Early June 2013—Early July 2013: Clinton’s server is relocated and then replaced by a new server, but the old server keeps running.

After Platte River Networks (PRN) is selected to manage Clinton’s private email server on May 31, 2013, the company decides to immediately relocate the server and then also replace it with a better one.

130601PlatteRiverFoundersPlatteRiverNetworks

The founders of Platte River Network: Brent Allshouse (left) and Treve Suavo (right). (Credit: Platte River Networks)

PRN assigns two employees to manage the new server (which will be the third server used by Clinton). The FBI will later redact the names of these two employees, but it is known that one of them works remotely from his home in some unnamed town and will handle the day-to-day administration of the server, and the other one works at PRN’s headquarters in Denver, Colorado, and handles all hardware installation and any required physical maintenance of the server. Media reports will later name the two employees as Paul Combetta, who works from Rhode Island, and Bill Thornton.

The employee at PRN’s headquarters (who logically would be Thorton) works with Clinton’s computer technician Bryan Pagliano to help with the transition. Around June 4, 2013, this person is granted administrator access to the server, as well as any accompanying services.

130601EquinixLogo

Equinix Logo (Credit: public domain)

On June 23, 2013, this person travels to Clinton’s house in Chappaqua, New York, shuts down the server, and transports it to a data center in Secaucus, New Jersey, run by Equinix, Inc. This older server will stay at the Equinix facility until it is given to the FBI on October 3, 2015.

The PRN headquarters employee (still likely to be Thornton) turns the old server back on in the Equinix data center so users can continue to access their email accounts. Then he spends a few days there setting up a new server. When he leaves, all the physical equipment for the new server is successfully installed except for an intrusion detection device, which Equinix installs later, once it gets shipped.

Meanwhile, the PRN employee who works remotely (Combetta) does his remote work to get the new server online. Around June 30, 2013, this employee begins to transfer all the email accounts from the old server to the new one. After several days, all email accounts hosted on the presidentclinton.com, wjcoffice.com, and clintonemail.com domains are transferred. However, PRN keeps the old server online at the Equinix data center along with the new server to ensure email continues to be delivered. But the old server no longer hosts email services for the Clintons.

According to an FBI report made public in September 2016, “The new Clinton email server hosted email for [Hillary] Clinton, President Clinton, [redacted], and their respective staffs.”

130601DellPowerEdgeR620

The Dell PowerEdge R620 (Credit: public domain)

This same FBI report will explain that the new server consists of the following equipment: “a Dell PowerEdge R620 server hosting four virtual machines, including four separate virtual machines for Microsoft Exchange email hosting, a BES for the management of BlackBerry devices, a domain controller to authenticate password requests, and an administrative server to manage the other three virtual machines, a Datto SfRlS 2000 to store onsite and remote backups of the server system, a CloudJacket device for intrusion prevention, two Dell switches, and two Fortinet Fortigate 80C firewalls.” (Federal Bureau of Investigation, 9/2/2016)

The FBI report will not make entirely clear what happens to the data on the old server. But a September 2015 Washington Post article will assert that after PRN moved all the data onto a new server, everything on the original server was deleted until it is “blank.” However, it was not wiped, which means having the old files overwritten several times with new data until they can never be recovered. (The Washington Post, 9/12/2015)

Late September 2014: Clinton’s lawyers are sent the rest of Clinton’s emails so they can finish sorting them.

In late July 2014, the State Department informally requested Clinton to provide all her work-related emails from when she was secretary of state. Cheryl Mills, one of Clinton’s lawyers (as well as her former chief of staff), then had Platte River Networks (PRN), the company managing Clinton’s private server, send her and Clinton lawyer Heather Samuelson copies of all of Clinton’s emails that were sent to or received from anyone with a .gov email address.

According to a later FBI report, in late September 2014, Mills and Samuelson then ask an unnamed PRN employee to send them all of Clinton’s emails from her tenure as secretary of state, including emails sent to or received from non-.gov email addresses. Mills and Samuelson will later tell the FBI that “this follow-up request was made to ensure their review captured all of the relevant.” The PRN employee does so. (Federal Bureau of Investigation, 9/2/2016)

Although the name of the PRN employee is unknown, the only two employees actively managing Clinton’s server at the time are Paul Combetta and Bill Thornton. Combetta sent the earrlier batch of emails in late July 2014.

March 2, 2015: The company managing Clinton’s server tightens security on the server after its existence is exposed.

On the morning of March 2, 2015, a front-page New York Times article reveals Clinton’s use of her own private email server. Platte River Networks (PRN) is managing the server.

Bill Thornton (Credit: public domain)

Bill Thornton (Credit: public domain)

Later in the day, PRN employee Bill Thornton writes in an internal company email, “I spent some time in their firewall just now locking everything down (pretty tight).” (The New York Post, 9/18/2016)

However, on March 4, 2015, an analysis of the server’s publicly visible settings will show it has a misconfigured encryption system. Further articles the next day will expose more security vulnerabilities.

PRN will make more changes to improve the server’s security around March 7, 2015.

August 12, 2015: The company managing Clinton’s private server is worried they will be blamed for a change of policy that results in the deletion of Clinton’s emails.

Platte River Networks (PRN) has been managing Clinton’s private email server. According to a New York Post article in September 2016, around August 2015, PRN wants to double check their behavior after media reports that the FBI is investigating Clinton’s server. “Company execs scrambled to find proof that Clinton’s reps had months earlier asked to cut the retention of emails from 60 days to 30 days.”

