January 25, 2015: A lawsuit filed this day will result in the release of all of Clinton’s work emails.

Judge Rudolph Contreras (Credit: The National Law Journal)

Judge Rudolph Contreras (Credit: The National Law Journal)

Jason Leopold of Vice News files a lawsuit seeking all of Clinton’s emails during her time as secretary of state. (Politico, 3/28/2015) Leopold first requested the emails in a November 2014 Freedom of Information Act (FOIA) request. (Vice News, 2/29/2016

As a result of this lawsuit, in May 2015, US District Judge Rudolph Contreras will order rolling production and release of the work-related emails in the State Department’s possession in monthly batches. (Vice News, 5/19/2015)

March 3, 2015: An unnamed State Department technology expert complains that he and others tried to warn that Clinton’s use of a private email account was a security risk.

He says, “We tried. We told people in her office that it wasn’t a good idea. They were so uninterested that I doubt the secretary was ever informed.” He was a member of the department’s cybersecurity team. He says it was well known amongst the team that Clinton’s private account was at greater risk of being hacked or monitored, but their warnings were ignored. (Al Jazeera America, 3/3/2015)

March 4, 2015: It is reported for the first time that Clinton’s private email address was hosted on a private server.

On March 2, 2015, the New York Times revealed that Clinton exclusively used a private email acccount while she was secretary of state. However, that article made no mention of private servers. On this day, the Associated Press reveals that account was registered to a private server located at Clinton’s house in Chappaqua, New York. This was discovered by searching Internet records. For instance, someone named Eric Hoteham used Clinton’s Chappaqua physical address to register an Internet address for her email server since August 2010. (This may be a misspelling of Clinton aide Eric Hothem.)

The Associated Press reports, “Operating her own server would have afforded Clinton additional legal opportunities to block government or private subpoenas in criminal, administrative or civil cases because her lawyers could object in court before being forced to turn over any emails. And since the Secret Service was guarding Clinton’s home, an email server there would have been well protected from theft or a physical hacking.”

The article continues, “But homemade email servers are generally not as reliable, secure from hackers or protected from fires or floods as those in commercial data centers. Those professional facilities provide monitoring for viruses or hacking attempts, regulated temperatures, off-site backups, generators in case of power outages, fire-suppression systems, and redundant communications lines.”

The article mentions that it is unclear Clinton’s server is still physically located in Chappaqua.  (The Associated Press, 3/4/2015) It will later be revealed that it was moved to a data center in New Jersey in June 2013.

 

March 4, 2015: Clinton’s private server used a misconfigured encryption system.

Alex McGeorge (Credit: CNBC)

Alex McGeorge (Credit: CNBC)

Alex McGeorge, head of threat intelligence at Immunity Inc., a digital security firm, investigates what can be learned about Clinton’s still-operating server. He says, “There are tons of disadvantages of not having teams of government people to make sure that mail server isn’t compromised. It’s just inherently less secure.” He is encouraged to learn the server is using a commercial encryption product from Fortinet. However, he discovers it uses the factory default encryption “certificate,” instead of one purchased specifically for Clinton.

Bloomberg News reports: “Encryption certificates are like digital security badges, which websites use to signal to incoming browsers that they are legitimate. […] Those defaults would normally be replaced by a unique certificate purchased for a few hundred dollars. By not taking that step, the system was vulnerable to hacking.”

McGeorge comments, “It’s bewildering to me. We should have a much better standard of security for the secretary of state.” (Bloomberg News, 3/4/2015)

March 5, 2015: Key questions about Clinton’s email scandal go unanswered.

Politico reports, “State Department officials and Clinton aides have offered no response to questions in recent days about how her private email system was set up, what security measures it used, and whether anyone at the agency approved the arrangement. It’s unclear how such a system, run off an Internet domain apparently purchased by the Clinton family, could have won approval if the department’s policies were as the [State Department’s] inspector general’s report describes them.” (Politico, 3/3/2015

According to State Department regulations in effect at the time, the use of a home computer was permitted, but only if the computer was officially certified as secure, and no evidence has emerged that Clinton’s server was given such a certification. Additionally, the department’s Foreign Affairs Manual (FAM) states, “Only Department-issued or approved systems are authorized to connect to Department enterprise networks.” (US Department of State) 

An April 2016 article will indicate that many of the same questions still remain unanswered. (The Hill, 3/4/2016)

March 7, 2015—Mid-July 2016: Donations to a state senate election lead to potential conflicts of interests in three FBI investigations for a high-ranking FBI official.

