Why Is CalPERS Aggressively Promoting Internet Voting Despite Experts Like the National Institute of Sciences, Engineering, and Medicine Saying “Hell No”?

The usual rule is never attribute to malice that which can be explained by incompetence. But CalPERS choice not just to implement internet voting, but to press eligible voters to use it over clearly safer methods, is obviously dodgy given the post-2016 focus on hacking elections, and worries about the ability to tamper with electronic voting. Remember that “electronic voting” is light years more secure than Internet voting, since the voting machines in electronic voting are not usually open to the Internet.

But of course, the big risk in election integrity doesn’t come from scheming Rooskies, but from insiders trying to assure a win for their candidate by suppressing or tampering with votes.

And why might we think that CalPERS motives in implementing voting by Internet and phone were less than pure? The vendor CalPERS is using for those two methods, Everyone Counts, does not provide a paper trail to allow for any pretense of independent verification of its tallies.1 Everyone Counts is also not certified by the Secretary of State.

And we aren’t exaggerating when we say that CalPERS is pushing the most tamper-friendly method hard.

First, the Election home page tells eligible voters to “Vote Now” before it gives them any other information:

And if you click on the little icon in “Vote Now” above, you go to this page:

And if you didn’t get the message, CalPERS flogs insecure Internet Voting later in the same page:

CalPERS’ CEO Marcie Frost has said she wants to eliminate paper balloting entirely. The justification, that this would save costs, is a convenient cover for the real aim, that of suppressing votes by retirees, who have a higher level of election participation, and have also been strong supporter of board members who have the temerity to ask questions and demand accountability, like Margaret Brown and former board member JJ Jelincic. In other words, even before you get to the opportunity to engage in nefarious conduct, the motive is to give the unions even more sway over the board.

The balance of the post will discuss:

Experts agree that Internet voting is not secure and recommend against it

Internet voting is explicitly illegal under California law

CalPERS’ chosen vendor, Everyone Counts, has a poor track record and cannot comply With CalPERS election regulation

CalPERS told more whoppers in its voter FAQ

Experts Agree That Internet Voting Is Not Secure and Reject Its Use

The National Academy of Sciences, Engineering and Medicine released a new report, Securing the Vote: Protecting American Democracy, the result of a two-year effort led by a committee that “included computer science and cybersecurity experts, legal and election scholars, social scientists, and election officials:” From the press release:

Internet voting should not be used at the present time, and it should not be used in the future until and unless very robust guarantees of secrecy, security, and verifiability are developed and in place. Currently, no known technology can guarantee the secrecy, security, and verifiability of a marked ballot transmitted over the Internet. (The Internet is an acceptable way to transmit unmarked ballots to voters as long as voter privacy is maintained and the integrity of the received ballot is protected.)

Some of the supporting detail from the report proper:

Election administrators face a daunting task in responding to cyber threats, as cybersecurity is a concern with all computer systems…

There are many layers between the application software that implements an electoral function and the transistors inside the computers that ultimately carry out computations….As a result, there is no technical mechanism that can ensure that every layer in the system is unaltered and thus no technical mechanism that can ensure that a computer application will produce accurate results. This has several important implications for election systems:

• all digital information—such as ballot definitions, voter choice records, vote tallies, or voter registration lists—is subject to malicious alteration;
• there is no technical mechanism currently available that can ensure that a computer application—such as one used to record or count votes—will produce accurate results;
• testing alone cannot ensure that systems have not been compromised; and
• any computer system used for elections—such as a voting machine or e-pollbook—can be rendered inoperable.

Election systems are especially vulnerable when they are connected to the Internet, telephone network, or another wide-area network.

A hot take on the report from Fast Company:

Paper ballots should be used to help guarantee election security, and digital voting machines that don’t produce a paper trail should be replaced as soon as possible, according to a new report from the National Academies of Science, Engineering, and Medicine.

As we noted earlier, Everyone Counts, the vendor conducting the Internet voting for CalPERS, does not provide a paper trail.

