National: Election Security 2020: States Take Cybersecurity Measures Ahead of November | Adam Stone/StateTech Magazine

In the Buckeye State, officials are doing more than just keeping an eye on the upcoming national elections. As the threat of cyber tampering looms large, state and local leaders are working diligently to ensure voting is secure. “We want to set the tone for the rest of the nation,” says Ohio Secretary of State Frank LaRose, who in June issued a 34-point directive to guide state, county and local efforts on election cyber strategies. It calls for the use of event logging and intrusion detection tools, along with segmentation — disconnecting voting apparatus from external networks. “We want to make sure our boards of elections aren’t leaving a door opened by being attached to other, less secure assets,” LaRose says. Ohio may be out in front, but it is hardly alone. Authorities in all 50 states are taking steps to not only to secure the vote, but to ensure that the public perceives that vote as valid. They are getting help from the federal government, including the Cybersecurity and Infrastructure Security Agency, an operational component under the U.S. Department of Homeland Security. Experts say the aggressive action is justified, given the high likelihood that adversarial nations and other bad actors could try to tamper with the election.

National: Russia engaging in ‘information warfare’ ahead of 2020 election, FBI chief warns | Eric Tucker/Associated Press

The FBI director, Christopher Wray, has warned that Russia is engaged in “information warfare” heading into the 2020 presidential election, though he said law enforcement has not seen ongoing efforts by Russia to target America’s election infrastructure. Wray told the House judiciary committee that Russia, just as it did in 2016, is relying on a covert social media campaign aimed at dividing American public opinion and sowing discord. That effort, which involves fictional personas, bots, social media postings and disinformation, may have an election-year uptick but is also a round-the-clock threat that is in some ways harder to combat than an election system hack, Wray said. “Unlike a cyber-attack on an election infrastructure, that kind of effort – disinformation – in a world where we have a first amendment and believe strongly in freedom of expression, the FBI is not going to be in the business of being the truth police and monitoring disinformation online,” Wray said.

National: Iowa and the grand tradition of election tech mishaps | Andrew Gumbel/The Guardian

The great Iowa caucus meltdown of 2020 may be triggering anguish, anger and, on the Republican side of the political fence, expressions of unalloyed glee; but for one Miami lawyer and voting rights activist it is also bringing back vivid memories of another high-profile primary contest that fell victim to untested new technology and administrative incompetence. The year was 2002, and the race was a hotly contested Florida gubernatorial election in which Janet Reno, the former US attorney general, was vying for the Democratic party nomination against a prominent lawyer from Tampa. A politically connected company called Electronic Systems & Software (ES&S) was rolling out new touchscreen technology to replace the punch card machines that were widely blamed for the meltdown in the presidential election two years earlier between George W Bush and Al Gore. ES&S, though, was very far from ready for prime time. Many of the machines in Miami-Dade county took so long to boot up that polling stations could not open before lunchtime. When a freak storm caused power blackouts, the battery backup on many machines failed. One Miami precinct reported 900% turnout; another showed just one ballot cast. The governor declared a state of emergency, and Reno – who was trailing narrowly – demanded a re-examination of the ballots, only to realize that the new technology made recounts impossible.

Editorials: Verifying caucus votes is easy. Iowa could have been much worse. | Edward W. Felten /The Washington Post

