Michigan: New election security test will audit 2018 results in 3 Michigan cities | MLive.com

Three Michigan cities are testing a new process designed to provide strong statistical evidence that the election outcome is correct. The “risk-limiting audit” is a relatively new election security measure being tested across Michigan this week. It’s designed to detect irregularities that could influence reported election outcomes, including cyber-attacks and unintentional machine or human errors. The goal of the pilot will be to determine how risk-limiting audits could be rolled out statewide. Kalamazoo, Lansing and Rochester Hills will also pilot the procedure during the first week of December. “Our goal as election administrators is to foster confidence in the electoral process, the results of that process, and ultimately our democratic institutions,” said Kalamazoo City Clerk Scott Borling. “Michigan voters put their faith in us to conduct free and fair elections. The Risk-Limiting Audit provides another tool and opportunity to demonstrate their trust is well placed.”

Michigan: Rochester Hills to conduct post-election risk-limiting audit | The Oakland Press

On Monday, Dec. 3, Rochester Hills will conduct Michigan’s first pilot of a risk-limiting post-election audit. Risk-limiting audits provide a check on election results. The procedure is designed to detect irregularities that may include intentional cyber attacks or unintentional error that may change the reported election outcomes. “Michigan voters put their faith in us as election administrators to conduct free and fair elections,” said Rochester Hills Clerk Tina Barton. “This procedure will provide us with another opportunity to confirm their trust is well placed.” The pilot is one of three to be conducted the first week of December and part of the first multi-jurisdictional risk-limiting audit pilot in the country. Lansing and Kalamazoo will hold their pilots later in the week.

California: California doesn’t need better voting machines — it needs better audits, experts say | The Peninsula Press

When voters in Alameda and Santa Clara County head to the polls on Nov. 6, about one percent will cast their ballots on electronic voting machines that have known security vulnerabilities. California has safeguards in place. In addition to requiring paper records for votes cast on electronic machines, California also manually audits one percent of all ballots cast, to make sure there’s no discrepancy in the numbers. Now, experts like David Dill, a computer science professor at Stanford and founder of Verified Voting, are saying that isn’t enough, and are pushing states like California to implement more rigorous auditing methods. “The problem of protecting machines is pretty unmanageable, even with the best and most modern hardware … so what you need to do is select a bunch of ballots at random and hand count them in order to make sure the electronic counts are accurate,” says Dill.

Editorials: Protect public trust by auditing elections: It’s easier than you might think  | Marc Schneider/The Hill

Pick one word for how the Russians interfered with the 2016 presidential election. How about “distrust?” They used trolling, false stories, fake accounts, and cyberattacks to sow distrust among the American people. And without a doubt, Russians and other adversaries are working hard now to spark anger, confusion, and conflict along economic, gender, political, and racial lines within our country. While an effort to reduce confidence in our voting systems — the actual machines and processes we use to register voters and elect our leaders — was a factor in 2016, I believe it will be an even greater factor moving forward. Why? Because it would be so effective. The objectives of campaigns like Russia’s are to divide and demoralize the public, muddy discourse, and discredit and undermine whoever they see as opponents. What better way to do that than by delegitimizing the election results, particularly in hotly contested races where a small number of votes can make all the difference? 

National: Risk-Limiting Audits Can Support an Election’s Legitimacy | StateTech

The National Academy of Sciences report is blunt: “There is no realistic mechanism to fully secure vote casting and tabulation computer systems from cyber threats.” But election officials can and should audit votes — rather than performing time-consuming full recounts — before election results are certified to confirm their legitimacy, the report states. Risk-limiting audits are a relatively new way to double-check the results of an election after the fact. First implemented in Colorado in 2017, the audits examine a randomly chosen, statistically significant number of paper ballots and compare the results in those ballots to the actual result.  They’re done no matter the margin of victory; suspicious results may trigger a full recount. “It’s an abbreviated recount, in a sense,” said Ronald Rivest, one of the inventors of the RSA public-key cryptosystem and a member of the NAS panel that wrote the report. 

National: Experts assess voting security as midterm elections approach | Princeton University

Since the adoption of electronic voting machines in the 1990s, election experts have argued that paper records are critical for auditing elections and detecting potential tampering with vote tallies. The issue gained new prominence following the 2016 elections, which spurred multiple investigations into allegations of Russian interference in the electoral process. In a panel discussion hosted by Princeton’s Center for Information Technology Policy (CITP), experts examined the state of U.S. election security. The moderator Ed Felten, the Robert E. Kahn Professor of Computer Science and Public Affairs and director of CITP, opened the discussion by noting that “Princeton has quite a bit of expertise in this area.” He cited two faculty members working in election technology and policy, Andrew Appel and Jonathan Mayer. Appel, the Eugene Higgins Professor of Computer Science, recently served as a member of the National Academies’ Committee on the Future of Voting, while Mayer, assistant professor of computer science and public affairs, recently developed bipartisan election security legislation as a staffer in the United States Senate. Also on the panel was Marian Schneider, a former Pennsylvania elections official and the president of Verified Voting, a nonprofit organization that aims to improve election security practices.

