What everyone with a Top Secret security clearance knows – or should know

August 3, 2015
U.S. Secretary of State Hillary Clinton attends the Fourth High Level Forum on Aid Effectiveness in Busan

U.S. Secretary of State Hillary Clinton checks her phone while sitting next to South Korean Foreign Minister Kim Sung-hwan (R) at the Fourth High Level Forum on Aid Effectiveness in Busan, South Korea, November 30, 2011. REUTERS/Saul Loeb/Pool

In the world of handling America’s secrets, words – classified, secure, retroactive – have special meanings. I held a Top Secret clearance at the State Department for 24 years and was regularly trained in protecting information as part of that privilege. Here is what some of those words mean in the context of former Secretary of State Hillary Clinton’s emails.

The Inspectors General for the State Department and the intelligence community issued a statement saying Clinton’s personal email system contained classified information. This information, they said, “should never have been transmitted via an unclassified personal system.” The same statement voiced concern that a thumb drive held by Clinton’s lawyer also contains this same secret data. Another report claims the U.S. intelligence community is bracing for the possibility that Clinton’s private email account contains multiple instances of classified information, with some data originating at the CIA and NSA.

A Clinton spokesperson responded that “Any released emails deemed classified by the administration have been done so after the fact, and not at the time they were transmitted.” Clinton claims unequivocally her email contained no classified information, and that no message carried any security marking, such as Confidential or Top Secret.

The key issue in play with Clinton is that it is a violation of national security to maintain classified information on an unclassified system.

Classified, secure, computer systems use a variety of electronic (often generically called TEMPESTed) measures coupled with physical security (special locks, shielded conduits for cabling, armed guards) that differentiate them from an unclassified system. Some of the protections are themselves classified, and unavailable in the private sector. Such standards of protection are highly unlikely to be fulfilled outside a specially designed government facility.

Yet even if retroactive classification was applied only after Clinton hit “send” (and State’s own Inspector General says it wasn’t), she is not off the hook.

What matters in the world of secrets is the information itself, which may or may not be marked “classified.” Employees at the highest levels of access are expected to apply the highest levels of judgment, based on the standards in Executive Order 13526. The government’s basic nondisclosure agreement makes clear the rule is “marked or unmarked classified information.”

In addition, the use of retroactive classification has been tested and approved by the courts, and employees are regularly held accountable for releasing information that was unclassified when they released it, but classified retroactively.

It is a way of doing business inside the government that may at first seem nonsensical, but in practice is essential for keeping secrets.

For example, if an employee were to be handed information sourced from an NSA intercept of a foreign government leader, somehow not marked as classified, she would be expected to recognize the sensitivity of the material itself and treat it as classified. In other cases, an employee might hear something sensitive and be expected to treat the information as classified. The emphasis throughout the classification system is not on strict legalities and coded markings, but on judgment. In essence, employees are required to know right from wrong. It is a duty, however subjective in appearance, one takes on in return for a security clearance.

“Not knowing” would be an unexpected defense from a person with years of government experience.

In addition to information sourced from intelligence, Clinton’s email may contain some back-and-forth discussions among trusted advisors. Such emails are among the most sensitive information inside State, and are otherwise always considered highly classified. Adversaries would very much like to know America’s bargaining strategy. The value of such information is why, for example, the NSA electronically monitored heads of state in Japan and Germany. The Freedom of Information Act recognizes the sensitivity of internal deliberation, and includes a specific exemption for such messages, blocking their release, even years after a decision occurred. If emails discussing policy or decisions were traded on an open network, that would be a serious concern.

The problem for Clinton may be particularly damaging. Every email sent within the State Department’s own systems contains a classification; an employee technically cannot hit “send” without one being applied. Just because Clinton chose to use her own hardware does not relieve her or her staff of this requirement.

Some may say even if Clinton committed security violations, there is no evidence the material got into the wrong hands – no blood, no foul. Legally that is irrelevant. Failing to safeguard information is the issue. It is not necessary to prove the information reached an adversary, or that an adversary did anything harmful with the information for a crime to have occurred. See the cases of Chelsea Manning, Edward Snowden, Jeff Sterling, Thomas Drake, John Kiriakou or even David Petraeus. The standard is “failure to protect” by itself.

