Cyber agency tried to hide 'unconstitutional outsourcing' of censorship amid backlash: GOP report

State and local election officials used a federal portal intended for reporting supposed misinformation to instead "silence critics and political opponents" including Texas GOP Sen. Ted Cruz, according to a report by Republicans on the House Judiciary Committee. 

The portal was funded by the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, and the report was interim and compiled by GOP staffers on the committee.  

Fearing political blowback after the department's Disinformation Governance Board brought unwelcome "national awareness" to the subject in spring 2022, members of CISA's subcommittee on misinformation, disinformation and "malinformation" (MDM) tried to mask its activities, the report found, citing internal meeting notes. (The board was disband in August 2022.)

Just the News reported last fall on CISA's leading role in the Election Integrity Partnership, a private initiative to mass-report purported misinformation to tech platforms for removal, throttling and labeling in the 2020 and 2022 election cycles. Its self-reported success rate in 2020: 35%. 

In response to the House Judiciary report, CISA called "patently false" any claim that it has ever "censored speech or facilitated censorship," asserting that it works "in plain view" to mitigate the "risk of disinformation by sharing information on election literacy and election security with the public and by amplifying the trusted voices of election officials across the nation."

The MDM subcommittee explicitly recommended what Republicans on the House Judiciary Committee and its Weaponization of the Federal Government Subcommittee deemed in their draft report "unconstitutional outsourcing" – engagement in "content- and narrative-specific mitigation efforts" through funding outside groups.

The nonprofit Center for Internet Security asserted in its "election infrastructure misinformation portal," funded by CISA, that officials should not report "polarizing, biased, [or] partisan" content, "inaccurate statements" or "broad" claims about "the integrity of elections."

Yet the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) uncritically passed along such reports to social media companies, showing itself to be CISA's "external censorship arm," according to the Judiciary GOP, reproducing redacted emails. 

A government official in Loudoun County, Virginia, just outside Washington, D.C., reported a tweet described by the interim staff report as "unedited video of a county official" because, the reporting official said, it was intended to "discredit the word of" that person.

The effort was "connected" to a parent group that opposes critical race theory, the reporting official said, showing it was a "politically motivated censorship attempt," Judiciary GOP said. 

Cruz's social media comments were reported to EI-ISAC because the Texas senator asked rhetorically why "only Democrat blue cities" take multiple days to count votes.

A Pennsylvania secretary of state employee called the Facebook post and tweet "misleading" by "insinuating" there was "something nefarious … in the counting process." 

CISA officials and MDM Subcommittee members often discussed how the agency could "surreptitiously outsource its surveillance and censorship to non-governmental third parties," in the report's words. Meeting notes show the participants acknowledging CISA's "highly limited scope … in terms of social media monitoring" as well as the "sensitivities, beyond legal ones," and global "perception" of the public-private partnership.

Months after subcommittee member Suzanne Spaulding, a former CIA legal adviser, warned the government cannot ask "an outside party to do something the intelligence community cannot do," she nonetheless recommended CISA "rely upon third parties" to monitor MDM and notify CISA about it.

Spaulding and CISA Election Security Initiative chief Geoff Hale proposed in April 2022 – just two weeks before the Disinformation Governance Board's debut -– using ISACs as the source of "trusted information" actually coming from the feds "to avoid the appearance of government propaganda," meeting notes show.

The uproar over the Disinformation Governance Board, soon followed by Missouri and Louisiana attorneys general suing the Biden administration and CISA for allegedly coercing social media to censor, sent the MDM Subcommittee scrambling.

Participant Kate Starbird of the University of Washington's Center for an Informed Public proposed "refining" the subcommittee's name so it wouldn't be confused with the board, and then-Twitter Chief Legal Officer Vijaya Gadde "cautioned the group against pursuing any social listening recommendations" for its parent committee's next meeting. 

Starbird told the subcommittee the following week she had nixed the word "monitoring" throughout its recommendations to CISA and said participants should reflect on the "disinformation board debacle" at its upcoming meetings. 

In emails, she and Spaulding discussed meeting with "CISA's comms and legislative folks" to figure out how to "socialize what we're doing" in light of growing scrutiny. After this was broached in a meeting, CISA’s Megan Tsuyi warned Starbird against sharing this "pre-deliberative" work with outsiders.

Meeting notes suggest that Spaulding wanted to hide "the full scope" of the MDM activities, Judiciary GOP says, by explicitly referring to elections in recommendations while calling on CISA to "examine MDM beyond elections."

In late July, CISA senior election adviser and former Washington Secretary of State Kim Wyman noted the agency was "transferring" its "switchboarding" function to ISACs in light of the AGs' lawsuit.

Brian Scully, CISA's MDM chief, acknowledged in a deposition that CISA knew this go-between role played by the agency "would trigger content moderation," the report states.

Scrutiny of CISA and Judiciary subpoenas to tech companies had the agency in full coverup mode by late February, according to Judiciary Republicans, noting its MDM webpage that referred to "domestic threat actors" was now redirecting to a page on "Foreign Influence Operations and Disinformation."

The report accuses the Justice Department of interfering with state public records requests to Starbird's UW to "shield CISA from public scrutiny of its unconstitutional practices," citing an assistant U.S. attorney's request to Starbird to turn over relevant documents to DOJ in case it wants to sue to "protect them from disclosure."

The records show that CISA has developed an "elaborate social media censorship apparatus spanning multiple organizations" that has "no constitutionally viable legal authority" to justify it, Judiciary Republicans said.