Media Release: Wisconsin Proves It’s Not Too Late for States to Take Key Election Security Steps Before November

Nearly 20 U.S. States Do Not Audit Election Results by Checking Paper Ballots Against Machine Counts or Lack a Paper Ballot to Conduct Effective Audits

WASHINGTON, D.C. – Wisconsin’s action last week requiring a post-election audit will help secure the November vote and should be followed by states that lack such protections, according to Public Citizen and Verified Voting.

On Tuesday, the Wisconsin Election Commission (WEC) took a key step to secure the vote by requiring an audit of November’s election results before they are made official. The commission voted to randomly select five percent of voting machines in the state to be audited the day after the 2018 general election. For the audit, municipal clerks will hand count ballots from randomly selected machines, comparing what’s on the paper ballot to what the machine recorded. They will do this across four races before the vote count is finalized. (See WEC meeting minutes pages 34 and 49.)

Wisconsin’s action shows that it’s not too late to commit to auditing the 2018 vote counts before finalizing results, Public Citizen and Verified Voting said. Votes can – and should – be checked against voter-marked paper ballots for accuracy.

Verified Voting in the News: State expands use of post-election audits | StateScoop

Wisconsin officials were praised Friday by election-security advocates for expanding the state's use of post-election audits. The Wisconsin Elections Commission announced that it voted unanimously Tuesday to require audits in 5 percent of precincts throughout the state after every vote, beginning with the Nov. 6 general election. The decision is evidence that the clock has not run out yet on states seeking to improve their ballot-security procedures before Election Day, said representatives of Verified Voting, which advocates for paper-based voting systems and Public Citizen, a consumers' rights group. Under Wisconsin's new system, election officials will randomly select at least 183, or 5 percent, of the state's 3,660 precincts to review voting equipment. The audit sample will include at least one precinct from each of the state's 72 counties, but no more than two precincts from any single municipality. 

National: Paper backups and audits: Officials preparing for midterms | GCN

With midterm elections right around the corner, election officials says they’re focused on putting contingency plans in place so voting can continue even if systems are disrupted. Edgardo Cortés, the former Virginia Commissioner of Elections and current Election Security Advisor at the Brennan Center for Justice, said he is focused on low-tech plans to ensure voting continues to take place. These plans include having enough provisional ballots and having a back-up paper poll book at each voting location -- “things that will keep the process going and allow people to vote even if we end up with a worst-case situation,” Cortés said at a Sept. 24 Brennan Center event.

National: How Vulnerable Are Electronic Voting Machines? | WBUR

A federal judge ruled this week that Georgia does not have to replace its electronic voting machines with machines that create paper records before the election in November. In her ruling, though, the judge noted she's "gravely concerned" about Georgia's slow pace in addressing electronic voting vulnerabilities. Here & Now's Jeremy Hobson talks with Marian Schneider, president of Verified Voting, a nonpartisan nonprofit that advocates for accurate and verifiable elections, about those vulnerabilities and how secure electronic voting machines are.

On her opinion of the judge's ruling in Georgia: "I do think that it's a significant decision, but I think that the judge was concerned about the amount of time before the election, that there wasn't enough time to smoothly implement paper ballots. "There's only seven weeks between now and the election, and the early voting would start soon, too. So I think that was a greater concern for the court, but I think the judge made a lot of very significant findings about the vulnerabilities that are present in paperless computer systems that count our votes."

National: 6 Ways to Fight Election Hacking and Voter Fraud, According to an Expert Panel | The New York Times

Amid a chorus of warnings that the American election system is ground zero for foreign attackers, a panel of leading scholars and election experts issued a sweeping set of recommendations on Thursday for how to make elections more secure. Several similar reports have been issued lately, but this one is different. It not only carries a blue-ribbon pedigree from the National Academies of Science, Engineering and Medicine, but it also suggests ways to address allegations of domestic voter fraud, which Republicans have leveled for years. The report notes the significant challenges of securing elections. In 2016, Americans voted in 178,217 precincts and 116,990 polling places. Under the Constitution, each state controls its own election procedures, and officials jealously guard their authority against federal interference. The rules vary so wildly that uniform standards are almost impossible. Still, many of the report’s proposals can be applied nationwide. Here are six ways the panel says that election security can be improved:

