June 26, 2020 HUMAN RIGHTS

Election Cybersecurity Amid a Global Pandemic

by Alan Butler

Four years ago, the world looked much different, and the political attention in the United States was focused on two contentious party primaries. Donald Trump and Hillary Clinton were the front runners for the republican and democratic presidential nominations, respectively, but there were many state primaries remaining, and the November general election still seemed far off. There was little public awareness about the vulnerabilities of our election systems, and voters had little reason to doubt that the 2016 elections would move forward smoothly. That all changed in the months that followed, as the public began to understand the extent of Russian interference in the election through hacking, disinformation, and targeting state voting systems. Beginning in 2017, federal, state, and local governments began to mobilize efforts to improve election security while researchers and watchdog groups raised public awareness of the threats to the integrity of our elections. 

Ensuring the security and integrity of our voting system is essential to preserve confidence in the results.

Ensuring the security and integrity of our voting system is essential to preserve confidence in the results.

Kjpargeter on Freepik

Many have worked for years to improve the security of our election systems, but now we face new challenges. The global pandemic has caused states to delay primary elections and led to the expansion of vote-by-mail and absentee voting and, in some instances, calls for remote or online voting. Now there is even more work to be done to protect the integrity of our elections and to ensure that our elections move forward with safety and integrity.

Election security researchers have been warning of the weaknesses in our current voting systems, and the perils of relying on new, unvetted voting technologies, for more than a decade. But the 2016 election brought these issues to the forefront. In October 2016, just a few weeks before the national election, the Office of the Director of National Intelligence (ODNI) and the Department of Homeland Security (DHS) issued an unprecedented joint statement that the U.S. Intelligence Community was “confident that the Russian Government directed the recent compromises of emails from U.S. persons and institutions, including political organizations.” Two weeks later, the ODNI issued another joint statement with the Federal Bureau of Investigation (FBI), the Department of Justice, and the DHS declaring boldly that “[f]oreign interference in U.S. elections is a threat to our democracy” and specifically calling out “campaigns by Russia, China, and other foreign actors, including Iran, to undermine confidence in democratic institutions.” Then, several weeks after the election, the DHS and FBI issued a Joint Analysis Report on malicious cyber activity carried out by Russian civilian and military intelligence services during the 2016 election. It was clear by January 2017 that Russia had led a substantial election interference campaign in 2016, and then DHS Secretary Jeh Johnson issued an order designating election infrastructure as “critical infrastructure.” But it was not clear what the federal and state governments would do to prevent similar interference in the future.

Both the Senate Intelligence Committee and the Department of Justice’s Special Counsel Robert Mueller led investigations into the Russian interference. They concluded that Russia had engaged in both active measures targeting election infrastructure and a social media campaign aimed at influencing American voters and sowing chaos. The Senate committee found that “the Russian government directed extensive activity, beginning in at least 2014 and carrying into at least 2017, against U.S. election infrastructure at the state and local level.” While the committee found no evidence that votes were changed or voting machines manipulated, that is little consolation. Many of the voting machines that were used during the 2016 election provided no auditable paper trail, and researchers have shown that these machines can be manipulated without leaving evidence. And the goal may well have been to undermine confidence in the election, which is easier to do than actually changing votes. As we approach the 2020 election, we must ensure that federal and state governments are doing everything they can to secure our election systems and that we are addressing the threats of disinformation and hacking.

In the fall of 2016, while Russian interference in the 2016 election was ongoing, the National Academy of Sciences formed a committee to study existing problems with election systems and to “offer recommendations that provide a vision of voting that is easier, accessible, reliable, and verifiable.” The committee co-chairs expected to identify technical solutions to increase voting access, including the possibility of “remote (Internet) voting.” But by the time the committee first met in April 2017, it had become clear that “efforts to undermine the credibility of election results” posed the “most significant threat to the American elections system” going forward. When the committee issued its final report in 2018, it had compiled key recommendations “designed to harden our election infrastructure and safeguard its integrity and credibility.” What they found was alarming, and they concluded that resources and attention must be focused on research to improve our election systems and outcomes. “All too often, [researchers’] efforts are underfunded, important research questions remain unaddressed, and there are challenges to translating research into practice.” After careful review, the committee issued detailed recommendations on many important issues, including voter registration, voting by mail, voting technology, election cybersecurity, audits, and internet voting. These recommendations provide a roadmap to securing our election systems, even in the face of new challenges.

The key recommendations of the National Academy of Sciences are worth reviewing as we prepare for one of the most challenging elections we have ever faced as a nation. First, the committee recommended that election administrators “routinely assess the integrity of voter registration databases” and develop plans to secure and audit these systems. Second, the committee recommended that jurisdictions should “provide a means for a voter to easily check whether a ballot sent by mail has been dispatched” and then to check whether their “marked ballot has been received and accepted by the appropriate election officials.” Third, the committee recommended that in-person voting be conducted by human-readable paper ballots that are capable of independent auditing (and any voting machines that do not provide this capacity should be removed from service). The committee also recommended that Congress provide funding for state cybersecurity improvements and that states conduct mandatory post-election audits.

Important steps have been taken since the National Academy issued its report in 2018, but there is still much more to do. Voters in some states have successfully challenged insecure voting systems. In Georgia, a group of plaintiffs obtained a preliminary injunction that prohibits the state “from using the Global Election Management System and its central Diebold AccuVote Direct Recording Electronic (DRE) voting mechanism” in the 2020 election. The vulnerabilities and deficiencies of these DRE machines are well documented, as the federal district court in Georgia explained in its 153-page opinion last August. The court found that Georgia’s DREs “operate on outdated and vulnerable software,” that they are “particularly susceptible to manipulation and malfunction,” and that the systems are “not reliably secure.” One of the fundamental problems is that these machines create no paper trail and are thus not auditable. Experts have demonstrated that the machines could be compromised by malware that would “alter the vote count or stop the machine from accepting votes,” and there would be no means of detecting the malware, even with a “careful forensic examination.” As a result of the court order, Georgia will now use a voting system with a human-readable voter receipt and paper audit trail during the 2020 election; but there have also been new challenges filed about the use and location of ballot-marking devices that could threaten voter privacy. Deploying voting systems securely while ensuring voter privacy and auditability is an incredibly complex process, but it is essential to the integrity of our elections.

The American Bar Association (ABA) has also recently adopted a new policy to advocate for the improvement of election security. Resolution 118, which was passed at the 2020 ABA Midyear Meeting in February, urges Congress to protect the security and integrity of U.S. federal elections. In particular, the ABA Election Cybersecurity Resolution calls on Congress to empower the National Institute of Standards and Technology (NIST) to establish standards for election software, develop a certification process, and review the private sector role in election systems. The ABA resolution also urges Congress to provide more funding for states to improve election security and to restrict funding to those jurisdictions that do not follow NIST standards, require independent cybersecurity assessments, deploy human-readable paper ballots, and set up post-election auditing of votes. The ABA resolution drew inspiration from the National Academy report and builds on that important work.

Though there are numerous challenges to ensuring the security and integrity of our elections, we have a good roadmap for how to get there. But now we face an even bigger challenge—carrying out national, state, and local elections amid a global pandemic. Several states have already pushed back party primary elections; it is unclear how the summer conventions can go forward. And the U.S. Supreme Court voted 5–4 to stay a lower court order requiring Wisconsin to count delayed mail-in ballots for the state’s April 7 election (some voters did not receive their absentee ballots in time due to the pandemic). Meanwhile, lawmakers and voting rights advocates have begun to call for an expansion of mail-in and absentee voting for the November 2020 election.

Senator Ron Wyden (D-OR) and Senator Amy Klobuchar (D-MN) have introduced a bill that would give voters the right to cast their ballot by mail in certain circumstances and expand early in-person voting. Their bill would also increase state funding to account for the costs of implementing a broader mail-in voting system. And there is precedent for these systems—almost a quarter of all U.S. voters in the 2018 election cast their ballot by mail. But scaling these systems up in all states and territories at once could present logistical challenges with printing, delivering, and processing such a large volume of ballots.

The lesson from Wisconsin is that we cannot count on the U.S. Supreme Court to protect voters if their states do not provide adequate and timely access to mail-in ballots. States should act quickly to prepare for expanded mail-in, absentee, and early voting. In some states, this may require modifications to state election laws to allow more time for counting and certifying the votes. States should also take the opportunity to implement, where possible, the National Academy recommendation to create easy systems for voters to check when their mail-in ballots have been dispatched and, subsequently, when they have been received and verified.

Some politicians and others have used this opportunity to advocate for remote voting over the internet. That is a profoundly bad idea and is certainly not practicable for the 2020 election or any other near-term election. There are many reasons why internet voting cannot be secret, secure, and verifiable at this time. But we need not think in abstract terms about the risks of integrating new, untested technologies into our election process; the Iowa democratic caucuses this year made those risks concrete. For its 2020 primary, the Iowa Democratic Party commissioned a mobile app to convey results of local caucuses to the state party. The app was developed by a company called Shadow and had never been used in an election. And the app failed; it simply did not work the way it was supposed to. Many precinct leaders were not able to log in or use the app, and even when the app did work, it did not report all of the necessary data. Some precinct leaders were either unable to or decided not to download the app at all; they planned to phone in their results as they had in past elections. But the party failed to adequately staff the phone lines, leaving precincts stuck on hold for hours. As a result of these failures, Iowa caucus results were delayed for days, and there was substantial uncertainty about the results. The ensuing chaos was just a small taste of what would happen if an untested, remote voting system were used in a major national election.

When it came to internet voting, the National Academy report was crystal clear: The internet “should not be used for the return of marked ballots” and internet voting “should not be used in the future until and unless very robust guarantees of security and verifiability are developed and in place.” There is simply no known technology that can guarantee the “secrecy, security, and verifiability of a marked ballot transmitted over the Internet.” That reality has not changed, despite new calls for remote voting amid the pandemic. Rather than speculate about internet voting, state and federal officials should focus on expanding access to the ballot through mail-in, absentee, and early in-person systems. States should also implement the recommendations of the National Academy of Sciences, including using human-readable paper ballots and conducting risk-limiting audits.

Ensuring the security and integrity of our voting system is essential to preserve confidence in the results. And amid the global pandemic and the substantial economic and political upheaval that it has caused, there will be a significant strain on voter confidence. Indeed, many voters already fear being disenfranchised either through voter suppression or the imposition of new barriers to voting. And the right to vote is more essential now than perhaps any time in recent memory because political leaders are responsible for deciding how to respond to the global pandemic. Over the next six months, our society will be fundamentally changed as federal, state, and local governments implement unprecedented restrictions on social and economic activities and our systems of government struggle to cope with the unique risks posed by the novel coronavirus. We should all judge our elected representatives by their ability to guide us through this crisis. But that can only happen if the government is accountable to the governed.

Alan Butler is the interim executive director and general counsel of the Electronic Privacy Information Center (EPIC), a public interest research center in Washington, D.C., that focuses public attention on emerging privacy and civil liberties issues. He is also the Chair of the Privacy and Information Protection Committee of the ABA Section of Civil Rights and Social Justice.