Home / Cybersecurity / Analysis | The Cybersecurity 202: Trump is trying to make mail voting a partisan issue. It's not in many states. – The Washington Post

Analysis | The Cybersecurity 202: Trump is trying to make mail voting a partisan issue. It's not in many states. – The Washington Post

with Tonya Riley

Readers: The Cybersecurity 202 will not be publishing on Monday, May 25. We hope you have a relaxing and safe Memorial Day.

President Trump has slammed voting by mail as a Democratic ploy to fix elections and attacked Democratic leaders who want to expand the practice in swing states such as Michigan.

But many of the states that are making the greatest strides on increasing voting by mail during the pandemic are unlikely to play a significant role in deciding the winner of the 2020 presidential election – and are doing it without much partisan angst. 

Massachusetts, where a Republican presidential candidate hasn’t won since Ronald Reagan in 1984, is a case in point. The state’s moderate Republican Gov. Charlie Baker is broadly supportive of Democratic-led efforts to expand voting by mail and has already signed a bill aimed at dramatically expanding the practice through elections in June. 

It’s Democratic Secretary of State William Galvin, meanwhile, who is pushing back against the most ambitious mail-in voting plans from Democratic state legislators, warning that if the state tries to go too far it could damage the integrity of the election. 

The moves are part of a broader effort to ensure state residents can cast auditable paper ballots during the pandemicwhich experts say is vital for security — but don’t have to risk their health by visiting an in-person polling site. Massachusetts also has a long way to go on increasing vote by mail, which is typical of both Democratic and Republican-led states along the East Coast. Only 3 percent of Massachusetts voters cast their ballots that way in 2018. 

“It’s challenging for states that have a history of significant in-person voting to make this modification, but it’s not impossible,” Galvin told me. “This is not something that you can just snap your fingers and it will change everything. You have to do it carefully.” 

That’s a far cry from the picture of Democratic scheming and fraud that Trump has painted in tweets and public comments. 

Many other states defy Trump’s simple caricature of a Democratic plot to increase voting by mail. 

Georgia, Iowa, Nebraska and West Virginia all have Republican governors and top election officials – but are still planning to send request forms for mail ballots to all registered voters during the pandemic. 

Trump has claimed without evidence that voting by mail leads to widespread fraud including “thousands and thousands of fake ballots” — though he voted by mail himself in Florida this year. 

He also has said that if Democratic proposals to expand mail voting were enacted, “you’d never have a Republican elected in this country again” — though evidence suggests expanded voting by mail doesn’t favor one party over another. 

Galvin’s proposal in Massachusetts would allow anyone to request a mail-in ballot in writing or online.

The state would send live ballots only to those who request them, a practice increasingly being deployed by Republican and Democratic states across the country. 

The proposal would also expand early in-person voting to 18 days ahead of the general election and at least a week ahead of the primary. And he’s planning a slate of other changes to ensure elections are safe during the pandemic, including hiring younger and healthier poll workers and mandating that polling locations across the state are large enough to accommodate social distancing. 

Galvin has told legislative leaders in both chambers, which are controlled by Democrats, that he wants to have a plan in place by mid-June to ensure there’s enough time to make all the changes, he said.  

Galvin declined to speculate how much that will cost, saying he’s not sure how bad the pandemic will be by fall or how competitive some of the primary races will be. 

But he does think it’s likely to cost more than $8 million, which is the state’s share of $400 million in election money Congress appropriated in its $2 trillion coronavirus stimulus bill. 

State legislators have proposed more expansive moves such as sending ballots directly to voters. 

That’s the system used by the five states that vote almost entirely by mail, and it’s required in a proposal from House Democrats that would deliver an additional $3.6 billion for elections as part of coronavirus relief. 

We have a tremendous amount of work to do to put robust vote-by-mail in place, and there shouldn’t be extra hoops for voters to go through in order to exercise their right to vote safely,” state Sen. Rebecca L. Rausch, a sponsor of one of the most progressive efforts, told me. 

But many Republicans, including some top election officials in other states, say that creates too great a risk for voter fraud because many ballots will go to addresses where the voter has moved or died since registering.

Galvin also opposes that method. He isn’t specifically concerned about fraud, he says, but wants to maintain clear records about who has requested ballots, who has received them and when they’ve been returned to avoid confusion or the perception of fraud. 

