1Password for Democracy
https://blog.1password.com/introducing-1password-for-democracy/
Saw the great thing you guys are doing. This seems like a great way to contribute to vibrant elections and ensure those who make the cogs of democracy work.
One question though. Do those close to the ground, poll workers, inspectors, etc. count towards this or do you have to be literally the Secretary of State of New York to qualify? I think there are many people who contribute to making elections fair and poll workers often are underpaid and taken for granted. They are volunteers who take the time to make sure people have a chance to vote, rain or shine.
Thanks!
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Thanks for the kind words. :) If there is any question of if someone qualifies I’d encourage them to apply. They do not have to be an elected official to qualify. :+1:
Ben
0 -
In case you haven't, you may want to check with a lawyer who is familiar with US law. There's a good chance this is an illegal in-kind campaign contribution. :/
0 -
It's not a "contribution", and it's not exclusive to one "side" or another. It's the equivalent of those "take a penny, leave a penny" trays at convenience stores, just with enough pennies for everyone, and nobody's pants fall down from carrying them... I'll stop there. :lol:
0 -
Unfortunately, that is not how the FEC sees it. "An in-kind donation is the transfer of any other type of asset. In-kind gifts are contributions of goods or services, other than cash grants. Examples of in-kind gifts include: Goods, like computers, software, furniture, and office equipment, for use by your organization or for special event auctions."
Also refer to: https://www.fec.gov/help-candidates-and-committees/candidate-taking-receipts/who-can-and-cant-contribute/
I am not a lawyer, I just worked around a bunch in DC for a long time. This is exactly the sort of "offer made in good faith" sort of thing that doesn't seem like it would be a problem, but very much could be. Would highly recommend consulting a lawyer who has experience with FEC contributions.
0 -
The FEC has recently issued conflicting opinions on a similar program (Defending Digital Democracy: they want to offer free cybersecurity services to campaigns). The latest ruling from yesterday is here: https://www.fec.gov/files/legal/aos/2018-12/201812_1.pdf. Even if the FEC decides to approve this program, this ruling appears to be very narrow - only applying to DDC.
0 -
Clear as mud, eh? :lol:
Anyway, assuming that only political candidates will use 1Password this way is sort of missing the point. The FEC is irrelevant in all other instances. :)
0 -
Ok man. I hope y'all talk to a lawyer about this. Nothing more I can do if you don't want to listen though.
0 -
:) :+1:
0 -
I assume as a company they would have already consulted a lawyer on these kind of things especially since it involves politics zaccohn so I don't think there's any need to try and school these folks on the law and such
0 -
That is a really good point about in-kind contributions, @zaccohn. And the fact of the matter is that we did not consult a lawyer.
We will instruct candidates or campaigns to check with their election and filing authorities to find out whether they can accept this offer. If it turns out that this isn't something that we can meaningfully and usefully offer, we will have to scale back to offering to make sure that we don't run afoul of campaign financing laws.
0 -
@jpgoldberg Progress. Thank you for acknowledging the seriousness of the situation.
"We will instruct candidates or campaigns to check with their election and filing authorities to find out whether they can accept this offer"
Unfortunately, that's still not how this works. That's like offering a bribe, but telling them to only take it if it's legal. That doesn't absolve you of the crime.
I love your product. I don't want to see the FEC hit you with a fine. But as an international company, I don't understand why you are being so averse to consulting a lawyer familiar with a different country's election laws. Especially given your offer is essentially "Hey important US democracy organizations: why don't you give a foreign company all your passwords?"
0 -
I think it's definitely important to consider, but I think you're really blowing it out of proportion. Candidates for office regularly get gifts of expensive bottles of wine and fancy fruit baskets, etc., and they simply don't consume them in order to stay on the windy side of the law. I don't see the fruit-and-wine-givers being prosecuted. Also, we're not going to people and telling them to use 1Password. They'd have to come to us. Nevertheless, still good to raise the issue. However,
Especially given your offer is essentially "Hey important US democracy organizations: why don't you give a foreign company all your passwords?"
No. That's simply not how 1Password works. Please read the security white paper and let us know if you have any questions.
0 -
@jpgoldberg I'm on record on Twitter applauding 1Password's program here -- but I'll +1 @zaccohn's concern, as well as his comment appreciating your response and candor.
Given the scrutiny being applied to election security right now, as well as the overall partisan environment, if 1Password hasn't yet talked to a lawyer, it would be extremely wise to pay a lawyer familiar with US election law for a bit of their time on this one. Ideally it will confirm that what you're doing is fine and you'll feel better for it, but if it doesn't, then you will also be happy you paid for the advice.
@brenty Unfortunately, you're really not giving this proper attention, and are making a lot of layperson assumptions about campaign finance law that are not correct. I am not a lawyer or campaign finance expert, but I did work for years at an NGO (sunlightfoundation.com) that is/was quite active in US campaign finance policy and reporting and am broadly familiar with the concepts. It is not actually okay to give arbitrary gifts to candidates for federal office or to their campaigns, particularly gifts that directly aid their campaign. Many personal gifts may fall underneath a reportable threshold, or may be okay due to a pre-existing personal relationship with the candidate. In any case, small individual acts are much less likely to be given enforcement attention than corporate acts affecting a large number of campaigns.
