Because the DNC database contains both shared and private candidate voter information, a firewall and other safeguards are in place so that competing campaigns can't peek at the private data being collected and analyzed by their Democratic rivals. This too is essential for fair and free primary competition. Candidates would have unfair advantages if they could see the information developed by their rivals. At the end of the election cycle, however, the private field data collected by the campaigns are merged and used to update the DNC's national database.
But Democratic politics is also an insider's game. There is competition within the Democratic party to be the Democratic candidate on the ballot. There are many primary candidates, campaigns and primary elections that must be fair and free if our democracy is to be properly preserved. Special interest corruption or establishment favoritism within either political party is a direct threat to our American democracy. The will of Republican or Democratic voters within their party is just as sacrosanct as is the will of the people in general election voting. It is the role of the DNC to preserve American democracy for Democratic voters. Maintaining the security of the DNC database is a principle obligation. Assuring proper access of the data to all candidates is an essential responsibility of the DNC. Making sure there are no political pressures or conflicts of interest to taint or corrupt the democratic process within the party is paramount.
The question rarely asked is this; If NGP-VAN is a company made up of Democratic partisans, how can we be sure they are scrupulously unbiased with respect to all Democratic primary candidates? How can we be sure the DNC is unbiased, for that matter. These are the haunting questions that still hang in the air even after the fireworks set off by the Sanders campaigns data breach has ended. Even though the DNC quickly unblocked the Sanders campaign from its data, and Senator Sanders apologized to Hillary Clinton for the intrusion, the integrity of the DNC and NGP-VAN remains a question. This is especially true in part because there was so little concern expressed about the incompetence of NGP-VAN for the firewall failure.
The undisputed facts regarding the data breach by the Sanders campaign staff are:
- NGP-VAN rolled out updated software for this database on the morning of Dec, 17th.
- Afterwards, for about 4 hours, any data search on the system pulled up the private files of all the Presidential candidates.
- The breach was discovered by Sanders campaign staff after 10:00 am, at least 90 minutes later.
- At least 4 Sanders campaign staffers obtained access to 24 Hillary campaign files over the next 40 minutes
- NGP-VAN became aware of this activity and immediately notified the DNC
- The DNC shut down the Sanders' campaign access to the database before notifying Senator Sanders, who was unaware of the breach until the chairwoman of the DNC, Debbie Wasserman Schultz called him.
- Some of the Clinton campaign files were copied to the "Vote Finder" system of the DNC's database, meaning those files were still in DNC custody.
- Whether files were copied to private location, or viewed and analyzed in any detail is in dispute.
- One of the staffers who opened multiple files was Bernie Sanders Data Chief, Josh Uretsky, who was immediate fired.
- The extent of actions by other Sanders campaign staffers who accessed files is still in dispute and under review.
- The Clinton campaign accused the Sanders campaign of stealing data. The Sanders campaign filed a federal lawsuit against the DNC for illegally terminating access to their data and hindering their campaign.
According to a blog post written by the Stu Trevelyan, CEO of NGP-VAN, shortly after the breach was fixed the company audited its system and determined that only the Sanders campaign, and no other outside parties, could have possibly retained any of the exposed data.
Within less than a day of the Sanders lawsuit against the DNC, they restored his campaign access to the database. Bernie Sanders maintains that this isn't the first breach of data systems between the Sanders and Clinton campaign. (Although the prior breach involved a different data vendor.)
When the NBP-VAN notified the DNC of the breach and the activity of Sanders staffers, they being the only ones to access opposition files, Debbie Wasserman Schultz, the DNC chairwoman, acted on the worst case scenario, that data was being stolen which could then be manipulated using the DNC database to analyze Clinton's campaign strategies. The DNC acted swiftly before consulting with Senator Sanders. Senator Schultz claimed that the data was copied off the NGP-VAN system and demanded that it be destroyed before the DNC would consider restoring access to the database.
CONFLICT OF INTEREST?
This all caused me to wonder, just who is this seemingly incompetent company that lost their firewall for four hours in the middle of a Presidential campaign? And what of the Sander's campaign long standing complaint that the DNC is trying to undermine Senator Bernie Sanders' campaign.
Here is what I found:
NPG-VAN (www.ngpvan.com): Claims to be the leading technology provider to progressive organizations and campaigns. Among its clients are; Obama for America, the DNC, Democratic state parties, the DSCC, the DCCC, the DLCC, a majority of Democratic state legislative caucuses, Democratic candidates and other organizations.
Co-Owner, Nathaniel Goss Pearlman: Is a political technology consultant aligned with the Democratic party. He founded NGP Software, Inc., in 1977. The company provided political software to a majority of federal Democrats including most Democratic candidates for President (including Dean, Gephardt, Kerry, Graham, Edwards, Obama, and Clinton). He was the chief technology officer for Hillary Clinton's 2008 presidential campaign. In 2010, NGP Software merged with another company, the Voter Activation Network, and became NGP-VAN
NGP-VAN CEO, Stu Trevelyan: Was the founder of the Carol/Trevelyan Strategy Group (CTSG) which serve progressive groups and candidates starting around 1995. Before that Trevelyan worked directly on a number of campaigns, including the 1992 Clinton-Gore "War Room" and then in the Clinton White House. He was an early "Hillary for President" supporter and donor in 2013.
Debbie Wasserman Schultz: She is the current DNC chairperson and was the national co-campaign chairperson of Hillary's 2008 Presidential Campaign.
[12/28/15 Update] Josh Uretsky, Data Chief for Sanders: Bernie Sanders fired this person after the data breach. Media outlets are now reporting that he was hired in September by the Sander's campaign on the recommendation of both the VGP-VAN company and the DNC. This has raised further concerns among leadership in the Sanders' campaign.
WHERE THINGS STAND
Obviously the partisan nature of NGP-VAN, the connections to Hillary Clinton, the Hillary Connection between Hillary and DNC Chairwoman Debbie Wasserman Shultz who was Hillary’s prior co-campaign manager, doesn't prove anything or suggest anything nefarious. It doesn't, however, rule out the possibility of a conflict of interests either. The Sanders campaign has not retracted their claim that the DNC might not be acting as a neutral third party and the lawsuit is still pending as of now.
Both the Sanders and Clinton campaigns, as well as the DNC, are calling for an independent "audit" of the incident and the records to rule out a wider scandal or a conflict, and also to identify and fix any vulnerabilities in the DNC's database. This is as it should be, but there is just enough of a bad smell left in the room to require our fellow Democrats to maintain their scrutiny and to press for even more transparency at the DNC.
The idea of contracting with only partisan technology companies should be reconsidered and a broader conversation should generated on these issues. Finally, future DNC chairs should probably not be former campaign managers for any likely presidential candidates during their tenure.
ADDENDUM: There was a subsequent revelation that the Sanders Campaign Data Chief. Josh Uretsky, was hired in September of this year (2015) at the recommendation of both the DNC and NGP-VAN. A further revelation in the press claims that very soon after the breach was reported to the DNC, the Clinton campaign had copies of the database access log documenting the Sanders staffer's activity. The Clinton campaign used this information in their press releases about the incident. NPG-VAN denies giving this log to the Clinton campaign. These new pieces of information don't change the basic conclusions here, but to reinforce the need for a thorough, independent examination of this incident. (12/30/2015)
Correction: An earlier version indicated a connection between the DNC chair and an employee at DGP-VAN which was an error. The error was widespread on social media and was apparently made because of confusion as to whether or not a Wasserman at NGP-VAN was her brother's son. He is not. I extensively investigated this myself on social media and confirmed to my satisfaction that the information I had originally been given was wrong.