Election securityThe many faces of foreign interference in European elections
Citizens of the European Union’s 28 member states go to the polls this week to choose their representatives to the European Parliament. Following Russian interference in several high-profile elections over the past three years, European governments are on high alert for signs of such meddling on social media or in electoral IT systems. Recent events in Austria and Italy show that foreign authoritarian actors are finding other under-examined, but equally insidious ways to infiltrate campaigns and harm democracy in Europe.
Citizens of the European Union’s 28 member states go to the polls this week to choose their representatives to the European Parliament. Following Russian interference in several high-profile elections over the past three years, European governments are on high alert for signs of such meddling on social media or in electoral IT systems. But, while EU institutions and national governments are tracking potential threats like disinformation and cyberattacks, recent events in Austria and Italy show that foreign authoritarian actors are finding other under-examined, but equally insidious ways to infiltrate campaigns and harm democracy in Europe.
It is no surprise that disinformation and cyberattacks are on everyone’s radar. In the two most prominent recent cases of Russian interference in democratic elections, during the 2016 U.S. and 2017 French presidential elections, malign actors penetrated campaign computer systems and leaked hacked documents to the media with the intention of harming specific candidates. In both cases, Russian government-linked actors maximized the impact of the cyberattack by widely disseminating this weaponized information. Russian operatives posed as concerned citizens on social media platforms and, helped by automated programs known as “bots,” flooded the public discourse with divisive narratives.
European states have established several instruments meant to prevent a repeat of these incidents. In December 2018, EU institutions published an Action Plan Against Disinformation, which recommends the establishment of a Rapid Alert System that will, in time, pool the disinformation-monitoring capabilities of the EU, NATO, their member states, and other relevant stakeholders. In addition, social media platforms have undertaken new commitments under an EU Code of Practice that is meant to improve the transparency and accountability of its signatories.
Meanwhile, the EU directive on security of network and information systems has provided a framework within which member states can exchange best practices and coordinate their efforts to secure election infrastructure. And, only last week, the bloc adopted new legislation allowing it to impose sanctions upon actors responsible for cyberattacks on EU institutions, member states, third states, and international organizations.
These first steps to tackle disinformation and cybersecurity are important. However, other vulnerabilities have not attracted as much attention. This is especially true of the financing of political parties and campaigns.