The Clintons stand behind Terry McAuliffe during his inauguration as the Commonwealth of Virginia’s 72nd governor. (Credit: Patrick Semansky / The Associated Press)

Virginia Governor Terry McAuliffe is widely considered the best friend of Bill and Hillary Clinton, and was co-chair of one of Bill’s presidential campaigns and the chair of Hillary’s 2008 presidential campaign. In March 2016, McAuliffe says, “We’re best friends, I’ve been family friends with the Clinton’s for thirty years. It’s a great relationship, we vacationed together for years, we’re just very personal friends…” (The Valley’s Music Place, 3/31/2016)

On March 7, 2015, McAuliffe and other state Democratic Party leaders meet with Dr. Jill McCabe and persuade her to run for a state senator seat in Virginia. Dr. McCabe is a hospital physician who has never run for political office before. This has potentially larger political implications, because her husband is Andrew McCabe, an FBI official who runs the FBI’s Washington, DC, field office at the time.

Dr. Jill McCabe (Credit: Twitter)

Dr. Jill McCabe (Credit: Twitter)

FBI officials will later claim that after the March 7, 2015 meeting, Andrew McCabe seeks ethics advice from the FBI and follows it, avoiding involvement with public corruption cases in Virginia, and also avoiding any of his wife’s campaign activities or events.

Five days before Jill McCabe is asked to run, on March 2, 2015, the New York Times publicly reveals Clinton’s use of a private email address, and her use of a private email server is revealed two days later, starting a major and prolonged political controversy. Jill McCabe announces her candidacy on March 12, 2015.

On July 10, 2015, the FBI’s Clinton email investigation formally begins, although it may have informally begun earlier.

Andrew McCabe and Jill McCabe pose at a campaign event in 2015. (Credit: Sharyl Attkisson)

Andrew McCabe and Jill McCabe pose at a campaign event in 2015. (Credit: Sharyl Attkisson)

Andrew McCabe’s Washington, DC, field office provides personnel and resources to the investigation. At the end of July 2015, he is promoted to assistant deputy FBI director, the number three position in the FBI.

During the 2015 election season, McAuliffe’s political action committee (PAC) donates $467,500 to Jill McCabe’s campaign. Furthermore, the Virginia Democratic Party, ”over which Mr. McAuliffe exerts considerable control,” according to the Wall Street Journal, donates an additional $207,788 to her campaign. “That adds up to slightly more than $675,000 to her candidacy from entities either directly under Mr. McAuliffe’s control or strongly influenced by him.”

This represents more than a third of all the campaign funds McCabe raises in the election. She is the third-largest recipient of funds from McAuliffe’s PAC that year.

Virginia State Senator Dick Black (Credit: Twitter)

Virginia State Senator Dick Black (Credit: Twitter)

On November 3, 2015, Jill McCabe loses the election to incumbent Republican Dick Black. Once the campaign is over, “[Andrew] McCabe and FBI officials felt the potential conflict-of-interest issues ended,” according to the Journal.

In February 2016, Andrew McCabe is promoted to deputy FBI director, the second highest position in the FBI. In this role, he is part of the executive leadership team overseeing the Clinton email investigation, though FBI officials say any final decisions are made by FBI Director James Comey.

However, that is not the only potential conflict of interest. By February 2016, four FBI field offices are conducting investigations of the Clinton Foundation. McAuliffe was a Clinton Foundation board member until he resigned when he became the governor of Virginia in 2013. (The Wall Street Journal, 10/24/2016)

Also, at some point in 2015, if not earlier, the FBI begins conducting an investigation of McAuliffe. When the existence of this investigation is publicly leaked in May 2016, media reports suggest it may involve McAuliffe’s financial relationship with a Chinese businessperson who has donated millions to the foundation. It is also reported that investigators have looked at McAuliffe’s time as a board member of the Clinton Global Initiative (CGI), a yearly conference run by the Clinton Foundation.  (CNN, 5/24/2016)

Andrew McCabe (Credit: Getty Images)

Andrew McCabe (Credit: Getty Images)

In the spring of 2016, Andrew McCabe agrees to recuse himself from the McAuliffe investigation, due to McAuliffe’s donations to Jill McCabe’s election campaign. However, he doesn’t recuse himself from the Clinton Foundation investigation or the Clinton email investigation, despite McAuliffe’s close ties to Bill and Hillary Clinton. (The Wall Street Journal, 10/24/2016)

In mid-July 2016, the FBI seeks to reorganize the Clinton Foundation investigation. McCabe decides the FBI’s New York office should take the lead, while the Washington office that he formerly headed should take the lead with the McAuliffe investigation. The Journal will later report, “Within the FBI, the decision was viewed with skepticism by some, who felt the probe would be stronger if the foundation and McAuliffe matters were combined.” However, the decision is implemented.

McCabe also is involved in an effort to shut down the foundation investigation in August 2016, but his role is unclear.

In October 2016, McCabe’s potential conflicts of interest will be revealed by two Wall Street Journal articles. (The Wall Street Journal, 10/30/2016) In early November 2016, the Journal will report that “some [in the FBI] have blamed [McCabe], claiming he sought to stop agents from pursuing the [Clinton Foundation] case this summer. His defenders deny that, and say it was the Justice Department that kept pushing back on the investigation.” (The Wall Street Journal, 11/2/2016)

Around that time, James Kallstrom, the former head of the FBI’s New York office, will say of McCabe, “The guy has no common sense. He should be demoted and taken out of the chain of command.” (The American Spectator, 11/1/2016)

March 9, 2015: An email from Cheryl Mills warns a Platte River Networks employee that Clinton’s emails should be preserved, but he will delete them all later in the month anyway.

Cheryl Mills, who is one of Clinton’s lawyers at the time, as well as being her former chief of staff, sends an email to some employees at Platte River Networks (PRN), the company that is managing Clinton’s private server. On March 3, 2015, the House Benghazi Committee sent a letter to Clinton’s lawyers, asking that they preserve all of Clinton’s emails. This is because of a New York Times report the day before that indicated Clinton probably had many emails from when she was secretary of state that the State Department did not. Mills’ email to PRN references this preservation request.

150303PlatteRiverNewOfficePRFB

In March 2015, PRN is preparing to move from a small downtown loft in Denver, to a more spacious 12,000 sq. foot office space. (Credit: Platte River Networks / Facebook)

PRN employee Paul Combetta is one of the recipients of this email from Mills. In a February 18, 2016 FBI interview, he will claim that he didn’t recall seeing the preservation request mentioned in the email. But he will be interviewed by the FBI again, on May 3, 2016. At that time, he will indicate that he deleted and then wiped all of Clinton’s emails from her server in late March 2015, despite the fact that, according to an FBI report, “he was aware of the existence of the preservation request and the fact that it meant he should not disturb Clinton’s email data on [Clinton’s] server.”

It is not clear why he will do this. He will also state during his second interview, “he did not receive guidance from other PRN personnel, PRN’s legal counsel, or others regarding the meaning of the preservation request.” (Federal Bureau of Investigation, 9/2/2016)

Shortly After March 10, 2015 or Later: An employee of the company managing Clinton’s server comments that company employees are seeking to “cover our asses” due to news that Clinton’s emails were deleted.

In September 2016, a New York Post article will reveal details of a number of emails between Platte River Networks (PRN) employees, the company managing Clinton’s private server since June 2013.

In it, the Post will mention that PRN employees “frantically sought to ‘cover our asses’ when news broke that [Clinton’s] communications were deleted.” Unfortunately, the article won’t mention which PRN employee wrote the “cover our asses” quote or when that email was sent. (The New York Post, 9/18/2016)

However, the revelation that over 30,000 of Clinton’s emails were deleted occcurs in public comments by Clinton on March 10, 2015, so it seems probable the email is from shortly after that date, although this is not certain. The timing could be important, because the emails won’t actually be deleted from Clinton’s private server by PRN employee Paul Combetta until around March 31, 2015, three weeks after Clinton’s public claim that they were deleted.

March 11, 2015: A State Department inspector general report is released which refutes Clinton’s assertion made one day before.

Tom Blanton (Credit: NSA Archives / George Washington University)

Tom Blanton (Credit: NSA Archives / George Washington University)

On March 10, 2015, Clinton claimed that her decision to use a private email account “for convenience” didn’t interfere with the State Department’s ability to retrieve those emails later. But a March 11, 2015 inspector general report highlights how poorly the department has permanently archived emails. 

For instance, in 2011, only 61,156 department emails out of a billion were formally archived, a rate of far less than one percent. In 2013, the number—41,749—was even lower.

The report suggests that most employees “who did not use record emails as intended [said] they were usually unaware of what types of information should be saved as record emails. The department does not give employees adequate training to distinguish between information that should be preserved as records and information that may be discarded.” Furthermore, “Many interviewees expressed a fear that if participants in a debate knew that their opinions would be permanently recorded or accessible in searches, they would not express their opinions in an uninhibited manner.” (Politico, 3/11/2015)

Tom Blanton, director of the government’s National Security Archive, comments, “Just because [Clinton] sent to people at ‘state.gov’ addresses, it’s not at all a guarantee that it’s been preserved.” Additionally, “When an official leaves office, and most of her direct aides in fact have left the State Department, within 90 days the IT [information technology] folks at State wipe out their accounts unless there’s a special intervention.” (National Public Radio, 3/11/2015)

Between March 25 and 31, 2015: A Platte River Networks employee allegedly deletes all of Clinton’s emails and then wipes them to prevent their recovery, despite apparently having no clear order to do so.

Platte River Networks (PRN) is managing Clinton’s private server, and two PRN employees are occasionally working on it. Around December 2014, PRN employee Paul Combetta was told by one of Clinton’s lawyers (and her former chief of staff) Cheryl Mills to delete all copies of Clinton’s emails off Mills’ computer and the computer of another lawyer working for Clinton, Heather Samuelson. He did so. But he says he was also told by Mills to change the email retention policy on Clinton’s clintonemail.com email account so that Clinton’s unwanted “personal” emails would be deleted after 60 days, and he forgot to do that.

