The Iowa caucus may be a disaster for the Democratic party, but it just may be the best thing to happen to election security. The failure of the now-infamous smartphone app is a case study of nearly everything that can go wrong with electronically tabulating election results. But it was a blessing in disguise because the election was visible enough to make front-page headlines for days but benign enough not to cause any real harm to an election.
It’s time to drive a stake through the heart of electronic voting once and for all.
Election Security Lessons from Iowa
Ohio State football coach Woody Hayes is credited with the adage that, “There are three things that can happen when you throw a pass, and two of them are bad.” When electronics are used for voting, there are four things that can happen, and three of them are catastrophic. All three election security nightmares happened in Iowa:
- Vote tabulating can be compromised
- Vote reporting can be compromised
- Confidence can be undermined
I won’t go into detail about all of the failures of the app, because they are well-documented. We know that it was poorly designed, people had trouble using it, it had massive security vulnerabilities, warning signs were ignored, and the numbers reported were riddled with errors and inconsistencies.
The vote tabulation itself was compromised. We’ve seen reports that many caucus chairs had trouble installing the app and logging in to it. The vote reporting was compromised because some caucus chairs could not get a wireless signal in order to connect to the central database. The New York Times reported discrepancies between numbers recorded in the app and actual caucus results.
But finally and (arguably) most importantly, trust in the process was blown to kingdom come. Any one of these problems can undermine trust in the process. The sheer volume of problems led us to a point where as of the writing of this article (six days later), the Associated Press still has not declared a winner.
In the case of the Iowa caucuses, the system completely broke down. However, it’s important to note that things don’t actually need to break in order for trust to be broken. As Tom Scott says in the excellent and highly recommended videos below,
“To break an electronic election you don’t actually need to break it. You just have to cast enough doubt on the result.”
Secretary of State Bill Gardner is regarded by many as a curmudgeonly Luddite. He famously said that “You can’t hack a pencil.” And he’s right. I don’t know that he’s received a lot of grief for saying that, but if he has then he should feel completely vindicated.
I hear a lot of people advocate for Internet voting. In my experience, exactly zero of those people have any experience with cybersecurity. If you know anything about computers, software development, networks, communication protocols, or cybersecurity, you know that there are hundreds of attack vectors for these systems. The fact of the matter is that hacking a paper ballot system at scale is incredibly difficult to pull off and to hide.
Hacking an electronic system is relatively easy and usually undetectable.
Take it from someone with 40 years’ worth of computer, networking, and cybersecurity experience: Anything can be hacked. And the higher the stakes, the more incentive there is and the more likely it becomes.
Why Electronic Voting is a BAD Idea
I’ve included two videos about election security by Tom Scott below for your information and viewing pleasure. The first video is one that I’ve been sharing with people FOR YEARS. I’ve been sounding the alarm bell against electronic voting for a long time. As the country becomes more polarized and elections become more disputed, the call for electronic voting seems to be increasing. I highly recommend watching the two videos below for more details about exactly why this would be a disaster.
Thankfully, in Iowa’s caucuses, only a handful of the 1,990 delegates required for one party’s nomination were at stake. We’ve been given a great gift; a vision of what elections could be like with widespread electronic voting.