1. 3. Models of interagency collaboration
   1. 3.1. Number and type of agencies involved
   2. 3.2. Dedicated forums and administrative bodies
   3. 3.3. Cooperation between different levels of the EMB
   4. 3.4. Cooperation with non-state agencies

3. Models of interagency collaboration

The form of interagency collaboration analysed in the case studies in this publication depends on four primary factors: (a) the number and type of agencies involved; (b) forums for interagency collaboration; (c) cooperation between different levels of the EMB; and (d) collaborating with non-state agencies. This chapter discusses each factor in turn.

3.1. Number and type of agencies involved

In some countries interagency collaboration is limited to a few agencies, but across the case studies a large number of agencies were identified as potential collaboration partners (see Table 3.1). Collaboration can be limited to government agencies, but it often includes non-state actors, civil society, media, political parties and candidates, as well as the private sector (see Box 3.1). Depending on the country context, the EMB can serve as either a mediator or a driver of collaboration.

Box 3.1. Moldova: close collaboration with security agencies during cyberincidents

In 2014, Moldova introduced a digital voter register, which records voters’ presence at polling stations, as an additional verification mechanism. When it was first used during the 2014 general election, the system unexpectedly went down for several hours. Although the breakdown was due to insufficient server backup, rumours soon spread that an attack had taken place. The Central Election Commission’s newly established collaboration with the security services, however, quickly paid off. They rapidly provided additional servers to the election commission’s headquarters, and publicly renounced rumours of an attack. These actions quickly returned the election to the commission’s control and established the foundations for interagency trust.

Table 3.1. Agencies potentially involved in collaboration on cybersecurity

3.2. Dedicated forums and administrative bodies

Some countries organize interagency collaboration through dedicated forums such as task forces, working groups, dedicated projects and administrative bodies (see Table 3.2). Some task forces meet on an ad hoc basis, while others conduct regular forums in order to exchange information. Many countries have a single task force on election cybersecurity, yet Estonia has found that a model with several small, focused groups is more effective. The USA maintains two forums— one for collaboration between state agencies and one for collaboration with the private sector.

Table 3.2. Examples of interagency forums on cybersecurity

3.3. Cooperation between different levels of the EMB

Countries with a centralized EMB that is responsible for organizing elections at all levels, including polling stations, usually find it easier to apply uniform cybersecurity measures throughout the country. In countries with a decentralized model, where independent, local EMBs have direct operational control over organizing elections, yet the general public (and sometimes even politicians) tend to hold the central election authority ultimately responsible for any local incidents. The central authority regularly receives the brunt of criticism and reputational damage for any errors.

Decentralized EMBs therefore require new and intensified cooperation and support between their different levels. There may also be a need to mitigate misgivings or hostility regarding national-level oversight in local affairs. In such a decentralized context, a key role of interagency collaboration is often coordination and trust building between local election administrations and a range of statelevel agencies, from the national EMB to security agencies.

3.4. Cooperation with non-state agencies

The private sector, which includes election-related technology and telecom providers as well as risk analysts, is an important collaboration partner for most EMBs to secure technology, conduct security audits, and propose and support the implementation of countermeasures. Some countries include utility providers in their interagency collaboration process in order to minimize the risk of service interruptions around election day.

Contacts with media outlets—and increasingly social media providers—are important to ensure that communication plans can be executed even during an attack. The case study interviews conducted for this publication revealed that the level of cooperation with social media providers varies greatly between countries. Some EMBs largely refrain from social media activities, while others, such as Mexico, have formal memoranda of understanding in place. Currently, the ability and willingness to cooperate with social media providers varies among larger countries with well-established cooperation and services, and is unavailable in smaller countries or less important markets.

Political parties and candidates are targeted in election hacking attacks not only due to their perceived value as a target, but also because they are often the weakest link of all electoral stakeholders. This is especially true where there are a large number of parties, and insufficient resources to invest in technology security. The degree to which it is possible and appropriate for an EMB or other state agency to provide cyber-related advice to political parties varies greatly between countries. However, it is recommended to inform parties of the potential havoc of cyberattacks alongside the scope of support that EMBs and other agencies can offer in the event of such attacks. When political parties receive privileged access to election data, such as voter lists or preliminary results, this also indicates a need for related instructions and conditions on how to protect this data.

Academia plays an important role in electoral cybersecurity. For instance, technology experts or hacktivists may warn stakeholders of the danger of not taking ICT security in elections seriously. These academics and others provide a wide range of input including suggestions on how to improve systems and publicly demonstrating genuine vulnerabilities in the current electoral setup, both technological and integral. Building a constructive relationship with such experts, provided their intentions and modes of operation are transparent, can help improve systems and lower the risks of negative publicity. Some academic institutions have initiated cybersecurity-related collaboration with electoral administrators and support electoral stakeholders based on their research. For instance, Harvard Kennedy School’s Belfer Center for Science and International Affairs (2018a, 2018b) created The Cybersecurity Campaign Playbook. Likewise, the annual US-based hackers conference DefCon has focused on electoral cybersecurity and produced the Voting Machine Hacking Village Report on Cyber Vulnerabilities in the U.S. (DefCon 2017; DefCon 2018). In Latin American countries such as Mexico and Venezuela, academic institutions serve on an independent election technology review and audit body that facilitates technology improvement and strengthens public trust. Finally, in Indonesia, academics play an important role in developing election-related technology.

Table of Contents

• 1. Introduction
• 2. Cyberthreats throughout the electoral cycle
• 3. Models of interagency collaboration
• 4. Operationalizing interagency collaboration
• 5. Conclusions and recommendations
• Annex A - Case studies
• References and further reading
• About the authors
• About International IDEA