Testimony on Four Bills

This year we testified on four bills before the legislature. We supported two bills, and for a change opposed none. For the two we neither supported nor opposed,, we proposed changes to the same sections of the law addressed by the bills.

This year we testified on four bills before the legislature.  We supported two bills, and for a change opposed none.  For the two we neither supported nor opposed, we proposed changes to the same sections of the law addressed by the bills.

 

A bill we proposed, S.B. 252 would strengthen the current post-election audits, while adopting changes long sought by the Registrars of Voters Association Connecticut (ROVAC).  It would also require that the electronic audits approved last year be publicly verifiable – without public verification we would simply be adding unverifiable “Black Box” auditing, to unverifiable “Black Box” voting (CT’s current manual hand counted audits are publicly verifiable .  <Prepared Remarks> <Testimony>

We supported H.B. 5390 would require the Secretary of the State to archive directives and instructions on the web.  We supported the bill which would do what we asked last year, when the Secretary’s properly identified directives and instructions were made enforceable. <Testimony>

We took no stand in favor or against S.B. 250 which would entail cutting off Election Day Registration (EDR) at 7:00pm rather than 8:00pm.  We warned in our testimony that the Secretary of the State’s EDR procedures risked a serious election rights violation, due to the cut-off of incomplete registrations at 8:00pm, rather than letting anyone in line at 8:00pm have the opportunity to register and vote.  From the questions asked during testimony of officials, it was clear that the Committee understood the issue we raised. <Testimony>

We took no stand on S.B. 251.  It would allow officials to interrupt counting and paperwork completion on election night in municipal elections.  It was similar to a change last year that would allow those same interruptions for State and Federal elections.  We pointed out, as we did last year, that both parts of the law should provide an effective means for the public, candidates, and party officials to determine the date, time, and location of the continuation of counting. <Testimony>

Citizen Audit Cites Flaws in Official Election Audits

Again accuracy declined and write-in votes handled incorrectly
November 2015 Post-Election Audit Report

From the Press Release:

The Connecticut Citizen Election Audit has released its report on its observation of the November 2015 official post-election audits. The audits, required by state law, are intended to verify the accuracy of elections at the municipal level.

Citizen Audit spokesperson Luther Weeks stated, After 9 years of official audits, voters should expect accuracy. Yet the audits have gone from poor to worse.”

The group’s observers found that official audit results do not inspire confidence because of continued:

  • Discrepancies between machine counts and hand counts of votes reported to the Secretary of the State by municipal registrars of voters.
  • Lack of investigation of such discrepancies, and the lack of standards for triggering investigations.
  • Lack of consistency, reliability, and transparency in the conduct of the audit.
  • Weaknesses in ballot chain-of-custody and security.

The group’s report noted:

  • 28% of official audits cited “Human Error” in counting ballots and votes. Registrars of voters should be expected to take the necessary effort to count accurately.
  • Significant decreases in audit integrity, and accuracy.
  • In three towns audits detected districts where officials fed write-in ballots through scanners a second time on election night.
  • If the group’s recommendations from last year had been mandated and followed, all write-in ballots would have been counted accurately.

“Problems discovered counting write-ins two years in a row shows the value of the official audits. But the report also reveals the decline in official attention to the audits, demonstrating that independent citizen observation and reporting are essential to election integrity.” Weeks emphasized.

<Press Release .pdf> <Full Report pdf>  <Detail data/municipal reports>

Again accuracy declined and write-in votes handled incorrectly
November 2015 Post-Election Audit Report

From the Press Release:

The Connecticut Citizen Election Audit has released its report on its observation of the November 2015 official post-election audits. The audits, required by state law, are intended to verify the accuracy of elections at the municipal level.

Citizen Audit spokesperson Luther Weeks stated, After 9 years of official audits, voters should expect accuracy. Yet the audits have gone from poor to worse.”

The group’s observers found that official audit results do not inspire confidence because of continued:

  • Discrepancies between machine counts and hand counts of votes reported to the Secretary of the State by municipal registrars of voters.
  • Lack of investigation of such discrepancies, and the lack of standards for triggering investigations.
  • Lack of consistency, reliability, and transparency in the conduct of the audit.
  • Weaknesses in ballot chain-of-custody and security.

