Legislature(2021 - 2022)BUTROVICH 205
03/16/2021 03:30 PM Senate STATE AFFAIRS
Note: the audio ![]()
and video ![]()
recordings are distinct records and are obtained from different sources. As such there may be key differences between the two. The audio recordings are captured by our records offices as the official record of the meeting and will have more accurate timestamps. Use the icons to switch between them.
| Audio | Topic |
|---|---|
| Start | |
| SB95 | |
| SB66 | |
| SB39 | |
| Adjourn |
* first hearing in first committee of referral
+ teleconferenced
= bill was previously heard/scheduled
+ teleconferenced
= bill was previously heard/scheduled
| *+ | SB 95 | TELECONFERENCED | |
| *+ | SB 66 | TELECONFERENCED | |
| += | SB 39 | TELECONFERENCED | |
| + | TELECONFERENCED | ||
SB 39-BALLOT CUSTODY/TAMPERING; VOTER REG; MAIL
4:07:51 PM
CHAIR SHOWER announced the consideration of SENATE BILL NO. 39
"An Act relating to elections; relating to voter registration;
relating to ballots and a system of tracking and accounting for
ballots; establishing an election offense hotline; designating
as a class A misdemeanor the collection of ballots from other
voters; designating as a class C felony the intentional opening
or tampering with a sealed ballot, certificate, or package of
ballots without authorization from the director of the division
of elections; and providing for an effective date."
[SB 39 was heard previously on 1/28/21, 2/2/21, 2/11/21,
2/16/21, and 2/25/21. This is the 6th hearing on the bill.]
SENATOR SHOWER said he was awaiting a proposed committee
substitute for SB 39 from Legal Services. The committee is
considering ballot election concerns regarding data security,
chain of custody, voter validation, and ballot authentication in
the bill. These issues are especially important when there are
significant numbers of mail-in and absentee ballots. He said,
"I've tried to make clear to folks we're not opposed to those
things specifically; we're trying to make sure that they are
secure when we use them. So, we're not trying to prevent them."
SENATOR SHOWER remarked that the Division of Elections
previously testified that currently there is no chain of custody
for tracking from the time ballots are mailed out to when they
are returned to the division. In fact, voters must call the
division to find out if their ballots were received, he said.
SENATOR SHOWER reported that the [Alaska Supreme Court ruled in
October 2020 Arctic Village Council et al v. Meyer et al.] that
Alaskans voting by mail are not required to have witnesses sign
their absentee ballots. [The October 12, 2020 decision upheld
the lower court ruling that the requirement "impermissibly
burdens the right to vote" during the pandemic].
4:09:35 PM
SENATOR SHOWER said he introduced SB 39 as a means to improve
the integrity of Alaska's election system and restore people's
faith. He invited Chris Miller, Oracle NetSuite, to help the
committee and public understand election technology.
4:10:13 PM
CHRIS MILLER, CPA; Distinguished Solution Specialist, Oracle
NetSuite, Lehi, Utah, presented a PowerPoint on Modern
Technology Applications for Voter Security & Trust. He stated
that his role at Oracle has three functions: accounting,
internal controls, and developing new products, but his primary
role is finding solutions to problems.
4:10:52 PM
MR. MILLER stated that his PowerPoint would focus on
technological changes that may provide applications and
advantages for the state to make changes to Alaska's voting
process.
4:12:16 PM
MR. MILLER reviewed slides 3 and 4 by making disclosure
statements. He said he is not making promises on behalf of
Oracle, addressing the committee as an official Oracle
representative, or looking to sell anything. He stated his
intent is to inform committee members on software technology
that is available. He clarified that he was speaking from
Oracle's perspective, but companies such as Microsoft and Amazon
Web Services (AWS) also offer good cloud products.
