FBI Director James Comey’s announcement regarding the investigation into Hillary Clinton’s use of personal e-mail servers when she was secretary of state is likely to generate a good deal more heat than light. By lambasting her e-mail practices and then declaring that no reasonable prosecutor would bring charges, he managed to offend Clinton’s supporters and her critics in equal measure. But the real question on most Americans’ minds is whether Clinton put truly sensitive information—and thus, perhaps, the nation’s security—at risk. Thanks to our bloated and dysfunctional classification system, it may be decades before we have an answer.
First, a brief synopsis of the FBI’s findings as Comey described them: A hundred and thirteen of the more than 30,000 e-mails on Clinton’s servers contained information that intelligence agencies had classified, in some cases at the highest level (“Top Secret”), at the time the e-mails were sent or received. That means officials within those agencies had determined that the information should be protected. Although marking classified information is an important part of ensuring its protection, only a small number of the 113 e-mails were marked as classified. Nonetheless, as Comey put it, “participants who know or should know that the subject matter is classified are still obligated to protect it.”
The FBI concluded that Clinton and her colleagues were “extremely careless,” but found insufficient evidence to support criminal charges under statutes that require evidence of intentional misconduct or gross negligence. Comey suggested that prosecuting Clinton would break with past practice, as prior prosecutions all have involved clearly intentional mishandling, the exposure of vast quantities of classified information, indications of disloyalty to the United States, or efforts to obstruct justice.
To someone unfamiliar with the classification system, Comey’s comments may have caused some whiplash. If Clinton sent and received e-mails that were classified as “Top Secret” on her personal servers, and if (as Comey implied) officials should be able to identify highly sensitive information regardless of its markings, then it would seem to follow that Clinton put our national security at grave risk. Viewed in this light, the decision not to recommend prosecution based on insufficient evidence of bad faith is at best unsatisfying, and at worst smacks of a whitewash.
The picture becomes much less clear when some key facts about the nation’s classification system are considered. Classification is not a science. The 2,000-plus officials who are authorized to make initial classification decisions exercise their individual judgments as to whether disclosure would harm national security. They have extremely broad discretion, and they are not required to explain their thinking. Given the subjectivity of the analysis, agencies frequently come to different conclusions about the sensitivity of the same piece of information. Needless to say, this would not happen if the appropriate classification status were self-evident.
Moreover, officials encounter multiple incentives to err liberally on the side of classification. It is easier and safer for busy, risk-averse national-security officials to make classification the default. It also greases the skids when pursuing policy initiatives that otherwise might require broad buy-in. It can hide embarrassing facts or evidence of misconduct. And it serves as a way for officials to enhance their status or protect their agencies’ turf. There are no disincentives on the other side of the scale, as classification decisions normally go unreviewed and agencies do not punish officials for classifying too much.