Despite extraordinarily intense coverage of all aspects of Hillary Clinton’s emails, all commentary to date (to my knowledge), even the underlying FBI Report, has paid little to no attention to the destruction of Huma Abedin’s emails, also stored on the Clinton server. Further, even with the greatly increased interest in Huma’s emails arising from the discoveries on Anthony Weiner’s laptop, speculation has mostly focused on the potential connection to deleted Hillary emails, rather than the potentially much larger tranche of deleted Huma emails from the Clinton server (many of which would, in all probability, be connected to Hillary in any event.)

Both Hillary and Huma had clintonemail accounts. Huma was unique in that respect among Hillary’s coterie. (Chelsea Clinton, under the pseudonym of Diane Reynolds, was the only other person with a clintonemail address.)

The wiping and bleaching of the Clinton server and backups can be conclusively dated to late March 2015. All pst files for both Hillary and Huma’s accounts were deleted and bleached in that carnage. While an expurgated version of Hillary’s archive (her “work-related” emails) had been preserved at her lawyer’s office (thereby giving at least a talking-point against criticism), no corresponding version of Huma’s archive was preserved from the Clinton server.

Huma had accessed her clintonemail account through a web browser and, to her knowledge, had not kept a local copy on her own computer. So when Huma’s pst files were deleted from the Clinton server and backups, those were the only known copies of her clintonemail.com emails. When Huma was eventually asked by the State Department to provide any federal records “in her possession”, her lawyers took the position that emails on the Clinton server were not in Huma’s possession and made no attempt to search Huma’s account on the Clinton server (though such an attempt would have been fruitless by the time that they were involved). Huma’s ultimate production of non-gov emails was a meagre ~6K emails, while, in reality, the number of non-gov emails that she sent or received is likely to be an order of magnitude greater.

Hillary was also asked to return all federal records “in her possession”, but did not return Huma’s emails on the Clinton server. In today’s post, I’ll examine Hillary’s affidavit and answer to interrogatories in the Judicial Watch proceedings, both made under “penalty of perjury” to show the misdirection. You have to watch the pea very carefully

In respect to the ~600K emails recently discovered on the Anthony Weiner laptop, my surmise is that many, if not most, will derive from Huma’s unwitting backup of her clintonemail account prior to its March 2015 destruction on the Clinton server. In other words, the March 2015 destruction of pst files from the Clinton server included several hundred thousand Huma emails from her tenure at the State Department, over and about the 30K Hillary emails about “yoga”.

The Expurgated Version of Hillary’s Email Archive

At the time of their exit from the State Department, employees are required to sign a separation form (OF-109), formally confirming that they have returned all federal records, both classified and unclassified, and have not kept personal copies. The form lists multiple statutes, each with criminal penalties, and requires the exiting employee to confirm that they have been advised of and understand these penalties. Hillary does not appear to have signed an OF-109 form when she left the State Department in 2013, but it seems evident that the obligations listed in the form arise from the underlying legislation and not from the form itself.

On or about July 23, 2014, State Department employees gave Cheryl Mills a heads-up that Hillary’s private email address would be revealed in eight emails, scheduled to be delivered to the Benghazi Committee in August 2014. Mills then initiated a program for collation and culling emails from Hillary emails archived on the Clinton server, then operated by Platte River Networks (PRN). The culling was primarily carried out by Heather Samuelson, a lawyer working for Mills who, like Mills, had previously worked for Clinton at the State Department.

On November 12, 2014, nearly two years after Hillary’s departure, the State Department belatedly requested that Hillary provide them with a copy of federal records in her possession, via a letter to Mills in her capacity as Hillary’s “representative”. The letter stated that, “should your principal or his or her authorized representative be aware or become aware in the future of a federal record, such as an email sent or received on a personal email account while serving as Secretary of State, that a copy of this record be made available to the Department… We ask that a record be provided to the Department if there is reason to believe that it may not otherwise be preserved in the Department’s recordkeeping system”.

