Verified Voting Blog: The Role of Risk-Limiting Audits in Evidence-Based Elections

In the aftermath of the 2016 election cycle, interest in securing American elections from tampering or hacking has intensified. Given that 99% of our votes are counted by computers, and that computers are used in every aspect of the electoral process, election security is a top priority. For over a decade, Verified Voting has advocated for the widespread adoption of post-election risk-limiting audits (RLAs) alongside other best practices to facilitate a trustworthy and auditable record of votes cast.

A post-election risk-limiting audit (RLA) is one of the pillars of cyber security. In this day and age of nation state attacks on our election systems, it is very important for election systems to be resilient and provide a way for jurisdictions to identify problems and to recover from them. Security experts agree that the best method is voter-marked paper ballots (which voters choose to mark by hand or with a ballot marking device), having a deliberate and intentional step for voters to verify their ballot selections, providing a strong chain of custody of the ballots, and checking that the computers counted them correctly (RLAs).

Evidence-Based Election Ecosystem

Risk-limiting audits are one piece of the larger ecosystem of evidence-based elections that depend upon a trustworthy record to give confidence to election outcomes. There are some things that risk-limiting audits do not do. They do not tell us whether the voting system has been hacked. They do not and cannot determine whether voters actually verified their ballots. But they can detect and correct tabulation errors that could alter election outcomes — or provide strong evidence that a full hand count would yield the same outcomes.  

National: Swing states adopt audit tool to safeguard voter ballots ahead of 2020 election | One America News Network

A leg of the Department of Homeland Security recently announced its soon to be partnership with election officials and non-profit VotingWorks that would audit votes in 2020. Ballot box officers say the purpose is to prevent possible hacks and watch for faulty voting machines. Battleground states, such as Pennsylvania and Ohio, have already embraced a voter monitoring tool known as Arlo. Four other states have reportedly adopted the tool as well. The VotingWorks sponsored tool is free for state and local election leaders, and would double-check all votes cast. Arlo is a web-based app that uses a security method called “risk-limiting audit.” During this process, a small percentage of the paper ballots are taken at random to check if they match what the machines recorded. Although the method is simple, many places don’t use them reportedly because many states use direct electronic voting machines, which eradicates all paper trails.

California: It May Take a Month to Name California’s Winner on Super Tuesday | Emily Glazer/Wall Street Journal

California’s decision to move up its 2020 primary to Super Tuesday in early March from June will make the nation’s most populous state one of the most important in deciding the Democratic presidential candidate. But changes to the voting process could mean the final results won’t be known for weeks. If the allocation of California’s 494 Democratic delegates—by far the most of any state—isn’t finalized until early April, that could affect the candidates’ viability, campaigning and fundraising momentum in the meantime. It also could influence voter support in other states. California Secretary of State Alex Padilla earlier this year decertified most voting systems in the state’s 58 counties, giving them until February 2020 to install more advanced and secure technology. Many counties are still testing the new or updated devices, while also preparing for state-mandated election changes, including allowing in-person voting 10 days before Election Day and broadening the number of people who can vote by mail, a procedure that now will be available to about half the state’s population. The changes also allow same-day voter registration at every polling location. They also add, for the first time for a presidential election, the ability for voters to submit missing signatures on vote-by-mail ballots no later than two days prior to the certification of the election, which could vary by county. County elections officials will still have up to 30 days after Election Day to complete vote counting, auditing and certification. “I’m telling people it’s no longer Election Day, it’s election month,” said Neal Kelley, the registrar of voters in Orange County.

