Election audit

Last updated

An election audit is any review conducted after polls close for the purpose of determining whether the votes were counted accurately (a results audit) or whether proper procedures were followed (a process audit), or both.

Contents

Both results and process audits can be performed between elections for purposes of quality management, but if results audits are to be used to protect the official election results from undetected fraud and error, they must be completed before election results are declared final. [1]

Election recounts are a specific type of audit, with elements of both results and process audits.

Boss Tweed: As long as I count the votes, what are you going to do about it? Boss Tweed, Nast.jpg
Boss Tweed: As long as I count the votes, what are you going to do about it?

The need for verification of election results

In jurisdictions that tabulate election results exclusively with manual counts from paper ballots, or 'hand counts', officials do not need to rely on a single person to view and count the votes. Instead, valid hand-counting methods incorporate redundancy, so that more than one person views and interprets each vote and more than one person confirms the accuracy of each tabulation. In this way, the manual count incorporates a confirmation step, and a separate audit may not be considered necessary.

However, when votes are read and tabulated electronically, confirmation of the results' accuracy must become a separate process.

Within and outside elections, use of computers for decision support comes with certain IT risks. Election-Day electronic miscounts can be caused by unintentional human error, such as incorrectly setting up the computers to read the unique ballot in each election and undetected malfunction, such as overheating or loss of calibration. Malicious intervention can be accomplished by corrupt insiders at the manufacturer, distributor or election authority, or external hackers who access the software on or before Election Day. [2] [3]

Computer-related risks specific to elections include local officials’ inability to draw upon the level of IT expertise available to managers of commercial decision-support computer systems [4] and the intermittent nature of elections, which requires reliance on a large temporary workforce to manage and operate the computers. [5] Voting machines are usually air-gapped from the internet, but they receive updates from flash drives which do come from the internet, and in any case air-gapped computers are regularly hacked [6] [7] [8] [9] through flash drives and other means. Besides traditional security risks such as lock-picking and phishing attacks, voting machines are often unattended in public buildings the night before the election. [10] This physical access lets outsiders subvert them. [11]

To reduce the risk of flawed Election-Day output, election managers like other computer-dependent managers rely on testing and ongoing IT security. In the field of elections management, these measures take the form of federal certification of the electronic elections system designs, [12] though there is no way to know the certified software is what is actually installed; security measures in the local election officials’ workplaces; and pre-election testing. [13]

A third risk-reduction measure is performed after the computer has produced its output: Routinely checking the computers' output for accuracy, or auditing. Outside elections, auditing practices in the private sector and in other government applications are routine and well developed. In the practice of elections administration, however, the Pew Charitable Trusts stated in 2016, “Although postelection audits are recognized as a best practice to ensure that voting equipment is functioning properly, that proper procedures are being followed, and that the overall election system is reliable, the practice of auditing is still in its relative infancy. Therefore, a consensus has not arisen about what constitutes the necessary elements of an auditing program.” [14]

Routine results audits also support voter confidence by improving election officials' ability to respond effectively to allegations of fraud or error. [15]

Examples of wrong outcomes found by audits

In 2012 in Palm Beach County, FL, a routine audit which hand-counted a sample of precincts, changed the outcomes in two Wellington City council contests. Votes in each contest were reported for a different contest. The problem did not occur in the county's other 15 municipalities. [16] [17]

Examples of intrusions into election computers

Computers which tally votes or compile election results are known to have been hacked in the US in 2014 [18] [19] [20] and 2016, [21] [22] Ukraine in 2014, [23] and South Africa in 1994. [24] [25] [26] Only the Ukraine hack was disclosed immediately, so regular audits are needed to provide timely corrections.

Audit challenges unique to election results

Confirming that votes were credited to the correct candidates’ totals might seem to be a relatively uncomplicated task, but election managers face several audit challenges not present for managers of other decision-support IT applications. Primarily, ballot privacy prevents election officials from associating individual voters with individual ballots. This makes it impossible for election officials to use some standard audit practices such as those banks use to confirm that ATMs credited deposits to the correct account.

Another challenge is the need for a prompt and irrevocable decision. Election results need to be confirmed promptly, before officials are sworn into office. In many commercial uses of information technology, managers can reverse computer errors even when detected long after the event. However, once elected officials are sworn into office, they begin to make decisions such as voting on legislation or signing contracts on behalf of the government. Even if the official were to be removed because a computer error was discovered to have put that official in office, it would not be possible to reverse all the consequences of the error.

The intermittent nature of elections is another challenge. The number of elections managed by an election authority ranges from two per year (plus special elections) in five US states to one every 4 years (plus by-elections) in parliamentary systems like Canada [27] where different election authorities manage national, provincial and municipal elections. This intermittency limits the development of a full-time, practiced workforce, for either the elections [28] or the audits. Turning election audits over to an independent, disinterested professional accounting firm is another option not available to election officials. Because election results affect everyone, including the election officials themselves, truly disinterested auditors do not exist. Therefore, audit transparency is required to provide credibility.

Attributes of a good election results audit

No governing body or professional association has yet adopted a definitive set of best practices for election audits. However, in 2007 a group of election-integrity organizations, including the Verified Voting Foundation, Common Cause, and the Brennan Center for Justice at NYU School of Law collaborated with the American Statistical Association to produce a set of recommended best practices for post-election results audits:

Current practices in election results auditing in India

India has designed and uses voting machines with one button per candidate. The button, when pressed, prints the selected candidate on a slip of paper (VVPAT), displays it to the voter, drops the slip into a box and tallies a vote for the candidate. The VVPAT is easy for voters to check, since voters only have one vote to cast, for one member of the lower house of Congress. However there is no way to correct the vote if the VVPAT shows an error. [29] The software is encoded on the machines' chip in a way that it cannot be examined. [30] Brookings found that India's adoption of voting machines cut paper ballot stuffing noticeably in states with the most election prosecutions, and led to more voting by disadvantaged populations. [31] [32] Originally the voting machines lacked a paper trail, and VVPATs were added in 2013-2019 because of doubts about security of unchecked machines. [30]

