Voter databases must be secured, report says
Computer scientists sound privacy, security alarms about new voter registration databases required by federal law.
But those party bosses never dreamed of computerized databases of voter records that would be vulnerable to even more stealthy and undetectable forms of manipulation by political operatives. Such centralized databases are now mandated by a federal law, and state election officials are scrambling to digitize reams of paper documents to meet its deadlines.
A professional organization of computer scientists warns, though, that state election officials may not have taken proper security precautions to guard against fraud. In a report released Thursday, the scientists call for more aggressive steps to protect the security, privacy and reliability of those databases.
"Nobody's done this kind of analysis," said Barbara Simons, an author of the report and past president of the Association for Computing Machinery. "We're not out to criticize anyone. We're out to try to provide information."
The 60-page report (click here for PDF) recounts security and usability techniques known to computer scientists for decades, but often not well-understood by state election officials and bureaucrats who have been tasked with designing massive databases of millions of registered voters.
Twenty-eight states have chosen to award contracts for the databases to outside vendors such as Diebold, ES&S, and Accenture, while 21 states have chosen to develop the databases on their own, according to Electionline.org, a project sponsored in part by the Pew Charitable Trusts. (New York had not decided and North Dakota does not have voter registration.)
The Help America Vote Act of 2002 (HAVA) orders each state to create a "single, uniform, official, centralized, interactive computerized statewide voter registration" database that will be linked to other records such as ones stored by motor vehicle agencies. HAVA does say the database must be protected with "adequate technological security" but offers no details and fails to require encryption, for instance. The extended deadline was January 2006, but many states have not complied.
HAVA was enacted as a result of the disputed 2000 presidential election, which spotlighted dubious political practices such as a purge of more than 50,000 alleged felons from Florida voting rolls who may have been eligible to vote. Also, the New York Daily News reported in 2004 that about 46,000 New Yorkers are registered to vote in New York City and Florida and some have voted twice.
Unless proper authentication practices are followed, security flaws could permit hackers to insert fraudulent names into voter databases or delete names of eligible voters. "Since there are many ways that an attacker might try to subvert the system, one needs processes that encourage secure system design and detect and close significant vulnerabilities," the ACM report says.
Privacy is another topic that ACM singles out for attention. Although laws may vary, all states permit voter registration data to be sold for political purposes such as campaigning and direct mail. But 20 states and the District of Columbia also allow unrestricted access for commercial purposes such as marketing, according to the California Voter Foundation.
A recent report (click here for PDF) prepared by the National Association of Secretaries of State says that only 24 states were expected to comply with HAVA's database creation requirement by the Jan. 1, 2006 deadline. Most of the remainder, however, expect to have their databases in place by the fall 2006 elections, the association said.