November 12, 2020
Hello, and welcome to the newest edition of Codebook — coming to you Thursday, as we took yesterday off for Veterans Day. To our vet readers: Thank you for your service.
- This week, we’re thinking about how personnel is policy — and what the abrupt shifts therein may portend for the incoming Biden administration.
Today's newsletter is 1,318 words, a 5-minute read.
1 big thing: The election security nightmare that wasn't
As the dust settles on the 2020 presidential election, it's becoming clear that the process proved sturdy, with no known attacks on voting infrastructure and no 2016-style vast foreign meddling campaigns to disrupt American democracy.
Yes, but: The ongoing disinformation campaign from President Trump and his allies, as they refuse to accept his loss, illustrates that the country does not need outside intrusions to undermine the integrity of our elections.
Where it stands: None of the election's worst-case scenarios came to pass.
- There's zero evidence of any hacks into voting machines or alterations of voter data.
- Despite the best efforts of Trump's legal team to cast doubt on the integrity of the election results before they're certified, there's no evidence whatsoever of widespread fraud that could affect the outcome of the presidential or down-ballot races.
- There were some minor meddling efforts, but no foreign adversary even attempted to launch a large-scale interference campaign against the election.
The big picture: There's general agreement that the parties that needed to be prepared for the worst stepped up.
- DHS’ Cybersecurity and Infrastructure Security Agency, the FBI, and the U.S. military's Cyber Command undertook unprecedented, and often coordinated, actions to raise awareness about potential foreign cyber operations, shore up domestic online defenses, and degrade and disrupt adversary networks abroad.
- Major social media platforms like Facebook and Twitter worked diligently to identify and take down foreign disinformation networks, including several linked to Iran and Russia.
Happily, they were overprepared. Those Iranian and Russian campaigns, all caught before they even had a chance to gain much steam, were generally slapdash operations of limited scale and efficacy.
- Iran, for instance, hijacked a website associated with a far-right group and sent threatening pro-Trump emails posing as members of that group to Floridians and Alaskans listed on public voter rolls as Democrats.
- Unlike in 2016, this year saw no verifiable, large-scale, pre-election operations in which a cut out like WikiLeaks or persona like Guccifer 2.0 surfaced and amplified hacked materials.
Between the lines: It's not that foreign actors lacked the opportunity to intervene in the 2020 elections.
- Even if the Russians or Iranians failed to procure any explosive hacked material, they likely could have produced forged documents and set about distributing and amplifying them online.
The catch: Hostile foreign actors didn't need to expend that effort. The closest thing to a retread of 2016's hack-and-leak operation — though there is no evidence linking it to a foreign government — was the late-stage trickle of material purportedly stolen from Hunter Biden's laptop.
- That didn't have to be seeded online and boosted by an army of trolls, fake accounts and bots. Instead, Trump's personal lawyer Rudy Giuliani acted as the broker delivering that material to homegrown conservative media outlets.
- The rising swell of disinformation circulating inside the U.S. political world is achieving the ultimate goal of hostile foreign intelligence services for them: the poisoning of the information ecosystem of millions of Americans, which foments domestic discord.
What's next: When there are actually core U.S.-related foreign policy objectives at stake for these countries, they can execute disinformation campaigns in an ever-more primed environment for them. In 2022 or 2024, they may be pushing on an open door.
2. Pentagon shake-up underscores wider purge fears
Why it matters: The president’s rush to replace senior Pentagon civilian leadership with Trump loyalists, all as he still refuses to concede, could wreak havoc as his administration winds down. It could also make life difficult for senior national security officials of the incoming Biden administration.
What’s happening: In addition to the Esper firing...
- Trump named Michael Ellis, a former aide to House Intelligence Committee ranking member Devin Nunes, who most recently served as the NSC official in charge of intelligence programs, general counsel of the National Security Agency.
- The Pentagon’s top policy official, James Anderson, resigned in anticipation of being fired by President Trump. Anderson was replaced by Anthony Tata, an administration loyalist who was denied the job earlier this year after his prior bigoted comments came to light.
