The state of Colorado is moving to audit future digital election results, hiring a Portland-based startup to develop software to help ensure that electronic vote tallies are accurate. The startup Free & Fair announced on Monday that it had been selected by the state to develop a software system for state and local election officials to conduct what are called “risk-limiting audits.” A risk-limiting audit, or RLA, is a method that checks election outcomes by comparing a random sample of paper ballots to the accompanying digital versions. The development comes amid deepening fears on Capitol Hill about the possibility of foreign interference in future elections, following Russia’s use of cyberattacks and disinformation to influence the 2016 presidential election. According to the U.S. intelligence community, Moscow’s efforts also included targeting state and local election systems.
A Department of Homeland Security official told the Senate Intelligence Committee last month of evidence that Russia targeted election-related systems in 21 states leading up to the election, though none were involved in vote tallying. These included voter databases in Arizona and Illinois.
Lawmakers and others have worried about the possibility of vote tallies being targeted in the future, though many note that it would be difficult to alter actual vote counts using hacking. Risk-limiting audits are often recommended by cybersecurity experts as an efficient way to ensure the integrity of digital election results.
“We need to consistently and routinely check that our election results are accurate, by inspecting enough of the paper ballots to tell whether the computer results are right,” J. Alex Halderman, a University of Michigan computer science professor, said in testimony before the Senate panel in June.