Not Just Hillary: State Department As A Whole Pretty Careless With Handling Of Classified Communications

from the but-we-swore-we-thought-no-one-would-find-out! dept

It may be that Hillary Clinton was the only State Department employee proactive enough to set up her own email server, but she's hardly the only one to use insecure channels to route classified information. Steven Lee Myers of the New York Times reports classified communications routinely traveled through the State Department's unclassified system.

A review of the 30,322 emails from Mrs. Clinton’s private server that the State Department has made public under the Freedom of Information Act provides an extensive record of how such sensitive information often looped throughout President Obama’s foreign policy apparatus on unclassified systems, from embassies to the United Nations to the White House.

The senders included Denis R. McDonough, currently the White House chief of staff and previously the deputy national security adviser, and Susan E. Rice, the former American representative at the United Nations who is now Mr. Obama’s national security adviser.

Many of the emails were sent over the State Department’s unclassified system, state.gov, which is considered secure but not at the level of the State Department’s system for emailing classified information.
In their defense, State Department officials say they often can't control how classified communications will be routed. After all, they have no control over receipt of messages from foreign government officials that might be considered classified. And they routinely use other insecure channels to communicate, like normal phone systems.

For that matter, it's difficult to determine what the government will consider classified at the point the communications are sent and received. In the case of Clinton's emails, the investigation (which James Comey recently confirmed is an investigation, not a "security inquiry" as Clinton has portrayed it) and response to FOIA requests have prompted an after-the-fact classification review of State Dept. communications contained in the FOIA response.
Of the 30,322 emails made public, 2,028 have had portions redacted and are now classified at the lowest level of classification, “confidential.”

[...]

In 18 emails, for example, information has been classified on the grounds that it identifies C.I.A. officials, including two instances that are now considered “secret.”

One of those was a seemingly benign photo opportunity listed on Mrs. Clinton’s daily schedule, with the person who gave her a daily intelligence briefing, making it obvious that the person was an agency employee.

That email was originally released as “confidential” but upgraded to “secret,” probably reflecting that the person holds an undercover position now.
It's not as though Clinton and others are blameless in their mishandling of classified information, but there are definitely some areas of the communications process that are entirely out of their hands. Other government agencies stepping in to add layers of classification to communications that once seemed innocuous enough to handle on insecure channels does little to mitigate the appearance of impropriety.

That being said, there's still plenty of digital blood on the hands of State Department officials when it comes to treating sensitive information insensitively. Communications that traveled across the State Department's less-secure channels apparently included discussions of the CIA's drone strike program, Palestine-UN communications about the country's bid for statehood and, ironically enough, conversations about how to handle the security details related to General Petraeus' sudden resignation following his own mishandling of classified information.

But the overall impression left by the review of the released emails shows the agency is willing to use less secure channels if it makes communications easier to facilitate -- even if this presents a greater risk of these communications being intercepted or obtained by hackers. And it's apparently considered acceptable -- right up to the point a server is hacked or a top official is spotted running their own email server.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 16 May 2016 @ 12:55pm

    Well, that's because only terrorists use encryption.

    reply to this | link to this | view in chronology ]

  • icon
    GrooveNeedle (profile), 16 May 2016 @ 1:31pm

    The Real Issue

    While I wish the rules were applied evenly and fairly, and that she was prosecuted for mishandling classified information the same way others (who have done less) have been, that's not the most infuriating thing about this private e-mail server.

    The real issue I have with her actions/decisions is the fact that anything on that private server wouldn't be included in a FOIA request. It is a very easy way to avoid any accountability to the public by using personal channels of communication rather than taxpayer funded means (so that We the People are the owners, not our self-declared masters). This has become a common occurrence with elected officials, I even see the same shit in my local and nearby municipalities.

    They are smart enough to know how to work the system by claiming ignorance of the technical side of things. They are smarter than we think, and they are playing us for fools.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 May 2016 @ 1:58pm

      Re: The Real Issue

      They are smart enough to know how to work the system by claiming ignorance of the technical side of things. They are smarter than we think, and they are playing us for fools.

      When acting a fool works Satan puts on a bright red clown nose and wears big polka dot pants.

      Just remember Hanlon's razor/aphorism "never assume malice when stupidity will suffice".

      Far too many people allow for this joke of an exception. This exception implies that malice and stupidity are mutually exclusive. But where government is concerned Stupidity is generally the vehicle in which we discover their malice.

      What is a governments willingness to vigorously prosecute Whistle-blowers while ignoring or soft handling leadership where classified intel is concerned, if not malice?

      Indeed we are well played for the fools that we are.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 May 2016 @ 4:52pm

        Re: Re: The Real Issue

        Just remember Hanlon's razor/aphorism "never assume malice when stupidity will suffice". Far too many people allow for this joke of an exception. This exception implies that malice and stupidity are mutually exclusive. But where government is concerned Stupidity is generally the vehicle in which we discover their malice.

