If Jeb Bush is elected president and appoints me Secretary of State, the first thing I will do is set up a private server to handle my official email correspondence. This is not because I expect to have anything to hide, but because I expect my email to be important, and I do not want my service to depend on the whims of the sorts of aggressively incompetent nincompoops who, in my experience, tend to populate the IT departments of large institutions.
The University of Rochester, where I work, provides email services to all its employees. I do not use those services. Instead, I own several Internet domains and manage my own email For all I know, the University IT center might currently be 100% nincompoop-free, but all past experience suggests that it’s unlikely to stay that way very long.
Yes, I realize that one is still at the mercy of one’s upstream providers. But I am here to tell you from experience that the frequency of outages and other disasters is now about 10% of what it was in the years when I was at the mercy of the IT managers.
I have absolutely no survey data on this, but I’m guessing that I’m pretty typical. Nobody else cares as much about my email as I do, so it makes sense for me to manage my own email. (You could argue otherwise if email management required significant effort or skill or knowledge, but it doesn’t.) Surely plenty of others have reached the same conclusion.
I am generally disinclined to grant politicians much benefit of the doubt, and though I aspire to apply that standard impartially, I might in fact be particularly cynical about politicians named Clinton. Nevertheless, I see nothing sinister in Mrs. Clinton’s email setup, which appears to me to be a simple exercise of prudence. Skydivers pack their own parachutes, carpenters maintain their own tools, and those of us whose lives revolve around our email are generally well advised to maintain control of it.
To be honest I have no idea about the ins and outs of this one. However, your position is a bit different from Clinton’s. The correspondence of federal officials is considered government records under federal law. The law probably does not say anything about your correspondence.
“You could argue otherwise if email management required significant effort or skill or knowledge, but it doesn’t.” Whilst general email management may not, it is likely that avoidance of hacking would entail considerable skill and knowledge, particularly if one is likely to be a target.
So the issues would seem to be:
1) Was Clinton by using a private email, preventing her correspondence form being part of the official records?
2) If so, was that the reason for doing it privately?
3) Did the private email have security risks?
If the motivation was like yours, to be able to keep control and not be at the mercy of nincompoops, then she seems to be guilty of a mistake. If the reason was to hide her correspondence then she seems to be guilty of duplicity.
If you were appointed Secretary of State, the law may prevent you from running your own email server for official business. Although with Jeb Bush as president maybe that would change pretty quick.
Professor Landsburg,
It is good to have you posting again. I was reassured by your comments on Mrs. Clinton. I am embarrassed to admit that I saw darker motives in her decision to retain control of her emails–it even occurred to me that Mrs. Clinton might be concealing, or delaying the release of, documents that would be embarrassing to her, or, worse, compromising. I now see, however, the validity of the “bureaucratic incompetence” explanation you advance and expect that your thoughts might be reflected in whatever personal comments she makes in the next several days. Regards, Chas Phillips
If it’s really a big deal to recover her email, perhaps the NSA can help.
I too, use a private email system in lieu of my work one. I completely sympathize with this argument. My system is forwarding-based, though, so all emails still go through the work server, and the outside observer cannot tell.
However, if my firm were subject to disclosure, it would be clear that a forwarding-rule was set up, and I would imagine my entire private emails would then be included in any requests. That is something I understand and accept by doing this.
For some reason Clinton avoided this by having personal assistants pre-screen the emails that went into FOIA requests. This is the unreasonable benefit she seems to have gained from this. If she were to open complete searchable access, I would feel that she is subject to the same rules I am. In fact I feel that as a government employee, her restrictions should be more than my own. However, as is, it seems she has avoided the natural repercussions of her decisions.
That is the crucial issue at stake. Of course, the media gets caught up in the milieu of marginal issues. Everyone has a shallower cutoff of allowances than you or we here do, of course. But the final straw is the same nonetheless.
And you probably registered the domain with your real name. She did not. In fact, she registered it under a name that is not in the public records (“Eric Hoteham”) so it is difficult to track the domain to her.
Tom, that could be the name of the person that did it for her, could it not?
ps: I, for one, am really happy to see Landsburg back in action, long time no see :) This post really shows Landsburg in his best. Making a point I never even considered (I had assigned evil motives to her), while at the same time, making me ensure if the post is tongue-in-cheek or not hehe.
Wow! It’s one thing to make fun of feminists but IT staff – even nincompoop IT personnel – can be dangerous.
Seriously? You think a privately set up email server is an appropriate place to conduct the business of state secrets? And you think that server is a good place for a person subject to the Federal Records Act to do business?
Ken: The question is not whether a private server is “good” or “appropriate”. The question is whether it is closer to being good and appropriate than the sort of thing you might get from a typical IT manager. In my experience, the answer to that is a resounding yes.
Quite. It’s a mystery: how is it, with the large budgets often allocated to them, that corporate IT cannot offer you a better or cheaper service than you can arrange for yourself? And not just e-mail, but software, hardware, and technical support?
I think the point is, her staff and underlings in government would be fired and possibly jailed, certainly lives ruined, for doing this. She skates. This just furthers the pattern of two legal systems.
Personally, I don’t think that’s good.
