ProPublica is a nonprofit newsroom that investigates abuses of power. Sign up to receive our biggest stories as soon as they’re published.
The Kansas Secretary of State’s office has announced it will indefinitely suspend the use of controversial technology meant to identify voter fraud after concerns were raised about security risks.
The technology had been heralded by former Secretary of State Kris Kobach, a Republican who in recent years has been one of the most prominent promoters of the alleged menace of voter fraud across the country. The computer program, known as CrossCheck, matched various state voter rolls against each other, identifying duplicate voters by first name, last name and birthdate. Critics called the program a cynical effort meant to suppress the vote among people of color.
The ACLU of Kansas sued the state over the use of the program, asserting it was a security disaster that wound up making the voter rolls vulnerable to hacking, and the announcement this week abandoning the program is one element of a settlement of that lawsuit.
Joe Hall, the former chief technologist for the Center for Democracy & Technology, had called the problems with the program “complete operational security incompetence.” Other experts had also alleged that the program had an extraordinarily high false positive rate, meaning supposed examples of people being registered in multiple states were often wrong.
In November 2017, reporting by ProPublica and Gizmodo showed that the program was run on insecure servers and that its administrators regularly exchanged passwords by email. Lauren Bonds, the legal director for the ACLU of Kansas, cited that reporting in the legal action against the state.
The Kansas Secretary of State’s office — now run by Scott Schwab, a Republican — has repeatedly said that no matches have been performed using the program since late 2017. In January 2018 — after criticism of the program’s security reached a fever pitch — the office announced it would delay matches in order to allow the Department of Homeland Security to perform a security review. DHS completed that review in February, confirming vulnerabilities. A spokesperson for the office would not say whether media coverage prompted Kansas to request the review.
The ACLU’s litigation was filed in June 2018. In a statement, Schwab — Kansas’s current secretary of state — said that election security has been his offices “highest priority,” and that progress had been restrained by the “ACLU’s odd insistence of (sic) filing costly litigation.”
“Our office expects future disagreements to be resolved responsibly, through communication and collaboration, not courtroom confrontations motivated by financial gain at taxpayer expense,” he said.
Kobach did not respond to an emailed request for comment.
Bonds said that Schwab was far more willing than Kobach to settle. Schwab had, in private conversations with activists and constituents, previously expressed hesitation about Kobach’s heavy-handed approach.
One security issue involving the technology occurred in Florida, which was one of nearly 30 states to submit their rolls to CrossCheck to check for duplicate registrants. In January 2018, a Kansas resident filed a records request with Florida for documents concerning CrossCheck. In response, Florida released the partial social security numbers for nearly 1,000 Kansas residents unredacted.
Do you have access to information about voting or election security that should be public? Email [email protected]. Here’s how to send tips and documents to ProPublica securely.
Filed under: