Inside ERIC’s 2024 Action Plan
In this report, election software designer David Webber reveals the secret behind the biggest cog in the Left’s voter registration machine: the Electronic Registration Information Center, or ERIC.
With all the attention people are giving to the dire state of our elections, how do we avoid a repeat in 2024 of all the same issues we saw in 2020?
The first thing Americans must understand is the underlying technology matrix and the critical components powering our election machinery. What you’ve been told to focus on is not the real controlling part. Restoring faith in our election infrastructure means completely different things to each side.
The Left is trying to convince everyone that everything is sunshine and light and we can simply continue to do what we have been. Conversely, the other side—election integrity advocates—is trying to remedy the obvious transgressions in election infrastructure and restore parity moving forward.
The obvious question: How precisely can that be achieved? In this report, we dig into that question to provide a useful answer.
A little about myself: I have been involved in election systems standards for 20 years and have built operational election balloting software systems using open source code, working with election authorities both across the United States and internationally.
How Did We Get Here?
Back in the day, we had the infamous “hanging chads” Florida election and President Bush’s $1.2 billion commitment for the states to implement digital voting machines, which was meant to ensure there’d be no more election/vote-counting chaos.
The states spent the money and more—but what they received fell well short of expectations. I was directly involved in defining technical standards for voting systems to ensure transparency and open operations that could be verified and simply audited. Of course, all that work was ignored and discarded, and vendors scrambled to sell each state their wares (by means fair or foul). Those early state acquisitions are now controlled by a handful of corporations.
Everyone focuses on “the machines” and the counting, but that is not where the real control is.
As part of all this hubris, Google created the Voter Information Project, or VIP, designed to help Election Day voters go to the correct polling stations and see details of the candidates and issues on their ballots. Google regularly launches projects like this, then turns them over to a nonprofit to carry forward. The VIP team “borrowed” part of the technical work from our open public standards work.
This was the genesis of the project incubated by Pew Charitable Trusts which later became ERIC.
The original premise behind the ERIC project was purportedly altruistic, helping states to improve their accuracy of their voter rolls. There was a hidden agenda, too: Skewing the actual registered voter base regarding the “potentially available voters but unregistered,” by comparing the Department of Motor Vehicles (DMV) records to the registered voter database (there is zero transparency in how ERIC is doing that as we examine and explain below).
At the same time, ERIC goes to some lengths to promote its security standards and perceived integrity. While that all appears to be beyond reproach, there’s a catch. ERIC is closely affiliated with another nonprofit organization, the Center for Election Innovation and Research (CEIR). You won’t find the same level of access controls touted for CEIR.
CEIR actively provides outreach to unregistered voters with mailings, emails, and other outreach campaigns that ERIC cannot do. Fast forward to 2020, when CEIR received $70 million in “Zuck bucks” funding, which it spent in crucial swing states. ERIC’s database proved pivotal in enabling mass mail-in balloting and the exploitation of these mechanisms for determining election results.
For the first time in America’s history, political party election teams and their supporting software technology partners had access to unprecedented information on voters, their party affiliation, their voting history, and their registration information and demographics. All of this was combined with Big Data analytics from social media platforms gleaned from user’s digital devices and accounts and online government databases. A glimpse of what can be seen online can be found at VoteRef.com—voters are completely unaware of the extent of this intrusion into their lives.
Added to this is an enabling legislative landscape that has given unfettered access to vote and ballot delivery mechanisms with drop boxes, blanket ballot mailings, and shared voter database details. The total number of votes claimed as cast in the 2020 election exceeded all previous historical vote tallies, and particularly in the presidential election races in critical swing states.
Understanding the ERIC Database
ERIC’s member states are required to sign a rather curious set of legal obligations and criteria. These essentially removed control and oversight and delegate that solely to ERIC’s team and management. Furthermore, there is zero transparency in the actual software, coding, methods and processes being used by ERIC. For such an important system that essentially controls who registered voters are in our election systems, one would expect the opposite, providing complete documentation, source code and inspection.
There are some tidbits that give glimpses into ERIC’s mechanics. First are the underlying data structures used to exchange the voter record details. These are based on the earlier Google Voting Information Project (VIP) work which later morphed into the ERIC project. (That info is available here.)
Next, ERIC requires the use of data remediation technology to ascertain legitimate voters, remove duplicate entries, and determine which voters are no longer residing in the state. People, of course, change their names through marriage, divorce, adoption, or by legally petitioning for a name change. People also move and reside in new locations. Recall that this was the original premise of ERIC, to provide a solution for improving state voter rolls.
The data mediation technology is provided by a company utilizing AI techniques, Senzing. And the CTO of Senzing—Jeff Jonas—gave a presentation on that work available here.
This is touted as a vital part of the ERIC process, but without transparency how can states know precisely what has occurred? More importantly, how do voters know themselves?
Another important consideration is this: Is AI-driven technology even necessary? Can the results be achieved through traditional data-cleansing techniques that are simple, transparent and well-proven? Consider that we already have software that the states themselves can use directly within their own systems and which accesses state databases to determine voter eligibility and accuracy. Previously, ERIC utilized the IBM DataSphere product in this capacity, and that’s been augmented by the Senzing AI product. ERIC claims that this is too complex for each state to implement themselves.
Understanding Entity Matching
How can greater transparency be built into ERIC’s entity matching mechanisms? The example provided here in Figure 1 shows the challenge with a sparse set of data.
