A new piece of evidence surfaced Wednesday night in the imbroglio over Hillary Clinton's controversial use of a private server and Blackberry during her time as Secretary of State: A friendly message from Colin Powell detailing how he had used his own unapproved devices and private email during his time as head of the State Department years earlier. The evidence hardly excuses Clinton for her own mishandling of sensitive, sometimes-classified data that FBI director James Comey has called "extremely careless," though not criminal. Instead, it shows how heads of government agencies have flouted tech security rules for years, long before Clinton's email troubles became a heated campaign issue. As anyone who has worked as an IT administrator knows: Powerful people do what they want with technology, even if it breaks security rules.
Shortly after she was sworn into office in 2009, Clinton emailed Powell, asking advice about how to keep using her Blackberry as secretary. In his response, Powell describes his own setup. "I [had] a computer that was hooked up to a private phone line....So I could communicate with a wide range of friends without going over the State Department servers," he wrote to Clinton. "I even used it to do business with some foreign leaders and some of the senior folks in the Department on their personal email accounts."
The email, which was dug up and released by House Oversight Committee leader Representative Elijah Cummings, doesn't reveal whether Powell ever used his private email setup to exchange classified documents, the worst offense of Clinton's IT misbehavior. An FBI investigation revealed that Clinton had used her private email server for dozens of conversations that included classified materials, including eight that included top secret information.
At another point in his email to Clinton, Powell describes his fight with security officials at the State Department, NSA and CIA over his use of a handheld devices known as PDAs or "personal digital assistants" in secure areas. "They gave me all kinds of nonsense about how they"---the devices---"gave out signals and could be read by spies, etc," he writes. "They never satisfied me and NSA/CIA wouldn't back off. So, we just went about our business and stopped asking. I had an ancient version of a PDA and used it." The "nonsense" Powell refers to no doubt included warnings that his minicomputer could be hacked---perhaps over cellular networks if it was one of the early smartphone PDAs---to act as a listening device.
Clinton similarly broke rules about keeping her Blackberry outside of secure areas, as detailed in FBI documents released Friday. Clinton would periodically store her Blackberry in a drawer inside the Sensitive Compartmentalized Information Facility, know as SCIF, that she used at the State Department, rather than leave it outside. Yet then-head of diplomatic security Eric Boswell told FBI investigators he'd never received any complaints about Clinton's Blackberry use.
When Powell's advice to Clinton was first revealed in part last month, Powell told People that Clinton's staff was "trying to pin the scandal on" him, and noted that Clinton had used her private email server for a year before asking his advice. But Representative Cummings, a Democrat, writes in a statement that his release of Powell's email isn't meant to cast blame on the earlier Secretary of State so much as show that Clinton was hardly alone in her habit of violating IT rules. "If Republicans were truly concerned with transparency, strengthening [the Freedom of Information Act], and preserving federal records, they would be attempting to recover Secretary Powell’s emails from AOL," he writes. "But they have taken no steps to do so despite the fact that this period — including the run-up to the Iraq War — was critical to our nation’s history.”
In one particularly ironic section of Powell's email, he warns Clinton of a "real danger": that her private email might become an official record and thus subject to transparency laws. "Be very careful," he adds. "I got around it by not saying much and not using systems that capture the data." There seems to be an unwitting lesson in that final advice---itself exposed through Congress's transparency powers. You can get away with plenty as Secretary of State. But if you're going to tell another Secretary of State how you got away with it, it's probably still wise to have that conversation in person.
