BleachBit

The Denver Post editorial board suggests the deletion of Clinton emails is a “fishy story.”

The Denver Post Logo (Credit: The Denver Post)

The Denver Post Logo (Credit: The Denver Post)

The Denver Post’s editorial board publishes an editorial on September 8, 2016, entitled “A fishy story in Platte River Networks’ purge of Clinton e-mails.” It focuses on Platte River Networks (PRN) employee Paul Combetta’s FBI interview and his deletion and wiping of Clinton’s emails with a program “wonderfully named BleachBit.”

The editorial mentions Combetta’s “sudden remembrance” to delete the emails, and a subsequent conference call between PRN officials and a “longtime Clinton aide and personal lawyer.” When the FBI eventually attempted to investigate the conference call, they were met with Combetta’s claim of attorney-client privilege. The editorial states, “That just looks awful. So [it’s] little wonder the Republican chairman of the House committee investigating Clinton’s e-mail arrangement — Utah’s Jason Chaffetz — has asked federal prosecutors to investigate whether she or others were involved in the decision to destroy those emails following the preservation order.”

The Post argues “the information from the [FBI’s] summary of its investigation doesn’t sit well. It’s reasonable to ask why the FBI didn’t look deeper. It’s reasonable to ask why [Combetta] would act if, as the logic of the cover story must argue, the emails were simply personal notes about yoga appointments and being a grandmother.”

The editorial agrees with Chaffetz’s call for the Justice Department “to investigate and determine whether Secretary Clinton or her employees and contractors violated statutes that prohibit destruction of records, obstruction of congressional inquiries and concealment of cover-up of evidence material to a congressional committee.” It closes by saying, “something about this story feels whitewashed — or maybe bleached out is the better term for it now.” (The Denver Post, 9/8/2016)

It is alleged that Clinton’s lawyers used a computer program to make sure her deleted emails couldn’t be recovered.

Since late 2014, when Clinton and her lawyers deleted over 31,000 of Clinton’s emails from when she was secretary of state, it has been unclear if the emails were simply deleted or “wiped,” meaning deliberate steps were taken to make sure they couldn’t be recovered later.

160825GowdyFoxNews

Trey Gowdy appears with Martha MacCallum on Fox News on August 25, 2016. (Credit: Fox News)

In an interview, Representative Trey Gowdy (R) says that, “[Clinton] and her lawyers [Cheryl Mills, David Kendall, and Heather Samuelson] had those emails deleted. And they didn’t just push the delete button; they had them deleted where even God can’t read them. They were using something called BleachBit. You don’t use BleachBit for yoga emails or bridemaids emails. When you’re using BleachBit, it is something you really do not want the world to see.”

160825BleachBitLogo

BleachBit Logo (Credit: public domain)

BleachBit is computer software whose website advertises that it can “prevent recovery” of files. Politico notes that if Gowdy is correct, this would be “further proof that Clinton had something to hide in deleting personal emails from the private email system she used during her tenure as secretary of state.” It is not explained how Gowdy might know this, but his comments come only a few days after the FBI gave raw materials about their Clinton email investigation to Congress. (Politico, 8/25/2016)

Gowdy’s claim contradicts what FBI Director James Comey said on July 5, 2016 when he announced that he would not recommend charging Clinton with any crime. At that time, Comey stated, “we found no evidence that any of the additional work-related emails were intentionally deleted in an effort to conceal them. Our assessment is that, like many email users, Secretary Clinton periodically deleted emails or emails were purged from the system when devices were changed.” (Federal Bureau of Investigation, 7/5/2016)

Within hours of Gowdy’s comments, BleachBit updates their website to say: “Last year when Clinton was asked about wiping her email server, she joked, ‘Like with a cloth or something?’ It turns out now that BleachBit was that cloth, according to remarks by Gowdy.” The website also notes, “As of the time of writing BleachBit has not been served a warrant or subpoena in relation to the investigation. … The cleaning process [of our program] is not reversible.” (BleachBit, 8/25/2016)

On September 2, 2016, the FBI’s final report on their Clinton email investigation will be released, and it will be revealed that BleachBit was used on Clinton’s server in late March 2015. (Federal Bureau of Investigation, 9/2/2016)

June 10, 2016 – The FBI/DOJ and Cheryl Mill’s attorney, Beth Wilkinson, together write and agree to rules that grossly limits the scope of the Clinton email investigation

Texas attorney Ty Clevenger (Credit: Dallas Morning News)

A recent FOIA request by attorney Ty Clevenger resulted in the release of a letter (pdf pgs 12-16), dated October 5, 2016, written by Senator Grassley and co-signed by three members of congress. It is addressed to AG Loretta Lynch, and reveals how the DOJ/FBI and Cheryl Mill’s attorney, Beth Wilkinson, wrote and agreed to the rules that grossly limited the scope of the  Clinton email investigation.

