Tag: electronic voting

Posted on

Facebook will disable new political ads a week before US midterm elections

Meta loosely outlined how it plans to brace its platforms for the upcoming U.S. midterm elections Tuesday, starting with political ads. In November, the nation will decide a number of key congressional and gubernatorial races in the midst of worsening political polarization that the social network has become synonymous with in recent years.

Meta, which owns Facebook, Instagram and WhatsApp, detailed steps similar to the measures the company took previously in lieu of proposing many new ideas or areas of investment. That includes disabling new “political, electoral and social issue ads” during the week prior to voting on November 8. Ads that ran before the blackout period will be allowed to continue running but the company will disable most edits for them during that time, including any changes to who they target.

“Our rationale for this restriction period remains the same as 2020: in the final days of an election, we recognize there may not be enough time to contest new claims made in ads,” Meta Global Affairs President Nick Clegg wrote in a blog post. “This restriction period will lift the day after the election and we have no plans to extend it.”

Meta might not have plans to extend its pause on political ads, but it could still wind up improvising. Facebook paused political ads on November 4, 2020 but wound up extending that blackout phase well into the next year, only making an exception in mid-December for campaigns around the Georgia runoff elections.

Facebook will turn all US political advertising off again after Georgia runoffs

Meta also reiterated that it will not allow any posts or ads that misrepresent key details about the voting process including the date, time and qualifications for voting. The company also notes that it will disallow misinformation related to the “outcome of an election,” but its poor track record of uneven enforcement around the “Stop the Steal” movement and groups that staged the violent attack at the U.S. Capitol on January 6 calls those measures into doubt.

Pro-Trump mob storms the US Capitol, touting ‘Stop the Steal’ conspiracy

On Facebook, accounts and groups promoting false claims that the election was “stolen” were able to post prolifically and even organize after the election, easily evading bans on a handful of relevant keywords. The company only announced more serious efforts to stop the spread of election misinformation after the January 6 attack.

The social media company was also keen to highlight its investments in protecting elections, noting that it has hundreds of people working on concerns around the 2022 election and that it invested $5 billion into safety and security work in the last year, though that total did not go toward work specific to elections. The company didn’t mention that its dedicated elections team, the civic integrity unit, was dissolved and redistributed across its workforce after the 2020 election. Facebook framed the decision in a positive light at the time, but some employees and critics of the company raised concerns that election issues would be put on the backburner.

While Meta projects confidence about its political advertising precautions heading into the U.S. 2022 midterms, it is already failing to enforce those same safety measures elsewhere around the globe. A new report from human rights organization Global Witness found that Facebook approved paid posts containing false information about Brazil’s upcoming election, including ads publicizing “the wrong election date, incorrect voting methods and questioning the integrity of the election — including Brazil’s electronic voting system.”

Facebook blocks hashtags for #sharpiegate, #stopthesteal election conspiracies

Facebook says it will remove references to ‘stop the steal’ across its platform

Posted on

Mobile voting can ease polling place unease in the COVID-19 era

Jonathan Johnson Contributor
Jonathan Johnson is president of Medici Ventures and CEO of Overstock.com.
More posts by this contributor

A bitterly divided nation heads into the 2020 presidential election with accusations of potential voter fraud, calls for delays and charges of voter suppression as state and local election officials cope with the ongoing threat of COVID-19.

Their challenge: Keep the polling places safe and efficient while providing more effective and trustworthy options for citizens.

Efforts to expand mail-in voting options because of COVID-19 were criticized for overwhelming election clerks and disenfranchising voters, whose ballots were either lost or not counted during the primaries.

Recently, government and media criticism of allowing more mail-in voting beyond traditional absentee ballots has cast a harsh light on flaws in the system.

I believe we can implement a better technology choice that guarantees a voter’s identity, keeps the vote anonymous and keeps voters safe from COVID-19. A mobile voting system that provides a supplemental option to in-person voting makes the most sense in this highly charged political atmosphere.

