India: What India can learn from the clamour for paper ballots in the US | Mala Jay/National Herald

The United States, the world’s most developed nation, is having serious problems with its electronic voting system that India cannot afford to ignore. The last few days have been so traumatic in the state of Iowa that it has triggered demands for a total manual recount and for a return to the “good old paper ballot”. Just three headlines in influential newspapers convey the message.  One says: “Don’t entrust Democracy to the Techies”. The other says: “The Iowa election fiasco proved one thing:  over-reliance on electronic machines in the election process makes Democracy more opaque”. The third was a plaintive cry:  “Please let’s go back to paper voting”. What happened during counting of votes in Iowa on Monday can be summed up in three words – Spectacular Software Glitch. Just like what the Election Commission of India keeps repeating, those in charge of the primary election in the State of Iowa had claimed that the electronic voting system was “fail-safe” and “tamper-proof”. But some of America’s leading politicians – like Joe Biden, Bernie Sanders and Elizabeth Warren, all of whom are feverishly trying to win the nomination to become the Democratic Party candidate against Donald Trump in the US presidential election in November – were stunned when the results of Monday’s election caucus were withheld because a computer application crashed.

Georgia: Map shows spread of touchscreen voting across Georgia and nation | Mark Niesse/The Atlanta Journal-Constitution

The kind of voting system rolling out in Georgia is gaining ground across the country but remains much less common than paper ballots filled out by hand, according to a new national map of voting equipment. Georgia is one of three states that will use touchscreens and ballot printers for all in-person voters this year, according to Verified Voting, a nonpartisan election accuracy advocacy organization. Delaware and South Carolina will also use this kind of voting system statewide. Many states use similar equipment but on a smaller scale to accommodate voters with disabilities. The voting computers, called ballot-marking devices, are available in parts or all of 44 states, often alongside hand-marked paper ballots. About 18% of voters nationwide, more than 37 million, will use ballot-marking devices as their primary voting method this year, according to figures provided by Warren Stewart, a data specialist for Verified Voting who worked on the map. That figure includes 7 million registered voters in Georgia.

National: Gutted Election Assistance Commission struggles to recover | Bill Theobald/The Fulcrum

Nine months from an intensely contested presidential election already clouded by anxiety about the integrity of the results, the main federal agency overseeing the process is struggling to get back on its feet after years in turmoil. The Election Assistance Commission is unknown to most Americans. But it certifies the reliability of the machines most voters will use this fall, and it’s at the epicenter of efforts to protect our election systems from being hacked by foreign adversaries. And since last fall it’s been without an executive director or general counsel to coordinate the government’s limited supervision over how states and thousands of localities plan for the 2020 balloting. In fact, none of eight top officials listed on the agency website in March 2017, when the extent of Russian interference in the last presidential election was just becoming clear, are still with the agency. Neither are eight of the other 16 staff members who worked there then. And years of budget cuts have only recently started to be reversed. The ability of the already tiny operation to do its job in the leadup to November — when turnout and fear of hacking could both reach record levels — could go a long way to determining whether the world believes President Trump was either defeated or re-elected fair and square. It is a tall order that will be left largely to the four politically appointed commissioners, and two of them are new since Trump took office. Only a year ago did the EAC gain a full complement of members for the first time in almost a decade.

National: The Iowa caucus app isn’t the only new election tech | Rebecca Heilweil/Vox

Election security in the United States seems more precarious than ever. As the November 2020 election grows closer, states and counties have charged ahead with their own plans to secure — and improve — their voting systems. Congress, meanwhile, has failed to send much-needed reforms to the president’s desk. Anxiety over the mechanics of this year’s election has spiked following the disaster that was the Iowa Democratic caucus. While there’s no reason to believe that the very poorly developed app used in the caucus was hacked, the fiasco does have lawmakers spooked on a number of fronts, as it’s increasingly becoming clear that the integrity of the nation’s elections can be compromised in a variety of ways. In fact, after the phone number for reporting precinct results was posted online, supporters of President Donald Trump managed to flood phone lines and interfere with the counting of results, according to Bloomberg. You could say the country is more vulnerable to election interference than ever. Some worry, with good reason, that the worst is yet to come.