The group’s report noted:

  • 28% of official audits cited “Human Error” in counting ballots and votes. Registrars of voters should be expected to take the necessary effort to count accurately.
  • Significant decreases in audit integrity, and accuracy.
  • In three towns audits detected districts where officials fed write-in ballots through scanners a second time on election night.
  • If the group’s recommendations from last year had been mandated and followed, all write-in ballots would have been counted accurately.

“Problems discovered counting write-ins two years in a row shows the value of the official audits. But the report also reveals the decline in official attention to the audits, demonstrating that independent citizen observation and reporting are essential to election integrity.” Weeks emphasized.

<Press Release .pdf> <Full Report pdf>  <Detail data/municipal reports>

Apple vs. the Government: Security and Privacy overlap

Apple is right to object to the government’s request to help open an iPhone.  Many claim it is an issue of balance between Security and Privacy. Perhaps. Yet, the Constitution talks of the the right of the people to be Secure in their effects.

To all those voices discussing this issue, we add:

  • Cracking “just one phone” and destroying the program thereafter is a myth…

While we applaud Apple’s efforts to make it impossible to crack new iPhones, such claims, in our view, are mythical.

Apple is right to object to the government’s request to help open an iPhone.  Many claim it is an issue of balance between Security and Privacy. Perhaps. Yet, the Constitution talks of the the right of the people to be Secure in their effects.

To all those voices discussing this issue, we add:

  • These same agencies spied illegally on the staff of the congressional committee whose job was oversight of those same agencies.
  • Employees of these same agencies used their illegal powers to spy on ex-wives etc.
  • Security in these same agencies is such that a young contractor could access and download unlimited highly classified documents, i.e. Ed Snowden.
  • Cracking “just one phone” and destroying the program thereafter is a myth.  It would be impossible to prove that all copies of the software were destroyed, that some low-level (or high-level) Apple or government employee did not keep copies of the code, or knew enough to recreate it.

While we applaud Apple’s efforts to make it impossible to crack new iPhones, such claims, in our view, are mythical:

  • Nobody, even Apple, can guarantee that any complex software is free of bugs, that could open a back door.
  • Nobody, even Apple, can guarantee an intentional back door was not added by an employee or contractor.
  • Nobody can be sure that the software and firmware actually present on your smartphone matches the software version created by the manufacturer.
  • Software or firmware could be specially installed with a backdoor or to create a “man in the middle attack”, with an interface between your screen and the expected smartphone software.
  • My iPhone, like most comes from a third party. In my case AT&T, which does not support Apple’s position.  What would AT&T do when the government next asks for their help?  What would a low level employee – a dedicated “patriot” – do?

For more details and opinions on the controversy, see Dan Wallach’s comments at Freedom To Tinker: Apple, the FBI, and the San Bernadino iPhone <read>

And Jenna McLaughlin at the Intercept Apple Slams Order to Hack a Killer’s iPhone, Inflaming Encryption Debate <read>

 

The Iowa Caucus vs. a Primary

There are several differences between a caucus and a primary election.  These differences are glaring, especially in the case of the Iowa Democratic Presidential Caucus.  Like all elections, the rules,  eligibility, and voting methods vary from state to state. In presidential primaries and caucuses they can vary from party to party.

Here is our list of important concerns with the Iowa Democratic Caucus. All things considered, democracy would be better served by a  primary than the Iowa Caucus.

There are several differences between a caucus and a primary election.  These differences are glaring, especially in the case of the Iowa Democratic Presidential Caucus.  Like all elections, the rules,  eligibility, and voting methods vary from state to state. In presidential primaries and caucuses they can vary from party to party.

Here is our list of important concerns with the Iowa Democratic Caucus.  Certainly others could add to the list.

  • Unlike an election many voters are disenfranchised.  To participate, voters must be present for two to three hours at a designated place and time:
    • For some disabled votes, particularly the elderly, and the temporarily sick, this precludes participation.
    • Weather can be a consideration varying by age, distance to the polls, and regional conditions.
    • For those required to work, this precludes participation: Police, fire, hospital staff, etc.  Workers in warehouses, fast food, retail etc. Caregivers, parents without babysitters.
    • For those who must be away:  Business trips, overseas voters, and those attending funerals etc.
  • Unlike an election it is not a secret ballot.  Many may be intimidated either directly or by fear of actual or imagined pressure and repercussions:
    • Party members, office holders, appointed officials, and civil service employees, or those aspiring to be, may feel pressure go along with party regulars or officials.
    • Employees and union members may feel pressure to go a particular way base on the views of bosses, supervisors, union leaders, or co-workers.
    • Church and community organization members may feel pressure to go along with leaders or peers.
    • Some may want to go along with family members and neighbors.
  • The vote is a headcount in public and thus could be more transparent. Unfortunately, the transparency seems to be limited.
    • The party has refused to release the actual counts of attendees and those siding with each candidate.  Those numbers should be posted at the event, agreed to by everyone and provided in a way that is transparent and verifiable.
    • The rules for translating votes into delegates are complex. They involve careful calculation to the number finally supporting each candidate and the number originally present at the caucus even if they do not finally vote. The rules can easily be misunderstood or intentionally misapplied.

All things considered, democracy would be better served by a  primary than the Iowa Caucus.

Help Wanted: Low pay, long hours, impossible demands, no benefits

A Courant article reminds us of an idea out of left-field enacted last year by the General Assembly as a “rat*”: Deadline Looms For Regional Election Monitors

When the Connecticut General Assembly passed the budget implementer bill in June 2015, buried in its 702 pages was the stipulation that regional election monitors be in place by March 1.

Those regional monitors were to be hired by each of the nine planning regions in the state. They would be certified by the Secretary of State’s office, but not paid by them.

Gentle reader, before you rush out and apply we note several items which might not be apparent.

A Courant article reminds us of an idea out of left-field enacted last year by the General Assembly as a “rat*”: Deadline Looms For Regional Election Monitors <read>

When the Connecticut General Assembly passed the budget implementer bill in June 2015, buried in its 702 pages was the stipulation that regional election monitors be in place by March 1.

Those regional monitors were to be hired by each of the nine planning regions in the state. They would be certified by the Secretary of State’s office, but not paid by them. They would represent, consult with, and act on the SOS’s behalf, but would not be state employees. Instead, each council of government would be expected to contract an individual to serve as a monitor and enter into a memorandum of understanding with the SOS about them.

But plenty of questions have yet to be answered with a March 1 deadline and April 26 primary on the horizon.

“There are a lot of details still to be worked out,” Filchak said. “We have a lot of questions about the ‘what ifs’ and those take time to work out.”

One question concerns liability issues. The REM would be an employee of the COG, but his or her duties would include working with registrars in the towns of each COG. NECCOG has 16 towns in its region. The REM for NECCOG would have to do several things for each of those municipalities.

They’d have to hold regional instructional sessions for moderators and alternate moderators. They might be called on to assist registrars in preparing for and conducting elections, primaries, a recanvass, or audit. And they would be expected to transmit any order issued by the SOS…

Legislation calls for $100,000 to be allocated for REMs. How that money will be divided up between nine COGs and what the hours and benefits will be is still unknown.

SOS Communications Director Patrick Gallahue said details are still being worked out between the COGs and the SOS office. He said the REMs would provide supplemental assistance to local election officials such as trainings, audits, and help with the implementation of new laws or elections hardware and software.

Gentle reader, before you rush out and apply we note several items which might not be apparent:

  • You will be a contractor, so there will be no benefits. The annual pay will be about $11,111.
  • At minimum in 2016 expect to work at least three 18-24 hour days supervising one election and two primary elections.
  • You will receive training, leading to a required certification. Training will attending instruction for 2-4 hours on 9 occasions (moderator and registrar certification), several hours of online training, and passing several tests at home (be sure not to have someone else take the test for you). (For now lets ingnore the law for certification that says you cannot be so certified, unless you are simultaneously serving as a registrar or deputy registrar, which also requires performing a very demanding job for those same three 18-24 hour days.)
  • You will be directly supervising about 16-24 individuals in about 8 to 12 towns, while they are working those 18-24 hour days.
  • You may be singly or jointly responsible for any errors and legal violations of those individuals or the several hundred temporary individuals they employ for those three days a year. You will also be responsible for assisting in the training of all those individuals. Not to worry, some of those individuals have been performing their duties for many years. Others will be very new to their jobs. None of the registrars are currently certified, but most will be by November 2017. (So you might want to check very carefully before elections, after elections, and all year, that they faithfully perform all their many legally mandated responsibilities).
  • It may, in some cases, be a bit challenging: The two registrars in each town are from opposing parties, most get along well, yet many bicker constantly and in rare cases assaulted their “partner” from the other party. Even though many have performed well for years, some frequently make mistakes, failing to follow the law. Your supervisor has little or no experience in the actual job you will be supervising, yet is confident that your registrars will all perform well once they are certified, with your guidance.
  • You will not have to worry about firing anyone. Registrars are elected officials – no matter what, they will stay on the job, except in very rare circumstances, as yet, never tested in court.