We have an archaic voting system

Efforts to provide voting options beyond in-person balloting have increased over the years to encourage greater turnout, which is still abysmally low. Ideas such as mail-in balloting, extended hours, weekend voting and other options have found mixed success, but still rely on old, outdated processes. The decentralized nature of the U.S. election process, in which individual towns choose their preferred voting method, has resulted in voting devices that range from paper ballots to mechanical voting machines to electronic voting via a touch-screen tablet.

One only needs to look at the 2000 presidential election recount to see this archaic process in action, as the term “hanging chad” entered the lexicon. Many efforts around improving the election process began as a result of the 2000 election, but now, two decades later, we still see the same process, and the same mistakes, in many locations.

Efforts aimed at expanding mail-in voting earlier this year during the primaries were troubling. In one Pennsylvania county, 6,000 voters were not mailed their ballots until the day before the election, preventing them from getting ballots postmarked before the deadline.

Across the nation, voters requested ballots but did not receive them in time to vote. Even when ballots were mailed in on time, election officials were overwhelmed with the spike in volume.

In-person voting: Long lines, masks, dangerous for at-risk populations

With the COVID-19 virus maintaining its hold on a large part of the country, election officials need to develop in-person voting plans that keep residents safe, but the potential for disaster looms. In many locales, a presidential election often results in long lines and wait times at polling centers, often with understaffed officials or volunteers working tables to verify voter registration.

Many of these volunteers are older Americans, members of the highest-risk population for developing serious complications from the virus. Not only will election officials need to ensure the safety of voters, but they will also need to make sure their own workers and volunteers are protected. This means developing more protocols, testing and potential disinfection procedures, which could extend the time it takes for people to vote.

Given the potential of a multihour wait with hundreds or more people in line, many citizens would likely simply choose to not vote, which would be a greater disaster to American democracy.

Mobile voting is secure

A mobile voting system allows registered voters to use their mobile phones and a verified app to record their vote. Using blockchain technology, an app can provide an audit trail that verifies the identity of the voter, and keeps their vote anonymous. Mobile voting systems can also include a paper record for additional security.

Early mobile voting programs have allowed an easier way for citizens and military personnel overseas to cast their ballots. The same is true for individuals with physical disabilities that could also be vulnerable to the COVID-19 virus.

A 2018 mobile voting pilot program for citizens and military personnel overseas held in West Virginia provided a high rate of engagement.

Mobile voting has also proved more secure than other electronic voting methods, including web-based voting systems. Critics of electronic voting have lobbed accusations of potential hacking, but the facts tell a different story.

As of May 2020, Tusk Philanthropies has successfully completed 14 mobile voting pilots in five states with several mobile voting technology platforms and a mix of overseas voters and those with disabilities. It’s good to be concerned about election security, but mobile voting offers more security than existing electoral systems, which can include late or lost ballots, incorrect markings, machine breakdowns and other errors.

Democracy is strengthened when everyone participates

In these challenging and worrisome times, trust and faith in our government leaders is of utmost importance. The right for Americans to vote in a safe, secure and trustworthy environment is fundamental to continue the ideals that so many of our predecessors fought and died to protect.

When more citizens participate in the process, democracy is strengthened. Failing to explore new options to prevent a voting disaster this fall amidst a global pandemic could have grave repercussions on the future of this nation.

Posted on

Decrypted: Hackers show off their exploits as Black Hat goes virtual

Every year hackers descend on Las Vegas in the sweltering August heat to break ground on security research and the most innovative hacks. This year was no different, even if it was virtual.

To name a few: Hackers tricked an ATM to spit out cash. A duo of security researchers figured out a way to detect the latest cell site simulators. Car researchers successfully hacked into a Mercedes-Benz. A Windows bug some two decades old can be used to plant malware. Cryptocurrency exchanges were extremely vulnerable to hackers for a time. Internet satellites are more insecure than we thought and their data streams can contain sensitive, unencrypted data. Two security researchers lived to tell the tale after they were arrested for an entirely legal physical penetration test. And, a former NSA hacker revealed how to plant malware on a Mac using a booby-trapped Word document.

