Election security is front and center as the midterms approach, and the National Cybersecurity Center has announced it’s investigating how blockchain can help secure elections — and potentially make widespread mobile voting a reality.
The NCC announced a partnership with Tusk Montgomery Philanthropies to work on “Proving Our Democracy,” a pioneering program evaluating new election technologies to create secure and accessible voting — mobile voting in particular.
Colorado Springs and Denver will be the pilot populations for the program, which is the NCC’s first government initiative aimed toward election security.
“Of all the things you hear about in cyber today, probably election interference is No. 1 in terms of … what concerns and challenges our very democracy, when there’s suspicion of interference in our election system,” NCC CEO Vance Brown said last month, “so that’s a topic we’re already taking head-on.”
Broadly, the program “brings together technology, talent and partnerships around use cases for cybersecurity as a means for trust and transparency” in business, government and society, said Forrest Senti, the NCC’s director of business and government initiatives.
Blockchain to boost voting security
Blockchain-secured voting applications are among the technologies being explored, and Senti said he expects “100 percent” that blockchain can improve security while boosting the ease and accessibility of voting.
“The votes get transferred to a distributed ledger that’s decentralized, and those votes are able to be theoretically tamper-proof,” he explained. “It creates a record that ties a vote to a person that can never be changed, so you have a permanent, traceable, auditable trail for an election technology that we’ve never had before.”
This wouldn’t happen here
It’s a level of security that stands in stark contrast to the shaky voting technologies and data destruction seen in Georgia, to name one example. A year ago today, The Associated Press reported that a computer server crucial to a lawsuit against Georgia election officials was wiped clean by its custodians — just after the suit was filed.
“The server’s data was destroyed July 7 by technicians at the Center for Elections Systems at Kennesaw State University, which runs the state’s election system. … ,” the report said.
“Plaintiffs in the lawsuit, mostly Georgia voters, want to scrap the state’s 15-year-old vote-management system — particularly its 27,000 AccuVote touchscreen voting machines, hackable devices that don’t use paper ballots or keep hardcopy proof of voter intent.”
The plaintiffs needed an independent security review of the Kennesaw server, which held elections staging data for counties, to demonstrate the system was unreliable — but wiping the server meant forensic investigation was impossible. Making matters much worse, The AP reported, two backup servers were wiped clean a month later, as the lawsuit moved to federal court.
In addition, a failed effort by Kennesaw State systems engineers to fix an identified security hole on the main server left sensitive data about Georgia’s 6.7 million voters — including Social Security numbers, party affiliation and birthdates — exposed for months, along with county officials’ passwords for accessing election management files.
Election integrity boosts turnout
“Why Electoral Integrity Matters” research showed that when people believe that electoral malpractice is common, they’re significantly less likely to vote — and the Perceptions of Electoral Integrity Index also shows a direct correlation between secure elections, voter confidence and voter turnout.
The research showed perceived electoral integrity in Georgia — along with Texas and Oklahoma — is especially low, while Colorado, Vermont and New Hampshire score highly for electoral integrity.
“When people in the community believe that their elections are secure, their votes are being counted and their voices are being heard, they’re more likely to show up,” Senti noted. “That happens not only with increased election technology, but increasing trust — for example, I guarantee over the next few years Colorado will maintain some of the highest voter turnout in the nation because nationally we’re known to be the No. 1 state for cybersecurity in elections.”
“Proving Our Democracy” is another way the state is working to stay ahead of the challenges of running good elections, Senti said, noting Colorado was also “the first state in the nation to implement risk-limiting audits — and that has increased our election security [infinitely].”
Tusk Montgomery is already experienced in investigating secure mobile voting technologies. According to The New Yorker, in May the nonprofit spent about $150,000 on a small pilot project in West Virginia, which gave overseas citizens and members of the military stationed abroad the option of using [new mobile voting app] Voatz to cast ballots on their phones.
“The pilot was open only to residents of two counties, and a total of thirteen voters participated,” The New Yorker reported, “but it was deemed successful enough that Voatz will be available to overseas voters from twenty-four West Virginia counties in the November midterms.”
Senti said West Virginia and Colorado are the only states publicly investigating blockchain in relation to election security.
“We’re the second. And … next fall we’d be the first to look at special access populations as well,” he said, explaining that Colorado’s pilot will go beyond the Uniformed and Overseas Citizens Absentee Voting Act population evaluated in West Virginia and will also evaluate “special access” voting populations, including the elderly and people with disabilities.
The NCC and Tusk Montgomery want the “Proving Our Democracy” pilot to be a focal point for spreading the best ideas for trust in the U.S. election system. The program begins with the selection of a test group for the effort (Colorado Springs and Denver) for providing an online, trusted and secure solution for absentee voters that is easy to access and scalable.
That effort will be backed up with explorations of existing vendors, the adoption of open source technologies, public and private mock elections for testing vulnerabilities during a live election, hackathons, stakeholder engagement, and security audits.
“What I can say is that Colorado Springs, Denver and the state of Colorado are not publicly committed to using blockchain-secured voting applications at any point in time right now, but that they’re actively evaluating and looking at the applications for it,” Senti said.
Spring 2019 in Denver and Colorado Springs and fall 2019 for the state are “in active consideration … but it’s all under evaluation,” Senti said.
The NCC also has partnerships with the global Blockchain Trust Accelerator and the Cyber Policy Initiative, based at the University of Chicago’s Harris School of Public Policy, to develop cybersecurity policy, conduct research into increasing voter confidence and participation, and develop road maps and benchmarks for cities preparing to pursue innovative voting methods.