Jack Young of Rehoboth Beach to speak at Paris conference June 8

Attorney Jack Young of Rehoboth Beach will speak at a major international conference Friday, June 8, in Paris. He will discuss cybersecurity and protecting voting infrastructure from intentional interference.

The conference is being convened by the American Bar Association to celebrate the 70th anniversary of the signing of the Universal Declaration on Human Rights. Young is the former chair of the ABA Standing Committee on Election Law, a former special counsel to the Democratic National Committee, and was portrayed in the "Recount" movie about the 2000 presidential election vote recount in Florida. He is also an adjunct professor at William and Mary Law School, on international and comparative election law and voting rights litigation. He was named the Election Law Educator of the Year in 2017.

Young said, "Attempted foreign interference in the 2016 U.S. elections has turned attention to the vulnerability of our elections and democratic system." Since the 2000 Florida election, there has been an increased focus on the American system of maintaining registration records, and on the machines used to record and tally the vote. Young said, "What is new is the widespread public concern that cyberattacks directed by foreign governments, particularly Russia, when combined with sophisticated media efforts, can potentially disrupt democratic elections."

He added, "Electoral systems must be subject to strict standards for protecting all personal information collected by the government. Electoral management agencies must ascertain system weaknesses, vulnerability to security breaches and attacks on a rigorous and regular basis. It is important that election registration systems should be treated as critical infrastructure supported by federal, state and local governments." Young proposed a series of standards to help protect voter registration systems, voting records and results.

In Delaware, and in the rest of the country, voter registration systems are government records involving personal identifiable information, with the exception that the information as to who is on the registered voter list is made public to political parties and others involved in the electoral process. There have been no known or acknowledged cyber election attacks in Delaware.

The traditional approach has been to focus on election fraud in which corrupt actors attempt to rig an election through corrupt voting (e.g. multiple voting) or attempt to change the vote count. Generally, electoral officials have been able to detect and prevent both types of electoral mischief.

The new threat is to the systems themselves in which attacks on the infrastructure can cause large-scale election failure. These attacks include denial-of-service attacks, identity spoofing, and password-based attacks; stolen database backups; compromised key attacks; sniffer attacks; application layer attacks; and similar attacks on the electoral electronic equipment.