Combetta will be interviewed by the FBI on February 18, 2016. At that time, he will say that after a conference call between PRN and the staff of former President Bill Clinton on March 25, 2015, roughly between March 25 and 31, 2015, he will realize he forgot to make the change, but then will tell the FBI that he didn’t do anything about it.

However, Combetta will be interviewed by the FBI again on May 3, 2016, and his answers will change. This time, he will say he had what told the FBI was “an ‘oh shit’ moment.” Then, sometime between March 25 and 31, 2015, he deleted the Clinton archive mailbox from Clinton’s server. Furthermore, he used BleachBit to delete the exported .pst files he had created on the server system containing Clinton’s emails.

150326PlatteMontage

There are six employees leading PRN in 2015. From left to right they are Brent Allshouse, David DeCamillis, Treve Suavo, Sam Hickler, Craig Papke, and Dave Robinson (not pictured). (Credit: Linked In and Platte River Networks)

An FBI report will explain, “BleachBit is open source software that allows users to ‘shred’ files,” as well as other functions. “BleachBit’s ‘shred files’ function claims to securely erase files by overwriting data to make the data unrecoverable.”

Additionally, the FBI investigation will later find “evidence of these deletions and determined the Datto backups of the [Clinton’s] server were also manually deleted during this timeframe.” However, the FBI will not mention if they figured out who deleted the Datto back-ups, whether it is Combetta or someone else.

150326BleachBitSystemCleaner1.8

BleachBit System Cleaner 1.8 (Credit: BleachBit)

Note that Combetta was only asked by Mills to change the deletion policy on Clinton’s account, which would have deleted only her “personal” emails 60 days later. He actually immediately deleted all of her emails, including her work-related ones, and then used a program to make their later recovery impossible. It is not clear if anyone told him to do this, and if so who, or if he did it on his own.

Furthermore, Combetta took these actions even though Mills sent him (and others at PRN) an email on March 9, 2015, which mentioned how the House Benghazi Committee had requested to Clinton’s lawyers that all of Clinton’s emails should be preserved. In his first FBI interview, he will deny being aware of this. But in his second FBI interview, according to the FBI, at the time he made the deletions, “he was aware of the existence of the preservation request and the fact that it meant he should not disturb Clinton’s email data on [Clinton’s] server.” (Federal Bureau of Investigation, 9/2/2016)

Around Late March 2015: An Internet cloud back-up of Clinton’s server is deleted at this time, despite the company managing the server seemingly not knowing the cloud copy exists.

On November 19, 2015, an unnamed Datto executive will be interviewed by the FBI. Datto had provided back-up service and equipment to Platte Rivers Networks (PRN) when PRN was managing Clinton’s private server from June 2013 onwards. It will later be reported that in early August 2015, PRN employees discovered that in addition to a Datto back-up device attached to Clinton’s server, Datto had been also backing up Clinton’s server to the Internet “cloud.” Some internal PRN emails from early August 2015 show some employees acting surprised after being told about this.

A graphic of Datto's cloud structure. (Credit: Datto, Inc.)

A graphic of Datto’s cloud structure. (Credit: Datto, Inc.)

However, according to a later FBI summary of the Datto executive’s interview, he said that PRN must have known about the cloud back-up all along. “As evidence, [he] stated the partner portal, that PRN had log-in credentials to, had a feature displaying backed-up data an options to ‘delete cloud’ or ‘delete local.’ [He] stated PN would have seen their back-ups under ‘delete cloud.'”

More crucially, during the interview, the FBI will show him a Datto document “indicating email records were manually deleted from the Datto secure cloud back-ups of the [Clinton] server in March 2015.” He then will tell the FBI that it couldn’t have been a Datto employee who made the deletions, because there would have been a work ticket created showing that. Furthermore, IP addresses associated with the deletions indicate that someone from PRN must have done it, although PRN had a shared account so it can’t be proven who exactly made the deletions. (Federal Bureau of Investigation, 10/17/2016)

A Datto letter sent to the FBI in October 2015 will indicate that Datto technical experts reviewed administrative files and discovered through the device’s Internet interface that a series of deletions took place on the device on March 31, 2015, between 11:27 a.m. and 12:41 a.m. Furthermore, a much greater amount of data had been “deleted automatically based on the local device’s then-configured pruning parameters.” (US Congress, 9/12/2016) It is unclear if this refers to data deleted from the local Datto device or the Internet cloud back-up.

Although it is unknown who made these deletions, in a May 2016 FBI interview, PRN employee Paul Combetta will confess to deleting all of Clinton’s emails on her server as well as the Datto back-up device in precisely this time period, between March 25, 2015 and March 31, 2015.