Paul Combetta (left) Bill Thornton (right) (Credit: AP)

Paul Combetta (left) Bill Thornton (right) (Credit: AP)

On August 12, 2015, PRN employee Bill Thornton writes, “OK, we may want to work with our attorneys to draft up something that absolves us of that question. I can only assume that will be the first and last question for us, ‘Why did we have backups of the system since the time of inception, then decide to cut them back to just 60 or 30 days?’ If we can get that from them in writing, I would feel a whole lot better about this.”

The other PRN employee who has been actively managing the Clinton account with Thornton, Bill Combetta, responds that he believes the request was made to PRN by phone.

An email exchange between the two on the same topic several days later will make clear that the Clinton representatives are employees of Clinton Executive Services Corp. (CESC) the Clinton family company that has been paying PRN. (The New York Post, 9/18/2016)

July 12, 2016: Congressional Republicans threatens subpoenas if the company that managed Clinton’s server fails to agree to employee interviews.

Treve Suazo (Credit: public domain)

Treve Suazo (Credit: public domain)

Representative Lamar Smith (R), the chair of the House Science, Space, and Technology Committee, and Senator Ron Johnson (R), the chair of the Senate Homeland Security Committee, jointly author a letter to Treve Suazo, the CEO of Platte River Networks (PRN). PRN is the company that managed Clinton’s private server from June 2013 until late 2015.

The letter notes that Johnson’s committee has been seeking to interview some PRN employees about the management and security of Clinton’s server since August 2015, while Smith’s has been asking to do the same since January 2016, but PRN has refused all interview requests.

The letter then asks again, specifically requesting to interview the following PRN employees:

  • Treve Suazo
  • Brent Allshouse
  • David DeCamillis
  • Paul Combetta
  • Sam Hickler
  • Bill Thornton
  • Craig Papke

The letter requests a response by July 26, 2016. If PRN does not comply, the letter threatens the use of the “compulsory process.” (US Congress, 7/22/2016)

Apparently, PRN will still refuse to agree, because on August 22, 2016 these committees will issue subpoenas for the interviews.

September 9, 2016: Congressional committees order five people involved with the management of Clinton’s private server to speak in a public hearing.

Representative Jason Chaffetz (R), the chair of the House Oversight and Government Reform Committee, orders two Platte River Networks (PRN) employees and three others to testify before a Congressional hearing, on September 13, 2016. PRN is the company that managed Clinton’s private server. The following people are ordered to appear:

Those subpoenaed to appear before the House Oversight committee are from left to right: Paul Combetta, Bryan Pagliano, Justin Cooper and Alex McChord and Bill Thornton. (Credits: public domain)

  • Paul Combetta. He is a PRN employee. On September 8, 2016, the New York Times revealed that Combetta deleted and wiped Clinton’s emails from her private server, and he also got an immunity deal from the Justice Department as part of the FBI’s Clinton email investigation. Congressional committees issued subpoenas for PRN interviews on August 22, 2016, after asking without coersion since September 2015.
  • Bill Thornton. He also is a PRN employee. The FBI’s final report indicated  two PRN employees worked on Clinton’s server, so it seems probable he is the other one.
  • Bryan Pagliano. He managed Clinton’s server until PRN took over. He was previously subpoenaed by the House Committee on Benghazi, but he pleaded the Fifth. However, he cooperated with the FBI after also getting an immunity deal.
  • Justin Cooper. He is a member of Bill Clinton’s staff and helped Pagliano manage the server.
  • Austin McChord. He is CEO of Datto, Inc. PRN subcontracted Datto to make back-up copies of the server. (The Wall Street Journal, 9/9/2016) (US Congress, 9/9/2016)

September 13, 2016: Two former managers of Clinton’s private server plead the Fifth before a Congressional hearing; one other fails to appear at all.

The House Oversight and Government Reform Committee holds a public hearing related to the management of Clinton’s private server. Four people associated with the management of Clinton’s private server had been served by Congressional subpoenas on September 8, 2016 to force them to testimony:

Paul Combetta (left) Bill Thornton (center) Justin Cooper (right) (Credit: CSpan)

Paul Combetta (left) Bill Thornton (center) Justin Cooper (right) (Credit: CSpan)

  • Bryan Pagliano, a former State Department employee who managed Clinton’s server while she was secretary of state. He defies the subpoena by failing to appear at all.
  • Justin Cooper, a former Bill Clinton aide who helped Pagliano manage the server. He does answer questions for nearly two hours at the hearing.
  • Paul Combetta, a Platte River Networks (PRN) employee, which managed the server from June 2013 until at least late 2015. He deleted and then wiped all of Clinton’s emails from her server. He fails to answer any questions and pleads the Fifth instead.
  • Bill Thornton, another PRN employee who managed the server with Combetta. He also to answer any questions and pleads the Fifth instead.

Pagliano’s lawyers have complained the hearing is politically biased and he will continue to refuse to participate. He has also failed to cooperate with another Congressional committee in 2015, a State Department inspector general’s investigation, and a deposition in a Freedom of Information Act (FOIA) lawsuit.

Representative Jason Chaffetz (R) says of Pagliano’s refusal to appear: “He made the decision not to be here and there are consequences for that. … We’ll look at the full range of options. If anybody is under any illusion I’m going to let go of this and let it sail off into the sunset they are very ill-advised.” However, he doesn’t specify what the penalties might be. (The Associated Press, 9/13/2016) (US Congress, 9/13/2016)

Austin McChord, the CEO of Datto, Inc., was also scheduled to appear, but there is no mention of him. Presumably, he is rescheduled for another hearing.