“Hello, Dave. You have absolutely no clue how to deal with me, do you? Or even your email…“
Much-abused Ethics Alarms commenter Beth, a D.C. lawyer with impressively thick skin, provided a real service with her comment on today’s post on the widespread obscuring of the Clinton e-mail scandal. Scandal is the right word, even if somehow a plausible and fair conclusion is reached that Hillary didn’t breach national security laws. The incident is shameful, and Clinton’s refusal to acknowledge that is one of the many ways this episode indicts her character. Beth focuses on a systemic problem of which Clinton is a symptom: the government isn’t keeping up with the challenges posed by its increasing dependence on technology, and it can’t do that.
The public, most of whose interactions with technology is restricted to e-mails, games, social media and videos, if anything, has no idea the degree of competence and care complex organizations and the professions must devote to technology. The challenge is daunting, getting harder by the day, and may be hopeless, which is terrifying. The Obama Administration’s technology disasters, including the Edward Snowden affair, the OPM hack, the ridiculous failure of the Obamacare website and who knows what else they have managed to cover up, far exceed those of any previous administration. Most insiders I talk to are certain that far worse is on the way, and they know enough to be terrified. The public doesn’t understand how important the problem is, and therefore the news media ignores what it perceives as being uninteresting.
Here is Beth’s Comment of the Day on the post Journalism Ethics: The Washington Post Enables Disinformation Regarding Hillary’s Email Machinations:
What Clinton did was atrocious — our agencies need to lead this nation by example, and she was the head of the agency. But, all of our agencies are doing an awful job. There are policies in place that aren’t followed. And I can’t stress this last piece enough. Agencies draft policies, put them on a shelf, and never bother to hire people to update or actually enforce the policies. Further, there are insufficient protections in place — as demonstrated by the OPM data breach.
The reason that this will go nowhere, though, is that virtually nobody has figured out how to implement and actually follow data security policies. This is what I do every day. Nobody gets this right. My old company — one of the leaders in data security counseling — had a massive data breach and my personal information was compromised. My data was again compromised in the OPM breach. How can that be? The leader in data security AND the federal government allowed my SSN, address, and other PII (personal identifiable information) to go to Chinese hackers? Those should have been the most trustworthy entities to safeguard my information!
Do we need to do better? Heck yeah, we do. The private companies and government agencies I work with all struggle with this. And the government agencies are especially at risk because talented tech people can make vastly more money in the private sector, since there is such a need for their skills now. I approach this from the legal/compliance side, but even I am thinking of going back to get some additional certifications so I can advise on the technical side as well. That would translate into job security for life.
In short, because nobody understands this, Clinton isn’t going to be prosecuted. That doesn’t mean that this is fair or right, but we have a long way to go before people have even a basic understanding of this field. So, Clinton will get a pass.
Ethics Alarms 
I assume you mean thick skin?
My skin is always thinking Dan.
Thanks Jack for the shout out. Usually when I have the comment of the day it’s because you’re about to explain to me why I am wrong.
Why yes! I believe that WAS my intent! Thanks, you were the first one who mentioned it. Fixed.
Cyberspace-adapted echoes of “third-rate burglary” ever more ubiquitous…
The human element will ALWAYS trump systematic security safeguards, and the human element will (presumably) always be present. For that reason alone, I doubt we’ll ever create perfect data protection.
However, this data breach was obviously caused by human negligence (I can’t bear to call it an error) and egregious negligence at that. I don’t see how the fact that it is related to cyber-security muddies the waters that much. If Clinton walks away from this, it has much more to do with the actor than the play.
This version is “in the best light” for Clinton, because the risks of hackers and spillage is why classified information is restricted to separate systems, it takes either physical transferring of the data from one system to another or transcribing the data, either way it is an intentional act. It is set up that way because of the risk of hackers and such. It is about the best that can be done to protect our classified information but it still relies on people to not intentionally risk the information by putting it on a unclassified system.
Bit of a tangent, but I believe Bruce Schneier (cybersecurity expert, if there is one) nailed it when he described data – as in PII – as a toxic asset. Full context in his post at https://www.schneier.com/blog/archives/2016/03/data_is_a_toxic.html
HRC purportedly instructed underlings to strip off the classification markings and send them to her non-secure. I just don’t see how this is absolved by the alleged fact that government employees are careless, clueless, second-rate and hapless. My brother is a retired lifer Coastie who also worked for the Air Force in the Pentagon. He’s not an idiot and he is a follow the rules kind of guy (more so than his little brother).
What’s happened to all the FBI people irate about HRC’s conduct? They seem to have been silenced and replaced by CNN’s mysterious and all-knowing “Government spokesperson” who’s reading talking points generated by moveon.org and HRC’s campaign, maybe even Amanda Marcotte or Sally Kohn.
Beth is NOT absolving her. The general lack of understanding means that a number of people in power won’t want her held accountable, lest people notice that they aren’t doing much better. They aren’t without sin, so they aren’t going to throw stones. It may be a little excessively cynical on her part, since this is an exceptionally bad example and unusual in it’s nature. (a server in a bathroom? Really?)
I may disagree with Beth on many, many, things but this isn’t one of them. Some of the commenters here are excessively uncharitable in interpreting everything she writes. She has condemned HRC on this issue more than once I believe.
OB, saying that she’ll get away with it is hardly absolving her.
I guess I’m not close enough to D.C. to know first hand how inept and self-serving federal employees are.