What will it take for a secure election?
In the face of unprecedented challenges this year, many election officials say most issues can simply be addressed with sufficient political will.
Amid a raging pandemic, an economic recession crushing state and local budgets, foreign and domestic disinformation campaigns, hackable voting machines, poll worker shortages and mail-in voting under attack by the president, election officials are in for a rough ride this fall.
While some local elections officials have been vocal in their frustration, others pledge to carry out a safe and secure process no matter the circumstances. They argue few -- if any -- of these challenges are insurmountable, and most simply require sufficient political will to address.
Many local officials say they desperately need two things to ensure a safe and secure election under current conditions: more state and federal resources, including emergency funding from Congress; and support from political leaders when it comes to educating voters, many of whom will be voting by mail for the first time this year.
In terms of other resources, it's a mixed bag. Many states have moved to expand access to vote by mail, encouraging residents to explore the option and in some cases preemptively mailing absentee ballot applications to registered voters. Still, in a Brooking Institute analysis of how easy it is to vote by mail, 29 states received a grade of C or lower. The analysis graded states on metrics such as whether they allow voters to cite concern over COVID-19 to request an absentee ballot, whether they make drop-off boxes or in-person channels available and if a state accepts ballots that are postmarked by Election Day.
The virus "added a whole new set of concerns that were always there, but that got brought very sharply into focus" such as how to conduct voting in a state of emergency and what exceptions to make, said computer scientist and election security expert Matt Blaze during a speech at the Black Hat cybersecurity conference this week.
"Basically, emergencies are likely to require scaling up our exception mechanisms, which mostly involves mail-in voting," he said.
Federal organizations like the Cybersecurity and Infrastructure Security Agency and Election Assistance Commission have also pivoted to provide more expertise and assistance to state and local governments around the issue.
Last month, CISA issued an infrastructure security assessment around vote by mail that outlined a number of new risks that could be introduced by scaling up vote by mail. Those risks include enhanced danger from cyberattacks on voter registration systems, since many voters will not be in-person to answer questions about identity or verification; security risks for offices and warehouses where mailed ballots will sit for weeks before being tabulated; and poor hand-offs as operational risk management responsibilities shift from local election officials to other entities like ballot printers and the U.S. Postal Service.
All of these new risks, the agency concluded, "can be managed through various policies, procedures and controls." In some ways, it could actually increase the confidence in election results by shifting votes from direct recording electronic voting machines to a process that leaves a better paper trail.
"For us, anytime you get paper into the system, that's … an opportunity to audit and auditing is a good thing," CISA Director Chris Krebs said about the increase in absentee ballot voting this election cycle.
The assessment aligns with what many local election officials on the ground say about mailed ballots: namely that it is a safe and secure way of voting that has multiple layers of verification throughout the process.
The greatest threat facing vote by mail may not come from the process itself, but by manipulation of public perception of that process by domestic and foreign actors. The CISA assessment stated that while disinformation and misinformation risks to mail-in voting infrastructure and processes are similar to that of in-person voting, "threat actors may leverage limited understanding regarding mail-in voting processes to mislead and confuse the public." It also noted that vote by mail "has already become an issue among partisan political voices, which makes it a target for threat actors to exploit."
The end result is a situation ripe for sowing confusion and discord. Clint Watts, a research fellow at the Foreign Policy Research Institute, listed "viral mail-in ballot conspiracies" as the top disinformation threat facing the 2020 elections.
One potential solution: transparency. Colorado Elections Director Judd Choate told the Bipartisan Policy Center that being "completely open" about the way jurisdictions process and count mail-in ballots can serve as a counterweight to many false or misleading claims.
"Let watchers, parties, and press see everything you do," he said. "Let them follow around ballot pick up teams, watch (and even challenge) the signature verification process and observe adjudication and tabulation."
A longer version of this article was first posted on FCW, a sibling site to GCN.