Despite uncovering thousands of fraudulent absentee-ballot requests submitted online last year, Miami-Dade County will not follow recommendations made by a grand jury to make the elections website more secure by requiring user logins and passwords.
Instead, the elections department has worked with its software vendor to try to beef up the system on the back end, making it easier for elections staff to review ballot requests to flag suspect submissions.
The change, which will take effect next year, will not cost the county any more money. Requiring user logins and passwords would have required an initial investment of about $843,000, with a potential recurring cost of about $743,000 in every major election, Elections Supervisor Penelope Townsley said.
Legitimate voters might have been dissuaded to request ballots if the online system was made more cumbersome, she added.
Sign Up and Save
Get six months of free digital access to the Miami Herald
“It would have also deterred voters,” she told the Miami Herald on Wednesday.
The phony absentee-ballot requests set off state investigations into potential voting fraud after Townsley’s staff alerted prosecutors before the August 2012 primary election that they had flagged more than 2,500 online requests as suspicious.
Florida law requires that voters or their immediate family members file ballot requests. The submissions identified by the elections department came in bulk from only a handful of Internet Protocol addresses, in some cases listing fake voter email addresses.
The origin of most of the requests was masked by foreign IP addresses that prosecutors concluded could not be traced.
After the Herald reported in February that about 500 of the requests came from a Miami location and could be further investigated, the Miami-Dade state attorney’s office found those submissions were linked to aides of Congressman Joe Garcia, a Miami Democrat.
Garcia has since fired his chief of staff, Jeffrey Garcia, no relation, who admitted to the congressman that he directed the campaign to file the requests online on behalf of unsuspecting voters. No charges have been filed in the ongoing investigation.
In a separate case, prosecutors last month charged two campaign aides for Miami Commissioner Francis Suarez, who was running for mayor, with misdemeanors for submitting ballot requests for 20 voters who had filled out hard copies of request forms. Campaign Manager Esteban “Steve” Suarez, who is the commissioner’s cousin, and Operations Manager Juan Pablo Baggini received probation.
Francis Suarez dropped out of the race days later, citing his wife’s pregnancy and “mistakes” in his campaign.
County Commissioner Esteban “Steve” Bovo had sponsored a measure earlier this year directing the elections department to make online absentee-ballot request forms more secure, as recommended by the grand jury convened last year by Miami-Dade State Attorney Katherine Fernández Rundle.
Bovo’s legislation was scheduled for a vote Wednesday. But he withdrew the item, saying he was content with Townsley’s efforts.
“We feel, at this point, there’s nothing more to be done,” he said. “There’s no additional expenses that we have to incur ... I’m satisfied with the safety net she’s provided.”
Chairwoman Rebeca Sosa also commended Townsley for “looking at every detail to try to avoid the misuse” of the elections system.
Townsley said after the meeting that reprogramming the software — which was used by more than 74,000 voters to request ballots last year — to include logins and passwords would have resulted not only in one-time setup costs but also in recurring costs to provide users with assistance if they forgot their logins or passwords, for example.
According to Townsley, the software will be updated next year, before the fall midterm elections. The update will automate part of Miami-Dade’s process to review online requests before ballots are actually sent.
Staffers will still examine the requests. “There’s no getting around, in my opinion, the manual review,” she said.
But compiling the information submitted in the requests will be easier, said Townsley, who would not go into further detail.
“Confidentiality in our security protocols is critical,” she said.