Everything We Know About the App That's Being Blamed for Chaos in Iowa

Image for article titled Everything We Know About the App That's Being Blamed for Chaos in Iowa
Photo: Getty Images

The Iowa Caucus was last night and this morning, instead of results and the usual squabbling discourse, everything is a giant clusterfuck. At the center of the swirling mass of fuckery is an app commissioned by the Iowa Democratic Party. As early as Monday afternoon, reports began filtering in that the app was glitching for precinct captains and by the end of the evening, it was clear those technical difficulties were widespread across the state.


Earlier reports stated the app had supposedly been tested and vetted by independent parties and the Department of Homeland Security, but the app maker and how the app was tested was a close kept secret in a bid to minimize the chances of election interference—a decision that some cybersecurity experts questioned, as obscurity doesn’t necessarily equal security.

As it turns out, perhaps those concerns were well-founded. A New York Times report notes that the app in question was hastily built a mere two months ago and was untested on a statewide scale. The report also quoted Christopher C. Krebs, the director of Homeland Security Department’s cybersecurity division, as saying his agency had not vetted or evaluated the app, seemingly contradicting an earlier NYT report. Another issue is that the app had never gone through end-user testing at scale—meaning the first time many precinct chairs even tried using the app was on Monday, with many downloading it for the first time hours before the caucus began. To make matters worse, it also appears that party officials also hadn’t been trained on how to use the app. (Though, a separate Politico report quoted an anonymous party official who said app training was part of volunteer training.)

Before you put on your tin foil hats, it should be noted this isn’t the first time an app has been used during the Iowa Caucus to report results. Likewise, there’s no indication that the app was hacked and, the use of the app was always optional. The delay in results is instead, being pinned on “quality control,” overloaded phone lines, and double-checking results with the paper trail.

“We found inconsistencies in the reporting of three sets of results. In addition to the tech systems being used to tabulate results, we are also using photos of results and a paper trail to validate that all results match and ensure that we have confidence and accuracy in the numbers we report,” said Mandy McClure, the Iowa Democratic Party’s communications director, in a written statement last night. “This is simply a reporting issue, the app did not go down and this is not a hack or an intrusion. The underlying data and paper trail is sound and will simply take time to further report the results.”

The Iowa Democratic Party doubled down on that this morning, releasing a statement on Twitter that reads “As part of our investigation, we determined with certainty that the underlying data collected via the app was sound. While the app was recording data accurately, it was reporting out only partial data. We have determined that this was due to a coding issue in the reporting system.” The statement goes on to say that the issue was identified and fixed, and that it didn’t impact overall data accuracy.


The statement did not address why the app was only reporting partial data, and whether that problem would have even been an issue in the first place with more rigorous vetting and testing.

It’s important to emphasize that there is a paper trail and each campaign also has its own internal tallies of the results. There are checks and balances to keep everything above board.


The official line doesn’t absolve the app of further scrutiny. According to the LA Times, the app was created by a tech startup called Shadow that’s staffed by former members of Hillary Clinton’s 2016 campaign. Its website describes itself as “a constant companion” that builds “a long-term, side-by-side “Shadow” of tech infrastructure to the Democratic Party and the progressive community at large.” FEC disclosures also show that Pete Buttigieg’s campaign gave Shadow $42,500 in July 2019 for “software rights and subscriptions.” What all that means is unclear, but we know for certain that “Shadow” was an unfortunate branding choice.

Shadow is also an arm of ACRONYM, a Democratic nonprofit founded in 2017 that runs “dozens of targeted media programs to educate, inspire, register, and mobilize voters.” In addition to Shadow, ACRONYM was also an investor in Courier Newsroom and Lockwood Strategy. The latter is a strategy firm founded by Tara McGowan, a former journalist and digital producer for former President Obama’s 2012 campaign. (She’s also the co-founder of ACRONYM itself.) That said, ACRONYM has curiously distanced itself from Shadow, claiming in a tweet that it was not a tech provider to the Iowa caucus and that it, “like everyone else, [is] eagerly awaiting more information from the Iowa Democratic Party with respect to what happened.”


Gizmodo has reached out to Shadow and ACRONYM, but did not immediately receive a response. Shadow did find time to post a job listing for a Client Success Representative on Wednesday.

All of this is enough to make anyone’s head spin, so it’s a great thing to note that the app is also slated to be used in the upcoming Nevada caucus. Or you know, given what we know now, the Nevada Democratic Party could do us all a solid and just not.


Update, 02/04/2020, 2:30pm:

A few developments. Senator Mark R. Warner, vice chairman of the Senate Select Committee on Intelligence and the co-chair of the Senate Cybersecurity Caucus, issued a statement regarding Iowa. In it, he says, “As the Department of Homeland Security has said, there is no indication that the failures associated with the app from last night’s caucuses were the result of malicious cyber activity.” He also went on to note that the resulting confusion highlights how truly screwed the current election system is.


“But what we’ve also seen that this chaos has created an environment where misinformation is now running rampant online, further undermining confidence in the democratic process,” Senator Warner added. “As we’ve seen in the past, foreign actors like Russia and China won’t hesitate to latch onto this kind of content in order to add to the domestic discord and distrust in our elections.”

Furthermore, Shadow itself has issued an apology on Twitter. “We sincerely regret the delay in the reporting of the results of last night’s Iowa caucuses and the uncertainty it has caused to the candidates, their campaigns, and Democratic caucus-goers.”


Well, at the very least, it also now appears that Nevada has seen the shitshow, and will not be using the app. In a statement, William McCurdy II, the chair of the Nevada State Democratic Party, wrote “NV Dems can confidently say that what happened in the Iowa caucus last night will not happen in Nevada on February 22nd. We will not be employing the same app or vendor used in the Iowa caucus. We had already developed a series of backups and redundant reporting systems, and are currently evaluating the best path forward.” 



Any form of electronic voting should be kept out of all democratic (not the party but the system) elections.  Paper and pencil is still the most secure way we have because attacks on those do not scale well.