About Those Emails

On the Right, it is an article of faith that Hillary Clinton’s use of a private email server while she was Secretary of State involves her in crimes that deserve a jail term; either she will be indicted by the FBI or (if not) President Obama somehow is protecting her from indictment. Donald Trump has said “Hillary Clinton has to go to jail.” and “Anything Obama wants, she’s going forward with because you know why? She doesn’t want to go to jail.”

More recently, as it became clear that Clinton would be nominated, some Bernie Sanders supporters began expressing similar hopes: that legal troubles would take Clinton off the board, leaving the nomination for Sanders. Sanders himself has not gone that far, but has urged voters and delegates to “take a hard look” at the report of the State Department Inspector General.

One small place the Clinton/Sanders debate has been playing out is in the comments on this blog, and I have started getting criticism for ignoring or minimizing the issue, particularly the more recent developments. [1] So I thought I’d read the Office of the Inspector General’s report and other well-informed commentary on the Clinton’s emails and report.

What it’s all about. The OIG report says:

Secretary Clinton employed a personal email system to conduct business during her tenure in the United States Senate and her 2008 Presidential campaign. She continued to use personal email throughout her term as Secretary, relying on an account maintained on a private server, predominantly through mobile devices. Throughout Secretary Clinton’s tenure, the server was located in her New York residence.

Instead, she should have used a State Department email account for official business while she was Secretary of State. I don’t think anyone disputes that basic description of the situation. The entire argument is about how serious the issue is.

Separable concerns. The first thing to understand about Clinton’s emails is that there are two separate and more-or-less opposite concerns: security (i.e., keeping information in) and transparency (letting information out).

Most articles about the emails wander from one concern to the other, sometimes irresponsibly. But it makes no sense to jump from an OIG quote about Clinton breaking transparency rules to a charge that she has put the nation’s security at risk. Either, neither, or both might be true, but they are completely different issues.

We won’t know exactly what the FBI is investigating until they tell us, but indications are that they are focused on the security of classified information. If so, then the OIG report is almost a perfect complement: It focuses mainly on transparency; to the extent it discusses security at all, it talks about sensitive-but-unclassified information, which I assume includes things like personnel records.

Transparency. The OIG report is deadly dull to read, because it’s mainly a recent history of record-keeping at the State Department. Clinton is a central figure, but the sweep is much broader.

The report paints a picture of a common bureaucratic problem: The government has good intentions about keeping complete records. Some of those intentions have been written into laws like the Federal Records Act. The National Archives and Records Administration (NARA) has issued government-wide regulations for meeting the legal requirements, and the State Department, like other departments and agencies, has created policies and procedures that (if followed) should fulfill the NARA regulations.

Unfortunately, though, State (like much of the government) never finds the money to create an up-to-date, usable record-keeping system, particularly with regard to modern forms of communication like email. So proper record-keeping is cumbersome, and employees are left with a conflict between following the proper procedures and getting their jobs done.

According to a 2010 U.S. Government Accountability Office (GAO) report, most agencies do not prioritize records management, as evidenced by lack of staff and budget resources, absence of up-to-date policies and procedures, lack of training, and lack of accountability. In its most recent annual assessment of records management, [the National Archives and Records Administration] identified similar weaknesses across the Federal Government with regard to electronic records in particular. NARA reported that 80 percent of agencies had an elevated risk for the improper management of electronic records, reflecting serious challenges handling vast amounts of email, integrating records management functionality into electronic systems, and adapting to the changing technological and regulatory environments.

You might think that just using the State Department email system would be enough to insure compliance, but no.

Several staff mentioned preserving emails by saving them in their Department email accounts. However, as previously noted, NARA regulations state that agencies may only use an electronic mail system to store the recordkeeping copy of electronic mail messages identified as Federal records if that system contains specific features; the current Department email system does not contain these features.

There’s a separate program for making sure emails get properly recorded, but most people don’t use it.

