Democracy and Cybersecurity: Preserving Democratic Institutions
In 2017, EPIC will fully engage the challenge of preserving and promoting democratic institutions. EPIC's specific interest in this issue is found in the work of our Advisory Board, as well as EPIC's ongoing legal efforts to ensure government accountability. The technical insights of faulty election systems and legal safeguards concerning privacy protection and open government converge at the common goal of preserving democratic institutions.
- Senate Committee Confirms 2016 Russian Cyberattack on Democratic Institutions: A report from the Senate Select Committee on Intelligence has confirmed the 2017 assessment from the Intelligence Community on Russian interference with the 2016 election. The Intelligence report stated "Russia's goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump." Senate Committee Chair Richard Burr (R-NC) said "the Committee has spent the last 16 months reviewing the sources, tradecraft and analytic work underpinning the Intelligence Community Assessment and sees no reason to dispute the conclusions," The Senate Report also stated, "the Committee's investigation has exposed a far more extensive Russian effort to manipulate social media outlets to sow discord and to interfere in the 2016 election and American society" than the Intelligence Community assessment reported. EPIC pursued a FOIA lawsuit, EPIC v. ODNI, to obtain public release of the complete Intelligence report. In 2017, EPIC launched a new project on Democracy and Cybersecurity to focus attention on new threats to democratic institutions. (Jul. 5, 2018)
- EPIC Urges Senate Judiciary to Examine FBI Response to Russian Cyber Attacks: EPIC has sent a statement to the Senate Judiciary Committee ahead of Monday's hearing "Examining the Inspector General’s First Report on Justice Department and FBI Actions in Advance of the 2016 Presidential Election." EPIC urged the Committee to explore the FBI's ability to respond to future cyberattacks. According to documents obtained by EPIC, the FBI is to notify victims of cyberattacks "even when it may interfere with another investigation or (intelligence) operation." But an AP investigation found that the FBI failed to notify hundreds of officials whose email was hacked during the 2016 election. EPIC obtained the FBI's Victim Notification Procedures through a Freedom of Information Act lawsuit, EPIC v. FBI. Last month, a federal court ruled that the agency may withhold records still sought by EPIC but said that lawmakers should pursue threats to democratic institutions described in the EPIC lawsuit. (Jun. 15, 2018)
- U.S. House Report Finds FBI Cyberattack Victim Notification Inadequate (Apr. 30, 2018) +
- Tax Day: EPIC Files Second Lawsuit to Obtain Trump Tax Records (Apr. 17, 2018) +
- EPIC Provides U.S. Report for Privacy Experts Meeting (Apr. 9, 2018) +
- FEC Proposes Regulation of Internet Political Ads (Mar. 14, 2018) +
- EPIC to Senate Intelligence: Ask NSA Director Nominee About Russian Election Interference (Mar. 14, 2018) +
- EPIC Celebrates Sunshine Week With 2018 FOIA Gallery (Mar. 12, 2018) +
- EPIC FOIA: Federal Voting Rights Officials Sought to 'Clean' State Voter Rolls (Mar. 12, 2018) +
- Senators Ask Director of National Intelligence About Russian Meddling (Mar. 6, 2018) +
- Mueller Indicts Russian Nationals, Entities for Election Interference (Feb. 16, 2018) +
- Congressional Task Force Releases Report on Election Security (Feb. 14, 2018) +
- Senators Question Intelligence Officials on Russian Election Interference (Feb. 13, 2018) +
- EPIC Files FOIA Request About DHS's Investigation of Voter Fraud (Feb. 9, 2018) +
- EPIC Pursues Trump's IRS Records, Contradictory Statements about Financial Ties to Russia (Feb. 5, 2018) +
- Senate Holds Hearing on National Security Strategy (Jan. 24, 2018) +
- EPIC FOIA - Court Concedes Significance of Russia Report, But Fails to Order Disclosure (Dec. 19, 2017) +
- EPIC Provides U.S. Report for Privacy Experts Meeting (Nov. 27, 2017) +
- EPIC v. FBI: EPIC Pursues Release of Documents on Russian Meddling (Nov. 20, 2017) +
- After Public Pressure, FEC To Begin Rulemaking On Online Ad Transparency (Nov. 16, 2017) +
