IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Voter Data Breach Shows Need for Stricter Security Measures (Opinion)

For an unknown amount of time, anyone in any part of the world had access to 191 million Americans’ locations and political beliefs.

(TNS) -- It’s a sad feature of contemporary life that data breaches are as common as changes in the weather. Still, the news that a misconfigured database resulted in the exposure of about 191 million registered voters’ personal information is incredibly alarming.

For years, skeptical political theorists have warned that, although new technology held great potential for voting, it came with many potential threats to voter privacy and security. Unfortunately some of these valid concerns were hijacked by conspiracy theorists, especially after a notorious series of scandals were linked to Diebold voting machines in the 2004 presidential election.

But given this week’s news [in late December], it’s time to return to the question of how technology can compromise voter security, with an eye to developing constructive solutions.

On Dec. 20, a security researcher named Chris Vickery discovered holes in the security of a massive database of voter registration information.

The database contained information required for voter registration, including names, home addresses and phone numbers, dates of birth, political affiliation, and participation in primaries and elections dating back to 2000. Thankfully the database didn’t include driver’s license numbers or financial information.

Voter registration lists are public record in most states, but many have restrictions on how the data can be accessed and used. For an unknown amount of time, anyone in any part of the world had access to 191 million Americans’ locations and political beliefs. That’s a direct threat to voter privacy.

Vickery shared his findings with Databreaches.net, which called the FBI and California’s attorney general, Kamala Harris. California is one of the few states to strictly restrict data disclosures on voter registration, and more than 17 million California voters’ information was exposed.

Alex Padilla, California’s secretary of state, confirmed that his office didn’t post the records online. In a statement, Padilla said that his office was discussing the matter with the attorney general and that it was standing “ready to provide any assistance necessary.”

The first matter of business should be finding out the source of the leak — unfortunately it’s not yet clear to whom the database belongs. It seems unlikely that any of the political software firms would willingly admit to the breach, so Harris’ office may need to push for an investigation.

Beyond determining the source of the leak, state leaders should be asking more questions about the relative strength of software firms’ security procedures. Are there best practices? Who’s following them — and who’s not?

Finally, California must consider requiring security thresholds before turning over voter data to the marketing firms and political consultants who develop these databases for campaigns. Although we can all agree that political campaigns have a valid reason for accessing voter data, what’s most important in a democracy is for voters to have confidence in the privacy of their ballots.

©2015 the San Francisco Chronicle. Distributed by Tribune Content Agency, LLC.

Special Projects
Sponsored Articles
  • How the State of Washington teamed with Deloitte to move to a Red Hat footprint within 100 days.
  • The State of Michigan’s Department of Technology, Management, and Budget (DTMB) reduced its application delivery times to get digital services to citizens faster.

  • Sponsored
    Like many governments worldwide, the City and County of Denver, Colorado, had to act quickly to respond to the COVID-19 pandemic. To support more than 15,000 employees working from home, the government sought to adapt its new collaboration tool, Microsoft Teams. By automating provisioning and scaling tasks with Red Hat Ansible Automation Platform, an agentless, human-readable automation tool, Denver supported 514% growth in Teams use and quickly launched a virtual emergency operations center (EOC) for government leaders to respond to the pandemic.
  • Sponsored
    Microsoft Teams quickly became the business application of choice as state and local governments raced to equip remote teams and maintain business continuity during the COVID-19 lockdown. But in the rush to deploy Teams, many organizations overlook, ignore or fail to anticipate some of the administrative hurdles to successful adoption. As more organizations have matured their use of Teams, a set of lessons learned has emerged to help agencies ensure a successful Teams rollout – or correct course on existing implementations.