There's extremely bad blood between the Hillary and Sanders campaigns, and the Sanders guys think the DNC fabricated a scandal by immediately going public, and possibly set them up.
There's a big difference between Obama and Hillary, where he's pretty saturnine about attacks on him even when they get pretty crazy, and she takes things more personally and circles the wagons and counterattacks.
Sanders personally took a jab at Clinton during his apology, saying he wasn't sure that her campaign didn't do the same thing, but providing no evidence of that.
How can he when the company in question and the DNC are both for Hillary. How can they know if there is evidence with out the cooperation of those entities. Hence why they are suing to gain access to those records.
The characterization was that Sanders is "Saturnine" while Clinton is circling the wagons and counterattacking.
Clinton said that she was ready to move on from this, while Sanders is looking for an investigation.
Since there's nothing else to discover about the Sanders campaign, the public and repeated calls for investigation is presumably to find a smoking gun to prosecute the Clinton campaign, the DNC and the data company for collusion and worse.
The problem is our politicians have a nasty habit of overplaying their hand on every. single. "scandal." It starts to sound like the boy who cried wolf. Every time a new one pops up, it's hard to tell whether it is of substance or just another game of political football. It makes sense that after two decades of attacks on their name, the public is a little more hesitant to be riled up.
She was ready to move on when someone else got attacked, yes. Why wouldn't she? She only stands to benefit from ignoring the issue, and she stands to suffer for engaging.
Interesting article, though it left out some context.
The Sanders campaign tried to report this issue months ago [1]. Nathaniel Pearlman, the founder of NGP, now NGP VAN, was CTO of Hillary's 2008 run for president [2]. Debbie Wasserman Schultz, the Chair of the DNC, was campaign co-chair of Hillary's 2008 run for president [3]. Robert Reich, former Secretary of Labor under Clinton, has criticized the DNC for being biased against the Sanders campaign several times [4] [5].
This is incorrect. The October issue was not part of NGP VAN - it was with another DNC vendor that works for both campaigns, though I haven't seen anyone publish which one.
The data director (who was fired) corrected his statement on MSNBC saying “it wasn’t actually within the VAN VoteBuilder system, it was another system" [1]
I would also say that all the conspiracy theories about connections between Clinton and NGP VAN are insane. You can take any other tech company in this space and find just as many connections to the Clintons. If you've been involved in democratic politics at any point in the last two decades, chances are you can be linked back to Bill or Hillary.
That being said, I'm by no means defending the DNC's actions or saying that I think they have or have not been fair to Sanders... All I'm saying is scrounging for links between companies and Clinton is a waste of time.
"On Reddit, an r/technology thread about the controversy included comment from a self-identified 2008 Obama campaign staffer who claimed such breaches were both common but of limited strategic value:
"As an '08 Obama staffer who used the VAN extensively, it went down like this, "Oh, that's weird. It looks like we can pull lists from Hillary again. Hey Erin, do a quick search..." Then everyone in the office room (there were 4 total accounts who did a search) tried the search too.
Any data they pulled would not have been that useful, especially considering both campaigns use the VAN. They couldn't just turn around and re-enter the Clinton supporters as 5's, etc. That's not how it works ... The breach is a non-issue, however how it is being handled by the DNC (in addition to the way the debates, etc) is the telling issue about how undemocratic the Democratic National Party has become.""
Partway through my search I found one source, not primary, claiming that NGP VAN was not at fault, but that's it. Can anyone find anything else?
"Weaver blamed the DNC and its vendor for failing to protect the data. He said the Sanders campaign contacted the DNC about an earlier firewall failure in October, and he feels “very confident” that some of the Sanders’ campaign data was lost to another campaign then. That system was not controlled by NGP VAN, the company notes."
It's interesting that essentially the same issue has happened with two different systems. Assuming the phrase "firewall failure" is meant the same way... The technical doublespeak is really starting to get on my nerves. The use of the term "firewall," it seems, is explicitly to make people think a "hacking" was done.
The entire story seems kind of ridiculous. Given the descriptions, we're talking about an access control bug. Calling it a "firewall failure" makes it sound ridiculous, and I agree that it shades everything under a nefarious tone. But since campaigns are chock full of lawyers, they might be using it in a legal sense, referring to a "Chinese wall" [1] that prevents certain communications to avoid conflict of interests. Unless access logs show that the Sanders campaign decided to suck up everything, it's hard to argue that the DNC didn't massively overreact here.
