American democracy is under attack, with foreign spies and trolls throwing wrenches into the workings of U.S. elections—be it attempts to hack candidate websites, scramble voter rolls, or spread fake news on social media platforms. While Washington bickers about whether it’s spending enough on security upgrades ($380 million has been allocated, with Democrats repeatedly asking for more), the overtaxed cities and counties that actually run the polls are scrambling to catch up. Although Silicon Valley has come under fire for its role in recent elections around the world, enabling the social media vandalism of 2016, for instance, several tech firms are now stepping up to boost election security with free or discounted services. “We saw that tech was being used to undermine elections. And the question was, could we be a tech company that was helping to provide our services to help support those elections?” says Matthew Prince, CEO of the content-delivery network and security service Cloudflare.
In December 2017, the company began offering free enterprise-security accounts to U.S. state, county, and municipal election authorities—mainly to prevent distributed denial of service (DDoS) attacks that could knock them offline during voter registration, election-result reporting, or at other critical times. Cloudflare’s Athenian Project was first used by Alabama in its special election for the U.S. Senate last December. And in July, the company announced that about 70 government organizations, from states down to cities, have signed up for the service.
Prince acknowledges that this is just a sliver of the more than 8,000 mostly county-based, often cash-strapped government organizations that oversee parts of U.S. elections. (Even the federal government doesn’t have an exact count of how many local entities are involved.) It doesn’t look as if other companies have encouraged many takers, either, and some may not be offering quite as much as they claim.
Cloudflare’s transparency seems to be the exception, in a sector prone to vague promises and paranoia, with participating government officials loathe to say much about their security procedures.