Jeh Johnson granted special waiver on first day of official ban. Practice continued even after Clinton email revelations.
Judicial Watch says it has obtained 693 pages of Department of Homeland Security records revealing that Secretary Jeh Johnson and 28 other agency officials used government computers to access personal web-based email accounts despite an agency-wide ban due to heightened security concerns. The documents also reveal that Homeland Security officials misled Rep. Scott Perry (R-PA) when Perry specifically asked whether personal accounts were being used for official government business.
The records were obtained in response to a February 2016 court order by the U.S. District Court for the District of Columbia following a Judicial Watch Freedom of Information Act (FOIA) lawsuit (Judicial Watch v. Department of Homeland Security (No. 1:15-cv-01772)).
The Judicial Watch lawsuit was filed in October 2015 after the Department of Homeland Security failed to comply with a July 2015 FOIA request seeking the following:
All requests (in any form) submitted by senior DHS officials for waivers to use personal Web-based email accounts on government-owned computers.
Copies of all waivers granted to senior DHS officials to use personal Web-based email accounts on government-owned computers.
Judicial Watch sought the documents following a Bloomberg News report revealing that 29 high-level Homeland Security officials, including Johnson, obtained exemptions from a February 2014 agency-wide ban on the use of web-based email systems due to increased security concerns. The waivers were granted despite security officials’ warning of the risks of malicious attacks and data exfiltration from webmail use.
Included among the records is a February 19, 2014 memorandum from security officials at the Department of Homeland Security strongly warning: “According to the Office of the Chief Information Officer, access to webmail using DHS networks is responsible for almost half of all attempts to compromise DHS network security.” The memo explains that webmail use resulted in 14 Trojan-Horse attacks in August 2013 and 25 attacks in December 2013 on Homeland Security computer networks.