* Def: Rat – In Connecticut slang, a section of a long bill, a.k.a. Public Act**, inserted near the end of the session, usually near the end of a long bill, without hearings, by legislators unknown to the public. Legend has it that most pass without the knowledge of most legislators.
** Def: Public Act – A fictional drama performed in public.

Are Feds off-target in disabled ballot probe?

From the CT Post:  Feds probing how Connecticut handles disabled voters ballots

Both the IVS and the referendum systems, for different reasons, are a disservice to voters with disabilities.  Yet the gist of the probe, if the article is correct, is incorrectly aimed at referendums and would be more appropriately aimed at State and Federal elections. Perhaps both should be probed for different reasons.

From the CT Post:  Feds probing how Connecticut handles disabled voters ballots <read>

Federal authorities are investigating possible privacy and disability act violations in the way Connecticut’s towns and cities require handicapped Americans to vote in referendum elections…
It advises them [registrars] a complaint was filed contending violations of federal civil rights laws and Title II of the Americans with Disabilities Act of 1990. Specifically, the allegation charge that voting by paper ballots, which are then segregated and hand-counted, violates privacy and secrecy requirements that are afforded non-disabled voters.

If the article is correct, the Feds do not really understand the IVS machine we use in State and Federal Elections.  The IVS creates a unique paper ballot that cannot be scanned. It is an arduous process that would mainly serve voters that are blind and does not serve them well.   It is theoretically possible that the paper would not be seen between printing and deposit in the ballot box. Yet, it must be segregated and hand counted at the end of the night.  It is not normally secret, since very few voters use the system.  My guess is that in an average State or Federal election, in less than 5% of polling places does even a single voter use the system –  so every polling place official knows who voted on the machine and how they voted – and if there is a recanvass, so could anyone in the polling palace at the time the IVS was uses. In our opinion, the IVS is a disservice to those with disabilities.

Most voters who try the system once, never try again.  Officials hate setting it up and are nervous that someone will want to use it, which will require their assistance to set-up for the voter.  Last November my co-worker noticed a label on the IVS in our polling. The dialing instructions had a different code than our polling place.  It took her several phone calls to customer service and maybe 45 minutes work to get it functioning.

BUT this suit is about Referendums where the IVS system generally is not used.  The voter uses a regular ballot. It is known by whomever assists them, yet not counted separately. They can have almost anyone of their choice assist them, including polling place officials. It is actually more confidential than the IVS in practice, since only one or two people know how a particular voter voted.

Both the IVS and the referendum systems, for different reasons, are a disservice to voters with disabilities.  Yet the gist of the probe, if the article is correct, is incorrectly aimed at referendums and would be more appropriately aimed at State and Federal elections. Perhaps both should be probed for different reasons.

Brennan Center: Election Integrity: A Pro-Voter Agenda

Whenever we open a report with multiple recommendations we start from a skeptical point of view. We expect to agree with some proposals and disagree with others.  A new report from the Brennan Center for Justice is the exception.  We agree with every recommendation:
Election Integrity: A Pro-Voter Agenda

It starts with the right criteria, it has a great agenda, strong supporting arguments, and ends with an appropriate call to action

Whenever we open a report with multiple recommendations we start from a skeptical point of view. We expect to agree with some proposals and disagree with others.  A new report from the Brennan Center for Justice is the exception.  We agree with every recommendation:
Election Integrity: A Pro-Voter Agenda <read>

It starts with the right criteria it has a great agenda, strong supporting arguments, and ends with an appropriate call to action:

This history strongly suggests two overarching principles that should guide any further efforts to secure election integrity. Such efforts should have two key elements:

  • First, they should target abuses that actually threaten election security.
  • Second, they should curb fraud or impropriety without unduly discouraging or disenfranchising eligible voters.

Efforts that do not include these elements will just result in burdens to voters and little payoff.

One: Modernize Voter Registration to Improve Voter Rolls

Two: Ensure Security and Reliability of Our Voting Machines

Three: Do Not Implement Internet Voting Systems Until Security is Proven

Four: Adopt Only Common-Sense Voter Identification Proposals

Five: Increase Security of Mail-In Ballots

Six: Protect Against Insider Wrongdoing

We do not have to choose between election integrity and election access. Indeed, free and fair access is necessary for an election to have integrity. This report examined genuine risks to the security of elections, highlighting current vulnerabilities as well as those that will be faced in the future. Recommendations have been made about how to reduce each risk. We invite and urge policymakers to tackle these problems.