National: The progress the government has made on election security | Andrew Eversden/Fifth Domain

The latest Senate report on Russian interference in the 2016 election, released Feb. 6, contained several broad recommendations for how the government can improve effectiveness in securing American elections. While the Senate Select Committee on Intelligence’s third volume lists seven recommendations for correcting shortfalls made by the Obama administration in responding to Russian election interference, the federal government has already made progress in several of the recommended areas since the committee started its report. The committee recommends that the executive branch “bolster” partnerships with countries considered “near abroad” to Russia. The bipartisan report states that Russia has been using these countries as a “laboratory” for perfecting information and cyber warfare. For example, in the military conflict between Ukraine and Russian, Russian-backed hackers have targeted the government and shut down the country’s power grid. Expanding partnerships with such countries will “help to prepare defenses for the eventual expansion of interference techniques targeting the West,” the report read.

National: Election Security 2020: States Take Cybersecurity Measures Ahead of November | Adam Stone/StateTech Magazine

In the Buckeye State, officials are doing more than just keeping an eye on the upcoming national elections. As the threat of cyber tampering looms large, state and local leaders are working diligently to ensure voting is secure. “We want to set the tone for the rest of the nation,” says Ohio Secretary of State Frank LaRose, who in June issued a 34-point directive to guide state, county and local efforts on election cyber strategies. It calls for the use of event logging and intrusion detection tools, along with segmentation — disconnecting voting apparatus from external networks. “We want to make sure our boards of elections aren’t leaving a door opened by being attached to other, less secure assets,” LaRose says. Ohio may be out in front, but it is hardly alone. Authorities in all 50 states are taking steps to not only to secure the vote, but to ensure that the public perceives that vote as valid. They are getting help from the federal government, including the Cybersecurity and Infrastructure Security Agency, an operational component under the U.S. Department of Homeland Security. Experts say the aggressive action is justified, given the high likelihood that adversarial nations and other bad actors could try to tamper with the election.

National: Russia engaging in ‘information warfare’ ahead of 2020 election, FBI chief warns | Eric Tucker/Associated Press

The FBI director, Christopher Wray, has warned that Russia is engaged in “information warfare” heading into the 2020 presidential election, though he said law enforcement has not seen ongoing efforts by Russia to target America’s election infrastructure. Wray told the House judiciary committee that Russia, just as it did in 2016, is relying on a covert social media campaign aimed at dividing American public opinion and sowing discord. That effort, which involves fictional personas, bots, social media postings and disinformation, may have an election-year uptick but is also a round-the-clock threat that is in some ways harder to combat than an election system hack, Wray said. “Unlike a cyber-attack on an election infrastructure, that kind of effort – disinformation – in a world where we have a first amendment and believe strongly in freedom of expression, the FBI is not going to be in the business of being the truth police and monitoring disinformation online,” Wray said.

National: Iowa and the grand tradition of election tech mishaps | Andrew Gumbel/The Guardian

The great Iowa caucus meltdown of 2020 may be triggering anguish, anger and, on the Republican side of the political fence, expressions of unalloyed glee; but for one Miami lawyer and voting rights activist it is also bringing back vivid memories of another high-profile primary contest that fell victim to untested new technology and administrative incompetence. The year was 2002, and the race was a hotly contested Florida gubernatorial election in which Janet Reno, the former US attorney general, was vying for the Democratic party nomination against a prominent lawyer from Tampa. A politically connected company called Electronic Systems & Software (ES&S) was rolling out new touchscreen technology to replace the punch card machines that were widely blamed for the meltdown in the presidential election two years earlier between George W Bush and Al Gore. ES&S, though, was very far from ready for prime time. Many of the machines in Miami-Dade county took so long to boot up that polling stations could not open before lunchtime. When a freak storm caused power blackouts, the battery backup on many machines failed. One Miami precinct reported 900% turnout; another showed just one ballot cast. The governor declared a state of emergency, and Reno – who was trailing narrowly – demanded a re-examination of the ballots, only to realize that the new technology made recounts impossible.

