Every election cycle, a news storm breaks out about the possibility of mass voting fraud. We hear that the poll machines are broken, or sabotaged, or too confusing, or all of these things at once. And there’s certainly some truth to this, though maybe not to the extent that Americans believe in the aftermath of a heated election.
But while legislators are pressed on all sides to do something about the safety of our democracy – from returning to paper ballots, to doing the opposite – there’s something far more dangerous to the integrity of American elections happening right under their noses.
Voting machines, no matter what form they take, represent the “hardware” of democracy. Without them, expressing an opinion is impossible. But – more important than hardware – media constitutes the “software” of democracy. Without media, forming an opinion is impossible. And when its integrity is compromised, the number of compromised votes can scale to millions.
Since the flurry of investigations surrounding “fake news” in the aftermath of the 2016 election, the whole topic of media compromise has been a divisive subject. But largely, everyone discussing it is missing the forest for the trees.
As long as media exists, bad media will exist too. A democratic government cannot regulate lies out of existence: but it can regulate the way that lies are delivered. And the way our media works, the spread of bad and biased journalism is not only pervasive but inevitable. How?
Combined, the number of Americans who get their information from social media stories and news sites outpaces print news and television. But the web in 2019, is run by content algorithms that deliver users whatever they want to hear. Which – given human nature – means sensational, slanted, or outright false information becomes bigger and louder than our best and most objective press-people.
When this fact is raised, the first impulse of many commentators is to point a finger at Facebook and its targeted content algorithms. What they fail to realize is that the rest of the Internet works this way too – and worse, the publications it impacts rarely know it.
Facebook, Google, Twitter and all the rest of them deliver targeted content to users by design. But the vast majority of Internet publishers can’t afford to write their own content recommendation algorithms, and instead rely on third parties to do it for them.
Third-party code (3PC) is so widespread, that 80-95% of all the code on a media site is made up of it. And – while some of that code is innocuous – the little percentage that isn’t poisons the well.
Go to a car site, then switch back to your favorite news publication. See a car ad? That’s no coincidence. Even when users try to “delete their tracks” by clearing cookies, 3PC has other ways, and it uses them: by “fingerprinting,” a bad third party can follow users all around the web. Then, using the code it has deployed across hundreds – possibly thousands – of websites, it can throw whatever it wants in front of them.
Meanwhile, publishers who often fail to vet their partners are none the wiser. On a large and respected publication owned by one of our clients, we found – behind the innocuous ads and stories – 163 third-party assets, and 238 domains siphoning information from the user and changing what they saw.
In the AdTech industry, those of us who realize this problem are doing everything we can to address it. From urging publishers to scan their partners and actively monitor domains, we seek to fix the media supply chain by restoring accountability and enforcing responsibility on ourselves.
But not everyone’s going to play along; and in the meanwhile, foreign powers – not to mention national interest groups and politicians – are more than happy to take advantage of the gaping vulnerabilities in our democratic process.
It’s clear we need more than a sense of grassroots civic responsibility. We need policy: but by now, American policy is lagging years – if not decades – behind technology. One of our most advanced laws against media-election interference is the fairness doctrine, made during the age of radio.
Other countries who understand the importance of media for national security and the integrity of elections are churning policies to fix it. From European laws mandating the “right to explanation” for an algorithm’s output, to the CNIL’s recommendation for similar legislation in France, the rest of the world is acting fast.
Who knows: by the time U.S election officials manage to produce the scientifically perfect voting machine, thereby saving the country a few thousand votes every election cycle, media policy will have caught up with dial-up and flip-phones. But how many millions of votes will be lost while the technology of today goes unchecked?
by CHRIS OLSON
Digital3PC.com is an independent platform that brings together the best minds from tech, government, research, and academia to shape the future of cybersecurity policy and offer best practice solutions when responding to cyber threats. The most common access point for malware spread, data breaches, IP theft, election meddling, disinformation campaigns, and cyberwarfare is malicious third-party code (3PC) that makes its way into our websites, apps, and IoT devices. The compromise of the digital ecosystem erodes user trust and the credibility of media organizations, and undermines the integrity of our democracy, economy, and public safety.