Where do we stand today compared to the 2016 election lead up?
Social media platforms were vulnerable in 2016 because they didn’t realize what was happening. Now they’re closing down inauthentic accounts—people pretending to be someone they’re not—and they’ve been doing it extensively. Many now are performing a fact-checking operation by blocking or annotating posts containing false health information, so there’s a corrective function in place. YouTube is now identifying government-funded sources of information, so viewers will be able to identify the source behind a message.
Beyond that, the platforms have put rules in place that make it very difficult for foreign nationals to buy advertising; you now have to have a business ID and address that’s an actual location in the U.S. That doesn’t mean a foreign operation couldn’t still plant someone here and satisfy those rules, but it’s much more difficult. The platforms have stepped up in important ways and made it less likely that a comparable Russian operation to the one in 2016 would have the same effect in 2020.
What about media outlets? Has their approach changed?
Reporters are now participating in seminars examining their treatment of illegally gotten content in 2016. Newsrooms have discussed it. The question is, if a hack-and-release happens in the pressure of an ongoing campaign and a lot of content is released, will that pressure overwhelm newsrooms? Will those same mistakes be made or will their awareness of what happened in 2016 prompt them to resist the impulse to act too quickly?
So far, we haven’t heard about hacked content in this election. If it comes up, how can journalists disseminate it responsibly?
It’s appropriate to use this kind of content under certain circumstances. For one, if it’s illegally gotten, the public needs to know that, and if it came through an intermediary, the public needs to know that person’s agenda. Every time that content gets discussed, the source and any biases should be noted. Julian Assange was on record saying he wanted Hillary Clinton defeated, yet the press made scant mention of that through October and November 2016.
During the last election, under the pressure of a very large amount of content being dumped on a weekly basis, journalists also lost track of newsworthiness, and in two key instances took information out of context in ways that disadvantaged Hillary Clinton. They should be using traditional newsroom judgement about any hacked content and make sure it’s kept in context.
Finally, they should characterize content as they report on it, using phrases like “Russian-stolen,” for example. Instead of “leaked,” they should say “hacked.” Keep the sourcing linguistically tied to the reporting all the way through and make sure any intermediary remains tied to the content, too. We know that audiences judge messages, in part, by assessing whether they trust the source.
In the past few months, reports have emerged of China, Russia, and Iran trying to influence the U.S. election, some to oust President Trump, others to help him. How is our election infrastructure protected?
The Russians penetrated this infrastructure in 2016. As far as the intelligence community can tell, votes were not changed, but we actually don’t know with certainty because the states didn’t have the mechanisms in place to tell. It’s still an open question whether we have put in place the needed protections for our electoral infrastructure this time.
Here, there is an irony, too. The big debate has been about the integrity of mail-in ballots, but you can’t engage in cyberwar as readily with mail-in ballots. My ballot is more secure when I drop it in the mail than when I walked three blocks to my voting place and pushed a button in a system registering digitally in 2016 because with that there was an opportunity for malware to simply reverse votes. I actually view mail-in balloting as a Russia-thwarting move.
How does Trump’s relationship with Russian President Vladimir Putin factor in?
The United States hacked back against the Russians in 2018 to prevent cyber influence over that election. We don’t know whether President Trump approved that or whether relevant agencies simply did that under authorizations they already had. But the president confirmed that it happened. The question is, to what extent are our capacities to deal with Russian interventions shaped by President Trump’s view of Vladimir Putin—which is, shall we say, less wary than his predecessors.
What the president’s rhetoric calls into question is how the level of preparation against Russia as an adversary will compare to that against China or Iran should they try to intervene. One would hope that we’re being equally protective against all foreign nations that might intervene and that we are being as protective as we can against all of them. Whatever electoral outcome a foreign state anticipates, interference in our election is inappropriate.
Does the average citizen understand the intricacies of what’s happening?
In all likelihood, no, because it’s complex and the citizenry is focused on so many other factors, particularly around COVID-19. There isn’t much that ordinary people can do in any event. They can make sure they’re informed by using sites such as FactCheck.org and SciCheck, which are aggressively trying to counteract misperceptions. They can also get their ballots in as early as possible and get verification that it has been received. They can then go back to the rest of their lives having cast an informed vote. Everything else? It’s in the hands of election officials and the U.S.’s cyber professionals.