April 12, 2015: Hillary Clinton launches her second presidential campaign.

Clinton launches her 2016 presidential campaign with a YouTube video on April 12, 2015. (Credit: CNN)

Clinton launches her 2016 presidential campaign with a YouTube video on April 12, 2015. (Credit: CNN)

She narrowly lost the Democratic nomination to Barack Obama in 2008. Due to her long and prominent political career, she immediately establishes herself as the frontrunner in the race for the Democratic nomination. (The New York Times, 4/13/2015) 

She resigns from the board of directors of the Clinton Foundation on the same day to avoid conflict of interest issues. (Politico, 4/12/2015)

May 15, 2015: Former Deputy CIA Director Michael Morrell says he believes some foreign intelligence agencies possess the contents of Clinton’s private email server.

Deputy CIA Director Michael Morrell (Credit: Time)

Deputy CIA Director Michael Morrell (Credit: Time)

He says, “I think that foreign intelligence services, the good ones, have everything on any unclassified network that the government uses.” (Politico, 5/15/2015) Morrell was acting CIA director twice under President Obama before retiring in 2013.

May 19, 2015: A federal judge orders the gradual release of all of Clinton’s work-related emails.

In response to a Freedom of Information Act (FOIA) lawsuit from Vice News, US District Judge Rudolph Contreras orders the State Department to release the over 30,000 Clinton emails from her time as secretary of state in small batches, with redactions of any classified information. The State Department says it will finish doing so by January 29, 2016. (The Washington Post, 3/27/2016

Over the next several months, the State Department will release 30,068 emails in 14 batches, with the final batch getting released one month late, on February 29, 2016. (The New York Times, 2/29/2016)

June 16, 2015: The House Benghazi Committee deposes Sid Blumenthal behind closed doors.

Sid Blumenthal on his way to testify before the House Benghazi Committee on June 16, 2015. (Credit: Reuters)

Sid Blumenthal on his way to testify before the House Benghazi Committee on June 16, 2015. (Credit: Reuters)

Blumenthal is a Clinton confidant, journalist, and Clinton Foundation employee. He gives the committee nearly 60 emails between him and Clinton about Benghazi and/or Libya that the committee didn’t have before. (CBS News, 6/16/2015) The emails will be publicly released one week later.

However, Committee head Trey Gowdy (R) will reject a request from the Committee’s Democrats and Blumenthal’s attorney to release a transcript of Blumenthal’s nearly nine-hour long testimony. Gowdy will say, “Releasing transcripts can impact the recollections of other witnesses, jeopardize the efficacy of the investigation, alert witnesses to lines of inquiry best not made public, and publicize personal information.” (The Hill, 6/22/2015)

June 25, 2015: The State Department is no longer sure Clinton turned over all her work-related emails.

Three days after the House Benghazi Committee released 60 newly uncovered emails between Clinton and Sid Blumenthal related to Libyan policy given to the committee by Blumenthal, the State Department announces Clinton didn’t provide them with the Blumenthal emails either. Clinton has claimed she gave all her work-related emails to the State Department. However, department officials say they are no longer certain she complied with their order to turn over all work emails.

The department confirms that ten emails and parts of five others from Blumenthal regarding Benghazi could not be located in their records, but that the 45 other, previously unreleased Libya-related Blumenthal emails published by the committee were in their records. When asked about the discrepancy, Clinton campaign spokesperson Nick Merrill seems to dispute it, saying, “She has turned over 55,000 pages of materials to the State Department, including all emails in her possession from Mr. Blumenthal.” (The Associated Press, 6/25/2015)

In August 2015, The New York Times will comment, “The Clinton campaign has not explained the discrepancy.” (The New York Times, 8/8/2015) More of Clinton’s work emails will be discovered later, including some found by the State Department. (The Hill, 3/24/2016)

July 10, 2015: The FBI’s Clinton investigation formally begins.

In September 2016, the FBI will reveal in a publicly released report, “On July 10, 2015, the Federal Bureau of Investigation (FBI) initiated a full investigation based upon a referral received from the US Intelligence Community Inspector General (ICIG), submitted in accordance with Section 81 1(c) of the Intelligence Authorization Act of 1995 and dated July 6, 2015, regarding the potential unauthorized transmission and storage of classified information on the personal email server of former Secretary of State Hillary Clinton. The FBI’s investigation focused on determining whether classified information was transmitted or stored on unclassified systems in violation of federal criminal statutes and whether classified information was compromised by unauthorized individuals, to include foreign governments or intelligence services, via cyber intrusion or other means.” (Federal Bureau of Investigation, 9/2/2016)

However, according to an account by CNN in August 2015, the FBI had already begun investigating Clinton’s emails in late May 2015, so presumably this merely formalized it. (CNN, 8/20/2015)

July 24, 2015: Many of Clinton’s emails contained classified information when they were sent, not just retroactively.

