Below is a transcription of a recent webinar involving a panel discussion moderated by Chris Stern (The Information), with presence from Amelia Powers-Gardner (Utah County Clerk), Emily Frye (MITRE Corp), Asia LaBrie (Haven Life Insurance), and Nimit Sawhney (Voatz).
The transcription has been repurposed with permission from the Chamber of Digital Commerce and has been lightly edited for clarity.
View full panel discussion here.
Perianne Boring: Our next session is moderated by Chris Stern. He is a reporter at The Information. Is COVID going to be the catalyst to change? We’ve been living amongst a really historic moment throughout COVID-19, and it’s really impacted so many conversations we’re having on the national and international stage. And will that be an opportunity to move the dialogue forward when we talk about voting and voting technology?
Our next session, we have an elections official, cybersecurity experts, voting technology experts from both the public and the private sector. Chris, thank you so much for leading this discussion, over to you.
Chris Stern: Thanks. Hi everybody, I’m glad to be here, and I think that that’s a great introduction. I wrote a story a little while ago saying, “Hey, we’re in this COVID crisis.” It was very early. It was March. If we can’t figure out e-voting now, when will we be able to do that? In order to discuss that and maybe go over a couple of the points that we heard about in the last 30 minutes, we have Amelia Powers-Gardner, Nimit Sawhney, Amelia Frye and Asia LaBrie. I’ll go through them.
Amelia Powers-Gardner is at the heart of voting in the United States. She’s county clerk in Utah. She’s a former engineer and manager at Caterpillar, as well. Now she’s the county clerk. She was elected in 2018. And during her year in office, she’s pushed through a lot of election-related reforms. She piloted a mobile voting app that was powered by blockchain, and she also allows her voters to vote by mail.
Nimit Sawhney is the co-founder and CEO of Voatz. It’s a platform that allows e-voting, so we’re going to want to hear a lot about his point of view. They’ve run more than 67 elections at the state and county level, including the first mobile voting election in 2018 in West Virginia.
Emily Frye is the director of cyber integration at MITRE Public Sector. She practiced law, and she worked with a startup through several rounds of funding. Her expertise includes critical infrastructure, national resilience and economic impact of cybersecurity.
Asia LaBrie is the head of information security at Haven Life Insurance Company. She’s a former VP at Goldman Sachs, also at Citigroup. She also spent some time at Citigroup where she led a team responsible for interbroker dealer connectivity and algorithmic trading.
I want to get right into it with Amelia Powers-Gardner. You’re really at the center of how folks vote. You’re the valve that pushes votes one way or another in terms of how people can have access to democracy. Can you describe your experience with online voting, and why did you take that route?
Amelia Powers-Gardner: Yeah, absolutely. Thank you for having me, and I’m excited to be here to talk about the future of voting. I’ve had the opportunity to really be a pioneer in this space and push things that some of the other people in my profession, county clerks from across the nation, have hesitated to do. I was put in office, to an office, that was literally called the epicenter of dysfunction by our governor. I was elected by a large majority because it was such a mess, which gave me a lot of freedom, because no matter what I did, it was going to be better than what they had before. So this gave me the opportunity to be a pioneer, and no matter what I did, it was going to be better. The reason we went with mobile voting is when I started looking at our overseas and military and our disabled population, the methods that they were given were unreliable.
They were given vote by mail, which we utilize for our domestic population, but when you start dealing with an overseas population, vote by mail becomes a lot more sporadic and really unreliable. The other option they were given was email. And when they utilized email, not only was it absolutely not secure, but it waived their right to a secret ballot.
So now, we’ve got our military men and women serving us overseas, and they’ve got two options. One is unreliable and the other doesn’t afford them a secret ballot. So I really looked at the mobile voting as a way to provide our overseas and military citizens, particularly those serving in the military, this opportunity to vote for the freedoms that they’re preserving. Also in the disabled community, some of them can’t hold a pencil and vote by mail wasn’t working for them. So this really gave them the opportunity to cast their vote and to do so independently and with integrity. It was really a no-brainer for me.
Chris Stern: Can you describe a little bit about how you got to trust a particular e-voting system and how you became comfortable with it, that it would work and that it was safe for your voters?
Amelia Powers-Gardner: Yeah. So when I looked at those systems, what I was comparing them to was our current system. So what I really looked for was do you have better ways of identifying the voter to ensure that it’s really the voter casting that vote, and do you have more secure ways for them to transmit that vote than what we currently had? We looked at several different options, and I myself am a fan of blockchain. I’ve been interested in blockchain for years, and all things blockchain, whether cryptocurrency or utilized for the immutable ledger.
And so, as I evaluated different products, I was naturally drawn to the blockchain product. I actually met Nimit. Nimit made an appointment with me, I think, my first week in office and came and showed me his solution. It checked all those boxes, more secure than we currently have, more reliable, [and] gave the people the opportunity to cast a vote anonymously and with integrity. And it utilized blockchain, which made me feel more secure knowing that we had an immutable ledger that I could audit against in the future to ensure that these votes really were being counted as they were cast.
Chris Stern: Did you audit?
Amelia Powers-Gardner: We did. We have done four pilots now. We did the municipal, primary municipal general, presidential election and the nominating primary here in Utah this year. And we have audited every one of those elections. Every one of those, we’ve had 100% clean
Chris Stern: And how does that compare to say a mail-in or a rather physical voting, in-person voting in terms of a sense of security with it.
Amelia Powers-Gardner: So for mail-in voting and for personal voting, we typically will audit about 1% of those votes. With electronic voting, we’ve been able to audit 100% of those votes. Risk-limiting audits are very common in the election world. It’s something that we, as election officials, utilize to ensure that our vote is true and secure, and typically it’s a percentage of those votes. We’ve been fortunate with these electronic pilots to be able to audit 100% of those votes and give us that much more confidence in the results of those elections.
Chris Stern: Okay, I want to get back to you maybe a little bit later to talk about [how] those audits work, but Nimit, let me ask you. Could you briefly describe Voatz and what you all are trying to do and what the status is of the electronic-voting industry generally right now?
Nimit Sawhney: So [to] the first part of your question about Voatz, we are the youngest elections company in the country. And our focus from the very beginning has been on mobility, particularly focused on utilizing all the advantages which our smartphone-based ecosystem provides. We led that space of letting users use their technology, get remotely verified by scanning a government-issued ID, taking a selfie and then using the biometric security features, the trusted secure element-based features on the device to be able to submit a ballot, including if needed, signing on the screen. So we-
Chris Stern: Let me just be clear. You’re talking about people’s personal mobile device, right? You’re not talking about some device that is in a room somewhere. Just describe the process from start to finish about how one comes to end up voting over your Voatz system.
Nimit Sawhney: Correct. So this is personal devices. The process is very similar to other forms of absentee voting. Just like you would register for absentee voting by mail, instead of using mail, if you’re eligible for electronic option, and you decide to choose it, then you mark that in your application. Your county, your local election clerk, would have read that.
Once they approve you, you then get an invitation to download the smartphone application on your iPhone or compatible Android device. You start with an email or a mobile number. And then, once you’ve passed initial onboarding, the system prompts you for an ID check. So you need to take a picture of a government-issued photo ID. You can use a driver’s license, state ID or US passport. If you don’t have any of those, you can use other forms of IDs, as well. And then, you take a live selfie, and what it does is firstly make sure that you are a real person. You’re not taking a video of another video or a video of another picture, and it matches your face to the picture on your ID, makes sure your ID’s valid, and it’s not fraudulent, and then matches the data on your ID with the data on the voter registration file for that election.
And once all those checks pass, which takes about a minute, then your identity’s digitized, stored in the secure element on your phone, locked with the help of a biometric credential. It could be a fingerprint, a face ID or a variable. And then, all the documents you’ve uploaded are deleted. At this point, you are ready to receive the ballot. You get your mobile ballot, which is essentially the same you would get if you ordered by mail or if you went to the precinct to do it in person. You mark the ovals. And when you’re ready to submit, you may be asked to sign an affidavit, depending on your jurisdiction. Once you do that, you submit.
You get a receipt. You can verify your choices were recorded correctly. And then, in the background, an anonymous receipt is also sent to the jurisdiction. On Election Day, a paper ballot is printed. Also, every oval in the background has been recorded on a blockchain-based infrastructure. Once the paper ballot’s printed, it has the ability to do an audit with the anonymous receipt, the paper ballot and the data on the blockchain. So end to end, that’s how the whole process works.
Chris Stern: Okay, great. Well, now that we’ve heard that explanation, let me ask Emily. Is that a safe system? Are you comfortable with that? Can we trust the phone? Can we trust the network? Can we trust all of the elements that make this into a voting system that democracy can trust?
Emily Frye: That’s a great question. Rather than talk about any particular system, I think what’s important to note is that regardless of how good any particular system is, and we have several nice candidates in this space now, we still are dealing with two obstacles for all of these vendors. So what we really need to do is find a way forward for all of these vendors through two particular obstacles.
The first obstacle is that there’s a time-honored tradition of feeling like I carry my ballot, and I cast my vote in a personal way at a specific location. And there’s a weight of tradition that we carry as baggage. Now in other contexts, I might not call that baggage. I would call it an honored tradition, and the reason that I think it’s becoming more like baggage is that we’re dealing right now with a digital generation. These are people who they’ve grown up holding their whole lives on these devices, and they expect to be able to conduct all functions, including functions of dealing with the state, on digital devices. And so, we’re dealing with an influx now of a community that views that burden of taking time off of work and going to cast your ballot in person as actually something they want no part of. And so, within the next few years as that digital generation starts to [enter] voting age, we actually need to find ways where the tradition of voting is just as honorable and just as noted and just as worthy on a digital device as it is in person.