India hand tallies paper VVPATs from a 1.5% sample of election machines on the last evening of voting, before releasing results. [33] In the April–May 2019 elections, the Election Commission of India hand-tallied the slips of paper from 20,675 voting machines (out of 1,350,000 [34] or 1,730,000 [32] machines) and found discrepancies for 8 machines, usually of four votes or less. [35] Most machines tally over 16 candidates, [36] and they did not report how many of these candidate tallies were discrepant. They formed investigation teams to report within ten days, were still investigating in November 2019, with no report as of June 2021 [35] [37] though the VVPATs themselves were destoyed in September 2019. [38] Hand tallies before and after 2019 had a perfect match with machine counts. [35]

Table of Indian audit rules

List of Election Audit Practices in India
Number of Contests AuditedSample SizeWhich Units Are Sampled?Excluded from AuditsMethod of Auditing BallotsDo Audits Revise Election Outcomes?Deadline, days after election dayLevel of Discrepancy to Trigger ActionAction if DiscrepancyState Gets Report?LawRules2020 Population
(Millions)
All (each election has1 contest)1.5% [34] voting machinesnoneHand tallyMaybeSame day as last day of electionAnyTry to determine cause [37] [35] Yes2019 Supreme Court decision established sample size [34] 1380

Current practices in election results auditing in the United States

Overview

Few States Check Election Machines' Counts by Hand State audits.png
Few States Check Election Machines' Counts by Hand

Only two US states hand-tally a representative sample of all ballots, and tally all contests on those ballots, and make corrections in official results if needed: PA and WV. Two more states hand-tally all contests on a representative sample of all ballots, so they can check official results, though not necessarily correcting them if that were needed: DE, UT. In PA, UT and WV sample sizes are usually adequate for state-wide contests, but not for close county and local results. All state assembly districts and local governments have a chance of being covered and audited, and they also have a chance of being missed entirely by these random samples of precincts and election machines.

NY checks if election machines performed as expected, not whether they captured voter intent, so circles and checkmarks outside target areas are not checked by the audit. [39] Two other states hand-tally all contests, but the samples exclude significant groups of ballots: AK excludes small precincts; CA excludes ballots processed after election night (a third). [lower-alpha 1] For the two thirds of ballots audited, California does ensure that all contests are covered; they add precincts or machines to the initial sample, to ensure they sample at least some ballots from every contest. At the other extreme, thirteen states do not have regular audits of election results. Most of the other states check only a few contests, so errors are not measured in most contests. [40]

Considering the recommended best practices above, two states (DC, MA) allow public observation of all steps; three states (MD, NM, VT) have audits done by the Secretary of State, which is partly independent of election day procedures; 18 states hand-count; six states (CO, MD, NC, NM, RI, VA) have good samples for statistical confidence; no states have ways to recover from discrepancies in the chain of custody; other issues are listed in the table below. [40]

Computerization of elections occurred rapidly in the United States following the presidential election of 2000, in which imprecise vote-counting practices played a controversial role, and the subsequent adoption of the Help America Vote Act (HAVA) of 2002. The rapid switch to computerized vote tabulation forced election officials to abandon many pre-automation practices that had been used to verify vote totals, such as the redundancy included in valid hand-counting procedures. [5]

