In September 2016, it will be revealed that the FBI’s Clinton email investigation formally began on July 10, 2015. However, according to account by CNN in August 2015, the FBI had already begun informally investigating Clinton’s emails in late May 2015. (CNN, 8/20/2015)
In private testimony before the House Benghazi Committee, Clinton confidant Sid Blumenthal is asked about the accuracy of the frequent intelligence emails he sent Clinton. Bloomberg News reports: “Blumenthal repeatedly refused to take any ownership of the information in the emails. He told the committee he was just passing on information to Clinton…”
According to one lawmaker attending the hearing, Blumenthal is asked about an October 15, 2011 email he sent to Clinton claiming that Libyan leader Muammar el-Qaddafi was hiding in the neighboring country of Chad and was about to be interviewed by renowned journalist Seymour Hersh, when in fact el-Qaddafi was still in Libya and died there five days later. Blumenthal is asked, “Did it turn out to be true?” He responds, “I don’t know,” despite the email clearly being untrue.
Committee Chair Trey Gowdy comments to reporters afterwards, “I am interested in the reliability of the information being presented to our top diplomat, and the reality is, having been in the room all day, [Blumenthal] has absolutely no idea whether the information is credible or not.” (Bloomberg News, 6/17/2015)
Blumenthal is a Clinton confidant, journalist, and Clinton Foundation employee. He gives the committee nearly 60 emails between him and Clinton about Benghazi and/or Libya that the committee didn’t have before. (CBS News, 6/16/2015) The emails will be publicly released one week later.
However, Committee head Trey Gowdy (R) will reject a request from the Committee’s Democrats and Blumenthal’s attorney to release a transcript of Blumenthal’s nearly nine-hour long testimony. Gowdy will say, “Releasing transcripts can impact the recollections of other witnesses, jeopardize the efficacy of the investigation, alert witnesses to lines of inquiry best not made public, and publicize personal information.” (The Hill, 6/22/2015)
Although Sid Blumenthal testifies before the House Benghazi Committee in a secret session, a Politico article later on the same day as his testimony reveals some of what he says.
Blumenthal, a journalist and private citizen with no security clearance, frequently wrote emails to Clinton that contained detailed intelligence assessments from various parts of the world, especially Libya. Blumenthal reportedly tells the committee that he doesn’t write or even know the ultimate source of any of his Libyan intelligence he sent to Clinton. Instead, he was copying and pasting memos from Tyler Drumheller, a former CIA operative. Blumenthal and Drumheller were involved in a Libya-related business opportunity called Osprey Global Solutions.
Trey Gowdy (R), head of the committee, says, “One of the folks providing [Clinton] the largest volume of information was simply and merely a conduit of someone who may have had business interest in Libya. We have a CIA, so why would you not rely on your own vetted source intelligence agency? In this case, there was no vetting, no analysis of credibility whatsoever.”
Blumenthal claims his advice was unsolicited and he wasn’t being paid for passing on the information. Committee investigators say Blumenthal’s emails about Libya make up more than a third of all of Clinton’s Libya-related emails.
And although Blumenthal was being paid $120,000 a year as an adviser to The Clinton Foundation, he says his salary there “had nothing whatsoever to do with my emails to my friend” Clinton. He also claims the Libyan business venture with Drumheller was a “humanitarian-assistance idea for medical care in which I had little involvement, never got off the ground, in which no money was ever exchanged, no favor sought and which had nothing to do with my sending these emails.” (Politico, 6/16/2015)
Drumheller will die of pancreatic cancer on August 2, 2015, a month and a half later. It’s unclear if he’s questioned by investigators before his death. If Blumenthal got most or all of his intelligence from Drumheller, it’s unclear where Drumheller got it from, since his 25-year CIA career ended in 2005. (The Washington Post, 8/16/2015)
Axelrod, who was President Obama’s chief campaign strategist, as well as his senior adviser from January 2009 to January 2011, speaks about Clinton’s use of a private email server. He says, “I was there, I was the senior adviser. I didn’t know that.” He suggests that had he known, he would have made an inquiry. “I might have asked a few questions. […] I would have concerns about it.”
