“DHS was very spooked after the Disinformation Governance Board failed to deploy, even though the message [from administration officials] was clear that we can’t back down, we can’t be bullied by the right,” a senior US official told CNN.
The proposal, which was made by a federally funded nonprofit, also included plans to track foreign influence activity and slightly increase resources for reporting domestic misinformation and misinformation related to the vote.
DHS officials had legal concerns about the scope of the plan and whether it could be in place by November, the people said. But the decision not to pass the anti-harassment part of the proposal has sparked the frustration of at least two election officials as their colleagues nationwide continue to face an unprecedented wave of violent threats often inspired by online misinformation.
The episode also highlights how less than two months before the November election, the federal government is struggling to find an effective strategy to combat misinformation about the voting process and harassment of election workers, leaving many of them feel unprotected.
Having “authoritative support from our federal partners to correct ‘disinformation and misinformation about voting’ is really important,” Meagan Wolfe, who heads the Wisconsin Elections Commission, told CNN in an interview. “And I think what they’re providing now is less support than they did around the 2020 election.”
The closely held proposal has been seen as flawed by some current and former US officials. And while it didn’t enjoy unanimous support among the small group of election officials who knew about it, some felt it could have improved their security ahead of Election Day.
In August, election officials in Florida and Colorado wrote a letter, obtained by CNN, to leaders of DHS and its Cybersecurity and Infrastructure Security Agency (CISA) urging them to approve part of the plan that would combat doxing — or the online exposure of election officials’ personal information — “before these intimidation efforts escalated in the run-up to” the midterm elections.
Kathy Boockvar, vice president of the Center for Internet Security, alluded to the proposal in an interview with CNN in May.
The defense against online harassment is “an area where [election officials] could really use both training and support,” Boockvar said.
After CNN asked CISA about the letter, election officials received a response from CISA Director Jen Easterly.
“I fully share your concerns about threats to our country’s election officials,” Easterly wrote in a Sept. 16 letter obtained by CNN to election officials in Florida and Colorado. “We are committed to working with you and our partners to identify mechanisms to address this real and concerning risk.”
More generally, there have been growing calls inside and outside the federal government for an increased effort to counter election-related misinformation and disinformation. Still, significant questions remain about which federal agency should take the lead in protecting election officials from the harassment or misinformation it draws on — questions that don’t fall squarely within CISA’s mandate.
Bryan Ware, who was CISA’s deputy director for cybersecurity until Election Day in 2020, said the stakes were high.
“If someone in the US government doesn’t stand up and tackle misinformation and misinformation, I’m confident our adversaries will take advantage,” Ware told CNN.
CISA declined to comment specifically on the rejected proposal. In a statement to CNN, Kim Wyman, CISA’s senior election security officer, said the agency is “committed to building resilience against malicious foreign influence operations that seek to undermine our democracy or threaten the ‘election infrastructure or personnel’.
CISA, Wyman said, “works side by side” with election officials to combat misinformation and “has not wavered in our mission to help the American people better understand the threat of foreign influence campaigns.” .
Work to do
The origins of the proposal date back to the spring, when the Center for Internet Security (CIS), a nonprofit organization partially funded by CISA, first submitted it. CIS has been performing cybersecurity work for federal and state government agencies for years.
Among the many concerns expressed by officials about the plan was how it would be implemented. The anti-doxing component reportedly used software to track when election officials’ personal information is dumped online so that they, and possibly law enforcement, can be notified. Other parts of the plan included additional funding for an online “portal” for election officials to report false voting-related information and a service provided by New York-based firm Graphika to track influencer campaigns. foreign aiming at the elections.
While the anti-doxing and foreign influence parts of the proposal remain stalled, work on the online “portal” for election officials to report misinformation to social media platforms predated the proposal and continues today. , according to people who know her well.
CIS spokesman Jason Forget declined to comment on the proposal.
Current and former U.S. officials say there are unresolved questions about who, if anyone, in the federal government is prepared to systematically counter national narratives of misinformation and disinformation that undermine confidence in elections or threaten the security of critical infrastructures such as voting machines.
There are natural concerns that the government even appears to be infringing on free speech while cracking down on misinformation. And the variation in voting procedures between states makes state and local authorities a key resource for disproving election lies.
But the federal government can play an important role in amplifying factual information from local election offices and debunking viral rumors that could lead to violence, according to several current and former officials.
“Combating misinformation as it relates to election security is a core mission of the Department of Homeland Security and CISA,” said Bob Kolasky, who until March led CISA’s National Risk Management Center. , which works with critical infrastructure companies to understand risk, including in elections. . “To the extent that information leads to violence, DHS and CISA should support state and local election officials.”
Lessons from 2016
After Russian agents probed voter registration databases in several states in 2016, the DHS cybersecurity agency (which became CISA in 2018) took a much more active role in helping states protect their infrastructure. election-related in the 2018 and 2020 elections. Other agencies, such as the FBI and the U.S. Cyber Command, are involved in various efforts to protect U.S. elections from foreign interference, but CISA s is established as the primary federal conduit for state and local election officials.
Six years later, however, that commitment is being tested.
“It felt like we let the American public down” in 2016, with the lack of a strong federal response to Russian interference in the US election, the senior US official told CNN. “And we’re getting closer to that again because we’re afraid of our own shadow on the misinformation and misinformation front.”
CISA continues to provide cybersecurity advice to election officials and guidance on countering misinformation. Like their predecessors, Easterly and Wyman, CISA’s top election security official, met with state and local officials and offered the agency’s support.
But some election officials say they’ve seen fewer public messages from CISA about election security and not the same public effort to tackle CISA’s errors and misinformation in the past year.
“I would really like to see that [federal] support [on mis- and disinformation] really strengthened or expanded so that we know we can rely on it when working to provide facts at the local or state level,” said Wisconsin election official Wolfe.
In his statement, Wyman said CISA sought to “empower local election officials” to help voters in those communities get accurate voting information. At least 13 states have created their own websites to debunk false election information.
The “Rumor Control” webpage has not been updated since May. CISA said in an emailed statement that it updates the page when it becomes aware of “false or misleading election accounts that could pose a risk to our democratic process.”
A 35-page draft, first reported by Politico, of CISA’s “strategic plan” for 2023-2025 did not mention election security, alarming some current and former U.S. officials. The final version of the plan, released this month, reiterated the agency’s commitment to election security.
CISA has hired more specialists to assess the security of election facilities; the FBI has investigators who focus on election-related crimes across the country. These resources are intended to supplement local law enforcement, but they still fall well short of the threat, according to some election officials.
David Becker, who runs a pro bono legal defense network for election officials at risk of violence, said he was worried about the extent to which political violence has been normalized following the 2020 election.
“What if we had dozens of [the January 6, 2021, riots] across the country?” Becker said. “That’s where we’re heading because people are being lied to and told that any election in which their candidate loses is by definition robbed.”
CNN’s Geneva Sands contributed to this report.