Worried about whether U.S. elections are vulnerable to outside interference? On Wednesday, tech giants Facebook, Twitter and Google testified that their platforms were used to spread Russian misinformation and propaganda to millions of potential voters in 2016. But here’s a case that illustrates how the struggling technical systems that run elections on a local level could be just as much of a concern in the future as well.
In July, a lawsuit alleged that computer systems in Georgia containing the personal information of 6.7 million voters as well as election officials’ passwords were riddled with security vulnerabilities—and that authorities responsible for the databases failed to fix them within six months of being notified. Three days later, Georgia officials conveniently wiped the state’s election data, potentially preventing any investigation whether the server was indeed meddled with. As Slate noted, the incident could only be explained as either an “incredible act of incompetence” or a deliberate attempt to cover up the issue at the same time Republican Secretary of State Brian Kemp, Georgia’s top election official, runs for governor.
Another curious development in the case on Wednesday: According to the Associated Press, the Georgia attorney general’s office has declined to defend Kemp in the suit. Instead, Kemp and other election officials will instead be defended by a private firm, the AP wrote.
Assistant state attorney general Cristina Correia allegedly gave attorneys involved conflicting information on whether the server was wiped before or after the lawsuit was filed on July 3:
The server’s data was destroyed July 7 by technicians at the Center for Elections Systems at Kennesaw State University, which runs the state’s election system, Correia informed attorneys in the case in an Oct. 18 email. Twelve days earlier, she had informed the same group of attorneys that the data on the server was wiped on March 17, the same day it was returned to the Center for Elections Systems at Kennesaw State University by the FBI after a probe into the security incident. No one at the state attorney general’s office has explained Correia’s source for the apparently erroneous information on timing.
On July 2, one day before the lawsuit was filed, Kemp wrote an editorial in USA Today calling the allegations the server had security holes “misinformation from the media or disgruntled partisans” and “fake news.” Per Slate, Kemp later blamed the destruction of information on the server on KSU staff.
“There is no scandal or vast conspiracy,” Kemp’s campaign wrote in a statement to the AP. “This is a tasteless nothingburger cooked up by liberal activists who know their lawsuit is nothing short of stupid.”
Regardless of what’s going on, one thing that’s clear is that the alleged vulnerability of Georgia election systems is not an anomaly. In general, the U.S. election system is not very secure.
Reports earlier this year suggested the FBI is investigating numerous instances in which Russian hackers may have probed the security of voter registration, database and voting machine systems in dozens of states in the leadup to the 2016 election. There’s no evidence anything was changed, but the worry is that anyone (not just Russians) could take advantage of numerous security holes in the voting process. States are also reportedly doing a poor job of investigating the incidents or hardening their voting systems against future intrusion.