govtech
A coalition of 36 election-security experts and advocacy groups wrote in a letter last month to Secretary of State Alex Padilla that they were "gravely concerned that [L.A. County's recently certified system] uses QR codes for tabulation" and urged him to stop relying on QR codes to tally votes at least by the 2022 primary election.
After voters make their ballot selections on their screens, the machine spits out a printed-out ballot-like receipt to review, along with a QR code.
"Although voters can easily verify the selections that the [voting system] prints on their ballot in their own language, they cannot easily verify the QR codes that [it] will actually use to tally votes," the letter said.
After voters make their ballot selections on their screens, the machine spits out a printed-out ballot-like receipt to review, along with a QR code. Officials have said this gives voters an easy way to verify their selections. But what a voter sees in plain text on the receipt, is not what the tallying machine counts. The county's new system scans the QR code to unpack and count what a voter has selected. If the system is hacked or wrongly records a voter's selections while electronically encoding it into the QR, there's no quick and easy way to tell.
Election administrators expect record turnout for the November 3 presidential election, which has already seen high levels of mail-in ballot participation. Intelligence officials warned lawmakers earlier this year that Russia is again trying to meddle in the U.S. election process, as it did in 2016. On Thursday, U.S. officials announced that Russian hackers targeted dozens of state, local and tribal networks, successfully stealing data from at least two unnamed victim servers; as a result, "there may be some risk to elections information housed on" those government networks. But there is no evidence that the integrity of elections data has been compromised, the government alert said.
L.A. County's new voting system, manufactured by Smartmatic Corp., a voting technology company that has been scrutinized for ties to the Venezuelan government, was first used for the presidential primary in March. The voting process was mired with technical problems that led to lengthy wait times and multiple after-incident reviews. L.A. County has since said the issues with its roughly 30,000 voting-machine system have been addressed and the new system was officially certified, as long as county officials abide by certain security conditions, by Secretary of State Alex Padilla earlier this month.
But even for those who understand how to scan a QR code, trying to verify the accuracy of their vote can be confusing and time-consuming.
Here's an example of what shows up when you scan your QR code, according to a document buried on the Los Angeles County Registrar-Recorder/County Clerk's website:
VER:A.SEL:4N/4E/H/J/3C/3K/35/4S/45/3Z/4A/X/3Q/3S/3U/3W/3Y/N/Y. BMD:0000046.SIG:4R57D5C44QKEJRS3OBF33PL0Z6U9THBR74NTA1VVH K09E6NFDH4DWXPY8Q9ZF6VD0LAQ1E6IY6AGQC1S4TG095N8NEN3AFOET12."
The first line represents the selections a voter made, with each letter and number combination corresponding to a particular candidate or measure. For example, a vote for the Joe Biden ticket is coded as 3G8 while Donald Trump is 3G9. It is up to voters to decode and match each of alphanumeric values to the actual plain-language choices they made on their ballots.
Michael Sanchez, a spokesman for the registrar's office, said that voters can go online to find a document for decoding their ballot. Sanchez later supplied the crucial direct link via email, which is otherwise difficult to find online.
For voters who are older, disabled, simply not tech-savvy, or just unwilling to take the time, verifying your ballot selections in L.A. County is an incredibly "burdensome process," said Susan Greenhalgh, senior advisor on election security for Free Speech For People, a nonpartisan public interest group. "The person can't look at it and know what it says, they have to jump through all these hoops."
Kim Alexander, president of the nonprofit, nonpartisan California Voter Foundation noted that the difficulty with verifying the older punch-card ballot system is why post-election audits were done in the first place.
"We were using these ballots where people couldn't verify their choices," Alexander said. "Now we've come full circle. We have these QR codes that some tiny population of L.A. County has the wherewithal and ability and smarts to decode and verify (their) ballot. Even if you're able to do that, you're not done decoding the code. You have to then do another round of decoding."
In the world of election security, the use of barcodes and QR codes is generally viewed as problematic by experts
Photo by Markus Winkler on Unsplash
QR Codes Stir Debate
The QR code has made a bit of a comeback to daily life during the pandemic, especially in place of restaurant menus.