Michigan: State to test out risk-limiting election audits | WILX

The State of Michigan will be running a pilot program auditing election results after the general election on November 6. Michigan will be part of a pilot program that will verify that voting equipment and election officials performed properly. “With this pilot of risk-liming audits, Michigan further bolsters its reputation as a national leader in election security and integrity,” Secretary of State Ruth Johnson said. “With our new election equipment and secure voter file, and now with our pilot of risk-limiting audits, we are well ahead of other states in strengthening election integrity.” Three cities in Michigan will participate in the pilot program, Rochester Hills, Kalamazoo and Lansing. “I thank the clerks in Kalamazoo, Lansing and Rochester Hills for stepping up and being willing to pioneer how these audits could work in Michigan,” Johnson said. “Their participation shows how much election officials across Michigan take election protection seriously and are working to further strengthen voting security and integrity.”

Colorado: How Colorado voting became a cybersecurity leader long before Russians tried to hack it | TechRepublic

Colorado was one of 21 states targeted by Russian operatives during the 2016 election. But unlike many others, the state has spent years implementing top-tier cybersecurity measures and audits to prevent hackers from entering its systems and interfering with the election process. Colorado receives top marks in the three most important election security categories, according to a February report from the left-leaning Center for American Progress comparing the election security of all 50 states:

Adhering to minimum cybersecurity standards for voter registration systems
Carrying out elections with paper ballots
Conducting robust post-election audits

… In 2017, Colorado became the first state to carry out mandatory risk-limiting post-election audits, which are widely considered the gold standard, according to the Center for American Progress. Risk-limiting audits involve manually checking a sample of ballots, and providing statistical evidence that the election outcome is correct. They have a high probability of correcting a wrong outcome, according to the US Election Assistance Commission. A risk-limiting audit could lead to a full manual recount if there is not enough evidence to prove that the reported outcome is correct, the commission stated.

Colorado: A Safe Place for Elections | State of Elections

Colorado is known for more than just picturesque mountain views and crystal-clear rivers. The Centennial State touts some of the best education, healthcare, and the best state economy in the nation. To add to this impressive list of achievements, Colorado has been christened as the safest state in the nation to host an election. Colorado’s impressive new title come from two different sources: The Washington Post and Homeland Security Secretary Kristjen Nielsen. Over the last decade, Colorado took several steps forward in election security to ensure the integrity of its elections. First, Colorado implemented a first-of-its-kind risk-limiting audit. In 2013, the Colorado legislature codified this new auditing technique (Colo. Rev. Stat. § 1-7-515 (2013)), which was required for the 2017 elections and all “primary, general, coordinated, or congressional vacancy elections thereafter.” A risk-limiting audit is a form of statistical analysis that requires officials to match certain paper ballots with the electronic voting machines’ interpretation of the ballots. This ensures that the machine read the ballot correctly.

National: Risk Limiting Audits (RLAs) Gain Traction With State & Local Election Officials In Advance Of 2018 U.S. Midterm Elections | Free & Fair

To guard against the multitude of election security threats ahead of the 2018 U.S. midterms, state and local jurisdictions are turning to Risk Limiting Audits (RLAs). Two of the more notable RLA initiatives – State of Colorado and Orange County, Ca. – leverage software developed by election technology startup Free & Fair. A Risk Limiting Audit is an evidence-based method that checks the integrity of election tabulation outcomes by comparing a random manual recount sampling of paper ballots to their corresponding digital versions. RLAs are better and more efficient than the random post-election audits used by jurisdictions today, because they generally require a smaller number of ballots to be audited but still provide a much higher statistical probability that the outcome is correct. In November 2017, Colorado completed the first U.S. statewide set of risk-limiting post-election audits in binding elections – with all 56 Colorado counties that had a November election passing. State of Colorado recently earned the Government Innovation Award for its pioneering use of RLAs in binding elections. Free & Fair, which offers transparent, cyber secure and verifiable election systems, developed the software tools for this first U.S. statewide implementation of RLAs beginning with the November 2017 general election.

