August 30, 2019 FR: Bob Lord, DNC Chief Security Officer; Nellwynn Thomas, DNC Chief Technology Officer TO: DNC Rules and By-laws Committee RE: DNC Technology and Cybersecurity Recommendation regarding Iowa and Nevada Delegate Selection Plans The Rules and By-Laws Committee requested assistance from the DNC’s technology and cybersecurity staff in reviewing the Iowa and Nevada Democratic Party’s proposed delegate selection plans, and specifically the incorporation of new virtual or phone caucusing technology. The review included the following actions: ● Reviewing preliminary technical plans, data flow designs and vendor contracts in coordination with the Iowa and Nevada Democratic Parties; ● Monitoring developments in the overall cybersecurity threat landscape; ● Consulting with security experts with deep experience in cybersecurity systems and/or election systems. First, we applaud the work of the Iowa and Nevada Democratic Parties -- they have worked diligently and systematically to seek innovative solutions to expand access to their caucuses. We recognize the importance of these states in the primary process and the unique organizing opportunities that the caucus format provides in these states. Based on our review process and the recommendation of security experts, we have concluded that currently, there is no tele-caucus system available that is sufficiently secure and reliable, given the magnitude and timing of the Iowa and Nevada caucuses this cycle. We base our recommendation in significant part on the current cybersecurity climate and our evaluation of the active threats to the integrity of the U.S. election -- including the recent U.S. Senate Intelligence Committee ​report​ on Russian interference against our election infrastructure. As we saw in 2016 and 2018, there are a number of sophisticated potential adversaries -- and the Trump administration and Republican leadership have failed to dedicate significant resources, or even speak out against those who seek to interfere in our election. For all of these reasons, we recommend to the Chair of the DNC and the DNC’s Rules and By-Laws Committee that they work with both state parties to execute a caucus that does not use the proposed virtual caucus technology. Bob Lord, DNC Chief Security Officer Nellwyn Thomas, DNC Chief Technology Officer