NEWS ANALYSIS: Laws governing the Clinton email case are not unlike standards in general, which always run years behind the innovation in IT. And that's an issue.
History recorded the first successful email event going across disparate networks
as occurring way back on Nov. 22, 1977, when data flowed seamlessly from a refurbished bread truck (which had been rebuilt into a mobile data relay station) from a location in Portola Valley, California, to a gateway at Stanford Research Institute (SRI) in Menlo Park, Calif.
It then went to a host at the University of Southern California (400 miles away) via London—across three types of networks: packet radio, satellite and the military's ARPANET.
We've all come a very long way since that day in 1977. However, it appears that key people in the U.S. government—who are supposed to be smart folks—still haven't figured out how to use, nor understand the limitations of, the world's No. 1 killer app.
The news July 5 that former Secretary of State Hillary Clinton, the presumptive nominee of the Democratic Party for president of the United States, will not be prosecuted by the Department of Justice for misuse of government email brings this whole issue up close for everybody to see.
Thanks to Backward Rules, Her Email Account Was Permissible
While Clinton certainly is not expected to be an IT expert, she should at the very least know the difference—and the security ramifications—between sending an email on a ".gov" email account and one that's on the "clinton.org" account. That much is undeniable. Clinton made a clear decision to use one email account for personal and government use for convenience sake. And, according to the current backward rules and regulations of the State Department, it actually was permissible.
In fact, since this controversy has arisen, it has been determined that more than 300 members of Congress also have non-official Web-based email accounts, and that official government business has undoubtedly been conducted using those accounts.
Here's a quick rundown of the facts in this case: When she was the head of the State Department, Clinton used a personal email server rather than a government one. The FBI investigation was concerned with whether classified information was stored or transmitted over that personal server at her office in New York. The law says it is a felony to knowingly mishandle classified information "in a grossly negligent way," a determination that is open to interpretation.
FBI Director James Comey, who personally headed up the investigation, determined that Clinton was not grossly negligent, thus the result announced July 5.
Interestingly, in his rather brutal commentary about Clinton's "carelessness" in misusing email, Comey also noted that the security being used on the private email server wasn't as strong as the standard security Google deploys in its Gmail.com accounts.
Since it hasn't been made public which brand of server security Clinton was using on the server, we can't know whether this is true or not. Google, however, knows security like few other companies, so what Comey said is probably close to truth.
Clinton Knew Email Differences but Decided on Using Personal Only
Most experts eWEEK
referenced believe that Clinton certainly knew the differences between the two types of email domains noted above but didn't care enough about the differences to change her modus operandi—which was to use one email account because it was simply easier to use.
"When Clinton got to the Department, she opted to use her personal email account as a matter of convenience. It enabled her to reach people quickly and keep in regular touch with her family and friends more easily given her travel schedule. That is the only reason she used her own account," Clinton's Website says.
"As Clinton has said, in hindsight, it would have been better to just have two accounts."
Of course. She could have avoided all this had she had some better advice earlier and had the State Department rules been up to date and more directional.
Was having one personal email account legal for a secretary of state? Yes. The laws, regulations and State Department policy in place during her tenure permitted her to use a non-government email for work. This part needs to be amended; official business, classified or not classified, should be conducted only in an official government email account, for a spate of reasons: security, record-keeping and archiving reasons chief among them.
This Issue Will Come Up Again
Some observers believe that even though the FBI said July 5 that it will not bring charges on the case, the issue is not history. They may be right. The central problem for Clinton—and who knows how many other government employees—is that rules and regulations around IT at the government level are still too vague, too misunderstood and too bendable for complete understanding by the multiple millions of people affiliated with the government.
This is not unlike standards, in general, which always run years behind the innovation in IT. Standards and innovation rarely, if ever, catch up with each other.
Clinton is certainly not the only one who's exhibited a misunderstanding of the use of email in official government communications. There's a good deep dive article here by governmental email expert David Gewirtz
that examines the history of U.S. secretaries of state and their issues with classified information being sent via email.
Maybe the long-term answer is for the government to simply discard email and move to texting. What a can o' worms that would open.