But with less than three months until millions of Americans go to the polls, Black Hat sharpened its focus on election security and integrity more so than any previous year.

Here’s more from the week.

THE BIG PICTURE

A major voting machine maker is finally opening up to hackers

The relationship between hackers and election machine manufacturers has been nothing short of fraught. No company wants to see their products torn apart for weaknesses that could be exploited by foreign spies. But one company, once resistant to the security community, has started to show signs of compromise.

Election equipment maker ES&S is opening up its voting machines to hackers — willingly — under a new vulnerability disclosure program. That will see the company embrace hackers for the first time, recognizing that hackers have knowledge, insight and experience — rather than pushing them away and ignoring the problems altogether. Or, as the company’s security chief told Wired: “Hackers gonna hack, researchers gonna research.”

Posted on

U.S. House approves remote voting, though the tech is unclear

Congress will allow remote voting for the first time in its history, after the U.S. House approved Resolution 965 late Friday in response to the coronavirus pandemic.

The measure — sponsored by Massachusetts Representative Jim McGovern — authorizes proxy voting by members for renewable periods of 45 days and allows for remote participation in committee hearings.

H.R. 965 could also permanently alter the way Congress operates through a provision that establishes a bi-partisan process to explore digital voting away from Capitol Hill.

Per the directive, “The chair of the Committee on House Administration, in consultation with the ranking minority member, shall study the feasibility of using technology to conduct remote voting in the House, and shall provide certification…that operable and secure technology exists.”

Previous House rules required in person voting only. The Senate still makes decisions by recording verbal “Yeas” and “Nays” on a tally sheet.

Friday’s congressional action is another example of how COVID-19 is forcing every organization in the U.S. to overhaul longstanding ways of doing things, usually through a mix of digital tools.

We still don’t have clear details on what tech the U.S. House will use to implement both the short and longer term provisions of H.R. 965.

The proxy voting arrangement will allow members to vote remotely through designated representatives on Capitol Hill — effectively a form of pinch-hitting for Congress. For remote participation in hearings, there are a range of options that could be selected — from Google Meet to Microsoft Teams. Last week, Dr. Anthony Fauci testified before the U.S. Senate using Zoom.

On determining long-term means for remote voting, that’s now up to the Chairperson of the Committee on House Administration —  representative Zoe Lofgren (D-CA) —  and the ranking minority member Rodney Davis (R-IL), who voted against H.R. 965.

Lofgren offered a preview of how it could shape up in a statement supporting H.R. 965 late Friday: “For voting on the floor, we will rely on a secure email system, coupled with member-driven, remotely-directed authorizations.  This system would use secure email for proxy votes: a solid, well known, resilient technology with very low bandwidth requirements that we understand very well from a cybersecurity standpoint.”

Of course, she and Republican Congressman Davis will have to find agreement on this during a time when both parties rarely agree on anything. The vote on H.R. 965 was split along party lines, with 217 Dems voting in favor and not a single Republican member supporting the measure.

Why Congress isn’t working remotely due to COVID-19

In the past, Congress has resisted calls to allow for remote voting. There was discussion of the need for such provisions after the September 11 attacks and 2001 Anthrax attacks. These was overridden by a long time expectation that those elected to represent constituencies be physically present to vote.

Over the last two months, it appeared the House might become a last holdout in the U.S. for in person only workplaces, as much of the country has shifted to tech-enabled measures for remote operations.

Shortly after the coronavirus outbreak hit the U.S. in March, Congressman Eric Swalwell (D-CA) pressed a resolution with Arkansas Representative Rick Crawford (R-AR) that would allow members to participate virtually in hearings and vote remotely, under special circumstances.

US capitol building at night

Image Credits: Bill Dickinson/Getty Images

That was nixed by House Speaker Nancy Pelosi  who, at the time, wanted Congress to remain in session and present to pass the first coronavirus stimulus bill.

