“Women Lead Efforts to Ensure Your Vote Matters” was written by Sandra Guy, SWE Contributor. This article appears in the 2019 Conference issue of SWE Magazine.
The wise words of suffragists who helped win women’s right to vote 100 years ago ring all the more true today, even as female cybersleuths and legal experts keep up their fight against online election attacks and misinformation.
Take suffragist Carrie Chapman Catt’s reminder of the 70 years of struggle leading up to the adoption of the 19th Amendment to the Constitution on Aug. 26, 1920: “That vote has been costly. Prize it! The vote is a power, a weapon of offense and defense, a prayer. Understand what it means and what it can do for your country. Use it intelligently, conscientiously, prayerfully.”
In keeping with this spirit, Catt founded the League of Women Voters the same year.
Or consider the admonition of Susan B. Anthony: “Woman must not depend upon the protection of man, but must be taught to protect herself.”
Women are taking on the mantle of their suffragist foremothers by fighting doxers, hackers, phishers, nation-states, and others who attack the very core of voting rights. The assaults are aimed at any number of vulnerable targets, including electronic ballots, voter registration databases, network connections between local jurisdictions and state governments, and computers that program the voting devices that record and count votes.
Attacks also take the form of malicious personal disparagements against candidates and untrue “do not vote” online advertisements aimed at suppressing the votes of people of color and other underrepresented groups.
Much like the prevalent “fake news” mantra that stirs people to doubt the veracity of legitimate news sources, the nefarious nation-states and other bad actors involved in voter misinformation are seeking to undermine confidence in the electoral system, experts say.
ENSURING ACCURATE, VERIFIABLE ELECTIONS
“The perception of a lack of fairness and accuracy of our elections is what’s destructive,” said Marian K. Schneider, J.D., president of Verified Voting, a Philadelphia-based national nonprofit, nonpartisan organization that advocates outreach and legislation to promote accurate, transparent, and verifiable elections.
Verified Voting is the only organization nationwide collecting data on voting equipment and working to enhance and make that data more useable. The aim is to ensure procedures are in place to give people confidence that the U.S. voting system can recover from cyberthreats, and that their votes will be counted accurately, said Schneider. A lawyer, Schneider first became involved in voters’ rights and election security 14 years ago, when her local board of elections task force voted to buy electronic voting machines against the community’s wishes. Schneider also was the trial counsel in a case where a Pennsylvania judge struck down a law requiring voters in the state to show photo identification at the polls, saying the requirement imposed an “unreasonable burden” on voters. And she served as the deputy secretary for elections and administration in the Pennsylvania Department of State during the 2016 presidential election, in which she oversaw technological innovations to improve disability access and voter registration and education.
Given today’s cyberthreats, Schneider said the nation’s 8,000 jurisdictions that run elections need greater resources, especially since they’ve been historically underfunded, and state and local governments need funds to do robust, postelection audits to ensure all votes are counted, especially in tipping-point states, during the 2020 presidential election.
“We have always said this is a matter of national security,” Schneider said, noting that the Verified Voting organization stays away from partisan political stances. To that end, Verified Voting sees an urgent and ongoing need for investment to bolster national election security for 2020 and beyond.
The organization’s areas of focus include:
- Replacing unverifiable direct-recording electronic voting systems with electronic systems that incorporate paper ballots as soon as possible
- Helping election officials implement risk-limiting postelection audits to verify that computers report the results correctly
- Advocating federal and state funding to support postelection audits and, where necessary, recounts of close contests
- Initiating research to devise ways to identify possible security vulnerabilities in election systems and to enhance how effectively voters verify their ballots, especially ballots printed electronically
- Supporting state and federal legislation with incentives to develop open-source software for voting systems
A DANGEROUS TIPPING POINT
Nation-states can now pair old-school propaganda with new-school social media, search engine optimization, and techniques that let them act anonymously. Such capabilities have caused election security to reach a dangerous tipping point, said Theresa Payton, CEO and co-founder of cybercrime-fighting firm Fortalice Solutions.
