Online voting fraud claims at ITIL group remain murky

Risk consulting firm called in to examine voting records

The question of whether someone compromised an online election held last year by the IT Services Management Forum's U.S. chapter remains an unsolved mystery. Even the source of the complaints that the voting was rigged can't be positively identified.

But the plot of this whodunit continues to thicken. This week, Computerworld received an e-mail containing a spreadsheet purportedly showing detailed data from the October election of five members of the ITSMF USA's board of directors. The data includes the dates and times that individual votes were cast, and who received them, although it doesn't identify the ITSMF members who cast the votes.

Only a handful of people are supposed to have access to that information, and the fact that it has leaked out explains part of the reason why the Pasadena-based organization has hired New York-based risk consulting firm Kroll to examine the voting records and try to discover what it can about the source of the rigging claims.

"Their directive was to find the truth," said Sallie Kennedy, who heads the ITSMF USA board's governance committee. "It's no more complicated than that."

But Kennedy, an assistant vice president of technical services at a financial firm that she asked not be named, doesn't know what to make of the claims. "It's really starting to feel weird, to be quite frank," she said.

Kroll is expected to deliver some initial findings to the ITSMF soon, and officials at the U.S. chapter hope to have their questions answered before the ITSMF USA's annual conference, which is scheduled for September in Charlotte, N.C.

The ITSMF USA is part of an international organization that is managed out of an office in Wokingham, England. It promotes the adoption of IT services management standards and best practices, such as the IT Infrastructure Library. The U.S. chapter has more than 7,000 members and has been growing, thanks to the increasing corporate adoption of the ITIL guidelines. Some of the ITSMF USA's board members are employees of vendors, such as Hewlett-Packard and CA, that offer ITIL training services.

But the group remains a volunteer organization. About half of the U.S. chapter's members were eligible to vote in last October's board election, but only about 500 did so. Of that total, it's being alleged that about 100 votes are potentially suspect.

Leah Palmer, the ITSMF USA's president, alerted members to the compromised voting allegations in late May, writing in an e-mail that an individual or multiple people had apparently obtained information from the group's database as part of an attempt "to interfere with [our] governance process."

However, the claims surfaced publicly as early as April, in the comments section of an ITIL-focused blog called The IT Skeptic. In a series of postings, a writer identified as "J M Linden, Ph.D." made allegations about voting irregularities. The blog operator, who prefers to remain anonymous, eventually removed or edited some of the postings, writing that the claims "are too serious to be allowed to stand without adequate (or indeed any) evidence."

The author of the postings said via e-mail that her name is Julie Linden, although she described that as her maiden name. Linden, who communicates via a public Hotmail account and whose identity could not be independently confirmed, has a list of 15 people who she claims were recorded as voting in last fall's board election but did not. She has shared those names with ITSMF USA officials, based on copies of Linden's e-mails that Computerworld received from another party, who asked to remain anonymous.

Computerworld, which also was given a copy of Linden's list of 15 names, was able to locate two of the people on the list. One said that he couldn't have voted because he was out of the country during the voting period. The other said he couldn't recall for certain whether he had voted.

James Prunty -- who was the ITSMF USA's executive director until last month, when his two-year contract wasn't renewed -- reviewed the spreadsheet with voting data that Computerworld received this week. Prunty said that the spreadsheet isn't an exact match of the system files and that perhaps some data columns were removed when the information was put into the spreadsheet. But he did seem to think that the data came from the ITSMF USA's systems.

A big part of what's needed to determine if the election was in fact rigged is the ability to match the identities of voters with the votes they supposedly cast. Palmer said via e-mail that Kroll's investigators are checking the alleged fraudulent votes as well as others that are suspicious. She also said that the decision not to renew Prunty's contract wasn't related to the election.

Kennedy said that, so far, the group hasn't found any significant compromise of the voting, although it has identified a couple people who say that they didn't vote in the board election.

Linden has information that could have come only via an administrative view of the ITSMF USA's systems, Kennedy said. She added that ITSMF officials see Linden as a whistle-blower and hope that she will help Kroll determine what, if anything, actually happened in the election.

In a phone call to Computerworld, Linden said she was interested in having the truth disclosed but was also passing along information from another source. She promised to disclose her evidence at the ITSMF USA's upcoming conference.

Join the newsletter!

Error: Please check your email address.

More about CA TechnologiesHewlett-Packard AustraliaHISKrollVIA

Show Comments