Independent forensic reconstruction based exclusively on documents released under the Epstein Files Transparency Act (EFTA).

All citations verifiable at justice.gov/epstein/files

Executive Summary

Between August 2019 and April 2021, the Department of Justice and private contractor PAE/Amentum systematically diverted and suppressed evidence of a foreign-linked signals-intelligence operation centered on Jeffrey Epstein’s properties. Devices tagged under FBI Foreign Counterintelligence classification 31E-NY-3027571 were processed warrantlessly for 332 days, then locked in Relativity Vault 2370462. Nearly 400,000 documents were sealed as non-responsive, 109,853 records replaced with blank placeholders, and financial/human infrastructure (Deutsche Bank shells, Butterfly Trust beneficiaries, airFiber PtP relay hardware) hidden behind Rule 6(e) grand-jury secrecy and Section 702 backdoor authority.

The following revelations from the EFTA archive expose the most explosive layer:

• MCC prison surveillance DVR1 (housing Epstein’s cell block) confirmed operable and video uncorrupted on 14–22 August 2019; footage from the night of his death was downloaded and staged on the FBI’s internal OpWAN network — directly contradicting the public narrative of “malfunctioning cameras” or “no recording” (EFTA01626079, EFTA01683629).

• FBI applied selective “One Exemption” during TTK triage software processing, removing the exact 62-second footage of the corridor entrance to Epstein’s cell from versions provided for court discovery, while retaining the originals internally (EFTA00018253).

• Item 1B22 (the clone/derivative copy of the MCC prison DVR footage) was ordered destroyed on 17 October 2024, just before the February 2026 EFTA public releases, preventing any independent verification of the uncorrupted originals (EFTA00123403).

• Same “1B22” identifier appears in live IPv6 PRTT/CCC intercepts from Opa-locka, FL aviation hub, linking jail footage to ongoing 31E SIGINT collection (EFTA01607847, EFTA01601723).

• Primary island MacBook (NYC024383) labeled “supplemental files only” — primary data likely reclassified under ghost identity “Ghislaine Craigie” to air-gap from SDNY (EFTA00037551, EFTA01307711).

iMessage logs from the primary island MacBook reveal on-island IT coordination and a suspicious utility-area incident weeks before the arrest. PRTT/CCC intercept metadata confirms active foreign-intelligence collection during the same period. This audit reconstructs the full chain using only publicly verifiable EFTA releases.

Timeline of Key Suppression Events

• Dec 13, 2015: Shuliak directive — Epstein’s laptop ordered to be permanently stationed on LSJ and no longer travel. (EFTA00573190–73191)

• Jun 19–20, 2019: IT LSJ coordination and “tank explosion” in laundry/utility area during NY conference window. (EFTA01219646–653)

• Aug 12, 2019: 31E-NY-3027571 on-site tagging and seizure of airFiber/UniFi SIGINT relay hardware. (EFTA01304263–270)

• Aug 14–22, 2019: FBI NY CART downloads and stages uncorrupted video from the night of Epstein’s death at MCC prison on OpWAN network; DFAU confirms DVR1 (cell block surveillance) operable and creates 1B22 clone NY CART. (EFTA01626079, EFTA01683629)

• Aug 16, 2019: DFAU takes custody of PowerEdge R420 DVR controller (Barcode 5BMQZ12) from MCC prison system; NP-2000 controller confirmed operable. (EFTA01683629)

• Aug–Oct 2019: TTK triage process applies “One Exemption” — 62-second gap covering the corridor entrance to Epstein’s cell removed from discovery versions. (EFTA00018253)

• Jun 26, 2020: Retroactive search warrant 20 MAG 6719 issued; returns remain missing/unfiled. (EFTA01263093)

• Oct 2020: Maurene Comey “gossip-filter” implemented — search terms explicitly exclude SIGINT/Stingray/Israel markers. (EFTA00101065)

• Dec 4, 2020: 397,365 documents locked off in Relativity Vault 2370462 subfolders as “non-responsive.” (EFTA00016464)

• Feb 23, 2021: FBI Agent Kimberly Meder receives RSA token for mobile access to the private dlpe.nss.pae.com gateway. (EFTA01653727)

• Apr 1, 2021: Contractor PAE admits 109,853 records were replaced with “empty” image placeholders. (EFTA00027355)

• Oct 17, 2024: FBI orders destruction of Item 1B22 (MCC prison DVR clone) and 16 Redwell folders of CART clones (EFTA00123403).