- Senators Urge FEC to Promote Transparency in Online Ads (Nov. 13, 2017) +
- EPIC Promotes 'Algorithmic Transparency' for Political Ads (Nov. 3, 2017) +
- Senate Begins Investigation Into Russian Meddling (Oct. 31, 2017) +
- EPIC Supports "Release to One, Release to All" FOIA Policy (Oct. 31, 2017) +
- Senate Bill to Improve Transparency and Accountability for Online Political Ads (Oct. 19, 2017) +
- 2018 Intelligence Authorization Reflects Concerns About Russian Hacking (Aug. 25, 2017) +
- EPIC Pursues Release of Trump Tax Returns in IRS FOIA Case (Jun. 27, 2017) +
- The FOIA Project Provides 2017 FOIA Report (May. 31, 2017) +
- Executive Order on Cybersecurity Finally Released (May. 12, 2017) +
- Former Attorney General Testifies about Russian Influence with Key Trump Advisor (May. 9, 2017) +
- On Cyber Policy, EPIC Urges Senate to Protect Consumers, Democratic Institutions (May. 8, 2017) +
- EPIC To Senate Judiciary - "Public Has Right to Know About Russia Ties" (May. 5, 2017) +
- EPIC v. ODNI: EPIC Anticipates Release of Report on Russian Hacking (May. 2, 2017) +
- Following Congress, EPIC Seeks Public Release of DHS Records on Russian Interference (Mar. 31, 2017) +
- EPIC To Senate Intelligence - "Public Has Right to Know About Russia Ties" (Mar. 29, 2017) +
- EPIC Pursues Release of President Trump's Tax Returns (Mar. 29, 2017) +
- EPIC FOIAs Docs for Key Witnesses at Cancelled Oversight Hearing (Mar. 24, 2017) +
- EPIC Seeks Public Release of Secret Directive on Cybersecurity (Jan. 28, 2017) +
- EPIC Sues for Release of Complete Report on Russian Interference with 2016 Election (Jan. 26, 2017) +
- NEWS UPDATE - EPIC Sues FBI for Details of Russian Interference with 2016 Election (Jan. 18, 2017) +
- EPIC Urges Senate Committee to Ensure UN Ambassador Supports International Privacy Convention (Jan. 18, 2017) +
- EPIC Tells Senate to Probe Commerce Nominee on Data Protection, Privacy Shield (Jan. 18, 2017) +
- Senate Intelligence Committee Presses FBI to Reveal Russia Investigation (Jan. 16, 2017) +
- EPIC, Technology Experts Urge Senate Committee to Monitor President’s Homeland Security Advisor (Jan. 10, 2017) +
- EPIC Seeks Expedited Release of Report on Russian Interference in 2016 Election (Jan. 10, 2017) +
- Senate Armed Services Committee to Examine Foreign Cyber Threats (Jan. 4, 2017) +
- Obama Sanctions Russia for Election “Hack" (Dec. 30, 2016) +
- EPIC Seeks FBI Records on Russian Interference in 2016 Presidential Election (Dec. 22, 2016) +
- Obama Orders Review of Hacking During 2016 Election (Dec. 9, 2016) +
- As Voters Go To Polls, EPIC Backs "Data Protection 2016," Secret Ballot (Nov. 7, 2016) +
- EPIC Urges Congress to Protect Voter Privacy (Sep. 27, 2016) +
- Secret Ballot At Risk in Maryland After Election Board Vote (Sep. 27, 2016) +
- EPIC, Verified Voting, Common Cause Release Report on Ballot Secrecy (Aug. 18, 2016) +
- EPIC Hosts Policy Forum at National Press Club (Jun. 10, 2016) +
- EPIC Launches "Data Protection 2016" to Make Privacy a Campaign Issue (Feb. 7, 2016) +
- EPIC: Voters Should Be Wary of 2012 Election Apps (Aug. 13, 2012) +
- EPIC releases 2010 E-Deceptive Campaign Practices Report (Oct. 27, 2010) +
- EPIC's Lillie Coney Appointed to Election Advisory Committee (Dec. 17, 2009) +
More top news
The rise of electronic voting brought with it concerns about transparency and verifiability. When there are no paper ballots to count, how can anyone be sure that his or her vote was counted? Key issues include ensuring ballot secrecy, that all votes cast are counted, and that the final outcome of the election is verifiably correct.
- EPIC v. DOD, seeking penetration testing reports relating to the Department of Defense's e-voting program (2014).
EPIC Amicus Briefs
- Veasey v. Abbott, Concerning the legality of the Texas Voter Photo Identification Law (2016).
- Crawford v. Marion County Arguing against Indiana's voter ID requirement (2007).
EPIC Testimony and Statements
- EPIC Letter re: Cybersecurity: Ensuring the Integrity of the Ballot Box, U.S. House Committee on Oversight and Government Reform (Sept. 28, 2016).
- EPIC Letter re: Voter Verification in the Federal Elections Process, U.S. Senate Committee on Rules (June 21, 2005).
