This has been one of the craziest election cycles ever. That’s one thing we can agree on. Regardless of which side of the aisle that you are on, you’ve probably heard many claims of “vote rigging” that have filled the news this election season. Many Chief Information Officers from around the globe chimed in this week with their thoughts on if it was possible for U.S. elections to be rigged.
Myles Suer, #CIOchat facilitator, opened the dialogue on his weekly #CIOChat on Twitter: “I wanted to hear from technology and security experts what they thought about the vote rigging claims being made.” He asked members of
Suer asked members of #CIOChat to relate their views. He believed these information security leaders were ideally positioned to evaluate the technological risks and could give us full confidence in the election system — or not.
Are there real risks to our election systems?
The result: CIOs are not of one mind when it comes to the risks. One CIO kicked things off by saying that the risk of rigging has always existed, even with paper ballots. If there’s a will, there’s a way.
CIOs clearly feel that devices could be manipulated to violate security. But in general, CIOs identified few credible claims of vote rigging. One CIO said that the biggest risk in their opinion is “simple innuendo” –people saying that the election is rigged. Another CIO added on by insisting on the importance of public confidence in the process.
A1. Biggest risk ? Simple innuendo #election is “rigged.” Recency effect on full display; people remember the last thing they hear #CIOChat https://t.co/7bGUBjh3AO
— Peter Salvitti (@psalvitti) November 3, 2016
CIOs generally felt that oversight or accountability in verifying election results is likely where the biggest risks can be avoided. One CIO pointed out that even the most rudimentary review of votes would identify significant anomalies.
A1 Cont: In most cases rudimentary review of votes will identify any “large enough” to matter anomalies. #CIOchat
— Mark Thiele (@mthiele10) November 3, 2016
#Ciochat – Confidence in process is important
— Lee Herrin (@technologicalee) November 3, 2016
Is there a better way to do elections?
CIOs said that there could certainly be better systems put in place, but voting systems improvement is challenged by the decentralized nature of the U.S. voting process.
A1a – There certainly could be better systems put in place, but it is tough to do because the voting process is not centralized #ciochat
— Larry Larmeu (@LarryLarmeu) November 3, 2016
One CIO suggested that blockchain could be added to the US elections workflow. He argued that if blockchain can be used with nuclear weapons, why not with US elections? He said with blockchain the election, “will be a vote of the people, secured by the people for the people.” Others agreed that technology can help improve the process—including blockchain and chip & pin. But they also said these technologies will not help non-techies retain confidence, and in fact, could disenfranchise some voters. Some CIOs felt as well that a large fraction of voters would not even trust the technologies. In their opinion, the systems would not address the issue of the “digital divide.”
A.1. My vote is to introduce #Blockchain into the #USElections workflow #CIOChat
— E.G.Nadhan (@NadhanEG) November 3, 2016
Blockchain was clearly seen by CIOs as the most promising of the potential approaches for dealing with the security risks. Some CIOs, however, asked for the business requirements. What function will it optimize? Voter experience? Voter security? Voter secrecy? Voting speed?
If #Blockchain can be used to secure nuclear weapons, why not #USElections? #CIOChat https://t.co/L07PQhvbgb
— E.G.Nadhan (@NadhanEG) November 3, 2016
A CIO from the UK argued for the value of deploying a common/integrated technology. She felt that there could be value in distributed technology. However, a US CIO reminded her that elections in the US are carried out at the state or local levels.
This means that the infrastructure improvements required would be dramatic, and the coordination tough, if not impossible.
At this point, one CIO asked whether it could be valuable to have a single, national ID? But a fellow CIO reminded the group that the problem with voter fraud historically has been a non-issue—so a single ID would seek to solve a problem that doesn’t really exist. The prior CIO countered by saying that Estonia uses a National ID as a way to combat fraud.
If #Blockchain can be used to secure nuclear weapons, why not #USElections? #CIOChat https://t.co/L07PQhvbgb
— E.G.Nadhan (@NadhanEG) November 3, 2016
Focus upon process?
Most CIOs at this point asked why we are concerning ourselves with technology? They argued we should concentrate on people and process. CIOs stressed here that elections are not a technology problem and that data security in elections—as with employees in enterprises–must begin with the election worker. No technology can prevent human sabotage with paper ballots. While technology can make elections safer and faster, people are the key and represent the greatest area of risk. Adding on, another CIO said that technology is amoral; it’s what people do with it that is good, bad, or indifferent.
If #Blockchain can be used to secure nuclear weapons, why not #USElections? #CIOChat https://t.co/L07PQhvbgb
— E.G.Nadhan (@NadhanEG) November 3, 2016
Suer asked whether voting systems should be networked. CIOs saw clear risks inherent to both online and offline systems. Networking systems, however, were seen as being a source of greater risks. CIOs returned to requirement fundamentals: you have to ask if the benefits are worth the risks. In the end, CIOs felt that attention should be focused on better informing the voting populace, regularly updating old equipment and firmware, proactively including better security, and better verifying count accuracy.
#CIOChat: What is it?
The #CIOChat is a group of CIOs and other IT leaders that gets together weekly on twitter, Thursdays at 1pm PT, to discuss the issues around being an effective technology and business leader. Suer mentioned that next week’s #CIOChat is on organizing IT for an era of change.