Editorials: Verifying caucus votes is easy. Iowa could have been much worse. | Edward W. Felten /The Washington Post

On Monday night, political enthusiasts across America waited for votes in the Iowa caucuses to be tabulated. And waited. And waited some more. Because of an ill-designed and poorly tested app, precinct captains couldn’t transmit their vote totals to the tabulators. This was embarrassing for Democratic Party officials and their technology vendor, but it was far from the worst thing that could have happened. In the end, the results will be tabulated correctly. Democracy worked, if a bit more slowly than some might have preferred. But a much bigger failure is still possible, and we’re still not properly prepared for it. The good news is that the problem in Iowa manifested in the tabulation of votes across precincts, which is the easiest part of an election to secure. There was ample public evidence of the vote count in each precinct: Voters filled out paper ballots, and precinct captains conducted public head counts. The rest — adding up votes and calculating delegate counts — is just arithmetic that candidates, journalists and citizens can replicate for themselves. The count went on, it just went didn’t go on as quickly as expected. What we need most from our election systems is resilience. Even in the absence of a cyberattack, things will go wrong. A resilient system can detect problems, recover and reconstruct the accurate result from solid evidence. That’s what we saw in Iowa. Voters made their intentions clear, and the in-precinct paper ballot count was low-tech and public — as resilient as one could hope for. When something went wrong, officials fell back to a verifiable solution. The system worked, even if the app didn’t.

Florida: State Could Allow Counties To Use A Different System When Recounting Voter Ballots In Elections | Robert Gaffney/WFSU

When elections are close, voter ballots are recounted. First by machine and if the results are still slim, by hand. It’s a process Rep. Cord Byrd (R-Jacksonville Beach) remembers during the 2018 election. Byrd says he saw that election’s recount in Duval County. “We’re in a room, and you’ve got dozens of people and tables spread around and tens of thousands of ballots out, and all it takes is one stray mark to spoil a paper ballot,” Byrd says. Now, Byrd is backing a bill that would allow election staff to use a system, currently used for auditing,  for machine and manual recounts too. Right now, for manual recounts, election staff have to sort through ballots by hand. Byrd says the technology he’s proposing is already approved by the state. Currently, voting systems can make digital copies of paper ballots. Still, Leon County’s Supervisor of Elections Mark Earley says those copies are hard to access and don’t have any sorting capability. The auditing system Byrd wants the state to use keeps an inventory of all paper ballots and makes them easier to find so staff can cross-check them with digital copies. Earley says he’s been working with the technology for 11 years.

Iowa: Caucus app is latest example of politicos building faulty technology with disastrous results | Joseph Marks/The Washington Post

The Iowa caucus debacle is just the latest example of politicos building faulty technology — with serious political consequences. Professional technologists shuddered at the apparent incompetence and hubris as details emerged yesterday about the Iowa Democratic party rushing a contract for its caucus results app with a little-known tech company founded by veterans of Hillary Clinton’s campaign, pushing the app out faster than it could be responsibly built and rejecting opportunities for testing and security vetting. The resulting implosion of the app from Shadow Inc. on the first vote of 2020 undermined faith in the electoral process just as Democratic party leaders were trying to restore it. The country is still waiting for the full results. “The most important lesson anyone should take away from this is that if you’re going to use a new technology that you need to very rigorously test it and exercise it and plan for what your backup will be if it fails,” Eric Rosenbach, a former top Pentagon official who leads the Defending Digital Democracy program at Harvard University, told me. “That didn’t happen here, which is disappointing,” he said. “That’s not something that’s good for democracy.” The high-profile coding error, which produced inconsistencies in reported caucus results, was reminiscent of other times when the government or campaigns built digital tools — but the hard work of getting the tech right took a backseat to other priorities.

