While Hillary doubles down on her false claim that the rules were clarified AFTER she left the State Department, we’ve got the 5 top rules she broke. But…first we need to listen to the masterful liar herself:
Hillary Clinton doubles down on defending her email practices: “Rules were not clarified until after I had left.”https://t.co/ggH7XtU5Qo
— ABC News Politics (@ABCPolitics) May 26, 2016
That investigation is ongoing, but the report identifies five other laws or regulations that Clinton circumvented or failed to follow. They contradict the Clinton campaign’s repeated claims that Clinton’s email practices at the State Department complied with all relevant rules regarding federal records and information security.
Retaining agency records after leaving
“Departing officials and employees [may] not remove Federal records from agency custody” —36 C.F.R. § 1222.24
Clinton’s personal email address, which she used exclusively as secretary of state, was housed on a private email server in her Chappaqua, N.Y. home. That meant her emails, which are considered federal records, were never in federal custody while she served as secretary. She didn’t just retain records after leaving the State Department; those records were never in the department’s possession in the first place.
Properly archiving agency records
“Agencies that allow employees to send and receive official electronic mail messages using a system not operated by the agency must ensure that Federal records sent or received on such systems are preserved in the appropriate agency recordkeeping system.” —36 C.F.R. § 1236.22(b)
Clinton claims that the fact she was sending emails to federal employees using official email accounts meant that those emails were being archived properly. The IG rejected that explanation and concluded that Clinton had violated rules on the preservation of federal records.
“Secretary Clinton should have preserved any Federal records she created and received on her personal account by printing and filing those records with the related files in the Office of the Secretary,” the IG wrote.
Preserving federal records from loss or destruction
“All Department employees are … required by law to preserve documentary materials meeting the definition of a record under the Federal Records Act [and are] responsible for creating, using, maintaining, preserving, and disposing of the Department’s information and records.” —State Department Foreign Affairs Manual
Clinton has said that she deleted roughly 30,000 emails stored on her server that she deemed of a personal and non-official nature. Neither the State Department nor the records agency has ever seen those emails. We now know that they included messages that were official in nature.
The IG report identified a number of such emails to Gen. David Petraeus. “The Department of Defense provided to OIG in September 2015 copies of 19 emails between Secretary Clinton and General David Petraeus on his official Department of Defense email account.” None of those 19 emails were turned over to the State Department.
Other deleted Clinton emails included dispatches about the Libyan civil war and the Sept. 11, 2012, terrorist attacks on U.S. diplomatic facilities in the country.
Use of department-approved computing devices
“It is the Department’s general policy that normal day-to-day operations be conducted on an authorized AIS, which has the proper level of security control to provide nonrepudiation, authentication and encryption, to ensure confidentiality, integrity, and availability of the resident information.” —State Department Foreign Affairs Manual
According to the inspector general, Clinton never received department approval to conduct official agency business on her private email server. She never consulted with the proper authorities before doing so. If she had, her email arrangement would have been rejected.
“According to the current CIO and Assistant Secretary for Diplomatic Security, Secretary Clinton had an obligation to discuss using her personal email account to conduct official business with their offices, who in turn would have attempted to provide her with approved and secured means that met her business needs,” stated the IG report.
“However, according to these officials, DS and IRM did not—and would not—approve her exclusive reliance on a personal email account to conduct Department business, because of the restrictions in the FAM and the security risks in doing so.”
Handling of sensitive-but-unclassified (SBU) information
“Where warranted by the nature of the information, employees who will be transmitting SBU information outside of the Department network on a regular basis to the same official and/or most personal addresses, must contact the [information security officials] for guidance in implementing a secure technical solution for those transmissions.” —State Department Foreign Affairs Manual
“Emails exchanged on [Clinton’s] personal account regularly contained information marked as SBU,” but she never obtained the required approval for the handling of such information on a personal computing device. Because a security review never occurred, “Secretary Clinton never demonstrated … that her private server or mobile device met minimum information security requirements.”
Information security officials from Clinton’s time at the agency told the IG “that they were not asked to approve or otherwise review the use of Secretary Clinton’s server and that they had no knowledge of approval or review by other Department staff. These officials also stated that they were unaware of the scope or extent of Secretary Clinton’s use of a personal email account, though many of them sent emails to the Secretary on this account.”
Read more: WFB