In July 2015, after some emails between him and Clinton are released, he clarifies that he knew Clinton used a personal email account, but didn’t know she used a private server. (McClatchy Newspapers, 8/14/2015)
The committee says the emails should have been provided to them by Clinton but weren’t. (The Hill, 6/22/2015) (House Benghazi Committee, 6/22/2015) Ten emails and parts of five others from Blumenthal are work-related but weren’t included when Clinton claims she handed over all of her work-related emails in December 2014. (The Associated Press, 6/25/2015)
Three days after the House Benghazi Committee released 60 newly uncovered emails between Clinton and Sid Blumenthal related to Libyan policy given to the committee by Blumenthal, the State Department announces Clinton didn’t provide them with the Blumenthal emails either. Clinton has claimed she gave all her work-related emails to the State Department. However, department officials say they are no longer certain she complied with their order to turn over all work emails.
The department confirms that ten emails and parts of five others from Blumenthal regarding Benghazi could not be located in their records, but that the 45 other, previously unreleased Libya-related Blumenthal emails published by the committee were in their records. When asked about the discrepancy, Clinton campaign spokesperson Nick Merrill seems to dispute it, saying, “She has turned over 55,000 pages of materials to the State Department, including all emails in her possession from Mr. Blumenthal.” (The Associated Press, 6/25/2015)
In August 2015, The New York Times will comment, “The Clinton campaign has not explained the discrepancy.” (The New York Times, 8/8/2015) More of Clinton’s work emails will be discovered later, including some found by the State Department. (The Hill, 3/24/2016)
John Bentel, director of the department’s Information Resource Management (IRM) office while Clinton was secretary of state, is questioned behind closed doors by the House Benghazi Committee. According to a later account by his lawyer Randy Turk, Bentel testifies he has “no memory or knowledge” of Clinton’s private email server and only learned about it from the newspapers in March 2015.
In early 2016, he will refuse to speak to Congressional investigators and then refuse to speak to a State Department inspector general’s investigators. But the inspector general’s report released in May 2016 will uncover emails and other witness accounts suggesting Bentel did know about her private server and that he stopped his staffers from taking action to keep Clinton’s email practices within the law. (Yahoo News, 5/27/2016)
In June 2016, it will be reported that the computer network of the DNC [Democratic National Committee] was compromised for about a year. Around May 2016, the security company CrowdStrike is hired by the DNC to investigate and stop the hacking attack. According to CrowdStrike, there actually are two different groups that successfully break into the network, both of them linked to the Russian government.
The first group is said to be known by the nickname Cozy Bear. In 2015, it allegedly successfully infiltrated the unclassified networks of the White House, State Department, US Joint Chiefs of Staff, and others. This group gets into the DNC’s network in the summer of 2015 and is not stopped until May 2016.
The second group is said to be known by the nickname Fancy Bear, and it also has had many other successful attacks. It gets into the network in April 2016 and also is stopped in May 2016.
On June 15, 2016, someone going by the nickname “Guccifer 2.0” posts DNC files on the Internet. This person claims to have no connection to the Russian government, but also claims to have accessed the DNC network for “almost a year,” which is similar to what CrowdStrike says about Cozy Bear. (CrowdStrike.com, 6/15/2016) (The Washington Post, 6/15/2016)
Intelligence Community Inspector General Charles McCullough and State Department Inspector General Steve Linick jointly send the FBI a “security referral,” asking the FBI to investigate Clinton’s private emails and server. This grew out of McCullough and Steve Linick reviewing some of the over 30,000 Clinton emails handed over to the State Department in December 2014. (The Los Angeles Times, 3/27/2016) (The Washington Post, 8/14/2015)
However, according to another account by CNN in August 2015, the FBI had already begun investigating Clinton’s emails in late May 2015, so presumably this referral would only have spurred on that effort. (CNN, 8/20/2015) The FBI formally begins their Clinton investigation four days later, on July 10, 2015.
In September 2016, the FBI will reveal in a publicly released report, “On July 10, 2015, the Federal Bureau of Investigation (FBI) initiated a full investigation based upon a referral received from the US Intelligence Community Inspector General (ICIG), submitted in accordance with Section 81 1(c) of the Intelligence Authorization Act of 1995 and dated July 6, 2015, regarding the potential unauthorized transmission and storage of classified information on the personal email server of former Secretary of State Hillary Clinton. The FBI’s investigation focused on determining whether classified information was transmitted or stored on unclassified systems in violation of federal criminal statutes and whether classified information was compromised by unauthorized individuals, to include foreign governments or intelligence services, via cyber intrusion or other means.” (Federal Bureau of Investigation, 9/2/2016)
However, according to an account by CNN in August 2015, the FBI had already begun investigating Clinton’s emails in late May 2015, so presumably this merely formalized it. (CNN, 8/20/2015)
The New York Times reveals that Intelligence Community Inspector General Charles McCullough told the FBI, Justice Department, and members of Congress that Clinton had “top secret” information in two emails among the random selection of 40 emails that the State Department had allowed him to review. Additionally, two other emails contained “secret” level information. “Top secret” is the highest classification level, and “secret” is the medium level.