Editorials: Florida must do better than ‘Trust us’ to instill confidence in 2020 elections | The Palm Beach Post

The 2020 elections are just around the corner, and government officials responsible for ensuring the upcoming vote occurs without a hitch are asking a lot from the public -- trust. Florida Secretary of State Laurel Lee said late last month that the state’s voting systems are adequately prepared for electronic attacks -- a pressing concern since the specter of Russian hacking haunted the last presidential election. Securing Florida’s voting systems is long overdue. Unfortunately, Lee undermined her message by refusing to provide any details that might convince the public that these latest efforts to stem cyber-attacks on Florida’s elections systems would work. “The Department of State stands here in 2019 with an incredible amount of information we never previously had,” said Lee, who is Florida’s top elections official, without a word of specifics about that incredible amount of information. “I believe that should inspire a level of confidence that we have access to far more information than we had at any prior point.” Not really. Ever since the Mueller report on the 2016 presidential election determined that hacking efforts by Russian intelligence were successful in “at least one” Florida county, Floridians wanted to know where they’re vulnerable. Compounding the anxiety, Gov. Ron DeSantis said in May that he learned from the FBI that Russians hacked two counties -- their voter-information files, not systems involved in vote tallying. But state officials, saying they’ve been muzzled by federal investigators, still refuse to say which counties were hacked in 2016. And although they just conducted a review of state and county election systems, they won’t say what kind of security weaknesses were uncovered -- if any. Nor will they promise to tell us about any future breaches.

Georgia: Secretary of State seeks election audit rules | Doug Richards/WXIA

Georgia's Secretary of State wants new rules to govern the timing and location of post-election audits. This comes after critics said an audit of the recent November election was done in virtual secrecy. The November elections, a handful of locations, were the first-ever in Georgia done with new voting machines purchased from Dominion Systems by the state of Georgia. The new machines are expected to roll out statewide in time for the March presidential primary. Aside from the audit controversy, critics said a pattern has emerged in recent weeks that shows the secretary of state’s office initiating political battles with its critics. Thursday, a roomful of volunteers at Ebenezer Baptist Church had created a phone bank to contact voters they say were at risk of getting purged from voter rolls.

Indiana: Vanderburgh County will counter voters who refuse to use machines | Thomas B. Langhorne/Evansville Courier & Press

Suspicious voters who refuse to use voting machines at polling places will have no other option if Vanderburgh County's chief elections officer has her way. County Clerk Carla Hayden said she will seek changes to Indiana law in the wake of a city election that saw three voters at Plaza Park School request — and receive — paper provisional ballots simply because they refused to use machines. The ballots ultimately were counted by election board members who said the voters were eligible. In at least one case, poll worker Don Gibbs said, a voter at Plaza Park explained he is suspicious about voting machines. "He said he just didn’t trust the machines. I didn’t ask why," said Gibbs, the highest-ranking poll worker at Plaza Park. After calling the Vanderburgh County Election Office for guidance, Gibbs gave the three voters — he said they weren't together — paper provisional ballots. By law, provisional ballots are sealed in security envelopes, kept apart from other ballots and acted upon later. Provisional ballots are the only paper ballots available at polling places in Vanderburgh County. Machines, not paper, are the county's method of voting on election day.

Louisiana: No data lost, no ransom paid in Louisiana cyber attack; Ardoin says no impact on state elections | Mark Ballard/The Advocate

Monday’s ransomware attack, which crippled about 10% of the state’s computer network servers just hours after votes were tallied in statewide elections for governor, legislative seats and other positions prompted many to look for intrigue, a legislative panel heard Friday. "A lot of the conspiracy theorists are calling me,” said state Sen. Bodi White, R-Central. He questioned whether the attack, which kept many in state government from using their computers throughout much of the week, could cause problems for certification of election results or changed numbers in election returns. Secretary of State Kyle Ardoin said no. “Nothing impacted our system,” Ardoin said in an interview Friday. The website was down for a while. But, for the most part, the election office’s databases for voters and votes are separate from the state system.

