Examining a Leaked Criminal Warrant for Apple iCloud Data in a High Profile Case – Part One

Inadvertently Disclosed Warrant Application Against Apple in a Criminal Investigation Against Retired Marine General Reveals Latest DOJ Search Procedures, the Dangers of Pacer and Too Much Court Record Transparency, and Much More- Part One

According to a June 7, 2022, New York Times report:

John R. Allen

Federal prosecutors have obtained records indicating that John R. Allen, the retired four-star Marine general who commanded all American troops in Afghanistan and now heads a venerable Washington think tank, secretly lobbied for the government of Qatar, lied to investigators about his role and tried to withhold evidence sought by a federal subpoena, according to court documents.

The court records are the latest evidence of a broad investigation by the Justice Department and F.B.I. into the influence that wealthy Arab nations like Qatar, the United Arab Emirates and Saudi Arabia wield in Washington.

The records about General Allen were filed in April in Federal District Court in Central California in an application for a warrant to search General Allen’s electronic communications.

NYT 6/07/22, Mark Mazzetti and David D. Kirkpatrick

I do not know what records federal prosecutors have obtained, and have no opinion regarding the guilt or innocence of the accused, aside to note that all persons must be presumed innocent, until proven guilty in a court of law, and that I personally hope John Allen is not guilty. There has been no judgment by a judge or jury, but there has been significant evidence presented against the retired General.

Application For Warrant To Seize Digital Evidence From Apple

The evidence was presented to the Central District Court in California, as part of the government’s seventy seven page application for a warrant. The Court Clerk, for some reason, did not keep have this Application under seal, did not keep the Application secret. Somehow the Associated Press International found out about it being in clear and open view on Pacer, downloaded it and quickly published it. This disclosure is, we understand, alleged to have been a mistake. That is suspicious in view of the current political climate and fact that retried General Allen was, until the release of this warrant, the President of the Brookings Institution, which is generally considered a liberal organization. More on that later.

That application for warrant, formally entitled APPLICATION FOR A WARRANT BY TELEPHONE OR OTHER RELIABLE ELECTRONIC MEANS (“Application”), will be discussed here as part of the discussion of the ESI discovery procedures, especially the search procedure laid out in the Application. The facts of the case and questions surrounding the disclosure of this secret Application are secondary, but will not be ignored. Both are disturbing, especially the content of the FBI agent’s sworn affidavit that supported the Application. This bite of the Apple may very well be sour. I hope not.

Basic Introduction to Criminal eDiscovery by Tom O’Conner

The Application reveals the procedures now used by the DOJ to obtain a person’s private communications from a provider, in this case Apple, as part of a criminal investigation. For excellent background on ediscovery in criminal cases, see the five-part article by Tom O’Connor published by Cloud Nine: part one, part two, part three, part four and part five. Also see: David Horrigan’s good article, At the Border and Beyond: e-Discovery Aspects of Criminal Matters and Investigations (Relativity Blog, 2/16/17).

Tom O’Connor

By the way, I seem to recall from socializing with Tom O’Connor at a CLE someplace, many years ago, that Tom, a huge Rolling Stones fan by the way, got his start in e-discovery as a technical advisor in criminal matters. He told me about one case in particular where he helped the public defenders in Seattle on ediscovery issues in a notorious motorcycle gang case. Tom may look like Santa now, but he is tough and has been around eDiscovery longer than most. About the only lawyer I know with as much criminal e-discovery experience, including from the other side of the bench, is another good friend, retired judge Ron Hedges. See eg. Ron’s recent criminal law articles, Despite Rulings, 4th Amendment Battles over GeoFence Warrants are Far from Over, Legaltech news, May 2022; and Hot Topics for ESI in Criminal Matters, Criminal Justice 43 (ABA Crim. Section: Fall 2016).

In part three of Tom O’Connor’s mentioned article, he explains the basics of applications a/k/a affidavits like this for an ESI criminal warrant.

