Congress and Campaigns Need All the Security Help They Can Get

As Zack Whittaker reported, a new Federal Election Commission ruling will allow a private company firm, Area 1 Security, to provide services to federal political campaigns at a discounted rate without violating laws that prohibit in-kind donations. This is an important step, but its importance should not be overstated, especially given how much more work needs to be done to secure American political campaigns at every level of government from escalating digital threats.

Under the new ruling, Area 1 may provide federal campaigns with services designed to prevent phishing attempts like the one that successfully targeted the email account of former White House chief of staff John Podesta, who was then the chairman of former Secretary of State Hillary Clinton’s presidential campaign. As the world knows, despite strenuous denials from President Trump, those emails were then exfiltrated by Russian intelligence services, distributed to Wikileaks, and published over the final months of the campaign, to the apparent detriment of Clinton’s candidacy.

The ruling will help more campaigns to better protection against phishing, but it’s important for the public and press not to over-interpret this decision, however, which is limited: it only applies to Area 1, which provides anti-phishing services. There are no new software, services or legal tools now available to campaigns that help them to prevent or mitigate disinformation campaigns, as Whitaker’s reporting implies. Importantly, such campaigns do not require a target to be hacked to inject lies, doubt or propaganda into public discourse.

But that doesn’t mean that this isn’t a step in the right direction.

While it’s fair to acknowledge how many different factors led to the outcome of the 2016 presidential race, there’s no denying the insufficient security practices at the Democratic National Committee and inadequate hygiene by the chairman of the Clinton campaign played a significant role. Every federal campaign, from the incumbent president to Congressional candidates down the ballot, needs to anticipate both longstanding security risks, like phishing, weak websites, or vulnerable mobile devices, and newer risks posed by emerging technologies.

If political campaign staff and candidates aren’t thinking about the potential impact of hackers compromising their mobile devices, messaging systems, websites and databases, they’re not just behind the technological curve in 2019. They’re showing the public that they’ve failed to learn and apply painful lessons, which can and should undermine public trust in those candidates’ capacity to understand the risks of modern life. If candidates for higher office want to demonstrate their capacity to protect and defend public services, secret or confidential investigations, and sensitive data in office, they should start with their campaigns.
Meanwhile, Congress and the US government needs to invest more time, money, public attention and staff to address the expanding range of threats posed to campaigns by existing and emerging digital threats, from defusing disinformation to shoring up the integrity of voting systems with paper ballots to protecting the personal devices and email of Members of Congress and their staff. The 2020 campaign is already upon us.

Alex Howard

Alexander B. Howard is an independent writer and open government advocate based in Washington, DC. Howard has been honored twice by The Washingtonian Magazine as one of Washington’s “TechTitans,” which recognized him as a “respected trend-spotter and chronicler of government’s use of new media.” Over the years, Howard has appeared on-air as an analyst for All Things Considered, Marketplace, MSNBC, WHYY, WAMU, Federal News Radio, Al Jazeera English, and America, Washington Post TV, WJLA and a guest on The Kojo Nnamdi Show, and has been quoted in hundreds of print, broadcast, radio and digital publications. Howard has held fellowships at the Tow Center for Digital Journalism at Columbia Journalism School and the Networked Transparency Policy Project in the Ash Center for Democratic Governance and Innovation at the Kennedy School of Government at Harvard University. Howard is the former deputy director of the Sunlight Foundation, where he wore a dozen different hats after being appointed to help lead the “restartup” of one of the world’s preeminent nonpartisan open government nonprofits during the presidential transition and the first sixteen months of the Trump administration. The projects that he created and nurtured at Sunlight ranged from building on its legacy as a transparency watchdog to tracking Trump’s conflicts of interest and reporting on the ongoing corruption of the presidency to the Web Integrity Project. Howard started and led numerous initiatives, from civic engagement to strategic advocacy. He edited and published watchdog journalism that held the Trump White House accountable. He managed and grew Sunlight’s social media accounts, speaking truth to power at @SunFoundation and engaging a global audience. He acted as expert source of analysis for media around the world, delivering keynote speeches in national capitols from Europe to South America. And he worked in coalitions on open government reform efforts in cities, states and nations around the world. While at Sunlight, he helped draft the Honest Ads Act, which would make online political ads transparent. The bill’s framework been adopted, adapted and enacted in states, endorsed by Facebook and Twitter, and used as a standard for transparency by those tech companies and Google. Previous to taking a leadership role, Howard was a senior analyst at Sunlight, where he led the foundation’s federal transparency work, with issues covering the gamut of digital government, open government data, press freedom, net neutrality, social media, identity and privacy.

Originally published at https://protegopress.com on July 18, 2019.