Voter Machine Privacy Issue Won't Impact MN Elections: Steve Simon

ST. PAUL, MN — A potential voter machine vulnerability related to privacy won't impact Minnesota's elections on Tuesday, according to Secretary of State Steve Simon.

On Oct. 14, researchers from the University of Michigan and Auburn University detailed a data privacy vulnerability created by Dominion ImageCast Precinct machines.

The issue is not related to the machine's ability to accurately count votes, but the vulnerability could make it possible to determine how specific individuals voted, the research found.

The vulnerable voter machines are used in six Minnesota counties, according to Simon.

"This vulnerability does not concern the way votes are recorded or election results reported," Simon said on the day the research was published.

"Instead, the vulnerability involves how files are named in cast vote records. Without taking mitigating steps, the current naming convention could potentially be used to identify how a person voted. At this time, the Minnesota counties that use the impacted machines have not used the cast vote record feature. If a county decides to use the cast vote record feature, a fix is available to prevent ballot identification. The Office of the Minnesota Secretary of State is working directly with the counties that use the impacted machines to ensure they are aware of the vulnerability and mitigation measures."

The researchers found that jurisdictions in 11 states published "vulnerable data" in recent elections; Alaska, Arizona, California, Georgia, Iowa, Michigan, New Jersey, New Mexico, Ohio, Tennessee, and Wisconsin.

"Many jurisdictions publish data from individual voted ballots, such as cast-vote records (the votes from each ballot) or ballot images (scans of each ballot)," the report states.

"This data is usually supposed to be randomly shuffled, to protect voters’ privacy. The DVSorder vulnerability makes it possible to unshuffle the ballots and learn the order they were cast. This sometimes makes it possible to determine how specific individuals voted."

Following the 2020 elections, Dominion voter machines were the target of baseless conspiracy theories.

Mike Lindell, the CEO of Minnesota-based MyPillow, was hit with a $1.3 billion defamation lawsuit from Dominion Voting Systems in February after Lindell repeatedly pushed claims — with no evidence — that the company's voting systems were rigged against Donald Trump.

Lindell was at the White House in the days after the Jan. 6, 2021 attack on the United States Capitol.

A photo of his notes captured by the Washington Post indicates he discussed the idea of declaring "martial law if necessary" with Trump.