A State Department investigation into former Secretary of State Hillary Clinton’s private email account found no widespread effort by her aides or other staffers to mishandle classified information.
The three-year-long investigation by State’s Bureau of Diplomatic Security concluded that 38 individuals committed a total of 91 security violations involving emails sent to or from Clinton’s private server.
However, a report on the probe finalized last month seemed to dismiss the notion that the system was routinely used to discuss matters that diplomats or Clinton aides knew required handling through secure channels.
“While there were some instances of classified information being inappropriately introduced into an unclassified system in furtherance of expedience, by and large, the individuals interviewed were aware of security policies and did their best to implement them in their operations,” the report said.
“Instances of classified information being deliberately transmitted via unclassified email were the rare exception and resulted in adjudicated security violations. There was no persuasive evidence of systemic, deliberate mishandling of classified information.”
An FBI investigation into Clinton’s email use resulted in no charges, although FBI Director James Comey alleged at an unusual news conference in July 2016 that Clinton and her staff were “extremely careless in their handling of very sensitive, highly classified information.”
Clinton allies have bitterly complained about Comey’s statement as a breach of Justice Department protocol. A Justice Department inspector general review backed up that view.
The State Department’s internal security review prompted concern among some former Clinton aides and current State officials that it could amount to an effort to alleviate pressure from Clinton critics who were disappointed that no one was prosecuted over the emails. Some also said it could be an attempt to strip the security clearances of former Clinton aides and allies.
Sen. Chuck Grassley (R-Iowa) is among those who have pressed the State Department to investigate whether any aspect of the private-server fiasco should result in discipline for State employees or revocation of security clearances.
Grassley’s office released the Bureau of Diplomatic Security's report publicly on Friday. A Grassley spokesman had no comment on State’s findings.
A spokesman for Clinton did not respond to a request for comment, but former Clinton aide Philippe Reines said it is time for Grassley to let the issue go.
“Get over it, Chuck,” Reines said.
The State report asserted that information on Clinton’s server was at “increased risk” of being compromised because it wasn’t hosted on official systems.
“The use of a private email system to conduct official business added an increased degree of risk of compromise as a private system lacks the network monitoring and intrusion detection capabilities of State Department networks,” the report said.
That finding seems open to dispute because while Clinton was secretary, State’s official, unclassified email system was repeatedly breached by Russian intruders, according to officials. Cybersecurity officials became so concerned that Russia had compromised the official system that it was at one point shut down for a weekend to try to rid it of viruses and digital taps.
While Clinton’s server may have theoretically been more vulnerable, there is no solid proof it was ever compromised.
The new report is vague about the outcome of the 91 security violations and how, if at all, they affected individuals’ security clearances. Some other episodes were deemed to be “infractions,” which typically result in no action unless there are at least three such instances, the report said.
The report noted that none of the messages in question was marked as classified, which led to questions about whether the sender or recipient should have known the information was classified. The investigators also pointed to significant ambiguity about what sort of “foreign government information” should be treated as classified and what could be shared in unclassified systems.