However, prior OIG reports have repeatedly found that Department employees enter relatively few of their emails into the SMART system and that compliance varies greatly across bureaus, in part because of perceptions by Department employees that SMART is not intuitive, is difficult to use, and has some technical problems.

So working around the system in one way or another has been common.

OIG also reviewed an S/ES-IRM report [don’t worry about the acronym, it looks to be State’s information technology office] prepared in 2010 showing that more than 9,200 emails were sent within one week from S/ES servers to 16 web-based email domains, including gmail.com, hotmail.com, and att.net. S/ES-IRM told OIG that it no longer has access to the tool used to generate this particular report. In another instance, in a June 3, 2011, email message to Secretary Clinton with the subject line “Google email hacking and woeful state of civilian technology,” a former Director of Policy Planning wrote: “State’s technology is so antiquated that NO ONE uses a State-issued laptop and even high officials routinely end up using their home email accounts to be able to get their work done quickly and effectively.”

Previous secretaries of state worked around the system in different ways. Colin Powell used a mixture of personal and official email, while Condoleezza Rice didn’t use email at all. (I’m having trouble imagining how you run a department without email, but somehow she managed it.) Clinton defenders who say that Powell did exactly the same thing as Clinton are exaggerating, but it’s true that no previous secretary had found a way to use email while fully complying with the official procedures.

Nobody worked around the system quite as completely as Secretary Clinton did, and in doing so she undoubtedly violated State Department policies. It’s possible she was in violation of a law against removing government records, though she claims the government still had all her correspondence because the people she was writing to were on government servers. (As we’ve seen, NARA wouldn’t consider that adequate.) She has since sent the government printed copies of her business emails, filtering them out from her personal emails, which were on the same server. (Though critics wonder if she filtered properly.)

But departmental policy is not the same as law, so it’s still iffy whether there’s a technical legal violation related to the FRA. Even if there is, prosecuting for it would be unheard of. The OIG report gives the example of an ambassador to Kenya:

the Ambassador continued to use unauthorized systems to conduct official business [after being told not to]. The Department subsequently initiated disciplinary proceedings against him for his failure to follow these directions and for several other infractions, but he resigned before any disciplinary measures were imposed.

That response — no legal charges, but internal discipline that vanishes when someone leaves State — seems to be how these things are typically handled.

Security. Another point that doesn’t get enough attention in the media is that the State Department’s email system does not have sufficient security to allow classified discussions. Classified discussions require use of a different messaging system, which can only be accessed from secure locations. (I’m wondering whether this system is the one whose messages Chelsea Manning released to the world, but I haven’t verified that.)

So, completely independent of whether Clinton’s email files were stored on her personal server or the State Department’s, those files are not supposed to contain classified information. If they do, there’s been a security violation before the email gets to the server.

In other words, if you’re worried about documents stamped TOP SECRET getting attached to emails and winding up on a hard drive in Clinton’s basement, stop. That’s not how State is supposed to operate or did operate.

The potential security violations we’re hearing about are almost all of the incidental or accidental variety: Somebody (usually not Clinton, but the person writing to her) should have known that certain information ought to be classified, but mentioned it in email anyway. [2] Or an email contained information that the State Department considered unclassified at the time, but was later classified by some other agency.

Politics and sources. Before going into detail about specific alleged violations, another thing to understand is that all our windows into the FBI investigation are distorted by politics. The FBI has not issued any official reports on Clinton’s emails and is not briefing the press directly. But it sometimes briefs members of Congress about what it has been finding, and that information sometimes gets leaked to the press.

So most of the news articles about the FBI investigation into Clinton’s emails are based on leaks from Republican congressmen, who may slant their assessments or cherry-pick their quotes because they want to make Clinton look bad. Whenever a story mentions “congressional sources”, that generally means “Republicans”.

As a result, there has been a string of sensational “scoops” that subsequently had to be walked back as more accurate versions came out. (One report that 147 FBI agents were involved in the investigation — making it a Public Enemy #1 scale effort — eventually got reduced to less than 12.) As always, the sensational version sticks in the public mind even after it has been debunked. This is particularly true within the conservative echo chamber.

