“We judge it very likely that Canadian voters will encounter some form of foreign cyber interference related to the 2019 federal election.” So says the Communications Security Establishment (CSE), Canada’s equivalent to America’s NSA and Britain’s GCHQ, in a report issued on 8 April 2019. In response, the Canadian government has been threatening to regulate social media. As the Chronicle Herald reports:
The world’s major social media companies are not doing enough to help Canada combat potential foreign meddling in this October’s elections and the government might have to regulate them, the cabinet minister in charge of ensuring a fair vote said on Monday.
Democratic Institutions Minister Karina Gould spoke shortly after Canada’s electronic signals spy agency said it was very likely that foreign actors will try to meddle in the election.
Gould expects Facebook Inc., Twitter Inc., and Alphabet Inc.’s Google to help safeguard the vote by promoting transparency, authenticity, and integrity on their platforms, and said she has been disappointed by the slowness of talks with the companies.
So let’s take a look at this CSE report.
The first thing to note about it is that it’s very short — 24 pages (23 without the very insubstantial footnotes). But if you take out the executive summary and the various explanations of how the report is structured, there are only 16 pages, of which about 80% consists of pictures. The actual text takes only up 3–4 pages, of which only one page discusses the specific Canadian context.
In short, there isn’t much detail in this report. There’s no substance, just some assertions without much by way of supporting evidence or even elucidation of what the assertions mean in practice. It’s very hard to say whether the report’s claims are credible based on what’s in the report, because there isn’t much there.
What are these claims?
First, as Canada is a G7 and NATO member, its political decisions affect the international community more generally. Other states may therefore wish to influence it. Consequently, says CSE, “Foreign adversaries may use cyber tools to target the democratic process to change Canadian election outcomes, policy makers’ choices, governmental relationships with foreign and domestic partners, and Canada’s reputation around the world.” It’s true that they “may” do so, but it’s a leap from may do to will do, especially if what you have in mind is the more malicious forms of influence being discussed. The “will do” claim is decidedly unproven.
In broad terms, states are always trying to influence other states. That’s entirely normal. And it’s obvious that cyber tools will be among those used — for instance, ministries and embassies throughout the world, including those of Canada, regularly use Facebook and Twitter to spread their message. “Digital diplomacy,” therefore, is nothing odd, and if that is all CSE has in mind, there’s no reason to get at all worried by it. States are always trying to influence things such as “policy makers’ choices” and “governmental relationships with foreign and domestic partners.”
More probably, though, CSE has in mind efforts to do these things by more surreptitious means, specifically attempts to change election results. The report mentions that “Cyber threat actors manipulate online information, often on social media using cyber tools, in order to influence voters’ opinions and behaviours.” As with so much of this report, this statement is annoyingly lacking in specifics, but let’s take it as fact that people “manipulate online information,” including during election campaigns. The issue then arises of how much of that is done by foreign actors, and how much by domestic ones.
Unfortunately, CSE ignores this question entirely. If what you’re worried about is that voters are being fed “fake news” and “disinformation,” look no further than your own country’s politicians and their enablers in the media. Brexit, for instance, didn’t happen because of “foreign meddling,” but because of the disinformation spread by pro-Brexit politicians and journalists. None of this is to say that what CSE describes doesn’t and can’t happen, but we need to have a sense of proportion. CSE doesn’t provide any of that.
CSE also notes that political parties and other organizations face hacking threats. This is, of course, true. But cyber security is something that people ought to be paying attention to in any case, regardless of foreigners who might engage in election meddling.
See part 2 of this blog for more specific matters regarding the 2019 Canadian federal election.
Paul Robinson is a professor in the Graduate School of Public and International Affairs at the University of Ottawa and the author of numerous books on Russian, Soviet, and military history. He blogs at irrussianality.wordpress.com.