THE BLOG
11/05/2016 01:58 pm ET Updated Nov 06, 2017

Seeking a Context for "Hillarygate"

In a season of disturbingly ill-informed political dialogue, no topic has left the public with a more distorted understanding of the facts than the one which has taken center stage in the final days of the campaign: the handling of sensitive information by Secretary Clinton during her tenure as Secretary of State. There are five basic questions that need to be addressed to place Secretary Clinton's mistakes in context and determine how to weigh those mistakes in the larger decision of who to support for president.

1. When the word classified material is used, what are we talking about?

2. What are the procedures for those who must deal with classified information to communicate with one another about its meaning for the policies they are responsible for shaping?

3. How often do officials violate the best practices for handling classified material?

4. How significant were the Clinton violations?

5. How has the government responded to significant mistakes in the handling of classified material in recent history?

The federal government generates a stupendous amount of information each day that could be sensitive to our country's interest in one way or another. This information is collected in order to help those working on a wide array of government programs to be more effect in performing their assigned responsibilities. The collection of information that never reaches those who need it to better perform their duties is a complete waste of money. On the other hand information that is shared too broadly can often be an embarrassment and at times may compromise the safety of citizenry.

But almost every analysis that has been done of the government classification system has found that a large portion of the information that has been classified should not have been and a large portion of the information that should have initially been classified should have been declassified after time.

Security classification experts such as Thomas Blanton who directs the National Security Archive at George Washington University has testified before Congress that "50% to 90% of our national security secrets could be public with little or no damage to real security." His testimony is corroborated by the testimony of numerous officials who have access to the subject area such as former New Jersey Governor Tom Kean, who co-chaired the 9/11 commission. Kean has stated that "three-quarters of what I read that was classified shouldn't have been." Rodney McDaniel who was Secretary of the National Security Council under President Reagan estimated some years ago that only 10% of classification was for "legitimate protection of secrets."

Striking a proper balance between facilitating the needed dissemination of information and insuring its security is a continual struggle for those who must deal with it. Officials working to resolve pending policy choices frequently must decide whether to terminate a telephone conversation on an insecure phone line, deferring the conversation until it can take place over an encrypted phone or face to face in a secure location. When time period for decision making is short and the information which the parties need to discuss is of dubious sensitivity from a security perspective or has already appeared with some frequency in newspapers, best practices are often not adhered to.

That is not to say that best practices are not important or that there are not secrets that could do grave damage to our national interests if they were inappropriately handled. But the amount of potentially sensitive information that our government generates each day is so massive that it would require a huge bureaucracy rivaling the size of the current federal government to sift through it and make well considered determinations as to whether a particular piece of information should be classified and if so at what level. No one wants to pay for that and so we hobble along with a system that errs on the side of caution and consistently over classifies.

By the latest count there are 4.5 million people with federal security clearances but only a tiny fraction have access to a significant range of government information that is classified or information that is truly sensitive or would be significantly damaging if released. Those who do, live with significant burdens that those outside of the system do not generally appreciate. These include the careful cataloguing and safe storage of materials and the constant issue of what pieces of information can be discussed with which people and in what environment or over what type of communication system.
In the real world, the answers to those questions are rarely straight forward or easy to determine. If best practices were used in all instances with all pieces of classified information, government decision making and policy implementation would screech to an almost total standstill.

So given the system we have for defining what our secrets are and taking the necessary steps to protect them, how serious was the breach that occurred as a result of the decision by Secretary Clinton and her staff to use a private server intended to handle non classified official emails but which inevitably ended up including a number that were classified?

We cannot fully answer that question because ultimately none of the emails containing classified information leaked and so we don't know their content or the sensitivity of their subject matter. We also have no information indicating that they were intercepted by unfriendly parties so in real sense there was probably no real damage to American interests.

But it is none the less important to insure that people with access to sensitive information do the best job that they can in protecting that information whether bad practices result in the compromising of secrets or not. Secretary Clinton has admitted that she did not but how serious was her transgression and what would be the appropriate remedy for that transgression.

The answer to that question depends in part again on the sensitivity of the information. Although we do not know the content to the information in the emails, we do know what portion was classified and at what level. Of the 30,000 emails on the server, 110 had some type of classification associated with them but only 8 email chains contain information classified as "Top Secret". That means that 99.6 percent of the emails had no classified material and of the 0.4 percent with some form of classification only a fraction might have had real import. This is not to argue that there is no justification for classifying information as "Secret" or "Confidential" but rarely would the disclosure of such information have significant or lasting consequence to our national interests.

