Democracy and Cybersecurity: Preserving Democratic Institutions
In 2017, EPIC will fully engage the challenge of preserving and promoting democratic institutions. EPIC's specific interest in this issue is found in the work of our Advisory Board, as well as EPIC's ongoing legal efforts to ensure government accountability. The technical insights of faulty election systems and legal safeguards concerning privacy protection and open government converge at the common goal of preserving democratic institutions.
- The FOIA Project Provides 2017 FOIA Report: A new report from The FOIA Project tracks many of the Freedom of Information Act lawsuits filed by media organizations and journalists in 2017. According to TRAC, forty-five new FOIA lawsuits were filed by thirty-nine news organizations and reporters. The New York Times, with six FOIA suits, filed suit most frequently. In second place is EPIC, which has already filed four FOIA lawsuits in 2017, including a suite of lawsuits under the new EPIC Democracy and Cybersecurity Project focused on preserving democratic institutions. In EPIC v. ODNI EPIC seeks public release of the January 2017 report of the intelligence community on Russian hacking, and in EPIC v. IRS EPIC seeks release of President Trump's Tax records. In EPIC v. FBI, EPIC has already obtained the Bureau's procedures for notifying organizations that are the target of a cyber attack. EPIC has asked Congress to determine whether the FBI did enough to notify US political organizations about Russian cyber attacks during he 2016 Presidential election. (May. 31, 2017)
- Executive Order on Cybersecurity Finally Released: A long delayed Executive Order on cybersecurity was released this week. The Order continues many of the cybersecurity policies of the Obama and Bush administrations. The Executive Order requires agency heads to use the NIST Framework to manage cybersecurity risk, and to provide a risk management report. The Order also requires Cabinet officials to devise a strategy for international cooperation in cybersecurity. However, the Order does not address Russia's cyber interference with the 2016 Presidential Election. EPIC, and a group of forty leading experts in law and technology, had urged the White House to strengthen privacy and data protection, and support strong encryption. The EPIC Cybersecurity and Democracy Project focuses on US cyber policies, threats to election systems and foreign attempts to influence American policymaking. (May. 12, 2017)
- Former Attorney General Testifies about Russian Influence with Key Trump Advisor (May. 9, 2017) +
- On Cyber Policy, EPIC Urges Senate to Protect Consumers, Democratic Institutions (May. 8, 2017) +
- EPIC To Senate Judiciary - "Public Has Right to Know About Russia Ties" (May. 5, 2017) +
- EPIC v. ODNI: EPIC Anticipates Release of Report on Russian Hacking (May. 2, 2017) +
- Following Congress, EPIC Seeks Public Release of DHS Records on Russian Interference (Mar. 31, 2017) +
- EPIC To Senate Intelligence - "Public Has Right to Know About Russia Ties" (Mar. 29, 2017) +
- EPIC Pursues Release of President Trump's Tax Returns (Mar. 29, 2017) +
- EPIC FOIAs Docs for Key Witnesses at Cancelled Oversight Hearing (Mar. 24, 2017) +
- EPIC Seeks Public Release of Secret Directive on Cybersecurity (Jan. 28, 2017) +
- EPIC Sues for Release of Complete Report on Russian Interference with 2016 Election (Jan. 26, 2017) +
- NEWS UPDATE - EPIC Sues FBI for Details of Russian Interference with 2016 Election (Jan. 18, 2017) +
- EPIC Urges Senate Committee to Ensure UN Ambassador Supports International Privacy Convention (Jan. 18, 2017) +
- EPIC Tells Senate to Probe Commerce Nominee on Data Protection, Privacy Shield (Jan. 18, 2017) +
