The information about Hillary Clinton’s emails, her use of a personal email server housed in her home (the first Secretary of State to do that), her changing story about why she used unauthorized devices (first, she wanted the convenience of using one device, then it turned out she had over a dozen of them, some of which she says have been lost)—all this keeps dribbling out for many months. One might think, in homage to Senator Bernie Sanders, enough already about the emails. Yet, the news stories have kept coming as her supporters and opponents evaluate their role in her electoral defeat.

This comment is not about the question whether Secretary Clinton obstructed justice by destroying email and devices that contained information subject to various subpoenas. Instead, this comment is about a different issue—how the Government and the private sector normally treat confidential information. Yes, the private sector, because there is a large and complex body of federal regulations and law governing private industry and higher education on export control, to make sure that we do not unintentionally export intellectual property and the Federal Government does not want others to acquire.

First, let’s start with highest level of classification, SCIF. SCIF is an acronym, which stands for Sensitive Compartmented Information Facility. It is pronounced “skiff.” Anyone working in the federal government in any position anywhere near secret or classified information and anyone not in the government but working in a sensitive area, such as export controls, knows what it means.

Not all information goes into a SCIF, only the most sensitive. The SCIF is often an enclosed area within a building, a very secure room within a room. In some cases, an entire building may be a SCIF. Only people with high enough security clearance and “a need to know” may use the SCIF to review this very top-secret information. This information is called, Sensitive Compartmented Information (SCI). In common parlance, it is above normal top-secret information. John Schindler, a former National Security Agency analyst, counterintelligence officer, and War College professor, explains, “SCI always requires special protection and handling,” and “you’re only allowed to access it inside” a SCIF.

“Only those specially authorized can go inside a SCIF, with entry usually requiring a combination of pin numbers, access badges and biometric data.” This rule applies to everyone, even the president, who may only view SCI in a SCIF. For example, when the United States began operations against Libya, President Obama was in Brazil. The President needed to review top-secret information, so the U.S. Government set up a mobile SCIF in his hotel room. Though mobile, the government designs it to withstand eavesdropping, phone tapping and computer hacking. A more permanent SCIF, such as one at the Department of Defense about 10 feet from my office there when I was a consultant, looks from the outside like an impregnable, windowless, armored safe.

The government tries to make it as effortless as possible for high-level officials, such as the secretary of state, to use SCIFs. It built SCIFs in both Hillary Clinton’s Washington, D.C. home and in her home in Chappaqua, N.Y. She just had to take a short walk, insert the proper passwords and biometric data, and read documents.

This procedure had to be well known to Secretary Clinton. After eight years in the White House as First Lady (a time she adds to her experience in the federal government), she must have seen her husband take the walk to the SCIF many times. Perhaps she herself did that, as a First Lady who had security clearance. She also served eight years as Senator from New York, where she became a member of the Senate Armed Services Committee in 2003. She was a member of the Transformation Advisory Group, an expert panel that advises the U.S. Joint Forces Command on issues pertaining to the different branches of the military. She was the only senator in the group. Finally, on January 21, 2009, she became secretary of state and served four years, during which time she constantly had to read classified information in order to do her job. One could not believe that she had no idea what a SCIF is because during all that time before (and after) she became Secretary of State, she could not escape reading classified information unless she was a figurehead and out of the loop. She must have noticed the two ugly rooms in her two houses.

Yet, when the FBI questioned Secretary Clinton about these matters, she repeatedly told the FBI that she is, frankly, clueless about secret information. She told the FBI agents that she could not name a single example of how a document becomes classified. She also told the FBI agents she could not remember ever receiving training on how to handle classified material even though she personally signed a form acknowledging her training. She could not remember when she received her security clearance, or what that meant. She knew that she also gave some aides access to her unsecured and unauthorized email accounts but could not remember who had such access.

She had no idea, she said, that that a “C” on a document had anything to do with the status of that document. She said she did not know that “C” stands for classified or confidential. She claimed that the “C” must have stood for some alphabetical ranking in the email. She was remarkably uninterested why, in the purported alphabetizing of the documents that were labeled “C,” she never saw any “alphabetized” list that included A, B, or D documents. She told the FBI that did not know the difference between the government’s classifications of Top Secret, Secret, and Confidential.

We now know that she saw many “C” documents, in addition to the SCI documents. Julian Assange, head of WikiLeaks, said that WikiLeaks has already released thousands of cables showing Clinton’s signature with (C) next to it.

We know that Secretary Clinton actually told the FBI that it did not occur to her that she should keep secret “deliberations over a future drone strike.” She did not think, she says, that she should keep confidential information about whom the United States would target in the future.

Given that remarkable admission, it should not be a surprise that Clinton’s aide, Huma Abedin admitted to the FBI that Hillary Clinton did not treat the SCIF’s at her homes as secure. Abedin said, “the SCIF door at the Whitehaven residence [DC] was not always locked“ and the Chappaqua SCIF was not “secured.” The FBI found that Hillary Clinton sometimes just left the door of her Washington SCIF open. Similarly, her Chappaqua SCIF was also “not always secure.” We now know from the FBI reports that email information was already marked top secret at the time that Hillary Clinton received it on her home-brew server. We know now that Mrs. Clinton routinely forwarded classified emails to her maid (who had zero security clearance) and asked her to print out classified materials.

