A Cybersecurity Awakening

The country has been captivated for the last few months by an epic battle of good versus evil in a galaxy far, far away. Meanwhile, there’s a data security and privacy war raging here at home.

keyboard.png

But in this battle, the line between the light and the dark side isn’t always clear. As recent headlines demonstrate, there must be an awakening in which campaigns grapple with the risks and ethical challenges inherent to growing and using voter databases.

Several data privacy and security issues have featured prominently in the campaign news cycle last month. Staffers for Bernie Sanders were caught accessing proprietary data that belonged to Hillary Clinton’s campaign. A researcherdiscovered that a massive database containing 191 million voters’ information was available to the public on the Internet due to improper configuration. Finally, Donald Trump reached a deal with the RNC allowing him to access its voter file.

Now, campaigns are reaching voters more strategically and efficiently than ever before. Traditional retail politicking, such as door knocking, town fair handshakes, and speeches on crates in front of small crowds have been supplemented by online engagement and voter targeting through super databases.

But while the rapid rise of data-driven campaigning has brought with it new methods and capabilities, it has not always been accompanied by clear rules and standards. In many senses we are in a Wild West, and the voter files that are now such a powerful and indeed necessary campaign tool are also a liability.

The Sanders incident highlights the ethical ambiguity surrounding the use of party-sponsored voter databases. Both the Sanders and Clinton campaign were using the DNC’s voter file managed by vendor NGP VAN. Each campaign would then supplement the DNC’s information in private files. But a software patch provided the opportunity for Sanders staffers to access Clinton’s files.

Who’s to blame? The vendor for keeping access to the software open during the maintenance? The campaign staffers for taking advantage of the situation? Or Sanders himself for failing to implement and maintain policies for use of the database? Was accessing Clinton’s files inadvertent, or was it no different than breaking into the Watergate Hotel? The industry is grappling with those questions.

Meanwhile, the leak of 191 million voters’ information and news that Trump will now have access to the RNC’s voter file has the public thinking about their privacy. While voters may generally be aware that campaigns are collecting data about them, they consider that information to be private and expect campaigns to protect it and use it responsibly.

This sentiment remains the same even when the information is a matter of public record, as was the case with the 191 million voters’ data. That’s why an incident that essentially involved making a compilation of public records available to the public on the Internet is being described as a “breach” or “leak.”

It should therefore serve as a wake up call to campaigns as they gather and use even the most basic of voter information that their actions will be judged by a public that maintains an expectation of privacy, even if that expectation is in many senses a false one.

So how can a campaign maximize the use of voter data while at the same time avoid crossing any ethical lines? For starters, leaders from the campaign community should be active in dialogue with regulators on both the state and national level as they establish rules for the use of voter files in the digital era.

The most valuable lesson of the last few weeks, however, is that neglecting cybersecurity and failing to consider the ethical and proper use of voter data will take a campaign to the dark side. It’s time to get serious and create campaign cultures that value security and privacy while setting the standard for the generations to come.

James Norton, a former defense-industry executive and deputy assistant secretary in the Department of Homeland Security, is currently an adjunct professor at Johns Hopkins University and a senior adviser at The Chertoff Group. Follow him on twitter @jamesnorton99

VIEW Original Article Here

Be the first to comment

Please check your e-mail for a link to activate your account.