As  examples, we particularly support its call for sufficient post-election audits and attention to detecting, preventing, and punishing insider fraud:

Require Post-Election Audits. Many machines now issue a paper record of a voter’s selection. But these records are of little security value without audits to ensure that vote tallies recorded by a particular machine match any paper records. Despite near universal expert agreement on the need for audits, some vendors have vigorously opposed these paper trails, contending that they increase costs and slow the voting process. Security experts also recommend that states pass laws for effective “risk-limiting audits.” These require examination of a large enough sample of ballots to provide statistically “strong evidence that the reported election outcome was correct — if it was.” Also, the audit process should not rely on any one individual who might be in a position to manipulate either the voting machine or the recount device. According to experts, these insider attacks are the most difficult to stop. Voting technology experts also say machines must be “software independent,” which is technically defined as when “an (undetected) change or error in its software cannot cause an undetectable change or error in an election outcome,” but practically speaking means that the election results can be captured independently of the machine’s own software. Auditors should be assigned randomly to further ensure the process is not being gamed. Finally, audits should be as transparent as possible. This not only is essential to garnering public confidence, but can show a defeated candidate that she lost the election in a contest that was free and fair…

It is not surprising that many instances of election fraud, both historically and in the present day, involve the actions of insiders. Recent abuses by insiders have included lawmakers lying about where they live, magistrate judges willfully registering ineligible persons, and legislators running fraudulent absentee ballot schemes. A pollworker in Ohio was famously found guilty of using her authority and training to conduct voter fraud and take certain steps to evade detection. Culprits have even included the chief election officer of Indiana. This is why election officials and workers should receive special attention because their insider status increases their opportunity to both abuse the system and avoid detection. Moreover, when organizational leaders are involved in wrongdoing, it can create a culture for fraud, encouraging others to commit misconduct.

 

Twice again, Internet/online/email voting not a good idea

“You can’t control the security of the platform,”…The app you’re using, the operating system on your phone, the servers your data will cross en route to their destination—there are just too many openings for hacker interference. “But wait,” you’re entitled to object, “banks, online stores and stock markets operate electronically. Why should something as simple as recording votes be so much more difficult?”…

“As soon as large numbers of people are allowed to vote online, all of the sudden the attack surface is much greater,”…

Handing over election technology to tech companies surrenders the voting process to private, corporate control. The companies will demand trust without letting the public vet the technology, peek into the source code or see behind the curtain into the inner workings of the programs that count the ballots

We have and others said it many times and many ways. Internet/online/voting is not safe for voting and maintaining democracy. Here are just two more articles to explain it again, a variety ways.

Scientific American:  When Will We Be Able To Vote Online? <read>

Sooner or later everything seems to go online. Newspapers. TV. Radio. Shopping. Banking. Dating. But it’s much harder to drag voting out of the paper era. In the 2012 presidential election, more than half of Americans who voted cast paper ballots—0 percent voted with their smartphones. Why isn’t Internet voting here yet? Imagine the advantages! … It’s all about security, of course. Currently Internet voting is “a nonstarter,” according to Aviel D. Rubin, technical director of Johns Hopkins University’s Information Security Institute and author of the 2006 book Brave New Ballot. “You can’t control the security of the platform,” he told me. The app you’re using, the operating system on your phone, the servers your data will cross en route to their destination—there are just too many openings for hacker interference. “But wait,” you’re entitled to object, “banks, online stores and stock markets operate electronically. Why should something as simple as recording votes be so much more difficult?” Voting is much trickier for a couple of reasons…

So how does Estonia do it? It’s a clever system. You can vote online using a government ID card with a chip and associated PIN code—and a card reader for your PC. You can confirm the correct logging of your vote with an app. Parts of the software are available for public inspection. You can change your vote as many times as you like online—you can even vote again in person—but only the last vote counts, diminishing the possibility that somebody forced your selection.

