Bernie, DNC and Hillary Connections to Data Company

by Brian T. Lynch, MSW

The Democratic National Committee (DNC) is conceived to be a neutral Democratic Party facilitator working on behalf of all Democratic political campaigns. It raises money for candidate races, it helps develop political ads and, most importantly, it has this huge national database on registered Democrats, Democratic donors, etc. This database is the most important tool candidates need in running for public office, especially Democratic presidential candidates. The DNC allows presidential campaigns to access all of this national data on individual voters, and use the database to enter their own voter information collected in the field and through their own direct voter contacts. The analysis of this information is essential for developing and monitoring campaign strategies.

Because the DNC database contains both shared and private candidate voter information, a firewall and other safeguards are in place so that competing campaigns can't peek at the private data being collected and analyzed by their Democratic rivals. This too is essential for fair and free primary competition. Candidates would have unfair advantages if they could see the information developed by their rivals. At the end of the election cycle, however, the private field data collected by the campaigns are merged and used to update the DNC's national database.

BACKGROUND

This huge database is run under a contract with a company called NGP-VAN. NGP-VAN is a partisan company; that is it is a company comprised of Democrats working for Democrats. It is the DNC's choice to contract with a partisan company. There are many competent non-partisan company providing comparable services, but the DNC believes there are advantages to hiring a partisan firm. The key reason is to develop secure, less open technologies that feed data from NGP VAN's systems into tools and platforms that put it to use, such as mobile apps used by door-to-door campaign volunteers. The motivation for hiring a partisan company seems to be an overriding need to protect the data platforms from GOP intrusions. (See http://adage.com/article/campaign-trail/political-tech-picks-sides-stay-sidelines/294800 )

But Democratic politics is also an insider's game. There is competition within the Democratic party to be the Democratic candidate on the ballot. There are many primary candidates, campaigns and primary elections that must be fair and free if our democracy is to be properly preserved. Special interest corruption or establishment favoritism within either political party is a direct threat to our American democracy. The will of Republican or Democratic voters within their party is just as sacrosanct as is the will of the people in general election voting. It is the role of the DNC to preserve American democracy for Democratic voters. Maintaining the security of the DNC database is a principle obligation. Assuring proper access of the data to all candidates is an essential responsibility of the DNC. Making sure there are no political pressures or conflicts of interest to taint or corrupt the democratic process within the party is paramount.

The question rarely asked is this; If NGP-VAN is a company made up of Democratic partisans, how can we be sure they are scrupulously unbiased with respect to all Democratic primary candidates? How can we be sure the DNC is unbiased, for that matter. These are the haunting questions that still hang in the air even after the fireworks set off by the Sanders campaigns data breach has ended. Even though the DNC quickly unblocked the Sanders campaign from its data, and Senator Sanders apologized to Hillary Clinton for the intrusion, the integrity of the DNC and NGP-VAN remains a   question. This is especially true in part because there was so little concern expressed about the incompetence of NGP-VAN for the firewall failure.

UNDISPUTED FACTS

The undisputed facts regarding the data breach by the Sanders campaign staff are:

• NGP-VAN rolled out updated software for this database on the morning of Dec, 17th. 
• Afterwards, for about 4 hours, any data search on the system pulled up the private files of all the Presidential candidates. 
• The breach was discovered by Sanders campaign staff after 10:00 am, at least 90 minutes later.
• At least 4 Sanders campaign staffers obtained access to 24 Hillary campaign files over the next 40 minutes
• NGP-VAN became aware of this activity and immediately notified the DNC
• The DNC shut down the Sanders' campaign access to the database before notifying Senator Sanders, who was unaware of the breach until the chairwoman of the DNC, Debbie Wasserman Schultz called him.
• Some of the Clinton campaign files were copied to the "Vote Finder" system of the DNC's database, meaning those files were still in DNC custody.
• Whether files were copied to private location, or viewed and analyzed in any detail is in dispute. 
• One of the staffers who opened multiple files was Bernie Sanders Data Chief, Josh Uretsky, who was immediate fired. 
• The extent of actions by other Sanders campaign staffers who accessed files is still in dispute and under review. 
• The Clinton campaign accused the Sanders campaign of stealing data. The Sanders campaign filed a federal lawsuit against the DNC for illegally terminating access to their data and hindering their campaign. 

According to a blog post written by the Stu Trevelyan, CEO of NGP-VAN, shortly after the breach was fixed the company audited its system and determined that only the Sanders campaign, and no other outside parties, could have possibly retained any of the exposed data.

Within less than a day of the Sanders lawsuit against the DNC, they restored his campaign access to the database. Bernie Sanders maintains that this isn't the first breach of data systems between the Sanders and Clinton campaign. (Although the prior breach involved a different data vendor.)