In the interest of keeping this post to a manageable length, rather than providing more excerpts, below are links to other authoritative sources on the inherent failings of Internet voting:

Internet Voting Leaves Out a Cornerstone of Democracy: The Secret Ballot MIT Technology. As we’ll discuss below, this violates the California constitutional requirement that “Voting shall be secret.”

Online voting is impossible to secure. So why are some governments using it? Computer Security Online. Subhead: ” If you thought electronic voting machines were insecure, wait ’til you meet online voting.”

David Dill: Why Online Voting Is a Danger to Democracy Stanford Engineering. Subhead: “​A Stanford computer scientist says Internet voting would be ‘a complete disaster.'”

Internet Voting Verified Voting. “There is no way to guarantee that the security, privacy, and transparency requirements for elections can all be met with any practical technology in the foreseeable future. Anyone from a disaffected misfit individual to a national intelligence agency can remotely attack an online election, modifying or filtering ballots in ways that are undetectable and uncorrectable, or just disrupting the election and creating havoc.”

And even the mainstream media is leery: Online voting could be really convenient. But it’s still probably a terrible idea. Washington Post

Internet Voting Is Explicitly Illegal Under California Law

The fact that Internet voting is not and cannot be made secret means it violates a central provision of the California constitution: “Voting shall be secret.”

CalPERS has implicitly acknowledged that it needs to comply with that requirement. Last year, we criticized CalPERS for having a non-secret ballot by having voters sign the face of the ballot. The board approved changing procedures for this election to return to the old system of having voters sign the envelope only, which will then be separated from the ballot before the count is made.

Not only does Internet voting fail to meet this standard, it is also not a permitted voting method in California. We pointed out a year ago:

However, voting by Internet is very rare in the US and is explicitly illegal in California. From the Secretary of State’s website:

Additionally, pursuant to Elections Code section 19205, no part of a voting system shall be connected to the internet at any time. Nor shall any part of a voting system electronically receive or transmit election data through an exterior communication network of any type.

Indeed, the statue is terse and the Secretary of State had cited it word for word in his overview:

No part of the voting system shall be connected to the Internet at any time.

In a FAQ embedded at the end of this post, CalPERS contends that its election process is hunky-dory because CalPERS governing statute allows it to set its own election procedures. However, the Legislature was very clear in stating that any changes to the election method required new law.

In a classic example of CalPERS’ General Counsel Matt Jacobs’ school of lawyering, the FAQ cites a court case that in fact does not clearly support CalPERS’ claim that it has the authority to implement Internet voting (among other things). The ruling bizarrely took the position that the disputed changes, like going from “winner of a plurality wins the election” to “only a plurality winner means CalPERS will hold a runoff” to be changes in procedure, as opposed to changes in method, without ever discussing the criteria for determining if a rule change rose to the level of being a change in method. However, the court cited this section of Proposition 162 as support for its ruling in CSEA v. CalPERS:

The integrity of our public pension systems demands that safeguards be instituted to prevent political ‘packing’ of retirement boards.

In fact, the insecure, audit-trail-free Internet and phone voting run by Everyone Counts looks to be tailor-made for political packing by CalPERS to assure that only its cronies will win.

Another proof of the dubious legal status of Internet voting is the unprecedented qualified certification given by the Secretary of State last year.

Here is the sort of certification the Secretary of State issued for CalPERS elections before the pension fund took up Internet voting:

Contrast that image with the certifications issued for last year’s elections:

It appears that the Secretary of State, which for obvious reasons could not cause a political firestorm by not ratifying an election by a major state agency, instead tried to distance himself from the process. Needless to say, a search of recent CalPERS election certifications shows that none prior to last year contain a disclaimer by the Secretary of State about the election methods.

We spoke to a former general counsel to the Secretary of State. He said when he was in office, under a different Secretary of State, that they would not have approved CalPERS’ use of Internet voting.2 He also thought a legal challenge to CalPERS’ vote-by-Internet scheme would have good odds of prevailing.

