Q&A: Why wiping of Georgia elections server matters
By FRANK BAJAK
Oct. 27, 2017
Election reform activists sued Georgia officials on July 3 demanding its highly questioned statewide elections system be immediately retired. Four days later, technicians at Kennesaw State University, which administers the state's elections, destroyed a key piece of evidence — wiping clean an elections management server.
The server, holding data on Georgia's 6.7 million voters and files used to stage elections, had been exposed on the open internet for at least six months until early June. A security expert, Logan Lamb, first alerted officials to the gaping vulnerability in August 2016 but it had gone unpatched.
WHY PRESERVE THE DATA?
It's necessary to know whether the server might have been hacked and the outcome of last November's election and a special House of Representatives vote on June 20 altered. Data on the server included passwords used by county officials to access elections management files.
HOW DID THE ASSOCIATED PRESS LEARN OF THE DATA DESTRUCTION?
It obtained an Oct. 18 email written by an assistant state attorney general to lawyers in the case. The AP also was given 180 pages of email exchanges of election administrators obtained in an open records request. The documents confirmed the irretrievable deletion not just of the main server but also of two backups on Aug. 9.
WHO ORDERED THE SERVER WIPED?
Secretary of State Brian Kemp — a Republican running for governor in 2018 — oversees Georgia's elections and is the main defendant. On Thursday, he blamed the wipe on "the undeniable ineptitude" of Kennesaw State's elections center. His spokeswoman told the AP that Kemp's office did not order the destruction and did not know of it beforehand.
Kennesaw State officials have not responded to the AP's request to know who ordered the server wiped or why they did not keep an image before deleting its data.
Emails in the open records request show that a senior university engineer instructed technicians to wipe the server's hard drives. The university's press office said in a statement Thursday that the instruction followed "standard operating procedures."
The Atlanta FBI, which made an image of the server when it temporarily took custody in March, would not say whether it retained that copy — or whether it has done a forensic examination to determine whether the server was accessed by hackers and had files altered.
The state attorney general's office, Kemp's lawyer in the case, notified the court Wednesday of its intent to subpoena the FBI for the image.
WAS IT A CRIME TO DESTROY THE DATA?
That's not clear. The plaintiffs' local attorney sent an email July 10 to the defendants' lawyers reminding them of their obligation to preserve electronic evidence. The case was later transferred from state to federal court. A Republican state representative, Scot Turner, called Thursday for a criminal investigation. It appears no judge was asked for an order mandating the preservation of evidence. So the defendants could not be held in contempt of court.
Legal briefs are due Oct. 30, after which Presiding Judge Amy Totenberg will weigh their motion to dismiss the case. Meantime, Georgia's legislature has begun discussing replacing the state's 15-year-old elections system with modern equipment that includes an auditable paper trail at an estimated cost of at least $100 million.
On Nov. 7, Conyers, Georgia, a city near Atlanta, will test new equipment that produces a paper trail in its local elections.
EDITOR'S NOTE: This version corrects that the email written by the assistant state attorney general was sent on Oct. 18, not Sept. 18 as previously reported.
Frank Bajak on Twitter: http://twitter.com/fbajak