The process would also make it difficult to get the right ballot to the right voter during primaries because Massachusetts residents are allowed to vote in either party’s primary regardless of their affiliation, he said. 

It’s not about whether Trump tweets about it, mostly erroneously. Or whether Democratic activists think that this would be a great strategy or not,” he said. “What matters is protecting the rights of voters and protecting the integrity of the electoral process.” 

Eastern states have generally been slow to adopt voting by mail, from liberal states in New England to conservative ones in the Southeast. 

As of 2018, less than 10 percent of voters cast ballots by mail in New Hampshire, New York, Pennsylvania, Maryland, Delaware, Virginia, North Carolina, South Carolina, Georgia, Alabama, Mississippi and Louisiana, according to data compiled by the Brennan Center for Justice at New York University. 

States in the west, meanwhile, have generally embraced voting by mail, partly because of their more spread-out geography. The five states that vote almost entirely by mail are Washington, Oregon, Utah, Colorado and Hawaii. As of 2018, about 79 percent of Arizonans voted by mail as did 72 percent of Montanans and 63 percent of New Mexicans. 

The rest of New England has also been pushing to increase voting by mail during the pandemic. 

In New Hampshire: Only about 8 percent of voters cast mail ballots in 2018, and they were required to provide an excuse to do so. But Gov. Chris Sununu (R) has pledged that anyone who wants to vote by mail will be able to do so in November if the virus is still a factor. 

In Vermont: About 10 percent of voters cast ballots by mail in 2018. The state doesn’t require an excuse to vote by mail, and Secretary of State Jim Condos (D) has said he wants to prepare for the majority of Vermonters to vote that way in November if the virus is still a factor. But he has clashed with Gov. Phil Scott (R) who wants to wait until after the state’s August primary to make a decision. 

In Maine: About 29 percent of people in the Democratic-led state voted by mail in 2018, but state election leaders still say they’re planning for a “significant increase in the use of absentee voting for the 2020 primary and general elections.” 

Correction: This article has been updated to correct the duration of a bill expanding mail voting. 

The keys

North and South Dakota’s coronavirus contact tracing app is violating its own privacy policy.

That policy states the Care19 app won’t share any data with third parties, but the iPhone version of the app shares data with FourSquare, a location-data provider for marketers, according to an analysis by privacy software company Jumbo shared with Geoffrey Fowler.

The findings appear to confirm privacy experts’ fears that a race to build contact-tracing technology will result in serious privacy oversights. “Should this have been vetted? Yes. We are following up on that as we speak,” said Vern Dosch, North Dakota’s contact-tracing facilitator. “We know that people are very sensitive.” Health officials in South Dakota didn’t immediately reply to requests for comment. 

The app was designed to collect residents’ location data so they could volunteer to share it with public health officials if they test positive for the coronavirus. Its privacy policy tells users that data “will not be shared with anyone including government entities or third parties.”

Care19’s maker, the company ProudCrowd, tells Geoffrey it plans to update its privacy policy and to share less data with FourSquare in the future. The company is also working on a second version of the app that would comply with a coronavirus tracing software system created by Google and Apple, which does not allow for collecting location data.

Four states are warning residents who applied for coronavirus unemployment benefits online that their personal information may have been exposed. 

The breaches may have exposed tens of thousands of Americans to identity theft, Kevin Collier at NBC News reports. They stemmed from “security incidents” in software built by two different contractors.

In Arkansas, a bug in the state’s pandemic unemployment assistance website exposed Social Security numbers and banking information of 33,000 applicants. Colorado, Illinois and Ohio also notified pandemic unemployment applicants of a potential data leak stemming from systems built by the consulting firm Deloitte. The states did not disclose the number of applicants whose data might have been exposed, but said the bug was patched within an hour after it was discovered.

Both systems were built in less than a month, highlighting how rapid-fire efforts to respond to the pandemic may be happening at the expense of security. 

It also shows the dangers of governments prioritizing low cost over quality in technology contracts, said Tarah Wheeler, a cybersecurity policy fellow at the New America think tank. “It isn’t necessarily that unemployment systems are particularly vulnerable to data breaches,” she said. “It’s that almost every kind of governmental data system, which is locally implemented on a shoestring budget, begun by a contractor who bid the lowest and abandoned by the former and following administrations, is likely to be just as bad.”

