In the quest for political office, modern campaigners deal in the currency of the moment, information. Information is power, and campaigns trade fiercely in it, exhaustively researching their opponents’ past, scrutinizing the moods of the elusive swing voter and spewing (or leaking) favorable information about their own candidate.
Of course, politicians try to harness the power of the internet, but some campaigns look more like they are stumbling than steering through cyberspace.
In August, Connecticut Senator Joe Lieberman’s campaign accused the office of his opponent, Ned Lamont, of coordinating a human, distributed denial-of-service attack on Lieberman’s Joe2006 website. Lamont denied the allegation. Lieberman critics said various error messages suggested the campaign did not buy enough bandwidth to handle normal traffic.
Then, California Governor Arnold Schwarzenegger accused challenger Phil Angelides’ campaign of breaking into a password-protected computer to obtain an embarrassing audio file of Schwarzenegger referring to a Latino state representative’s “hot” blood. Investigation by the Angelides people showed that the governor’s campaign had included audio recordings of private meetings with recordings of speeches and press conferences on a public, unsecured web server.
In mid-September, the Minnesota Senate campaign for Democrat Amy Klobuchar reported to the FBI that their communications director had viewed an unaired TV attack ad commissioned by their opponent, Mark Kennedy. A blogger sent the communications director a link to the ad. While the specific link was not password-protected, the blogger said he found the link after guessing the password to the website. Uncertain whether the blogger had discovered the ad illegally, the campaign felt compelled to report the incident to the authorities.
About a week later, two liberal bloggers traced comments on Democratic candidate Paul Hodes’ webpage to the policy director for Hodes’ opponent, Rep. Charles Bass (R-New Hampshire). The policy director, Tad Furtado, was “sock puppeting,” pretending to be a Hodes supporter arguing that Bass held such a large lead in polls that like-minded New Hampshire Democrats should focus their campaign efforts on more competitive races in New York or Connecticut.
Last Thursday, Rick Bolanos, the Democratic candidate for Congress in San Antonio, Texas, filed a lawsuit alleging Rep. Henry Bonilla’s campaign was cybersquatting on a dozen domain names Bolanos would normally use for his campaign’s website.
Why are so many campaigns tripping over the internet?
Campaigns are about collecting, controlling and disseminating information. The internet has a lot of rules about information transfer. These rules include complicated “unauthorized access” statutes, copyright law, trademark law and domain-name regulations.
Campaigns are down-and-dirty struggles for power. Leaking favorable information and researching your opponent are fundamental tools in the contest. The internet provides a wealth of new outlets and sources of information, but the ethics of internet use are in flux, if only because it is still relatively new and does not always match up well with the ethics of campaigns, or of the rest of society.
Where law and ethics are unclear, there’s risk, and where there’s risk, there are traps for the most aggressive users of the internet, including campaigns.
Furtado resigned for pretending to be someone he was not. But on the internet, it is accepted to go by a false name. California’s governor accused his opponent of “hacking”, but the information was not password-protected. It was secure only by virtue of the fact that no one had stumbled on it yet. In the real world, if you stumble upon juicy information, you are allowed to publicize it. In cyberspace, you might run afoul of computer-trespass laws.
The federal law, and every state, has a “computer trespass” statute that prohibits access to computers without authorization or without permission. Mostly, we use the internet assuming that we have permission to connect to this or that web server unless there is some indication to the contrary. After all, the owner intentionally hooked the machine to the public network.
The law is much less clear. Some cases suggest that a user needs explicit permission before connecting. Other cases hold that using a networked computer in a way that’s contrary to the owner’s interests is trespassing.
In a campaign, every time a candidate’s team searches for the opponents’ latest speeches and press releases, they are acting against the opponent’s interests. Perhaps Klobuchar’s former communications director could have known she was on Kennedy’s media consultant’s website looking at an unreleased ad. But without password-protecting it, is she supposed to look away just because her viewing it is contrary to what Kennedy’s team would have preferred?
This uncertainty applies outside of campaigns as well.
When students found an archive of e-mails documenting that Diebold electronic voting machines were insecure, the company initially argued that an unidentified hacker had stolen the e-mails and thus no one should redistribute them. When former AT&T employee Mark Klein disclosed to the return the documents.
Where there’s legal uncertainty, you want to be the good guy, rather than a bad actor. That way, even if you technically broke the law, prosecutors will be reluctant to charge and juries reluctant to convict. Campaigns have a particularly tough time mitigating legal uncertainty. It’s difficult to look like a good guy when you’re trying to bloody the opponent’s nose to gain power for yourself. And with the internet, reasonable people differ on what an ethical choice would be.
As more politicians start to use the internet, and as Election Day nears, we’ll see more cases of campaigns making embarrassing security mistakes, violating various internet regulations and transgressing an equally complicated web of ethical constraints.
Campaigns need to learn how the internet works and how to secure their data and protect their information from attack. Internet law needs to accommodate the fact that real life is messy, and hard-fought campaigns are even messier.
At the same time, there has to be enough cyberspace for the Rick Bolanoses of the world to get their message out. In the meanwhile, a lot of computer-savvy aides are going to be resigning.
– – –
Jennifer Granick is executive director of the Stanford Law School Center for Internet and Society, and teaches the Cyberlaw Clinic.
