Elections

'Unprecedented' challenges to safe, secure 2020 vote

voting security 

A raging pandemic. An economic recession that has decimated state and local budgets. Critical poll worker shortages. Long lines at polling stations. A mail system beset by politics. Disinformation campaigns by foreign intelligence agencies and domestic political groups. Hackable voting machines.

Election administrators have always walked a tightrope when it comes to ensuring a smooth voting process, but the sheer number of obstacles they face this year will pose one of the greatest challenges to America's voting infrastructure in memory.

"Things are bad. I can't sugarcoat that, but most people in elections are truly rising to the occasion within the limits of their position," Genya Coulter, an election official in central Florida, told FCW. "They can't change certain things, but whatever is in their power to change, they are."

Chief among those challenges: a persistent virus that can make close physical proximity deadly and has altered the course of voter behavior. What started out as a years-long effort by election officials and cybersecurity experts to secure in-person voting machines and polling stations has – in a matter of months – morphed into an urgent scramble to set up state and local infrastructure capable of handling what is expected to be a historic surge in voter-mailed ballots this fall. An increasing proportion of poll workers dropping out this year due to concerns over the virus further complicate the efforts by many jurisdictions to facilitate in-person voting.

Amber McReynolds, CEO of the National Vote at Home Institute, summed up that reality while testifying before the House Homeland Security Committee this week, saying the pandemic "has upended all aspects of our lives and the voting process is no different."

"Election officials have responded to difficult circumstances with little support, and will attempt to do so again this year, but this year is unprecedented," said McReynolds. "They need support from elected leaders that have the power to help."

While some local officials have been vocal in their frustration, others pointedly reject the urge to fall into hopelessness or despair, pledging to carry out a safe and secure process no matter the circumstances. They argue few -- if any -- of these challenges are insurmountable, and most simply require sufficient political will to address.

What election officials need

Many local officials say they desperately need two things to ensure a safe and secure election under current conditions: more state and federal resources (including emergency funding from Congress) and support from political leaders when it comes to educating voters, many of whom will be voting by mail for the first time this year.

In terms of other resources, it's a mixed bag. Many states have moved to expand access to vote by mail, encourage residents to explore the option and in some cases preemptively mail absentee ballot applications to registered voters. Still, in a Brooking Institute analysis of how easy it is to vote by mail, 29 states receive a grade of C or lower. The analysis grades states on metrics such as whether they allow voters to cite concern over COVID-19 to request an absentee ballot, whether they make drop-off boxes or in-person channels available and if a state accepts ballots that are postmarked by election day.

The virus "added a whole new set of concerns that were always there, but that got brought very sharply into focus" such as how to conduct voting in a state of emergency and what exceptions to make, said computer scientist and election security expert Matt Blaze during a speech at Black Hat this week.

"Basically, emergencies are likely to require scaling up our exception mechanisms, which mostly involves mail-in voting," he said.

Federal organizations like the Cybersecurity and Infrastructure Security Agency and Election Assistance Commission have also pivoted to provide more expertise and assistance to state and local governments around the issue.

Last month, CISA issued an infrastructure security assessment around vote by mail that outlined a number of new risks that could be introduced by scaling up vote by mail. Those risks include enhanced danger from cyberattacks on voter registration systems, since many voters will not be in-person to answer questions about identity or verification; security risks for offices and warehouses where mailed ballots will sit for weeks before being tabulated; and poor hand-offs as operational risk management responsibilities shift from local election officials to other entities like ballot printers and the U.S. Postal Service.

All of these new risks, the agency concluded, "can be managed through various policies, procedures and controls." In some ways, it could actually increase the confidence in election results by shifting votes from Direct Recording Electronic voting machines to a process that leaves a better paper trail.

"For us, anytime you get paper into the system, that's…an opportunity to audit and auditing is a good thing," CISA Director Chris Krebs said about the increase in absentee ballot voting this election cycle.

The assessment aligns with what many local election officials on the ground say about mailed ballots: namely that it is a safe and secure way of voting that has multiple layers of verification throughout the process.

Disinformation – foreign and homegrown

The greatest threat facing vote by mail comes not from the process itself, but by manipulation of public perception of that process by domestic and foreign actors. The CISA assessment states that while disinformation and misinformation risks to mail-in voting infrastructure and processes are similar to that of in-person voting, "threat actors may leverage limited understanding regarding mail-in voting processes to mislead and confuse the public." It also notes that vote by mail "has already become an issue among partisan political voices, which makes it a target for threat actors to exploit."

Chief among those culprits is the sitting president of the United States, who has waged a relentless and evidence-free campaign to undermine confidence in mail-in ballots as public polling continues to show wide disparities in voting preferences between likely in-person and absentee voters. The attacks put added stress on election administrators at the same time they're working to facilitate an election where as many as 70% of voters could end up sending their ballots through the mail.

"Election officials are concerned about funding, concerned about what elections look like without it, and frankly the fact that they say to me, they don't have time for politics, they need to get the job done, and they need the resources to do it," said Ben Hovland, a Commissioner on the Election Assistance Commission, in response to a tweet from Trump calling to delay the election due to the increase in mail-in voting.

President Trump also installed Louis DeJoy, a GOP fundraiser, as Postmaster General at USPS. Shortly after taking office, DeJoy instituted changes that have had a measurable effect slowing down mail delivery, an effect that Democrats and some election observers have argued is intentional and designed to overwhelm USPS as it begins processing a massive increase in voter-mailed ballots this fall. It can also negatively affect numerous other aspects of election administration.

"Federal and state laws have legal mandates with regards for sending voter registration information, ballot issue notices, election information, poll worker appointment letters, polling place notification cards, signature cards, address update notifications and other required mailings," said McReynolds. "All of these legally required mailings are at risk if the Post Office is not able to process mail effectively or experiences delays."

The agency claimed this week that despite the changes, the Postal Service "has ample capacity to adjust our nationwide processing and delivery network to meet projected election and political mail volume."

The biggest concern that disinformation experts worry about is the inevitable delays that will occur with expanding mail-in voting and the potential for bad actors to exploit that uncertainty in the immediate aftermath of an election to cast doubt on the results. In most cases, processing mail ballots is a slow, laborious process. Voter signatures and other components must be verified and correctly sorted, often manually. Inexperience among new voters around the correct step-by-step process and delays in mail delivery can lead to significant confusion about whether certain ballots should be accepted or not.

The end result is a situation ripe for sowing confusion and discord. Clint Watts, a research fellow at the Foreign Policy Research Institute, listed "viral mail-in ballot conspiracies" as the top disinformation threat facing the 2020 elections.

"A false or manipulated video alleging voter fraud by mail could easily spread virally across the social media ecosystem fueling widespread allegations of election rigging so extreme that it touches off protests, riots, armed standoffs or even violence," Watts wrote.

One potential solution: transparency. Judd Choate, Elections Director for Colorado, told the Bipartisan Policy Center that being "completely open" about the way jurisdictions process and count mail-in ballots can serve as a counterweight to many false or misleading claims.

"Let watchers, parties, and press see everything you do," he said. "Let them follow around ballot pick up teams, watch (and even challenge) the signature verification process and observe adjudication and tabulation."

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected