Editor’s Note: This essay is adapted from the John Kennard Eddy Memorial Lecture on World Affairs, delivered by the author in October 2020 at Ohio Wesleyan University.
Four years ago, the United States was the target of a coordinated foreign political influence campaign. Russian intelligence agencies set out to embarrass candidate Hillary Clinton by stealing emails from her campaign chairman, John Podesta, and releasing them online. Meanwhile, Russian internet trolls stoked divisions among Americans in an apparent effort to make everyone feel lousy about the state of our democracy.
Almost immediately after the election, the government and the private sector took action. Congress imposed sanctions on Russian individuals as punishment for their misdeeds. The Department of Defense and U.S. Cyber Command took a much more aggressive approach towards anyone who might use the internet for malicious purposes. And social media companies like Facebook and Twitter, under intense pressure, began taking steps to spot foreign manipulation.
None of these efforts have deterred Russia from trying again. Instead, officials have issued repeated warnings about the clear and present danger of foreign meddling in the current election. Congress, the intelligence community, and law enforcement leaders have all sounded the alarm. One particularly alarming note came in September, when Senate Democrats sent a letter urging new sanctions on Russian troublemakers. As they wrote, “there is virtually no national security threat more serious than that posed by those who would undermine confidence in, or the effective operation of, our democratic elections.”
These messages have gotten through. According to a recent survey by the University of California Los Angeles and the Democracy Fund, “Among the 39 percent of Americans who believe a foreign government has already interfered in the November election, 76 percent said it is somewhat or very likely to alter the election’s outcome.” These are deeply troubling numbers. They suggest more than just fears about election integrity in 2020. They suggest a widespread loss of faith in American institutions, and in the strength of American democracy.
Is Foreign Meddling a Problem or a Distraction?
Foreign trolls have clearly tried to poison American politics, using increasingly sophisticated methods to amplify divisive messages. These efforts, however, constitute a tiny slice of the political debate online and in traditional media. Facebook reported that content generated by the Internet Research Agency, the troll farm connected to Russian intelligence services, reached 126 million Americans between August 2015 and July 2017. But Russian efforts were overwhelmed in the social media cacophony before and after the election: Russian-generated posts constituted 0.004 percent of total curing that period. The same is true on Twitter, where the vast majority of tweets came from home. One study estimates that the Internet Research Agency averaged over 55,000 tweets per month in the lead-up to the election. Although this number sounds impressive, it is miniscule in context: Americans sent a billion political tweets between the primary debates and election day. Non-IRA posts from Russian bots accounted for 1.4 million tweets, but that was still less than three-quarters of one percent of total election related content. Foreign meddling is a relatively small problem compared to our own divided, ferocious politics.
What about more intrusive forms of intervention? Russia’s most spectacular act in 2016 was not spreading propaganda on social media, but hacking Podesta’s email account and publicly releasing the contents. Such “hack and leak” operations can divert media attention, especially if the targets are high-profile officials. The operation against Podesta arguably relieved some of the pressure on candidate Donald Trump, who was reeling from the revelation of scandalous comments he made years earlier.
Scholars disagree about the effect of Russian hacking operations on the election itself. Dov Levin, the author of a recent book on the history of election interference, believes that they turned the electoral college in Trump’s favor. Levin’s statistical analysis, combined with surveys of voter reactions to stories about leaked information, suggests that Russian efforts paid off. Thomas Rid, the author of a recent book on the history of Russian active measures, comes to the opposite conclusion. Russia tried hard to intervene, but its efforts were much less important than other factors in the election.
The effect of Russian meddling remains an open question. But if foreign manipulation works at all, it is most likely to succeed in elections with razor-thin margins. These cases do not require manufacturing large shifts in public opinion or voter enthusiasm. The narrow margins in recent U.S. elections thus create an opportunity for foreign operations to have outsize effects.
The Military Temptation
Russia has a long history of election intervention in the United States. Historically, most of its efforts were laughable failures. But the unique characteristics of cyberspace, a domain that allows the rapid spread of misinformation at scale, has caused some analysts to warn against complacency. Russia’s past failures are irrelevant, because it didn’t have such a powerful platform for espionage, sabotage, and electoral propaganda.
