8.8 C
New York
Saturday, March 23, 2024

The Iowa Caucus Tech Meltdown Is a Warning

After months of buildup, Monday’s Iowa Caucus kicked off the 2020 primary elections—and it didn’t go great. Reporting of results was delayed by what Iowa democratic officials first called "quality control" efforts. In fact, a new, unvetted mobile app designed to help collect and relay voting tallies had failed due to technical and usability issues. The telephone hotline intended as a fail-safe was overwhelmed by calls from caucus leaders trying to report results and troubleshoot the app. It was, and as of publication continues to be, a mess. It's also a warning.

The good news first: There's every indication that Iowa's results will turn out just fine. The votes were all properly recorded, and a paper backup means that they can be verified. It was the reporting process that epically collapsed, necessitating extra time for collecting and tallying final results. It's an annoyance, not a catastrophe.

"As part of our investigation, we determined with certainty that the underlying data collected via the app was sound," Iowa Democratic Party chair Troy Price said in a statement. "While the app was recording data accurately, it was reporting out only partial data. We have determined that this was due to a coding issue in the reporting system. This issue was identified and fixed."

But the things that went wrong in Iowa provide an important lesson that election officials have precious little time left to learn. Adding technology to the electoral process does not necessarily improve it; in fact, it often makes things more confusing. Worse still, the fallibility of tech makes it easy fodder for conspiracy theories, and a lack of faith in the democratic process. All of which has been on display in Iowa.

Start with the app, developed by a company called Shadow that was funded chiefly by Acronym, a Democratic nonprofit founded in 2017 by former Clinton campaign staff. An Acronym spokesperson did not return a request for comment from WIRED, though the firm said in a statement that it is simply an investor in Shadow. "We sincerely regret the delay in the reporting of the results of last night’s Iowa caucuses," Shadow tweeted on Tuesday afternoon. "As the Iowa Democratic Party has confirmed, the underlying data and collection process via Shadow’s mobile caucus app was sound and accurate, but our process to transmit that caucus results data generated via the app to the IDP was not. … Shadow is an independent, for-profit technology company that contracted with the Iowa Democratic Party to build a caucus reporting mobile app."

>

All software has bugs, but a flaw in the core functionality—reporting data—is a major failure. This year, after confusion marred reporting in 2016 and 2012, caucus precinct leaders needed to relay more data than ever to Iowa Democratic officials, who tabulate the results. In addition to the final votes and delegates won, participants also collected data about how caucus-goers originally aligned themselves and how they realigned once it was clear which candidates had less than 15 percent of the vote. The app was intended to be simple way to collect all of this information and centralize it as quickly as possible. It had one job.

In a way, the app had failed before Monday night's caucus began. Rather than download it from an app store, precinct leaders had to side-load it onto their devices, a confusing process that many seem to have understandably not bothered with. Those who did install the app appear to have received little training on how to use it or even how to log in; it required a combination of security codes rather than a simple username and password. On top of that, the PINs that precinct leaders used to practice logging in to the app expired before the caucus began.

Details about the app were also largely kept secret, an apparent attempt to create "security through obscurity." Not even the Department of Homeland Security had a chance to review it. But the idea that it's more difficult for hackers to attack a system they don't know much about is deeply misguided. Attackers can get up to speed quickly, while leaving security researchers in the dark means there's limited opportunity to catch bugs and vulnerabilities before the platform goes live. Nevada Democrats were planning to use the same app during their caucus in less than three weeks but said on Tuesday that they will not.

“I had heard concerns about the app, in particular that people didn’t know much about it and that there was a lot of secrecy around it,” says Lawrence Norden, deputy director of the Brennan Center's Democracy Program at New York University School of Law. “Even for the people who were supposed to be using it, there was very little training, and there was certainly no public testing of the app.”

Even worse, the Iowa Democrats' phone lines, which were supposed to be the fail-safe for the app, went down. Precinct leaders reported hours-long hold times and issues with their calls being disconnected. It seems that the hotline was expecting fewer calls than in previous years because of the app. Instead, the app actually increased call volume, as frustrated precinct managers tried to figure out what had gone wrong.

Despite all of this, the results should be sound. Every caucus vote was recorded on paper, meaning that officials will be able to verify that their final digital tallies line up with the actual results.

“In this case in Iowa I don’t think anyone will need to doubt what the results are,” says Marian Schneider, president of Verified Voting, a group that promotes election system best practices. “Those were recorded; those were preserved according to the caucus procedures that they’ve been following for a long time. But the reporting mechanism failed. People have to think carefully about what the impact is going to be when introducing tech into voting.”

Monday night’s debacle underscores the stakes of debuting new technology in elections and the inherent risks of layering more tech into systems to solve problems rather than looking for their root cause.

“Technology can help, but it usually comes with added risks,” says Ben Adida, executive director VotingWorks, a nonprofit maker of voting machines. “So any introduction of technology should come with a cost-benefit analysis. And when we do introduce technology in the foundational layer of our democracy, it should be broadly vetted, load tested, security reviewed, and open source.” None of which appears to have happened in Iowa.

For years, the election security community has stressed the need for paper backups in normal voting machines. And yet a rush to embrace certain digital technologies has left many states around the country with at least some precincts that use voting machines without a paper backup. A recent report from the Brennan Center estimates that 16 million votes will be cast with no paper backup at all in the 2020 presidential election. If any of those counties run into problems similar to Iowa's, they'll have no fail-safe for confirming results.

“A lot of states already use internet voting. West Virginia is already using a mobile app for military and overseas voters,” Verified Voting’s Schneider says. The state plans to expand app voting to include disabled citizens as well. “This is a very cautionary tale for doing so. We shouldn’t be doing that. I think this shows that we’re not ready.”

>

Iowa will bounce back from its Monday mess. State officials said they'd have official results by 5 pm EST on Tuesday. But in an already turbulent election cycle, the meltdown shows how easy it would be to create instability by spreading misinformation or calling a voting system’s integrity into question. On Monday night alone, rumors and conspiracy theories quickly popped up to fill the void as everyone—from voters to politicians to the media—awaited results they thought would come quickly. In elections, most of all, speed should not come at the cost of accuracy.

“Imagine this operational failure where we don't have individual voter-verified paper ballots to go back to," says VotingWorks’ Adida. "That would require nothing short of rerunning the election. But we have locally verified paper records of the caucus tallies, so we should all take a deep breath. We're going to be OK.”

Updated February 4, 2020 2:50pm ET to include a statement from Shadow.Corrected February 5, 2020 3:20pm to clarify that the Iowa Caucus had reporting/results confusions in 2016 and 2012.

Related Articles

Latest Articles