CalPERS’ Chosen Vendor, Everyone Counts, Has a Poor Track Record and Cannot Comply With CalPERS Election Regulation

CalPERS engages in sleight of hand by depicting the elections as being run by “IVS/Everyone Counts”. As we explained last year, “IVS” is Integrity Voting Systems, which is a brand name for the vote-counting services of K&H Printing, which has a large ballot and envelope printing business. Everyone Counts is an Internet voting company which also offers phone voting. IVS and Everyone Counts teamed up to manage the CalPERS election, but each voting channel is run by a separate vendor.

As we wrote last year:

My, why are we hearing that “Everyone Counts” name only now? Why has it been kept under wraps, with nary a mention to the board? Could it be because a web search would have revealed unflattering information about Everyone Counts overhyping its pet initiative, voting over the Internet? From a 2016 article in the Atlantic, which among other things, discusses an Internet voting fiasco in Estonia:

“They’re pretending like voting is no different than buying a book on Amazon, and they’re completely, by virtue of ignorance or malice, ignoring the truth of the world,” said Joe Kiniry, a cybersecurity researcher. “The simplest way to check the veracity of their statements is to call up any security researcher in the world that you find online who has made public statements about end-to-end verifiable elections and ask them. And you will find that 999 out of 1000 will tell you that [the likes of] Everyone Counts, [other online voting venders], and Estonia are full of shit.”….

Note that Everyone Counts has no election certifications whatsoever from the California Secretary of State.

Moreover, no matter what assumptions you make about how the paper ballots are being counted, it cannot comply with CalPERS’ own regulation:

§ 554.8. Ballot Counting and Runoff Election.

On the date specified in the Notice of Election at the location designated by CalPERS, the validated paper ballots shall be tabulated publicly by an independent, neutral agent appointed by CalPERS for that purpose. Online and telephone votes will be tabulated on the date specified in the Notice of Election and be auditable by an independent, neutral agent appointed by CalPERS for that purpose…..

Finally, the regulation calls for the online and telephone votes to be “auditable by an independent, neutral agent appointed by CalPERS for that purpose”. That means auditable by a party separate from the one that does the tabulation, which is Everyone Counts.

However, in the meeting with the candidates, Everyone Counts said it does not produce paper records. This means its process cannot be verified. Even in more secure voting via voting machines, ones that produce paper records are the only type that can be audited properly. As NBC News pointed out:

Breaches in Arizona and Illinois, tied to Russian hackers by intelligence officials, involved Internet-linked registration databases, not the manipulation of voting or tabulation machines, which are offline….

“I really think it’s negligence for a secretary of state anywhere in the country now not to have a paper trail for their votes, not to have some backup system, because the risks are just too great in this cyber Wild West,” Rep. Adam Schiff, the ranking Democrat on the House Intelligence Committee, said last month.

Back to the current post. Oh, and if you read the FAQ below, CalPERS has the chutzpah to mention a “successful online pilot” run by Everyone Counts in Los Angeles. If Everyone Counts considers Los Angeles to have been a success, I shudder to think what they would define as a failure.

An LA CityWatch article described the online election that Everyone Counts tried to run for the LA Neighborhood Councils. It had to be terminated and the process rebooted with paper ballots. And our concerns with the inability to audit results were borne out. From LA CityWatch:

A major issue with online voting was the impossibility of doing election verification after the election. No actual ballots were kept for the online votes and no final tally that reconciled the ballot count issued.

CalPERS Told More Whoppers in Its Voter FAQ

If you look at the FAQ we’ve embedded at the end of this post, you’ll see we’ve already exposed some of the misrepresentations and misleading statements, like depicting CalPERS’ election methods as perfectly legal, when that idea is quite a stretch. For instance:

California law allows CalPERS to offer electronic voting.
Section 554.7 of the California Code of Regulations, provides:…..

CalPERS is merely citing its own regulation. Regulations can only promulgate statue. They cannot create new law. CalPERS’ regulations continue to run afoul of the requirement for secret voting, and could also be separately challenged for violating the election code by providing for Internet voting.

Some other examples:

We protect the privacy of the voter no matter which method is used….All votes are kept in confidence by IVS/Everyone Counts to protect the secrecy of the vote.

As numerous experts said earlier, that is flat out false. There is no way to assure privacy in Internet voting. The most secure way is paper ballots.

IVS/Everyone Counts’ ballot facility has been certified by the California Secretary of State….Paper ballots are placed in a secured caged storage area that meets the requirements of the California Secretary of State for manufacturers of ballots.

This is a lie. There is no “IVS/Everyone Counts” facility. There is a K&H Printing facility in Everett, Washington, and an Everyone Counts facility in La Jolla. Neither company is on the list of certified voting technology vendors. The “K&H Integrated Print Solutions” facility is Washington is certified only for printing of “Dominion Imagecast,” “ES&S Unity,” “Hart eSlate,” “Premier AccuVote-OS,” and “Sequoia OpTech” ballots. Last year, there was no IVS sign on the facility nor did any employees have IVS business cards. The “Integrity Voting Systems” part of the operation was very much an afterthought.

More important, the Secretary of State does not certify third-party vote counting services of any kind.

And the blather about ballot cages is designed to mislead. The standards, such as they are, for protecting mass printed blank ballots and perhaps also the envelopes to send them to voters are irrelevant to the procedures that need to be in place once voters have voted and sent them back to be counted.

Moreover, why should we believe CalPERS assurances as to how the completed ballots are stored? Last year, at a site visit, then board candidate Margaret Brown found ballots out in the open, and employees said they were kept overnight in boxes. This year, since CalPERS has stated that the public can visit the K&H facility during business hours while the election is on, they’ll presumably do a better job of keeping up appearances. But even if the employees can grandly show some unopened ballots in cages, a visitor will have no way of knowing whether this is some or all of the ballots received to date.

Finally, the FAQ loftily announced that “public viewing will be allowed” of the vote count of paper ballots in Washington, followed by the electronic tally of the phone/Internet votes in La Jolla. The latter is a complete sham, since the system will have been keeping a running total throughout the election. Even worse, as we recounted last year, the “tabulation” took place with two sheets of glass and a corridor between the observers and the Everyone Counts employees supposedly working on the election with their laptops screens turned away from the public. Anyone who has seen vote counting in a system run with real integrity has repeatedly watched observers, particularly officials of the competing parties, hover over the people tabulating the votes. The idea that seeing employees play with their laptops amounts to adequate election supervision or transparency is pathetic, but CalPERS is so devoid of shame that it does not mind showing that its election procedures are a joke.

This continuing insult to CalPERS beneficiaries is yet another example of Frost’s ineptitude as a manager. It was more than a year ago that board candidate Margaret Brown visited the K&H operation in Washington and saw how the paper ballots were being kept in an insecure manner, open to all employees of the firm. She and fellow candidate Mike Flaherman obtained a copy of the election contract and demanded answers. The election contractors told demonstrable lies and eventually admitted to poor practices that violated CalPERS’ regulations.

Frost has had a year to fix this. All she did was address the most glaring problem, that of having voters sign ballots that also had a bar code on them. The rest has been public relations and per the FAQ, lying. Given the ease of tampering with Internet voting and the lack of an audit trail, CalPERS’ heavy-handed promotion of it looks like a way to make sure its clearly favored candidate wins no matter how the votes really shake out.3


1 As we’ll discuss, audit trails for Internet and phone voting aren’t such a great control anyhow, since those records would be digital and therefore subject to alteration. But not even making a gesture in the direction of verifiability is awfully cheeky.

2 CalPERS almost certainly arm-twisted conferred with the Secretary of State before implementing Internet voting.

3 The reason this charge is not as extreme as it might seem is that CalPERS refuses to disclose voting results by channel, that is, for paper ballots versus phone voting versus Internet voting. This information would allow independent observers to see if the voting on one channel was implausibly out of whack with another, since you would expect the results in each channel to be broadly similar. For instance, if mail-in ballots coame in 60% to 40% in favor of candidate 1 while Internet and phone ballots were 75% to 25% in favor of candidate 2, it would strongly suggest vote tampering. But CalPERS refuses to provide any data of this sort.

Calpers board election process
Print Friendly, PDF & Email


  1. vlade

    The “is illegal” bit should be enough (and the status is as explicit on this as it gets).

    But CalPERS seems to believe it’s outside the law, at least the Californian one.. Or rather it’s special Calish (CalPers English) allows interpretation that no other person would ever try.

  2. George Phillies

    Doesn’t California have any government law enforcement organizations? Are there any CalPers pensioners to have standing to engage in litigation? At one time, California I vaguely recall had two sorts of Grand juries, the one with long fixed terms and investigative powers perhaps being relevant. I recall a Californian describing them to me. Perhaps that variety was abolished.

    1. John Wright

      The problem with poor performance of CalPers is that any resultant shortfalls DO not decrease the promised pensions.

      The various entities that the pensioners retired from (CA state, city, county, or special district such as air quality/municipal water) are required to make up any shortfall in the pensions.

      Even when a city goes bankrupt CalPers has been able to insist they be paid in full.

      “A bankruptcy judge has dismissed a lawsuit filed by two disgruntled bond creditors challenging the city of San Bernardino’s decision to make its pension payments in full to CalPERS.”


      I suspect any future CalPers shortfalls will also be “paid in full” as CalPers goes to various government entities for more contributions.

      It may be difficult for any CalPers pensioners to litigate against CalPers given they may not be able to prove any harm done by CalPers to their pensions.

      The CA taxpayers have a very large interest in having a well-run CalPers but do not have much of a seat at the table, unless one counts political appointees to the CalPers board. And these appointees might have a very weak connection to the general taxpayers’ interests.

      If CalPers eventually does “pass the CalPers hat” to the CA taxpayers, one can envision cuts to schools, parks, possibly increased sales taxes and special fees attached to property tax bills.

  3. vlade

    Fundamentally, on internet voting, the problem is that there’s no way of ensuring only the person who has the vote, casts the vote. There are, theoretical and fairly complex, ways of ensuring tamper-free vote. But you can never, ever, tell who did cast it. There is absolutely no proper identification system available on the internet, and it’s questionable whether there ever can be. Any “key” can be passed on (or stolen). Any biometric control can be faked.

    Think of it this way. For banks (and others, but banks in particular), online fraud is a large cost. If there was a good, bullet proof system of confirming the identity of an online punter, chances are one of them would have implemented it already.

    Moreover, while an in-person identify check can be faked, it’s very expensive to do so for any reasonable number of people (hence ballot stuffing is preferred, cleaner and faster method of election rigging). But in the electronic world, faking 10 or 10,000 may have the same costs, if you’ve broken in.

    1. XXYY

      It’s somewhat worse than this. Voting requires verification of voter identity, as you say, so that only qualified voters can cast ballots and so they can vote only once. However, it *also* requires secrecy, that is, there must be no way to connect the identify of a particular voter with a particular ballot. This is vital to prevent both voter intimidation (“vote for X or something bad will happen to you”) and vote buying (“vote for X and something good will happen to you”).

      These are very difficult and in many ways conflicting requirements, but the CalPERS “voting” system appears to fail both. Requiring voters to enter a PIN (and the last 4 SS digits, presumably as a cross check), which is traceable to a mailed ballot, only ensures that the person doing the voting has possession of the mailed ballot, not that he or she is the proper voter. Of course, this is a weakness of vote-by-mail systems as well. Physical voting precincts check the voter appearing to vote against a government provided picture ID, and against a roster of people allowed to vote at the precinct, which is a reasonably good procedure. Voting only once with paper ballots is assured by the need to turn in the allotted physical ballot when voting. Getting an additional ballot is difficult. Presumably the CalPERS system can also prevent duplicate votes, but we are required to trust the privately-controlled software to do this. So CalPERS’ electronic voting system does only a weak and unsubstantiated job of verifying who is voting and how many times they vote.

