On Friday afternoon, I participated in an interesting panel discussion at the IACREOT conference in San Francisco. Conny McCormack (LA County’s chief election official) moderated the discussion, Tim McNamara (currently an election official in San Diego County, soon to move up to LA County to work with Conny), and I had an interesting and productive discussion about threat assessment for election administration.
Tim’s comments covered two different topics. First, as he has been involved in the NIST threat assessment process, he summarized that for the audience and talked about many of the threats that have been researched so far in the NIST process. Second, Tim talked more specifically about his experiences, and thoughts, about threat assessment. There were four things that Tim discussed that I found very useful:
- He defined a threat as “an attack on an election function so that it doesn’t work as intended.”
- He talked a lot (reiterated by Conny’s comments and experiences) that at this point many of the claimed threats, which may in fact have a very low likelihood of being realized, are themselves eroding confidence and are becoming an increasing workload on election officials [as an aside, later in the discussion Conny mentioned that she has a person on her staff who is devoted to dealing with public information requests and inquires, a new phenomenon].
- He emphasized that we need a process of practical mitigation for real elections (a point that I emphasized as well in my comments).
- He recommended the development of a “threat advisory consortium”, involving election officials and academics, a great recommendation.
Here’s a photo of me giving my comments and thoughts to the audience. And here is a pdf file of the outline of my talk.. One point of departure from Tim’s comments came early in my talk, when I borrowed Tim’s definition of a threat, but broadened it to include the more general (and perhaps sometimes more practical) threats that election officials face that may not be intentional; I defined threat as “something that jeopardizes an election function so that it doesn’t work as indended.” Not again that Tim’s definition (“an attack”) is more focused on the narrower set of intentional threats, whereas mine is broader to include the sorts of unintentional threats that election officials must plan for, and work to mitigate.
In my talk, I outlined the reasons why election officials, at the federal, state, and local levels, should work to undertake threat assessment and contingency planning to the extent possible. I gave some examples of places where they can get other models (including studying existing best practices across the nation and world, academic research on election threats and fraud, the NIST threat assessment process, other research by other government entities that have existing research on threat assessment, and other resources); at some point in the very near future I’ll work to develop these resources in a single place either here or on the VTP website, and when that happens, I’ll post a note here.
This discussion, and conversations I had with other election officials and vendors at the conference, led me to realize that election officials today are quite concerned about alleged threats to their electoral processes. Some election officials are being very proactive, and are devoting resources to threat assessment, contingency planning, and public education. Others are in a more defensive mode, and are very worried about how threat allegations are making their work more difficult and consuming the time and energy of their staff.
The bottom line, as I repeated in my talk, is that election officials have to be ready: bad things will happen, and in today’s environment the mere threat of bad things happening can erode confidence in the process. Thus, planning for when bad things happen is imperative for election administration today. And Tim’s idea of the development of a “threat advisory consortium” is a very good one; hopefully there will be interest among election officials in developing such a process.