Table of U.S. audit rules

List of Election Audit Practices in the US
State [40] [41] [42] Number of Contests AuditedSample SizeWhich Units Are Sampled?Excluded from AuditsMethod of Auditing BallotsDo Audits Revise Election Outcomes?Deadline, days after election dayLevel of Discrepancy to Trigger ActionAction if DiscrepancyState Gets Report?LawRules2020 Population
(Millions)
CaliforniaAll (sample expands to cover contests not found in initial sample)1% plus enough extra to cover all contestsbatches or precinctsBallots tallied after election night (1/3 of ballots) [lower-alpha 1] Hand tallyNoBefore finalizeNo rulesReport [43] YesCal. Elec. Code §336.5, §15360 15365-15367 No rules for 1%. RLA:2 CCR 7-2 40
Texas6-Sec of State chooses 3 races & 3 ballot itemsat least 1% or 3precinctsPaperless machines, which many counties useHand tallyMaybe21AnyTry to determine causeYesTex. Elec. Code Ann. §127.201 (Vernon 2015) Election Advisory No. 2012-03 29
FloridaAll by machine, [44] or recount or 1 audit by hand, randomly chosen by each county20%-100% by machine or 2% by handprecinctsnoneTally with machines different from voting system or by handNoBefore finalizeNo rulesReportYesFla. Stat. Ann. §101.591 Procedures Manual and rule 1S-5.026 22
New YorkAll contests on sampled machines3%machinesnoneUse machines different from voting system, or manual inspection to check if voting system performed as programmed [39] Yes15AnyExpand sample in stages to full recount. Just the affected officeYesN.Y. Election Law §9-211 9 N.Y. Comp. Rules & Regs. 6210.18 and 6210.20 Judges can set aside rule 6210.18(e)(1) requiring expansion Johnson v. Martins 20
PennsylvaniaAll contests in sampled precinctslesser of 2% or 2,000 ballots. Also RLA [45] 2% by precincts or batches. RLA by ballots?noneHand tally [46] [45] Yes [47] Before finalizeNo rulesNoPa. Cons. Stat. tit. 25 §3031.17, §2650, and Stein settlement [47] Directives: Electronic Voting Systems & RLAs 13
IllinoisAll contests in samples5%precincts & machinesnoneTally with machines the optical ballots, which are common, others by hand or different machine from electionNoBefore finalizeAnyReportYes Il. Rev. Stat. ch. 10 §5/24A-15, 10 §5/24C-15 12.8
Ohio3-President or Governor, random state-wide, random county-wideat least 5% of votesmachines, precincts or polling placesodd-numbered yearsHand tallyYesBefore finalize0.5% (0.2% if winning margin under 1%)Expand sample. Sec of State may order full recount of countyYes R.C. 3505-331 Secretary of State Directive 2019-30, 2014-36,[3] 2015 Election Official Manual, [48] 11.8
Georgia1-chosen by SOS, nonrandomrisk-limiting.ballotsPrimaries, runoffs, special, odd yearsHand tallyYesBefore finalizeStatistical cutoffsInvestigate & decideYes GA 21-2-498(a)(3) SEB Rule 183-1-15-.04 10.7
North Carolina1-President or state-wide ballot itemstatistician decidesprecinctsnoneHand tallyYesBefore finalizeSignificantExpand sample to whole county, all racesNoN.C. Gen. Stat. Ann. §163-182.110.4
Michigan1-statewide [49] 5%precinctsnoneHand tallyNoAfter finalizeNo actionTrainingYesMCLA §168.31a Post-Election Audit Manual 10.1
New JerseyAll federal & state offices. Atty.Gen. picks county & municipal contests2%BatchesDRE (72% of in-person), provisional & emergency ballots, so audit is mostly of mailed ballotsHand tally of paper ballotsYesDecember 40.1%Double sample of batches. More if likely to correct outcomeYesN.J. Stat. Ann. §19:61-99.3
Virginia2-President & Senator, or others selected by Sec of State [50] risk-limitingmachines in at least random fifth of localities (all in 2020)PrimariesHand tallyNoAfter finalizeAnyAnalyzeYesCode of VA 24.2-671.18.6
Washington1-any contest on batches or precincts, 2 in RLA, or 3 on in-person machinesIn most counties: 6 batches. Or county could choose 3 precincts, or 4% of in-person machines (rarely-used in all-mail state, or RLAbatches, machines, or precinctsnoneHand tally or machines different from the election machinesMaybeBefore finalizeAnyinvestigate & resolveYesWash. Rev. Code Ann. §29A.60.185, §29A.60.170, 434-262-105 7.7
Arizona5-President, random federal, random state-wide, random legislative, ballot measureElection-day: 2% or at least 2 precincts. Early & mail: 1% or at most 5,000 ballotsElection-day: precincts. Early & mail ballots sampled by batchesProvisionals and counties where a party refusesHand tallyYesBefore finalizeStatistical committee chooses cutoffsExpand sample, up to whole county, for affected officeYesAriz. Rev. Stat. §16-602 AZ Elections Procedures Manual 7.2
Massachusetts6-President, state and national Senator and Representative, random ballot question3%precinctsPrimaries & non-Presidential yearsHand tallyMaybe14Cast doubt on outcomeSec of State may expand auditYesMass. Gen. Law Ann. ch. 54 § 109A7.0
Tennessee1-President or Governor in general1 to 5precincts59% lack paper ballotsTally paper ballots with same method as election day, different optical scannerNoBegins day after election day1%Expand sample to 3% of precincts. Then no action, but audit is evidence in courtNoTenn. Code Ann. § 2-20-1036.9
IndianaAll contests in sampleup to 5% or 5precincts34% lack paper ballots.If requested by a party chair in county, hand tally paper ballots or use machine different from voting systemYes12No rulesCorrect errorsNoIndiana Code §3-12-3.5-8, 3-12-13, 3-12-146.8
MarylandAll on images. 1-statewide by hand [51] 100% of images and 1%-2% by handAll images. 2% of vote centers, 1% of mailed & other batchesPrimaries unless State Elections Administrator chooses to do them [52] Independent machines re-tally all ballot images from election machines. Hand tally 1-2% [53] No120, after finalizeAnyInvestigate and resolveYesMD Elec. Law §11-309Code of Md. Regs. §33.08.056.18
Missouri5-state-wide candidate & ballot issue, legislator, judicial, county5%precinctsnoneHand tallyMaybeBefore finalize0.50%Investigate and resolveYes15 Mo. Code of State Regs. §30-10.1106.15
Wisconsin4-President or Governor, and 3 random state contests5%wards or other districts reporting resultsPrimaries and early, absentee, provisionalHand tallyNoBefore finalizeAnyIf no explanation, get manufacturer to investigateYesWis. Stat. Ann. §7.08(6)WI Elections Com'n Voting Equipment Audits, 2018 5.9
ColoradoAll contests on sampled ballots are checked, but sample is designed and reported for only 2 contests: 1 statewide, 1 in each county (in primary: 1/party/county) [54] [55] non-randomly chosen by Sec of Staterisk-limiting based on target contests, so may be too few for other contestsballotsnoneHand-compare ballots to computer records, and SOS tally of computer recordsMaybeBefore finalizeStatistical cutoffs100% hand tally of whichever of the 2 target contests has errors, not othersYesColo. Rev. Stat. §1-7-515 CO SOS Election Rule 25 5.8