Iowa: Maker of glitchy Iowa caucus app has Democratic Party ties | Michael Biesecker and Brian Slodysko/Associated Press

The little-known technology start-up under scrutiny after the meltdown of the Iowa Democratic caucuses on Monday was founded little more than a year ago by veterans of Hillary Clinton’s failed 2016 presidential campaign who had presented themselves as gurus of campaigning in the digital era. Shadow Inc. was picked in secret by the Iowa Democratic Party after its leaders consulted with the Democratic National Committee on vetting vendors and security protocols for developing a phone app used to gather and tabulate the caucus results. Party officials in Iowa blamed an unspecified “coding issue” with the software that led to it producing only partial and unreliable results. It did not identify the firm that produced the technology, but campaign disclosure reports show that the Iowa party paid $63,000 to Shadow in late 2019. After the company came under withering criticism on social media Tuesday, it issued a series of tweets that expressed “regret” over technical glitches which contributed to a delay in the release of results, but stopped short of apologizing.

Iowa: Here’s the Shadow Inc. App That Failed in Iowa Last Night | Jason Koebler and Emanuel Maiberg/VICE

Jonathan Green said that everything was going well until he had to use the IowaReporterApp. “On the ground, it went great,” Green, the chair of the Democractic presidential primary caucuses in Iowa’s Fremont Township and Lone Tree precincts and an IT systems administrator for a financial services firm, said. “I got pissed off four years ago at how my precinct was run, which is why I volunteered to do it this time around,” he said. “We had 113 people and everyone was pleasant. I had to recruit a secretary once we were going—I couldn’t find one ahead of time. Everyone was patient and in good cheer. I know that’s not likely the case today. My girlfriend, especially, is distraught. She has poured her life and soul into this thing, and for naught.” Green, like many other precinct chairs, faced problems reporting the results of the caucus to Iowa’s Democratic Party using the app. Due to a coding error, the app, created by a company called Shadow Inc., wasn’t reporting the correct data, according to the Iowa Democratic Party. The error resulted in the Democrats delaying all public reporting of the results of Monday’s caucuses, and has sown chaos and confusion in a hotly contested and deeply important primary.

New Jersey: ExpressVote XL Will Make Debut in Middlesex Count on March 10 | Charlie Kratovil/New Brunswick Today

On March 10, the citizens of Edison and Woodbridge will be casting ballots on new electronic voting machines for the first time in over two decades. While some of the Middlesex County’s new “ExpressVote XL” machines have already arrived at the Board of Elections warehouse in Edison, the bulk of the $7.6 million equipment purchase is set to arrive in the coming weeks. The former voting machines have been stripped down and will soon be on their way to a local landfill, according to elections officials. The county’s Board of Chosen Freeholders approved the purchase in February 2019, but it’s taken a long time for the transition to finally move ahead, under the leadership of new Elections Administrator Thomas Lynch. The 720 new machines include “touchscreens” and produce a paper record for every vote. That’s more than enough for each of the county’s voting districts to have its own machine in use on the same day. The county also purchased 720 “electronic poll books” and two “high speed image scanners” from the same vendor that is providing the machines: Nebraska-based Election Systems & Software (ES&S).

Ohio: 8 counties fall short on elections cyber security check up | Laura A. Bischoff/Dayton Daily News

Eight Ohio counties failed to fully comply with a directive ordering local elections officials to tighten and check their cyber security protections, according to Ohio Secretary of State Frank LaRose. LaRose said on Wednesday that he expects seven of the eight to be in full compliance within a week but he is placing Van Wert County Board of Elections under state administrative oversight because county officials there failed to take the directive as seriously as they should.LaRose said all 88 Ohio counties are 100 percent compliant with orders to conduct physical security checks, personnel background checks, transition to .gov email and website domains and training for staff. The compliance rate for required cyber attack detection and network defense steps is 99 percent, he said. “Ohio is the best prepared state of any state in the nation. That was my goal from the beginning. That’s what we expect as buckeyes, that’s what we expect as Ohioans. We know that the eyes of the world are on us each time we conduct a presidential election in Ohio. When the world is watching, Ohio will be ready,” LaRose said.