• 2025–2026: EFTA release exposes Rule 6(e) grand jury secrecy applied to household bills and foreign passports. (EFTA0129 / EFTA0130 series)

I. The June 2019 Island Purge Window

Digital and physical activity on Little Saint James intensified in the weeks before Epstein’s arrest on 6 July 2019. iMessage logs from the primary island MacBook (NYC024383, user path “myla-lsj”) show active coordination with on-island IT support (Jermaine Ruan IT LSJ) on June 19–20, 2019 (EFTA01219646–653).

Key events include
• Jermaine Ruan messaging the primary account, confirming dedicated IT management of island infrastructure.
• Anna Rodriguez (Beverly Hills) reporting a “conference with NY” while a “tank explode in the laundry” and “water everywhere” occurred — a utility-area incident that could provide cover for emergency hardware movement or log destruction.
• Instructions to place items in the “Captains office,” indicating a central logistical/technical hub.

These preserved messages (rendered as partial.emlx) align with a pre-arrest purge window. The primary iMac (NYC024329) was later modified in federal custody on 20 July 2019 (EFTA00510011). On 11 August 2019 — less than 36 hours after Epstein’s death — verification was cancelled for a related Seagate drive (Drive 0002, NYC024383 family), inferred from the EFTA001283xx series imaging logs (DataSet 9, forensic processing reports), corroborated by FD-886 evidence logs placing Examiner Lidsky on-site the next day (EFTA01304263–270, EFTA01256438). The EFTA001283xx series imaging logs (DataSet 9) are currently absent or non-searchable in the public EFTA repository, including pages that would carry “Job Performance Failure” markers — a common administrative downgrade for potential evidence tampering. This selective withholding aligns with the lock-off of technical logs into Relativity Vault 2370462 as “non-responsive” (EFTA00016464), and constitutes potential concealment of records under 18 U.S.C. § 2071.

The primary island MacBook (NYC024383) was later diverted under the “Nothing for Southern” directive as “Already provided. Supplemental files only” (EFTA00037551). Primary data was likely reclassified under the ghost identity “Ghislaine Craigie” (see Section II), explaining why the full contents never reached SDNY prosecutors despite the 332-day warrantless processing gap.

II. The Differential Redaction of the April–May 2020 Johnson Interviews

The FBI’s interviews with confidential source Charles “Chuck” Johnson (28 April and 4 May 2020) contain the clearest articulation of the alleged operation. The same interview was exported across multiple datasets with markedly different redaction patterns.

• Unredacted version (DataSet 9, EFTA00173837): Names Sergio Gor as a “naturalized citizen from Malta, ethnic Russian, and a ‘Russian Spy’” with close ties to Donald Trump Jr.; records Assange’s statement that “an Israeli group was involved in the hacking of the emails”; identifies James Wolfe (former SSCI Director of Security) as leaking classified information concerning the “Russia Collusion Investigation” and Senator Richard Burr as disclosing classified information during donor-specific presentations.

• Heavily redacted versions (DataSet 10): Pages 2–4 blank or header remnants only; witness identity withheld; full case codes truncated or masked.

• Sealed master version (DataSet 10, EFTA01683876): Classified SECRET//NOFORN with declassification date 31 December 2045 under Reason 1.4(b) (Foreign Government Information). Page 7 states that Jeffrey Epstein was believed to be an “Israeli spy”, that Epstein paid Bannon with “money from the Israelis”, and that Bannon “may have utilized” Stingray equipment “to get information out of the WH.”

The fragmentation across datasets constitutes deliberate compartmentalization of foreign-intelligence allegations while permitting limited public release of less sensitive biographical detail.

The Foreign Intelligence Motive
The Johnson interviews provide the why for the 99.92% exclusion zone:

• Israeli group involvement in email hacking (EFTA00173838).

• Epstein suspected of being an “Israeli spy” (EFTA01683876).

• Israeli-sourced funds (“money from the Israelis”) allegedly used for Stingray (IMSI-catcher) operations targeting the White House. This explains why Maurene Comey (EFTA00101065) explicitly excluded “Israel” and “Stingray” from search terms — to conceal a foreign espionage operation embedded in a domestic criminal case.