MR. MILLER turned to slide 5, What Voters of Alaska Deserve,
which highlighted Domino's tracking system to illustrate an
effective system that could be used to track ballots. For
example, when people order Domino's pizza online, the company
uses a "pizza tracker" system to verify the pizza ordered, when
the pizza was being prepared, and when the pizza was out for
delivery. He said his PowerPoint would outline the equivalent of
using a system similar to the "pizza tracker" to track ballots
and votes.
MR. MILLER highlighted Stephen Covey's [The 7 Habits of Highly
Effective People] relating fundamental questions that arise when
changes are made:
• Why do we need to make a change?
• What do we need to change?
• How do we make a change?
4:14:39 PM
MR. MILLER reviewed his agenda items on slide 7. He offered to
focus on what needs to change in a voting system and how to
implement these changes. The text inside the graphics' bubbles
on the slide read:
Key voting issues for Consideration
Technology Building Blocks
What Might a System Look Like?
Q&A Session
4:14:34 PM
MR. MILLER reviewed what is necessary to create voter
confidence: "The How, What, and Why" by reading the text in the
bubbles on slide 8:
Security - Freedom from Outside Interference
Auditability - Transparent and Accurate Results
Accessibility - Reduce Voter Friction
Voter Confidence
One Voter
One Vote
MR. MILLER discussed what creates voter confidence for voter
security, auditability and accessibility. He emphasized the
necessity to "reduce friction" in a transaction to attain
accessibility. He stated his intent to demonstrate how to use
technology to reduce friction for voters, not to make the
barriers harder, but to maintain the integrity of the system.
4:15:25 PM
MR. MILLER referenced a quote from Thomas Jefferson on slide 9,
which emphasizes the goal to strive to have as many people as
possible participate in the voting process. It read:
We do not have government by the majority. We have
government by the majority who participate.
MR. MILLER reviewed five technologies listed on slide 10:
Cloud Infrastructure/Economics
Multi Factor Authentication
Blockchain Ledger
Tokenization
Digital Wallet
MR. MILLER said he would explain each how each technology can
provide auditability/transparency, security, and accessibility.
4:16:28 PM
MR. MILLER discussed "Cloud Infrastructure" and the "Oracle
Cloud Infrastructure Global Footprint" on slides 11-12. He said
he would focus on Cloud infrastructure in the US and not on
Oracle's worldwide scope. In the US, Oracle has created
government zone cloud infrastructure warehouses that are FedRAMP
[Federal Risk and Authorization Management Program] certified.
Data remains in the United States in Phoenix, Chicago, and
Ashburn. Another cloud warehouse is planned for San Jose, he
said. He reported that all countries in the European Union (EU),
Canada and China require their data to remain within their
borders. Keeping data within borders represents a fundamental
core security requirement for businesses to better protect their
data and to prevent hackers from accessing it.
MR. MILLER reviewed Oracle's security measures in the Cloud on
slide 13. He explained three areas for security measures Oracle
has developed, including Zero Trust Architecture, Maximum
Security Zones and its Oracle database. First, Oracle has a
"Zero Trust Architecture." This means Oracle employees cannot
see their customers' data and their customers cannot access
Oracle's programming code. This prevents people from having
access to manipulate Oracle's code. Second, Oracle uses
preconfigured mandatory security best practices for critical
reduction workloads, which helps eliminate customer
misconfiguration. These best practices help ensure that people
do not accidentally make mistakes. Finally, Oracle's database
uses "Data Safe and OS Security."
4:18:51 PM
MR. MILLER described the technical, layered protections Oracle
uses to provide stronger isolation and control from "core to
edge" of its database. He directed attention to an image on
slide 15 that illustrated Oracle's layered control to manage
data stored in the Cloud. This included a protection structure
under edge services, monitoring, virtual network, and
data/database headings. First, he described the internet edge as
similar to castle walls. At that point, security includes denial
of service and DNS (Domain Name System) protections against
security attacks. Monitoring and logging, the next layer,
protect against access to data. He emphasized the importance of
keeping informational ledgers and identification ledgers for
voting systems. The voting ledger will identify how ballots were
cast and the identification ledger would list authorized voters
who have not yet voted, he said. These layered controls could
provide complete confidence in the overall identity security, he
said.
