Voting Blogs

Articles about voting from the blogosphere.

Voting Blogs: Pilots of risk-limiting election audits in California and Virginia | Andrew Appel/Freedom to Tinker

Orange County, CA Pilot Risk-Limiting Audit, by Stephanie Singer and Neal McBurnett, Verified Voting Foundation, December 2018.
City of Fairfax,VA Pilot Risk-Limiting Audit, by Mark Lindeman, Verified Voting Foundation, December 2018.

In order to run trustworthy elections using hackable computers (including hackable voting machines), “elections should be conducted with human-readable paper ballots. … States should mandate risk-limiting audits prior to the certification of election results.

What is a risk-limiting audit, and how do you perform one? An RLA is a human inspection of a random sample of the paper ballots (or batches of ballots)—using a scientific method that guarantees with high confidence that if the voting machines claimed the wrong winner, then the audit will declare, “I cannot confirm this election,” in which case a by-hand recount is appropriate.  This is protection against voting-machine miscalibration, or against fraudulent hacks of the voting machines.

That’s what it is, but how do you do it?  RLAs require not only a statistical design, but a practical plan for selecting hundreds of ballots from among millions of sheets of paper.  It’s an administrative process as much as it is an algorithm.

In 2018, RLAs were performed by the state of Colorado.  In addition, two just-published reports describe pilot RLAs performed by Orange County, California and Fairfax, Virginia.  From these reports (and from the audits they describe) we can learn a lot about how RLAs work in practice. Read More

Voting Blogs: Florida is the Florida of ballot-design mistakes | Andrew Appel/Freedom to Tinker

This article was originally posted at Freedom to Tinker on November 14, 2018.

Well designed ballot layouts allow voters to make their intentions clear; badly designed ballots invite voters to make mistakes.  This year, the Florida Senate race may be decided by a misleading ballot layout—a layout that violated the ballot design recommendations of the Election Assistance Commission. In Miami, Florida in the year 2000, the badly designed “butterfly ballot” misled over 2000 voters who intended to vote for Al Gore, to throw away their vote.  (That’s a strong statement, but it’s backed up by peer-reviewed scientific analysis.) In Sarasota, Florida in the year 2006, in a Congressional race decided by 369 votes, over 18,000 voters failed to vote in that race, almost certainly because of a badly designed touch-screen ballot layout. In Broward County, Florida in the year 2018, it appears that a bad optical-scan ballot design caused over 26,000 voters to miss voting in the Senate race, where the margin of victory (as of this writing, not yet final) is 12,562 votes. Read More

Voting Blogs: Counting Ballots Pursuant to Law is Not Stealing an Election | Steven F. Huefner /Election Law @ Moritz

It has been less than 72 hours since polls closed on the 2018 congressional midterm elections, and for candidates and their supporters who do not yet know the outcome of close contests, patience – not unsubstantiated or false allegations of election rigging – MUST be the order of the day. As any close observer of U.S. elections knows, once the polls close each state then conducts a carefully structured process of tallying the votes. Critically, as any close observer also knows, the Election Night “results” are not only unofficial, they are also still entirely preliminary and will almost inevitably change, perhaps considerably. With the dramatic rise in the use of mail-in absentee voting over the past decade, election officials increasingly must deal after Election Day with a significant volume of paper ballots that have arrived around Election Day (each state sets its own rules for when the ballots must arrive). Meanwhile, provisional ballots also require individual review and processing after Election Day. These post-election processes are not some mere afterthought; rather, they are critical components of determining the official election outcome, and they must be respected as essential to the overall integrity of the election. Read More

Voting Blogs: This Software is Exposing State Election Servers to Intruders | Democracy Chronicles

A ProPublica analysis found election computer servers in Wisconsin and Kentucky could be susceptible to hacking. Wisconsin shut down its service in response to our inquiries. As recently as Monday, computer servers that powered Kentucky’s online voter registration and Wisconsin’s reporting of election results ran software that could potentially expose information to hackers or enable access to sensitive files without a password. The insecure service run by Wisconsin could be reached from internet addresses based in Russia, which has become notorious for seeking to influence U.S. elections. Kentucky’s was accessible from other Eastern European countries. The service, known as FTP, provides public access to files — sometimes anonymously and without encryption. As a result, security experts say, it could act as a gateway for hackers to acquire key details of a server’s operating system and exploit its vulnerabilities. Some corporations and other institutions have dropped FTP in favor of more secure alternatives. Read More

Voting Blogs: Ten ways to make voting machines cheat with plausible deniability | Andrew Appel/Freedom to Tinker

Voting machines can be hacked; risk-limiting audits of paper ballots can detect incorrect outcomes, whether from hacked voting machines or programming inaccuracies; recounts of paper ballots can correct those outcomes; but some methods for producing paper ballots are more auditable and recountable than others.

