California tackled bad jokes, cybersquatting to protect election

A fake, partisan website mirroring the Placer County election site. Inaccurate online claims that California was closing in-person voting. Multiple false claims that ballots were thrown away.

Those are among the more serious efforts to undermine California’s election that the state worked to shut down, according to public records obtained by CalMatters from the Secretary of State’s Office of Election Cybersecurity.

Records show the office also dealt with posts written by Californians who said they were simply trying to be funny. Vanessa Robinson, a fifth grade teacher, said she was joking when she posted a laughing emoji and wrote that white millennials should “voter suppress and gerrymander” their conservative-leaning parents. The Office of Election Cybersecurity worked with Facebook, Instagram’s parent company, to take down the post.

The Office of Election Cybersecurity partnered with private and public sector organizations to monitor, track and remove social media posts it deemed to be misinformation. A copy of its Misinformation Tracker, obtained through the state’s public records act, shows successes. But records also reflect a seemingly scattershot approach to problems that ensnared some people who say they never were contacted about posts the state deemed to be problematic.

The public records included correspondence between the Office of Election Cybersecurity and Facebook. CalMatters also asked for training materials used by the Office of Election Cybersecurity on how to spot and define misinformation but was told no such materials exist.

Misinformation Tracker documents include screenshots or descriptions of social media posts that were deemed misinformation, which platform the posts were placed on, and a color-coded tracking system that labeled the posts as removed, flagged or no action taken by the social media companies. The review found all requests for removal sent to Facebook were granted. Of 23 requests sent to Twitter, 15 were removed, one received a warning message, and no action was taken on seven. A Twitter spokesperson pointed to the company’s decision in the run-up to the 2020 election to apply warnings to misleading or inaccurate tweets.

The state’s scrutiny came during an election period in which 54 out of California’s 58 county registrars surveyed by CalMatters said misinformation at the local level was a major cause of concern. Registrars said they had to deal with misinformation stemming from the White House, internet conspiracies, allegations of dogs voting in the election and even unofficial ballot boxes.

A number of posts listed in the Misinformation Tracker wrongly claimed in-person voting was shut down across the state. Two deleted tweets highlighted the false claim out of Sonoma County that thousands of mail-in ballots were tossed in a dumpster.

Cybersquatting in Placer County

In Placer County, registrar Ryan Ronco realized he faced a serious problem when he was alerted to a website mimicking the appearance of the official county elections website, down to the same color scheme, identical photos and an official looking seal. Local officials asked for help from the Office of Election Cybersecurity and the federal Department of Homeland Security.

The Office of Election Cybersecurity emailed Facebook to alert it to the website and described it as cybersquatting, which is when a website is established to mimic another. The cybersquatting website was advertising on Facebook to promote itself and the state wanted Facebook to take action.

“It looked so close and mirrored a lot of the colors and style (of the official Placer County Elections website) and it was done intentionally,” Ronco said.

Aaron F. Park, president of the Placer County Good Government PAC, set up the site. The PAC bought ads on Facebook, which eventually removed three of the ads. Yet they received between 12,000 and 19,000 impressions before they were removed, according to Facebook’s Ad Library. Campaign finance documents show the Placer County Good Government PAC paid Facebook $4,546 for ads this election cycle, but Facebook’s Ad Library shows at most a $1,300 charge for ads.

One ad, which received the bulk of the impressions and was designed to be indistinguishable from the county’s official site, read: “Local Government Matters! They make decisions that affect you right where you live! Support law enforcement, security, schools and business. Click to see our picks for your community!”

Placer County served Park with a cease and desist letter, which Park says he ignored. Yet at some point, language was added to the site to indicate it was not an official county website. In an interview, Park insisted, “We followed all applicable campaign finance laws to the letter, including using a professional treasurer to ensure compliance with the law.”

He blamed “organized complaint drills” by people on social media to have his site removed “because they did not like us campaigning against the flawed candidates they supported.”

Ronco sees it differently. He said voters need to know they can easily access reliable sources.

“It’s important for voters to know they’re going to trusted sources to get their information,” Ronco said. “When they feel like they have been duped, then obviously that is going to erode confidence.”

