Plea Deal in House IT Scandal Not Binding for Other US Attorney’s Offices

A plea deal reached by former House IT aide Imran Awan is only limited to the U.S. Attorney’s Office for the District of Columbia, details of the agreement reveal.

As part of the deal reached on July 3, Awan pleaded guilty to one charge of bank fraud. In exchange, prosecutors agreed to not file additional charges against him. Charges against his wife, Hina Alvi Awan, were also dropped.

The terms of the deal, however, stipulate that it does “not bind the Civil Division of this Office or any other United States Attorney’s Office, nor does it bind any other state, local, or federal prosecutor.”

“It also does not bar or compromise any civil, tax, or administrative claim pending or that may be made against your client,” it states.

This means that other U.S. attorney’s offices or prosecutors could still file charges against Awan if evidence of wrongdoing is found.

In reaching the plea deal with Awan, prosecutors contradicted evidence found by House investigators that Awan and his associates made unauthorized and suspicious logins to congressional IT systems.

Awan was first hired as a congressional IT aide in 2004. After he hit the congressional pay-cap in 2005, his two brothers, sister-in-law, wife, and other associates were added to the payroll in the following years. Despite having little to no IT experience, they provided IT services to 44 House Democrats. Each of the offices had waived otherwise mandatory background checks.

Click on timeline to enlarge.

According to the House inspector general, the IT aides made unauthorized logins to the systems of 15 House Democrats. The IG also documented excessive logins by the IT aides to the Democratic House Caucus server, a total of 5,735 during a seven month period.

“Excessive logons are an indication that the server is being used for nefarious purposes and elevated the risk that individuals could be reading and/or removing information,” said the IG in a briefing provided to House leadership in September 2016, which was not publicly released.

Subsequent to the findings, on Feb. 2, 2017, House Sergeant at Arms Paul Irving banned the IT workers from the House network. On the same day, Irving, along with Chief Administrative Officer Phil Kiko, wrote in a memo marked “URGENT” that “the employees [Awan and his associates] are an ongoing and serious risk to the House of Representatives, possibly threatening the integrity of our information systems and thereby members’ capacity to serve constituents.”

The memo, which was reviewed by The Daily Caller News Foundation, said that the Democratic Caucus server had been replaced by a different one after it had been identified by investigators as evidence.

“While reviewing the inventory, the CAO discovered that the serial number of the server did not match that of the one imaged in September,” the memo read.

Awan and several of his family members also frequently traveled to Pakistan. Concerns are that the server had been used as a central collection point of data from member’s offices, including those who work on committees with access to classified information, after which it could have been transferred out of Congress to other groups or potentially foreign governments.

The House IG had uncovered two Dropbox accounts installed on computers operated by the IT workers, which were likely to have contained sensitive files.

“While file sharing sites, such as Dropbox, have legitimate business purposes, use of such sites is also a classic method for insiders to exfiltrate data from an organization,” the IG presentation states.

In the plea deal, prosecutors in the Awan case presented evidence to the contrary of that of House investigators.

It said that based on its own investigation of the allegations, including interviewing 40 witnesses and obtaining computers and other electronic devices, it had found “no evidence that your client illegally removed House data from the House network or from House members’ offices, stole the House Democratic Caucus server, stole or destroyed House information technology equipment, or improperly accessed or transferred government information, including classified or sensitive information.”

Prosecutors did not provide an explanation for why its findings were divergent from those of the House Office of Inspector General and of Capitol Hill Police.

Under the plea deal, Awan could face between zero and six months in jail and pay a fine of between $500 and $9,500. Awan’s lawyer, Christopher Gowen, said they are seeking a probation-only sentence without a fine or restitution.

Given the potential national security implications, attorney generals outside of the District of Columbia could still decide to investigate the case if additional information surfaces.

Media reporting has revealed that potential witnesses with knowledge of the case, such as other House IT workers, had not been approached by the FBI for questioning.