Voter sites face privacy risk
The Election Assistance Commission recommends that states take steps to protect data on voter information Web sites, even if it is public information
STATES, COUNTIES AND municipalities are making more information
for voters available online through interactive Web sites, but
election officials must strike a balance between convenience,
privacy and functionality, the Election Assistance Commission (EAC)
said in a new study.
“Posting voter information on the Internet may have
unintended consequences,” the study warns. “Deciding
what information to provide and how to provide it is the most
important step in developing a voter information Web site because
the information and method of delivery define the implementation
process.”
EAC published a set of best practices for voter information
sites (GCN.com, Quickfind 1263), based on a 13-month study of
hundreds of sites hosted in all 50 states. The study, conducted by
nonprofit group Publius, did in-depth studies of 71 sites to
produce the recommendations.
“The sites are more popular and more useful the more
information you put on them,” said Vincent Keenan, primary
investigator and author of the report.
However, at the same time, Keenan was surprised at the amount of
information about registered voters some officials were putting
online. Keenan agreed that the information is public, but wholesale
publication of more data than necessary can create the risk of
identity theft and deter users.
“Voter information Web sites allow access to potentially
sensitive information and should be carefully constructed to avoid
jeopardizing voters’ privacy or the integrity and security of
the records,” the study states. “Voter information can
be compromised by falling into the wrong hands or by being modified
to the detriment of accuracy.”
Databases that can be queried through a Web site became
practical with the development of computerized voter registration
lists and the software to maintain them. Initial sites aimed
primarily to answer the questions, “Am I registered?”
and “Where do I vote?” The sites have evolved during
the last decade to become more dynamic and include mapping services
to locate polling places; sample ballots specific to the precinct;
information on voter registration, candidates and issues; and the
ability to track absentee and provisional ballots.
Keenan formed Publius in 1996 and developed the first statewide
site for checking voter registration in 1997 in Michigan, after he
showed up at the wrong polling place for an election. He was the
senior computer center specialist at the University of
Michigan’s Human Genetics Department, and thought,
“there ought to be a better way to do this.”
He obtained the state’s electronic voter file for $167
through a Freedom of Information Act request and reverse engineered
it to create a site that would verify a voter’s registration
and produce a sample ballot. He then turned the site over to the
state.
The study recommends that governments consider outsourcing the
development, use commercial or open-source tools and software, plan
to accommodate spikes in demand, and promote the site’s use.
Section 508 requirements should be the minimum standard for
accessibility, and administrators should control and limit the
amount of data exposed.
“Do not expose the official registry file to the
Internet,” the study states. “Create a copy of your
authoritative database to use for your voter information Web site
and regularly update it from the authoritative database.”
The information exposed when answering voters’ questions
also should be limited to what is necessary and appropriate, and
although the information being provided is public, encrypting the
link wouldn’t hurt.
Quality of existing Web sites varies widely with experience,
Keenan said. “The innovators that are on version 3 or 4 are
quite impressive,” he said. Those who have started later or
have not updated sites have more problems.