A smartphone app, which was reportedly made by a firm called Shadow, appears to be at the center of the confusion. The app was designed to help precinct chairs send the results to the Iowa Democratic Party headquarters, but reports that volunteers were unable to download or properly use the app suggest that this new way of doing things did not go smoothly. A number of volunteers resorted to calling the state party to report results, and many reported being left on hold indefinitely due to busy phone lines.
Iowa Democratic Party (IDP) communications director Mandy McClure issued a statement saying there was a “reporting issue” late Monday night:
We found inconsistencies in the reporting of three sets of results. In addition to the tech systems being used to tabulate results, we are also using photos of results and a paper trail to validate all results match and ensure we have confidence and accuracy in the numbers we report. This is simply a reporting issue, the app did not go down and this is not a hack or an instruction. The underlying data and paper trail is found and will simply take time to further report the results.
The IDP issued another statement on Tuesday morning providing more details about what exactly happened. One problem seemed to be that the smartphone app was not reporting complete results:
As precinct caucus results started coming in, the IDP ran them through an accuracy and quality check. It became clear that there were inconsistencies with the reports. The underlying cause of these inconsistencies was not immediately clear, and required investigation which took time. …
As part of our investigation, we determined with certainty that the underlying data collected via the app was sound. While the app was recording data accurately, it was reporting out only partial data. We have determined that this was due to a coding issue in our reporting system. This issue was identified and fixed. The application’s reporting issue did not impact the ability of precinct chairs to report data accurately.
The IDP went on to say that “the required paper documentation” confirmed that the “data recorded in the app and used to calculate State Delegate Equivalents is valid and accurate.”
Monday night was Iowa Democrats’ chance to vote for their preferred presidential candidate in the state’s caucus, and the results will give us our first indication of who may ultimately win the party nomination. It would also be our first look at how states are upping their presidential election cybersecurity game since 2016, when Russia attempted to hack US voting machines — and which it is likely to attempt again this election cycle, and with four more years of experience.
With cybersecurity fears mounting, Iowa’s Democratic Party instituted a revolutionary new tool that no computer hacker can possibly defeat: a 2,200-year-old technology called “paper” as a backup to the new smartphone app that was designed to help tally votes. A few hours before the caucuses began, Bloomberg reported that some precinct chairs were having trouble downloading the app and logging in. That meant they’d have to call in the results instead, possibly delaying the results by several hours. Late on Monday night, some precinct managers reported waiting on hold for more than an hour while trying to report results.
While it so far appears that the Iowa caucus results might not be skewed by Monday night’s difficulties, the threat of a damaging technical failure in the 2020 election is not without precedent. In the wake of the problematic punch-card ballots that might have decided the outcome of the 2000 presidential election, electronic voting machines were seen as a way to improve accuracy and make elections more accessible. But after years of issues with the machines and fears that they could be hacked — culminating in the 2016 presidential election — many states dialed back their march toward a paperless future, returning to paper voting machines and paper backups.
The Iowa caucuses don’t rely on voting machines at all; rather, caucus-goers meet at various precincts across the state and (in the case of Democratic caucuses, that is; Republicans have a different system) literally vote with their feet. They stand in different sections of the room depending on who their presidential nominee of choice is. It’s not the most scientific process, but, as the first presidential nominating contest in the country, the result gives the winning candidate momentum heading into presidential primary season. The Iowa caucuses have predicted the correct Democratic nominee in seven out of 10 contested caucuses since it began in 1972. It hasn’t gotten it wrong since 1992.
The Iowa Democratic Party and the Democratic National Committee have instituted a few new measures this cycle that they say will increase security following allegations that Russia hacked the 2016 election. But some experts believe even these measures are not enough to ward off a determined and skilled hacker. It also remains unclear how Monday night’s confusion will impact future primaries. For example, Nevada was reportedly planning to use the smartphone app made by Shadow for its own primaries on February 22 (the state’s Democratic Party has since changed its mind).
One of the chief concerns ahead of Iowa’s caucuses was the fact that volunteers were supposed to be using an app to calculate and register their precincts’ votes — an app installed on their personal smartphones. As we’ve seen, smartphones can get hacked even in the best of circumstances. If one of the richest men in the world can have his cellphone hacked, how secure is a caucus volunteer’s smartphone?
That said, it now appears that the app itself didn’t work the way it was supposed to even in the absence of a hack. Linn County Auditor Joel Miller told the Des Moines Register before caucus night that he was hopeful about the app’s security, pointing out that people routinely use smartphones for important transactions.
“We use smartphone apps for banking every day,” he said. “Hopefully this is as robust and secure as the banking applications.”
But it seems that the smartphone app may have done more harm than good.
Party leaders offered few details about the app’s security measures. The New York Times reported that the app has been tested by security experts and the Homeland Security Department. In 2016 — a simpler, more innocent time — both parties used a vote-counting app that was designed by Microsoft. Volunteers who do not wish to use the app or don’t have a smartphone can always call in the results through a hotline.
And, as an added measure of security and for the first time in caucus history, the Iowa Democratic Party instituted a “paper trail,” giving caucus-goers a card on which they must write their preferred candidate’s name and their signature, to be collected by the caucus precinct. Laws requiring some kind of paper record for votes vary state to state, with only 13 not requiring them at all. Iowa, for the record, is one of 14 states that require paper ballots (this is a caucus, not an election, so the law does not apply in this case). It now appears that the new paper system has served an essential purpose in verifying the results collected on the faulty smartphone app.
Nevertheless, the problems at the Iowa caucus point to challenges ahead in the 2020 election. Russia’s most effective tool in influencing the 2016 elections, after all, was not hacking voting machines or hijacking apps. It was a widespread disinformation campaign that largely played out on social media. Russia will almost certainly continue this strategy in 2020, and social media platforms say they are attuned to the threat and have instituted various measures they believe will prevent the anticipated misinformation onslaught. Their ability to identify and remove hoaxes from their platforms, however, remains spotty.
The Iowa caucuses are a quirky process but a symbolically important one, both for who wins them and for their ability to resist interference attempts from bad actors. The shortcomings of this new smartphone app certainly delayed the final results, but thanks to the new paper trail, it appears that the Iowa Democratic Party says it will ultimately report the correct tally anyway. The most damaging part of this incident could very well be the ominous tone or feeling of uncertainty it will cast over the rest of election season.