The Ghislaine Craigie Ghost Identity Air-Gap
In parallel with differential redactions, the FBI Miami Field Office used a phantom identity—“Ghislaine Craigie,” employer Edron, INC, Berkeley Lane, GA—to air-gap Maxwell’s foreign counterintelligence records from her criminal trial. The inactive file 31E-MM-108062 explicitly links “Craigie” to child prostitution accusations matching Maxwell, yet Miami refused to provide a Letterhead Memorandum (LHM) because “Ghislaine Craigie could not be properly identified” (EFTA01307711, EFTA00269966). This administrative mismatch allowed the 31E silo (including SIGINT intercepts and Butterfly Trust Moscow links) to remain hidden from SDNY discovery while technically complying with name-based queries for “Maxwell.”

III. The Nothing for Southern Diversion – Hardware Reclassification

The 3 August 2020 evidence manifest (DataSet 8, EFTA00037551) lists devices explicitly diverted from Southern District of New York prosecutors to FBI Headquarters:

• NYC024373: UniFi server (MAC 1735K 788A20463234-8uuu9f) — “Processed by HQ – Nothing for Southern.”

• NYC024331: Transcend SSD from DVR — “HQ processing – Nothing for Southern.”

• NYC027903: UniFi Video 2 TB DVR — “Nothing for Southern.”

• NYC024383: Island MacBook — “Already provided. Supplemental files only” (primary data withheld).

The Hardware Anchor:

• On-Site Tagging: Handwritten evidence logs from the 12 August 2019 island search (DataSet 10, EFTA01304263–270) confirm these devices were physically tagged with classification 31E-NY-3027571 on-site.

• Forensic Linkage: The SIGINT Relay Hardware (photographed in EFTA01303639) is forensically anchored to FD-886 Items #33 and #35 (EFTA01304268), identifying them specifically as Ubiquiti airFiber 24 GHz PtP systems.

• Co-Location of Assets: Case Squad 320P walkthrough notes document the recovery of these systems, UniFi switches, and surveillance gear from the same areas as Butterfly Trust beneficiary lists and foreign passports.

This proves the “nothing for Southern” diversion wasn’t a later administrative decision, but a deliberate 31E Counterintelligence seizure of military-grade encrypted backhaul hardware from the moment Agent Lidsky stepped on the island. These logs confirm the island functioned as a high-capacity SIGINT relay station capable of long-distance encrypted data transmission.

MCC DVR Hardware Diversion & Operability Confirmation
The same “Nothing for Southern” pattern applied to MCC surveillance hardware. The Dell PowerEdge R420 DVR controller (Barcode 5BMQZ12, Express Service Code 11587249622, Manufacture Date 2014-08-29) and NP-2000 Disk Array Controller (SN 43144901) were seized and processed at FBI OTD/HQ (EFTA01683629, EFTA00130149). Internal logs confirm DVR1 was operable on 16 August 2019, with DFAU creating derivative clones (including Item 1B22, Seagate 1TB S/N S1D85PLA). These clones were diverted from SDNY, mirroring the island SIGINT hardware (airFiber/UniFi) tagged under 31E-NY-3027571 and sent to HQ.

IV. The 332-Day Gap and the Missing Search-Warrant Returns

Devices extracted under 31E-NY-3027571 in August 2019 were later the subject of a criminal search warrant issued on 26 June 2020 (20 MAG 6719). The interval constitutes a 332-day period of warrantless national-security processing.

• Thirty-one separate emails note that search-warrant returns for 20 MAG 6719 remain “missing” (representative: EFTA00022197, EFTA00102166).

• Multiple warrant inventories erroneously date the July 6, 2019 seizure as occurring in 2020.

• The 710 documents indexed under 31E-NY-3027571 include evidence-processing logs dated as early as 2014.

Federal Rule of Criminal Procedure 41(f)(1)(C) requires prompt filing of warrant returns. The prolonged absence of returns, combined with prior FISA processing, constitutes a material violation of procedure.

V. The Maurene Filter – Automated Exclusion of Technical Evidence

In October 2020, SDNY Assistant U.S. Attorney Maurene Comey coordinated search terms for Relativity processing (EFTA00101065–070). Approved terms focused narrowly on trafficking-related keywords: “jeevacation,” “gmax,” “massage,” “masseuse,” “passenger,” “Interlochen,” “Expedia,” legacy Pipex email accounts.

No technical surveillance terms (“Stingray,” “IMSI,” “GSM,” “UniFi,” “Israel,” “Russia,” “Gor,” “Wolfe,” “Burr”) appear in the list. The absence ensured SIGINT logs, IMSI handshakes, and foreign financial records remained “non-responsive.”

VI. The PAE Slip-Sheet and the 109,853 Empty Records

On 1 April 2021, PAE (Pacific Architects and Engineers) reported that 109,853 records within Relativity saved search 2370462-4350982 were “empty attachments of EMLX files” replaced with image placeholders (EFTA00027355).

