Maryland legislators learned last week the state’s electronic balloting system may need better security measures to protect voters’ information and that the lawmakers must be the ones to add those protections. The state’s electoral board told lawmakers Sept. 6 that they are powerless to make those changes, and that any security changes must directly come from the legislative body. Last year, the state’s Board of Elections voted 4-1 to certify a new system for online ballots, even though experts in cybersecurity and computer science publicly objected. While nearly all states have a system in place for signature verification, the General Assembly did not vote last year on the topic so there was no verification system in place, leaving Maryland as the only state in the nation without one, according to a report last year by Capital News Service.
… Issues surrounding the process of absentee balloting were the main point of concern throughout the three-hour hearing. The current process for requesting an absentee ballot can be done online only if a voter has a Motor Vehicle Administration ID number, the date of issue, and the last four digits of their Social Security number, according to Director of Voter Registration Mary Cramer Washington.
One flaw was a program error that allowed voters to submit their full Social Security numbers. While there is no evidence that any personal data was stolen, the nine-digit identification numbers for 14 percent of Maryland voters were at risk, according to an analysis, performed by the Office of Legislative Audits from October 2015 to April 2016, which covered information from August 2012 to October 2015.