Working under the supervision and direction of Mills and David Kendall, Hillary’s outside lawyer, Samuelson had extracted a subset of approximately 30,000 “work-related” emails from approximately 62,000 emails said to have been stored on the Clinton server. This subset was returned to the State Department in paper form (55,000 pages) on December 5, 2014. Samuelson also created a corresponding pst file, which was placed on a thumb drive for Kendall, the thumb drive subsequently being turned over to the FBI on August 6, 2015.

Although (1) the State Department request had been for “federal records” in Hillary’s possession and (2) Huma’s emails were also federal records in Hillary’s possession (on the Clinton server), neither Mills nor Clinton took any steps to make a copy of Huma’s emails for review by counsel or otherwise produce them to the State Department.

March 2015: the destruction of pst files on the Clinton server and backups

After production of the expurgated version of Hillary’s emails, Mills directed Combetta of Platte River to change the retention policy on Hillary’s email account to 60 days – a change in policy which would have led to the cleansing of the archive by mid-February 2015. Mills’ request can be dated precisely to December 10, 2014 by a reddit query by Combetta, using the pseudonym stonetear – an identification discovered in September 2016 by Twitter commenter Katica. However, Combetta forgot to implement the 60-day policy, an oversight with important implications.

In January 2015, under Mills’ direction and authority, Combetta deleted and bleached all copies of pst files pertaining to the Hillary archive on the computers belonging to Samuelson and Mills.

Events began to accelerate on March 2, 2015, when the New York Times reported Hillary’s exclusive use of a private email address and server during her tenure at State.

The next day (March 3), the Benghazi Committee issued a comprehensive preservation order to Williams and Connolley, Hillary’s lawyers as follows:

1. Preserve all email, electronic documents and date (“electronic records”) created since January 1, 2009, that can be reasonably anticipated to be the subject to a request for production by the Committee. For the purpose of this request, “preserve” means taking reasonable steps to prevent the partial or full destruction, alteration, testing, deletion, shredding, incineration, wiping, relocation, migration, theft or mutation of electronic records, as well as negligent or intentional handling that would make such records incomplete or inaccessible;

2. Exercise reasonable efforts to identify and notify former employees and contractors who may have access to such electronic records that they are to be preserved; and

3. If it is the routine practice of any employee or contractor to destroy or otherwise alter such electronic records, either: halt such practices or arrange for the preservation of complete and accurate duplicates or copies of such records, suitable for production if requested.

The preservation order included a provision that ought to have turned off the 60 day policy that Mills had ordered as well as further deletions. The Benghazi Committee issued a subpoena the following day for documents pertaining to Benghazi.

Williams and Connolley do not appear to have notified Platte River of the preservation order until March 9, nearly a week later, when, according to the FBI report, Mills sent Platte River an email to which a notice from Kendall was attached. The language of Kendall’s notice was not disclosed in the FBI documents and it is therefore not possible to determine whether the notice exactly tracked the requirements of the order from the Committee.

Prior to notifying Platte River of the preservation order on March 9, Mills had already initiated contact with Platte River by email and telephone, including an attempt to inventory pst files on the PRN server, Pagliano Server and various backups on or about March 5. The FBI 302s document multiple different pst files related to the Hillary archive, all of which appear to have been extant at the time of Mills’ contact with Platte River on or about March 5, including the following files mentioned in the FBI 302s: “HRC archive – complete.pst”; “hrcarchive@clintonemail.com – HRC archive.ost”; “export.pst”; “HRC.gov.email.Archive.pst”; “HRC.gov.emails.pst” and “HRC gov emails.pst”. Doubtless, there were others. Pst files then existed on both the server and backup. The FBI 302s also noted the existence of a pst file for Huma’s yahoo and gmail accounts (“huma-gmail-yahoo.pst”), but did not discuss the pst file for Huma’s clintonemail account.

On March 5, there were three emails to Platte River about the Clinton server. The sender of the emails is not identified in the FBI 302s, but it seems likely that Mills was involved in one or more of the March 5 emails.

