Skip to content
Legal Hotline

The John Bolton indictment probably counts as a media leak case

Post categories

  1. National security
The indictment alleges that the former national security adviser compiled diary entries in preparation for a book.
By Posted on
Former National Security Adviser John Bolton (Flickr/Gage Skidmore)
Former National Security Adviser John Bolton (Flickr/Gage Skidmore)

If you like this post, sign up to get The Nuance newsletter delivered straight to your inbox every month!

On Oct. 16, a federal grand jury in Maryland returned an indictment against former National Security Adviser John Bolton under the Espionage Act for offenses related to the alleged mishandling of classified information. Bolton served in that role from 2018 to 2019 during the first Trump administration.

We’ve received a few questions about how we’re thinking about the case. That is, does it count among our tally of news media leak prosecutions under the Espionage Act? As regular readers of this newsletter know, we have set out to comprehensively catalog every case brought against an individual under the Espionage Act for unauthorized disclosures of national defense information where the government alleges that the disclosure was made with the intent that the information be communicated to the public in some form of media. Our master chart of cases is here. (Note that we’re in the process of a comprehensive update so this does not capture certain developments in several of the more recent cases.)

In any event, the answer is the Bolton indictment probably does count, though it does not involve an alleged leak to a journalist or news organization per se. Rather, the indictment appears to allege that Bolton was transmitting and retaining classified information through the preparation of what he called “diary” entries, in preparation for his book “The Room Where It Happened” or for future writings. 

In that sense, it most closely resembles the allegations against David Petraeus, the retired general and former CIA director, which we do count in our tally. Petraeus was initially investigated for possible Espionage Act violations but pled guilty in 2015 to a single misdemeanor charge under a separate statute, 18 U.S.C. 1924, for allegedly sharing notebooks containing “code word” classified information with his biographer. (That statute was bumped up to a felony during the first Trump administration.)

Josh Gerstein, a journalist for Politico and RCFP steering committee member, has already helpfully laid out the pantheon of prominent national security officials — as well as Presidents Trump and Biden — who have faced claims that they were “cavalier, or worse” with classified information. We thought that it might be useful to separately summarize the Bolton indictment to help explain why it makes our list of Espionage Act leak cases.

As with all of these Espionage Act indictments, the government begins by laying out a narrative summary of the factual allegations and then breaks down the specific counts. Starting with the latter, Bolton faces 18 counts, separated into two buckets.

The first bucket alleges the unlawful transmission of eight separate documents containing national defense information. Those correspond to eight counts alleging violations of 18 U.S.C. 793(d). That subsection of the Espionage Act applies to individuals with lawful access to national defense information who willfully transmit the same to someone not entitled to receive it. (Note that national defense information is a term of art in the law; for the purposes of this summary, one can think of it as classified material.)

The indictment alleges that the dates of the transmission all occurred during Bolton’s time as national security adviser — April 9, 2018, to Sept. 10, 2019 — save the last document, which the government claims was transmitted five days after he left. 

The second bucket alleges the unlawful retention of 10 classified documents, which correspond to 10 counts alleging violations of 18 U.S.C. 793(e). That subsection of the Espionage Act covers anyone with unauthorized access to national defense information who, as relevant here, “willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it.” These counts allege unlawful retention from April 9, 2018, through Aug. 22, 2025, the date that the FBI executed a search warrant at Bolton’s Maryland home.

Now to the factual allegations. At a high level, the indictment claims that Bolton routinely used personal email and an encrypted messaging application to send “diary” notes containing classified information to two relatives over the course of his time as national security adviser. 

It appears that the diary entries were to be used in the preparation of his 2020 book, which is what makes this case one for our tally (see paragraph 48 of the indictment and the reference to “bookwriting”). 

We should note that the indictment is a bit confusing on this point because it states in paragraph 53 that none of the classified information listed in the various counts was ultimately included in the book. 

In the preceding paragraph, however, the indictment says that when Bolton submitted the book to the National Security Council for pre-publication review, the NSC concluded that it had significant amounts of classified information that needed to be removed. Whether classified information from the documents at issue in the indictment was initially included in the book and then removed isn’t clear but that does seem to be the implication. 

Getting into the specifics of the indictment, the factual narrative is broken down into four sections. Those are summarized below, with a few observations.

Introduction (paragraphs 1-14): This section outlines the case. It describes Bolton’s government service; notes that he signed various non-disclosure agreements to receive his clearance; explains that he had a secure facility installed in his home to handle classified information, which was removed after he left government service; alleges that he shared more than 1,000 pages of “diary-like” entries with two relatives; and includes one of the more bizarre details — that Bolton’s private email was apparently hacked by Iran (described more below).

Classified Information (paragraphs 15-26): This is standard boiler-plate language that explains the classification system, including the levels of classification and the various classification markings that feature in the descriptions of the 18 documents that provide the basis for the 18 counts.

Transmission While Bolton Was NSA (paragraphs 27-49): This section contains the detailed allegations regarding the eight documents that support the transmission counts. It goes through how each document was sent via personal email or an encrypted app and includes verbatim texts and messages between Bolton and the two relatives. For instance, in paragraph 35, the government alleges that Bolton sent a message and document to the two relatives with information he learned as national security adviser and followed up with a note saying, “None of which we talk about!!!”

Additional Relevant Events (paragraphs 50-66): This section covers four main themes. First, it details the publication of Bolton’s memoir, including that the memoir did not contain the classified information in the 18 documents but that Bolton agreed in the settlement of a civil suit to return all material with classified information to the government. 

Second, it describes the Iran hack. According to the indictment, Bolton’s representative notified the FBI in July 2021 that Bolton’s personal email had been hacked and that the representative believed the culprit to be Iran. Later that month, the representative contacted the FBI to report the receipt of messages that appeared to be from the hacker asking Bolton to contact him or her. In early August, Bolton received another message that read “OK John … As you want (apparently), we’ll disseminate the expurgated sections of your book by reference to your leaked email.” The indictment concludes this section by stating that Bolton did not tell the FBI that he had used the compromised account to transmit classified information to his relatives.

Third, paragraph 60 describes the FBI seizing electronic and paper files from Bolton’s home in August 2025, which are the basis for the retention charges in counts 9 through 18.

And, finally, the indictment includes several public statements from Bolton that the government claims “demonstrat[e] his understanding of how to properly handle classified information and the potential consequences of failing to do so.”

So, in sum, the indictment alleges that Bolton prepared what he called diary entries in preparation for a book. While it’s not a leak to a reporter, our take is that the book element qualifies the prosecution as an Espionage Act media leak case.

As a final post-script, what the indictment does not get into is possibly one of the most salient press freedom aspects of the Bolton saga: that the U.S. Justice Department sought an extraordinary injunction to block the publication and sale of his book. Judge Royce Lamberth of the U.S. District Court for the District of Columbia famously refused that request, writing “The damage is done.” But Judge Lamberth also stated that “Bolton’s unilateral conduct [in publishing the book without waiting for final clearance from the government] raises grave national security concerns.”

For anyone looking for a refresher on that controversy, please see the friend-of-the-court brief that the Reporters Committee submitted in the case (which your author distinctly remembers blearily trying to finalize at 4 a.m.). We were joined by the Association of American Publishers, Dow Jones, The New York Times, and The Washington Post.

Photo credit: Flickr/Gage Skidmore

Stay informed by signing up for our mailing list

Keep up with our work by signing up to receive our monthly newsletter. We'll send you updates about the cases we're doing with journalists, news organizations, and documentary filmmakers working to keep you informed.