Rep. John Ratcliffe was confirmed as director of national intelligence and will lead U.S. intelligence efforts against Russian interference in 2020. 

Ratcliffe, a Texas Republican, will also deal with Chinese threats to national security, which have escalated during the coronavirus pandemic and hacking threats from Iran and North Korea in his role atop the nation’s 17 intelligence agencies. 

The Senate confirmed Ratcliffe along party lines and there were more votes opposing his confirmation than for any other nominee in the office’s 15-year history, Shane Harris reports.  

Trump first nominated Ratcliffe last year only to withdraw the nomination after criticism from both Republicans and Democrats that he lacked the necessary qualifications for the job. Democrats have also slammed Ratcliffe for exaggerating his anti-terrorism work as a federal prosecutor in Texas. 

Democrats grilled Ratcliffe during his confirmation hearing about whether he would resist  politicization of the office and act independently from the White House. “Regardless of what anyone wants our intelligence to reflect, the intelligence I will provide if confirmed will not be altered or impacted by outside influence,” he said.

Coronavirus watch

Criminal and state actors continue to target U.S. coronavirus research, the FBI warned industry leaders in an advisory this week.

“Likely due to the current global public health crisis, the FBI has observed some nation-states shifting cyber resources to collect against the [health care and public health] sector, while criminals are targeting similar entities for financial gain,” the advisory, obtained by CyberScoop, warned.

In one case, hackers used ransomware to attack a biological research facility, but the facility managed to recover using digital and paper backups. The FBI warns that efforts by adversaries to delete or manipulate data “could undermine the credibility and integrity of ongoing research efforts and the results of clinical trials.”

Hill happenings

Sens. Amy Klobuchar and Jerry Moran want the FTC do to more to protect senior citizens from coronavirus-related scams.

A new bill from the Minnesota Democrat and the Kansas Republican directs the agency to report scams targeting seniors during the pandemic to Congress and to update its website to give better information to seniors and their caretakers about how to access law enforcement about scams.

Top Republicans on the House Commerce Committee are grilling TikTok over whether the company is sharing Americans’ data with the Chinese Communist Party.

A letter from ranking Republican Greg Walden (Ore.) and Rep. Cathy McMorris Rodgers (R-Wash.) also cites recent complaints by child advocacy groups that the company is violating U.S. laws that protect children under 13.

TikTok has strongly denied that it turns over any U.S. user data to Beijing officials, despite repeated questioning by China hawks in both parties. While the company’s owner ByteDance operates out of Beijing, it is incorporated in the Cayman Islands.

Industry report

Cybersecurity conference RSA will move next year’s event from February to May in response to coronavirus concerns.

At least two attendees tested positive for the virus following January’s conference in San Francisco, ZDNet reports. Two other key cybersecurity conferences, BlackHat and DEF CON, have scrapped their physical events, which are typically in Las Vegas in August, in favor of virtual conferences.

More industry news:

Large Tech Companies Prepare for Acquisition Spree

After pushing the pause button during the coronavirus pandemic, big enterprise-technology companies later this year are expected to go on a shopping spree for smaller tech firms, industry analysts say.

The Wall Street Journal

Global cyberspace

Hundreds of Israeli websites reported being hacked yesterday afternoon.

The websites were vandalized with anti-Israeli material, Israel’s top cybersecurity agency said in a statement. The targets included companies, local governments and nonprofit organizations, Bloomberg News’s Alisa Odenheimer reports. The company Check Point attributed the attacks to a group of hackers from Turkey, North Africa and the Israeli-occupied Gaza territory. 

More global cybersecurity news:

Chat room

China hacking U.S. coronavirus vaccine research may not be that bad, say Columbia University cybersecurity Prof. Jay Healey and graduate student Virpratap Vikram Singh.


  • Ranking Digital Rights will host an event “Getting to the Source of the 2020 Infodemic: It’s the Business Model,” on Wednesday at 11:30 a.m.

Secure log off

Happy anniversary to our favorite TikTok account!

Source link


Check Also

Calls Grow to Restore White House Cybersecurity Leader Role – BankInfoSecurity.com

Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Lack of …