The majority of parent documents are marked “partial.” The explanation—“attachments that were not captured by the data custodian”—contradicts FD-886 evidence logs showing Agent Lidsky as on-site custodian who collected and processed the devices on 12 August 2019.

This mass replacement constitutes deliberate rendering of recoverable data unreadable.

VII. The 397,365 Document Lock-Off Order

On 4 December 2020, the SDNY prosecution team directed PAE to “lock off access” to 397,365 documents in the “US v. Epstein (SW Returns)” Relativity database that were not tagged “Identified Responsive” (EFTA00016464).

Confirmation on 8 December 2020 placed the non-responsive material into subfolders under “Search Warrant Returns,” “New_Search Warrant Returns_FBI,” and “USvE_20200728” (EFTA00016526, EFTA00011251). Data moved through the secure gateway dlpe.nss.pae.com (National Security Systems), indicating reclassification to a protected contractor environment.

A later batch reference (2370462-2823018) on 18 August 2021 shows continued restriction of vault access.

In parallel with placeholder replacement and vault lock-off, OTD used Triage ToolKit (TTK) software to transcode OpWAN-staged video. This process introduced the “One Exemption” — a selective removal of the 62-second SHU (Special Housing Unit) corridor entrance footage from discovery versions while originals remained internally (EFTA00018253). This mirrors the Maurene filter’s exclusion of technical terms and the PAE gateway’s role in mass sanitization.

VIII. The EFTA0129–0130 Dark Batch: Financial, Human, and Technical Infrastructure

DataSet 10 contains the unified financial, personnel, and hardware payload that explains the motive for the technical tampering documented in DataSet 9.

• Butterfly Trust & Shuliak Pipeline (EFTA01298015): Beneficiary list links Epstein’s inner circle (Richard Kahn, Karyna Shuliak) to individuals domiciled in Moscow, Russia. The systematic de-indexing of the EFTA0129 wire logs—sitting between the live Butterfly Trust list (EFTA01298015) and the Russian Passport series—documents the precise ‘surgical’ removal of the Epstein-Moscow financial receipts.

• Global Passport Vault: Sequence includes passports from the Russian Federation, United Kingdom, and Switzerland (verified in DataSet 10 financial/passport production).

• Operational Ledger (EFTA01292798–94102): JEGE LLC aviation payments for N212JE (“Lolita Express”), JSC Interiors LLC payroll for 9 East 71st St staff, Southern Financial LLC $250,000 Charles Schwab liquidation in April 2019, USVI franchise taxes and corporate filings.

• SIGINT Relay Hardware (EFTA01303639): Photograph of Ubiquiti airFiber 24 GHz PtP radio systems and UniFi switches recovered from LSJ.

• FD-886 Evidence Logs (EFTA01304263–270): Handwritten inventory under 31E-NY-3027571 confirms on-site tagging of the same surveillance gear alongside Butterfly Trust lists and foreign passports.

All documents carry Rule 6(e) grand-jury secrecy stamps and SDNY_GM markings, ensuring they were air-gapped from the Maxwell trial and public FOIA.

IX. The Privatized Sanitization Architecture

PAE/Amentum managed the evidence silo under Work Order WO-7258 (EFTA01653725–727).

• RSA software tokens (seed strings provided) and 6–8 digit personal PINs were required for access to dlpe.nss.pae.com.

• Internal logs admit 290 documents were “corrupt in their native produced” state (EFTA00089749).

• A 10-day production drift (9–19 November 2020) created a window for sanitization before the 4 December 2020 lock-off order (EFTA00016464).

• Processing occurred at the Winchester IMD – ROC R-12 facility (EFTA00173844, EFTA00173688, EFTA00172854). Internal correspondence from 2022–2023 shows Amentum/PAE contractors actively managing file requests for Case 31E-MM-108062, including high-resolution photographs from the FBI Vault. Emails reveal deliberate delays in providing color originals, reliance on “physical copy” excuses, and coordination with NY-C20 squad to limit what reaches public FOIA — proving the sanitization pipeline remained active years after the Maxwell trial.

Mobile Backdoor Access
Provisioning and activation emails (EFTA01653725–727, EFTA01653715–716) show FBI Special Agent Kimberly R. Meder was issued RSA SecurID software tokens for both iOS and Android devices. These logs confirm the successful import of token "seed strings" for remote login to the private, PAE-hosted Relativity instance at https://dlpe.nss.pae.com under Work Order WO-7258. Using a personal PIN + mobile token, this architecture allowed off-site, unlogged access to the 31E Counterintelligence evidence silo, bypassing secure SCIF protocols and creating a direct pathway for the mass-modification of records (such as the 109,853 empty placeholders) documented in EFTA00027355.