The State Department refused to give McCullough access to the entire trove of roughly 30,000 emails that Clinton handed over to the Department last year, and which are slowly being released to the public in batches. But State Department official Patrick Kennedy admits that it is likely that the entire body of emails contains hundreds of instances of classified information. (The New York Times, 7/24/2015)
The classification level of a couple of these emails will be downgraded later, but one will remain “top secret.” And eventually, over 2,000 of her emails will be found to have contained classified information.
Intelligence Community Inspector General Charles McCullough and State Department Inspector General Steve Linick issue a joint statement about their inquiry into Clinton’s emails. The statement says that out of a random sample of 40 of Clinton’s emails, Linick found four emails containing information that should have been classified at the time they were sent. “These emails were not retroactively classified by the State Department; rather these emails contained classified information when they were generated and, according to [Intelligence Community] classification officials, that information remains classified today. This classified information should never have been transmitted via an unclassified personal system.” (US Department of State, 7/24/2015)
One email will later be declassified by the State Department, and the department will dispute the classification of another one. (The Washington Post, 3/27/2016)
On July 31, 2015, a Justice Department prosecutor calls Clinton’s personal lawyer David Kendall seeking a thumb drive that contained a copy of the 30,000 emails that Clinton had already turned over to the State Department, according to a person briefed about the conversation.
Under Secretary of State for Management Patrick Kennedy notifies Clinton’s chief of staff Cheryl Mills and her deputy chief of staff Huma Abedin to immediately return all government related emails and records in their possession, along with all copies. According to Politico, Kennedy sends “urgent letters” about this to the lawyers of Mills and Abedin. (Politico, 11/6/2015)
On August 7, 2015, Mills’ lawyer states that after planning to turn over some emails under court order by August 10, “we have instructed her to delete any and all electronic records in her possession.” But that evening, Judge Emmet Sullivan issues an order instructing Clinton, Mills, and Abedin not to destroy any emails they may still have. (The New York Observer, 8/7/2015)
The emails will apparently be saved, because a judge will later order the release of all of Abedin’s emails, and a lawsuit to release all of Mills’ emails is still in progress. (Politico, 1/11/2016) (The Hill, 3/9/2016)
At some point in August 2015, employees at Datto, Inc., a company that specializes in backing up computer data, realize that a private server they have been backing up belongs to Clinton. The server is being managed by Platte River Networks (PRN), and Datto made the connection after media reports revealed PRN’s role.
According to an unnamed Datto official, due to worries about the “sensitive high profile nature of the data,” Datto then recommends that PRN should upgrade security by adding sophisticated encryption technology to its backup systems.
PRN spokesperson Andy Boian later acknowledges receiving upgrade requests from Datto, but he says, “It’s not that we ignored them, but the FBI had told us not to change or adjust anything.”
Boian adds, however, the company did not take Datto’s concerns to the FBI.
The newest version of the server is still in use by the Clintons’ personal office at the time, despite being in news headlines since March 2015. (The Washington Post, 10/7/2015)
On August 12, 2015, the FBI takes an older version of the server from PRN’s control. The FBI doesn’t realize Clinton’s emails were moved from the old server to the new one. They eventually will figure this out and take the new server away as well, on October 3, 2015.
Clinton’s personal lawyer David Kendall writes a letter to the State Department claiming that Clinton’s “use of personal email was consistent with the practices of other secretaries of state.” Kendall points in particular to Colin Powell, who appears to be the only other secretary of state to use a private email account while in office. But Powell had a government email account in addition to private one.
According to the Washington Post, “Powell conducted virtually all of his classified communications on paper or over a State Department computer installed on his desk that was reserved for classified information, according to interviews.” He also had a phone line installed in his office solely to link to his private email account, which he generally used for personal or non-classified communication. The State Department’s inspector general did find that Powell’s personal email account had received two emails from staff that contained “national security information classified at the ‘secret’ or ‘confidential’ levels.” (The Washington Post, 3/27/2016)
It will later come out that the two emails were at the lowest ‘confidential’ level and did not actually contain any intelligence but were classified for other reasons. (ABC News, 3/4/2016)
Clinton’s server has been managed by Platte River Networks (PRN) since June 2013. And since that time, PRN has subcontracted Datto, Inc. to make periodic back-ups of all the data on the server. PRN has thought that the back-ups have been only made through a device attached to the server called the Datto SIRIS S2000.
