Tech for Election Integrity

We are doing a 5 part series on how Holochain can save democracy. This is part four.

Another concern we face with democracy is election integrity. Are votes cast by informed citizens always legitimate? Cloud services from companies such as Amazon now dominate our elections, from campaign to voter registration, and including election services.

Amazon has been the very powerful (and very profitable) backbone of successful election campaigns in the United States going back to Obama. In the words of Amazon’s AWS Evangelist Jeff Barr,

The [2012] campaign used AWS to avoid an IT investment that would have run into the tens of millions of dollars. Along the way they built and ran more than 200 applications on AWS, scaled to support millions of users. One of these apps, the campaign call tool, supported 7,000 concurrent users and placed over two million calls on the last four days of the campaign.

Clearly, the cloud giant is focused on more than just campaigns. They have an entire suite of new, scalable governmental and election tools, including:

  • “Election as a Service” which enables rapid deployment and effortless scaling of critical systems for customers who administer, promote, and protect the electoral process.
  • “Elections Management” voter registration database services that fit unique applications and voter registration requirements.
  • “AWS GovCloud (US)” allowing election administrators to host sensitive Controlled Unclassified Information. This includes voter data and other types of regulated workloads at different stages in governmental process.

Amazon isn’t the only cloud company focusing on elections, though. Google’s sister organization, Alphabet Jigsaw, has turned its eye to election security with the “Protect Your Election” toolkit. A compilation of Jigsaw security tools bundled together for journalists, election officials, and news organizations were made to ensure websites remain up and resilient in the face of attacks during critical election times.

It’s worth considering the added value of distributing the holdings of such important data, rather than have them sit exclusively on Amazon’s servers. It’s not only that centralized data hosting is more vulnerable to attacks, but that the obvious choice should be having people in the voting population contribute to the infrastructure of election integrity. A large part of democracy is belief in the process, and trusting a global corporate behemoth to manage this integrity, when it could be done just as effectively by a people-powered cloud, just smells wrong. Holochain could improve our democracy by replacing AWS’ “Election as a Service”.**

However, some don’t believe any electronic solution will do any good. An article in the Atlantic makes the case for standardizing and securing voting technology:

Among many other needed measures promoted by nonprofit and nonpartisan Verified Voting, Congress should require standardized voting systems around the nation. It should insist on rock-solid security, augmented by frequent audits of hardware and software. Recounts should be performed routinely and randomly to ensure that verified-voting systems work as designed. The paper ballot generated by the machine should be the official ballot.

But there are also serious issues related to cybersecurity and voting online more broadly. Author Dan Gillmor draws attention to the sorry state of cybersecurity in general, suggesting that Congress should not even go so far as to allow online voting at all. What’s interesting is that he makes the argument that voting systems should stay decentralized by staying offline. Decentralization, when it comes to elections, is a critical feature. In light of Holochain’s decentralized model that includes cutting edge cryptographic security, it’s a shame that analysts and writers cannot envision elections that are both decentralized AND online, and for that reason tout returning to pen and paper. Do we really want to go back to the “good old days” for fear of moving forward?

Of course, Gillmor’s reason for not wanting to move deeper into the world of electronic voting is that paying for improvements creates a challenge typical of politicians’ handling of voting more generally: no one wants to spend the cash.

Even though hosting Holochain apps on Holo is many times more efficient than decentralized hosting using Ethereum’s gas, prices are projected to be comparable to AWS. The competitive difference, then, is evolvability. If someone creates an app that works for their city/state or other area, then other people get to use it in real time.

Being open-source makes Holochain usable legally by license, and the architecture of Holochain makes it easily composable and evolvable. So, if it’s trivial and really works to fire up a new instance of Holochain Election Services, new jurisdictions can try it much more easily. They can help each other with development and deployment without colluding with each other unnecessarily or centralizing the effort by using the same servers.

This issue is hot enough that it was covered on March 21, 2018, by the Senate Intelligence Committee with an Open Hearing on Election Security.

“States should rapidly replace outdated and vulnerable voting systems. At a minimum, any machine purchased going forward should have a voter-verified paper trail and no WiFi capability. If use of paper ballots becomes more widespread, election officials should re-examine current practices for securing the chain of custody of all paper ballots and verify no opportunities exist for the introduction of fraudulent votes.” Accompanying report to that hearing.

It looks like we’ll all have to stay tuned into the debates and proceedings at the national level. It may not be today or tomorrow, but in the long run, my vote’s for Holochain.

**(Want to view Amazon’s election customers?)