The e-voting system operated by Swiss Post will not be available for nationwide votes on May 19. This is the consequence of “critical errors” found during a public intrusion test, the Federal Chancellery and Swiss Post announced on Friday. The Federal Chancellery said in a statementexternal link it would review the licensing and certification procedures for e-voting systems. It added that it had no indication that these flaws had resulted in votes being manipulated in previous ballots. Swiss Post’s e-voting system had been in use in four cantons: Basel City, Fribourg, Neuchâtel and Thurgau. The Organisation of the Swiss Abroad said on Fridayexternal link it was deeply disappointed by the news, describing it as a blow against online voting “and thus a denial of the democratic rights of the Swiss Abroad”.
U.S. Republican and Democratic senators will introduce legislation on Wednesday seeking to deter Russia from meddling in U.S. elections by threatening stiff sanctions on its banking, energy and defense industries and sovereign debt. Known as the “Deter Act,” the legislation is the latest effort by U.S. lawmakers to ratchet up pressure on Moscow over what they see as a range of bad behavior, from its aggression in Ukraine and involvement in Syria’s civil war to attempts to influence U.S. elections. The measure will be introduced by Senators Chris Van Hollen, a Democrat, and Marco Rubio, a Republican. They offered a similar measure last year, when it also had bipartisan support but was never brought up for a vote by the Senate’s Republican leaders, who have close ties to President Donald Trump. Trump has gone along with some previous congressional efforts to increase sanctions on Russia, although sometimes reluctantly. According to details of the legislation seen by Reuters, it would require the U.S. Director of National Intelligence (DNI) to determine, within 30 days of any federal election, whether Russia or any other foreign government, or anyone acting as an agent of that government, had engaged in election interference.
National: 2020 Census likely target of hacking, disinformation campaigns, officials say | The Washington Post
With just a year to go before the 2020 Census, the U.S. government is urgently working to safeguard against hacking and disinformation campaigns as it perfects a plan to count about 330 million people largely online for the first time. Going digital is intended to cut costs. But cybersecurity experts say it may also put the survey at unprecedented risk in a nation embroiled in fallout from Russian interference in the 2016 election. Any outside attempt to discredit or manipulate the decennial survey could drive down response rates, imperiling the integrity of data that help determine a decade’s worth of federal funding, congressional apportionment and redistricting throughout the country. “Just as with voting, completing the census is a powerful exercise in our democracy, and there are always people who want to prevent others from exercising their power,” said Indivar Dutta-Gupta, co-executive director of the Georgetown Center on Poverty and Inequality and an expert on the census. “I think there will be lots of attempts. We should be concerned.”
On March 13, Arkansas Sen. Tom Cotton and Oregon Sen. Ron Wyden submitted a bipartisan letter to the Senate sergeant-at-arms asking for an annual report tallying the number of times Senate computers have been hacked. The letter also requests the SAA adopt a policy of informing Senate leadership within five days of any new data breaches that occur. Cotton and Wyden should be lauded for requesting greater clarity regarding government cybersecurity. Yet this important and reasonable petition reveals an unfortunate reality: We expect our lawmakers to enact policy protecting our nation from cyberattacks when they don’t even know whether their own computers have been hacked. For the sake of national security, this must change. Government agencies, in general, are legally required to disclose breaches, but Congress is under no similar obligation. According to the letter, the last time there was a publicly disclosed report of a congressional data breach was in 2009. Indeed, the two examples of cyberattacks on Senate computers that Cotton and Wyden cite (one against former Virginia representative Frank Wolf in 2006 and one against former Florida senator Bill Nelson in 2009) are both at least a decade old. But a lack of data for the years since then doesn’t mean that hackers haven’t been active. In fact, in 2018, both the Democratic National Committee and the National Republican Congressional Committee lost emails in data breaches. Moreover, the Department of Defense wards off approximately thirty-six million attempted data breaches each day.
Georgia: Paulding’s Holden leading state election officials group preparing for new voting system | mdjonline
Paulding’s election supervisor will help lead a new statewide election workers organization as they learn to operate a new electronic voting system by the 2020 presidential election. Deidre Holden will join with Athens-Clarke County elections director Charlotte Sosebee to lead the new Georgia Association of Voter Registration and Election Officials after the merger of two long-standing groups whose members were involved in conducting Georgia elections for half a century. The two groups, the Voter Registrars Association of Georgia and the Georgia Election Officials Association, worked for years to merge after their members increasingly were assigned the same duties in recent decades, Holden said. The new group is forming as election officials statewide begin training to operate the new $150 million system of ballot-marking devices the Georgia General Assembly approved this year. Paulding’s elections office will use the new machines in the Dallas and Hiram municipal elections in November as part of a pilot program, Holden said.
