The current scandal roiling over the use of a private e-mail server by former Secretary of State Hillary Clinton is just the latest in a series of scandals surrounding government e-mails. And it’s not the first public airing of problems with the State Department’s IT operations—and executives’ efforts to bypass or work around them. At least she didn’t set up an office in a restroom just to bypass State Department network restrictions and do everything over Gmail.
However, another Obama administration appointee—the former ambassador to Kenya—did do that, essentially refusing to use any of the Nairobi embassy’s internal IT. He worked out of a bathroom because it was the only place in the embassy where he could use an unsecured network and his personal computer, using Gmail to conduct official business. And he did all this during a time when Chinese hackers were penetrating the personal Gmail inboxes of a number of US diplomats.
Why would such high-profile members of the administration’s foreign policy team so flagrantly bypass federal and agency regulations to use their own personal e-mail to conduct business? Was it that they had something they wanted to keep out of State’s servers and away from Congressional oversight? Was it that State’s IT was so bad that they needed to take matters into their own hands? Or was it because the department’s IT staff wasn’t responsive enough to what they saw as their personal needs, and they decided to show just how take-charge they were by ignoring all those stuffy policies?
The answer is probably a little bit of all of the above. But in the case of former ambassador Scott Gration, the evidence points heavily toward someone who wanted to work outside the system because he just couldn’t stand it.
Take this IT and flush it
Shortly after his arrival in Nairobi, Gration “broadcast his lack of confidence in the information management staff” of the Embassy, the State Department Office of the Inspector General noted in an inspection report on the embassy that precipitated Gration’s resignation:
Because the information management office could not change the Department’s policy for handling Sensitive But Unclassified material, he assumed charge of the mission’s information management operations. He ordered a commercial Internet connection installed in his embassy office bathroom so he could work there on a laptop not connected to the Department email system. He drafted and distributed a mission policy authorizing himself and other mission personnel to use commercial email for daily communication of official government business. During the inspection, the Ambassador continued to use commercial email for official government business.
Gration’s demands and “flouting of direct instructions to adhere to Department policy “ put the IT staff at the embassy in Kenya in the position of having to choose between making their boss happy and following State Department regulations and government information security requirements. When they failed to respond to Gration’s demands in a timely fashion, he escalated things by “publicly berating members of the staff, attacking them personally, loudly questioning their competence, and threatening career-ending disciplinary actions,” the IG’s office reported. “These actions have sapped the resources and morale of a busy and understaffed information management staff as it supports the largest embassy in sub-Saharan Africa.”
Apparently, Gration’s impatience with IT extended to not using his secure email and the “front channel” secure diplomatic cable system. The Inspector General’s inspection team observed that “the Ambassador does not read classified front channel messages. No one in the mission screens incoming cables for the Ambassador relevant to Kenyan and US interests in the region. The OIG team also observed that the Ambassador very infrequently logs onto his classified account, which would allow him to read cables and classified emails.” In the end, the IG team recommended that somebody check his accounts for him and screen messages for relevance.
In other words, Gration was the end user from hell for an understaffed IT team in a politically sensitive outpost. “He has willfully disregarded Department regulations on the use of commercial email for official government business,” the IG report noted, “including a front channel instruction from the Assistant Secretary for Diplomatic Security against such practice, which he asserted to the OIG team that he had not seen”—because he never used his secure network account.
What could have possibly motivated that sort of behavior from a man who had clearly dealt with secure government IT systems in the past as an Air Force major general? In part, it may have been that regardless of how competent the IT team at the Nairobi embassy was, State Department information systems might make working out of a bathroom look good to anyone accustomed to more corporate IT.