State

Georgia: Voters begin casting ballots on new Georgia election system | Mark Niesse/The Atlanta Journal-Constitution

The first Georgia voters to test the state’s new voting machines cast their ballots Monday, with some voters in Paulding County praising the addition of a paper ballot and others saying the voting equipment was more cumbersome than what they’re accustomed to using. Election officials rolled out the new voting system in six counties for local elections as in-person early voting began Monday. The $107 million system, which combines touchscreens and computer-printed paper ballots, will be used by all voters statewide on March 24 for the presidential primary. A few minor problems surfaced when polls opened in Paulding, located about 35 miles west of Atlanta.

Full Article: Voters begin casting ballots on new Georgia election system.

Pennsylvania: Rage Against the (Voting) Machines: Pennsylvania’s Ongoing Battle for Secure Ballots | Kira Simon/State of Elections

“Green Party’s Jill Stein threatens legal challenge to Philly’s new, $29M voting machines.” At first glance, this may sound like a headline from the 2016 election. In fact, it’s a headline from October 2, 2019. Readers of this blog likely remember that Stein settled a lawsuit with Pennsylvania stemming from a state recount of the 2016 election. Why this is still in the news? Let’s run through Pennsylvania’s recent history of voting machine troubles. In 2016, Pennsylvania was one of fourteen states to use paperless voting machines as the primary polling place equipment in some counties and towns. During the Democratic primary, some counties encountered unusual voting procedures with their electronic voting machines. Three counties did not include a U.S. Senate candidate because the counties did not have enough time to add his name to the ballot after the state supreme court reversed a lower court decision to keep the candidate off the ballot after his petitions were challenged. The counties were unable to add his name because three weeks before the election it was “impossible” to update the information on the machines. To remedy this, voters in one county completed all primary votes except their U.S. Senate vote on an electronic machine – and submitted their Senate vote by a paper ballot; in another county voters had to separately write in the candidate’s name. While this was an unusual instance involving an essentially unknown candidate, you can imagine a scenario where a voting machine may need to be updated close to an election due to an emergency or court order – and the fact that there is no good way to address that issue is disconcerting.

Full Article: Rage Against the (Voting) Machines: Pennsylvania’s Ongoing Battle for Secure Ballots - State of Elections.

Utah: Mobile voting system used in Utah County subject of attempted 2018 West Virginia breach | Graham Dudley/KSL

The FBI is investigating an attempted intrusion of the Voatz mobile voting system during West Virginia’s 2018 midterm elections, officials announced last week, throwing a spotlight onto an experimental app that Utah County used for the first time in this year’s primary elections. Mike Stuart, U.S. attorney for the Southern District of West Virginia, said in a statement that there was “no intrusion and the integrity of votes and the election system was not compromised.” Stuart also said that the FBI investigation into the attempt is ongoing and that it’s still not determined whether any federal laws were violated. Voatz is a new technology allowing overseas voters, like missionaries and U.S. military personnel, an alternative to email or traditional mail-in voting, which have long sparked concerns over security and anonymity risks. It’s an app that uses blockchain technology, a sort of public digital ledger, to encrypt and secure votes.

Full Article: Mobile voting system used in Utah County subject of attempted 2018 West Virginia breach | KSL.com.

Utah: New threats, new solutions: How Utah’s counties secure elections | Graham Dudley/KSL

Rozan Mitchell would like to clear up one thing: Yes, her office really does look at every signature on returned mail-in ballots and compare them against the signatures on voter registration forms. “People say, ‘Well, you only do a sampling.’ Nope,” Mitchell said, sitting in the Provo headquarters of the Utah County elections office in early September. She is the county’s elections director and, as she’s making clear, she takes that responsibility seriously. “We check the signature on every single one of those ballots that comes through here.” That’s how the county discovers instances where, say, a parent has voted for a missionary serving abroad, or a spouse has voted for someone away on business. “I think people don’t realize the great lengths we go to to do things like that,” Mitchell said. Supervising elections, a function of county clerks and their staff, is a process very much driven by local entities: states, counties and municipalities. The federal government has laws mandating equal access to the ballot box, but it’s up to local governments to decide how to achieve that goal.

