Nikki Haley Used Insecure Email System To Discuss Classified Information
Lock her up?
A new report from The Daily Beast alleges that former U.S. Ambassador to the United Nations Nikki Haley used an unsecured email system to discuss classified information during her time in office:
North Korea had just tested an intercontinental ballistic missile capable of hitting Alaska, and the Trump administration was scrambling to react. But it seems Nikki Haley, Trump’s ambassador to the United Nations, had lost her password for classified communications.
That’s why on that fraught July 4, 2017, she was typing away on her BlackBerry 10 smartphone, sending “confidential” information over a system meant only for unclassified material.
Haley was in a rush as she headed to her office—“On my way in”—shooting emails back and forth with top aides who’d been with her since she was governor of South Carolina. She needed to make a statement, and they were drafting it for her. “Let’s clean this up,” she writes after looking at some of the copy. “Pretty this up for me,” she says.
The next day we discover what the problem is with her communications. “Can’t find my password for the high side,” she writes.
The stylistic suggestions and the apparent explanation for using less secure messages was in a trove of emails recently obtained under the Freedom of Information Act by the watchdog organization American Oversight.
But most of the content is blacked out—and the redactions note various classification criteria as exempt from FOIA requests, including the B1 category: “classified national defense and foreign relations information”; 1.4(B) “foreign government information”; and 1.4(D) “foreign relations or foreign activities of the United States, including confidential sources.”
For an administration obsessed with security lapses others have committed, and for a still-rising star in the Republican Party, this could be more than a little embarrassing.
“The American public has heard for years what the standard is for senior State Department officials mishandling classified information in their emails,” says Austin Evers, executive director at American Oversight, a self-described “nonpartisan, nonprofit ethics watchdog… investigating the Trump administration.”
“Ambassador Haley may have found it inconvenient to update her password,” Evers told The Daily Beast, “but, as we all know, ‘convenience’ is not an acceptable reason to skirt information security rules. She should be held to the same standard as everyone else.
What Halley did, of course, isn’t all that different from the manner in which Hillary Clinton handled classified information on her private email server while she was Secretary of State. This led, of course, to a rebuke from the Justice Department that characterized Clinton’s handling of classified information as “extremely careless,” although it did not result in the filing of any criminal charges. It’s also the same issue that led crowds at Trump rallies to chant “Lock Her Up!!” at the mere mention of Clinton’s name, something that continues to happen to this day even though the election is three years in the past and Clinton is not a candidate in 2020.
Will we see Haley treated the same way by Republicans?
Does anyone actually want to place a bet on that one?
The Republicans? How about the many posters here who were very vocal that Clinton’s low character led her to violate the standards in a way no one would ever have done? And faded into the background when it was revealed private emails were standard practice for the previous three SoS and top aides? And said nothing when it was revealed that not only did Colin Powell use his personal AOL account but that he wrote Clinton a letter specifically advising her not to use the archaic state department system but to follow his example and use a personal account? (By the way, when he left office Powell closed that AOL account and deleted every single one of his emails. )
IOKIYAR
It’s significantly different. Clinton was merely careless. Haley knew exactly what she was sending and why, and she still deliberately chose a non-secure means to transmit classified information.
@Mikey: The other difference is that there hasn’t been any evidence as far as I can recall that Clinton’s server was actually less secure than the proper method. Whereas Haley’s obviously is.
I totally get why Haley did that then. In her mind it was an emergency. She totally overreacted.
She forsook protocol for, in her mind, valid reasons.
In hindsight, it wasn’t an emergency, and she could and should have handled the situation better. The half hour she was on route was not as crucial as she supposed.
There are protocols for emergencies and people know how to react to a given situation regardless whether or not the hefty weight of the US Ambassador to the U.N. has provided input or not.
Her heart was in the right place, but her brain was totally absent.
Wait until you can communicate securely.
Realize that your role as U.N. Ambassador makes your input background noise at best in any rapidly unfolding situation.
Maybe we should choose professionals rather than political appointees for these roles and it would be a lesser issue going forward.
All of these ongoing revelations about careless communication (often e-mails, but not just) reinforces something that I thought during the HRC e-mail discussion: that careless communication is not some unique thing HRC did. That never meant to me that it excused her, but it put her behavior in context (and I will acknowledge having her own email server was a problem). That context lessens, to a substantial degree, the culpability that she had.