Louisiana’s secretary of state told lawmakers Tuesday that he hopes to restart efforts to replace thousands of voting machines this summer, after the last effort was derailed by allegations of improper bid handling. Secretary of State Kyle Ardoin, who oversees state elections, said the voting machine replacement work won’t be complete for the fall election, so his office will spend $2 million renting temporary machines. Ardoin told the House Appropriations Committee his office will rent early-voting machines for the October and November elections, when all of Louisiana’s statewide and legislative positions are on the ballot. The office will use spare parts to make sure the decade-old Election Day voting machines are running properly. “Because the last (bid process) didn’t work out so well, we’re working very hard to maneuver to make sure that we are settled for the fall election,” Ardoin said. A multimillion-dollar contract award to replace Louisiana’s voting machines was scrapped in October after the state’s chief procurement officer said the secretary of state’s office didn’t follow legal requirements in choosing the winning vendor, Dominion Voting Systems.
Three months into the 2019 legislative session, lawmakers still haven’t released federal funds set aside for election security. As part of the Help America Vote Act or HAVA, Congress allotted $6.6 million to Minnesota to combat cyber threats and other attacks against the state’s elections infrastructure. As of the first week in April, Minnesota is the only state in the nation to leave the money on the table, unspent. “We want to re-secure our voter registration data base. It’s the spine of the system,” Minnesota Secretary of State Steve Simon told KARE. “It does more than just voter registration. It does a lot of things in the election system and it needs to be substantially recoded and fortified against attacks.” We now know that Russian operatives tried to hack into Minnesota’s elections Internet framework in 2016. They were able to breach the system, but unable to alter any records or processes. Secretary Simon wants to use the money to modernize the registration system, build a voter database backup, add real-time monitoring of cyber threats, and create a new position in his office to help local elections officials with security issues. Federal officials made many of these recommendations after a site visit to Minnesota last year. But Simon can’t take any of these actions without first getting permission from the legislature. That hasn’t happened yet.
New York: Budget allocates $24.7M to improve voting process — publicly funded elections delayed | The Legislative Gazette
Election reformers are seeing mixed results in the new state budget passed this week. On one hand, New Yorkers will now be able to vote before Election Day, register to vote online, and polls will open earlier for upstate primaries. Additionally, employers will be required to give all workers three hours of paid time off to vote, and with a new $14.7 million allocation, voters will be able to sign in at polling places using an electronic sign-in book. The e-poll books keep track of data such as voter registration, voting history and verification and identification of voters. This will bring the state’s system up to date with 21st century technology. More than half of the states in the U.S. use electronic polling books already. On the other hand, many good-government groups and activists are angry that the budget did not establish a system of publicly financed campaigns that rely on a small-donor matching system, coupled with lowered contribution limits. Instead, a commission will study the feasibility of such a system for legislative and statewide offices, and will issue a report in December. Proposed by the Fair Elections for New York campaign, a small-donor matching system would give a voice to New Yorkers who cannot afford to donate large sums of money to political candidates. It is also seen as a system that allows more people to run for political office.
In the days following a suicide bombing against Indian security forces in Kashmir this year, a message began circulating in WhatsApp groups across the country. It claimed that a leader of the Congress Party, the national opposition, had promised a large sum of money to the attacker’s family, and to free other “terrorists” and “stone pelters” from prison, if the state voted for Congress in upcoming parliamentary elections. The message was posted to dozens of WhatsApp groups that appeared to promote Prime Minister Narendra Modi’s governing Bharatiya Janata Party, and seemed aimed at painting the BJP’s main national challenger as being soft on militancy in Kashmir, which remains contested between India and Pakistan, just as the two countries seemed to be on the brink of war. The claim, however, was fake. No member of Congress, at either a national or a state level, had made any such statement. Yet delivered in the run-up to the election, and having spread with remarkable speed, that message offered a window into a worsening problem here.