However, on August 1, 2015, an unnamed PRN employee notices that data from the server was possibly being sent to an off-site Datto location. On August 6, 2015, Sam Hickler, PRN’s vice president of operations, contacts Datto employee Leif McKinley about this, CCing PRN employees Paul Combetta and Treve Suazo.
McKinley confirms that, due to a misunderstanding, Datto has been making periodic back-ups of the server data through the Internet “cloud” as well as locally through the device. Furthermore, periodic back-ups have been made this way since June 2013.
Suazo, the CEO of PRN, tells Datto on August 6, 2015, that “This is a problem.” This is because the Clinton Executive Services Corp. (CESC), the Clinton family company that hired PRN to manage the server, explicitly stated from the beginning that they didn’t want any remote back-ups to be made. Thus, PRN employees tell Datto not to delete whatever data was stored in the cloud, and instead work to get it back to the control of PRN.
On August 7, 2015, Datto and PRN employees discuss saving the data on a thumb drive and sending it to PRN. Then, according to an email from one unnamed PRN employee to another, they would have Datto “wipe [the data] from the cloud.”
This is according to a letter that will be sent in October 5, 2015 to Datto CEO Austin McChord by Senator Ron Johnson (R). Johnson is chair of the Senate Homeland Security and Government Affairs Committee, and is conducting oversight of the FBI’s Clinton email investigation. However, Johnson will be unable to determine what happened next, such as if the thumb drive was sent and the data was wiped. Furthermore, McChord will not be able to reveal that information to Johnson because Datto needs PRN’s permission to share that information and PRN won’t give it. (US Congress, 9/12/2016) (US Congress, 9/12/2016)
Although Drumheller retired from the CIA in 2005 after 25 years of service, he seems to have had access to intelligence information that got passed on to Clinton through emails sent to her by private citizen Sid Blumenthal. Drumheller and Blumenthal were business partners at least in 2011, and there are suspicions that during Clinton’s time as secretary of state, Blumenthal essentially ran a private intelligence service for Clinton using information from Drumheller. (The New York Times, 8/2/2015)
John Schindler, a former NSA counterintelligence officer, will later claim that Drumheller “was never particularly popular at CIA and he left Langley under something of a cloud. His emails to Mr. Blumenthal, which were forwarded to Ms. Clinton, were filled with espionage-flavored information about events in Libya. In many cases, Mr. Drumheller’s reports were formatted to look exactly like actual CIA reports, including attribution to named foreign intelligence agencies. How much of this was factual versus Mr. Drumheller embellishing his connections is unclear.” Schindler adds that answers to questions about Drumheller’s role may never be known due to his death. (The New York Observer, 10/19/2015)
Platte River Networks (PRN) is the computer company that has been managing Clinton’s private server since June 2013. On August 8, 2015, Senator Ron Johnson (R), chair of the Senate Homeland Security Committee, asks PRN for a staff-level briefing on the server. A July 2016 letter co-written by Johnson will indicate that there was an “initial production” by PRN later in August 2015 about various matters, “including maintaining Secretary Clinton’s private server.” (US Congress, 7/22/2016) (Politico, 11/13/2015)
However, it seems apparent that PRN says nothing about the later-revealed fact that PRN employee Paul Combetta deleted and wiped all of Clinton’s emails off her server in late March 2015, because Johnson will show no knowledge of that in the above-mentioned letter or other letters. Furthermore, in September 2015, PRN will publicly state that it has no knowledge of the server being wiped.
Furthermore, when the FBI picks up Clinton’s server from a data center in New Jersey on August 12, 2015, they only pick up one server. But actually there are two servers there, both being managed by PRN, and Clinton’s emails had been transferred from the old one to the new one. The FBI will discover this on their own and pick up the newer server as well on October 3, 2015, so it seems probable that PRN is not honest with the Congressional committee about this basic fact either.
Additionally, when Johnson’s committee asks to interview PRN employees one month later, the company will refuse and will cease cooperating with Congressional investigators.
J. William Leonard asserts that the State Department has an obligation to monitor unclassified email for classified spillage, as well as to protect computer systems and provide emails to Congress or the public when required to by law. He says, “The agency can’t fulfill those legal responsibilities if it doesn’t have control over the server.” (The New York Times)
Her short statement includes this sentence: “I have directed that all my emails on clintonemail.com in my custody that were or potentially were federal records be provided to the Department of State, and on information and belief, this has been done.”
