Documents obtained by Yahoo News show that the Democratic National Committee was “intimately involved” in the development of the faulty app that sparked havoc during the Iowa Democratic caucuses.
The DNC attempted to distance itself from the app-fueled disaster in Iowa and Chairman Tom Perez has repeatedly criticized the Iowa Democratic Party and Shadow, the company that developed the app.
But a document given to Yahoo by a Democratic operative in Iowa shows that the state party’s contract with Shadow “specified that the company had to work with the DNC and provide the national party with access to its software for testing,” according to the report.
“Consultant agrees to work with the DNC Services Corporation / Democratic National Committee (‘DNC’) on an on-going basis as Consultant develops the software,” the contract said.
Shadow also agreed to “provide DNC continual access to review the Consultant’s system configurations, security and system logs, system designs, data flow designs, security controls (preventative and detective), and operational plans for how the Consultant will use and run the Software for informational dissemination, pre-registration, tabulation, and reporting throughout the caucus process.”
DNC officials were involved:
An email obtained by Yahoo also appears to show that Democratic National Committee CEO Seema Nanda and DNC technology chief Kat Atwater were “involved in drafting the contract and requested the addition of the provision that gave them access to Shadow and the app.”
A July 2019 email shows that Atwater provided the text specifying the party’s access to the app, which she said was requested by Nanda.
“In discussing our placement in the process with Seema on Friday, she suggested that it would be helpful to include the following provision in the contracts with your vendors,” Atwater wrote to the Iowa Democratic Party.
DNC denies involvement:
“We requested access to the tool solely for the purpose of doing security testing,” DNC communications director Xochitl Hinojosa told Yahoo.
“The DNC drafted broad language to make sure whatever vendor IDP ultimately hired was required to work with the DNC’s cyber-security consultant,” she said. “We did not build the application, nor did we provide ‘oversight’ of its development — that’s the vendor’s responsibility. We only provided security assistance.”