Unfortunately, three factors weaken this system’s importance as a model for the U.S. First, Estonia is a country of about one million eligible voters—not around 220 million. Second, we don’t have a national ID card. Third, security experts insist that just because hackers haven’t interfered with Estonia’s voting doesn’t mean they can’t. In 2014 a team led by University of Michigan researchers found at least two points where hackers could easily change votes: by installing a virus on individual PCs or by modifying the vote-collecting servers. (The Estonian government disagrees with the findings.)

Meanwhile other countries’ online-voting efforts haven’t been as successful.

We do disagree with one point: “security experts insist that just because hackers haven’t interfered with Estonia’s voting doesn’t mean they can’t.”.  We ask “How do they know?  One of the huge problems is that the system could have been compromised undetected by those “virus on individual PCs or by modifying the vote-collecting servers”. This is covered in the second article:

Tech.MIC: Online Voting Is the Future — And It Could Lead to Absolute Disaster <read>

More experts and more reasons its dangerous to democracy:

It’s 2016. Why don’t we have an app on our smartphones that allows us to vote remotely and instantly?…

Why has it taken so long for online voting to enter the election? It’s not government laziness. It’s not that nobody’s trying to realize the promise of online voting. It’s that there’s a concerted effort to make sure online voting never happens…

What’s holding back online voting? In short, security risks. If we’ve learned anything from the past few years of cybersecurity scandals — like the Office of Personnel Management hack, the Sony Pictures Entertainment fiasco or the Ashley Madison breach — it’s that no digital system can be proven to be totally safe.

There’s a common refrain that digital voting experts are tired of hearing: “If I can bank online, why can’t I vote online?” If the internet is safe enough to store our money, shop, file our taxes and perform other sensitive tasks, why can’t it be used to vote?

The truth is, we don’t bank or shop safely online. Major retailers and banking systems deal with hacking, fraudulent charges and identity theft every day. Companies like Amazon are used to a small percentage of transactions being fraudulent. And when fraud occurs in a financial transaction, those problems can be fixed after the fact…

This is the problem voting has that banking and retail do not: the “audit trail.” If something goes wrong with a purchase, you can retrace that purchase between the bank, vendor and customer to see where something went wrong. But voting has to be anonymous: Once a ballot is cast, it can’t be tracked back to the original voter without violating the sanctity of voter anonymity.

“Voting is a situation with two hands,” Ed Gerck, a computer scientist who has been trying to solve the online voting problem from a logistical perspective since the ’90s, told Mic. “In one hand, you know who the voter is; they’re qualified, and they’re allowed to vote. In the other, you have the ballot, which must be correct. But you cannot link the ballot to the voter.”

The hand-off, where a person submits his or her ballot using a phone or a computer and sends it to a digital ballot box, is where mischief can occur, because hackers could theoretically manipulate votes without ever alerting election officials that the system has been compromised…

one reason these systems haven’t yet shown signs of being hacked is because no one cares enough to try. Federal elections don’t rely on them.

“As soon as large numbers of people are allowed to vote online, all of the sudden the attack surface is much greater,” David Jefferson, a computer scientist and digital voting researcher, told Mic. “If I thought we could allow it for a very small number of people who really needed it, I could live with that, but that’s not what people are advocating.”…

Handing over election technology to tech companies surrenders the voting process to private, corporate control. The companies will demand trust without letting the public vet the technology, peek into the source code or see behind the curtain into the inner workings of the programs that count the ballots…

Alabama’s system, Everyone Counts, has been put through rigorous testing from mammoth security companies like PricewaterhouseCoopers. Everyone Counts lets the districts that use it vet the technology themselves or hire an outside contractor to test the security of the system. Alabama’s system, as far as Alabama can discern, has been rock-solid for years. Everyone Counts has never put the system up for a public, free-for-all penetration test, but Merrill says he isn’t worried about a security breach.

The looming hypotheticals and doomsday scenarios are unprecedented in the United States. If there were a breach, it could come from someone outside of of U.S. jurisdiction, even a state-level foreign aggressor. That’s if we could verify it at all. Hackers are tough to track — we’re still left wondering who’s responsible for the 2014 Sony hacking fiasco. And unlike a bank transaction that can be corrected by instant accounting, imagine this same system applying to the presidential election. If Hillary Clinton wins in 2016 and, months later, the discovery of a breach reverses the results, what would happen? It would be a legal nightmare without precedent…

Still interested in risking your vote and your democracy via the Internet? Please read both articles in their entirety.

Safe as an ostrich, from cyber attack.

