Author - Pamela Smith

Verified Voting Blog: Trump’s claim the election is rigged is unfounded

This article was posted originally at The Hill on October 20, 2016.

I serve as President of Verified Voting, a voting security organization that seeks to strengthen democracy by working to ensure that on Election Day, Americans have confidence that their votes will be counted as we intended to cast them. Election officials, security experts and advocates have been working together around the country toward that goal, at a level that also is unprecedented.

Elections are administered by local officials. America doesn’t have one monolithic national voting system the way there is in other countries. We have thousands of them, operating under state and local supervision.

In recent years, the way in which America votes has trended toward increasingly reliable and verifiable methods. More than 75 percent of Americans will vote this election on paper ballots or on voting machines with voter verifiable paper trails. That’s more than in past elections, including 2012 and 2014. (You can check out how your local area votes on our map of voting systems.) That means more voters than ever will be voting on recountable, auditable systems.

Why is that important? Because it offers officials a way to demonstrate to the loser of an election and the public that yes, they really did get fewer votes than their opponent or opponents.This is a nonpartisan issue. If you lose an election because something went wrong with a voting system somewhere, that’s fundamentally unfair. The more checks and balances we have in place (such as paper backup trails and audits), the greater our ability to withstand tampering or just general malfunction.

That’s not to say that our systems have no vulnerabilities. We have a higher degree of reliability in our election systems than in the past, but there’s still work to be done. What’s notable is that more is being done to ensure security this year than ever before. Read More

Verified Voting Blog: What are the post-Election Day procedures states can take to confirm the election went well?

This article was originally posted in the September 16 issue of NCSL’s The Canvas.

Ensuring the accuracy and integrity of the vote count can help generate public confidence in elections. Two of the most important steps happen after voting concludes on Election Day. Ballot accounting and reconciliation (BA&R) is a not-so-exciting name for a crucial best practice. BA&R is a multi-step process that is designed to account for all ballots, whether cast at the polling place or sent in remotely, and compare that with the number of voters who voted, as the first pass. After that, the next step is to ensure that all batches of votes from all the polling places are aggregated into the totals once (and only once). This is a basic “sanity check” that makes sure no ballots are missing, none are found later, none were counted twice, etc. Most jurisdictions do a good job at this task. Read More

Verified Voting Blog: Verified Voting Recommendations to the Presidential Commission on Election Administration

The Presidential Commission on Election Administration will meet again today in Denver, Colorado. The Webcast can be linked to via the Commission website. Verified Voting has submitted the following recommendations to the Commission.

I. Contingency Planning and Eliminating Long Lines

On Election Day, long lines were produced in many cases due to voting systems that malfunctioned in multiple locations across the country. As stated in a joint letter we signed sent to President Obama last November, “While insufficient voting equipment was not the only cause for long wait times, it no doubt contributed to the problems we saw on Election Day. The need to improve our voting systems is urgent. Much of the voting equipment in use today is nearing the end of its life cycle, making equipment attrition and obsolescence a serious and growing threat.”1

In our “Counting Votes 2012: A State By State Look At Election Preparedness” report2, about the 50 states’ preparedness for this major election cycle, we identified key areas of concern. We predicted many states could have problems due to:

• aging voting systems,
• dependence on machine interface for voting for the majority of voters, and
• thoroughness of policies and regulations for emergency back-up provisions in case polling place problems occur and lines start to form.

There were few surprises. As one of our technology expert recruits for the OurVoteLive (OVL) Election Protection hotline indicated:

What’s most interesting is that if you divide things into “easy to solve” and “hard to solve”, the “easy to solve” ones tend to be in places using optical scan [ballots], and the “hard to solve” in places using machines [DREs]. Read More

Verified Voting Blog: Internet voting for overseas military puts election security at risk

Connecticut lawmakers are considering legislation to allow military voters to cast ballots over the Internet. The intention of this legislation is well-meaning — Connecticut does need to improve the voting process for military voters — but Internet voting is not the answer.

Every day, headlines reveal just how vulnerable and insecure any online network really is, and how sophisticated, tenacious and skilled today’s attackers are. Just last week, we learned that the U.S. has already experienced our first-ever documented attack on an election system, when a grand jury report revealed that someone hacked into the Miami-Dade primary elections system in August 2012.

A chilling account in The Washington Post recently reported that most government entities in Washington, including congressional offices, federal agencies, government contractors, embassies, news organizations, think tanks and law firms, have been penetrated by Chinese hackers. They join a long list that includes the CIAFBIDepartment of DefenseBank of America, and on and on. These organizations have huge cybersecurity budgets and the most robust security tools available, and they have been unable to prevent hacking. Contrary to popular belief, online voting systems would not be any more secure. Read More

Verified Voting Blog: Verified Voting Testimony to the Maryland Board of Elections

On February 23, the Maryland State Board of Elections held meeting a proposed system for remote absentee voting was discussed. Verified Voting submitted testimony (see below) about the system, which includes the use of ballot marking wizard software. We maintain that such software — regardless of any other program it may be bundled or used with — meets the definition of  a voting system in Section 301 of the Help America Vote Act and should therefore undergo testing and certification before use. Further, such online ballot marking software contains potentially severe hazards. We raise these in the testimony provided to the SBE.