1. Use paper ballots to establish a backup record of each vote. Even if voter databases and other equipment aren’t connected to the internet, experts said, it will be hard to protect computer systems from cyber threats. As a result, they recommend that by 2020, every voting machine nationwide should generate a backup paper record of each vote. Currently, five states — Georgia, South Carolina, Louisiana, Delaware and New Jersey — and portions of several others do not maintain a paper trail.

National: The Best Way To Secure US Elections? Paper Ballots | Dark Reading

Voting machines that do not provide a paper trail or cannot be independently audited should immediately be removed, concludes a new report from the National Academies of Sciences, Engineering, and Medicine.
A new report from the National Academies of Sciences, Engineering, and Medicine is recommending the use of human-readable paper ballots as the best way to protect the security and integrity of US elections, at least in the immediate future. In fact, the committee behind the report wants election officials to consider ditching voting methods that do not provide a reliable paper-verifiable audit trail as early as the upcoming 2018 midterms and for all local, state, and federal elections by 2020. It also does not want jurisdictions to permit the use of the Internet and Internet-connected systems to return marked ballots until "very robust guarantees" of security and verifiability are developed. Other recommendations include the need for states to mandate risk-limiting audits prior to the certification of election results and routine assessments of the integrity of voter registration systems and databases.

Verified Voting Blog: Four ways to defend democracy and protect every voter’s ballot | Douglas W. Jones

This article was originally posted at phys.org.
As voters prepare to cast their ballots in the November midterm elections, it’s clear that U.S. voting is under electronic attack. Russian government hackers probed some states’ computer systems in the runup to the 2016 presidential election and are likely to do so again – as might hackers from other countries or nongovernmental groups interested in sowing discord in American politics.

Fortunately, there are ways to defend elections. Some of them will be new in some places, but these defenses are not particularly difficult nor expensive, especially when judged against the value of public confidence in democracy. I served on the Iowa board that examines voting machines from 1995 to 2004 and on the Technical Guidelines Development Committee of the United States Election Assistance Commission from 2009 to 2012, and Barbara Simons and I coauthored the 2012 book “Broken Ballots.”

Election officials have an important role to play in protecting election integrity. Citizens, too, need to ensure their local voting processes are safe. There are two parts to any voting system: the computerized systems tracking voters’ registrations and the actual process of voting – from preparing ballots through results tallying and reporting.

Wisconsin: Experts discuss vulnerabilities in Wisconsin elections | The Badger Herald

The League of Women Voters of Dane County hosted a forum Wednesday on protecting Wisconsin’s elections amid questions surrounding foreign influence in the 2016 presidential election. Panelists included University of Wisconsin political science professor Barry Burden, the Wisconsin Center for Investigative Journalism managing editor and co-founder Dee Hall and Richard Rydecki from the Wisconsin Elections Commission. While the panelists agreed that Wisconsin elections are vulnerable to security threats, they disagreed on what could cause significant errors.

Arizona: Maricopa County Approves Funding for Audit on Arizona Election Issues | Associated Press

Maricopa County Recorder Adrian Fontes said he was angry with himself over the issues surrounding last week's primary election in the first occasion that he's publicly answered questions from top officials about what went wrong. Fontes spoke before the county board of supervisors on Wednesday. The board approved $200,000 in funding for an independent audit of the recorder's office and its handling of the Aug. 28 elections, when 62 polling locations failed to open on time. Dozens of people reported showing up to cast a ballot and getting turned away. Fontes made no mention of the troubles during a Facebook Live video he recorded with a voter shortly before polling places opened at 6 a.m., nor did he bring up the issue to any of the supervisors.