Mississippi: Paper ballots offer extra election security | Caleb Bedillion/Daily Journal

Amid ongoing anxiety about election hacking and foreign interference, Lee County continues to use what many experts deem the most secure voting system: the paper ballot. In Mississippi, the bulk of the state’s 82 counties use fully electronic voting systems. But about a dozen or so counties use paper ballots. And that number is increasing. “The shift is we’re going back,” said Lee County Circuit Clerk Camille Roberts Dulaney. A Republican about to begin her second term, Dulaney said hand-marked ballots build voter confidence and ensure the integrity of the election. “It just feels safer to me,” Dulaney said. In North Mississippi, Choctaw County is among those exploring a return to a system that incorporates paper ballots. With touch-screen machines nearing the end of their life, the county tested new machines this year that produced a paper ballot. “We wanted to know if there was something new,” said Deputy Circuit Clerk Linda Miles. The county used machines built by VotingWorks, which provided them free of charge to test in this year’s statewide primary and general elections.

Pennsylvania: Philadelphia tests way to ensure no one hacks 2020 presidential election in Pennsylvania | Jonathan Lai/The Philadelphia Inquirer

Philadelphia voters can rest assured Jim Kenney really was reelected mayor this month, according to a squad of data and voting experts from around the country who ran a rigorous statistical test of the results Thursday. But while it’s no surprise that a Democrat won by 80 percentage points in an overwhelmingly Democratic city, it’s notable that the scientists were able to conduct such an audit in the first place. That’s because on Nov. 5, for the first time, Philadelphia used voting machines that leave a paper record of voters’ choices. As Pennsylvania’s counties roll out similar new machines required to create paper trails in time for the 2020 presidential election, the reported electronic returns can now be checked for accuracy. That’s an important change in a state that Donald Trump carried in 2016 by slightly more than 44,000 votes, or less than 1%. Pennsylvania is expected to be critical again next year. “We know we saw in 2016, everybody wondering, was this real, was this not real?" said Kathy Boockvar, secretary of the commonwealth, whose department oversees Pennsylvania elections. In 2020 and beyond, with what are known as risk-limiting audits, election officials will be able to confirm that the text of paper ballots lines up with what ballot-reading machines say. “The stakes are high, people are very passionate, and we have the paper that will be able to show the actual evidence,” Boockvar said. Officials hope the audits will make it harder for bad actors to tamper with the results. They also hope to increase public confidence in elections generally, following what U.S. intelligence agencies concluded was a systematic campaign by Russia to interfere in the 2016 election to boost Trump. (That campaign involved the dissemination of news and information Americans consumed, not the manipulation of actual votes or voting machines.)

Pennsylvania: Last-minute bill amendment addresses scanner, privacy issues at the polls | Emily Previti/PA Post

A bill headed to Gov. Tom Wolf’s desk is expected to address some of the problems experienced by counties that rolled out new voting systems during the general election earlier this month. All counties are required to have election systems in place for the presidential primary next spring. The systems must use paper ballots or generate paper copies of electronically cast votes, under the terms of a lawsuit settlement. More than half of them debuted voting machines during the general election earlier this month – and some experienced problems. The new rules would require counties to give voters more privacy while casting their ballots. The changes respond to voter complaints that their votes could be read by poll workers and other voters when they went to scan their ballot, despite counties providing folders for shield ballots from view. The legislation would also do away with ballot stubs. Voters using a hand or machine-marked ballot tear off the stubs before putting their ballot in a vote scanner.  In York County, the perforations left behind contributed to scanner jams and voting delays.

Texas: Cause of 820-vote discrepancy in Midland County not yet known | Midland Reporter-Telegram

Midland County Elections Administrator Deborah Land told the Reporter-Telegram it has not been determined what caused an 820-vote discrepancy between Election Day and the recount on the Midland ISD $569 million bond. Land said she has reached out to the legal department of the Secretary of State’s Office and is awaiting response. She has also reached out to representatives from ES&S, the voting machine vendor. “Until I have more information as to how we will be making any determination as to the difference in numbers, I have nothing further to tell you at this time,” Land wrote in an email. The electronic machines counted 23,631 ballots were cast on Nov. 5. When the ballots were counted by hand, the nine three-person teams counted 22,811 ballots total. The recount began sometime after 8 a.m. Friday and ended about 4 a.m. Saturday. Midland County Elections Administrator Deborah Land told the Reporter-Telegram it has not been determined what caused an 820-vote discrepancy between Election Day and the recount on the Midland ISD $569 million bond. Land said she has reached out to the legal department of the Secretary of State’s Office and is awaiting response. She has also reached out to representatives from ES&S, the voting machine vendor.