DISPUTED FACTS

The most innocent explanation of the data breach comes from Josh Uretsky, the former Data Chief. In an interview with Steve Kornacki on MSNBC, Steve said he was, "... trying to create a clear record of the problem." He was fully aware that his every move was being recorded by the NGP-VAN system. His thinking was that this breach happened hours before and he needed to determine if the Sanders data was as accessible at the Clinton data. He said he had to assume that they had accessed data as well in the hours before he discovered the breach. He denies any information was analyzed or saved anywhere out side of the NGP-VAN system. He believed his probative inquires were reasonable attempts to assess,"the scope of the problem."

When the NBP-VAN notified the DNC of the breach and the activity of Sanders staffers, they being the only ones to access opposition files, Debbie Wasserman Schultz, the DNC chairwoman, acted on the worst case scenario, that data was being stolen which could then be manipulated using the DNC database to analyze Clinton's campaign strategies. The DNC acted swiftly before consulting with Senator Sanders. Senator Schultz claimed that the data was copied off the NGP-VAN system and demanded that it be destroyed before the DNC would consider restoring access to the database.

Throughout this controversy the DNC has reserved its anger for the actions of a handful of staffers on Senator Sanders campaign. It has exhibited litter anger or outrage towards the NGP-VAN for having compromised critical DNC data for hours.

CONFLICT OF INTEREST?

This all caused me to wonder, just who is this seemingly incompetent company that lost their firewall for four hours in the middle of a Presidential campaign? And what of the Sander's campaign long standing complaint that the DNC is trying to undermine Senator Bernie Sanders' campaign.

Here is what I found:

NPG-VAN (www.ngpvan.com): Claims to be the leading technology provider to progressive organizations and campaigns. Among its clients are; Obama for America, the DNC, Democratic state parties, the DSCC, the DCCC, the DLCC, a majority of Democratic state legislative caucuses, Democratic candidates and other organizations.

Co-Owner, Nathaniel Goss Pearlman: Is a political technology consultant aligned with the Democratic party. He founded NGP Software, Inc., in 1977. The company provided political software to a majority of federal Democrats including most Democratic candidates for President (including Dean, Gephardt, Kerry, Graham, Edwards, Obama, and Clinton). He was the chief technology officer for Hillary Clinton's 2008 presidential campaign. In 2010, NGP Software merged with another company, the Voter Activation Network, and became NGP-VAN

NGP-VAN CEO, Stu Trevelyan: Was the founder of the Carol/Trevelyan Strategy Group (CTSG) which serve progressive groups and candidates starting around 1995. Before that Trevelyan worked directly on a number of campaigns, including the 1992 Clinton-Gore "War Room" and then in the Clinton White House. He was an early "Hillary for President" supporter and donor in 2013.

Debbie Wasserman Schultz: She is the current DNC chairperson and was the national co-campaign chairperson of Hillary's 2008 Presidential Campaign.

[12/28/15 Update] Josh Uretsky, Data Chief for Sanders: Bernie Sanders fired this person after the data breach. Media outlets are now reporting that he was hired in September by the Sander's campaign on the recommendation of both the VGP-VAN company and the DNC. This has raised further concerns among leadership in the Sanders' campaign.

WHERE THINGS STAND

Obviously the partisan nature of NGP-VAN, the connections to Hillary Clinton, the Hillary Connection between Hillary and DNC Chairwoman Debbie Wasserman Shultz who was Hillary’s prior co-campaign manager, doesn't prove anything or suggest anything nefarious. It doesn't, however, rule out the possibility of a conflict of interests either. The Sanders campaign has not retracted their claim that the DNC might not be acting as a neutral third party and the lawsuit is still pending as of now.

Both the Sanders and Clinton campaigns, as well as the DNC, are calling for an independent "audit" of the incident and the records to rule out a wider scandal or a conflict, and also to identify and fix any vulnerabilities in the DNC's database. This is as it should be, but there is just enough of a bad smell left in the room to require our fellow Democrats to maintain their scrutiny and to press for even more transparency at the DNC.

The idea of contracting with only partisan technology companies should be reconsidered and a broader conversation should generated on these issues. Finally, future DNC chairs should probably not be former campaign managers for any likely presidential candidates during their tenure.

ADDENDUM: There was a subsequent revelation that the Sanders Campaign Data Chief. Josh Uretsky, was hired in September of this year (2015) at the recommendation of both the DNC and NGP-VAN. A further revelation in the press claims that very soon after the breach was reported to the DNC, the Clinton campaign had copies of the database access log documenting the Sanders staffer's activity. The Clinton campaign used this information in their press releases about the incident. NPG-VAN denies giving this log to the Clinton campaign. These new pieces of information don't change the basic conclusions here, but to reinforce the need for a thorough, independent examination of this incident. (12/30/2015)


Correction: An earlier version indicated a connection between the DNC chair and an employee at DGP-VAN which was an error. The error was widespread on social media and was apparently made because of confusion as to whether or not a Wasserman at NGP-VAN was her brother's son. He is not. I extensively investigated this myself on social media and confirmed to my satisfaction that the information I had originally been given was wrong.