Whether @zaccohn's legal concern turns out to be well-founded or not, it doesn't look good when 1Password staff are so dismissive of it, based on little apparent expertise with the legal field in question.
Also, whether it's relevant to the campaign finance law question or not, @zaccohn's point about trusting 1Password is completely correct. I'm familiar with 1Password's overall security model, which entirely depends on the integrity of 1Password's code and its consistent implementation of the security model its documentation describes. An evil 1Password could do plenty of damage.
0 -
At this point, what I can say is that drawn attention of some of our directors to this discussion, and this is now above my pay grade.
Everything that I know about the law comes from watching Perry Mason when I was a kid, but as soon as I read @zaccohn's comments, I recognized that there is enough of a possibility that if we don't do this carefully we may be in violation of election law in some countries and that we might be encouraging campaigns to violate their own laws.
Again, I don't know what will be decided. Perhaps we can just slap a "void where prohibited" text on the offer to cover our own backsides, but again, I am not a lawyer, and my untrained intuition is that we have to make it more clear that campaigns should check the laws of their countries.
What I don't think we will do is make reference to laws and regulations in any particular country. So while I think that the discussion here about the US FEC is very valuable, we need to recognize that our offer is world-wide. And this brings out another issue. We are a Canadian company, and so if accepting this offer is taking an in-kind contribution, it will be taking one from a foreign entity unless it is a Canadian. Presumably, there are even stricter restrictions and reporting requirements on that.
I do understand the rationale for the laws and regulations as described, but it is frustrating from our point of view. We wanted to do something simple and nice. It might still be nice (as long as we don't get anyone in trouble), but it may not at all be simple.
0 -
@jpgoldberg Pushing the envelope here is the right thing to do! And given the remaining time before the US elections, maybe it's worth accepting some risk around just getting this out there and working it out as you go. I hope 1Password doesn't conclude this was a mistake, because these sorts of initiatives are often how policy actually get clarified and updated. All I'm saying is that 1Password should be getting some advice on these matters as it does this.
0 -
Given the scrutiny being applied to election security right now, as well as the overall partisan environment, if 1Password hasn't yet talked to a lawyer, it would be extremely wise to pay a lawyer familiar with US election law for a bit of their time on this one. Ideally it will confirm that what you're doing is fine and you'll feel better for it, but if it doesn't, then you will also be happy you paid for the advice.
@konklone: Yep. That's what lawyers are for. I think that sounds like a good idea. :)
Unfortunately, you're really not giving this proper attention, and are making a lot of layperson assumptions about campaign finance law that are not correct. I am not a lawyer or campaign finance expert, but I did work for years at an NGO (sunlightfoundation.com) that is/was quite active in US campaign finance policy and reporting and am broadly familiar with the concepts. It is not actually okay to give arbitrary gifts to candidates for federal office or to their campaigns, particularly gifts that directly aid their campaign.
I still disagree with this characterization since we're not reaching out to "give arbitrary gifts" to anyone; they would have to come to us. And of course to talk about this only with regard to political candidates sort of misses the point. But you're totally right: campaign law isn't our area of expertise. And since you'd indicated that it isn't yours either, I think it's best we leave it up to the professionals rather than trying to hash this out in a technical support forum, specifically about the FEC especially, since, as Goldberg rightly points out, the US isn't the only country in the world. Better safe than sorry!
Also, whether it's relevant to the campaign finance law question or not, @zaccohn's point about trusting 1Password is completely correct. I'm familiar with 1Password's overall security model, which entirely depends on the integrity of 1Password's code and its consistent implementation of the security model its documentation describes. An evil 1Password could do plenty of damage.
That's why we built it the way we did, with us never having the "keys" to anyone's data. If we did have them, we wouldn't have to be "evil" in order for our customers to be harmed; we could make a mistake which allowed an attacker to access them, or simply be broken into like so many companies are these days. So we avoid having any of our customers' secrets in the first place. There's too much at stake.
Pushing the envelope here is the right thing to do! And given the remaining time before the US elections, maybe it's worth accepting some risk around just getting this out there and working it out as you go. I hope 1Password doesn't conclude this was a mistake, because these sorts of initiatives are often how policy actually get clarified and updated. All I'm saying is that 1Password should be getting some advice on these matters as it does this.
Agreed 100%. A big thanks to you and to @zaccohn for the discussion! I apologize if I caused any offense, but I think it's important to take advice from self-described non-experts with a grain of salt and consult actual experts. That's nothing against you good folks; this is out of my area of expertise as well: I would hope no one would rely on me for medical advice either! So we'll leave it up to those better informed. Cheers! :chuffed: :+1:
0