National: Scientific collective calls for paper-based voting machines, no more internet voting | StateScoop

The United States should stop holding elections conducted without human-readable paper ballots as soon as possible, urges a report published Thursday by the National Academies of Sciences, Engineering, and Medicine. In a press release announcing the NASEM report, Lee Bollinger, president of Columbia University and co-chair of the committee that produced the report said “this is a critical time for our country” and called on all levels of government to prioritize the use of paper ballots. NASEM’s recommendations are all oriented around ensuring that election infrastructure is not vulnerable to tampering and that results can be verified. Chief among the recommendations is that all voting machines that do not create a paper trail allowing for independent auditing be “removed from service as soon as possible.” The report follows two years of federal and state activity centered on protecting election systems from foreign meddling, specifically groups linked to Russian intelligence agencies. State chief information officers first got a warning from the Department of Homeland Security in August 2016 about potential outside attacks, and federal agencies have increased their attention on the issue throughout 2018.

National: Senators duel over audit requirements in election security bill | FCW

As the Secure Elections Act barrels towards a crucial markup in the Senate, two of its original cosponsors expressed divergent views on whether the bill must mandate hand counted post-election audits. The latest version of the bill released by Senate Rules Committee chair Roy Blunt (R-Mo.) would, like its predecessors, mandate that every state conduct a post-election audit to verify the results. However, Blunt’s version would allow states to conduct those audits by hand as well as through electronic means. Previous versions of the bill specified that audits be inspected “by hand and not by device.” During a hearing on cybersecurity, Sen. Amy Klobuchar (D-Minn.), one of the original co-sponsors of the bill, pressed her colleagues to fight to reinsert the language. “I would love to see that risk-limiting audit requirement across the country,” said Klobuchar. “What we have right now in the bill is a requirement that simply audits be required and they have to report back to us. We have backup paper ballots in 14 states now, nine as you know have partial [paper backups], five don’t have any at all….I don’t know how you could prove what happened in an election if there was a hacking.”

Editorials: Election Security Bill Without Paper Records and Risk Limiting Audits? No Way. | Electronic Frontier Foundation

The Senate is working on a bill to secure election infrastructure against cybersecurity threats, but, unless amended, it will widely miss the mark. The current text of the Secure Elections Act omits the two most effective measures that could secure our elections: paper records and automatic risk limiting audits. Cybersecurity threats by their very nature can be stealthy and ambiguous. A skillful attack can tamper with voting machines and then delete itself, making it impossible to prove after the fact that an election suffered interference. Paper records ensure that it is possible to detect and quickly correct for such interference. Automatic audits ensure that such detection actually happens.

Verified Voting in the News: First new election results audit held in Fairfax city | WTOP

In a first for Virginia, elections officials gathered Thursday and Friday at the Fairfax County Courthouse to prove that election results from June’s primary were correct. The risk-limiting audit was for the Republican U.S. Senate primary results in the city of Fairfax. It was a demonstration of what could be done statewide in future elections as a statistical check to provide more evidence that the final results based on counts from ballot scanners are correct. The audits, when done for an entire election, are meant to show statistical confidence that the winner really won and the loser or losers really lost. Results of the first audit completed Friday showed the results of 69 randomly selected ballots scanned by a machine Thursday matched the hand count of those same ballots done Friday morning. (One ballot was selected twice by the random process).

Voting Blogs: Passing Your Vote Through Security: The Rise of Risk Limiting Audits in Rhode Island | State of Elections

In the 2016 election’s aftermath, United States intelligence agencies speculated that the Russian government hacked various government entities and the major political parties in order to influence the election’s results. It was recently confirmed that twenty-one  states were subject to that foreign attack. Experts cautioned states to take responsive measures since many states take little to no precaution at all.   Rhode Island, like sixteen other states, does not presently have a statutory requirement to conduct post-election audits. But on September 19, 2017, Rhode Island’s State Legislature responded to the 2016 election cycle by passing a new bill through both chambers (Senate Bill 413A and House Bill 5704A) which would begin post-election audits in 2018 and mandate them in every county by 2020. The bill received bipartisan and unanimous support, passing 36-0 in the State Senate, and 70-0 in the House of Representatives. Governor Gina Raimondo is expected to sign the legislation. The proposed legislation allows the Board of Elections to decide which elections (i.e., primary, state, multijurisdictional) are subject to a risk limiting audit or partial recount in order to verify voting results. This audit would be conducted by hand, in public view, and completed within seven days after an election.  

