Opinion: Presidential campaigns' thirst for big data threatens voter privacy
Presidential campaigns are using sophisticated data mining and analytics software to gain the edge when it comes to courting voters. But the wholesale collection, storage, and sale of voters' political information raises serious questions over how potential supporters are targeted and how their information is exploited.
Ever since advanced data analytics helped President Obama secure a close reelection in 2012, campaigns are eager to harness the power of big data to gain the edge. Unfortunately, the drive to know the electorate inside and out presents deep privacy challenges.
Of course, campaigns have long craved voter data. But now, campaigns can track us like never before, following our digital trails, amassing and aggregating information from countless sources, and getting help from companies that specialize in this sort of data harvesting. Catalist LLC famously provides voter data for progressive campaigns and causes, and helped the 2012 Obama campaign. Republicans have similar platforms, including GOP Data Center and i360.
These companies create voter profiles by gathering information from voting records, public records, unions, advocacy groups, political parties, donor databases, data brokers, pollsters, nonprofits, social media, and any other publicly available and paid for data sets. Using this information (which has been alleged to include thousands of points of relevant data), campaigns can know what type of car you drive, your favorite stores, activists groups you belong to, whether you have any children, your income and race, and numerous other characteristics that could be used to predict your vote. The ideal is to build a profile of every person of voting age – possibly going younger, to be prepared to deal with folks who can vote for the first time during upcoming elections.
Armed with a trove of information, campaigns can delve into sensitive territory. They’re trying to predict how likely individuals are to vote for a particular candidate and figure out what motivates their decision-making. They also can use the data to purchase targeted ads that connect with your particular interests and individual concerns.
But according to a 2012 poll conducted by faculty and students associated with the Annenberg School of Communication at the University of Pennsylvania, "the vast majority of adult Americans – 86 percent – do not want political campaigns to tailor advertisements to their interests." Furthermore, "64 percent of Americans say their likelihood of voting for a candidate they support would decrease … if they learn a candidate’s campaign organization buys information about their online activities and their neighbor's online activities – and then sends them different political messages it thinks will appeal to them."
We would like to encourage more vigorous debate about the appropriate standards of political messages, but realize it's an uphill battle to change the status quo. First Amendment political speech protections are likely to ensure that candidates are exempt from privacy rules that apply to everyday businesses. There’s also little incentive for federal and state regulators to go after campaigns that aggressively use personal information. And, while "state election laws regulate false and deceptive campaign statements, they are mostly silent on unfair or deceptive online campaign practices," according to Ira Rubinstein, an adjunct professor at New York University School of Law.
Realistically, we may be in a holding pattern until voter backlash occurs over creepy campaign advertising or intrusive e-mails. Or, it might take a major presidential campaign suffering an embarrassing data breach that exposes sensitive information. Obviously, these are undesirable scenarios.
Another area of concern is the indefinite shelf life of campaign information. Most candidates share data with other campaigns, candidates, political organizations, and even commercial entities. This means if you donate to a campaign using an e-mail address, it's likely many groups will acquire it, learn why you donated, and reach out. Even if you unsubscribe from a campaign, others still will have your information and use it, secure in their knowledge that political campaigns are largely exempt from anti-SPAM laws that apply to businesses.
Frankly, there are few restrictions on how campaigns can share information. When campaigns have shown restraint, it's rare that they've been moved by esteem for privacy. For example, when Organizing for America, the successor to the Obama campaign, initially declined to share all of its information with the Democratic National Committee ahead of the 2014 midterms, it was due to concerns that different tax-exemptions might dictate what information could be shared without raising the ire of the Internal Revenue Service.
Indeed, even after a candidate drops out of a race, campaigns still can sell a wealth of information to any interested parties or to settle their debts – behavior that caused public outrage when a bankrupted RadioShack attempted to sell customer e-mails. We find the lack of constraints troubling. If campaigns want to collect and share voter information, they ought to ensure individuals have more control over what happens next, ideally permitting them to opt-out entirely.
Bottom line: Although campaigns are in it to win it, they should prioritize responsible use of voter information and fall closer in line to private sector companies that are required to take privacy seriously, even as they churn a profit. This includes taking steps to ensure the vendors and other partners they work with protect the information that’s placed in their hands and avoid taking advantage of political protections that allow them to be reckless with our informational privacy.
Campaigns might be unable to ensure all staffers, volunteers, and interns understand the ins-and-outs of privacy law and are well versed in the reasons people have for caring about privacy. But corporations have similar problems and they haven’t been given a pass. Instead, they’ve hired chief privacy officers and other officials who help create an organizational culture that values privacy. Privacy officers are responsible for training and oversight, and both tasks seem especially important as campaigns staff up on computer scientists and other data crunchers.
Candidates shouldn’t wait for disaster to strike before taking our privacy seriously. They can afford to invest more to ensure they’re running a respectable data-driven race to the White House.
Evan Selinger is a professor of philosophy at Rochester Institute of Technology. Follow him on Twitter @EvanSelinger. Joseph Jerome is policy counsel for the Future of Privacy Forum. Follow him on Twitter @joejerome. Elliott Murray is project assistant for the Future of Privacy Forum.