Nellwyn Thomas has a unique vantage point on one of the biggest issues in American politics today: election security.
She was working for Hillary Clinton’s campaign in 2016 as deputy chief analytics officer when the Democratic National Committee fell victim to Russian hackers. Today, Thomas is two months into a new gig as chief technology officer at the DNC, where the tech team is shoring up its defenses and preparing for the presidential election next year.
Thomas is the first data scientist and first woman to serve as CTO of the DNC. GeekWire caught up with Thomas while she was visiting Seattle to meet with the state’s Democratic Party and technology partners. She discussed how the DNC is modernizing its infrastructure and the challenges that come from running a tech team inside a political organization.
“When I was first hired, the story that was written was like, ‘first woman CTO,'” Thomas said. “What I think is phenomenal is I’m actually the first data scientist CTO at the DNC — and fundamentally, our product is data.”
Most of the data Thomas manages is contained in the voter file, a digital database of registered voters who cast ballots in past elections. The DNC manages a nationwide file and shares data and tools with local Democrat parties to help them with campaigns. The DNC recently migrated the voter file it manages from enterprise servers to the Google Cloud Platform, which Thomas says will improve security and provide better insights.
Thomas spent more than four years at Etsy before her gig with Clinton campaign. She later joined Facebook, helping lead data science teams at the social media giant. That experience made her “even more aware of the challenges and complexities of how content — whether news, opinion, disinformation or satire — is shared and distributed,” Thomas said in an email.
“It is one of the reasons I believe that it is vital the DNC — as well as the campaigns themselves — have internal efforts focusing on tracking and escalating misinformation and disinformation,” she said. “Social media companies, including Twitter, Facebook, Instagram and YouTube are not going to fix this problem fast enough for 2020, and we need to be ready for that.”
Continue reading for highlights from our conversation, which ranged from lessons learned in 2016 to the DNC’s efforts to track voter suppression.
On the Russian hack: “I would never fault the team that was at the DNC in 2015 and 2016. They were great people. They were just really under-resourced and didn’t have the staff or the money to invest in building out new tools.
What had happened was that the DNC was largely inheriting tools built during presidential cycles. So in 2011 and 2012, the Obama campaign invested a bunch of money in creating a data warehouse … but between 2012-to-2015 the DNC just didn’t have the money and the resources to continue to innovate in that area. There was stagnation and there was atrophy of the warehouse.
Then after the convention, when Hillary inherited the DNC’s technology directly, there was a lot of work to do to shore it up and make it usable for the general [election]. The campaign had to spend a lot of money on data infrastructure and data staff to make sure that the warehouse didn’t go down every day or every week and make sure that it was robust enough to … kick off the campaign. That’s an example of something I really, really want to avoid for 2020. The goal is to be able to hand over a top of the line, brand new, fully built-out warehouse that the nominee never has to think a second about how much money they need to put into it or whether or not it’s going to stay up and whether or not they can run a query that’s more complicated because it just couldn’t work.”
On security in 2020: “In 2017 the DNC hired a really fantastic chief security officer who is part of the tech team. And he and his team have been focused on securing DNC systems, of course, but also on educating and connecting campaigns and state parties to security resources. Everything from teaching people how to use two factor authentication and to secure their Facebook accounts, to running webinars where they talk about misinformation or incident response plans and bring in people from Google, Facebook, YouTube, Twitter, and other partners to talk about the work they’re doing and how to escalate to them if needed. Security work is really exciting. It’s obviously critical, given where we are in the world right now.”
On protecting the polls: “Another area where we’re doing really, really innovative work now that is going to be incredibly impactful in 2020, as well as hopefully in 2019, is the work we’re doing that involves voter protection software. That’s another area where we are building a tool that allows different teams to track potential issues at polling locations … the power goes out or they are checking IDs when they shouldn’t be or vice versa, that data is collected, [for example]. Lawyers call those episodes in, they’re stored in software, and we can use that to track trends where there are issues with access to voting and that helps the legal team be able to stand up for the rights of voters to vote. It also helps, over time, to identify trends. Maybe there are specific counties or states that are continuing to show similar types of problems.
On improving the DNC’s tech strategy: Traditionally the DNC itself has really been at the mercy of the spiky fundraising that goes along with campaign cycles and because of that, it’s hard to have a sustainable investment in technology. A lot of people who have worked in the tech industry, as have I, are used to tech teams and tech programs [that] take years to develop. It’s continuity — culture takes time to build and it’s just hard for that to happen in a political organization that has this very pendulum-like funding model. Chair Tom Perez is really trying to break us out of that and I think tech is going to benefit so much from it. We are really in the process of changing the culture of the tech team to make it a destination for tech talent.”