The soap opera drama of the David Petraeus affair continues to unfold. One thing that’s clear already – that personal email account you use to keep track of your affairs isn’t so personal, after all.
I’ll let the major media outlets continue to debate the ins and outs of the affair, the Election Day notice to congress and Petraeus’ avoidance of the Benghazi testimony taking place this week (you can read all about it in our Daily Intelligence round-ups). The critical lesson-learned for cleared professionals is that personal conduct and correspondence, especially that which goes through a web forum, does have national security implications.
Last month the South Carolina Supreme Court ruled that reading someone’s Gmail or cloud-based email account doesn’t violate the Stored Communications Act. That ruling contradicts a 2004 ruling by the Ninth District Court of Appeals, leaving many to push for the Supreme Court or Congress to weigh in. In absence of cybersecurity legislation or a Supreme Court ruling to address the discrepancy, however, the fact remains that you have little protection against someone viewing your email communication.
Given that reality it’s almost surprising that email continues to be the communications method of choice for many adulterers, including Petraeus. For the average cheating husband or wife, uncovered email exchanges are likely to be the fodder of divorce attorneys, not terrorists. But when you’re the director of the CIA, your web communications – of all varieties – take on a much more serious nature.
Petraeus and love interest Paula Broadwell allegedly used Gmail accounts set up for the specific purpose of communicating back and forth. In Petraus’ case, a pseudonym was used to set up the account but once the FBI investigation began into Broadwell’s account, the trail easily led to Petraeus.
According to reports the pair used draft messages as one means of communicating, a method many (including shoe bomber Richard Reid – I guess Petraeus didn’t read the details in that case) have used in the past but which actually doesn’t do anything to evade detection.
The issues for Petraeus – and any cleared professional contemplating a love affair – include a lack of propriety in keeping personal email access personal, as well as the potential for blackmail, given the fact that he was going to lengths to keep the affair private.
Emails sent by Broadwell implied intimate knowledge of Petraeus’ schedule, as well as the comings and goings of other general officers visiting Central Command. Military families have long known that operations security applies to spouses and children, as well as service members. Unfortunately the military is not yet offering ‘OPSEC Training for the Other Woman,’ hence Broadwell’s ignorance that sending an email indicating that knowledge would set her up for an FBI investigation and set Petraeus for his downfall.
An affair is rarely a reason for someone to lose their security clearance (hey, it couldn’t even get President Clinton impeached), but going to lengths to keep an affair secret, sharing details about your professional life with a love interest or being careless in web communications are all good grounds for an investigation that may impact both your career and your clearance.
America’s adversaries are working every day to find even the smallest entry way into the personal lives of those with access to classified information. Petraeus made a dumb decision in making it so easy for them by being careless with a personal email account, and attempting to conceal an extramarital affair.
Lindy Kyzer is the editor of ClearanceJobs.com. She loves cybersecurity, social media, and the U.S. military. Have a conference, tip, or story idea to share? Email firstname.lastname@example.org.