4:20:06 PM
MR. MILLER reviewed the Oracle Data Management platform scale or
the data processed. Alaska may have up to 750,000 voters voting
in one day. However, Oracle and other major cloud providers can
process 43 billion API [Application Programming Interface] calls
per day in real time. Further, Oracle can also increase its
2,200 computer servers by 750 more within 12 minutes. This means
Oracle is elastic and could handle a massive Election Day spike
that cannot crash, he said.
4:21:08 PM
MR. MILLER highlighted the Oracle Cloud Infrastructure (OCI)
compliance and audit programs typically used in global,
government, industry, and regional categories as shown on slide
16. First, FedRAMP federal cybersecurity standards provide the
highest security standards, used by federal intelligence
agencies. Amazon's JEDI (Joint Enterprise Defense
Infrastructure) Cloud is being built to these standards, he
said. The slide listed several audit programs used globally.
Audit programs are important because they confirm data has been
protected from hackers. Since costs are spread out among users,
these programs provide a cost-effective means to receive world-
class security at a reasonable cost. He offered his belief that
data maintained in infrastructure warehouses, such as Oracle's
firewall are as secure as Fort Knox.
4:23:17 PM
MR. MILLER briefly reviewed multifactor authentication. He
directed attention to the images for Target or Fortnite 2FA
shown on slide 16. Many companies do not rely solely on customer
passwords for authentication. Instead, these companies send a
code via the customer's text or email on file to authenticate
his/her identity.
4:24:48 PM
MR. MILLER identified the types of factors for multifactor
verification, including knowledge, possession, inherence,
location, and time. He said knowledge refers to a person
entering a password to log in. Possession means the person
receives a cell phone text to authorize a log in. Inherence
refers to the person using something inherent to an individual,
such as a fingerprint, to verify their identity. Location means
tracking the internet protocol (IP) address to confirm a
person's location, such as an authorized computer in a voting
booth. Time would limit verification within prescribed
timeframes, such as voting hours, he said.
4:25:47 PM
MR. MILLER identified two applications for multifactor
verification related to voting: Election Database with Sensitive
Information and Voter Identity Broker. Since the election
database has sensitive information, voter identification
requires authentication and tracking. However, it is important
to allow authorized people to have access to information without
providing them with the ability to compromise the data. This can
be done by ensuring proper segregation of duties to limit who
can access data to prevent unauthorized access.
MR. MILLER reviewed the current process most polls use. Voters
provide identification at the polling place. Election workers
find the person in a printout of registered voters for the
precinct and the voters sign the registered voters' log. He
suggested using technology to create a voter identity broker
system. Voters would upload their photo identification and
authenticate it by using a multifactor process via cellphone or
email. This would provide a means to guarantee identification,
reduce fraud, and rely on an electronic system.
4:27:25 PM
CHAIR SHOWER asked if China and Russia allows Oracle to use US
servers to control information during their elections.
MR. MILLER answered no; neither country allows citizen or
business data to cross their borders. While Oracle conducts
substantial business in China, its data centers are solely
located in China. The European Union (EU) has a similar data
governance policy, he said.
CHAIR SHOWER recalled that Alaska experienced two data breaches.
In 2019, the Permanent Fund Division experienced a data breach
and in 2020, the Division of Elections had a data breach. He
asked how the types of systems he was discussing would prevent
future data breaches.
4:29:42 PM
MR. MILLER answered by directing attention to the diagram on
slide 14 that illustrates the protective layers the state could
implement, such as two-factor authentication and segregation of
duties. For example, two-source authentication will limit access
by unauthorized people such as hackers from impersonating
someone in an attempt to access personal data. Implementing
segregation of duties could prevent employees from inappropriate
access to data by limiting their access while allowing them
enough access to do their jobs. Once segregation of duties is
established, it would take collusion by multiple parties to hack
the system, he said.
