This week saw the first data breach of the 2016 campaign. Last night, BuzzFeed News reported that one of Bernie Sanders’ staffers accessed confidential information from Hillary Clinton’s campaign, made possible by a larger security failure by a third-party vendor. It’s still unclear how many staffers saw the data — the Sanders campaign says only one, while the Democratic National Committee says as many as four — but it doesn’t seem to have traveled farther than those staffers. Still, the consequences have been dire. Since the news came to light, the DNC has barred Sanders from accessing its records until the matter is resolved, hobbling the campaign.
As breaches go, it’s relatively mild — none of the data was publicly released — but it shows that the ability of campaigns to protect data hasn’t kept pace with their use of it. The Clinton breach was only possible because of a poor software patching process by a third-party database operator, hired by the DNC. Once the data was exposed, the Sanders campaign either didn’t realize how serious the breach would be taken or how easily it could be caught. In either case, the root of the scandal comes down to political organizations with massive stores of sensitive data and none of the sense required to safeguard it.
Past election years are peppered with similar data breaches
Unfortunately, it’s a common problem — and past election years are peppered with similar data breaches. In 2009, 5,000 donors’ private information was exposed during a Minnesota Senatorial race. Both President Obama and Sen. John McCain (R-AZ) had their campaign websites compromised in cyberattacks in 2008. Obama’s own 2012 campaign "call tool" exposed voters’ names, locations, telephone numbers, and political preferences. This information was open to any website visitors, Mother Jones reported. Tea Party supporters even used the phone bank to harass Obama supporters.
Obama also released an app that used Google Maps for campaign supporters to find Democratic households. Every flagged address displayed the first names, ages, and genders of voters who lived there. This was available on the public App Store. An Obama campaign spokesperson at the time told ProPublica this app didn’t infringe on voters’ privacy and continued that "anyone familiar with the political process in America knows this information about registered voters is available and easily accessible to the public."
"Anyone familiar with the political process in American knows this information ... is available and easily accessible to the public."
For political campaigns, that data is too valuable to do without. Every campaign begins with a roll of party-affiliated voters, identified by name, address, birthdate, ethnicity, and social security number. The ground work of a campaign is primarily building on that list and making sure as many of those people as possible turn out on Election Day. That means building up more targeting information, like whether they own a firearm or a small business. If they donate to the campaign, payment information can also be added to the mix. By the end, there’s often more than enough data to steal someone’s identity.
Still, that data isn’t always protected even at the level of the voter roll. Earlier this year, the personal information of 6 million voters was released to a dozen groups accidentally, the Atlanta Journal-Constitution reported. That breach also came down to a third-party contractor that was hired to manage voter data. When data was requested, the contractor accidentally added the data to the state’s existing statewide voter file, which was automatically sent to political parties, news organizations, and Georgia GunOwner Magazine.
Security is not their primary concern
Voter data is considered more benign than health information and financial data and therefore comes with more relaxed security measures. But while the information doesn’t include obviously sensitive fields like credit card details, it still provides an intensely personal look into its subjects’ lives. A fully detailed file might be cross-referenced with data from brokers like Experian, including thousands of fields on anything from church attendance to shirt size. "They don’t have the proper incentives to protect this data," Joseph Hall, chief technologist at the Center for Democracy and Technology, told The Verge. "It’s very clear that, just like you saw with Target and Home Depot, security is not their primary concern."
The temporary nature of a campaign often means that security measures take a backseat to the immediate needs of an election. Cybersecurity is taken into account long after data is collected, if at all. Protecting data requires a full team, a fully developed security plan, and detailed follow-up procedures. With campaign staff only hired temporarily, and many working as volunteers, it’s easy to see why a high standard isn’t necessarily upheld. The long half-life of breach disclosure also means that, by the time a criminal breach does become public, the campaign organization has long since dissolved.
Meanwhile, many voters still have no idea what information exists about them in political databases, and Hall, for one, doesn't see that changing any time soon. "I don’t see any real hope," Hall said, "unless an extremely horrific breach of campaign data happens."