A commenter asked, “Frank, do you think this evidence gives Keith Raniere a chance to walk? Or get his sentence reduced?”
I answered whether Raniere walks or not is not my concern. I am interested in whether the FBI cheated.
In 2011, Raniere gave Clare Bronfman orders to hunt and harm me. Now, 12 years later, I am still fighting because of him. Freeing him is not my quest.
Sentence reduction for him means little. If the court cuts his 120-year sentence in half or three-fourths, it’s still likely to be life in prison for 62-year-old Vanguard – though his grandmother lived to be 106.
I hope it is clear. I am not trying to help Raniere. I am interested in law enforcement.
The slow of comprehension, the brainwashed who believe power does not corrupt and give a presumption of regularity to those in power, and no presumption of innocence to those they accuse, will not see that misuse of evidence against a guilty person will lead to abuse against an innocent sooner or later.
They will be angered by the discussion. You will see it in the comments. They only think of Raniere, not about the conduct of those who put him there. They believe that to discuss tampering means I condone Raniere. This is not only wrong, it is stupid.
Some things make me think tampering occurred. I am curious if the FBI tampered. Maybe they didn’t. But I will review what I know, since Raniere’s Rule 33 may never see the light of day.
I spoke with several of his experts. I was impressed with Dr. James Richard Kiper, Ph.D. He helped me understand what may have happened. According to his resume, Kiper was an FBI Special Agent for 20 years, from 1999 to 2019, with more than half the time in cybersecurity and digital forensics. He was a case agent, supervisor, unit chief, forensic examiner, trainer of forensic examiners, and trainer of trainers of forensic examiners.
Kiper knows one of the FBI forensic experts who worked on the Raniere case, Stephen Flatley, the one supposedly sent to Ghana during the trial.
When they presented the Camila photos, with lengthy testimony on how the jury should know it was child porn, because the EXIF data said the photos were taken in 2005 when Camila was 15.
FBI Senior Forensic Examiner Stephen Flatley and Kiper were fellow digital forensics instructors in the FBI and taught together sometimes.
Kiper knows FBI evidence handling procedures and digital evidence examination procedures and policies. And this case was like a keystone cops version of evidence handling – so many mistakes and evidence handling violations. That may have been done on purpose, or maybe the FBI were just inept.
Yes, I know Raniere pays Kiper – I presume with Clare Bronfman’s money. But I do not think he is lying – not that his sponsors would necessarily be opposed if they thought he could get away with it. But Kiper isn’t lying, because Kiper knows a thing or two about forensics and that you can’t get away with it.
I interviewed Kiper for more than three and a half hours straight. I questioned him at length, closely interviewing him as I would anyone I doubt or treat with skepticism.
Kiper certainly is smart enough not to lie about things that can be proven one way or another if there is an evidentiary hearing. He makes his living as a forensic consultant – detecting liars who fudged with metadata and thought they could get away with it.
He taught many of the people who do it now for the FBI.
If he is proven wrong in his findings on FBI tampering – on his expertise, he is dog meat. If it is proven he lied or made a stupid mistake, it will be presumed he did it for a Bronfman buck, and his career would nosedive.
As it is, he stuck his neck out to say he believes the FBI tampered.
I love the responses from those interested in the results being unchanged. They do not study Kiper’s reports, but say he is disgruntled with the FBI, as if that would make him lie, or that Bronfman is paying him so much money he’ll lie, or that he is basing his report on altered-by-Raniere-followers’ data. All of this they say without evidence.
If anybody reads his reports, they would see why no one tampered with the evidence he analyzed since he got it exactly as delivered from the FBI after signing a protective order.
Keep in mind the focus is on one thing — the Camila photos.
Nothing I write about here will change the forced labor, sex trafficking, identity theft, or other crimes of convictions.
It does not change the racketeering charges. There were 11 racketeering predicate acts. The Camila photos involved three predicate acts. The other eight predicate acts remain unchanged.
I do not know why people get into such a tizzy over merely examining one piece of the entire Raniere prosecution – three predicate acts.