Imagine no Internet for a few weeks. Imagine if that is because there is no power grid. CNN.Money: Cyber-Safe: How Corporate America keeps huge hacks secret

The backbone of America — banks, oil and gas suppliers, the energy grid — is under constant attack by hackers.

But the biggest cyberattacks, the ones that can blow up chemical tanks and burst dams, are kept secret by a law that shields U.S. corporations. They’re kept in the dark forever.

Imagine no Internet for a few weeks.  Imagine if that is because there is no power grid. CNN.Money:  Cyber-Safe: How Corporate America keeps huge hacks secret
<read>

The backbone of America — banks, oil and gas suppliers, the energy grid — is under constant attack by hackers.

But the biggest cyberattacks, the ones that can blow up chemical tanks and burst dams, are kept secret by a law that shields U.S. corporations. They’re kept in the dark forever.

You could live near — or work at — a major facility that has been hacked repeatedly and investigated by the federal government. But you’d never know.

What’s more, that secrecy could hurt efforts to defend against future attacks.

The murky information that is publicly available confirms that there is plenty to worry about.

Unnamed energy utilities and suppliers often make simple mistakes — easily exposing the power grid to terrorist hackers and foreign spies. A CNNMoney investigation has reviewed public documents issued by regulators that reveal widespread flaws.

Reminds us of the “little” error by a DNC vendor a few weeks ago.  Except that a successful attack on the power grid vulnerability could be much more devastating.

Robert M. Lee spent time in the U.S. Air Force, where he identified critical infrastructure attacks as a “cyber warfare officer.” Now he travels the world for the SANS Institute, teaching the actual government investigators and power plant computer teams who face these types of dangerous attacks.

Except he doesn’t have any class material. He can’t find it. It’s all secret.

“My class is the only hands-on training for industrial control systems, but my students’ number one complaint is that there aren’t case studies or enough data out there about the real threat we’re facing,” he said. “There’s no lessons learned. It is extremely destructive to the overall national security status of critical infrastructure.”

Book Review: Ballot Battles by Edward B. Foley

I have long been a fan of the  papers and other writings of Edward B. Foley of the Moritz College of Law.  He writes extensively on the issues associated with close elections, how they have been decided since the founding of the United States, and how the process might be improved. Last month his book on the subject, Ballot Battles:The History of Disputed Elections in the United States was released.

To me, it was a highly fascinating read that kept my interest through every page. It should be required reading for anyone interested in Election Integrity

I have long been a fan of the  papers and other writings of Edward B. Foley of the Moritz College of Law.  He writes extensively on the issues associated with close elections, how they have been decided since the founding of the United States, and how the process might be improved. Last month his book on the subject, Ballot Battles:The History of Disputed Elections in the United States was released.

To me, it was a highly fascinating read that kept my interest through every page. It should be required reading for anyone interested in Election Integrity

As I would define it, Ballot Battles is focused on one component of election integrity, i.e. How close elections have been decided in the U.S., rather than if the vote counting itself was accurate. Foley’s work is an important component of election integrity. Further along that vein we could say that Fair Elections go beyond Election Integrity to include fair voter eligibility, access to the polls, candidate access to the ballot, access to the press, and campaign financing etc.

Ballot Battles follows close elections and the process for deciding the declared winner from 1781 through 2008.  While Presidential races from 1800, 1876, and 2000 are important, many other races for the U.S. Senate, U.S. House, and Governors are just as important to history and the challenges remaining today. Reforms have been attempted after major controversies, yet as Foley shows they have been insufficient, including those after 2000.  We remain vulnerable.  As summarized at one point in Ballot Battles:

“the 1960 presidential election must be viewed as a failure of American government to operate as a well-functioning democracy.  That failure puts 1960 along-side 1876 — and, as we shall later consider, 2000 — in a disturbing series of instances in which the nation has lacked the institutional capacity to identify accurately the winner of the presidency.”

There is no easy solution. It would likely require a Constitutional Amendment.  Ultimately, as Foley recommends, following successful models of instances of bodies of equal numbers of partisans, with a single respected non-partisan member.  That is unlikely to always work, yet that has worked better than the system we are left with for adjudicating close Federal Elections.

Ballot Battles thoroughly covers the adjudication process and the risks to which we are exposed.  Those seeking information on fraud and error in elections will not find the details here.  Likewise, those seeking agreement that the Supreme Court erred or acted responsibly in 2000 will find little agreement here, yet much to ponder, much to learn about the law, and the precedents applied to resolve election challenges.