- Trump officials named Kash Patel, another former aide to Devin Nunes, as the chief of staff to the secretary of defense.
- The Pentagon’s undersecretary of defense for intelligence was also forced to resign and replaced with Ezra Cohen-Watnick, another former NSC staffer and Trump loyalist.
- Esper angered Trump earlier this year when he refused to send in uniformed troops to dispel protesters in Washington, D.C. Esper also worked with Congress, over Trump’s wishes, to rename military bases named after Confederate generals.
The bottom line: The shake-ups may well be chiefly about Trump getting revenge on officials he views as insufficiently loyal. But they also may mean Trump gets to place people in positions to subvert the national security preferences of the next administration.
3. Report: Swiss government long in dark over CIA front company
The Swiss intelligence service has known since at least 1993 that Switzerland-based encryption device maker Crypto AG was actually a front for the CIA and its German counterpart, according to a new report released by the Swiss Parliament, but Swiss leaders were in the dark until last year.
Why it matters: Switzerland’s intra-governmental information gap is unlikely to be welcome news in Europe, which already looks warily upon the U.S.’ expansive surveillance practices. Still, Crypto AG provided information of incalculable value to U.S. policymakers over many decades.
Catch up quick: Crypto AG was controlled from 1970 on by the CIA and the West German BND intelligence agency. It sold encryption devices — often employed in diplomatic communications — that were used by over 120 countries through the 2000s.
- In an incredible intelligence coup, the U.S. and Germans were therefore able to decrypt these communications at will.
Where it stands: The CIA and BND did not spy on Switzerland using Crypto AG machines, says the new parliamentary findings, but Switzerland did take advantage of the surveillance tech itself, per Swissinfo.
- The parliamentary report raises questions about why Switzerland’s civilian leadership was not informed for decades about the U.S. and German front company.
4. TikTok previously censored China-related content
A TikTok executive said at a U.K. parliamentary hearing last week that the video-sharing platform previously censored content that was critical of China, especially videos about Uighur Muslims being detained in Xinjiang, Axios’ Ursula Perano reports.
What they're saying: "At that time we took a decision ... to not allow conflict on the platform, and so there was some incidents where content was not allowed on the platform, specifically with regard to the Uighur situation," Elizabeth Kanter, the company's U.K. director of public policy, said.
Yes, but: TikTok says that's no longer the case. "If you ... search for the term 'Uighur' on the TikTok app, you can find plenty of content about the Uighurs. There's plenty of content that's critical of China," Kanter said of its current library.
- "We do not in any way, shape or form censor content or moderate in a way that would be favorable to China. You are right to say that those were a couple of years ago the content moderation guidelines, but they're absolutely not our policy now," she said.
- Kanter did not specify when the rule changed, stating it's been "at least over a year."
The latest: Kanter later clarified that she was wrong to suggest that TikTok specifically targeted content involving Uighurs: “We want to be absolutely clear that even in those early policies, there was never a policy around the Uighur community, which is where I misspoke."
Between the lines: It’s bad timing for TikTok to look beholden to Beijing. The Trump administration has been seeking to force a sale of, or block, the Chinese-owned service, saying it’s a national security threat.
- Despite twice securing court victories against the Trump administration’s quest to ban it, TikTok is still in jeopardy in the U.S. Today is the deadline for parent company ByteDance to divest TikTok.
- The Trump administration already signed off on a deal with Oracle that should have technically satisfied the divestiture requirement despite not being a typical M&A transaction, but TikTok says it hasn’t heard from the administration since.
5. Odds and ends
- How Taiwan beat online disinformation. (Foreign Policy)
- Armenia and Azerbaijan agreed to a peace deal, ending the two countries’ most recent war over the disputed Nagorno-Karabakh territory. (BBC)
- Will the Biden administration bring back the White House cyber czar position? (The Hill)
- All of Hong Kong’s pro-democracy legislators resigned in protest of China’s continued crackdown there. (AP)
- Why President Trump may pose a national security risk after he leaves office. (Just Security)