- Predicate Act 2: Sexual Exploitation of a Child on November 2, 2005 – Camila
- Predicate Act 3: Sexual Exploitation of a Child on November 24, 2005 – Camila
- Predicate Act 4: Possession of Child Pornography
In U.S. vs. Raniere, to prove predicate acts 2-4, the government said Raniere used a Canon digital camera to take explicit photographs of Camila, saved them to a Lexar camera card, supposedly found inside the camera, then transferred them to a Dell computer, which the FBI did not find, then backed them up to a Western Digital hard drive found in his library, inside of which were 22 Camila photos along with 146 other photos in a folder called Studies.
Remember the name “Studies,” for we will study this folder at length.
In the Studies folder, there were 167 nude photos of 12 females, including Camila, all known to Raniere – and one photo of a maple tree.
Both the camera card inside the Canon and the hard drive found in Raniere’s library was the only digital evidence used at trial.
According to the government, all 22 child porn photographs on the hard drive were taken in 2005, when Camila was 15.
To prove these 22 photographs were child porn, the government relied on the EXIF data “Create Date,” in the content portion of the photos.
Though it is easy to modify EXIF data using Windows with no special skills or tools, the government insists EXIF data is “hard to change” and “extremely reliable.”
FBI Senior Forensic Examiner (SFE) Brian Booth was the expert witness who testified about the reliability of EXIF data.
EXIF data is “very hard to modify,” he testified.
It is not hard to modify.
What I found concerning is Booth made a forensic examination of the camera card, which he received in an unsealed package during the trial’s final days.
It was the second forensic report on the same camera card.
SFE Flatley conducted the first forensic report on the camera card on April 11, 2019 – about a month before the trial.
Only four files on the camera card matched the Studies folder on the hard drive. They were photos of Angel, a blonde woman Raniere knew. For reasons unclear, the government did not put Flatley on the stand to explain his camera card report.
Instead, during the final week of trial, the government said they gave SFE Flatley an overseas assignment – to Ghana – and then the camera card passed through the hands of several FBI people.
SFE Brian Booth got it in an unsealed package – which is against FBI protocol for handling evidence.
Then SFE Booth produced a second or “replacement” forensic report of the camera card on June 11, 2019, more than a month into the trial and about a week before it ended.
Booth’s report contained 37 new files not found in Flatley’s report. How did that happen?
Thirty-one of the 37 new files had the same names as files in the Studies folder on the hard drive. However, some new files on the camera card had altered metadata. They had the same names as the files in the Studies folder on the hard drive, but were not the same files.
Why did the government make a second camera card report, and how were 37 new files found?
All the prosecution told anyone was Flatley had to go to Ghana, and Booth would explain the all-important camera card evidence, for this alone proved Raniere took the photos.
SFE Flatley’s testimony on a previous case might explain why they sent Flatley to Ghana.
On September 20, 2016, SFE Flatley testified as the government’s expert witness in U.S. vs. Gary Hirst.
AUSA Brian Blais questioned Flatley on metadata and dates:
Certain files also have metadata stored inside them. Things like Word documents, PDF documents, some photographs, like JPEGs and a certain type called JPEG Exif will have certain other aspects of metadata inside of it.
Q. How is metadata generated?
A. It’s generated at the time the file is created, and then it can be modified at later dates.
Flatley testified PDF files and JPEG files store “Create date” information by inserting the date and time into the content of the file and they “can be modified at later dates.”
Asked how the could be modified later, Flatley testified that free software, like Exiftool and Xpdf, can be used to modify metadata in JPEG and PDF files.
When asked about free metadata altering software tools, Flatley testified, “there’s a bunch of them.”
How would a person obtain a free tool to modify metadata?
You just download it from the web.
That was in the US vs. Hirsh.
In the US vs. Raniere, the proof of child pornography was the created dates of the photographs.
The FBI’s expert witness SFE Booth and DOJ’s prosecutor Tanya Hajjar had to convince the jury of the reliability of EXIF data.
Hajjar: Is there a particular reason why EXIF data is more difficult to
Booth: They purposely designed it that way.
