Tillis, Interstate Crosscheck, Big Data, and you

You've no doubt heard and read about the heart palpitations among our Republican state leaders today when Thom Tillis announced evidence massive voter fraud, which seems to have turned out to be about 700 people *alleged to be* voting here in NC and another state in the last election, about .00075% of the total voter turnout in the state 101 million voter records that were claimed to be checked by Interstate Crosscheck, the service being used by the state.

Of course, it was an opportunity for Tillis and Company to defend and promote NC's voter restriction laws, called the "worst" in the nation and being challenged in court by the NAACP and the ACLU. Tillis and McCrory didn't use it as an opportunity to announce any investigations or sharing of what was found with the FBI since what might be going on here besides felony voter fraud is identity theft or other activity.

Who cares about investigating possible felonies when there's a press release to push out, really?

What's more disturbing to me is how this suspected voter fraud was found.

At the heart of Tillis's evidence are some disturbing questions about data the state of North Carolina has about you, how secure that data is, and what might be happening or could happen with it.

Until the revelations about the NSA collection of cellphone metadata, the field of "Big Data" was something of interest only to a small group of academic researchers, commercial marketers, and political consultants. As with the NSA cellphone metadata collection, it isn't the content of the information that matters as much as how it can be analyzed and cross-checked to infer more detailed information. With this voter fraud effort that Tillis and other Republican extremists in NC have bought into, the idea of "Big Data" is something you need to be concerned about if you want to protect your voting rights.

State lawmakers mandated that the State Board of Elections enter into the "Interstate Crosscheck", an interstate consortium that checks the voting records of 28 states. It includes 101 million voting records.

Vicki Boyer, in a comment on the story, highlighted some interesting facts about Interstate Crosscheck from this article at AxisPhilly.

"The program was developed by Kansas Secretary of State Kris Kobach, a Republican ....He also has championed voter ID laws, and drew support from one side and lawsuits from the other when he imposed a citizenship check on voter registration. The ACLU, says Daniel Ho, director of its Voting Rights Project, is preparing to sue Kobach for violating the National Voters Rights Act."

Right Wing Watch has a number of posts on Kobach's activities around illegal immigration and voter restrictions. He's been roundly mocked by protestors for his voter restriction actions in Kansas.

Kobach's tactics and rhetoric should be familiar to anyone following voter restriction laws here in NC. He was highlighted in a 2011 Rolling Stone piece on the Koch brothers backing of GOP groups to restrict voting.

No one has done more to stir up fears about the manufactured threat of voter fraud than Kansas Secretary of State Kris Kobach, a top adviser in the Bush Justice Department who has become a rising star in the GOP. "We need a Kris Kobach in every state," declared Michelle Malkin, the conservative pundit. This year, Kobach successfully fought for a law requiring every Kansan to show proof of citizenship in order to vote – even though the state prosecuted only one case of voter fraud in the past five years. The new restriction fused anti-immigrant hysteria with voter-fraud paranoia. "In Kansas, the illegal registration of alien voters has become pervasive," Kobach claimed, offering no substantiating evidence.

Kobach also asserted that dead people were casting ballots, singling out a deceased Kansan named Alfred K. Brewer as one such zombie voter. There was only one problem: Brewer was still very much alive. The Wichita Eagle found him working in his front yard. "I don't think this is heaven," Brewer told the paper. "Not when I'm raking leaves."

Vicki pointed to some of the deceptive uses of the data collected by the "Interstate Crosscheck" program to highlight so-called voter fraud - all that's required to get a "hit" for possible voter fraud is a match on first and last name and date of birth.

An excerpt from the AxixPhilly piece:

Following his state’s participation in the Crosscheck program, Ohio Secretary of State John Husted announced: “This report demonstrates that voter fraud does exist,” citing numbers in the hundreds to back up his claim. In fact, his office referred only 20 cases to law enforcement and none have resulted in charges so far.

Earlier this year, Colorado Secretary of State Scott Gessler announced that the Crosscheck had helped identify 17 cases of alleged fraud, which were submitted to the Boulder County District Attorney’s office for investigation. In July, the Boulder D.A. announced that none had involved fraud and called Gessler’s actions “politically motivated.”

Vicki noted in her comments that "...within the 28 states that participate in this "Interstate Crosscheck" program, there have been 10 (TEN) cases of possible (POSSIBLE) voter fraud turned over to law enforcement or the FBI for further investigation."

The "Interstate Crosscheck" program asks states for "13 items of data" for each voter. According to the Axisphilly piece, these include the last four digits of their social security number and middle name. A PowerPoint promoting the program, prepared by the Kansas Department of State for the National Association of State Election Directors, outlines this in more detail:

  • First name
  • Middle name
  • Last name
  • Suffix
  • Date of birth
  • Last four digits of SSN
  • Address of residency
  • Zip code of residency
  • Election you voted in

The PowerPoint presentation only says that the data is uploaded to a secure FTP server in Arkansas, then processed by the Kansas IT department and results uploaded to the FTP server, and that Kansas deletes all the information.