So what does that transition look like? We’re dealing with some burdens of tradition, and the second major issue is, regardless of what I think, regardless of what Secretary Warner thinks and what regardless of what you think, Chris, the fact of the matter is we don’t have adequate standards. So let’s say that some independent person who’s very well trusted in the system asserts, “I believe in these three companies as great offers.” Okay, well, what standards are you relying on to make that assertion? We’re missing some standards here. It would reassure the entire ecosystem, if we had some standards that addressed the basic baselines of here’s your hygiene protocols. Here are the special standards that apply due to the need to return a ballot digitally. Here’s the authentication body of standards that we’re using for each individual in this chain, and here’s our chain-of-custody standard or some body of standards that we could then say to the vendors, “Here are three standards. Have you met the three standards?” And it would reassure our election officials around the country as they seek to move in this very logical direction.
Chris Stern: That’s a great point. I mean, the standards is not something that exists now at all. Amelia, I’m going to jump back to you before I get to Asia. Amelia, if there was a standard, if there was a regulation of some kind that covered it, I have two questions. One is what would you see in those standards? And two, and maybe this is something we should talk more broadly, is it appropriate to set that standard at the state level, or do you want to see it set at the federal level?
Amelia Powers-Gardner: Those are great questions. I have to agree wholeheartedly. I really think the industry needs some standards. We keep hearing it can’t be done, and that’s just frankly not true. In an age where we can edit DNA using technology, we can also find out how to vote securely using technology. We just need some standards like Emily said. I couldn’t agree more with that.
I think number one, we need security standards so that we can say, “These are the minimum standards that you need to transmit a ballot.” We also need identity or authentication standards. As an election official, I’m responsible for ensuring that the actual voter is the one casting that vote. So if we could have some identity standards, some security standards and then basic standards around the election process. Was this an anonymous vote, and was it cast in a timely manner? Was there only one vote cast? Just very simple things that I don’t think would be very difficult to comply with, just having them in a standard would be great.
As far as those standards go, the way things work right now, there aren’t really standards on a state level, but there’s certification on a state level. Typically what you would want is an industry standard or a national standard that is recognized by the industry and that different states can then therefore adopt for certification of an election vendor.
Chris Stern: Okay, thanks. Asia, we’re getting into the discussion of standard and, in effect, regulation. How close does that get us to the end goal of folks feeling safe with e-voting? And when I say folks, I mean government officials. I mean people like Amelia, and I mean citizens like all of us. How much does regulation get us towards that goal?
Asia LaBrie: I think that it is contagious, right? If you can get a group of a population comfortable, that population can teach maybe their children or their grandparents to then also get comfortable. That’s not the best example of contagious, but I think there’s a lot of education and training that will need to happen. It can happen organically, and the standards are probably the first step.
I do want to also highlight there’s another element to this conversation that I think is important, and that is the operational risk. It’s not just the attacker side or the fraud side, but how do we run elections and do that in a resilient manner? I think that’s something we’re about to see happen this year with mail-in voting, with the numbers increasing – something that electronic voting would be a solution for going forward. I just want to raise that; I think an important problem that we really need to solve.
Chris Stern: I mean, Nimit, I’ve read and I’ve talked to people who say, “As soon as a vote touches the internet, as soon as someone’s electoral preference is subject to hacking, it can never be safe and we can’t trust it.” What is your response to that? What is your response to the internet just is inherently untrustworthy, and there’s nothing we can do to fix that?
Nimit Sawhney: When people make those broad statements, I think they miss a few things. For example, the internet by itself was not essentially designed for security. The internet, it’s like a highway. It’s a mechanism to transport things. Security in this scenario is the responsibility of the application. You can’t really keep blaming the transport and say because the transport didn’t have X, Y, Z, we can’t even build something secure on it. It would be very disingenuous to say that.
I think as some of the other panelists have mentioned, there are so many use cases where secure transport is happening because the applications that are enrolled there, whether it be space or defense or healthcare or finance. They’ve figured out a way to transmit data securely and in a manner which is immutable.
And so, for sure, we can do that in the election space. It’s harder, because not only do you have to transmit it securely, you also have to make sure that the identity of the voter cannot be reverse-engineered. Applications exist with infrastructure like distributed ledger-based systems. I mean, even before blockchain became popular, there have been scientific projects on immutability. You just can’t claim that just because the internet doesn’t provide that secure fundamental, just because it’s a highway, that you can’t run a secure application on it. I think we have so many examples out there.
Secondly, along with that, we also hear a constant companion statement that because it’s all software, you can’t trust software. That also seems a little bit farfetched. Granted software can have bugs, but we also have what’s called a formal software verification process, which is used by the Department of Defense. It is used in the space industry. It’s used in fight software. It’s added to fighter jets automated systems. And so, that same model is very applicable to software in any other industry. Why not in elections?
