Here’s What Actually Happened in the Great Sanders-Clinton Data Theft


I haven’t yet written anything about the great Clinton vs. Sanders vs. DNC battle over whether the Sanders campaign downloaded a bunch of information from the Clinton campaign during a short glitch that allowed them access they shouldn’t have had. There are a couple of reasons for this:

  • Everything I’ve read has pretty clearly been written by either Clinton or Sanders loyalists, who have put their own spin on what happened, most of it faintly ridiculous.
  • To truly understand what happened, you need to know the technical details of how the NGPVAN database and front-end search tools are set up. I don’t know this, and apparently nobody I’ve read knows it either.

Today, however, David Atkins has weighed in [see update below], and he does know how the software is set up. I don’t know his loyalties in the presidential race, but he nonetheless seems to have a pretty solid take on the whole thing:

[An] important piece of information to note is the difference between a “saved search” and a “saved list.”…You really only want to pull a static list if you’re doing something specific like creating a list for a targeted mail piece—or if you want a quick snapshot in time of a raw voter list.

….However, the access logs do show that Sanders staff pulled not one but multiple lists—not searches, but lists—a fact that shows intent to export and use. And the lists were highly sensitive material. News reports have indicated that the data was “sent to personal folders” of the campaign staffers—but those refer to personal folders within NGPVAN, which are near useless without the ability to export the data locally….Even without being to export, however, merely seeing the topline numbers of, say, how many voters the Clinton campaign had managed to bank as “strong yes” votes would be a valuable piece of oppo.

…This doesn’t mean that Wasserman-Schultz hasn’t, in David Axelrod’s words, been putting her thumb on the scale on behalf of the Clinton campaign….Still, the Sanders camp’s reactions have been laughable. It was their team that unethically breached Clinton’s data. It was their comms people who spoke falsely about what happened. The Sanders campaign wasn’t honeypotted into doing it—their people did it of their own accord…. What’s very clear is that the Clinton camp did nothing wrong in any of this. Sanders campaign operatives did, and then Wasserman-Schultz compounded it by overreacting. And in the end, the right thing ended up happening: the lead staffer in question was fired, and the campaign got its data access back.

Read the whole thing for more detail. Overall, though, this gibes with my tentative view of the matter. The DNC may have overreacted, and maybe NGPVAN is incompetent. I’m agnostic on those issues. But there’s not much question that the Sanders campaign acted badly here, and then tried to pretend that they were merely “testing” the system’s security—which is, as Atkins says, laughable. They pulled dozens of lists from the Clinton campaign and, according to news reports, never notified anyone they had done it.

This was stupid, and Sanders has been ill-served by his team. He’s rightfully fired the guy who did it, and probably ought to fire the subordinates who joined in. And that should be the end of it.

UPDATE: I mistook David Atkins for his brother Dante in the original post. Apologies for that. I’ve corrected the post and removed the reference to Atkins’ “boss.”