Pages

Search This Blog

Translate

Search Tool




Jun 18, 2020

Analysis | The Cybersecurity 202: D.C., Georgia reflect divergent Democratic and Republican approaches to mail ballots

By Joseph Marks


with Tonya Riley

As Georgia and the District of Columbia struggle to recover from disastrous primaries marred by long lines, poor training and machines that didn't operate as planned, they are taking drastically different approaches to voting by mail.
Georgia plans to scuttle its primary system of mailing absentee ballot request forms to registered voters, which was a way of encouraging them to vote by mail during the pandemic, the state’s top election official Brad Raffensperger (R) announced.
Instead, it will allow voters to request absentee ballots online — a move critics warn will make the process harder for people without Internet access and could create new avenues for hacking or technical malfunctions that undermine the contest.
The District, meanwhile, is doubling down on mail voting. The Board of Elections plans to send mail ballots directly to the city's 500,000 registered voters without making them request the ballots first, a move that some Republicans say invites voter fraud.
The divergence is representative of an emerging trend in which state-level Republicans are shrinking back from mail voting after the primaries while Democrats embrace it during the pandemic. It's deepening as President Trump and some Republican allies have savaged mail voting broadly, without evidence, as prone to widespread fraud.
These divergent choices illustrate political values that are very much in tension and that have been championed by the two parties,” Edward Perez, global director of technology development at OSET Institute, a nonprofit election technology organization, told me. “D.C.’s decision…appears to be motivated by a desire to ensure every voter can vote during the pandemic. Republicans, rightly or wrongly, are concerned about the integrity of the vote.”

Voters wait in line to cast their ballots in Georgia's primary election. (Ron Harris/AP)
The Republican push against mail voting often isn’t coming from election officials. 
For example, Iowa’s Secretary of State Paul Pate (R) sent absentee ballot request forms to all registered voters before the state’s June primary. But the Republican-controlled legislature passed a bill blocking him from doing that in the general election. The bill allows Pate’s office to send mail ballot request forms only to voters who’ve already requested the form.
And the Republican-controlled Ohio legislature passed bills shortening the time frame for voters to request mail ballots in the general election and prohibiting Secretary of State Frank LaRose (R) from sending voters postage-paid envelopes along with ballot request forms as he’d suggested.
California Gov. Gavin Newsom (D), meanwhile, ordered counties to send ballots directly to all registered voters in a model similar to the District’s. The move prompted a lawsuit from the Republican National Committee, which charged it “would create more opportunities for fraud [and] destroy the confidence Californians deserve to have in their elections.”
Georgia’s turn away from mail voting is primarily about money, Raffensperger said. 

Georgia Secretary of State Brad Raffensperger. (Russ Bynum/AP)

The state simply can't afford to send ballot request forms to all of its 6.9 million voters in the general election as it did in the primary, he said -- even though the coronavirus pandemic may make in-person voting just as difficult then.
The announcement drew immediate pushback from critics.
By refusing to send mail-in ballot applications to Georgia voters, he is willfully making voting lines longer,” said Lauren Groh-Wargo, CEO of Fair Fight Action, a group founded by Democratic politician Stacey Abrams, who narrowly lost the 2018 Georgia governor’s race.
Here’s the reaction from journalist Ari Berman, author of a history of U.S. voting rights:
Georgia primary was a disaster but one bright spot was Georgia Secretary of State sending absentee ballot request forms to all registered voters. Now he says he won’t do that in November, making existing problems that much worse https://t.co/nmorDxkPC5
— Ari Berman (@AriBerman) June 17, 2020
Raffensperger’s plan to instead build an online portal for mail ballot requests also sparked concern. 
Election security experts say it’s generally best to have as little technology involved in the voting process as possible to limit the chances of technical malfunctions or manipulation by hackers. For example, hackers could create major problems by overwhelming the Georgia portal with traffic so residents can’t use it during the final days or hours before the deadline to request ballots.
“You’re depending on potentially vulnerable technology that will presumably be managed by a third party and you’re still maintaining all the bureaucracy of dealing with ballot applications,” Perez said.
Raffensperger’s mail voting announcement was part of a broader plan to correct problems that bedeviled the primary, including poorly trained poll workers who couldn’t operate the state’s complex voting machines and electronic poll books.
The plan includes increased state technical support to counties and a legislative proposal that would allow the state to intervene and overhaul operations in counties including Fulton County, which experienced some of the longest voting wait times.
The District’s decision comes with concerns, as well.