      Secondly, the need to enter personally-associated information when voting is a failure from a secrecy standpoint. CalPERS can *claim* this info is not associated with individual votes or ballots, but (a) there is no way we can know whether this is true, and (b) there is no way CalPERS can even know whether its true since they didn’t write the software administering the election. For that matter, even Everyone Counts executives probably have no idea what’s going on inside their own product given the complexity of any reasonably-sized software system and the personnel turnover at many software companies. There are of course also tremendous incentives for elected officials to want to know details of who cast what ballots, both for “marketing” (“I’m not doing well with people in Riverside”) and retribution (“I’m axing the pensions of people who voted against me!”).

  4. flora

    But of course, the big risk in election integrity doesn’t come from scheming Rooskies, but from insiders trying to assure a win for their candidate by suppressing or tampering with votes.

    CalPERS’ CEO Marcie Frost has said she wants to eliminate paper balloting entirely.

    Imagine that. /s

    I suppose the great “advantage” of internet voting, from Frost’s point of view, is that any fiddling can be hidden from sight… unlike the last election process that was clearly out of bounds but not hidden from sight. And, after all that work by CalPERS, Margaret Brown still won a board seat. Egad!
    see: https://www.nakedcapitalism.com/2017/09/calpers-board-candidate-margaret-brown-objects-to-unconstitutional-non-secret-insecure-unauditable-election-vendor-handling-phone-and-internet-voting-criticized-for-incompetence-exaggerating-secu.html

    Thanks for your continued reporting on CalPERS, PE, and pensions.

  5. Clive

    I wish I could put this better in my own words, but I simply cannot beat the original so I’ll quote it here:

    While all groups of voters are affected by poorly designed ballots and badly drafted instructions, these problems disproportionately affect low-income voters, new voters, and elderly voters. All too often, the loss of votes and rate of errors resulting from these mistakes are greater than the margin of victory between the two leading candidates. As the examples in this report show, problems caused by poor ballot design and instructions recur in American elections, regardless of the type of voting technology a jurisdiction has used.

    Some have dismissed the degree to which poor ballot design undermines democracy by arguing that voters only have themselves to blame if they fail to properly navigate design flaws. This is unfair. Candidates should win or lose elections based upon whether or not they are preferred by a majority of voters, not on whether they have the largest number of supporters who—as a result of education and experience—have greater facility navigating unnecessarily complicated interfaces or complex instructions, or because fewer of their supporters are elderly or have reading disabilities. Nor should candidates win elections because ballot designs happened to make it more difficult for voters supporting their opponents to accurately cast their votes.

    1. flora

      Thanks for this. Having “greater facility navigating unnecessarily complicated interfaces or complex instructions” sounds almost like a modern ‘literacy test’ – a common past form of voter suppression.

      1. Clive

        Yes, this sort of thing has a long history doesn’t it? Latter-day “you can vote online, it’s easy, you really don’t want to go through all the aggravation of getting a paper ballot out of us, do you?” reminds me of womens’ suffrage here in the early part of the last century — yes, you could vote. So long as you were over 30. And married. And owned property. And were on the register (which meant having the right documents and a high level of literacy).

        The “right” kind of voters, in other words.

        If the comparison sounds outlandish, I counted at least four significantly high hoops CalPERS makes you jump through (understanding which option for voting to pick and comprehending the implications of each choice without any obvious way of reversing your selection, being able to access the Internet at-will for online voting, you having to be the one tying up the voter ID PIN with the online or phone voting system and finally an inability to obviously re-do your vote if you inadvertently make a mis-selection (the online equivalent of accidentally spoiling your ballot paper)).

        Given the likely age profile of many CalPERS electorate voters, bamboozling them with a myriad of options, registrations, site navigation, irreversible selections and visual/verbal clutter is a sure-fire way of “encouraging” them to give up in frustration. My mother-in-law has been known to call me and ask me to remote-desktop onto her PC because she’s gotten fretful about making a mistake in an online order for a department store. She’s not stupid, just 70 years old and never touched a computer until her late 50’s.

