It [the recent OIG report] lays to rest the longtime Clinton defense that this use of a private server was somehow normal and allowed by government rules: It was not normal, and was not allowed by the government rules in place at the time “The Department’s current policy, implemented in 2005, is that normal day-to-day operations should be conducted on an authorized Automated Information System (AIS), which “has the proper level of security control to … ensure confidentiality, integrity, and availability of the resident information.”
It also shreds the defense that “Well, Colin Powell did it too” into very fine dust, and then neatly disposes of the dust.