Though political espionage has existed since two people first walked the earth, Payton said, America has historically used its fair share of propaganda and political espionage to liberate countries and to fight oppressive regimes. That changed just prior to the 2016 presidential elections, she said.
“That’s when I saw an all-out front by nation-states to try to get an advantage — doing doxing and dumping techniques and trying to get an economic advantage,” said Payton, whose third book, Manipulated: Inside the Global War to Hijack Elections and Distort the Truth, is scheduled to release in spring 2020. Her first two books are titled Protecting Your Internet Identity: Are You Naked Online? and Privacy in the Age of Big Data: Recognizing Threats, Defending Your Rights, and Protecting Your Family.
Payton noted that both the Obama and McCain campaigns found that China had probed their campaigns to try to determine which would be friendlier to China. And, as recently as December 2018, private experts reported that Russian interference in the 2016 U.S. presidential election on social media was more widespread than previously thought — and included efforts to divide Americans by race and extreme ideology. “Although to date, all officials say no vote cast has been tampered with or changed, enter social media,” Payton said.
“These unfriendly nation-states were able to mobilize voters to get people excited about a candidate’s platform and to get people to donate $1 or $5 to be part of a movement,” Payton said. “When I saw what was happening, I immediately thought, ‘We’re headed to something bigger.’”
Payton said she’s particularly concerned that the U.S. election system is fraught with “multiple places for potential points of failure.” And though no election audits have found instances of votes being changed, Payton said she still wonders whether pre-2016 presidential election hacks could have disenfranchised whole ethnic or socioeconomic groups in various geographies.
“We know that the [Hillary] Clinton campaign was the victim of a hack and dump effort,” Payton said. “Russian operatives hacked into DNC [the Democratic National Committee] and campaign accounts, took emails and other communications, and then leaked them slowly on the internet. The communications could have disenfranchised voters, prompting them to vote differently or to stay home altogether.”
As another example, she pointed to Illinois, where the state election board’s computer network was compromised in June 2016 by Russian intelligence agents, according to special counsel Robert Mueller’s report to Congress. The agents also gained access to and extracted data from a database with information on millions of registered Illinois voters.
“Were potential voters in Illinois told to come back later when they tried to register [when the system was compromised], and then many didn’t come back?” Payton said. “We may never know.”
One aspect of protecting American democracy and freedom of speech is to help people realize that disruptive nation-states want Americans to distrust reputable media, be suspicious of the electoral process, and despise one another, Payton said. She would like to see:
- Fusion centers that let the media, government agencies, and social media platforms identify and triage potential manipulation campaigns
- Tools that identify hackers and hostile invaders and report them in real-time during elections
- An international governing body that would hold accountable global entities that threaten democratic elections and uphold international principles on the use of electronic voting technologies
“I want to be very candid about the threat we’re facing,” Payton said. “I’m incredibly hopeful we’ll get this right. But it’s daunting. This is a massive undertaking.” Election cyberattacks are now inevitable, she said. “It requires sheer will and determination [to fight],” she said. “We cannot let up.”
PROTECTING CORE CIVIL AND POLITICAL RIGHTS
Eileen Donahoe, J.D., Ph.D., executive director of the Global Digital Policy Incubator at Stanford University, said she wishes people cared more about the urgent threat to our country’s election integrity “and felt a greater sense of outrage.”
Elaborating further, “I think the issue of election integrity and how we protect [elections] from foreign information operations, and even domestic forms of disinformation, should be seen as a really urgent priority,” said Dr. Donahoe. Appointed by President Obama as his U.S. ambassador to the United Nations Human Rights Council in Geneva, Switzerland, Dr. Donahoe now sits on two transatlantic groups — one seeking to protect election integrity, and the other to develop policy responses to disinformation and hate speech without undermining the democratic commitment to freedom of expression.
“Foreign information operations and domestic disinformation campaigns — efforts to undermine the integrity of elections — are a global phenomenon we’re seeing across democracies,” she said. “We need to pick our heads up and understand this is a threat to democracy writ large.