I think that the technology to do this is here.To make sure that we can transmit something securely and make sure it’s not tampered with, either during transportation or when it’s at rest, and more importantly, the ability to audit the whole thing. Like Amelia was saying, if you do it at scale, it would not be timely, possible, to audit 200 million votes, if everybody voted electronically. But if you can do a subset and get that mathematical assurance, just like what happens with paper ballots, then you can come to a very strong conclusion that the whole digital process is secure and tamper-resistant.
Chris Stern: There’s a lot more voters than there are fighter jets. When you talk about going to scale, I think that’s the big issue. And there’s been great examples of what Amelia’s done in her state and what others have done in Washington and Colorado, but I guess the question is:Yes, you can be successful at the West Virginia level where you’re getting votes from a few hundred army or military folks overseas or folks with disabilities, but what about a vision of ramping this up to tens, even hundreds of millions of people who vote in this country? It seems like that creates the attention of a national election that is very attractive to hackers. Can we ramp this up to scale? It seems the scale is the problem.
Nimit Sawhney: No, that’s a great question. I think ramping up clearly can’t happen overnight, and so we have to do what we call baby steps. So like you rightly mentioned, we started with hundreds of voters. Next step is to take it to the next level, use thousands of voters and then involve other partners in the ecosystem. Right now, as transactions are happening on mobile devices, mobile carriers are not involved in the election, securing the election process. The next really good opportunity would be to involve major election carriers to make sure that when this scales up, like you said, tens of and eventually hundreds of millions of people, they are the edge infrastructure. They are the ones who are going to get attacked, the ISPs, the edge routers.
At that stage, you’re looking at the national infrastructure. You’re looking at a national conversation, and it’s no longer sufficient to say that a specific county or a specific state can defend its system. That becomes a national endeavor, and countries have managed to do that.
Estonia is a really good example where despite daily attacks, daily threats, they’ve run secure online elections for 10 years. Granted, they are a small country, but they have more than a million people voting, and they’ve managed to do it. Clearly there’s a way to secure the infrastructure. Our government services are all going electronic. Look at Singapore, Dubai, UAE. Just like we would secure that infrastructure, we can secure the e-voting infrastructure as well, but it has to be done one step at a time and eventually we will get there.
Chris Stern: Asia and Emily, how do you feel about that? Yes, in concept, we need e-voting. Yes, in concept, it is something that provides a very elegant solution to a lot of problems we have, whether it’s fear of gathering in an election place to vote side by side with other people. How close are we to ramping it up from small scale to the large scale that allows for the typical two-year and four-year cycle in the United States? Emily, why don’t you take this first?
Emily Frye: So recently, I learned that the most northwesterly province of Canada, just as a wholesale matter, decided to go with e-voting for federal elections. So to me, it says the driver is necessity. For them, the driver was necessity. The people felt that it was hard, physically hard to get to the polling places. It was not a COVID issue. This was last fall and they just were ready, and they had a need, and they saw the technology. They looked over the different security aspects. Even though there are no standards and the Elections Board of Canada was a little taken aback, this particular province went right ahead.
I do think we’re looking at a number of years, and I think the drivers are a combination of necessity to ensure voter turnout, a necessity to make available the ability to vote when you are posted on a hillside in Afghanistan and you don’t have access to first-class mail, when you are a disabled person in this country and that is increasingly a more visible problem.
We’re seeing some good press about people who have genuine needs, who have disabilities and can’t get out. Now, this year we’re in a unique spot. We’re at this pain point of people feeling genuine fear. It’s no longer a question of a few isolated populations with special needs. All of us have that fear, right? And is this a moment that can catalyze many, many years of slow growth into a shorter period of, oh, focused, “Let’s get these standards done. Let’s meet those standards. Let’s make sure everyone’s comfortable.” And then, you have a bunch of states who actually want it and those things [are] coming together a little faster.
My hope would be that we would be able to speak specifically about progress toward establishing a baseline for security standards, identity standards and knowing who’s meeting those before the next four-year cycle. Sometimes I’m overly optimistic, but that would be my hope.
Chris Stern: Asia, your thoughts on this and on how close we are? What are the steps we need to take to find broad acceptability of e-voting?
Asia LaBrie: I think Emily’s spot on with the drivers behind moving mobile voting forward more quickly. I mean with COVID, I think we’re seeing a lot of new technology advances in areas that maybe we wouldn’t have expected, like weddings and boating licenses. You see technology being much more palatable. I get asked by friends and family quite often, “Why can’t we vote online?”, from a technology problem specific point of view.
And I don’t see the roadblock, other than training, education and then the tough, hard problem of implementing and rolling it out.I hope by the next election, sorry, there’s elections every single year, but by the next presidential election, I hope that we have at least one large city piloting mobile voting. That is something I’m advocating and passionate about.
Chris Stern: Amelia, can you describe what e-voting was like from your constituents’ point of view, from the consumer point of view? Was there one group that was more comfortable with it, and was there any groups that had difficulty figuring out how to do it?
