Thursday, April 19, 2012

National security:Foreign company buys U.S. election vote counting rights

Bias in new vote-counting system? National security concerns also raised

image
by Aaron Klein
An internationally-headquartered company, SCYTL, is now taking over online U.S. voting systems.
The company has previously faced questions about the security of its electronic voting technologies, which are now set to be deployed in 900 U.S. jurisdictions.
The firm already provides balloting for overseas U.S. military and civilian voting in nine states plus elections technologies in several districts.
Concerns have also been raised about SCYTL’s ties to the Spanish government and to international venture capital firms.
The Drudge Report yesterday ran a feature entitled, “Foreign company buys U.S. election results reporting firm.” The article documented that SCYTL, based in Barcelona, acquired 100% of SOE Software, the leading software provider of election management solutions in the United States.
The official press release announcing the acquisition noted that SCYTL is a portfolio company of leading international venture capital funds Nauta Capital, Balderton Capital and Spinnaker.

National security concerns
With the purchase of SOE Software, meanwhile, SCYTL has increased its involvement in the U.S. elections process.  SOE Software boasts a strong U.S. presence, providing results in over 900 jurisdictions.
In 2009, SCYTL formally registered with the U.S. Election Assistance Commission (AEC) as the first Internet voting manufacturer in the U.S. under the EAC Voting System Testing and Certification Program.
Also that year, SCYTL entered into an agreement with another firm, Hart InterCivic, to jointly market a flexible and secure electronic pollbook purportedly to allow U.S. election officials and poll-workers to easily manage the electoral roll on Election Day in an efficient and convenient manner.
SCYTL’s ePollBookTM already replaced the paper precinct roster in Washington, DC.
During the midterm elections in November 2010, SCYTL successfully carried out electoral modernization projects in 14 States. The company boasted that  a “great variety” of SCYTL’s technologies were involved in these projects, including an online platform for the delivery of blank ballots to overseas voters, an Internet voting platform and e-pollbook software to manage the electoral roll at the polling stations.
The states that used SCYTL’s technologies during the Midterms were New York, Texas, Washington, California, Florida, Alabama, Missouri, Indiana, Kansas, Mississippi, New Mexico, Nebraska, West Virginia and Washington DC.
Just prior to the midterm’s however, the new electronic voting system in Washington, DC was hacked.
As a program security trial, the D.C. Board of Elections & Ethics reportedly encouraged outside parties to hack and find flaws in its new online balloting system. A group of University of Michigan students then hacked into the site and commanded it to play the University of Michigan fight song upon casting a vote.
This is not the first time SCYTL’S systems have been called into question
Voter Action, an advocacy group that seeks elections integrity in the U.S., sent a lengthy complaint to the U.S. Election Assistance Commission in April 2010 charging the integration of SCYTL systems “raises national security concerns.”
“Foreign governments may also seek to undermine the national security interests of the United States, either directly or through other organizations,” Voter Action charged.
The document notes that SCYTL was founded in 2001 as a spin-off from a research group at the Universitat Autonoma de Barcelona, which was partially funded by the Spanish government’s Ministry of Science and Technology.
SCYTL’s headquarters are in Barcelona with offices in Washington, D.C., Singapore, Bratislava and Athens.
The company provides voter services worldwide, including in France, Norway, Spain, India, the United Arab Emirates, Austria, Australia, Britain, Mexico, Switzerland, Philippines and Finland.
Project Vote noted that in 2008, the Florida Department of State commissioned a review of SCYTL’s remote voting software and concluded, in part, that:
. The system is vulnerable to attack from insiders.
· In a worst case scenario, the software could lead to (1) voters being unable to cast votes; (2) an election that does not accurately reflect the will of the voters; and (3) possible disclosure of confidential information, such as the votes cast by individual voters.
· The system may be subject to attacks that could compromise the integrity of the votes cast.
With research by Brenda J. Elliott
NOTE: An earlier edition of this article identified the venture capital firm that invested in SCYTL as the emerging markets investment management firm, Spinnaker Capital Group. The actual SCYTL investor is another company with a similar name, the Spanish venture capital firm Spinnaker SCR. Neither Spinnaker Capital Group nor its director, Bob McCarthy, are associated with SCYTL

No comments:

Post a Comment