Biden’s Campaign App Inadvertently Allowed Anyone Access To Millions Of Voters’ Information

(Chip Somodevilla/Getty Images)

Daily Caller News Foundation logo
Chris White Tech Reporter
Font Size:

Former Vice President Joe Biden’s presidential campaign inadvertently allowed access to millions of Americans’ private information, including their home addresses, date of birth and gender, according to a security researcher.

A Biden campaign app, Vote Joe, allows people to upload their phone contact lists and see if friends and family are registered to vote ahead of the November election, TechCrunch reported Monday, citing research from mobile expert App Analyst. The app uploads and matches user contacts with voter data through a firm called TargetSmart.

The app displays a voter’s name, age and birthday, and which recent election they voted in when a match is discovered through TargetSmart, TechCrunch noted. The technique helps users “find people you know and encourage them to get involved,” according to the app. TargetSmart claims to have access to files on more than 191 million Americans, the report noted.

The App Analyst discovered users could create fake phone contacts with random names and access any corresponding information.

The app collects much more data than is publicly shown, App Analyst told TechCrunch. Users can see home address, date of birth, gender, ethnicity and party affiliation, the report noted.

Stickers that read "I Voted By Mail" sit on a table waiting to be stuffed into envelopes by absentee ballot election workers at the Mecklenburg County Board of Elections office in Charlotte, NC on September 4, 2020. - The US election is officially open: North Carolina on September 4, 2020 launched vote-by-mail operations for the November 3 contest between President Donald Trump and Joe Biden, which is getting uglier by the day. Worries about the unabated spread of the coronavirus are expected to prompt a major increase in the number of ballots cast by mail, as Americans avoid polling stations. (Photo by Logan Cyrus / AFP) (Photo by LOGAN CYRUS/AFP via Getty Images)

Stickers that read “I Voted By Mail” (Photo by LOGAN CYRUS/AFP via Getty Images)

Biden’s campaign fixed the bug, according to Matt Hill, a spokesman for the former vice president.

“We were made aware about how our third-party app developer was providing additional fields of information from commercially available data that was not needed,” Hill told TechCrunch. “We worked with our vendor quickly to fix the issue and remove the information.”

He added, “We are committed to protecting the privacy of our staff, volunteers and supporters will always work with our vendors to do so.” (RELATED: Report: Trump Campaign Bringing On Cambridge Analytica Product Chief To Oversee Data Management Team)

Hill disputed App Analyst’s contention that addresses and other private data could be collected, and a representative for TargetSmart told TechCrunch that a “limited amount of publicly or commercially available data” was made accessible to other people.

Much of this information is publicly available, though firms provide additional information through other sources to enrich data for campaigns. TargetSmart reportedly compiled voter data in 2017 on close to 600,000 voters in Alaska that was left on an exposed server without a password, ZDnet reported in 2017.

President Donald Trump’s 2016 campaign hired former voter research firm Cambridge Analytica, which gained access to data on 50 million American voters through Facebook. Analytica’s sister company, Global Science Research (GSR), developed a quiz app through which Facebook users could consent to allow access to their data.

GSR’s app sold the data to Analytica, violating Facebook’s terms of use in the process. Analytica closed in 2018 after business dried up following the negative publicity.

The TechCrunch report comes after Microsoft reported on Sept. 11 that hackers from China and Russia tried to break into U.S. political campaigns, including those of the Biden and Trump campaign.

Chinese hackers targeted Biden’s presidential campaign through email accounts belonging to people associated with the campaign, Microsoft’s report states, adding that the attempts were unsuccessful. Hackers from China also sought to compromise at least one person formerly associated with Trump’s reelection campaign, the report said.

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.