  6. John Zelnicker

    Thanks for the additional info, Clive (September 9, 2018 at 3:13 pm).

    And, thank you Yves for continuing to expose the corruption at CalPERS.

    I find it mind-boggling that Frost and her minions keep doing this sh!t. Someone needs to take them to court over the illegal voting procedures, at least.

    The election frauds being perpetrated by CalPERS staff seem to me to be their most obviously illegal activities since the statutes are quite specific. There are plenty of other illegal or unethical activities being undertaken by Frost, et al., (well documented here at NC) that need to be challenged in a court of law, as well, but elections look like the best avenue to bring some accountability to CalPERS.

    IMNSHO, CalPERS will not change until someone in power (Frost?) is convicted of criminal charges a la Fred Buenrostro.

    1. vlade

      Nah, I believe it will need third-time-lucky, i.e. two more criminal convictions, as that would show a clear pattern that would be hard to ignore by legislature.

  7. John Zelnicker

    Yves – George Phillips has a really good question (September 9, 2018 at 2:27 pm).

    [Paraphrasing] Does California state government have an Inspector General-type of office that can launch an investigation of other state agencies?

    If so, do you think that’s an effective way to bring some accountability to CalPERS?

    If not, what strategy do you recommend?

    You’ve probably already told us your opinion on this, but I don’t remember, so a quick reminder or link would be appreciated.

    Thank you for continuing to pursue these frauds.

  8. TheMog

    Maybe I’m feeling extra foily today, but this push for Internet voting has a couple of interesting facets.

    1. Even if it’s possible to come up with a way to authenticate and identify people with 100% accuracy so the system has verified that Joe Schmoe is really the Joe Schmoe that’s allowed to vote in this particular election, we then have the issue that Joe has to be at the same time authenticated and authorised to vote.
    In order to keep the ballot secret, the system cannot be designed in such a way that authentication can be tied to the vote. Even if the system that records and tallies the votes is isolated enough from the authentication system (which is a big if), there is the simple fact that there is a likely record of the voter authenticating and having to be marked as having voted in some type of database (thus associating the authentication/marking as having voted with a timestamp), and the recording of the vote itself. Given enough data and knowledge of the system, I would be extremely surprised if a few data scientists couldn’t determine who likely voted for which candidate. I’m guessing that this might be helpful if one would try to lose voters who have the temerity to vote for people like Margaret Brown or JJ Jelinc.

    2. Storing a record of the votes in a tamper proof manner most likely requires recording votes onto a write-only medium. While that’s possible to do (print out the log on paper, record it onto a CD/DVD in an appropriate format), there is still the question if the code of the system has been and can be audited to the extent that it can be formally verified that a) each every interaction with the system is guaranteed to be recorded in an unalterable manner while preserving the secrecy requirement and b) there is no way that a vote could be lost or manipulated while in transit. This is usually the point where the blockchain enthusiasts appear, but they tend to fall down on a). And that’s before we get to voting system vendors declaring their systems as trade secrets that cannot be audited by anybody, lest the secret sauce leaks out.

    3. The other interesting question is how one would assert that the above mentioned Joe Schmoe’s vote actually got assigned to the right candidate. Keep in mind we have multiple moving parts at play – the client (Joe’s web browser), the system that authenticates Joe and the system that tallys the votes. As mentioned above, ideally the authentication and tally systems would be different. The client can record on Joe’s computer that Joe voted for M. Mouse, but how does Joe actually verify that his vote was counted without (again) violating the secrecy law?

    At that point, in order for the system to be auditable end to end, there would have to be some sort of storage on Joe’s computer that stored his vote locally in such a way that it could not be altered, and that allows the independent auditors to also access this data on Joe’s computer.

    As a simple example, a glitch in the network accidentally triggered by one of our wonderful local monopoly phone or cable companies might lead to someone’s vote either being discarded or counted more than once, simple based on how such a system behaves when it sees different states recorded by the client and the server at the same time.