Recent revelations. This week the The Wall Street Journal published an article (sourced to anonymous “congressional and law-enforcement officials”) describing top-secret information allegedly found on Clinton’s server. These were email exchanges between lower-level State Department officials that got forwarded to Clinton. (I found no claim that Clinton participated in the exchanges.)

The circumstances are worth understanding: The U.S. regularly launches drone strikes in Pakistan without the official consent of the Pakistani government. This fact itself is considered top secret (even though everyone knows it), and plans for specific drone strikes are top secret, for obvious reasons. (If news about the strike got out beforehand, whoever we were trying to attack could get away.)

As you can imagine, the drone program is not popular inside Pakistan. Protests from Pakistani officials got more and more intense, and the State Department was the official channel for receiving these protests. So eventually, officials at State were given prior warning of drone strikes.

The CIA initially chafed at the idea of giving the State Department more of a voice in the process. Under a compromise reached around the year 2011, CIA officers would notify their embassy counterparts in Islamabad when a strike in Pakistan was planned, so then-U.S. ambassador Cameron Munter or another senior diplomat could decide whether to “concur” or “non-concur.” Mr. Munter declined to comment.

Diplomats in Islamabad would communicate the decision to their superiors in Washington. A main purpose was to give then-Secretary of State Clinton and her top aides a chance to consider whether she wanted to weigh in with the CIA director about a planned strike.

Drone strikes are time-sensitive events, because the terrorist leaders they target move around a lot. So if State was going to object, it had to do so quickly. And now we once again run into the limitations of State Department systems.

The time available to the State Department to weigh in on a planned strike varied widely, from several days to as little as 20 or 30 minutes. “If a strike was imminent, it was futile to use the high side, which no one would see for seven hours,” said one official. [3]

Adding to those communications hurdles, U.S. intelligence officials privately objected to the State Department even using its high-side system. They wanted diplomats to use a still-more-secure system called the Joint Worldwide Intelligence Community Systems, or JWICs. State Department officials don’t have ready access to that system, even in Washington. If drone-strike decisions were needed quickly, it wouldn’t be an option, officials said.

So once again, we see people facing a choice between following proper procedures and getting their jobs done. On at least a few occasions, then, discussions about drone strikes happened over insecure email channels.

One such exchange came just before Christmas in 2011, when the U.S. ambassador sent a short, cryptic note to his boss indicating a drone strike was planned. That sparked a back-and-forth among Mrs. Clinton’s senior advisers over the next few days, in which it was clear they were having the discussions in part because people were away from their offices for the holiday and didn’t have access to a classified computer, officials said.

I interpret “cryptic” to mean that the officials tried to be oblique in their references, so that anyone who might intercept the email wouldn’t immediately know what they were talking about. (I picture something like Tony Soprano’s phone conversations, or the ones KGB agents have on The Americans.) This is not considered an acceptable technique for securing classified information, but it seems to have worked.

U.S. officials said there is no evidence Pakistani intelligence officials intercepted any of the low-side State Department emails or used them to protect militants.

The WSJ article also notes that this kind of corner-cutting happens from time to time all over the government.

Several law-enforcement officials said they don’t expect any criminal charges to be filed as a result of the investigation, although a final review of the evidence will be made only after an expected FBI interview with Mrs. Clinton this summer.

One reason is that government workers at several agencies, including the departments of Defense, Justice and State, have occasionally resorted to the low-side system to give each other notice about sensitive but fast-moving events, according to one law-enforcement official.

So: Rules were broken, but not with malicious intent, and apparently without bad consequences. The most serious violations were not by Clinton, but the record of that rule-breaking is on her server and shouldn’t be. If the WSJ article is accurate, prosecuting anyone for these incidents would be highly unusual, and Clinton would not be at the top of the list.


