Jul 18, 2019

New rules on paying for campaign cybersecurity

Illustration: Sarah Grillo/Axios

It just got easier for cybersecurity toolmakers to offer campaigns help — but only by a little.

The big picture: Cybersecurity firms have flocked to provide free services to state election authorities, and some want to help protect political campaigns, too. But those efforts have been in legal limbo thanks to the complexities of election finance law.

Driving the news: The Federal Election Commission issued its final of a series of clarifying decisions last week: Firms may offer political campaigns the same discounts they offer other customers, but only non-profits can provide campaigns with free services or deals special to the campaigns.

Why it matters: Though much of the political focus has moved to voting machines, that wasn’t what Russia hacked in 2016. Rather, it targeted campaigns and political groups — and getting their defenses correct in 2020 is critical.

Details: The FEC had been weighing whether Area 1, a phishing security company, and Defending Digital Campaigns, an election security non-profit, could offer free services to campaigns.

  • Last week the FEC decided that Area 1 could offer the same discounts to campaigns it offers to everyone.
  • In May, the FEC said Defending Digital Campaigns (DDC), as a non-profit, could offer free services.
  • Companies that want to cut prices for campaigns still generally can’t.

The intrigue: Several firms already offer free services to state election groups — including Microsoft, Cloudflare, Google and Synack — and it’s easy to think democracy would be better served if campaigns could get security tools for free, too.

  • But the way campaign finance laws are written, this would open the door for analogous groups to argue they too should be able to offer free services.
  • Smith & Wesson, for instance, could start offering free physical security.
  • The FEC’s position is that any kind of carve-out from regulations for a specific industry like cybersecurity is a matter for Congress to decide.

Area 1's case was unique, because both the FEC and Area 1 agree that offering the same pricing to campaigns as to everyone else is explicitly legal. But Area 1's unusual pricing scheme made campaign lawyers nervous, Area 1 CEO Oren Falkowitz told Codebook.

Agari, which provides a different type of email security than Area 1, adjusted plans to offer its wares for free to campaigns. It will now offer free services via non-profits like DDC.

  • Agari chief marketing officer Armen Najarian believes the restrictions in the FEC ruling will actually benefit both campaigns and companies.
  • The deluge of free services in 2016 posed a problem for election officials who didn't have the industry savvy to know which products were snake oil and which were legit.
  • That led many states to pass on useful freebies.
  • As Najarian sees it, the FEC decision will inadvertently allow non-profits to work as a kind of snake-oil filter.

Go deeper

FEC considers making "valuable information" a campaign contribution

Donald Trump Jr. Photo: Joe Raedle/Getty Images

The Federal Election Commission (FEC) announced Wednesday that it is seeking public comments on a rule-making petition that would define "valuable information" as an official campaign contribution that must be regulated.

Why it matters: It is already illegal for campaigns to accept foreign contributions, so if passed, this rule would institute an outright ban on campaigns accepting unregulated "foreign" and "compromising" information, according to the proposed guidelines. President Trump told ABC's George Stephanopoulos last month that if a foreign government offered dirt on a political opponent, "I think I'd take it."

Go deeperArrowJul 31, 2019

After Mueller warns of election interference, GOP blocks security bills

Former special counsel Robert Mueller testifies before the House Judiciary Committee. Photo: Chip Somodevilla/Getty Images

In the 24 hours since former special counsel Robert Mueller warned of future election interference in his congressional testimony, Senate Republicans have blocked a collection of election security bills and a cybersecurity measure.

The latest: Senate Majority Leader Mitch McConnell on Thursday blocked Democrats from pushing forward a House-passed bill to authorize $775 million in state funding over the next 2 years to bolster voting system security, CNN reports.

Go deeperArrowUpdated Jul 25, 2019

Senate Intel releases 1st volume of report on 2016 Russian interference

Sens. Mark Warner and Richard Burr. Photo: Tom Williams/CQ Roll Call

The Senate Intelligence Committee on Thursday released the first part of its redacted report on Russian interference in the 2016 presidential election, focusing on "Russian efforts against election infrastructure."

Driving the news: The release of the report comes one day after former special counsel Robert Mueller testified before the House Judiciary and Intelligence Committees, warning that Russia would continue its interference efforts in the future. Despite his statement, Republican senators this week blocked a package of election security measures designed to protect election systems in 2020.

Go deeperArrowJul 25, 2019