SaveSave story

Robby Mook: Election hacking bills wouldn't have stopped 2016 debacle

Voting booths
Voting booths. Genaro Molina/Los Angeles Times via Getty Images

Hillary Clinton's former campaign manager says the current focus on improving voting machine cybersecurity would not have prevented the last election's mess. Instead, he said, the major culprit was hacking campaign personnel and political parties.

Why it matters: Robby Mook saw first-hand the damage caused by the election hacking during Clinton's presidential campaign, and he is now part of Harvard's new Defending Digital Democracy Project on election security. He believes that securing voting machines is important, but cannot be the end of the election security conversation.

QuoteThere is some irony that the actions we are now taking would not have changed 2016. Sometimes we dwell on voting machines to our detriment.
— Mook

The details: In 2016, most of the damage caused by a believed-Russian effort to muddy the election came from hacks of Democratic groups and Clinton campaign Chairman John Podesta and the subsequent leaks of emails and other files.

  • While Russia is thought to have attempted to hack as many as 21 states' election infrastructure (including voter databases), there is no evidence that Russia breached any voting machine or directly altered any votes.
  • Nevertheless, the hallmark issue of election security appears to still be preventing an adversary from directly changing votes. In a letter Tuesday to House Science Chair Lamar Smith (R-Texas), Democrats on the committee wrote about the need "to ensure that their votes are appropriately counted and that foreign, domestic, or other actors do not surreptitiously interfere with, manipulate or otherwise unlawfully influence our election infrastructure, voting polls and election results."

What would have worked in 2016: "There are two things that would have protected information in 2016. The first is using two-factor identification. The second is using encrypted and ephemeral communication," said Mook. Ephemeral communications self-destruct after a limited viewing window.

  • The Clinton campaign used two-factor authentication — one reason, notes Mook, that while the Democratic National Convention, Democratic Congressional Campaign Committee and John Podesta's personal emails were hacked, the campaign wasn't.
  • The campaign switched to encrypted, ephemeral communications to discuss Russian hacking, worried that hackers might still have access to its communications.

Legislation focuses on both machines and other campaign infrastructure: There are several bills for election security currently under consideration, many of which include funding for both voting machine improvements and other aspects of the infrastructure, like voter databases.

Bottom line: Election security is national security, even when it concerns political party and campaign cybersecurity. "Obviously if someone steals internal policy deliberations, that's a risk to security if that candidate is elected," said Mook.

Dave Lawler 6 hours ago
SaveSave story

What Trump and Putin did and didn't discuss

President Trump spoke with Vladimir Putin this afternoon, and congratulated him on winning re-election on Sunday. After the call, Press Secretary Sarah Sanders was asked whether Trump felt the election had been free and fair, and said it wasn’t up to the U.S. to “dictate" how Russia holds elections.

The bottom line: Trump is not alone in congratulating Putin — leaders in France, Germany and elsewhere have done so this week, as Barack Obama did in 2012. But past administrations certainly have seen it as America’s role to call balls and strikes when it comes to elections abroad, and weigh in when democratic institutions are being undermined. A departure from that approach would be welcomed not only by Putin, but other leaders of pseudo democracies around the world.

SaveSave story

Some self-driving car companies hit brakes on tests after fatality

A nuTonomy test vehicle in Boston.
A nuTonomy test vehicle in Boston. Photo: nuTonomy

Following the death on Monday of a pedestrian struck by an Uber self-driving car, some companies are halting their own autonomous vehicle testing, Among those who is halting testing is nuTonomy, which says it did so at the request of the city of Boston. Uber also halted its testing, as has Toyota, per Bloomberg.

Why it matters: The first death caused by a self-driving car was sure to shake up the industry, despite arguments that self-driving cars are significantly safer than humans behind the wheel.