But in the world of election security, the use of barcodes and QR codes is generally viewed as problematic by experts who say it inserts a machine — and its own code that's indecipherable to humans — between a voter and their vote. Because the QR code on the ballot cannot be easily verified for its accuracy, computer scientists say it makes them an easier target for hackers.
The county's YouTube video illustrating how to use the new voting machines skips over any explanation of how to check the QR code for accuracy. Instead, the county shows a voter quickly scanning their finger over the lines of plain text reflecting their votes. In reality, the QR code, not the text, is what is actually counted.
"It's really ugly, it is not usable at all," said Eddie Perez, an election administration and technology expert with the nonpartisan, nonprofit OSET Institute, about L.A.'s system. "If you're placing a very high value on accessibility and the idea that every single voter, regardless of their condition or disability, should be able to verify their ballot — if you really believe that, and are going to put $282 million behind those goals, then it's fair to ask: 'Is the process you're leaning on to check your QR code accessible?' I literally don't know [what happens] if someone is blind."
Sanchez, the registrar's office spokesman, said the county's ballot-marking device lets voters who are blind listen to a read-back of their on-screen selections. But that doesn't account for the encoded QR.
QR codes, which are a type of barcode, also have the potential to become legally thorny ground.
"There's an inherent problem with the use of barcodes or QR codes in voting systems because the ballot contains two records of voter intent, and one needs to be established as the legal record of voter intent," Greenhalgh said. "If the human-readable text is the legal vote of record, that means that something other than the legal vote of record is counted. If the QR code is the legal voter of record, that dissolves any pretense (that) this is a voter-verifiable ballot."
How to vote on the NEW Ballot Marking Device www.youtube.com
National Debate Leads to First Ban
Such barcode-based devices also "raise security and verifiability concerns," according to an election-security report released by the National Academies of Sciences, Engineering, and Medicine last year. And the U.S.'s National Institute of Standards and Technology noted that barcodes could result in a voter being presented with different ballot selections than what the machine reads.
"If barcodes are used for tabulation of cast ballots, any modification of a voter's ballot selections may go undetected and impact the election results," NIST wrote.
All of this is especially problematic, experts say, because a recent University of Michigan study on voter behavior found that few voters check or detect errors on their ballots.
The debate over barcodes has figured heavily in battleground states like Georgia, South Carolina, North Carolina and Pennsylvania where they are used by some jurisdictions, but it's received much less scrutiny in California. In September 2019, Colorado became the first state to ban the use of barcodes or QR codes on ballots due to security concerns after using a system similar to California's.
Colorado's Secretary of State Jena Griswold said in a news release at the time that "although voters can see their vote choices, they cannot verify that the QR code is correct" and the QR codes "could be among the next target of an attack and are potentially subject to manipulation."
Griswold said Colorado will stop using machines that use barcodes or QR codes to count votes after 2021. The state has been a national leader in adopting election security best practices, including practices like risk-limiting audits to verify election results.
Auditing to Ensure Voter Confidence
California's Secretary of State Padilla gave L.A. County's voting system conditional certification earlier this month. Among the additional security requirements is that the county must conduct one of two types of audits to ensure the QR codes match the human-readable section of the ballot.
L.A. County has elected to conduct a traditional manual tally of 1% of its votes, which election security experts say is a less comprehensive method for ensuring ballots have been tabulated correctly.
In recent years, so-called risk-limiting audits have been deemed best practice for providing confidence in an election result. California has an ongoing risk-limiting audit pilot program. Such audits rely on statistically-based techniques such as auditing more ballots if the margin in a race is narrow. Looking at a fixed percentage regardless of the margin of victory, however, can lead to missed problems.
Perez called L.A. County's decision to do a 1% fixed audit "cutting a corner, given the fact that L.A. County has claimed to set such a high bar on the voting experience."
Sanchez, the registrar's office spokesman, said he didn't immediately know the reasoning behind the decision to not conduct a risk-limiting audit on the presidential election. The California Secretary of State's Office did not respond to a request for comment.
