Protecting the Perilous Path of Election Returns: From the Precinct to the News

We consider the vulnerabilities attending the reporting of election results to the public that arise because of the use of technology. Attacks on election reporting capabilities in Knox County, Tennessee in 2018 and Ukraine in 2014 illustrate many aspects of the challenges facing election officials as they try to protect the reporting of election results from malicious attacks. In considering the vulnerabilities that face American systems generally, we start by sketching out a generic description of the election-reporting system in the United States. This sketch highlights both the formal and informal flow of information through the reporting system. The information nodes themselves are vulnerable to attack, but more importantly, information flow at uneven rates, which provides raw material for those bent on causing chaos and undermining confidence in the vote counting. We conclude by considering what might be done to protect the election-return-reporting system against vulnerabilities. We frame that discussion in terms of NIST’s cybersecurity framework of “identification, protection, detection, response, and recovery.” Although there are technological fixes that can help to undergird resilience in this system, attention must be paid to the education of the public and the media about the contingent nature of the election results that are reported in the days immediately following Election Day.