The other aides that Secretary Clinton hired were often as sloppy as Clinton was. In 2013, a top Clinton aide, Monica Hanley (called a “confidential assistant”) lost classified information while accompanying Secretary Clinton on a diplomatic trip to Moscow. Hanley left classified material behind in the Moscow hotel. She brought top-secret documents into a hotel room she shared with Secretary Clinton, and left them there when they checked out. A similar event occurred in Beijing, China in May 2010, when the Secret Service checked the hotel room used by an unnamed member of Clinton’s “senior staff.”

The FBI Director, when asked by Congress if Secretary Clinton gave at least 10 “non-cleared people access to classified information,” said yes. The State Department said, “top secret” means the information “could cause ‘exceptionally grave’ damage to national security if they are disclosed.” Diplomatic agents said these “documents should never have been in the suite,” in the first place, much less left behind. Hanley had authorized access to (but did not bother to use) the SCIF.

We know now that she stored 62,000 emails on her unauthorized email servers, and that over 2,000 of them contained classified information, “including some of the most sensitive national defense secrets—and the highly classified sources and methods for acquiring those secrets—maintained by our government.” She is the only high government official ever to have set up a private server, which she used for official and private emails. She used her private, insecure server for her entire time as Secretary of State. More emails from WikiLeaks showed that donations to the Clinton Foundation got you face time with the Secretary of State. Of the 57 top donors, 18 received ambassadorships. Perhaps Secretary Clinton regarded emails related to those appointments not related to the State Department but only related to the Clinton Foundation. She did not turn them over, but a hacker, Guccifer 2.0 did. A DNC email from a D.C. lawyer at Perkins Coie LLP bluntly talks of setting up a “very brief call to go over our process for handling donations from donors who have given us pay to play letters.” (Emphasis added.) In politics, “pay to play,” typically means that one must pay money to become a “player,” that is, to secure a federal office. It is called “payola” in the music industry. In both cases, it’s a crime. If a lawyer engages in pay to play, she is also subject to disbarment, because pay to play violates the Rule 7.6, ABA Rules of Professional Conduct, a rule that most states have adopted.

Treating confidential information as not confidential may assist our adversaries. For example, we now know that various emails to and from Hillary Clinton’s private, non-secure server disclose Chris Stevens’ location, movement, future meetings, and whereabouts in the months shortly before his death. John Christopher “Chris” Stevens was the U.S. Envoy to Libya murdered on 9/11/2012, the anniversary of 9/11. The evidence now indicates that the murder was not spontaneous but coordinated and planned in advance. The FBI Director said that Clinton’s use of her personal email abroad could have allowed “hostile actors” to access her account.

Did unsecure emails aid the attackers in tracking his whereabouts? One could hardly be surprised if that happened. We may never know for sure, because Secretary Clinton did not turn over the relevant emails, although they were under subpoena. The time line makes that clear. The New York Times broke the story of Hillary Clinton’s private email server on March 2, 2016, and the House subpoenaed them. She tweeted to the public, “I want the public to see my email.” That’s what she said publicly. Privately, however, her servers were wiped clean March 25 and 31. On August 18, when asked if she wiped her servers before turning over what she had to the FBI, she feigned ignorance of computer terminology. She said, “Like with a cloth or something?”

Maybe Secretary Clinton is naïve and does not know what “wiping a computer” means, but she did know how to hire people to do the job professionally, and that is exactly what she did. We now know that before she turned over any information to the FBI, while she had in her possession information that was under subpoena, a computer expert she hired used BleachBit, a sophisticated computer program to destroy her records. “Sometime between March 25 and 31, 2015, the Platte River employee had an ‘Oh expletive moment’ that the files weren’t deleted. He told the FBI that he then ‘deleted the Clinton archive mailbox from the PRN server and used BleachBit to delete the exported .PST files he had created on the server system containing Clinton’s e-mails,” according to the FBI report.”

We do know that Hillary Clinton (or perhaps someone in her employ) tried to “destroy about 30 emails related to the 2012 Benghazi massacre.” The FBI was able to recover them, notwithstanding BleachBit. Other emails have not been recovered. What about the ones that the Government was able to recover from BleachBit? The Government has not released them (and may never release them), because they are too sensitive. Too sensitive for us to see, yet stored on an insecure, private server in the basement.

Outside of the Department of State, government officials treat top-secret information with more care or pay the price. For example, in 2012, Major Jason Brezler, a Marine, sent an email to fellow soldiers in Afghanistan to warm them about a corrupt Afghan police chief who was sexually enslaving young children. Brezler sent classified material from an unclassified email account. He said that he did not know the material was classified at the time he sent it. Still, the Marines threw him out of the military. The military dismissed Brezler, but others have suffered higher penalties for mishandling classified information. Recall that former Gen. David Petraeus kept classified information at home. He received a two-year probation and a $100,000 fine. Unlike Secretary of State Hillary Clinton, he did not claim that he had no training in how to handle classified information.

In 2005, President Clinton’s National Security Adviser, Sandy Berger, pled guilty to taking classified documents out of the National Archives and then lying about it. He avoided prison but paid a $10,000 fine and lost security clearance for three years. A CIA investigation discovered that John Deutch, Director of the CIA from May 1995 until December 1996, kept classified material at home. President Clinton pardoned Deutch before any criminal charges were filed.

In 2008, a Naval Reservist was charged with keeping some classified Army records (not high-level SCIF records) at his California home. The individual said his violation was unintentional, and the court accepted that, but still fined him $75,000 and revoked his security clearance. A State Department official, the U.S. Attorney charged, “had an absolute obligation to safeguard the classified information entrusted to him and utterly failed to do so.” The Court sentenced him to a year in prison.