It’s time to secure the 2020 election
Ro Khanna, a Democrat, represents California’s 17th Congressional District, which includes much of Silicon Valley, in the U.S. House of Representatives. Michael McFaul is the director of the Freeman Spogli Institute for International Studies at Stanford and a former U.S. ambassador to Russia. Alex Stamos is the director of the Stanford Internet Observatory and the former chief security officer of Facebook.
Special counsel Robert S. Mueller III has completed his investigation of what happened regarding Russia’s interference in the 2016 election. It is time now to pivot to addressing what needs to be done to prevent future meddling from Russia or any other foreign government.
Obviously, we still have not seen all the details of what Mueller and his team have learned regarding Russia’s violation of our sovereignty in 2016. But the clock is ticking; we cannot wait for the publication of that report to begin taking necessary actions to protect the vote of the American people in 2020.
First, we must minimize the use of online communication platforms by foreign governments to suppress and sway voters through divisive messaging to favor certain candidates. Private companies, the intelligence community and Mueller all attributed this activity in 2016 to a variety of privately owned but state-aligned actors in Russia.
Completely preventing the injection of foreign government propaganda into our discourse is impossible, but we can ask our tech industry to reduce the amplification of such messages and more quickly detect, quarantine and report organized foreign influence efforts to U.S. officials. The U.S. tech industry currently lacks a coordinating body to facilitate data sharing and provide a single interface to U.S. agencies working to protect our elections. We strongly urge these companies to create such a body, following the model of effective coordination centers already established by the finance and power industries.
Second, in parallel, the U.S. intelligence community must implement plans to assist these companies in thwarting disinformation and influence campaigns from foreign governments through rapid declassification of technical indicators and regular updates on potential threats. The tech platforms received almost no assistance in the run-up to the 2016 election, a situation that only marginally improved with the 2018 midterms. By early next year, we will need tight coordination between the U.S. agencies and the tech platforms. Third-party oversight would enhance the credibility of these interactions.
Third, Congress must debate, amend and pass the Honest Ads Act to set fair and reasonable guidelines for online advertising in political campaigns. President Trump must then sign this legislation into law. This act can be strengthened with a broader definition of political advertising, technical requirements around transparency and strong limits on the use of hyper-targeting. Congress has a responsibility to set the standards for the thousands of relevant companies in this space, but nothing is preventing the largest companies, such as Google, Facebook and Twitter, from creating self-regulatory frameworks in the meantime.
Fourth, we should enact reforms and norms to help deter future “hack and leak” or doxing operations by foreign intelligence organizations. The GRU, Russia’s military intelligence agency, may have done the most damage to our electoral process when Russian officers stole information from the Democratic National Committee and others and then used the data to help Trump. Political parties and campaigns have stepped up their security precautions, but these private efforts can be bolstered by campaign finance reforms that would allow parties and campaigns to spend more on secure technologies and for outside organizations to offer nonpartisan security assistance.
We must continue to reduce the opportunities for foreign adversaries to steal and publish confidential information, but such breaches are still likely to occur, given that other nations have been steadily increasing their offensive cyberwar capacities. Trump and the Republican National Committee must take the same pledge to not utilize stolen information as the Democratic candidates have, while major media outlets should explain how they will responsibly report such stories without providing the amplification our enemies desire.
Fifth, we must act quickly and boldly to enhance the cybersecurity of our voting infrastructure. Roughly 10,000 local authorities, operating without centralized standards, are responsible for conducting our national elections. The level of readiness against fraud and external attack varies widely; many states are woefully unprepared to face the quality of hacker available to the governments of Russia, China, Iran and North Korea. We can respect the rights of states and localities to operate their own election procedures while also setting basic security requirements. The Protecting American Votes and Elections Act is a smart proposal to require the use of unhackable paper trails and mandate risk-limiting audits across the United States.
Securing our democracy is not a partisan project. All Americans must have the right to select their elected officials without foreign interference or manipulation. Although more questions remain, Mueller and his team have done a lot of the hard work of investigating Russia’s interference in our 2016 presidential election. Now is the time to use these insights to prevent such actions by any foreign actor in 2020.