With the role of the dice, Colorado recently became the first state in the nation to conduct a post-election risk-limiting audit (RLA). It’s taken a while to get this point — the legislation requiring RLAs was first approved in 2009, but Secretary of State Wayne Williams said the result was worth the wait. “We’ve been preparing for this for a number of years,” Williams said noting the need to promulgate the rules for the audit, for new voting systems and training at the state and county level. “It required a lot of work and effort from my office and the county clerks and they all came through fabulously. I was thrilled with the success. The fact that every single county passed, I think gives everyone a very high level of assurance of elections in Colorado.” Williams said it’s important to note that Colorado didn’t begin the RLA process in response to recent concerns about the accuracy of elections, but it is very timely because of concerns being raised.
risk limiting audits
Colorado has become the first state in the country to complete a risk-limiting audit, or RLA, designed to catch mistakes when ballots are tabulated, and Moffat County was part of the successful test that garnered national interest. “It went really great — better than expected,” said Deputy Election Clerk Amanda Tomlinson. “The processes took over a year of preparation with the secretary of state and learning to use the RLA tool.” The RLA is a procedure that provides strong statistical evidence that an election outcome is correct and has a high probability of correcting an erroneous outcome. It requires humans to examine and verify more ballots in close races and fewer ballots in races with wide margins.
California: Saving throw: Securing democracy with stats, spreadsheets, and 10-sided dice | Ars Technica
More than a dozen counties have now participated in a California-wide pilot project to provide a real-world test of what had previously been an academic theory. The pilot was authorized under California Assembly Bill 2023, which passed in 2010. Including audits conducted before the bill’s passage, 23 contests have been audited across several county-level elections in the state in recent years, and other counties, including Orange, Marin, and Yolo, will have additional audits in the coming weeks. California already has a mandatory audit law, which stipulates that a public manual tally of 1 percent of the precincts, chosen at random, must take place. But in Stark’s view, this is the wrong way to proceed. “There is no statistical justification for the 1 percent tally,” Stark explained. “It is a check on the accuracy of the system, but it is not well tied to ensuring that outcomes are right. It doesn’t require more counting for small margins than for large ones, and it does not require a full hand count, even if something is obviously wrong.”
Colorado has completed a first-of-its-kind statewide election audit, which drew attention from outside the state, with all participating counties passing. That means the so-called risk-limiting audit showed the state’s vote tabulating machines properly counted ballots from the election that ended earlier this month. The audit involved a manual recount of a sample of ballots from the more than 50 counties that had elections this year and compared them with how they were interpreted by tabulating machines. The exercise, which began late last week and was completed Tuesday, comes amid national concern about election integrity. “I think it’s fair to say that both state and county election officials were a little anxious because this has never been done before,” Colorado Secretary of State Wayne Williams said in a written statement. “But it turned out to be an amazing success, and that’s because our staff and our county clerks have done a phenomenal job. I am thankful for their hard work and dedication.”
In the face of overwhelming evidence that the Russians meddled in the 2016 U.S. presidential election, states are adopting auditing measure to detect any possible direct ballot fraud and give voters confidence in the results. After clear evidence emerged that Russia attempted to influence the results of the 2016 U.S. presidential election by social media, and more directly by hacking election systems, state governments are embarking on a variety of efforts to use statistical auditing to verify election results. On Nov. 15, Colorado kicked off its first statewide statistical audit of its most recent election by using a statistical technique known as risk-limiting audits to establish the integrity of the vote. Because of mail-in ballots from voters serving in the military, the state had to wait eight days to receive all votes and initiate the audit. Risk-limiting audits, or RLAs, allow election officials to verify the outcome of an election by sampling a much smaller subset of ballots compared to a full recount. Verifying the results of presidential elections in each state from 1992 to 2008, for example, only requires an average of 307 ballots per state. The number of ballots required to verify the vote, however, increases as the contests become closer and eventually defaults to a full recount, in the case of an extremely close race. Colorado’s legislature voted to adopt an election-wide audit in 2010, and election officials began piloting RLA in 2013.
