Media Talking Points on State Voter Data Request Don't Hold Water

Posted: Jul 02, 2017 9:00 PM
Media Talking Points on State Voter Data Request Don't Hold Water

A Presidential Commission formed to investigate voter fraud requested certain voter registration data from each state, among other things, in a letter sent June 28. Democrat politicians, supposed "experts," and the media claim the request is a massive violation of privacy and the secret ballot, a "gold mine" for hackers, an infringement on state's rights, and the first step in institutionalized voter suppression. 

Once you read the actual letter sent by commission Vice Chair Kris Kobach and do some research on the data and the people who are pushing the talking points, the truth is radically different. 

Politico's story claims that the commission is requesting a large number of data points, many of which aren't already publicly available, and make them public. (Emphasis added.)

"Their concerns stem from a letter the commission sent to every state this week, asking for full voter rolls and vowing to make the information “available to the public.” The requested information includes full names, addresses, birth dates, political party and, most notably, the last four digits of Social Security numbers. The commission is also seeking data such as voter history, felony convictions and military service records."

While Politico simply lets the reader decide for which nefarious purposes the data could be used, Mother Jones spells it out. They claim the commission would create this new public database available to anyone with an internet connection, and that:

"With all this data made public, for example, a person could look up nearby Democratic voters, track them down with their addresses, and harass them or intimidate them from voting."

Politico's story, which was later repeated by the usual suspects, claimed such a database would be a "gold mine" for hackers.

Digital security experts say the commission’s request would centralize and lay bare a valuable cache of information that cyber criminals could use for identity theft scams — or that foreign spies could leverage for disinformation schemes.
“It is beyond stupid,” said Nicholas Weaver, a computer science professor at the University of California at Berkeley.

Then they cite Joe Hall, chief technologist at the "Center for Democracy and Technology, a digital advocacy group."

..."[T]his is such a high-profile and not-so-competent tech operation that we're likely to see the hacktivists and pranksters take shots at it.”

What is the Center for Democracy and Technology? The founder, Jerry Berman, is a Berkeley-educated attorney who was Chief Legislative Counsel for the ACLU from 1978-1988, and was also a director at the Electronic Frontier Foundation. One of its newest board members is Philippa Scarlett, an alum of Eric Holder's DOJ and President Obama's Deputy Intellectual Property Enforcement Coordinator. They sponsor the annual "Tech Prom" in DC and have come under fire for their silence on privacy issues relating to big donor Google

The group also has strong ties to Berkeley, so it's not surprising that this Politico story quotes a computer science professor from that institution.

Let's see what the letter actually says. In this copy, sent to North Carolina Secretary of State Elaine Marshall, Kobach states that the commission will be:

"...[S]ubmitting a report to the President of the United States that identifies laws, rules, policies, activities, strategies, and practices that enhance or undermine the American people’s confidence in the integrity of federal elections processes."

If the above quote referenced a desire to investigate possible Russian interference in the election and talked about the people's confidence in the integrity of the process, I doubt any Democrats would be refusing to take part.

Kobach then asks for input from the state officials, asking seven specific questions. The request for data comes after that.

"In addition, in order for the Commission to fully analyze vulnerabilities and issues related to voter registration and voting, I am requesting that you provide to the Commission the publicly-available voter roll data for North Carolina, including, if publicly available under the laws of your state..."

... and then lists the data Politico referenced. He asks for the data by July 14, but doesn't state it as a deadline, and offers both an FTP transfer site for file upload and an email address for replies to be sent to. Presumably the data files would be sent by FTP since they'd be too large to attach to an email. (Some publications have characterized the commission as technically inept, claiming they asked for such sensitive data to be transmitted via email, which is ridiculous based on file size alone.)

As for that "vow" to make the data public? Here is the verbiage:

"Please be aware that any documents that are submitted to the full Commission will also be made available to the public."

Hmmm, sounds like a boilerplate "public records" warning to me, and is probably more of a caution for state officials to keep in mind when drafting documents responding to the request for input - especially since the only voter data requested is already available to the public.

That sentence does not in any way say they are creating a publicly-accessible database.

It is extremely clear that the commission is only asking for publicly-available voter roll data. Each state's voter roll data has some form of it available to the public, and each state has its own way of providing that. In my county, I would make a request to the Board of Elections then drive to their office to pick up a CD with data in an Excel file.

Every state's voter roll data is also commercially available through various vendors, who have put the data into a more easily manipulatable format. How do these people think door-to-door canvassers know where to go? How do they think they know whether someone is registered Republican or Democrat? Or, as with the brouhaha over a mailer during the Iowa caucus in 2016, how do they think people know if they voted in the last election?

So here's the deal. All of the information requested is already publicly available, and already online - just not in one big database. There is one database with 20 states' data, the Electronic Registration Information Center. Is that not a "gold mine" for hackers? Or what about the IRS, Social Security Administration, or VA databases? They're sitting there with a trove of private information, waiting to be hacked. The hacking fear is completely baseless.

In many of the stories there's a sentence or two admitting that the commission is only seeking publicly-available information, but the spin masters and pundits still sit on TV and feign outrage at attempted privacy violations and frame this as the first step toward massive voter suppression and a totalitarian Trump government. Just stop.