Voting Blogs: Colorado leads the way with risk limiting audits | electionlineWeekly

With the role of the dice, Colorado recently became the first state in the nation to conduct a post-election risk-limiting audit (RLA). It’s taken a while to get this point — the legislation requiring RLAs was first approved in 2009, but Secretary of State Wayne Williams said the result was worth the wait. “We’ve been preparing for this for a number of years,” Williams said noting the need to promulgate the rules for the audit, for new voting systems and training at the state and county level. “It required a lot of work and effort from my office and the county clerks and they all came through fabulously. I was thrilled with the success. The fact that every single county passed, I think gives everyone a very high level of assurance of elections in Colorado.” Williams said it’s important to note that Colorado didn’t begin the RLA process in response to recent concerns about the accuracy of elections, but it is very timely because of concerns being raised.

Colorado: State first to complete new kind of election audit | Craig Daily Press

Colorado has become the first state in the country to complete a risk-limiting audit, or RLA, designed to catch mistakes when ballots are tabulated, and Moffat County was part of the successful test that garnered national interest. “It went really great — better than expected,” said Deputy Election Clerk Amanda Tomlinson. “The processes took over a year of preparation with the secretary of state and learning to use the RLA tool.” The RLA is a procedure that provides strong statistical evidence that an election outcome is correct and has a high probability of correcting an erroneous outcome. It requires humans to examine and verify more ballots in close races and fewer ballots in races with wide margins.

California: Saving throw: Securing democracy with stats, spreadsheets, and 10-sided dice | Ars Technica

More than a dozen counties have now participated in a California-wide pilot project to provide a real-world test of what had previously been an academic theory. The pilot was authorized under California Assembly Bill 2023, which passed in 2010. Including audits conducted before the bill’s passage, 23 contests have been audited across several county-level elections in the state in recent years, and other counties, including Orange, Marin, and Yolo, will have additional audits in the coming weeks. California already has a mandatory audit law, which stipulates that a public manual tally of 1 percent of the precincts, chosen at random, must take place. But in Stark’s view, this is the wrong way to proceed. “There is no statistical justification for the 1 percent tally,” Stark explained. “It is a check on the accuracy of the system, but it is not well tied to ensuring that outcomes are right. It doesn’t require more counting for small margins than for large ones, and it does not require a full hand count, even if something is obviously wrong.”

Colorado: Risk-limiting election audit has been completed | Denver Post

Colorado has completed a first-of-its-kind statewide election audit, which drew attention from outside the state, with all participating counties passing. That means the so-called risk-limiting audit showed the state’s vote tabulating machines properly counted ballots from the election that ended earlier this month. The audit involved a manual recount of a sample of ballots from the more than 50 counties that had elections this year and compared them with how they were interpreted by tabulating machines. The exercise, which began late last week and was completed Tuesday, comes amid national concern about election integrity. “I think it’s fair to say that both state and county election officials were a little anxious because this has never been done before,” Colorado Secretary of State Wayne Williams said in a written statement. “But it turned out to be an amazing success, and that’s because our staff and our county clerks have done a phenomenal job. I am thankful for their hard work and dedication.”

National: States Start Using Statistical Methods to Check Voter Count Accuracy | eWeek

In the face of overwhelming evidence that the Russians meddled in the 2016 U.S. presidential election, states are adopting auditing measure to detect any possible direct ballot fraud and give voters confidence in the results. After clear evidence emerged that Russia attempted to influence the results of the 2016 U.S. presidential election by social media, and more directly by hacking election systems, state governments are embarking on a variety of efforts to use statistical auditing to verify election results. On Nov. 15, Colorado kicked off its first statewide statistical audit of its most recent election by using a statistical technique known as risk-limiting audits to establish the integrity of the vote. Because of mail-in ballots from voters serving in the military, the state had to wait eight days to receive all votes and initiate the audit. Risk-limiting audits, or RLAs, allow election officials to verify the outcome of an election by sampling a much smaller subset of ballots compared to a full recount. Verifying the results of presidential elections in each state from 1992 to 2008, for example, only requires an average of 307 ballots per state. The number of ballots required to verify the vote, however, increases as the contests become closer and eventually defaults to a full recount, in the case of an extremely close race. Colorado’s legislature voted to adopt an election-wide audit in 2010, and election officials began piloting RLA in 2013.