National: New bill would require paper ballots to secure election results | CNET

The Russians can't hack paper. On Tuesday, nine Senators introduced a bill that would require state and local governments to use paper ballots in an effort to secure elections from hackers. The bill would also require rigorous audits for all federal elections to ensure that results match the votes. "Leaving the fate of America's democracy up to hackable election machines is like leaving your front door open, unlocked and putting up a sign that says 'out of town,'" Sen. Ron Wyden, a Democrat from Oregon, said in a . "Any failure to secure our elections amounts to disenfranchising American voters."

New York: Saratoga Board of Elections say ‘no’ to request for ballots | Albany Times Union

Saratoga County Board of Elections has once again rejected a request for copies of the electronic ballots cast in November's charter referendum that was defeated by 10 votes. In a May 25, 2018 letter from the county Board of Supervisors, the former chair of the now disbanded Charter Review Commission Bob Turner was informed that the request "is duplicative of your previous request, which (has) been fully settled." Turner said the move by Board of Election Commissioners Roger Schiera (Republican) and William Fruci (Democrat) "undermines the public's confidence in the integrity of the electoral process. If the election was run properly, there is nothing to hide," Turner said. The city's charter-change advocates submitted a second Freedom of Information Law request after an April 12 ruling of 3-2 in Kosmider vs. Whitney in the Appellate Division of state Supreme Court. A panel of five judges ruled that electronic ballot images in this Essex County case can be accessed through a FOIL request. The Board of Supervisors in Essex County, the Sun Community News reported, has filed a paperwork reserving the right to appeal.

National: Paper trails and random audits could secure all elections – don’t save them just for recounts in close races | The Conversation

As states begin to receive millions of federal dollars to secure the 2018 primary and general elections, officials around the country will have to decide how to spend it to best protect the integrity of the democratic process. If voters don’t trust the results, it doesn’t matter whether an election was actually fair or not. Right now, the most visible election integrity effort in the U.S. involves conducting recounts in especially close races. A similar approach could be applied much more broadly. Based on my research into game theory as a way to secure elections, I suggest that the proper first line of defense is auditing results. While an audit can only happen after Election Day, it’s crucial to prepare in advance.

Tennessee: Hamilton County election administrator: paper ballots, audits help ensure integrity at the polls

As the start of early voting nears and news of Russian interference continues to make headlines, Hamilton County’s administrator of elections said local citizens can feel secure in the practices that protect the integrity of the ballot box. “Hamilton County takes the safeguarding of both our physical and cyber infrastructure very seriously,” Election Administrator Kerry Steelman said via email. “The rigorous system of checks and balances in both the registration and voting process should instill confidence in voters that Hamilton County’s elections will not be compromised.” In an effort to avoid interference, some state officials recently said they’d move away from the use of touch-screen voting machines. Some experts also recently said that audits can confirm there’s no meddling.

National: Inability to audit U.S. elections a ‘national security concern’: Homeland chief | Reuters

Not having a verifiable way to audit election results in some states represents a “national security concern,” the Trump administration’s homeland security chief said on Wednesday, looking ahead to U.S. midterm elections in November.  The U.S. Department of Homeland Security (DHS) was prioritizing election cyber security above all other critical infrastructure it protects, such as the financial, energy and communications systems, the agency’s chief, Kirstjen Nielsen, told the Senate Intelligence Committee. The hearing to examine the Trump administration’s efforts to improve election security came following U.S. intelligence officials’ repeated warnings that Russia will attempt to meddle in the 2018 contests after doing so during the 2016 presidential campaign.

Editorials: Election audits should be the rule, not the exception in Wisconsin | Karen McKim/WiscNews

We use many computers in our daily business — ATMs, grocery scanners and more. Government uses computers to track our drivers’ licenses, calculate our property tax bills and more. But concerns about hacking focus only on the computers that count our votes. Ever wonder why that is? Voting machines are no riskier than any other computer. We insert a deposit into an ATM and expect the computer to credit the dollars to the right account. We insert a ballot into a voting machine and expect the computer to credit the votes to the right candidates. Before each election, Wisconsin’s clerks practice the same sort of safeguards that are routine elsewhere. Like bankers with their ATMs, they practice the best security they can. They test the equipment before putting it into use.

