Commentary
Debate is heating up on how Turkey could be integrated into a common European defense framework. Commercial and industrial deals offer a better chance at alignment than sweeping political efforts.
Marc Pierini
{
"authors": [
"Tim Maurer"
],
"type": "legacyinthemedia",
"centerAffiliationAll": "dc",
"centers": [
"Carnegie Endowment for International Peace"
],
"collections": [],
"englishNewsletterAll": "ctw",
"nonEnglishNewsletterAll": "",
"primaryCenter": "Carnegie Endowment for International Peace",
"programAffiliation": "TIA",
"programs": [
"Technology and International Affairs"
],
"projects": [],
"regions": [
"North America",
"United States",
"Iran"
],
"topics": [
"Security",
"Technology"
]
}
Source: Getty
In The Media
Why the Government Needs to Pay Attention to Census Cybersecurity
Hacking or disruptions to the census could have devastating consequences. To prepare, the U.S. government should make protecting the 2020 census from cyberattacks a top priority.
By Tim Maurer
Published on Apr 3, 2019
Source: Hill
Malicious foreign attackers interfered in the Australian census three years ago, forcing a system shutdown during prime time for respondents to “ensure the integrity of the data.” The attack cost some $30 million in taxpayer money, caused a big embarrassment for the government, and provided fodder for those who had criticized the census all along.
The United States will conduct its own census next year. Imagine that in early 2020, rumors start to emerge on social media that the census in the United States is a political conspiracy of the Washington elite to control the population. Imagine that when the census takes place, devices used to collect the data stop functioning, data gets leaked, or the data itself gets manipulated. With American society on edge ahead of the 2020 election, such scenarios could have devastating consequences for the census as an institution. The federal government must make protecting the census from cyberattacks a top priority. Senior officials have at times highlighted the topic but preparations are still behind schedule.
The Government Accountability Office warned in its new high risk report that the current 2020 census schedule “lacks a risk assessment” and that 21 of 44 positions remain vacant in the office overseeing the $886 million contract for integrating the information technology systems needed to conduct the 2020 census. Moreover, “nearly 1,100 system security weaknesses” still need to be addressed. It outlines priorities from filling the vacant positions to addressing “cybersecurity weaknesses in a timely manner and ensure that risks are at an acceptable level before systems are deployed.” It echoes concerns voiced by other experts.
The census is required by the Constitution and is critical data for economic policy, health care, representation, and more. For example, census data is used to apportion congressional districts that accurately represent rising and falling state populations. It is also used for allocating federal funding across a wide variety of programs. Census data is not just important to government. Census data is publicly available information that is used by private sector companies as they consider investment opportunities and try to grow their businesses. Time is quickly running out so the federal government and the private sector must take these six actions now to mitigate the multiple risks to the decennial census.
First, the federal government should launch a “hiring sprint” to make resources available to fill vacant positions not only at the Census Bureau but the other agencies whose work supports preparing the 2020 census. Such personnel and their activities across agencies should be considered “essential” so they will not be affected by future government shutdowns. Every week matters to prepare and this cannot be neglected again.
Second, there must be a comprehensive plan in place to test information technology systems and to conduct exercises at a reasonable scale. The 2020 census is a gargantuan modernization exercise and information technology upgrade. Even without any interference, such information technology upgrades are prone to accidental failures and disruptions.
Third, the federal government should have an interagency incident response plan in place that includes the national security community to be ready in case any interference does occur. Interference may not only be direct cyberattacks but malign actors seizing the opportunity of any systems malfunction to undermine trust with social media campaigns.
Fourth, technology companies should be prepared that their platforms may be used to interfere in the 2020 census in ways similar to the 2016 election. They have taken important steps in the past two years, especially ahead of the 2018 midterms, and now in the run up to the 2020 election to avoid a similar outcome. Technology companies should treat any potential interference in the 2020 census with similarly grave concern.
Fifth, the federal government should make clear that it will not accept any interference in the census process. Such a declaratory statement by the top levels of the administration will be a clear warning to deter potential attackers. It would emulate similar statements issued ahead of the 2018 midterms, except in this case trying to prevent interference in the first place rather than avoid a repeat. The administration must be prepared to make good on these threats should an attack come from any adversary.
Finally, the United States should take a leadership role at the upcoming two processes at the United Nations focusing on cyber norms. Protecting the integrity of census data is in the common interest of all countries and provides an opportunity for international cooperation even with countries that are not like minded out of shared national security interest.
It be nice if after years of one surprise cyberattack after another, we could get ahead of the curve and ensure an attack will actually not happen.
About the Author
Tim Maurer
Former Senior Fellow, Technology and International Affairs Program
Dr. Tim Maurer was a senior fellow in Carnegie’s Technology and International Affairs program.
Carnegie does not take institutional positions on public policy issues; the views represented herein are those of the author(s) and do not necessarily reflect the views of Carnegie, its staff, or its trustees.
More Work from Carnegie Europe
- Deciphering Europe’s Relationship with Turkey
- Taking the Pulse: Is it Worth it for Europeans to Placate Trump?Commentary
After spending much of 2025 trying to placate Donald Trump, some European leaders are starting to change posture. But is even a hostile Washington still so important to Europe that the U.S. president’s outbursts are worth putting up with?
Rym Momtaz, ed.
- Europeans Are Quiet Quitting the United StatesCommentary
European leaders have now not only lost faith in Donald Trump’s U.S. presidency, but also in America’s hegemony as a whole. But short-term challenges make an immediate divorce unwise.
Rym Momtaz
- The EU Equivocating on Turkey Is Bad GeopoliticsCommentary
Following Ursula von der Leyen’s gaffe equating Turkey to Russia and China, relations with Ankara risk deteriorating even further. Without better, more consistent diplomatic messaging, how can the EU pretend to be a geopolitical power?
Sinan Ülgen
- The Fog of AI WarCommentary
In Ukraine, Gaza, and Iran, AI warfare has come to dominate, with barely any oversight or accountability. Europe must lead the charge on the responsible use of new military technologies.
Raluca Csernatoni