- Senate Intelligence Committee Presses FBI to Reveal Russia Investigation (Jan. 16, 2017) +
- EPIC, Technology Experts Urge Senate Committee to Monitor President’s Homeland Security Advisor (Jan. 10, 2017) +
- EPIC Seeks Expedited Release of Report on Russian Interference in 2016 Election (Jan. 10, 2017) +
- Senate Armed Services Committee to Examine Foreign Cyber Threats (Jan. 4, 2017) +
- Obama Sanctions Russia for Election “Hack" (Dec. 30, 2016) +
- EPIC Seeks FBI Records on Russian Interference in 2016 Presidential Election (Dec. 22, 2016) +
- Obama Orders Review of Hacking During 2016 Election (Dec. 9, 2016) +
- As Voters Go To Polls, EPIC Backs "Data Protection 2016," Secret Ballot (Nov. 7, 2016) +
- EPIC Urges Congress to Protect Voter Privacy (Sep. 27, 2016) +
- Secret Ballot At Risk in Maryland After Election Board Vote (Sep. 27, 2016) +
- EPIC, Verified Voting, Common Cause Release Report on Ballot Secrecy (Aug. 18, 2016) +
- EPIC Hosts Policy Forum at National Press Club (Jun. 10, 2016) +
- EPIC Launches "Data Protection 2016" to Make Privacy a Campaign Issue (Feb. 7, 2016) +
- EPIC: Voters Should Be Wary of 2012 Election Apps (Aug. 13, 2012) +
- EPIC releases 2010 E-Deceptive Campaign Practices Report (Oct. 27, 2010) +
- EPIC's Lillie Coney Appointed to Election Advisory Committee (Dec. 17, 2009) +
More top news
The rise of electronic voting brought with it concerns about transparency and verifiability. When there are no paper ballots to count, how can anyone be sure that his or her vote was counted? Key issues include ensuring ballot secrecy, that all votes cast are counted, and that the final outcome of the election is verifiably correct.
- EPIC v. DOD, seeking penetration testing reports relating to the Department of Defense's e-voting program (2014).
EPIC Amicus Briefs
- Veasey v. Abbott, Concerning the legality of the Texas Voter Photo Identification Law (2016).
- Crawford v. Marion County Arguing against Indiana's voter ID requirement (2007).
EPIC Testimony and Statements
- EPIC Letter re: Cybersecurity: Ensuring the Integrity of the Ballot Box, U.S. House Committee on Oversight and Government Reform (Sept. 28, 2016).
- EPIC Letter re: Voter Verification in the Federal Elections Process, U.S. Senate Committee on Rules (June 21, 2005).
- EPIC, Verified Voting, Common Cause: The Secret Ballot at Risk: Recommendations for Protecting Democracy (2016)
- EPIC: Voter ID
- EPIC: Voter Privacy
- U.S. Election Assistance Commission
- Ronald L. Rivest: Voting Resources Page
- Ronald L. Rivest, ClipAudit: A Simple Risk-Limiting Post-Election Audit (2017)
- Ronald L. Rivest, Auditability and Verifiability of Elections (2016)
- Ronald L. Rivest, Was YOUR Vote Counted?, Numberphile (2016)
- Douglas W. Jones and Barbara Simons, Broken Ballots: Will Your Vote Count? (2012)
- Verified Voting, Computer Technologists’ Statement on Internet Voting (September 2012)
- David Chaum, Secret-Ballot Receipts: True Voter-Verifiable Elections, IEEE Security & Privacy (2004)
- Peter G. Neumann, Security Criteria for Electronic Voting 16th National Computer Security Conference, Baltimore, MD (1993)
- Ronald L. Rivest, Electronic Voting
Russian Interference with the 2016 Election
During the 2016 election season, Russia carried out a multi-pronged attack intended to “undermine public faith in the US democratic process,” according to a report by the Office of the Director of National Intelligence.
- EPIC v. FBI Seeking records related to the FBI's response to foreign cyber attacks on democratic institutions in the United States prior to the 2016 Presidential Election (2017).
- EPIC v. ODNI Seeking release of the Complete ODNI Assessment of the Russian interference with 2016 U.S. Presidential Election (2017).
