There was a time when we didn’t think twice about the security of our election systems. We trusted that when we cast our votes, they would be accurately counted. That has changed. During the 2016 election, a powerful threat appeared from outside our own borders – the shadow of other governments hacking and attempting to unduly influence our election systems. If we care about voting and election security, and if we still believe that every voter and every vote counts, then there is a big existential question that we must be willing to address: Is cybersecurity fundamental to the health, if not the very existence, of a democracy today? I say absolutely yes. The issue is not significantly different from the challenges that businesses face as they try to protect their data and digital assets. It’s the ramifications that are so much bigger.Full Article: Council Post: Restoring Trust And Security In U.S. Elections.
Opinion pieces and editorials on voting issues.
We’re one year from the 2020 presidential election. And I hope that the folks who run newsrooms at the broadcast and cable news networks, as well as at any other major media outlets, are arriving at a plan to deal with one of the trickiest parts of Election Day coverage: The slow vote count in western states. We know it’s going to happen. In several states where voting by mail is either the only or a major form of casting ballots, and where those ballots take time to collect, the Election Day counts are — not can be, but are — highly misleading. We know that millions of votes will be counted after election night. And we know that those votes will tilt toward Democrats. Therefore, we know that the count on election night will be better for Republicans than the eventual total count. One of the states involved, Arizona, is likely to be an important swing state in 2020, so it’s possible that election night will end with Arizona seemingly giving Republicans the presidency, only to flip to the Democrats a few days later. After all, in the 2018 Arizona Senate contest, Republican Martha McSally led after Election Day, but Democrat Kyrsten Sinema won when all the ballots were counted and it wasn’t all that close; Sinema prevailed by 2.4 percentage points, or 55,900 votes. The late-count tilt to Democrats isn’t just found in the vote-by-mail states. One study after 2012 found that it had become a national phenomenon, with Democrats typically gaining ground after the initially reported election-night totals. In most states, however, it’s a relatively small effect, and not entirely consistent (that is, even though Democrats usually gain a bit, sometimes Republicans do). But in a few states, the effect is predictable and large enough that ignoring it really misses the story. After election night in 2016, Hillary Clinton’s advantage in the nationwide popular vote was just over 100,000; she eventually won by 2.9 million votes. Those are very different stories, and reporting correctly requires picking the right one while everyone is still watching.Full Article: An Inconclusive 2020 Election Night Is Already Looming.
Editorials: Cities like Philadelphia are sitting ducks for cyber attacks | David Morris/The Philadelphia Inquirer
According to a new report, during President Donald Trump’s inauguration, Romanian hackers used ransomware to seize control of two-thirds of the Beltway’s police security cameras – a stunning feat only slightly diminished by the fact that they went on to order pizza from an email account linked to the attack, then used hijacked police computers to run an easily traceable Amazon scam. That combination – a successful, high-profile ransomware attack executed by thumb-fingered amateurs – shows the challenges now faced by local governments. It no longer takes a genius to hack municipal computer systems: Anyone can log onto the dark web and buy email lists and the malware needed to lock police officers, hospital workers, and government officials out of their computers. One ransomware program dubbed “Philadelphia,” available online for just $400, is specifically designed to help inexperienced hackers take victims’ data hostage. Such attacks are devastating. Without the hackers’ digital key, it’s impossible to unlock hacked files, leaving cities unable to access not just cameras, but 911 systems, hospital records, communication tools, and even water and power systems. That’s why cities make enticing targets: You can’t put public services on hold, so hackers can charge a premium when extorting government entities. Hacked companies pay an average of $36,295 to retrieve their data, but public entities pay an average of $338,700, or almost 10 times as much, according to a Coveware study.Full Article: Cities like Philadelphia are sitting ducks for cyber attacks | Opinion.
Editorials: Northampton County voting system flunks a crucial first test | Rudy Miller/Lehigh Valley Live
What now? In the run-up to the most consequential election in modern American history — as counties throughout the U.S. are arming themselves with tamper-proof voting machines — Northampton County proved last week that you don’t need Russian interference to bungle an election, seriously damaging public confidence in the process. No, you can do it all by yourself. In Tuesday’s balloting, Northampton County’s all-new machines were plagued by hypersensitive push-buttons that confused voters, sometimes requiring them to go back and re-hit buttons to correct the machines. But that was just the beginning of the troubles. Incredibly, some of the electronic machines couldn’t handle registering simple “yes-no” voting on judge retentions, and displayed severe undercounts in contests with cross-filed candidates. Most incredibly, one judge candidate, Abe Kassis, ended up with zero votes at the end of the day. Some voters were confused by the paper readout they are asked to inspect before they leave the booth (voters don’t actually get a printout in hand), to make sure the electronic machine got it right. Long story short: Northampton County’s new ExpressVote XL machines failed their first crucial test in Tuesday’s election. The county paid $2.8 million for the voter-verifiable paper trail system, an upgrade required by state law.Full Article: Northampton County’s voting system flunks a crucial first test | Editorial - lehighvalleylive.com.