How do you organise free and fair elections in a sprawling developing country beset by political corruption, bureaucratic incompetence and organisational inefficiency? For Indonesia – and its 193 million voters – the answer lies in the vast number of polling stations, the use of a metal nail (not a pen or a machine) for voting, 1.6 million bottles of halal certified ink and the practice of counting votes in public. On April 17, the world’s third most populous democracy is holding simultaneous presidential and legislative elections for the first time. It will be world’s biggest direct presidential elections (because the US uses an electoral college) and one of the most complicated single-day elections in global history. By contrast, India, which is the world’s biggest democracy, is conducting its parliamentary elections through a rolling regional process over six weeks in April and May. As the Lowy Institute’s new infographic highlights, the scale of Indonesia’s electoral process is mind-boggling, with five separate elections at once, for the president, both houses of parliament, provincial legislatures and district/city councils. Altogether, there are more than 245,000 candidates running for more than 20,000 national and local legislative seats across hundreds of islands, in addition to the headline contest between President Joko Widodo and challenger Prabowo Subianto.
The discovery of Israel election bots designed to give the illusion of support for prime minister Benjamin Netanyahu ahead of elections next week is the latest example of how cybersecurity has crossed over into the political realm, according to one cybersecurity expert. The Israel election bots, which were uncovered by cyber watchdog the Big Bots Project, identified hundreds of fake Twitter accounts responsible for over 130,000 tweets said to be spreading disinformation about Netanyahu’s opponents. It is, according to Corin Imai, senior security advisor at DomainTools, the latest example of how cybersecurity concerns are posing a threat to democracy. “This campaign is yet the latest demonstration of how the political game has changed,” she said. “Cybersecurity is no longer a matter of protecting enterprises’ digital assets and data, but a responsibility towards the preservation of the democratic process.
Turkey: Erdogan’s party challenges election results after apparent defeat in Turkey’s cities | The Washington Post
President Recep Tayyip Erdogan’s party said Tuesday that it had submitted challenges to election results that showed its candidates had been defeated in Istanbul and Ankara, Turkey’s largest cities, in local elections two days earlier that dealt a rare setback to Erdogan at the ballot box. The Justice and Development Party, or AKP, has repeatedly prevailed in elections since 2002 and was the leading vote-getter on Sunday. But its losses in major cities — including Istanbul, Turkey’s financial capital — were a significant symbolic defeat for Erdogan and threatened to weaken his powerful party machine, analysts said. The election came in the midst of an economic downturn that had focused voter anger on Erdogan’s handling of the crisis, analysts said. Urban voters may have also bristled at his caustic campaign rhetoric, they added, and his frequent attempts to link his political opponents to terrorism. The AKP challenged vote tallies in all of Istanbul’s 39 districts, where Ekrem Imamoglu, the mayoral candidate from the main opposition Republican People’s Party, or CHP, was leading by about 25,000 votes.
Voting machine manufacturers are increasing their Capitol Hill presence as lawmakers demand they do more to protect U.S. elections against foreign hackers. Dominion Voting Systems — which commands more than a third of the voting-machine market without having Washington lobbyists — has hired its first, a high-powered firm that includes a longtime aide to Speaker Nancy Pelosi. The No. 1 vendor, Election Systems & Software, added two new lobbying firms last fall. Members of Congress have criticized those and other companies for their security methods and business practices.
Democratic senators sent a letter to three of the country’s top election system vendors on Tuesday, pressing them on what they will do to help secure the 2020 election from foreign attacks. The letter, sent to the heads of voting vendors Election Systems & Software LLC, Hart InterCivic Inc. and Dominion Voting Systems, requested that the companies inform Democratic leaders of efforts to improve their systems to guard against cyber vulnerabilities. Sen. Amy Klobuchar (D-Minn.), the ranking member of the Senate Rules Committee, was joined on the letter by Senate Intelligence Committee Vice Chairman Mark Warner (D-Va.), Senate Homeland Security Committee ranking member Gary Peters (D-Mich.) and Senate Armed Services Committee ranking member Jack Reed (D-R.I.). “Despite the progress that has been made, election security experts and federal and state government officials continue to warn that more must be done to fortify our election systems,” the senators wrote. “Of particular concern is the fact that many of the machines that Americans use to vote have not been meaningfully updated in nearly two decades.”