If the PowerPoint is to be believed and, indeed, this is all the data that's being collected, the big point of concern with the information being collected by the Kansas state department from these 28 states is how the data is being handled. They say it's uploaded to a "secure server", but what happens after that? Are there secure procedures for handling the data while it is being checked for suspected "voter fraud"? Who has access to the data? Do state employees or commercial contractors in different states have access to their own data or data from other states? What are the disposal procedures for destroying the data?

The "Interstate Crosscheck" program has this information. What could someone do with it?

Political marketing

You've probably noticed the plethora of billboards; radio, tv and web ads; and telephone calls that accompanying a campaign from the campaigns themselves and issue groups like Americans for Prosperity. With the precinct level results of the election, political consultants and marketers can get a general idea of the kind of results particular advertising messages and methods have on the outcome.

However, with this additional data that shows who showed up, the Board of Elections data on each voter could be cross-referenced with data about individual voters from marketing firms or credit agencies, giving consultants and marketers a detailed picture about their messaging and advertising that goes beyond just political affiliation to see, for example, if voters from certain income brackets, racial groups, or even your presence on social media, like Facebook.

Marketers call this "engagement" - going beyond "mass media" advertising to targeted messaging that motivates consumers/voters and how they can respond to that motivation.

While this can be done at the state level, having this detailed information across states would allow political consultants and advertisers to run a variety of scenarios or "test" campaigns in elections, targeted at different types of voters/consumers across a broad geographic area.

Don't you think this would be useful to a group like Americans for Prosperity if, for example, they were wondering what message about Obamacare seems to motivate voters in a particular age range and income bracket that happen to shop at certain stores or who "like" particular items on Facebook?

Do we have any assurances that the data being collected by the Kansas department of state won't be used in such a way?

Election planning

With information about specific voters that turned out, cross-referenced with their polling place, it would be easy to use this information to see what types of voters turned out and where they voted to create a larger plan on counties or precincts where restricting voting hours or days or moving a polling location might have a significant impact on the possible outcome.

While general information about registration and election outcomes gives you big trends in an area, more specific voter information would allow you to coordinate this effort more closely, concentrating on moving particular polling places or getting specific voting days and hours in place that are worth bothering with for the result you want.

It also gives legislators and state official "cover" - if, for example, they were sued over voting restrictions, they could just point to local election boards for the decisions made at the city, county or precinct level.

Using data from across states, it could be useful to run projections on how these restrictions on voting might impact a Presidential race or, if combined with marketing data, how issue ads or phone calls might play out nationally or regionally.

How do we know that this voter information couldn't be copied and passed to political operatives for planning polling place and voter hour restrictions?

Criminal activity

Identity theft is a big problem in our connected world. Sometimes, only pieces of information about an individual can be assembled by a crook to get a line of credit or carry out other activity. As the recent Target credit card breach shows, criminals try to gain large databases of consumer information to slice, dice and sell on the open market.

A crafty criminal just needs the last four digits of your social security number and a little more information about you to guess the rest of your SSN. Cross-referencing data collected as part of the "Interstate Crosscheck" program to birth records would give criminals what they need to have the full Social Security numbers of many voters.

Do we have any assurances that the data being collected by the "Interstate Crosscheck" program is secure and won't fall into the hands of criminals?

Ask questions

Is this data being collected by Kansas Secretary of State Kris Kobach being used for any of the purposes I've described? I have no idea. I'm simply pointing out the value this data would have to campaigns, issue advocacy groups and political operatives.

This data, at least without Social Security numbers, is public information and has been used (and misued) by groups like Voter Integrity Project of NC, Art Pope's Civitas, or local political parties and organizations. However, amassing such a large database of voter information from multiple states, including part of the voter's Social Security numbers, where procedures and accountability aren't made clear, is something new.

While "voter fraud" is a convenient issue for conservatives to rile up the anti-immigrant and racist base, I do have to wonder if there's another motive for putting so much time, effort, and money into collection of such a large database of voter information when the actual cases of voter fraud prosecuted because of this program are so small.

As North Carolina citizens, I do think we have a right to ask some tough questions about what is happening to this information and to see, in detail, what policies and procedures are in place to protect it. Since this is a project that reaches across state lines, what assurances do we have that someone in Kansas, Arkansas or another state that can access the data can be held accountable under North Carolina law if criminal activity or political misuse of this data occurs?

Karl Rove and the Koch brothers are interested in Big Data. Shouldn't you be?

Comments

Thanks teddyrooseveltprogressive

Great, comprehensive connection of the various dots. Two nitpicks: the 0.00075% I cited earlier is the proportion of the number of records that Dizzystate Kobachwreck Interstate Crosscheck claims to check (about 101 million), not the proportion of voter turnout. And it remains to be seen whether or not those approximately 700 people actually did vote in two states in the same election. We know that Pissingrate Falsepeck Interstate Crosscheck's data is faulty and produces false positives.