Editorials: Empower the FEC to Fight Election Crime – A depleted commission faces threats from Russia and beyond | Bloomberg
Igor Fruman and Lev Parnas, two Soviet-born associates of Rudolph Giuliani, are charged with funneling $325,000 in foreign money into a super-PAC supporting President Donald Trump’s 2020 reelection campaign. Their indictment should serve as a warning about the threat of foreign manipulation of U.S. elections. It also proves the need for a functioning Federal Election Commission. After a resignation in August, the six-seat commission is down to only three members. The commission needs four for a quorum, and requires a quorum to authorize investigations by its office of general counsel. So FEC lawyers can work on cases previously authorized, but they can’t investigate new ones until the president nominates, and the Senate confirms, at least one new commissioner. Trump has nominated Texas lawyer James “Trey” Trainor III — but Senate Majority Leader Mitch McConnell, who has fast-tracked dozens of federal court nominees, has dragged his feet on this one, failing to schedule a hearing or a vote. McConnell’s antipathy to campaign regulation appears to be trumping his duty to voters.Full Article: Federal Election Commission Needs Members to Stop 2020 Vote Crime - Bloomberg.
Will the Kentucky Legislature assist Matt Bevin in stealing the governor’s race from Democrat Andy Beshear, who appeared to have won Tuesday’s election by about 5,000 votes? Ordinarily, I would consider the possibility preposterous. We do not live in ordinary times, though, and on Wednesday Kentucky Senate President Robert Stivers raised the prospect that his institution, not the voters, could determine the outcome of the race. If Stivers and Republican Kentucky legislators were to make such a hardball move without good evidence that there were major problems with the vote count, the election would likely end up in federal court, where it is anyone’s guess what would happen. Either way, that we’re even discussing this potentiality one year before Donald Trump—who has repeatedly challenged the vote totals in his 2016 election victory—is set to face reelection is a wrenching sign for our already-damaged democracy.Full Article: Could Matt Bevin steal the Kentucky governor’s election?.
Election security is a complex challenge. One essential step, however, is so simple it can be carried out with a pen and paper. Pennsylvania officials have announced that Philadelphia and Mercer County will conduct a post-election pilot next month of what’s called a risk-limiting audit. The procedure is new to most of the country, but 12 states are experimenting with it — because it’s that much of a no-brainer. Currently, 17 states are not required by law to verify the accuracy of their vote tallies at all. Those that are mostly do so the “traditional” way, which in this case means the wrong way. The process auditors typically use — manually recounting votes in a predetermined percentage of precincts — tells officials whether a particular machine or group of machines is working, but it doesn’t actually answer the essential question: Did the declared winner actually win? Risk-limiting audits instead do what any mathematician . They hand-count a statistically meaningful sample of all votes to determine whether the original tally was correct. The required sample increases as the margin of victory narrows. It’s easy, and it’s time-consuming only in the tightest elections, or when something actually has been tampered with. Of course, that’s when it’s most worth investing the time. So why isn’t everyone doing it?Full Article: Election security that Mitch McConnell should get behind - The Washington Post.
Editorials: Democrats Must Act Now to Deter Foreign Interference in the 2020 Election | Thomas Wright/The Atlantic
Democrats face a national-security problem without parallel in the annals of American democracy. The president of the United States, Donald Trump, has made clear not only that he will remain passive in the face of foreign interference in the 2020 U.S. election—a threat his current and former directors of national intelligence have called the most serious facing the country—but also that he will actually solicit such interference if it serves his interests. We know of at least one case—when he asked President Volodymyr Zelensky of Ukraine to launch an investigation into former Vice President Joe Biden as a personal favor—but there may well be others. Parts of the U.S. government, such as the Department of Homeland Security and the FBI, as well as state authorities, are working to prevent foreign interference in American elections, but even with a Herculean effort, the country’s defenses against political warfare, especially in the cyber domain, are weak and porous. Such attacks are easy to execute, but difficult and expensive to thwart. The threat is evolving and will be different than it was in 2016. There are many targets.Full Article: Democrats Can Stop Political Interference in 2020 - The Atlantic.