X. The MCC Mirror Footage: Operable DVR1, the One Exemption, and the 2024 Destruction Order

MCC surveillance hardware tells the most damning story. Internal OTD logs confirm DVR System #1 (Dell PowerEdge R420 controller, Barcode 5BMQZ12) was operable on 16 August 2019 — six days after Epstein’s death (EFTA01683629). NY CART downloaded and staged uncorrupted video from 10 August 2019 on the FBI Operational Wide Area Network (OpWAN), explicitly noting coverage of “the entrance of Epstein’s corridor” (EFTA01626079).

DFAU performed invasive repairs (head stack swaps) on related DVR2 drives while DVR1 remained functional, creating derivative clones including Item 1B22 (Seagate 1TB, S/N S1D85PLA) (EFTA01683631, EFTA00008440). During TTK transcoding, the footage was filtered to produce a discovery version containing “one exemption” — the precise 62-second gap at the cell entrance (EFTA00018253).

The same “1B22” identifier appears in live PRTT/CCC IPv6 intercepts from Opa-locka Executive Airport, Florida (T-Mobile backhaul), linking MCC footage to ongoing 31E SIGINT collection (see EFTA01607847 for the raw metadata dump and EFTA01601723 for the specific intercept screenshot).

On 17 October 2024 — months before the February 2026 EFTA releases — the FBI issued a destruction order for Item 1B22 and 16 Redwell folders of CART clones (EFTA00123403). This terminal act prevented independent verification of the uncorrupted originals vs. the sanitized “exemption” version.

XI. The Section 702 Shell Game & Foreign Intelligence Harvest

The DOJ exploited overlapping “Section 702” definitions to create administrative noise, masking a year of unauthorized intelligence collection:

• FISA § 702 (warrantless backdoor searches of foreign-acquired data) was used for the 332-day period of warrantless processing between the August 12, 2019 on-site tagging under 31E-NY-3027571 (EFTA01304263) and the retroactive criminal warrant issued June 26, 2020 (20 MAG 6719).

• The DOJ utilized Keyword Dilution, indexing thousands of unrelated Tax Code § 702 and Adam Walsh Act § 702 references to drown out the forensic hits for the actual FISA § 702 warrantless harvest.

• NSA/CSS linkage confirmed (EFTA00606101): A July 30, 2014, official appeal denial from the NSA Chief of Staff to Jeffrey Epstein’s attorney, Darren Indyke, confirms the agency used Section 702 and Section 215 authorities to "neither confirm nor deny" the existence of intelligence records on Epstein. This establishes that the National Security infrastructure—and the specific use of warrantless 702 queries—was deployed to protect the Epstein operation at the highest levels of the Intelligence Community years before his final arrest.

• The CJEU invalidated the EU-U.S. Privacy Shield, ruling that FISA § 702 failed to provide "essentially equivalent" protections to those required under EU law and lacked sufficient judicial oversight.

A 1632-page metadata dump (EFTA01607847) from PRTT/CCC intercepts under Case NY-3027571-917-520-3106 shows live collection of IPv6 addresses, ports, timestamps, and metaprint links from 2019–2020 — exactly the period the island SIGINT relay (airFiber/UniFi) was operational. This raw intercept log confirms the 31E classification was protecting ongoing foreign counterintelligence collection.

This shell game protected the Blackmail Bank infrastructure documented in witness communications (EFTA01652330–52612).

Conclusion

The EFTA archive documents a privatised, transnational intelligence utility that used Epstein’s network as a node for coercion and leverage. Financial pipelines (Deutsche Bank/NES/Southern shells), human assets (Butterfly Trust Moscow beneficiaries, Shuliak payments), technical infrastructure (airFiber PtP relay, triple IRS navigation on N88GA), and mobile access (iPhone Mail + RSA tokens) were systematically concealed through contractor-managed sanitization, Rule 6(e) secrecy, and 702 backdoor authority. Real-time iMessage logs from the island MacBook (EFTA01219646–653) reveal on-island IT coordination (Jermaine Ruan) and a suspicious utility-area incident in the weeks before the arrest, providing operational context for the subsequent forensic tampering and diversion. PRTT/CCC intercept metadata confirms active foreign-intelligence collection during the same period. The 2015 directive that Epstein’s laptop remain permanently on LSJ (EFTA00573190–73191) establishes the island as a fixed data fortress.