Despite the efforts of the Office of Election Cybersecurity and Placer County officials, the deceptive site and its Facebook page still were live today and were allowed to continue advertising on Facebook throughout the election cycle.

Asked for comment, a Facebook spokesperson sent a copy of a report detailing changes made to prepare for the 2020 election. The report said that heading into election day, several teams in the Elections Operations Center at Facebook worked “to stop vicious activity — watching for threats in the form of organic content and issues ads, proactively detecting violating content including voter interference.”

Facebook did not respond to a question asking why the page still is live, or why the PAC was allowed to continue to advertise the deceptive website.

“Becoming cybersecurity experts is just one more thing that election officials now have on their list of things that we need to be,” Ronco said.

Humor? Or misinformation?

The state of California has “no written documents… of training materials that address how to spot and define misinformation,” according to its response to a public records request.

Claims are investigated and deemed to be misinformation if they violate California election law or a social media platform’s community standards, the response said.

The only document the Office of Election Cybersecurity could produce showing how to spot misinformation was from the Center for Internet Security — a non-profit focused on improving cybersecurity — stating the office should report anything false posted on social media about the 2020 General Election.

“Examples include, but aren’t limited to, dates of the election, mail ballot rules, information on ballots, polling place status, and election reporting procedures,” the document states.

These broad categories may explain why Vanessa Robinson, Tyler Kirsch and Dan O’Bryan were caught up in the state’s surveillance. The three posted what they said they considered jokes or parody; the state deemed it misinformation and asked Facebook and Instagram to remove it.

All three told CalMatters they had not heard of the Office of Election Cybersecurity, but were not surprised such a program exists. They did, however, express surprise that their posts caused concern and were removed.

“For my repost of a tweet to be flagged as misinformation is alarming to me because I am curious as to which parts of it fell under misinformation,” Robinson said. “This humor and parody that everybody is now so comfortably expressing around politics is how we are going to get more young progressives involved.”

Kirsch, a recent law school graduate, said he was shocked his post was deemed misinformation and entered in the database. He posted a screenshot of a tweet saying he would vote for President-elect Joe Biden if someone paid him $500 and if they didn’t, they were a supporter of President Trump.

“What’s the threshold for the state to think that my post is an issue that needs to be addressed?” Kirsch asked. But he said he’s more comfortable with state monitoring than just social media companies. “I can at least hold state officials accountable, I can call assembly members. I can’t do that with Facebook or Twitter.”

Facebook notified O’Bryan that one of his posts was removed, but he didn’t know which one until CalMatters asked him about a post included in the state’s Misinformation Tracker. O’Bryan said he was joking when he posted a picture of four “I voted” stickers and wrote, “Doing what I have to do to make sure Prop 22 is defeated! Maybe if you knew how to game the system you could get multiple ballots like I did,” in a private Facebook group for Uber and Lyft drivers.

After being alerted by Facebook that one of his posts was taken down, he blamed the company for not explaining why. He called the incident “one of the many failings of Facebook and the lack of communication between (the company and) the users.”

All three wanted to know how their posts ended up on the state’s radar given their relatively small social media followings. Jenna Dresner, senior public information officer for the Office of Election Cybersecurity, would say only that her office received complaints from Californians and federal partners and asked social companies to remove posts with viral potential that met the definition of misinformation or disinformation. Dresner defines the latter as posts that are intended to deceive.

“We don’t know how viral any post might go, so we investigate every complaint we receive to understand the extent by which it meets the criteria for election misinformation and report or respond as needed,” Dresner said.

Emails between Dresner’s office and Facebook show why some posts were considered misinformation. Staff called Robinson’s Instagram post a “clear example of voter suppression” in one email.

“Purposely… keeping someone from exercising their right to vote is a crime,” the email reads.

Kirsch said he was concerned his post remains in a state database and he didn’t know if he could have it removed. Dresner said the state keeps screenshots of the posts in its database indefinitely in order to maintain a public record.

“We do not refer back to these posts otherwise,” Dresner said. “If any Californian has a question about this process, they can contact VoteSure@sos.ca.gov.”

Votebeat is a national media collaboration about the administration and integrity of, and issues regarding, the unprecedented 2020 election. In California, CalMatters is hosting the collaboration with the Fresno Bee, the Long Beach Post and the UC Berkeley Graduate School of Journalism.