FBI Director James Comey announced on July 5 that he will not recommend criminal charges in connection with Hillary Clinton’s use of a personal email system while secretary of state. His decision, however, will not end the political debate over Clinton’s judgment.
Here we provide answers to common questions about Clinton’s emails.
When did Clinton set up her private server, and where was it located?
A report issued by the State Department’s independent inspector general in May said Clinton used “a personal email system to conduct business” while she was a U.S. senator and during her 2008 presidential campaign. (She was a senator from New York from January 2001 to January 2009, when President Obama nominated her to be secretary of state.) “She continued to use personal email throughout her term as Secretary, relying on an account maintained on a private server, predominantly through mobile devices. Throughout Secretary Clinton’s tenure, the server was located in her New York residence,” the IG report said.
FBI Director James Comey said there were “several different servers and administrators of those servers during her four years at the State Department.” The FBI director added, “As new servers and equipment were employed, older servers were taken out of service, stored, and decommissioned in various ways.”
Was Clinton allowed to use personal email for government business?
Yes, the occasional use of a personal email account is permitted in certain circumstances, such as emergencies. As we wrote, the IG report said it found “many examples of staff using personal email accounts to conduct official business.” But, as we also wrote, the National Archives and Records Administration requires all work-related emails to be properly preserved. Federal rules required Clinton to preserve work emails and turn them over before leaving office, but she did not turn over her emails until 21 months after she left office.
Was she allowed to use a private server?
No. As we wrote, the IG report said that it has been department policy since 2005 — four years before Clinton took office — that “normal day-to-day operations” be conducted on government servers. The report noted that the department’s Foreign Affairs Manual was updated in November 2005 to say “it is the Department’s general policy that normal day-to-day operations be conducted on an authorized [automated information system].” The IG made a distinction between occasional use in emergencies and exclusive use of personal email. “Beginning in late 2005 and continuing through 2011, the Department revised the FAM and issued various memoranda specifically discussing the obligation to use Department systems in most circumstances and identifying the risks of not doing so,” the IG report said
Did Clinton seek government approval to use a private server for her personal email account?
No. The IG report said Clinton “had an obligation” to discuss her email system with the department, but it could find “no evidence” that Clinton sought approval for her unusual email arrangement. If she did, the report says her request would have been denied by the bureaus of Diplomatic Security and Information Resource Management. Brian Fallon, a Clinton campaign spokesman, has told us: “It did not occur to her that having it on a personal server could be so distinct that it would be unapproved.”
Did other secretaries of state use personal emails for government business?
The IG report confirmed what we had previously written: Among Clinton’s predecessors, only Colin Powell (Jan. 20, 2001–Jan. 26, 2005) used a personal email account for government business. Madeleine Albright (Jan. 23, 1997–Jan. 20, 2001) did not use email at all, and Condoleezza Rice (Jan. 26, 2005–Jan. 20, 2009) did not use a personal email account to conduct government business, the IG report said. Clinton’s successor, Secretary of State John Kerry, told the inspector general’s office that he “infrequently” used a personal email account for government business “when responding to a sender who emailed him on his personal account.”
No other secretary of state maintained a private server that was used for government business.
When did the public learn that Clinton used a personal email account to conduct government business?
As we wrote last year, the existence of Clinton’s private email account was first publicly revealed in March 2013, when the Smoking Gun wrote several stories about a hacker who broke into the AOL account of former Clinton aide Sidney Blumenthal. Smoking Gun showed screen grabs of emails Blumenthal had sent to Clinton’s private email account, firstname.lastname@example.org, when she was secretary of state. “Blumenthal’s memos and e-mails to Clinton were sent to her at a non-governmental e-mail address through the web domain ‘clintonemail.com,’” Smoking Gun reported on March 18, 2013.
However, it was not known that Clinton used her private email account exclusively for government business until the New York Times broke the story on March 2, 2015. As we have written, the Washington Post later reported that the House Select Committee on Benghazi had requested documents from the State Department in the summer of 2014, and the department discovered that Clinton did not use a government email account and instead exclusively used her personal email account for government business.
“In the process of responding to congressional document requests pertaining to Benghazi, State Department officials recognized that it had access to relatively few email records from former Secretary Clinton,” State Department spokesman John Kirby told the Post in a statement. “State Department officials contacted her representatives during the summer of 2014 to learn more about her email use and the status of emails in that account.”