Russia’s investment in cyberspace operations has led the American military to become more involved in election security. In advance of the 2018 midterms, U.S. Cyber Command and the National Security Agency created what they called the “Russia Small Group,” a task force that spent months working to spot and mitigate signs of trouble. The fact that the midterms went smoothly seemed to validate their approach and encouraged a broader effort in the lead-up to this year’s election, involving a wider array of military and intelligence agencies. And what was originally an ad hoc military and intelligence collaboration has now become permanent.
The public response to this development has been largely favorable. Writing in the Washington Post, longtime defense columnist David Ignatius praised Cyber Command for stepping up. In the midst of a heated and contentions campaign season, “the military is providing an unexpected and welcome line of defense.” Congress has also broadly supported the command’s more active approach — few if any on Capitol Hill have questioned its growing role in election security. And despite criticisms of the White House for downplaying the threat of foreign meddling, the Trump administration has consistently supported Cyber Command’s expanding remit.
There is something strange about asking military officers, the nation’s professional managers of violence, to simultaneously serve on the front line of election security. But it has become common to ask the military to perform non-military tasks. Over the last two decades it has become deeply involved in state-building, economic development, diplomacy, and intelligence. Others have gone so far as to call for a military intervention if Trump refuses to accept the outcome of the upcoming presidential election. Looking for military solutions has become a default response to new problems.
Part of the reason is that the military is extraordinarily popular. Gallup reports that 72 percent of Americans have “a great deal” or “quite a lot” of confidence in the U.S. military, and 20 percent have “some” confidence. These responses are especially striking given decreasing levels of faith in government institutions. In 1964, the Pew Research Center found that 64 percent of Americans expressed trust in government. Last year that number had fallen to just 17 percent.
Americans support the military because they view it as competent and apolitical. The military projects an air of effectiveness, at a time in which other institutions struggle to do so. Cynicism about a do-nothing Congress prevails, as do complaints about clogged up courts and sclerotic government bureaucracies. But the military has largely avoided these charges. Instead, it enjoys a reputation for trustworthiness that sets it apart, and that makes it a natural candidate for defending the election. “When it comes to the Russian election threat,” Ignatius concludes, “Washington is a tale of two cities. Military commanders are doing their jobs independently and professionally. Political appointees in civilian agencies appear to be more susceptible to White House pressure.”
Election Defenses and Civil-Military Relations
Deep and abiding faith in the military would probably surprise some of the nation’s founders, who worried that a standing army would be an instrument of tyranny. The modern military has retained public trust in part because of the legacy of officers like George Marshall, who served as chief of staff in World War II and secretary of state after the war. Marshall made himself a paragon of the principle of an apolitical officer, and he deliberately avoided domestic affairs. Subsequent leaders mostly followed his lead, and the services worked hard to cultivate a reputation for professionalism and subservience to civilian authority.
Today, however, there are cracks in the armor. Scholars worry that retired military officers are increasingly active in partisan politics, and that politicians are eager to enlist them. This trend makes it impossible to simply hide behind the ethic of professional detachment. Instead, as Risa Brooks puts it, military officers should:
proactively consider what might constitute effective responses to civilian politicians’ efforts to draw the military into electoral politics, such as what to do when politicians make partisan comments to military audiences, or use military personnel or resources as props in partisan speeches or events.
This is the backdrop for U.S. Cyber Command’s now permanent role in election security. Of course, there is a difference between protecting election infrastructure and promoting certain candidates, and nothing the command has done is remotely political. But the command is not just committed to defending networks and machines from malicious code. Instead, it is aggressively working to blunt influence campaigns like those we saw in 2016, which means that it is involved in determining what counts as acceptable and unacceptable political content. Involving a military command in these questions inherently puts its apolitical reputation at risk. Worse, in its effort to stifle foreign provocateurs, it might inadvertently restrict free speech, especially now that foreign intelligence agencies are reportedly luring unwitting Americans to write blog posts on bogus websites.
