ProtonBlog
An illustration of political campaigns sharing voter data.

During this American presidential election campaign season, politicians have scored points calling out tech companies(new window) for abusing the personal data of their users. Yet many political campaigns are engaged in very similar practices. 

Political campaigns are now sophisticated data operations that collect mass amounts of personal information from their supporters and potential voters. Their methodology is similar to Google’s or Facebook’s. The main difference is Google uses its data to nudge you to buy something, while political campaigns use their data to nudge you to vote for their candidate.

This blog post will look at how political campaigns collect data on their supporters, what they do with that data, and how secure it is. We will also cover what you can do to keep your data private.

How election campaigns get your data

Almost every modern election campaign hires data brokers to collect data on potential voters. (This report from Tactical Tech(new window) lists case studies from the US, the UK, Chile, Kenya, the Philippines, India, Taiwan, Mexico, and the Dominican Republic.) Political campaigns now rely on data to inform everything they do, from where they campaign to whom they target, even down to the specific wording an ad will use. This thirst for data has not just infected American political parties, but practically every international democracy.

Political campaigns rely on both public and private data. An example of public data includes voter registration records or some types of polls. Campaigns also do large amounts of work to build up stores of private data. They run private polls and surveys and use the party’s proprietary and membership data. They collect this data directly from their supporters and donors with their consent, using sign-up sheets and mailing lists.

A data broker is an independent organization or company that collects, aggregates, and analyzes data from multiple sources. They use different strategies to compile data on potential voters, but they all aggregate both public and private data. Cambridge Analytica infamously collected data on millions of Facebook users. Other data brokers cull publicly available data, such as census records, driver records, and social media profiles, and mix it with consumer and user databases.

Consumer data is exploding thanks to the proliferation of surveillance capitalism. Examples of this type of data includes consumer purchase histories, credit card transaction records, and Internet service provider browsing histories. Data brokers collect much of this data without the voters’ knowledge and they combine it to make extremely comprehensive, and in some cases frighteningly predictive, voter profiles.

The result is that political campaigns have access to truly massive databases. Cambridge Analytica famously claimed(new window) in the 2016 US presidential election that it had 5,000 data points on 240 million Americans. Another data broker that is funded by the Koch family, i360, claims to have 1,800 data points(new window) on over 270 million Americans. 

Finding voters on social media

Political campaigns use this data to build models that predict what will motivate or discourage individual voters. They use this information to make highly specific social media ads that they deliver to targeted groups.

For example, one data broker, Dstillery, ran an independent survey during the 2016 Iowa caucus. They found there was a high correlation(new window) between Iowans who enjoyed grilling outside and Trump supporters. The Trump campaign could have used that information to deliver concentrated “get out the vote” messaging to anyone that had a picture of themselves at a backyard barbecue on Facebook. Similarly, the Clinton campaign could have used this data to send out targeted negative ads. 

What’s the problem?

That political campaigns use data is not new. Polling has been around about as long as professional campaigning, and Barack Obama’s 2008 campaign was praised for its masterful data operation(new window).

However, the amount of data political campaigns have access to, and that data’s sensitivity, has reached new heights. Fueled by the explosion of consumer data and the proliferation of data-collecting devices, the amount of data created worldwide is accelerating at an exponential rate. According to a 2018 Demos report(new window), IBM estimated that 90 percent of the data that exists today was created in the last two years.

Additionally, most people don’t know what information political campaigns have on them. It is one thing if you share information willingly with a political campaign you support. It is another thing if that campaign accesses your data without informing you that they have it or asking your permission. If a political campaign were to ask you for your credit score or your whereabouts for the past week(new window), you’d likely refuse to answer. However, a campaign, through its data broker, likely already has that data on you.

Furthermore, users have very little idea about what campaigns do with their data once it has been collected. It has become standard practice for political campaigns to “rent out” their database. Nearly every candidate that dropped out of the 2016 US presidential election sold, shared, or rented out the data of their supporters(new window) to third parties. These third parties can be other candidates, political action committees, the national political party, or private firms.

In the US, if you give data to a candidate by filling out a campaign survey or questionnaire, they can generally sell or share it without informing you or asking your permission.

Lack of security

The other problem of having these massive databases is that political organizations are not exactly known for their IT security. Everyone has heard of the phishing attack (new window)that compromised Hillary Clinton’s campaign manager(new window) during the 2016 presidential election. And one year later, in 2017, the Republican National Committee suffered a data breach(new window) that exposed the names, addresses, and phone numbers of nearly 200 million Americans.

What you can do

The best solution is to call for increased transparency into how political campaigns collect and use data. Just like the GDPR(new window) allows you to request what data a corporation has on you(new window), you should be able to ask what information a political campaign has on you and where it came from. This would require new regulations. Until that happens, there is little you can do other than attempt to minimize your data footprint(new window). You can take the following actions to limit what information political campaigns can access:

As we have seen through data breaches and hacks in the past, data is power. The electorate has a right to know how their data is being used and to expect data they share to be secured.

Best regards,
The Proton Mail team

You can get a free secure email account from Proton Mail here.

We also provide a free VPN service(new window) to protect your privacy.

Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan(new window) or donate(new window). Thank you for your support.

Protect your privacy with Proton
Create a free account

Related articles

Email threads are so ubiquitous you might not realize what they are. An email thread is basically a series of related emails grouped together.  This article will tell you everything you need to know about what exactly an email thread is and when you
Identity theft is a major sector of criminal activity. About 24 million people fell victim in the United States alone in 2021, costing them over $16 billion. Credit card fraud is the most common type, but criminals target all kinds of personal data.
Google is one of the biggest obstacles to privacy. The Big Tech giant may offer quick access to information online, but it also controls vast amounts of your personal or business data. Recently, more people are becoming aware of the actual price you
What to do if someone steals your Social Security number
If you’re a United States citizen or permanent resident, you have a Social Security number (SSN). This number is the linchpin of much of your existence, linked to everything from your tax records to your credit cards. Theft is a massive problem, whic
compromised passwords
Compromised passwords are a common issue and probably one of the biggest cybersecurity threats for regular people. How do passwords get compromised, and is there anything you can do to prevent it? * What does compromised password mean? * How do pa
Is WeTransfer safe?
  • Privacy basics
WeTransfer is a popular service used by millions worldwide to send large files. You may have wondered if it’s safe or whether you should use it to share sensitive files. We answer these questions below and present a WeTransfer alternative that may su