Full Article: New threats, new solutions: How Utah's counties secure elections | KSL.com.

Washington: How Washington is fighting back against attempts to hack ballots | Nick Bowman/KIRO

A week ago, Washington Secretary of State Kim Wyman told KIRO Radio that the state’s election system routinely faces faces tens of thousands of hacking attempts daily. But how exactly is Washington’s system designed to fight those attacks? Wyman stopped in again to detail the various measures in place. “The biggest thing is we moved to the VoteWA system, and so this has enabled us not only to build a stronger firewall, more robust security, and monitoring systems around it, but now … any user that gets into our system, they have to be pre-approved,” Wyman told KIRO Radio’s Dave Ross. VoteWA is system that was first enacted for August’s primary election, featuring a handful of new security measures to ensure results aren’t altered, hacked, or tampered with in any way. Results from each of the state’s 39 counties are tabulated from paper ballots, and then transferred to an air-gapped machine (i.e. a computer not connected to the internet). The results are then transferred to a flash drive, which is plugged into an internet-enabled computer to transmit the final results.

Full Article: How Washington is fighting back against attempts to hack ballots.

West Virginia: The FBI is investigating West Virginia’s blockchain-based midterm elections | Matthew De Silva/Quartz

During the 2018 midterm elections, somebody tried to hack Voatz, the blockchain-based voting system used by West Virginia. The attack was unsuccessful, but is under investigation by the FBI, said Andrew Warner, West Virginia’s secretary of state in an Oct. 1 press conference. “In last year’s election, we detected activity that may have been an attempt to penetrate West Virginia’s mobile voting process,” said Warner. “No penetration occurred and the security protocols to protect our election process worked as designed. The IP addresses from which the attempts were made have been turned over to the FBI for investigation. The investigation will determine if crimes were committed.” The hacking attempt may have stemmed from an election security class at the University of Michigan, CNN reported Friday (Oct. 4). Last November, 144 West Virginian voters—including active members of the US military serving overseas—used Boston-based Voatz, a blockchain-enabled smartphone application, to cast their ballots for the Senate and House of Representatives as well as for state and local offices. That’s a small number, but could be consequential, especially in close races. Four seats in West Virginia’s House of Delegates were decided by less than 150 votes.

Full Article: The FBI is investigating West Virginia's blockchain-based midterm elections — Quartz.

Wisconsin: Election Commission takes steps to strengthen security of Wisconsin’s voting process | The Milwaukee Independent

The Wisconsin Elections Commission unanimously approved a $1.1 million grant program on September 24 that aimed to help cities and towns beef up their election security. The program would make up to $1,200 in federal funding available for qualified participants to update operating systems or buy new computers. Municipalities that already meet baseline security standards could use the funding to make security improvements, like setting up a firewall. These measures are meant to protect Wisconsin’s electronic voting system and voters’ personal information. Commission Administrator Meagan Wolfe said the sooner municipalities have completed the improvements, the better. Wolfe told the commission during its meeting in Tuesday in Madison that every municipality that receives funds will need to be up to minimum security standards by January. The grant program will prioritize the lowest of Wisconsin’s low-tech municipalities. Before approving the program, the commission decided to wait until after those cities and towns get their grants in November before giving money to communities that already meet the security baseline.

Full Article: Election Commission takes steps to strengthen security of Wisconsin’s voting process | The Milwaukee Independent.

Alaska: State buying new voting machines for 2020 | Amanda Bohman/Fairbanks Newsminer

The state of Alaska is replacing the voting machines used in Fairbanks and elsewhere starting with the August 2020 state primary election, according to state and borough elections officials. That means Tuesday’s election was the last regular election for the AccuVote machines that have been used here for the past 20 years. The new machines are ImageCast Precinct ballot counters, or ICPs. The voter experience will not change much, officials said. People will continue to vote privately in a booth and then feed their ballot into a machine that tabulates the votes. The process will take a few seconds longer because the new technology captures an image of each ballot, officials said. The city of Valdez has been using the ICP machines for a few years. The clerk said they work well. “We love it. My voters love it. I haven’t had any problems with their equipment at all,” Valdez City Clerk Sheri Pierce said. The machines are made by Dominion Voting Systems, the same company that manufactured the AccuVote machines.

