Planned Voter Database Would Invite Cyberattack, Security Experts Warn

Planned Voter Database Would Invite Cyberattack, Security Experts Warn

A group of technology experts and national security officials are sounding an alarm over a presidential commission's effort to build a national voter information database

A group of technology experts and national security officials, including former Director of National Intelligence James Clapper Jr., has joined a Common Cause lawsuit charging President Trump’s “voter fraud” commission with attempting to invade the privacy of millions of American voters.

In a “friend of the court” brief filed Wednesday, the officials and experts warned that a national voter database the commission hopes to build from information collected by state election officials would be an attractive and vulnerable target for online hackers – foreign and domestic.

“The stated mission of the Presidential Advisory Commission on Election Integrity (the “Commission”) is to ensure the integrity of our electoral systems,” the brief argues. “But given the advanced cyberthreats posed by foreign adversaries, there is a serious risk that the Commission’s activities will ultimately make U.S. election systems more susceptible to compromise and abuse.”

The risk is compounded because the commission plans to store the data on a White House computer system adapted for that purpose rather than on more secure computers and servers at the Defense Department, the brief adds.

The group contends that the decentralized nature of voting systems across the U.S., with different states relying on different vendors to supply and maintain voting machines and tallying equipment, provides important protection against a broad-based cyberattack on a national election.

At the urging of its vice chairman, Kansas Secretary of State Kris Kobach, the commission is attempting to gather a variety of information about registered voters and put it into a national database. The Common Cause suit, filed in U.S. District Court in Washington, charges that the data request violates the federal Privacy Act; most of the state election officials who would have to supply the data have declined or agreed to honor only a portion of Kobach’s request.

Kobach argues the data will reveal duplicate registrations and other problems that make U.S. elections vulnerable to fraud; a data collection program he created in Kansas, the Interstate Crosscheck System, has been replete with false positives. The Washington Post reported in July that an analysis by researchers at Stanford, Harvard, the University of Pennsylvania and Microsoft Corp, found that Crosscheck “would eliminate about 200 registrations used to cast legitimate votes for every one registration used to cast a double vote.”

President Trump created the commission last spring to search for evidence backing up his claim that up to 5 million people voted illegally in the 2016 presidential election, depriving him of a popular vote majority. The panel, chaired by Vice President Mike Pence, has met only twice and its future is unclear; one Democratic member has filed his own suit against the commission, arguing that its leaders and staff are hiding information about their work from him.

A series of other reviews of U.S. election systems, ordered by Democratic and Republican presidents stretching over several decades, has produced major recommendations for upgrades in voting and vote counting systems but found scant evidence of voter fraud. For more information on those commissions and the contrast between their work and that of the Pence-Kobach Commission, see “Flawed from the Start,” a Common Cause report issued in September.