Here are some of the concerns listed by Senator Grassley and congress members Jason Chaffetz, Devin Nunes and Bob Goodlatte. They also have questions for AG Lynch at the end of the letter and they can be found at the source link provided above and below:

1. There were two letters addressed to the DOJ from attorney Beth Wilkinson on behalf of her client Cheryl Mills, that were made available for an in camera review by our committees.

2. The Wilkinson letters are both dated June 10, 2016 and incorporated by reference into the immunity agreements for Cheryl Mills and Heather Samuelson that was related to the FBI criminal investigation into Clinton’s email server.

3. The letters set out the precise manner in which the Department and the FBI would access and use federal records and other information stored on .PST and .OST email archives from Ms. Mills’ and Ms. Samuelson’s laptops.

4. Ms. Wilkinson and lawyers from the Justice Department drafted the letters jointly before they were sent them to DOJ.

5. They express concerns about “the process by which Congress was allowed to view the Wilkinson letters, that the letters inappropriately restrict the scope of the FBI’s investigation, and that the FBI inexplicably agreed to destroy the laptops knowing that the contents were the subject of Congressional subpoenas and preservation letters.”

6. The viewing restrictions imposed on congress as a condition of cooperating voluntarily, the DoJ limited access to the letters to only members of certain committees and one or two staff, prohibited members and staff from “taking notes or photos, or otherwise seeking to record the information contained in the memos,” and redacted the names of all DOJ and FBI personnel on the documents.

7. The Wilkinson letters only permitted the FBI to review email archives from Platte River Networks created after June 1, 2014, and before February 1, 2015, that included emails sent or received from Secretary Clinton’s four email addresses during her tenure as Secretary of State. Limitations would necessarily have excluded, for example, any emails from Cheryl Mills to Paul Combetta in late 2014 or early 2015 directing the destruction or concealment of federal records. Similarly, these limitations would have excluded any email sent or received by Secretary Clinton if it was not sent or received by one of the four email addresses listed, or the email address was altered. Notably, in December 2014, Mr. Combetta deleted all Clinton emails older than 60 days, which was in effect all of Secretary Clinton’s emails from January 2009 to October 2014. He admitted this “change in retention policy” during his second FBI interview in February 2016.

8. In March 2015, Mr. Combetta had two conference calls with David Kendall, attorney for Secretary Clinton, and Ms. Mills. Mr. Combetta admitted to the FBI in his third interview in May 2016 that after the second conference call on March 31, 2015, he used BleachBit to destroy any remaining copies of Clinton’s emails and PST files that he was able to locate. Per the agreement with Ms. Wilkinson, emails from around the time of the conference calls (and subsequent deletion of records) would not have been covered by the FBI’s review of Ms. Mills’ and Ms. Samuelson’s laptops. Importantly, before the FBI agreed to the Wilkinson letters in June 2016, it already knew of the conference calls between Secretary Clinton’s attorneys and Mr. Combetta, his use of BleachBit, and the resulting deletions, further casting doubt on why the FBI would enter into such a limited evidentiary scope of review with respect to the laptops.

The Wilkinson letters went on to provide that the FBI would destroy any records which it retrieved that were not turned over to the investigatory team, meaning the FBI might proceed to delete such an email, after determining it should not be sent to the investigatory team. Further, the Wilkinson letters memorialized the FBI’s agreement to destroy the laptops. This is simply astonishing given the likelihood that evidence on the laptops would be of interest to congressional investigators.

9. The Wilkinson letters raise serious questions about why DOJ would consent to such substantial limitations on the scope of its investigation, and how Director Comey’s statements on the scope of the investigation comport with the reality of what the FBI was permitted to investigate.

10. The Committees requested unredacted copies of Wilkinson letters; the two immunity agreements for Mr. Bryan Pagliano; the immunity agreement for Mr. Paul Combetta; the immunity agreement for Mr. John Bentel; the immunity agreement for Ms. Cheryl Mills; and the immunity agreement for Ms. Heather Samuelson.

(Clevenger link includes letter: Pgs 12 – 16, pdf)

February 18, 2016 – FBI documents show evidence of “cover-up” discussions related to Clinton emails and Platte River Networks

“Judicial Watch announced that it uncovered 422 pages of FBI documents showing evidence of “cover-up” discussions related to the Clinton email system within Platte River Networks, one of the vendors who managed the Clinton email system.

