Donate
Announcing the 2020 U.S. Presidential Campaign Audit Thumbnail
‹ Back
Building Trust 8 October 2019

Announcing the 2020 U.S. Presidential Campaign Audit

Megan Kruse
By Megan KruseBusiness Director, Online Trust Alliance

Today, the Internet Society’s Online Trust Alliance released a new report, the “2020 U.S. Presidential Campaign Audit,” analyzing the 23 top current presidential campaigns and their commitment to email/domain protection, website security, and responsible privacy practices. OTA evaluated the campaigns using the same methodology we used to assess nearly 1,200 organizations in the main Online Trust Audit released in April.

An alarming 70% of the campaign websites reviewed in the audit failed to meet OTA’s privacy and security standards, potentially exposing visitors to unnecessary risks. Only seven (30%) of the analyzed campaigns made the Honor Roll, a designation recognizing campaigns that displayed a commitment to using best practices to safeguard visitor information. The 2020 campaigns, taken together as a sector, lagged behind the Honor Roll average of all other sectors (70%) in the 2018 Online Trust Audit, and were far short of the Honor Roll achievement of 91% by U.S. federal government organizations.

To qualify for the Honor Roll, campaigns must have an overall score of 80% or higher, with no failure in any of the three categories examined. The campaigns who made the Honor Roll are:

  • Pete Buttigieg
  • Kamala Harris
  • Amy Klobuchar
  • Beto O’Rourke
  • Bernie Sanders
  • Donald Trump
  • Marianne Williamson

Website security scores are high. This can be attributed to the relative “newness” of these campaign sites and the fact that they were built recently on secured platforms. The lack of email authentication for two of the campaigns is a surprise, since these are long-established best practices and modern infrastructure should support SPF, DKIM, and DMARC.

Privacy is a major problem for campaigns, causing failure for 70% of them. There were a variety of reasons for failure, including:

  • Lack of Privacy Statement – Four campaigns had no discoverable privacy statement. This yields a statement score of 0 and is an automatic failure. This may be an oversight, but is inexcusable since every campaign website is collecting data. Fortunately, it can be remedied quickly by adding a privacy statement.
  • Inadequate Statement – Many campaign privacy statements were silent on the issue of data sharing, retention, etc. so they did not give clear notice and transparency about their practices. Such disclosures are generally accepted best practice.
  • Freely Sharing Data – Several privacy statements said they could share data with “like-minded entities” or unidentified third parties, effectively putting no limits on the use of personal data.

We encourage all campaigns to remain vigilant regarding security, and to revisit their privacy statements. Disclosing that data may be shared with “like-minded” organizations may be a common practice for campaigns, but is still concerning in light of the depth of demographic and financial information being collected. Since even campaigns who made the Honor Roll had poor privacy scores, OTA calls on all campaigns to consider updating their statement and practices to better reflect consumer concerns pertaining to the collection, use, retention, and sharing of their personal information.

We reached out to each campaign the week of 30 September, prompting some campaigns to make updates, which we re-evaluated on 7 October. We are committed to helping campaigns improve their efforts to keep both people and information safe online by providing tailored best practice recommendations upon request. We will reassess active presidential campaigns in mid-November and provide a short supplement to this report, highlighting any improvements.

We encourage you to read the report, and to make sure your organization (of any kind) is following the best practices outlined in Appendix C – Best Practices Checklist.

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Announcing the Online Trust Audit & Honor Roll Results
Building Trust16 April 2019

Announcing the Online Trust Audit & Honor Roll Results

Do you know how – or even if – your favorite retailer, or your bank, or your ISP is working...

Announcing the Online Trust Audit & Honor Roll Methodology for 2018
Announcing the Online Trust Audit & Honor Roll Methodology for 2018
Building Trust23 August 2018

Announcing the Online Trust Audit & Honor Roll Methodology for 2018

The Online Trust Alliance (OTA) is an Internet Society initiative that aims to enhance online trust, user empowerment, and innovation...

10 Years of Auditing Online Trust – What’s Changed?
10 Years of Auditing Online Trust – What’s Changed?
Building Trust22 April 2019

10 Years of Auditing Online Trust – What’s Changed?

Last week we released the 10th Online Trust Audit & Honor Roll, which is a comprehensive evaluation of an organization’s...

Join the conversation with Internet Society members around the world