<img src="https://ws.zoominfo.com/pixel/Gp2oBIDg9xlCLu0ZPKB4" width="1" height="1" style="display: none;">

Securing your Advocacy in an AI World: Understanding Authentication & Security

 

Tools like ChatGPT and generative AI pose significant challenges to digital communication between lawmakers and constituents and the industry of Grassroots Advocacy. These tools take spam and deepfakes to an entirely new level - where messages are indistinguishable from that of a real human author.

Over the last ten years Countable has been working on this problem by building tools that ensure advocates are who they say they are, that their views are authentically theirs, and that messages are delivered to and seen by their lawmakers. 

We look at this challenge in three ways:

  1. Balancing digital ease of access by all constituents - particularly those who do not have access to technology
  2. Protecting author authenticity, data privacy and message delivery
  3. Ensuring that the author is in fact who they say they are (that they are real humans and not bots) 

Methodology for Protecting User Authenticity 

Countable has developed a methodology for protecting user authenticity that aggregates the numerous touch points that our platform has with a user across their journey with our platform. Through this, we can develop a score for users, and their messages, that can be used to inform the recipient as to the user's likely authenticity. 

The score is built from the following attributes:

Leverage Existing Data & User History (Passive)
Verify users’ information and identity based on their user history. This could include: 

  • prior interactions with the website service, or lawmaker site / CMS, 
  • interactions with connected systems (e.g. Causes.com), 
  • based on matching with third party data sources (e.g. voter lists). 

Leverage constituent’s personally identifiable information (PII), on a hashed basis, such as their user history, IP Address, home address, phone number, etc., to validate their likely authenticity, including location data, matching to historical records, etc.

Email Validation
When a user creates an account or submits a message to their lawmaker through the Countable platform, they must verify their email address (a best practice). 

Account Creation with Password
When a user submits their first message they are also encouraged to create a unique account within the Countable platform, including a unique username and password. (We also offer a 2FA solution) 

Account Creation with a Third Party Service - like Facebook or Apple
Users can also create accounts using their Facebook or APple login credentials, or other third party credentials, adding further validation to their account and message sending. 

Account or Message Approval
Admins and/or Countable tools can also be used to gate any user sign up or user message being sent through an approval process. 

Address Submission
When a user submits a message to their lawmaker, in most cases, they must use an actual address within that lawmakers district. 

User Community Participation
The more a user participants within a Countable powered site - from authoring messages, to following other users, liking their contributions, having your contributions liked, building out your profile, earning badges and rewards, joining discussions, and generating videos - the greater their “score” and the greater confidence that they are in fact real. 

In Development:

Phone Number Validation
When a user submits a message to their lawmaker through either side of the CME, they are requested to verify their phone number using a one time code

Multi-Factor Identification
When a user submits their first message, they are prompted to validate their identity using a multi-factor authentication system like the US government’s e-Verify service, Hard Yaka’s Universal Namespace / Global.Id, or others. These systems enable a user to validate their identity using multiple factors, including their Drivers License, Passport, Bank Accounts, etc.

Multiple-Accounts - When a user uses more than one method of authentication - including creating their own account, also connecting their Facebook or Google Accounts.

Join the AI, Advocacy, and Politics Slack Group

 

FAQs

Countable is only one company in a much broader ecosystem, what are you doing to ensure that the Government, and other companies, make similar enhancements?

We are taking our approach to these issues to the broader Constituent Messaging Ecosystem(CME) and encouraging that everyone come together around shared solutions to these challenges. CMS vendors (like IQ and Indigov), the data pipes like CWC, and the Delivery Agents (like Countable and Phone2Action) work together to establish new standards by which we can protect Constituents’ right to access their lawmakers with countermeasures.

We recommend that all parties in the CME contribute and agree to a single standard. The scoring is based on passive and active actions that the constituent has taken, or can take, to increase the authenticity of their message now and in the future. 

Why is the system built on messages and not on the actual user?

Ultimately, the CME will need to move away from message-based scoring and authentication to user-based scoring and authentication. Currently the CME has a limited view into a user model, focusing instead on each message being a standalone object, without passing knowledge of the originator out of the originating system. 

Why isn’t there a common login that is used across all government systems that ensures my authenticity and identity?

The short answer - political will. The technology is available today and we could absolutely build a centralized and managed Google-style Login, that any organization can use and which can provide a central authority / database of constituent data and accounts.

Back to top

Learn more

[Video] Advocacy in the age of AI: Navigating the risks

[Article] Politicians can’t tell the difference between AI chatbots and human constituents

[Countable] - How Countable Protects Safety and Fights Against AI Deepfakes, Bots, and Spam