The Clinton Server/Email/Blackberry Scandal
ISOL 633 – Legal Regulations, Investigations and Compliance
HOMEWORK II – The Clinton Server/Email/Blackberry Scandal
Summer Main – 2016
Over the past year, a scandal has erupted over Former Secretary of State, Hillary Clinton’s
use of a private server during her tenure as Secretary of State which she had set up in her home,
and which she used exclusively to carry out U.S. State Department business, as well as her use of
a personal blackberry rather than a government issued communication device. The implications
of this related to cybersecurity is enormous. On the following pages are excerpts from the New
York Times and from Wikipedia related to this scandal.
You, in your capacity as cybersecurity professionals, may someday find yourself in an
employment position or as a consultant with the Federal government. It is imperative that you have
an overview of federal laws related to what U.S. government employees and officials may and
may not do as it relates to electronic communications, the need to protect electronic
communications, and to safeguard them from cyber threats.
A complete investigation and analysis of the Hillary Clinton email/personal server scandal
is an excellent learning experience for you. To that end please do the following:
1. Research completely the facts related to the Hillary Clinton home server/email/blackberry
scandal and give a thorough chronology of the facts as you understand them to be.
2. Explain how, if at all, Secretary of State, Clinton’s use of a home server/emails and
personal blackberry created potential cybersecurity threats. Include evidence of potential
breaches that you discovered through your research.
3. Outline the investigation(s) that have resulted from Secretary of State, Clinton’s, conduct
as it relates to her use of a personal server and blackberry.
4. Discuss to the best of your ability State Department protocol and procedures that Secretary
of State, Clinton, is believed to have violated, if any.
5. List and discuss to the best of your ability Federal laws and regulations that Secretary of
State, Clinton, is believed to have broken. For each, discuss the penalty for such violations.
6. Discuss the defenses that Secretary of State, Clinton, her supporters and legal staff have
raised in response to allegations that Secretary of State, Clinton, violated State Department
protocol and procedures and that she broke a number of federal laws.
7. Discuss how, in your opinion, the conduct of Secretary of State, Clinton, will (if at all)
impact the future of cybersecurity and cybersecurity laws in the United States.
8. Based upon the research you have conducted this semester related to Secretary of State,
Clinton’s conduct, and the laws you have researched, state your position as to whether you
believe that Secretary of State, Clinton, broke the law, and if so, which law(s), how she
broke them, and whether she should be prosecuted.
This assignment is due on August 19, 2016 at 11:30 p.m. NOTE THIS IS DIFFERENT FROM
THE SYLLABUS WHICH STATED THE ASSIGNMENT WAS DUE ON AUGUST 21,
2016. THE ASSIGNMENT IS DUE ON AUGUST 19, 2016 AS STATED IN CLASS AND
NOT ON AUGUST 21.
It is not necessary that you use any particular model formatting. However, your paper should be
submitted in a WORD format, using no less than a 1 inch margin, top, bottom, left and right.
Further the paper should be double spaced, and you should use subheadings where appropriate.
Cite all sources. You decide whether you will use endnotes or footnotes. Please include your name
and student id on your submission. You should plan to give your submission a title. Please
include page number on the bottom center of each page.
BELOW ARE DIRECT EXCERPTS FROM: New York Times; What We Know About Hillary Clinton’s
Private Email Server; by Alica Parlapiano, May 27, 2016;
http://www.nytimes.com/interactive/2016/05/27/us/politics/what-we-know-about-hillary-clintons-
private-email-server.html?_r=0
What Happened While Clinton
Was Secretary of State
January 2009
Mrs. Clinton becomes secretary of state and begins using hdr22@clintonmail.com, an
email account housed on a private server. At the time, the State Department’s policy
stated that “normal day-to-day operations” were to be conducted on an authorized
October 2009
Federal record-keeping guidelines for the use of personal accounts are tightened,
requiring that any such records be preserved in federal systems.
September 2012
A United States diplomatic outpost and a C.I.A. facility in Benghazi, Libya, are
attacked. Four Americans are killed.
December 2012
The chairman of the House Oversight Committee asks Mrs. Clinton in a letter if she has
used a private email account. She does not reply. The State Department later responds,
without answering the question.
February 2013
Mrs. Clinton leaves office. Four months later, State Department staff members
reviewing the Benghazi attacks discover correspondence, for the first time, between
her private email account and the government accounts of her immediate staff.