On Monday night, political enthusiasts across America waited for votes in the Iowa caucuses to be tabulated. And waited. And waited some more. Because of an ill-designed and poorly tested app, precinct captains couldn’t transmit their vote totals to the tabulators. This was embarrassing for Democratic Party officials and their technology vendor, but it was far from the worst thing that could have happened. In the end, the results will be tabulated correctly. Democracy worked, if a bit more slowly than some might have preferred. But a much bigger failure is still possible, and we’re still not properly prepared for it. The good news is that the problem in Iowa manifested in the tabulation of votes across precincts, which is the easiest part of an election to secure. There was ample public evidence of the vote count in each precinct: Voters filled out paper ballots, and precinct captains conducted public head counts. The rest — adding up votes and calculating delegate counts — is just arithmetic that candidates, journalists and citizens can replicate for themselves. The count went on, it just went didn’t go on as quickly as expected. What we need most from our election systems is resilience. Even in the absence of a cyberattack, things will go wrong. A resilient system can detect problems, recover and reconstruct the accurate result from solid evidence. That’s what we saw in Iowa. Voters made their intentions clear, and the in-precinct paper ballot count was low-tech and public — as resilient as one could hope for. When something went wrong, officials fell back to a verifiable solution. The system worked, even if the app didn’t.

Florida: State Could Allow Counties To Use A Different System When Recounting Voter Ballots In Elections | Robert Gaffney/WFSU

When elections are close, voter ballots are recounted. First by machine and if the results are still slim, by hand. It’s a process Rep. Cord Byrd (R-Jacksonville Beach) remembers during the 2018 election. Byrd says he saw that election’s recount in Duval County. “We’re in a room, and you’ve got dozens of people and tables spread around and tens of thousands of ballots out, and all it takes is one stray mark to spoil a paper ballot,” Byrd says. Now, Byrd is backing a bill that would allow election staff to use a system, currently used for auditing,  for machine and manual recounts too. Right now, for manual recounts, election staff have to sort through ballots by hand. Byrd says the technology he’s proposing is already approved by the state. Currently, voting systems can make digital copies of paper ballots. Still, Leon County’s Supervisor of Elections Mark Earley says those copies are hard to access and don’t have any sorting capability. The auditing system Byrd wants the state to use keeps an inventory of all paper ballots and makes them easier to find so staff can cross-check them with digital copies. Earley says he’s been working with the technology for 11 years.

Iowa: Caucus app is latest example of politicos building faulty technology with disastrous results | Joseph Marks/The Washington Post

The Iowa caucus debacle is just the latest example of politicos building faulty technology — with serious political consequences. Professional technologists shuddered at the apparent incompetence and hubris as details emerged yesterday about the Iowa Democratic party rushing a contract for its caucus results app with a little-known tech company founded by veterans of Hillary Clinton’s campaign, pushing the app out faster than it could be responsibly built and rejecting opportunities for testing and security vetting. The resulting implosion of the app from Shadow Inc. on the first vote of 2020 undermined faith in the electoral process just as Democratic party leaders were trying to restore it. The country is still waiting for the full results. “The most important lesson anyone should take away from this is that if you’re going to use a new technology that you need to very rigorously test it and exercise it and plan for what your backup will be if it fails,” Eric Rosenbach, a former top Pentagon official who leads the Defending Digital Democracy program at Harvard University, told me. “That didn’t happen here, which is disappointing,” he said. “That’s not something that’s good for democracy.” The high-profile coding error, which produced inconsistencies in reported caucus results, was reminiscent of other times when the government or campaigns built digital tools — but the hard work of getting the tech right took a backseat to other priorities.

Iowa: Maker of glitchy Iowa caucus app has Democratic Party ties | Michael Biesecker and Brian Slodysko/Associated Press

The little-known technology start-up under scrutiny after the meltdown of the Iowa Democratic caucuses on Monday was founded little more than a year ago by veterans of Hillary Clinton’s failed 2016 presidential campaign who had presented themselves as gurus of campaigning in the digital era. Shadow Inc. was picked in secret by the Iowa Democratic Party after its leaders consulted with the Democratic National Committee on vetting vendors and security protocols for developing a phone app used to gather and tabulate the caucus results. Party officials in Iowa blamed an unspecified “coding issue” with the software that led to it producing only partial and unreliable results. It did not identify the firm that produced the technology, but campaign disclosure reports show that the Iowa party paid $63,000 to Shadow in late 2019. After the company came under withering criticism on social media Tuesday, it issued a series of tweets that expressed “regret” over technical glitches which contributed to a delay in the release of results, but stopped short of apologizing.

