Monday, March 12, 2012

The "Robocall" smoking gun

The "robocall" voter suppression fraud has all the elements of a Scooby-Doo mystery, but the same principles apply in looking at the evidence to figure out if the guilty party is really a sea monster or Old Man Johnson in a rubber mask.

Having worked in an IT shop for a while and with automated election systems, there are several questions I noticed need to be asked.

The so-called robocall centre is a Voice Over IP system (VOIP) that can send out tens of thousands of calls an hour from a server through the Internet to phones anywhere. It makes the calls simultaneously like a bulk email.

To use it you need only a few simple things:
1) An account with an Internet service provider that has the specialized robocall software
2) An uploaded list of target phone numbers from a database or spreadsheet
3) A recorded message, called in from a phone anywhere

An account with an ISP needs several things. You have to sign up for the service, which means providing email confirmation, contact data and, most importantly, payment. Emails can be set up from any number of anonymous sites, like Hotmail or Gmail, but even they leave traces, like what IP addresses you log in from. Anyone who works in the IT world can make it very hard to trace an email by using proxy servers designed to mask where you are.

Payment is more difficult, especially when paying for expensive campaigns like the robocalls. Paying for all the alleged robocalls at once would be an expensive proposition, and multiple small payments increase contact and risk of identity detection. Online payments for Internet services are generally by credit card or PayPal. We know PayPal's records have been requested by Elections Canada. PayPal is serious about not being a source of money laundering, and so is careful about identifying users of their services.

We have heard that a pre-paid credit card has been used to pay for the cell phone used to make the recorded message for the robocalls. It is safe to assume it was used to make PayPal payments too. PayPal will also log IP addresses for transactions, which would have to be disguised as well.

Many ISP services are completely automated and self-serve, although you would think some human IT hands would be involved in a provider of primarily sensitive political call services, at least in the verification of accounts. If this was piggybacked on an existing client's account, the passwords and access would have to be very tightly controlled.

If "Pierre Poutine" used an existing Conservative robocall account, you would expect this would be a very short investigation. Few people would have the passwords let alone the authority to access the account.

Robocall accounts do several things. They not just make the calls, but they provide users with detailed lists of when calls were made, how many we're connected and even how long people listened to them. This is important for legitimate businesses to know if their calls are going through and effective. These reports are either available to download through the website or are emailed to the user. Again, each interaction with the robocall server produces an IP log.

That brings us to the lists themselves.

If the fraudulent robocalls were targeted specifically at Non-Conservative voters, that list had to come from somewhere. It is hardly worth addressing the idea that the Liberals made these calls as Dean Del Mastro has said repeatedly. There is no sense in telling your own voters the wrong voting location, especially when the calls came from a highly politicized company that works almost exclusively for conservative parties.

I have explained below the only place these lists of non-conservative voters - many of whom were apparently elderly - could come from. An opponent's marked riding canvass list is the only reasonable place to collect this information. But that means to get it into a robocall database it has to be matched with local phone numbers and uploaded into a master database.

Ridings maintain their own local databases of "marked lists" of voters, so there has to be a central plan to collect non-Conservative voter data from ridings and individual polls that might "swing" with only a slim margin of votes. We know the robocalls were made to multiple swing ridings, so there was a coordinated effort. This required an overview of what was needed to win not just polls or ridings, but the election. In the compartmentalized world of the Conservative Party, this could only be the central campaign.

Having worked with databases of delegate and other lists, cleaning a list is a massive undertaking. Hardly the work of one person in a short time.

There were a number of different targeted ridings and polls. When the phone message was uploaded to the server for the robocalls, it had to be recording in multiple versions, as each polls was different, and to be believable each message had to be specific to the calling location. There is no point in telling a voter that their poll has been moved to a different riding, since it won't be believed. You need local intelligence of what to record in the 30 or so robo-messages so that their change in polling location is at least semi-believable with a riding-specific address. Not a small undertaking without local assistance in each riding and a central repository for the data. That local assistance has to be coordinated, at least enough to centrally record and upload the couple of dozen different voice messages tailored for each poll and riding deemed important enough to break the law and sway the outcome of an election.

The pattern of deception - throw-away cell phones paid for by cash-purchased credit cards, etc. - show the people behind the voter suppression fraud knew what they were doing was highly illegal and went to great efforts to not get caught.

Looking at each of these elements, it is also clear this is not the work of a rogue or lone gunman. The technology is a closely guarded "political super weapon" of the Conservatives, and not something most would be familiar with or have access to during the vital last days of what appeared to be a desperate last ditch bid for a Conservative majority. It requires a large number of man-hours and resources, money and access to the campaign-enhanced voter records of a couple dozen ridings. This isn't a prank Twitter account - it is a sophisticated attempt to use cutting edge technology to subvert democracy.

It doesn't take Scooby-Doo or Mystery Inc. to see why this could only happen as part of a carefully coordinated plan.