Pennsylvania: Get ready for ePollbooks: Northampton County Council bucks recommendation | Kurt Bresswein/Lehigh Valley Live

Going against the Northampton County Election Commission, county council on Thursday night voted to allocate $311,140 needed to purchase electronic pollbooks in time for the April 28 primary election. The ePollbooks have been a contentious topic, following problems with the county’s new touchscreen paper-ballot voting machines that marred their debut last November. The election commission a week ago voted to recommend council not approve the purchase of another new piece of technology for the polls. Election officials were left with little alternative, according to county Executive Lamont McClure. Pollbooks are needed to ensure people are properly registered to vote at their precinct. But under Act 77, the overhaul of state election law adopted last October, complete pollbooks can’t be printed in time for the election and the paper version would slow the tally of election results — possibly for weeks, officials said. “We have to give this county the tools to have a functioning election,” Councilman William McGee said. “They need the tools, whatever the tools are, to have a functioning election. Bottom line.” Thursday’s meeting occurred against a backdrop of chaos in Iowa with tallying caucus results in the nation’s first contest of the 2020 presidential election.

Ukraine: Zelensky hopes to hold online voting through smartphone at elections in Ukraine | InterFax

President of Ukraine Volodymyr Zelensky has set a goal to bring all relations between a citizen and the government to a digital dimension, in particular to hold online voting during presidential, parliamentary and local elections. “In general, our goal is to make sure that all relations with the state can be carried out with the help of a regular smartphone and the Internet. In particular, voting. This is our dream and we will make it real at presidential, parliamentary or local elections. It is a challenge. Ambitious yet achievable,” he said during the presentation of the Diia mobile application in Kyiv on Thursday. Zelensky also said that The State in a Smartphone project changes the attitude of the government to a citizen and saves citizens’ time, money and nervous system.

International: US could learn how to improve election protection from other nations | Scott Shackelford/The Conversation

Hacking into voting machines remains far too easy. It is too soon to say for sure what role cybersecurity played in the 2020 Iowa caucuses, but the problems, which are still unfolding and being investigated, show how easily systemic failures can lead to delays and undermine trust in democratic processes. That’s particularly true when new technology – in this case, a reporting app – is introduced, even if there’s no targeted attack on the system. The vulnerabilities are not just theoretical. They have been exploited around the world, such as in South Africa, Ukraine, Bulgaria and the Philippines. Successful attacks don’t need the resources and expertise of national governments – even kids have managed it. Congress and election officials around the U.S. are struggling to figure out what to do to protect the integrity of Americans’ votes in 2020 and beyond. The Iowa caucuses are run by political parties, not state officials, but many of the concepts and processes are comparable. A look at similar problems – and some attempts at solutions – around the world offers some ideas that U.S. officials could use to ensure everyone’s vote is recorded and counted accurately, and that any necessary audits and recounts will confirm that election results are correct.

Editorials: The internet and elections don’t mix. So why do we keep trying? | Jack Morse/Mashable

When it comes to conducting secure elections, keeping things old-fashioned is often the best bet. This simple reality can be broken down into two digestible nuggets of security wisdom: The internet and voting don’t mix. And auditable paper trails beat fancy digital recording devices every time. Security experts beat us over the head with these admonitions time and time again. And yet, as yesterday’s Iowa caucus screwup shows, we still have a lot of listening left to do. The Iowa caucuses — trending on Twitter at the time of this writing as the “#IowaCaucusDisaster” — represent a spectacular failure in modern day election reporting. According to numerous reports, a shoddily tested app was employed to relay caucus results to party officials. That app failed to properly function, throwing presidential candidates’ campaigns — and the country — into a brief fit.  Importantly, we should be clear that Iowa caucus-goers did not vote using the app. Rather, the caucus results — which were recorded on paper cards like the one shown above — were, after being tallied, reported to Democratic party officials via the app. Or, at least they were supposed to be. It was in this reporting phase that things took a turn for the terrible, with reports that the app had malfunctioned and perhaps tabulated results incorrectly.