“The threat to U.S. elections is one very important data point in a much larger global trend, and the United States should step up to lead in protecting the integrity of elections globally,” Dr. Donahoe said. “Protecting the fundamental right to choose our representatives in government should be a priority for all Americans, and certainly for women voters.”
Dr. Donahoe serves on the Transatlantic Commission on Election Integrity, an initiative of the Alliance of Democracies Foundation. A former NATO secretary-general, Anders Fogh Rasmussen, set up the foundation to advance and defend democracy. Rasmussen has pointed out that the work is particularly vital because 20 elections will be held across EU and NATO countries between now and the next American presidential contest in November 2020.
For the Transatlantic Commission, Dr. Donahoe is focused on combating “deepfakes” — deceptive audios and videos synthesized with artificial intelligence-based techniques — and working to build new forms of civic resilience to disinformation around elections. Deepfakes technology transmutes video and audio to imitate the voices and facial gestures of actual speakers, so it can transform online images to make political candidates look like they’re doing or saying things they never did or said.
“We’re working with a data science company that has built the capacity for AI-based detection of deepfakes,” Dr. Donahoe said. “We also aim to develop public education tools to help inoculate the public from the influence of this manipulative material.”
Dr. Donahoe also is a member of the transatlantic high-level working group on content moderation online and freedom of expression, a project of The Annenberg Public Policy Center of the University of Pennsylvania. The working group’s mission is to address disinformation and hate speech without undermining democratic countries’ commitment to freedom of expression.
“That’s one of the hardest dimensions of the problem,” Dr. Donahoe said. “In democracies, we believe in free speech and freedom of expression. Only very limited, reasonable, and well-crafted restrictions on expression can be justified in our democracy. Internationally, under human rights law, the same basic idea applies as the First Amendment, although U.S. free-speech doctrine is even more protective of expression and permits fewer restrictions.”
Another problem is that democratic governments, historically, have not taken on the role of determining whether information is true or fake. “It’s been up to people and journalists to ferret out what’s true,” Dr. Donahoe said. “Yet it’s getting harder and harder to protect the quality of information and the integrity of the information sphere, especially around elections.”
Dr. Donahoe and her colleagues at Stanford University have created the Global Digital Policy Incubator, which aims to inspire policy and governance innovations for the digital realm that reinforce human rights and democratic values. The incubator’s experts work with government and private-sector technology companies to craft policies, processes, and practices that reinforce democratic principles, while protecting personal, national, and international security. The overarching goal is to enable society to reap the benefits of technology while reinforcing human rights.
Besides setting out best practices, Dr. Donahoe advocates much more sophisticated civic education and media literacy, which would start in childhood and continue as a lifelong process and teach citizens how to assess the quality of information they see and read. “As part of the solution to election integrity, I would highlight the role of citizens, and the need for much greater civic engagement,” Dr. Donahoe said.
To practice the highest principles of civic engagement, citizens must be encouraged to evaluate the quality of information they consume, and resist falling into “confirmation bias” — by seeking out different viewpoints that challenge their own perspectives, she said.
“If we’re only looking to have our views confirmed so we don’t have to challenge our ideas and think, that’s not good for democracy,” Dr. Donahoe said. “That’s where a new ethos has to come in. The role of citizen means you develop the capacity to assess information and its quality, rather than take it as a given because it makes you feel good and confirms what you already believe.”
That won’t be easy. But it’s worth it to Dr. Donahoe.
“Getting citizens in America to recognize their own roles in protecting our democracy and core civil and political rights — such as free expression, access to information, privacy, and democratic participation — is an essential part of the solution.”
A COMMUNITY EFFORT AND CUMULATIVE TASK
Two women at Microsoft Corp. are doing their parts by helping lead the tech giant’s efforts to secure elections and political campaigns from hacking and other nefarious interference.