Minnesota2-3-Governor & federal3% or at least 2-4precinctsnoneHand tallyYesBefore finalize0.5% or 2 votesExpand samples for Governor & federal up to whole county, and if counties with 10% of state's ballots discover problems in a race, hand-count affected race statewideYesMinn. Stat. Ann. §206.895.7
South CarolinaAll on images. 1-4 per county by hand, chosen by state & local staff100% on images. For each contest hand-counted in a county: 1 precinctAll images. Some precinctsUnknownIndependent machines re-tally all ballot images from election machines. Hand tally someProbablyBefore certification0.5%Explain or audit moreYes S. 108 Section 25 amends SC law 7-3-20(C) SC Election Commission website 5.1
Alabama0No audit, though state has paper ballots5.0
Louisiana0No audit, and state lacks paper ballots4.7
KentuckyDepends on Sec of State3% to 5% of ballots. Also process & eligibility audits in 6 counties by AG [56] [57] precincts & countiesDepends on Sec of StateIf ordered by Sec of State, hand tallyYesBefore finalizeNo rulesNo rulesYesKy. Rev. Stat. §117.305, §117.383(7), §117.275(9), §15.243(3) 4.5
Oregon2-3 1 heaviest vote in each county, 1 statewide office & 1 ballot measure3% to 10% depending on margin of victoryprecincts (at least 1 over 150 ballots) or batches, random selection by SOSSmall precincts in small counties which only sample 1 precinctHand tally, except small precinctsYes in counties with discrepanciesBefore finalize0.50%Expand sample to whole county for that vote tally system, all racesYes Or. Rev. Stat. §254.529, §254-5354.2
Oklahoma0Secretary of the State Election Board may require audits OK Stat § 26-3-130. 4.0
Connecticut3-President or Governor and 2 other races; 20% of races in primaries and municipal ballots5%voting districtsEarly, absentee, provisionalTally with machines [58] or by handMaybeBefore finalize0.50%Investigate and if needed recount county with mix of hand and machine countsYesConn. Gen. Stat. §9-320f3.6
UtahAll contests on sampled machines1%machinesnoneHand tallyNoBefore finalizeAnyRecord reasonsYesUT Code Ann. §20A-3-201, §20A-3a-202(9) Election Policy Directive (not public) from Office of Lieutenant Governor3.27
Iowa1-President or Governor1 precinct per county [59] precinctsnoneHand tallyNoAfter canvassNo rulesReportYesI,C,A, §50.51, HB 516, enacted in 20173.19
NevadaAll contests on sampled machines2% or 3%machinesnoneTally with machines or by handNo7No rulesNo rulesYesNev. Rev. Stat. §293.247, SB123(2019) Nev. Admin. Code 293.2553.10
Arkansas1-President [60] 2-11 in each of 5 counties [60] [61] [62] tabulation machinesnoneHand tallyNo60No rulesNo rulesPublicAR Code §7-4-101, §7-4-121 §7-5-702 and uncodified section 5 in Act 888 3.01
Mississippi0No audit, and most counties lack paper ballots2.96
Kansas3-4+: 1 each random: federal, statewide, state legislative, county. And all federal, statewide & legislative races closer than 1%1%precinctsballots counted after election nightHand tallyYesBefore finalizeNo rulesresolve or expand KSA 25.3009 KAR 7-47-1 2.94
New Mexico3-4-federal, governor & closest statewide raceNone in race with over 15% margin of victory, otherwise enough for 90% confidenceprecinctsprimariesHand tallyYesBefore finalizeerror over 90% of the margin of victoryExpand sample, up to whole state for affected officeYesN.M. Stat. Ann. §1-14-13.2 et seq. NMAC 1.10.23.9 2.12
Nebraska3-nonrandom, 1 each federal, state, local [63] 2-2.5%precinctsElections which are not state-wide [63] Hand tallyNoAfter final adjournment of county canvass bd, & by 5 weeks after election dayReportYes [64] Nebraska Election Security [63] 1.96
West VirginiaAll contests in sampled precincts3%precinctsnoneHand tallyYesBefore finalize1% or changed outcomeExpand sample to whole county, all racesNo W. Va. Code, §3-4A-28 2020 Best Practices Guide for Canvass 1.84
Idaho1-(SOS choice can vary in each precinct & batch)1% (5% of random 8 counties of the 44)5% of precincts (or more to get 2,100 ballots) and random batches of early & mail ballots with as many such ballots as the sample precinctsodd yearsHand TallyProbablyBefore state verifies final resultsAnySOS may order more audits for problems foundYes Code §34-1203A SOS Directive 1.79
Hawaii3-state-wide, county-wide, district-wide10%precinctsnoneHand tallyYesBefore finalizeAnyExpand audit until staff are satisfied with resultsYesHawaii Rev. Stat. §16-42Haw. Admin. Rules § 3-172-1021.46
New HampshireAll?2 towns or city wardstowns or city wardsAll other placesRescan, tally, and compare 5% of new images to new interpretationsNo3 days after election dayNoneNoneYes SB366 (2022) 1.38
Maine0No audit, though all voters have paper ballots.1.36
Rhode IslandSome, nonrandomrisk-limitingPrecinct, batch or ballotnoneHand tallyYesBefore finalizeStatistical cutoffsExpand sample to full recountYesR.I. Stat. Ann. §17-19-37.41.10
Montana4-random federal, state-wide, legislative, ballot measureat least 5% or 1precinctsnoneHand tallyYes in precincts auditedBefore finalize0.5% or 5 votesExpand sample but not full recount except in small counties with up to 7 precincts. Check machines with errorsYesMont. Code Ann. §13-17-501- §13-17-5091.08
DelawareAll contests on half of sample, 1 statewide contest on half of sample2 machines per county, 3 districts in Wilmingtonmachines and districtsnoneHand tallyNoAfter finalize0.50%further tests of same machine, sometimes anotherYesDel. Code. Title 15 §5012A0.99
South Dakota0No audit, though all voters have paper ballots0.89
North Dakota0No audit, though all voters have paper ballotsN.D. Cent. Code 16.1-06-150.78
AlaskaAll contests in sample precincts1 per House district, with at least 5% of district ballots, so about 600 registered voterslarge precinctsSmall precinctsHand tallyYesBefore finalize1%Expand sample to whole district (1/40th of state), all racesYesAlaska Stat. §15.15.420, §15.15.430, §15.15.440, §15.15.450, §15.10.1700.73
District of Columbia4-random District-wide, 2-ward-wide, 1 any type5%precincts & ballotsnoneHand tallyYesBefore finalize0.25% or 20% of margin of victoryExpand sample, up to whole county, for affected officeYesD.C. Code Ann. §1-1001.09a0.69
VermontAll in 6 townsAll in 6 towns randomly picked by Sec of Statepolling placesAll but 6 townsRe-scan & machine-tally, [65] except hand tally ballots which were hand tallied on election day.No30AnyInvestigateYes17 Vt. Stat. Ann. §2493, §2581 - §25880.64
Wyoming0No audit. Repeat Logic & Accuracy test after election with test ballotssW.S. 22-11-104WY Admin. Rules SOS Election Procedures Chapter 250.58

