“Votebeat is a nonprofit news organization reporting on voting access and election administration across the U.S. Sign up for Votebeat Arizona’s free newsletter here. Staff at the Arizona Secretary of State’s Office accidentally publicly released the home addresses and telephone numbers of hundreds of voters whose information the state had pledged to keep private, an incident that potentially risked exposing them to physical harm and harassment in the months leading up to the 2024 election. Emails obtained by Votebeat show that the error affected a fraction of voters in the state’s address confidentiality program, which includes victims of domestic violence, sexual assault, and stalking. It also exposed information about certain voters who were protected via court order, such as judges, prosecutors, and law enforcement officials. Records show the error went undiscovered and uncorrected for nearly nine months. During that time, the voters’ personal information was released to a number of political and consumer data firms via the office’s routine public records request process. State law says the secretary of state “shall not disclose any address or telephone number” of voters enrolled in the state’s address confidentiality program unless required by a court order or in response to a request by another state or local government entity. Weeks before the presidential election, state election officials attempted to claw back the information and notified impacted voters, according to the emails. Secretary of State Adrian Fontes, a Democrat, demanded accountability “ASAP” upon hearing of the issue, according to emails sent by Keely Varvel, his chief of staff. The office ultimately fired its director of voter registration, administration, and technology, who it said had caused the error by incorrectly instructing a records analyst on how to pull data from the state’s voter registration system — although records suggest that the director disputed those allegations. Nonetheless, some voters were left alarmed and confused. Only a handful of the 373 people affected by the error responded to the notice sent out by the secretary’s office, but those who did were concerned about what entities had obtained their addresses and phone numbers. One voter said they wanted to know “what date this breach happened, and who you released my information to.” Another asked election officials to “elaborate on how the information was released and exactly what steps you have taken to ensure the information will not be released again.” A third, a police officer, said they’d long had their information protected through the court system. “What does the AZ Secretary of State plan to do about this to protect us,” the voter asked. Records show the secretary’s office responded to concerned voters by releasing documents showing what entities had received their information and those recipients’ responses to the state’s efforts to claw back the information. Ian Lamoreaux, a forensic psychiatrist who specializes in violence risk assessment, said the situation was “definitely unsettling” for those on the protected list — even though it’s unclear whether any of the voters faced actual harm as a result of the state’s mistake. “There’s some expectation of privacy,” said Lamoreaux. “There’s an expectation that there’s a system in place that is going to protect you, that’s going to keep you safe from those who are out there wanting to do harm, and then that protective layer is pretty suddenly and kind of strikingly just stripped away.” State Sen. J.D. Mesnard, who sponsored the legislation that established Arizona’s voter confidentiality program, called the error “a breach of trust.” “It’s possible that they’ll have covered their tracks sufficiently enough that there won’t be any damage, and no one will ever know the difference,” said Mesnard, a Republican. “But it’s definitely, I’m sure, going to put doubt in people’s minds. The trust factor is broken, and they’re always going to wonder, how protected is it?” Varvel said in an interview with Votebeat that she regretted the matter. She said the secretary of state’s office had “policies and procedures in place which should have prevented it.” “Unfortunately, we have members of our staff that fell down on the job and didn’t follow those policies and procedures,” she said. “So, we have done what we can to try to rectify the problem, but we certainly know that’s not making it go away.” “We certainly apologize for it, and we’re doing all we can to try and make sure [the affected voters are] aware that it happened, be transparent about it, and frankly, hold people accountable,” she added. How the Arizona Secretary of State’s Office exposed voter information The error appears to have originated in February 2024, when a records analyst asked Craig Stender, then the director of voter registration, administration, and technology in the secretary of state’s office, for help with pulling voter data to fulfill public records requests, according to emails between senior staffers working to piece together the cause of the issue. Varvel said in an email to the office’s human resources department that Stender should have instructed the analyst to run an existing, public-facing report in the voter registration database. That report is constructed to remove protected voters from the list that it ultimately produces. The office’s protocol then requires another staff member to double-check the final list to ensure that the query was correctly executed. Instead, she said he advised the records analyst to pull the information in a way that exposed protected voters’ addresses and telephone numbers and bypassed the second check. The analyst, unaware of the error, eventually sent the records out to requestors. “If the right process was followed, the redaction would have been made automatically,” Varvel told Votebeat. “That’s how it fell through the cracks — because the right process, which is in place to make sure this is always redacted, was not followed.” For months, nobody knew that the office was releasing confidential information. Varvel said Stender had worked directly with the office’s public records staff, rather than sending the analyst to one of the people on his team. Then, the matter came up by chance during a meeting on Oct. 9, 2024. An employee in the room was familiar with the office’s process for pulling voter data and realized the mistake. Votebeat attempted to reach Stender for comment on this story, but then found an obituary posted by his family. The obituary suggested that he died a few weeks before a reporter reached out to him. The secretary’s office later confirmed he was deceased. Emails suggest that his version of the story differed from that of senior staff in the secretary’s office. On Oct. 17, 2024, just before he was fired, Stender told the records analyst who had asked him for help that he had never instructed her to use the registration database’s “ballot