Your Sensitive Registration Data at Risk as LA NC Online Election Vendor “Votem” Fires Entire Staff!

DONE WATCH--“One of Cleveland's largest blockchain start-ups abruptly closed last week due to a lack of funding.

Employees at Votem, a company making innovations in online voting platforms, did not receive their most recent paychecks and were told on Friday that everyone was fired, effective immediately...In late 2018, Votem acquired the California-based online voting company Everyone Counts. The roughly fifty employees based in California and around the world lost their jobs Friday as well.” - As reported by Clevescene.com 2/19/19. 

Why would the shuttering of a Cleveland-based online voting start-up matter to LA neighborhood council Stakeholders? Let me explain. 

The City of Los Angeles first began contracting with the online voting company, “Everyone Counts”, a third-party vendor, for the 2016 neighborhood council election cycle. A copy of the contract can be found online, but it's buried deep within the Department of Neighborhood Empowerment’s website, and not searchable on the homepage tabs. From the very beginning, there were problems with the online elections, and not small ones. For instance, a Studio City NC election in which the Everyone Counts platform was utilized, saw the unintentional release of sensitive voter registration data such as private emails, passwords, driver’s licenses, passports, 1099s and tax documents. Studio City NC Stakeholders were so furious, that their Councilman Paul Krekorian filed a motion (Council File: 15-1022-S2) to ban all future neighborhood council online elections City-wide until security measures were improved. What is clear now, is that no “shoring up of security” every happened. This Studio City NC data breach foreshadowed the current circumstances all NC Stakeholders now find themselves in. 

While online voting always had its cheerleaders in City Hall, it's not as if there were not repeated warnings about its perils. Multiple NCs filed Community Impact Statements and several NC Stakeholders testified before City Council, all expressing grave concerns with online voting. And yet, there is no indication that any City official took voter data security seriously. Further, as early as October 2017 there were reports about election fraud at CalPERS which implicated Everyone Counts, the online voting vendor for the CalPERS election. The financial blog “naked capitalism” wrote extensively about this. A simple internet search would have uncovered this, that is, if anyone at City Hall was looking... 

The 2019 Pilot Online Voting Program / 10 Neighborhood Council Elections / Funding” motion, CF 1022-S3, passed in City Council on August 22nd, 2018. Emails obtained through a public records request show that City Clerk Holly Wolcott, who was tasked with overseeing the online voting process, was at this time communicating with several City departments in a rush to finalize the new contract with Everyone Counts because the previous one had expired. 

Then something the City didn't anticipate happened. On October 3rd, 2018, the San Diego Business Journal reported that Everyone Counts became acquired by Cleveland-based Votem Corp. for an undisclosed amount. Votem purported to utilize “blockchain technology”, an online technique that Everyone Counts didn’t use. No announcements were made to NC Stakeholders by the City about this merger, even though Stakeholder data was potentially at risk. An email dated November 19th, 2018 from Richard Truong, the IT Director at the City Clerk’s office to Sr. Sales Director Midori Connolly at Votem reads: 

“I completely understand and if E1C/Votem is not comfortable with this pilot project, we should pull the plug on the 2019 pilot sooner rather than later. In addition, we have not seen the Votem system and have some concerns on our end as well.” 

Did the City of Los Angeles even understand what blockchain voting was? Why were City officials so eager to use something sight unseen considering all the many problems with online voting in past neighborhood council elections? The email exchange also shows that there was no due diligence done by the City with regard to the “Votem system”. 

With Votem now teetering on the brink of bankruptcy, or at the very least undergoing drastic cutbacks and loss of personnel, does anyone actually think that the sensitive information they uploaded into cyberspace to prove their Stakeholdership is safe? Did NC Stakeholders really know where they were sending things such as SCANNED DRIVER'S LICENSES when they registered to vote online? Votem, under the leadership of CEO Pete Martin, seems to be hurting for cash and is sitting on a mountain of potentially lucrative data, should he or the company choose to sell it. And, if either did, how would NC Stakeholders know? 

An email I received from the City Clerk dated February 23rd of this year states: 

“The City of Los Angeles does not currently have a contract with Votem.  All services previously rendered for online elections from Everyone Counts, (Votem's predecessor) have been provided and paid for.” 

This is an about face then, from just a couple months ago when a contract was still being negotiated and online elections for 2021 still being discussed (see above email screenshot). 

The City of Los Angeles’ passive position regarding the protection of NC Stakeholder data must be described as reckless and deeply concerning. It is unclear if anyone in City Hall is aware of the many dangers associated with the lack of adequate protection of voter data. Now would be the time for City Hall to permanently abandon online voting and to take it off the intravenous drip it has been kept alive on. Many hundreds of thousands of dollars have already been wasted on these NC “build-outs”- taxpayer money that should be redirected towards the NCs themselves, to allocate in the best interest of their Stakeholders. A concern is that the City will just look for another online voting vendor, learning nothing from this expensive fiasco and leaving sensitive Stakeholder voter registration data completely unprotected and in virtual limbo, subjected to any decisions made by unknown entities outside of California. 

“Bernie Moreno, an investor in Votem and former car mogul who’s spearheading the effort to turn Cleveland into a hub for blockchain, told Government Technology that 52 people were laid off and Votem was “unlikely” to recover. He thought the acquisition of Everyone Counts was the company’s downfall.” - As reported by Government Technology 2/22/19 

I don't know about you, but I don't want my sensitive voter registration data left in the hands of a former car mogul or the CEO of a drowning company in this day and age of widespread data collection.

(Catherine McNenny is a long-time community activist and lives in Los Angeles. )

-cw