Q. Do you know —
A. It’s mainly to be able to store information. And they don’t want
data to be moved around and changed, especially time and date
information. Those things are very hard for the consumer to be able
to modify, unless you wind up getting software that’s just developed
to do that.
There was conflicting metadata that should have made the entire metadata suspect.
During his testimony, SFE Booth admitted the file system “created date” for all the “backed up” photos, including Camila’s photos, was 2003.
This was a problem since if the jury believed the metadata showed [which it did] that the photos were copied to the hard drive two years before the government claimed they were taken – and one year before the camera was manufactured – it would make them doubt the authenticity of the metadata altogether.
Recognizing they could not ask the jury to rely on all the metadata, or the file system “create dates,” they had to veer to EXIF data, which alone supported the 2005 date. They needed the jury to believe some, but not all, of the metadata.
They had to veer to EXIF data, which is easy to change, because it was the only metadata that supported the 2005 date they wanted the jury to believe. They needed to deceive the jury that EXIF data was hard to change, while the other metadata is not, which is a lie since it is all easy to change — equally easy to change
Q. You testified that the EXIF data shows the date and time
associated with this is October 18, 2005?
Q. And so between the dates here and the EXIF data, what’s the best
evidence of when this photograph was taken?
A. Well, the best reference is the EXIF data because that gets put into the JPEG file and it’s not easily modifiable and it moves with the file the same way from device to device, no matter where you place it.
Booth’s statement is false. Just plain false. But he reliability of the EXIF data was crucial to the government’s charge of child pornography, so he lied.
Prosecutor Mark Lesko emphasized Booth’s lie during his closing argument:
Lesko: I’m no expert, don’t get me wrong, but I heard Examiner
Booth, just like you did. EXIF data is extremely reliable. It’s embedded in the jpeg, in the image itself. And the EXIF data shows that the data was created on the camera, in this instance, this particular instance, the 150 jpeg on November 2, 2005.
Now compare this with what SFE Flatley, the FBI’s expert witness in Hirsch’s trial said:
Q. Now, Mr. Flatley, does the FBI rely on creation dates alone in PDF files in determining the date on which that PDF file was, in fact, created?
A. No, we do not do that.
Flatley said the FBI does NOT rely on creation dates alone to determine the date on which a PDF or JPEG file was created.
Flatley said the FBI “would require that we have some kind of corroborating evidence’ and to rely on the metadata ‘Create Date’ in either a PDF or JPEG file.
What kind of evidence would corroborate the EXIF data create date?
Flatley said corroborating data from other devices and mechanisms “outside the user’s control,” not corroboration from the standalone system.
In US v Raniere, the FBI used no corroboration, no other devices, systems, or mechanisms to corroborate the EXIF metadata dates in the JPEG files. Instead, the FBI claimed EXIF metadata was reliable by itself and difficult to change.
SFE Booth testified:
When it comes to photos, they still keep you from changing dates and times. It’s not easy to change those. You have to go through special processes to change those things.
SFE Flatley in the Hirsch trial testified:
A. It’s very easy to go down and change your time and date on the machine. It’s also a standalone system. It could just flat be wrong.
Booth testified the FBI considered metadata create dates reliable,
Flatley testified the FBI considered metadata create dates unreliable:
Q. Based on your training and experience, would the FBI rely on the create dates alone in the metadata of Government’s Exhibits 509A through D in determining the dates on which these documents were created?
Flatley. No, we would not.
SFE Flatley’s testimony about the unreliability of metadata create dates was the sole purpose for his testimony.
The prosecutor concluded his direct examination:
Q. So Mr. Flatley, in your opinion, can you conclude that Government’s Exhibits 509A through D were created on the dates reflected in the metadata in those documents?
A. I cannot.
As Dr. Kiper explained, “SFE Flatley, an FBI expert witness who previously testified to the unreliability of metadata create dates, was replaced in the last week of trial by SFE Booth, who testified to the reliability of metadata create dates.”
You have to wonder why Booth lied. There must have been a reason.
Why did they need a second camera card report? Why was it different from the first?
