Alongside traditional canvassing, political parties can now get their messages across using the internet and social media, tools that have not only made it possible to reach large numbers of people but also, increasingly, to micro-target individuals with tailormade messages. This should, in theory, mean an electorate better informed than ever before. But those same tools can easily be hijacked by malicious actors – both state and non-state – to subvert our democratic systems and be used as a weapon against us. And unfortunately, such interference has become increasingly common in the past few years, be it regarding a referendum on an EU agreement with Ukraine or a US presidential election. Preventing our democratic processes, the very building blocks of our society, from being affected is not a concern for the future. It is a task of the utmost importance now, one that requires immediate action. Indeed, we have been working on addressing this threat for a while and are looking to step up our response, together with our member states.
Attacks on elections and electoral campaigns fall into two main categories: those based on systems and those based on behaviours. The first category includes cyber-attacks that manipulate the electoral process or voting technology to change the number of voters or the number of votes.
But the second category of threat is much more subtle and harmful – attempts at manipulating voting behaviour. In my view, this can take three forms: hacks and leaks designed to change public opinion by revealing damaging information at a crucial point during a campaign; the use of fake news to sway public opinion and influence results; and the misuse of targeted messaging based on psychometrics derived from mined user personality trait data, such as in the Cambridge Analytica case.