Joe Biden’s campaign is scrambling to clean up its own mess after a new report revealed major privacy concerns with the Democratic presidential hopeful’s official app.
According to Breitbart, a report from TechCrunch revealed Monday that a bug in the “Vote Joe” app may have compromised the personal information of as many as 191 million American voters.
“The Biden campaign fixed the bug and pushed out an app update on Friday,” TechCrunch reported — but the damage may already be done.
“Find people you know”
According to Breitbart, the Vote Joe app included a feature that was designed to help users to encourage their loved ones to get out and vote this November.
To do this, the app allowed users to upload information like names and phone numbers from their smartphones’ contact lists. That information was then cross-checked with data from the political marketing company TargetSmart to provide the user with details about their contacts’ voting history, including “the voter’s name, age, and birthday, and which recent election they voted in,” according to TechCrunch.
The idea, according to Breitbart, was for Biden supporters to use this data to “find people you know and encourage them to get involved.” But it seems things went a little too far.
Problems of privacy
On its website, TargetSmart claims that its services are “created to seamlessly align with our clients’ strategic goals and are tailored to suit your organization’s unique objectives.” It also purports to have “contact and voting information of over 191 million voters, and 58 million unregistered, voting age consumers,” as Breitbart noted.
With the Vote Joe app, it seems that information became widely accessible. Citing research from a tech blogger known as the “App Analyst,” TechCrunch revealed that Biden’s app could be “tricked” easily: users could pull “in anyone’s information by creating a contact on his phone with the voter’s name.” What’s more, though the app was designed to only show some information, like the voter’s name and birthday, other personal details were also made available.
By intercepting the data that flows in and out of the device, [App Analyst] saw far more detailed and private information, including the voter’s home address, date of birth, gender, ethnicity and political party affiliation, such as Republican or Democrat.
The App Analyst noted in his own blog post that although gaining access through the use of false information “likely violates [the Biden campaign’s] Terms of Service, that does nothing to stop a bad actor.”
Campaign in chaos
The Biden campaign has “disputed” some of App Analyst’s findings, according to TechCrunch, but nonetheless promised that the issue was “quickly” resolved.
“We were made aware about how our third-party app developer was providing additional fields of information from commercially available data that was not needed,” Biden spokesman Matt Hill said in a statement to TechCrunch. “We worked with our vendor quickly to fix the issue and remove the information. We are committed to protecting the privacy of our staff, volunteers and, supporters will always work with our vendors to do so.”