Other state variations. Only DC requires that observers be able to see ballots being audited well enough to discern voter's marks. Three states have rules for what happens when stored ballots are missing: CO-Missing ballots are treated as being cast for all the losers in risk level calculations; MI and NC-no audit.

Risk-limiting audits

Colorado elections in 2017, sample sizes needed for risk-limiting audits Colorado 2017 elections.png
Colorado elections in 2017, sample sizes needed for risk-limiting audits

Risk-limiting audits are required in Colorado, North Carolina, Rhode Island and Virginia. [40] These store voting machines' interpretation of each ballot ("cast vote record"), collect them centrally over the internet, re-tally them with an independent computer to check totals, and hand-check a sample of the stored paper ballots to check voting machines' interpretations. Samples are big enough to be sure results are accurate, up to an acceptable level of risk, such as 9%. For each audited contest, if the original computer interpretations identified the wrong winner, there is a 9% [55] chance in Colorado that the audit will miss it, [66] and the wrong winner will take office. A lower risk limit would let fewer errors through, but would require larger sample sizes. Close contests also require larger sample sizes. Colorado audits only a few contests, and audits none of the closest contests, which need the biggest samples. Auditing all contests would require several counties to hand-count thousands of ballots each.

If the samples do not confirm the initial results, more rounds of sampling may be done, but if it appears the initial results are wrong, risk-limiting audits require a 100% hand count to change the result, even if that involves hand-counting hundreds of thousands of ballots. [67]

Colorado notes that they have to be extremely careful to keep ballots in order, or they have to number them, to be sure of comparing the hand counts with the machine records of those exact ballots. [68] Colorado says it has a reliable system to re-tally the records, but it is not yet publicly documented. [69] [66]

In 2010, the American Statistical Association endorsed risk-limiting audits, to verify election outcomes. [70] With use of statistical sampling to eliminate the need to count all the ballots, this method enables efficient, valid confirmation of the outcome (the winning candidates). In 2011, the federal Election Assistance Commission initiated grants for pilot projects to test and demonstrate the method in actual elections. [71] In 2014, the Presidential Commission on Election Administration recommended the method for use in all jurisdictions following all elections, to reduce the risk of having election outcomes determined by undetected computer error or fraud. [72] In 2017, Colorado became the first state to implement risk-limiting audits statewide as a routine practice during the post-election process of certifying election results.

Ballot scans for 100% audits

Ballots or scanned images available to public for independent audits Ballot-foia.png
Ballots or scanned images available to public for independent audits
Ballot mages saved by election scanners Keepimages.png
Ballot mages saved by election scanners

Humboldt County Elections Transparency Project, Clear Ballot, and TrueBallot scan all ballots with a commercial scanner, so extensive audits can be done on the scans without damaging paper ballots, without hand-counting, by multiple groups, independently of the election software. [73] Clear Ballot is certified by the US Election Assistance Commission for voting, [74] and they also have an auditing system, ClearAudit. TrueBallot does not currently serve government elections, just private groups. Both use proprietary software, so if it were hacked at the vendor or locally to create false images of the ballots or false counts, then local officials and the public could not check it.

The "Brakey method" is an approach using electronic ballot images already created by most current US election systems. [75] These ballot images could be hacked if the election software itself is hacked, [76] either at the vendor or elsewhere, so for full security, ballot images need to be checked against the paper ballots, to determine if the images are accurate. To enable this one to one ballot-image comparison, the Brakey Method requires that the ballot images be linkable to their paper ballots, either by keeping paper ballots in the same order as the scans, or through a unique identifier that appears on both digital image and physical ballot.

Independent systems to tally ballot images include Audit Engine, [77] [78] [79] Free and Fair, [80] OSET Institute (under development), [81] [82] and the Elections Transparency Project, as used in Humboldt County, California, a medium sized county with 58,000 ballots in the 2016 general election. [83]

Humboldt uses a commercial scanner to scan all ballots and puts them in a digitally signed file, so true copies of the file can be reliably identified. Ballots with identifying marks are first hand-copied by election staff, to anonymize them, since they are valid under California law. [84] The scanner prints a number on each ballot before scanning it, so the scan can be checked against the same physical ballot later if needed. The project has written open source software (Trachtenburg Election Verification Software, TEVS) to read the files, and they check all contests on all ballots to see if official counts are correct. The first time they scanned and checked, in 2008, they found 200 missing ballots, showing the value of complete checks. [85] Other jurisdictions can similarly scan ballots and use Humboldt's software or their own to audit all contests. They need to ensure their in-house counting software is secure and independent of any bugs or hacks in the election software, just as users of risk-limiting audits do.

Reading these scans, with software independent of the election system, is a practical way to audit a large number of close contests, without large hand counts. Scans are also the only practical way to bypass problems of physical security, if paper ballots are scanned, digitally signed, and the resulting electronic records are verified against a sample of paper ballots, as ballots arrive. Scans can be made and digitally signed before ballots are stored, while other audit methods are too slow to do election night. Scanners can process thousands of ballots per hour, and several scanners can operate simultaneously in larger jurisdictions. Once ballots are scanned and a digital signature is published, electronic records can be tallied at any convenient time.

Humboldt and several other jurisdictions have gone beyond this internal approach, and release the digitally signed files of ballot images to the public, so others can use their own software, independent of the election system and officials, to check all contests on all ballots. [86] [87] [88] Public release lets losing candidates who mistrust the election officials' security measures do their own checks. Humboldt County believes the scans give their citizens high confidence in the county election results. [86]

Recounts

Recounts may be considered to be a specific type of audit, but not all audits are recounts. The Verified Voting Foundation explains the difference between audits and recounts: Post-election audits are performed to “routinely check voting system performance…not to challenge to the results, regardless of how close margins of victory appear to be", while "recounts repeat ballot counting (and are performed only) in special circumstances, such as when preliminary results show a close margin of victory. Post-election audits that detect errors can lead to a full recount.” [89] In the US, recount laws vary by state, but typically require recounting 100% of the votes, while audits may use samples. Recounts incorporate elements of both results and process audits.

Other variations

Samples used for election audits Election Samples.png
Samples used for election audits

Hand and machine counts. Current audits in most states involve counting paper ballots by hand, but some states re-use the same machines used in the election. Three states use different machines, to provide some independent check.

Sample sizes. When states audit, they usually pick a random sample of 1% to 10% of precincts to recount by hand or by machine. If a precinct has more than one machine, and they keep ballots and totals separate by machine, they can draw a sample of machines rather than precincts and count all ballots processed by that machine. These samples can identify systematic errors widely present in the election. They have only a small chance of catching a hack or bug which was limited to a few precincts or machines, even though that could change the result in close contests.

Number of contests. In the random sample, most states audit only a few contests, so they can only find problems in those contests.

