Democracy and Cybersecurity: Preserving Democratic Institutions
In 2017, EPIC will fully engage the challenge of preserving and promoting democratic institutions. EPIC's specific interest in this issue is found in the work of our Advisory Board, as well as EPIC's ongoing legal efforts to ensure government accountability. The technical insights of faulty election systems and legal safeguards concerning privacy protection and open government converge at the common goal of preserving democratic institutions.
- 2018 Intelligence Authorization Reflects Concerns About Russian Hacking: In the proposed intelligence reauthorization for 2018, the Senate has included provisions reflecting widespread concern about the Russian interference in the 2016 election. Among other requirements, S. 1761 mandates a report to Congress detailing the past cyber attacks on election infrastructure and the risk of future attacks, as well as a report assessing the intelligence community response to the attacks. The bill also gives the intelligence community 90 days to develop a strategy to counter the threat of future Russian cyber attacks. And the bill requires the Director of National Intelligence to submit to Congress a report assessing the "threat of Russian money laundering to the United States." EPIC raised similar concerns in a series of leading open government cases concerning the Russian interference. In EPIC v. FBI, EPIC is seeking information about the FBI's response to the attacks and has obtained the FBI Notification Procedures that should have been followed after a cyber attack. In EPIC v. ODNI, EPIC is seeking the release of the complete intelligence report on the scope of the Russian attack. And in EPIC v. IRS, EPIC is seeking to obtain the public release of Donald Trump’s tax returns. (Aug. 25, 2017)
- EPIC Pursues Release of Trump Tax Returns in IRS FOIA Case: EPIC filed a court brief Monday opposing an attempt by the Internal Revenue Service to dismiss EPIC's FOIA lawsuit for President Trump's tax returns. EPIC filed the suit for the tax records on April 15 after the IRS refused to process EPIC's FOIA Request for the President's returns. The IRS responded by asking the court to dismiss the case, insisting that the agency did not have to process EPIC's request because the President's consent had not been obtained. As EPIC told the court on Monday, the IRS focused on the wrong law, ignoring a provision that gives EPIC a right to access the President's tax records without consent. EPIC explained that the agency's argument "is irrelevant to the processing of this particular FOIA request." EPIC v. IRS is one of three leading open government cases concerning Russian interference with the 2016 Presidential election. In EPIC v. ODNI, EPIC is seeking the release of the complete report on the scope of the attack. In EPIC v. FBI, EPIC is seeking information about the FBI’s response to the attack. (Jun. 27, 2017)
- The FOIA Project Provides 2017 FOIA Report (May. 31, 2017) +
- Executive Order on Cybersecurity Finally Released (May. 12, 2017) +
- Former Attorney General Testifies about Russian Influence with Key Trump Advisor (May. 9, 2017) +
- On Cyber Policy, EPIC Urges Senate to Protect Consumers, Democratic Institutions (May. 8, 2017) +
- EPIC To Senate Judiciary - "Public Has Right to Know About Russia Ties" (May. 5, 2017) +
- EPIC v. ODNI: EPIC Anticipates Release of Report on Russian Hacking (May. 2, 2017) +
- Following Congress, EPIC Seeks Public Release of DHS Records on Russian Interference (Mar. 31, 2017) +
- EPIC To Senate Intelligence - "Public Has Right to Know About Russia Ties" (Mar. 29, 2017) +
- EPIC Pursues Release of President Trump's Tax Returns (Mar. 29, 2017) +
- EPIC FOIAs Docs for Key Witnesses at Cancelled Oversight Hearing (Mar. 24, 2017) +
- EPIC Seeks Public Release of Secret Directive on Cybersecurity (Jan. 28, 2017) +
- EPIC Sues for Release of Complete Report on Russian Interference with 2016 Election (Jan. 26, 2017) +