In a news release touting the certified system this month, Padilla called the VSAP system a "historic milestone in election administration" and said that for in-person voters it will "provide an accessible, secure voting experience."
*This story was updated Thursday afternoon to reflect U.S. officials announcement that Russian hackers targeted dozens of state, local and tribal networks, successfully stealing data from at least two unnamed victim servers.
___
Hit me up if you have any other election and voting-related questions. My DMs are open on Twitter @latams You can also email me at tami(at)dot.la, or ask for my contact on Signal, for more secure and private communications.
- QR Codes Make a Comeback as Restaurants Go Contactless - dot.LA ›
- Why QR Codes Will Make it Harder to Verify LA Votes - dot.LA ›
That is the window I've been dedicated to decreasing.
Photo by Nick Fewings on Unsplash
Mental Health Nonprofits and Their Struggles
When someone gets or makes that call for help in the mental health industry, there are countless directories, resource guides, websites and other attempts to capture both real-time information and basic essential information on resources.
The federal Substance Abuse and Mental Health Services Administration (SAMHSA), estimates that since COVID began, calls to their 800 number hotline have increased 1,000%. Yes, that's one thousand percent.
What do the people answering those calls depend on for their information? A postcard that is mailed out to facilities once a year and (hopefully) mailed back to SAMHSA. That's what they use to update their database. Many great organizations are often not listed or are out of date, duplicated or out of business when they are. Many of the providers I talk to don't remember ever getting that postcard.
They aren't the only government system that attempts to catalog this information. There are so many disparate, disjointed systems, it's impossible to properly inventory all of them. For example, the state of California has invested significantly in a system called the Service and Bed Availability Tool (SBAT). Any substance use disorder program receiving state or federal funding is required to update the system each day at a certain time of day. They need to do this manually, by either calling or by logging in to a portal and updating the information. Each SBAT system is managed separately by each county in the state. The data is not shared. Not with us, not with SAMHSA, and not with any other of the countless systems, databases or hotlines trying to get people help.
Meanwhile, Los Angeles County's homeless authority has their own "real-time bed availability system." The city of Los Angeles, too, dedicates some of their funding (both government and philanthropic) to creating a paper resource directory of available beds.
Non-government funded homeless shelters such as the Union Rescue Mission and recovery houses such as Awakening Recovery that also provide beds, can't be found in any of these systems because they do not receive government funding.
None of these systems are integrated with one another, all require a manual process of counting beds and updating a system, and none of it is anything a clinician in the public can easily or readily access.
How is a person making that midnight call to find someone help supposed to navigate all this? They can't.
It's not just a problem for those trying to solve homelessness. This happens amongst many programs and services across the county — and that same inefficiency, lack of coordination and miscommunication is replicated across the state and country.
Solving the Same Problem Again and Again
Even within this single space within a much larger industry there are nonprofit organizations competing with private enterprises for funding and resources, none of which are truly cooperating with one another. The for-profit, philanthropic and public businesses rarely cooperate. In fact, there are barriers to interact.
A hodgepodge of investors find themselves investing in an industry that desperately needs disruption. Alongside them are philanthropists who donate to nonprofits because they don't want to "make money" off helping the homeless or people with mental illness. Both end up investing deeply in disconnected or uncoordinated ideas.
Many, if not most, recovery residences are still operating using pen-and-paper methods to intake patients, track bed inventory and communicate with one another. At best, some programs use Excel or Google Sheets to communicate, or they pay for overly sophisticated electronic medical record (EMR) systems that are designed for clinical programs tailored for government or insurance billing practices.
Their marketing practices are often word-of-mouth, since programs such as these cannot advertise, even if they could afford to do so, on platforms such as Google, which requires facilities advertising any type of addiction treatment to be certified (which is often too lengthy and costly for non-clinical programs to undergo).
The industry must, by necessity, be more concerned with their daily operations and keeping their organization operating — making sure investors and donors are happy (i.e., beds are filled and patients moving through the program) than on attention to standards and outcomes. Even this is done in a vacuum, with each program focusing on their own goals and protocols, without effectively or efficiently communicating with one another.
