risk limiting audits

Tag Archive

Voting Blogs: Pilots of risk-limiting election audits in California and Virginia | Andrew Appel/Freedom to Tinker

Orange County, CA Pilot Risk-Limiting Audit, by Stephanie Singer and Neal McBurnett, Verified Voting Foundation, December 2018.
City of Fairfax,VA Pilot Risk-Limiting Audit, by Mark Lindeman, Verified Voting Foundation, December 2018.

In order to run trustworthy elections using hackable computers (including hackable voting machines), “elections should be conducted with human-readable paper ballots. … States should mandate risk-limiting audits prior to the certification of election results.

What is a risk-limiting audit, and how do you perform one? An RLA is a human inspection of a random sample of the paper ballots (or batches of ballots)—using a scientific method that guarantees with high confidence that if the voting machines claimed the wrong winner, then the audit will declare, “I cannot confirm this election,” in which case a by-hand recount is appropriate.  This is protection against voting-machine miscalibration, or against fraudulent hacks of the voting machines.

That’s what it is, but how do you do it?  RLAs require not only a statistical design, but a practical plan for selecting hundreds of ballots from among millions of sheets of paper.  It’s an administrative process as much as it is an algorithm.

In 2018, RLAs were performed by the state of Colorado.  In addition, two just-published reports describe pilot RLAs performed by Orange County, California and Fairfax, Virginia.  From these reports (and from the audits they describe) we can learn a lot about how RLAs work in practice. Read More

Michigan: ‘Risk-Limiting’ Audits Could Provide Election Assurances | Government Technology

Three Michigan cities are testing a new process designed to provide strong statistical evidence that the election outcome is correct. The “risk-limiting audit” is a relatively new election security measure being tested across Michigan this week. It’s designed to detect irregularities that could influence reported election outcomes, including cyber-attacks and unintentional machine or human errors. The goal of the pilot will be to determine how risk-limiting audits could be rolled out statewide. Kalamazoo, Lansing and Rochester Hills will also pilot the procedure during the first week of December. “Our goal as election administrators is to foster confidence in the electoral process, the results of that process, and ultimately our democratic institutions,” said Kalamazoo City Clerk Scott Borling. “Michigan voters put their faith in us to conduct free and fair elections. The Risk-Limiting Audit provides another tool and opportunity to demonstrate their trust is well placed.” Read More

Michigan: New election security test will audit 2018 results in 3 Michigan cities | MLive.com

Three Michigan cities are testing a new process designed to provide strong statistical evidence that the election outcome is correct. The “risk-limiting audit” is a relatively new election security measure being tested across Michigan this week. It’s designed to detect irregularities that could influence reported election outcomes, including cyber-attacks and unintentional machine or human errors. The goal of the pilot will be to determine how risk-limiting audits could be rolled out statewide. Kalamazoo, Lansing and Rochester Hills will also pilot the procedure during the first week of December. “Our goal as election administrators is to foster confidence in the electoral process, the results of that process, and ultimately our democratic institutions,” said Kalamazoo City Clerk Scott Borling. “Michigan voters put their faith in us to conduct free and fair elections. The Risk-Limiting Audit provides another tool and opportunity to demonstrate their trust is well placed.” Read More

Michigan: Rochester Hills to conduct post-election risk-limiting audit | The Oakland Press

On Monday, Dec. 3, Rochester Hills will conduct Michigan’s first pilot of a risk-limiting post-election audit. Risk-limiting audits provide a check on election results. The procedure is designed to detect irregularities that may include intentional cyber attacks or unintentional error that may change the reported election outcomes. “Michigan voters put their faith in us as election administrators to conduct free and fair elections,” said Rochester Hills Clerk Tina Barton. “This procedure will provide us with another opportunity to confirm their trust is well placed.” The pilot is one of three to be conducted the first week of December and part of the first multi-jurisdictional risk-limiting audit pilot in the country. Lansing and Kalamazoo will hold their pilots later in the week. Read More

California: California doesn’t need better voting machines — it needs better audits, experts say | The Peninsula Press

When voters in Alameda and Santa Clara County head to the polls on Nov. 6, about one percent will cast their ballots on electronic voting machines that have known security vulnerabilities. California has safeguards in place. In addition to requiring paper records for votes cast on electronic machines, California also manually audits one percent of all ballots cast, to make sure there’s no discrepancy in the numbers. Now, experts like David Dill, a computer science professor at Stanford and founder of Verified Voting, are saying that isn’t enough, and are pushing states like California to implement more rigorous auditing methods. “The problem of protecting machines is pretty unmanageable, even with the best and most modern hardware … so what you need to do is select a bunch of ballots at random and hand count them in order to make sure the electronic counts are accurate,” says Dill. Read More