“The question is whether it is closer to being good and appropriate than the sort of thing you might get from a typical IT manager.”
Of course, this is exactly what I meant. Do you really think that the IT managers of classified networks are equivalent to the “typical IT manager”?
“In my experience, the answer to that is a resounding yes.”
Does your experience include working on networks that need to be secure enough to handle the highest levels of state secrets? If not, then I’d say your experiences can be discounted, if not outright discarded.
My Gmail accounts have treated me very well over the past 8 years. They seem to be nincompoop-free.
Steve, if you run your own domain and mail server, and use an email address at that domain for your primary email that grants access to all your accounts, that makes me very nervous. A hacker would only have to compromise your domain registration account, your DNS server, or your email server in order to take control of your email. Once they have your email, they would have access to almost all of your accounts.
With Gmail and two-factor authentication, I am hopeful that scenario is way less likely to happen.
I would imagine the question comes down to state secrets and the amount of resources devoted to protecting them. The US puts a great deal of emphasis on securing their email systems against foreign government. Most private users would not be likely to spend that kind of time or money.
i think this argument is laughable in any almost any context. this is a firable offense almost anywhere in corporate america. period. and i’ve seen people walked out for it.
government, especially in the state department, may just be a little more sensitive than say the latest marketing forecast spreadsheet, and it should be.
executives, even of the c-level persuasion, would never be exempt from this rule either.
and, yes, the clintons knew exactly what they were doing when they kept hillary from conducting business on the government servers where her emails would be subject to subpoena and foi requests because they couldn’t be “lost”, the current irs email scandal notwithstanding (loss of lerner’s email was clearly deliberate and not a credible defense).
also, what is your percentage of email would you say you encrypt?
apparently mrs. clinton’s was around precisely 0%.
shocking.
So assuming this was a deliberate strategy of insulation, the question is is she not as smart as she was supposed to be, or is she plenty smart enough to know this will blow over (timing of this might be deliberate as well)
You do not have the know-how to spy-proof an email server. You are essentially saying that you would make your emails available to foreign enemies. As a citizen, I agree with Foley that this is a firable offense.
I have never had an issue with my university (and later alumnus) email account in about 17 years.
Managing your own email seems like a poor idea. Surely it is not your field of comparative advantage.
Guys, no need to fuzz about it. She justifies herself here. The concern was not communication reliability as Landsburg hypothesised. It was about the “convenience” of having one email instead of two:
http://www.bloomberg.com/politics/articles/2015-03-10/hillary-clinton-says-her-use-of-private-e-mail-was-legal
“those of us whose lives revolve around our email”
Actually, she says she just gave a copy of all work related to the state dept. All other emails were deleted. There was only one email sent to a foreign individual. She says she communicated mostly by correspondence and telephone.
So how much weight does the fact her actions seem to have been obviously against the law, a violation of some clear regulations that she fired others for abusing, affect your analysis?
“Skydivers pack their own parachutes”
So, what is it that you think parachute riggers do all day?
“Guys, no need to fuzz about it. She justifies herself here. The concern was not communication reliability as Landsburg hypothesised. It was about the “convenience” of having one email instead of two”
Ricardo,
I hope this post was tongue-in-cheek. The idea that she absolutely had to carry more than 1 device would depend on State Department policy, but I suspect they have a secure email software/app to connect to her account via any device (at a minimum). This is a common requirement for corporate email users.
But this argument still essentially holds no water because it’s also very common to require that business in the corporate world be done on a secure, encrypted device. Again, I’m guessing the software that she used wasn’t encrypted, and the device itself wasn’t encrypted at any level. I’m curious as well if her device itself was secured by anything other than a finger swipe. I bet not.
In my opinion, the Secretary of State should have a secure phone and a secure email device, which could be one and the same, just separate from a personal device.
But yeah, carrying around two phones in a ladies’ handbag by a woman who probably has a several-person security detail at all times is a massive inconvenience.
The weakness in your argument Steve is that she has not simply handed over the server and all the files, or a copy thereof. All your arguments are made in prospect: there is less chance a screw up would occur, there would be fewer hassles if something happened. So let us grant that. You are better to trust to a private server. That does not imply she should have the prerogative to select which emails to provide to the auditors or the department. This is especially the case when she chose to break the rules to avail herself of this superior service. My failure to comply with a law cannot be used as a warrant for me to evade attempts to rectify any damage from my actions. And damage there was; the auditors’ ability to provide oversight and accountability is impaired.
I’ve never understood the “I don’t want to carry two devices” argument. Every smart phone I’ve ever seen can handle multiple email accounts. Certainly the built-in email programs in Android and iOS can handle this.
Steve, I also don’t find your argument compelling. I work with computer systems all day and wouldn’t consider trying to install, configure, secure, patch, and back up an email server. It’s easy to do a poor slap-dash job, much harder to do correctly and securely. The IT nincompoops aren’t really dumb, they just worry about a lot of things and (if we’re being honest) you personally are low on the priority list. Ms. Clinton would not be.
So it transpires that Clinton wiped the server clean. This suggests Steve is in error here: her concern was not to prevent the loss of emails at all.