On Monday, Federal Judge Kenneth Hoyt unfairly held True the Vote founder Catherine Engelbrecht and True the Vote investigator Gregg Phillips in contempt of court over their refusal to identify a confidential informant who helped them obtain information that led to the discovery and, later, evidence that the E. Lansing, MI based election software company Konnech was storing election-related data on servers in China.
Yesterday, I received a message from Catherine’s brother asking us to ask our followers to pray for them and to consider donating to their legal defense fund.
Earlier today, Gregg Phillips posted a photo of himself wearing an orange jumpsuit in a federal prison on Truth Social.
He also posted an update:
5th Circuit still considering emergency release.
This may be the first time in U.S. history that Americans have been jailed in a federal civil defamation suit.
Tonight, Catherine Engelbrecht announced that they have been released from federal prison, and for now, they are free!
Praise the Lord!!!!
Catherine released the following statement upon their release:
Those who thought that imprisoning Gregg and I would weaken our resolve have gravely miscalculated. It is stronger than ever.
The right to free and fair elections without interference is more important than our own discomforts and even this detention, now reversed by a higher court.
We are profoundly grateful for that. We will continue to protect and defend those who do the vital work of election integrity, and we will make sure that their findings become a matter of public record.
– Catherine Engelbrecht, True the Vote
Here is a portion of their appeal:
This contempt proceeding is founded on Defendants1 grossly misunderstood public statements, by Plaintiff and the district court, having to do with both (1) Chinese Server Data – sensitive data one defendant, Gregg Phillips, witnessed on a TV monitor in a Dallas hotel room in late January 2021 – which data is the sole subject of Plaintiff’s claims of computer fraud – and (2) Election Breach Information – summary information about the resulting election system vulnerabilities, all publicly available, which Defendants wished to convey to the public as a warning.
As a result of its misunderstanding of Defendants’ modestly technical descriptions, Plaintiff has misunderstood this case to be in some way about hacking, or the Computer Abuse and Fraud Act, or about disclosure of sensitive data (whether of Plaintiff or individuals). All of these assumptions are incorrect. But the district court perpetuated that misunderstanding in ordering Defendants to make disclosures to Plaintiff that were alternatively impossible, inappropriate, or legally irrelevant.
Based entirely on its demonstrably flawed assumptions, Plaintiff inappropriately ex parte obtained a TRO seeking discovery outside standard civil procedure.2 Perhaps goaded by Plaintiff’s characterizations of this case as being about “election denialism”, the Court took the unusual step of issuing a TRO that compelled affirmative relief from Defendants (1) in the absence of any evidence from Plaintiff, (2) based on demonstrable mischaracterizations of Defendants’ public statements, (3) without permitting Defendants to proffer all relevant evidence, and (4) based on the incorrect conclusion that a person who witnessed Chinese Server Data not shown to belong to Plaintiff somehow “accessed” a “protected computer” of Plaintiff. Highlighting the hazards of ex parte hearings, the district court uncritically accepted Plaintiff’s counsel’s incorrect statement that Defendants “admitted hacking and theft of financial and other sensitive personal data of purportedly 1.8 million U.S. poll workers allegedly from a Konnech protected computer.”
Following the ex parte appearance by counsel for Konnech on the same day it filed its Complaint and motion for injunctive relief, whose merits and supposed urgency were both based on Plaintiff’s grave misconceptions about the types of information Defendants had spoken of, this Court issued the TRO, which holds, in pertinent part, that the defendants are enjoined from:
– “accessing”, “using”, or “disclosing” “Konnech’s protected computers” and data; or
– deleting or destroying same,
Defendants pledged to comply with this portion of the order soon after. But
the TRO also compels Defendants to disclose:
– the identity of any individual involved in “accessing Konnech’s
protected computers”, – the manner, means and time of “accessing” such computers, and
– the identity of any individual to have received said data.
In a hearing on October 6, the court forced Defendants’ prior counsel to reveal to Plaintiff, in open court and against their protests, the name of one of the confidential informants to the FBI who happened to be in the Dallas hotel room. Defendants subsequently disclosed information responding to the remainder of the court’s order, substantially complying with the order and omitting only to publicly name a second confidential informant (“the Second Informant”) (1) who was not alleged to have “accessed” any computers in this case, let alone Konnech’s, (2) whom Plaintiff had failed to establish had relevant evidence, and (3) whose personal safety the district court said it did not care about.
On October 27, 2022, at a show cause hearing the Court held Defendants in civil contempt for failing to identify the third of three individuals. Aside from the fact that the individual in question had not “accessed” a “protected computer” known to belong to Konnech, Defendants’ hesitation in disclosing another confidential informant was due, in part, to their attempts to grapple with the nature of Plaintiff’s and the court’s misunderstandings, in part because Defendants were concerned about blowing the cover of confidential informants to the FBI and putting them at personal
risk, and in part because their original counsel. But their hesitation was not, as Plaintiff and the court characterized it, contemptuous.