In any case, you've laid out the facts and some very real concerns.

Thanks for delving into this. It seems to be making a difference -- now that the misleading alarms sounded by Tillisberger are being debunked, even Fox News has toned down its original alarmist headline and moved the story from the featured above-the-fold group to a hidden below-the-fold group.

-------------------------------------------------------
"What I see from the folks who are opposing our agenda is whining coming from losers." -- Thom Tillis

The message

Many thanks, Posmo.

The main message for me out of all this, besides the use of the data by the right-wing extremists to pass voter restrictions, is one very simple fact - Tillis, Berger and the other Republicans in the state legislature are tossing your personal data - including partial SSNs - to individuals outside of the state with absolutely no accountability under state law, creating a very real potential for criminal activity like identity theft.

And our state officials have been close-mouthed about how much information is actually shared with this program - the PowerPoint I found gives the "data points", but do we really know if Kobach isn't getting more information, like voting locations and times of votes by individual voters?

Any IT professional worth his salt will tell you that managing personal data requires limiting data sharing to trusted parties with strong accountability in place. Social Security numbers - even partial SSNs - are not recommended for use as a unique identifier and companies have been moving away from using them for years because a name and date of birth are all that are needed for a partial SSN to get the full number, allowing for easy identity theft.

I'm seeing a very cavalier attitude by our state legislators to your personal data here. That should be disturbing to everyone, no matter their political party affiliation.

Chiming in

This is excellent and comprehensive ... and a joy to see (though not a joy to read about such sleaze). Very well done.

But it's not like

the Tillisberger shared our data with a complete whack job with no respect for constitutional rights.

Oh, wait...

-------------------------------------------------------
"What I see from the folks who are opposing our agenda is whining coming from losers." -- Thom Tillis

Very good work, Teddy!!

Very good work, Teddy!! Thanks!

Media report??

I wonder if the lazy corporate 'media' will take the time and make the effort to study information like this and report the FACTS? Not if The Feudal Lord art pope has any say in it!

More on Interstate Crosscheck's data points, NC BOE hire

In the PowerPoint I saw online and other sources discussing Interstate Crosscheck when the story broke, it was said that the program asked for 13 "data points".

The Institute for Southern Studies put up a pdf obtained by the Pennsylvania ACLU of a conference call agenda by Interstate Crosscheck in December. There, it says there are 17 fields that participating states upload to the program.

The Institute also notes that the documents indicate that NC became a member of Interstate Crosscheck at least by December 2013.

Finally, the story at the Institute's site highlights the fact that the NC Board of Elections hired a public relations officer just one month ago who served under the Bush administration and a lobbying firm founded by John Ashcroft:

One of those promoting the findings of the North Carolina elections board's report this week was Josh Lawson, who was hired in March 2014 as the board's public information officer. A Duke law graduate, Lawson's bio shows stints in the Bush White House in 2006-2007. Lawson was also a "Personal Aide to the CEO" at the Ashcroft Group, a lobbying firm founded by former Attorney General John Ashcroft after Ashcroft left the Bush administration in 2005.

Ashcroft was one of the forefathers of the modern crusade against alleged voter fraud, launching a Voting Integrity Initiative at DOJ in 2002 and pressuring attorney generals across the country to more aggressively investigate and prosecute fraud. Despite the resources and attention focused on voter fraud, Ashcroft's efforts produced little evidence of criminal wrongdoing.

This is looking more fishy all the time, isn't it?

It's like everything else Republicans do

Fabricated evidence, hysterical calls for action, lies upon lies ... and the media slop it all up. Sound familiar?

Lapping it up

Well, if you were employed by a newspaper or tv station that was dependent on income from political ads paid for by big money donors on the Right, would you be inclined to raise much fuss about anything?

The primary audiences for newspapers and tv are getting older and declining as readers and viewers are faced with more choices because of the web. The days when a mass media outlet could afford to make a few advertisers mad because of a story are long gone. They just can't afford to offend anyone with money now.

Mr. Lawson

would appear to be a neutral, unbiased party.

Not.

-------------------------------------------------------
"What I see from the folks who are opposing our agenda is whining coming from losers." -- Thom Tillis

More on this

from our friends at ThinkProgress.

But there is substantial reason to doubt the accuracy of the matches. For years, North Carolina used a default date of birth of 01/01/1900 for voters whose date of birth could not be ascertained — Joshua Lawson, a spokesman for the North Carolina Board of Elections, confirmed to ThinkProgress that one of the 35,750 voters had the same name as an Arkansas voter who was listed with that default date in both states.

-------------------------------------------------------
"What I see from the folks who are opposing our agenda is whining coming from losers." -- Thom Tillis