[1] Here’s where I’m coming from: I voted for Sanders in the New Hampshire primary and have been raising many of his signature issues — inequality, campaign finance, etc. — for several years. But I have criticized the anti-Clinton turn in Sanders’ rhetoric. And I have been increasingly disenchanted with his campaign’s tendency to turn the ordinary politics of a presidential contest into a persecution narrative, one that unifies the media, the Democratic Party, election officials, and everybody else who isn’t 100% for Bernie into a sinister Clinton-supporting “Them”.

[2] If you’ve ever worked someplace that handles classified information (I used to and my wife still does), you know that such technical violations of security are not that unusual, because the boundary between what can and can’t be said in certain places to certain people can be hazy. (I’ve heard many face-to-face conversations end with: “But we probably shouldn’t be talking about this.”) Also, while any idiot should know not to mention the names of spies or technical details of weapons systems, a lot of stuff gets classified that really isn’t that important. That kind of information sometimes slides into conversations without anybody noticing.

[3] The article does not speculate about this, but I wonder if the CIA ever gamed the system: By picking particularly inconvenient moments to notify State and leaving very small time windows, they might make it harder for State to interfere with their plans.

Post a comment or leave a trackback: Trackback URL.

Comments

  • ericralbright  On June 13, 2016 at 11:18 am

    It could also be pointed out that while Clinton had stated that her use of a personal email server “was allowed,” the IG report reveals that she had never sought approval and never received it. The State Department elsewhere was quoted as saying that she wouldn’t have received approval had she sought it. Besides the reality of working with a cumbersome government system, Clinton’s persistent disingenuity and dodges are a substantial component of the situation.

    Also the claim that her predecessors did the same thing, when in fact they had not used exclusively private servers under their purview in the basement of their homes, maintaining responsibility for/control of it’s management and security throughout their services as Secretary of State for the most powerful nation on Earth, does not appear conducive to Clinton’s defense. This is another dodge atop the previous one.

    • weeklysift  On June 13, 2016 at 12:30 pm

      The general trust issue is something I intend to discuss in a future week. It’s hard to cover both that and the “She should be in jail” point in the same article without muddling things up.

    • Alan  On June 13, 2016 at 1:01 pm

      Every once in a while I’m involved in or witness a conversation along these lines:

      “Why did you do that?”
      “Because I thought I was allowed to.”
      “If you weren’t sure, you should have asked.”
      “I may have been wrong, but at the time I was sure.”

      If Clinton believed what she did was allowed, her statement is honest; it would not be disingenuous, nor a dodge. As Secretary of State she made many decisions every day for which she didn’t seek approval; she relied on her understanding of what she was allowed to do.

      If every word she says is going to be parsed in the most uncharitable light possible, no conversation is possible.

      • Guest  On June 15, 2016 at 8:43 pm

        “If every word she says is going to be parsed in the most uncharitable light possible, no conversation is possible.”

        A great point Alan, and let’s not ignore the flip side of that coin. If every word a politician says is going to be uncritically accepted in the most charitable light, especially from an openly pro-corporate hawk, we’re going to have even bigger issues.

      • JELC  On June 16, 2016 at 5:40 pm

        Ok, I’m going to break down this comment, because frankly your reasoning is abysmal.

        1) “every word a politician says”
        Alan is not asking you to buy everything she says. He is asking you to weigh each assertion individually based on what you can actually figure out about it rather than dismissing it all out of hand, which your comment shows a clear tendency to do.

        2) “uncritically accepted in the most charitable light”
        Alan did not say “Clinton is definitely telling the truth” he said “if she believed X, then she was honest.” You can still decide based on evidence that you do not think she believed X.

        Frankly, I suspect that the truth is closer to what stevesidner is saying: she knew it was dubious at best, but didn’t see any better way to do her job, so she took a shortcut in order to accomplish the things she had to do or the country wouldn’t function. This is a pretty common thing. It’s not a good thing, and I don’t know that I agree with her handling of it, but “I can’t do my job properly, so I’m going to have to do it improperly” is an understandable impulse. I have yet to hear a credible explanation of what she gained from doing it from people who think Clinton has done a terrible awful thing.