- NEWS UPDATE - EPIC Sues FBI for Details of Russian Interference with 2016 Election (Jan. 18, 2017) +
- EPIC Urges Senate Committee to Ensure UN Ambassador Supports International Privacy Convention (Jan. 18, 2017) +
- EPIC Tells Senate to Probe Commerce Nominee on Data Protection, Privacy Shield (Jan. 18, 2017) +
- Senate Intelligence Committee Presses FBI to Reveal Russia Investigation (Jan. 16, 2017) +
- EPIC, Technology Experts Urge Senate Committee to Monitor President’s Homeland Security Advisor (Jan. 10, 2017) +
- EPIC Seeks Expedited Release of Report on Russian Interference in 2016 Election (Jan. 10, 2017) +
- Senate Armed Services Committee to Examine Foreign Cyber Threats (Jan. 4, 2017) +
- Obama Sanctions Russia for Election “Hack" (Dec. 30, 2016) +
- EPIC Seeks FBI Records on Russian Interference in 2016 Presidential Election (Dec. 22, 2016) +
- Obama Orders Review of Hacking During 2016 Election (Dec. 9, 2016) +
- As Voters Go To Polls, EPIC Backs "Data Protection 2016," Secret Ballot (Nov. 7, 2016) +
- EPIC Urges Congress to Protect Voter Privacy (Sep. 27, 2016) +
- Secret Ballot At Risk in Maryland After Election Board Vote (Sep. 27, 2016) +
- EPIC, Verified Voting, Common Cause Release Report on Ballot Secrecy (Aug. 18, 2016) +
- EPIC Hosts Policy Forum at National Press Club (Jun. 10, 2016) +
- EPIC Launches "Data Protection 2016" to Make Privacy a Campaign Issue (Feb. 7, 2016) +
- EPIC: Voters Should Be Wary of 2012 Election Apps (Aug. 13, 2012) +
- EPIC releases 2010 E-Deceptive Campaign Practices Report (Oct. 27, 2010) +
- EPIC's Lillie Coney Appointed to Election Advisory Committee (Dec. 17, 2009) +
More top news
The rise of electronic voting brought with it concerns about transparency and verifiability. When there are no paper ballots to count, how can anyone be sure that his or her vote was counted? Key issues include ensuring ballot secrecy, that all votes cast are counted, and that the final outcome of the election is verifiably correct.
- EPIC v. DOD, seeking penetration testing reports relating to the Department of Defense's e-voting program (2014).
EPIC Amicus Briefs
- Veasey v. Abbott, Concerning the legality of the Texas Voter Photo Identification Law (2016).
- Crawford v. Marion County Arguing against Indiana's voter ID requirement (2007).
EPIC Testimony and Statements
- EPIC Letter re: Cybersecurity: Ensuring the Integrity of the Ballot Box, U.S. House Committee on Oversight and Government Reform (Sept. 28, 2016).
- EPIC Letter re: Voter Verification in the Federal Elections Process, U.S. Senate Committee on Rules (June 21, 2005).
- EPIC, Verified Voting, Common Cause: The Secret Ballot at Risk: Recommendations for Protecting Democracy (2016)
- EPIC: Voter ID
- EPIC: Voter Privacy
- U.S. Election Assistance Commission
- Ronald L. Rivest: Voting Resources Page
- Ronald L. Rivest, ClipAudit: A Simple Risk-Limiting Post-Election Audit (2017)
- Ronald L. Rivest, Auditability and Verifiability of Elections (2016)
- Ronald L. Rivest, Was YOUR Vote Counted?, Numberphile (2016)
- Douglas W. Jones and Barbara Simons, Broken Ballots: Will Your Vote Count? (2012)
- Verified Voting, Computer Technologists’ Statement on Internet Voting (September 2012)
- David Chaum, Secret-Ballot Receipts: True Voter-Verifiable Elections, IEEE Security & Privacy (2004)
- Peter G. Neumann, Security Criteria for Electronic Voting 16th National Computer Security Conference, Baltimore, MD (1993)
- Ronald L. Rivest, Electronic Voting
Russian Interference with the 2016 Election
During the 2016 election season, Russia carried out a multi-pronged attack intended to “undermine public faith in the US democratic process,” according to a report by the Office of the Director of National Intelligence.
- EPIC v. FBI Seeking records related to the FBI's response to foreign cyber attacks on democratic institutions in the United States prior to the 2016 Presidential Election (2017).