Iowa: Here’s the Shadow Inc. App That Failed in Iowa Last Night | Jason Koebler and Emanuel Maiberg/VICE

Jonathan Green said that everything was going well until he had to use the IowaReporterApp. “On the ground, it went great,” Green, the chair of the Democractic presidential primary caucuses in Iowa’s Fremont Township and Lone Tree precincts and an IT systems administrator for a financial services firm, said. “I got pissed off four years ago at how my precinct was run, which is why I volunteered to do it this time around,” he said. “We had 113 people and everyone was pleasant. I had to recruit a secretary once we were going—I couldn’t find one ahead of time. Everyone was patient and in good cheer. I know that’s not likely the case today. My girlfriend, especially, is distraught. She has poured her life and soul into this thing, and for naught.” Green, like many other precinct chairs, faced problems reporting the results of the caucus to Iowa’s Democratic Party using the app. Due to a coding error, the app, created by a company called Shadow Inc., wasn’t reporting the correct data, according to the Iowa Democratic Party. The error resulted in the Democrats delaying all public reporting of the results of Monday’s caucuses, and has sown chaos and confusion in a hotly contested and deeply important primary.

New Jersey: ExpressVote XL Will Make Debut in Middlesex Count on March 10 | Charlie Kratovil/New Brunswick Today

On March 10, the citizens of Edison and Woodbridge will be casting ballots on new electronic voting machines for the first time in over two decades. While some of the Middlesex County’s new “ExpressVote XL” machines have already arrived at the Board of Elections warehouse in Edison, the bulk of the $7.6 million equipment purchase is set to arrive in the coming weeks. The former voting machines have been stripped down and will soon be on their way to a local landfill, according to elections officials. The county’s Board of Chosen Freeholders approved the purchase in February 2019, but it’s taken a long time for the transition to finally move ahead, under the leadership of new Elections Administrator Thomas Lynch. The 720 new machines include “touchscreens” and produce a paper record for every vote. That’s more than enough for each of the county’s voting districts to have its own machine in use on the same day. The county also purchased 720 “electronic poll books” and two “high speed image scanners” from the same vendor that is providing the machines: Nebraska-based Election Systems & Software (ES&S).

Ohio: 8 counties fall short on elections cyber security check up | Laura A. Bischoff/Dayton Daily News

Eight Ohio counties failed to fully comply with a directive ordering local elections officials to tighten and check their cyber security protections, according to Ohio Secretary of State Frank LaRose. LaRose said on Wednesday that he expects seven of the eight to be in full compliance within a week but he is placing Van Wert County Board of Elections under state administrative oversight because county officials there failed to take the directive as seriously as they should.LaRose said all 88 Ohio counties are 100 percent compliant with orders to conduct physical security checks, personnel background checks, transition to .gov email and website domains and training for staff. The compliance rate for required cyber attack detection and network defense steps is 99 percent, he said. “Ohio is the best prepared state of any state in the nation. That was my goal from the beginning. That’s what we expect as buckeyes, that’s what we expect as Ohioans. We know that the eyes of the world are on us each time we conduct a presidential election in Ohio. When the world is watching, Ohio will be ready,” LaRose said.

Pennsylvania: Get ready for ePollbooks: Northampton County Council bucks recommendation | Kurt Bresswein/Lehigh Valley Live

Going against the Northampton County Election Commission, county council on Thursday night voted to allocate $311,140 needed to purchase electronic pollbooks in time for the April 28 primary election. The ePollbooks have been a contentious topic, following problems with the county’s new touchscreen paper-ballot voting machines that marred their debut last November. The election commission a week ago voted to recommend council not approve the purchase of another new piece of technology for the polls. Election officials were left with little alternative, according to county Executive Lamont McClure. Pollbooks are needed to ensure people are properly registered to vote at their precinct. But under Act 77, the overhaul of state election law adopted last October, complete pollbooks can’t be printed in time for the election and the paper version would slow the tally of election results — possibly for weeks, officials said. “We have to give this county the tools to have a functioning election,” Councilman William McGee said. “They need the tools, whatever the tools are, to have a functioning election. Bottom line.” Thursday’s meeting occurred against a backdrop of chaos in Iowa with tallying caucus results in the nation’s first contest of the 2020 presidential election.

Ukraine: Zelensky hopes to hold online voting through smartphone at elections in Ukraine | InterFax

President of Ukraine Volodymyr Zelensky has set a goal to bring all relations between a citizen and the government to a digital dimension, in particular to hold online voting during presidential, parliamentary and local elections. “In general, our goal is to make sure that all relations with the state can be carried out with the help of a regular smartphone and the Internet. In particular, voting. This is our dream and we will make it real at presidential, parliamentary or local elections. It is a challenge. Ambitious yet achievable,” he said during the presentation of the Diia mobile application in Kyiv on Thursday. Zelensky also said that The State in a Smartphone project changes the attitude of the government to a citizen and saves citizens’ time, money and nervous system.

International: US could learn how to improve election protection from other nations | Scott Shackelford/The Conversation

Hacking into voting machines remains far too easy. It is too soon to say for sure what role cybersecurity played in the 2020 Iowa caucuses, but the problems, which are still unfolding and being investigated, show how easily systemic failures can lead to delays and undermine trust in democratic processes. That’s particularly true when new technology – in this case, a reporting app – is introduced, even if there’s no targeted attack on the system. The vulnerabilities are not just theoretical. They have been exploited around the world, such as in South Africa, Ukraine, Bulgaria and the Philippines. Successful attacks don’t need the resources and expertise of national governments – even kids have managed it. Congress and election officials around the U.S. are struggling to figure out what to do to protect the integrity of Americans’ votes in 2020 and beyond. The Iowa caucuses are run by political parties, not state officials, but many of the concepts and processes are comparable. A look at similar problems – and some attempts at solutions – around the world offers some ideas that U.S. officials could use to ensure everyone’s vote is recorded and counted accurately, and that any necessary audits and recounts will confirm that election results are correct.

Editorials: The internet and elections don’t mix. So why do we keep trying? | Jack Morse/Mashable

When it comes to conducting secure elections, keeping things old-fashioned is often the best bet. This simple reality can be broken down into two digestible nuggets of security wisdom: The internet and voting don’t mix. And auditable paper trails beat fancy digital recording devices every time. Security experts beat us over the head with these admonitions time and time again. And yet, as yesterday’s Iowa caucus screwup shows, we still have a lot of listening left to do. The Iowa caucuses — trending on Twitter at the time of this writing as the “#IowaCaucusDisaster” — represent a spectacular failure in modern day election reporting. According to numerous reports, a shoddily tested app was employed to relay caucus results to party officials. That app failed to properly function, throwing presidential candidates’ campaigns — and the country — into a brief fit.  Importantly, we should be clear that Iowa caucus-goers did not vote using the app. Rather, the caucus results — which were recorded on paper cards like the one shown above — were, after being tallied, reported to Democratic party officials via the app. Or, at least they were supposed to be. It was in this reporting phase that things took a turn for the terrible, with reports that the app had malfunctioned and perhaps tabulated results incorrectly.

National: Caucus Meltdown Tied to Democrats’ Little-Tested Mobile App | Michaela Ross, Kartikay Mehrotra and Chris Strohm/Bloomberg

The breakdown in reporting results from Iowa’s Democratic caucuses appears tied to failures in a mobile application that wasn’t ready for the load of a statewide election and which the head of the Homeland Security Department said wasn’t subjected to a cybersecurity test by his agency. “This is more of a stress or load issue as well as a reporting issue that we’re seeing in Iowa,” acting Department of Homeland Security Secretary Chad Wolf said in a Fox News interview Tuesday. Wolf said there’s little evidence of hacking of the app, which precinct officials struggled to use on Monday night. He said that his department’s cyber division had offered to test the software for vulnerabilities but was declined.… But the failure spotlights the need for hard-copy backups across election systems, as a handful of states are still using voting machines that don’t produce a paper receipt, according to Marian Schneider, president of the voting advocacy group Verified Voting and former deputy secretary for elections of Pennsylvania. “It’s clear that mobile apps are not ready for prime time, but thankfully Iowa has paper records of their vote totals and will be able to release the results from those records,” Schneider said.

National: Iowa’s Lesson: Political Parties Are Not as Good as Government Officials at Counting Votes | Jessica Huseman, Jack Gillum and Derek Willis/ProPublica

Here’s the takeaway from the Iowa fiasco: Beware of caucuses run by political parties. But don’t panic about the integrity of most primaries and the general election, which are run by state and county election administrators. As Tuesday morning wore on without results from Iowa’s Democratic caucuses, the long-awaited first test of the strength of President Donald Trump’s would-be challengers, both public officials and enraged commentators stoked fears that Iowa was a harbinger of chaos for the rest of the 2020 campaign. Some said it raises alarms about the broader condition of election security and the reliability of computer systems that record, tally and publish the votes. Trump campaign manager Brad Parscale even suggested on Twitter Monday, without evidence, that the process was “rigged.” But there’s a marked difference between the Iowa caucuses and the upcoming primaries in New Hampshire and South Carolina, as well as the 14 state primaries on Super Tuesday. The Iowa Democratic Party ran the caucuses, much as its counterparts in Nevada, Wyoming and several territories will do in the next few months. Party officials have less training and experience in administering the vote than do state and local election administrators who oversee most of the primaries.

National: After Iowa Democrats’ caucus app mess, election officials distance themselves | Benjamin Freed/StateScoop

The meltdown Monday night of a new app that the Iowa Democratic Party intended to use to tally the results of its presidential nominating caucuses has famously mucked up the beginning of the race to determine the Democrats’ presidential nominee. But as the candidates wait for the first batch of results to finally be released Tuesday afternoon, election officials around the country are taking pains to distance a political party’s technological bungling from the work that they do on behalf of state and local governments. Iowa Democrats headed into their first-in-the-nation caucuses saying the app — designed by a software firm called Shadow Inc. — would help on-the-ground volunteers report results and the complicated math that determines how many delegates each candidate won. But after not releasing caucus results as expected, the party late Monday night said there were “inconsistencies” in how precinct-level results were reported. And since then, several county party leaders have said that they never received any training on the app from either the state party or Shadow. While caucus-goers’ preferences were recorded on paper, which the Iowa Democrats said Tuesday is being used to verify the data collected by the app, election officials have said this episode may throw a wrench in the public perception of their jobs. “We have a term we call the ‘cicada voter’,” Dave Bjerke, the elections director in Falls Church, Virginia, told StateScoop, referring to the ground-dwelling insects that only emerge once every several years. “The cicada voter is only going to vote in presidential elections. There’s always elections going on, but the presidential is the Super Bowl of our process.”

National: Why 2020 could be a year of election malfunctions | Steven Overly and Eric Geller/Politico

Monday’s caucus app meltdown is just a taste of what may await the rest of America. Iowa wasn’t alone in adopting new technology to run elections in 2020, and the odds are it may not be the last state to suffer the consequences. Counties with tens of millions of people have rolled out new voting machines in recent years to replace hack-prone paperless devices. But new technologies inevitably bring their own hiccups, some more damaging than others. And as the debacle surrounding the Iowa Democrats’ vote-reporting app showed, any confusion can feed divisions and conspiracy theories, fueled by social media, that undermine Americans’ faith in democracy. Marian Schneider, the president of the advocacy group Verified Voting, said technology will always carry some risk, particularly when it’s connected to the internet — noting that even large companies with deep pockets get hacked. She said the problems in Iowa reinforce her organization’s argument that voting and reporting should not be done via mobile app. Another lesson: At least the Iowa caucuses had paper records to back up all of the electronic information. And so should other elections, she said. “So, the takeaway is that having a low-tech backup is really important whenever you’re deploying technology in elections,” she said.

National: Iowa Caucus chaos likely to set back mobile voting | Lucas Mearian/Computerworld

A coding flaw and lack of sufficient testing of an application to record votes in Monday’s Iowa Democratic Presidential Caucus will likely hurt the advancement and uptake of online voting. While there have been hundreds of tests of mobile and online voting platforms in recent years – mostly in small municipal or corporate shareholder and university student elections – online voting technology has yet to be tested for widespread use by the general public in a national election. “This is one of the cases where we narrowly dodged a bullet,” said Jeremy Epstein, vice chair of the Association for Computing Machinery’s US Technology Policy Committee (USTPC). “The Iowa Democratic Party had planned to allow voters to vote in the caucus using their phones; if this sort of meltdown had happened with actual votes, it would have been an actual disaster. In this case, it’s just delayed results and egg on the face of the people who built and purchased the technology.” The vote tallying app used Monday in the Iowa Caucus was created by a small Washington-based vendor called Shadow Inc.; the app was funded in part by a nonprofit progressive digital strategy firm named Acronym. Today, Acronyn strived to make it clear through a tweet it did not supply the technology for the Iowa Caucus, and it is no more than an investor.

National: DHS creates ‘tabletop in a box’ for local election security drills | Benjamin Freed/StateScoop

For the past few years, the Department of Homeland Security has convened exercises for state election officials to test how they’d respond to a cyberattack against voting systems. At a National Association of Secretaries of State meeting in Washington last weekend, a DHS official introduced a new product that could make it easier for local officials to run those exercises. The tabletop exercises, as the events are known, are designed to give secretaries of state, election directors, IT leaders and other officials a war game-like environment simulating the threats posed by foreign governments and other adversaries that might try to disrupt a real election. And while the exercises have included representatives of some local governments, one of the biggest challenges statewide election officials say they have is making sure new cybersecurity tools and procedures trickle down to even the smallest, most resource-strapped jurisdictions involved in the democratic process. The Cybersecurity and Infrastructure Security Agency on Friday published its “Elections Cyber Tabletop Exercise Package,” a 58-page guide for state and local officials to hold their own drills simulating ransomware, data breaches, disinformation campaigns and attempts to corrupt voting equipment. Matt Masterson, a senior adviser at CISA, described the document as a “tabletop in a box.”

National: Majority of Election Websites in Battleground States Failing in Cybersecurity | Security Magazine

A large majority of election-related websites operated by local governments in battleground states lack a key feature that would help them be more cybersecure — a site that ends in .gov as opposed to .com or other extensions. Research by McAfee found that as many as 83.3 percent of county websites lacked .GOV validation across these states, and 88.9 percent and 90 percent of websites lacked such certification in Iowa and New Hampshire respectively. Such shortcomings could make it possible for malicious actors to establish false government websites and use them to spread false election information that could influence voter behavior and even impact final election results. “Without a governing body validating whether websites truly belong to the government entities they claim, it’s possible to spoof legitimate government sites with fraudulent ones,” said Steve Grobman, McAfee Senior Vice President and Chief Technology Officer. “An adversary can use fake election websites for misinformation and voter suppression by targeting specific voters in swing states with misleading information on candidates, or inaccurate information on the voting process such as poll location and times. In this way, this malicious actor could impact election results without ever physically or digitally interacting with voting machines or systems.”

