The App That Disrupted the Iowa Caucuses

Last night, we watched as the Iowa caucuses slowly unfolded and ultimately collapsed in real-time. Today, my little corner of the internet is abuzz with righteous anger and, in some cases, conspiracy theories. One thing is certain: we are all shocked at the sheer incompetence displayed by the Iowa Democratic Party and all those involved in the development of the app that was supposed to simplify and expedite the process.

According to a New York Times report, the app had only been under consideration for state-wide use for a couple of months. As more stories come out, a picture starts to form showing that a series of decisions and mistakes were made that led us here. By all accounts, it seems that users were unclear as to the app’s purpose. The IDP intended the app to be used the primary method of gathering and transmitting results, but apparently failed to impress this upon the people actually working with the app.

Many users did not even get to the point of attempting to use the app, in part because of requirements related to the installation process that would cause the average use to skip using an app, especially if they believe they don’t have to. The average user is not going to bypass their phone’s permissions and sideload an app that they believe is simply a backup method to what they’re putting on paper and calling in. Unsurprisingly, users were also not required to be trained on the app before the caucuses, and based on the information currently available it appears no significant end-user testing was performed. One indication of the failure to communicate basic information about the app is people like Pete Buttigieg’s comms director tweeting out pictures that contained PIN numbers that would allow one to access the app if they were able to get it on their phone.

Once it became clear the app was not working, users turned to the usual method of calling in their results. Troy Price, the chairman of the state party previously stated that there would be multiple redundancies in place and that he was “confident” in their contingency planning. What we actually saw was an abject failure of planning. This backup method was an embarrassment. One precinct secretary was on hold with the party’s hotline for over an hour, and then had his call disconnected by the person on the other end live on CNN. Des Moines County Democratic Chair Tom Courtney described similar scenes across his county, where caucus organizers attempted to call in their results to no avail. It seems they were unprepared for the amount of calls they were swamped with after the app’s failure.

As another backup method, this was the first time Iowa instituted a paper trail, paper ballots were to be returned to the caucus chair in order to be eligible to be counted in the event of a recount. But it appears that some caucus chairs were not even aware that the paper ballots would be returned to them, again likely in part due to a failure in training.

It’s tempting to blame a general reliance on tech or jump to conspiracy theories, and in this case it’s somewhat understandable. According to FEC filings, the Biden and Buttigieg 2020 campaigns have both paid the company who made the app, Shadow Inc., though it’s unclear for what. It’s also emerged that many of the people involved in the app’s development were previous Hillary for America employees in various technology roles. Screenshots of the employee’s LinkedIn profiles began circulating on twitter not long after it became clear that something was amiss.

But I think there is a simpler explanation here. Anyone who has worked at a badly managed software company or on a poorly run team on a tight deadline is very familiar with this situation. Based on the employment histories of those involved, it appears the revolving door between campaigns and the private sector, as well as the symbiotic relationships between former campaign workers and their professional political network is likely to blame. It’s not difficult to imagine technologists failing up through campaigns and using their connections to be awarded these contracts once they enter the private sector, leading to a situation where no one involved in the decision making process has worked at this scale.

What you get from this is a group of people who have no idea what they are doing, being responsible for the integrity of our electoral process. From the actions of those who decided Shadow Inc. was the right company for this job, to those along every step of the way who neglected basic development practices, a cascading set of failures led us here. This is not only a failure in the planning, development, testing, and deployment of this app, but in the creation of backup methods, to the point where the electoral process is compromised. To me this doesn’t seem necessarily or purposely malicious, it seems more like incompetence and negligence.

This morning, the Iowa Democratic Party released a statement stating that their data is sound and confirming that there were no cyber security issues. It seems that while most people were focused on the looming threat of Russian election interference, much more common and less nefarious villains entered the scene: executives, product managers, developers, and party officials who did not know what they were doing. The statement conveniently does not mention that their data is incomplete, due to all the issues mentioned above.

The statement goes on to describe the issue in this way: “We have determined that this was due to a coding issue in the reporting system. This issue was identified and fixed. The application’s reporting issue did not impact the ability of precinct chairs to report data accurately.”

A lot of what we’re thinking around this situation is speculative due to the amount of information that’s available to us. But there are many questions to be asked. Who decided Shadow Inc. was capable of designing and deploying this application? What were the Biden and Buttigieg campaigns paying for when they sent thousands of dollars to Shadow Inc.? Who decided it wasn’t necessary to train the users, or to even relay to the users of the purpose of the app? Who was responsible for failure of the backup methods? Are we to believe that the issue that was identified and fixed was deployed last night, and that users again went through the process of sideloading an updated version of the app? As we go into the Nevada caucuses where the app will also be used, should we trust the people responsible for all these issues to be competent enough to fix them in time?

We deserve answers. Personally, I don’t feel confident that every process failure that we’ve seen here can be corrected in the short amount of time before Nevada. Ideally, external auditors would get involved to figure out and document what happened and give us the answers we need. We can’t settle for depending on the people who got us into this mess. If they won’t give us the transparency we deserve, we must demand it.

Update: Although initial reports indicated the same app would be used in Nevada, the Nevada Democratic Party has since released a statement vowing not to use it.