Platte River work tickets revealed that PRN employees traveled to the Equinix facility in New Jersey on March 7-8 to examine the predecessor server and backup then in storage at Equinix (Pagliano Server), following which they “confirmed” to Mills that there were no pst files remaining on the server. This server was later turned over by Kendall to the FBI on August 12, 2015.

On March 9, Mills sent an email to Platte River and employees, including Combetta, in which preservation instructions from Kendall were attached. In his February 2016 interview, Combetta denied knowledge of the preservation order, but in a subsequent interview in May 2016, Combetta admitted knowledge of the preservation request, saying that he interpreted it “as meaning he should not disturb CLINTON’s email data on the PRN server”.

Platte River work tickets show that Combetta did further work for Mills on March 10 and 12. Combetta’s implausible explanation to the FBI was that “MILLS did not have an account on the Server and he could not recall what work he might have done for MILLS” and that “MILLS occasionally contacted [Combetta] with problems related to her personal email account, so the work tickets may have been of that nature”.

On March 19, the Benghazi Committee formally requested that the Clinton server be turned over to an independent third party for examination of the supposedly “non-work-related” emails.

On March 25, Mills and/or Kendall sent two emails to Platte River and had a conference call with Platte River. According to the 302 for Combetta’s February 2016 interview, one of the March 25 emails referred to “backups”, a reference which Combetta purported not to recall. This reference was omitted from the FBI report itself. The FBI 302 went on to state that Combetta was advised by his attorney not to “answer any questions related to conversations with KENDALL based on [his] protections under the Fifth Amendment”. In his May 2016 interview (after receiving an immunity agreement), Combetta stated that “he could not recall the content of the call or the reference to backups in the email”. In the FBI Report itself, Combetta’s refusal to answer questions on his discussions with Mills and Kendall was incorrectly described as a refusal based on assertion of attorney-client privilege, but the interview notes attributed the refusal in the February interview to invocation of the 5th Amendment and lack of recollection in the May interview.

Platte River server logs show that on March 25 (presumably subsequent to the conference call with Mills and Kendall), the Platte Admin account was used to modify multiple mailboxes associated with Hillary’s emails (H, HDR29, and HRC Archive), with the HRC Archive mailbox being completely removed from the Exchange server. The changes on March 25 were described in the 302 as follows:

[Combetta] believed he had an ‘oh Shit moment and removed the HRC Archive mailbox. He also changed the mailbox retention policy from 30 days to 1 day, and cleaned the mailbox database because MILLS previously requested in late 2014 or early 2015 he change the retention policy for CLINTON and ABEDIN’s existing and ongoing email to 60 days. He removed the HRC Archive mailbox manually because all content in the mailbox was older than 60 days. [Combetta] changed the deleted items retention policy from 30 days to 1 day to ensure no email outside of the 60 days remained on the server and executed the Clean-MailboxDatabase command to clean whitespace within the database, similar to running a disk defragmentation. [Combetta] also enabled Circular Logging, but did not recall why he did so in this instance. He typically enabled it when importing email because Microsoft Exchange logs contain email that hasn’t been committed to a database. Circular Logging reduces the log file size by forcing Exchange to commit data to the database immediately,

Two days later (March 27), Kendall sent a letter to the Benghazi Committee, in which he made the surprising announcement that none of Hillary’s emails from her tenure at State Department remained on either the server or backup (thereby rendering moot their request for examination of the server):

The letter was immediately circulated to Hillary’s inner circle (see Podesta emails here) though, curiously, Hillary herself was not included in the distribution. The deletion of emails from the server was promptly reported by the New York Times (here) and Politico (here).

Ironically, Kendall’s statement was incorrect when made. Combetta had not erased all pst copies.

On March 31, Mills and Kendall had a further conference call with Platte River. Platte River work tickets and server logs for March 31 show more deletion of pst files, including “multiple manual deletions” from the Datto backup. In his second interview, Combetta “stated everyone at PRN has access to the Datto client portal”, but in his third interview, conceded that it was “unlikely anyone else at PRN would have deleted the files”. Combetta denied any recollection of performing the deletions or being asked to delete backups.

