Why Voters Should Be Concerned About Security Breaches Of Amazon's Election Data

Eighteen advocacy groups have published a letter calling on Amazon to “disclose all instances of security breaches related to election data, the implications of such breaches, and the actions it took to address them.”

Amazon, the letter noted, has been rapidly expanding into the market of digital voting infrastructure in over 40 states, Reuters reported. These voting-adjacent services include running websites, storing voter information and providing results, and all activities that collect and concentrate confidential information.

Amazon has billed itself as a cheap and reliable choice for election officials.

Despite that pitch, Amazon has had several significant data breaches on systems running its services. A Republican voter database hosted on Amazon’s web services was exposed to the internet for over 12 days, compromising the information of nearly every American voter. In 2016, a breach compromised Mexico’s entire voter database.

Amazon places the burden of these errors on its clients who improperly configured their databases. The authors of the letter say that's not good enough.

“We acknowledge that Amazon only claims responsibility for the underlying infrastructure and leaves it to the customer to secure the encryption of the data,” they wrote. “But our election system is not an everyday customer, and the public needs transparency about security issues to assess the possible threats to our election system. If a car seat manufacturer didn’t provide proper instructions to make sure people installed their car seats correctly, and it put infants in harm’s way, people would blame the manufacturer for its negligence.”

If the Texas GOP's stumbling efforts to put on a digital statewide convention is any indication, that might be a more difficult request than the company thinks.

The authors are also especially concerned that data breaches could be used to target minority voters. They point to a report by the Washington Post on efforts to target black communities with disinformation, a tactic Russia used when interfering with the 2016 election.

Allegations have emerged that Cambridge Analytica labeled a list of 3.5 million black voters as marked for “deterrence,” as opposed to other Clinton supporters who were marked “core Clinton” or “disengaged Clinton.” The Trump campaign says it did not use the information.

“It’s reasonable to expect a corporation the size of Amazon, handling contracts for the government, to devote resources to ensuring those accounts are safe,” the letter concluded. “Repeated breaches make it clear that Amazon hasn’t met this expectation and suggest it isn’t doing everything it can to protect voter information.”