Illinois: Lawsuit challenging Chicago election audit loses in landslide | Cook County Record

A lawsuit challenging the way Chicago's elections board audits election results has been shredded by a federal judge. The complaint, filed in the U.S. District for the Northern District of Illinois, was brought by several election monitors. It claimed the methods used by the Chicago Board of Elections (BOE) to audit the 2016 state primary elections violated their right to vote as well as their right to association and to petition the government. They sought declaratory and injunctive relief. The plaintiffs took particular issue with the so-called “5 percent test” used in the audit. The 5 percent test refers to the sample size of voting machines included in the post-election audit analysis. The Board of Elections argued the audit had no effect on election outcomes, so it could not have violated voting rights or rights to association or to petition the government. U.S. District Judge John Robert Blakey agreed.

Editorials: Allowing ballot audits preserves integrity far better than disenfranchising voters | The Keene Sentinel

Earlier this year, the GOP-led Legislature was quick to jump on the notion that our state’s elections are a fragile, vulnerable thing in need of shoring up. Their answer, backed by Gov. Chris Sununu, was to make it harder for new voters to cast their ballots. It was a transparent attempt to limit voting by those who might be more likely to vote Democrat — the poor; new Massachusetts transplants; and, most of all, college students. And their effort — Senate Bill 3 — is being challenged in the courts. At the same time, lawmakers made clear they don’t really value the integrity of our state’s elections, by killing in committee a bill to authorize local moderators to conduct verification recounts of machine-counted ballots. Senate Bill 109 couldn’t have been any simpler. It would have added a paragraph of language to existing election law saying local moderators have the discretion to conduct recounts to verify machine results.

National: States Start Using Statistical Methods to Check Voter Count Accuracy | eWeek

In the face of overwhelming evidence that the Russians meddled in the 2016 U.S. presidential election, states are adopting auditing measure to detect any possible direct ballot fraud and give voters confidence in the results. After clear evidence emerged that Russia attempted to influence the results of the 2016 U.S. presidential election by social media, and more directly by hacking election systems, state governments are embarking on a variety of efforts to use statistical auditing to verify election results. On Nov. 15, Colorado kicked off its first statewide statistical audit of its most recent election by using a statistical technique known as risk-limiting audits to establish the integrity of the vote. Because of mail-in ballots from voters serving in the military, the state had to wait eight days to receive all votes and initiate the audit. Risk-limiting audits, or RLAs, allow election officials to verify the outcome of an election by sampling a much smaller subset of ballots compared to a full recount. Verifying the results of presidential elections in each state from 1992 to 2008, for example, only requires an average of 307 ballots per state. The number of ballots required to verify the vote, however, increases as the contests become closer and eventually defaults to a full recount, in the case of an extremely close race. Colorado’s legislature voted to adopt an election-wide audit in 2010, and election officials began piloting RLA in 2013.

California: New California Law Strikes Blow to Election Audits | WhoWhatWhy

As the most populous state in the country by far — and a leader in innovations — California is always worth watching. In no situation is that more true than in its attempts to fix its voting system. Sometimes, however, those efforts prove to be entirely counterproductive. In response to reports from US intelligence that Russia interfered with the 2016 election, election officials across the country are striving to fortify their security procedures. In light of all this, many experts were shaking their heads in disappointment after California recently passed a law that election activists are calling “an open invitation to large-scale election fraud.” Earlier this month, a seemingly innocuous bill reached the desk of Governor Jerry Brown (D) after passing the State Assembly and Senate unopposed. Given its ostensible purpose — to allow mail-in voters to re-submit overlooked signatures via email — the lack of scrutiny might have been understandable. However, when the bill was amended before its final Senate vote, its purpose took an unforeseen shift. The altered bill “dramatically reduc[es] the number of ballots counties must include in the [post-election hand count] performed to verify the accuracy of software vote counts,” said the nonpartisan California Voter Foundation in a letter calling for the bill’s veto.

