Hillary Clinton has repeatedly claimed that her exclusive use of a personal email account was authorized. Why Clinton’s email problems are here to stay A new audit doesn't land a knockout punch but leaves lingering questions that could dog the Democratic front-runner.

A newly issued report on Hillary Clinton's use of a private email server flatly rejects one of her core defenses in the controversy — that she was playing by the rules.

And while the findings of the State Department Inspector General probe don't land any devastating blows against the Democratic front-runner, they provide ample grist to keep questions about her handling of the situation alive as the general election campaign gears up.


On the trail, Clinton has repeatedly claimed that her exclusive use of a personal email account during her four years as secretary of state was authorized by the rules in effect at the time, but investigators from the State Department's Office of Inspector General reached just the opposite conclusion.

"It was not prohibited. It was not in any way disallowed," Clinton said in a debate in March.

"Throughout Secretary Clinton's tenure, the [regulations] stated that normal day-to-day operations should be conducted on an authorized" email system, the report declared. And the inspector general found no evidence that anyone had ever authorized or approved Clinton's email setup.

The official watchdog's finding was hardly a shock, since federal records experts and Clinton critics have been saying for more than a year that her actions were at odds with the policies and best practices State issued to its personnel at the time.

Clinton's campaign claimed the report punctured several conspiracy theories about the email arrangement.

"We think there's a lot in this report that corroborates what we’ve been saying all along," spokesman Brian Fallon said on MSNBC on Wednesday.

However, details in the report stoke some lingering mysteries about the email imbroglio. The decision by Clinton and many of her senior aides not to cooperate with the inspector general investigation seems certain to compound those concerns and may have made it more difficult for investigators to get to the bottom of some of the unresolved issues, including whether concerns about Clinton's system were bottled up by top officials.

It's the kind of uncertainty that Clinton's political enemies are sure to try and exploit, including likely GOP presidential nominee Donald Trump, who's already pilloried her over the email saga and will likely find new ammunition in this report. "Not good," was his only comment on Wednesday, but his attacks are likely to intensify as the summer settles in.

She'll face the same from Republicans in Congress. "When she won't sit down with the inspector general, it's very hard to understand what she did and did not do," said House Oversight and Government Reform Committee Chairman Jason Chaffetz (R-Utah).

For her part, Clinton has pledged to cooperate with the ongoing FBI investigation into her email setup. Some of her aides have already spoke with FBI agents, who may be better positioned to clear up the remaining ambiguities.

Here are some key questions left unanswered and arguably fueled by the new report:

Did anyone approve Clinton’s email setup? Did someone falsely claim it was approved?

The inspector general report finds no documents or other proof that Clinton or anyone acting on her behalf sought or received approval from State Department legal or security officials for her private server setup. However, two computer support staffers in Clinton's office said they raised concerns about the arrangement, including that it might violate federal recordkeeping requirements.

One of those staffers said his boss, not named in the report but identified by sources and other records as Information Resources Management chief John Bentel, said the set-up had been approved by State's legal division. Both the staffers said they raised the issue separately with Bentel and he told them never to mention it again.

Fallon said he wasn't sure who the supervisor involved was but he appeared to be a career State official, not a political appointee. The spokesman also noted that numerous officials around the department knew Clinton's address.

"There were certainly no instructions given that this was something that should at all be kept secret," Fallon told MSNBC.

Bentel declined to be interviewed by the inspector general. POLITICO reported in March that he told House Benghazi Committee investigators he could not recall any discussion of Clinton's email server. Clinton's top aides also declined to be interviewed by the inspector general, so it's unclear if any of them were involved in discussions about legal approval for Clinton's server. Clinton's former chief of staff, Cheryl Mills, did tell the Benghazi panel that she was not aware of any approval request.

The report concludes that Clinton was obligated under department policies to seek approval for routine use of outside email. The investigators also note that top security and computer system managers said they would not have approved such a request.

The IG findings leave unresolved the question of why at least one staffer says he was told of legal approval for Clinton's system, whether such approval may have been informally granted or whether some misinformation on that point was accidentally — or deliberately — spread in the department.

Why did Clinton fail to turn over some work-related emails to State?

The watchdog report reveals a previously undisclosed email exchange between Clinton and deputy chief of staff Huma Abedin in which Clinton expressed concern that integrating her email into the State system could compromise her privacy.

"We should talk about putting you on state email or releasing your email to the department so you are not going to spam," Abedin wrote to Clinton in November 2010, nearly two years after she began using the Clintonemail.com address.

"Let's get separate address or device but I don't want any risk of the personal being accessible," Clinton replied.

The back-and-forth seems highly germane to the issue of whether Clinton's use of the private email setup was simply for "convenience," as she has claimed. But it was never released in the roughly 30,000 messages State made public after receiving them from Clinton in December 2014 at the agency's request. The inspector general report is vague about how State got the message, but it seems possible it arrived in batches of thousands of emails turned over by Abedin and other Clinton aides.

"We have found ... that there are additional emails out there," State spokesman Mark Toner told reporters on Wednesday asking about the discrepancy.

Toner said the email cited in the report is not the only one Clinton failed to turn over that turned up elsewhere, but he downplayed the situation.

"I don't think we have an estimate and I don't think it's a large number. I just think there are stray examples," he said. "It's not like there's some huge cache."

Republican lawmakers have long expressed doubts about the process Clinton used to separate her work-related emails from 32,000 allegedly personal ones that were erased. It's unclear whether her process failed to pick up the November 2010 message or whether she didn't have it in her archive because she erased it or due to some technical failure.

Clinton aides have acknowledged that they didn't have archives from the first few months of her tenure, but the message disclosed Wednesday was more than a year after that issue was believed to have been resolved.

Was her system hacked?

While Clinton has repeatedly said she had no indication that hackers managed to get into her email account, the new report provides fresh evidence that on separate occasions she and a close aide to President Bill Clinton involved in setting up the server became concerned that hacking attempts were underway.

In January 2011, President Clinton's aide Justin Cooper told Abedin via email that he'd shut down the server, which hosted accounts for the former president, the then-secretary of state, Abedin and others. "Someone was trying to hack us and while they did not get in i didnt [sic] want to let them have the chance to."

Cooper added later that same day: "We were attacked again so I shut [the server] down for a few min."

The next day, Abedin warned Mills and deputy chief of staff Jake Sullivan not to send Secretary Clinton "anything sensitive."

Four months later, two of Clinton's aides corresponded via email about Clinton's concern that someone was "hacking into her email," the report says.

The inspector general's office noted that none of the incidents were reported to State Department security officials, despite the fact that official policies call for reporting improper cybersecurity practices.

The Clinton campaign said Wednesday that the alarm bells sounded in 2011 still don't amount to proof that hackers got into her email account.

"There's no evidence that a successful hack was performed on the server," Fallon said on MSNBC.

Press reports have said that server logs show no successful intrusions, but since it's essentially impossible to prove that the server was not hacked, whether the server was breached is a question that may never be definitively resolved.