An Investigation Into the
Benghazi Attacks Puts More
Focus on Clinton’s Emails
Hearings on Benghazi spur the House speaker, John A. Boehner, to create a special
select committee to investigate the attacks and how the government responded.
Officials begin negotiating with Mrs. Clinton’s representatives, including her former
chief of staff, Cheryl D. Mills, to obtain all of her emails. Ms. Mills says Mrs. Clinton will
turn them over, but cautions that it will take some time.
The State Department provides the select committee on Benghazi with 15,000 pages of
documents, including a handful of emails from Mrs. Clinton, all from her private
account. The committee asks for the rest of the emails.
Clinton Hands Over Emails, and
They Are Eventually Made Public
December 2014
After a formal request by the State Department, Mrs. Clinton hands over 55,000 printed
pages of more than 30,000 emails.
January 2015
During a hearing of the Benghazi committee, State Department officials are criticized
for not providing all documents related to the investigation. Two weeks later, they hand
over roughly 900 pages of emails.
February and March 2015
Before The New York Times publishes an article about Mrs. Clinton’s personal email
account, the State Department tells committee investigators that she relied on it
exclusively as secretary of state. Soon after, Mrs. Clinton announces that she has asked
the State Department to release emails from the 30,000 she handed over, and says that
she deleted another 32,000 personal messages.
Mrs. Clinton announces her candidacy for president.
The State Department begins releasing several thousand pages of her emails, many of
them partly redacted. The releases continue until the last of the roughly
30,000 messages are made public in February 2016.
As the Campaign Continues,
Classified Information Is Discovered
Government investigators say they found classified information in emails from Mrs.
Clinton’s server. The emails were not marked classified at the time, and it is unclear if
Mrs. Clinton knew that the information was classified. The investigators refer the matter
to the Justice Department and shortly thereafter the F.B.I. opens an investigation.
January 2016
The State Department announces that it will not release 22 emails that contain “top
secret” material. The classifications of the emails were increased after the fact; they
were not marked when they were sent. Three days later, the first presidential primary is
held in Iowa.
The State Department’s inspector general releases a report criticizing Mrs. Clinton’s use
of the private server, saying that she should have asked for approval and that
she violated department policies by not surrendering her emails before leaving office.
How Many Investigations and
Legal Proceedings Are Happening?
F.B.I. investigation
An investigation by the F.B.I., which is expected to interview Mrs. Clinton, will
determine whether any laws were broken in the handling of classified information. The
investigation could drag on past the Democratic National Convention this summer.
Judicial Watch lawsuit
A conservative legal advocacy group, Judicial Watch, has brought a lawsuit against the
State Department under the Freedom of Information Act for records relating to the
special employment status of Mrs. Clinton’s top aide at the department, Huma Abedin.
Depositions are scheduled through the end of June, with Mrs. Clinton’s former chief of
staff, Ms. Mills, scheduled to testify.
Congressional and agency reports
The select committee on Benghazi interviewed Mrs. Clinton in October, and the
investigation is still in progress. Separate inquiries by the Senate Homeland Security
Committee, the Senate Judiciary Committee and the Inspector General of the
Intelligence Community may also result in reports.
New York Times; What We Know About Hillary Clinton’s Private Email Server; by Alica Parlapiano, May
27, 2016; http://www.nytimes.com/interactive/2016/05/27/us/politics/what-we-know-about-hillary-
clintons-private-email-server.html?_r=0
According to the New York Times, 30,322 emails have been released. Of those, 2,028
emails have since been classified “confidential,” the lowest level of classification;
65 have been classified secret; 22 have been classified “top secret” information; 18
communications with President Obama, to be held until he is out of office, and it is unknown
how many missing emails, some discovered when they were handed over to investigators by
people she corresponded with.
THE EXCERPTS BELOW ARE TAKEN DIRECTLY FROM: Wikipedia;
https://en.wikipedia.org/wiki/Hillary_Clinton_email_controversy , Hillary Clinton Email controversy. June 10, 2016
The Hillary Clinton email controversy began in earnest in March 2015, when it became
publicly known that Hillary Clinton, during her tenure as United States Secretary of State, had
exclusively used her family’s private email server for official communications, rather than official
State Department email accounts maintained on federal servers. Those official communications
included thousands of emails that would later be marked classified by the State Department.
Wikipedia; https://en.wikipedia.org/wiki/Hillary_Clinton_email_controversy , Hillary Clinton Email controversy.
Debate continues as to the propriety and legality of various aspects of Secretary Clinton’s
arrangement. Some experts, officials, and members of Congress have contended that her use of
private messaging system software and a private server, violated State Department protocols and
procedures, as well as federal laws and regulations governing recordkeeping.