Intelligence Community Inspector General Charles McCullough and State Department Inspector General Steve Linick issue a joint statement about their inquiry into Clinton’s emails. The statement says that out of a random sample of 40 of Clinton’s emails, Linick found four emails containing information that should have been classified at the time they were sent. “These emails were not retroactively classified by the State Department; rather these emails contained classified information when they were generated and, according to [Intelligence Community] classification officials, that information remains classified today. This classified information should never have been transmitted via an unclassified personal system.” (US Department of State, 7/24/2015) 

One email will later be declassified by the State Department, and the department will dispute the classification of another one. (The Washington Post, 3/27/2016)

July 31, 2015: Clinton’s lawyer is asked to turn over his copies of Clinton’s emails.

A typical thumb drive, a.k.a. USB Drive (Credit: Tech Target)

A typical thumb drive, a.k.a. USB Drive (Credit: Tech Target)

On July 31, 2015, a Justice Department prosecutor calls Clinton’s personal lawyer David Kendall seeking a thumb drive that contained a copy of the 30,000 emails that Clinton had already turned over to the State Department, according to a person briefed about the conversation.

On August 6, 2015, Kendall gives the FBI his thumb drive, as well as two copies. (The Washington Post, 8/14/2015)

August 1, 2015—August 7, 2015: The company managing Clinton’s private server learns that another company has been making back-up copies of all the server data in the Internet “cloud” since 2013.

Clinton’s server has been managed by Platte River Networks (PRN) since June 2013. And since that time, PRN has subcontracted Datto, Inc. to make periodic back-ups of all the data on the server. PRN has thought that the back-ups have been only made through a device attached to the server called the Datto SIRIS S2000.

Sam Hickler (Credit: public domain)

Sam Hickler (Credit: public domain)

However, on August 1, 2015, an unnamed PRN employee notices that data from the server was possibly being sent to an off-site Datto location. On August 6, 2015,  Sam Hickler, PRN’s vice president of operations, contacts Datto employee Leif McKinley about this, CCing PRN employees Paul Combetta and Treve Suazo.

McKinley confirms that, due to a misunderstanding, Datto has been making periodic back-ups of the server data through the Internet “cloud” as well as locally through the device. Furthermore, periodic back-ups have been made this way since June 2013.

Treve Suazo (Credit: Platte River Networks)

Treve Suazo (Credit: Platte River Networks)

Suazo, the CEO of PRN, tells Datto on August 6, 2015, that “This is a problem.” This is because the Clinton Executive Services Corp. (CESC), the Clinton family company that hired PRN to manage the server, explicitly stated from the beginning that they didn’t want any remote back-ups to be made. Thus, PRN employees tell Datto not to delete whatever data was stored in the cloud, and instead work to get it back to the control of PRN.

On August 7, 2015, Datto and PRN employees discuss saving the data on a thumb drive and sending it to PRN. Then, according to an email from one unnamed PRN employee to another, they would have Datto “wipe [the data] from the cloud.”

This is according to a letter that will be sent in October 5, 2015 to Datto CEO Austin McChord by Senator Ron Johnson (R). Johnson is chair of the Senate Homeland Security and Government Affairs Committee, and is conducting oversight of the FBI’s Clinton email investigation. However, Johnson will be unable to determine what happened next, such as if the thumb drive was sent and the data was wiped. Furthermore, McChord will not be able to reveal that information to Johnson because Datto needs PRN’s permission to share that information and PRN won’t give it. (US Congress, 9/12/2016) (US Congress, 9/12/2016)

August 2, 2015: Tyler Drumheller, a former CIA officer, dies at 63 years of age of pancreatic cancer.

Tyler Drumheller (Credit: C-Span)

Tyler Drumheller (Credit: C-Span)

Although Drumheller retired from the CIA in 2005 after 25 years of service, he seems to have had access to intelligence information that got passed on to Clinton through emails sent to her by private citizen Sid Blumenthal. Drumheller and Blumenthal were business partners at least in 2011, and there are suspicions that during Clinton’s time as secretary of state, Blumenthal essentially ran a private intelligence service for Clinton using information from Drumheller. (The New York Times, 8/2/2015)

John Schindler, a former NSA counterintelligence officer, will later claim that Drumheller “was never particularly popular at CIA and he left Langley under something of a cloud. His emails to Mr. Blumenthal, which were forwarded to Ms. Clinton, were filled with espionage-flavored information about events in Libya. In many cases, Mr. Drumheller’s reports were formatted to look exactly like actual CIA reports, including attribution to named foreign intelligence agencies. How much of this was factual versus Mr. Drumheller embellishing his connections is unclear.” Schindler adds that answers to questions about Drumheller’s role may never be known due to his death. (The New York Observer, 10/19/2015)

August 8, 2015: Clinton writes under oath that she has provided the State Department all of her work-related emails that were on her personal email account she used while secretary of state.