Editorials: States Take On Election Hacking. Washington Ignores It. | The New York Times

As Washington ignores the danger, state election officials have finally begun facing up to the threat of Russian hackers and other troublemakers infiltrating the American voting process in the midterm and presidential elections. There have been months of apparent indifference in many state election offices, despite stern warnings from federal security experts that hackers will be back for more after their 2016 meddling. But now state election officials have begun trying to tighten the security of outdated, vulnerable balloting systems. These systems were last updated after the hanging-chad debacle of the 2000 election, before internet hackers were a powerful threat.

California: Cyber Security Experts Say California Vote Audit Has Exploitable Problems – capradio.org

Federal officials told California Friday that Russians probed the state's election system for vulnerabilities before the 2016 election. That's raising new questions over a bill on Governor Jerry Brown's desk. Cyber security experts say the measure could weaken California's voting systems. California relies on machines to tabulate the millions of ballots cast during an election, but counties also do a manual audit of one percent of precincts. A bill on Brown’s desk clarifies the audits only have to include ballots cast on or before election night—not provisional or late-arriving vote-by-mail ballots.

Kansas: Judges question challenge to voting machines, but case could change state law | The Wichita Eagle

Appeals judges strongly questioned Tuesday whether there's a legitimate legal question for them to decide in Wichita statistician Beth Clarkson's quest to use audit tapes to test the accuracy of voting machines. But the case could lead to an effort to change state law to make it easier for citizens to do accuracy tests on election equipment. Clarkson, a statistician at Wichita State University, is asking the judges to order a recount of votes on ballot questions in the 2014 election, using the paper tapes generated by voting machines as voters cast their ballots. At a Court of Appeals hearing Tuesday in Wichita, the lead judge on the three-judge panel repeatedly pressed Clarkson's lawyer, former U.S. Attorney Randy Rathbun, about whether a recount would have any effect, since the election was settled years ago.

Rhode Island: Bill approved to establish post-election audit program | The Westerly Sun

The General Assembly has approved a bill to establish post-election audits to ensure that equipment and procedures used to count votes are working properly. “This will go a long way toward ensuring public confidence in election results,” said Sen. James C. Sheehan, D-North Kingstown, who introduced the legislation at the urging of Common Cause. “Without the constant scrutiny and examination of election procedures, the democratic system could be called into doubt.” The bill was sponsored in the House by Rep. Edith H. Ajello, D-Providence. The audit would be a partial recount to verify the accuracy of the voting system.

Editorials: How the Kansas Legislature can take up where statistician has been stopped | The Wichita Eagle

Much good can come from Beth Clarkson’s 2 1/2-year quest to solve an unexplained pattern of voting results, but only if the Kansas Legislature can see the bipartisan importance. Clarkson, chief statistician for Wichita State University’s National Institute for Aviation Research with a Ph.D. in statistics, has tried since April 2015 to examine paper results from the 2014 general election. She wanted to answer why results tended to increase Republican votes in large precincts. Polling didn’t reflect the tally, which Clarkson reasoned could be caused by unseen demographic trends or fraud within the vote count. She sued Sedgwick County elections commissioner Tabitha Lehman and Kansas Secretary of State Kris Kobach for paper results. Representing herself, Clarkson lost when her case was framed more as an open-records filing than a recount request. Her new lawyer called her “a brilliant statistician but a horrible lawyer” in a Kansas Court of Appeals hearing Tuesday.

Rhode Island: House OKs bill to empower Board of Elections to conduct post election audits | Providence Journal

A bill that would give the board of elections power to perform “post-election risk-limiting” audits aimed at improving the accuracy of election results passed the House. The bill, sponsored by Rep. Edith Ajello D-Providence, will allow the Board to create a board in 2018 that would conduct audits of statewide primaries, general, and special elections. In 2020 the board would also analyze the results of the presidential race. It passed unanimously, and awaits action by the Senate.