The line outside the voting center at Hardy Middle School in Ward 2 in Washington. (Julie Zauzmer/The Washington Post)

The District's expansion of mail-voting comes after it failed to send absentee ballots in time to several hundred people who requested them. Officials ultimately resorted to driving across town to deliver ballots to some voters, and even launched a plan to allow some residents to cast ballots over email – a system security experts say is far too risky.
Yet even some Democrats worry that sending ballots directly to registered voters whose addresses haven’t been scrupulously verified could create the perception of fraud.
States that have near-universal mail voting such as Washington and Colorado send ballots directly to voters – but they’ve also spent years ensuring their voter rolls are up to date and accurate. A Washington Post analysis recently found possible voter fraud cases in those states accounted for just 0.0025 percent of ballots in 2016 and 2018  – or about one out of every 39,000.
Many election security experts, however, say any risks in the process are far outweighed by the benefit of ensuring people can vote without damaging their health during the pandemic. And the main Democratic congressional proposal to expand mail voting would require sending ballots directly to voters.
Georgia and the District are among a number of states and localities attempting to recover from disastrous primaries in time for November. 
Los Angeles County, which had one of the highest profile primary-night debacles, released a lengthy assessment of what went wrong, Kim Zetter reports for Politico.
Among the problems:
  • Faulty printer assemblies that caused or could have caused paper jams in more than 14,000 of the 31,000 voting machines the county had custom built at a cost of $300 million
  • Electronic poll books that were inoperable for hours while they tried to sync data
  • About 17,000 mail ballots that the county failed to send out in time because of a computer script error in a system that wasn’t adequately tested
The report's major takeaway: L.A. County, like many jurisdictions, has a lot of testing and preparation to do in the next few months.

The keys

Trump was eyeing reelection in Huawei fight, John Bolton's book claims.
The former national security adviser cites the battle to restrict the Chinese firm from global telecom networks as one of many instances in which the president’s true interest was only in securing a second term — in this case by landing a U.S.-China trade deal.
I am hard-pressed to identify any significant Trump decision during my White House tenure that wasn’t driven by reelection calculations,” Bolton says in an excerpt from his controversial tell-all “The Room Where it all Happened” printed by the Wall Street Journal.
The president offered to reverse criminal charges against Huawei and its chief financial officer Meng Wanzhou if it would help with a China trade deal  — and his reelection, Bolton alleges. He also accuses Trump of reversing penalties against Chinese-owned ZTE in 2018 for the same reason.
Bolton's memoir largely supports the outline of Democrats' impeachment case against Trump and confirms that the president was fixated on the conspiracy theory that Ukraine — not Russia — had hacked the Democratic National Committee in 2016. The book quotes Trump saying that “Ukraine tried to take me down” and that he was not interested in helping the country with military aid, the Journal’s Michael C. Bender and Rebecca Ballhaus report. He also obsessed about a hacked DNC server that he believed without evidence was hidden in Ukraine, Bolton writes.
The Justice Department is seeking an emergency order to block sales of the book, saying it includes classified information.
Zoom will provide the strongest level of encryption to all customers starting in July.

The logo for the Zoom Video Communications app. (Gabby Jones/Bloomberg News)

That's a reversal of an earlier decision that gave end-to-end encryption only to paying customers, Rachel Lerman reports
The company faced a backlash from privacy advocates and users after it said that it wouldn't provide the top-shelf encryption to unpaid users in part because law enforcement might need access to their videoconference data with a warrant. The Justice Department has lambasted end-to-end encryption as creating a haven for child predators as part of a push for companies to provide backdoor to encrypted communications.
Zoom CEO Eric Yuan said he consulted with child safety experts and civil liberties groups ahead of the decision. The company will require free users to provide personal information including their phone number to verify their identity.
“We are confident that by implementing risk-based authentication, in combination with our current mix of tools…we can continue to prevent and fight abuse,” Yuan wrote in a blog post.
Microsoft pitched its facial recognition software to government for years, records show. 