Her short statement includes this sentence: “I have directed that all my emails on clintonemail.com in my custody that were or potentially were federal records be provided to the Department of State, and on information and belief, this has been done.”

150808HillaryOath

A sample of the document Clinton signed on August 8, 2015. (Credit: Politico)

That statement is a result of a Freedom of Information Act (FOIA) lawsuit brought by Judicial Watch against the State Department. Additionally, Clinton mentions in her statement that her top aide Huma Abedin also had an email account on her clintonemail.com server that “was used at times for government business,” but another top aide, Cheryl Mills, did not. (The New York Times, 8/10/2015) (Politico, 8/8/2015)

One month later, some more of Clinton’s work emails from her time as secretary of state will be discovered by the Defense Department. (The New York Times, 9/25/2015)

August 11, 2015: Clinton finally agrees to allow the Justice Department to investigate her private server, as well as thumb drives housing her work emails.

This comes after months of her refusing to hand it over. (The New York Times, 8/11/2015The old server is picked up by the FBI from the management of Platte River Networks (PRN) one day later. It is being kept at an Equinix data center in Secaucus, New Jersey, and it is picked up there.

However, the company transferred Clinton’s data to a new server, which is also being managed by PRN and is kept at the same data center. The FBI won’t pick up that one until October 2015.

After August 12, 2015: The FBI recovers some of Clinton’s deleted emails.

In March 2016, the Los Angeles Times will report that some time after the FBI took possession of Clinton’s private server on August 12, 2015, the FBI “has since recovered most, if not all, of the deleted correspondence, said a person familiar with the investigation.” Clinton deleted 31,830 emails, claiming they were not work-related. (The Los Angeles Times, 3/27/2016)

In a September 2016 FBI report, it will turn out that the FBI was able to recover about 17,500 of the deleted emails.

August 14, 2015: The FBI is trying to find out if foreign countries, especially China or Russia, broke into Clinton’s private server.

The New York Times reports that according to several unnamed US officials, “specially trained cybersecurity investigators will seek to determine whether Russian, Chinese, or other hackers breached the account or tried to transfer any of Mrs. Clinton’s emails…” (The New York Times, 8/14/2015)

August 17, 2015: A State Department official tells the FBI about 1,000 previously unknown emails between Clinton and David Petraeus.

Obama announces that he will nominate current CIA Director Leon Panetta as Secretary of Defense, Gen. David Petraeus as the next director of the CIA on April 11, 2011. (Credit: CNN)

Obama announces that he will nominate current CIA Director Leon Panetta as Secretary of Defense, and General David Petraeus as the next director of the CIA on April 11, 2011. (Credit: CNN)

An unnamed State Department official who works in the Office of Information Programs and Services (IPS) is interviewed by the FBI on this day. According to a later FBI summary of the interview, she claims that around August 10, 2015, just a week before the interview, “[redacted] from Office of the Secretary of Defense (OSD) called [her] and told her Centcom records showed approximately 1,000 work-related emails between Clinton’s personal email and General David Petraeus, former commander of Centcom and former director of the CIA. Most of those 1,000 emails were not believed to be included in the 30,000 emails that IPS was reviewing. Out of the 30,000 emails, IPS only had a few emails from or related to Petraeus…” She “recommended the FBI should talk with [redacted] regarding the alleged 1,000 emails between Clinton and Petraeus.” (Federal Bureau of Investigation, 9/23/2016)

On September 25, 2015, the New York Times will report on the existence of 19 work-related emails between Clinton and Petraeus sent in January 2009 that were not turned over when Clinton gave what she said was all her 30,000 work-related emails to the State Department in December 2014. Since that time, neither these 19 emails nor any other of the alleged 1,000 emails between them have been made public.

August 18, 2015: Clinton’s private server has recently been managed by a surprisingly small company with no special security features.

The door to the apartment where Platte River Networks was based until mid-2015. (Credit: Matthew Jonas - The Daily Mail)

The door to the apartment where PRN was based until mid-2015. (Credit: Matthew Jonas – The Daily Mail)

Platte River Networks (PRN) managed Clinton’s server from June 2013 until early August 2015. Former employee Tera Dadiotis calls it a “mom and pop shop.” She adds, “At the time I worked for them they wouldn’t have been equipped to work for Hilary Clinton because I don’t think they had the resources… [It was] not very high security, we didn’t even have an alarm. […] [W]e literally had our server racks in the bathroom. […] We only had the three owners and like eight employees. We didn’t do any work in other states.” PRN’s facility was a 1,900 square foot apartment in an ordinary apartment building until it moved into a larger space in June 2015. (The Daily Mail, 8/18/2015)

However, the security of PRN’s offfice may not have been directly relevant to Clinton’s server, because a 2016 FBI report will give no indication that her server was ever physically located at the office. It was put in an Equinix data center in New Jersey instead, and mostly managed remotely by PRN. (Federal Bureau of Investigation, 9/2/2016)

PRN also has ties to prominent Democrats. For instance, the company’s vice president of sales David DeCamillis is said to be a prominent supporter of Democratic politicians. He once offered to let Senator Joe Biden (D) stay in his house in 2008, not long before Biden became Obama’s vice president. The company also has done work for John Hickenlooper, the Democratic governor of Colorado.