What gets lost in all of this is the patient needing services.
The New Models
We see innovation happening on a small scale, at the individual program or regional association levels.
There are nonprofits creating positive cash flow with their donation monies, building a food kitchen, incentivizing and employing people who go through their programs who need employment, coming from vulnerable backgrounds.
Look at Homeboy Industries in Los Angeles, which calls itself "the largest gang rehabilitation and re-entry program in the world." Through their efforts they have created a bakery. Yes, rehabilitating gang members through bread making has turned into an industry of food chains, catering services and partnerships across the country. If you've been through LAX recently you've probably seen one of their restaurants.
These nonprofits are enterprising, opening and expanding business. They're organized as nonprofit hybrids that are breaking down the wall between nonprofit missions and private investment operations. They are partnering with other social enterprises and creating networks across the country and world.
The missing piece: connecting these organizations to one another, and giving professionals such as myself, and the public, access to find out more about them. We need these enterprises and programs connected in a platform that everyone can access.
A Post Pandemic World
What we are creating now is a new formula for success. In a post-pandemic era the need is greater than it's ever been.
The California Consortium of Addiction Programs and Professionals (CCAPP) refers to this phenomenon as the "parallel pandemic," where we will see an increase in addiction overdose deaths and homelessness. "Saving lives endangered by addiction in the era of COVID-19 will take concerted leadership and a cross-systems approach," the consortium wrote in a report to the governor and Legislature.
Prior to the pandemic, Feeding America estimated that 1 in 7 Americans depended on a food pantry for weekly food. That number is only going to rise following the joblessness and homelessness resulting from the pandemic, while the means to locate and provide such services is just as difficult and disconnected as ever from other services and providers. Various nonprofits — again, all functioning and operating independently — and organizations such as Foodpantries.org are providing those services but are disconnected technologically from other search tools and engines.
A social worker would need to know where and how to access these services and provide that information to the individuals receiving services.
Photo by Dimi Katsavaris on Unsplash
Where Do We Go From Here?
We are seeing groups of people and organizations coming together now in new and unique ways. We are working with nonprofit organizations providing services, seeing those services get subsidized by philanthropic dollars, for technology that is backed by private investment dollars. All in the effort to get people off an oval track just going in circles, and onto a road, ultimately preparing them to drive down a superhighway that hasn't been built yet.
There is a nonprofit we are working with (can't mention the name yet), that received significant funding to create a digital resource directory. Rather than using that money to outsource technology developers to create a proprietary tool, we are partnering together, pooling our resources and sharing our technology to create something greater than the sum of our parts. Together, we are doing more than either of us could have done individually. This saves the nonprofit hundreds of thousands (if not millions) of dollars paying for the creation and maintenance of the tools we'll need to work together.
It also allows us to combine our collective intelligence and expertise, and create an even better tool, maintain that tool, and benefit from the collective wisdom of other partners across the country, in other segments, serving different communities.
To realize this vision, we'll need to build new onramps for public, private, and philanthropic partnerships. We need money to pave that way for the impact we want to see. That is exactly what we are working on at GET HELP, with our partners and affiliates.
What we're planning and creating together is a new infrastructure. One that is built by visionary customers, entrepreneurs and the next generation of social impact investors. Amongst these are the next Rockefellers and Carnagies. They didn't build or invent the automobile, but they supplied and fueled the infrastructure that surrounded, supported and sustained it.
We are creating partnerships and affiliate programs with national and statewide associations such as CCAPP and the National Alliance for Recovery Residences (NARR); with "feet on the street" organizations such as Hope through Soap in Atlanta, GA,; and with social-model recovery residence programs such as Awakening Recovery; and large homeless shelters and service providers such as House of Hope and the Weingart Center.
In addition, we are in collaborative conversations with seeming "competitors" in the private sector, where we are focused on the same vision: to raise the industry standards and improve the processes for collecting and sharing data.
It's better for everyone involved, including the ultimate beneficiary who may never know the work we are doing together to get help for them: The person suffering from mental health, addiction or homelessness.