The government will usually get its ESI by consent or warrant. Typically, when the federal government seeks data in criminal cases (and most states have a similar procedure), it requests a search and seizure warrant by filing an application or affidavit sworn before a judge. The application, as provided in Rule 41, identifies the location of the property to be searched and seized, and includes facts that support probable cause (a reasonable belief that a crime has been committed and evidence of such may be at the site) as to why the government needs (and should get) the property. . . .

F.R. Crim. P. Rule 41 then establishes a two-step process when ESI is involved. The first step is the seizure and then a subsequent review of the ESI which must be consistent with the warrant. There is no time frame established for this review since it may take a substantial amount of time, especially with encrypted drives. . . .

Regarding third parties, the court may issue a subpoena under F. R. Crim. P. Rule 17 for a third party to produce records at trial or at another time and place.  This is typically a bank or cell phone carrier but can be any non-party thought to be in possession of relevant information. The court may then allow the defense to inspect all or part of the ESI.

Tom O’Connor

FBI’s Affidavit Is Detailed

I am relieved to see that the government’s warrant Application, and I presume all other similar warrant applications of the DOJ, whether of famous public figures or not, was supported by very detailed allegations of fact. The Application was made by an FBI agent. I did not, however, see the agent’s signature at page 77, and so wonder about that. How can it be a sworn affidavit without a signature? (Answer, it can’t!) This, along with the accidental disclosure itself, appears to be another sloppy error by the DOJ. Also, the final paragraph of the FBI factual affidavit, numbered 154, is blank. Another mere scrivener’s error? I assume that was all corrected later. But who knows? The court file was resealed again after the API leak. Aside from the clerical errors, the actual contents of the FBI’s statement, sworn to or not, was compelling. I have to assume the Warrant was granted and John Allen’s iCloud account was collected and turned over by Apple to the FBI.

Accused Is a Marine Hero President of the Brookings Institution

John Allen is a retired Marine, a Four Star General, who, among other things, served as the commander of the NATO International Security Assistance Force and U.S. Forces – Afghanistan and Chairman of the Joint Chiefs of Staff. He retired in 2013 and joined the prestigious Brookings Institution. In 2017 he was named the President of Bookings and served in this position until put on leave on June 8, 2022. He was put on leave when this Application was published and allegations revealed concerning illegal lobbying efforts that he supposedly made on behalf of the Persian Gulf nation of Qatar. By the way, Qatar was a major donor of Brookings.

I will not go into the facts of the FBI agents sworn statement in detail in this blog article, but will not attempt to cover them up either. Some mention of them is necessary to discuss the ESI discovery points, which are the focus of this article. But I will not do so with glee. Just the contrary. The fact that these allegations are made against John Allen, one of the most decorated Marines in history, saddens me very much. It has nothing to do with the Brookings Institution, which does not seem all that liberal to me.

My dear brother-in-law was a Marine, always a Marine, and my father was a Naval Officer in two wars. My Dad’s ships, where he was the communications officer, used to shuttle Marines around in the Pacific. They were both exemplary models of integrity, honesty and courage for which I am very grateful. May they rest in peace. These allegations against John Allen, if true, and we must presume innocence, are contrary to the Marine and Navy Codes of honor and our American way for life. Personally, I hope retired General Allen is innocent and did not, as alleged, lie for financial gain.

Property To Be Searched

The Application in paragraph three identifies the property to be searched under the warrant as three Apple iCloud accounts:

a. . . . identified as iCloud associated with DSID / Apple Account Number 1338547227 and / or email address rickscafedxb@yahoo.com that is within the possession, custody, or control of Apple , Inc., a company that accepts service of legal process at One Apple Park Way, M / S 169-5CLP, Cupertino, California 95014, regardless of where such information is stored held, or maintained. . . .

b. iCloud Account associated with DSID/Apple Account number 120757353 and/or email address imaad.zuberi@mindspring.com. . . .

c. iCloud Account associated with DSID/Apple Account Number 270847771 and/or email address j.rutherford.allen@gmail.com. . . .

Application, paragraph 3
Richard Olson

Paragraph 14 of the Application identifies the account holder for rickscafedxb@yahoo.com:

Richard Gustave Olson, Jr. (“Olson”), the user of SUBJECT ACCOUNT 2, served as U.S. Ambassador to the United Arab Emirates (“UAE”) from October 2008 through May 2011 and U.S. Ambassador to Pakistan from October 2012 through November 2015. From November 2015 through November 2016, Olson held the position of U.S. Special Representative for Afghanistan and Pakistan.

I understand that Olson was a career U.S. diplomat and his wife is also a U.S. diplomat.

Paragraph 12 of the Application identifies the account holder for imaad.zuberi@mindspring.com:

Imaad Shah Zuberi (“Zuberi”), the user of SUBJECT ACCOUNT 1, is an American businessman who operated a business entity named Avenue Ventures. Zuberi’s business largely consisted of receiving funds from foreign clients, using those funds to make political campaign contributions, parlaying those contributions into political influence, and using that influence to change U.S. government policy for his foreign clients.

Disgusting to me, but not yet illegal. The Application goes on to describe some of the illegal fraud that both Zuberi has been convicted of, but note, Zuberi’s conviction has been appealed. Here is a copy of the indictment of Zuberi, if you want to learn more about this charming guy, who donated to Republicans and Democrats alike.

Imaad Shah Zuberi

13. On November 22, 2019, in United States v. Zuberi, CR 19-642-VAP, Zuberi pleaded guilty to a FARA offense in violation of 22 U.S.C. §§ 612, 618(a)(2), Federal Election Campaign Act offenses in violation of 52 U.S.C. §§ 30116, 30118, 30121, 30122, 30109(d)(1), and tax evasion in violation of 26 U.S.C. 7201. All the aforementioned charges were unrelated to the instant investigation. On June 30, 2020, in United States v. Zuberi, CR 20-155-VAP, Zuberi also pleaded guilty to obstruction of justice (witness tampering) in violation of 18 U.S.C. §1512(c) related to an investigation conducted out of the Southern District of New York. On February 23, 2021, in a consolidated sentencing, the court determined that Zuberi’s obstruction extended beyond the single incident charged and that it included his deletion of four email accounts under the domain avenueventures.com exclusively under his control as well as paying several witnesses millions of dollars to silence them in connection with the government’s investigation. The court sentenced Zuberi to 12 years’ imprisonment.

More about Diplomat Olson. The Application alleges in paragraph 17:

17. On January 14, 2022, Olson entered into a plea agreement with the government that requires him to enter pleas of guilty to Making a False Writing in violation of 18 U.S.C. §1018 (related to his filing a false financial disclosure form in 2016) and Aiding and Advising a Foreign Government with Intent to Influence Decisions of United States Officers in violation of 18 U.S.C. §§ 207(f)(1)(B), 216(a)(1) (relating to his work in support of Qatar).

Paragraph 92 of the Application explains why they are searching the iCloud for these emails, in short, because they had all been deleted by the parties, once they learned of the DOJ investigation. That’s not just bad faith spoliation, that’s destruction of evidence in a criminal investigation, which is itself a crime. You know the common criminal law wisdom, the cover-up is worse than the crime.

92. In his interview subject to a limited use immunity agreement, Olson informed the government that in the spring of 2019, after he became aware of the government’s investigation of Zuberi, Zuberi asked him to delete emails pertaining to Allen from his rickscafedxb@yahoo.com account to protect Allen from government investigators. Olson admitted that he indeed deleted emails in response to Zuberi’s request. Search warrants for Olson’s rickscafedxb@yahoo.com account and Allen’s j.rutherford.allen@gmail.com account reveal that the emails Allen and Olson did not produce no longer exist on the providers’ servers.

The DOJ is going after the Apple iCloud accounts in the hope they will find a backup of deleted emails, or other incriminating evidence, to try to prove their case against the remaining defendant, General Allen. All kinds of ESI can be stored in an iCloud account. Of course, this discovery may fail. Apple may respond to the warrant after service by saying that these iCould accounts no longer exist, and there is no backup at this late date. We do not know who will be yelling at the cloud, but someone is likely to be angry. Isn’t that usually the way it is in ediscovery?