Thanks to passage of a law requiring voter-marked paper ballots, Maryland is in a slow transition to using a fully voter-verifiable system one day. However, another concern raised in the remarks we provided was the use of a bar code on the remotely printed voted ballot, from which a new version of the voted ballot would be printed once it is received by mail back at the elections office. This version printed from information encoded in the barcode design is the one that would be officially counted. This runs counter to the concept of voter-verifiable ballots. Verified Voting’s testimony follows after the fold. Read More

Verified Voting Blog: Best Practices for Voting Systems Supporting Military and Overseas Voters

Given the current focus on UOCAVA implementation, the NIST draft Information System Security Best Practices for UOCAVA-Supporting Systems (referred to here as the Draft) is a timely and important document. A summary of security standards and guidelines “deemed most applicable for jurisdictions using IT systems to support UOCAVA voting” is indeed necessary at a time when many states are moving forward with Internet based voting, too often with insufficient thought to the security implications of casting votes online. The Draft acknowledges the urgency of proper security:

“…security compromise could carry severe consequences for the integrity of the election, or the confidentiality of sensitive voter information. Failure to adequately address threats to these systems could prevent voters from casting ballots, expose individuals to identity fraud, or even compromise the results of an election.” 1

Unfortunately, the Draft falls short of providing the comprehensive analysis of security practices implied by the title. While the limitations and scope of topics are clearly laid out, the remaining gaps, particularly those related to online return of voted ballots, are too large and too important to ignore. Even with disclaimers, the Draft may encourage many in the target audience, the election officials and IT staff implementing UOCAVA voting 2, to believe that the controls outlined in the Draft are adequate to address all types of online voting, including return of voted ballots via Email. Read More

Verified Voting Blog: Comments on EAC UOCAVA Pilot Program Testing Requirements

This week the Elections Assistance Commission (EAC) released public comments submitted on their draft UOCAVA Pilot Program Testing Requirements. The EAC document spell outs testing and certification requirements for Internet voting pilot programs for military and overseas voters, partly in response to the requirements of the Military and Overseas Voter Empowerment (MOVE) Act passed in 2009. The MOVE Act required many excellent improvements that increase opportunities for voters overseas to be able to cast their ballots in time to be counted. These changes include the electronic delivery of blank ballots and information, but not the electronic return of voted ballots. The Act also included a provision for experimental programs involving voting via the Internet. At least three states (AZ, CO, WV, and possibly GA and FL) are planning to carry out voluntary pilot programs this year. Despite the short time available for comment, many substantive comments were submitted, including from Verified Voting. While we do not mention them all here, there were many insightful comments and we urge you to read through them. Many of the comments expressed recurring themes:

Audits, Security Standards and Procedures: Verified Voting noted that an equipment manufacturing standard alone is insufficient to provide anything resembling “reasonable assurance that the pilot systems will operate correctly and securely”, as stated in Section 1.1.3 of the EAC Draft. We assert that a comprehensive security plan is required, not merely an equipment testing plan. Robust post-election audits are essential to demonstrating correct and secure operation of any voting system, be it remote or local. Read More

Verified Voting Blog: Judge Orders Expert Review of Voting Machines in New Jersey

A judge in New Jersey has ordered a new review of New Jersey’s voting systems, this time by qualified technical experts, in a partial victory for advocates challenging the systems’ constitutionality. State law requires that voting systems be “accurate and reliable.” From our vantage point, these systems don’t meet that standard; because they cannot be audited, there’s no way to check for accuracy. A recent report from researchers at UCSD illustrated a stunning new kind of vulnerability in the type of voting system in widespread use in New Jersey (AVC Advantage), where code could be inserted, modify results and vanish without detection. An author on that study, and expert witness in the New Jersey case, Prof. Edward Felten, said preventing such attacks “requires an extraordinary level of security engineering, or the use of safeguards such as voter-verified paper ballots.”

While other requirements from the Judge address some security measures, including criminal background checks on personnel working with the voting machines and all third party vendors who examine or transport them, and protocols for inspecting machines to ensure they have not been tampered with, such checks have no impact on any tampering that may have occurred in the past (such as during the extended periods of time in which they were left unattended at polling places before and after past elections), and provide no failsafe that would ensure reliability. Voting systems can no longer be connected to the Internet, which we trust means New Jersey will now provide a more secure way to allow for the return of voted ballots from overseas voters. Read More