Wikipedia; https://en.wikipedia.org/wiki/Hillary_Clinton_email_controversy, Hillary Clinton Email controversy.
Security experts such as Chris Soghoian believe that emails to and from Clinton may have
been at risk of hacking and foreign surveillance. Marc Maiffret, a cybersecurity expert, said that
the server had “amateur hour” vulnerabilities. For the first two months after Clinton was appointed
Secretary of State and began accessing mail on the server through her Blackberry, transmissions
to and from the server were apparently not encrypted. On March 29, 2009 a “digital certificate”
was obtained which would have permitted encryption.
Wikipedia; https://en.wikipedia.org/wiki/Hillary_Clinton_email_controversy , Hillary Clinton Email controversy.
Former Director of the Defense Intelligence Agency Michael T. Flynn, former United
States Secretary of Defense Robert Gates, and former deputy director of the Central Intelligence
Agency Michael Morell have said that it is likely that foreign governments were able to access the
information on Clinton’s server. Michael Hayden, former Director of the National Security
Agency, Principal Deputy Director of National Intelligence, and Director of the Central
Intelligence Agency said “I would lose all respect for a whole bunch of foreign intelligence
agencies if they weren’t sitting back, paging through the emails.”
Wikipedia; https://en.wikipedia.org/wiki/Hillary_Clinton_email_controversy , Hillary Clinton Email
controversy. June 10, 2016
Clinton’s server was configured to allow users to connect openly from the Internet and
control it remotely using Microsoft’s Remote Desktop Services. It is known that hackers in Russia
were aware of Clinton’s non-public email address as early as 2011. It is also known that Secretary
Clinton and her staff were aware of hacking attempts in 2011, and were worried about them.
Wikipedia; https://en.wikipedia.org/wiki/Hillary_Clinton_email_controversy , Hillary Clinton Email controversy.
In 2012, according to server records, a hacker in Serbia scanned Clinton’s Chappaqua
server at least twice, in August and in December 2012. It was unclear whether the hacker knew
the server belonged to Clinton, although it did identify itself as providing email services
for clintonemail.com. During 2014, Clinton’s server was the target of repeated intrusions
originating in Germany, China, and South Korea. Threat monitoring software on the server
blocked at least five such attempts. The software was installed in October 2013, and for three
months prior to that, no such software had been installed.
EXCERPTS TAKEN DIRECTLY FROM: WASHINGTON POST, MARCH 27, 2016;
https://www.washingtonpost.com/investigations/how-clintons-email-scandal-took-
root/2016/03/27/ee301168-e162-11e5-846c-10191d1fc4ec_story.html?tid=magnet
How Clinton’s email scandal took root
By Robert O’Harrow Jr. March 27
Hillary Clinton’s email problems began in her first days as secretary of state. She insisted on
using her personal BlackBerry for all her email communications, but she wasn’t allowed to take
the device into her seventh-floor suite of offices, a secure space known as Mahogany Row.
For Clinton, this was frustrating. As a political heavyweight and chief of the nation’s diplomatic
corps, she needed to manage a torrent of email to stay connected to colleagues, friends and
supporters. She hated having to put her BlackBerry into a lockbox before going into her own
Her aides and senior officials pushed to find a way to enable her to use the device in the secure
area. But their efforts unsettled the diplomatic security bureau, which was worried that foreign
intelligence services could hack her BlackBerry and transform it into a listening device.
On Feb. 17, 2009, less than a month into Clinton’s tenure, the issue came to a head. Department
security, intelligence and technology specialists, along with five officials from the National
Security Agency, gathered in a Mahogany Row conference room. They explained the risks to
Cheryl Mills, Clinton’s chief of staff, while also seeking “mitigation options” that would
accommodate Clinton’s wishes.
“The issue here is one of personal comfort,” one of the participants in that meeting, Donald Reid,
the department’s senior coordinator for security infrastructure, wrote afterward in an email that
described Clinton’s inner circle of advisers as “dedicated [BlackBerry] addicts.”
Clinton used her BlackBerry as the group continued looking for a solution. But unknown to
diplomatic security and technology officials at the department, there was another looming
communications vulnerability: Clinton’s BlackBerry was digitally tethered to a private email
server in the basement of her family home, some 260 miles to the north in Chappaqua, N.Y.,
documents and interviews show.
Those officials took no steps to protect the server against intruders and spies, because they
apparently were not told about it.