Ginny Badanes is the director of strategic projects for Microsoft’s digital diplomacy team, where she works at the intersection of politics and technology, identifying solutions for political organizations around cybersecurity, data, analytics, business intelligence, and grassroots advocacy.
Kemba Walden, J.D., senior counsel for cyber and democracy, is an attorney on Microsoft’s customer security and trust legal team, where she supports the digital diplomacy team, specifically focused on the Defending Democracy Program. Walden is the first senior counsel at Microsoft dedicated entirely to the cybersecurity of the election infrastructure.
“Microsoft decided it needed someone based in Washington, D.C., solely focused on digital diplomacy and defending democracy,” said Walden, whose initial interest in biomedical engineering has informed her curiosity in science and technology as a lawyer.
Other pivotal moments for Walden — when she recognized America’s vulnerability to attack was not unlike that of other countries — included when she stayed in the basement of the Georgetown Law Center, where she earned her law degree, during the 9/11 terrorist attacks, and when news surfaced that hostile nation-states had tried to undermine the 2016 U.S. presidential election.
“I have a tendency toward civic responsibility — making sure democratic processes work appropriately and under the rule of law,” Walden said.
“Before 9/11, before the attack on our democracy happened, there were people out there who worried about trying to make our institutions stronger. That hasn’t changed,” she said. “Now, we have to think about the role of technology and how technology can improve the democratic process. It provides another surface area for attack. In that respect, it’s not frightening. We have a new space to not only enhance democracy, but to defend it.”
To do so, Walden sees her role as protecting three fundamental “legs of the stool” — the availability, confidentiality, and integrity of both information and information systems, both in America and worldwide.
Prior to Microsoft, Walden held attorney roles for a decade at the U.S. Department of Homeland Security, where her most recent work was as attorney-advisor focused on election security for the newly created Cybersecurity and Infrastructure Security Agency. The agency is responsible for cybersecurity, telecommunications, and infrastructure resilience.
Badanes says protecting our electoral system and its integrity must be a community effort — not to be left to either government or academia or civil societies alone. “It’s a cumulative task,” said the Duke University alumnus who credits her late start in deciding on a career to opening doors and opportunities she might not otherwise have considered.
“It’s the tech industry’s responsibility to participate, along with government and other entities, in defending our election system from nation-state adversaries looking to undermine our valuable institutions,” Badanes said.
To do so, Microsoft’s Defending Democracy Program team focuses on what Badanes called “three pillars” — campaign security, election integrity, and disinformation defense.
Among Microsoft’s recent initiatives toward the goal is ElectionGuard, a free, open-source software product that permits voters to verify their votes online using a unique tracking code. They can also see that their votes are recorded and correspond with election officials’ results. Microsoft aims to have some pilot ElectionGuard programs running in 2020.
Another initiative, Microsoft 365 for Campaigns, is available to political candidates’ organizations to ensure advanced security online at a 75% discount, at $5 per month per person who uses it in the campaign organization.
“We’re in a much better place than 2016,” Badanes said. “That’s in part because of great leadership by the U.S. Department of Homeland Security. They’ve prioritized this issue, and both industry and election officials can turn to them.”
“The states have been responding as quickly as they can to ensure they have their staff trained,” she said, noting that some have had inadequate state funding to do so. Yet Badanes believes the cybersecurity effort will remain unceasing and evolving.
As Walden, a Hampton University alumnus, said, “It’s our civic responsibility to care about the democratic process, regardless of your politics or academic background.” She sees cybersecurity as “a discipline and area that requires diversity, inclusion of thought, and some thought leadership.”
“Your passion should be driven by your values in living in a democratic society,” she said, “and your expertise shouldn’t limit you [to the role you take in achieving those values].”
More SWE Magazine articles:
- Celebrating the Sun Queen
- Women Engineering Leaders in Academe 2019
- Constructive Voices in Turbulent Times
- Career Pathways: From Unnerving to Victorious
- Spooky Stories in Engineering
- Women Making News: Fall 2019
- Women Lead Three of Four NASA Science Divisions
- SWE Magazine Honored for Publishing Excellence