Full Article: State buying new voting machines for 2020; Fairbanks affected | Local News | newsminer.com.

Arizona: Secretary of State toughens election rules for cybersecurity | Andrew Oxford/Arizona Republic

Arizona officials are considering tougher cybersecurity standards for the state’s elections ahead of 2020, according to a proposed set of protocols the Secretary of State’s Office published this week. Some of the changes come after The Arizona Republic highlighted concerns about policies included in a first draft of a manual that county officials across the state will use to administer next year’s election. Experts contacted by the newspaper pointed to provisions that did not mandate the use of encryption in some circumstances or would allow officials to re-use USB sticks when working with election systems. The Secretary of State’s Office toughened policies on both of those issues in its final draft of the election procedures manual, published this week. Digital security is just a small piece of the proposed manual, which totals more than 500 pages. But cybersecurity has drawn particular scrutiny amid concerns about meddling in American elections.

Full Article: Arizona Secretary of State toughens election rules for cybersecurity.

New York: Hacking concerns delayed vote machines: Westchester bought them anyway | Mark Lungariello/Rockland/Westchester Journal News

Westchester County lawmakers put off buying new voting machines in March over concerns they could be hacked and made to add marks on finished ballots. The county Board of Elections bought some anyway. “The local county legislature has no authority to approve the machines, so we didn’t do anything out of the ordinary,” Reggie Lafayette, Democratic elections commissioner, told The Journal News/lohud. But some lawmakers didn’t see it that way and even sought a written legal opinion from county staff attorneys on the move. The county Law Department concluded in August that the elections board acted within its authority under New York state law as a semi-autonomous entity. Legislator Nancy Barr, a Rye Brook Democrat, said the process still left a lot to be desired. “Even if it’s allowed, it’s certainly not something that generates trust between the Board of Legislators and the Board of Elections, and other departments,” she said at last Monday’s meeting of the legislature’s Budget and Appropriations Committee.

Full Article: Hacking concerns delayed vote machines: Westchester bought them anyway.

Pennsylvania: Fight over Philadelphia’s voting machines may head to court | Marc Levy/Associated Press

Former Green Party presidential candidate Jill Stein wants Pennsylvania to block Philadelphia from using new touchscreen machines the state is buying ahead of the 2020 election and threatened court action Wednesday if it doesn’t do so promptly. Stein’s demand means that she and a group of plaintiffs could take the state back to Philadelphia’s federal court, where they filed an agreement last year to settle their lawsuit over vote-counting in 2016’s election. Stein and the other plaintiffs made the request in writing to Pennsylvania’s Department of State, which oversees elections. “We must protect our vote and we must protect the authenticity of our vote,” Stein told supporters during her announcement in front of Philadelphia’s federal courthouse Wednesday. The department has 30 days under the agreement to respond. On Wednesday, it did not say whether it would decertify the machines or consider decertifying them, although a spokeswoman pointed out that it recertified the system last month after originally certifying it last year.

Full Article: Fight over Philadelphia’s voting machines may head to court.

Washington: ‘Tens of thousands’ of attempts daily to hack Washington’s election system | Dyer Oxley/MyNorthwest

Washington state’s general election is one month away and aside from making sure the process is ready to run smoothly, Secretary of State Kim Wyman has another concern on her mind — cybersecurity and election hacking. “We have attempts every day,” she told KIRO Radio. “Tens of thousands of attempts to get into our system … right now, we are just blocking all of them.” “Some (hackers) are just trying to see what they can see, ‘what can we get to and what can we play with,’” Wyman said. “And some have bigger chess moves. They are trying to undermine confidence that voters have in our system.”

Full Article: 'Tens of thousands' of attempts daily to hack Washington's election system.

West Virginia: Alleged mobile voting app hack linked to University of Michigan | Benjamin Freed/StateScoop

Federal investigators looking into an alleged hacking attempt against the mobile app that West Virginia officials used to collect ballots from overseas voters in the 2018 election are determining if the incident was the result of computer-science students at the University of Michigan testing for vulnerabilities. CNN reported Friday that the FBI is investigating “a person or people” who attempted to access the app — Voatz — as part of a cybersecurity course at University of Michigan, which is one of a handful of universities with a curriculum focused on election security. Mike Stuart, the U.S. attorney for West Virginia, revealed the investigation last Tuesday, saying that during the 2018 election cycle his office was alerted by West Virginia Secretary of State Mac Warner that there was an “attempted intrusion by an outside party” to access the Voatz app. According to state officials and the app’s developers, Voatz is designed only to grant ballot access to qualified voters who go through multiple layers of biometric identification, including facial-recognition and fingerprint scanning.

Full Article: Alleged mobile voting app hack linked to University of Michigan.

West Virginia: Hackers try to access West Virginia’s mobile voting app | GCN

Someone tried to hack into West Virginia’s blockchain-enabled mobile voting system during the 2018 election cycle. The attack happened during the pilot rollout of West Virginia’s mobile voting pilot that uses a smartphone application developed by Boston-based Voatz to enable eligible overseas voters to receive and return their ballot securely using a mobile device. The app lets military and overseas voters who qualify under the Uniformed and Overseas Citizens Act verify their identities by providing biometric proof in the form of a photo of their driver’s license, state ID or passport that is matched to a selfie. Once voters’ identities are confirmed, they receive a mobile ballot based on the one that they would receive in their local precinct. A confirmation message is sent to the voter’s smartphone when the vote is uploaded to the blockchain’s series of secure, redundant, geographically dispersed servers , which ensures the votes cannot be tampered with once they’ve been recorded.

Full Article: Hackers try to access West Virginia's mobile voting app -- GCN.

West Virginia: Hacking attempt reported against West Virginia’s mobile voting app | Benjamin Freed/StateScoop

The FBI is investigating an alleged hacking attempt against the mobile app that West Virginia officials used to collect ballots from some overseas voters during the 2018 election cycle, the Justice Department announced Tuesday. Mike Stuart, the U.S. attorney for West Virginia, said that during last year’s election cycle, his office received a report from West Virginia Secretary of State Mac Warner pertaining to an “attempted intrusion by an outside party” to access the app, Voatz, which Warner’s office has heralded as the future of voting for expat U.S. citizens, especially deployed members of the military. The attempt, Stuart continued, appeared to be unsuccessful, with no actual intrusion or effect on the 144 ballots that were cast in last year’s general election. “No penetration occurred and the security protocols to protect our election process worked as designed,” Warner said at a press conference Tuesday in Charleston, the state capital. Still, Warner said, the attempted intrusion was referred to the FBI for investigation as a “deterrent” against attempts by outside actors to interfere with the state’s election process.

Full Article: Hacking attempt reported against West Virginia's mobile voting app.

Colorado: Secretary of State’s QR code election security measure adopted | Teresa L. Benns/Del Norte Prospector

According to a Sept. 16 news release on the Colorado Secretary of State’s (SoS) website, Secretary of State Jena Griswold announced that Colorado will stop using ballots with QR codes, a marking used to track packages and other materials pictured above. The removal of QR codes from ballots will increase the security of vote tabulation and ensure voters can accurately verify that their ballots are correctly marked. With foreign countries actively trying to exploit voting vulnerabilities, this is a first-in-the nation added security measure. Marilyn Marks, who advocates for voting integrity nationwide, came to Saguache County in 2011 to investigate the irregular county election held in 2010. During that time, she also monitored an election held in Chaffee County where the QR code question was first raised. “Chaffee ballots are identifiable by both the voter and the government,” Marks said in an Aug. 9, 2012 Center Post-Dispatch article. (QR) codes on the ballot can be traced back to the voter in what Marks says is a very sophisticated process that could not have been detected by most voters or watchers.

Full Article: Del Norte Prospector | SoS QR code election security measure adopted.

