The fiasco caused by an app that failed to properly transmit votes in the Iowa caucuses is worrying the mobile voting industry, which hoped 2020 would be a banner year.
Companies – and proponents of incorporating more technology into elections – are trying to avoid being lumped in with the hastily made app used in Iowa. They’re saying its failure proves serious investment in user-friendly, secure election technology is more critical than ever.
“We need to ensure that every new idea is tested, transparent and secure – just like the eight successful mobile voting pilots conducted to date,” Bradley Tusk, the founder and CEO of Tusk Philanthropies, said in a statement. “Enough is enough. 2016 should have been enough of a wake-up call. Iowa just confirmed it.”
Precinct captain Carl Voss of Des Moines displays the Iowa Democratic Party caucus reporting app on his phone outside of the Iowa Democratic Party headquarters in Des Moines, Iowa, Tuesday, Feb. 4. AP Photo/Nati Harnik
Tusk Philanthropies has funded pilots for mobile voting across the country, launched in a push to increase participation in elections.
Unlike the app used in Iowa, which was developed to relay vote counts, the pilots use technologies that allow voters to easily vote from their mobile phones. So far, the pilots have largely been limited to eligible uniformed and overseas voters and voters with disabilities.
But any expansion is sure to fall under an even more critical spotlight. Any malfunction – or hack – of an app used directly for voting in 2020 could have far greater impact in undermining public faith in the Democratic process than one Democratic caucus gone wrong.
“I think [Iowa] really set back mobile voting, maybe even by a number of years,” Maurice Turner, an election security expert at the Center for Democracy & Technology, said in an interview. “Because what voters and officials and the press see is this is a failure of new tech. Most people aren’t going to appreciate that this is a caucus app, that this was procured by the party and developed in secret.”
Voatz, a mobile election platform used in many pilots, is stressing that difference in its public messaging – insisting it had never heard of the app used in Iowa until it flopped. “We are also committed to transparency which is why we were one of the first elections companies in the world to invite the research community to help test our technology through our public bug bounty program,” the company said in a statement. Votes cast on the app are encrypted and stored on a blockchain that election officials can access.
Voatz also highlighted that it voluntarily worked with the Department of Homeland Security after Sen. Ron Wyden, D-Ore., called on intelligence agencies to audit the app in the fall.
Still, Iowa could have a chilling effect on any election officials still on the fence about whether to adopt such technology.
“I think it will cause concern among election administrators in looking at if a pilot in mobile voting is right for them,” Jocelyn Bucaro, director of elections for Denver Elections Division, said in an interview. “I think there is reason to be worried about that.”
And federal lawmakers are already skeptical. “Relying on an untested phone app to deliver election results is like asking a guy off the street to safeguard our nuclear codes,” Wyden said in an interview. “Unless the federal government steps up and gives state parties and local election officials the help they need to secure American elections, voting technology will continue to fail, or worse, suffer from malicious hacks.”
Wyden urged top election officials in Oregon in a letter last week to address the security risks of mobile voting amid plans to expand use of the technology in his state, as The Cybersecurity 202 first reported.
Bucaro, whose city used Voatz to allow uniformed and overseas voters to participate in a municipal election last May, pointed to Iowa Democrats’ lack of transparency around the app as damaging to voters’ trust. Multiple cybersecurity experts claimed the app used in Iowa appeared to have been sloppily put together in mere months without widespread testing.
“Transparency is paramount in election administration,” Bucaro said. “What happened in Iowa was not managed by people who run elections.”
The timing is especially rough for elections happening as soon as today:My colleague Jay Greene reports this morning that all voters will be able to cast a ballot from a mobile device or computer in the election for seat on the board of the little-known King Conservation District in the Seattle area, through another Tusk pilot that uses technology from Democracy Live.
Bucaro said Denver’s rollout for mobile voting technology, even for an election that was out of the national spotlight, was conducted much more thoroughly: In addition to initial vetting through a cybersecurity firm hired by Tusk, Denver conducted its own audit of the app before the election and conducted a public audit afterward.
Donald Kersey, general counsel for the West Virginia secretary of state, noted that unlike Iowa Democrats, election officials are subject to laws requiring transparency around election processes. His state has also been aggressive in vetting mobile voting technology since it launched its first mobile voting pilot in 2018 for military and civilian voters overseas. It’s now considering expanding mobile voting in 2020 to include disabled voters. It’s looking into the results of a Department of Homeland Security audit into Voatz, and Idaho National Labs is also auditing the company, Kersey said.
All the vetting stands in stark contrast to the IowaReporterApp used in Iowa, which party officials declined to make available to lawmakers or independent researchers to audit before the caucuses. Iowa Democrats also reportedly declined an offer by DHS to audit the app.
“I think the public would have benefited more if the public had known more about the app,” Kersey said. “Hopefully other states and jurisdiction will need to take note.”
That doesn’t seem likely so far. With just days before early voting begins in Nevada, campaigns and voters are still in the dark about what technology will be used. State Democrats said they scrapped plans to use the same vote reporting app as Iowa but have so far declined to confirm media reports that they will use a new iPad tool to relay vote counts or explain how they plan to audit any new technologies in use.
Tech glitches may also give ammo to cybersecurity experts, who often point to a 2018 National Academy of Sciences Report that determined “no known technology guarantees the secrecy, security, and verifiability of a marked ballot transmitted over the Internet” and discouraged the use of Internet-based voting.
Those who say technology is an inevitable part of future elections suggest one way to mitigate the risks is for states and the federal government to take on a greater role in funding research on how to secure and deploy election technologies. “Without assistance from the federal government, we can’t do our due diligence,” Kersey said.
Send questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.