Guest Blog: What Campaigns Often Miss About Digital Safety… and what you can’t afford to overlook

Guest post by Ashley DeMartino, Head of Partnerships, Block Party*

Before a campaign launches, your team’s digital presence becomes one of your biggest, and most easily ignored, vulnerabilities. Years of old posts, forgotten settings, and sensitive data scattered across platforms can be weaponized to fuel harassment, trigger reputational crises, or open the door to security incidents.

For many first-time candidates, especially women and others at high-risk, fears of doxing and targeted harassment are enough to make them rethink running altogether. Staff, or anyone associated with a campaign, can also be targeted for harassment or a cyber attack.

The reality is that bad actors don’t need sophisticated tools; they rely on what's already public. With our personal and professional lives fully blended online, individual accounts can unintentionally expose the entire campaign. Across dozens of platforms, our posts, photos, likes, and location leave digital breadcrumbs revealing far more than people realize – where we live, our routines, our relationships, and other sensitive details that can be exploited.

What to do before launching your campaign

1. Secure your accounts and lock down your privacy settings

Humans remain the biggest entry point for organizational compromise – and in a campaign, that means your candidate, their family, your team, and even close friends of the candidate. When connection graphs and personal data are exposed, you create opportunities for targeted attacks and social engineering, which can exploit personal information and can ripple across the entire operation.

Consider:

  • Turning on passkeys for all accounts where available

  • Enabling two factor or multifactor beyond texted or emailed SMS codes when possible

  • Reviewing and tightening privacy and visibility settings

  • Auditing where personal information appears (old bios, forgotten accounts, tagged locations)

  • Standardizing security protocols across your team

  • Using varied usernames or pseudonyms where appropriate (even for things like deliveries and rideshare)

2. Safeguard your reputation before it’s tested

Anything publicly available can and will be surfaced, often out of context. Before launch, encourage your staff, your candidate, and their families to review their accounts and remove or archive:

  • Outdated or inconsistent opinions

  • Risky or overly personal photos

  • Jokes, memes, or comments that no longer reflect good judgment

  • Inflammatory likes, retweets, follows, or past associations

  • Posts tied to old controversies or irrelevant debates


How Block Party helps

Campaigns understand these risks, but rarely have the capacity to manually walk every team member through settings updates, content cleanup, or platform changes. Block Party automates these tedious but critical protections.

With Block Party, campaigns can:

  • Deep clean social accounts and settings in just a few clicks

  • Scan for exposures across 12+ platforms (from social media accounts like Facebook, X and Instagram, to your other online spaces like Venmo, Strava and Google)

  • Receive expert recommendations tailored to your personal risk profile

  • Mass delete, archive, or remove outdated content

  • Continuously monitor accounts for platform or setting changes

  • Standardize digital safety across every team member

Is social media data the gap in your campaign protections? Let Block Party automate your clean up. Learn more at www.blockpartyapp.com

*Block Party is a DDC cybersecurity vendor partner offering eligible campaigns BlockParty for free. If your campaign or committee is DDC eligible you can secure your whole team with Block Party for one-year for free and no in-kind reporting requirements. See eligibility here: https://defendcampaigns.org/fec-eligibility