Legislation introduced last week would give the U.S. Senate’s sergeant at arms responsibility to help secure the personal devices and online accounts used by senators and their staff to help ward off cyberattacks and other threats. The bill, known as the “Senate Cybersecurity Protection Act of 2019,” was introduced by senators Ron Wyden, D-Ore., and Tom Cotton, R-Ark., who both serve on the Intelligence Committee. While there is not yet a similar bill pending in the House to provide members with similar services, backers of the Senate bill are urging the House to take up a similar measure. The Senate bill would allow the sergeant at arms, who is already responsible for cybersecurity within the Senate, to provide voluntary cybersecurity assistance for personal accounts and devices to senators and certain staff members. This could include assistance with security for personal hardware, such as laptops, desktops, cell phones, tablets and other internet-connected devices, as well as personal accounts, including email, text messaging, cloud computing and social media as well as residential internet, healthcare and financial services, according to a summary.
In the wake of Robert Mueller’s investigation into Russian interference in the US electoral system, experts warn the nation is just as exposed as it was in 2016, raising new concerns about the 2020 presidential election. More than two years after intelligence agencies exposed Moscow’s efforts to exploit weaknesses in the US democratic system, technology companies and state governments have yet to come to terms with a foreign power’s meddling in domestic affairs of state. When it comes to the 2020 presidential vote, the US faces many of the same vulnerabilities that made its electoral system a prime target In 2016 — and perhaps some new ones, said Doug Lute, a former American ambassador to Nato and retired Army lieutenant-general who has taken up the cause of US election security. “We are more prepared in the sense that we are more aware. But we are little better prepared in terms of actual security,” said Mr Lute. He noted that Russia’s strategy in 2016 resembled an age-old Russian military doctrine: to attack on a broad front, assess strengths and weaknesses, then prepare to reattack vulnerabilities — a potentially dangerous scenario for 2020.
Now that Special Counsel Robert Mueller’s investigation “did not establish that members of the Trump campaign conspired or coordinated with the Russian government in its election interference activities,” we can all move on to fighting over whether those activities actually changed the outcome of the 2016 presidential election. Attorney General William Barr’s letter to Congress summarizing the Mueller report says the special counsel determined that there were two main Russian efforts to influence the 2016 election: “The first involved attempts by a Russian organization, the Internet Research Agency (IRA), to conduct disinformation and social media operations in the United States designed to sow social discord, eventually with the aim of interfering with the election. The second element involved the Russian government’s efforts to conduct computer hacking operations designed to gather and disseminate information to influence the election. The Special Counsel found that Russian government actors successfully hacked into computers and obtained emails from persons affiliated with the Clinton campaign and Democratic Party organizations, and publicly disseminated those materials through various intermediaries, including WikiLeaks.” Mueller has brought criminal charges against a number of Russian individuals, Russian military officers, and Russian companies or entities in connection with these activities. They’re never going to be in a U.S. courtroom, but the indictments tell us what happened.
The city’s Board of Elections is arguing it may need some new voting machines because of early voting, but the board’s leader is pushing for machines made by a company he has benefited from, raising questions of conflicts of interest. For almost 10 years, New York City has used the same type of voting machine: An optical scanner. But now, the city Board of Elections may want to try something else. It’s a new machine called the ExpressVote XL, and it’s made by the major voting machine manufacturer, Election Systems and Software (ES&S). In a letter exclusively obtained by NY1, the city asked the state Board of Elections this week to possibly use the new machine for early voting this year. It says using paper ballots would be virtually impossible. That’s because there will be far fewer poll sites open for early voting than on a traditional election day. Officials question whether every site would be able to keep all of the different ballot configurations for each election district, and this ExpressVote XL machine uses a touch screen to vote instead. But there is a problem: The state Board of Elections has not certified or fully tested this machine for use in New York. The city Board of Elections is essentially asking state officials to skirt that approval process, specifically asking permission from the state board to use the machine in this fall’s general election. The letter states “time is of the essence.” It is signed by two people. One is the executive director of the board, Michael Ryan. One leader of the state Board of Elections immediately dismissed the city board’s request: “What annoyed me most about the letter is it doesn’t seem to understand the reason for New York’s certification for voting equipment,” state Board of Elections Co-Chair Douglas Kellner said. “We have to recognize that there are security risks.”
Counties across the state are working to beat a December deadline to replace touch-screen voting machines with models that use a paper ballot in order to comply with a 2013 state law. Twenty-five counties, including Mecklenburg, Guilford, Forsyth and Union, will need to upgrade all or some of their equipment. North Carolina State Board of Elections spokesperson Patrick Gannon said updating the equipment is important “to ensure that voters are confident that when they cast a ballot, that their choices are recorded properly and they can be audited on the back end if there are concerns about whether or not votes were counted properly.” There is currently only one voting machine model that’s certified for use, but the State Board of Elections will meet soon to consider certifying additional models. Gannon said counties making the switch need to test their equipment this fall ahead of the 2020 primary next March. “The counties must be able to test any new system in the municipal election in order for it to be used in an election next year,” he said.