Whatever the case, what confuses me are the suggestions that these sorts of breaches are common and that they have been for some time. What the hell are these software vendors doing? Access control is nothing new. And while getting it right isn't always easy, there's no reason for you to continuously get it wrong, either. It's also really easy to test, comparatively speaking, because potential issues here are predictable.
Reposting my response from below, but the October incident was not with NGP VAN and was actually another vendor - not sure who though but I'd be interested in hearing theories.
From their press release:
"Josh Uretsky, the former National Data Director for the Sanders campaign confirmed on MSNBC (at 5:47), and also on CNN, regarding the previous incident: 'it wasn’t actually within the VAN VoteBuilder system, it was another system.'" [1][2]
> Michael Briggs, a Sanders campaign spokesman, told ABC News that the “vendor who runs the DNC's voter file program continues to make serious errors” and that the “the firewall between the data of different Democratic campaigns” has failed “on more than one occasion.”
The spokesman was incorrect, the October incident was not from NGP VAN. From their press release:
"Josh Uretsky, the former National Data Director for the Sanders campaign confirmed on MSNBC (at 5:47), and also on CNN, regarding the previous incident: 'it wasn’t actually within the VAN VoteBuilder system, it was another system.'" [1][2]
Interesting read, especially for those of us who have no idea what technology is available for candidates these days. Clearly every one of us exists in these databases (I assume the GOP has such a thing too) and are connected to other data like what we buy or what we belong to. Seeing this data is shared between candidates I wonder how easy it would be for people to manipulate the data for the benefit of one candidate or another. All it takes is poisoning the entries and you could mislead a candidate's plans.
Amusingly, there's a similar database sold by the Georgia Secretary of State. Recently they accidentally included the social security number of every registered voter in the database they distributed. If I recall the news article correctly, they mailed it out on CD to 6 different customers before noticing the mistake.
Voter registration databases are available from the Secretary of States office in each state. Anyone can request a file dump; however, some states often charge a small fee for the file. GOP and NDP use different tech stacks, but both are tied to companies (like NGP) that have built processes around obtaining and updating voter registration data yearly from each state. They then tie in historic data they have from door to door canvassing, voter turn out, and any other touch points to build a profile about the voter. Typical data points include voting history, gender, various voter level flags indicating if the voter supports causes/activism, and any other notes or voter related data.
Per-user voting history in many (most?) states. The fact that a ballot was received from a particular voter (but not what they voted for) is often releasable under public disclosure laws.
Yes, most states track voting participation at the voter level. Some track method of voting, other just are a boolean participation flag for each election.
Individual voting records aren't public in the US (secret ballot). However, whether or not an individual voted in a specific election is often public. (It may vary by state or other jurisdiction.)
In addition to the DNC voter file, there are similar lists available commercially. http://www.voterlistsonline.com/ is run by Aristotle (who tends to have more GOP clients, but is non-partisan). It has many of the consumer data fields already matched that are discussed in the article.
I would not be surprised if Aristotle wasn't one of the six customers to which Georgia sent the data. They have been collecting voter data for years; I worked there for a few months more than 15 year ago, and they already had a nationwide database mostly loaded from 9-track tape.
The person who wrote the submitted article is a self described socialist. The person who wrote the article I linked to volunteered for the Clinton campaign in 2008.
It doesn't matter how much expertise you have in a system when politics is involved. Politics is going to taint your view. There needs to be an independent outside investigation.
Personally, I thought the author of the submitted article painted a picture of a serious breach and then tried to downplay it by pointing out that it was not an even more serious.
I suppose "filtered" makes a less exciting headline than "hacked voter database" but wow is there ever a gulf between how this has been covered and what happened. Thanks for this.
This is OT but I wanted to ask before: what does the "Jacobin" in Jacobin Mag refer to? Presumably not the more genocidal fraction of the French Revolution which was my first guess?
It's become more of a broad term in politics that was at first mostly critical (implying much the same of what you're saying here) before being later adopted by the people who see themselves as _very_ left.
For more info, here is a great writeup by Alex Payne on why he made a large donation to Jacobin and joined their board: https://al3x.net/2015/03/03/jacobin.html
> Democratic socialist politics are my politics. I’m a socialist because I want to live in a just society. More than that, I want to live in a survivable society. The form of capitalism we live under does not present a viable future ecologically, economically, or socially. It is a system designed for the creation and preservation of capital, not human life. I’m a socialist because I believe that the wealth of society can best be harnessed through cooperation, not competition.