That statement is a result of a Freedom of Information Act (FOIA) lawsuit brought by Judicial Watch against the State Department. Additionally, Clinton mentions in her statement that her top aide Huma Abedin also had an email account on her clintonemail.com server that “was used at times for government business,” but another top aide, Cheryl Mills, did not. (The New York Times, 8/10/2015) (Politico, 8/8/2015)
One month later, some more of Clinton’s work emails from her time as secretary of state will be discovered by the Defense Department. (The New York Times, 9/25/2015)
The State Department inspector general’s office says it is reviewing the use of “personal communications hardware and software” by Clinton’s former top aides, after requests from Congress. In March 2015, three Republican Senate committee chairs—Richard Burr, Ron Johnson, and Bob Corker—requested an audit of some of her aides’ personal emails.
Douglas Welty, a spokesperson for the inspector general’s office, says, “We will follow the facts wherever they lead, to include former aides and associates, as appropriate.” However, the office won’t say which aides are being investigated. (McClatchy Newspapers, 8/11/2015)
This comes after months of her refusing to hand it over. (The New York Times, 8/11/2015) The old server is picked up by the FBI from the management of Platte River Networks (PRN) one day later. It is being kept at an Equinix data center in Secaucus, New Jersey, and it is picked up there.
However, the company transferred Clinton’s data to a new server, which is also being managed by PRN and is kept at the same data center. The FBI won’t pick up that one until October 2015.
The email sample was examined by the inspectors general of the State Department and the Intelligence Community. Those two emails were not marked as classified at the time, but were given classified labels indicating they contain highly sensitive information from signal intercepts and spy satellites. One is a discussion of a news article about a drone strike operation. The other concerns North Korea’s nuclear weapons program. (Inspector General of the Intelligence Community, 8/11/2015) (The New York Times, 9/7/2015)
One of the two emails is said to be designated “TOP SECRET//SI//TK/NOFORN.” “SI” stands for “special intelligence,” and usually indicates an intercepted communication. “TK” is an abbreviation for “Talent Keyhole,” which the New York Times reports “relies on satellite intercepts of conversations or imagery data. The program involves some of the most secure information in the intelligence agencies’ computer systems.” “NOFORN” means no foreigners should read the intelligence. (The New York Times, 8/14/2015)
In February 2016, the email about North Korea, written July 3, 2009, will be downgraded from “top secret” to “secret” and then partially released. This will leave one of the random sample of 40 emails “top secret.” All that is known about it is that it is from 2011. (The New York Times, 2/29/2016)
Platte River Networks (PRN) has been managing Clinton’s private email server. According to a New York Post article in September 2016, around August 2015, PRN wants to double check their behavior after media reports that the FBI is investigating Clinton’s server. “Company execs scrambled to find proof that Clinton’s reps had months earlier asked to cut the retention of emails from 60 days to 30 days.”
On August 12, 2015, PRN employee Bill Thornton writes, “OK, we may want to work with our attorneys to draft up something that absolves us of that question. I can only assume that will be the first and last question for us, ‘Why did we have backups of the system since the time of inception, then decide to cut them back to just 60 or 30 days?’ If we can get that from them in writing, I would feel a whole lot better about this.”
The other PRN employee who has been actively managing the Clinton account with Thornton, Bill Combetta, responds that he believes the request was made to PRN by phone.
An email exchange between the two on the same topic several days later will make clear that the Clinton representatives are employees of Clinton Executive Services Corp. (CESC) the Clinton family company that has been paying PRN. (The New York Post, 9/18/2016)
The Washington Post reports that Clinton’s old server, which was in a New Jersey data center, had all its data deleted some time earlier.
A lawyer for Platte River Networks, the company that managed the server, says, “To my knowledge, the data on the old server is not available now on any servers or devices in Platte River Network’s control.”
Investigators also take thumb drives from Clinton’s lawyer David Kendall containing copies of Clinton’s emails. (The Washington Post, 8/12/2015)
There are two Clinton servers in existence at the time, and both the old and new ones are located at the Equinix data center in Secaucus, New Jersey.