4:33:27 PM
CHAIR SHOWER asked how Alaska could incorporate a multifactor
authentication process for mail-in or absentee voting without
creating obstacles for voters. He stated his intent to ensure
that eligible voters can easily vote while maintaining a secure
voting system.
MR. MILLER responded he would discuss other technologies that
can help do so later in the presentation.
MR. MILLER turned to slides 20-21, Oracle Blockchain Platform.
He highlighted that blockchain technology has real world
applications beyond cryptocurrency. For example, Walmart
currently uses blockchain technology to track crops from the
point of harvest through the packinghouse, transporter,
exporter, processor, and distributor to Walmart stores.
Blockchain technology can provide the ultimate chain of custody
to track contaminated produce. This analysis can be done in a
matter of seconds since each transaction in the distribution
process is tracked.
4:37:00 PM
MR. MILLER referenced slide 22, Technology Challenges. He
reviewed slide 23, Characteristics of Blockchain Technology.
Blockchain technology is tamper-proof, shared and transparent,
consensus based, and provides security and privacy. Corporations
and major banks use blockchain technology because it creates a
sense of trust. All parties can see both sides of the
transaction history, he said. He characterized blockchain
technology as providing a single source of truth. Blockchain
technology creates a digital ledger that records information and
tracks products or transactions each step of the way.
MR. MILLER explained how Blockchain technology could be used in
the context of voting. Voters would have the ability to confirm
their votes via a blockchain by accessing their private
accounts. This can provide voters with assurance that their vote
was processed and counted. In addition, blockchain technology
allows votes to be stored in essentially a digital public
ledger. Blockchain technology allows for quick tabulation and
data analysis, or data mining, to quickly identify any
inconsistencies or discrepancies. Since Blockchain technology
allows for incredibly fast calculations, it could count all
votes during an election in a few hours. If early or absentee
ballots are counted ahead of time, the processing time would be
even less. This automated and transparent process could
ultimately eliminate substantial manual labor and paperwork.
While blockchain technology could eventually allow all-digital
records, current discussions surround how to use this technology
to manage paper ballots.
4:39:47 PM
MR. MILLER explained how Blockchain technology works by
reviewing blockchain characteristics on slide 24. This slide
depicted two flowcharts to illustrate how users would access the
ledger and the bank would hold the primary or "golden record".
Currently, banks maintain their ledgers and customers receive
account statements, which consist of their own ledgers. A bank
considers its records as the source of truth and correctness.
When customers discover an error, they must convince the bank
that a problem exists based on their own research.
MR. MILLER explained that blockchain data distribution has one
ledger and all nodes have some level of access to it. This means
that no one person or server can access the entire ledger. Node
replication makes using blockchain very fraud resistant. In
fact, someone would have to change over 51 percent of the entire
distribution nodes simultaneously to commit fraud or change
data. The source of a potential discrepancy arises when a single
node appears different from the rest of the nodes, which
pinpoints where to investigate.
MR. MILLER noted that accountants and financial professionals
characterize a blockchain as double-entry accounting that has
evolved to triple-entry accounting. Entities can use double-
entry accounting but a blockchain essentially stamps it. If any
discrepancy or disagreement arises, the blockchain ledger shows
how and when the transaction occurred.
MR. MILLER offered his view that the State of Alaska could use
blockchain technology for production data and severance taxes,
with the blockchain ledger essentially becoming a public ledger.
The state could also track division orders and payments and
create an immutable chain of custody for recording land-lease
deeds. In terms of voting, a blockchain would create blocks that
show the specifics of the vote tally. He said this provides
auditability.
4:43:21 PM
MR. MILLER described permissioned and permissionless blockchain
shown on slide 25. In permissioned blockchain, members are
invited to join the network. Since parties are known in advance,
it provides a more secure model. In a permissionless blockchain,
or public blockchain, anyone on the internet may join and have
access to the ledger information. It is less secure and offers
less governance since the parties are not known in advance.