Ballot transport and storage

Auditing is done several days after the election, so paper ballots and computer files need to be kept securely. North Carolina specifies that no audit is done if ballots are missing or damaged. [40] Ballots are at risk when being transported from drop boxes and polling places to central locations, and may be protected by GPS tracking, [90] guards, security systems, [lower-alpha 2] and/or a convoy of the public. [lower-alpha 3]

Auditing in the US is done several days after the election, so paper ballots and computer files need to be stored securely. No US state has adequate laws on physical security of the ballots, [95] and few localities do. [96] 2008 guidelines for audits included starting audits as soon as possible after the election. [97] 2018 guidelines recommend waiting until all ballots are counted, which in the US means one or more weeks until provisional ballots are adjudicated. [lower-alpha 4] A faster start for the audit makes it feasible for independent parties to guard storage sites. [lower-alpha 5] Security recommendations include preventing access by anyone alone, [98] which would typically require two hard-to-pick locks, and having keys held by independent officials if such officials exist in the jurisdiction; having storage risks identified by people other than those who design or manage the system; and using background checks on staff. [102]

Physical security of stored paper ballots is particularly important between the time the random sample is selected and when the corresponding ballots are examined, to prevent adjusting the ballots to match erroneous electronic records. Neither Colorado nor California has any limit on how much time can pass. [40] [103] Michigan allows two weeks from the time the sample is identified to the time local election officials must audit them. [104]

Britain, [105] Canada, [106] France, [107] Germany, [108] Spain [109] and other countries count all ballots on election night, including final decisions on questionable ballots, so final counts happen before ballots go into storage. Canada [110] and France [111] sometimes use election machines with paper trails. In these cases risk-limiting audits could be done as soon as results are announced on election night.

If audits cannot be done on election night, creating and verifying a paper or electronic backup of the paper ballots on election night, or the next day as in Florida, [112] would provide an alternative benchmark if flaws are later discovered or suspected in the primary storage of paper ballots. Electronic copies in particular can be stored in safes or safe deposit boxes and/or distributed widely, with hash codes to ensure reliability. [113] [88]

Election storage often uses tamper-evident seals, [102] [67] although seals can typically be removed and reapplied without damage, especially in the first 48 hours. [114] Photos taken when the seal is applied can be compared to photos taken when the seal is opened. [115] Detecting subtle tampering requires substantial training. [114] [116] [117] Election officials usually take too little time to examine seals, and the public is too far away to check seal numbers, though they could compare old and new photos projected on a screen. Seal numbers and photos would need their own secure storage.

Experienced testers can usually bypass all physical security systems. [118] Locks [lower-alpha 6] and cameras [lower-alpha 7] are vulnerable before and after delivery. [118]

Since 1850, people have known how to create a master key from any key in a building, such as a borrowed restroom key. [127] [128] Attackers who cannot find key blanks can 3D-print them from a photo of the lock. [129] Insider threats and the difficulty of following all security procedures are usually under-appreciated, and most organizations do not want to learn their vulnerabilities. [118] When a contractor found poor security at county buildings in Iowa, the state ordered no more testing of security. [130]

Sample breaches of election storage

Breaches of election security which have been identified, have primarily been done by insiders.

Notes

  1. 1 2 In 2018 California law changed to audit only ballots in the Semifinal Official Canvass, which covers election night. They exclude ballots arriving in the mail after election day, and counties may also exclude any of the earlier mailed and provisional ballots which they do not have time to count by election night. News story on the law, and the law itself, are below. Semifinal Official Canvass included 57% of ballots 3/3/2020 and 69% 11/3/2020. Each county could choose to audit one or more within-county contests on a statistical sample of all ballots, but would still need 1% tally of all other contests (ELEC 15365 - 15367)
  2. Truckers have developed high security systems for valuable shipments. [91]
  3. Experts recommend letting different party members ride in the ballot transport vehicle, letting other observers accompany the vehicle, and using guards when needed. [92] Ballots have fallen from trucks during transport. [93] [94]
  4. "Starting to audit only when all the audit units have already been counted is the most straightforward method." [98]
  5. Organisation for Security and Cooperation in Europe (OSCE) policy calls for independent foreign officials to sleep with ballots, and allows parties to do so. [99] Turkish opposition sleeping with balllots, [100] Republicans guarded warehouse of voted ballots in 2000 in Florida and had state police lock up ballots in New Mexico. [101]
  6. Lockpicking is widely taught and practiced: [119] Different techniques apply to electronic locks: [120] [121] There are no statistics on how often criminals enter rooms undetected, but law enforcement often does so, so ability to enter rooms undetected is widespread: [122]
  7. Security camera flaws have been covered extensively. [123] [124] [125] [126]

Related Research Articles

A voting machine is a machine used to record votes in an election without paper. The first voting machines were mechanical but it is increasingly more common to use electronic voting machines. Traditionally, a voting machine has been defined by its mechanism, and whether the system tallies votes at each voting location, or centrally. Voting machines should not be confused with tabulating machines, which count votes done by paper ballot.

Electronic voting is voting that uses electronic means to either aid or take care of casting and counting ballots.

Electoral fraud, sometimes referred to as election manipulation, voter fraud or vote rigging, involves illegal interference with the process of an election, either by increasing the vote share of a favored candidate, depressing the vote share of rival candidates, or both. It differs from but often goes hand-in-hand with voter suppression. What exactly constitutes electoral fraud varies from country to country.

<span class="mw-page-title-main">Electronic voting in India</span> Component of Indian electoral system

Electronic voting is the standard means of conducting elections using Electronic Voting Machines (EVMs) in India. The system was developed and tested by the state-owned Electronics Corporation of India and Bharat Electronics in the 1990s. They were introduced in Indian elections between 1998 and 2001, in a phased manner. Prior to the introduction of electronic voting, India used paper ballots and manual counting. The paper ballots method was widely criticised because of fraudulent voting and booth capturing, where party loyalists captured booths and stuffed them with pre-filled fake ballots. The printed paper ballots were also more expensive, requiring substantial post-voting resources to count hundreds of millions of individual ballots. Embedded EVM features such as "electronically limiting the rate of casting votes to five per minute", a security "lock-close" feature, an electronic database of "voting signatures and thumb impressions" to confirm the identity of the voter, conducting elections in phases over several weeks while deploying extensive security personnel at each booth have helped reduce electoral fraud and abuse, eliminate booth capturing and create more competitive and fairer elections. Indian EVMs are stand-alone machines built with once write, read-only memory. The EVMs are produced with secure manufacturing practices, and by design, are self-contained, battery-powered and lack any networking capability. They do not have any wireless or wired internet components and interface. The M3 version of the EVMs includes the VVPAT system.