How many emails were on Clinton’s personal server, and what did she do with the emails when she left office?
Clinton’s office disclosed in March 2015 that her private server had a total of 62,320 emails. It said at that time that her lawyers went through the emails and identified 30,490 work-related emails and 31,830 private emails. In December 2014, about 21 months after she left office, Clinton gave the State Department the 30,490 work-related emails totaling roughly 55,000 pages. She said she deleted the others. “I didn’t see any reason to keep them,” she said at a March 10, 2015, press conference.
However, Comey said Clinton had multiple servers during her four years as secretary of state, and not all of her work-related emails were turned over to the State Department. The FBI recovered “several thousand work-related emails” that were not provided to the State Department, and he said it was possible they included some of the emails “deleted as ‘personal’ by her lawyers when they reviewed and sorted her emails for production in late 2014.”
Were any work-related emails intentionally deleted?
Comey said the FBI “found no evidence that any of the additional work-related emails were intentionally deleted in an effort to conceal them in some way.”
When did the FBI begin its investigation, and why?
The inspectors general for the State Department and Intelligence Community in July 2015 reviewed 40 of Clinton’s emails and found that four did contain classified information, referring the case to the FBI for what they called an investigation into the “potential compromise of classified information.”
Comey said the FBI investigated whether there was any evidence that “classified information was improperly stored or transmitted” on Clinton’s server “in violation of a federal statute making it a felony to mishandle classified information either intentionally or in a grossly negligent way, or a second statute making it a misdemeanor to knowingly remove classified information from appropriate systems or storage facilities.” It also investigated “whether there is evidence of computer intrusion in connection with the personal email server by any foreign power, or other hostile actors.”
Did Clinton’s emails contain classified information?
Yes. More than 2,000 of the 30,490 emails Clinton turned over to the State Department in December 2014 contained classified information, including 110 emails in 52 email chains that contained classified information at the time they were sent or received, Comey said. The FBI director said “a very small number” of the emails containing classified information “bore markings indicating the presence of classified information,” contrary to Clinton’s claims that none was marked classified.
“Although we did not find clear evidence that Secretary Clinton or her colleagues intended to violate laws governing the handling of the classified information, there is evidence that they were extremely careless in their handling of very sensitive, highly classified information,” Comey said.
Did hackers successfully break into her computer and access her emails?
Attempts were made, but the IG and FBI found no evidence that any attempt was successful. That does not mean, however, that none was successful.
The IG report said hackers attempted to access Clinton’s server on Jan. 9, 2011, but Clinton’s technical support adviser shut down the server to deny access. The report also said that Clinton received two phishing email messages on May 13, 2011, that contained suspicious links. Both attempted breaches should have been reported, but were not, according to the IG report.
The FBI director said the lack of direct evidence that Clinton’s server was successfully hacked by “any foreign power or other hostile actors” doesn’t mean it wasn’t. “[G]iven the nature of the system and of the actors potentially involved, we assess that we would be unlikely to see such direct evidence,” Comey said. “We do assess that hostile actors gained access to the private commercial email accounts of people with whom Secretary Clinton was in regular contact from her personal account. We also assess that Secretary Clinton’s use of a personal email domain was both known by a large number of people and readily apparent. She also used her personal email extensively while outside the United States, including sending and receiving work-related emails in the territory of sophisticated adversaries. Given that combination of factors, we assess it is possible that hostile actors gained access to Secretary Clinton’s personal email account.”
Did Clinton or her staff violate any federal laws or policies?
Comey said the FBI found evidence of “potential violations” of federal law, but such cases are generally not prosecuted. “Although there is evidence of potential violations of the statutes regarding the handling of classified information, our judgment is that no reasonable prosecutor would bring such a case,” Comey said.
It’s clear, though, that she violated department policies. Comey said, “To be clear, this is not to suggest that in similar circumstances a person who engaged in this activity would face no consequences. To the contrary, those individuals are often subject to security or administrative sanctions. But that is not what we are deciding now.”
Similarly, the IG report found that Clinton violated department policies that were in place at the time. That report cited the case of Jonathan Scott Gration, a former ambassador to Kenya, who ignored instructions in July 2011 not to use commercial email for government business and resigned in mid-2012 when the department initiated disciplinary action against him. “[T]he Department’s response to his actions demonstrates how such usage is normally handled when Department cybersecurity officials become aware of it,” the report said.
All of our stories on Clinton’s emails can be found here.