        3) “openly pro-corporate hawk”
        a) citation needed. I’ll agree that Clinton is more hawkish than I am comfortable with, but you’re making a pretty big assertion here that only captures part of Clinton’s fairly complex history of voting, and campaigning.

        b) Being pro-corporate and hawkish does not in itself make someone unworthy of having what they have to say interpreted charitably. Even if you dislike most of what someone stands for, interpreting what they have to say with some degree of charity can be important because there is often some common ground you can work towards that will achieve something good.

        4) “we’re going to have even bigger issues”
        What bigger issues? Unless you substantiate this, you are making an empty appeal to an unspecified fear.

        Alan presented a clear problem that arises from constantly parsing Clinton’s words in an uncharitable light: we will no longer be able to engage in conversation. If the left and the centre (even if you don’t think Clinton is meaningfully on the left, you can’t deny that she is far FAR to the left of the republicans) can’t engage in conversation then the left is forfeiting any opportunity to influence the direction of the country. Also, Clinton may not be the candidate you want, but if you don’t want Donald Trump* to be the next president of the United States, she is the candidate you have.

        *Originally written here before I decided it made the sentence incomprehensible: “a racist, sexist, fraudulent scumbag who shows no understanding of the issues, absolutely cannot be trusted with the nuclear codes, and would wreak havoc on the Supreme Court”

    • Bob  On June 13, 2016 at 6:27 pm

      As for what her predecessors like Powell did, if they indeed used personal e-mail for their communications, and *didn’t* manage the server themselves, then they were presumably relying on some third-party commercial service. In my opinion that’s even worse than managing it yourself (assuming you can hire an admin to do a good job of securing your server). Third parties like Google make their money by data mining, for example. Do we want Google data mining sensitive government data?

  • SCL  On June 13, 2016 at 11:33 am

    Yup. I made myself read this. Generally, I don’t care. We’ve seen all the emails, if any real wrongdoing existed, they would have gotten it by now. Yawn.

    It makes sense coming from the Republicans. They’re trying to destroy HRC. I wouldn’t expect such fear politics to come from people who claim to be Democrats.

    Here’s how you know it’s not genuine: Bernie’s critique is that the political system is corrupted by money. Fair enough. But the only person who Bernie is targeting is Clinton, who just happens to be his opponent. My question is, who else is corrupt? Surely Bernie has been an insider long enough to know which senators are corrupt. But he never gives us names of corrupt leaders within the Democratic party. Who else? Pelosi, Schumer, Reid, anyone else besides Hillary Clinton?

    Oh, right. Debbie Wasserman Schultz. The only other corrupt politician!

    Funny how Bernie only cares about corruption when it affects his chances at the presidency!

  • Kelly Schoenhofen  On June 13, 2016 at 11:50 am

    Great write up; short, to the point, and targeted. You didn’t wander off in the bushes like everyone else who has tried to tackle this.
    I’m not sure why it’s such a sticking or salient point with me, but the part that the HRC Hater Brigade seems to conveniently never remember or allow to be brought up is HRC running her own server was *the only way she could use a mobile device.* She literally wasn’t allowed to do her job unless she ran her own mail server. And she got it done, and she wasn’t hacked, and now all these people want to punish her for what they would praise a man for doing.
    We (in technology) all do all sorts of things to do our jobs/make our lives easier, but when people decide they don’t want a woman to be elected president, it’s all about corruption, conspiracies, big money running every aspect of the world, and flaunting the law.

  • Abby  On June 13, 2016 at 2:47 pm

    If Condoleeza Rice didn’t use email at all, it probably means that telephones were used a lot, both landlines and cell phones. This means that there will be far fewer records of her time at State, since phones don’t leave records of content unless they are recorded. I’m willing to bet that most of the calls from Rice’s tenure in State were not recorded. This may or may not have been better for security, but it’s lousy for transparency.