None of these laws, rules, regulations or standards fall under the rubric of obscure legalities; they are drilled into persons holding a security clearance via formal training (mandatory yearly for State Department employees), and are common knowledge for the men and women who handle America’s most sensitive information. For those who use government computer systems, electronic tools enforce compliance and security personnel are quick to zero in on violations.

A mantra inside government is that protecting America’s secrets is everyone’s job. That was the standard against which I was measured throughout my career and the standard that should apply to everyone entrusted with classified information.



We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/

Exactly right. More than a few military personnel have found fines, jail time and unemployment over just such issues. The fact that the DOJ isn’t bringing charges simply shows that the law for the “little people” doesn’t seem to apply in this administration for anyone with a “D” after their name. Rogue goverments are illegitimate by definition.

Posted by AZWarrior | Report as abusive

Thank you, your article clears up a lot of why there is such controversy over what she did.

Posted by BadChicken | Report as abusive

Excellent presentation of a subject often mnisunderstood. OK, Attorney General, when does the American public see Hillary charged for what she did?

Posted by OneOfTheSheep | Report as abusive

The problem is that these people with access to confidential info are latter hired by big corporations domestic or foreign.

Posted by Macedonian | Report as abusive

Clear, concise … thank you, Peter.

Posted by aeci | Report as abusive

What you don’t say Peter is that she was allowed to use a personal email server in the first place because no restriction from the Obama admin existed. This is a huge hole in the state department guidelines, right? I mean how can she be prosecuted if she was allowed to set up a personal email server that contained state department emails?
The US government server systems are an unmitigated disaster – personal records of millions stolen by hackers, NSA leaks of hundreds of thousands of documents – you can’t seriously call out Clinton for the disaster that the Obama white house is regarding US secrets.

Posted by tribeUS | Report as abusive

Is the FBI under the command or influence of obama?

“Judge Andrew Napolitano: “Hillary Clinton Has Admitted To Destroying Evidence”
JUDGE ANDREW NAPOLITANO: She is in trouble legally if there is a prosecutor with the courage or authority to prosecute her because in addition to admitting that she
diverted government records from the government, in addition to admitting that
she put classified information in a non-classified venue, that is the crime in
which General Petraeus has agreed to plead guilty to. She now has admitted to
destroying subpoenaed evidence after she was on notice of the existence
subpoena. That’s known as obstruction of justice as well as destruction of the
documents. But none of her crimes will get to first base in terms of
prosecution without a prosecutor to pursue them…”

And obama will ensure a cover up.

Posted by 12751ShimsRd | Report as abusive

Have you noticed Hillary Clinton always says she has turned over 55,000 emails, but never says she has turned over ALL her emails?

Posted by ElWoody | Report as abusive

All of this posturing about security systems inherent in these agencies have one serious flaw. IT ALLOWED Clinton to use a private email address. I have never heard of someone getting hired by even a small company and then being allowed to conduct business on a private email address, far worse a private server. There is someone far more culpable here than Clinton. It appears that these security system and procedures that you describe dont exist in the real world or she would not have been able to have done this.

Posted by Wgone | Report as abusive

You seem to have assumed that Clinton SENT classified emails (rather than potentially RECEIVING them). That is counter to what Feinstein has said.

Posted by TwinkieDefense | Report as abusive

That Hillary is implying she did not know the emails were classified because they were not marked as such indicates a level of incompetence so high, this alone should finish her. Therefore, either she is extremely incompetent or she willfully violated the law.

Posted by Anonymous | Report as abusive

I’ve explained this same thing on more than one occasion…
It’s really simple.
A soldier, sailor or airman who is privy to some information and gets liquored up by Ivan and starts saying too much IS HELD RESPONSIBLE for what he says even though his words are not marked classified.
Sending that same kind of “saying too much” information in an email is absolutely no different.
“The emphasis throughout the classification system is not on strict legalities and coded markings, but on judgment. In essence, employees are required to know right from wrong. It is a duty, however subjective in appearance, one takes on in return for a security clearance.”
Mrs. Clinton failed.
Lock her up like you would any soldier, sailor or airman who let something slip… because she is dead guilty of letting information get into the wrong hands. She failed to protect this information as was her duty so to do.
End of story.

Posted by GZT | Report as abusive