State Department’s inspector general criticizes Clinton for private emails, but does not allege any breach of national security

The media villagers were all in a lather yesterday over the Inspector General report regarding Hillary Clinton’s emails while she was Secretary of State. The New York Times reports, Hillary Clinton Is Criticized for Private Emails in State Dept. Review:

Hillary-Clinton-textingThe State Department’s inspector general on Wednesday sharply criticized Hillary Clinton’s exclusive use of a private email server while she was secretary of state, saying that she had not sought permission to use it and would not have received it if she had.

The report, delivered to members of Congress, undermined some of Mrs. Clinton’s previous statements defending her use of the server[.]

The inspector general found that Mrs. Clinton “had an obligation to discuss using her personal email account to conduct official business” with department officials but that, contrary to her claims that the department “allowed” the arrangement, there was “no evidence” she had requested or received approval for it.

And while other senior officials had used personal email accounts for official business, including Colin Powell when he was secretary, the rules made clear by the time she became the nation’s top diplomat that using a private server for official business was neither allowed nor encouraged because of “significant security risks.”

Mrs. Clinton’s use of a private server was known by some officials beyond her closest aides, but no one in the State Department told her directly to use the department’s official email. When two officials in the record-keeping division raised concerns in 2010, their superior “instructed the staff never to speak of the secretary’s personal email system again,” the report said.

* * *

Mrs. Clinton and her aides have played down the inquiries, saying that she would cooperate with investigators to put the email issue behind her. Even so, she declined to be interviewed by the inspector general, Steve A. Linick, or his staff, as part of his review. So did several of her senior aides.

Mrs. Clinton and her aides have played down the inquiries, saying that she would cooperate with investigators to put the email issue behind her. Even so, she declined to be interviewed by the inspector general, Steve A. Linick, or his staff, as part of his review. So did several of her senior aides.

In an already tumultuous, highly polarizing election season, the reaction to the findings broke along partisan lines. Senator Dianne Feinstein of California, a Democratic supporter of Mrs. Clinton’s, said the findings revealed “nothing new.” Representative Eliot L. Engel, Democrat of New York, who previously criticized the inspector general’s office as politicized, called the report a “hatchet job.”

* * *

The 79-page report added considerable new detail about the former secretary of state’s use of the server, as well as her motivation for setting it up. Mrs. Clinton has publicly said the arrangement was a matter of convenience, but emails disclosed in the report made it clear that she worried that personal emails could be publicly released under the Freedom of Information Act. In November 2010, her deputy chief of staff for operations prodded her about “putting you on State email” to protect her email from spam. Mrs. Clinton declined. She replied that while she would consider a using a separate address or device, “I don’t want any risk of the personal being accessible.”

The report did not delve deeply into the issue that has become the focus of the F.B.I.’s investigation — the references in dozens of emails to classified information, including 22 emails that the C.I.A. said contained information on programs or sources that were “top secret.” It nonetheless called into question the risks of using a private system for what were clearly sensitive discussions of the nation’s foreign policy.

It noted that Mrs. Clinton sent or received most of the emails that traversed her server from a mobile device, her BlackBerry. Department officials told the inspector general’s office that “Secretary Clinton never demonstrated to them that her private server or mobile device met minimum information security requirements,” the report said.

The report also criticized Mrs. Clinton for not adhering to the department’s rules for handling records under the Federal Records Act once she stepped down in January 2013. She did not do so until late 2014, when the State Department, under pressure from Republicans in Congress investigating the 2011 attack in Benghazi, Libya, that killed four Americans, requested that she turn them over.

It was only then that Mrs. Clinton instructed her aides to cull through roughly 60,000 emails that had passed through the server and turn over those involving official business. Those amounted to roughly half of the total. “Secretary Clinton should have surrendered all emails dealing with department business before leaving government service and, because she did not do so, she did not comply with the department’s policies that were implemented in accordance with the Federal Records Act,” the report said.

While acknowledging that Mrs. Clinton had ultimately complied with requests to turn over the emails, the report determined that the effort was “incomplete.”

* * *

The report broadly criticized the State Department as well, saying that officials had been “slow to recognize and to manage effectively the legal requirements and cybersecurity risks” that emerged in the era of emails, particularly those of senior officials like Mrs. Clinton.