search” function to incorrectly pull voter information. “I never did such a thing,” he wrote, adding that the allegation “does not make any sense” because he didn’t know much about the ballot search function. “I was not even aware you were using ballot search until you asked if party could be included. I assumed you meant with one of the canned reports so that is when I went to your desk and asked you to show me how you were generating the data.” He asked the analyst to “please elaborate on when and where you believe this training happened.” “This issue is now causing me problems and I do not think it is fair at all that my name is being associated with training you,” he wrote. In response, the analyst said she recalled Stender showing her the feature “back in February, just before the ballots for the [presidential preference election] were mailed.” “Looking back, there might have been a miscommunication during our discussions,” she wrote. Records show protected voters’ data was ultimately delivered to four different out-of-state political data firms and an in-state researcher at the University of Arizona. Three of those firms also openly advertise consumer data offerings on their websites. Combined, at least eight people had access to the voters’ data directly from the secretary of state’s office. One of those recipients unknowingly passed on the confidential information to another group, a Florida-based polling operation called American Promise. Records show the recipient believed American Promise had deleted the protected voters’ personal information from its database and servers, but it’s unclear whether that organization ever directly confirmed that it did so with the secretary’s office. A person listed in records as a point of contact for the group did not respond to a request for comment from Votebeat. Calli Jones, a spokesperson for the secretary’s office, said in a statement that staff “went through the proper investigative channels to get the data back from those who originally requested it and are looking into the possible ‘spreading’ following the initial release.” She later said she had “no update” on whether any additional organizations had access to the confidential information. Arizona’s confidentiality program is supposed to protect vulnerable voters. Is it working? Former Secretary of State Ken Bennett, a Republican, said he ran across the idea for a state address confidentiality program at a national conference for election officials in 2010. He pitched the idea to Mesnard, who successfully shepherded the legislation through the Capitol. “There are bad people in this world, and I’m hoping we can all agree that one function of government — the primary function of government — is protecting people from harm,” Mesnard told lawmakers during a committee hearing at the Arizona Senate on March 23, 2011. Former Gov. Jan Brewer, a Republican, signed the program into law on April 19, 2011. It began operating the following year. Bennett said he considered it “an important thing” for domestic violence victims. “It seemed to be doing what it was intended to do, which was providing these folks protection about their addresses and things getting out to people who meant them harm,” he said. “We tried to solve that problem, and I think we did for quite some time.” But the recent error at the secretary’s office raises questions about how secure the program actually is — especially because it isn’t the first time that the state accidentally released confidential information about voters it pledged to protect. In an October 2020 complaint to the State Bar of Arizona, then-Secretary of State Katie Hobbs, a Democrat, wrote that she had learned of a “functional error” in the state’s voter database that caused it to generate early ballot reports that included 76 protected voters’ confidential information. “Certain counties provided those reports to the state’s political parties during the election,” she wrote, adding that she “took immediate action to remedy the issue,” including fixing the error in the database and contacting the political parties and affected voters. Years before that leak, as a state legislator, Hobbs had voted to establish the address confidentiality program. She was a social worker before entering politics and called the legislation “a very important bill” in helping victims of domestic violence “achieve safety once they make the decision to leave their abuser.” “Many victims of violence don’t feel safe even when they’ve made that break, and this bill will provide them a confidential address,” she said from the floor of the Arizona House on March 7, 2011. Liliana Soto, a spokesperson for Hobbs, who is now governor, said in a statement that the address confidentiality program is “critical to protecting vulnerable Arizonans.” Soto said Hobbs has “long prioritized voter privacy and safety, including during her time as a legislator and secretary of state,” and that Hobbs acted “immediately” to mitigate risk to protected voters upon learning of the error in 2020. “The governor believes safeguarding this highly sensitive data must remain an absolute priority,” Soto said, describing any data breach involving the program as “a serious matter.” “She expects state systems to uphold the highest standards of data security.” Varvel said the previous incident was the impetus behind the office’s existing policies and procedures around how to pull information from the voter registration database in response to public inquiries. During her interview with Votebeat, she said the office’s rules about handling protected voters’ data hadn’t changed following the most recent error, but that the incident put public records staff on high alert with requests involving any voter information. However, Jones later said in a statement that the office had also created a new internal list of protected voters and directed public records staffers to compare it against any requests for voter data. She said this “stop list” was implemented “shortly after the incident” in 2024 and is intended to prevent any future accidental leaks of confidential voter information. She added that the office requested funding for its address confidentiality program during state budget negotiations, but was waiting to hear whether it would receive the money. Votebeat asked Varvel whether she could promise the state’s protected voters that their confidential details wouldn’t be erroneously released again. “I will say that I always am concerned — like, things are going to happen with data that you’re not anticipating,” she responded. “But, yes, I think that we’re very, very sensitive to this issue.” Sasha Hupka is a reporter for Votebeat based in Arizona. Contact Sasha at shupka@votebeat.org .
Original story
Continue reading at Votebeat
www.votebeat.org
Summary generated from the RSS feed of Votebeat. All article rights belong to the original publisher. Click through to read the full piece on www.votebeat.org.
