It's not a great idea to run a government using Yahoo! e-mail accounts.
That's the word from experts, anyway, reacting to news that Alaska Gov. Sarah Palin's Yahoo! e-mail had been hacked earlier this week. McCain's vice-presidential pick reportedly used the accounts to communicate with key aides about government business.
The practice is dangerous, said experts, and can run counter to laws ensuring government is open and accountable -- a tough point for Palin, who has made "open government" a catchphrase of her political identity.
By using non-governmental email systems, "Your information is out there available, beyond the official mechanisms there to protect it," said Amit Yoran, the nation's first cybersecurity chief. Yoran is now CEO of Netwitness Corp., a computer security firm for government and private entities.
"When she's communicating about government programs, that information is not being protected with the typical precautions the government has put in place in its own risk management process," said Yoran.
Moreover, a hacked account could be used to falsify communications, noted Yoran – a point proven by one of the hackers, who used Palin's account to send a message to one of her assistants.
Two Yahoo! email accounts belonging to Palin were hacked early Tuesday by a group calling itself 'Anonymous'. Screen shots of her inbox were posted online, as well as a screenshot showing an email of an apparently personal nature from a Palin appointee to the governor.
Palin's use of the private account to discuss public business – a practice reportedly shared by her top aides – also raised concerns from open-government advocates, who fear the practice could impede the spirit of laws designed to preserve government communications and documents.
Recently, Palin's office has fought to withhold some emails from public release, saying they were exempt from disclosure because state law protected certain categories of communication, such as those related to the "deliberative process."
A state spokesman for Palin has defended the practice, saying "I don't hear any public clamor for access to internal communications of the governor's office," and blaming the issue on "some people out there blogging and talking who would like to embarrass the governor."
The McCain-Palin campaign responded to inquiries about Palin's email practice with a written statement. "This is a shocking invasion of the Governor's privacy and a violation of law," read the statement, from campaign manager Rick Davis. "The matter has been turned over to the appropriate authorities and we hope that anyone in possession of these emails will destroy them. We will have no further comment."
Lawyer Meredith Fuchs of the Washington, D.C.-based National Security Archive has experience on this issue, having fought with the Bush White House over how it preserved emails, and why it allowed key personnel to use private email accounts controlled by the Republican National Committee. She believes Palin's email habits echo the worst practices of the Bush administration.
Government email systems typically have safeguards to preserve communications specifically for open-records purposes. "I don't know what Yahoo's policy is" on how long it saves emails, particularly after they're deleted by the user, said Fuchs, who doubted they were preserved.
That parallels the problems with White House personnel sending email through the RNC. Many of their emails "just don't exist anymore," said Fuchs. "This is very similar."
Fuchs – and open-government advocates in Alaska – worry that may be part of the governor's intent. "Maybe they did it because they thought the records wouldn't be disclosed," said Fuchs. "That raises issues possible destruction of evidence issues – if they expected litigation."