- EPIC, Verified Voting, Common Cause: The Secret Ballot at Risk: Recommendations for Protecting Democracy (2016)
- EPIC: Voter ID
- EPIC: Voter Privacy
- U.S. Election Assistance Commission
- Ronald L. Rivest: Voting Resources Page
- Ronald L. Rivest, ClipAudit: A Simple Risk-Limiting Post-Election Audit (2017)
- Ronald L. Rivest, Auditability and Verifiability of Elections (2016)
- Ronald L. Rivest, Was YOUR Vote Counted?, Numberphile (2016)
- Douglas W. Jones and Barbara Simons, Broken Ballots: Will Your Vote Count? (2012)
- Verified Voting, Computer Technologists’ Statement on Internet Voting (September 2012)
- David Chaum, Secret-Ballot Receipts: True Voter-Verifiable Elections, IEEE Security & Privacy (2004)
- Peter G. Neumann, Security Criteria for Electronic Voting 16th National Computer Security Conference, Baltimore, MD (1993)
- Ronald L. Rivest, Electronic Voting
Russian Interference with the 2016 Election
During the 2016 election season, Russia carried out a multi-pronged attack intended to “undermine public faith in the US democratic process,” according to a report by the Office of the Director of National Intelligence.
- EPIC v. FBI Seeking records related to the FBI's response to foreign cyber attacks on democratic institutions in the United States prior to the 2016 Presidential Election (2017).
- EPIC v. ODNI Seeking release of the Complete ODNI Assessment of the Russian interference with 2016 U.S. Presidential Election (2017).
EPIC Testimony and Statements
- Russian Efforts to Influence Democratic Elections in the United States and Abroad, U.S. Senate Committee on the Judiciary (Feb. 8, 2017)
- Foreign Cyber Threats to the United States, U.S. Senate Committee on Armed Services (Jan. 4, 2017).
- Office of the Director of National Intelligence, Assessing Russian Activities and Intentions in Recent US Elections (2017) (Redacted public version)
Transparency and accountability of US cybersecurity policy
Russian interference in the 2016 election led to calls for increased attention to cybersecurity. It is not yet clear, however, what that will mean. As the U.S. works to strengthen cybersecurity to resist interference in the democratic process, it must preserve the principles of transparency and accountability that are fundamental to democratic governance.
- EPIC v. DOJ, seeking the EU-US Umbrella Agreement, a framework for transatlantic data transfers between the US and the EU. The proposed goal of the Agreement is to provide data protection safeguards for personal information transferred between the EU and the US (2015).
- EPIC v. DOJ, seeking the reports that detail the NSA's collection of call record information from US companies (2013).
- EPIC v. NSA, seeking records about the NSA's arrangement with Google regarding cybersecurity, following news reports that the agency would assist the company in analyzing network traffic (2010).
- EPIC v. NSA, seeking NPSD 54, a Presidential Directive that grants the National Security Agency broad authority to conduct surveillance of domestic communications (2010).
- EPIC v. Virginia State Police, seeking records that directly relate to alleged federal government involvement with a bill which exempts the Virginia Fusion Intelligence Center Virginia Fusion Center from Virginia privacy and government transparency laws (2008).
EPIC Testimony and Statements
- Appointment of Thomas P. Bossert for White House Homeland Security Advisor, U.S. Senate Committee on Homeland Security and Governmental Affairs (Jan. 10, 2017)
- Planning for the Future of Cyber Attack Attribution, House Committee on Science and Technology (Jul. 15, 2010)
- Securing Our Infrastructure: Private/Public Information Sharing, Senate Committee on Governmental Affairs (May 8, 2002)
- H.R. 4246, the Cyber Security Information Act, House Committee on Government Reform (Jun. 22, 2000)
- CyberAttack: The National Protection Plan and its Privacy Implications, Senate Committee on the Judiciary (Feb. 1, 2000)
- Cypto Legislation, Senate Committee on Commerce, Science, and Transportation (Jun. 26, 1996)
- The Computer Security Act of 1987 and the Memorandum of Understanding Between NIST and the NSA, House Committee on Government Operations (May 4, 1989)
Documents Obtained by EPIC
- DOJ Policy On AG-President Communications
- Former FBI Director James Comey's Memoranda of Communications with President Trump
- EPIC v. FBI, Production May 11, 2017
- New Program For a New Threat, POLITCO Morning Cybersecurity (Feb. 15, 2017).
- James Hood, Cyber attacks threaten democracy, EPIC warns, ConsumerAffairs (Feb. 14, 2017).
- Kim Sengupta, Russia accused of launching hacking campaign during UK general election, The Independent (Feb. 14, 2017).
- Nicholas Vinocur, Emmanuel Macron aide blames Russia for hacking attempts, POLITICO EU (Feb. 13, 2017).
- Garry Kasparov, The U.S. doesn’t have a problem with Russia. It has a problem with Vladimir Putin., Washington Post (Jan. 3, 2017)
- Bruce Schneier, U.S. Elections are a mess, even if there's no evidence this one was hacked, Washington Post (Nov. 23, 2016)
- Ronald L. Rivest and Philip Stark, Still time for an election audit: Column, USA Today (Nov. 18, 2016)
- Bruce Schneier, By November, Russian hackers could target voting machines, Washington Post (July 27, 2016)
- Joseph Menn, U.S. election agency breached by hackers after November vote, Reuters (Dec. 15, 2016)
- Hiawatha Bray, Trump, Putin and the hacking of an American election, Boston Globe (July 27, 2016)