And moreover, people who support capitalism don't get an automatic right to label socialists as "murderous" or "genocidal" simply because our revolutions kill people up front. Sure, blame us for the Holodomor and the "Great Leap Forward" (and other similar artificial famines, disease outbreaks, etc caused by bad state-socialist policy), but don't act like your hands are clean when you support a system that kills, last I remember, 49,000 people each year simply by artificially refusing to treat their diseases, and kills further millions in its endless-yet-pointless foreign wars.
I fully support having a genuine contest of ideologies to see who can kill fewer people and save more lives, with greater health and happiness! But that means we have to admit, in the first place, that capitalism kills, which is more honesty than we get out of most people in Western societies today.
> And moreover, people who support capitalism don't get an automatic right to label socialists as "murderous" or "genocidal" simply because our revolutions kill people up front.
Um... that is exactly why we call them murderous. Because they killed people. A lot of them. In cold blood.
You mean, when capitalism isn't bringing unprecedented amounts of people out of abject poverty? (eg, cutting world poverty in half in the past 20 years)
Socialism is great, until you read a history book or look at its actual implementation. And no, don't bring up northern EU states that actually depend on quite free market capitalism to finance it (as well as unrealistic monocultures that are unrealistic for the USA, and lead to morally reprehensible immigration restrictions to keep the systems from being overwhelmed)
If it was written somewhere that people's stated political ideologies are required to be comforting to others, I could have sued Alan Greenspan and Paul Ryan for millions.
Ah, well that's just bad phrasing. It's not "settling" because we'd prefer to kill more people, it's "settling" because we want to avoid counter-revolutions later.
The frien-nemy relationship that this database represents is super interesting. So each candidate has their own columns in the database. Does that me that, for example, if the governor of California (Dem) endorses a candidate for president, they will share their columns with that candidate? I'm imagining a crypto-key getting plugged into a Mandrill scrips at campaign HQ, and suddenly the emails get 5% more effective.
Yes, once an endorsement takes place they will share data. It goes further than that, though. Once someone drops out of a race and shares data, donations to the endorsed candidate require a kickback to the original candidate. I don't know the magnitude of the kickback, but the thing I wonder is this: is that money tainted and under the rules of the FEC? Or, can it be spent on anything the once-candidate desires?
Watergate involved wrongdoing by republican staffers. Bengazi (allegedly) involved wrongdoing by democrats. So there is little debate as to which descriptor a democrat would adopt to attack a fellow democrat.
But the use of "gate" does show the age of the candidates. I'd bet most under 30s in the US do not link 'gate' with watergate.
> I'd bet most under 30s in the US do not link 'gate' with watergate
Doubt it. I'm 24. First of all, we obviously learned about Watergate in high school history. Moreover, ever since Watergate happened, people have been overusing the "gate" suffix. Just look at https://en.wikipedia.org/wiki/List_of_scandals_with_%22-gate...
How on earth is stuff like that legal? Being interrupted in my life by robocalls, cold calls, calls from "statistic polls", people arriving unnoticed at my door to waffle about politicians, mail ads... that's intrusive-as-hell advertising. If I were a US voter, I'd do everything but not vote for anyone intruding in my life!
And why is it legal for ANYONE to (ab)use the public voter register for ANY kind of gain, be it personal, commercial or political?
(note: I'm from Germany, where politicians aren't totally crazy)
You are probably aware but in Germany the citizen's registration offices give out names, addresses and age of every voter (that hasn't told them not to) to the political parties ahead of an election. I haven gotten personally addressed mail ads before. Thankfully no robocalls but "driving elderly from the retirement homes to the polling place in party branded vans" is a thing here.
People demand a democracy, a gov't that is for and by the people and then complain that sometimes those running for office might contact them? If you want a democracy then seems only reasonable those involved it might want to hear from your or communicate.
Comparing Germany vs USA, from the hip, the two biggest differences are voter enfranchisement and form of elections.
#1 The USA (mostly) requires voters be "registered" prior to voting. Whereas most modern democracies like Germany have universal registration.
#2 USA (mostly) uses first past the post (aka winner takes all) whereas a quick googling suggests Germany uses proportional representation. So in the USA, when 50% + 1 is a victory, every vote counts.