What we — as the entrepreneurs and investors in the healthcare technology industry — are defining is a whole new infrastructure for a much longer journey to empowered recovery.
The question that we face on a daily basis is this: Who are the innovators both within the industry and without who are willing to invest time, effort and money into creating a new system?
Today, we see private automobiles driving on public roads --- those were built by public sector funds, and the public sector provides licensing and regulation. Using those models, we have to think broadly about sources of capital and how philanthropic, public and private companies can contribute to the journey.
Dr. Tony Greco is CEO and Founder of Get Help and a licensed clinical psychologist and author with over 20 years of experience working with addiction and severe mental illness.
- An App For California's Homeless and Those Who Help Them - dot.LA ›
- Pension Funds Could Be Key to Adding Diversity to VCs - dot.LA ›
- Samaritan App Builds a Support Network for LA's Homeless - dot.LA ›
Direct listings are less common than IPOs which rely on investment bankers to underwrite an offering, but companies including Slack Technologies and Spotify have moved forward, betting on their broad brand name recognition, and to avoid incurring extra fees. Under the arrangement, employees and other early investors directly sell their shares upon the company's Wall Street debut.
But, Palantir's direct listing is unique in that it includes a lockup period that prevents employees and legacy investors from selling most of their stock. Analysts say this provides new shareholders the opportunity to participate in the listing without substantial risk of short-term decline in price.
Palantir's software offerings, including Gotham and Foundry, are used by 125 customers across more than 150 countries and in 36 industries. It has touted its government work as "central to defense and intelligence operations in the United States and its allies abroad," according to its Securities and Exchange Commission filing.
Industry analysts expressed concern that the company's overall customer count is low. Palantir Chief Financial Officer David Glazer declined to discuss how many of its clients are government versus enterprise in an interview Wednesday. Though it has increased its focus on the commercial market, Palantir's government portfolio has increased to 54% in the first half of 2020, wrote analyst Rohit Kulkarni, executive director of MKM Partners, in a note.
Glazer said that due to the company's 17-year history, "there's a real moat" that competitors have to overcome to match their software abilities. Glazer said that the company essentially "turned off our growth machine" to build out Foundry.
"You're really going to see us be able to scale" to more customers faster and at lower cost," Glazer said. "No one else is going to be able to do that without a huge amount of resources, huge amount of engineering talent against it, and so I think we have a very strong moat."
Analysts ask: Does it Scale?
Because many of Palantir's largest and legacy customers are governments, Brendan Burke, a senior emerging tech analyst with PitchBook, said the overall low customer count "suggests that the platform has not scaled rapidly across new customers" and that Palantir "earns a relatively small percentage of its revenue from (those) recently won customers." He added that the company "will be challenged to maintain its expected 2020 revenue growth of 42% year-over-year given its reliance on new government contract wins and the long sales cycle of its data integration platform Foundry."
In its filings, Palantir estimates its total addressable market to be roughly $119 billion over both commercial and government sectors. And it has provided its software to commercial industries, including energy, transportation, financial services and healthcare. Burke said he found the addressable market in terms of actual end-user spending for data analytics is in the range of $24 billion, multiple times below Palantir's assessment.
For now, the company remains far from profitable. In its SEC filing, it warned investors that it has "incurred losses each year since its inception" and "may never achieve or maintain profitability."
While the company reported $742.6 million in revenue in 2019, it saw a loss of $579.6 million. Similarly, in 2018, the company recorded a $580 million loss on $595.4 million revenue. So far, in the first half of 2020, Palantir has reported a $164.7 million loss on $481.2 million in revenue.
Palantir, which employs more than 2,390 people globally, said it's in the process of entering new and emerging markets, including its newer foray into COVID-19 response efforts as well as defense, law enforcement, national security, and government agencies.
As of the first half of 2020, it reported its total remaining deal value of contracts awarded by government agencies was $1.2 billion.
Formerly based in Palo Alto, Calif., Palantir co-founder and chief executive Alexander Karp wrote a scathing rejection of Silicon Valley culture in his introduction to the company's S-1 filing, and the company moved its headquarters to Denver, Colorado this summer.
