Elections

Elections are where the politics of APIs stops being abstract and becomes a question about democracy itself. I’ve watched APIs play both roles in the electoral process — the constructive role of civic infrastructure that informs voters and makes government transparent, and the corrosive role of surveillance and manipulation infrastructure that was weaponized against the electorate. The same technology that can tell you where your polling place is and what’s on your ballot is the technology that delivered millions of people’s psychological profiles to political operatives. APIs are not neutral in elections. They are a layer of power, and how that power is governed — or left ungoverned — has direct consequences for whether elections are free, fair, and informed. This is the topic where I’ve felt the political stakes of API Evangelist most acutely, because elections are where the abstract debates about access, control, and oversight cash out into real democratic harm or benefit.

The constructive side is real and worth defending, because it shows what APIs in elections can be when they serve citizens rather than exploit them. Google’s Civic Information API, which I wrote about in 2013, was a genuinely good thing — an embeddable, accessible way to get polling place locations, candidate information, and election officials’ details to voters who needed them. I wrote in 2015 about the opportunity for APIs dedicated to elections at the city, county, state, and federal levels, because election information is exactly the kind of public good that should be available programmatically — real-time results, polling locations, ballot information, registration status. When FiveThirtyEight shared the election data behind their articles and visualizations in 2020, that was the healthy version of election data as an open resource: rigorous, transparent, available for anyone to analyze and check. Election APIs done right are democratic infrastructure — they reduce the friction between citizens and the information they need to participate, and they make the electoral process more transparent and verifiable rather than less.

Government transparency APIs are the deeper civic foundation, and I spent real energy on them and mourned their losses. The Sunlight Foundation built some of the most important civic APIs ever made — Congress data, campaign finance, state legislatures, political party fundraising — and when Sunlight wound down its work, I wrote about identifying and preserving that work, baking transparency into projects, and getting the data onto GitHub so it would survive. Sunlight’s APIs were how journalists, researchers, and citizens could follow the money and watch the legislature, which is foundational to holding elected power accountable. I reviewed their Congress API as far back as 2011. And the We the People API, which I called significant in 2014 as the first modern read-write web API in government, mattered because it let citizens not just read government data but write to it — petition, participate, be heard. That read-write capability is the technical expression of democratic participation, and it pointed at a vision of APIs as civic engagement infrastructure rather than just transparency infrastructure. Obama’s 2012 directive that all federal agencies have an API was part of this hopeful era when it looked like government APIs would systematically open the state to its citizens.

And then Cambridge Analytica happened, and it became impossible to talk about APIs and elections without confronting the dark side. The Cambridge Analytica scandal was, at its core, an API story. Facebook’s API had allowed the harvesting of tens of millions of users’ data — and the data of their friends, who never consented to anything — which was then used to build psychographic profiles for political targeting. I wrote in 2018 about Facebook, Cambridge Analytica, and the fundamental question of knowing what API consumers are actually doing with our data, because that was the heart of the failure: Facebook had built an API that gave away enormous amounts of personal data while having essentially no oversight of how that data was used downstream. I argued that Facebook’s business model was out of alignment with their API management layer — that a company whose revenue depended on maximizing data flow had no incentive to govern that flow responsibly, and the API was where that misalignment became a democratic catastrophe. The tools to control this existed. API management, with its keys, logging, rate limits, and audit trails, is exactly the technology you’d use to know who’s accessing what data and why. Facebook chose not to use it that way, because using it that way was against their interests.

The quiet deprecation of the Facebook Audience Insights API in 2017 was a smaller but revealing episode that I made a point of documenting. Facebook quietly shut down the Audience Insights API that had been used to automate targeting during the election — and the quietness was the tell. When a platform deprecates an API used for election manipulation without announcement or accountability, it’s managing its liability, not addressing the harm. This connects to a broader pattern I’ve written about extensively: APIs being taken away. After the election interference scandals, Facebook, Twitter, and Instagram dramatically restricted their APIs, and I wrote in 2018 about living in a post-Facebook-Twitter-Instagram API world. But the lockdown was a double-edged response — yes, it limited some malicious access, but it also cut off the researchers, journalists, and watchdogs who needed API access to study and expose the very manipulation the platforms were now claiming to address. The platforms used “election integrity” as cover to close their APIs to everyone, including the people holding them accountable, which served the platforms’ interests more than democracy’s.

The oversight failure is the political lesson I keep returning to, because it implicates more than just the platforms. I wrote in 2018 that government has benefited from the lack of oversight at social media API management layers as well — meaning that the same ungoverned API access that enabled Cambridge Analytica also enabled law enforcement and intelligence access to social data, and government was in no hurry to regulate a surveillance capability it was itself using. The bot problem compounds all of this: I wrote about the waves of API-driven bots invading our shores and the role APIs play in online trolling and coordinated manipulation, because automated, API-driven accounts are how disinformation and harassment campaigns scale during elections. The API is the mechanism that lets a handful of operators wield the influence of millions of fake voices. By 2020, APIs were at the center of the FTC’s lawsuit against Facebook — the regulatory system finally treating API-enabled data practices as the antitrust and consumer-harm issue they always were.

The hard, honest framing I’ve landed on is that the closing of the social media APIs left us worse off in a specific way, even though the manipulation was real. Twitter and Reddit’s API lockdowns, which I called canaries in the public API coal mine in 2023, are part of this story — the era of open social APIs that researchers used to study political discourse, track disinformation, and hold platforms accountable has ended, and what replaced it is opacity. We went from a world where the APIs were dangerously open to a world where they’re defensively closed, and neither serves democracy well. The open era enabled Cambridge Analytica; the closed era enables platforms to operate without external scrutiny. The thing we never got — and the thing I keep arguing for — is the governed middle: APIs with real oversight, real accountability, real transparency about who accesses what, that enable legitimate research and civic use while preventing mass exploitation. That governed middle is a political choice the platforms have consistently refused to make because it constrains their business model.

When I wrote my post-election guidance in 2024, and when I’ve emphasized the politics of APIs in pieces like the 2023 essay, the throughline has been that elections are the highest-stakes test of everything I believe about API governance, access, and power. APIs can strengthen democracy — through election information that reaches voters, transparency data that holds power accountable, and read-write civic infrastructure that lets citizens participate. And APIs can corrode democracy — through ungoverned data harvesting, automated manipulation, surveillance, and the platform power to open and close access for self-interested reasons. The difference between those two outcomes is governance, oversight, and political will. The 2020 census API preparation work, the election data APIs, the transparency efforts — these are the civic infrastructure worth fighting for. Cambridge Analytica, the bot armies, the quietly deprecated targeting APIs — these are the warning of what happens when the API layer of democracy is left ungoverned. Elections are where we find out, every cycle, which version of the API economy we actually built. So far the answer has been mixed, and the work of making it less mixed — of insisting that the APIs touching our elections be governed for the public interest rather than private extraction — is some of the most important political work in the entire API space.

Guidance

API Learnings

APIs

API Governance

API Solutions

API Discovery

API Building Blocks

API Evangelist LLC

Elections

References

Guidance Details

Explore more

Discover APIs