TLDR
Email samples from Data Set 11 date to at least April-May 2017, placing them squarely in the post-NPA, post-conviction period when Epstein was a registered sex offender (PAPER TRAIL Project, 2026). These emails document continued operations — travel coordination for international associates, scheduling, catering for visitor meetings — during the decade-long shadow period between Epstein's 2009 state release and his 2019 federal arrest, when the Non-Prosecution Agreement (NPA — a deal where prosecutors agree not to bring charges) shielded co-conspirators from prosecution (Non-Prosecution Agreement, SDFL, 2007).
The Shadow Period
Between approximately July 2009 — when Jeffrey Epstein completed his 13-month state sentence — and July 6, 2019, when he was arrested by the FBI on federal charges, there exists a decade-long period that might be called the shadow years. During this time, Epstein was a registered Level 3 sex offender. The NPA, signed September 24, 2007, granted immunity from federal prosecution to named co-conspirators: Sarah Kellen, Lesley Groff, Adriana Ross, and Nadia Marcinkova (Non-Prosecution Agreement, SDFL, 2007). The NPA did not restrict Epstein's financial operations, travel, or social activities. It restricted only the federal government's ability to prosecute.
The emails in Data Set 11 come from this period.
What the Dates Show
Two verified samples establish the minimum date range. EFTA02212885 contains an AmEx Centurion Travel booking dated April 24, 2017. EFTA02212883 contains a Lesley Groff email chain dated May 30, 2017. Both fall within the shadow period — eight years after Epstein's state release, two years before his federal arrest (PAPER TRAIL Project, 2026).
The full date range of DS11 is unknown. At the time of discovery, OCR processing (automated text recognition from scanned documents) on DS11 was at 0%, meaning no automated date extraction had been performed. Only manual inspection of sample PDFs established the April-May 2017 dates. Entity extraction processing has since been completed across the full DS9 and DS11 email corpus, extracting 2,383,898 entities, but systematic date extraction from the email content has not been performed (PAPER TRAIL Project, 2026).
The emails may span months, years, or decades. The two verified samples provide a floor, not a ceiling. What they prove is that at minimum, the corpus contains emails from a period when Epstein was operating as a convicted sex offender with full access to his financial and logistical infrastructure.
What the Emails Document
The content of the two verified samples is significant precisely because it is ordinary. The May 30, 2017 email shows "jeffrey E." directing Lesley Groff to prepare "cookies or small cakes. tea" for a noon appointment with "Maxim and his mom." The April 24, 2017 email documents AmEx Centurion Travel arranging commercial airline tickets for a Russian citizen departing St. Thomas for JFK, with Groff coordinating a "new ticket back to Moscow" (PAPER TRAIL Project, 2026).
Neither email describes criminal activity. Both describe a functioning operation: a principal giving instructions to an assistant, visitors being received at a residence, international travel being coordinated for associates. The significance is not in the content of any single email but in what the content collectively reveals — that as of 2017, Epstein's domestic and international operations were running normally. The executive assistant was at her desk. The travel service was booking flights. The kitchen was being stocked for guests.
The Deutsche Bank Timeline
The 2017 date range intersects with a specific window in the financial record. Deutsche Bank maintained its relationship with Epstein from August 2013 to December 2018. In March 2017 — one month before the AmEx booking — Deutsche Bank's transaction monitoring system flagged payments from Epstein accounts to a Russian model and publicity agent. The compliance team cleared the alert: "normal for this client" (NYDFS, 2020).
This temporal alignment is what makes the 2017 emails valuable beyond their individual content. They provide a parallel record of operations at the exact moment when the financial record shows Deutsche Bank was actively noting and dismissing suspicious activity. The emails show the operational side — visitors arriving, travel being arranged, appointments being scheduled. The banking records show the financial side — payments being made, alerts being generated, compliance decisions being rendered. The two datasets describe the same reality from different angles.
The NPA's Long Shadow
The NPA signed in September 2007 was not a time-limited arrangement. It contained no expiration date. The immunity it granted to the named co-conspirators — Kellen, Groff, Ross, Marcinkova — persisted indefinitely. This meant that throughout the 2017 email period, Lesley Groff was simultaneously named in a federal immunity agreement and actively coordinating Epstein's daily operations (Non-Prosecution Agreement, SDFL, 2007).
The emails from 2017 document what the NPA made possible: continued operations by individuals who could not be federally prosecuted for their participation. The scheduling emails, the travel coordination, the catering requests — all of this activity occurred under the protective umbrella of an agreement that the Eleventh Circuit would later find was made without proper notification to victims under the Crime Victims' Rights Act (CVRA — a law protecting crime victims' right to participate in legal proceedings) (In re Courtney Wild, No. 19-13843, 11th Cir., 2020).
The 2017 date range is a problem because it makes visible what the NPA was designed to obscure: that the network did not stop. It continued. And it continued with the assistance of individuals who were contractually protected from the consequences.
What We Do Not Know
The two verified samples establish that DS11 contains 2017 emails. They do not establish the full temporal range. The 331,655 email PDFs may contain correspondence from years before 2017 or after it. Until systematic date extraction is performed across the full dataset, the boundaries remain unknown.
More importantly, the full date range — once established — will reveal whether the email corpus covers the entire shadow period, just a snapshot, or extends into the period immediately before the 2019 arrest. Emails from early 2019, if they exist in DS11, would document operations during the Deutsche Bank account closures and the financial migration to TD Bank. Emails from 2018 would overlap with ATTORNEY-1's $100,000 cash withdrawal as the Park Avenue branch closed (NYDFS, 2020). Each date range extension adds a new layer of temporal context.
The 863,000 emails are the largest unprocessed analytical resource in the corpus. The 2017 dates are just the first coordinates on a map that has not yet been drawn.
References
In re Courtney Wild, No. 19-13843 (11th Cir. 2020).
Non-Prosecution Agreement, SDFL (2007).
NYDFS. (2020). Consent order: In the matter of Deutsche Bank AG. New York Department of Financial Services. https://www.dfs.ny.gov
PAPER TRAIL Project. (2026). Observations (OBS-7) [Data set].
PAPER TRAIL Project. (2026). Entity extraction results [Script 04].
U.S. Department of Justice. (2026). Epstein files: Data Set 11. DOJ Epstein Library.