Consequently, voter registration and get out the vote (GOTV) have become central to campaigns in the USA. Also called ballot chasing.
These quirks (and others) in USA elections have created a campaigning arms race, leading to ever more costly elections.
Eh. I've only ever gotten one call, from the Sander's campaign, and that was after donating: I gave them my number. I actually appreciated it... they reminded me of the debate, and were very pleasant.
Never had a mailing, a person at my door, etc.. and neither has anyone I know from my knowledge. However, it is definitely possible.
But I do find it incredibly worrying how much data campaigns can get their hands on in the USA - I'm pretty sure Australia's rules regarding access to the electoral roll pretty much prohibit it ever being used to target voters in a campaign.
It's not quite "signing up", at least not in all states. Not all states have formal voting registration, but since the parties still want to have voter databases in those states, they just infer your likely party preference without you explicitly signing up. In Texas, for example, primaries are open, and you can vote in a different one in each election if you want, but not more than one in the same election. What political parties typically put in their voter databases are people who've voted in their primary in N consecutive elections, typically N=2 or 3. So e.g. if you vote in two consecutive Democratic primaries, you're likely to start getting a lot of D spam (and likewise for the Republican primaries).
But in any case the legal answer is simpler: political calls are explicitly exempt from the various no-call lists and telemarketing laws (in the U.S.), so they don't really need any justification for why they put you on the list.
US politicians are far less aware about data privacy issues than their EU counterparts.
Assembling a detailed profile of an individual in the US is quite expensive, for very fine-grained values (think dossier, history-of-life levels) of "detailed", if you are putting together a mass marketing campaign. The actual publicly-available voter data however, is relatively straightforward and is necessary to prevent basic voting fraud. US citizens who participate as election judges can get this data. The data as described in the article is the voter's name, address of record (determines which elections they may participate in, like local referendums), and which elections they participated in. If they participate in primaries, it notes which primary, but this is far from a solid indication that a specific voter is Democrat, Libertarian, Republican, Socialist, etc.; they could be participating to try to help throw a primary to select a weaker candidate against their preferred candidate, they could simply be expressing a preference for particular opposition candidate they admire, etc.
As an aside, that common complaint from techies "this solution was shoved down our throats by management, we were not given a choice?" That's precisely because while at work, techies tend as a group to treat the sales and marketers cold calling techies as "intrusive-as-hell", turning away even respectful cold calls with disdain, while managers as a group tend to give pitches more of a cautious hearing-out.
Earlier in my career, taking all cold calls, out of curiosity because I realized I didn't know everything there was to know about every field, and driving the conversation quickly to establish potential ROI for my organization, helped give me a boost because while my managers got the recognition, they remembered who brought in the idea in the first place when it came time for promotions and raises.
Only a fraction of the cold calls I took panned out, but they usually only lasted 5-10 minutes each (many of which I redirected and then took during my lunches), I only got 1-3 a week at most (lots of weeks no cold calls), I nearly always learned a new aspect about a technology I didn't know before, I almost always networked with a new technologist/engineer (getting their personal email let me keep up with them, and some of these contacts paid off down the road), and I only needed one or two suggestions to my managers to pay off every other year or so. On those that I saw promise in, I would invest more time in off-hours (vendors are always willing to meet with you at convenient times for you) to investigate. Even if a suggestion is turned down by management, as long as I couched it in business benefits, with a quantified presentation, it raised my profile to my managers as business-aware, and helped me later establish a gatekeeper role in technology selection. I have more specific, detailed tips I've accumulated over the years to make the process efficient, but it mostly boiled down to know what you want out of the call you are taking and be up front with it in a friendly way.
I believe there's a difference between cold calls at work and at home. When I'm working and you call me to tell me about a new tech stack, well fine for me.
But when I'm at home and relaxing, and someone tries to sell me bullshit, I get really really mad. It's just disrespectful to intrude into others' personal lives - TV/radio/internet commercials already do that enough.
Agreed. However, I mentioned the aside because over the years I've been in the business, I've consistently seen techies look down their noses at sales and marketing staff, bringing their at-home policy over cold calls to work, and taking out their frustrations over their own sales and marketing staff against all vendor sales and marketing staff they meet, especially those who cold call. Your own organization's sales and marketing staff could genuinely suck rocks, but that doesn't mean all outside sales and marketing staff have no value on offer, but by and large technical staff don't recognize that.
