The State Department has had a policy in place since 2005 to warn officials against routine use of personal email accounts for government work, a regulation in force during Hillary Clinton’s tenure as secretary of state that appears to be at odds with her reliance on a private email for agency business, POLITICO has learned.

The policy, detailed in a manual for agency employees, adds clarity to an issue at the center of a growing controversy over Clinton’s reliance on a private email account. Aides to Clinton, as well as State Department officials, have suggested that she did nothing inappropriate because of fuzzy guidelines and lack of specific rules on when and how official documents had to be preserved during her years as secretary.


But the 2005 policy was described as one of several “clear cut” directives the agency’s own inspector general relied on to criticize the conduct of a U.S. ambassador who in 2012 was faulted for using email outside of the department’s official system.

“It is the Department’s general policy that normal day-to-day operations be conducted on an authorized [Automated Information System], which has the proper level of security control to provide nonrepudiation, authentication and encryption, to ensure confidentiality, integrity, and availability of the resident information,” the Department’s Foreign Affairs Manual states.

Spokespeople for the State Department and Clinton stressed earlier this week that the agency had “no prohibition” on the use of private email for work purposes.

Clinton said in a tweet Wednesday night that she wants the public to be able to see the emails she turned over to the State Department in December. But the agency said that a review process that includes seeing if the documents contain sensitive information could take some time to complete.

The 2005 policy says approved “telework solutions” satisfy the rule, which appears in a section of State Department regulations discussing “sensitive but unclassified” information — an extremely broad category of data. Former officials said a large volume of State Department paperwork and email falls into the swath of information known internally as “SBU.”

State Department rules say almost any information that could be withheld from a Freedom of Information Act request can be considered sensitive.

After this story was first published, a State Department official acknowledged the 2005 policy but emphasized that it is limited to records containing such sensitive information.

“Under State Department policy in the FAM referenced in news reports tonight, sensitive but unclassified information should be handled on a system with certain security requirements except in certain circumstances. That FAM policy pertains solely to SBU information,” the official said. “Reports claiming that by using personal email she is automatically out of step of that FAM are inaccurate.”

The official suggested it is possible a review the department is doing of a trove of emails Clinton returned to the agency in December at its request will conclude that none contains SBU information.

“We are not going to prejudge the outcome of the review of Secretary Clinton’s 55,000 pages of emails,” the official said.

White House Press Secretary Josh Earnest said Wednesday there was no doubt that some of the data in Clinton’s email would have been of a “sensitive” nature.

“I would stipulate that there is a substantial amount of sensitive information that is included in her email. I would stipulate to that,” Earnest said. He did not specifically address State’s SBU category.

It appears State Department guidance against use of personal e-mail accounts has not always been limited to so-called SBU information.

Fox News reported Thursday that in June 2011, the State Department sent a cable under Clinton’s name to all posts after Google reported that hackers believed to be in China were targeting e-mail accounts of prominent Americans.

The cable, titled “Securing Personal E-mail Accounts,” told diplomats: “Avoid conducting official Department business from your personal e-mail accounts.”

State’s email policy gained some attention when the agency’s inspector general issued a scathing report on the tenure of retired Air Force Maj. Gen. Scott Gration as U.S. ambassador to Kenya. The review, which led to his resignation three years ago, faulted him on a variety of grounds: one was having “a commercial Internet connection installed in his embassy office bathroom so he could work there on a laptop not connected to the Department email system.”

Another complaint the report leveled against Gration: “He drafted and distributed a mission policy authorizing himself and other mission personnel to use commercial email for daily communication of official government business.”

A State official who asked not to be named noted that the email issue was just one of a series of serious management shortcomings described in the 2012 inspector general report about U.S. Embassy operations in Kenya. The IG report was highlighted Thursday by the Weekly Standard.

The 2005 policy would also have been in effect during the tenure of former Secretary Condoleezza Rice. An aide to Rice said she rarely used email but always used department email for official communications.

