Oversight

State IG: Clinton violated records policy

Photo credit: a katz / Shutterstock.com

Democratic presidential frontrunner and former secretary of State Hillary Clinton violated agency records policy, according to a watchdog report. (Photo credit: a katz / Shutterstock.com.)

Hillary Clinton did not comply with agency records policy during her four-year tenure as secretary of State, the State Department inspector general concluded in a report sent to Congress on May 25.

Clinton should have preserved any federal records on the personal email account that she used for business as secretary by printing and filing those records, said the IG report, a copy of which FCW obtained. By not submitting all emails dealing with department business before leaving office, she "did not comply with the department's policies that were implemented in accordance with the Federal Records Act," the IG report found.

The National Archives and Records Administration observed that the subsequent delivery of printed copies of 55,000 emails "mitigated [Clinton's] failure to properly preserve emails that qualified as Federal records during her tenure and to surrender such records upon her departure." The State Department IG concurred with that judgement, but noted that the production of emails was "incomplete."

The OIG report cited 19 emails between Clinton and the official Defense Department account of Gen. David Petraeus -- which DOD supplied for the investigation -- that were not included in Clinton's email document production, among other examples of documents not released by the former secretary.

Clinton, who is the presumptive Democratic nominee for president, has been under fire since The New York Times revealed in March 2015 that she exclusively used a private email server for official business as the nation's top diplomat.

The use of a personal account was discouraged by agency policy at the time Clinton assumed office, according to the report. The current State Department CIO and the assistant secretary for diplomatic security told the OIG that Clinton "had an obligation to discuss using her personal email account to conduct official business with their offices, who in turn would have attempted to provide her with approved and secured means that met her business needs."

Those officials said that the Bureau of Diplomatic Security's Bureau of Information Resource Management, "did not -- and would not -- approve her exclusive reliance on a personal email account to conduct Department business, because of the restrictions in the [Foreign Affairs Manual] and the security risks in doing so," according to the report.

Citing the revised guidance and memoranda regarding use of personal email by State before and during Clinton's tenure, the OIG observed, "Secretary Clinton's cybersecurity practices accordingly must be evaluated in light of these more comprehensive directives."

While the 2015 revelation made news, inside State there was at least limited awareness of the private email server. A March 17, 2009, official memorandum that listed communications equipment in Clinton's New York residence listed a server in the basement among the inventory. And on multiple occasions, IRM staffers worked with Clinton's staff to resolve technical problems.

The report also asserted that one staffer "raised concerns about the server," leading to an instruction from the director of the Executive Secretariat to staff, "never to speak of the Secretary's personal email system again."

The IG report covers 20 years spanning the tenures of the last five secretaries, including current Secretary of State John Kerry, and found that "systemic weaknesses related to electronic records and communications have existed within the Office of the Secretary that go well beyond the tenure of any one secretary of State."

Some of the department's management weaknesses have included struggles to retrieve email records and access electronic files, and a failure to meet records requirements for departing employees, according to the audit.

The OIG also reported learning that some records officials were "not comfortable" with asking the incoming secretary and top staffers to print and file email records. They had sought instead an electronic method of email preservation.

The department in general, and the office of the Secretary in particular, "have been slow to recognize and to manage effectively the legal requirements and cybersecurity risks associated with electronic data communications, particularly as those risks pertain to its most senior leadership," the report concluded.

"The IG's report certainly highlights the need for better technologies to archive emails, including NARA's recently promoted Capstone policy that the State Department has embraced," said Jason R. Baron, a lawyer at Drinker Biddle and former director of litigation at the National Archives and Records Administration. "NARA has, however, now mandated that by the end of this year all federal agencies must manage email electronically. It remains to be seen how many agencies will be able to meet the December 31, 2016 deadline," Baron told FCW.

The OIG issued eight recommendations, all of which are considered resolved under current management.

Clinton and her top staffers declined to be interviewed by the OIG for the report. Clinton's presidential campaign, however, on May 25 issued a statement that, "[c]ontrary to false theories advanced for some time now, the report notes that [Clinton's] use of personal email was known to officials within the department during her tenure, and that there is no evidence of any successful breach of the Secretary's server."

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.