Don’t be surprised by mischief on Election Day. That’s the advice experts give about last-minute text messages, robocalls or emails purporting to instruct people (falsely) on where or when to vote.
Bogus text messages and a fake robocall have already popped up in Georgia and Florida, one of many states afflicted by attempts to skew the vote in the run-up to Tuesday’s midterm elections.
Early voting has been fraught with problems, including an investigation into alleged hacking of Georgia voter registration systems on Sunday and court battles in the state over who should be allowed on voter rolls, and snafus with antiquated voting machines in Texas. In Kansas, a federal judge upheld Dodge City’s decision to move the only polling place to what one resident called “the middle of nowhere” outside of town.
There are tougher ID rules for voters in North Carolina and Kansas, passed by Republican officeholders who want to keep their majorities. In North Dakota, where officials require a residential address in order to vote, thousands of Native Americans faced a scramble to obtain new state-issued or tribal IDs with street addresses, rather than P.O. boxes, even though their homes often lack numbers and their streets lack names.
Florida, Georgia, Kentucky, Pennsylvania and 16 other states saw their voter databases turn up for sale last month on the Dark Web, the murky underground internet. Combined, the databases contain names, genders, voter IDs, addresses, citizenship status and phone numbers for 81.5 million U.S. citizens.
All U.S. elections face a level of misbehavior. But the nation is on edge, given the Russian attempts to influence the 2016 election, followed by President Donald Trump’s false claims of massive voter fraud, which prompted some states to crack down with tough identification laws and concentrated polling places.
Digital weapons amplify the fear.
“People are more attuned to and worried about election security,” said John Fortier, director of the Democracy Project at the Bipartisan Policy Center, a Washington think tank that promotes bipartisanship.
Federal authorities have enhanced security cooperation with state and local election offices, and even granted temporary security clearances to scores of election officials across the country to keep them informed in the event of a major cyber-disruption.
President Trump warned Monday that the government should be vigilant for “illegal voting,” and said in a tweet that, “Anyone caught will be subject to the Maximum Criminal Penalties allowed by law.”
While the federal posture is indeed stronger, it may be of little consequence to U.S. voters facing intimidation.
Near Charlotte, N.C., a black Republican volunteer at a Mecklenberg County polling place reported being confronted with a gun and a string of racial slurs on Oct. 24. A 28-year-old man was later arrested for intimidation.
Bullying broke out in Texas.
“We are definitely getting a lot of reports of intimidation out of Dallas County,” said Anthony Gutierrez, executive director of the Texas branch of the nonpartisan lobby Common Cause. At one precinct, he added, “people are just kind of yelling at voters as they are trying to approach the polls.”
Election officials sometimes brushed off criticism when it reached their desks.
When the American Civil Liberties Union wrote to Debbie Cox, clerk of the county that surrounds Dodge City in southwest Kansas, over the move of the only polling place to a site half a mile outside the city limits, inaccessible by public transit, she forwarded the email to a state official with the comment, “LOL.”
In Okaloosa and Taylor counties in northern Florida, reports arrived of voters getting text phone messages that their absentee ballots had not been received, when in fact they had, said Liza McClenaghan, board chair for Common Cause Florida.
Scare tactics — and repudiation of them — came from both parties.
Facebook ads from the North Dakota Democratic-Non-Partisan League tried to discourage hunters from voting, saying they would forfeit their out-of-state hunting licenses if they cast votes at home, a claim that no state official would verify.
“This is false #ND don’t let these liar democrats get away with it,” tweeted Donald Trump Jr.
It was in Georgia, though, where the electoral waters were most turbulent. Openly racist robocalls were reported that mimicked Oprah Winfrey offering free cars to supporters of Stacey Abrams, the Democrat who strives to become the nation’s first black female governor.
Other charges flew, and they involved alleged hacking and voter suppression. On Sunday, Secretary of State Brian Kemp, the Republican candidate for governor, announced that he had opened a probe into the state Democratic Party over what his office said was “a failed attempt to hack the state’s voter registration system.” Kemp said the FBI was involved but offered no details about the alleged hacking. The FBI’s Atlanta field office declined to comment.
On a separate matter, Kemp was sued last month over his decision to put 53,000 voter registration applications on hold, most of them minorities. In a partial setback for Kemp Friday, a federal judge ruled that 3,141 recently naturalized citizens who were among the larger group must be allowed to vote. Kemp is in a tight race with Democrat Abrams.
Kemp put the registrations on hold under Georgia’s “exact match” law, passed by the Republican-led legislature last year, that orders authorities to match the name on a prospective voter’s government-issued ID with the one on his or her voter registration card. A typo or a missing hyphen can throw an application into “pending” status.
What tripped up Whitney McGinniss was a similar issue involving absentee balloting — and it has shaken her confidence in a democratic process that she never doubted before.
McGinniss, 35, a resident of Decatur, east of Atlanta, submitted an absentee ballot. When she went online later and checked the website of the Secretary of State’s Office, she saw that her ballot had been “challenged” due to a non-matching signature. That led to a back-and-forth with Dekalb County election employees.
“You look at them side by side and there are slight differences, but it’s my signature either way,” McGinniss said.
“I have an email thread with 20 emails on it. That’s not how you’re supposed to vote,” McGinniss said. “This is horrible. This is outrageous. … I’ve spent hours on this. That’s not an exaggeration.”
Early voting has proven bumpy. A North Miami voting location ran out of ballots Sunday due to malfunctioning printers. Voters endured lines up to three hours.
It is Election Day itself that experts say could bring new problems. They urge voters to beware of any digital communication purportedly guiding them on voting — but perhaps misleading them.
“They need to be skeptical, especially if it’s related to anything of a procedural nature — how to vote, where to vote, you know, a sample ballot,” said Steve Grobman, senior vice president at McAfee, a global computer security firm in Santa Clara, California.
Malicious text messages can send voters to the wrong polling places, wasting their time and perhaps discouraging them from voting at all.
Setting up mass robocalls for Election Day that purport to be from election offices but actually give voters wrong information is “very easy, very straight-forward” to do for those with malicious intent, said John Dickson, principal at Denim Group, a cybersecurity firm in San Antonio, Texas.
“It might say, ‘Hey, we’re calling from the Tarrant County voter administrator … Your precinct is now at so-and-so mall.’ Something like that. It would be enough to confuse people,” Dickson said.
Dickson said foreign hackers could interfere in specific congressional districts, using social media to spread lies about a potential terror attack or zapping targeted election districts with denial-of-service attacks.
Attackers may target voter registration databases, causing voters to find their names missing when showing up to vote. Or they could attack websites of county election offices, which are surprisingly vulnerable. McAfee found in a survey of 1,273 county-level election websites in 20 states last month that 80 percent did not use the .gov domain name that heightens security and 74 percent didn’t use the encryption tool that is the most basic firewall.
“The number of avenues that a bad actor has … is almost infinite. Identifying exactly the scenario that somebody would choose is extremely difficult,” Grobman said.
Election districts in all but five states now use voting machines that leave a paper trail in the event of a cyber incident. Election watchdogs say tallying ballots properly should take precedence over getting results rapidly.
“We want our election results right, not quick,” said Susan Greenhalgh, policy director at the National Election Defense Coalition.
Even if no major events unfold, Americans should not necessarily feel relief.
“Do we know that there hasn’t been tampering? I don’t know that we would necessarily know,” Grobman said.
William G. Douglas and Douglas Hanks contributed.