  • stevesidner  On June 13, 2016 at 4:51 pm

    A friend recently asked me about this, supplying a link to one of the better WaPo articles about this. Here is what I replied:
    ————————–
    The email server story is interesting. As an email guy, supporting corporate executives who are notoriously unaware email users, much like Hillary, this is an industry problem.

    I would make these observations:

    The State Department IT staff let the Secretary down, just as they did Colin Powell and Condolezza Rice. I think they are in bureaucratic, CYT mode. I think the IG is party to the cover up.
    Why doesn’t the White House have this problem? Because the NSA and the White House IT staff have worked for years to build a functional, secure system.
    When asked about it, the NSA said it would cost too much? Really?! This is the SecState who is a partner with the POTUS in the most sensitive, most important decision regarding national security. What is “too much”? How can the NSA give an answer like that? Again, I sense that the State IT staff was in the background, saying “too much”.
    Hillary and her staff then went on to make a stupid, dangerous implementation to allow the Secretary to do her job. That doesn’t mean, however, that any security breaches actually happened.
    The State IT said, oh, nobody told us about this server. Well, what in the heck did they think her Blackberry was connected to? Gmail?
    Even without the NSA help, State IT could have least started with something better than a homegrown server at her house. They could have asked my large corporation, including the giant defense contractors like Boeing or Northrup for help.
    The real classified work of the Secretary was done using secure fax, the tried and true system used for years. That is why little if any classified material will be found in the Secretary private email. And I would bet most of that would be from idiots at State and the Secretary’s staff who don’t take operational security seriously. I think I have already read about some of that.
    The Secretary took opsec very seriously. Bill Clinton has said that he had no inkling of the Bin Laden effort until he heard about it in the news.
    Net-net:
    The State IT is a failure.
    The Secretary and her staff made a very dumb decision regarding her personal email server
    This needs to be fixed immediately. What is Secretary Kerry doing about personal email right at this moment?
    The FBI investigation report will be intensely interesting.

    • weeklysift  On June 17, 2016 at 6:00 am

      Thanks for a point of view that seldom makes it into this story. I don’t remember hearing anybody interview a corporate email guy, which seems like it ought to be an obvious thing to do.

  • Anonymous  On June 15, 2016 at 1:55 pm

    Good my take is Much ado about zip.

  • Jeanette DeLoye  On November 10, 2016 at 10:20 pm

    It was a mistake no less, She should be warned, BUT not be put in jail. Keep work emails confidential and personal emails a proper server, After all you are in Government office, for Security Reasons, Something like secrets that might interest Russia or China are vulnerable and not be use recklessly , they have to hold all information secure. She did not do it to intentionally to hurt this country. They will see that it was error.Let it go now.

Trackbacks

  • By Unthinkable | The Weekly Sift on June 13, 2016 at 12:02 pm

    […] This week’s featured posts are “What Should ‘Racism’ Mean? Part II” and “About Those Emails“. […]

  • By Dogma and Storm | The Weekly Sift on July 5, 2016 at 11:41 am

    […] In other Clinton-pseudoscandal news, Hillary was finally interviewed by the FBI. The FBI has said all along that her interview would come near the end of the investigation, so maybe that will soon be over as well. I have not seen anything yet that makes me want to revise my opinion from three weeks ago. […]

  • […] to this. But since you are reading this, you likely are not one of those people, and in that case: here are the facts of the case, and I promise you, they are not what you think they […]

  • By The Call Remains | The Weekly Sift on July 18, 2016 at 1:42 pm

    […] about the Clinton email investigation should not have surprised anybody who read my article “About Those Emails” last month. Comey […]

  • By The Monday Morning Teaser | The Weekly Sift on August 29, 2016 at 7:55 am

    […] works.) That will be “About the Foundation”, which I think of as a sequel to “About Those Emails“, which I wrote in June. Expect it around […]

  • By About the Foundation | The Weekly Sift on August 29, 2016 at 10:19 am

    […] [You can think of this article as a sequel to “About Those Emails“.] […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: