A State Department investigation of Hillary Clinton’s email server found that 38 people were responsible for “91 valid violations,” i.e. instances of putting classified information on Clinton’s non-classified private server and thereby increasing the “risk of compromise.” The investigation also found hundreds of other violations for which it could not assign fault:

The investigation covered 33,000 emails that Clinton turned over for review after her use of the private email account became public. The department said it found a total of 588 violations involving information then or now deemed to be classified but could not assign fault in 497 cases.

For current and former officials, culpability means the violations will be noted in their files and will be considered when they apply for or go to renew security clearances. For current officials, there could also be some kind of disciplinary action. But it was not immediately clear what that would be.

The report concluded “that the use of a private email system to conduct official business added an increased degree of risk of compromise as a private system lacks the network monitoring and intrusion detection capabilities of State Department networks.”

One paragraph in the report implicitly criticizes Clinton’s decision to set up the server in the first place:

It was APD’s determination that the use of a private email system to conduct official business added an increased degree of risk of compromise as a private system lacks the network
monitoring and intrusion detection capabilities of State Department networks. While the use of a private email system itself did not necessarily increase the likelihood of classified information being transmitted on unclassified systems, those incidents which then resulted in the presence of classified information upon it carried an increased risk of compromise or inadvertent disclosure.

But while the investigation did find dozens of instances in which classified information was mishandled, the report concludes there was no “systemic” attempt to mishandle material.

While there were some instances of classified information being inappropriately introduced into an unclassified system in furtherance of expedience, by and large, ‘the individuals interviewed were aware of security policies and did their best to implement them in their operations. Correspondence with the Secretary is inherently sensitive, and is therefore open for broad interpretation as to classification, particularly with respect to Foreign Government Information. Instances of classified information being deliberately transmitted via unclassified email were the rare exception and resulted in adjudicated security violations. There was no persuasive evidence of systemic, deliberate mishandling of classified information.

There are echoes of James Comey’s conclusion about Hillary’s use of the private server back in 2016:

“Although we did not find clear evidence that Secretary Clinton or her colleagues intended to violate laws governing the handling of classified information, there is information that they were extremely careless in their handling of very sensitive, highly classified information.” He added, “None of these emails should have been on any kind of unclassified system.” The FBI chief added that “there was no intentional misconduct.”

So the bottom line here is some notes will be added to people’s personnel files and, maybe, some disciplinary action will be taken against those who remain in government service. For Hillary, it’s just another slap on the wrist.