2009: The State Department rolls out an easy way to preserve emails for record keeping, but Clinton’s office elects not to use it and Clinton will later claim she never even heard of it.

Ernie Milner, division chief for SMART Testing and Implementation, and Kevin Gatlin, division chief for SMART Messaging, in the State Department SMART lab in Newington, VA. (Credit: American Diplomacy / University of North Carolina)

Ernie Milner, division chief for SMART Testing and Implementation, and Kevin Gatlin, division chief for SMART Messaging, in the State Department SMART lab in Newington, VA. (Credit: American Diplomacy / University of North Carolina)

In 2009, the first year Clinton is secretary of state, the State Department begins using the State Messaging and Archive Retrieval Toolset (SMART), which allows employees to electronically tag emails to preserve a copy for posterity. This allows employees to easily comply with record keeping regulations, instead of having to print out copies of each email.

Although most of the State Department starts using SMART in 2009; the Office of the Secretary elects not to use the SMART system to preserve emails, partly due to concerns that the system would “allow overly broad access to sensitive materials.” (This quote is from an FBI report, but the name of the official who said it is redacted.)

Representatives from the Executive Secretariat (which includes Clinton’s office) ask to be the last to receive the SMART rollout. Ultimately SMART is never used by the Executive Secretariat Office or Clinton for the rest of Clinton’s four-year tenure.

This leaves printing out each email as the only approved method by which the Clinton or her staff in the Office of the Secretary could preserve emails for record keeping. But when Clinton leaves office in February 2013, she won’t even do that.

Remarkably, when Clinton will be interviewed by the FBI in July 2016, the FBI summary will indicate: “Clinton was not aware how other State [Department] staff maintained their records and was unaware of State’s State Messaging and Archive Retrieval Toolset (SMART).” (Federal Bureau of Investigation, 9/2/2016)

SMART will have security and cost overrun problems for the rest of Clinton’s tenure, and beyond.

November 29, 2010: Clinton pledges improved communication security after the WikiLeaks leak, but the department remains highly vulnerable.

WikiLeaks Logo (Credit: WikiLeaks)

WikiLeaks Logo (Credit: WikiLeaks)

One day after WikiLeaks releases over 250,000 State Department cables, Clinton states, “I have directed that specific actions be taken at the State Department, in addition to new security safeguards at the Department of Defense and elsewhere to protect State Department information so that this kind of breach cannot and does not ever happen again.” (US Department of State, 11/29/2010

However, in October 2013, Buzzfeed will report that “The State Department’s communications system is operating without basic technical security measures in place, despite warnings about its vulnerabilities…” The system, called SMART (the State Messaging and Archive Retrieval Toolset), is used to share department communications, including the exact same kind of cables leaked by WikiLeaks. Buzzfeed further reports that its anonymous sources “say the failures have left thousands of cables and messages, including highly sensitive and classified ones, vulnerable to espionage or leaks for the last four years.” (Buzzfeed, 10/2/2013)

October 2, 2013: Three years after WikiLeaks leaked 250,000 State Department cables, the department’s communication system “is operating without basic technical security measures in place, despite warnings about its vulnerabilities…”

The SAIG Logo (Credit: public domain)

The SAIG Logo (Credit: public domain)

This is according to a BuzzFeed article. The system is known as SMART (the State Messaging and Archive Retrieval Toolset), and is used to share internal department documents, including the diplomatic cables made public by WikiLeaks. SMART is a two-tiered system, for both classified and unclassified information. SMART was launched in 2009, and the department has paid hundreds of millions of dollars to contractors for it, mostly to the company SAIC.

Unnamed sources “say the failures have left thousands of cables and messages, including highly sensitive and classified ones, vulnerable to espionage or leaks…” 

A former deputy program manager from one such contractor complains, “There is this attitude that security didn’t even come into the picture…I’m talking IT [information technology] security basics, standard fundamental things that a first-year admin would find.”

In 2012 and 2013, internal investigations revealed grave, unresolved security issues. “According to documents reviewed by BuzzFeed, several employees raised concerns starting from the beginning of the SMART rollout. They were told to not pursue the issue. Some were told, with stern overtones, that it wasn’t within their job descriptions to do so.” (Buzzfeed, 10/2/2013)