I've been taking a look at this for a while…time to share as I don't have time to do a proper dig.
This fits exactly with what Professor Eastman was just saying this morning. The states give the info for voter rolls, the system has access to who voted and who hasn't and can therefore adjust the vote accordingly.
https://ericstates.org/
https://ericstates.org/statistics/
ERIC: Technology and Security Overview
The Electronic Registration Information Center (ERIC) is a non-profit membership organization whose mission is
to help state and local election officials improve the accuracy of their voter rolls, register more eligible citizens
to vote, reduce costs, and improve the voting process. Formed in 2012, ERIC provides sophisticated data
matching services to members in order to improve their ability to identify inaccurate and out-of-date voter
registration records, as well as likely eligible, but unregistered residents. Members can then contact voters, in
compliance with federal and state regulations, to encourage individuals to register or update their existing
registration. ERIC is owned, governed, and funded by the member jurisdictions.
Privacy and Technology Advisory Board
ERIC is dedicated to the security and protection of the data in its care. The ERIC Board of Directors appointed a
Privacy and Technology Advisory Board, comprised of experts in the field of data security and encryption, to
review security protections and provide advice. This board reviews ERIC’s technical and governance systems and
makes recommendations related to security practices. As of March 2018, the Advisory Board members are:
• Joseph Lorenzo Hall, Chief Technologist at the Center for Democracy and Technology,
https://cdt.org/staff/joseph-lorenzo-hall/
• Jeff Jonas, Senzing Founder and Chief Scientist, https://senzing.com/jeff-jonas-bio/.
• Glenn Newkirk, President of InfoSENTRY Services, Inc., http://www.infosentry.com/
• Rebecca Wright, Professor of Computer Science at Rutgers University and Director of the Center for
Discrete Mathematics and Theoretical Computer Science (DIMACS),
http://www.cs.rutgers.edu/~rebecca.wright
Information Security Management Approach
Information security management, corporate transparency, and oversight are core principles for ERIC. In support
of these principles, ERIC employs risk management and information security management techniques that align
with industry guidelines published by national and international information security management
organizations. To aid in this effort, ERIC added an Information Security and Business Continuity Consultant to
staff in 2017. ERIC practices include, but are not limited to:
-
Building a culture of continuous review and improvement
-
Using standards-based risk assessment and risk management practices
-
Performing routine internal and external audits of risk profiles and security management policies,
operations, and procedures
-
Providing governing board members with scheduled security updates and reviews, consistent with
standard corporate transparency guidelines for governance and oversight
-
Requiring members to follow stringent information security commitments via ERIC’s by-laws and
membership agreement
-
Requiring that its data center vendor provide documentation of an annual security assessment by an
independent third party to ensure that their security aligns with industry-accepted standards.
ERIC Operations
As a practical matter, ERIC does not publicly discuss specific security measures. All procedures and software are
routinely reexamined during internal risk assessments and security reviews, evaluated by the Privacy and
Technology Advisory Board, and addressed in external auditing processes.
Participating as a member in ERIC involves three major steps: preparing and protecting voter registration and
license/identification data, securely transmitting data to ERIC, and securely accessing reports. ERIC employs a
full-time Systems Engineer and Technical Liaison to guide members through these processes.