Blockchain and Ethereum use permissionless blockchain, he said.
4:44:08 PM
MR. MILLER suggested that to create confidence, a voting system
would use a permissioned blockchain network. The system would
permit authenticated voters to join, receive their ballots, and
vote at authorized times in specific elections. He explained
that these permissions would provide confidence in the election.
MR. MILLER highlighted using a token, such as a QR code [Quick
Response] in the voting process. Each vote could be traced in
the blockchain record, but it would still protect voter
identity. Analytical capabilities are available immediately with
blockchain technology, including tabulating voting outcomes by
location or district.
4:46:29 PM
MR. MILLER turned to slide 26, which described when to use
database blockchain tables. He said blockchain tables can be
used when there is no trust between people but the parties
partially trust a neutral service provider. Blockchain tables
act as a registrar and maintain the chain of custody. The
advantage of using Oracle or AWS managed permission processes is
that Oracle stands behind their process.
4:47:44 PM
SENATOR HOLLAND asked if any state currently uses blockchain
technology to ensure voter integrity.
MR. MILLER replied that Utah allowed a limited blockchain voting
system primarily for overseas military ballots but there has not
been statewide use.
MR. MILLER recalled that the Republican and Democratic
Conventions used blockchain technology but it was limited to
internal nomination voting. In addition, several other countries
such as Russia and India used blockchain technology for their
election security and a few others are considering it. He
maintained that every major company is looking for ways to use
blockchain technology. "We are at the beginning," he said.
SENATOR REINBOLD thanked him for the presentation.
CHAIR SHOWER asked if individual states should develop their own
voting systems using blockchain technology or if states should
use an outside server. He expressed concern that Alaska's
Division of Elections might not be able to take on such a large
task.
MR. MILLER replied that Microsoft Assure, Oracle Cloud
Infrastructure (OCI), and AWS are three vendors with excellent
security and similar capabilities and skills to provide a
service far better than the state could achieve on its own.
Almost every major technological application is on the Cloud and
very few companies try to do this on their own. For example,
Zoom runs on Oracle Cloud Infrastructure, he said. He offered
his belief that the outsourcing cost-benefit ratio makes sense
because companies provide expertise and cost certainty. He said
if he had a startup, he would only consider using Oracle, AWS,
or Microsoft.
CHAIR SHOWER highlighted that cost is always an issue for the
legislature. He related that the committee was focused on how to
create a good voting system in a cost efficient way while still
providing the necessary level of service and security. He said
the legislature often struggles with whether to contract
services out or try to do it in-house. Based on the foregoing
information, he surmised that the state lacks the expertise to
do this on its own.
4:54:47 PM
CHAIR SHOWER highlighted some issues, including how to introduce
transparency in vote tracking while ensuring voter identity
remains secret. He recalled that when voters fax their ballots,
the state's website cautions that someone might see their
ballot. He asked Mr. Miller how voter transparency and tracking
would work while maintaining anonymity through the process.
MR. MILLER, in response, turned to slides 27-30, related to
anonymity. The key to anonymity is tokenization, he said. For
example, when someone buys goods from Amazon using One Click,
Apple Pay or Google Pay, the company uses tokenization. The
company receives the credit card information, translates it into
a complex hash algorithm that is transferred to a token vault.
This information is matched via a map to the person's account
number and personal information to correctly process the
transaction.
4:57:10 PM
MR. MILLER turned to slide 31, Tokenization and Controls for
Anonymity. He directed attention to the flowcharts on the slide
to describe the secure voting process. First, a voter would go
to a kiosk or voting booth to cast a vote or apply for an
absentee ballot, similar to a kiosk at an airport. The voter
would submit biometrics, such as a fingerprint, or use a
multifactor authentication to voting booth interface. The
identity verifier system receives and certifies the information
and approves an ID key on the Blockchain, creating a token that
authorizes a specific ballot. This system creates a voter key or
token in the interface called a "blind token." The ballot cannot
identify an individual voter and the authentication system
cannot identify any specific ballot selections, which are
separated by a wall. After voting, the agency issuing the ballot
receives the "blind token" and the voter receives a confirmation
printout with a hashtag and a ballot number.
5:00:49 PM
MR. MILLER described the process for a voting system using a
paper ballot. The voter would use the same voter eligibility
process but after validation, the ballot would be printed with a
hashtag. After voting, the ballet would be scanned and
transmitted via a blockchain based on the hashtag. Again, voter
identity would not be linked via the hashtag or the verification
system.
MR. MILLER summarized that these systems provide absolute
confidence that an authorized person voted by using multifactor
authentication. It would also maintain voter secrecy and provide
correct vote tallies. A voter could use their hashtag number to
verify that his/her vote was included in the total vote tally.
MR. MILLER, in response to Chair Shower, apologized that his
explanation was more technology oriented to describe blockchain
technology than he would have preferred.
5:03:32 PM
MR. MILLER turned to slide 32, Potential System Flow. He said
the graphic from followmyvote.com ties the five pieces of
technology to build the system. A person would gain
authentication via a digital wallet to access the secure cloud
infrastructure. Tokenization technology ensures that an
authorized voter casts his/her ballot using a dual-purpose
system of blind tokens to create anonymity whether the system
uses electronic, absentee or in-person paper ballots. A secured
vote enters a blockchain ballot box, is counted, the results are
tallied, and analytics are performed.
MR. MILLER said the digital wallet allows voters the ability to
verify that their vote was counted correctly and confirm the
results. The key principle is that the absentee, mail, or in-
person voting process will maintain voter security and voter
privacy, he said.
MR. MILLER referred to a patent diagram on slide 33 that the US
Post Office filed in August 2020 to create a blockchain system
for mail-in ballots. He said the USPS is using the same concept
in its patent. If approved, the USPS could be a potential
supplier for absentee ballots or all by-mail voting in Alaska.
5:06:08 PM
MR. MILLER turned to slide 34, How, What, and Why. He said he
hopes the PowerPoint helps the committee understand how to use
blockchain technology to create a secure, auditable, accessible
election system and translate that knowledge to good policy
decisions. The idea is to provide voter confidence of "one
voter, one vote" in an efficient election.
CHAIR SHOWER remarked that the information on blockchain
technology could help the committee find ways to address
election integrity and restore people's faith in the system. He
maintained his interest in ensuring that eligible voters have
easy access to voting in a reliable voting system.
CHAIR SHOWER highlighted that rural Alaskan voters often do not
have reliable cell phone, internet access or connections. This
means SB 39 must allow a variety of ways to vote. For example,
the USPS is considering using a blockchain. This technology
could have positive implications for voting. He expressed his
interest in working with Mr. Miller to address specific issues.
5:08:32 PM
MR. MILLER, in response to Senator Holland, said he is
physically located in Lehi, Utah.
[CHAIR SHOWER held SB 39 in committee.]
| Document Name | Date/Time | Subjects |
|---|---|---|
| SB 95 Fiscal Note 3291.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 95 |
| SB 95 Sectional Analysis.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 95 |
| SB 95 Sponsor Statement.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 95 |
| SB 95 Bill v.A.PDF |
SSTA 3/16/2021 3:30:00 PM |
SB 95 |
| SB 66 Bill v.A.PDF |
SSTA 3/16/2021 3:30:00 PM |
SB 66 |
| SB 66 Sectional Analysis.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 66 |
| SB 66 Sponsor Statement.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 66 |
| SB 95 Amendment 1.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 95 |
| SB 95 Amendment 2.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 95 |
| SB 39 Modern Technology Applications.pptx |
SSTA 3/16/2021 3:30:00 PM |
SB 39 |
| SB 66 v.B.pdf |
SSTA 3/16/2021 3:30:00 PM |
SB 66 |