Amelia Powers-Gardner: Yeah, absolutely. So we sent surveys to every single person who utilized the vote. Now once again, this is a very small demographic, but we sent surveys to every person who utilized the mobile voting and we didn’t find any major demographic. We have older couples that are serving service missions in other countries in their 60s and 70s, and they were able to figure it out and do it. We have military members that are just barely 18 and eligible to vote serving in the military that were able to do it. We didn’t have any major group.
There may have been some that needed a little bit of help with scanning their ID and doing the selfie, but when it came time to actually cast their votes, they didn’t have a problem with it and they really liked it. In fact, right now we are getting phone calls from military members and service missionaries from other counties in our state, calling us and saying, “Hey, my partner over here, they get to vote on their phone. Why don’t I?” And I have to explain to them, “That’s because your county isn’t doing the mobile voting.” And the question isn’t, “Is this safe?” The question is, “Well, why aren’t they? Why aren’t they doing this mobile voting?” So from the user standpoint, it’s significantly easier. They like it. They don’t see a problem with it.
We actually have a higher voter turnout with those that are eligible to use mobile voting. We have a higher voter turnout for our overseas citizens in municipal city elections, if they can use their phone, than we do from our domestic population who lives here and can either vote by mail or show up at the polls. We’re a vote-by-mail county, so we mail every eligible voter who is an active voter. We mail them a ballot, and we have a higher percentage of people voting on their phone from overseas than we do from people right here in our county who we mail a ballot to.
Chris Stern: Do you have any data on what voter participation was in year-over-year folks who voted via their phones versus voted [at] physical [polls] or a mail-in ballot of some kind?
Amelia Powers-Gardner: Yeah, it was significant. We had significantly higher participation of those overseas. I’m just comparing overseas to overseas, try to be apples to apples, but overseas voters casting their vote by mail or email as opposed to the electronic voting — it’s significantly higher. So for example, in the last major municipal election, our voter turnout for the county was about 35%. Our voter turnout for our overseas citizens that could use their phone was about 45%. Previously, theirs was about 11%, huge, huge increase in voter turnout for that population.
I do know that the younger generations feel more comfortable with voting by their phone. We have a city here in our county that is predominantly a millennial city, brand-new housing, high-density housing near a university. It’s just predominantly millennial. They have a higher participation in social media polls, than they do that vote in their city election, and that city has asked me many times, “Can we please use mobile voting for our municipal elections, because we’d have a higher voter percentage turnout.” The only thing that stops me from doing that is the lack of standards and, therefore, a lack of state certification so that I can let them. Otherwise, this community, I would absolutely let them vote on their phones.
Chris Stern: I’m confused. Why are you allowed to do it in other cases, but you can’t let this community do it?
Amelia Powers-Gardner: So the rules are a little bit different when it comes to overseas and military voters, and disabled voters. Overseas and military, the federal government requires us, all 50 states are required, to provide a ballot electronically to overseas and military citizens. 29 states require that we let them return those ballots electronically, so a mobile app works in that case, and it doesn’t take the same certification as a broad usage.
Chris Stern: Emily, we hear a lot about, during the last few minutes about, millennials are much more comfortable with this. They’re more comfortable with online surveys. They’re more comfortable with social media in general, and maybe they see voting as an extension of social media rather than a fundamental building block of democracy, but I also hear in different contexts about other things I write about, things like TikTok, where there’s a lot of concern that the younger generation is very free and easy with their personal information, and that other countries can take advantage of it, because they offer it up so freely and in such a insecure environment that it opens up the US to manipulation, not just at the personal hacking level but also influencing elections and things like that.
So what is your reaction to that? Is there a creeping lack of a sense that data isn’t as important as it actually is? The young folks may not appreciate how important their privacy is, but there are folks over in the Pentagon and the CIA and others who are very concerned about it, because they see it as an opportunity to open the door and manipulate our society and our culture and our politics.
Emily Frye: So here you go down this path that unpacks some other very, very important issues. I would like to pause it, for purposes of this conversation and consideration that we are facing two co-equal threats as a nation to democracy, when it comes to the elections portion of democracy. If we can all agree that elections are a fundamental underpinning of constitutional democracy, that means they must have integrity. In order to have integrity, it means both the actual technical details of the process must themselves have integrity and be trustworthy.
It also means that the ecosystem and the ethos around the perceived integrity of the elections technology and process themselves, are trustworthy. So when we think about the threats to that, we see a cybersecurity threat. Co-equal to that, we see a misinformation or disinformation threat. Both of these are important threats, and unfortunately they exacerbate one another. And yet, they can be dealt with in separate ways.
What we are primarily dealing with during this conversation is actually the cybersecurity issues. We are facing simply a lack of standards for cybersecurity when it comes to this particular marketplace. At the same time, we are also facing a body of problems related to mis- and disinformation. I actually want to separate those in this case, because I don’t want to burden a burgeoning, promising, technologically helpful offering with the freight and baggage of something that we’ve got to find other tools for.