EPIC Testimony and Statements
- Russian Efforts to Influence Democratic Elections in the United States and Abroad, U.S. Senate Committee on the Judiciary (Feb. 8, 2017)
- Foreign Cyber Threats to the United States, U.S. Senate Committee on Armed Services (Jan. 4, 2017).
- Office of the Director of National Intelligence, Assessing Russian Activities and Intentions in Recent US Elections (2017) (Redacted public version)
Transparency and accountability of US cybersecurity policy
Russian interference in the 2016 election led to calls for increased attention to cybersecurity. It is not yet clear, however, what that will mean. As the U.S. works to strengthen cybersecurity to resist interference in the democratic process, it must preserve the principles of transparency and accountability that are fundamental to democratic governance.
- EPIC v. DOJ, seeking the EU-US Umbrella Agreement, a framework for transatlantic data transfers between the US and the EU. The proposed goal of the Agreement is to provide data protection safeguards for personal information transferred between the EU and the US (2015).
- EPIC v. DOJ, seeking the reports that detail the NSA's collection of call record information from US companies (2013).
- EPIC v. NSA, seeking records about the NSA's arrangement with Google regarding cybersecurity, following news reports that the agency would assist the company in analyzing network traffic (2010).
- EPIC v. NSA, seeking NPSD 54, a Presidential Directive that grants the National Security Agency broad authority to conduct surveillance of domestic communications (2010).
- EPIC v. Virginia State Police, seeking records that directly relate to alleged federal government involvement with a bill which exempts the Virginia Fusion Intelligence Center Virginia Fusion Center from Virginia privacy and government transparency laws (2008).
EPIC Testimony and Statements
- Appointment of Thomas P. Bossert for White House Homeland Security Advisor, U.S. Senate Committee on Homeland Security and Governmental Affairs (Jan. 10, 2017)
- Planning for the Future of Cyber Attack Attribution, House Committee on Science and Technology (Jul. 15, 2010)
- Securing Our Infrastructure: Private/Public Information Sharing, Senate Committee on Governmental Affairs (May 8, 2002)
- H.R. 4246, the Cyber Security Information Act, House Committee on Government Reform (Jun. 22, 2000)
- CyberAttack: The National Protection Plan and its Privacy Implications, Senate Committee on the Judiciary (Feb. 1, 2000)
- Cypto Legislation, Senate Committee on Commerce, Science, and Transportation (Jun. 26, 1996)
- The Computer Security Act of 1987 and the Memorandum of Understanding Between NIST and the NSA, House Committee on Government Operations (May 4, 1989)
- New Program For a New Threat, POLITCO Morning Cybersecurity (Feb. 15, 2017).
- James Hood, Cyber attacks threaten democracy, EPIC warns, ConsumerAffairs (Feb. 14, 2017).
- Kim Sengupta, Russia accused of launching hacking campaign during UK general election, The Independent (Feb. 14, 2017).
- Nicholas Vinocur, Emmanuel Macron aide blames Russia for hacking attempts, POLITICO EU (Feb. 13, 2017).
- Garry Kasparov, The U.S. doesn’t have a problem with Russia. It has a problem with Vladimir Putin., Washington Post (Jan. 3, 2017)
- Bruce Schneier, U.S. Elections are a mess, even if there's no evidence this one was hacked, Washington Post (Nov. 23, 2016)
- Ronald L. Rivest and Philip Stark, Still time for an election audit: Column, USA Today (Nov. 18, 2016)
- Bruce Schneier, By November, Russian hackers could target voting machines, Washington Post (July 27, 2016)
- Joseph Menn, U.S. election agency breached by hackers after November vote, Reuters (Dec. 15, 2016)
- Hiawatha Bray, Trump, Putin and the hacking of an American election, Boston Globe (July 27, 2016)
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.
by Ryan Calo, A. Michael Froomkin,