The Democrats' Voter Privacy Fail

Do tea party pranksters have access to your personal information, thanks to Organizing for America's privacy-challenged get-out-the-vote campaign?

| Thu Oct. 21, 2010 6:03 AM EDT

If you happen to receive a call from someone who says they're phoning on behalf of Organizing for America (OFA)—the successor group to Barack Obama's campaign machine—don't be surprised if he or she implores you to vote for tea party favorites like Sharron Angle, Christine O'Donnell, or Rand Paul, or merely lambasts health care reform. The caller won't actually be a member of Obama's 13-million strong legion of campaign supporters, but rather a tea party prankster who has access to your personal information, thanks to OFA's privacy-challenged get-out-the-vote (GOTV) campaign.

Ahead of the midterms, OFA, which was folded into the Democratic National Committee following Obama's election, has created an online "virtual" phone bank ostensibly for use by Democratic volunteers. As of Monday, the web page provided the names of Democrats who voted in 2008 but who aren't always regular voters, plus their phone numbers, ages, locations, and party affiliations. OFA also includes a script to use to encourage those voters to vote (and for the right candidates) on Election Day: "Will you help the president by committing to vote in your local elections in 2010, including the midterm elections on November 2nd?"

Advertise on MotherJones.com

Anyone can access the information without so much as logging in. And as it turns out, some conservative activists are doing just that. Entrepreneurial tea partiers have seized on the Democrats' GOTV tool to lobby for their own candidates, and sometimes just to annoy Democratic voters while posing as members of Obama's campaign machine.

Last week, news of the open phone bank circulated on a tea party Google group and quickly got activists scheming about how to make the best use of it. One Florida activist, Robin Stublen, says he's called at least 40 Obama supporters using the OFA list. "Whenever I want a couple of giggles, I call the Democrats. Why not? If they're really that stupid, you gotta have fun," he says with a hearty laugh. "You can be rude—hell, you're calling Democrats!"

In his calls to Obama supporters, Stublen has asked Nevadans to vote for Angle, the tea party candidate running against Senate Majority Leader Harry Reid. He's berated people for not giving enough money to the Democratic Party. He even called one household and pretended to be taking a poll about their love of Sarah Palin. ("They hung up on me," he admits.) He had been hoping to wake some people up by calling at 2 a.m., but sadly for him, the site shuts down after 9 p.m.

Stublen posted a link to OFA's phone-banking effort on his Facebook page, which prompted an enthusiastic reply from one supporter who suggested tactics for others making similar calls. She writes, "This is fabulous! Ask them if they like higher taxes, illegal amnesty, the national debt, how Obama handled the Gulf Oil spill, do they know what Cap and Trade is, why are we suing AZ, that Health Care is NOT free; this worked for me in DE. Be conversational and polite."

There's no way of knowing how many other mischief-makers are out there pestering Obama supporters under the guise of OFA volunteers. But the fact that Stublen has been able to make so many calls suggests that the system is not especially well-regulated or privacy-conscious. OFA, of course, isn't the only political group this year using a virtual phone bank to rally voters to the polls. The Republicans are doing it, too. But while the Republican National Committee's website also hosts a virtual phone bank, the GOP's tech wizards have done a far better job of protecting voters'—and volunteers'—privacy than their Democratic counterparts.

While OFA doesn't require potential phone bankers to register before they're able to make calls, the GOP site not only requires registration but a live phone call from the RNC to verify your indentity. Not only that, but the Republicans have also put measures in place to protect the privacy of its volunteers, so that their own phone numbers aren't showing up on voters' caller IDs. The GOP is using "click to call" technology to route volunteers' calls from their home phones through state party offices—so it will look like the call is coming from, say, the Texas GOP, not some guy in Falls Church, Virginia.

Shaun Dakin, the CEO and founder of the National Political Do Not Contact Registry and a privacy activist involved in Democratic politics, wrote a blog post reviewing both systems last week and explained why the GOP system is superior:

Imagine I'm making phone calls from my home phone here in Virginia to Ohio. The voter in Ohio 1) doesn't recognize the 703 area code so probably won't pick up 2) if they miss the call and see the number on their caller ID list they may call me back wondering why I was calling them in the first place. I remember doing these calls in the 04 and 06 cycles and having exactly this issue occur. I'd call into rural Ohio, leave a voice mail, and a few hours later get a call from a pissed off voter wondering why I was calling them.

He says the GOP's click-to-call system also doesn't reveal the phone number of the voter to the phone banker, protecting voter privacy that much more. "Privacy of voters is not something that either party cares about, but it looks like the Republicans have the edge there," he says in an interview.

Dakin is not the only blogger shocked by OFA's disregard of voter privacy. Bryan Preston at PajamasMedia blogged about it last week, warning about the potential for identity theft and other ills, writing:

This is NOT standard practice for political parties. When a party has a volunteer work their phone bank, they typically have the phone bank worker sign documentation (paper or digitally), usually stating that they won't misuse the information to which they are being granted access. The phone bank typically controls access either with a password account if the system is online, or by physically limiting access to where they have the phone bank if it's an office style set-up. You don't just let any person wander in off the street, rifle through your voter files and make calls on your behalf.

But that's just what the DNC and OFA are doing here. And these are people who want us to trust them with our health care?

Dalkin says that OFA's casual disregard for voter privacy "just goes down to the means justify the ends" mentality at work in modern politics. Presumably, having a few tea party pranksters make calls that piss off a few voters is simply the cost of doing business that is outweighed by the ease with which millions of OFA volunteers are making legitimate political appeals.

Lynda Tran, a spokeswoman for OFA, says she was unaware of the tea party mischief-makers, and she hasn't heard any complaints about privacy issues. She insists that "information that's on that website is for the most part what you would find in any Yellow Pages." She says the site was designed to create as few hurdles as possible to getting volunteers involved. "We recognize that we're in an always-on-the-go-society and we wanted to make sure that there are more tools out there that made it easier for people to volunteer." And it's working, she notes, adding that this weekend, using the calling tool, OFA contacted a million potential voters in a 24-hour period.

And Josh Hendler, OFA's technology director writes in an email that the democrats did put measures in place to ensure that the system was not being misused. He writes:

We do allow users to make several calls without logging in. However, we also take several precautions including: (i) users may only make seven calls, and then are forced to authenticate, (ii) users can't see age or partisanship information without logging in, (iii) we limit the overall number of voters that a user can see in a given day.

Apparently, though, some of these features are relatively recent, and mainly designed to prevent data-harvesting by hackers. When I checked the site on Monday, I never logged in but was very much able to see voters' age, location, gender, phone number, and party affiliation (something some people might not necessarily want their neighbors to know about). I even made a few calls just to check that the database was legit. It was, though at least one person hung up on me—a sign perhaps that the calling tool might be working too well.

By Wednesday, the age and party affiliation features had disappeared from the files available to the casual visitor. Hendler won't concede that the changes were made in response to blogger complaints about privacy issues: "I wouldn't interpret bug-fixes and feature tweaks to mean anything beyond our standard process." Even so, he says OFA isn't necessarily ignoring critics, either. "I think that any organization that isn't responding to feedback from users isn't doing a very good job developing apps."

Get Mother Jones by Email - Free. Like what you're reading? Get the best of MoJo three times a week.