So let me just start by saying there’s a very big difference between TikTok and casting a vote in a federal election, right? So I don’t really need any credentials to participate with Instagram, Snapchat, TikTok, Facebook, I can make up an awful lot of stuff, and to me social media is an ecosystem that is essentially designed to be manipulated. What we need to do when it comes to both how we architect, and how we speak about mobile and digital and remote voting systems, is to be the opposite of that, to be an ecosystem that is designed to be heavily authenticated and trustworthy.
So we’re dealing with different tiers of a digital ecosystem, and we have to be clear which tier we’re dealing with when it comes to the mobile and remote voting systems. That is a special place right up there with critical infrastructure operations, right? We have very different standards when it comes to financial services, to running the electricity grid, to operating elections than we would for simply engaging in social chit-chat on TikTok, Facebook, Snapchat, Reddit. And we do need to be quite clear about that.
Chris Stern: Yeah, I hear you, but I also hear folks saying, “Well, the younger generation’s comfortable with e-voting. Therefore, we should go forward with e-voting.” And I wonder if we’re skipping a step there.
Amelia Powers-Gardner: I think there is something we need to add to that. Keep in mind that a vote not cast changes the outcome of an election just as much as a vote that’s been changed. And when we are disenfranchising large groups of eligible voters, we are changing an election.
If the people with disabilities voted at the same rate as people without disabilities in this country, we’d have seven million more voters every election. Think about that. That means that people with disabilities are not being represented.
We no longer live in an era where only white male property owners get to vote. We live in a country where every eligible voter, regardless of their socioeconomic status, their gender or the color of their skin gets to vote. And if we are using an antiquated system that leaves out single moms or people in inner cities or people with disabilities or people under the age of 30, then we are changing the elections by doing that. No, we absolutely cannot compromise integrity, and we cannot compromise security. That’s not an option.
Like Emily said, this is critical infrastructure. I had the Department of Homeland Security in my office for eight hours yesterday going through our systems step-by-step. It was like a 437-point inspection to make sure that we are secure. We can’t compromise that, but we also need to realize that we have large swaths of people that traditionally have been disenfranchised, including our men and women in uniform overseas fighting for freedom. They’ve been disenfranchised for the last 50 to 100 years, and that’s just frankly not acceptable. So we have to move forward with integrity, but also realizing that a vote not cast changes the outcome of an election as much as a vote changed.
Chris Stern: Nimit, you are caught between a rock and a hard place, because on the other side, you have these millennials that I’ve accused of being free and easy with their data. On the other side, you have the folks over at MIT who seem to think it’s impossible for you to produce a secure voting system and actually derailed an election that you were about to run. West Virginia changed courses midstream because of questions that MIT raised. Are you fearful that the bar will continue to be raised because of the culture on the other side with cybersecurity experts who are fearful of anything that touches the internet being insecure, or do you think that that’s a problem where you can make them comfortable with it?
Nimit Sawhney: Yeah, yeah. In some sense, we have seen the arguments evolve. Two years ago when we were doing our first pilot, the arguments were, “How will you audit? Where’s the paper trail? How does the voter know that their intent was honored?” And so, when we were able to address those questions, now there’s a new set of questions.
I think in some sense, the bar does keep rising, but we were the first in this space, and so, we’re not shying away from that, I think that that’s good that there is scrutiny and criticism. Some of it would be more objective and less deceptive, but I think scrutiny is good. It keeps us on our toes and also hopefully puts us on a path to more objective deliberation where we’re not speaking in echo chambers.
I think sometimes we feel like a lot of the security conversation happens in an echo chamber, and it doesn’t really take into account all the things which Amelia just mentioned or what Emily just mentioned. And so, our biggest hope is that by doing these pilots and pushing the ball forward, however slow and painful that may be, that we get to a place where we at least can have a conversation and say, “Look, before you dismiss something, have a look. There may be different ways to do this,” but if we can all come together, like Amelia said to edit DNA, to send people to the moon, bring back the space shuttles and formally verify software so it cannot be tampered with or hacked, for sure we can come up with a common set of standards like was proposed earlier and use that as a basis to move forward. So I agree with you that there are lots of hurdles, and the bar keeps rising, but I think we’re not perfect. And so, we look to that as inspiration to improve and keep waiting.
And so far, I think we’ve been fortunate enough to have an opportunity to do that, do more and more of these pilots. With each pilot, we learn so much. We recently released some security data, which to the best of our knowledge, no elections company anyone has ever managed to release. So hopefully, these are baby steps which make the conversation more constructive, and we love feedback. Hopefully it’s more constructive and less destructive like in the past.
Chris Stern: Asia, you said that one of the concerns you had was understanding better the operational aspects of e-voting or at least that that’s an area of focus, and I was just thinking about that. And I was wondering because at the end of the day, this comes to the nuts and bolts of how this will work, and I was wondering if you had any thoughts about what it is that you would like to see.