An example would be a diplomatic cable that I recently found on WikiLeaks which was classified "Secret". It was from more than a decade ago and indicated that a diplomat from a friendly Middle Eastern country had met with a delegation from neighboring country. That delegation did not believe that they had received the courtesy the deserved in a visit to a third country in the region. This kind of gossip can often be useful in the day to day world of diplomacy. The Foreign Service officer who picked up and reported this gossip was probably providing a useful tip to his colleagues and it was worthy inclusion in a cable and it was also appropriate that it be classified so as to protect the Foreign Service Officer and his source from being viewed as indiscrete. It is highly unlikely however that this message would result in measurable damage to our long term national interests if Russian or other foreign intelligence had intercepted it.

Further it is probable, based on the statistics cited above, that a number of the emails classified as "Top Secret" may not have contained sensitive information. Also important in determining the appropriate response to the mistakes made in the use of the case of the Clinton server is the fact that such a tiny portion of the emails contained information classified at any level. That clearly indicates that those using the system were making a serious effort to exclude such information from such communications. Historically, significant penalties have been applied only in instances when not only the information in question would have posed a significant threat to American interests but also when the information was deliberately and knowingly provided to individuals who were not supposed to see it.

One example of how security protocol violation has been handled in the past is a case I remember involving a former Congressional staffer who left his office without returning a number of very highly classified materials to the safe where they were they were required to be stored. He was unfortunate to have done that at when a security audit was performed on his office and as a result his clearance was suspended for an extended period forcing his superiors to reassign him to work on unclassified programs.

In a separate case, a State Department official provided a member of Congress with extremely sensitive information which the Member was not cleared to possess. Shortly after that, the Congressman used the information in a press conference which resulted in exposing a CIA foreign agent and completely compromising an ongoing intelligence operation. Again the government revoked the official's security clearance and he was forced to find employment elsewhere.

If the individual who compromises sensitive information or violates security protocols is a Member of Congress or a high ranking executive branch official, the formal suspension of a clearance for a stated period of time is often seen as impractical.

One of the nation's most famous and most damaging disclosures of classified information occurred in the wake of the 9/11 attacks. Senator Orrin Hatch who at the time was the Ranking Republican on the House Judiciary Committee with jurisdiction over the FBI and U.S. counter intelligence programs, told reporters hours after the attacks how the U.S. government had identified the perpetrators. "They have an intercept of some information that includes people associated with [Osama] bin Laden who acknowledged a couple of targets were hit"

He later told other reporters that the information had come from officials at the CIA and FBI. Following those disclosures, al Qaeda discontinued its use of the satellite phone that had allowed U.S. intelligence to track their activities for several years. In the following Congress which began in January of 2003, Hatch was selected by his Republican Colleagues to serve as Chairman of the Judiciary Committee.

In another instance, Richard Armitage, (one of the few people in the Bush 43 foreign policy team that I truly looked up to) made another serious blunder in discussing sensitive matters with reporters. Armitage, the Deputy Secretary of State under Collin Powell, revealed to columnist Robert Novak in a July, 2003 interview the identity of an undercover CIA officer named Valerie Plame. The revelation of her identity as an agent clearly compromised her ability to function as part of a sensitive on going operation and in all probability compromised the operation itself. Armitage also shared this information with Washington Post correspondent Bob Woodward. An investigation by the Justice Department determined that Armitage's mistake was inadvertent and no action was taken.

It should also be noted that Presidents and senior administration officials seem at times to follow their own judgment in whether to abide by government classification policy. In his book Plan of Attack, Bob Woodward describes a meeting between Vice President Richard Cheney, Secretary of Defense Donald Rumsfeld and Saudi Ambassador Prince Bandar bin Sultan who later became the head of Saudi intelligence services. During the meeting the Cheney and Rumsfeld show Bandar a map of the plan of attack--a map so secret that even the Speaker of the House would not be cleared to view it and a map that was explicitly labeled "No Foreign".

In another extraordinary transgression of rules governing the sharing of classified information during the Bush 43 Administration involved a foreign national named Ahmed Chalabi. Chalabi had been placed on the CIA payroll at the direction of Congressional Republicans. After only one year CIA rebelled saying that Chalabi was unreliable refused to continue his contract. Congressional Republicans then pressured the State Department to finance Chalabi but they soon rebelled and when the Bush 43 administration came to power in January of 2001, Chalabi was placed on the Defense Intelligence Agency's payroll.

At some point around the time of the invasion of Iraq, Chalabi was given extraordinarily sensitive information which seems likely to have come from one his strong supporters with in the Bush-Cheney inner circle. Chalabi, who was being openly promoted with in the Bush Administration the successor to Saddam Hussein was told that the U.S. had deciphered the Iranian diplomatic code. Later, U.S. intelligence intercepted a telephone conversation between Chalabi and senior Iranian officials in which Chalabi told them their encryption had been compromised.