However, a September 2016 FBI report will explain that Clinton’s lawyers never revealed that Clinton’s emails had once been transferred from the old server to the new server, so the FBI only picks up the old server. The FBI will later learn on its own about the transfer and then pick up the new server as well, on October 3, 2015. (Federal Bureau of Investigation, 9/2/2016)
In March 2016, the Los Angeles Times will report that some time after the FBI took possession of Clinton’s private server on August 12, 2015, the FBI “has since recovered most, if not all, of the deleted correspondence, said a person familiar with the investigation.” Clinton deleted 31,830 emails, claiming they were not work-related. (The Los Angeles Times, 3/27/2016)
In a September 2016 FBI report, it will turn out that the FBI was able to recover about 17,500 of the deleted emails.
This is according to Bloomberg News, based on information from an unnamed US official. The data may have been backed up on another machine. Peter Toren, a former computer crimes prosecutor for the Justice Department, says Clinton didn’t use a private server “because it was convenient for her. There’s a ton of email services that are available that are actually quite secure, easy to use, and you can use them on every device.” (Bloomberg News, 8/13/2015)
Security expert Matt Devost similarly comments that when it comes to a private server like Clinton’s, “You erase it and everything’s gone,” while commercial email services like Gmail and Yahoo Mail retain copies even after users erase them from their inboxes, which could be why Clinton didn’t use them for her email account. (Bloomberg News, 3/4/2015)
However, many of Clinton’s top aides did use commercial email services like Gmail and Yahoo Mail, and the FBI could find copies of some of Clinton’s emails by asking those companies to check their back-up copies. (Bloomberg News, 8/13/2015)
State Department official John F. Hackett reveals to a federal judge that two of Clinton’s aides “used personal email accounts located on commercial servers at times for government business.” Clinton’s chief of staff Cheryl Mills had a Google Gmail account, and Clinton’s deputy chief of staff Huma Abedin had an account on the same clintonemail.com private server used by Clinton. (The Washington Times, 8/14/2015)
Clinton has argued that 90% or more of her emails would have been archived by the State Department since she communicated mostly with other State Department employees. But in fact less than one percent of emails were archived by the department during her tenure there, and she emailed Mills and Abedin more than anyone else. (The Washington Post, 11/9/2015)
The New York Times reports that according to several unnamed US officials, “specially trained cybersecurity investigators will seek to determine whether Russian, Chinese, or other hackers breached the account or tried to transfer any of Mrs. Clinton’s emails…” (The New York Times, 8/14/2015)
An unnamed State Department official who works in the Office of Information Programs and Services (IPS) is interviewed by the FBI on this day. According to a later FBI summary of the interview, she claims that around August 10, 2015, just a week before the interview, “[redacted] from Office of the Secretary of Defense (OSD) called [her] and told her Centcom records showed approximately 1,000 work-related emails between Clinton’s personal email and General David Petraeus, former commander of Centcom and former director of the CIA. Most of those 1,000 emails were not believed to be included in the 30,000 emails that IPS was reviewing. Out of the 30,000 emails, IPS only had a few emails from or related to Petraeus…” She “recommended the FBI should talk with [redacted] regarding the alleged 1,000 emails between Clinton and Petraeus.” (Federal Bureau of Investigation, 9/23/2016)
On September 25, 2015, the New York Times will report on the existence of 19 work-related emails between Clinton and Petraeus sent in January 2009 that were not turned over when Clinton gave what she said was all her 30,000 work-related emails to the State Department in December 2014. Since that time, neither these 19 emails nor any other of the alleged 1,000 emails between them have been made public.
Platte River Networks (PRN) managed Clinton’s server from June 2013 until early August 2015. Former employee Tera Dadiotis calls it a “mom and pop shop.” She adds, “At the time I worked for them they wouldn’t have been equipped to work for Hilary Clinton because I don’t think they had the resources… [It was] not very high security, we didn’t even have an alarm. […] [W]e literally had our server racks in the bathroom. […] We only had the three owners and like eight employees. We didn’t do any work in other states.” PRN’s facility was a 1,900 square foot apartment in an ordinary apartment building until it moved into a larger space in June 2015. (The Daily Mail, 8/18/2015)
However, the security of PRN’s offfice may not have been directly relevant to Clinton’s server, because a 2016 FBI report will give no indication that her server was ever physically located at the office. It was put in an Equinix data center in New Jersey instead, and mostly managed remotely by PRN. (Federal Bureau of Investigation, 9/2/2016)
PRN also has ties to prominent Democrats. For instance, the company’s vice president of sales David DeCamillis is said to be a prominent supporter of Democratic politicians. He once offered to let Senator Joe Biden (D) stay in his house in 2008, not long before Biden became Obama’s vice president. The company also has done work for John Hickenlooper, the Democratic governor of Colorado.
