I have some disturbing news to share: Republicans might not be as deeply committed to proper email management as you’ve been led to believe.
During the campaign, the entire Republican Party argued that despite Hillary Clinton’s copious qualifications for the presidency, it would be unconscionably dangerous to let her anywhere near the Oval Office because she had used a private email account while she was secretary of state. Crowds at Republican events would chant “Lock her up!” whenever Clinton’s name was mentioned. In one debate, Donald Trump said to Clinton that if he were president, “You’d be in jail.” With FBI Director James Comey’s help, Trump and Republicans made Clinton’s use of private email the single most important issue of the 2016 presidential campaign.
Which is why this story from Tony Cook of the Indianapolis Star is so interesting:
Vice President Mike Pence routinely used a private email account to conduct public business as governor of Indiana, at times discussing sensitive matters and homeland security issues.
Emails released to IndyStar in response to a public records request show Pence communicated via his personal AOL account with top advisers on topics ranging from security gates at the governor’s residence to the state’s response to terror attacks across the globe. In one email, Pence’s top state homeland security adviser relayed an update from the FBI regarding the arrests of several men on federal terror-related charges.
Cyber-security experts say the emails raise concerns about whether such sensitive information was adequately protected from hackers, given that personal accounts like Pence’s are typically less secure than government email accounts. In fact, Pence’s personal account was hacked last summer.
Well, fancy that. When Mike Pence was debating Tim Kaine and said, “it’s important in this moment to remember that Hillary Clinton had a private server in her home that had classified information on it,” adding that “her private server was subject to being hacked” and “we could put cybersecurity first if we just make sure the next secretary of state doesn’t have a private server,” did he consider adding that he knew what he was talking about since he used an AOL account to talk about sensitive security matters and had himself been hacked?
The parallels don’t stop there. According to the article, “Pence’s office said his campaign hired outside counsel as he was departing as governor to review his AOL emails and transfer any involving public business to the state.” Which was exactly what Hillary Clinton did — and what Pence and Trump so vehemently criticized her for. When Trump invited the Russian government to hack Clinton’s email to recover what had been deleted, it was those personal emails he was talking about.
And Pence is not the only one: Scott Pruitt, President Trump’s Environmental Protection Agency administrator, not only used a private email account to conduct official business as attorney general of Oklahoma, he lied about it during his confirmation hearings.
Perhaps now that this has come out, Republicans will stop pretending that the email “issue” was anything more than a club to bludgeon Hillary Clinton with. The deep concern they expressed for cybersecurity was utterly insincere.
But this actually matters beyond the question of catching Republicans in the act of hypocrisy.
That’s because there are strong reasons to believe that the Trump administration is leaving sensitive information vulnerable and may not be complying with the Presidential Records Act, which mandates that White House staff members retain their communications — including their emails.
In late January, we learned that top White House officials, including Steve Bannon, Kellyanne Conway, Jared Kushner and Sean Spicer, were using email addresses from the Republican National Committee — with a private server! Once the story broke their addresses were deleted, but presumably had it remained secret, they would have continued to use them.
That’s not the only cybersecurity issue we still have to worry about. At the end of January, the New York Times reported that Trump was still using his old, unsecured Android phone, which is unbelievably reckless for the president of the United States. As Wired magazine put it, “All it takes is clicking on one malicious link or opening one untoward attachment — either of which can appear as though it were sent from a trusted source — to compromise the device. From there, the phone could be infected with malware that spies on the network the device is connected to, logs keystrokes, takes over the camera and microphone for surreptitious recording, and more.”
According to some reports, the phone is a Samsung Galaxy S3, which is five years old and is no longer supported with security patches.
Now maybe steps have been taken to secure Trump’s phone, though the White House hasn’t said anything to that effect. And maybe his aides are in full compliance with the Presidential Records Act, though we do know that some staffers were using a messaging app called Confide, which deletes messages after they’ve been read (Sean Spicer was reportedly angry about the use of this app, since it could be used to leak to reporters without leaving any trace). Maybe this White House is taking both its legal obligations and the security of its communications with the utmost seriousness, and there won’t be any problems from this point on.
But has it given us any reason to believe that?