        Well put, sir. Very nice.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 May 2016 @ 3:02pm

      Re: The Real Issue

      They are setting up a tyranny and most people seem willing to let that slide sadly

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 May 2016 @ 2:12pm

    Yet they go out of their way to harass intimidate and prosecute anyone that does the very same thing if they do not have political connections.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 May 2016 @ 3:13pm

    luckily for them, no one there is named Chelsea!

    reply to this | link to this | view in chronology ]

  • icon
    David (profile), 16 May 2016 @ 4:37pm

    What a shock!

    The entire State Dept is just as sloppy as Hilary. The US government has shown **repeatedly** they do not do technology well, correctly, consistently or insert any positive phrase here. Incompetence is the essence of US Government politicians and worker drones in any technology field.

    Sadly the only time they actually appear to do some technical mission correctly is when it is used to violate the Constitution. Hoorah to the NSA.

    reply to this | link to this | view in chronology ]

  • icon
    freedomfan (profile), 16 May 2016 @ 5:52pm

    very nice wording

    Hillary Clinton was the only State Department employee proactive enough to set up her own email server

    PROACTIVE enough? Whew! That has be the kindest characterization I have heard of it. LOL! I wonder if anyone asked Nixon why he wasn't proactive enough to burn the tapes? ;-)

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 May 2016 @ 6:46pm

      Re: very nice wording

      You complain about that wording, but not the opening sentence which says she sent classified data over unsecure networks in the first place?

      I'm no clinton fan - I do not like political dynasties - but I have held a few security clearances over the years so I've been paying attention and so far there are only two known scenarios wrt to her tenure at state:

      (1) retro-actively classified data - it was only classified weeks or months after she emailed it

      (2) redacted classified documents - she had an aid take a classified document, remove the classified portions and then remove the classified markings (as you are required to do, it is a security violation to mislabel a document) and then email that. Based on my personal experience doing exactly the same thing, it is a completely normal process.

      reply to this | link to this | view in chronology ]

      • identicon
        tuesday, 20 May 2016 @ 12:35pm

        Re: Re: very nice wording

        If you have held a clearance (I'm taking you for your word with this), I'm amazed you could write such things. Astonished really.

        Your second point is fantastically wrong. Information is classified, not the documents. I don't even know where to begin to say how much you CAN'T use YOUR judgment on what is or is not classified within a document.

        You can't do that which you say is 'normal.' You CAN do it if it is 'partial marked' (like in a slide deck, partial marking just the ones that contain CI, and admittedly not enough people do this) but if an entire document is stamped, that is the one you follow.

        Classification is determined by what could (if it got out) harm national security. They are one and the same. Say one, you mean the other.

        Distributing foreign government information is presumed to harm national security. That is the only 'presumption' that I know of.

        My agency sent classified information over JWICS (high side) network. A State employee paraphrased it and sent it on the low side. (Let me point out it doesn't matter if you paraphrase, rap, or mime classified information: all still wrong.)

        A Clinton aide forwarded it to HRC. It sat on her server for four years. Somewhere along the way, she gives the server to a company that lacked any clearance at all, and every employee there had access to it.

        Then she had her aides (no longer working for State so no clearance) to cull them. And finally she handed the emails to her lawyer on a thumb drive (who lacked 'need to know') in a safe ... that his partner had access to. So did the cleaning crew.

        That is 'distribution.'

        But that State department guy used his judgment, so its fine? He sent analysis from our allies unsecured. He sent my group's analysis of Libya IN THE MIDDLE of the Benghazi incident. He sent locations of troops and hostile forces out unsecured, describing alternative locations our guys could take.

        You are saying it is fine - 'normal' even - that a State guy's 'judgment' (and yes, by association, yours) should trump our stamp?

        And no, she doesn't have the authority to override our stamp (or any other agency).

        As for your first point, all foreign government information is classified. Info about or from foreign is automatically classified. Everyone I know at least is aware of this blanket statement - because it is the ONLY blanket statement.

        I'll take you at your word that you held a clearance but the idea that a Secretary of State could work for four years and never be the genesis of CI is confounding.

        Data spills happen. You can argue HRC needed that info right then (pick your moment) and it was a risk worth taking. I'd even back you up for a couple of the situations. BUT There are procedures for exactly that.

        Why didn't HRC declare a data spill when things calmed down?

        Data spills involve an autopsy of the 'infected' equipment (they take it away to run tests) ... and trying to determine if it was compromised means they will see the info on it.

        reply to this | link to this | view in chronology ]

      • identicon
        tuesday, 20 May 2016 @ 1:14pm

        Re: Re: very nice wording

        If I could edit my above comment, I would tone it down. Not in content but some of the word choice.

