It might feel like pure inside baseball, but the data breach that gave the Bernie Sanders campaign staff access to some of the Hillary Clinton campaign’s voter information goes to the heart of modern elections.
At stake are the details that tell a campaign who is persuadable to the cause, and who’s likely to actually come out and vote.
Sen. Bernie Sanders, I-Vt., apologized to the Democratic primary leader Hillary Clinton at a weekend debate in New Hampshire. Clinton accepted his apology and said it was time to move on.
But in an interview the next day on NBC’s Meet the Press, host Chuck Todd pressed Sanders on exactly what happened when a software glitch allowed his people to see some of the Clinton data. The system is run by the Democratic National Committee, and the DNC had temporarily blocked the Sanders campaign from using its valuable voter information.
"As a result of a breach caused by the DNC vendor, not by us, information came into our campaign about the Clinton campaign," Sanders said Dec. 20, 2015.
"Magically," asked Todd?
"We didn't go out and take it," Sanders replied.
Really? In this fact-check, we’ll explore whether the Sanders campaign staff didn’t "go out and take" information from the Clinton campaign.
A quick recap
On Wednesday, Dec. 16, 2015, NGP VAN, the vendor that operates the system, released a software modification that had a bug. According to a lawsuit filed by the Sanders campaign, "several staff members of the campaign accessed and viewed confidential Information" that belonged to the Clinton campaign.
The breach was reported within the Sanders campaign the same day. The staffer who had dug into the Clinton files, Josh Uretsky, told CNN that he had poked around in the system to document the extent of the software bug.
By Wednesday, the DNC knew of the problem and contacted the Sanders campaign. Senior staff fired Uretsky at some point on Thursday. The DNC blocked the campaign from using the voter system pending an investigation. The Sanders campaign sued on Friday, and by Friday evening, access was restored.
On Saturday, the Sanders campaign suspended two other staff members.
Steps and missteps
No one questions that a software error created the opportunity for the Sanders staffers to see what they shouldn’t. The press release from NGP VAN plainly says that.
So then the question is, what did the Sanders campaign staff do?
Thanks to a leak of the activity logs on the NGP VAN system, we have some idea. The Twitter user Iowa Starting Line posted them and you can see those logs here. No one has questioned their authenticity. Here’s one example:
These logs show Sanders people spent a bit under two hours in the data. During that time, they called up information from about a dozen states. They queried the database for the number of voters who met certain criteria. The "Turnout" variable shows on a scale of 1 to 100 how likely a person is to vote. A voter with a high "Priority" score would be someone the campaign will make every effort to contact.
The NGP VAN statement said the Sanders campaign could not see actual lists of voters. All that would be visible would be tallies of people. The sole exception was "a one page-style report containing summary data on a list was saved out of VoteBuilder by one Sanders user."
That would correspond to the final item on the log above where at 11:41 a.m. there is a notation for "Hits counts and cross tabs 4 times."
It is unclear if that page was printed out or copied. But it was created because a Sanders staff member took specific actions.
Two people who know the NGP VAN system told PolitiFact that even the most minimal data gleaned from the Clinton campaign would have been valuable.
David Atkins, a campaign consultant and county official in the California Democratic Party, told us that the information would give the Sanders campaign some idea of how the Clinton campaign was targeting voters. And it would offer "a sort of polling snapshot to see how well or poorly she was doing in certain states."
Daniel Kreiss teaches at the University of North Carolina at Chapel Hill and is the author of Taking our Country Back, which looks at Democratic online campaigning.
"At the very least, topline numbers would provide a ballpark overview of the numbers the opposing campaign was working with in these states," Kreiss said.
Not only could that open a window into the state of the race, it could help the Sanders campaign measure the accuracy of its own information.
Atkins cautioned that to this day, only a handful of people actually know what took place. But the activity logs don’t help the Sanders campaign’s position.
"What appears damning is that hours passed where they didn't contact the vendor immediately, which is what I -- and most campaign operatives -- would have done," Atkins said.
We reached out to the Sanders campaign for comment and did not hear back.
Sanders said that his campaign did not go out and take information from the Clinton campaign. From all accounts, it is true that the Sanders campaign did not attempt to break into the voter data of a rival campaign. The Sanders people stumbled upon a glitch.
But rather than reporting the glitch immediately, they probed the database for a bit under two hours. At some point, the staff produced a page of information that at the very least would show the count of certain voters.
Experts familiar with the Democratic voter data base say that the Sanders campaign would have gleaned valuable information. At the end of the day, they knew some things about the Clinton campaign that they hadn’t known before, even if they didn’t seek to crack into the Clinton data.
We rate Sanders’ claim that the campaign didn’t "go out and take" information as Mostly False.