Privileged Access

Bureau of Elections Brater Memorandum – Vendor Access Preserved While Clerk-Initiated Audits Blocked (MI)

Established Fact, Michigan, Privatized Election Operations, Privileged Access, United States /

Established Fact The Michigan Department of State, under Secretary Jocelyn Benson, established API contracts granting Rock the Vote and approximately 25,000 partner organizations direct remote access to Michigan’s Qualified Voter File (QVF), which contains voters’ Personally Identifiable Information (PII), including partial Social Security Numbers and driver’s license numbers. These access agreements were executed without NIST-compliant […]

Bureau of Elections Brater Memorandum – Vendor Access Preserved While Clerk-Initiated Audits Blocked (MI) Read More »

Rock the Vote API Access to Qualified Voter File – 25,000 Unvetted Third-Party Partners (MI)

Established Fact, Michigan, Privatized Election Operations, Privileged Access, United States /

Established Fact The Michigan Department of State, under Secretary Jocelyn Benson, established API contracts granting Rock the Vote and approximately 25,000 partner organizations direct remote access to Michigan’s Qualified Voter File (QVF), which contains voters’ Personally Identifiable Information (PII), including partial Social Security Numbers and driver’s license numbers. These access agreements were executed without NIST-compliant

Rock the Vote API Access to Qualified Voter File – 25,000 Unvetted Third-Party Partners (MI) Read More »

CIS Albert Sensor MOA – Private NGO Access to Decrypted Election Network Traffic (MI)

Established Fact, Featured, Michigan, Privatized Election Operations, Privileged Access, United States, Wayne County /

Established Fact Wayne County executed a Memorandum of Agreement granting the Center for Internet Security (CIS) – operating as MS-ISAC/EI-ISAC – the right to inspect network traffic in a decrypted state via Albert Sensor endpoint access to county election infrastructure. This gave a federally-affiliated private NGO – not subject to direct democratic accountability and not

CIS Albert Sensor MOA – Private NGO Access to Decrypted Election Network Traffic (MI) Read More »

CEIR and ERIC Voter Roll Data Laundering – Private NGO Access to State Voter Registration Data (GA)

Established Fact, Georgia, Privatized Election Operations, Privileged Access, United States /

Established Fact The Georgia Secretary of State participated in a program through which Eligible But Unregistered (EBU) voter data was transmitted through the Electronic Registration Information Center (ERIC) to the Center for Election Innovation and Research (CEIR), which used that data to generate targeted voter registration mailing lists that were then returned through ERIC to

CEIR and ERIC Voter Roll Data Laundering – Private NGO Access to State Voter Registration Data (GA) Read More »

Alliance for Election Excellence – CTCL Successor NGO Granted Access to Local Election Practices (AZ)

Arizona, Coconino County, Established Fact, Privatized Election Operations, Privileged Access, United States /

Established Fact Coconino County entered into a membership agreement with the U.S. Alliance for Election Excellence – CTCL’s successor network – granting this private NGO privileged access to sensitive election information and the inner workings of local election practices and administration. This agreement bypassed Arizona’s statutory ban on private election funding and the constitutional chain

Alliance for Election Excellence – CTCL Successor NGO Granted Access to Local Election Practices (AZ) Read More »

Single Shared Credential Across All EMS Components – Never Rotated Through 2020 Election (AZ)

Arizona, Established Fact, Maricopa County, Privatized Election Operations, Privileged Access, United States /

Established Fact During the Cyber Ninjas audit of Maricopa County’s 2020 election, IT subcontractor Ben Cotton testified before the Arizona Senate on July 15, 2021, that Maricopa County lacked the administrative iButton hardware tokens required for multi-factor authentication into Dominion’s tabulation system at the technician/configuration level. Cotton testified that “only the contract Dominion employees, contracted

Single Shared Credential Across All EMS Components – Never Rotated Through 2020 Election (AZ) Read More »

Dominion Vendor Exclusive Control of Administrative iButtons – No County Access (AZ)

Arizona, Established Fact, Maricopa County, Privatized Election Operations, Privileged Access, United States /

Established Fact Maricopa County did not possess the administrative iButtons (hardware authentication tokens) required to independently access, configure, or validate its own Dominion Voting Systems tabulation infrastructure. Only Dominion Voting Systems retained these tokens, meaning the county was structurally incapable of independently verifying that systems were operating in their certified configuration – a direct violation

Dominion Vendor Exclusive Control of Administrative iButtons – No County Access (AZ) Read More »

CIS Albert Sensor MOAs Waiving Election-Network Privacy (MI)

Established Fact, Michigan, Privatized Election Operations, Privileged Access, United States, Wayne County /

Established Fact The Center for Internet Security (CIS) executed Memoranda of Agreement with local governments, including Wayne County, for Albert sensor monitoring. The MOAs granted CIS the right to inspect network traffic “in a decrypted state” and explicitly stated that users “have no reasonable expectation of privacy” on those monitored networks. In practice, this centralized

CIS Albert Sensor MOAs Waiving Election-Network Privacy (MI) Read More »

U.S. Alliance for Election Excellence Membership Bypassing State Funding Bans (AZ)

Arizona, Established Fact, Privatized Election Operations, Privileged Access, United States /

Established Fact Coconino County joined the U.S. Alliance for Election Excellence — a program operated by the Center for Tech and Civic Life (CTCL) — as a “basic member” in January 2023, paying annual membership fees in exchange for consulting credits, coaching, and access to resources from Alliance partners. Internal emails obtained via open records

U.S. Alliance for Election Excellence Membership Bypassing State Funding Bans (AZ) Read More »

Elections Group Embedded Personnel With Operational Access to Drop Box Infrastructure and Tabulator Programming (GA)

Established Fact, Fulton County, Georgia, Privatized Election Operations, Privileged Access, United States /

Established Fact CTCL-funded Elections Group personnel were embedded in Fulton County election operations without authorization from the Fulton County Board of Registration and Elections (FCBRE) – the sole statutory superintendent under O.C.G.A. § 21-2-40. These private personnel had daily access to absentee ballot request information, drop box planning, tabulator programming, and Logic Accuracy testing. One

Elections Group Embedded Personnel With Operational Access to Drop Box Infrastructure and Tabulator Programming (GA) Read More »