PRN logs also notoriously showed that Bleach Bit was applied to both the PRN administration server and exchange server on March 31. While the 302s did not provide timing relative to the conference call with Mills and Kendall, it seems a reasonable surmise that it was subsequent to the call. The FBI 302 (third interview) summarized the incident as follows:

After reviewing documents titled “Bleach Bit – PRN Admin Seryer and “Bleach Bit – Exchange Server” indicating the use of Bleach Bit on March 31, 2015, [Combetta] stated he checked the Exchange Server for remaining copies of CLINTON’s email. When he located a pst file, he used the most recent non-beta version of Bleach Bit available at the time to shred the pst files on the PRN server, but did not recall which pst files he found or removed. He did not wipe free space, encountered no errors, and viewed the folders to see if the files were gone, but did not take additional steps to confirm the deletions.

In his February 2016 interview, Combetta pleaded the 5th Amendment on his March 31 conference call with Mills and Kendall, as well as the March 25 conference call. In his February 2016 interview, Combetta said that he carried out the “action of his own accord based on his normal practices as an engineer”. In his May 2016 interview, Combetta said that he “did not talk with MILLS about the files he found and deleted”.

Mills was interviewed twice, first on April 9 and secondly on May 29. Mills appears to have agreed to her April interview on the understanding that she not be questioned about events subsequent to Hillary’s tenure at State (i.e. about the destruction of emails.) According to a contemporary press report, Mills stormed out of the first interview when it began to touch on 2014 procedures for culling “work-related” emails. In her second interview, Mills denied any involvement with the deletion of pst files by Platte River Employees as follows:

Note that Mills claimed here to have notified Platte River of preservation obligations prior to commissioning the trip to the Pagliano Server on May 7-8, though the date of her email containing Kendall’s preservation notice was not until March 9. Although Kendall was involved in the conference calls immediately prior to the destruction of pst files, the FBI does not appear to have interviewed Kendall.

It appears certain that pst files for Huma’s email were destroyed as part of the carnage on March 25 and/or March 31, 2015. The FBI does not seem to have turned its mind to questioning Combetta on the specific authority for the destruction of Huma’s emails, as distinct from Hillary’s emails. The most relevant comment appears to be the following from Combetta’s second interview:

[Combetta] does not recall who or when the conversation occurred, but someone from CESC told him at some point s/he did not want the pst files hanging around and wanted them off of the Server after the export.

Combetta’s wholesale destruction of pst files, without even paying attention to “which pst files he found or removed”, seems very much in the spirit of an instruction to destroy all the pst files.

By the time that the FBI seized the Clinton servers (August 2015 for the server used from 2009 to June 2013; October 2015 for the server used from June 2013 on), the pst file or files containing Huma’s emails had been bleached from the Clinton servers.

Huma’s Trick

When Huma left the State Department in February 2013, she signed a form OF-109 that she had returned all classified and unclassified federal records, assertions that were obviously untrue on multiple counts.

On March 11, 2015, following the publicity from the New York Times article and Benghazi Committee requests, the State Department belatedly asked Huma to “make available to the Department” any “federal record in your possession, such as an email sent or received on a personal email account while serving in your official capacity at the Department”. The State Department sent its request to the wrong addresses and Huma didn’t receive the letter until she initiated contact with the State Department in mid-May 2015.

When Huma received the State Department’s request, she gave (what she thought) were the relevant devices to her lawyers and the password to her clintonemail account and charged them with responding to the State Department request. Her lawyers (Rodriguez and Dunn) took the technical position that Huma’s emails on the Clinton server (huma@clintonemail) were not in Huma’s possession and thus not Huma’s responsibility to locate. This is clear from the following paragraph in the FBI 302 for the interview with Huma:

At the time of the review by Huma’s lawyers (July 2015), the Huma pst file on the Clinton server had almost certainly been already bleached. As a result, even if they had attempted to access her clintonemail.com account, they would not have recovered anything anyway. However, they did not do so and do not appear to have notified the State Department about potential Huma emails on the Clinton server that had not been produced.