Editorials: Donald Trump’s jokes about defying election results could create chaos | Rick Hasen and Dahlia Lithwick/Slate

As President Donald Trump plans a triumphant State of the Union address anticipating his likely acquittal by the Senate, the White House is reportedly awash in a sense of invincibility. Trump’s certainty that he simply cannot lose could have a real impact on this year’s election. Since assuming office in January 2017, Trump has made at least 27 references to staying in office beyond the constitutional limit of two terms. He often follows up with a remark indicating he is “joking,” “kidding,” or saying it to drive the “fake” news media “crazy.” Even if Trump thinks that he’s only “joking,” the comments fit a broader pattern that raises the prospect that Trump may not leave office quietly in the event he’s on the losing end of a very close election. And unfortunately this possibility is only one of a number of potential election meltdowns we may face in November.

Iowa: Caucus debacle shakes public confidence in 2020 security | Joseph Marks/The Washington Post

The biggest security lesson from last night’s Iowa caucuses: It doesn’t take a hack for technology to undermine confidence in an election. The spectacular failure of a mobile app that was supposed to forward caucus results last night — which are still not out, as of this morning — is a striking example of how faulty technology can spark questions about election results and create an opening for misinformation and conspiracy theories. “These kinds of technical issues and operational delays play right into the game plan of malicious actors,” Maurice Turner, an election security expert at the Center for Democracy and Technology, told me. “[They] can leverage these small facts and turn them into viral misinformation messages speculating about hacking or corruption being behind the irregularities.”  The Democratic Party have surged its focus on cybersecurity to combat foreign interference by Russia or other actors that U.S. intelligence officials warn may seek a repeat of 2016. While an Iowa Democratic Party spokeswoman insisted the app “did not go down and this is not a hack or an intrusion,” the technical snags largely achieved the effects officials have long sought to avoid. Even candidates questioned whether the results were tainted: Vice President Joe Biden’s campaign complained about “considerable flaws” in the reporting system and demanded an explanation of the app’s quality controls before any results were released publicly.

Iowa: Democrats Should Have Known Better Than To Use An App | Kaleigh Rogers/FiveThirtyEight

More than 14 hours after the Iowa caucuses began, we still don’t have any official results, and it’s becoming clear that an app is at least partly to blame. An app designed to let caucus leaders report results seems to have had problems including user error, lack of connectivity and an insufficient backup plan, demonstrating exactly why it’s so difficult — and risky — to introduce new technology into elections. “Right now, a lot of the election security community is trying to, as nicely as possible, say ‘We told you so,’” said Maggie MacAlpine, a co-founder of Nordic Innovation Labs, a firm of security consultants whose specialties include safeguarding elections. This year, the Iowa Democratic Party, which runs the state’s Democratic caucuses, introduced a smartphone app that local precinct chairs could use to send in tallies from their caucus sites. Immediately, election security experts raised concerns because the party wouldn’t reveal who built the app, what testing had been done, or who they had consulted to make sure it was secure. The party insisted, however, that thorough security measures had been put in place, and besides, precinct chairs could always fall back on the reporting technology they’ve been using for decades: a phone-in hotline. One problem: Multiple precinct chairs reported hours-long wait times, and even getting cut off, when they tried to use that hotline.

Iowa: DHS chief says offer to vet Iowa caucus app was declined | Maggie Miller/The Hill

Acting Homeland Security Secretary Chad Wolf said Tuesday that an offer to vet the app used by the Iowa Democratic Party to tabulate votes during the Iowa caucuses was turned down. “Our Cybersecurity and Infrastructure Security Agency has offered to test that app from a hacking perspective,” Wolf said during an appearance on Fox News’s “Fox & Friends.” Wolf said the offer was “declined” and noted that “we’re seeing a couple of issues with it.” “I would say right now, we don’t see any malicious cyber activity going on,” he added. The Iowa Democratic Party said Tuesday morning that the app used to tabulate votes as part of the first-in-the-nation caucuses, which CNN confirmed was built by the firm Shadow, had a “coding issue in the reporting system” that slowed down the reporting of vote totals.

