Hillary Clinton’s use of a private email server while secretary of state from 2009 to 2013 has been justifiably criticized as an error of judgment. What the new report from the State Department inspector general makes clear is that it also was not a casual oversight. Ms. Clinton had plenty of warnings to use official government communications methods, so as to make sure that her records were properly preserved and to minimize cybersecurity risks. She ignored them.
The 83-page report declares that “beginning in late 2005 and continuing through 2011,” the department revised its Foreign Affairs Manual and “issued various memoranda specifically discussing the obligation to use Department systems in most circumstances and identifying the risks of not doing so.” Ms. Clinton didn’t.
During her tenure, State Department employees were told that they were expected to use approved, secure methods to transmit information that was sensitive but unclassified, or SBU. If they needed to transmit SBU information outside the department’s network, they were told to ask information specialists for help. The report said there is no evidence that Ms. Clinton ever asked, “despite the fact that emails exchanged on her personal account regularly contained information that was marked as SBU.” On June 28, 2011, a cable was sent to all diplomatic and consular posts over her signature warning that personal email accounts could be compromised and officials should “avoid conducting official Department business from your personal e-mail accounts.” At the time, Ms. Clinton was doing exactly that.
On March 11, 2011, an assistant secretary sent a memorandum on cybersecurity threats directly to Ms. Clinton, noting a “dramatic increase” in attempts to compromise personal email accounts of senior department officials, possibly for spying or blackmail. That didn’t stop Ms. Clinton either. There were also numerous notifications that some emails (but not all) are considered federal records under the law and that she should print and file those in her office and, before leaving office, surrender all emails dealing with department business. She did so only about two years later, in December 2014.
Starting in 2009, there was a new, electronic system, known as SMART, to properly archive department emails without having to print and file them, but Ms. Clinton opted not to use it, out of concern that there was “overly broad access to sensitive materials.” According to the report, after a staff member “raised concerns” with another official about Ms. Clinton’s personal email server, the staff was instructed “never to speak of the Secretary’s personal email system again.”
The department’s email technology was archaic. Other staffers also used personal email, as did Secretary Colin Powell (2001-2005), without preserving the records. But there is no excuse for the way Ms. Clinton breezed through all the warnings and notifications. While not illegal behavior, it was disturbingly unmindful of the rules. In the middle of the presidential campaign, we urge the FBI to finish its own investigation soon, so all information about this troubling episode will be before the voters.