Since the revelations involving former Secretary of State Hillary Clinton’s private email server exploded last week, questions have swirled regarding her account’s level of information security. “I did not email any classified material to anyone on my email,” Clinton averred at a brief press conference on Tuesday.
Some are… skeptical about the assertion that the nation’s top diplomat never received any classified material via her email account at an agency that is often criticized for over-classifying information.
“I would assume that more than 50 percent of what the secretary of state dealt with was classified,” said an unnamed former official who spoke to The New York Times on the condition of anonymity. “Was every single email of the secretary of state completely unclassified? Maybe, but it’s hard to imagine.”
Indeed, it is. At the very least, the nation’s chief diplomat spent much of her time dealing with sensitive information. Presumably the secretary of state’s “homebrew” server at least had some rudimentary security protocols in place to prevent hackers or cyber espionage agents from infiltrating the system. And Clinton’s email server did have a data encryption system in place… two months after she took office.
According to The Wall Street Journal’s reporting, Clinton’s emails lacked comprehensive data protections until weeks after she took office:
Mrs. Clinton took office in January 2009 and began using her private email system for both work and personal matters. Her office said the system used “robust protections” and “additional upgrades and techniques employed over time as they became available.”
Kevin Bocek, a vice president at the Internet security company Venafi, said the Clinton server was encrypting data it sent and received as of March 29, 2009, about two months after she took office, based on a search he did of Internet records. During the first two months of her tenure, however, it doesn’t appear that Mrs. Clinton’s email had such protections, Mr. Bocek said. [Emphasis added]
It is unclear if Clinton’s emails were entirely unsecure in the period from when she took office in January of 2009 to the end of March of that year, but this report indicates that her emails at least lacked comprehensive protections.
If that’s true, State Department investigators don’t have the ability to scrutinize even the text of the emails sent during this period, much less the metadata associated with those communications, because they were among the majority of the email that Clinton withheld from investigators:
Hillary Clinton's email breakdown (per spox): - 62,320 total emails from March '09-Feb '13. -30,490 given to State -31,830 deemed personal
— Liz Kreutz (@ABCLiz) March 10, 2015
Anyone who is more concerned with America’s diplomatic security than they are with Hillary Clinton’s viability as a presidential candidate cannot help but be shocked by this revelation. The secretary’s cavalier approach to security in the preservation of her own level of “convenience” is reckless in the extreme. At a period in the secretary’s tenure when she was negotiating the “Reset” with Russia, a nation with one of the most sophisticated cyber intelligence operations on Earth, conducting official American business over unsecure channels is nothing short of a dereliction of her responsibilities.
Of course, we don’t know if she did. We may never know what the former secretary discussed via her email account in that two-month timeframe. That’s simply unacceptable. It might even be disqualifying.