Support The Bulwark and subscribe today.
  Join Now

How Did Fyre Festival: Iowa Happen?

There are some basic questions we should ask about how the Iowa Democratic party managed the contract behind their app.
February 5, 2020
How Did Fyre Festival: Iowa Happen?

So what’s the best metaphor for what just happened at the Iowa caucuses? WeWork? Theranos? Project ORCA?

I think the answer is probably the Fyre Festival. Remember, Fyre started out as an app, too, and eventually dragooned a multitude of well-meaning innocents into a situation where nobody could understand why everything wasn’t working—even as the people behind the scenes were entirely aware that nothing could possibly work and tried desperately to run for cover and get off the island.

And I’m betting that when the story of this caucus is eventually told—hopefully to Wired—we’re going to learn that the people closest to the caucus knew they were on the Titanic.

Here’s an email from a buddy who works in tech who explains what questions he would have been asking:

(1) There ought to have been a test plan for the app.

This would include database testing, a smoke test, and a security scan. These can be automated in many cases. This large a flaw would have shown up nearly right away had there been decent testing of several functional attributes. In computer programming and software testing, smoke testing (also confidence testing, sanity testing, the build verification test [BVT] and build acceptance test) is preliminary testing to reveal simple failures severe enough to, for example, reject a prospective software release.

In other words you create a “test case” where the results are known and then run the app to see if the expected result occurs. Smoke tests are a subset of test cases that cover the most important functionality of a software product and are used to aid assessments of whether the main functions of the software appear to work correctly. They are used to determine if a computer program should be subjected to further, more fine-grained testing. In the software development paradigm, use of a BVT step is one hallmark of the integration maturity of the software. This is key.

(2) Look at the time to get the app under contract and when the first deliverables were due. Too fast is common. And did the organization have professional contracts folks who worked on these procurements?

(3) Will the Iowa Democratic organization produce a copy of the contract for the software? It might be helpful for the public to get to see at least a redacted version.

(4) The Dems say the cybersecurity protections in the app were consulted by HHS. I would bet you an espresso machine this was either a cursory check or it did not happen.

(5) How did the app transmit data? Over cellular networks? Cellular networks are notoriously unreliable. And was it supposed to work on both Android and Apple?

(6) What is the end point where that data landed? How were the results supposed to be compiled—a database or just an XML file?

One of the funny things about most tech disasters is that the mystery of how they happened isn’t really a mystery. It usually winds up having been an open secret among the people close to the product.

I suspect it will be the same story here. The only problem is that when dodgy tech companies implode, it’s the VCs and employees who get hosed.

What happened in Iowa this week may have screwed over all of the Democratic candidates, the state of Iowa, and one of America’s two major political parties.

In other words, it might wind up being the most costly disaster in the history of the internet.

Jonathan V. Last

Jonathan V. Last is editor of The Bulwark.