But I will add: people have done it AFTER HRC’s situation are beyond careless and have no excuses (even though I think it just is a continuation of the culture that allowed HRC to do what she did).
It’s impossible to embarras the shameless.
I get that mistakes are made, that people can be careless, and that we love to finger point. But what about taking a step towards actually fixing this problem, and replacing email and other electronic communication with a truly secure system? Just because technology cannot fix every problem doesn’t mean that nothing should be done.
@Kit: What came out in this was that the secure system you describe exists but it is so cumbersome it is impractical to actually use. More importantly, it is not supposed to be used for any important information. So if the SoS wants to send a message such as Haley’s it’s not supposed to go into email, secure system or not. The ten minute process of booting up the one secure computer and logging into the official system cannot be used for anything more important than “Am running a bit late. Have my side meet me at the airport.”
@Kit: My guess is that there are cost and practicality issues. For that matter, because of the way the government has to buy things, the feds are often well behind on the technology of the day.
Indeed, whether it is HRC, Haley, or even Sondland, there is a disconnect between our daily lives of instant communication and the realities of being secure.
That is a long way of saying “I agree, but don’t expect a solution anytime soon–and, indeed, expect this problem to persist” (and, really, to underscore that I think HRC got a bum deal on this particular topic)
@MarkedMan:
I don’t recall the criticism fading once it became clear there was no there there.
@Steven L. Taylor: I’m not blaming you, but if banks took that sort of attitude, no one would never bother with online banking. Then again, I guess we are only talking about state secrets and not of anything of real value…
Of course, we spend countless billions on cyber warfare and security, we profess outrage at whistleblowers like Snowden, we justify the government keeping its citizens in ignorance about what it’s up to, and yet we don’t care that half the government is left unlocked. I honestly wonder if other countries are so sloppy.
@MarkedMan:
I got that. But I still think an effective system should be a top priority. The NSA bemoans the fact that large portions of the internet, including Joe American, are going dark. But our top officials are communicating in the clear. It’s crazy!
@Kit: I agree. But it underscores the agility of the private sector over that of the federal government.
@Steven L. Taylor:
Sure, but I hope that doesn’t mean that the country’s nuclear codes are sent via gmail.
I’m willing to bet that the NSA has a damn good idea of just which government doors are unlocked. Is it too much to ask that they help in closing them?
I don’t want to defend her, but I’m surprised that there was confidential information in a draft of a public statement — or at least information that would not be released within a day anyway.
I would question whether the blacked out and redacted parts in the FOIA release were appropriately redacted.
She absolutely should not have done this — a thirty minute delay would have meant nothing — but it may not be as bad as it looks.
But also, when we lock her up, we also have to lock up her staff. This was a back and forth exchange. And we should have a congressional investigation to determine if this was a one off event, or a regular practice.
@Kit:
The military has gotten rid of the floppy disks used to control US nuclear weapons for more than 50 years.
Granted, those were at least hard to hack.
Do not undersell Haley’s misbehavior.
She was a minor actor. She behaved as if everything hinged on her input. It didn’t. As in, her input was ignored and distegarded by the principles. Staff would have noted your input for the record at best.
She was 4 steps away from the action. Any input from her would be advisory at the very best.
She super overreacted. I get it, kinda.
That she broke protocol is less interesting as to why she thought it necessary to do so.
Snap, initial bad call I can abide.
Really hubristic misunderstanding of her role in the situation is quite troubling.
You are the ambassador to the UN. Your role is to speak the administration’s policy at the UN. You are not special or important on this matter now.
@Steven L. Taylor:
My jaw dropped when I saw the date of that article: October 30, 2019 🙂
Honestly, even more than the system not having an IP address, I think there is strong security in the fact that 8-inch floppy drives are not not exactly standard equipment these days.
@Kit: The first PC I used at work was a TRS-80 with 8” floppies. This would have been like 1980.
I recall reading shortly before the breakup of the Soviet Union and the Warsaw Pact that our DEW line radars in Canada we’re still vacuum tube powered, and the only place the Air Force could source replacement tubes was in Poland.
The whole email thing has always being ridiculous- partisans play up garbage all the time- the press really is at fault here for overcovering the matter.
Were we to war-game out a potential NK nukes the US scenario, would anyone stop to think how best to elicit the US Ambassador to the U.N.’s input? As vitally important?
I would def elicit long-term Korean pros from the DoS and DoD, but Haley’s role would be infinitesimal in any decision.
She overreacted. Her role would be weeks or months later, and as a spokesperson / diplomat hybrid.
Dude, you are not that important.
@gVOR08:
Your privilege is showing: my first computer used cassette storage :-p
@Steven L. Taylor:
People keep saying that, but a locked-down private server with well-maintained security updates and programs is a lot more secure than AOL (like Colin Powell used) or Gmail.
@Kit:
My first programming class featured a dumb terminal connected to the local university’s computer.
We played Adventure like hounds on a treed squirrel. I was the guy who always wanted to gear up before going North.
We got an Apple 2 senior year and it was astonishing. The CPU was actually in the room with us.
My senior project was getting the cursor to programatically move around the screen. Totally crushed it. A+
@de stijl:
And when I said dumb terminal, I truly meant terminal. The interface was a printer.
@Kit: It is not merely a technological issue, it is a structural issue. My experience in my old days in Central Banking things circa 07-11 with US government interaction was that all security decisions were entirely in the hands of security bureaucrats whose sole duty was security. So right to physical interaction they design approaches and policies that protect their interests,
Happened all the time that when meeting w USG people, it was the regular conclusion we shouldn’t use their “secure facility” (embassy or whatever) as it was such a colossal Pain in the Ass in logistics, so completely insecure venues for even sensitive (of course not military and like security so not to exagerate sensitivity) discussions were agreed on (since in the page of Ipads and electronic docs, holding such in a USG fac was 100% impractical).
@de stijl:
Actually, my first introduction to computers was in high school using punch cards. I hated it! A year later there was a new DEC PDP-11, and I decided to give computers another go. I still cannot say if that was a stroke of good luck or bad.
For the record, cassettes were a huge step up from a stack of cards.
@TheLounsbury:
I absolutely agree.
You reminded me of this great Dilbert take on this.
@de stijl: “wait until you can communicate securely”: What types of security are best when it comes to email? I have a free antivirus that is rated one of the best and I have had few problem, none with my email. I also use a Linux os along with Windows 10. Is a VPN the best way to secure email? I use a VPN when I am streaming.
My biggest problem and complaint is with these complex password requirements: several letters, a number, upper case letter, and other requirements. This makes them hard to remember and takes time if I am in a hurry, especially on the tiny cell keyboard. I was successful in talking some places into letting me get by with a three digit password, and my physician office dropped the pw requirement altogether for me (password – blank). I often use the simplest combination: numerical order or alphabetical order. Sometimes I will use the actual name of the organization, such as WDW.
What sort of professionals would you prefer as ambassador to the UN? It would be better to have them instead of the politicians, if they will put the interest of the US first. But maybe the whole UN membership thing should be questioned and looked at.
I’m going to start upvoting Tyrell. That’s good stuff. 😀
@Teve:
I sometimes wonder just how slowly a moving sidewalk would have to roll before even the laziest people would simply rather walk. With Tyrell, I sometimes wonder if he’s testing just how clueless he has to appear before no one reads him any more: no replies, no votes, no references. I mean, he’s mocking us now, right?
@Tyrell: You’re probably old enough to remember the bygone era when telephone numbers had names attached to them (I was going to link to an old Stan Freberg song with a lyric “they’ve taken away our murrayhill,” but couldn’t find it). Formatting a password to an old phone number that you remember would work for the most complex requirements–mix of letters and numbers, capital letters, and even a “special symbol” in some cases because those phone numbers had hyphens and could adapt in parentheses. (Does anybody use parentheses in phone numbers anymore?)
Of course, if your town was small enough that you had a central operator you rang to, this process won’t work, unfortunately. (My grandmother’s phone number in those days was 379W–too short. 🙁 ) How small was the town you grew up in, Tyrell?
ETA: @Kit: No, I wouldn’t count him mocking us, but I guess anything is possible.
@Kit: His good ol down home character is way more entertaining to read than just some angry dumbass like JKB or Guano.
@Kit:
Back when Scott Adams wasn’t a massive tool.
@Kit: The date is a stunner, to be sure 😉
@de stijl: Or, at least, had not publicly revealed himself as such.
@Just nutha ignint cracker:
I’m fairly certain Tyrell grew up in Mayberry R.F.D.
More human than human is our motto.
PS Deckard was a replicant too. He had the eye shine. Edward James Olmos knew his implanted memories. “You’ve done a *man’s* job.” The origami unicorn.
@Kit: The first computer I personally owned also had a cassette, but the work company computer had the 8” floppies. I’m so old the first programming course I took required using a card punch machine.
(One winter afternoon a few years later I saw a guy walking across the quad at Iowa State with a big card box under each arm. He hit a patch of ice and sprawled both arms out as he went down. There were a dozen of us running around catching windblown IBM cards. Hopefully he knew to felt tip a diagonal stripe down the top edges of the cards in the deck.)
@Just nutha ignint cracker:
When I was a wee lad I got shipped off to the grandparents farm as free labor during summers.
They had a party line. You pick up and hear Mrs. Klopotnik gassing on about how the spread was total shite when Mrs. Roberg hosted the last Homemakers meeting.
You had to wait until Mrs. Klopotnik hung up to make a call.
@gVOR08:
I came up just after punch cards.
How would a a felt tip marker…
Ah, diagonal stripe! Stack em up, rearrange per the stripe. That’s very clever!
@Just nutha ignint cracker: That is interesting. I do remember before the area codes, and the zip codes. A long distance call was cheap. I don’t remember the name attached to the number. I remember also the “party” line, which was a phone line shared by several people, usually on the same street. Often we would pick up the phone and hear other people having a conversation. That was some eavesdropping – we often heard some juicy stuff!
@de stijl: Scott Adams was always a massive tool. Back in the late 90s, email newsletters were thing. Scott Adams had one, and I subscribed to it for a while. Typically, if there were like five items in an issue, three of them would be a really interesting, one would be just weird and bizarre, and one would be borderline insane. after a while the occasional insane thing just weirded me out too much and I unsubscribed.
@Teve:
In his defence (very limited and so super conditional), Adams did have a feel for late 90’s / early aughts IT work and office politics.
We’ve all had the pointy haired boss.
@gVOR08:
The first computer I was ever paid to program (government lab, 1980) had a massive special-purpose removable disc pack for collecting the reams of data generated by our experiment. It held (brace yourselves) a megabyte, loaded into its tray like a pizza in a pizza oven, and took about 30 seconds to spin up before you could use it. However, when the tech rep brought new software to install, he brought it on punched paper tape rolls, and you booted up the computer after powering it on by toggling certain switches on the front of the CPU box in a specific sequence…
@de stijl:
I had such a hetero man crush on Rutger Hauer / Roy Batty.
And such a hetero crush crush on Darryl Hannah / Pris.
“Wow. You sure have a lot of nice toys here.”
We are now in Bladerunner timeline. It was set in 2019.
Rutger Hauer improvised the “like tears in rain” soliloquy / monologue. It wasn’t scripted.
When I started my career in the landline telephone industry in 1973 I worked on jobs for the General Telephone Company of Illinois rural exchanges converting customers from eight and ten party lines to four party and private lines. A few years later all customers got private lines to accomodate the digital switches that were fast replacing electromechanical central offices.
In the early 80’s I was working the same jobs for the United Telephone Company of Indiana.
The last party lines that I recall throwing over to private line service were in the Salem, Missouri telephone exchange in 1993(?).
Listening in on party line conversations was frowned upon by the phone companies but there wasn’t much they could do about it.
I do remember that it was illegal to not give up the line if someone needed to call the operator to request emergency services.
@Mister Bluster:
This would have been early to mid 70’s in rural NW Wisconsin. South of the big trees. Barron county aka barren county.
One night the power went out so the cows decided to push through the unelectrified fencing and mosey over to the Klopotik’s (not Klopotnik, I misremembered earlier) wood lot across the road.
Cows are dumber than a rock, but they do possess a small low cunning. They decided that during a massive thunderstorm, they wanted to be under trees so away they went.
High School. 1976.
Dumb terminal, paper printer output. Punch-paper tape for programming.
(Imagine a screen! They just had those for sending rockets into space!)
Moon Lander ate a LOT of my time.. but learned vectors.
AV club, bitches!