Another former employee says everyone was told to keep quiet about the fact they were doing work for Clinton. (The Daily Mail, 8/18/2015)

August 19, 2015: Someone tried to wipe Clinton’s email server, but the FBI might recover the data anyway.

Clinton’s campaign has acknowledged “that there was an attempt to wipe [Clinton’s private] server before it was turned over last week to the FBI. But two sources with direct knowledge of the investigation told NBC News… that the [FBI] may be able to recover at least some data.” (NBC News, 8/19/2015) 

“Wiping” refers to repeatedly overwriting data with new data to make sure it can never be recovered. (The Washington Post, 9/12/2015)

In 2016, it be revealed that Paul Combetta, an employee of Platte River Networks, the company managing Clinton’s private server, deleted and then wiped Clinton’s emails in March 2015.

Cheryl Mills, Clinton’s lawyer and former chief of staff, will be interviewed by the FBI in April 2016 and will claim that she never knew Clinton’s emails were deleted or wiped, even though she was in communcation with Combetta shortly before and after when he did the deleting and wiping. Clinton will be interviewed by the FBI in July 2016, and will similarly claim that she never knew her emails were deleted orr wiped.

August 19, 2015: Former CIA and NSA director Hayden says Clinton’s behavior was “stupid,” “dangerous,” and probably illegal.

Michael Hayden, who was appointed director of the NSA by President Bill Clinton and then director of the CIA by President George W. Bush, says that Hillary Clinton’s “original sin is actually co-mingling [her] two accounts and not using a government e-mail server. […] [P]ut legality aside just for a second, it’s stupid and dangerous. […] Dangerous to her and to the Republic and to American secrets. But… I don’t even think it was legal. That has to be against policy. Look, most folks like me, I never had a smart phone until I left government because of the sensitivity of the information I would put on there even if it were unclassified.” (MSNBC, 8/19/2015)

August 19, 2015: Nobody in the company that managed Clinton’s private email server had any government security clearances.

A generic photo of a relatively low-cost server rack. (Credit: rackmountsolutions)

A generic photo of a relatively low-cost server rack. (Credit: rackmountsolutions)

Platte River Networks is a small Colorado-based technology company, and they managed Clinton’s server from mid-2013 to early August 2015. They had never had a federal government contract and did not work for political campaigns. Nearly all their clients are local businesses. David DeCamillis, the company’s vice president of sales, says that if they’d had any clue what might have resulted from accepting the contract, “we would never have taken it on.” (The Washington Post, 8/19/2016) 

Furthermore, Cindy McGovern, a Defense Department spokesperson, says that Platte River “is not cleared” to have access to classified material. (Business Insider, 8/17/2015) 

Cybersecurity expert Alex McGeorge believes that if classified information was mishandled, the onus is on Clinton, not on the company. “The fact that Platte River is not a cleared contractor is largely irrelevant, [since] they were handling what should have been unclassified email. That classified email may have been received by a server under their control is troubling, and they may have been less equipped to deal with it, but it is ultimately not their fault.” (Business Insider, 8/19/2016)

August 19, 2015: The State Department tells a judge that Clinton did not use a State Department issued or secure BlackBerry device.

Clinton checks her BlackBerry next to South Korea's foreign minister in Busan, South Korea, on November 30, 2011. (Credit: Saul Loeb / The Associated Press)

Clinton checks her BlackBerry next to South Korea’s foreign minister in Busan, South Korea, on November 30, 2011. (Credit: Saul Loeb / The Associated Press)

Furthermore, when Clinton aides Cheryl Mills and Huma Abedin left the State Department, their BlackBerrys were likely destroyed after they were returned to the government, since they were outdated models by that time. (Judicial Watch, 8/19/2015)

August 19, 2015: Clinton’s lawyer claims that all data, including Clinton’s emails, was erased from her server before it was turned over to the FBI.

150819ClintonTurnerKendallGetty

David Kendall (right) and Katherine Turner (left) sit behind Clinton during her testimony to the Benghazi committee on October 23, 2015. (Credit: Getty Images)

Lawyer David Kendall tells this to the Senate Homeland Security committee. He adds that both he and his office partner lawyer Katherine Turner had been given security clearances to handle a thumb drive containing some of Clinton’s emails, but he doesn’t say when. His comments don’t clarify if Clinton’s server was wiped or merely erased.

“Wiping” means that new data is written over the old data several times to make sure it can never be recovered. (The Guardian, 8/19/2015)