Asia LaBrie: Yeah, sorry. And I meant that for all of voting over time, not just e-voting.
Chris Stern: You said it at the time. I understand that now, as well.
Asia LaBrie: I just would like to comment a little bit on what Nimit just said around the research I think as far as standards and guidelines go, that they should apply also to the research that’s being done. It seems to be a little bit lopsided, and we’re looking more on how to break things and not how to solve things. And it would be great to have universities looking at building innovation and solving problems, not just breaking them. And it’s something I think we as a country need to improve on. I’ve read the MIT paper in great detail. There’s a few things that I would challenge, but one of the points that are missed in there is a risk assessment on current practices versus what is new, the new solution. It’s easy to look at this one solution I guess in a bucket and not look at the holistic strategy of where we’re headed as a country. I’m sorry. I forgot your first question.
Chris Stern: You mentioned operational issues that needed to be addressed.
Asia LaBrie: Yeah, I love technology. I am very passionate about it, listened to a whole bunch of DEFCON talks this weekend. I’m very tired. There was a lot of talk around standards, guidelines, some great conversation around that. There was great conversation around vulnerability, disclosure and improving that space, which I was glad to hear. And there was a really great talk too around how are we able to handle the operational aspect of mail-in voting this year. It may take time to count these votes. The people are going to need to be more patient, asking the hacker community to please don’t disclose vulnerabilities the day before an election, right? So-
Chris Stern: Good luck with that.
Asia LaBrie: Yes, that’s where I was headed with that.
Chris Stern: Okay. Amelia, can you tell us? I mean, you’re in a unique position. Do you see strengths and weaknesses? Could you walk us through the… I guess I’m counting three different ways to vote now, which is mail-in, e-voting and in person.
Amelia Powers-Gardner: Yeah, absolutely. In fact, we do all three, right? So I think I’m one of only maybe three jurisdictions in the country that actually does in-person, mail-in and e-voting. And Asia nailed it. Like her, I went through that MIT paper with a fine-tooth comb, right? I went through that with a fine-tooth comb.
I was faced with a decision similar to Secretary Warner where I had people that were threatening me with bad publicity, if I continued to use the Voatz platform. And as I went through that, and actually it was on a phone call with these researchers with MIT, the Department of Homeland Security facilitated a phone call with us and these researchers. And I asked them several probing questions about how we currently run elections. They had no clue about how we actually run elections today.
There was a handful of things in their paper that I wholeheartedly could just push aside, because it was no different than how we run things today. Now do we run elections perfectly today? No. Is there a perfect way to run elections? No. Has there been voter fraud and voter-election prosecution for in-person voting? Yes. Has there been in-person voting with machines? Yes. Has there been fraud with in-person voting with paper? Yes. Has there been fraud with mail-in voting? Yes.
I mean, what we’re doing now is not perfect, but it’s the best that we can do. And when we look at evaluating things, we need to look at, number one, let’s evaluate it compared to what we’re currently doing. Number two, how secure is it compared to what we’re currently doing? And number three, is there a better way? And absolutely I think that we need to look at this within the realm of possibility. Is it possible for every person to show up at the polls on Election Day and use paper perfectly? No, it’s not, but we have to find a balance between safety and security, and serving our people.
With vote by mail, I have to tell you, I have an employee who works here in my office, okay? She works here in my office. She has a disability, so she’s eligible to utilize mobile voting. So she is signed up to utilize the Voatz app in our elections but because she is an eligible voter, she still gets mailed a ballot, okay? In November of 2019, she cast her ballot. She never got a ballot in the mail, but she cast her ballot on the Voatz app. Last week, the US Postal Service delivered her ballot for [the] November of 2019 election.
Chris Stern: Wow.
Amelia Powers-Gardner: She was able to cast her ballot using Nimit’s Voatz app, and we have a vote-by-mail county. Now does that mean if she didn’t get her ballot in the mail, would she not have been able to vote? No, of course not, because we have checks and balances.
She had several options. She could contact our office and say, “I never got a ballot,” and we would send her a new one. That’s one. Number two, she could show up at the polls on Election Day. And not only do we have paper at the polls available on Election Day, but we also have an express vote, which is a machine designed for people with disabilities to be able to vote.
Every one of our polling locations has accessible machines for those with disabilities. It has paper at the polls for those that didn’t get a ballot or changed something or lost their ballot, or their kids thought it was junk mail and threw it away. We have several checks and balances along the way. In this case, her vote-by-mail ballot did not show up until six months after the election was over, but she was able to cast it on her phone, right? So every system we have is going to have vulnerabilities. Every system we have is not perfect. What we as administrators do is we work our best to make this as secure as we can for as many voters as possible with the resources that we’ve been given.
Chris Stern: Let me ask you. You said you’ve been hearing from folks around your state who are saying, “Why can’t we do this here in this county or in this municipality or in this city?” Are you hearing from folks outside of your state?
