Due to unusual and exigent circumstances and the demonstrated threat of foreign cyberattacks against party and candidate committees, Defending Digital Campaigns (DDC), a nonprofit corporation, may provide cybersecurity services, software, and hardware for free or at a reduced cost to federal candidates and national parties on a nonpartisan basis according to pre-determined, objective criteria.
DDC is a nonprofit corporation whose purpose is to provide education, research, and solutions for enhancing cybersecurity and resilience “to hostile cyber acts targeting our domestic democratic process.” In keeping with this purpose, DDC asks if it may provide federal candidates and parties with the resources and training necessary to combat those attacks, so long as it does so on a nonpartisan basis according to neutral, objective criteria, and not to the benefit of any one campaign or political party committee over another or to influence any federal election. The services provided would include free or reduced cost cybersecurity software and hardware, on-site training and assistance, cybersecurity bootcamps, a cybersecurity hotline, cybersecurity incident response services, and a system of information sharing that would allow DDC, political committees, and government agencies to share information on malicious cyberthreats.
DDC asks if it may make its proposed services available, either free of charge or at a reduced charge, to all “active, registered national party committees” as well as “active, registered federal candidate committees” that satisfy one of the following requirements (collectively “eligible committees”):
- House candidates with at least $50,000 in receipts for the current cycle or Senate candidates with at least $100,000 in receipts for the current cycle;
- House or Senate candidates who have qualified for the general election ballot in their respective elections; or
- Presidential candidates polling above five percent in national polls.
Under the unusual and exigent circumstances presented in the request, and in light of the currently demonstrated enhanced threat of foreign cyberattacks, the Commission concludes that DDC may provide eligible committees with free or reduced cost cybersecurity services. The Commission recognizes that enforcing 52 U.S.C. § 30121, which prohibits contributions from foreign nationals as well as foreign principals (including the government of a foreign country), “requires that countermeasures be taken within the United States.”
Because of the unique nature of the request and the premise of preventing foreign cyberattacks, the approval of the opinion is conditioned on DDC’s commitment not to accept any donations from foreign nationals, as well as public disclosure on its website of all donations and disclosure of new donations by the first day of the month following when they were received. Finally, any material decline in the external threat environment, as judged by the U.S. Intelligence Community or U.S. national security officials, would affect the continuing applicability of this opinion.
Date issued: May 21, 2019; 10 pages
11 CFR 110.20
Prohibition on contributions, donations, expenditures, independent expenditures, and disbursements by foreign nationals