Skip to Content

Cybersecurity & Standards, Elections & Democracy

The Voter Fraud Commission Wants Your Data — But Experts Say They Can’t Keep It Safe

ProPublica:

The voter-fraud-checking program championed by the head of the Presidential Advisory Commission on Election Integrity suffers from data security flaws that could imperil the safety of millions of peoples’ records, according to experts.

The emails and records revealed numerous security weaknesses. Crosscheck’s files are hosted on an insecure server, according to its own information. Usernames and passwords were regularly shared by email, making them vulnerable to snooping. And passwords were overly simplistic and only irregularly changed.

“It blows my mind — this is complete operational security incompetence,” said Joe Hall, the chief technologist for the Center for Democracy & Technology, an organization that promotes internet freedom. “You should consider all of that stuff in the hands of people who are clever enough to intercept someone’s email.”

Full story here.

Related Reading

The CDT logo. A light and dark grey "cdt" alongside "Center for Democracy & Technology" on a white background.

Deprecating third-party cookies: a small step towards a more private web
Graphic for CDT's European office. Pale blue / green pixelated background, with a portion of the EU flag's circle of stars emblazoned in white on top.

EU Tech Policy Brief: March 2024
The CDT logo. A white "cdt" alongside "Center for Democracy & Technology" on a dark grey background.

CDT Hosts Roundtable on Generative AI and Elections with U.S. Department of State Bureau of Cyberspace and Digital Policy