Georgia secretary of state receives cease-and-desist for voter un-registration web form
The nonprofit Lawyers’ Committee for Civil Rights Under Law this week issued a cease-and-desist order to the Georgia secretary of state’s office, demanding it stop operating a new web form that allows users to cancel voter registrations.
The notice, dated Tuesday, follows widespread media reports of flaws in the new web form hosted on the website of Georgia Secretary of State Brad Raffensperger.
The cease-and-desist — signed by Ezra Rosenberg, co-director of the Voting Rights Project, and drafted on behalf of the Georgia State Conference of the NAACP and the Georgia Coalition for the People’s Agenda, an Atlanta civil rights nonprofit — claims the web form violates the National Voter Registration Act of 1993, and cites numerous flaws in the form’s design and administration.
The group demands Raffensperger’s office disable the web form and stop processing voter registration cancellations gathered so far. The order gives the secretary of state’s office 20 days to comply before ““the Georgia NAACP and GCPA, their respective members, and other persons and organizations similarly situated, reserve all of their rights to take any and all appropriate action in response.”
When the web form was announced on July 29, Raffensperger said it was intended to help reduce clerical errors and keep voter rolls updated as residents die or move out of state. In a press release, Raffensperger said the web form serves as a “convenient” alternative to the state’s outdated postcard system for canceling voter registration, which relies on “an increasingly inefficient postal system.”
Raffensperger’s office did not respond to requests for comment Thursday.
Researchers noticed flaws immediately after the form’s launch, including one that allowed users to cancel voter registrations using only three pieces of publicly available information: name, date of birth and county of residence. Raffensperger’s office confirmed that users have misused the form since its launch, including by attempting to cancel voter registrations for Rep. Marjorie Taylor Green and Raffensperger himself, ProPublica reported.
Other flaws exposed voters’ personal information, including driver’s license numbers and the last four digits of Social Security numbers. Some of the flaws remained unfixed for as long as two days, according to the cease-and-desist order.
The order raises a litany of additional concerns with the web form, including its omission of several features. The order points out the form’s failure to request that users affirmatively state they are seeking to request cancellation of their own voting registrations. And although the form requires users to check boxes confirming that the information provided is accurate, completing the form does not require a signature.
The order also points out that when users cancel voter registrations because they are moving, the form does not provide an opportunity for them to enter forwarding addresses, nor does it inform users of the fact that they may remain eligible to vote in Georgia if their moves are temporary, nor does it note that they may be eligible to receive absentee ballots under various conditions.
The group also raises concerns with claims made by Raffensperger’s office, upon the form’s announcement, that the state will provide attorneys and realtors involved in the registration cancellation process with special access to the website.
“The Press Release does not explain how these third parties would be able to access the secure site or how closing attorneys and realtors would make voter registration cancellation part of the moving process,” the order reads.
The order cites recent compromises of Georgia voter data as justification for the demand that the state cease operating the form. In 2015, the Georgia secretary of state’s office accidentally sent the personal information of six million voters to 12 recipients that were not authorized to receive that information. Recipients included press outlets and partisan organizations.
“The Portal is vulnerable to misuse by unauthorized persons who could potentially use the exact data required to complete the Portal’s electronic voter cancellation form to cancel a duly registered voter’s registration for nefarious reasons,” the order reads.