Editorials: Voting machines pose a greater threat to our elections than foreign agents | Lulu Friesdat/The Hill
As the election security conversation widens beyond Russia, to include countries like Iran and China, it’s important to examine how security flaws in our country’s voting equipment increase the vulnerability of our elections. In 2010 a university cyber team conducted a test attack on an internet voting pilot project in Washington, D.C. The team successfully picked the winner of the election remotely from its Michigan lab. Writing about the attack, computer science professor J. Alex Halderman said, “Within 36 hours of the system going live, our team had … the ability to change votes.” In follow-up testimony, Halderman offered some chilling details: “While we were in control of these systems, we observed other attack attempts originating from computers in Iran and China. These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded.” Security experts have long warned that short passwords provide easy targets, but hackers at DEF CON, an annual security convention, recently found U.S. election systems with no passwords at all. How did the security bar get set so low?Full Article: Voting machines pose a greater threat to our elections than foreign agents | TheHill.
Following the 2016 elections, investigators found evidence that Russian hackers successfully infiltrated the computerized voting systems of several states. Hackers also stole data from campaigns and weaponized social media polarizing the electorate against and for certain candidates. All of this undermines the trust we all place in the United States’ election system. There is nothing more powerful in a democratic country than a legitimate election. Unchecked, these actions and future similar future actions against our elections are a significant danger to our democracy. It’s clear we’ll be facing similar threats in the 2020 election cycle. Elections have become a new target in asymmetrical cyber warfare, allowing smaller groups to launch targeted attacks that have an outsized impact. To ensure our democracy is resilient in the face of these bad actors and nation-states, Congress must take action to adequately fund our election system’s cyber defenses and implement programs that bring about greater digital resilience in our government systems and in candidate’s campaigns. More importantly, something so fundamental to the country – trust in our elections – must be pursued with vigor on a bipartisan basis and in a manner that makes our systems more resilient.Full Article: Opinion: Cyber attacks threaten security of 2020 election.
Editorials: Election security isn’t that hard – We can have safe elections if we follow these three steps. | Kevin Shelley and Wayne Williams/Politico
Intelligence experts warn that hostile nation-states, criminals and political partisans are preparing attacks on our election systems in 2020. We’ve set ourselves up for this: In the course of modernizing our voting systems, our country has introduced computers into many layers of our election process, including the recording and tallying of our votes. In fact, 99 percent of votes cast in 2020 will be counted either by the computerized voting machines on which the voters cast their ballots or – in the case of voter-marked paper ballots – by scanners, which also are computers. As former secretaries of state from both parties, we know that it’s possible to devise tangible solutions needed to validate our elections. In fact, we can tell you how to do it. That’s not to say that it’s easy, particularly given the decentralized nature of our election administration system. Most states administer elections locally and only a few states have uniform equipment in each locality. For many years, election administration has been woefully underfunded, leading to wide variability in capacity and resources. But, as long as the equipment incorporates a voter-marked paper ballot, officials can adjust existing processes to instill confidence in elections, regardless of the equipment in place.Full Article: Election security isn't that hard.
Editorials: We need our elections protected. A weakened FEC only invites attack. | The Washington Post
IF THE Securities and Exchange Commission stopped acting, the nation would feel vulnerable to securities fraud. If the Federal Trade Commission were paralyzed, or the Federal Communications Commission, there would be a crisis of confidence in fields they regulate. Why, then, are the nation’s political leaders so complacent about the Federal Election Commission, the independent regulatory agency charged with being the watchdog over the political process and protecting the integrity of U.S. democracy? As of this month, the six-member commission is down to three commissioners, although it needs four for a quorum. Without a quorum, the FEC cannot hold hearings, make rules, initiate litigation, issue advisory opinions, launch investigations or approve enforcement actions and audits, among other things. The FEC chairwoman, Ellen L. Weintraub, has put on a brave face, noting that the commission’s “most important duties will continue unimpeded,” such as shining a spotlight on campaign finance and performing the staff work when it receives complaints. She insists that the “United States’ election cop is still on the 2020 campaign beat” and that she will “remain vigilant to all threats to the integrity of our elections.”Full Article: We need our elections protected. A weakened FEC only invites attack. - The Washington Post.