An electronic voting machine is a voting machine based on electronics. Two main technologies exist: optical scanning and direct recording (DRE).

Vote counting is the process of counting votes in an election. It can be done manually or by machines. In the United States, the compilation of election returns and validation of the outcome that forms the basis of the official results is called canvassing.

Voter verifiable paper audit trail (VVPAT) or verified paper record (VPR) is a method of providing feedback to voters using a ballotless voting system. A VVPAT is intended as an independent verification system for voting machines designed to allow voters to verify that their vote was cast correctly, to detect possible election fraud or malfunction, and to provide a means to audit the stored electronic results. It contains the name of the candidate and symbol of the party/individual candidate. While it has gained in use in the United States compared with ballotless voting systems without it, it looks unlikely to overtake hand-marked ballots.

During the 2004 United States elections, concerns were raised about various aspects of the voting process, including whether voting had been made accessible to all those entitled to vote, whether ineligible voters were registered, whether voters were registered multiple times, and whether the votes cast had been correctly counted. More controversial was the charge that these issues might have affected the reported outcome of the presidential election, in which the incumbent, Republican President George W. Bush, defeated the Democratic challenger, Senator John Kerry. Despite the existing controversies, Kerry conceded the election the following day on November 3.

A DRE voting machine, or direct-recording electronic voting machine, records votes by means of a ballot display provided with mechanical or electro-optical components that can be activated by the voter. These are typically buttons or a touchscreen; and they process data using a computer program to record voting data and ballot images in memory components. After the election, it produces a tabulation of the voting data stored in a removable memory component and as printed copy. The system may also provide a means for transmitting individual ballots or vote totals to a central location for consolidating and reporting results from precincts at the central location. The device started to be massively used in 1996 in Brazil where 100% of the elections voting system is carried out using machines.

India has a parliamentary system as defined by its constitution, with power distributed between the central government and the states.

End-to-end auditable or end-to-end voter verifiable (E2E) systems are voting systems with stringent integrity properties and strong tamper resistance. E2E systems often employ cryptographic methods to craft receipts that allow voters to verify that their votes were counted as cast, without revealing which candidates were voted for. As such, these systems are sometimes referred to as receipt-based systems.

An optical scan voting system is an electronic voting system and uses an optical scanner to read marked paper ballots and tally the results.

An election recount is a repeat tabulation of votes cast in an election that is used to determine the correctness of an initial count. Recounts will often take place if the initial vote tally during an election is extremely close. Election recounts will often result in changes in contest tallies. Errors can be found or introduced from human factors, such as transcription errors, or machine errors, such as misreads of paper ballots.

Electronic voting by country varies and may include voting machines in polling places, centralized tallying of paper ballots, and internet voting. Many countries use centralized tallying. Some also use electronic voting machines in polling places. Very few use internet voting. Several countries have tried electronic approaches and stopped, because of difficulties or concerns about security and reliability.

Scantegrity is a security enhancement for optical scan voting systems, providing such systems with end-to-end (E2E) verifiability of election results. It uses confirmation codes to allow a voter to prove to themselves that their ballot is included unmodified in the final tally. The codes are privacy-preserving and offer no proof of which candidate a voter voted for. Receipts can be safely shown without compromising ballot secrecy.

<span class="mw-page-title-main">Risk-limiting audit</span>

A risk-limiting audit (RLA) is a post-election tabulation auditing procedure which can limit the risk that the reported outcome in an election contest is incorrect. It generally involves (1) storing voter-verified paper ballots securely until they can be checked, and (2) manually examining a statistical sample of the paper ballots until enough evidence is gathered to meet the risk limit.

<span class="mw-page-title-main">Election Commission of India</span> Election regulatory body of India

The Election Commission of India (ECI) is a constitutional body. It was established by the Constitution of India to conduct and regulate elections in the country. Article 324 of the Constitution provides that the power of superintendence, direction, and control of elections to parliament, state legislatures, the office of the president of India, and the office of vice-president of India shall be vested in the election commission. Thus, the Election Commission is an all-India body in the sense that it is common to both the Central government and the state governments.

The Verified Voting Foundation is a non-governmental, nonpartisan organization founded in 2004 by David L. Dill, a computer scientist from Stanford University, focused on how technology impacts the administration of US elections. The organization’s mission is to “strengthen democracy for all voters by promoting the responsible use of technology in elections.” Verified Voting works with election officials, elected leaders, and other policymakers who are responsible for managing local and state election systems to mitigate the risks associated with novel voting technologies.

Election cybersecurity or election security refers to the protection of elections and voting infrastructure from cyberattack or cyber threat – including the tampering with or infiltration of voting machines and equipment, election office networks and practices, and voter registration databases.

<span class="mw-page-title-main">Electronic voting in the United States</span> Facet of American elections

Electronic voting in the United States involves several types of machines: touchscreens for voters to mark choices, scanners to read paper ballots, scanners to verify signatures on envelopes of absentee ballots, and web servers to display tallies to the public. Aside from voting, there are also computer systems to maintain voter registrations and display these electoral rolls to polling place staff.

