The US election season officially kicks off on Monday in Iowa. It’s a famously low-tech affair.
Voters gather in small groups in meeting places across the state. They make their choices known by standing in different parts of the room according to the candidate they support. And then after some discussion and some shuffling, voters make it official with pen on paper.
Yet despite the old-timey feel of it all, the modern threat of hacking and other kinds of election manipulation will hang heavy over the proceedings. Everyone will be watching to see if a renewed investment in election security by the federal government—an investment most experts say came too little and too late—will pay off.
It wasn’t until 2018, two years after the surprise election of US president Donald Trump, that lawmakers finally moved to strengthen election security, setting aside some $380 million to be distributed to states. Before then, the last time Congress spent money on election security was in 2002.
That was before Wikipedia, before Facebook and Twitter and YouTube, before the iPhone.
During that 16-year gap, experts say the country’s election infrastructure deteriorated, leaving all kinds of opportunities for outside forces to meddle in what is supposed to be the world’s premier democracy. The most famous example was laid out by the Senate Intelligence Committee, which found that in 2016, Russian hackers were able to exploit holes in American election infrastructure with an “unprecedented level of activity.”
Experts say the money Congress set aside for election security in 2018, and then again in December 2019, is just a fraction of the billions actually needed to prevent a repeat of the kind of interference seen in the 2016 election. Lawmakers gave states until 2023 to spend the money released in December, which means much of it won’t have been spent before the 2020 presidential election.
As a result, the majority of US states are still using antiquated electronic voting systems that are prone to hacking. At least eight states rely on voting procedures that don’t offer any kind of paper trail at all, which is essential for verifying results in the event of a dispute.
“I certainly think we should get rid of paperless machines, but we will have about 16 million people voting on paperless machines in 2020,” Lawrence Norden, director of the Election Reform Program at the Brennan Center of Justice at New York University School of Law, told Quartz in December.
Even Iowa, which boasts perhaps the most secure voting process of them all, has introduced new technology that worries some experts. The Iowa Democratic Party will be using a smartphone app this time that is connected to the internet and designed to help tally and transmit election results. It’s been described as a “fancy calculator.”
Troy Price, the chair of the state’s Democratic Party, told NPR that the state had taken precautions to ensure the security of the vote.
“We as the party have taken this very seriously, and we know how important it is for us to make sure that our process is secure and that we protect the integrity of the process,” he said.
While the smartphone app presents a possible entry point for a hacker, it would be difficult to actually change the results of Iowa’s election. Any discrepancies in the reporting would be immediately noticed by the caucus-goers themselves, who all stand in groups and therefore know for which candidate their precinct will vote. But if the state announces the wrong results, which are then corrected, it could still sow distrust in the whole process—right at the outset of a highly contested presidential election.
In recent months, election monitors and other groups have been holding election simulations, both to train local officials and to determine possible vulnerabilities. In one recent simulation, where police and other government agents faced off against a team of hackers, things did not end well. Using a disinformation campaign, coupled with the targeting of transportation infrastructure, hackers managed to bring an imaginary city to a standstill, sowing chaos and forcing officials to cancel the election altogether.
In that model, 32 people were killed and hundreds were injured.