Crucially, in the October 6 hearing, Plaintiff misrepresented the disputed nature of their conclusions about Defendants’ statements, saying, “[T]here is Fifth Circuit precedent that says that the Court can consider a preliminary injunction without live testimony so long as there is no genuine issue of material fact.” DOC 30 TR at 9 (emphasis added). But there is a genuine issue of material fact here — consistent mischaracterizations by Plaintiff’s counsel about the nature of what Phillips saw (American poll worker data on a server located in China) and what Defendants have said they would do (report the fact of such data being breached and available in China – not the data itself).
1. Defendant Phillips Witnessed a Portion of the Chinese Server Data
Defendant Phillips witnessed, on a TV monitor in a Dallas hotel room, enormous amounts of data (he was told 350TB) on a server located in China, some of it including sensitive data on American poll workers.3 Also present were the person who accessed the data, Michael Hasson, whose name was revealed during the hearing of October 6, and the third individual. Some of the data appeared to have come from, or been taken from, Plaintiff Konnech.
But while the court’s order to show cause is entirely about this data, unrebutted testimony shows that Defendants did not themselves access the Chinese Server Data, did not download or copy it, do not otherwise possess it, and have never stated they would reveal it to anyone.
a. Defendants Did Not Download the Chinese Server Data
Q. Did any — forgive me if I get the terminology — but did any downloading occur in your presence in that hotel room when the — whatever was up on the TV screen was up on the TV screen — was any access happening?
A. No.
Doc 47 TR, p.32 (Phillips answering).
b. No Defendant Has a Copy of the Chinese Server Data
Q. Do you have, in your possession, a copy of this electronic information that was displayed on that screen in the hotel room in Dallas?
A. No, sir.
Q. Does Ms. Engelbrecht have a copy?
A. No.
Q. Does True The Vote have a copy?
A. No, sir.
Q. Does anybody associated with True The Vote have a copy?
A. No, sir.
Q. Did you ever have a copy of the electronic data on your computer or otherwise in your individual possession?
A. No.
Doc 47 TR, pp. 33-34 (Phillips answering).
On October 6, Defendants’ prior counsel had already informed the court that the Chinese Server Data was something Phillips had only seen, and did not possess:
MR. BREWER: Your Honor, seeing it [data] and possessing it [data] are two different things.THE COURT: Well, it may not be and it may be.
c. DefendantsDidNotWitnessHackingorMeansof“Access”
In unrebutted testimony, Defendant Phillips also made clear that what he saw
in the hotel room was not “accessed” at that time. Rather, he was shown the results of the access on the TV monitor:
Q. What, if anything, was your impression on the temporal relationship — that is the time relationship between when you walked into the hotel room and whenever whoever it was downloaded the information or data that appeared on the TV monitor that you saw?
A. It took about 20 minutes to get his computer hooked to the television screen. He had a problem with the cord that needed to hook into the hotel screen. Once he pulled it up, he went straight to his files that he was showing me.
Q. Was it your impression that information was actively being retrieved at that moment in the hotel room, or was it your impression that that had already been done, and he was showing you something that had been done in the past?
A. I think it was being done in the past. He certainly wouldn’t have been — there wouldn’t have been enough bandwidth at the hotel to download that kind [350TB] of data.
Defendants have also made clear exactly why they could not help Plaintiff –
as it demanded in its supposedly urgent motion for a Temporary Restraining Order – with its serious security problems. Because the uncontroverted testimony is that Phillips did not know how the Chinese Server Data had been accessed:
THE WITNESS: I don’t know how it was accessed. I know it was accessed because I saw it, and I subsequently learned that the information had become important to the FBI. [As to] when, given the size of the data that I understand was downloaded, it was somewhere in the 350-terabyte range, and was downloaded over approximately three months in the first quarter of 2021.
Defendants Did Not Provide the Chinese Server Data to Anyone
In unrebutted testimony, Defendants also made clear who gave the Chinese
Server Data to the FBI – and it was not Defendants:
Q. And so how was the data sent from Mr. Hasson to the FBI?A. They have a method to transmit large chunks of data directly to them. Q. What’s that method?
A. I didn’t do it. You’d have to ask Mike.
Q. Were you involved in it being done?
A. No.
Q. Did you see it being done? A. No.
Q. Who told you it was done? A. The FBI.
Doc 47 TR at 54-55 (statement of Gregg Phillips).
In the same podcasts Plaintiff has cited without understanding, Phillips has
also explained unrefuted information about the China-based server that should have prevented the district court from attempting to make Defendants responsible for Plaintiff’s own security problems in China: “Important keynote here, guys, for everyone … We didn’t steal anything. They left it open. The database was a MongoDB database that they left open. … There were no tools used to break in.”
The second type of information, or data, in this case is about the basic fact of the breach of American poll workers’ data, which we will call Data Breach Information. This is the only information or data that Defendants “accessed”, possessed, or wanted to disclose.
