted, there was a check in the old “automated case file system,” also known as ACS. Under the predecessor to Sentinel, if someone ran a search for one of the invisible “Silent Hit” files, “a notice is sent somewhere (the head of the office, a security officer, the Security Division, or wherever was set up to receive the message when the “Silent Hit” was created,) advising something like, ‘Hey, Joe Blow in New York just ran Joe Bagodonuts through indices.’”

Here, then, we come to the first of many issues with Sentinel’s adoption of the “Prohibited Access” functionality: According to the IG’s Interim Report on Sentinel dated September 7, 2012, Senior FBI Leadership deleted five requirements from the Sentinel system “related to the capability of Special Agents to monitor who views the documents within their cases . . . ” Significantly, the IG Report added:

“We requested from the FBI information on whether Sentinel has the functionality that allows Special Agents to have knowledge of all persons who access case documents, but the FBI has not provided us a response to this inquiry.  Without this functionality Sentinel does not have a basic control to detect and mitigate the insider threat from persons who access files without a need to know.”

So, at the time Sentinel launched on July 1, 2012, senior leadership had deleted five system requirements related to the monitoring of who views case documents and failed to answer the IG’s inquiry concerning whether Sentinel had the functionality to determine which individuals accessed case documents. Presumably, then, if the “Prohibited Access” functionality existed at that time, the IG was also left in the dark concerning whether Sentinel provided a mechanism to trigger alerts that someone had searched for specific keywords and been inaccurately informed that none exist.

As the September 2012 IG report highlighted, without functionality to allow FBI agents to know who has accessed case documents, “Sentinel does not have a basic control to detect and mitigate the insider threat from persons who access files without a need to know.” That, however, represents only half the risk: If Sentinel does not trigger an alert to the creator of a “Prohibited Access” file, there is no way to ensure that individuals who have a need to know are briefed on the contents of the invisible files, whether that be other agents investigating crimes or national security threats, agents compiling exculpatory or impeachment evidence for U.S. attorneys, or DOJ lawyers working with the FBI to provide responsive documents to congressional oversight committees or in response to FOIA requests.

Yet when IG Horowitz conducted his next audit of Sentinel, two years after the FBI launched the new case management system, there is no mention of whether keyword searches triggered alerts to the case agents. That report from September of 2014 did, however, note that Sentinel received several upgrades, including one that “created default access control restrictions for some case classifications,” showing the FBI continued to revise the access controls after launch, and during the time James Comey led the Bureau.

The IG audits of Sentinel also suggest a second major problem with the FBI’s adoption of the new case management system: the Bureau’s failure to provide all stakeholders with a sufficient understanding of Sentinel’s functionality. The IG highlighted this concern in its December 2011 audit of Sentinel, writing:

“According to the Independent Verification and Validation (IV&V) Team, which is made up of contractor staff, the FBI has prevented it from performing timely reviews of documentation of the FBI’s development of the Sentinel system. This restricted access to documentation has inhibited the IV&V Team’s ability to provide to the FBI early reviews and assessments of the maturity of Sentinel’s design, and the way in which important elements of the system, such as search functionality and access controls, will work together to provide users with the capabilities that they require.” (emphasis added).

After noting the FBI’s failure to provide the IV&V Team access to the critical documentation and information repositories needed for it to “properly assess Sentinel’s design, structure, functionality, and development status,” the IG explained that Sentinel is also “subject to several requirements that are imposed by entities internal and external to the FBI.” 

Here, the IG noted that “[A]ccess controls are an essential part of records management, and controlling and safeguarding FBI records, while also making them accessible for use . . . .” Accordingly, “the system must also meet Federal Information Security Management Act of 2002, National Institute of Standards and Technology, and Department of Justice requirements,” the IG report stressed.

However, none of the IG’s audits of Sentinel discussed whether the system met “Department of Justice requirements.” Nor is it clear whether the FBI ever provided full access to the documentation and information regarding Sentinel’s functionality to the IV&V team. 

Given that high level DOJ appointees had never heard of the “Prohibited Access” designation and did not know that Sentinel included a functionality that rendered documents invisible, one must wonder whether the FBI ensured that Sentinel satisfied all DOJ requirements — or whether the IG ever asked that question.

And it should have been clear to both the FBI Director and to the IG that any Sentinel functionality that rendered documents invisible during searches for relevant documents needed to be carefully considered and required extensive controls given the problems encountered in searching for relevant documents in the predecessor system, ACS. 

Problems with the ACS became clear after the FBI failed to provide relevant documents to a task force investigating illegal campaign contributions from representatives from the People’s Republic of China to the Democratic National Committee in the closing months of the 1996 presidential campaign that pitted Bill Clinton against Republican Bob Dole. The omission became clear during congressional oversight hearings, leading then-Sen. Fred Thompson, R-Tenn., to demand answers from the FBI as to why it had withheld the relevant documents. 

Those omissions prompted an IG investigation into the matter. The IG concluded in its report “the way information was entered or searched” in ACS and other databases, “and the way that search resulted were handled within the FBI, resulted in incomplete data being provided to the Task Force,” and consequently Congress.

Given the FBI’s failure to provide highly relevant documents to congressional oversight committees because of problems with the ACS, it is outrageous that the FBI, in transitioning to Sentinel, would adopt a “Prohibited Access” coding to render relevant documents invisible, without ensuring proper controls existed to allow those with a “need to know” the ability to locate the relevant documents. But it is even more outrageous that the IG has not audited Sentinel for more than a decade and has apparently never audited agents’ use of the “Prohibited Access” coding. 

Equally appalling is the fact that in its report on FISA abuse related to Carter Page, the Office of Inspector General misleadingly noted that “the Crossfire Hurricane case file was designated as ‘prohibited’ meaning that access to the file was restricted and viewable to only those individuals assigned to work on the investigation.”

No wonder then that high-level DOJ political appointees familiar with the investigation into the origins of Crossfire Hurricane were unaware of the “Prohibited Access” functionality, which differs from the “restricted access” classification — but which IG Horowitz seemingly conflated. And it wasn’t until Trump was out of office that IG Horowitz would plainly state the difference between “restricted access” and “prohibited access,” and then he did so only in a footnote and in an unrelated report concerning the FBI’s adjudication process for misconduct investigations.

One must wonder if the IG was purposefully obfuscating the meaning of “prohibited access” from those investigating the Russia-collusion hoax. If not, he still holds responsibility for allowing the FBI to operate Sentinel without even the most basic of checks on internal controls.