National: Caucus Meltdown Tied to Democrats’ Little-Tested Mobile App | Michaela Ross, Kartikay Mehrotra and Chris Strohm/Bloomberg

The breakdown in reporting results from Iowa’s Democratic caucuses appears tied to failures in a mobile application that wasn’t ready for the load of a statewide election and which the head of the Homeland Security Department said wasn’t subjected to a cybersecurity test by his agency. “This is more of a stress or load issue as well as a reporting issue that we’re seeing in Iowa,” acting Department of Homeland Security Secretary Chad Wolf said in a Fox News interview Tuesday. Wolf said there’s little evidence of hacking of the app, which precinct officials struggled to use on Monday night. He said that his department’s cyber division had offered to test the software for vulnerabilities but was declined.… But the failure spotlights the need for hard-copy backups across election systems, as a handful of states are still using voting machines that don’t produce a paper receipt, according to Marian Schneider, president of the voting advocacy group Verified Voting and former deputy secretary for elections of Pennsylvania. “It’s clear that mobile apps are not ready for prime time, but thankfully Iowa has paper records of their vote totals and will be able to release the results from those records,” Schneider said.

National: Iowa’s Lesson: Political Parties Are Not as Good as Government Officials at Counting Votes | Jessica Huseman, Jack Gillum and Derek Willis/ProPublica

Here’s the takeaway from the Iowa fiasco: Beware of caucuses run by political parties. But don’t panic about the integrity of most primaries and the general election, which are run by state and county election administrators. As Tuesday morning wore on without results from Iowa’s Democratic caucuses, the long-awaited first test of the strength of President Donald Trump’s would-be challengers, both public officials and enraged commentators stoked fears that Iowa was a harbinger of chaos for the rest of the 2020 campaign. Some said it raises alarms about the broader condition of election security and the reliability of computer systems that record, tally and publish the votes. Trump campaign manager Brad Parscale even suggested on Twitter Monday, without evidence, that the process was “rigged.” But there’s a marked difference between the Iowa caucuses and the upcoming primaries in New Hampshire and South Carolina, as well as the 14 state primaries on Super Tuesday. The Iowa Democratic Party ran the caucuses, much as its counterparts in Nevada, Wyoming and several territories will do in the next few months. Party officials have less training and experience in administering the vote than do state and local election administrators who oversee most of the primaries.

National: After Iowa Democrats’ caucus app mess, election officials distance themselves | Benjamin Freed/StateScoop

The meltdown Monday night of a new app that the Iowa Democratic Party intended to use to tally the results of its presidential nominating caucuses has famously mucked up the beginning of the race to determine the Democrats’ presidential nominee. But as the candidates wait for the first batch of results to finally be released Tuesday afternoon, election officials around the country are taking pains to distance a political party’s technological bungling from the work that they do on behalf of state and local governments. Iowa Democrats headed into their first-in-the-nation caucuses saying the app — designed by a software firm called Shadow Inc. — would help on-the-ground volunteers report results and the complicated math that determines how many delegates each candidate won. But after not releasing caucus results as expected, the party late Monday night said there were “inconsistencies” in how precinct-level results were reported. And since then, several county party leaders have said that they never received any training on the app from either the state party or Shadow. While caucus-goers’ preferences were recorded on paper, which the Iowa Democrats said Tuesday is being used to verify the data collected by the app, election officials have said this episode may throw a wrench in the public perception of their jobs. “We have a term we call the ‘cicada voter’,” Dave Bjerke, the elections director in Falls Church, Virginia, told StateScoop, referring to the ground-dwelling insects that only emerge once every several years. “The cicada voter is only going to vote in presidential elections. There’s always elections going on, but the presidential is the Super Bowl of our process.”