When Logan Lamb visited the website of Georgia’s Center for Election Systems in Aug. 2016, what he found left him speechless. Although the cybersecurity researcher had no password or special authorization, he was able through a Google search to download the state’s voter registration list, view files with Election Day passwords, and access what appeared to be databases used to prepare ballots, tabulate votes, and summarize vote totals. He also discovered a vulnerability that would allow anyone to take full control of a server used for Georgia’s elections. It was everything a Russian hacker – or any malicious intruder – might need to disrupt the vote in Georgia. “Had the bad guys wanted to just completely own the central election system, they could have,” Mr. Lamb told the Monitor in an interview … There are only a handful of states in the US that are currently performing audits that start with voter-verified paper ballots. Many counties in California have conducted pioneering work with such audits. New Mexico hires an independent CPA to oversea an audit of a few key races in that state. And Rhode Island recently enacted a law to develop a voter-verified audit system. But the single most important development in this area is about to take place in Colorado.
The state of Colorado has taken a step toward rebuilding public trust in the election system in the United States. Beginning in November 2017, Colorado will require risk-limiting audits, or RLAs, in elections statewide. The state has always required traditional post-election audits, but in 2009, a law passed requiring RLAs throughout Colorado. According to the statute, an RLA is “an audit protocol that makes use of statistical methods and is designed to limit acceptable levels of risk of certifying a preliminary election outcome that constitutes an incorrect outcome.” This means that all post-election audits in the state of Colorado compare a random sample of paper ballots to their digital counterparts. Colorado’s law is, in large part, a reaction to recent events in the U.S. and across the globe that have called the security of electronic voting systems into question and emphasized the importance of election audits for all levels of elections.
You did your civic duty. You voted. You may even get a red, white and blue sticker to wear proudly on your T-shirt. But are you sure your vote will be counted — and counted properly? If your state uses computers for voting or counting results, there’s a chance it may not, experts say. “We know that computers can have some bugs or even cleverly-hidden malicious code called malware,” said Barbara Simons, president of Verified Voting, a non-profit, nonpartisan group encouraging secure and accurate elections. “As we learned in 2016, we also have to worry about the possibility of computers and voting systems being hacked,” she added. But if you live in Colorado, you’ll now have a better chance of finding out if your vote fell victim to a glitch or a hack.
We are proud to announce that Colorado has chosen Free & Fair to build a risk-limiting audit (RLA) system to be used statewide beginning with the November 2017 general election. First developed in 2008, RLAs promote evidence-based confidence in election outcomes by comparing a random sampling of paper ballots to their corresponding digital versions. This will be the first time anywhere in the United States that risk-limiting audits are conducted on a regular, statewide basis. Free & Fair has already prototyped an open source risk-limiting audit tool called OpenRLA, for RLAs of election contests in single jurisdictions. The production RLA system being developed for Colorado will facilitate statewide, multi-county and individual county audits. Like OpenRLA, the RLA system developed for Colorado will be released under an open source license (GPL Version 3). Risk-limiting audits provide strong statistical evidence that a jurisdiction’s voting system accurately interpreted and tabulated voter markings on paper ballots, with relatively little hand counting. The “risk limit” is the largest chance that an outcome-changing error in the initial tabulation will not be discovered and corrected in the audit. If the risk limit is 5% and the outcome wouldn’t match the result of a full, accurate count of the paper ballots, there is at least a 95% chance that the audit will correct the outcome.
Editorials: Peace of Mind for a Tumultuous Election: Paper Trails and Risk-Limiting Audits | Arlene Ash and Mary Batcher/Huffington Post
With increasingly heated allegations of “rigged elections,” things have probably not gotten better since a September 29 poll concluded that “more than 15 million voters may stay home on Election Day” over concerns about cyber-security. Equally problematic would be doubts about who won following November 8. A vibrant democracy requires trusted elections. Paper validation of ballots cast and meaningful audits of those ballots are important – and neglected – tools for bolstering trust. As statisticians working in healthcare and business, we frequently help researchers, patients, and business executives think about the probability and severity of potential risks. Based on the news coverage it receives, you might think that the problem of people who are not entitled to vote showing up at polling places is rampant. It is not. A comprehensive study of all American elections between 2000 and 2014 identified only 31 possible cases out of a billion votes cast. That is, only 0.000003 percent of votes might have been due to the kind of fraud that Voter ID laws could possibly prevent! In contrast, electoral malpractice, intentional or not – including confusing ballot designs, computer security breaches and malfunctions, long lines, partisan administration, misleading information about where and how to vote, poorly maintained voting lists, and overly aggressive voter list purges – plague every American election.