The State Department inspector general’s conclusion that Hillary Clinton violated federal records law should come as no surprise to anyone familiar with the controversy. The IG report, released in late May, is devastating to Clinton’s constantly shifting defenses of her misconduct. And while the inspector general does not opine on the legality of her home-brewed email server under federal criminal law, the report outlines the factual predicate for criminal prosecution.
Clinton’s defense had long been that her email set-up was “allowed by the State Department.” But the inspector general “found no evidence that the Secretary requested or obtained guidance or approval to conduct official business via a personal email account on her private server.” And had she sought that approval, it would have been denied. The department’s diplomatic security and information resource management offices “did not—and would not—approve her exclusive reliance on a personal email account to conduct Department business, because of the restrictions in the [department’s policy manual] and the security risks in doing so.”
But Clinton already knew that and had quietly abandoned her claim that the server was formally approved once someone finally challenged her on it. After months of implying that she had received official approval for her server, she admitted last fall to CNN’s Jake Tapper that nobody had signed off on it. Instead, she retreated to a claim that it was “allowed under the rules of the State Department.” Her insistence that it was allowed had always simply meant that she had allowed it. L’état, c’est Hillary.
Clinton’s interpretation of governing law and regulations was wrong from the beginning, and the State Department inspector general flatly rejected it. “The requirement to manage and preserve emails containing Federal records has remained consistent since at least 1995,” concludes the report. Despite the Clinton camp’s insistence that records preservation rules were clarified only after she left office, the IG concludes that “records management requirements have always applied to emails exchanged on personal email accounts,” provided those emails reflect the official business of the government.
The IG similarly rebuffed Clinton’s suggestion that, since State Department employees were permitted to use private email on occasion to conduct official business, her exclusive use of her own private email server was permitted. Beginning in late 2005, the department’s internal regulations required that ordinary day-to-day official business be conducted on official State Department servers and permitted private email use only where official servers were unavailable or impracticable. Yet, despite the fact that her emails regularly contained sensitive information (including both classified information and information marked as “Sensitive But Unclassified”), the IG found no evidence that Clinton ever sought to comply with these departmental security requirements.
Given her wholesale disregard of applicable rules, the IG unsurprisingly concluded that, at the very least, Clinton’s failure to surrender her official emails upon her resignation was a violation of “the Department’s policies that were implemented in accordance with the Federal Records Act.” That violation of departmental policy is also a violation of federal records law itself.
Remarkably, the IG cites the views of the archivist of the United States—the official responsible for government-wide administration of the Federal Records Act—that Clinton’s eventual return of a carefully curated (by her lawyers) set of her emails more than two years after leaving office “mitigated her failure to properly preserve emails that qualified as Federal records during her tenure and to surrender such records upon her departure.” But, as the IG noted, Clinton’s hand-selected emails suffered from significant gaps, leaving out certain emails involving Sidney Blumenthal, emails from the first two months of her tenure, and a significant exchange of 19 emails involving David Petraeus, which were only brought to the IG’s attention by the Defense Department. Perhaps concerned with maintaining his office under a putative President Clinton, the archivist sets a low bar for curing an obviously intentional circumvention of federal recordkeeping laws.
Whether or not her eventual return of an incomplete set of emails mitigated the violation of the Federal Records Act, it does not affect Clinton’s exposure under federal criminal law. The IG does not address the criminal implications of Clinton’s conduct, but the report does raise questions for federal investigators looking into Clinton’s conduct. Federal law makes it a felony whenever the custodian of federal records (which Secretary of State Clinton plainly was) “willfully and unlawfully conceals, removes, mutilates, obliterates, falsifies, or destroys the same.” That some of Clinton’s email records were removed, concealed, and even possibly destroyed is obvious. Clinton plainly withheld from public scrutiny during her entire term of office, and for two years after, all of her official email records. She then deleted some 30,000 emails that she claimed (without the formal review required by State Department rules) were purely personal in nature.
The question has always been whether this conduct was “willful” and “unlawful.” The IG report highlights certain evidence that could be used by federal prosecutors to demonstrate Clinton’s conduct was deliberate and done for the purpose of avoiding public scrutiny.
A November 2010 email exchange between Clinton and her deputy chief of staff, Huma Abedin, utterly destroys Clinton’s long-running explanation that her private server was merely for “convenience.” Abedin wrote to Clinton after some of Clinton’s emails were not reaching their State Department addressees, suggesting that they put “you on state email or releas[e] your email address to the department so you are not going to spam.” Clinton responded that she would opt to get a “separate address or device but I don’t want any risk of the personal being accessible.” Of course, no such official email was ever used by Clinton.
Later, the State Department’s executive secretary suggested in an email to Abedin that Clinton be provided with a department Blackberry to replace her personal device, which was malfunctioning, but warned Abedin that State Department email on the official device would “be subject to FOIA requests.” In a separate exchange, John Bentel, then the executive secretary’s director of information resource management, cautioned again that any email on an official account would be “subject to FOIA searches.” Abedin rejected the proposal, stating that it “doesn’t make a whole lot of sense.”
Bentel appears again in one of the most troubling episodes recounted in the report. According to the IG, two IT staffers reported that, in late 2010, they had raised concerns with Bentel about the security and recordkeeping compliance of the Clinton server. Bentel apparently responded (falsely) that Clinton’s private server had been reviewed and approved by departmental legal staff and “instructed the staff never to speak of the Secretary’s personal email system again.”
Perhaps Bentel was acting on his own—without direction by Clinton or her senior staffers. His boss at the time, Lewis Lukens, recently testified at a deposition in one of the many Clinton Freedom of Information Act cases that he did not recall discussing Clinton’s email situation with Bentel. For his part, the IG was unable to determine whether Bentel took direction from any other Clinton staffer, since Bentel—as well as Clinton, Abedin, and all of Clinton’s closest aides—refused to cooperate with the IG’s investigation. Especially in light of Clinton’s and Abedin’s obvious desire to keep her records shielded from public inquiry, Bentel’s role in the State Department’s response to Clinton’s private email server would seem to present a critical target of inquiry for federal investigators.
And so the Clinton email saga continues. Reports have federal investigators focusing on the security of Clinton’s server and whether she complied with laws protecting classified and national security information. While not reviewing the safety and security of her system, the IG report does suggest that the server was subject to multiple hack attempts and was shut down on one occasion in light of concerns over hacking. But even before getting to those serious (and potentially criminal) questions of operational security, the very existence of the server—and its obvious purpose of avoiding scrutiny by Congress, the courts, and the public—gives federal investigators a lot to chew on.
Shannen W. Coffin served in senior legal positions in the Justice Department and Office of Vice President during the George W. Bush administration and practices appellate and regulatory litigation in Washington.
