White House Aide’s Plan to Stop Leaks: Spy on His Co-Workers

Ezra Cohen-Watnick ran intelligence for the National Security Council. There, he decided collecting his colleagues’ phone and email data was a good idea.


Photo Illustration by Lyne Lucien/The Daily Beast

A former National Security Council official now slated to work for Attorney General Jeff Sessions explored ways to surreptitiously monitor the communications of White House staff for leaks or perceived political disloyalty to Donald Trump, according to three former Trump NSC officials familiar with the effort.

Ezra Cohen-Watnick, whom former national security adviser Michael Flynn brought onto the NSC as senior director for intelligence, sought technical solutions in early 2017 for collecting and analyzing phone and other data on White House colleagues for interactions with reporters. He portrayed his desired leak hunt as an “insider threat” detection effort, according to the ex-officials. Those who heard of it presumed it would focus on NSC staffers held over from the Obama administration.

It is unknown whether Cohen-Watnick’s efforts actually resulted in any monitoring program. The former officials noted the overwhelming technical and legal hurdles to doing so. One called it “wholly inappropriate” for Cohen-Watnick, a former Defense Intelligence Agency analyst, to do anything of the sort, considering it a blatant attempt at intimidating his colleagues. Another, who agreed the proposed effort was inappropriate, likened it to a “Keystone Cop thing.”

“This seemed designed to intimidate rather than protect national security,” said a different ex-NSC official familiar with the proposal.

This seemed designed to intimidate rather than protect national security.
former NSC official

Some staffers considered Cohen-Watnick’s insider-threat focus ironic, considering that Cohen-Watnick himself reportedly played a role in a Trump White House effort to leak intelligence reports to Devin Nunes, the House intelligence committee chairman. Nunes then subsequently used the reports in a failed attempt to reinforce Trump’s baseless accusation that Barack Obama had placed his camp under surveillance. Cohen-Watnick’s attorney, Mark Zaid, has denied Cohen-Watnick’s involvement in the March 2017 “unmasking” Nunes episode.

In a statement to The Daily Beast, Zaid said that Cohen-Watnick was involved in discussions about implementing a Barack Obama-era insider threat program, but denied that it either came to fruition or that discussions of it sprawled beyond protecting classified information.

“Ezra worked along with numerous others within the NSC and IC [intelligence community] to facilitate implementation of the Obama Executive Order on insider threats that was issued in the wake of Edward Snowden’s illegal theft and disclosures,” said Zaid, who also represents The Daily Beast, and this reporter specifically, in Freedom-of-Information-Act litigation.

“At no time was Ezra undertaking any activities to use the program, which remained under development when he left the NSC, to in any manner unintended by the Obama administration. Any unfavorable insinuations to the contrary are coming from cowardly anonymous individuals who have a personal ax to grind.”

Cohen-Watnick is now re-emerging from a post-White House stint at the software behemoth Oracle to take a senior advisory role to Sessions, ostensibly about counterintelligence and counterterrorism. After this piece was initially published, Justice Department spokeswoman Sarah Isgur Flores told the Daily Beast that Cohen-Watnick isn’t a current department employee, something Zaid attributed to “routine employment processing.” Flores would not clarify if Cohen-Watnick would soon be a department employee or if he has not, as reported, been hired.

All this is happening right as the White House is once again obsessed with leaks and angry at the Justice Department for the Russia probe. Yet practically every major administration figureincluding Trump himself, is being accused of leaking.

That’s caused Cohen-Watnick’s former colleagues, who spoke on condition of anonymity, to recall the insider-threat episode out of suspicion that his new role is to be a political commissar, ensuring Sessions toes the party line desired by a president who distrusts his attorney general. Unlike previous national-security aides to attorneys general, Cohen-Watnick is not a lawyer, and the Justice Department, for more than a decade, has a formal national-security division working on such issues.

“I used to refer to him as the one most likely to end up like Ollie North,” said a former Trump NSC official, referring to the Marine officer and Reagan administration official central to the Iran-Contra scandal who turned a policy laboratory in the White House into an unauthorized operational agency.

Get The Beast In Your Inbox!

Daily Digest

Start and finish your day with the top stories from The Daily Beast.

Cheat Sheet

A speedy, smart summary of all the news you need to know (and nothing you don't).

By clicking “Subscribe,” you agree to have read the Terms of Use and Privacy Policy
Thank You!
You are now subscribed to the Daily Digest and Cheat Sheet. We will not share your email with anyone for any reason.

The Daily Beast’s sources consider Cohen-Watnick’s communications-interception scheme to be an outgrowth of his focus on loyalty to Trump and desire to pressure career staff sent to the NSC from outside government agencies before Trump’s election. Such staffers were considered with the derisive term “Obama loyalists,” even though most were civil servants, not political appointees.

