Democracy and Cybersecurity: Preserving Democratic Institutions
In 2017, EPIC will fully engage the challenge of preserving and promoting democratic institutions. EPIC's specific interest in this issue is found in the work of our Advisory Board, as well as EPIC's ongoing legal efforts to ensure government accountability. The technical insights of faulty election systems and legal safeguards concerning privacy protection and open government converge at the common goal of preserving democratic institutions.
- EPIC Seeks Public Release of Secret Directive on Cybersecurity: EPIC has filed an urgent FOIA request with the DHS, the Department of Justice, and the NSA, seeking the expedited release of NSPD-1. The National Security Presidential Directive sets out procedures for cybersecurity "policy coordination, guidance, dispute resolution, and periodic in-progress review." EPIC has previously litigated, and successfully obtained, NSPD-54, a Presidential Directive concerning the NSA's authority to conduct surveillance within the United States. (Jan. 28, 2017)
- EPIC Sues for Release of Complete Report on Russian Interference with 2016 Election: EPIC has filed a Freedom of Information Act lawsuit against the Office of the Director of National Intelligence in federal district court in Washington, DC. The case is designated EPIC v. ODNI, No. 17-163 (D.D.C. filed Jan. 25, 2017). As EPIC makes clear in the complaint, "there is an urgent need to make available to the public the Complete ODNI Assessment to fully assess the Russian interference with the 2016 Presidential election and to prevent future attacks in democratic institutions." More details in the press release. Last week EPIC sued the FBI to uncover details of the Bureau's response to Russian interference. (Jan. 26, 2017)
- NEWS UPDATE - EPIC Sues FBI for Details of Russian Interference with 2016 Election (Jan. 18, 2017) +
- EPIC Urges Senate Committee to Ensure UN Ambassador Supports International Privacy Convention (Jan. 18, 2017) +
- EPIC Tells Senate to Probe Commerce Nominee on Data Protection, Privacy Shield (Jan. 18, 2017) +
- Senate Intelligence Committee Presses FBI to Reveal Russia Investigation (Jan. 16, 2017) +
- EPIC, Technology Experts Urge Senate Committee to Monitor President’s Homeland Security Advisor (Jan. 10, 2017) +
- EPIC Seeks Expedited Release of Report on Russian Interference in 2016 Election (Jan. 10, 2017) +
- Senate Armed Services Committee to Examine Foreign Cyber Threats (Jan. 4, 2017) +
- Obama Sanctions Russia for Election “Hack" (Dec. 30, 2016) +
- EPIC Seeks FBI Records on Russian Interference in 2016 Presidential Election (Dec. 22, 2016) +
- Obama Orders Review of Hacking During 2016 Election (Dec. 9, 2016) +
- As Voters Go To Polls, EPIC Backs "Data Protection 2016," Secret Ballot (Nov. 7, 2016) +
- EPIC Urges Congress to Protect Voter Privacy (Sep. 27, 2016) +
- Secret Ballot At Risk in Maryland After Election Board Vote (Sep. 27, 2016) +
- EPIC, Verified Voting, Common Cause Release Report on Ballot Secrecy (Aug. 18, 2016) +
- EPIC Hosts Policy Forum at National Press Club (Jun. 10, 2016) +
- EPIC Launches "Data Protection 2016" to Make Privacy a Campaign Issue (Feb. 7, 2016) +
- EPIC: Voters Should Be Wary of 2012 Election Apps (Aug. 13, 2012) +
- EPIC releases 2010 E-Deceptive Campaign Practices Report (Oct. 27, 2010) +
- EPIC's Lillie Coney Appointed to Election Advisory Committee (Dec. 17, 2009) +
More top news
The rise of electronic voting brought with it concerns about transparency and verifiability. When there are no paper ballots to count, how can anyone be sure that his or her vote was counted? Key issues include ensuring ballot secrecy, that all votes cast are counted, and that the final outcome of the election is verifiably correct.
- EPIC v. DOD, seeking penetration testing reports relating to the Department of Defense's e-voting program (2014).
EPIC Amicus Briefs
- Veasey v. Abbott, Concerning the legality of the Texas Voter Photo Identification Law (2016).
- Crawford v. Marion County Arguing against Indiana's voter ID requirement (2007).
EPIC Testimony and Statements
- EPIC Letter re: Cybersecurity: Ensuring the Integrity of the Ballot Box, U.S. House Committee on Oversight and Government Reform (Sept. 28, 2016).
- EPIC Letter re: Voter Verification in the Federal Elections Process, U.S. Senate Committee on Rules (June 21, 2005).