Current Secretary John Kerry is the first head of the agency to primarily rely on a State.gov email account, the State official said.

State Department officials and Clinton aides have offered no response to questions in recent days about how her private email system was set up, what security measures it used, and whether anyone at the agency approved the arrangement. It’s unclear how such a system, run off an Internet domain apparently purchased by the Clinton family, could have won approval if the department’s policies were as the inspector general’s report describes them.

Clinton sent 55,000 pages of emails from her private account to the State Department in December, after State officials asked Clinton and other former secretaries to provide copies of any work-related email messages so they could be incorporated into the agency’s official record systems.

The former secretary said on Twitter Wednesday, “I want the public to see my email. I asked State to release them. They said they will review them for release as soon as possible.”

Republican lawmakers and open government advocates say they’d welcome disclosure of the emails, but are troubled by the still-opaque process used to sift through Clinton’s messages and determine which records are work-related. A State Department spokeswoman said that decision was made by Clinton aides.

“Former Secretary Clinton has left herself in the unique position of being the only one to determine what records the American people are entitled to. This has significant negative implications for transparency and government oversight, as well as for media and others who have a legitimate interest in understanding the Secretary’s time in office,” said Jamal Ware, spokesman for House Benghazi Committee Chairman Trey Gowdy (R-S.C.)

One proposal that seems to be gathering momentum is to bring in a neutral third party to pore through the full set of Clinton’s emails and determine whether the 55,000 pages turned over are truly all that relate to government matters.

“If the State Department is smart, they’ll task the inspector general to go through a sampling of Clintonemail.com and see if those are the only responsive emails,” said Tom Blanton of the National Security Archive, a group that gathers declassified government records.

In an interview Wednesday, Gowdy raised a similar possibility.

“You can do something unusual, which would be have a neutral arbiter, either a retired judge or retired archivist, go through and say this is a public record that should be turned over and this is responsive to the committee’s request,” he told Fox News.

Such an effort would require Clinton’s permission. A Clinton spokesman did not respond to a question Thursday about the proposal for a third-party review.

There is some precedent for such a review when sensitive records are involved. Some federal courts have blessed the idea of having a neutral magistrate sift through electronic records or medical records to ensure that privacy concerns unrelated to an investigation aren’t turned over to investigators.

But some Clinton critics indicated Thursday an outside review shouldn’t be necessary because the entire content of her account should be seized by the government.

“There seems to be an assumption that the account(s) at issue are her personal accounts,” said Tom Fitton of Judicial Watch. “On the contrary, these accounts, which were set up by the Secretary of State to conduct government business, are alias government accounts and should be treated as such….Rather than her private lawyers/campaign advisers reviewing the accounts and releasing material to the government, the agency should assert its ownership, secure the material and prohibit private parties from illicitly reviewing potentially classified and SBU material.”

While Clinton’s tweet Wednesday night signaled a clear desire to move past this controversy as quickly as possible, the State Department review process seems unlikely to sweep the issue off the political stage anytime soon.

“We expect the review to take several months given the sheer volume,” a senior State official said Thursday.

A person deeply familiar with the procedures State uses for such reviews said processing 55,000 pages of material would ordinarily take six months or more.

“Theoretically, there could be classified or classifiable information in the email,” said the source, who asked not to be named. “There are all sorts of other potential reasons [to redact information] like personal privacy and mundane questions of whether information is legally privileged or disclose information about foreign affairs that State doesn’t want disclosed….I think these things have to be looked at fairly closely.”

Clinton’s public request for the release appears to rule out holding back records on grounds of her privacy, but she has no authority to permit State to release personal information about other State officials or private citizens.

One way around such complications would be if a congressional committee obtained the 55,000 page set and released it. Congress isn’t bound by FOIA rules, so could release the data with fewer redactions.

Gowdy’s Benghazi committee probably doesn’t have authority to subpoena the full set held by State, but other panels with broader jurisdiction could.

Clinton might actually benefit from such a process because it could likely be completed faster than a State Department review.