Via David Becker for The Hill
It’s an understatement to say the Presidential Advisory Commission on Election Integrity’s request to every state for highly-sensitive personal information on every U.S. voter is raising major concerns among leaders in almost every state.
Chaired by Vice President Pence and co-chaired by Kansas Secretary of State Kris Kobach, both Republicans, they asked for data including voters’ dates of birth, political party, last four digits of Social Security numbers, felon status and military status. The commission gave the states the option to send all this personal information by e-mail and said that all documents submitted to the commission would be “made available to the public.”
Dozens of states, from deeply blue to deeply red to everything in between, either refused to provide any personal data on voters, or agreed only to provide the minimum of what the law in their state required (usually just name, address and political party information).
Incredibly, even secretaries of state that serve on this commission, including Secretaries Lawson of Indiana, Dunlap of Maine, and Gardner of New Hampshire, and Secretary Kobach himself, have refused to turn over all the information requested. And for good reason.
In almost every state, the data requested is protected by law, and by sophisticated security measures. The reason why is obvious — this information could be easily misused for purposes of identity theft, or worse.
Imagine if the commission obtained a complete list of all voters who serve in the military, with their home addresses, or a list of every voter’s date of birth and partial Social Security number, and made that public to anyone with an internet connection? For these reasons, privacy advocates have strongly advised states not to comply with this request.
Why is the panel seeking to create an unprecedented national dataset of personal information of Americans to be made available to the public?
The commission would only say that they needed to “fully analyze vulnerabilities and issues related to voter registration and voting.” There were no specifics related to how this data would allow such an analysis, what the methodology would be, and what conclusions they might be able to reach.
And therein lies the problem. There are only two ways that the commission’s request could have gone. First, they could have hoped that the states would just hand over reams of highly confidential personal to create a national public repository. This would have likely violated many laws, and served as a treasure trove for anyone seeking to steal personal data or intimidate members of the military.
Or, the commission should have anticipated that the states, taking seriously their roles as caretakers of their citizens’ information, would resist such a national consolidation of personally identifiable information, and realized their best case scenario was obtaining only the public voter file – essentially name and address. But anyone with the slightest experience with voter data would tell you that such data is essentially worthless for any analysis.
I’ve worked with voter data for many years, having led one of the leading studies on inaccuracies of the voter lists. We found was that one needs multiple data points beyond name, address, and even date of birth, to effectively analyze voter data.
For example, imagine finding a voter record for a Sean O’Hara living at 123 First Street in Los Angeles, California, and another for a Sean O’Hara living at 456 First Avenue in Las Vegas, Nevada. Based on just that information, it’s impossible to confirm if those records reflect the same Mr. O’Hara, or much more likely two different individuals with the same common name. Adding the birthdate doesn’t help much, as many people with the same name share a birthdate, a phenomenon known as “The Birthday Problem.” Indeed, a recent research paper concluded that using only name and birthdate results in 200 times as many false matches as correct matches.
I led an effort several years ago, working with election officials of both parties and experts to solve the problem of inaccurate voter records, most of which are not due to fraud at all, but rather because so many Americans move between elections. We realized early on that we needed a sophisticated methodology incorporating multiple data points to be at all useful, and we needed to develop a comprehensive legal, physical, and technical security framework to protect that process and the data within.
The result was the Electronic Registration Information Center (ERIC), a data center which helps states keep their voter lists more accurate than ever before. ERIC is run and funded entirely by the politically diverse states that chose to join it — states as blue as Oregon and Connecticut and as red as Alabama and Utah.
And the twenty states that make up ERIC mandated a comprehensive security plan that anonymizes all private data and protects its transmission and storage. In the five years since its founding, ERIC has helped states update the voter records of over 5 million Americans, ensuring fewer problems at the polls.
These efforts are well-known to members of the commission, and in fact, membership in ERIC was recommended by the Presidential Commission on Election Administration (PCEA) only three years ago.
But this current commission didn’t take the care to develop a plan to protect the data first, and justify its use, dooming this effort to failure. And if it had, the data it requested was unlikely to be useful.
Even worse, all these taxpayer resources are being spent to research a question to which we already know the answer – the extent to which voter fraud exists. On this point, every piece of research conducted by states both red and blue, academics, and even the Bush Department of Justice, agrees – voter fraud exists but only barely. It is extremely rare, comprising only thousandths of a percent of the total ballots cast.
Which begs the question– why is the federal government marshaling considerable taxpayer resources to collect data it shouldn’t have, to reach a conclusion it cannot possibly reach, to prove something we already know isn’t true?
Sadly, the answer may have been provided by the president himself last week, when he tweeted that the commission was actually a “voter fraud panel.” This traces back to the President’s entirely unsubstantiated claims post-election that he “won the popular vote if you deduct the millions of people who voted illegally.” The White House cited a Pew report to justify his claims – a report which says absolutely nothing about voter fraud. I should know – I authored that report. Perhaps some of the commissioners themselves are wondering what they’ve gotten themselves into, as one of the Republican members of the commission resigned Monday, before the commission had even met.
So as we celebrate our nation’s birthday this week, the president of the United States is squandering taxpayer resources putting Americans’ personal data at risk to rationalize a statement everyone knows is false. Meanwhile, we face a real risk to our democracy– the continuing and increasing cyber attacks on our election infrastructure from Russia and other foreign adversaries.
I’ve been speaking with election officials all over the country this summer, including this weekend as the nation’s secretaries of state convene for their summer meeting, and I can say that all of these professionals – Republicans and Democrats, state and local – are laser-focused on this issue, and working tirelessly to ensure their voters can feel confident that their votes will count.
But regarding the very real threat of foreign interference in our elections, the White House seems singularly unconcerned.