Given the support that the command currently enjoys, and the consensus in Congress about the need to ward off foreign active measures, it is unlikely to face domestic criticism for its actions after Nov. 3. But if countering influence campaigns is an open-ended mission, it may not be able to steer clear of controversy forever. In some future election, it may face accusations that its efforts mainly benefit one candidate or party. Such a controversy will put civil-military relations under unusual strain.
Perhaps the post-election period will give Cyber Command an opportunity to reassess its basic purpose, and to avoid the temptation to increase its involvement in non-military missions. A modest vision for the command would focus on coordinating cyberspace operations for military purposes and securing military networks from foreign attack. These tasks are complex and difficult. They involve network security, defensive and offensive cyberspace operations, and efforts to integrate cyberspace with conventional military campaigns. Juggling these tasks will prove especially hard given the intense competition for skilled personnel, a perennial problem for government agencies in search of cyber talent. Giving the command additional responsibilities risks overextending resources and putting its core competency at risk.
If Not the Military, Who?
Domestic institutions are responsible for defending domestic traditions. The immediate responsibility for guarding against electoral meddling lies with state and local election boards, who have spent a great deal of time since 2016 preparing for 2020. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has supported the effort to guard against foreign interference, providing training for thousands of election workers on the special problems of conducting a secure and reliable election in the internet age. This agency has also installed hundreds of intrusion detection systems, conducted penetration tests and on-site inspections, and installed domain-blocking tools to keep local election offices away from known malicious websites. These are time-consuming and mundane tasks. They are also essential.
Guarding against influence campaigns is trickier because it involves monitoring political speech. Here government agencies should play a smaller role. Happily, civil society and for-profit organizations have been active in promoting a better political conversation, and not letting it get swamped in misinformation. Academia, the media, and social media platforms have all taken steps in this direction. Stanford University’s Election Integrity Project, for example, has organized a coalition of groups to exchange information on attempts to mislead voters or deter them from voting. Media outlets are more cautious about revealing the details of hacked computers, lest they inadvertently amplify foreign meddling. Last month the Washington Post executive editor issued guidelines to reporters on how to deal with hack and leak efforts like the one targeting the Clinton campaign in 2016. The guidelines emphasize careful deliberation rather than a rush to print, and a need to explain the provenance of any stolen communications. Even the much-maligned social media platforms have taken steps to patrol their sites for signs of what Facebook calls “coordinated inauthentic behavior,” and to remove them.
Because combatting political influence requires political skepticism, the ultimate responsibility lies with voters. Cultivating this skill is not easy. Nor is it simple to distinguish real and fake news, given the explosion of both real and fake news sources over the last decade. Moreover, the line between healthy skepticism and poisonous cynicism is easy to cross in a political environment characterized by routine accusations of lying and bad faith. The problem is helping voters to hone their judgment without accidentally causing them to give up.
None of this can happen quickly, and skeptical readers might doubt it can happen at all. But there are at least two reasons for optimism. One is the visible surge of political energy from young voters, whose concern is evident in protests, campaigns, and increased turnout. Sustaining that energy will help to reduce long-term apathy. The other reason is the broad bipartisan support for increasing investment in civics education, which is probably the best long-term protection against misinformation. There is no substitute for knowing the nuts and bolts of government, and no better inoculation against conspiracy theories, fear mongering, and broad-spectrum nonsense.
Defending elections is not something voters should trust to military organizations, despite the U.S. predilection for military solutions. Efforts to guarantee the integrity of elections require much more than cyberspace operations against foreign adversaries. Instead, these efforts require cooperation among domestic agencies, election offices, and private sector technology vendors, with congressional oversight ensuring that this ordinary but vital work continues after Nov. 3. The same is true for dealing with influence operations, which are inevitable in an open democracy. Protecting social media from political misinformation is not an appropriate task for the armed forces. It distracts Cyber Command from its core mission, and risks aggravating civil-military relations. Efforts to clean up the political conversation should start elsewhere.
Joshua Rovner is associate professor in the School of International Service at American University. In 2018 and 2019 Rovner served as scholar-in-residence at the National Security Agency and U.S. Cyber Command. The views here are his alone.