Typical live datasets contain disjointed entries with abbreviations, omissions, and typos. As explained above, states can utilize multiple data sources in order to “fill in the blanks” and build a master reference table with minimal omissions (that is also part of what ERIC is doing, too).
In Figure 1 the software has determined that items 1, 2, 3, 6, and 8 are the same person. Notice that that person’s name is the last criteria used. Date of birth, telephone, email, address are priority items. Notice also that variants match. These are simple logic rules that are garnered and then triggered for matching checks. In this case Robert, Bob, Bobby, Rob, and the B initial are all common.
Items 4 and 7 are linked by email and are a single entity. Item 5 is another entity, and potentially a spouse (this reference would require additional data confirmation). Item 9 is potentially an older parent relative.
Next we consider Figure 2. In this case the focus is on the email address match of items 1, 4, and 7; item 4 is potentially linked to the entry for 7.
All this appears complex, but it turns out that there are simple ways to implement this.
Toward States-Enabled ERIC Ownership
We can envision that the state elections systems can retake ownership and control and provide transparency into the processes. And moving forward, states can share best practices, software tools, and methods with each other.
The states have unique access to data sources that they alone are privileged to, simplifying data privacy concerns: Motor vehicle registrations, driver’s license numbers, property ownership records, taxpayer information; as well as legal records of births, deaths, and marriages within the state, National Change of Address database, and Social Security Administration death registry. Combined, these data points provide powerful cross-referencing tools for validating voter authenticity and eligibility, including when voters have moved out of state.
The techniques needed to maximize this data should be able to utilize simple querying, indexing, and results scoring methods available within modern database tools. These methods use Personal Identifiable Indicators (PII) to cross-check. These turn out to be more significant than the simple person-name matching system and include date-of-birth, telephone number, email address, location address, last 4 digits of one’s Social Security number, and driver’s license number. States can progressively glean these parameters from their databases and then run comparisons. In practice, this automation will accurately match 99 percent of voter records. For the small remaining percentage manual checking can be utilized for final adjudication.
Preventing Misuse and Abuse of ERIC Information
Voter information for over 20 states is available online, including poll book records (individuals who’ve voted in prior elections). Party canvassing teams have direct access to voter rolls as well.
It isn’t hard to see how this can be manipulated, particularly with unfettered mail-in balloting. Drop boxes and USPS delivery that are the gateway to delivering completed ballots, from registered voter entities in the ERIC database, without there being robust ways of verifying that the voter actually cast that ballot. Once accepted by the election administration staff and co-mingled with valid cast ballots, there is no way for that to be undone. The results have to be accepted as is—which is exactly what we saw across the board in 2020.
Early voting is also problematic, with the potential to provide windows into voting trends plus actual voter poll book data. Clearly, early voting records and devices are supposed to be sealed with no external access. However, these records are being cast to proprietary voting devices with zero access to the source code of these systems. The situation is similar for poll books and the data contained on them. Worse, with the poll books it’s actually necessary for them to share voting activity centrally to prevent voters casting multiple ballots.
Summary
Before 2010, the ERIC initiative seemed a benefit to states struggling with limited resources to keep voter rolls databases updated locally on their servers.
These days, that argument seems entirely antiquated.
We now have cloud servers, Big Data, AI analytics, and the ability to share global population and election data in minutes or even seconds. Simply put, technology has become a major threat to election integrity—and ERIC is the conduit through which voter rolls can be manipulated at scale using combined data sources. These include U.S. census data, election poll book records, motor vehicle records, social media data, election campaign data, obituary data, and more.
Added to this is the Pew creation of legal contract mechanisms for ERIC to lock the states in and handcuff them. There is zero transparency in the mechanisms and techniques being used to manage voter records. The main actor there is a private company with dark cyber ties. And then there is CEIR’s end-run around the ERIC restrictions. (Is it a coincidence that CEIR is a morphing of the ERIC acronym?)
The upshot is that outside actors have complete access to 32-plus state voters rolls and the ability to manipulate and exploit them at scale, and especially in regard to mail-in ballots.
The need is clear: Provide the tools for states to once again own and easily manage their own voter rolls in a transparent and simple way which can be readily verified. This will also enable open collaboration between States and allow citizens to quickly and easily manage and check their own entries.
For upcoming elections here are some quick touch point steps:
- The Pew contracts lock the states into ERIC 91 days out, so the rolls are what Pew delivers.
- The states can run their own checks on those rolls, cross-checking and produce a list of potentially questionable voter entries (this would not be in violation of the Pew contract).
- Mail-in ballots need to be processed against the results to separate them into two streams. This will avoid simply dumping ballots into the ballot counting/scanning process without ensuring they have been vigorously vetted and matched to actual voters cross-checked with state database entries.
- States should not be using CEIR for voter outreach and must do in-house mailings themselves.
We have learned a tremendous amount over the past 5 years and modern software technology provides both challenges in managing it, and also opportunities to empower States and citizens. Transparency is a key to this so that everyone can be confident in the election processes.
For more, catch Restoration’s groundbreaking report: ERIC: The Best Data Money Can’t Buy
ABOUT THE AUTHOR: David Webber has over 20 years experience in engineering open public trusted elections systems, election standards and cyber security. With Oracle Corp as industry liaison for elections systems working with NIST, EAC, VVAP and all the major election systems vendors on standards development. Webber is the holder of two US patents for EDI and XML technologies cited by over 65 other patents. David co-authored the New Riders book: “ebXML: The New Global Standard for doing business on the internet” in 2001 and has sold over 20,000 copies since.