Lawyers for the Electronic Privacy Information Center told circuit judges last week that attacks on the nation’s election system by Russia underscore the risks to voter data being collected by a presidential commission, in a case that could determine the federal government’s role in securing voter rolls managed by the states. “This data, voter data, is the most sensitive data in our form of government. And we know on record it was also the target of a foreign adversary during the 2016 election,” Marc Rotenberg, president and executive director at EPIC, told a panel of judges at the U.S. Circuit Court of Appeals for the District of Columbia on Nov. 21. EPIC, a nonprofit advocate of online privacy and digital rights, is asking federal courts to block the presidentially appointed commission from collecting the voter data. His comments are a reference to the intelligence community’s conclusion that the Russian government interfered in the 2016 presidential election, which has prompted a number of congressional investigations that could lead to legislation setting new security requirements for voter data.
“This nation faces a crisis of data breaches and identify theft,” Rotenberg said, referring to the number of highly publicized data breaches. He argued the issues being raised by EPIC’s case, and the risks posed to voter data, are not theoretical, and that the Trump administration has failed to adequately protect the privacy and security of voter registration data in establishing its commission.
… The case poses sweeping implications for the federal government’s handling of data under the Administrative Procedure Act and the Freedom of Information Act.
Rotenberg in his assertions that both statutes apply to the work and obligations of the commission argued the risks to privacy and data are not theoretical. He rejected claims by Justice Department lawyers that the group’s lawsuit amounted to a “generalized grievance,” arguing that real harm “flows from the collection data.”