Another former employee says everyone was told to keep quiet about the fact they were doing work for Clinton. (The Daily Mail, 8/18/2015)
Platte River Networks (PRN) has managed Clinton’s server since June 2013. Furthermore, PRN subcontracted with Datto, Inc. to make periodic back-ups of the server’s data. It has been claimed that Clinton Executive Service Corp. (CESC), the Clinton family company that hired PRN in June 2013, always made clear that there should be a 30-day deletion policy for the Datto back-up of the server. That means that any deleted email would be permanently deleted after 30 days.
However, an August 18, 2015 email from one PRN employee, Paul Combetta, to another, Bill Thornton, suggests the implementation of this policy actually happened later. Combetta believes that CESC directed PRN to reduce the length of time backups, but “this was all phone comms [communications].”
Thorton replies the next day. The email has the subject heading “CESC Datto.” He writes, “Any chance you found an old email with their directive to cut the backup back in Oct-Feb. I know they had you cut it once in Oct-Nov, then again to 30 days in Feb-ish.” (Presumably this refers to October 2014 through February 2015.)
Thornton continues, “If we had that email, then we’re golden. … Wondering how we can sneak an email in now after the fact asking them when they told us to cut the backups and have them confirm it for our records. Starting to think this whole thing really is covering up some shady shit. I just think if we have it in writing that they [CESC] told us to cut the backups, and we can go public with our statement saying we have had backups since day one, then we were told to trim to 30 days, it would make us look a WHOLE LOT better.” (Politico, 10/6/2015) (McClatchy Newspapers, 10/6/2015) (US Congress, 9/12/2016) (The New York Post, 9/18/2016)
Combetta replies, “I’ll look again, but I’m almost positive we don’t have anything about the 60 day cut. … It’s up to lawyer crap now, so just sit back and enjoy the silly headlines.”
Then, seemingly without any prompting, Combetta makes some comments supportive of Clinton’s position in her email controversy: “It wasn’t the law to be required to use government email servers at the State Department, believe it or not. Colin Powell used an AOL address for communicating with his staff, believe it or not.” (Daily Caller, 9/14/2016)
It’s not clear when the deletion policy for the Datto back-up of the server was instituted or changed. But if these employees are correct, the change would have come after Clinton was formally asked to hand over all her emails, which took place in October 2014.
Clinton’s campaign has acknowledged “that there was an attempt to wipe [Clinton’s private] server before it was turned over last week to the FBI. But two sources with direct knowledge of the investigation told NBC News… that the [FBI] may be able to recover at least some data.” (NBC News, 8/19/2015)
“Wiping” refers to repeatedly overwriting data with new data to make sure it can never be recovered. (The Washington Post, 9/12/2015)
In 2016, it be revealed that Paul Combetta, an employee of Platte River Networks, the company managing Clinton’s private server, deleted and then wiped Clinton’s emails in March 2015.
Cheryl Mills, Clinton’s lawyer and former chief of staff, will be interviewed by the FBI in April 2016 and will claim that she never knew Clinton’s emails were deleted or wiped, even though she was in communcation with Combetta shortly before and after when he did the deleting and wiping. Clinton will be interviewed by the FBI in July 2016, and will similarly claim that she never knew her emails were deleted orr wiped.
Michael Hayden, who was appointed director of the NSA by President Bill Clinton and then director of the CIA by President George W. Bush, says that Hillary Clinton’s “original sin is actually co-mingling [her] two accounts and not using a government e-mail server. […] [P]ut legality aside just for a second, it’s stupid and dangerous. […] Dangerous to her and to the Republic and to American secrets. But… I don’t even think it was legal. That has to be against policy. Look, most folks like me, I never had a smart phone until I left government because of the sensitivity of the information I would put on there even if it were unclassified.” (MSNBC, 8/19/2015)
Platte River Networks is a small Colorado-based technology company, and they managed Clinton’s server from mid-2013 to early August 2015. They had never had a federal government contract and did not work for political campaigns. Nearly all their clients are local businesses. David DeCamillis, the company’s vice president of sales, says that if they’d had any clue what might have resulted from accepting the contract, “we would never have taken it on.” (The Washington Post, 8/19/2016)
Furthermore, Cindy McGovern, a Defense Department spokesperson, says that Platte River “is not cleared” to have access to classified material. (Business Insider, 8/17/2015)
Cybersecurity expert Alex McGeorge believes that if classified information was mishandled, the onus is on Clinton, not on the company. “The fact that Platte River is not a cleared contractor is largely irrelevant, [since] they were handling what should have been unclassified email. That classified email may have been received by a server under their control is troubling, and they may have been less equipped to deal with it, but it is ultimately not their fault.” (Business Insider, 8/19/2016)
Furthermore, when Clinton aides Cheryl Mills and Huma Abedin left the State Department, their BlackBerrys were likely destroyed after they were returned to the government, since they were outdated models by that time. (Judicial Watch, 8/19/2015)
Lawyer David Kendall tells this to the Senate Homeland Security committee. He adds that both he and his office partner lawyer Katherine Turner had been given security clearances to handle a thumb drive containing some of Clinton’s emails, but he doesn’t say when. His comments don’t clarify if Clinton’s server was wiped or merely erased.