National: Securing the vote: How ‘paper’ can protect US elections from foreign invaders | CSMonitor

When Logan Lamb visited the website of Georgia’s Center for Election Systems in Aug. 2016, what he found left him speechless. Although the cybersecurity researcher had no password or special authorization, he was able through a Google search to download the state’s voter registration list, view files with Election Day passwords, and access what appeared to be databases used to prepare ballots, tabulate votes, and summarize vote totals. He also discovered a vulnerability that would allow anyone to take full control of a server used for Georgia’s elections. It was everything a Russian hacker – or any malicious intruder – might need to disrupt the vote in Georgia. “Had the bad guys wanted to just completely own the central election system, they could have,” Mr. Lamb told the Monitor in an interview … There are only a handful of states in the US that are currently performing audits that start with voter-verified paper ballots. Many counties in California have conducted pioneering work with such audits. New Mexico hires an independent CPA to oversea an audit of a few key races in that state. And Rhode Island recently enacted a law to develop a voter-verified audit system. But the single most important development in this area is about to take place in Colorado.

National: Electronic voting systems in the U.S. need post-election audits | TechTarget

The state of Colorado has taken a step toward rebuilding public trust in the election system in the United States.

Beginning in November 2017, Colorado will require risk-limiting audits, or RLAs, in elections statewide. The state has always required traditional post-election audits, but in 2009, a law passed requiring RLAs throughout Colorado. According to the statute, an RLA is “an audit protocol that makes use of statistical methods and is designed to limit acceptable levels of risk of certifying a preliminary election outcome that constitutes an incorrect outcome.” This means that all post-election audits in the state of Colorado compare a random sample of paper ballots to their digital counterparts. Colorado’s law is, in large part, a reaction to recent events in the U.S. and across the globe that have called the security of electronic voting systems into question and emphasized the importance of election audits for all levels of elections.

Colorado: New vote checks could help discover a vote hack | Archer Security Group

You did your civic duty. You voted. You may even get a red, white and blue sticker to wear proudly on your T-shirt. But are you sure your vote will be counted — and counted properly? If your state uses computers for voting or counting results, there’s a chance it may not, experts say. “We know that computers can have some bugs or even cleverly-hidden malicious code called malware,” said Barbara Simons, president of Verified Voting, a non-profit, nonpartisan group encouraging secure and accurate elections. “As we learned in 2016, we also have to worry about the possibility of computers and voting systems being hacked,” she added. But if you live in Colorado, you’ll now have a better chance of finding out if your vote fell victim to a glitch or a hack.

Voting Blogs: Free & Fair to build risk-limiting audit system for State of Colorado | Free & Fair

We are proud to announce that Colorado has chosen Free & Fair to build a risk-limiting audit (RLA) system to be used statewide beginning with the November 2017 general election. First developed in 2008, RLAs promote evidence-based confidence in election outcomes by comparing a random sampling of paper ballots to their corresponding digital versions. This will be the first time anywhere in the United States that risk-limiting audits are conducted on a regular, statewide basis. Free & Fair has already prototyped an open source risk-limiting audit tool called OpenRLA, for RLAs of election contests in single jurisdictions. The production RLA system being developed for Colorado will facilitate statewide, multi-county and individual county audits. Like OpenRLA, the RLA system developed for Colorado will be released under an open source license (GPL Version 3). Risk-limiting audits provide strong statistical evidence that a jurisdiction’s voting system accurately interpreted and tabulated voter markings on paper ballots, with relatively little hand counting. The “risk limit” is the largest chance that an outcome-changing error in the initial tabulation will not be discovered and corrected in the audit. If the risk limit is 5% and the outcome wouldn’t match the result of a full, accurate count of the paper ballots, there is at least a 95% chance that the audit will correct the outcome.

Editorials: Peace of Mind for a Tumultuous Election: Paper Trails and Risk-Limiting Audits | Arlene Ash and Mary Batcher/Huffington Post

With increasingly heated allegations of “rigged elections,” things have probably not gotten better since a September 29 poll concluded that “more than 15 million voters may stay home on Election Day” over concerns about cyber-security. Equally problematic would be doubts about who won following November 8. A vibrant democracy requires trusted elections. Paper validation of ballots cast and meaningful audits of those ballots are important – and neglected – tools for bolstering trust. As statisticians working in healthcare and business, we frequently help researchers, patients, and business executives think about the probability and severity of potential risks. Based on the news coverage it receives, you might think that the problem of people who are not entitled to vote showing up at polling places is rampant. It is not. A comprehensive study of all American elections between 2000 and 2014 identified only 31 possible cases out of a billion votes cast. That is, only 0.000003 percent of votes might have been due to the kind of fraud that Voter ID laws could possibly prevent! In contrast, electoral malpractice, intentional or not – including confusing ballot designs, computer security breaches and malfunctions, long lines, partisan administration, misleading information about where and how to vote, poorly maintained voting lists, and overly aggressive voter list purges – plague every American election.