Last week, the New York Times ignited a firestorm when it reported that 2016 Democratic frontrunner Hillary Clinton was under criminal investigation for sending classified information over the private e-mail server she used as secretary of state. That turned out not to be true. The inspector general (IG) for the intelligence community had indeed referred the case to the FBI and other investigators, but as a “security referral” rather than a “criminal referral.” The candidate, it seemed, could breathe a sigh of relief. According to Washington Post columnist Ruth Marcus, Hillary’s e-mail “isn’t . . . even close” to being a criminal matter.
Did Hillary break the law? Maybe, but it’s too soon to say.
The federal statute on mishandling classified information makes it a crime to “knowingly remove [classified] documents or materials without authority and with the intent to retain such documents or materials at an unauthorized location.”
A private e-mail server certainly looks like an “unauthorized location.” Just ask David Petraeus. The former CIA director and four-star Army general recently pled guilty to mishandling classified information after storing his “black books” — handwritten notebooks with the identities of covert operatives, accounts of conversations with the president, and other highly sensitive details — in an unlocked desk drawer at his home in Arlington, Va. (He also allegedly leaked the books to his mistress and biographer and lied to investigators, but he wasn’t convicted of those crimes.) If a desk in a house counts as an unauthorized location, a server in a house probably does too.
Secretary Clinton apparently used that server to send a significant amount of classified information. State Department officials say there are “potentially hundreds of classified emails” among the 30,000 messages she has turned over. The intelligence community’s IG likewise sampled 40 e-mails and found that four of them contained classified information.
The Clinton campaign is now claiming that “any released emails deemed classified by the administration have been done so after the fact, and not at the time they were transmitted.” Not so, according to the State Department and intelligence-community IGs. Hillary’s e-mails “were not retroactively classified,” they say, but rather “contained classified information when they were generated” — information that “remains classified today” and “should never have been transmitted via an unclassified personal system.”
That statement from the campaign might be trading on the distinction between original and derivative classification. The e-mails may not have had the standard markings indicating the presence of classified information – confidential, top secret, and so on. But they apparently did contain information derived from other materials that were so marked. The e-mails were, in other words, derivatively classified.
This doesn’t necessarily mean that Secretary Clinton broke the law. The key word in the statute is “knowingly.” It isn’t enough for Hillary to have sent classified information over a private server. She must have known it was classified. (This is what did in General Petraeus — he admitted knowing that his black books contained classified information.)
So did she? At this point it’s not clear.
Secretary Clinton’s classified e-mails may or may not be a criminal matter, but they are an extremely serious national-security matter.
The most direct way to find out would be for an FBI agent — or, perhaps, a congressional investigator — to put her under oath. “Secretary Clinton, when you sent this e-mail, did you know the information in it was classified?”
Short of that unlikely scenario, it might be possible to infer knowledge from the surrounding circumstances. Some information is so manifestly sensitive that its classified status would be obvious even without a top secret stamp — threats against a diplomatic post overseas, for instance, or security measures used to counter those threats. But we don’t yet know whether the e-mails included any information like that.
If the case against Hillary isn’t clear-cut, why is the FBI getting involved? The most likely reason, it seems to me, is to investigate whether anyone illegally broke into her server and stole classified information.
Journalist Shane Harris has reported that Hillary’s closest associates were the targets of sophisticated cyberattacks from her earliest days at the State Department. The technique is known as “spear phishing”: A hacker sends an e-mail that appears to be from a friend or colleague, thereby inducing the recipient to download an attachment that’s been infected with malware; the intruder then uses the malware to take control of the recipient’s system. In 2013, a Romanian hacker broke into the AOL account of Clinton adviser Sidney Blumenthal and posted Hillary’s private address (firstname.lastname@example.org) on the Internet.
#related#Other hackers — or, worse, spies — very easily could have used the same technique to gain access to the server, by targeting either Hillary herself or one of her aides. And that’s why the Clinton e-mails are potentially more troubling than the Petraeus affair. Digital espionage can be much more harmful than spying in the analog world. If Chinese or Russian spies wanted to copy the retired general’s black books, they would have had to mount a costly and risky operation to break into his house undetected. But hackers can compromise information on an e-mail server from anywhere on the planet, with just a few keystrokes.
At the end of the day, Secretary Clinton’s classified e-mails may or may not be a criminal matter. But they are an extremely serious national-security matter, as they created an opening for adversaries to hack into an unsecured private server and make off with some of this country’s most sensitive secrets. Hillary might not have to answer to the law for that misstep; it remains to be seen whether she’ll have to answer to voters.