Page:Dobbs public report.pdf/3

 Statement from Michael Chertoff

I was asked by the Chief Justice to independently review and assess the thoroughness of the investigation into the Dobbs draft opinion leak and to identify any additional useful investigative measures as well as actions that would improve the handling of sensitive documents in the future.

My review assessed that the Marshal and her experienced investigators undertook a thorough investigation within their legal authorities, and while there is not sufficient evidence at present for prosecution or other legal action, there were important insights gleaned from the investigation that can be acted upon to avoid future incidents.

Regarding my review, the Court officials provided a detailed account of their investigative process and all documents associated with the investigation, including the interview transcripts and notes of the investigators. The initial round of interviews included a broad swath of employees and were appropriately and professionally conducted. As with most investigations, there were follow-up questions with many employees stemming from the first round of interviews and from forensic evidence. These follow-up interviews were thorough, specific, and ensured all leads were carefully examined. The Court also obtained external expert technical assistance. Throughout my review, the investigators were transparent, cooperative, and available to answer my questions about the process. At this time, I cannot identify any additional useful investigative measures.

The Court investigators will continue following up on leads if more information is learned. In the meantime, the Court has already taken steps to increase security and tighten controls regarding the handling of sensitive documents. Most significantly, the Chief Justice has also directed a comprehensive review of the Court's information and document security protocols to mitigate the risk of future incidents.

In connection with this review, I also recommended the following specific measures:


 * 1) Restricting the distribution of hard copy versions of sensitive documents;
 * 2) Restricting email distribution for sensitive documents;
 * 3) Utilizing information rights management (IRM) tools to better control how sensitive documents are used, edited and shared; and
 * 4) Limiting the access of sensitive information on outside mobile devices.