- EPIC, Verified Voting, Common Cause: The Secret Ballot at Risk: Recommendations for Protecting Democracy (2016)
- EPIC: Voter ID
- EPIC: Voter Privacy
- U.S. Election Assistance Commission
- Ronald L. Rivest: Voting Resources Page
- Ronald L. Rivest, ClipAudit: A Simple Risk-Limiting Post-Election Audit (2017)
- Ronald L. Rivest, Auditability and Verifiability of Elections (2016)
- Ronald L. Rivest, Was YOUR Vote Counted?, Numberphile (2016)
- Douglas W. Jones and Barbara Simons, Broken Ballots: Will Your Vote Count? (2012)
- Verified Voting, Computer Technologists’ Statement on Internet Voting (September 2012)
- David Chaum, Secret-Ballot Receipts: True Voter-Verifiable Elections, IEEE Security & Privacy (2004)
- Peter G. Neumann, Security Criteria for Electronic Voting 16th National Computer Security Conference, Baltimore, MD (1993)
- Ronald L. Rivest, Electronic Voting
Russian Interference with the 2016 Election
During the 2016 election season, Russia carried out a multi-pronged attack intended to “undermine public faith in the US democratic process,” according to a report by the Office of the Director of National Intelligence.
- EPIC v. FBI Seeking records related to the FBI's response to foreign cyber attacks on democratic institutions in the United States prior to the 2016 Presidential Election (2017).
- EPIC v. ODNI Seeking release of the Complete ODNI Assessment of the Russian interference with 2016 U.S. Presidential Election (2017).
EPIC Testimony and Statements
- Russian Efforts to Influence Democratic Elections in the United States and Abroad, U.S. Senate Committee on the Judiciary (Feb. 8, 2017)
- Foreign Cyber Threats to the United States, U.S. Senate Committee on Armed Services (Jan. 4, 2017).
- Office of the Director of National Intelligence, Assessing Russian Activities and Intentions in Recent US Elections (2017) (Redacted public version)
Transparency and accountability of US cybersecurity policy
Russian interference in the 2016 election led to calls for increased attention to cybersecurity. It is not yet clear, however, what that will mean. As the U.S. works to strengthen cybersecurity to resist interference in the democratic process, it must preserve the principles of transparency and accountability that are fundamental to democratic governance.
- EPIC v. DOJ, seeking the EU-US Umbrella Agreement, a framework for transatlantic data transfers between the US and the EU. The proposed goal of the Agreement is to provide data protection safeguards for personal information transferred between the EU and the US (2015).
- EPIC v. DOJ, seeking the reports that detail the NSA's collection of call record information from US companies (2013).
- EPIC v. NSA, seeking records about the NSA's arrangement with Google regarding cybersecurity, following news reports that the agency would assist the company in analyzing network traffic (2010).
- EPIC v. NSA, seeking NPSD 54, a Presidential Directive that grants the National Security Agency broad authority to conduct surveillance of domestic communications (2010).
- EPIC v. Virginia State Police, seeking records that directly relate to alleged federal government involvement with a bill which exempts the Virginia Fusion Intelligence Center Virginia Fusion Center from Virginia privacy and government transparency laws (2008).
EPIC Testimony and Statements
- Appointment of Thomas P. Bossert for White House Homeland Security Advisor, U.S. Senate Committee on Homeland Security and Governmental Affairs (Jan. 10, 2017)
- Planning for the Future of Cyber Attack Attribution, House Committee on Science and Technology (Jul. 15, 2010)
- Securing Our Infrastructure: Private/Public Information Sharing, Senate Committee on Governmental Affairs (May 8, 2002)
- H.R. 4246, the Cyber Security Information Act, House Committee on Government Reform (Jun. 22, 2000)
- CyberAttack: The National Protection Plan and its Privacy Implications, Senate Committee on the Judiciary (Feb. 1, 2000)
- Cypto Legislation, Senate Committee on Commerce, Science, and Transportation (Jun. 26, 1996)
- The Computer Security Act of 1987 and the Memorandum of Understanding Between NIST and the NSA, House Committee on Government Operations (May 4, 1989)
- New Program For a New Threat, POLITCO Morning Cybersecurity (Feb. 15, 2017).
- James Hood, Cyber attacks threaten democracy, EPIC warns, ConsumerAffairs (Feb. 14, 2017).
- Kim Sengupta, Russia accused of launching hacking campaign during UK general election, The Independent (Feb. 14, 2017).
- Nicholas Vinocur, Emmanuel Macron aide blames Russia for hacking attempts, POLITICO EU (Feb. 13, 2017).
- Garry Kasparov, The U.S. doesn’t have a problem with Russia. It has a problem with Vladimir Putin., Washington Post (Jan. 3, 2017)
- Bruce Schneier, U.S. Elections are a mess, even if there's no evidence this one was hacked, Washington Post (Nov. 23, 2016)
- Ronald L. Rivest and Philip Stark, Still time for an election audit: Column, USA Today (Nov. 18, 2016)
- Bruce Schneier, By November, Russian hackers could target voting machines, Washington Post (July 27, 2016)
- Joseph Menn, U.S. election agency breached by hackers after November vote, Reuters (Dec. 15, 2016)
- Hiawatha Bray, Trump, Putin and the hacking of an American election, Boston Globe (July 27, 2016)
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.