author photo
By Bruce Sussman
Mon | Feb 17, 2020 | 7:30 AM PST

The Iowa caucuses on February 6, 2020, were an election technology failure watched 'round the world.

what-went-wrong-in-iowa-caucus

We didn't know for days who won, questions linger about the caucus totals, and the chair of the Iowa Democratic party abruptly resigned.

And now there are a growing number of warning signs that the upcoming tech-enabled Nevada caucus could be the next elections cycle disaster.

This includes questions about cybersecurity.

Nevada drops plans to use Iowa app

In the days leading up to the Iowa caucuses, many of those who were supposed to use the app couldn't log in, and others got logged in only to have the app crash.

And according to reports, there was minimal training for those expected to use it.

It sounds like warning signs were everywhere, yet the Iowa Democratic Party pushed on toward disaster.

Meanwhile in Nevada, word came out that the Nevada Democratic Party had already contracted to use the same voting results app.

But Iowa was such a failure that the party quickly announced it was abandoning plans to use the app.

This created a sense of relief among Nevada Democrats, but not for long.

Nevada caucus: replacing the elections app with a 'tool'

About 10 days ago, CBS News was the first to report that the caucus app had been replaced by a "tool" that precinct leaders would use to report voting results.

"Internally, multiple Democrats in Nevada tell CBS News campaign reporter Alex Tin the party has floated the use of an unspecified 'tool' to assist in reporting results on the day of the caucus, to be showcased at volunteer summits in the state this weekend."

The Nevada Independent then verified the existence of the "iPad tool" and talked to Democratic volunteers who were at a training—which sounds like it was a failure.

Seth Morrison, who will be the site lead at Legacy High School on Caucus Day, said he "debated long and hard" whether to express his concerns about the caucus process.

"For me, I volunteered to do this because I'm a loyal Democrat, and there's nothing more I want to do than defeat Donald Trump," Morrison said. "But if we allow this to go down and it's another Iowa, what does this do for my party?"

Morrison said that there was "not a bit of proof" at the training that Nevada wouldn't be another Iowa.

Another volunteer, who asked for anonymity to speak openly about the training process, said the general sentiment in the room at the training was frustration and confusion.

"We got very little information. It was just a preview. There was no hands on," the volunteer said. "We were not given the program to work with or practice with. All we have were a few slides to look at while they told us that they're planning to develop it further."

If all you have are screenshots of the tool you will be using later in the month, that could be considered a flashing red light.

And what about cybersecurity? This weekend Politico reported that the "tool" is a Google Docs form on the iPad. And it cited concerns around security:

"But questions remain about the security of Wi-Fi being used at each location. The Nevada Democratic Party said it has tested the connections, but it’s unclear whether Internet access at each precinct will be provided via a hotspot or a network provided by the host site, such as a high school.

“There remains an open security issue with their choice of Wi-Fi networking,” said Gregory Miller, co-founder and chief operating officer at OSET Institute, an election technology research organization. Miller, who has decades of experience as a computer scientist and software engineer, raised those concerns based on what he has read in published reports.

'We hope they're not going to rely on a local building's services. That would create a nightmare to protect,' he said."

It sure sounds like a rush to market, doesn't it? Where something's going live without all the kinks worked out. And when you are rushing things to market, security often takes a back seat. That's why so many are concerned about the risk from the Internet of Things (IoT).

U.S. senator warning about election technology risks

The types of warning signs being seen in Nevada right now were downplayed in Iowa and we all know how that turned out.

U.S. Senator Ron Wyden says he reached out to the Iowa Democratic Party to see if it needed help, but he never heard back. Now we all pay a price:

wyden-on-iowa-caucus-app-vote

And with warning signs now appearing in Nevada, Senator Wyden is openly telling states to stop making voters "guinea pigs."

wyden-warns-against-new-election-technology

Wyden also sent a letter to the Oregon Secretary of State asking her to stop U.S. military members who are overseas from voting by app. The app, called Voatz, is used by dozens of states for this purpose, including Oregon.

His primary concern with that voting app is cybersecurity.

"Russia's 2016 campaign to meddle in our elections, demonstrated the urgency of states doing everything in their power to secure Americans' votes from hacking. Continuing to permit the use of internet voting—against the advice of cybersecurity experts—is simply asking for trouble," Wyden wrote.

[RELATED: The SecureWorld Sessions podcast on top nation-state cyber threats]

Nevada caucus is February 22, 2020

Nevada Democrats make a big deal about being the first state in the West to take part in the presidential nomination process.

Now the question is this: Will it be the first to get new election technology right, or the second to fail trying?

We'll discover the answer on February 22nd during the Nevada caucus.

Comments