Political parties often profile voters, using social media and publicly available data like voting records to figure out just who each individual voter is. This is why Ted Cruz wanted to scrape your Facebook, and why so many Senators voted to allow your ISP to spy on you. Needless to say, even just looking at publicly available sources, they can gather a lot of data about you and your personal tastes. Which is exactly the kind of stuff you probably shouldn’t leave lying around on a public server, and yet, that’s exactly what GOP data firm Deep Root Analytics did.
Gizmodo has an in-depth look at Deep Root’s horrifying error, which left the information of nearly 200 million Americans, including their names, home addresses, and voting records, out in public on an Amazon server where anybody could find it:
Along with home addresses, birthdates, and phone numbers, the records include advanced sentiment analyses used by political groups to predict where individual voters fall on hot-button issues such as gun ownership, stem cell research, and the right to abortion, as well as suspected religious affiliation and ethnicity. The data was amassed from a variety of sources — from the banned subreddit r/fatpeoplehate to American Crossroads, the super PAC co-founded by former White House strategist Karl Rove.
In other words, the data contains looks at what you might believe based on what you’ve posted to Facebook, Reddit, and other accounts, potentially under a supposedly anonymous alias. It appears that Deep Root made the same mistake so many others do, assuming that because a URL isn’t publicly available, it can’t be accessed by the public. However, you can easily find these by searching for “publicly available” S3 buckets on Amazon.com. As a result, a giant amount of voter information and data has been released into the wild. Perhaps, considering the Trump administration’s utter contempt for cybersecurity, this isn’t surprising. But considering the issues of the last election, it should be deeply worrying.