National: Why 2020 could be a year of election malfunctions | Steven Overly and Eric Geller/Politico

Monday’s caucus app meltdown is just a taste of what may await the rest of America. Iowa wasn’t alone in adopting new technology to run elections in 2020, and the odds are it may not be the last state to suffer the consequences. Counties with tens of millions of people have rolled out new voting machines in recent years to replace hack-prone paperless devices. But new technologies inevitably bring their own hiccups, some more damaging than others. And as the debacle surrounding the Iowa Democrats’ vote-reporting app showed, any confusion can feed divisions and conspiracy theories, fueled by social media, that undermine Americans’ faith in democracy. Marian Schneider, the president of the advocacy group Verified Voting, said technology will always carry some risk, particularly when it’s connected to the internet — noting that even large companies with deep pockets get hacked. She said the problems in Iowa reinforce her organization’s argument that voting and reporting should not be done via mobile app. Another lesson: At least the Iowa caucuses had paper records to back up all of the electronic information. And so should other elections, she said. “So, the takeaway is that having a low-tech backup is really important whenever you’re deploying technology in elections,” she said.

National: Iowa Caucus chaos likely to set back mobile voting | Lucas Mearian/Computerworld

A coding flaw and lack of sufficient testing of an application to record votes in Monday’s Iowa Democratic Presidential Caucus will likely hurt the advancement and uptake of online voting. While there have been hundreds of tests of mobile and online voting platforms in recent years – mostly in small municipal or corporate shareholder and university student elections – online voting technology has yet to be tested for widespread use by the general public in a national election. “This is one of the cases where we narrowly dodged a bullet,” said Jeremy Epstein, vice chair of the Association for Computing Machinery’s US Technology Policy Committee (USTPC). “The Iowa Democratic Party had planned to allow voters to vote in the caucus using their phones; if this sort of meltdown had happened with actual votes, it would have been an actual disaster. In this case, it’s just delayed results and egg on the face of the people who built and purchased the technology.” The vote tallying app used Monday in the Iowa Caucus was created by a small Washington-based vendor called Shadow Inc.; the app was funded in part by a nonprofit progressive digital strategy firm named Acronym. Today, Acronyn strived to make it clear through a tweet it did not supply the technology for the Iowa Caucus, and it is no more than an investor.

National: DHS creates ‘tabletop in a box’ for local election security drills | Benjamin Freed/StateScoop

For the past few years, the Department of Homeland Security has convened exercises for state election officials to test how they’d respond to a cyberattack against voting systems. At a National Association of Secretaries of State meeting in Washington last weekend, a DHS official introduced a new product that could make it easier for local officials to run those exercises. The tabletop exercises, as the events are known, are designed to give secretaries of state, election directors, IT leaders and other officials a war game-like environment simulating the threats posed by foreign governments and other adversaries that might try to disrupt a real election. And while the exercises have included representatives of some local governments, one of the biggest challenges statewide election officials say they have is making sure new cybersecurity tools and procedures trickle down to even the smallest, most resource-strapped jurisdictions involved in the democratic process. The Cybersecurity and Infrastructure Security Agency on Friday published its “Elections Cyber Tabletop Exercise Package,” a 58-page guide for state and local officials to hold their own drills simulating ransomware, data breaches, disinformation campaigns and attempts to corrupt voting equipment. Matt Masterson, a senior adviser at CISA, described the document as a “tabletop in a box.”