- EPIC v. ODNI Seeking release of the Complete ODNI Assessment of the Russian interference with 2016 U.S. Presidential Election (2017).
EPIC Testimony and Statements
- Russian Efforts to Influence Democratic Elections in the United States and Abroad, U.S. Senate Committee on the Judiciary (Feb. 8, 2017)
- Foreign Cyber Threats to the United States, U.S. Senate Committee on Armed Services (Jan. 4, 2017).
- Office of the Director of National Intelligence, Assessing Russian Activities and Intentions in Recent US Elections (2017) (Redacted public version)
Transparency and accountability of US cybersecurity policy
Russian interference in the 2016 election led to calls for increased attention to cybersecurity. It is not yet clear, however, what that will mean. As the U.S. works to strengthen cybersecurity to resist interference in the democratic process, it must preserve the principles of transparency and accountability that are fundamental to democratic governance.
- EPIC v. DOJ, seeking the EU-US Umbrella Agreement, a framework for transatlantic data transfers between the US and the EU. The proposed goal of the Agreement is to provide data protection safeguards for personal information transferred between the EU and the US (2015).
- EPIC v. DOJ, seeking the reports that detail the NSA's collection of call record information from US companies (2013).
- EPIC v. NSA, seeking records about the NSA's arrangement with Google regarding cybersecurity, following news reports that the agency would assist the company in analyzing network traffic (2010).
- EPIC v. NSA, seeking NPSD 54, a Presidential Directive that grants the National Security Agency broad authority to conduct surveillance of domestic communications (2010).
- EPIC v. Virginia State Police, seeking records that directly relate to alleged federal government involvement with a bill which exempts the Virginia Fusion Intelligence Center Virginia Fusion Center from Virginia privacy and government transparency laws (2008).
EPIC Testimony and Statements
- Appointment of Thomas P. Bossert for White House Homeland Security Advisor, U.S. Senate Committee on Homeland Security and Governmental Affairs (Jan. 10, 2017)
- Planning for the Future of Cyber Attack Attribution, House Committee on Science and Technology (Jul. 15, 2010)
- Securing Our Infrastructure: Private/Public Information Sharing, Senate Committee on Governmental Affairs (May 8, 2002)
- H.R. 4246, the Cyber Security Information Act, House Committee on Government Reform (Jun. 22, 2000)
- CyberAttack: The National Protection Plan and its Privacy Implications, Senate Committee on the Judiciary (Feb. 1, 2000)
- Cypto Legislation, Senate Committee on Commerce, Science, and Transportation (Jun. 26, 1996)
- The Computer Security Act of 1987 and the Memorandum of Understanding Between NIST and the NSA, House Committee on Government Operations (May 4, 1989)
Documents Obtained by EPIC
- DOJ Policy On AG-President Communications
- EPIC v. FBI, Production May 11, 2017
- New Program For a New Threat, POLITCO Morning Cybersecurity (Feb. 15, 2017).
- James Hood, Cyber attacks threaten democracy, EPIC warns, ConsumerAffairs (Feb. 14, 2017).
- Kim Sengupta, Russia accused of launching hacking campaign during UK general election, The Independent (Feb. 14, 2017).
- Nicholas Vinocur, Emmanuel Macron aide blames Russia for hacking attempts, POLITICO EU (Feb. 13, 2017).
- Garry Kasparov, The U.S. doesn’t have a problem with Russia. It has a problem with Vladimir Putin., Washington Post (Jan. 3, 2017)
- Bruce Schneier, U.S. Elections are a mess, even if there's no evidence this one was hacked, Washington Post (Nov. 23, 2016)
- Ronald L. Rivest and Philip Stark, Still time for an election audit: Column, USA Today (Nov. 18, 2016)
- Bruce Schneier, By November, Russian hackers could target voting machines, Washington Post (July 27, 2016)
- Joseph Menn, U.S. election agency breached by hackers after November vote, Reuters (Dec. 15, 2016)
- Hiawatha Bray, Trump, Putin and the hacking of an American election, Boston Globe (July 27, 2016)
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.