Founded in 2003, Palantir has always been accused of secrecy because of its government-related work, but it does have legit U.S. intelligence roots. The company's only early outside investment came from the Central Intelligence Agency's venture capital arm, In-Q-Tel, which helped develop its software to analyze reams of siloed data. Their tech was particularly well-suited to intelligence agency uses and has been primarily used for counterterrorism as well as law enforcement since its early days. Today it's used by the U.S. military, including the U.S. Special Operations Command, the Centers for Disease Control, the Department of Homeland Security and Securities and Exchange Commission, among others.
The use of its software by DHS has led to accusations that its software is being used by ICE to help it find and deport immigrants under the Trump administration. And the company has seen activists protest outside of its now former Palo Alto offices as a result. Co-founder and billionaire investor Peter Thiel is a prominent supporter of President Donald Trump.
Glazer said "the problem set that our software is deployed against is complex, it's nuanced, and we welcome the internal discussion." He added that "transparency is a great thing for the company" and that by going public "we'll be able to share more over time about our customers" though that will be more difficult for customers in the intelligence and government sector.
Kulkarni, the executive director of MKM Partners, wrote that "Palantir's products look extremely robust and truly 'battle tested'" — its software can be installed on a submarine and a tablet with no internet connectivity, for example — but that it is still early days with direct sales.
In addition to lack of profitability, investment risks include the company's many shareholders — and likely sellers once the lockup period ends after the company announces fourth quarter earnings. Its top three customers make up 33% of its revenue in 2018 and in 2019, those customers made up 28% and had been with the company on average for eight years.
Kulkarni criticized Palantir for providing a "very limited disclosure" even though it has more than 15 years of operating history.
"We found Palantir's S-1 filing fairly light on customer trends, SaaS metrics," Kulkarni wrote. "Also, the company has disclosed only six trailing quarters worth of financials and has not provided any guidance."
Still, Kulkarni wrote that he expected significant investor appetite given the company's "enigmatic" history and ongoing IPO pricing trends. He added that the company would trade at a slight discount to its relative growth rate, given its customer concentration, unclear visibility and customer size.
Palantir's Unconventional Voting Structure
'Transparency is a Great Thing': Secretive Big Data Firm Palantir Goes PublicThe company's voting and governance structure has given many industry analysts pause. Michael Weisbach, the Ralph W. Kurtz finance chair at Ohio State University's Fisher College of Business, said it creates an extra class of stock that gives founders effective control of the company no matter how much stock they actually own.
Such efforts are "the exception but not that rare," and he noted that the Ford family set up a similar structure to ensure their control of Ford Motor company as did Comcast. The variable structure allows the founders to control up to 49.999999% of the total voting power of the stock.
Burke, a senior emerging tech analyst with PitchBook, said that while it's common for founder-led startups to remain controlled by the founder, Palantir has further pushed the envelope with this new share class structure.
"The broader impact is limiting the ability of shareholders to influence the company's strategy," Burke said. "This share class structure prevents common shareholders from making activist decisions for the company's future."
Kulkarni wrote that the structure gives the company's three founders "unilateral voting control over the company in perpetuity."
Burke said this is a continuing trend in the market, especially because there hasn't been significant pushback from investors.
Other concerns include worries about the "growing ethical orientation of investors" that could lead to backlash over Palantir's involvement with government agencies "shown to violate human rights," Burke said. "We haven't seen the company adapt to these concerns yet."
Perhaps to assuage this concern, Palantir pointed to its privacy and civil liberties safeguards, its focus on supporting "Western liberal democracy and its strategic allies" and it also took a stand on the Chinese Communist Party, assuring investors perhaps wary of another ByteDance Ltd.-related debacle that it doesn't work with the party or host its platforms in China because it is "inconsistent with our culture and mission."
*Editor's Note: Spencer Rascoff, the executive chairman and cofounder of dot.LA and Zillow, has been a member of Palantir's board of directors since July 2020 and is also an investor in the company.
___
Do you have a story that needs to be told? My DMs are open on Twitter @latams. You can also email me at tami(at)dot.la, or ask for my Signal.