It said that “longstanding systemic weaknesses” in handling electronic records went “well beyond the tenure of any one secretary of state.” The inspector general’s review covered the practices of five secretaries going back to Madeleine K. Albright, when the Internet remained a novelty, especially in the hidebound bureaucracy of the State Department.

Mrs. Albright and Condoleezza Rice told the inspector general that they did not use personal email. But the report singled out Mr. Powell, who was secretary from 2001 to 2005, saying he regularly used a private email address to communicate with people outside the building.

Mr. Powell told investigators he used the address only for unclassified emails, but at least two emails forwarded to him have since been determined to have included information that is now classified.

The rules governing emails under previous secretaries were, the report said, “very fluid.” By the time Mrs. Clinton came to office, however, they were “considerably more detailed and sophisticated,” spelling out the “obligation to use department systems in most circumstances and identifying the risks of not doing so.”

The department issued numerous warnings dating back a decade about the cybersecurity risks of using personal emails accounts for government business, the report said. Mrs. Clinton was personally sent a memo in 2011 warnings of hackers trying to target unclassified, personal email accounts. She was also given a classified, in-person briefing on the dangers, the report said.

The report also disclosed an attempt to hack into Mrs. Clinton’s server in January 2011. It said a “nondepartmental adviser” to Bill Clinton — apparently Bryan Pagliano, who installed the private server — informed the department that he had shut down the system because “someone was trying to hack us and while they did not get in, I didn’t want to let them have a chance.”

The attack continued later that day, prompting another official to write to two of Mrs. Clinton’s top aides, Cheryl D. Mills and Jake Sullivan, to warn them not to send her “anything sensitive.” The official said that she would “explain more in person.” The report found that while dozens of State Department employees used personal email accounts periodically over the years, including Ms. Mills and Mr. Sullivan, only three officials were found to have used it “exclusively” for day-to-day operations: Mrs. Clinton; Mr. Powell, and Jonathan Scott Gration, who was ambassador to Kenya from 2011 to 2012.

Department officials never directly told Mrs. Clinton or Mr. Powell that they needed to end their use of personal email, the report found, but in Mr. Gration’s case, they did. In 2011, officials warned him that he was not authorized to use personal email for government business in Kenya. He continued doing so, and the department initiated disciplinary action over “his failure to follow these directions” and several other undisclosed infractions, the report said. He resigned in 2012 before any action was taken.

Secretary of State John Kerry also acknowledged to the inspector general that he had used a personal account at times, but “began primarily using his department email account to conduct official business.” Mr. Kerry said that while he still occasionally responded to people who emailed him on his personal account, he would preserve the emails for the record.

Paul Waldman of the Washington Post asks, What does the new Inspector General report actually tell us about Hillary Clinton’s emails?

[L]et’s see if we can sort through what’s there and what isn’t.

You can read our story by Rosalind Helderman and Tom Hamburger for a summary, but here are the two key excerpts from the IG’s report that deal with Clinton. First:

Secretary Clinton should have preserved any Federal records she created and received on her personal account by printing and filing those records with the related files in the Office of the Secretary. At a minimum, Secretary Clinton should have surrendered all emails dealing with Department business before leaving government service and, because she did not do so, she did not comply with the Department’s policies that were implemented in accordance with the Federal Records Act.

So that’s one problem: she should have printed out her emails so they could be archived, but she didn’t do that until the department sent a request to multiple secretaries of state, two years after she left office. Here’s the other part, which is more serious:

Secretary Clinton used mobile devices to conduct official business using the personal email account on her private server extensively, as illustrated by the 55,000 pages of material making up the approximately 30,000 emails she provided to the Department in December 2014. Throughout Secretary Clinton’s tenure, the FAM [Foreign Affairs Manual] stated that normal day-to-day operations should be conducted on an authorized AIS [Automated Information System], yet OIG found no evidence that the Secretary requested or obtained guidance or approval to conduct official business via a personal email account on her private server. According to the current CIO and Assistant Secretary for Diplomatic Security, Secretary Clinton had an obligation to discuss using her personal email account to conduct official business with their offices, who in turn would have attempted to provide her with approved and secured means that met her business needs. However, according to these officials, DS and IRM [Bureau of Information Resource Management] did not — and would not — approve her exclusive reliance on a personal email account to conduct Department business, because of the restrictions in the FAM and the security risks in doing so.

Get past all the abbreviations and government-speak, and what it comes down to is that Clinton should never have used a personal email account, no matter how secure she thought it was, for department business, and that she repeatedly failed to consult with personnel who should have been aware of how her personal system worked.