Witnesses, from left, Paul Combetta and Bill Thornton of Platte River Networks, and Justin Cooper are sworn in on Sept. 13, 2016, prior to testifying before the House Oversight and Government Reform Committee. Clinton aide, Bryan Pagliano, did not appear, empty seat at left. (Credit: Molly Riley/The Associated Press)

(…) FBI notes of an interview with an unidentified Platte River Networks official in February 2016 (almost a year after the Clinton email network was first revealed) show that Platte River “gave someone access to live HRC archive mailbox at some point.”

The same notes show that an email from December 11, 2014, exists that reads “Hillary cover up operation work ticket archive cleanup.” The interviewee said that the “cover up operation” email “probably related to change to 60 day [sic] email retention policy/backup.” The subject indicated that he didn’t “recall the prior policy.”

The notes also indicated, “[Redacted] advised [redacted] not to answer questions related to conv [conversation] w/DK [David Kendall] document 49 – based on 5th amendment.”

The subject said that “everyone @ PRN has access to client portal.”

A December 11, 2014, Platte River Networks email between redacted parties says: “Its [sic] all part of the Hillary coverup operation <smile> I’ll have to tell you about it at the party”

An August 2015 email from Platte River Networks says: “So does this mean we don’t have offsite backups currently? That could be a problem if someone hacks this thing and jacks it up. We will have to be able to produce a copy of it somehow, or we’re in some deep shit. Also, what ever [sic] came from the guys at Datto about the old backups? Do they have anyway [sic] of getting those back after we were told to cut it to 30 days?”

In March 2015, Platte River Networks specifically discusses security of the email server.

[Redacted] is going to send over a list of recommendations for us to apply for additional security against hackers. He did say we should probably remove all Clinton files, folders, info off our servers etc. on an independent drive.

Handwritten notes that appear to be from Platte River Networks in February 2016 mention questions concerning the Clinton email system and state of back-ups

The documents show Platte River Networks’ use of BleachBit on the Clinton server. The BleachBit program was downloaded from a vendor called SourceForge at 11:42am on March 31, 2015, according to a computer event log, and over the next half hour, was used to delete the files on Hillary’s server.

The documents also contain emails and handwritten notes written in June and July 2015 from the Office of the Intelligence Community Inspector General discussing “concerns” over classified information. A redacted sender writes to State Department Official Margaret “Peggy” Grafeld that “inadvertent release of State Department’s equities when this collection is released in its entirety — the potential damage to the foreign relations of the United States could be significant. ICIG McCullough forwards the concern, saying: “Need you plugged in on this.”

(Read more: Judicial Watch, 4/08/2019)

A Platte River Networks employee is interviewed twice by the FBI and gives contradictory answers.

Paul Combetta (Credit: public domain)

Paul Combetta (Credit: public domain)

Platte River Networks (PRN) is the computer company managing Clinton’s private server from June 2013 until at least October 2015, and PRN employee Paul Combetta played a pivotal role in the deletion of Clinton’s emails from her server.

On February 18, 2016, Combetta is interviewed by the FBI for the first time. He says that between March 25 and 31, 2015, he realized he failed to change the email retention policy on Clinton’s email account on her server, as Clinton’s lawyer (and former chief of staff) Cheryl Mills told him to do in December 2014. This would result in the deletion of some of her emails after 60 days. However, he claims that despite this realization, he still didn’t take any action. Additionally, on March 9, 2015, Mills sent him and other PRN employees an email which mentioned that the House Benghazi Committee had made a formal request to preserve Clinton’s emails. Combetta tells the FBI that he didn’t recall seeing the preservation request referenced in the email.

On May 3, 2016, Combetta has a follow-up FBI interview, and his answers on key issues completely contradict what he said before. This time, he says that when he realized between March 25 and 31, 2015 that he forgot to change the email retention policy on Clinton’s email account, he had an “oh shit!” moment. Then, instead of finally changing the policy settings, he entirely deleted Clinton’s email mailbox from the server,  and used the BleachBit computer program to effectively wipe the data to make sure it could never be recovered. He also deleted a Datto back-up of the data. And he did all this without consulting anyone in PRN or working for Clinton. Furthermore, he admits that he was aware of the mention in the March 9, 2015 email from Mills mentioning the Congressional request to preserve Clinton’s emails.

A September 2016 FBI report will simply note these contradictions. There will be no explanation why Combetta was not indicted for lying to the FBI, obstruction of justice, and other possible charges. There also will be no explanation why his answers changed so much in his second FBI interview, such as him possibly being presented with new evidence that contradicted what he’d said before. (Federal Bureau of Investigation, 9/2/2016)

A Platte River Networks employee allegedly deletes all of Clinton’s emails and then wipes them to prevent their recovery, despite apparently having no clear order to do so.