Georgia: Previously redacted Georgia election security document made public | Mark Niesse/The Atlanta Journal-Constitution

The Georgia secretary of state’s office acknowledged Thursday that a vendor had improperly redacted a purchasing document detailing security features of the state’s new $107 million voting system. The unredacted 143-page document was posted on the secretary of state’s website Thursday. The document, which explains “high level security” of the state’s new voting check-in iPads, doesn’t compromise the integrity of the system, according to the secretary of state’s office. The document was made public “in the spirit of good governance and transparency” after the secretary of state’s office was alerted about the redactions, said Deputy Secretary of State Jordan Fuchs. “Our new voting system, including new Poll Pads, are our most secure system to date,” Fuchs said. The iPads will be provided by a company called KnowInk, which is working with Dominion Voting Systems to install the new voting technology statewide before the March 24 presidential primary.

Full Article: Previously redacted Georgia election security document made public.

North Carolina: Toss-up State to Use Vulnerable Tech in 2020 | Jack Lowenstein/WhoWhatWhy

The 2020 election is expected to once again be razor-close and, in light of Russian attempts to hack the vote in 2016, making it secure is of paramount importance. That is why North Carolina’s recent decision to open the door for unverifiable barcode election technology is raising eyebrows in the election integrity community. At the end of a 30-month process, the North Carolina State Board of Elections recently approved three new voting systems to replace decades-old technology in the state. However, state election officials also did something else: With their selection, they approved the use of barcode voting technology. Election integrity advocates, cybersecurity experts, and even two members of the five-member state board have strongly objected to the use of this technology. With the 2020 presidential election on the horizon — and North Carolina expected to be in play — the decision of state officials to choose voting systems that do not leave behind a verifiable paper trail creates major concerns for election transparency advocates.

Full Article: Toss-up State to Use Vulnerable Tech in 2020 - WhoWhatWhy.

Ohio: House Lawmakers Approve Civilian Cyber Reserve | Jim Provance/Toledo Blade

The Ohio House on Wednesday voted unanimously to create a civilian cyberforce within the Ohio National Guard to respond to cyberattacks against elections systems, governments, businesses, and critical infrastructure. Senate Bill 52, sponsored by Sen. Theresa Gavarone (R., Bowling Green), now returns to the Senate for consideration of House changes. The bill passed the upper chamber unanimously earlier this year. A city’s mayor could ask the governor to call out the Ohio Cyber Reserve if the city finds itself in over its head in fending off or mitigating a ransomware attack or other cyberintrusion, much as governments can now ask for help after natural disasters. “By their nature, elections are vulnerable to threats both foreign and domestic,” Rep. Doug Green (R., Mt. Orab) said. “Creating the Ohio Cyber Reserve allows for preparedness in mitigating those cyberattacks and ensures Ohio’s voters that their elections are secure and accessible.”

Full Article: Ohio House Lawmakers Approve Civilian Cyber Reserve.

Pennsylvania: Green Party’s Jill Stein threatens legal challenge to Philadelphia’s new, $29M voting machines | Jonathan Lai/Philadelphia Inquirer

Jill Stein, the 2016 Green Party presidential candidate, threatened Wednesday to take legal action to block Philadelphia from using its new voting machines if the Pennsylvania Department of State continues to allow their use. The machines, which cost the city $29 million, are slated to be used in next month’s election. But Stein said they violate the terms of a settlement she reached with the state late last year stemming from her 2016 recount battle. “We will seek relief in the court if this unverified, unauditable, hackable, expensive machine is not promptly decertified,” Stein, flanked by about two dozen supporters, said outside the federal courthouse in Center City. That agreement settled Stein’s effort in 2016 to seek a recount and forensic audit of voting machines in Pennsylvania and elsewhere after Donald Trump’s victory that year. (Stein, an activist and physician from Massachusetts, received 0.82% of the vote in Pennsylvania.) Under the settlement, the plaintiffs must first notify the Pennsylvania Department of State in writing of potential violations of the agreement; the department then has 30 days to respond before Stein and other plaintiffs can take the matter to court.

Full Article: Green Party’s Jill Stein threatens legal challenge to Philly’s new, $29M voting machines.