If you’re saying, “Didn’t we already know that?”, well yes, we mostly did, though there are some new details here. So here’s what Clinton and her supporters will say: This report doesn’t reveal anything new. Clinton already said that using a private email server instead of the State Department’s system was a mistake, and she apologized for it. But there’s no evidence that national security was actually compromised, none of her emails contained information that was classified at the time she sent or received it, and even if she violated departmental policy, she certainly didn’t do anything criminal. And don’t forget that the report was highly critical of Colin Powell, who also used his personal email for official business.

And here’s what her opponents will say: This report shows the true gravity of Clinton’s misdeeds. She violated the department’s policies. She probably committed crimes. For all we know Kim Jong Un was reading her emails every night. At every step, she tried to hide from scrutiny and accountability.

How valid are those arguments? Clinton’s case is meant to lead you to the conclusion that in the end this is not that big a deal. The Republicans’ case is that she was reckless and irresponsible, and terrible things might have happened as a result. On one hand, we don’t have any evidence of anything terrible happening, but on the other hand, speculation is all Republicans need to get what they want out of this matter.

That’s because the political reality is that Republicans aren’t making a big deal out of this because of their deep and abiding concern for cybersecurity. They just want something to hammer Clinton with. Which is fine — that’s politics. But they also know that the details are all but irrelevant. Most Americans couldn’t tell you what this controversy is actually about; they just know that Clinton did something shady with emails. As long as Republicans can weave that into a larger argument about her being untrustworthy, they’ll run with this, even if they’d be even happier if Clinton got indicted (which is theoretically possible but looking extremely unlikely at this point).

And though Clinton would like us to believe that her intentions were pure and unimpeachable, while Republicans would like us to believe that her intentions were dark and sinister, the truth is probably somewhere in between. I don’t doubt that Clinton made the initial decision to use a private server in order to retain control of her communications. That’s not because she was planning to execute some kind of nefarious criminal conspiracy over email, but because she knew that she’ll always be the target of lawsuits and fishing expeditions from her political opponents, and she didn’t want to give them any more material to work with. As a piece of forward-looking political strategy, we now know how foolish that was; it’s done far more damage to her than it would have if her emails had regularly been FOIA’ed and then leaked to the press by her opponents.

But it also appears, from what we know so far, that there weren’t really any practical consequences for the country because of her decision — no covert operations compromised, no key national security information delivered to our enemies. And cybersecurity experts will tell you that her emails likely would have been no less vulnerable had they been on the State Department’s servers, which are the target of constant hacking attempts.

Screenshot from 2016-05-26 15:28:34

Most Voters Don’t Care About Hillary Clinton’s Email – Huffington Post (Aug. 20, 2015), Hillary Clinton email flap won’t matter to voters – Newsday (May 26, 2016).

So maybe the best thing for Clinton to do now would be to say that this whole episode has brought home to her the need for the federal government to dramatically improve its cybersecurity, and she wants to assemble a blue-ribbon commission of experts to devise a plan to reform the systems across the government, one that she hopes Republicans will join with her to pass through Congress within her first year in office so it can be implemented as soon as possible. At least then some good might come of this controversy.

Nancy Le Tourneau at the Political Animal Blog discusses the GOP’s Rules Are For Thee, But Not For Me:

If you’d like a quick rundown of the Inspector General’s report about Hillary Clinton’s emails, Paul Waldman summarized it well.

This report doesn’t reveal anything new. Clinton already said that using a private email server instead of the State Department’s system was a mistake, and she apologized for it. But there’s no evidence that national security was actually compromised, none of her emails contained information that was classified at the time she sent or received it, and even if she violated departmental policy, she certainly didn’t do anything criminal. And don’t forget that the report was highly critical of Colin Powell, who also used his personal email for official business.

You won’t hear much about that last sentence from conservatives. They want you to forget about it. But even more significantly, they sure don’t want you to remember this:

In 2007, when Congress asked the Bush administration for emails surrounding the firing of eights U.S. attorneys, Attorney General Alberto Gonzales revealed that many of the emails requested could not be produced because they were sent on a non-government email server. The officials had used the private domain gwb43.com, a server run by the Republican National Committee. Two years later, it was revealed that potentially 22 million emails were deleted, which was considered by some to be a violation of the Presidential Records Act.

