Abstract
This paper outlines a proposed conceptual framework for establishing a Democracy Vulnerability Exposure (DVEX) risk management system for America based on a STEM approach that is analogous to the cybersecurity Common Vulnerability Exposure (CVE) system created and run by MITRE under DHS/CISA sponsorship along with the NIST National Vulnerability Database. The primary objective of DVEX is to systematically identify, catalog, and mitigate vulnerabilities and their exploits that are known to exist within our democratic system starting with the most critical vulnerabilities that have remained codified and unchanged within the US Constitution since our founding pertaining to presidential minimum qualifications.
The Risen Threat
Recognizing the increasingly hostile attacks on democracy itself using tactics such as disinformation, psychological warfare, cyber-warfare, electoral interference, threats of violence, and violent insurrection, the DVEX system aims to enhance the resilience of American democracy with repeatability, measurability, consistency, and at scale.
From a psychological and emotional standpoint, DVEX will serve as a “de-vexification” or "de-toxification” framework, an antidote if you will for the American people who have been psychologically abused by fake news, and by social media platform accounts and talking heads leveraged by hostile actors like Russia. DVEX approaches this problem using science, math, engineering, technology (STEM), and the generally accepted investigatory professional best practices already practiced in the DOD and intelligence agencies.
If we can come to a consensus on a set of goals and a DVEX “system design” using a repeatable and un-biased STEM-based methodology to reduce and eliminate democracy’s most critical vulnerabilities, we can wring out the partisan rancor vexing us all that’s been stoked and amplified by Russian agitation propaganda over the last decade.
The DVEX Framework
Like the cybersecurity CVE system maintained by MITRE under DHS sponsorship, the proposed DVEX system will operate as an open and collaborative platform, engaging experts from various fields such as political science, cybersecurity, law, sociology, and psychology. The system will function by collecting, analyzing, and disseminating information about identified vulnerabilities in democratic processes and institutions and their known exploits.
These vulnerabilities may range from legal and procedural loopholes, high office qualification shortcomings, technological and social susceptibilities, and guidelines and guardrails that are not yet codified in law that should be. These vulnerabilities can be exploited to undermine democratic system integrity and endanger our freedom and our physical and psychological well-being and that of our children.
Common Democracy Vulnerability Enumeration
(i.e., DVEX-2024-0001, -0002, etc).
Key features of DVEX include a standardized democracy vulnerability identification, enumeration, and classification system that would include a description, a risk assessment, whether exploits already exist “in the wild” and regular publication of vulnerability and exploit disclosures with unique identifiers and names, such as:
DVEX-2024-0001: Lack of Presidential Top Secret/SCI Security Clearance Background Check With Full-Scope Polygraph Pass as a Presidential Qualification
As the prime and first example, and this stems from my own personal experience having been vetted and polygraphed by the Defense Security Service when I was a 19-year-old Airman First Class due to my Top Secret/SCI job responsibilities, I consider DVEX-2024-0001 to be the most critical, highest risk, and most imminently dangerous vulnerability of all. It has several already- known exploits and represents the clearest and most present danger to democracy since the civil war.
If a democracy emergency security patch for DVEX-2024-0001 is not rapidly developed and deployed well before the 2024 general election, this vulnerability could arguably result in the fall of American democracy as early as January 21, 2025 in a worst-case scenario.
This vulnerability’s description self-identifies the necessary security patch: Add the failure of a TS/SCI DOD security clearance background check with full-scope polygraph as a presential disqualifying criteria to Article II, Section 1, Clause 5, through emergency Constitutional amendment.
I would note that this is not a political process, it’s a proven, investigatory, and STEM-based system already in place within the DOD and our intelligence agencies. We only have to apply this vetting standard and process to the most powerful office in the free world: The US President and Command in Chief.
System Design Specifications, Development, Fielding, and Operation
DVEX will catalogue and track the design, development, and fielding of “democracy security patches” to mitigate the identified risks through legislation, by referendum, through the courts, by executive order, or through other non-violent or procedural means. This may include emergency recalls, temporary suspension of presidential powers while due process is afforded, rapidly convened special elections, or through voter referenda. The system will also provide a forum for experts and stakeholders to brainstorm, discuss and prioritize vulnerabilities in a manner that would be open for public comment, fostering a proactive and collaborative approach to strengthening democracy.