Two months and nearly one hundred thousand American deaths later, it appears COVID-19 could force one of the more significant procedural changes in the House’s 231 year history.

In person voting could soon be replaced with some form of two-factor authentication, digital voting. This could alter longstanding patterns for how lawmakers travel, interact with constituencies, and divide their time between the Beltway and districts back home.

Posted on

We must consider secure online voting

Amelia Powers-Gardner Contributor
Amelia Powers-Gardner is county clerk of Utah County in Utah and was sworn into office in January 2019.
Chris Walker Contributor
Chris Walker is county clerk of Jackson County in Oregon. First appointed in 2008, Chris was re-elected in 2010 and 2014.

The list of states delaying primaries and elections is quickly increasing, with New Jersey adding local elections to the list. Even Congress — in a break from tradition — is rethinking what it means to vote safely in this new paradigm, stirring calls for remote voting for its upcoming legislation around the pandemic.

This debate, however, lacks important context: Many U.S. citizens are already voting online at home and abroad. In fact, 23 U.S. states and the District of Columbia allow some voters to return absentee ballots via email, while five others permit some voters to do so using a web portal.

We are election officials in two states that require us to offer an online method to some of our voters. For these voters, the argument is not an academic one, but an issue of necessity — traditional voting methods simply don’t work for those living abroad, deployed in the military or those with disabilities. As election officials, it’s our duty to stand up for the constitutional rights of our citizens, whatever their circumstances, and the reality is that online voting dramatically improves the opportunities for these two groups to engage with our democracy.

We should not be debating whether online voting should exist, but rather asking: What is the most secure way to facilitate electronic voting? Because it’s already being done. And because it’s needed by some voting groups — whose volume might expand in the near future.

As a country, we currently have three million eligible voters living abroad, and only 7% cast ballots in the 2016 elections, according to the Federal Voting Assistance Program’s biennial Overseas Citizen Population Analysis. This same analysis found that removing logistical barriers to voting would raise participation by 30%. A different analysis separately found that while nearly one million active-duty military are eligible to vote, only around 23% of them actually did in 2018.

The traditional system of mailed-in absentee ballots and centralized polling places is failing these voters, and they aren’t alone among the disenfranchised. The turnout story is also grim for the 35 million U.S. voters with disabilities. An October 2017 Government Accountability Office report also found widespread barriers to disabled voting, such as machines that could have made it impossible to cast votes privately. It’s no wonder that, as a 2017 Rutgers University study found, disabled voting participation has declined in each of the last two presidential elections, dropping from 57.3% in 2008 to 55.9% in 2016.

New technologies offer promise to expanding and securing access for overseas citizens and voters with disabilities. Consider MacCene Grimmett, who is, at 106, Utah’s oldest voter. When she was born in 1913, women did not have the right to vote. Homebound since she broke her ankle two years ago and unable to hold a pen steadily, she was able to cast her ballot last year thanks to an app on a mobile device. The technology empowered her, helping her execute — independently, anonymously, securely and with dignity — her most basic duty as a citizen.

Pilots and tests are happening at different scales in localities around the country, and early results are demonstrating positive outcomes. In 2019,Utah County’s offering mobile-phone voting to overseas citizens resulted in a marked increase in participation rates. In fact, turnout rates for voters using the app overseas were higher than for those who went to the polls in-person on Election Day. Oregon also successfully permitted its citizens to use app-voting in 2019.

Importantly, all pilots include the ability to rigorously audit the results so we can ensure 100% accuracy along the way.

The challenge, ultimately, is how to continue leveraging technology in a secure and innovative way to maximize access. Safety is paramount: We are deeply aware that we live in an interconnected world where foreign adversaries and other malicious entities are using information technology to try to undermine our political system. It’s our responsibility to understand the environment in which we operate as we forge ahead.

But while these concerns can be valid, they should not outweigh both the necessity and potential benefits of internet-based voting. Just as we cannot place blind faith in the infallibility of our technologies, we also cannot fall into a senseless, all-encompassing mistrust that would both disenfranchise millions of voters and shake trust in our elections.