Canada: Russian election-meddling in Canada linked to Arctic ambitions: report | Daily Stock Dish

A new University of Calgary study is predicting Russian interference in the federal election campaign to serve what it describes as the Kremlin‘s long-term interest of competing against Canada in the Arctic. The study‘s author, Sergey Sukhankin, said in an interview that Moscow‘s ability to inflict serious damage is relatively low because Canadian society is not as divided as countries targeted in past elections, including the United States presidential ballot and Britain‘s Brexit referendum in 2016, as well as various attacks on Ukraine and the Baltic states. "The Kremlin has a growing interest in dominating the Arctic, where it sees Russia as in competition with Canada. This means Canada can anticipate escalations in information warfare, particularly from hacktivists fomenting cyber-attacks," writes Sukhankin, a senior fellow with the Jamestown Foundation, a U.S. think-tank, who is teaching at the University of Calgary. "Perceived as one of Russia‘s chief adversaries in the Arctic region, Canada is a prime target in the information wars, with Russia potentially even meddling in the October 2019 federal election. Ottawa should be ready for a new surge in cyberattacks, disinformation and propaganda levelled against Canada in the near future."

China: Spy defects to Australia, alleging election interference and cybercrimes | Devin Coldewey/TechCrunch

A purported agent of the Chinese intelligence service is seeking asylum in Australia, bringing with him explosive allegations of widespread interference in political affairs in that country, Taiwan and elsewhere. He claims also to have run a cyberterrorism campaign against supporters of Hong Kong independence. Wang “William” Liqiang indicated to Australian news outlet The Age that during a deep-cover assignment intended to manipulate the 2020 presidential election in Taiwan, he decided to defect and expose the Chinese networks from abroad. In addition to The Age, Wang spoke with The Sydney Morning Herald and 60 Minutes; the various outlets appear to be planning a broader release of the contents of his interviews on Monday. Wang has reportedly explained in detail the inner workings of a Hong Kong-listed company called China Innovation Investment Limited, which the government has allegedly been using as a front to infiltrate various universities, political groups and media companies.

Russia: Charges of Ukrainian Meddling? A Russian Operation, U.S. Intelligence Says | Julian E. Barnes and Matthew Rosenberg/The New York Times

Republicans have sought for weeks amid the impeachment inquiry to shift attention to President Trump’s demands that Ukraine investigate any 2016 election meddling, defending it as a legitimate concern while Democrats accuse Mr. Trump of pursuing fringe theories for his benefit. The Republican defense of Mr. Trump became central to the impeachment proceedings when Fiona Hill, a respected Russia scholar and former senior White House official, added a harsh critique during testimony on Thursday. She told some of Mr. Trump’s fiercest defenders in Congress that they were repeating “a fictional narrative.” She said that it likely came from a disinformation campaign by Russian security services, which also propagated it. In a briefing that closely aligned with Dr. Hill’s testimony, American intelligence officials informed senators and their aides in recent weeks that Russia had engaged in a yearslong campaign to essentially frame Ukraine as responsible for Moscow’s own hacking of the 2016 election, according to three American officials. The briefing came as Republicans stepped up their defenses of Mr. Trump in the Ukraine affair. The revelations demonstrate Russia’s persistence in trying to sow discord among its adversaries — and show that the Kremlin apparently succeeded, as unfounded claims about Ukrainian interference seeped into Republican talking points. American intelligence agencies believe Moscow is likely to redouble its efforts as the 2020 presidential campaign intensifies. The classified briefing for senators also focused on Russia’s evolving influence tactics, including its growing ability to better disguise operations.