A Fix For Demonstrated Absentee Voting Vulnerability

From a Wisconsin Public Radio article last Thursday,

In a series of interviews with media outlets including Wisconsin Public Radio, Harry Wait of Dover said he used the state's online voter portal to request absentee ballots for Assembly Speaker Robin Vos, a Republican from Rochester, and Racine Mayor Cory Mason, Democrat.

Wait said he requested that the ballots be sent to a different address, but he never received the ballots [He says that he later received 5.]  He said he sent an email early the next morning notifying Racine County Sheriff Christopher Schmaling and District Attorney Patricia Hanson among others that he had taken the step.

They leave out key information; in his video Wait wrote "the new address was inserted and indefinitely confined was selected ...no ID or proof was required." That is the flaw Wait is trying to expose that allowed him to receive other peoples' ballot. Reporters are more focused on pending criminal charges which downplays the rather large vulnerability that has been exposed; the current system enabled someone to receive other peoples' ballot.

From a different article Wednesday,

Wait said he was able to request ballots for Vos and Mason by using their addresses and birthdates. Wait also reportedly requested the ballots of about 10 other friends with permission. On Tuesday, Wait said he had received five ballots back, including [Racine Mayor] Mason's.

How The Vulnerability Works

1. Clancy is an already registered voter.
2. A fraud (Ralph) logs in to the MyVote website using Clancy's name and birthday (public information.)
3. Ralph then requests an absentee ballot for Clancy and asks that it be mailed to a new address. Ralph enters both Clancy's mailing address (public information) and the nefarious new address.
4. Ralph checks the box on MyVote website or paper form proclaiming "I certify that I am indefinitely confined" so that he does not need to submit Clancy's state ID.
5. Ralph patiently waits for Clancy's ballot to arrive in the mail and then fills it out the ballot.
6. Ralph has his friend Sam sign it or maybe forges Sam's information before dropping it in a mailbox. A fraudulent vote is thus cast.

We don't use signature verification so after receiving someone else's ballot there doesn't appear to be a useful way for local clerks to identify a fraudulent vote. Fraud prevention is done before sending the ballot. One way to catch it is if the same person requests a ballot twice. What happens if a fraudster receives and submits your ballot and then you, the actual voter, tries to vote through the mail or in person on election day? I'm guessing the computer system flags this somehow and an investigation happens?

In a memo to clerks, the WEC [Wisconsin Elections Commission] recommended that they examine incoming absentee ballot requests with a separate mailing address to identify possible fraudulent activity. The memo instructed clerks to contact voters to confirm any ballot requests that present concerns.

The WEC recommendation drives home this point; what does a concerning mailing address look like and how does WEC expect clerks to identify them? Maybe if 5 different ballots are going to the same address a red flag is raised but what if one person is requesting a ballet go to a different county? I imagine clerks are busy and have to process a high volume of different types of requests and dumping this additional responsibility on them seems like the WEC shirking their duties.

I have seen no evidence of this being widely exploited nor of other widespread voting fraud in Wisconsin but step #4 above shows clearly why so many Wisconsinites are concerned. The ease of this abuse calls for the verification process to be tweaked in order to maintain/restore skeptical voters' trust. Ignoring an exposed problem like this will create much larger issues down the road.

The problem seems similar to software vulnerability reporting. Somebody discovers and responsibly reports a flaw so that it can be quickly addressed (hopefully) and all users become a little bit better protected going forward. In this case, Wait is attempting to publicly demonstrate a problem within our current absentee voting system and embarrass our representatives into fixing it.

What follows is one potential fix; If you have other ideas or ways to improve it comment below or on Reddit! Indefinitely confined people that are unable to leave their home need to have their address and identity verified without creating a large burden for them. For those with internet access, require them to upload their photo ID using the same process as voter registration. If they do not have internet access, a local government employee can visit their home and scan the proof of residence document or ID thus resolving the problem.

This assumes that the majority of indefinitely confined people have either mobile or wired internet access or a friend or family member that could help out (I may be wrong.) In either case, after successfully processing a change of address the local clerk's office would then mail a confirmation letter to the voter's original address as one final attempt to catch discrepancies.

Our goal in the great State of Wisconsin should be to have as many eligible people as possible cast their vote while making it as difficult as practical to manipulate the election process. There is more to be done on both of these fronts but it will require better efforts from state government and the WEC.

At Wednesday's commission meeting, Spindell suggested the agency should explore new means of verification when people request absentee ballots. That motion failed 3-3 along party lines.