    Unless “election transparency” has now taking on the meaning of the votees transparently seeing who has voted for them, I don’t see how Internet voting would be beneficial both in the greater context and this particular CalPERS election.

    Note – I’m a software person, but not a security specialist. I’ve been dealing with authentication/authorisation questions in sensitive environments for a while now, though.

  9. Synoia

    I’m puzzled, looking for who gains or Cui Bono?

    Who benefits from not taking Calpers Management to account?

    Who benefits from this looting?

    1. fries

      It’s all about union control of the board and thus the $350 billion fund. God forbid another Margaret Brown gets a seat.

  10. EoH

    “Each voting channel is run by a separate vendor.” Um, who hasn’t called that one unacceptable. Who integrates the totals? As you say more elegantly, the whole voting process is a sham.

    These are the sorts of choices an institution’s general counsel is there to prevent. He should be the first to go, followed by formal proceedings in front of his state bar. But clearly, the chair, the board, and the CEO are as much at fault as this general counsel. CalPERS senior management have decided to hang together, lest they hang separately.

  11. The Rev Kev

    I suppose that CalPERS has seen how voting can be rigged or changed during Federal US elections for close on two decades without getting called out on it and figures why not get into the game. After all, even Stalin was once supposed to have said: “It’s not the people who vote that count, it’s the people who count the votes”.

    I am starting to gravitate to a new theory with CaLPERS. It’s like the old saying that you may as well get hung for stealing a sheep as a lamb. By all these illegal measures that they are undertaking, they are muddying up the waters in future prosecutions. Also dragging in the Secretary of State here it makes things even more complicated as the future trend would be to bury these misdeeds as being too embarrassing for California to be aired.

    That bit about having voters sign ballots that also had a bar code on them in the past sounds familiar. Australia had a mailed out ballot about accepting gay marriage or not several months ago and they had not one but two bar codes printed on each ballot. It does put you off voting as whichever way you vote, you just know that you will be an a databases somewhere because of it.

  12. Paul P

    What agencies or state legislative committees have oversight of
    Calipers? This might have come up, but I might have missed it.

    This is no longer off in the corner or under the rug: all of California
    is now responsible–the unions, the legislature, the attorney general,
    the governor, the press.

    1. Yves Smith Post author

      Thanks for this question. Both the California Senate and Assembly have committees that oversee public pensions. If you are inclined to write, the chairs are Dr. Richard Pan in the California Senate and Freddie Rodriguez in the Assembly. CalPERS is afraid of the legislature.

      It is productive to write the legislature. They hardly ever get any letters about CalPERS and we’ve found letter writing to be effective. Letters from Naked Capitalism readers led Treasurer John Chiang to feel he had to Do Something about private equity, which led him to sponsor the private equity transparency bill AB 2833.

      Be sure to cc Priya Mathur (on behalf of the board via priya.priyamathur@gmail.com) and Marcie Frost (Marcie.Frost@calpers.ca.gov) on any missive.

  13. Tom Stone

    California is a corrupt one party State, the people who run it are just fine with BAU at CalPers.
    And where is our “Famously Free Press”?
    If they weren’t just fine with the way CA Government including CalPers is run these stories would be front page news in every paper in the State.
    And Yves would be up for a Pulitzer Prize.
    Does ANYONE think that the California Department of Justice doesn’t know what’s going on at CalPers?
    The Secretary of State’s office clearly does or they wouldn’t have tried that lame ploy to CYA.
    How about the Governor?
    Anyone think this hasn’t been brought to his attention ( Such as it is)?
    As far as the State Legislature, well…the legislators that aren’t functionally illiterate or too impaired by drugs and alcohol are certainly aware of these problems.
    They aren’t about to rock the boat and risk losing their place at the trough.
    The fact that John Cox hasn’t grabbed this as an election issue says all I need to know about the “Two Party” system in California.
    “Attorney General Becerra…”

Comments are closed.