Related Lobbying Fraud Cases

The Washington Post recently reported that Imaad Zuberi had also been working with billionaire Thomas J. Barrack, Jr., Trump’s longtime friend and presidential inaugural committee chairman. Ex-U.S. diplomat pleads guilty in Qatar lobbying plot, names general (Allen) (Washington Post, 6/3/22). Barrack, who sold Trump The Plaza hotel in NYC, has also been criminally charged with obstructing justice and acting as an unregistered agent for the UAE. To Quote the Washington Post article:

Tom Barrack

Barrack, one of his Trump’s closet associates on his road to the White House, pleaded not guilty last summer and was freed on $250 million bond pending trial on charges of conspiring to secretly lobby for the UAE, which invested significantly in his investment firm, Colony Capital.

In October 2020, Elliott Broidy, a Trump fundraiser and former Republican National Committee deputy finance chairman who also received a $200 million security contract with the UAE, pleaded guilty to acting as an unregistered foreign agent and accepting millions of dollars to secretly lobby the Trump administration for Malaysian and Chinese interests.

The same cited Washington Post article reports that Olson plead guilty on June 3, 2022, to charges in connection with a secret lobbying campaign on behalf of Qatar to influence the Trump White House and Congress in 2017. Ex-U.S. diplomat pleads guilty in Qatar lobbying plot, names general (Allen).

Rick’s Cafe

Finally, to conclude Part One of this long blog on a cute movie note, consider the name of the personal email account of the once illustrious U.S. Ambassador, Richard (“Rick”) Gustave Olson, Jr.: rickscafedxb@yahoo.com. The former ambassador’s personal email name is a reference to Casablanca, the WWII cloak and dagger film starring Humphrey Bogart and Ingrid Bergman. The restaurant nightclub in the movie was called Rick’s Cafe. The lead character, Rick Blaine, played by Bogart, owned the cafe and was a cynical neutral serving for profit both sides in Morocco until the end of the movie, when he choose against the Nazis. The best scenes were in Rick’s Cafe where many Nazis would party. See: ‘Play It Again, Issam’: The Real ‘Rick’s Cafe’ Story. The abbreviation of the Dubai airport in Saudi Arabia, where Rick Olson was the U.S. Ambassador, is DXB. Add it all up and you get the Ambassador’s personal email handle, ricks cafe dxb. Yahoo!

Play it again Sam (referring to the jazz song, As Time Goes By, played below by Dooley Wilson). I wonder how many times Rick Olson will play that movie in prison? Maybe none, because it’s possible that he may, somewhat like some banks, be too big to jail. Time will tell. Apparently his sentencing may depend on how helpful he is in the government’s case against General Allen.

Play It Again, Sam (Dooley Wilson)


To be continued. . . The next parts to the blog will go over: Section I of the Application, Search Procedures; Section II, Information to be Disclosed by Provider, Section III, Information to be Seized by the Government and Section IV, Provider Procedures.

The question of the supposedly inadvertent disclosure of the Application from court sealed to the API will also be considered. All speculation of course. It could be on purpose, to embarrass or prejudice John Allen, but it could also very well be an accident. All too easy to happen when humans are involved.

I have some personal experience with a case that was accidentally unsealed. I’ll talk about that case from over ten years ago in Part III. It was an exception to today’s rule that, where confidential ESI is concerned, once the genie is out of the bottle, it can’t be put back in. In the early days of Pacer it could. But these days, with ever more complex e-filing rules and Pacer services everywhere, once a mistake is made, and confidential information goes online, the genie is gone.

Feel free to leave any comments below.

3 Responses to Examining a Leaked Criminal Warrant for Apple iCloud Data in a High Profile Case – Part One

  1. […] This article is Part Two of the blog Examining a Leaked Criminal Warrant for Apple iCloud Data in a High Profile Case. See here for Part 1. […]

  2. […] к данным: Examining a Leaked Criminal Warrant for Apple iCloud Data in a High Profile Case (часть I, часть […]

  3. […] blog Examining a Leaked Criminal Warrant for Apple iCloud Data in a High Profile Case. See here for Part 1 and Part 2. This last part of this blog will conclude the Application review, focus on the dangers […]

Leave a Reply