Political campaigns are the first line of defense in election security

Maps of Georgia, split into house of representatives districts, can be seen with headphones for phone banking at Republican gubernatorial candidate Brian Kemp's campaign office during a phone banking event in Atlanta, Georgia, U.S., November 5, 2018. REUTERS/Leah Millis - RC1CE0096190
Editor's note:

This post is part of “Cybersecurity and Election Interference,” a Brookings series that explores digital threats to American democracy, cybersecurity risks in elections, and ways to mitigate possible problems.

Cybersecurity & Election InterferenceNo matter how many governments and law enforcement agencies are scrutinizing elections for illegal interference, candidates, campaign staffs, and party officials are likely to be the first to notice disinformation campaigns, voter suppression efforts, and interference with the vote count because participants in the campaigns consistently monitor all three.

Most large, sophisticated campaigns routinely set up “war rooms” or “rapid response” units that monitor news and social media around the clock and prepare to answer attacks on the campaign. Round-the-clock monitoring applies to their opponents as well. Thus campaigns are likely to notice disinformation campaigns that are against them or that advantage them before anyone else does. Second, going into a campaign, candidates and parties have a very good idea where their votes should be coming from and by what margins. They therefore are likely to notice attempts at voter suppression (traditional or digital) long before anyone else does. Let’s look at each one in turn.


As I have noted in a previous post, the 2016 presidential election was filled with negative disinformation about Hillary Clinton that originated with the Russians. From “pizzagate” (the ridiculous assertion that Hillary ran a pedophile ring out of a pizza parlor in Washington D.C.) to her having Parkinson’s disease to the candidate making a small fortune by arming ISIS, the negative stories were fast and furious. Many were targeted to supporters of Bernie Sanders, both in the primary and in the general election. Sanders’ supporters, notably four volunteer web administrators, noticed something funny on their sites and alerted their followers that they were being fed disinformation. One of them, Matthew Smollon, a web administrator from Knoxville, Tennessee, posted the following to his supporters in June, 2016,

“Guys, I sincerely love you. I love your passion. I love your fire. I love all of that. But when 400 people are circle-jerking clickbait links in between wondering how Hillary Clinton is behind the FEMA Earthquake drill that happens on several days with one of them being primary day? Holy shit. You are allowing yourselves to be manipulated. Through the practice of taking anything that agrees with your opinion at face value, actively refusing to believe anything but what agrees with your narrative and following that up with blatant disregard for doing two minutes of searching to verify the information: you become the myopic Trump supporter that you so vocally loathe.”

Nearly two years after Sanders’ web administrators noticed suspicious, anti-Hillary activity on their sites, the Mueller indictments confirmed that the Russians were out to help Donald Trump and Bernie Sanders. This put Sanders himself on the defensive and in February of 2018 he went on the NBC-TV interview show “Meet the Press,” claiming one of his staffers had alerted the Clinton campaign to the fact that “something weird is going on.” The statement was not quite accurate. In fact, one of his volunteer web administrators, John Mattes of San Diego, had communicated with a PAC supporting Clinton but not with the actual campaign.

The fact that at least some parts of the Sanders’ campaign knew about Russian interference brought up a bigger issue and one that is likely to be with the political world for some time: what is the responsibility of a campaign when it is being advantaged by disinformation?

In August 2018, at the summer meeting of the Democratic National Committee, I in conjunction with former Party Chairwoman Donna Brazile and the North Carolina delegation to the DNC submitted a resolution which was passed by the full DNC. In addition to asking campaigns to be vigilant about monitoring, identifying and disclosing malicious activity it urged candidates to “inform the public of attacks on our electoral process as soon as possible and when such disclosures would not interfere with ongoing investigations.” In advance of the midterm elections, the Democratic National Committee Chair, Tom Perez, engaged the Chair of the Republican National Committee, Ronna McDaniel, in an effort to get both sides to pledge not to use hacked material in the 2018 cycle. But talks broke down over whether or not a party’s candidates could use hacked material that had been in the press.

A year later all the Democratic hopefuls in the presidential race, including Sanders, and the Democratic National Committee itself had declared that they would not take advantage of illegally obtained information. Meanwhile the Trump campaign declined to make any such promise and Rudy Giuliani, Trump’s attorney, stated that there was “nothing wrong with taking information from the Russians” and has been seeking critical information from Ukraine on at least one of the leading Democratic contenders.

Voter suppression

The second place where campaigns are likely to encounter malfeasance is in the area of voter suppression. Voter suppression is as old as American history itself and has focused for centuries on the African-American vote. The 21st century saw a resurgence of efforts to suppress the African-American vote but in addition to more traditional efforts in recent elections we saw digital voter suppression. The Trump campaign set out to suppress the vote of three voting blocs. In an article written before Election Day 2016 Joshua Green and Sasha Issenberg pointed out that unlike most campaigns, the Trump campaign was seeking to shrink rather than expand the electorate. In the piece they quote a senior official in the Trump campaign as follows:

“We have three major voter suppression operations under way. They’re aimed at three groups Clinton needs to win overwhelmingly: idealistic white liberals, young women and African Americans.”