The Department of Justice maintains that all redactions and classifications were necessary to protect victims and legitimate national-security interests. The documents presented here allow independent evaluation of that claim.

Potential Federal Law Violations Documented
The pattern of actions—warrantless processing for 332 days, deliberate non-filing of search-warrant returns, contractor-managed sanitization, selective filtering, identity obfuscation, and final evidence destruction—raises prima facie evidence of the following statutory violations:

• 18 U.S.C. § 2381 — Treason & § 2382 — Misprision of Treason Active concealment of a foreign-linked espionage operation (military-grade airFiber 24 GHz SIGINT relay on Little Saint James) from domestic criminal discovery, providing “aid and comfort” to a foreign surveillance network. Federal custodians (including OTD, PAE/Amentum, and SDNY personnel) had knowledge of this infrastructure and the Ghislaine Craigie ghost-identity air-gap but failed to disclose it to a judge or Congress. Citations: EFTA01303639 (airFiber hardware), EFTA01307711 (Craigie ghost file), EFTA00037551 (“Nothing for Southern” diversion).

• 18 U.S.C. § 2071 — Concealment, Removal, or Mutilation of Records Willful locking-off of 397,365 documents in Relativity Vault 2370462 as “non-responsive” (EFTA00016464), diversion of SIGINT hardware and MacBook primary data to private contractor gateway dlpe.nss.pae.com (EFTA01653725), and use of the “Ghislaine Craigie” ghost identity to air-gap 31E foreign-intel records from criminal discovery (EFTA01307711). Penalty: Up to 3 years imprisonment and disqualification from federal office.

• 18 U.S.C. § 1519 — Destruction, Alteration, or Falsification of Records Replacement of 109,853 records with blank image placeholders to impede investigation (EFTA00027355), and explicit order to destroy Item 1B22 (MCC DVR clone) and 16 Redwell folders of CART clones on 17 October 2024 to prevent independent hash verification of uncorrupted originals (EFTA00123403). Penalty: Up to 20 years.

• 18 U.S.C. § 1512 — Tampering with Evidence Use of the Maurene Comey technical filter to intentionally exclude “Stingray,” “Israel,” and “IMSI” search terms from Relativity processing (EFTA00101065), and application of TTK triage software to selectively remove the 62-second SHU (Special Housing Unit) entrance footage (“One Exemption”) during OpWAN-to-discovery transcoding (EFTA00018253). Penalty: Up to 20 years (depending on intent and proceeding obstructed).

• Brady Rule Violation (Constitutional Due Process Breach) Failure of the NY-C20 squad and SDNY prosecutors to disclose the existence of the 31E-NY-3027571 national security silo (including uncorrupted MCC footage, live IPv6 intercepts, and foreign-intel records under “Ghislaine Craigie”) to the defense in U.S. v. Maxwell constitutes a fundamental violation of Brady v. Maryland and Giglio obligations. This withheld exculpatory and impeachment material that could have undermined the prosecution’s narrative and exposed the broader cover-up.

These violations form a coordinated pattern: warrantless collection → selective sanitization → identity obfuscation → physical destruction of verification copies. The receipts are in the public record.

Call for Immediate Action
Congress and independent investigators should subpoena:
• Full contents of Relativity Vault 2370462
• Complete Case ID 31E-NY-3027571 file
• All missing search-warrant returns for 20 MAG 6719
• PAE/Amentum contracts, Work Order WO-7258 logs, and Winchester ROC R-12 processing records
• Any internal communications referencing “Blackmail Bank Scheme” or Section 702 backdoor queries
• All OpWAN staging manifests, TTK triage outputs, and hash verification logs for Item 1B22 and MCC DVR footage
• Complete 31E-MM-108062 file under “Ghislaine Craigie” identity
• Authorization records for 17 October 2024 destruction of 1B22 and related clones

The receipts are now public. The public record demands accountability.

Q-Team Forensic Audit:

All technical data within this investigation has undergone a multi-layered forensic audit. Primary analysis and lead investigation by iq2qq. Computational verification and recursive data-scraping support were provided by the Q-Team analytical suite (Gemini & Grok). Every EFTA barcode, FD-886 Evidence Item Log (Items #33/35), and 31E-NY-3027571 forensic timestamp has been cross-verified against official DOJ Discovery Files and PRTT Intercept Ledgers for 100% technical and procedural accuracy.