This is an age-old trick that Republicans have been using for a long time. They ignore what they’ve been doing for years and pretend that it is an evil plot invented by Democrats. To point out the actual history makes you look like a four year-old saying “s/he did it first.”

We’ve seen countless examples of this – with a whole host of ridiculous ones thrown at President Obama. To give you a few examples, conservatives have been known to light their hair on fire over the President’s use of teleprompters, not wearing a coat and tie in the Oval office, putting his feet on the desk and golfing-while-president (click on the links for a quick reality check).

This whole attitude of the “rules are for thee, but not for me” reminds me of something Newt Gingrich once said to his wife, Marianne. Newt had just told her that he was having an affair (with his current wife). Here is the story she tells:

He asked her to just tolerate the affair, an offer she refused.

He’d just returned from Erie, Pennsylvania, where he’d given a speech full of high sentiments about compassion and family values.

The next night, they sat talking out on their back patio in Georgia. She said, “How do you give that speech and do what you’re doing?”

“It doesn’t matter what I do,” he answered. “People need to hear what I have to say. There’s no one else who can say what I can say. It doesn’t matter what I live.”

Clinicians would want to assess someone who said that as a possible sociopath. But perhaps it explains why a serial adulterer assumes that it is not a problem to go after his rival for her husband’s infidelities. One of the signs of a sociopath is an assumption that the rules don’t apply to them.

7 responses to “State Department’s inspector general criticizes Clinton for private emails, but does not allege any breach of national security

  1. captain*arizona

    this is bad enough and when fbi is looking into criminal side it will get worse.

    • AZ BlueMeanie

      Because you are an expert in law enforcement — NOT.

      • But really… how does this obvious and intentional breach of national security (as opposed to inadvertent) make any rational person trust her?

        We have demonstrated history of the Clintons in the WH and both of them acting with obvious impunity as if they were above the law. How could installing her as president do anything but invite her to do the same or worse?

        Lessons of history repeat until they are learned, etc., etc., etc.

        That’s assuming you are correct, BlueMeanie, that there was no actual violation of any criminal law.

        It is NOT too late to nominate the candidate that can actually beat Drumpf; the candidate who has a legitimate vision for America; the candidate who is in it for the people rather than him or herself.

        • AZ BlueMeanie

          Steve, I have made no judgment on whether any actionable offense was committed. I am not privy to the evidence, and I believe in following the evidence where it leads. That said, I have had some experience with lower-level government officials who have used private email outside of official department channels, and in those cases they were not prosecuted, for what it’s worth.

      • There are a lot of reasons why the Democratic party SHOULD NOT have rammed Hillary Clinton down the throats of the voters. A lot of folks have this deep seated belief that Hillary will surprise us and be a good president after all. But, in looking at her past “accomplishments,” how can that be a reasonable or even sane way to promote someone for the highest office in the world? Seriously. If elected, Hillary will be just what she is and has always been. If you like that, then lucky you. But this entire nomination process has been about the Democratic party leaders bowing down to the Clintons to fulfill the fantasies and dreams of the wife of a former president who they worship. Y’all make me sick.

        We’re talking about the futures of millions and millions of people who are going to be on this earth long after we are gone. Shame on the Democrats. You BEAR ALL OF THE RESPONSIBILITY for everything that happens.

        Stop worshiping the Clintons.

        • For Sure Not Tom

          Here’s the headline for the mail server scandal:

          “Granny Doesn’t Understand How the Electronic-Mail Works”

          This is not a reason to not vote for HRC.

          Now, transcripts of Wall Street speeches, her fondness for war, her friendship with mass murderer Henry Kissinger, those are pretty good reasons.

          As far as Bill’s issues with women from the past, those aren’t reasons to not vote for Hillary, either.

          Now, the way the Clinton people treated those women after the scandals were made public, trashing them in the media, calling them liars, trailer trash and much, much worse, that may be a reason to not for a Clinton.

          Classy bunch. I guess Bill was the victim.

          Vote for Jill Stein 2016, give Debbie Wasserman Schulz the bum’s rush, and keep at it, and let’s put an end to the bad soap opera the Democratic party has become.

  2. Hillary will not, yea CANNOT beat Drumpf.

    Love him or hate him, Drumpf connects with the dispossessed in America. No matter how toxic sophisticated political watchers know him to be, Clinton does not connect with voters.

    It is not yet too late for the DNC to nominate the only candidate who can beat Drumpf.