        What Anonymous Coward wrote torqued me the wrong way. My job is fulltime in a SCIF, very 'inconvenient,' and ... I should have used a less strident tone.

        I just get really frustrated when 'it wasn't marked at the time' nonsense gets repeated. Yes, some stuff does get re-classified. No one has ever been on the hook for that. But it clouds the premise of a SoS not once in four years ever touching anything already sensitive, and that is doing a disservice to people trying to figure out what happened.

        (I'm ignoring point #2 because I can't figure out a way to say no effing way nicely. But to Anonymous Coward: if your agency did that, maybe it was for just their own info. If you did it to ours, then ....)

        Sorry for the tension.

        reply to this | link to this | view in chronology ]

    • identicon
      jim, 17 May 2016 @ 8:39am

      Re: very nice wording

      But, there are still 18 missing minutes.

      reply to this | link to this | view in chronology ]

    • identicon
      tuesday, 20 May 2016 @ 1:01pm

      Re: very nice wording

      I read "proactive enough' as sarcastic.

      reply to this | link to this | view in chronology ]

  • identicon
    Median Wilfred, 16 May 2016 @ 7:57pm

    That's a sane attitude towards classified material

    Strikes me as a pretty sane attitude towards classified material. Most of it is utterly mundane and of no practical value to anyone, even the folks who marked it "classified".

    And always remember: statistically speaking, there's only a few real national security secrets, but there's many many career ending blunders, stupid accounting errors, and incidents of embezzlement and insider consulting.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 May 2016 @ 10:04am

    Re: proactive enough to set up her own email server

    Not that setting up a mail server is that hard, but Christ.

    No, Hillary Antionette didn't set up her own mail server. One of her minions did. This is more like, "don't click here, click there" type support. Not "Here is your access to the key server" type support.

    But I could be wrong. Hollywood and the unholy trinity of network news says she is ALREADY the Pope, Christ, Mohammed and Stephen Hawking all rolled into one... And if that's not enough, she will still prevail, because, ya know... beaver.

    4 years of "your being mean to a girl" drama defining United States policy. Think about it. I would support a woman, but not this one. She hasn't demonstrated acumen in any arena other than politics. That is pretty much the definition of a dilettante aristocrat.

    reply to this | link to this | view in chronology ]

    • identicon
      tuesday, 20 May 2016 @ 12:51pm

      Re: Re: proactive enough to set up her own email server

      "4 years of "your being mean to a girl" drama defining United States policy. Think about it. I would support a woman, but not this one. She hasn't demonstrated acumen in any arena other than politics. That is pretty much the definition of a dilettante aristocrat."

      holy cow, THIS.

      When she said she wouldn't debate Sanders because she didn't like his tone ... ye gads. I'm a female and there is no way I gain respect by demanding a co-worker soften his voice or language when disagreeing with me.

      And not everything is Republican propoganda. Yet that is STILL her go-to for facts she doesn't want to answer for.

      I am not looking forward to the obfuscation, dissembling, and outright lies for four years. That will be the entire national discussion for Four. Long. Years.

      You think she did women a favor by playing the dumb blond/addled old person with the 'cloth' remark (referring to wiping a server)? Her 'advocacy' needs to stop because women aren't benefitting from the 'I don't know about computers because STEM is hard.' Alternatively, she is saying she's too old to learn stuff?

      Her various defenses about the classified-information-where-it-shouldn't-be struck me from the very first version as creating a choice between someone
      1. unable to understand and follow the most basic procedures
      2. unwilling to bother
      3. bothering quite a bit ... to avoid public scrutiny

      She herself makes the public choose from stupid, old, or conniving.

      Really nice summation.

      reply to this | link to this | view in chronology ]

  • identicon
    tuesday, 20 May 2016 @ 1:24pm

    systemic CI issues

    State Department has been fast and loose with protocols for classified information for so long, I genuinely don't think they remember enough of it to even fake it.

    If HRC had (when the story of her CI problem first broke) said 'omg, I had NO idea how risky that was ..." and then added "State guys gave me guidance" most of the intelligence community probably would have gone 'Yeah, I get that.'

    I could have easily seen that a department run that poorly for that long would be unable to explain proper handling procedures. She could have dumped it on them and walked away, letting the FBI and the five agencies with info on her server figure out what happened without all the drama.

    A department that is under fire with subpoenas, media, a private server, etc. and they dump other agencies' classified information on their own public website: yeah, I could see how their 'guidance' would lead someone down a wrong path.

    Saying State gave her bad advice (not a new solution for HRC et al), and letting them take the heat would have precluded the political aspect almost entirely, maybe.

    But she didn't.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.