STORY UPDATED: check for updates below.

Not In Docs

Did Special Counsel John Durham's court filings say the Hillary Clinton campaign in 2016 paid to have servers in Trump Tower and in the White House infiltrated in hopes of establishing a link between Russian operatives and Donald J. Trump? No, that's not true: neither the new filing nor the indictment Durham filed in 2021 about events in 2016 say anyone infiltrated White House or Trump Tower servers. This fact check is only concerned with the claim the Durham filings say the White House and other servers were infiltrated (or exploited, accessed, touched, connected to, looked at, hacked...). The Durham filing only spoke about the exploitation of DNS data "pertaining to" (i.e. about) several locations and organizations and the only "servers" it mentions were not at those locations and neither were they owned or operated by those organizations.

The claim about White House and Trump Tower server infiltration appeared in a February 12, 2022, video and article (archived here) published by FOX News titled "Clinton campaign paid to 'infiltrate' Trump Tower, White House servers to link Trump to Russia: Durham" which opened:

Lawyers for the Clinton campaign paid a technology company to "infiltrate" servers belonging to Trump Tower, and later the White House, in order to create fake information to bring to government agencies linking Donald Trump to Russia, a filing from Special Counsel John Durham says.

Users on social media only saw this title, description and thumbnail:

Clinton campaign paid to 'infiltrate' Trump Tower, White House servers to link Trump to Russia: Durham

Lawyers for the Clinton campaign paid a technology company to "infiltrate" servers belonging to Trump Tower, and later the White House, in order to create fake information to bring to government agencies linking Donald Trump to Russia, a filing from Special Counsel John Durham says.

On its website, FOX summarized its report as follows:

First on Fox: Lawyers for the Clinton campaign paid a technology company to "infiltrate" servers belonging to Trump Tower, and later the White House, in order to establish an "inference" and "narrative" to bring to government agencies linking Donald Trump to Russia, a filing from Special Counsel John Durham found.

But Durham's filing, referencing a 2021 grand jury indictment that alleges Michael Sussman lied to federal investigators and to reporters investigating Trump, doesn't say that.

Durham, the Special Counsel that Trump's attorney general, Bill Barr, appointed to investigate how the FBI acted on what turned out to be false premises, makes it clear that Sussman, an attorney paid both by the Clinton campaign and an un-named pro-Clinton tech executive, didn't have success documenting a Trump/Russian Bank connection.

Nor the indictment -- against a lawyer who simultaneously worked for the Clinton campaign and for a pro-Clinton tech executive -- nor the new filing say that Trump Tower and White House servers were infiltrated at all.

All Clinton lawyer Michael Sussman had in 2016, Durham wrote in the indictment, was public and non-public data showing domain name lookups between a Russian bank and a company not owned by Trump that sent advertisements for Trump hotels and hundreds of other clients.The records Sussman used to convince U.S. intelligence agencies to investigate a Trump/Russia connection did not even concern a Trump-owned server, as the indictment spells out on page 3:

(Source: justice.gov screenshot by Lead Stories taken Thu Feb 17 at 01:25:00 2022 UTC)

According to Durham's filing, most of what Sussman had were records of Domain Name System (DNS) lookups, which is how human readable internet addresses called "domains" (like example.com) are turned into alphanumeric codes identifying specific servers (like "171.92.121.78" or "2001:0db8:85a3:0000:0000:8a2e:0370:7334").

The only time the new filing mentions "servers" is in this paragraph:

(Source: justice.gov screenshot with highlighting added by Lead Stories taken Thu Feb 17 at 07:25:00 2022 UTC)

But these are the servers operated by a client of Tech Executive-1. The Washington Post reported the executive was Rodney Joffe and they got following statement from his spokesperson:

Mr. Joffe is an apolitical Internet security expert with decades of service to the U.S. Government who has never worked for a political party, and who legally provided access to DNS data obtained from a private client that separately was providing DNS services to the Executive Office of the President (EOP).

The filing says Joffe looked at this data from his employer's client to look for information related to "(i) a particular healthcare provider, (ii) Trump Tower, (iii) Donald Trump's Central Park West apartment building, and (iv) the Executive Office of the President of the United States". It does not say he accessed, connected to or even "infiltrated" any servers owned or operated by any of these entities.

The chronology of events described in the indictment filed by Durham makes claims about White House server infiltration nonsensical. Sussman is indicted for activities undertaken the year before Trump was sworn in. Had Sussman and the tech executive Durham names as Sussman's accomplice sought to scoop up White House DNS data, they'd have been spying on Barack Obama, not Trump.

The indictment filed by Durham describes on page 12 how Sussman used the simple and non-probative DNS data to create the illusion of illicit activity between candidate Trump and Russian bankers, months before Trump would be sworn in and occupy the Oval Office:

(Source: justice.gov screenshot with highlighting added by Lead Stories taken Thu Feb 17 at 01:43:00 2022 UTC)

The indictment filed by Durham charges Sussman with lying, but not actual infiltration of private Trump servers and does not mention White House servers at all: