State Department Spokesman Warned of Private Email Risks in 2011

Mark C. Toner, then Deputy Spokesperson for the U.S. State Department, made comments at a Daily Press Briefing on June 2, 2011 regarding the use of private email by government officials. The comments may have been largely insignificant at the time, but they provide an interesting perspective today in light of questions that have arisen about Hillary Clinton’s use of a private email account as Secretary of State.

Based on the attention generated by Hillary Clinton’s use of a private email account during her time as Secretary of State, these seemingly insignificant comments regarding the use of private emails by government officials that were made by Mark C. Toner, then Deputy Spokesperson for the U.S. State Department, at a Daily Press Briefing on June 2, 2011 have more relevance today:

QUESTION: Just to put some stuff sort of on the record in black and white —

MR. TONER: Yeah. Sure.

QUESTION: — is there any prohibition against U.S. Government officials using private email services such as Gmail for their personal, non-classified, non-official —

MR. TONER: No.

QUESTION: Okay. Is there any – there are certain agencies – the SEC, to cite an independent agency in the U.S. Government – which bars its employees from accessing private accounts like Gmail while they’re at work.  Is there anything that bars U.S. Government – State Department officials from accessing Gmail at work?

MR. TONER: There is not. I think the general rule – first of all, you’re right; on the first account that State Department employees are not prohibited from having private email accounts. We all do it. That said – or many of us do it. That said, we all undergo, I think, annual cyber awareness security reviews, programs. And in fact, that even extends into when we log on, in fact, we get constantly quizzed on our cyber security awareness. And I think it’s important to say that in that training, it’s stressed that there’s no assumption of confidentiality in any kind of personal email account and that you should obviously act accordingly. (emphasis added)

I’m sorry, your last – what was your – oh, are we prohibited during the workday? As far as I’m aware, we are not. Obviously, though, that use should be limited. But I’m not aware that we’re prohibited from using it in the workplace.

And later in the same conference:

QUESTION: Is there a sense, or was there a heightened sense of awareness of the potential for any sort of outside hacking given that Lockheed Martin, 10 days ago, reported some sort of attempt to breach its computer systems, and then (inaudible) and the DOD —

MR. TONER: I think we wake up every day with the awareness that everybody’s private email accounts are vulnerable to – I mean, my own account’s been hacked into before, but for who knows what. I don’t have any assumption of confidentiality when I use that. (emphasis added)

The entire briefing may be found at http://www.state.gov/r/pa/prs/dpb/2011/06/164864.htm.