Platte River Networks (PRN) is managing Clinton’s private server, and two PRN employees are occasionally working on it. Around December 2014, PRN employee Paul Combetta was told by one of Clinton’s lawyers (and her former chief of staff) Cheryl Mills to delete all copies of Clinton’s emails off Mills’ computer and the computer of another lawyer working for Clinton, Heather Samuelson. He did so. But he says he was also told by Mills to change the email retention policy on Clinton’s clintonemail.com email account so that Clinton’s unwanted “personal” emails would be deleted after 60 days, and he forgot to do that.

Combetta will be interviewed by the FBI on February 18, 2016. At that time, he will say that after a conference call between PRN and the staff of former President Bill Clinton on March 25, 2015, roughly between March 25 and 31, 2015, he will realize he forgot to make the change, but then will tell the FBI that he didn’t do anything about it.

However, Combetta will be interviewed by the FBI again on May 3, 2016, and his answers will change. This time, he will say he had what told the FBI was “an ‘oh shit’ moment.” Then, sometime between March 25 and 31, 2015, he deleted the Clinton archive mailbox from Clinton’s server. Furthermore, he used BleachBit to delete the exported .pst files he had created on the server system containing Clinton’s emails.

150326PlatteMontage

There are six employees leading PRN in 2015. From left to right they are Brent Allshouse, David DeCamillis, Treve Suavo, Sam Hickler, Craig Papke, and Dave Robinson (not pictured). (Credit: Linked In and Platte River Networks)

An FBI report will explain, “BleachBit is open source software that allows users to ‘shred’ files,” as well as other functions. “BleachBit’s ‘shred files’ function claims to securely erase files by overwriting data to make the data unrecoverable.”

Additionally, the FBI investigation will later find “evidence of these deletions and determined the Datto backups of the [Clinton’s] server were also manually deleted during this timeframe.” However, the FBI will not mention if they figured out who deleted the Datto back-ups, whether it is Combetta or someone else.

150326BleachBitSystemCleaner1.8

BleachBit System Cleaner 1.8 (Credit: BleachBit)

Note that Combetta was only asked by Mills to change the deletion policy on Clinton’s account, which would have deleted only her “personal” emails 60 days later. He actually immediately deleted all of her emails, including her work-related ones, and then used a program to make their later recovery impossible. It is not clear if anyone told him to do this, and if so who, or if he did it on his own.

Furthermore, Combetta took these actions even though Mills sent him (and others at PRN) an email on March 9, 2015, which mentioned how the House Benghazi Committee had requested to Clinton’s lawyers that all of Clinton’s emails should be preserved. In his first FBI interview, he will deny being aware of this. But in his second FBI interview, according to the FBI, at the time he made the deletions, “he was aware of the existence of the preservation request and the fact that it meant he should not disturb Clinton’s email data on [Clinton’s] server.” (Federal Bureau of Investigation, 9/2/2016)

Copies of Clinton’s emails are deleted from the computers of two of Clinton’s lawyers.

On October 28, 2014, the State Department formally asked Clinton for copies of all her work-related emails, after asking informally for several months. Three lawyers working for Clinton, Cheryl Mills, David Kendall, and Heather Samuelson, then sorted Clinton’s emails into those they deemed work-related or personal.

Paul Combetta (Credit: Facebook)

Paul Combetta (Credit: Facebook)

According to a later FBI report, “on or around December 2014 or January 2015, Mills and Samuelson requested that [Platte River Networks (PRN) employee Paul Combetta] remove from their laptops all of the emails from the July and September 2014 exports. [Combetta] used a program called BleachBit to delete the email-related files so they could not be recovered.” PRN is the computer company managing Clinton’s emails at the time.

The FBI report will explain, “BleachBit is open source software that allows users to ‘shred’ files, clear Internet history, delete system and temporary files and wipe free space on a hard drive. Free space is the area of the hard drive that can contain data that has been deleted. BleachBit’s ‘shred files’ function claims to securely erase files by overwriting data to make the data unrecoverable.”

141201ScreenConnectLogo

ScreenConnect Logo (Credit: public domain)

Combetta then remotely connects to the laptops of Mills and Samuelson using the computer program ScreenConnect to complete the deletions. Clinton’s emails are being stored in a .pst file. Combetta will later tell the FBI “that an unknown Clinton staff member told him s/he did not want the .pst file after the export and wanted it removed from the [Clinton server]” as well.

The Clinton emails are deleted from the laptops of Mills and Samuelson around this time. But another copy of all the emails exist on the server. Combetta will delete those emails as well, in late March 2015. (Federal Bureau of Investigation, 9/2/2016)