There is no publically available information concerning any investigation as to who was responsible for giving Chalabi this information and there was no Congressional investigation into the matter. Following the Chalabi telephone conversation, Iran ceased using the compromised encryption. To date there is no publicly available assessment of the damage that this leak caused to American interests but it must have been massive. The leak clearly compromised U.S. efforts to counter Iran's persistent attempts to destabilize the new U.S. back government in Baghdad as well as U.S. efforts to negotiate limitations on Iran's nuclear program and the possible sale of equipment materials and technology to third countries or political entities. Clearly the leak resulted in a loss in our ability to monitor Iran's curb political, military and economic support to Hezbollah as well as the Assad regime in Syria.

As stated previously, there is a significant distinction between the way in which the U.S. Government has historically dealt with security breaches that occur as the result of carelessness or bad judgment and those in which officials deliberately decide to break rules of which they are obviously quite aware. One example is the case of former CIA Director, General George Petraeus.

In 2014 Petraeus confessed that he had over a period of time shared highly classified information from eight personal notebooks with his biographer and former girlfriend, Paula Broadwell--information that would have caused "exceptionally grave damage" to the United States if it had fallen into unfriendly hands according to the Department of Justice. The Washington Post reported that, "the notebooks contained code words for secret intelligence programs, the identities of covert officers, and information about war strategy and deliberative discussions with the National Security Council."

Petraeus and Broadwell concealed their communication by using a clever arrangement in which they shared a single email and would leave draft emails for each other to read without ever actually sending an email. While this helped them avoid detection, it left little doubt as to whether they were in deliberate violation of the law. Petraeus plead guilty to a misdemeanor as part of a plea bargain arraignment.

Another instance in which the knowing and willful violation of security procedures resulted in a criminal conviction involved former national security advisor Sandy Berger. In 2003, after he had departed his job at the White House, Berger smuggled from the national archives several copies of a classified report on the Clinton Administration's handling of the failed terrorist plots to attack U.S. targets during the millennium celebrations. Subsequently, he lied to investigators when questioned about the removal of the documents. Berger was sentenced to two years' probation, fined $50,000, required to serve 100 hours of community service and stripped of his security clearance for 3 years.

How do the mistakes made by Secretary Clinton in sending and receiving official emails stack up against these previous instances of mishandling classified information?

First of all, there was no evidence that the plan to utilize a privately maintained server was in anyway connected to providing classified information to any one not cleared to receive it. Secondly, as Director Comey pointed out in his July 5th news conference, all cases previously prosecuted involved "clearly intentional and willful mishandling of classified information; or vast quantities of materials exposed in such a way as to support an inference of intentional misconduct.

To the contrary, out of more than 30,000 emails examined, only 8 email chains contain information that was classified as "Top Secret" so clearly, as Secretary Clinton had earlier stated, significant effort was exercised to avoid sensitive topics in the email correspondence. It would not be dissimilar from the occasional mention of classified maters in telephone conversations on insecure lines, a bad practice but one which a large portion of those with regular access to classified material have at times been guilty.

Finally, unlike the unfortunate mistake of Richard Armitage, the disastrous revelations by Senator Spector or the horrific conveyance of information about the Iranian diplomatic code to Ahmed Chalabi, there is no evidence that the mishandling of the Clinton emails did any damage to anyone but her. Senator Hatch and Secretary Armitage were never rebuked or formerly punished for their lapses. Each suffered significant damage to their reputation and public standing but far less than the damage that has already been inflicted on Secretary Clinton.

So what will the FBI likely find among the emails recently discovered on the Abedin computer? No one knows. Director Comey himself stated in a communication with FBI staff, "We don't know the significance of this newly discovered collection of emails." In all likelihood it will be more of the same. Will these emails contain evidence of the "willful mishandling of classified information," that the tens of thousands of emails already examined did not? That would seem highly unlikely.

The choice now facing the American people seems to be between someone who used poor judgment in establishing a secure and reliable means of communicating with her staff, a lapse of judgment that ultimately caused no known damage or someone who has exercised poor judgment on an extraordinary range of national security issues from the proliferation of nuclear weapons, to the diminishing of our core international alliances and the encouragement of foreign adversaries to covertly inject themselves into our electoral process. That does not appear to be a difficult choice.

(The author was an employee of the United States Congress for 31 years. During 24 of those years he held a Top Secret clearance and for a decade he held clearances at or near the highest levels. In addition he managed numerous staff with high level security clearances during that period and was responsible not only for his own use of classified materials but also that of his staff. He was also responsible for reviewing and revising the budgets of various agencies charged with collecting, classifying, sharing and securing sensitive information.)