Huma told the FBI in May 2016 (and her evidence on this seems plausible) that she had accessed her clintonemail account using a web browser and did not maintain a local copy:

In summer 2016, Huma’s lawyers produced a small number of non-gov emails (6,271) to the State Department – a number that was only a small fraction of the ~62K emails from Hillary’s clintonemail account. Huma’s failure to produce emails from her clintonemailcom account doesn’t seem to have troubled anyone at the State Department or FBI, who either didn’t notice or didn’t care.

Hillary’s Trick

The disappearance of Huma’s clintonemail emails was, however, an issue in Judicial Watch’s FOIA litigation (01363) in summer 2015, which eventually led to Hillary providing answers “under penalty of perjury”. Here, it is interesting to watch the pea carefully.

Judicial Watch’s FOIA action 01363 originated in a request for documents related to State Department permission for Huma to be employed by Teneo Consulting and the Clinton Foundation, while concurrently being employed by the State Department. The request had originally been filed in 2013 following the original news about Huma’s conflicting employments, but had been discontinued in 2014 without tangible results from the State Department.

When news of the private server broke in March 2015, Judicial Watch successfully applied for re-opening of the case, with an order being granted in May 2015. The State Department argued that they had any obligation to search records on the Clinton server, but, after fierce resistance, Judicial Watch managed to obtain an order from Judge Emmett Sullivan on July 31, 2015, which required that the State Department request each of Hillary, Huma and Cheryl Mills to give affidavits “under penalty of perjury” that they had returned all “responsive” federal records.

On August 5, 2015, Patrick Kennedy, Under-Secretary of State, accordingly wrote a letter to Kendall, in his capacity of Hillary’s lawyer, in which he first noted that the State Department had previously requested that Hillary provide it with “any federal record in her possession, such as an email sent or received on a personal email account while serving as Secretary of State, if there is reason to believe that it may not otherwise be preserved in the Department’s recordkeeping system”, and then notified Kendall of the court order in the Judicial Watch case, characterizing the request as follows: Hillary:

In response, on August 8, Hillary provided an affidavit which did not make the requested declaration that she had returned all federal records in her possession. Instead, Hillary made the different declaration that she had directed the return of “all my e-mails”, a sleight of hand which concealed the destruction of the Huma emails, also federal records which had been in Hillary’s possession:

Judicial Watch was alert to the misdirection and, in follow-up pleadings, drew attention to the lack of clarity about the outcome of the Huma emails on the Clinton server. They succeeded in obtaining an order for discovery (highly unusual in FOIA cases). It has taken over a year to obtain responses. They deposed Cheryl Mills and Huma Abedin earlier this year and, after continued obfuscation, were authorized to issue interrogatories to Hillary, which were sent to her on August 31, 2016. While several questions in the Judicial Watch interrogatories (especially questions 21,22,23 and 25) touch on the deletion of emails from the Clinton server, the interrogatories did not pose questions about the deletion of Huma’s emails as squarely as they might have, but did define the “clintonemail.com accounts” broadly enough to encompass the fact that both Huma and Hillary had accounts.

The response by Hillary and her lawyers (filed recently on October 14, 2016) took care to misdirect away from the destruction of Huma emails on the Clinton server using the same technique as the August 8, 2015 affidavit. Hillary’s lawyers slyly re-defined the scope of the “clintonemail.com account” to Hillary’s account only:

By doing so, they were then able to make assertions about the re-defined “clintonemail.com accounts” without discussing the fate of Huma’s clintonemail.com emails.

Hillary’s interview with the FBI took place in June 2016. She does not appear to have been asked particularly searching questions about events and, in any event, pleaded ignorance on all issues regarding the deletion of emails from the Clinton server.

The Emails on the Weiner Laptop

Just as the above trails were running cold, approximately 600K emails were discovered on Anthony Weiner’s laptop in an unrelated investigation. Some of these emails were traced back to the clintonemail domain, resulting in the FBI re-opening their investigation into mishandling of classified information on the Clinton server.

