Skip to main content
Factsheets

Secure Electronic Data Transfer

By October 21, 2021No Comments

Summary

Automatic Voter Registration (AVR) is a technological modernization to the current voter registration process at agencies required to offer voter registration opportunities under the National Voter Registration Act (NVRA). AVR is a common-sense reform that makes voter registration more efficient, improves the accuracy of voter registration data by reducing human error, saves time for customers at agencies, and can save money for agencies that register voters. AVR is a modern system that supports the shift from paper processes to electronic processes between agencies to properly register or update voters.

This guide outlines what information is needed in order to effectively and securely register an individual to vote automatically, how to design a system that securely transfers data between agencies, and evaluation questions to employ to measure success.

Important Terminology:

NVRA/“Motor Voter” (Federal Law): Customers at motor vehicle agencies (Section 5) and state health and social services agencies (Section 7) are offered the opportunity to register to vote under the NVRA. Any Section 7 agency covered under the NVRA must offer voter registration via paper methods, but there is an opportunity for many of these agencies to implement automatic voter registration depending on the data that they collect during agency interactions. NVRA systems may be implemented utilizing paper forms or through digital interfaces and secure electronic data transfer.

Automatic Voter Registration (State Laws): Eligible voters interacting with applicable state agencies are registered to vote unless they choose to opt-out. Mechanisms to assess eligibility of voters and allow voters to opt-out vary significantly from state-to-state. While there continues to be paper-based interactions in many AVR systems, nearly all rely on secure electronic data transfer.

Personally Identifiable Information (PII): Information about an individual that is maintained by an agency. This information is used to determine a person’s identity, and needs to be properly secured to prevent identity theft or other privacy violations.

Key Topics in this Guide:

  • Information Needed to Securely Register an Individual to Vote
  • Designing a System that Securely Transfers Data
  • Evaluation Methods for Success

Information Needed to Securely Register an Individual to Vote

In many agencies, the same information that is needed to register an individual to vote is collected during a typical transaction. AVR streamlines the process for an individual to register or update their registration with the information that they have already provided an agency, which is transferred to an elections office. This prevents individuals from having to fill out multiple iterations of the same information on different paper forms.

Data gathered at agencies that is also used for voter registration:

  • Full Legal Name
  • Residential Address
  • Date of Birth
  • Citizenship
  • Social Security Number – Last Four Digits
  • Signature
  • Political Party Affiliation (some states)

Typical Paper Data Path for Voter Registration:

  • Individual has a transaction with the Motor Vehicles office, Medicaid office or another approved Section 7 agency
  • Individual fills out an additional voter registration form at the agency, which is collected and mailed to the state elections office
  • State elections office staff manually data enter voter registration forms, and individuals are registered to vote unless forms are incomplete.
  • Individual is sent a notification by mail that they have been registered to vote.

This system is prone to human errors that can jeopardize information and prevent proper registration. It is necessary to take the steps necessary that will protect the confidential information that is now being collected electronically to maintain the integrity of the new system and allow voters to feel confident in the new system.

Designing a System that Securely Transfers Data

The data that is used in an agency transaction, and therefore in an AVR transfer, is Personally Identifiable Information (PII) which is the information about an individual that is maintained by an agency. This information can be used to determine a person’s identity, and therefore needs to be properly secured by law. Confidentiality rules vary across agencies. DMVs often classify names and addresses as PII while election agencies generally classify names and addresses as public records. Be aware of these differences when designing the new system.

Secure data transfer systems accomplish two goals. First, they ensure that all relevant voter data is accurately and securely transferred from a source agency to the elections office. Second, they protect all PII from data breaches during the transfer. To establish secure data transfer, administrators should consider the following items:

  • Encryption is key to secure data transfer. Data should be encrypted both while it is stored and while it is transferred to prevent data being stolen in the case of a breach. Most agencies have either the transportation or storage encrypted, so it is important to circle back to make sure the data is encrypted in both places.
  • A Virtual Private Network (VPN) is the infrastructure that transfers data across a public or shared network. A VPN serves as a private tunnel that exchanges data securely and anonymously across the internet, similarly to being connected directly to a private network.
  • The timing and amounts of information to be transferred have significant implications for securing data. Real-time data transfer works better with small batches of data. Real-time transfers offer some advantages but may be more difficult to develop and monitor for errors. Scheduled data transfers work best with larger batches of data, which can be done on a daily or weekly schedule. Scheduled transfers are obviously slower than real-time transfers but may be easier to implement and allow for improved monitoring to prevent errors. Regardless, the timing and methodology must be coordinated by the sending and receiving agencies to avoid any issues.

Secure Data Path with AVR:

  • Individual has a transaction at the Motor Vehicles office, Medicaid office or another approved Section 7 agency
  • Data is collected during the transaction and relevant voter registration information is sent electronically to the state elections office. This electronic transfer is encrypted during transport and storage to secure the information.
  • Data arrives at a state elections agency and is assessed to determine eligibility.
  • Filtered information is added to a voter registration database and categorized under pending application
  • Applications are reviewed at the local elections office and are approved or rejected
  • Individual is sent a notification by mail that they will be registered to vote (with an opt-out option)

Potential Issues to Avoid:

There are potential issues that can arise while developing secure data transfer systems. It is important to identify and address these issues to ensure the process is smooth.

  • Formatting issues on addresses and birthdates between agencies (ex. ‘mm/dd/yy’ instead of ‘mm/dd/yyyy; or ‘123 Main St Apt 1’ instead of ‘123 Main Street #1’)
  • Timing issues of data transfer are important to sort out between agencies. There should be a clear schedule of when data is being transferred to the other agency.
  • Quality of signature capture , as not all signatures may be legible.
  • Building new relationships between agencies. This work needs to happen early with agencies that haven’t worked together before to ensure everything goes smoothly once the implementation goes live.
  • Ensuring systems used between agencies are compatible . This means that the systems are updated and formats are the same to make data transfer smoother.
  • Ensuring uniformity in definitions & data filters. Keep communication between the agencies to troubleshoot filtering differences and make the filtered data compatible with both systems.
  • Sufficient testing. Conduct adequate testing of the new system before going live to troubleshoot all problems and solve them in a timely manner.

Evaluation Questions for Success

Measuring success is important in order to understand the real impact of the new system. Ask these questions to determine if the new system succeeded in delivering the outcomes that are desired from a secure data transfer system.

  • Are there time and workload savings for election officials?
  • Are there reductions in permanent or temporary personnel devoted to voter registration?
  • Is there a reduction in paper usage?
  • Are there time and workload savings for the originating agency?
  • Is the elections office receiving the same number of records as are being sent by the originating agency?
  • Are duplicate records with different data formats being caught?
  • Are the VPN and encryption systems working?

Once these questions are answered satisfactorily, the system is ready to go live and administrators can feel confident that the data is being transferred securely and accurately.

Conclusion

As outlined in this guide, information that is needed to effectively and securely register an individual to vote is information that is already collected from individuals at the motor vehicles office or the medicaid office. This information can be securely collected to automatically register more individuals to vote. Creating this new technology upgrade sets up new and exciting opportunities, but must be designed to secure the data that is captured electronically. It is important to design the system to securely transfer and store the data between agencies. This guide also outlines potential issues to plan for and evaluation questions to measure the success of the new system.

 

Download Fact Sheet Here

Alabama

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida. Risus commodo viverra maecenas accumsan lacus vel facilisis. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida. Risus commodo viverra maecenas accumsan lacus vel facilisis.

Alaska

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida. Risus commodo viverra maecenas accumsan lacus vel facilisis. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida. Risus commodo viverra maecenas accumsan lacus vel facilisis.