Hillary’s Email Explanations
| published March 11, 2015 |
By R. Alan Clanton
Thursday Review editor
Hillary Rodham Clinton acknowledges it was a mistake to co-mingle her work emails with her personal emails while serving as U.S. Secretary of State, but shrugs off the controversy as unimportant , saying that she complied with the law, complied with rules governing Federal employees, and that no sensitive information was transferred using the private email account.
At a New York press conference on Tuesday, Clinton for the first time addressed the issue head-on, talking to reporters and answering some questions. Among other things, she claims she was not the only top-level government employee who used private email accounts to conduct business, nor was she the only one to have used a “homebrew” server, a privately-constructed computer network, in this case one which was housed in the Clinton’s private residence.
Clinton also told reporters she was in full compliance with rules governing Federal workers and the guidelines established by the Federal Records Act, which stipulates that all official government business meet specific requirements of record-keeping and security. Some have said that Clinton was in direct violation of that law, which—though originally crafted in 1955—has been updated and amended over the decades to accommodate changes in technology and the arrival of the digital age.
While in her job as Secretary of State, Clinton did not use the official email accounts established for her at the State Department, but instead conducted almost all of her business using a privately-created account @clintonemail.com. The account was housed in a server which used a modem registered under the name Eric Hoteham, an apparently fictitious person with the same Post Office box as the Clinton Foundation.
Clinton has said that she has released roughly 54,000 emails to the State Department, so that the department can review the material and then release the information to reporters and to the public in advance of her candidacy for President, which could officially begin at any time. But Republicans—and plenty of reporters—want to know what happened to the other thousands of emails (estimates vary from 7,500 to as many as 60,000) which have already been deleted or redacted. In her comments to reporters on Tuesday, Clinton indicated that she personally deleted thousands of purely personal emails—correspondence she implied would be of little interest to anyone outside the family.
But the Associated Press and dozens of other major media outlets are reporting that Clinton’s mea culpa—that others in high government offices had done the same thing, in some cases for even longer—doesn’t hold up to scrutiny. The AP says that there are no instances in which a cabinet-level official used an email account outside of the government system, and certainly not as extensively as the system used by Clinton. The Associated Press also disputes Clinton’s claim that she complied with the rules and laws governing official business correspondence. The AP says that its own analysis shows that Clinton was in direct violation of White House guidelines concerning emails and digital security, and that Clinton has not shown that she was in compliance with the Federal laws governing the use of emails and record-keeping.
Reporters are also questioning Clinton’s assertion that the server on her property was safe because it the home was under the constant, watchful eyes of the U.S. Secret Service. Although the Secret Service would indeed protect the physical property and the Clinton family from threats and intruders, it would have no capacity to gauge a cyber-threat, nor the ability to intervene if a hacker or cyber-criminal stole documents or emails. Furthermore, the Secret Service has said it was not informed at any time that there were sensitive or critical computer components—used for governmental purposes—located on the Clinton property.
Reporters and editors for a variety of newspapers have also questioned the security and safety of her homebrew file server and those personal email accounts. Neither Clinton nor anyone on her staff have offered evidence that the server was under any form of virus or malware protection, or if there was an adequate firewall. Government regulations require that such equipment meet certain minimum standards, including power back-up, daily (and even hourly) security checks run automatically using current virus protection tools, routine defragmentation tasks, and fire-suppression systems. The government equipment used for official business is also monitored daily for any signs of intruders or hackers, and the Clinton family server would not have had the same level of protection as required under Federal standards. Reporters want to know who was authorized to maintain the equipment—if anyone—and how often these tasks were performed.
Security analysts, including some who formerly worked for the government, have raised troubling possibilities related to Clinton’s use of her homebrew system. For one, they say that if Clinton’s emails and server had been hacked—especially by someone skillful enough to leave little or no trace of the intrusion—her emails to and from President Obama may have been compromised.
And though it is possible that Clinton’s own emails could have allowed cyber hackers access to top-level correspondence between the Secretary of State and the President, the cyber security at the White House and on the President’s accounts would make any genuine threat unlikely—at least for Obama.
But Clinton’s explanations to reporters have not silenced Republicans, many of whom are calling for a deeper investigation into the matter. GOP leaders in Congress are asking plenty of questions: why was Clinton allowed to operate her own file server, separate from the government’s system and housed in a private home? How is it that President Obama and others at the White House did not know that Clinton was using a homebrew account, in direct violation of White House policy. (In an interview a few days ago with CBS reporter Bill Plant, the President said he became aware of Clinton’s use of private email accounts only when he read it in the newspapers and saw it on the news, along with everyone else; reporters have pounced on this, asking how it is that the President did not notice where Clinton’s emails were originating). And how is it that the decision to delete emails was left entirely to Clinton to manage?
At her press conference, Clinton also stated that she “did not email any classified material to anyone on my email. There is no classified material!” But reporters and editors find that statement to be a stretch, to say the least, and have asked Clinton for clarification. How is that she served as Secretary of State for six years but did not come into contact with classified information via email, even as a separate attachment? Security experts suggest that her defense is a combination of overstatement and wishful thinking. Just last month, the staff of Jeb Bush—a potential Presidential contender—acknowledged that when the campaign released thousands of Bush emails from his time as Florida Governor, some emails contained embedded or “hidden” files of spreadsheets and logs, some of which contained the Social Security numbers and names of more than 1,000 people. Most security experts suggest that it is highy unlikely that Clinton did not send or receive at least some emails which contained classified or sensitive information.
State Department and government security experts are combing through the thousands of emails already provided by Clinton to see if there are any serious problems with hidden or embedded files, or other signs of security lapses.
In the meantime, Clinton faces more intense scrutiny over the issue. Even those journalists who might otherwise be inclined toward Clinton politically are concerned that the homebrew server issue and the use of private email accounts will eclipse her message of competence and accountability. Republicans, sensing blood in the water, are calling for an official investigation into Emailgate, and a few have suggested that Clinton may have deliberately deleted emails relevant to the ongoing investigations in the Benghazi attacks.
Security experts say that in the wake of the Sony Pictures Entertainment security breach, the JPMorgan Chase cyber-attack, the Centcom cyber-attack, and other recent acts of digital vandalism or theft, the use of inadequately-protected networks pose serious risks to U.S. businesses and government agencies.
Related Thursday Review articles:
Homebrew of Troubles: Clinton’s Email Issues; Thursday Review; March 5, 2015.
Bush Emails Accidentally Disclose Personal Data; Thursday Review; February 14, 2015.