As the Iowa Democratic Party scrambled to sort out winners and losers from Monday’s comic caucuses, the real victor could be the American people, who got to witness, in real time, the menace of relying on untested, privately owned election technology. It’s not that we haven’t seen problematic election technology before. In 2016, fourteen states voted using electronic devices that did not provide a record of voter intent; seven will still be using those machines in 2020. Many states have voting systems that offer election officials—and therefore hackers—remote access, and a significant number of systems are connected to the Internet and vulnerable in other ways. The Iowa caucuses always capture the attention of the entire country, but this year the focus is not just on the delegate counts but on a defective mobile app, which was supposed to streamline the reporting of the results, and on Shadow, the little-known, for-profit company that built it.

A number of people associated with Shadow have close ties to Democratic Party officials. Shadow was launched by Acronym, a nonprofit that promotes Democratic candidates, in January of 2019. Acronym’s founder and C.E.O., Tara McGowan, is married to Michael Halle, a senior adviser to Pete Buttigieg. David Plouffe, who served as President Obama’s 2008 campaign manager, is on Acronym’s board. After the app’s failure on Monday, a spokesperson for Acronym distanced the organization from Shadow on Twitter.

For decades, American election systems have run on technology sold and maintained by private, for-profit companies. Shadow appears to have built a texting tool used by the Buttigieg and Biden campaigns. F.E.C. filings show that the Buttigieg campaign paid the firm $42,500 and the Biden campaign paid it $1,225. If it wasn’t previously obvious to the Democratic Party, or to Shadow, or to the Biden and Buttigieg campaigns, that this arrangement might be perceived as a conflict of interest, it is certainly obvious today. It did not take long before rumors spread on social media that Shadow was in cahoots with the Buttigieg and Biden campaigns. For a political party that needs to distinguish itself from the one that is short on integrity, this was a failure all around. The Nevada Democratic Party, which had planned to use the Shadow app for its caucuses, later this month, announced on Monday that it would not be doing so.

According to the Times, the Shadow app was “quickly put together” in the past two months, after a different method for reporting results was scrapped. The idea that an election-reporting system was “quickly put together” is worrisome enough, but that two-month period is even more problematic. It was not enough time for the app to be tested in an actual election or to have been vetted by cybersecurity experts. (Christopher Krebs, the director of the cybersecurity agency at the Department of Homeland Security, told the Times that the app had not been evaluated by his agency.)

Highlights from President Trump’s State of the Union address.

Though it’s easy to criticize the debacle in Iowa, it is unlikely that the voting machines that will be pulled out of closets, dusted off, and plugged in all across the nation in November will have been subject to a thorough cybersecurity review, either. Even the newest ones were generally vetted, if they were inspected at all, under voluntary guidelines that were developed fifteen years ago. Those guidelines do not say anything about the current state of cybersecurity. This was true in the 2016 election, and it will be true this year. And, although more municipalities are taking advantage of an offer from the Department of Homeland Security to help them “harden” their systems, this, too, is voluntary. Meanwhile, major pieces of election-integrity legislation that have been sent to the Senate since Trump’s election have been blocked by Mitch McConnell.

As the night wore on in Iowa and election officials became increasingly frustrated by the mobile app, a Buttigieg spokesman started tweeting out precinct delegate counts. Not only did he show the arcane math used to allocate delegates; he displayed what appeared to be a pin number used for verifying the delegate allocation, information that could potentially be used by hackers. With many unsubstantiated rumors circulating that Shadow’s reporting tool had been hacked, here was an individual who might have made that possible. If nothing else, his sloppiness tossed accelerant onto those rumors, which blew up on social media.

The Iowa debacle was not caused by the voting itself on Monday night. In caucuses, citizens gather in school gyms, mosques, churches, and Grange halls to declare, in person, without the scrim of secrecy, support for their preferred candidates. The problems arose after that, during the reporting process, and were exacerbated by the public’s demand for instant results. To be sure, vote tallying is an integral part of the election process, and it requires as much security as vote casting does. And it was this part of the system that failed. But, unlike many states, Iowa keeps a physical, paper record from every precinct. It’s a potent reminder that hand-marked paper backups are crucial for any election system that relies on digital technology.

If voters are to come out on top in Iowa, the United States needs to move away from having for-profit companies running elections, prohibit candidates from funding companies that also supply election technology for primaries and general elections, and provide sufficient training for poll workers, who are the intermediaries between the voters and the outcome. Zach Simonson, the Democratic Party chair in Wapello County, Iowa, told the Times that he received no training on the app before the caucuses.“The app wasn’t included in the chair training that everyone was required to take,” he said.

It’s crucial for election venders to open up their software to researchers, instead of threatening to sue anyone who examines their systems, and for all technology used in elections to be tested and vetted by independent researchers for operational efficacy and security. After the 2016 Presidential election, we learned that forces outside the United States, and some inside it, aim to delegitimize American democracy by questioning its integrity. It is irresponsible to give them an assist in 2020.