“Wiping” means that new data is written over the old data several times to make sure it can never be recovered. (The Guardian, 8/19/2015)
US District Judge Emmet Sullivan says of Clinton in a court hearing, “We wouldn’t be here today if this employee had followed government policy.” He orders the State Department to ask the FBI if Clinton’s server now possessed by the FBI still contains official records that have been demanded in various Freedom of Information Act (FOIA) lawsuits. He says that although the law normally doesn’t allow for searches of private email accounts, this is an unusual situation because “there was a violation of government policy.”
In response, Clinton’s spokesperson Brian Fallon continues to insist that Clinton’s behavior was “permissible under the department’s policy at the time.” (Politico, 8/20/2015)
Paul Combetta, an employee of Platte River Networks (PRN), sends an email to Leif McKinley, an employee of Datto, Inc. PRN is managing Clinton’s private server, and Datto has been subcontracted by PRN to provide back-up for the server. Combetta writes: “We are trying to tighten down every possible security angle on this customer. It occurs to us that anyone at PRN with access to the Datto Partner Portal (i.e. everyone here) could potentially access this device via the remote web feature. Can we set up either two-factor authentication, or move this device to a separate partner account, or some other method (disable remote web access altogether?) to allow only who we permit on our end to access this device via the Internet?” (US Congress, 9/12/2016)
On May 14, 2015, a photo of PRN employees was posted to their website and suggests the number of employees working there at the time to be approximately 28. (Platte River Networks, 5/14/15)
In September 2016, after the email is publicly released, Representative Jason Chaffetz (R) will comment, “If I understand the email correctly, every single employee of PRN could have accessed some of the most highly classified national security information that’s ever been breached at the State Department.” (US Congress, 9/13/2016)
That means they were classified from their creation. A Reuters analysis concludes, “In the small fraction of emails made public so far, Reuters has found at least 30 email threads from 2009, representing scores of individual emails, that include what the State Department’s own ‘classified’ stamps now identify as so-called ‘foreign government information.’ The US government defines this as any information, written or spoken, provided in confidence to US officials by their foreign counterparts.” Although unmarked, Reuters’ analysis suggests that these emails “were classified from the start.”
J. William Leonard, a former director of the NARA Information Security Oversight Office, said that such information is “born classified” and that “If a foreign minister just told the secretary of state something in confidence, by US rules that is classified at the moment it’s in US channels and US possession.” According to Reuters, the standard US government nondisclosure agreement “warns people authorized to handle classified information that it may not be marked that way and that it may come in oral form.”
The State Department disputes Reuters’ analysis but does not elaborate or explain why. (Reuters, 8/21/2015)
Clinton’s top campaign officials are debating a statement Clinton would make on her use of an email server in her home. Campaign spokesperson Brian Fallon writes in an email, “We should not think it is fine to find something that ‘should have been classified at the time.’ Our position is that no such material exists, else it could be said she mishandled classified info.” The email is sent to Clinton’s campaign chair John Podesta, as well as Clinton aides Jen Palmieri, Robby Mook, and three others. (WikiLeaks, 10/10/2016)
After the email is leaked in October 2016, Bloomberg News will note that “Fallon’s [email] came just days after Clinton gave a vague answer on the erasure of emails that her lawyers deemed not to be work-related. Asked if she’d wiped her server, she responded: ‘Like with a cloth or something?‘”
Additionally, “It wasn’t immediately clear when or if Clinton delivered the statement suggested by Fallon, which would have come after months of downplaying the issue. Four days after Fallon wrote the email, Clinton said using the server ‘clearly wasn’t the best choice. I’m confident that this process will prove that I never sent nor received any email that was marked classified.” (Bloomberg News, 10/13/2016)