The feud between the Sanders campaign, the DNC and NGP VAN has sharply divided the Democratic consulting community and will have lasting repercussions for the political data industry.
But the burning question for many digital and data professionals is whether the repercussions are enough to dislodge the partisan data infrastructure after Sanders staffers took a look into Hillary Clinton’s proprietary files. In the short term, that’s unlikely.
“I think it would be really hard to switch to something else,” Josh Hendler, the DNC’s former chief technology officer told C&E. “It was never a strict vendor relationship between NGP VAN and the DNC. It’s always been a partnership, and because of that partnership a partisan firm makes a lot of sense.”
Last week's data breach was the subject of the first question at the Democratic debate in New Hampshire on Saturday — evidence that the once-sleepy realm of partisan data vendors was facing unprecedented scrutiny.
“It really brings into focus how valuable data has become,” said Justin Gargiulo, founder of the GOP technology firm VoterTrove.
Now, Bernie Sanders used part of his response to the debate question to apologize to Clinton but also called for an investigation of the DNC’s vendors, including NGP VAN, which admitted it was responsible for a single breach on Dec. 16.
“I am not convinced that information from our campaign may not have ended up in her campaign,” Sanders said during Saturday’s debate. “We need an independent investigation.”
David Seawright, of the GOP firm Deep Root Analytics, tweeted on Dec. 18: “Not one of Clinton’s 1,000 data geeks, techies and digital gurus noticed the downed firewall? Interesting.” That was in response to Clinton manager Robby Mook being quoted saying that his staff “unequivocally” did not look at Sanders’ data.
Now, Josh Uretsky, the fired Sanders data director at the center of the dispute, has maintained his exploration of Clinton’s files was just an attempt to ascertain how much of the Sanders campaign’s own data was at risk.
“I felt like I was doing my due diligence. When cooler heads prevail, I think that most people would agree with me,” he told C&E. “I feel like I behaved in a way like most people in my position [would have].”
It’s not an insignificant question in the wake of the data flap: Did the Sanders campaign set out to actively steal data? Or were campaign staffers simply taking advantage of a software glitch that never should have occurred? The comments from many operatives on the left indicate they see little difference between the two, and that ultimately Sanders’ staffers were squarely in the wrong regardless of the circumstances surrounding the breach.
Though a sampling of digital consultants C&E spoke to (the majority of whom declined to go on the record) noted that it in a similar instance, it would be hard to resist exploring such a breach, in part, because so much can be learned from simply looking at the voting universes another campaign is targeting. Moreover, many argued that operatives would be foolish to not assume rivals would act as cut-throat as circumstances allowed. That is a daily reality of life in politics, and campaigns need to have the confidence their vital information is as protected as possible from any potential bad actors.
It’s another reason why campaigns and organizations will be taking a harder look at data security in the wake of this incident, and it’s a much longer-term talking point for the non-partisan political technology crowd.
“I think a lot of people would probably sit down and take a look for a little bit,” said Gargiulo. “The problem is you can’t unlearn that. If I was on Clinton’s team, I would be pretty upset.”
Clinton’s team was publicly incensed by the breach. Mook reportedly confided that the breach was “worse than if they stole $5 [million] to $10 million out of our bank account.” Other consultants took to blasting Sanders in public.
For instance, as Sanders was pressing the DNC to reissue his access to NGP VAN, his campaign tweeted a link to a petition calling for the committee to “level the playing field," which it asked supporters to sign. Mitch Stewart, who helped launch Organizing for America and consulted for Clinton, tweeted at Sanders’ handle in response: “Is there a petition that asks you to stop stealing data?”
When Sanders filed suit against the DNC to get his access to NGP VAN’s system restored, Stewart added: “How often does the burglar sue the homeowner when they get caught stealing?” It was retweeted more than 40 times.
Laura Packard, a partner at PowerThru Consulting and a C&E contributor, was among the Democratic strategists questioning the committee’s role in the spat. “Why is this public at all? That's on the DNC, and maybe the Clinton team. Leaking the story makes me question their motives,” she wrote on Facebook.
Erinn Deborah Larkin, a compliance manager at Aristotle International Inc., held a similar view. “It seems pretty clear that the DNC needed to give 10 days notice to cut off access,” she wrote on the same Facebook thread. “I disagree that everyone looks bad. On balance, the DNC looks like a tyrant.”
The blistering feud has created a huge opportunity for non-partisan vendors to pitch their services as a drama-free, more-secure alternative to what’s being offered by partisan shops.
In the days after the breach, Jim Gilliam, CEO of NationBuilder, took to tweeting jabs at his partisan rivals under the Twitter hashtag “VANghazi.” But Gilliam’s platform has also had glitches. A campaign utilizing NationBuilder exposed the personal information of some supporters online in 2014.
It doesn’t help the partisan case that there were at least two occasions when data was left unsecured by DNC vendors. NGP VAN is adamant that it was involved in a single breach — the first of its security in 19 years. But another vendor's involvement points to an ongoing problem, non-partisan data vendors say.
That needs to be accounted for, according to Hendler, now the CTO at Purpose, a New York-based advocacy firm.
The breach, said Hendler, “does remind us that it’s incredibly important that we regain trust in the DNC, that we regain trust in NGP VAN. You’ll see people worried about sharing their data as part of a centralized voter system, but that’s a core advantage that the Democratic Party has had in the last few years.”
Having a single voter file manager means that field organizers across the country work off the same system. “The last thing I would want to do is start splitting this up among multiple vendors,” he said. “I don’t think that’s a sustainable path. There’s a ridiculous amount of business logic baked into these tools.”
This story has been updated.