That unfortunately perpetuates a vicious cycle, because with only minimal effort, technical staff can easily get a respected seat at the gatekeepers' table, and vastly mitigate the "management picking vendors' technical solution" issue. That very characterization of which illustrates the depth to which technical staff misunderstand what is really going on, because it really should be called "management picking the ROI and solutions to business' challenges, in the absence of proactive solutions put up by technical staff for consideration".
There's even weirder stuff: more than half of the states allow people to declare their party affiliation when registering to vote anonymously. Some of them use those declarations to limit access to the primary elections and I'm sure they are very useful in the gerrymandering phase.
It's really the lowest possible form of democracy. The next step is the single party system.
They're probably trying to track teens who are involved politically. They want to know when they turn 18. Asking for a Zodiac Sign is less creepy than asking for a birthday.
From looking at the image in the OP, they aren't asking 'what's your sign'. It seems a sorting feature. They have the birthdates (not hard to get really) but the software thinks someone might want to sort that list by sign.
The thing I don't understand here... How you can you write a multitenant app where protecting an EAV store is a critical feature and not have tests that validate that your security still works that run before every deploy.
If you live and breathe good software engineering practices; it's sometimes hard to realize that the actual practice in industry varies wildly. From shops where everything flows through the CI server to shops where whoever last pushed to production is the source of all user visible bugs...
I have; within the last 6 months, dealt with a team that was reluctant to adopt version control and for whom 'push to production' meant firing up filezilla. They are doing better now but they authored and support several ecommerce apps that handle millions in orders every year.
> The two essential scores are those for support — how likely the voter is to be supportive of the candidate — and “turnout” — how likely the person is to vote (the product of these terms being the likelihood that they turn out and vote for the campaign’s candidate).
Is there an assumption then that Support and Turnout are statistically Independent?
Accessing data that was made available to you through the reckless indifference of others, but is still meta-theoretically-philosophically forbidden, is a violation of the CFAA. When will the grand jury indict?
Although a little long this video compilation helps to understand key differences between Hillary and Sanders. These differences can be extrapolated to how both campaigns handled the "datagate". https://www.youtube.com/watch?v=Rpm4rjejFgQ
all of this smells suspiciously of what the RNC did with Ron Paul. What'll really clinch it is if BS gets all the votes, but due to vote tampering (and refusing people at the primaries) Clinton wins.
A great writeup but reading things over the only thing this shows me is Bernie's people are a lot more dedicated. if Clinton's staffers had the same level/type of access as Bernie's staffers to VAN why wouldn't they be doing the same thing? I find it hard to believe that her staffers wouldn't have noticed the data coming up as well, ran a few queries to realize what was going on, and suddenly realized what was going on and possibly make another couple queries to see what the other was doing. But that would be only if they were actually up and active at the hour the upgrade went into place which from reports sounds like they were not.
On a side note - wonder what happened to the VAN QA guy?
>if Clinton's staffers had the same level/type of access as Bernie's staffers to VAN why wouldn't they be doing the same thing?
Because they firmly believe that she is inevitable, or perhaps even entitled to the nomination. Hell, Hillary talks like that herself:
>"I would just ask that when this nomination is wrapped up that they come and join with us to make sure that we don't turn the White House back over to the Republicans," she added.[1]
Her donors talk the same way:
>“Let Bernie outraise her — he’s not going to be the nominee,” a top donor said. “The idea that Donald Trump or Ted Cruz could actually be the president is going to be the greatest fundraising mechanism in the history of the world, and it’s just too early for that.”[2]
They don't think this is an election. They think it's a coronation.
I think that Hilary may be known in the future as the one that lost presidency twice.
Pundits are greatly underestimating the anti establishment sentiments in the populace. And the Hilary supporters I know right now are smugger than crosfitting vegans. Hubris is the easiest path to a politician downfall and there is quite a lot of it in Hilary's warehouse.
Edit: I also don't think that Bill really wants her to be president. His legacy turns from - ruled during the best years of Pax Americana to the husband of the first woman president. I would not be surprised if he pulls his punches.
https://www.yahoo.com/politics/the-sanders-campaign-is-takin...
There's a big difference between Obama and Hillary, where he's pretty saturnine about attacks on him even when they get pretty crazy, and she takes things more personally and circles the wagons and counterattacks.