Microsoft logo. (Jeenah Moon/Getty Images)

Microsoft tried to sell its technology to the Drug Enforcement Administration just months before company executives called in July 2018 for increased regulation of facial recognition tools, emails obtained by the American Civil Liberties Union show.  
It's unclear whether the DEA ever purchased the technology, but a partnership would be concerning to privacy advocates.
“The DEA has a long history of racially disparate or racist practices and has been engaged in wildly inappropriate mass surveillance,” ACLU Massachusetts Director of the Technology for Liberty Program Kade Crockford told BuzzFeed News. Microsoft recently said it would no longer provide the technology to police departments but has declined to commit to ending any federal partnerships. 
Amazon has also placed a moratorium on police use of its facial recognition software but has not said whether that ban will apply to federal agencies. (Amazon CEO Jeff Bezos owns the Washington Post.)

Government scan

A Justice Department proposal would leverage a key tech industry legal shield in its war against encryption.

Attorney General William P. Barr speaks during a roundtable with President Trump about America's seniors on Monday. (Evan Vucci/AP)

The proposal builds on an executive order Trump issued earlier this month and threatens to erode a long-standing legal shield that protects tech companies from liability for content users post on their sites, Tony Romm reports.
It raises the possibility companies could lose their legal protection if security protections such as encryption hamper law enforcement.
But Congress would need to get behind the proposal, which is a long shot in an election year. Both parties have called in recent months to overhaul the legal shield, Section 230 of the Communications Decency Act. Democrats tell Tony they're unlikely to line up behind the Justice Department.
“I’ve certainly been one of Congress’s loudest critics of Section 230, but I have no interest in being an agent of Bill Barr’s speech police," Sen. Richard Blumenthal (D-Conn.) said. Blumenthal is co-sponsoring a bill that would threaten companies with losing liability protections if they can't slow the spread of child pornography on their sites but it's far narrower and would require separate action by Congress before encryption is directly threatened.
Barr's proposal could also be an avenue to force social media companies to be more transparent about their content moderation policies amid claims of political bias by conservatives, Tony reports.
“I’m deeply concerned that President Trump and Attorney General Barr are exploiting Big Tech’s complicity in human misery to advance their own political agenda,” Blumenthal said.
National Security officials want the FCC to reject a Google-Facebook plan to run an underwater cable between the United States and Hong Kong.
The officials fear the cable will create too many spying opportunities for China, Politico’s John Hendel and Betsy Woodruff Swan report.

Industry report

A malicious Google chrome extension loaded with spyware was downloaded 32 million times.

Google Chrome logo is seen near cyber code. REUTERS/Dado Ruvic/Illustration

“Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, according to Awake co-founder and chief scientist Gary Golomb,” Reuters’s Joseph Menn reports.
More news about industry and cybersecurity:

Hackers posed as recruiters working for U.S. defence giants Collins Aerospace and General Dynamics on LinkedIn to break into the networks of military contractors in Europe, cybersecurity researchers said on Wednesday.
Reuters

Global cyberspace

A French data privacy watchdog slammed the privacy of coronavirus surveillance cameras.

The French National Assembly. (Joel Saget/AFP/Getty Images)

“Their uncontrolled development poses the risk of generalizing a feeling of surveillance among citizens... which could be detrimental to the proper functioning of our democratic society,” the agency said, Reuters reports.

Chat room

Yet another case of art imitating life from The Huffington Post's Ariel Edwards-Levy:
— Ariel Edwards-Levy (@aedwardslevy) June 17, 2020
And the real plot twist from FiveThirtyEight's Clare Malone:
If I’m not mistaken, that author is the head of the Ohio Democratic Party...
— Clare Malone (@ClareMalone) June 17, 2020

Daybook

  • House Intelligence Committee will hold a virtual open hearing with Facebook, Google and Twitter on Foreign Influence and Election Security today at noon.
  • Carnegie's Partnership for Countering Influence Operations and  Twitter will host an event on influence operations on Twitter on July 9 at 1 p.m.

Secure log off

More on Bolton (and his trademark mustache) from Stephen Colbert:

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.