Cohen-Watnick, in his early thirties, was a DIA analyst who caught the eye of the agency’s then-director: Mike Flynn, the three-star Army general who went on to become Trump’s premiere military surrogate on the campaign and then first national security adviser. Flynn took Cohen-Watnick as a senior staffer on the powerful council, where Cohen-Watnick held the senior directorship for intelligence, making him a supremely influential liaison between the intelligence agencies and the White House. There, he was known as a premiere “Flynnstone,” as Flynn’s adherents were derisively called. The term typically referred to the blend of paranoia, ignorance, and blustering contempt for disagreement that Flynn personified, as well as an apparent appetite for war with Iran.

Flynn imploded less than a month into the administration—and later pleaded guilty to lying to the FBI—but Cohen-Watnick remained at the NSC. He survived until August, despite Flynn’s successor, Lt. General H.R. McMaster, attempting to fire him. Attorney Zaid has also denied that Cohen-Watnick got fired ahead of decamping for Oracle.

At the outset of the administration, one ex-NSC official recalled, “they were up in arms over leaks,” even though the former official suspected many of those leaks came from the Trump faithful themselves.

The officials said Cohen-Watnick used to hold what one ex-official described as ‘loud secret meetings,’ in earshot of passers-by, about finding leakers.

Even the terminology Cohen-Watnick and his allies employed, these officials said, spoke to the hysteria around leaks. “Insider-threat detection” most often refers to officials who leak classified information—like Cohen-Watnick is alleged to have done with Nunes. The Pentagon got spun up about setting up programs like that after Chelsea Manning’s mass disclosures of classified information on the Iraq and Afghanistan wars. The hunt to detect so-called insider threats grew even more intense after Edward Snowden’s appearance on the scene.

But none of the ex-officials saw Cohen-Watnick distinguishing between classified information leaking and stories appearing in the press that made the Trump team look bad, dumb, or deceitful. One recalled Cohen-Watnick expressing particular concern around the time that Trump’s disastrous January 2017 phone call with Mexican President Enrique Peña Nieto leaked the following month. Another recalled becoming aware of it after an unclassified draft executive order authorizing new CIA black-site detentions leaked to The New York Times.

The officials said Cohen-Watnick used to hold what one ex-official described as “loud secret meetings,” in earshot of passers-by, about finding leakers. A recent New Yorker story on the NSC under the now-ousted McMaster referred to “rumors” spreading inside the White House that “administration officials had established an ‘insider threat’ program at the NSC, and were trying to root out disloyal staffers.”

While there was a sense of paranoia early on in the Trump administration from the constant infighting and hostility to non-loyalists in the bureaucracy, few who talked for this story considered Cohen-Watnick’s idea more than fanciful. The technical and legal challenges were—and are—substantial.

While privacy expectations over work-phone call logs or emails sent from government accounts or transiting government networks are limited—and ex-NSC officials recalled having to consent to some monitoring of those work devices and accounts upon employment—privacy laws and whistleblower protections apply to government employees who aren’t discussing classified information with journalists, particularly over their personal devices and accounts.

The National Security Council is not an operational agency, let alone a law-enforcement agency—one of the central aspects of the Iran-Contra scandal. It isn’t one of the entities authorized to order or perform communications intercepts under the Wiretap Act. As well, laws like the Electronic Communications Privacy Act have “color of law” provisions preventing communications providers from turning over subscriber information to unauthorized entities.

“Like with ‘unmasking’ and the Nunes memo, this sounds like some of the [Trump administration’s] haphazard schemes that aren’t well thought through and aren’t going to result in anything meaningful,” said Jake Laperruque, a senior counsel on surveillance issues at the Project on Government Oversight. “For a government agency, the notion of clamping down on any public insight for non-classified information, where there is no breach of the law, is somewhat disturbing.”

I used to refer to [Cohen-Watnick] as the one most likely to end up like Ollie North.
former NSC official

From a technical perspective, the project would likely require outside vendors, so as to avoid tasking the FBI or intelligence agencies with effectively spying on the NSC, and would rapidly create a problem on where to securely store NSC staffer communications data, which would include highly sensitive and inevitably classified material. It would also have represented a substantial management challenge at a time when the NSC was filled with top-level turmoil. Former NSC officials found themselves at a loss to figure out how Cohen-Watnick expected his desired monitoring to actually work.

Accordingly, none of the sources who discussed this episode with The Daily Beast were confident that Cohen-Watnick would ever have succeeded in launching an insider-threat program. They considered it instead a misguided effort at intimidation. The Daily Beast has no evidence to indicate any of this actually happened, something Zaid’s statement on behalf of Cohen-Watnick bolsters.

“It’s hard to believe this had any chance of coming to fruition, in terms of authorities and actually obtaining and storing data,” said a former Trump NSC staffer. “This seemed more of a knee-jerk retaliation driven by frustration than any serious effort to address a real threat.”

Julian Sanchez, a surveillance expert at the Cato Institute, speculated that the most viable path to Cohen-Watnick achieving his initiative would be to “order every employee to ‘consent’ to the disclosure of their records by their telecom carrier.” Even then, however, it would be a legally dubious proposition, since it would effectively force NSC staffers to open their non-work phone and email accounts to the government as a condition of employment.

Updated 5/14/18 at 12:30 pm to add comment by Justice Department spokeswoman Sarah Isgur Flores.