Using “dark” ads which only the recipients could see, the Trump campaign urged Bernie Sanders voters to vote for Jill Stein and they reminded black voters that Clinton had once called gang members “super-predators.” They also had women who had accused Bill Clinton of sexual misbehavior attend a debate in an effort to counter Trump’s own sexual misdeeds and neutralize women who might vote against him.

The Trump voter suppression campaign was, however, only the tip of the iceberg. Again, as detailed in the Mueller indictments, the Russians sought to suppress the vote among Bernie Sanders voters and among African-Americans, with ads such as “Hillary Clinton Doesn’t Deserve the Black Vote” and “You know, a great number of black people support us saying that #HillaryClintonIsNotMyPresident.”

Hillary Clinton’s election models had been built on certain expectations, well-founded historically, about how the black community would turn out and vote. But two things happened on election night that proved the models wrong. Across the board in the United States, African-American turnout was down. More importantly, in two of the three critical states Clinton lost to Trump, the distance in the African-American vote for Hillary compared to Barack Obama in 2012 exceeded Trump’s margin of victory in the state. In Wayne County, Michigan, home of Detroit, Obama got 595,846 votes in 2012 and Clinton got 519,444 votes in 2016 for a difference of 76,402 votes—seven times more than enough votes to have swung the state to Clinton had she performed as Obama had four years earlier. And in Milwaukee County, Obama got 332,438 votes in 2012 and Clinton got 288,822 (this is after the recount) for a difference of 43,616 votes—nearly twice what would have been needed to carry Wisconsin for Hillary.

Tabulating the vote

The final way in which candidates and campaigns are on the front lines of election security is in the tabulation of the vote. Campaigns, especially at the presidential level, have very finely tuned expectations of the votes they need to win. Large differences from those totals can be a clue to possible interference in the tabulation of the vote.

As far as we know, there was no interference in the vote tabulation in 2016. Per the Senate Intelligence Committee report, “The Committee found no evidence of Russian actors attempting to manipulate vote tallies on Election day, though again the Committee and IC’s [Intelligence Community] insight into this is limited.” However, the Committee did find that Russians attempted to hack into the election systems of all 50 states—more than double than what had been assumed just a year before. It appears that the Russians conducted mostly scanning of election-related state infrastructure. One of the earliest reports of something odd happening came out of Illinois where there were repeated and successful attempts to hack into the Illinois’ online voter registration system. They appear to have stolen the identities of about 500,000 voters but it doesn’t appear that they actually managed to delete voters’ registration or to change votes

However, the attacks on election infrastructure could be used to gather information about the system and about vulnerabilities that will be used in a future election to penetrate the system and change votes or change vote tallies. In that case the campaign would likely spot unexpected results—unless of course, the penetration was so carefully done that it veered only slightly from the campaign’s own expectations of the vote. In that case, skewed tabulations might be impossible to catch.

What can be done?

Candidates for office, political campaigns and political parties are on the front lines of elections and will be the first people to detect mischief in an election campaign. So what can be done to protect American elections?

  • First, political parties must create a climate in which it is not acceptable to take advantage of a malicious campaign of disinformation. In a primary contest the party can even evoke sanctions against the offending candidate—such as keeping him or her off a debate stage. In a general election contest there is little recourse but to try and heap public opprobrium on a candidate who promotes obviously fake information.
  • Second, campaigns themselves need to monitor what their expected voters are seeing on the internet. Given the ability to micro-target this may be difficult to uncover unless campaigns have real people on the street talking to prospective voters. That’s about the only way to pick up dark ads that are bombarding likely voters.
  • Third, the Federal Election Commission allows candidates to raise money specifically to offset the cost of legal and accounting services necessary to comply with the law. These funds cannot be used for campaign purposes. The purpose of this special category of contribution is recognition of the fact that these are costly but necessary services. The same argument could be made for creation of a special cybersecurity account to pay for software, consultants etc. to protect a campaign against malicious intrusions. All campaigns should have high levels of cybersecurity but if forced to choose between a new piece of software and one more media buy the choice will often go against cybersecurity.
  • Fourth, the major political parties should take it upon themselves to equip all their candidates with the best cybersecurity they can afford. Recently the National Republican Congressional Committee announced it would fly their tech team out to candidates’ districts to “train their staff to spot suspicious emails and websites, ensure all their software is patched against bugs and set them up with a suite of free anti-hacking tools.” This is clearly in the interest of the political parties. They should be allowed to raise money for this purpose outside of raising and spending restrictions and to aid the candidates running on their ticket.
  • Finally, the political parties should be part of a regular “after-action review” or “lessons-learned debrief” with DHS and the intelligence agencies after every major election. The debrief should be separate for each political party and should be conducted with top civil servants only—no political appointees. The purpose of these sessions should be to honestly evaluate what the enemy tried, succeeded at, and how the government and campaigns responded.

These efforts alone will not guarantee safe and fair elections. There is always the possibility of electoral mischief either of traditional or digital forms. But adopting these measures will at least move us in the right direction toward protecting the integrity of the 2020 campaign.