In the immediate aftermath of the Nov. 3 election, an intelligence analyst named Hannah Glidden was working for the Connecticut Secretary of the State’s office under a novel contract. Her job was to flag any social media talk of voter fraud or disinformation about the election in Connecticut.
It didn’t take long to find some.
Over the next few weeks, Glidden brought dozens of posts to the attention of officials who said the reports were valuable as they tried to tamp down misinformation. But Glidden’s contract ran out at the end of November, costing the agency a source of information that has not yet been restored at a time when officials in Connecticut and across the country are struggling to not only negate disinformation about the last election but prepare for violence in the wake of last week’s attack on the U.S. Capitol by supporters of President Donald Trump.
“It would be really helpful if we still had those” reports, said Gabe Rosenberg, general counsel for Secretary of the State Denise Merrill. Remaining money from the federal Help America Vote Act, which funded Glidden’s position, has been earmarked for other uses, including a long-overdue update of the state’s central voter registration system. “The only way to make a position permanent is through the legislature; you can’t fund a permanent position on grant money,” he added.
One of the posts that Glidden flagged involved Republican State Rep. Craig Fishbein’s race. Fishbein initially appeared to lose his seat, but he was declared the winner after a vote-counting error was discovered just days after the election.
President Donald Trump’s supporters across the internet cited it as an example of the sort of widespread voter fraud that the president was claiming.
“I guess Democrats couldn’t get away with this one! I bet voter fraud in CT exists as the same party that has been in power for 45 years approximately is destroying Connecticut,” one person wrote on social media.
Glidden reported many other posts in the weeks following the election — including mentions of the “Stop the Steal” campaign that was prominent in the run-up to the Jan. 6 mob attack on the U.S. Capitol.
“Pro-Trump rallies called for on Social Media don’t appear to be organized, with the exception of a “Stop the Steal” campaign with an associated group on Facebook (taken down by the platform on November 5, 2020). The latter does not appear to have significant support in major Connecticut cities,” Glidden wrote in a roundup sent to the Secretary of the State’s office.
The state initially hired a different intelligence analyst, Chris Holden, who started in the role in September. The office apportioned $90 an hour and up to $50,870 for the work, CT Mirror previously reported.
Holden left at the beginning of November and was replaced by Glidden soon thereafter, the reports show. He left for a full-time job, and Glidden was hired on his recommendation, Rosenberg said.
The two to three page daily reports, or “roll-ups,” as Holden and Glidden referred to them, contained posts that they uncovered from the dark web that mention voter fraud or election or Connecticut in some way, according to a CT Mirror analysis. The analysts were scouring dark web sites such as Helium and BunkerChan as well as more well-known social media sites — Twitter, Facebook, Parler and 4Chan — for false information and incitements of violence.
Each report starts with a summary of the big news of the day, whether it be some new court filing by Trump’s attorneys, a new allegation of voter fraud or news regarding COVID-19 — more commonly referred to as the Wuhanvirus on dark web sites.
The reports then specify social media posts either by Connecticut residents who identify themselves as living here or posts that mention Connecticut in some way.
For instance, when Fishbein was declared the winner of his race, a Breitbart story about it spread across the dark web. Several Parler posts linked the switch in the small district in a Connecticut race to the presidential election.
Ken Gray, a retired FBI special agent, is now a senior lecturer at the Henry Lee School of Criminal Justice and Forensic Sciences and specializes in counterterrorism and computer intrusions. He was surprised to hear that the Secretary of the State’s office hired someone to investigate cyber activity.
“Connecticut already has a whole unit that does just that every day,” Gray said, referring to the Connecticut Intelligence Center, or CTIC, run by the state police.
CTIC was created after 9/11 and includes state police, FBI and local police officers who work out of state police headquarters doing counter-intelligence investigations including monitoring social media, said State Police spokesperson Brian Foley.
The data they collect, particularly if there is a threat, is shared with other law enforcement entities including homeland security, the FBI and local police departments. The secretary of state’s office is not on that list, Foley said.
“There is specific value in locating the analyst tracking election dis- and misinformation in the office with expertise in election administration – this is a specialized field, and subject matter knowledge is necessary to identify dis- and misinformation and to be able to analyze its importance,” Rosenberg said, adding that the Secretary of the State tried to correct false information. “I don’t believe we ever got information regarding election dis- or misinformation from any other part of state government, and I would imagine there are one or more agencies with some type of similar intelligence gathering functions.”
Glidden’s job — and by extension, the Secretary of the State’s job — was not to identify credible threats to public safety, Rosenberg said; nevertheless, “if any information came to my attention involving potential crimes, I shared it with the relevant people, because that was the right thing to do.”
The focus of the reports shifted noticeably after the election. Holden’s reports touched on identifying potential foreign state actors and bots online, while Glidden’s explicitly tracked incitement. Both monitored claims of election fraud closely, providing screenshots and links to posts online. “We were dealing exclusively with information that was posted publicly on the internet,” Rosenberg said.
Rosenberg sent posts flagged for misinformation by the intelligence analysts to the federal Cybersecurity and Infrastructure Security Agency, sending a copy to a local FBI agent and the platform the post appeared on when he did so, he said. “CISA was supposed to, and from what I can see did, work with the platforms to take down mis- or disinformation that appeared on the platform.”
Rosenberg also wrote to some platforms, such as Facebook, directly, asking that the posts be taken down — with mixed success. On one occasion in December, a Facebook employee refused to take down false information about Connecticut tabulators that was posted on the Secretary of the State’s Facebook page, claiming that it did not “interfere with the vote” and therefore did not violate Facebook policy.
An expectation of privacy?
Gray said he would be concerned if they were collecting a series of tweets or posts and keeping a file on particular individuals.
“People don’t have an expectation of privacy if they post something online, but if you start collecting their posts and archiving them, then you are potentially crossing the line of doing an investigation into that person without the authority to do so,” Gray said.
The intelligence analysts did not keep files on any of the people whose posts they flagged for misinformation, Rosenberg said.
“Other states that have a similar function all house it in the office of the chief election officer,” Rosenberg wrote. Connecticut is not the only state to be monitoring social media for election-related disinformation; California has a program called VoteSure that also flags disinformation that was developed before the 2018 midterm elections, ProPublica previously reported.
Colorado’s Secretary of the State “hired Nathan Blumenthal, a former counterterrorism official at the Department of Homeland Security, to run the three-person operation, which in turn has hired outside vendors to help identify misinformation online, whether it is going viral on social media or lurking on obscure message boards,” the New York Times reported in October.
The National Association of Secretaries of State does not track which states hire for precisely this role, but a number of states have cybersecurity experts in their offices or within their state governments that they can use, a spokesperson said.
Nov. 30 marked “the end of the road for the time being” of the position here in Connecticut, Rosenberg said, but it may return if the funds are appropriated for it. The Secretary of the State’s office will likely seek the funds to do so this budget cycle, he said, though “no final decisions have been made yet.”
“This is now a part of American elections,” he said. “To ignore it or not deal with it is going to cause problems down the road.”