Rather than making sweeping judgments, we need to weigh each case individually. Why, for example, should Iowa’s failure, which involved poor training, lack of testing and trouble reporting caucus results on one specific technology platform by a political party adversely affect whether a disabled Utahn or an Oregonian soldier can cast their vote — and verify it — by app?

Expanding voter participation by ensuring ballot access for all citizens is paramount to protecting our democracy. In the 21st century, that will necessarily include electronic methods, particularly as we face challenges with voters abroad and contemplate emerging challenges at home like COVID-19, where large public gatherings — and long lines — spark new threats to consider.

We must continue trials and experiments to broaden access for voters, while hardening the system and making it more resilient, and that means beginning with small-scale pilots, seeing what works, stringently auditing the results and then employing that knowledge in new rounds of testing. App-based voting, for example, is already more secure than returning a ballot by email, and it also preserves voter anonymity in a way that email makes impossible (because whoever opens the email to hand-copy the vote onto a paper ballot for tabulation knows who sent it).

These are the everyday successes that internet-based voting is producing right now. And they ought to be driving the discussion as we move forward slowly, responsibly and confidently.

Posted on

EU parliament moves to email voting during COVID-19

The European Parliament will temporarily allow electronic voting by email as MEPs are forced to work remotely during the coronavirus crisis.

A spokeswoman for the parliament confirmed today that an “alternative electronic voting procedure” has been agree for the plenary session that will take place on March 26.

“This voting procedure is temporary and valid until 31 July,” she added.

Earlier this month the parliament moved the majority of its staff to teleworking. MEPs have since switch to full remote work as confirmed cases of COVID-19 have continued to step up across Europe. Though how to handle voting remotely has generated some debate in and of itself.

“Based on public health grounds, the President decided to have a temporary derogation to enable the vote to take place by an alternative electronic voting procedure, with adequate safeguards to ensure that Members’ votes are individual, personal and free, in line with the provisions of the Electoral act and the Members’ Statute,” the EU parliament spokeswoman said today, when we asked for the latest on its process for voting during the COVID-19 pandemic.

“The current precautionary measures adopted by the European Parliament to contain the spread of COVID-19 don’t affect legislative priorities. Core activities are reduced, but maintained precisely to ensure legislative, budgetary, scrutiny functions,” she added.

The spokeswoman confirmed votes will take place via email — explaining the process as follows: “Members would receive electronically, via email to their official email address, a ballot form, which would be returned, completed, from their email address to the relevant Parliament’s functional mailbox.”

“The results of all votes conducted under this temporary derogation would be recorded in the minutes of the sitting concerned,” she further noted.

Last week, ahead of the parliament confirming the alternative voting process, German Pirate Party MEP, Patrick Breyer, raised concerns about the security of e-voting — arguing that what was then just a proposal for MEPs to fill and sign a voting list, scan it and send it via email to the administration risked votes being vulnerable to manipulation and hacking.

“Such a manipulation-prone procedure risks undermining public trust in the integrity of Parliament votes that can have serious consequences,” he wrote. “The procedure comes with a risk of manipulation by hackers. Usually MEPs can send emails using several devices, and their staff can access their mailbox, too. Also it is easy to come by a MEP’s signature and scan it… This procedure also comes with the risk that personally elected and highly paid MEPs could knowingly allow others to vote on their behalf.”

“eVoting via the public Internet is inherently unsafe and prone to hacking, thus risks to erode public trust in European democracy,” he added. “I am sure powerful groups such as the Russian intelligence agency have a great interest in manipulating tight votes. eVoting makes manipulation at a large scale possible.”

Breyer suggested a number of alternatives — such as parallel postal voting, to have a paper back-up of MEPs’ e-votes; presence voting in EP offices in Member States (though clearly that would require parliamentarians to risk exposing themselves and others to the virus by traveling to offices in person); and a system such as “Video Ident”, which he noted is already used in Germany, where the MEP face identify in front of a webcam in a live video stream and then show their voting sheets to the camera.

