Hillary Clinton’s use of personal email while serving as secretary of state raises serious questions about transparency and accountability.

Last night, the New York Times published a story explaining that Hillary Clinton exclusively used personal email during her four-year tenure as secretary of state.

Federal law governs how official records, including email, are managed to ensure that public records are preserved, and to help ensure that our freedom of information and other accountability laws reach official communications.

While it’s very early in what will undoubtedly spawn deeper reporting, the story raises some important questions:

Why would she do this?

Even as federal electronic record keeping is widely considered abysmal, there is shock at what Secretary Clinton did because the most likely explanation of her intent seems clear: She created a system designed to avoid accountability, potentially in violation of the law.

There have been some significant email accountability stories in recent years, from Sarah Palin to the Bush White House, Lois Lerner to Andrew Cuomo. This story is likely bigger for a number of reasons: Secretary Clinton apparently never used official email, she did it for four years, she did it as secretary of state and she created the email server just before becoming secretary of state. As both the Washington Post and Vox point out, this clarifies her intent — she was very likely evading accountability to avoid professional and political risk.

What was the security risk?

At the same time as the U.S. was involved in expansive efforts to undermine the technology that everyone relies on for secure communications (for example, undermining encryption standards, and forcing telecommunications companies to give the government access to private information) one of its most senior leaders was relying on a private email server for her communications.

The secretary of state is clearly subject to foreign surveillance, and given what we now know about the reach of government into all aspects of private technology, one has to wonder whether her communications were secure.

Did the White House know?

Is there any way that White House officials wouldn’t have noticed that Secretary Clinton’s emails were being sent from clintonemail.com? Did they never correspond via email? Did President Obama turn a blind eye?

Another stunning part of this story: Didn’t everyone that emailed with Clinton see her private email address? Was this an open secret in Washington among people close to the secretary of state? Did anyone try to blow the whistle, go to the press (before now), talk to Congress or the inspectors general?

What other damage has been done?

One reason that public officials are expected to use official email addresses is that it makes their correspondence subject to basic accountability requirements. How many FOIA requests were submitted for which responsive records existed, but were simply inaccessible because Clinton kept her emails in her own private system? Were there any other investigations or inquiries that were stymied because she decided her information should be held above the law?

As far as our shared expectation for the rule of law to apply equally to everyone, this story may do some damage, but it is also an opportunity. The profile and scale of this revelation may be an opportunity to create the enforcement authority that our records management laws need. Without such a response, though, and robust investigation into what happened, this revelation may only help usher in a Gilded Age of government accountability — where the most powerful people are able to put their careers above the law, and behind the curtain — even while they enforce a different standard on everyone else.

How widespread is it?

Given the variety of similar stories from other senior officials, this problem is probably very widespread. Hopefully there are some easy ways to determine whether senior officials are using their official email accounts at all. This wouldn’t guarantee that they don’t use other methods when they want to evade accountability, but at least it would show some basic deference to the law.

We’ve clearly got a long, long way to go to ensure federal records are managed properly. Hopefully this story provides a useful starting point for some of that work.

There’s clearly a lot of this story that we have yet to learn in the coming days, but how this situation is handled will go a long way in determining how our government handles its records, and whether our accountability laws apply evenly to everyone.