A now-standard principle of computer-counted public elections is, use a voter-verified paper ballot, so that in case the voting machine cheats in counting the votes, the human doing an audit or recount can see the paper that the voter marked.  Why would the voting machine cheat?  Well, they’re computers, and any computer may have security vulnerabilities that permits an attacker to modify or replace its software.  We must presume that any voting machine might, at any time, be under the complete control of an attacker, an election thief. Read More

Voting Blogs: CEIR voter registration database security report: Survey finds most states adopted best cybersecurity practices since ‘16 | electionlineWeekly

The Center for Election Innovation and Research (CEIR) has released a new report based on a survey of 26 states conducted between June and July of 2018 to assess the current state of security around voter registration databases (VRDBs). The survey results, released ahead of National Voter Registration Day, show that immense progress has been made in securing voter registration databases since 2016, though significant room for improvement remains for states to strengthen their defenses against hacking attempts. Voter registration databases have been a central focus of conversations around election security since the 2016 presidential election when several voter registration databases were scanned and at least one infiltrated by Russian operatives. Read More

Voting Blogs: Creating a culture of proactive security: Colorado’s EPIC TTX prepares for almost any scenario | electionlineWeekly

There was a fire, a tornado, and the heating system went down in the ballot-tabulation room. There was fake news on social media and real news media in the room. Polls opened late and stayed open late. The state voter registration database went down. Tabulation machines failed to tabulate. There were concerned citizens and advocates demanding to know what was happening. And then there was Olga from Sputnik News who seemed overly curious about everything. Those were just some of the scenarios and situations faced by Colorado county elections officials and staff participating in the secretary of state’s EPIC table top exercise last week in Englewood. Read More

Voting Blogs: Federal Court Expedites Motion to Compel Georgia to Use Paper Ballots for 2018 Midterm Elections | The Brad Blog

Plaintiffs in a Georgia lawsuit seeking to force the state to move to a hand-marked paper ballot system in time for this year’s midterm elections, promise to produce expert testimony to the court, demonstrating that “Georgia’s voting system is a catastrophically open invitation to malicious actors intent on disrupting our democracy.” The Coalition for Good Governanceand a group of multi-partisan individual plaintiffs filed a motion [PDF]  on July 31, seeking a preliminary injunction in the federal case, to prevent Georgia from conducting this year’s midterms on the state’s notorious Diebold AccuVote TS (touchscreen) Direct Recording Electronic (DRE) voting machines. Instead, plaintiffs seek an order that Georgia’s election officials utilize, for in-person voting, the same already-certified, Diebold paper ballot-based optical-scan system currently used for tabulation of the Peach State’s absentee ballots. Last week, U.S. District Court Judge Amy Totenberg ordered an expedited briefing schedule on plaintiffs’ motion to compel the State of Georgia to adopt this simple method for conducting a verifiable paper ballot election on November 6, 2018. Read More

Voting Blogs: Lawsuit Seeks Public Info About Controversial Voting Purge Letter | Brennan Center for Justice

The Brennan Center for Justice at NYU School of Law is suing the Justice Department today for refusing to turn over documents related to a controversial letter DOJ sent last year, which sought detailed information about how states maintain their voter rolls. Voting rights groups are concerned that it could be a prelude to pressuring states to engage in aggressive voter purges — the often-flawed process of deleting names from voter registration lists. “The public has a right to know why the Justice Department sent this letter, and what information it received from states in response,” said Jonathan Brater, counsel in the Brennan Center’s Democracy Program. “The Justice Department should be fighting to protect the voting rights of all Americans. We are concerned, though, that this letter may be part of a broader effort to undermine those rights, and we are going to court to find out.” Read More

Voting Blogs: Time Running Out to Secure Against 2018 Election Cyberattacks | Democracy Chronicles

In a wide-ranging set of indictments handed down on July 13, 2018, the U.S. Department of Justice (DOJ) charged 12 Russian intelligence officers with brazenly attacking U.S. election infrastructure during the 2016 presidential election. On that same day, Director of National Intelligence Dan Coats sounded the alarm that Russia is continuing its cyberattacks on the United States, ominously stating that “the warning lights are blinking red again,” just as they were before the terrorist attacks of 9/11. Coats went on to say that the nation’s election systems and other digital infrastructure are “literally under attack.” Yet, in the face of overwhelming evidence, for more than a year-and-a-half, President Donald Trump has cast doubt on these consistent warnings. It now is incumbent on Congress, key members of the administration, state and local officials, and other stakeholders to take aggressive steps within their respective purviews to secure our election infrastructure. Read More