Editorials: Protect public trust by auditing elections: It’s easier than you might think  | Marc Schneider/The Hill

Pick one word for how the Russians interfered with the 2016 presidential election. How about “distrust?” They used trolling, false stories, fake accounts, and cyberattacks to sow distrust among the American people. And without a doubt, Russians and other adversaries are working hard now to spark anger, confusion, and conflict along economic, gender, political, and racial lines within our country. While an effort to reduce confidence in our voting systems — the actual machines and processes we use to register voters and elect our leaders — was a factor in 2016, I believe it will be an even greater factor moving forward. Why? Because it would be so effective. The objectives of campaigns like Russia’s are to divide and demoralize the public, muddy discourse, and discredit and undermine whoever they see as opponents. What better way to do that than by delegitimizing the election results, particularly in hotly contested races where a small number of votes can make all the difference?  Read More

National: Risk-Limiting Audits Can Support an Election’s Legitimacy | StateTech

The National Academy of Sciences report is blunt: “There is no realistic mechanism to fully secure vote casting and tabulation computer systems from cyber threats.” But election officials can and should audit votes — rather than performing time-consuming full recounts — before election results are certified to confirm their legitimacy, the report states. Risk-limiting audits are a relatively new way to double-check the results of an election after the fact. First implemented in Colorado in 2017, the audits examine a randomly chosen, statistically significant number of paper ballots and compare the results in those ballots to the actual result.  They’re done no matter the margin of victory; suspicious results may trigger a full recount. “It’s an abbreviated recount, in a sense,” said Ronald Rivest, one of the inventors of the RSA public-key cryptosystem and a member of the NAS panel that wrote the report.  Read More

National: Experts assess voting security as midterm elections approach | Princeton University

Since the adoption of electronic voting machines in the 1990s, election experts have argued that paper records are critical for auditing elections and detecting potential tampering with vote tallies. The issue gained new prominence following the 2016 elections, which spurred multiple investigations into allegations of Russian interference in the electoral process. In a panel discussion hosted by Princeton’s Center for Information Technology Policy (CITP), experts examined the state of U.S. election security. The moderator Ed Felten, the Robert E. Kahn Professor of Computer Science and Public Affairs and director of CITP, opened the discussion by noting that “Princeton has quite a bit of expertise in this area.” He cited two faculty members working in election technology and policy, Andrew Appel and Jonathan Mayer. Appel, the Eugene Higgins Professor of Computer Science, recently served as a member of the National Academies’ Committee on the Future of Voting, while Mayer, assistant professor of computer science and public affairs, recently developed bipartisan election security legislation as a staffer in the United States Senate. Also on the panel was Marian Schneider, a former Pennsylvania elections official and the president of Verified Voting, a nonprofit organization that aims to improve election security practices. Read More

Michigan: State to test out risk-limiting election audits | WILX

The State of Michigan will be running a pilot program auditing election results after the general election on November 6. Michigan will be part of a pilot program that will verify that voting equipment and election officials performed properly. “With this pilot of risk-liming audits, Michigan further bolsters its reputation as a national leader in election security and integrity,” Secretary of State Ruth Johnson said. “With our new election equipment and secure voter file, and now with our pilot of risk-limiting audits, we are well ahead of other states in strengthening election integrity.” Three cities in Michigan will participate in the pilot program, Rochester Hills, Kalamazoo and Lansing. “I thank the clerks in Kalamazoo, Lansing and Rochester Hills for stepping up and being willing to pioneer how these audits could work in Michigan,” Johnson said. “Their participation shows how much election officials across Michigan take election protection seriously and are working to further strengthen voting security and integrity.” Read More

Colorado: How Colorado voting became a cybersecurity leader long before Russians tried to hack it | TechRepublic

Colorado was one of 21 states targeted by Russian operatives during the 2016 election. But unlike many others, the state has spent years implementing top-tier cybersecurity measures and audits to prevent hackers from entering its systems and interfering with the election process. Colorado receives top marks in the three most important election security categories, according to a February report from the left-leaning Center for American Progress comparing the election security of all 50 states:

Adhering to minimum cybersecurity standards for voter registration systems
Carrying out elections with paper ballots
Conducting robust post-election audits

… In 2017, Colorado became the first state to carry out mandatory risk-limiting post-election audits, which are widely considered the gold standard, according to the Center for American Progress. Risk-limiting audits involve manually checking a sample of ballots, and providing statistical evidence that the election outcome is correct. They have a high probability of correcting a wrong outcome, according to the US Election Assistance Commission. A risk-limiting audit could lead to a full manual recount if there is not enough evidence to prove that the reported outcome is correct, the commission stated. Read More