Nevada: Democrats won’t use app that caused Iowa caucus fiasco | Adam Edelman/NBC

Nevada’s Democratic Party said Tuesday it will not use the trouble-plagued app that has contributed to ongoing delays in the reporting of results in the Iowa Democratic caucuses. Democrats in Nevada had planned to use the app for their caucus on Feb. 22. The same company developed the app for both states. But the state’s Democratic Party said Tuesday that it had previously created backup plans for its reporting systems and was in the process of “evaluating the best path forward.” “NV Dems can confidently say that what happened in the Iowa caucus last night will not happen in Nevada on February 22nd. We will not be employing the same app or vendor used in the Iowa caucus,” Nevada State Democratic Party Chair William McCurdy II said in a statement.

Nevada: Democrats won’t use app at center of Iowa delays | Chris Mills Rodrigo/The Hill

The Nevada Democratic Party on Tuesday announced that it will not use the election results app that has been blamed for the delay in results from the Iowa caucuses. “NV Dems can confidently say that what happened in the Iowa caucus last night will not happen in Nevada on February 22nd. We will not be employing the same app or vendor used in the Iowa caucus,” Nevada State Democratic Party Chairman William McCurdy said in a statement. “We had already developed a series of backups and redundant reporting systems, and are currently evaluating the best path forward.” The announcement comes after the results of the Iowa caucuses, which began on Monday at 8 p.m. EST, have yet to be released amid confusion over the app used to transmit results, triggering uproar from supporters and political pundits. The slow rollout has lead many to question Iowa’s first-in-the-nation status. Price told campaigns early Tuesday afternoon that presidential campaigns should expect that a “majority” of the caucus results will be released at 5 p.m. EST, a source on the call told The Hill.

New York: State senator calls for public hearing on ExpressVote XL voting machines | Cayla Harris/Times Union

As the state Board of Elections continues its certification process to adopt controversial touch-screen voting machines, the head of the Senate elections committee is urging the board’s commissioners to hit pause while lawmakers gather feedback about the new technology. The board is currently testing the “ExpressVote XL” voting system, designed by the Nebraska-based company Election Systems & Software, as part of a growing nationwide interest in ballot-marking devices — hybrid machines that allow voters to cast their ballots using a touch screen. The system spits out a paper record of the votes as a secondary measure to ensure an accurate count – but advocates have questioned the precision of the machines and whether they are vulnerable to hackers. In addition, the machines were at the center of a botched November election in Northampton County, Pennsylvania, where a judiciary race was undercounted by thousands of ballots. “Everything is always good until it’s not,” said state Sen. Zellnor Myrie, D-Brooklyn, who chairs the Senate Committee on Elections. “Everything is shiny and cutting-edge until it’s not.”

Ohio: State to ramp up election security with new federal funds | Maggie Miller/The Hill

Ohio is moving to implement a string of election security measures with new funding from Washington as the state races against the clock to guard against foreign hacking and disinformation campaigns. Ohio Secretary of State Frank LaRose (R), speaking on the sidelines of last week’s National Association of Secretaries of State (NASS) meeting in Washington, said there has been a seismic shift at the state level following the 2016 Russian election interference.  “From what I’ve observed, there is definitely a pre-2016, post-2016 mentality,” said LaRose, who characterized the coordination between the federal government, states and county officials as improving “exponentially.” Congress appropriated $380 million in 2018 to help states boost their election security. That was followed by an additional $425 million in December.  “I don’t think you’re ever going to hear a secretary of State or any state official say, ‘Turn off the tap, we’ve got enough federal funding,’” LaRose said. “I’m a fiscal conservative and I believe that we should be smart with our taxpayers’ dollars, but the demand is huge.”