Amelia Powers-Gardner: Oh, absolutely. I get calls from advocacy groups outside our state saying, “What laws allow you to do this, and what information can you give to me so that I can bring that to my jurisdiction?” I also get a lot of calls from other jurisdictions outside the state, because we do vote by mail successfully, because we do mobile voting as well as polling locations. We do get a lot of people asking us, “How do you do what you do, and can we do the same?”
So that’s great, which leads me to one other point I wanted to make. One of the things that has built insecurity to our election system in this country is the fact that the country doesn’t have one election vendor. They don’t have one election process. Elections are not run at the federal level. There’s some very high-level regulations at the federal level, but the majority of election law takes place at the state level. And even then, the majority of the election administration takes place at the local level. That actually brings us security. If we implemented broad mobile voting, but we had 25 vendors in the market and every local jurisdiction gets to pick the vendor they choose, a foreign actor couldn’t just hack one system and change an election, right?
I think that’s something that we want to keep in mind that when we have a lot of jurisdictions running elections. Yes, you can have chaos in some areas. I mean, Broward County, Florida comes up. They had hanging chads, and in 2018 they had issues as well, right? Election administrators can cause chaos, but they can also bring in a level of professionalism. And they bring in a lot of ideas, and that brings security.
Chris Stern: Okay, thanks. We have just a few minutes left. I want to just go quickly through the panel starting with Emily. Anything that you think that we should quickly touch on that we haven’t poked during our conversation over the last 45 to 50 minutes?
Emily Frye: Thank you, Chris. I would like to foot-stomp and slightly expand something that Amelia played out. Are we comparing the current option on its level of security and credibility to the new option, or are we comparing this new technologically apparently greenfield to some unrealistic standard of perfection? I think that’s really important, and one particular example hits that home. In many cases, and a very unofficial example of how votes can be returned, actual completed ballots are returned is my unencrypted email. If we want to compare the Voatz solution or DemocracyLive or any other solution to unencrypted email, there’s really no question as to who wins. So we have to look at what we’re actually comparing in order to be sure that it’s a fair and accurate truth-telling.
Chris Stern: Okay, thank you. Asia, very quickly, any thoughts, final wrap-up thoughts?
Asia LaBrie: Just all the three points I’d highlight that we need to do to make this happen is the standards, and the frameworks, and include research in there, move universities to provide solutions and keep doing the baby steps, pilots, phases, Nimit.
Chris Stern: Okay, thanks, and Nimit?
Nimit Sawhney: Thank you. Thank you, Chris. I think I would echo everybody else on the panel and say that the faster we can come up with a base set of standards, I think that would be really, really helpful for the industry, for putting forward more innovative ideas. So I would really urge the community, all the stakeholders, to prioritize that and wholeheartedly be willing to contribute wherever we are needed. Thank you.
Chris Stern: Great, and Amelia?
Amelia Powers-Gardner: I think you’ve had a fantastic panel today. I’m very impressed with Emily and Asia and always Nimit. You guys absolutely were spot on. We need standards. We need solutions. We need to compare this to what we’re currently doing, absolutely could not agree more. And lastly, I think instead of finding new people budding in this, new companies budding in this space, instead of trying to squash each one, I think the industry needs more competition and more solutions that can meet these standards.
Chris Stern: Great, thanks. And Perianne, if you’re there, I’ll hand it back to you. Thank you so much.
Perianne Boring: Thanks so much, Chris. That was a really wonderful conversation. Appreciate you, Chris, moderating that. What a cool opportunity to get to hear directly from elections officials that are on-the-ground, elections and voter technology experts to really help set the stage of what the full scope of the challenges are when we talk about voter technology, and the potential role blockchain technology has to play in this ecosystem.
I really appreciated Amelia’s point that a vote not cast changes the outcome of an election just as much as a changed vote. And thanks Amelia, for that call to action for the industry standards, absolutely agree and believe that there needs to be a conversation between the public and the private sector, and so many of the most important initiatives throughout the US in technology and innovation have been a public and private sector collaborative effort, whether that’s commercializing the internet, or putting the man on the moon, or building out a safe and secure electronic voting strategy for the United States.
That balance between the public and the private sector is absolutely essential. And it’s also essential that all populations have the tools that they need to exercise their right to vote. The world’s moving forward. Technology is moving forward, and voter technology – it has to move forward too, but it needs to be done in a way that does not compromise integrity. So I want to thank all of our speakers for joining us today, for sharing your insights. And thanks to all of our attendees for coming and watching, and learning more about this topic with us. For more content hosted by the Chamber of Digital Commerce, we’d like to invite you to Parallel. This is our virtual summit. Our next event for Parallel episode number four, titled ‘Surviving and Thriving’, will be on September 18th, 2020. You can join at parallelsummit.org. Thanks again for joining us. I look forward to seeing you next month at Parallel.