Editorials: A bipartisan idea to secure elections: paper backup of electronic votes | Dallas Morning News
Our elections must be secure. And just as important as the integrity of our ballot boxes is voter trust in that integrity. In an age of political division, this is something we agree on across political lines here in Texas. We know that’s true because the Texas Lyceum’s annual poll, just released, showed that 84% of respondents said it is important to ensure ineligible voters are prevented from voting, and 92% said it’s important to ensure that all eligible voters are permitted to vote. We would like to see both of those numbers at 100%, but this is an imperfect world, and we accept these powerful majorities as a statement that Texans understand the importance of the ballot box. A troubling element did emerge from the poll. Just 62% of respondents say they are confident that the voting system in Texas is secure from hacking and other technological threats. Here again, Texans get it right. Few of us are naive enough now to think that electronic ballots are not vulnerable.Full Article: Electronic voting isn't enough. We need a paper trail.
Editorials: Why is the Russian medding in 2016 such a big secret? I’m not allowed to say. | Stephanie Murphy/The Washington Post
In May, other members of Florida’s congressional delegation and I were briefed for 90 minutes in the U.S. Capitol by officials from the FBI and the Department of Homeland Security regarding Russia’s interference in the 2016 election. I sought the briefing after then-special counsel Robert S. Mueller III’s report showed Russia had probed and even pierced election networks in Florida, among the most closely contested states in U.S. politics. Although our briefers supplied new details, much remained unknown. What I do know, I can’t talk about. Why that’s the case is itself a mystery. The Mueller report noted that Moscow’s meddling involved three lines of effort, and Florida was a target of each. First, a Russian entity conducted a social media campaign to sow discord and help then-candidate Donald Trump, including by organizing pro-Trump rallies in Florida. Second, a Russian intelligence agency — the GRU — hacked computer accounts connected to Hillary Clinton’s campaign. As part of this effort, it published Florida-related data stolen from House Democrats’ campaign arm. Finally, Mueller reported, the GRU sought to infiltrate computer networks involved in the administration of elections, which could enable Russia to alter voter registration databases or perhaps vote tabulation systems. That would be tantamount to an act of war, with malware rather than missiles as the weapon of choice. While Russian cyber actors cast a wide net, Florida’s county-based election supervisors were a focal point.Full Article: Stephanie Murphy: Why is the Russian medding in 2016 such a big secret? I’m not allowed to say. - The Washington Post.
Editorials: Paper ballots are essential to securing our elections and our democracy | Lee C. Bollinger and Michael A. McRobbie/The Hill
Public confidence in the integrity and security of our elections is essential for democracy to be a trusted means of governing, and that very confidence is now under unprecedented attack by foreign adversaries. A newly released report from the Senate Select Committee on Intelligence, as well as recent congressional testimony by Special Counsel Robert Mueller, indicated that in 2016 Russia attempted intrusions into the election infrastructure of all 50 states. In one of the most dramatic moments of his testimony, Mueller said that Russia is at it again “as we sit here.” With just 15 months until the next round of major state and federal elections, and as Congress continues to debate the sources of and steps to combat the cyberattacks, it is sobering to consider the effect that a deep erosion of public confidence in the election process could have. It would be devastating to Americans’ faith in our democracy and the legitimacy of our elected government. For these reasons, state and federal leaders must act with urgency to secure our elections. As co-chairs of the committee convened in 2016 by the National Academies of Sciences, Engineering and Medicine to address voting security, we concluded that the nation should immediately take three actions to strengthen the safeguards for election systems against the mounting cyberthreats.Full Article: Paper ballots are essential to securing our elections and our democracy | TheHill.
Editorials: Federal Election Commission is now out of commission — that’s downright scary | Kim Wehle/The Hill
Republican Matthew S. Petersen announced his resignation from the Federal Election Commission (FEC) this week. Ho hum news this is not. What it means is that the government agency charged with overseeing compliance with the federal campaign finance laws has been gutted. It now lacks the ability to meaningfully function in the run-up to the 2020 presidential election. There are two primary takeaways here. The first is that this is not unwelcome news for conservatives — such as Senate Majority Leader Mitch McConnell (R-Ky.) — who believe that government oversight of federal campaigns is bad in general. McConnell led the years-long charge to kill the Bipartisan Campaign Reform Act of 2002 (BCRA), a feat that was largely accomplished by the Supreme Court with its 2009 decision in Citizens United v. Federal Election Commission. That case overruled on First Amendment grounds the statutory bans on soft or “issue-ad” money spent by corporations and unions close to presidential primaries and general elections. With the FEC now out of commission, there is no longer a cop on the block to enforce the remaining rules-of-the-game aimed at enhancing fair and free elections in the United States. If no cop is around to pull over speed-demon drivers, the speed limits become meaningless. Translation? It’s the Wild West in federal-campaign-land, and individual voters are the ones who will suffer for it. The second takeaway is that, once again, Congress is to blame for this travesty.Full Article: Federal Election Commission is now out of commission — that's downright scary | TheHill.
