Text Size   Decrease Font SizeIncrease Font Size

Data Security and Presidential Campaigns

PDF Print
Privacy, Data Protection and Security
Thursday, 12 November 2015 16:55

By Arthur M. Freyre

The 2016 presidential campaign will be kicking into high gear in the upcoming months. As the primaries begin in earnest in Iowa and New Hampshire, you can expect emails and phone call solicitations asking not only for your time, but also your money. But have you ever wondered how safe is the information you are providing a campaign online?

This past September, the Online Trust Alliance, an industry group focused on e-commerce, released a report assessing the safety of presidential campaign websites.[i] The report focuses on the following three aspects of online campaign platforms: site security, consumer protection, and privacy.0296c908-2528-4579-9d33-20f6b22917ad

Site security addresses whether or not the campaign website is the actual website and not directed to a counterfeit source. This category also includes factors on the investment of technology such as, firewalls and encryption technology, and other programs that make hacking more difficult.

Consumer protection scores are calculated by evaluating the “adoption of email authentication and associated technologies to help protect consumers from receiving fraudulent email purporting to come from candidates, their PACs or political parties.”[ii]  In other words, the political campaigns are assessed on how well they protect their websites and emails from hackers, who could create a false website and illegitimate emails.

Site Privacy compared methods of data storage, security of stored information, and actual use of the information received from political donors and volunteers. Content of a site’s “privacy policy” and accessibility of such disclosures also attributed to the assessment.

Online Trust praised the campaigns overall for their use of technology in the areas of consumer protection and site security; however, many presidential campaigns were given failing grades for their lack of implementing a data privacy policy. Six campaigns (out of twenty-three total campaigns assessed) had sufficient data privacy protection in place that sufficiently passed Online Trust’s assessment.[iii]

Many of the campaigns received low marks in these areas for not having privacy policies, or the policies disclosed were inadequate, or because the campaigns “claimed the right to share data with ‘like minded entities’ or unidentified third parties or anyone or even sell the data.”[iv] OTA shows this as a negative factor, because the person providing the information has no ability to consent whether or not their information can be sold, despite the terms of the privacy policy. Third-party data sharing is also in contrast to the generally accepted Fair Information Practice Principles (FIPPS).[v]  

A major reason for the low marks in privacy is attributed to the use of micro targeting by both Democratic and Republican campaigns. Micro targeting[vi] involves collections of data and statistics from voter populations that is assessed for predictive voting trends, which allows political parties to tailor their messages based on the voters’ preference of issues and streamline campaign resources to potential supporters.

The report provides us with two important lessons. First, companies need to invest in technology that will protect their websites from cyber-criminals, viruses, and other forms of malware. It may not be as extensive as a presidential campaign, but as seen in the cases of Target, the Internal Revenue Service, and the Office of Personal Management, it is evident that no information technology system, even the “best of the business” is safe from attacks. 

Secondly, companies need to develop a data privacy policy focusing on the security, storage and privacy of consumer information. Although no one has successfully hacked into a presidential campaign website, that we know of, the potential risk of bad publicity stemming from compromised donor and volunteer information is more than enough to end a campaign. That kind of negative publicity is equally devastating for businesses and organizations utilizing online platforms.

For more information on how to assess your own data privacy needs, please visit our website

[i] Online Trust Alliance Presidential Candidate Report found at https://otalliance.org/blog/does-your-favorite-presidential-candidate-make-grade
[ii] Terminology taken from OTA’s 2016 Presidential Candidates analysis, Pg. 10, https://otalliance.org/system/files/files/initiative/documents/2015_ota_honor_roll_-_candidates_9-18.pdf
[iii] Category scores included under the Privacy Practices Section, Pages 8-9
[iv] Under the Privacy Practices section, definition included as Promiscuous Policy, Pg. 8
[v] https://en.wikipedia.org/wiki/FTC_Fair_Information_Practice ; guidelines that represent widely accepted concepts of concerning fair information practice in an electronic marketplace as explained by the US Federal Trade Commission.

Social Media

Twitter2Facebook2LinkedIn2 YouTube Icon 

Newsletter Sign-Up

Fill out my online form.


Recent News

Mr. Tomeu Vadell, American Hostage in Venezuela for Two Years

Mr. Tomeu Vadell, American Hostage in Venezuela for Two Years Joint Statement by Mr. Vadells’ Counsel Two years ago a few days ... [More]

UPDATE 25- On Fourth Anniversary of Nizar Zakka's Abduction

Open Letter from Nizar Zakka, Former Iran Hostage, On the Fourth Anniversary of his Abduction On this day four years ago, k... [More]

©2018 PobleteTamargo LLP
Attorney Website by The Modern Firm