Cybersecurity experts worry about census data

Shutterstock image By Pasko Maksim Stock vector ID: 591206291 

With approaches to election security still up in the air, a group of former cybersecurity officials are concerned about the cybersecurity of another democratic foundation: the decennial census.

In a July 16 letter to acting Director of the Census Bureau Ron Jarmin and Commerce Department Secretary Wilbur Ross, the former officials stressed the importance of the security of data collected by the bureau's first-ever electronically based survey and pushed the bureau to publicly share plans for how it plans to protect that information.

The signatories include former White House Cyber Coordinator Michael Daniel, former Office of Director of National Intelligence General Counsel Robert Litt, former State Department cyber lead Christopher Painter and Mary McCord, who formerly served as acting assistant attorney general for national security.

"Ultimately, the accuracy of the 2020 Census will be improved by enhancing the public's confidence in the secure collection and safe storage of that information," they wrote.

Census has listed public perception of the bureau's ability to safeguard response data and the prospect of a cybersecurity incident among its "major" risk areas for 2020.

However, the group noted, despite congressional and public request, the bureau has not publicized how it "is implementing even the most basic cybersecurity practices," such as whether two-factor authentication will be required to access collected data and whether data will be encrypted.

Among the information collected by the decennial is the age, race, relationship and -- for the first time since 1950 -- the citizenship status of people living in the U.S.

The signatories said they believe that publicly sharing how the bureau plans to protect that data will help boost confidence in the results and help make the count as accurate as possible.

"Such transparency and leadership would boost public confidence and also allow cybersecurity experts outside the government to offer assistance in addressing any concerns that they might identify," they wrote.

Alternatively, the former officials recommended the bureau could "at a minimum … retain a reputable outside cybersecurity firm to conduct an end-to-end audit of current plans for data protection associated with the 2020 Census."

Earlier this year, Census CIO Kevin Smith said the bureau has been working with the intelligence community and private industry, including social media companies, to help prepare for these risks and boost public trust.

Census did not respond to a request for comment, and it has previously declined requests to speak with officials about the census's cybersecurity.

About the Author

Chase Gunter is a former FCW staff writer.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.