Through this initiative, DVEX aims to serve as a critical tool for policymakers, electoral bodies, civil organizations, and the American people, offering comprehensive insights and strategies to fortify the foundations of American democracy against known, emerging, evolving, and future threats not yet contemplated; like the 9/11 attack vector that before 9/11, was literally unthinkable.
The 9/11 Vulnerability Exposure and Mitigation Process Analogy
I consider the 9/11 terrorist attacks to be the most devastating vulnerability exploitation by an American enemy since Pearl Harbor. The Saudi Al-Queda terrorists that took flying lessons in Florida flight schools were focused only on take-off and navigation, not landing skills. Those simple, obvious dots were not connected. It was a glaring red flag missed by the FBI, the FAA, and the flight school instructors because it was a never-before-contemplated exploit, a "zero-day exploit" of a "zero-day vulnerability" that had sat unpatched in our aviation, intelligence, and military defense apparatus.
The Democracy “Emergency Security Patch”
In this way, DVE-2024-0001 is a vulnerability that requires an “Emergency Security Patch” that must be fielded no later than the end of Q2, 2024, irrespective of who wins their respective party nominations. If a nominee fails a presidential polygraph or an undisclosed foreign entanglement with a hostile foreign power is discovered during the background investigation, their party need enough time to select another nominee.
The Dictator-Mole in Waiting Scenario
Donald Trump is now literally proclaiming out loud, on national television, that on January 21, 2025 he will act as dictator, supposedly, for one day. If he follows through and does assume dictatorial powers that day, he will be free to break his word and will act on day one to abuse those powers and will grant himself an indefinite extension, just like Vladimir Putin does. With self-bestowed dictatorial powers, he can create a contrived, false-flag operation, declare a national emergency, invoke the insurrection act, declare martial law, call in the military, and even seize the guns of citizen militias and unaffiliated gun owners. It will be chaos in the ranks with our military and reserve and National Guard officer and NCO corps, with Trump-loyal officers pitted against democracy-loyal officers. And I mean this in the literal sense.
That’s right, Michigan militiamen, Proud Boys, and Oath Keepers. What’s to stop Trump from seizing your guns once dictator? Mark my words, there’s a high risk that yes, he’ll be coming for your guns because, and I know you believe this to be true, Americans just won’t stand for a fascist dictatorship. Because of that, Trump will move to disarm you to remain in office. Or, perhaps he’ll order his loyalist troops to fire on unarmed or armed civilians peacefully protesting. But this time, it won't be with rubber bullets like he did in Lafyette Square in the summer of 2021.
Who among us will stand up to M-1 Abrams tanks, Bradley Fighting Vehicles, Javelin missiles, and Apache attack helicopters flown by Trump-loyalist pilots and deployed around and over LaFayette square and the White House ellipse and a Trump-seized US Capitol and Supreme Court building complex?
Equal Treatment Under Law
The Biden Example: As to President Biden, he’s not excused from presidential vetting as a sitting president. Equal application under law must rule. While there is as of yet no credible evidence that I've seen that he’s committed any felonies or has been compromised by, say, China, we must assume what is called a “Zero Trust” posture and work forward from there. It’s possible he could have already been compromised, no matter how remote one may believe that likelihood to be. This is not an accusation: It's a thought exercise. If Biden were already compromised, he wouldn’t pass his TS/SCI with full-scope polygraph background investigation either.
As I said, DVEX is a system-engineered solution to the democracy vulnerability and exploit problem based on STEM and tried and true DOD security clearance background investigation best practices. It's not based on partisan political domestic agendas, nor on hostile foreign power agendas. It can stand as a bulwark against self-serving, science-denying partisan demagoguery and against those in public office that may have been compromised by a hostile foreign power or criminal organization.
By approaching this problem in this methodical and systematic way, and by doing it rapidly and continuously improving it, we can secure the blessings of liberty for our children and future generations. We must re-engineer the safeguards of American democracy in order to form a more “technically excellent” Union.