Information on the provenance of these emails is thus far sketchy, but the following seems plausible:

A source close to Anthony Weiner’s legal team tells Bret Baier that it seems the laptop containing those emails was used to backup his estranged wife’s Smartphone contacts. In the process, the computer apparently backed up all of the emails as well.

There has been speculation that they might include 32K Hillary emails that had been deleted. However, it seems to me that it is far more plausible that they will turn out to include (or even be) the Huma emails from clintonemail.com, accidentally backed up prior to their deletion from the Clinton server in March 2015.

As a start, it is logical that Huma’s email count would be much larger than Hillary’s simply from the nature of her job function. In the Podesta emails, there were approximately 3.5 times as many emails to/from Huma’s clintonemail address as to/from Hillary’s clintonemail address, but the ratio could easily have been considerably higher while they were at the State Department. There were ~62K emails in the Hillary clintonemail.com archive provided to her lawyers. Application of the Podesta ratio as a rule of thumb yields an estimated count of approximately 220,000 Huma emails. If all of the Weiner laptop emails came from Huma’s clintonemail account, the ratio would be approximately 10:1, a ratio that is not implausible.

The connection to climate

One of the best-known Climategate incidents involved the deletion of emails in order to avoid a FOIA request. Phil Jones notoriously emailed Michael Mann asking him: “Mike, Can you delete any emails you may have had with Keith re AR4? Keith will do likewise… Can you also email Gene [Wahl] and get him to do the same? I don’t have his new email address. We will be getting Caspar [Ammann] to do likewise. Cheers, Phil”. Mann cheerfully agreed, contacting Wahl who promptly destroyed the emails that worried Jones and Briffa.

As a result of researching potential U.S. legal issues in the Climategate email deletion, I discussed or mentioned an interesting U.S. case on obstruction of justice (U.S. v Quattrone) at Climate Audit on several occasions (most thoroughly in a post here on the Mann v Steyn libel case in 2014, but also in passing here and here). In the post on the Mann v Steyn libel case, I summarized U.S. v Quattrone as follows:

At the time, Quattrone’s firm was under SEC investigation for its handling of IPO trading. It was then relatively late in the calendar year and an administrator at his firm had sent a standard memo to all staff reminding them of the firm’s document retention policies and procedures. A few hours later, after learning of a leak of the investigation by the Wall Street Journal and being told to retain counsel, Quattrone sent an email to his staff endorsing the seemingly routine instruction as follows: “having been a key witness in a securities litigation case in south texas (miniscribe) i strongly advise you to follow these procedures”. Quattrone’s email was countermanded the following day by the firm’s legal department and no documents were deleted. Nonetheless, Quattrone was charged with obstruction of justice under pre-Sarbanes-Oxley section 1512. The case had a complicated history and went on for years. The key point for the present discussion [Mann’s role in the deletion of climate emails] is that an appeal court ruled that a trier of fact could have concluded that Quattrone acted with a “corrupt intent”, an element of the offence, even though, on its face, Quattrone was endorsing a legitimate request.

The Quattrone case has a remarkable connection to the present controversy: the DOJ attorney who had found corrupt intent in Quattrone’s actions was James Comey, the present director of the FBI.

Postscript

I originally became interested in the controversy over deletion of emails because the issue had arisen in Climategate controversy and I recalled Comey’s connection with the Quattrone case. When I examined the documents, I noticed the apparent sleight of hand on the fate of Huma Abedin’s emails on the Clinton server almost immediately. Dealing with climate scientists over the years teaches one to always watch the pea. I had been mulling whether or how to write it up, but the discovery of emails on Weiner’s laptop, together with resulting speculation, resulted in the topic becoming of more general interest and prompted me to write the present post.

I am fascinated by the present U.S. election. I once voted for the Rhinocerus Party in a Canadian election in which all parties seemed particularly unpalatable and, if I were an American, I would probably stay home or write in some obscure candidate. As a form of both reassurance and realism to U.S readers, regardless of which candidate wins, I suspect that it will matter much less to future governance than partisans hope on the one hand or fear on the other.