2. Data Breach Information
The Data Breach Information includes the general fact that sensitive data on American poll workers was being stored on a computer server located in China. The Data Breach Information consists of the publicly available fact that election-related domain names hosted by Konnech on behalf of American cities were being hosted on the same China-based server as its American poll worker data, as was Konnech’s URL app.konnech.com (meaning that any data that ran through its apps ran through the insecure server in China), and, apparently, what appeared to be websites for the Chinese election system (e.g., 2dmeeting.com and 2dmeeting.cn).
Exhibit 1 shows a screenshot from the publicly available website Binary Edge, which provides information on computer servers around the world. It shows the server information for Konnech-owned domain name Vote4Fairfax.com, a website run on behalf of Plaintiff’s client Fairfax County, Virginia, which Defendants confirmed was registered to Konnech before the domain name’s ownership information (aka WHOIS information) was recently concealed. The Binary Edge screenshot, taken before someone changed the server to one located in the U.S, reveals several key facts:
• The screenshot was taken sometime shortly after December 29, 2020.
• The domain name Vote4Fairfax.com was hosted in China, specifically, on Unicom, one of three “backbones” of the Chinese Internet, which is owned
by the Chinese government.
See https://en.wikipedia.org/wiki/China_Unicom
• The computer server has IP address 101.66.244.52.
• The same server hosted many other domain names – and their data –
operated by Konnech on behalf of its American clients, such as the city of Boston (Vote4Boston.com), the city of Hillsborough (Vote4Hillsborough.net), and others.
• Server 101.66.244.52 also hosted apps.konnech.com, as well as all the data on applications used by Konnech customers who access apps.konnech.com Exhibit 2 shows that the same domain names, as well as Konnech’s PollChief.com website and a few more domain names that Konnech operates on behalf of clients in Detroit and Lake County, have been belatedly moved to a server based in the United States. See Ex. 2 (accessed on November 1, 2022). It is this Data Breach Information that Defendants said, in their podcasts and The Pit event and other media, they wished to reveal to the public. This information does not belong to Plaintiff, was not accessed from them, is not defamatory, and is within Defendants’ First Amendment rights to speak about.
3. The Missed Opportunities in the Court Below
In fact, had the district court subjected Plaintiff’s testimony to cross-examination, consistent with due process, the court could have determined whether Plaintiff does indeed own the above-named domain names, and whether it was Plaintiff who moved the domain names from the server in China to the one in the United States. If Plaintiff does own the domain names or did move them from an insecure server in China to a server in the United States, then its entire motion for contempt, and its argument that it needs immediate injunctive relief in the form of Defendants helping it to understand its server’s “breach”, could have been denied. Why? Because Plaintiff knew its information was on a server in China, and Plaintiff did not require the names of private individuals in order to secure its data, as Plaintiff insisted in its overheated and ex parte Motion for TRO. Lacking such urgency, the court’s holding of the ex parte proceeding was itself inappropriate. And it made no sense for the court to order Defendants to tell Plaintiff what it already knew, nor to arbitrarily incarcerate them for a good-faith disinclination to disclose the names of confidential informants who could have told them what they already knew: that they were hosting their domain names and data on a server in China.
The court did not allow Defendants to explain the crucial distinctions at issue here. It did not appear to appreciate the distinctions – admittedly somewhat technical in nature – when Defendants offered them. Witness the court’s questioning of Phillips regarding the data – the Chinese Server Data – of American citizens he saw that night in the Dallas hotel room:
THE COURT: And you saw that there were bank accounts? THE WITNESS: There were bank accounts.
THE COURT: You saw the names of the individuals?
THE WITNESS: Yes, sir.
THE COURT: You saw their Social Security numbers? THE WITNESS: Yes, sir.
THE COURT: And you then said: We’re going to post this on a public domain?
THE WITNESS: No, sir. There is two different datasets.
THE COURT: Well, I’m not — I don’t care about the datasets. You know what I am describing.
14
“It’s unrelated,” Defendant Phillips began, because he did in fact know what the court was describing, but the court cut him off before he could explain the crucial distinction. See Doc 47 TR 5at 97, lines 3-17 (emphasis added).
This was not Defendants’ only attempt to ensure the court was informed about the fundamental issues — and what they had and had not said they witnessed, possessed, or would disclose – before it issued the contempt citation:
THE COURT: Okay. Do you recall making a statement on the podcast to the effect that you were going to create a website and would load the — this data that you saw onto the website for the people who would want to visit that site?
Note, again, that Defendants’ podcast and website both relate to the open- source, publicly available Election Breach Information, not the Chinese Server Data.
THE WITNESS: No, sir. That’s not true.
THE COURT: I’m asking you. This is what you said — or what your podcast said.
THE WITNESS: My podcast was referring to something we called the ripcord. The ripcord was related to an app called Open.INK, I-N-K. We were going to put the — we do all sorts of other research. We do a lot of open-source research, meaning Googling around and trying to find things. But we also do geospatial research.