While it’s nice to shoot for a “more perfect” union, in this endeavor, perfect should be considered the enemy of the good, and speed has a quality of its own. Speed and technical excellence over perfection. “Agile systems programming” with constant iteration is what is necessary in this most dangerous of times. In the end, a rapidly developed and “technically excellent” solution is what is needed, now, to prevent the fall of American democracy in 2025 and beyond.
A Deeper Dive on DVEX-2024-0001
DVEX-2024-0001:
Description: There is no requirement in the US Constitution for passing a Top Secret/SCI DOD background check with full-scope polygraph to run for or serve as President and Commander in Chief, even though access to TS/SCI information is necessary to act responsibly and effectively in that capacity.
Known Exploit: A presidential candidate can lie about past and current entanglements with hostile foreign powers and hide it from the public and our DOD and intelligence agencies and the FBI and never get caught.
Risk Level: Extremely High
Impact: The fall of American democracy and the imposition of a fascist dictatorship behold to Vladimir Putin or some other hostile foreign power as early as January 21, 2025.
Threat: Imminent. The presumptive Republican nominee in the 2024 presidential election has already made the public threat to declare himself dictator on day one. A dictator, even for just a day, is still a dictator. This standard of review, which must be equally applied irrespective of party affiliation, would also serve to disqualify Joe Biden from holding office were it discovered during a polygraph examination that he was compromised by, say, China.
Note: Whether one believes that candidate Donald Trump actually sent his personal lawyer Michael Cohen to Moscow to secretly negotiate a Trump Moscow Hotel deal in 2016 while keeping it from the American people and our intelligence agencies and the DOD, is irrelevant. In an abundance of caution, we must assume a "zero-trust" security posture for purposes of policy and statute: Exposing and mitigating this critical known vulnerability is an American imperative, for both parties and for the American people.
Emergency Constitutional Security Patch: To serve as commander in chief one must have 24/7 access to TS/SCI information to carry out Presential duties. A new Presidential qualification is needed for sitting presidents and candidates to voluntarily submit to the existing TS/SCI background check with full-scope polygraph process already in place in the DOD, in addition to the existing financial disclosure requirements required by federal statutes and FEC regulations. The candidate or sitting president must pass this vetting process. This patch needs to be in place by the end of Q2/2024.
Constitutional Remedies: Article I, Sections 2 and 3; and Article 4, Clause 1 of the 25th Amendment. The 25th Amendment is designed to ensure continuity of government in the event that a president is incapacitated or otherwise unable to fulfill the responsibilities of the presidency. It has never been invoked to permanently remove a president from office and its language is vague and open to subjective interpretation. A failure to voluntarily submit to, and/or a failure to pass the standard TS/SCI security clearance back-ground check with full-scope polygraph requirement, must be codified as an automatic disqualification under amended Article 4 language, which needs to explicitly state this plainly.
A reasonable inference one can draw from the existing language is that if a sitting president can be "unseated" under article 25 if he is unable to perform, specifically, his Top-Secret-level Commander in Chief duties, the same standard would also reasonably apply to presidents-elect. This would constitutionally require the vice president-elect to assume office on January 21st, instead of the president-elect that has failed his polygraph examination. Under our current system, a Russian- or Chinese-compromised mole can be elected president because the candidate has undisclosed and undiscovered foreign entanglements, and who can say how the Russians or Chinese may have blackmailed or bankrolled the candidate over the years prior.
Without the ability to obtain and maintain a TS/SCI security clearance, a President cannot perform the most important and critical of his or her presidential duties. Section 4 of the 25th Amendment states that if the vice president and a majority of the Cabinet transmit to the President pro tempore of the Senate and the Speaker of the House of Representatives their written declaration that the president is unable to perform the duties of the office, the vice president immediately assumes the powers and duties of the office as acting president. In the event of, say, a polygraph test failure, this should be an automatic and permanent removal from office. A sitting president can be compromised while in office, while running for office, or could have been compromised decades before running for office. An ex-president can be compromised.
Next Up...
DVEX-2024-0002
DVEX-2024-0002: A monolithic DOJ policy prohibits indictment/arrest of a sitting president irrespective of how horrendous the alleged crime may be (i.e., mass murdering people on camera in the middle of Fifth Avenue in broad daylight, then doing it again the next day)