North Carolina: Legislators seek reprieve for Guilford County voting machines | Greensboro News and Record
Ask and ye shall receive — or at least get a reasonable shot at receiving. Two local legislators introduced a bill this week approving more than two years of additional life for Guilford County’s voting machines, only a week after county leaders formally petitioned the General Assembly for just such help. If passed, the bipartisan measure introduced by state Reps. Jon Hardister, R-Whitsett, and Amos Quick, D-Greensboro, would give county taxpayers a reprieve on the estimated $8 million cost of replacing the county’s 1,400-plus machines. The measure also would apply to Alamance County, which faces a similar dilemma and an estimated $2 million in replacement costs. Hardister said Friday afternoon that he filed the bill with Quick and fellow Reps. Dennis Riddell, R-Snow Camp, and Frank Iler, R-Oak Island, after a conversation with Guilford County Board of Elections Director Charlie Collicutt.
The Federal Government has allocated an unspecified amount in Tuesday’s Federal Budget to improve cyber security arrangements for the forthcoming election. The amount was not specified due to what the government said were national security reasons. The Budget papers say the money will be for mitigating potential threats through enhanced monitoring and response capabilities. It will also be spent towards the creation of cyber “Sprint Teams” within the Australian Cyber Security Centre and a Cyber Security Response Fund. In February this year, it was announced that the network of the Australian Parliament had been breached by hackers whose affiliations have not yet been revealed. The networks of the three major political parties — Liberal, Labor and National — were also infiltrated.
A second error in the Swiss Post planned e-voting system has been discovered as the public intrusion test phase comes to an end. The Federal Chancellery announced the need for action and confirmed a review of the e-voting certification and approval process. The same computer experts who discovered a critical error in the source code of Swiss Post’s new e-voting system earlier this month announced they discovered a further security gap. It was identified as part of the public intrusion test that has been running since February 25, during which the e-voting source code was released. The bug affects universal verifiability – the same area of the system as the first error. However, in this case the error would not make it possible for arbitrary manipulation of any possible votes to go unnoticed, according to the Federal Chancellery. That said, votes could be made invalid without being discovered by the mathematical evidence. René Lenzin, deputy head of communications at the Federal Chancellery, told the Swiss news agency Keystone-SDA that the error confirmed a “need for action”. The error discovered on March 12 had already shown that universal verifiability and thus the “heart of the system” had not worked. The system had to recognise if manipulation had taken place.
Thai demonstrators on Sunday protested against alleged cheating in the junta-ruled kingdom’s first election since a 2014 coup, a week after the controversial poll sowed confusion over the ballot results. A military-backed party and its main rival led by a self-exiled billionaire have both claimed the right to lead the government as inconsistent tallies released by the Election Commission have raised suspicion among voters. The junta-aligned Phalang Pracharat party clinched the popular vote but its rival Pheu Thai — linked to former premier Thaksin Shinawatra — has formed a coalition claiming a majority of seats in the lower house. Full results will be ratified by May 9 but anger has mounted as the wait continues, prompting demonstrations at two Bangkok landmarks. A small but spirited group gathered near the tourist hotspot Erawan Shrine holding a banner that read “Cheating Election” and “People Want to Vote”. It featured the face of 2014 coup leader Prayut Chan-O-Cha, who is standing as the prime ministerial candidate for Phalang Pracharat. “It is the Pheu Thai party which won the election,” organiser and activist Anurak Jeantawanich said.
Exit polls from the first round of Ukraine’s presidential election, released late on March 31, seem to confirm what has long been believed: that no openly pro-Russian candidate has a chance to secure this Ukrainian presidency. But it doesn’t seem that will stop the Kremlin from having its voice heard, or from trying to have some of its strategic objectives secured, observers note. On April 1, as ballots were still being tallied, the Treaty of Friendship, Cooperation and Partnership between Ukraine and Russia officially, although quietly, expired. Previously renewed automatically each decade, Ukrainian lawmakers approved the treaty’s termination on Dec. 6, 2018, after roughly four years of undeclared war between the two nations. Also on April 1, as the likely outcome of the Ukrainian presidential election started to become more clear, elected Russian lawmakers prepared a statement of “non-recognition” of the result. The move is yet another signal that Moscow is committed to discrediting the election and not accepting its outcome.