He also suggested MEPs might not notice manipulations even if voting results were published — as looks to be the case with the parliament’s agreed procedure.

It’s not clear whether the parliament is applying a further back-up step — such as requiring a paper ballot to be mailed in parallel to an email vote. The parliament spokeswoman declined to comment in any detail when we asked. “All measures have been put in place to ensure the vote runs smoothly,” she said, adding: “We never comment on security measures.”

Reached for his response, Breyer told us: “My concerns definitely stand.”

However security expert J. Alex Halderman, a professor of Computer Science and Engineering at the University of Michigan — who testified before the US Senate hearing into Russian interference in the 2016 U.S. Election — said e-voting where the results are public is relatively low risk provided MEPs check their votes have been recorded properly.

“Voting isn’t such a hard problem when it’s not a secret ballot, and I take it that how each MEP votes is normally public. As long as that’s the case, I don’t think this is a major security issue,” he told TechCrunch. “MEPs should be encouraged to check that their votes are correctly recorded in the minutes and to raise alarms if there’s any discrepancy, but that’s probably enough of a safeguard during these challenging times.”  

“All of this is in stark contrast to election for public office, which are conducted with a secret ballot and in which there’s normally no possibility for voters to verify that their votes are correctly recorded,” he added. 

NationBuilder probe closed

In further news related to the EU parliament the European Data Protection Supervisor (EDPS) announced today that it’s closed an investigation into the former’s user of the US-based political campaign group, NationBuilder last year.

Back in November the EU’s lead data regulator revealed it had issued its first ever sanction of an EU institution by taking enforcement action over the parliament’s contract with NationBuilder for a public engagement campaign to promote voting in the spring election.

During the campaign the website collected personal data from more than 329,000 people, which was processed on behalf of the Parliament by NationBuilder. The EDPS found the parliament had contravened regulations governing how EU institutions can use personal data related to the selection and approval of sub-processors used by NationBuilder.

The contract has been described as coming to “a natural end” in July 2019, and the EDPS said today that all data collected has been transferred to the European Parliament’s servers’.

No further sanctions have been implemented, though the regulator said it will continue to monitor the parliament’s activities closely.

“Data protection plays a fundamental role in ensuring electoral integrity and must therefore be treated as a priority in the planning of any election campaign,” said EDPS, Wojciech Wiewiórowski, in a statement today. “With this in mind, the EDPS will continue to monitor the Parliament’s activities closely, in particular those relating to the 2024 EU parliamentary elections. Nevertheless, I am confident that the improved cooperation and understanding that now exists between the EDPS and the Parliament will help the Parliament to learn from its mistakes and make more informed decisions on data protection in the future, ensuring that the interests of all those living in the EU are adequately protected when their personal data is processed.”

At the time of writing the parliament had not responded to a request for comment.

Posted on

After Iowa caucus flub, can tech be trusted in elections?

An app intended to speed up reporting of election results for the Iowa caucuses has failed spectacularly, not only confusing the electorate but perhaps poisoning their feelings toward making any technological “improvements” to the voting process whatsoever.

TechCrunch staff reporters Brian Heater, Jonathan Shieber, Zack Whittaker, Devin Coldewey and Ingrid Lunden discussed the issue informally.

Brian Heater: We all agree that this is a good sign of a healthy democracy, right?

Jonathan Shieber: Totally agree with Brian here.

Brian Heater: I’m legitimately finding it difficult to discuss these sorts of things without delving into the conspiratorial. That said, I think it’s far more likely that this was just a massive fuck-up on the part of the Iowa Dems. Chalking it up to a conspiracy is honestly giving them entirely too much credit.

Devin Coldewey: But what’s the nature of the fuck-up? Fundamentally?

Brian Heater: An app that wasn’t tested at the scale of a statewide election. The more we move away from more traditional means of accounting, the more of these we’re going to see.