A lot of people are excited about recent research suggesting that mobile voting would mean more voters casting ballots. No doubt the premise is correct. If you lower the cost of an activity, you get more of it. Still, there are reasons to be skeptical. In the third place, the security risks are obvious. In the second place, as regular readers know, I’ve long questioned whether higher turnout leads to better results. But in the first place, even if mobile voting resulted in a greater number of votes cast, we shouldn’t refer to the result as higher “turnout.” Whatever we might call it, that’s the wrong word. The notion of voter turnout has long conjured images of crowded polling places, neighbors chatting as long lines shuffle forward. Not all traditions are valuable, but here a bit of etymology teaches an important lesson about democracy.Full Article: Mobile Phone Voting Is Convenient But Wouldn't Increase 'Turnout' - Bloomberg.
On Sept. 8, Russians will vote in municipal and regional elections, and the authorities are afraid. Not of any foreign power’s interference in Russia’s elections — there have been no fair elections in decades — but of Russia’s own people and opposition candidates, who are far more popular than the official nominees. Moscow’s old bag of electoral tricks survives — for example, moving elections from December to early September so that summer vacations would leave challengers little time to organize. The authorities have resorted to new tricks too, like clogging the electoral system with fake candidates and putting party loyalists on the ballot as independent candidates. This year’s election will also see a new mobile digital voting system that allows people to vote online from any location. Critics say it is yet another trick to help the authorities. Leaving nothing to chance, Moscow’s electoral commission found bogus reasons to disqualify all unapproved candidates from running in the elections. And to intimidate those would-be candidates, their homes were raided and many of them were detained, brought to Police Headquarters and interrogated in the middle of the night. Yet none of that worked: Thousands of people took to the streets, beginning on July 28, to protest the election committee’s decisions. In response, the authorities deployed an overwhelming force of local and federal police who detained most opposition leaders and nearly 1,400 demonstrators.Full Article: Opinion | Putin’s Nightmare: The Ballot Box - The New York Times.
Since almost the moment Donald Trump won the White House in 2016, people have had November 3, 2020 — aka Election Day — circled on their calendars. For Trump haters, that first Tuesday in November next year is the moment when they can put an end to what they believe is a colossal mistake. For Trump backers, Election Day 2020 is their chance to prove that 2016 was no fluke — and that they want another four years of the billionaire businessman in the White House. But what if the vote on November 3, 2020 doesn’t actually settle anything? There’s been polling evidence for some time that Americans are losing faith in the ability of Americans elections to be conducted fair and squarely. In an NPR/Marist University poll conducted just before the 2018 midterm elections, almost half — 47% — of respondents said that they lacked faith that all votes cast would be counted fairly. That number was even higher among non-white voters — of whom almost 6 in 10 said it was likely not all votes would be counted. Two in 5 voters said they did not believe American elections were fair in that same poll. Other more recent data suggests there is no slackening in the doubts about fair elections. And after the events of the last three years, it’s not hard to see why there’s rising doubt among the public about fair elections.Full Article: Why November 4, 2020 could be a very bad day - CNNPolitics.
From the very beginning of his presidency, Donald Trump has denied or downplayed Russian interference in the 2016 campaign. He has, at various times, dismissed the whole idea as a hoax, as fake news, or as an excuse by Democrats for why they lost the election. At other times, he has proclaimed his innocence vis-à-vis Russian campaign interference. From the earliest days of his presidency when he fired FBI Director James Comey in an effort to stop the investigation, he has denigrated and dismissed the entire issue. In its place he has insisted that the real problem in 2016 was not Russian interference but rather illegal voting by immigrants. The president’s beliefs have put him at odds with his own government and his own appointees, creating some awkward moments as the machinery of the federal government comes into conflict with the tweets of the chief executive. In spite of the president’s antipathy towards the effort, the gears of government managed to grind on, even in the White House. On September 12, 2018, President Trump issued Executive Order 13848 titled “Executive Order on Imposing Certain Sanctions in the Event of Foreign Interference in a United States Election.” The order requires a post-election audit by the intelligence community, under the direction of the ODNI (Office of the Director of National Intelligence) and mechanisms to place sanctions—such as confiscation of property—on those who take actions to interfere in U.S. elections.Full Article: Trump’s hostility to election security preparedness.