Kansas: Appeals court to grapple with Beth Clarkson voting-machine case in Wichita | The Wichita Eagle

Is voting rigged in Sedgwick County? Is there any way to prove it is or isn’t? Those are the fundamental questions underlying a Kansas Court of Appeals case to be argued Tuesday morning in a special court session at Friends University in Wichita. The appeals court is being asked to allow a recount of votes on audit tapes from voting machines to test the accuracy of the tallies reported by Sedgwick County Election Commissioner Tabitha Lehman. Wichita State University statistician Beth Clarkson has tried for seven years to gain access to the tapes. Her request was denied by Lehman and the denial was upheld in district court. Lehman and Sedgwick County say that there is no problem with the votes and releasing the tapes would risk compromising the secrecy of people’s ballots. Tuesday’s appeal arguments will feature two prominent Wichita attorneys.

National: Bipartisan Push for Electoral Security Gets Priority Status | Roll Call

A bipartisan effort to enhance election security is among the priorities for Senate Democrats as part of the debate on the annual defense authorization measure. “The consensus of 17 U.S. Intelligence agencies was that Russia, a foreign adversary, interfered in our elections. Make no mistake: Their success in 2016 will encourage them to try again,” Senate Minority Leader Charles E. Schumer said Tuesday. “We have state elections in a couple of months and the 2018 election is a little more than a year away. We must improve our defenses now to ensure we’re prepared.” The New York Democrat was speaking on the floor about a bipartisan effort led by Sens. Amy Klobuchar, a Minnesota Democrat, and Lindsey Graham, a South Carolina Republican.

National: Electronic voting systems in the U.S. need post-election audits | TechTarget

The state of Colorado has taken a step toward rebuilding public trust in the election system in the United States.

Beginning in November 2017, Colorado will require risk-limiting audits, or RLAs, in elections statewide. The state has always required traditional post-election audits, but in 2009, a law passed requiring RLAs throughout Colorado. According to the statute, an RLA is "an audit protocol that makes use of statistical methods and is designed to limit acceptable levels of risk of certifying a preliminary election outcome that constitutes an incorrect outcome." This means that all post-election audits in the state of Colorado compare a random sample of paper ballots to their digital counterparts. Colorado's law is, in large part, a reaction to recent events in the U.S. and across the globe that have called the security of electronic voting systems into question and emphasized the importance of election audits for all levels of elections.

Editorials: Outdated technology is a greater threat than hackers to US elections | Antonio Mugica/Washington Examiner

The recent DefCon hacking conference demonstrated why America needs to modernize its voting systems with more technology, not less. Participants exposed vulnerabilities in various pieces of election technology at DefCon's Voting Machine Hacking Village and, predictably, had no difficulty infiltrating many of the systems. The twist? They were hacking into technology that hadn't been updated since the early 2000s. Interestingly, the key takeaways from this hack-a-thon closely mirror the recommendations recently put forth to Congress by 100 security experts. They include the need for multiple levels of encryption, post-election audits and secure servers. But it's important to remember that these findings aren't new. And my company, Smartmatic, has been using such measures to protect voters for over a decade, so we know the technology exists. The hackers at DefCon highlighted the dramatically archaic state of U.S. voting machines and reminded the public to prioritize securing voting infrastructure for upcoming elections. In a field where the half-life of software can be just a few months, it's no surprise hackers took down equipment that was over a decade old. The concerning part is that some of this technology is still used in elections today.

Colorado: State to require advanced post-election audits | Politco

Colorado on Monday said it will become the first state to regularly conduct a sophisticated post-election audit that cybersecurity experts have long called necessary for ensuring hackers aren't meddling with vote tallies. The procedure — known as a “risk-limiting” audit — allows officials to double-check a sample of paper ballots against digital tallies to determine whether results were tabulated correctly. The election security firm Free & Fair will design the auditing software for Colorado, and the state will make the technology available for other states to modify for their own use. The audit will allow Colorado to say, “with a high level of statistical probability that has never existed before,” that official election results have not been manipulated, said Colorado Secretary of State Wayne Williams in a statement.