On July 30, 2019, a federal judge dismissed a lawsuit filed by the Democratic National Committee (DNC) against Donald Trump’s presidential campaign, campaign leaders, WikiLeaks, Russia and others related to the Russian hacking of Democratic Party computers and the dissemination of electronic material stolen to help Trump’s election prospects. Politics aside, the lawsuit, which was filed in April 2018 and has now been dismissed “with prejudice,” underscores the extent to which organizations are susceptible to cybersecurity threats
In the lawsuit, the DNC claimed that Russia, whose intelligence operatives in 2016 infiltrated the computers of the Democratic Party and the campaign of its eventual presidential nominee, Hillary Clinton, had found in the Trump campaign “a willing and active partner in its effort.”
U.S. Federal District Court Judge John Koetl rejected the DNC’s primary contention that the Trump campaign, campaign aides and Trump allies abetted the theft of the emails by encouraging WikiLeaks to publish the messages and by urging they be released when they would be of maximum political benefit to then-candidate Donald Trump. Specifically, Koeltl held that such actions were protected by the First Amendment when taken by people not involved in the actual hacking. Thus, he held that the DNC could not establish that these defendants were liable for aiding and abetting publication when they would have been entitled to publish the stolen documents themselves without liability.
He further found that the DNC’s suit did not allege that anyone beyond the Russian Federation took part in the hacking of the Democratic Party computer systems or email accounts. However, although the “primary wrongdoer in this alleged criminal enterprise is undoubtedly the Russian Federation,” a lawsuit against that government is barred by the Foreign Sovereign Immunities Act. The decision did not bar the DNC from filing a new action, but Judge Koetl noted that the DNC had already amended its complaint twice, and said he had no reason to believe that what he called the “fundamental defects” in the latest version of the lawsuit could be cured.
Although the lawsuit raised concerns regarding the propriety of elections in the U.S., it also highlights larger issues regarding vulnerabilities in the cybersecurity measures implemented by organizations, including those within the government. Although the DNC has taken steps to improve its cybersecurity posture, there are those that believe that weaknesses still exist.