You start looking into things and find that four of the new files on the second camera card report had thumbnail photos of Angel that should have been Daniela.
Did someone transplant images, but forgot to swap thumbnails?
You look into how six months into FBI custody, someone got into the camera card and forgot to use a write blocker, so all the files’ modified dates were changed to 2018, when the photos were supposedly taken in 2005.
You wonder why the FBI didn’t turn over the camera card clone to the defense — even though they were required to – and instead handed them prints of photos from the camera card without metadata.
Then you look into it more, not wanting to find out anything that could help Raniere. You find the FBI pretended the camera card was not a digital device and hid it from the defense until after they found the child porn, 11 months after they seized the hard drive.
And they did not turn over the camera card. Why?
Then you find they took the wrong photo of the hard drive when they seized it. They went first, like honing pigeons, to grab the camera, camera card and hard drive, then took a photo of the wrong hard drive. On the witness stand, the prosecution showed the photo of a silver hard drive and the FBI agent who seized it called it “silver,” under oath, when it was black, and he knew it.
He testified the wrong photo he took was not wrong, and that the black western digital was silver when it was black. Why not admit you took the wrong photo?
And he asked was it plugged in when he seized it, and he evaded the question and answered as if he never saw the real hard drive until he took it to the FBI evidence room. You wonder about these things.
And you wonder why the camera card went from hand to hand – sometimes disappearing from custody and sometimes in the wrong hands – agents who cannot legally do anything with it – for weeks.
Why were they taking custody of a digital device they are not permitted to even look at.
Then the camera card arrives unsealed, toward the end of trial. Why did the FBI break protocol and take a second image of an original device without authorization, a clear violation of protocol?
Things are hard to explain. There are metadata dates before the camera was made, and some dates go back and forth, like one hour, then two hours, then no hours, seemingly trying to be in comportment with Daylight Savings Time but in the wrong direction. Falling forward, not back.
How, when there were two subjects in a series of photos, Mariana and Pam, the clock went back two hours – as if the number of models should affect the hours for daylight savings time on certain photos.
Even a maple tree whose EXIF data, which Booth says is perfectly reliable, shows it was taken at midnight, when it was during the day.
You scratch your head and ask how did that happen, or how did one photo show Adobe Elements on it, but had the exact modified date as the EXIF create date when the Canon camera cannot and does not have Adobe Elements. You know this photo is altered. Adobe Elements is used to alter photos. When you use it, it changes the modified date. But the modified date is the same as the creation date, which is impossible unless somebody altered it.
You find parent folders younger than their sub-folders, which is impossible unless someone altered something. Or you find Kathy Russell’s thumbnails in Daniela’s file, and vice versa, which means they were once in the same file.
This might explain why sub-folders are older than the more recently created ‘Studies” folder, and you want to study more to find out who split it into two without changing the modified dates, which is impossible unless someone altered the metadata.
Then you look to motive. Who had a motive to alter these things? These files did not come au naturel like the subjects in the Studies folder. They were altered, but who did it?
Was it Raniere? Maybe, but why? The alterations support the government’s narrative and work against Raniere.
Why would he label files to convict himself of child porn and help prove he took the photos?
I am not concerned whether he took photos of Camila when she was 15. That’s not what we are studying, or whether he is a rotten guy. I already told you what I think of him.
What I want to know is what the government did. Who altered the metadata? How at the 11th hour, the Camila photos were found in a hard drive the FBI rushed to seize the day after his arrest – and had only a limited number of photos to check – and they did not find the child porn for 11 months?
They were looking for collateral and anything else on this hard drive with limited files, but the FBI said they did not find the child porn for 11 months, by accident.
I could believe that all is innocent, but why did they hide the camera card, and do a second report with 37 new files, and put Angel into Daniela’s files, and send the guy who did the original report to Ghana?
But most of all, why did they lie about EXIF data?
You tell me why?
But don’t tell me until you read the Kiper report and the Rule 33 motion in full.
I am tired of conclusory allegations and answers that fit what people want to believe. I’m not on Raniere’s side. Just read the reports, then tell me why there should be no evidentiary hearing.