National: Majority of Election Websites in Battleground States Failing in Cybersecurity | Security Magazine

A large majority of election-related websites operated by local governments in battleground states lack a key feature that would help them be more cybersecure — a site that ends in .gov as opposed to .com or other extensions. Research by McAfee found that as many as 83.3 percent of county websites lacked .GOV validation across these states, and 88.9 percent and 90 percent of websites lacked such certification in Iowa and New Hampshire respectively. Such shortcomings could make it possible for malicious actors to establish false government websites and use them to spread false election information that could influence voter behavior and even impact final election results. “Without a governing body validating whether websites truly belong to the government entities they claim, it’s possible to spoof legitimate government sites with fraudulent ones,” said Steve Grobman, McAfee Senior Vice President and Chief Technology Officer. “An adversary can use fake election websites for misinformation and voter suppression by targeting specific voters in swing states with misleading information on candidates, or inaccurate information on the voting process such as poll location and times. In this way, this malicious actor could impact election results without ever physically or digitally interacting with voting machines or systems.”

Editorials: Donald Trump’s jokes about defying election results could create chaos | Rick Hasen and Dahlia Lithwick/Slate

As President Donald Trump plans a triumphant State of the Union address anticipating his likely acquittal by the Senate, the White House is reportedly awash in a sense of invincibility. Trump’s certainty that he simply cannot lose could have a real impact on this year’s election. Since assuming office in January 2017, Trump has made at least 27 references to staying in office beyond the constitutional limit of two terms. He often follows up with a remark indicating he is “joking,” “kidding,” or saying it to drive the “fake” news media “crazy.” Even if Trump thinks that he’s only “joking,” the comments fit a broader pattern that raises the prospect that Trump may not leave office quietly in the event he’s on the losing end of a very close election. And unfortunately this possibility is only one of a number of potential election meltdowns we may face in November.

Iowa: Caucus debacle shakes public confidence in 2020 security | Joseph Marks/The Washington Post

The biggest security lesson from last night’s Iowa caucuses: It doesn’t take a hack for technology to undermine confidence in an election. The spectacular failure of a mobile app that was supposed to forward caucus results last night — which are still not out, as of this morning — is a striking example of how faulty technology can spark questions about election results and create an opening for misinformation and conspiracy theories. “These kinds of technical issues and operational delays play right into the game plan of malicious actors,” Maurice Turner, an election security expert at the Center for Democracy and Technology, told me. “[They] can leverage these small facts and turn them into viral misinformation messages speculating about hacking or corruption being behind the irregularities.”  The Democratic Party have surged its focus on cybersecurity to combat foreign interference by Russia or other actors that U.S. intelligence officials warn may seek a repeat of 2016. While an Iowa Democratic Party spokeswoman insisted the app “did not go down and this is not a hack or an intrusion,” the technical snags largely achieved the effects officials have long sought to avoid. Even candidates questioned whether the results were tainted: Vice President Joe Biden’s campaign complained about “considerable flaws” in the reporting system and demanded an explanation of the app’s quality controls before any results were released publicly.

Iowa: Democrats Should Have Known Better Than To Use An App | Kaleigh Rogers/FiveThirtyEight

More than 14 hours after the Iowa caucuses began, we still don’t have any official results, and it’s becoming clear that an app is at least partly to blame. An app designed to let caucus leaders report results seems to have had problems including user error, lack of connectivity and an insufficient backup plan, demonstrating exactly why it’s so difficult — and risky — to introduce new technology into elections. “Right now, a lot of the election security community is trying to, as nicely as possible, say ‘We told you so,’” said Maggie MacAlpine, a co-founder of Nordic Innovation Labs, a firm of security consultants whose specialties include safeguarding elections. This year, the Iowa Democratic Party, which runs the state’s Democratic caucuses, introduced a smartphone app that local precinct chairs could use to send in tallies from their caucus sites. Immediately, election security experts raised concerns because the party wouldn’t reveal who built the app, what testing had been done, or who they had consulted to make sure it was secure. The party insisted, however, that thorough security measures had been put in place, and besides, precinct chairs could always fall back on the reporting technology they’ve been using for decades: a phone-in hotline. One problem: Multiple precinct chairs reported hours-long wait times, and even getting cut off, when they tried to use that hotline.