February 26, 2014

Official Backing Conflicted KXL Study May Have Exposed State Dept. to Security Risk

Official Backing Conflicted KXL Study May Have Exposed State Dept. to Security Risk

Internal e-mails from the State Department show that a State Department official named Keith Benes played a leading role within the agency in defending the use of ERM, a former TransCanada business partner, in conducting the Environmental Impact Study of the Keystone XL pipeline. Benes drafted talking points and pushed back against press inquiries about the conflict of interest. A Republic Report review of these e-mails, disclosed through a Sierra Club Freedom of Information Act request, show that Benes may have exposed the State Department to a serious security risk by conducting his work in defense of ERM using his personal e-mail account. This personal e-mail account may have been compromised because of its association with a third party website that was hacked.

Environmentalists have charged that ERM, a consulting firm that TransCanada recommended to the State Department to conduct its Environmental Impact Study, lied to government officials about its work for TransCanada. When ERM was signed on to conduct the Keystone XL study, the consulting firm was asked if it had a “direct or indirect relationship … with any business entity that could be affected in any way by the proposed work” within “the past three years.” ERM responded: “No. ERM has no existing contract or working relationship with TransCanada.” As many outlets have reported, ERM in fact had many business and lobbying relationships with TransCanada within the past three years of signing its contact with the State Department.

Benes, a former attorney for Hogan Lovells, a law firm that has long represented TransCanada before regulatory commissions, drafted a number of e-mails at the State Department to defend ERM. In one list of talking points drafted by Benes, he states that ERM’s conflict is not an important issue because “ERM is not doing any work for TransCanada,” a claim that seems to sidestep the conflict of interest form that clearly stated that ERM was required to disclose its work for TransCanada within the “past three years.” Moreover, Benes glossed over the importance of any conflict of interest, claiming that, “Like any other consulting firm with experience in this area, ERM has worked for multinational companies that have a variety of business interests.” See a screenshot below:

As he responded to other queries about the Environmental Impact Study, Benes also used a Yahoo e-mail account instead of his official State Department e-mail address. In March of 2012, a major website was hacked, exposing sensitive user details regarding over 70,000 users of the site. The website DazzlePod.com shows that Benes’ Yahoo account was among those users exposed through the hack.

The National Archives and Record Administration notes that federal employees should only use personal e-mail accounts for official business in “emergency situations.” Furthermore, the State Department has faced a number of leaks and security problems in recent years, most notably with the release of thousands of embassy cables through the whistle-blower website Wikileaks.

Richard Bejtlich, Chief Security Strategist at FireEye, a cyber security company, told Republic Report that federal government employees should avoid using personal e-mails for work for a number of reasons. “If your Gmail account or Yahoo account is more likely to get hacked for some reason, and then your credentials end up on a website and you’re not aware of that, yeah, there’s definitely a risk there,” he says.

Republic Report reached out to Benes and the State Department for comment. A State Department spokesperson e-mailed: “The State Department continually works to mitigate risks to information security, which includes the application of rigorous guidelines for the classification and handling of a wide range of information. In certain circumstances, the Department permits employees’ use of personal e-mail accounts for official business involving unclassified information. Individual employees are advised to use discretion in deciding whether or not the email service used provides adequate protection for the specific material they are transmitting. The Department continues to review the Presidential Permit application for the proposed Keystone XL pipeline in an objective, rigorous and transparent manner.”

Yesterday, Congressman Raul Grijalva (D-AZ) requested that the Government Accountability Office conduct a probe of the State Department’s Keystone XL review process.