I remain concerned regarding the cyber side of election integrity and believe we need stronger measures to shore it up. I have written extensively in previous newsletters about my concerns with cybersecurity in our elections, which deals with threats largely outside our control. Our primary means of dealing with this is defensive in nature, working to keep threats out. I believe our local election officials are doing the best they can with what we have given them, but I believe we need stronger tools in place. Here are some proposals that are being drafted or already public that I would like us to consider this session:
- Require sample forensic imaging by an independent private cyber security firm of 9 total counties of varying population size: 3 for each of Iowa’s 3 election machine vendors: Unisyn, ES&S, and Dominion. This type of imaging can determine if there was unauthorized access to the machines and if they really remained “off” the internet. A lot of questions have been raised about this. Let’s just see what’s been going on in those machines…. We should not wait until we have “definite proof” of our voting systems being hacked. Publicly traded companies are audited every year whether there is wrongdoing or not. So the same should apply to the citizens’ voting machines.
- Contracts made between a county and its election machine vendor be required to allow a county to audit or investigate its election machines without first having to get permission from the vendor. Counties are responsible to the voters for the election, not the vendors. The vendors have too much power over our elections when county officials have to get their permission to investigate or audit their voting machines.
- Ballot paper should be upgraded to include currency (money) grade security features in the paper so that they are nearly impossible to counterfeit. Arizona is considering this and it is a good idea. This will cost a bit more but is a worthwhile investment in election security.
- Require records be kept of each election, a “snapshot” in time showing who voted in the election with the addresses and other information of each voter at the time of the election. Of course, who the person voted for would not be included as it is not recorded. This allows citizens to check for irregularities in the election if they wish. Currently voter rolls are updated continually to seek to stay accurate in “real time” and this should be continued and not change.
- Requirement in law that voting machines not be connected to the internet
- Create a task force to investigate changing over to a voting machine that produces an accurate, reliable, efficient, and accountable result and that is not internet-capable and is analog and not digital. There is NO good reason to have a voting machine that is internet-capable.
- Requirement to send in a copy of the voter’s ID with their absentee ballot. The voter must show their ID on Election Day at the polls and so they should have to do the same if they cast an absentee ballot.
These bills deal mainly with our election voting machines and the ballots. The goal is to have counterfeit-proof paper ballots & no internet-capable voting machines. As a state we must ensure that all steps are taken to shore up the integrity of our elections and that includes the cyber side. It’s time to bring Iowa’s election system into the 21st century. And that means having a voting system that with 100% certainty is unable to be penetrated by 21st century threats. Easy to vote and even harder to cheat!
All good steps towards ensuring our elections are safe and auditable.
Requiring a thumbprint to vote by absentee ballot is an alternate idea worth considering; however, requiring the voter to send a copy of their ID when requesting an absentee ballot as suggested by Sandy seems effective and less invasive.
Keep up the pressure, Sandy!