Georgia elections chief plans changes after security issues

FILE - In this Nov. 2, 2010 file photo, Georgia Secretary of State Brian Kemp speaks in Atlanta. The state’s top elections official stood out by refusing help from the Department of Homeland Security in August 2016 amid national concerns about the integrity of U.S. elections. His assurances have threatened to become a liability as he runs for governor after new details emerged about major security mistakes at the center managing Georgia’s election technology. Kemp announced Friday, July 14, 2017, that he plans to bring the center’s operations in-house within a year. (AP Photo/John Amis, File)

ATLANTA — Georgia’s top elections official stood out by refusing help from the Department of Homeland Security last August amid national concerns about the integrity of U.S. elections.

 

Republican Secretary of State Brian Kemp called it an attempted federal takeover and insisted his office was already protecting Georgia’s vote from hackers.

But Kemp’s assurances threatened to become a liability after new details emerged last month about major security mistakes at the center managing Georgia’s election technology. It turns out that the contractor left critical data wide open for months on the internet, and that for the second time under Kemp’s tenure, the personal information of every Georgia voter was exposed.

With his critics demanding accountability, Kemp announced Friday that he plans to bring the center’s operations in-house within a year.

“The secretary of state’s office is equipped, trained, and tested to handle these operations in-house. I am confident that this move will ensure Georgia continues to have secure, accessible, and fair elections for years to come,” his statement said.

Georgia effectively outsourced management of the touch-screen voting machines it adopted statewide 15 years ago to the center, which earned $792,000 in its most recent annual contract. The work has been all-encompassing, from designing ballots to creating memory cards with lists of registered voters for each county to testing and certifying each piece of equipment after repairs. The new, $815,000 contract Kemp announced Friday calls for moving that work to the secretary of state’s office by June 30, 2018.

Merle King, the center’s director, didn’t immediately reply to an email seeking comment about the change. He had referred earlier questions about the mistakes to Kennesaw State University, which houses the center. Its president, Sam Olens, issued a brief statement: “We support the secretary of state’s decision and look forward to helping facilitate a smooth transition.”

Details first made public last month raised questions about the center’s security measures. A cybersecurity expert warned King in August – only days after Kemp turned away federal help – that he had been able to copy records on Georgia’s 6.7 million voters and other critical documents from the center’s public website, including passwords poll workers used to sign into a central server on Election Day. The same data was available seven months later, the university determined.

This extended exposure was first detailed by Politico magazine in June, raising the heat on Kemp, whose office mistakenly sent out CDs containing the birth dates and Social Security numbers of every registered voter in 2015, costing the state $1.2 million for credit monitoring.

Republican secretaries of state commonly build their profiles backing strict voter identification laws, but Kemp’s predecessor, Republican Karen Handel, had already implemented one. Kemp also used intensive procedures to verify voters’ registration status, prompting accusations from the American Civil Liberties Union, the Georgia NAACP and Common Cause that thousands of eligible citizens lost their right to vote.

When launching his gubernatorial bid this April, Kemp said their lawsuits were trying to “undermine the integrity of the ballot box.”

A judge dismissed their challenge in early June, ruling that Kemp had immunity and she saw no evidence of harm justifying drastic changes with early voting already underway. Kemp said the ruling verified “voting machines in Georgia are safe and accurate.”

Then Politico revealed details of the center’s mistakes: that researcher Logan Lamb alerted King in August, warning him to assume that the exposed data had been downloaded already. Lamb said he followed King’s directive to keep quiet until telling a colleague who checked the site and found the data still exposed months later.

Topics: