Democratic presidential candidate Hillary Clinton has received criticism over her use of a private email server, which has already been discussed on this site. However, recently released emails add another important detail to the story: The state department turned off security measures in order to receive emails from Clinton's server. The emails were obtained by the conservative advocacy group Judicial Watch, which has an ongoing lawsuit against Clinton.
The emails reveal the State Department uses a filtering system called SMEX, which was created by the company Trend Micro. SMEX was supposed to filter out phishing attacks and other malicious emails. In emails from 2010 and 2011, Clinton and staff members discuss the problem that emails from Clinton's private server are being filtered out by SMEX. The emails express doubt that Trend Micro would update the version of SMEX being used by the State Department in order to deal with this issue. The State Department was using SMEX 8, while the latest version was SMEX 10 at that time. Since we only have emails from a limited period of time, it's not clear if any version of SMEX was ever updated to address the problem, but in the short-term at least, the State Department disabled filtering measures in order to receive Clinton's emails.
Other emails that were released hint at the security problems facing Clinton's server. One from January 2011 states that the server was shut down because someone was attempting to hack it, and a more ominous one from the very next day simply states, "Don't email hrc anything sensitive. I can explain more in person."
Aside from the security concerns this raises, TechDirt also argues that Clinton was using the private server to shield herself from Freedom of Information Act Requests(FOIA). A couple of the released emails hint at this possibility. In November of 2010, a Clinton aide suggests that she can avoid the filtering of her emails by using a state department email instead of her own private server. He states, "We should talk about putting you on state email or releasing your email to the department so you are not going to spam." Clinton responds by suggesting the creation of a separate account for work but she wants to make sure personal communications are not accessible. She replies, "Let's get separate address or device but I don't want any risk of the personal being accessible."
Apparently, Clinton did get a State Department email but rarely used it. In August of 2011, a Clinton IT person mentions that an official State Department email address was created for Clinton, but it had few emails and none more recent than January 2011. He also explicitly warns that emails sent on that account would be subject to FOIA requests. The email says, "We actually have an account previously set up: [email protected]. There are some old emails but none since Jan '11 -- we could get rid of them. You should be aware that any email would go through the Department's infrastructure and subject to FOIA searches."
Judicial Watch has also released deposition from Bryan Pagliano, a State Department IT person who is reported to have helped Clinton set up the server. Under the advice of counsel, Pagliano declined to answer every question that was asked about the email server. In some cases, the questions were claimed to be outside the scope of discovery, but frequently Pagliano invoked his fifth amendment right against self-incrimination. Judicial Watch is also seeking deposition from Clinton herself, but the request has not yet been approved.
Are you concerned that the State Department turned off security measures to receive Clinton's emails? Was Clinton trying to hide from the FOIA? Leave your comments below.