References

  1. Election Audits Task Force (January 2009). Report on Election Auditing (PDF) (Report). League of Women Voters of the United States. Archived from the original (PDF) on 2017-08-30. Retrieved May 12, 2017.
  2. Some Machines are Flipping Votes, but That Doesn't Mean They Are Rigged , Pam Fessler, National Public Radio, October 26, 2016. Accessed May 12, 2017
  3. The Machinery of Democracy: Protecting Democracy in an Age of Electronic Voting , Brennan Center Task Force for Voting System Security, 2006.
  4. Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting, Aviel David Rubin, Broadway, 2006
  5. 1 2 Broken Ballots: Will Your Vote Count? Douglas W. Jones and Barbara Simon, CSLI Publications, 2012
  6. Bade, Gavin. "Russian hackers infiltrated utility control rooms, DHS says" . Retrieved 2019-07-01.
  7. Steven Cherry; with Ralph Langner (13 October 2010). "How Stuxnet Is Rewriting the Cyberterrorism Playbook". IEEE Spectrum.
  8. Crawford, Jamie. "Govt: China could take down U.S. power grid". CNN. Retrieved 2019-07-01.
  9. Sanger, David E.; Perlroth, Nicole (2019-06-15). "U.S. Escalates Online Attacks on Russia's Power Grid". The New York Times. ISSN   0362-4331 . Retrieved 2019-07-01.
  10. Felten, Ed (2010-11-02). "E-Voting Links for Election Day". Princeton's Center for Information Technology Policy. Retrieved 2020-11-17.
  11. Halpern, Sue (2018-08-23). "Election-Hacking Lessons from the 2018 Def Con Hackers Conference". The New Yorker. ISSN   0028-792X . Retrieved 2019-07-01.
  12. Voting Equipment Certification Process , US Election Assistance Commission.
  13. "Pre-election and Parallel Testing" (PDF). Election Management Guidelines. U.S. Election Assistance Commission. Retrieved 2020-11-17.
  14. Elections Performance Index Methodology , Pew Charitable Trusts, August 2016. Accessed May 12, 2017.
  15. Confidence in the Electoral System: Why We Do Auditing, Michael W. Trautgott and Frederick G. Conrad, in Confirming Elections: Creating Confidence and Integrity Through Election Auditing, R. Michael Alvarex, Lonna Rae Atkeson, and Thad E. Hall, eds., Palgrave MacMillan, 2012.
  16. Bennett, George (2012-03-19). "Recount shows wrong winners declared in two Wellington election races". Palm Beach Post. Archived from the original on 18 April 2021. Retrieved 2022-09-20.
  17. Bennett, George (2012-03-31). "Wellington election results tossed out, but legal ground uncertain". Palm Beach Post. Retrieved 2022-09-20.
  18. Lamb, Logan (2020-01-14). "Supplemental Declaration of Logan Lamb" (PDF). CourtListener. Retrieved 2020-02-03.
  19. "Coalition Plaintiffs' Status Report, pages 237-244". Coalition for Good Governance. 2020-01-16. Retrieved 2020-02-03.
  20. Bajak, Frank (2020-01-16). "Expert: Georgia election server showed signs of tampering". Associated Press. Retrieved 2020-02-03.
  21. Cole, Matthew; Esposito, Richard; Biddle, Sam; Grim, Ryan (2017-06-05). "Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election". The Intercept. Retrieved 2020-02-03.
  22. "United States of America v. Viktor Borisovich Netyksho, et al, Indictment, paragraph 77b". 2018-07-13. Retrieved 2020-02-03.
  23. Clayton, Mark (2014-06-17). "Ukraine election narrowly avoided 'wanton destruction' from hackers". Christian Science Monitor. ISSN   0882-7729 . Retrieved 2020-02-03.
  24. "Excerpt from Birth: The Conspiracy to Stop the '94 Election by Peter Harris". Penguin SA @ Sunday Times Books LIVE. 2010-10-25. Retrieved 2020-02-03.
  25. Harris, Peter (2010). Birth : the conspiracy to stop the '94 election (1st ed.). Cape Town: Umuzi. ISBN   978-1-4152-0102-2. OCLC   683401576.
  26. Laing, Aislinn (2010-10-24). "Election won by Mandela 'rigged by opposition'". Daily Telegraph. ISSN   0307-1235 . Retrieved 2020-02-03.
  27. "Past elections". www.elections.ca. Retrieved 2019-07-13.
  28. The Front Lines of Democracy: Who Staffs our Polling Places and Does it Matter? Bonnie E. Glaser, Karin MacDonald, Iris Hui, and Bruce E. Cain; Election Administration Research Center, University of California at Berkeley. October 2007
  29. Agarwal, Poonam (2021-01-31). "'Redesign EVMs, Facilitate Audits': Experts' Recommendations to EC". The Quint. Retrieved 2021-11-12.
  30. 1 2 Choudhury, Salah Uddin Shoaib (2018-08-30). "Looking to cheat in Elections! EVM is at your Service". Times of Assam. Retrieved 2021-11-12.
  31. Somanathan, Madhavan (2019-04-05). "India's electoral democracy: How EVMs curb electoral fraud". Brookings. Retrieved 2021-11-12.
  32. 1 2 Ravi, Shamika (2019-12-06). "How electronic voting machines have improved India's democracy". Brookings. Retrieved 2021-11-12.
  33. Audit procedures start on p.64 of "Manual on Electronic Voting Machine and VVPAT". Election Commission of India. 2020-09-29. Retrieved 2021-11-13.
  34. 1 2 3 Mahapatra, Dhananjay (2019-04-09). "Supreme Court: Count VVPAT slips of 5 booths in each assembly seat". Times of India. Retrieved 2021-11-08.
  35. 1 2 3 4 Jain, Bharti (2021-06-03). "Tallying of VVPAT slips and EVM count in constituencies that went to polls recently throw up 100% match". Times of India. Retrieved 2021-11-08.
  36. "What are EVMs, VVPAT and how safe they are". Times of India. 2019-03-09. Retrieved 2021-11-08.
  37. 1 2 Nath, Damini (2019-07-25). "ECI sets up teams to probe VVPAT mismatch in Lok Sabha election". The Hindu. ISSN   0971-751X . Retrieved 2021-11-08.
  38. Agarwal, Poonam (2020-02-07). "Why Did EC Destroy VVPAT Slips of 2019 LS Polls in Such a Hurry?". The Quint. Retrieved 2021-11-12.
  39. 1 2 New York State Board of Elections (2009-06-22). "Audit Procedure for 6210.18". www.wheresthepaper.org. Retrieved 2022-02-13.
  40. 1 2 3 4 5 6 "Audit Law Database". Verified Voting. Retrieved 2020-11-17.
  41. "Post-Election Audits". National Conference of State Legislatures. Retrieved 2018-04-02.
  42. "State Population Totals: 2010-2017". US Census Bureau. Archived from the original on 2018-03-06. Retrieved 2018-04-02.
  43. "Los Angeles Post Election Manual Tally Audit Summary Information" (PDF). calvoter.org/issues/votingtech/manualcount.html. 2010-08-20. Retrieved 2018-04-24.
  44. Schweers, Jeffrey (2020-06-30). "Florida election supervisors can use auditing equipment for ballot recounts". Tallahassee Democrat. Retrieved 2021-11-18.. 14 counties use the 100% audit system, with 1/3 of state population: Baker, Bay, Broward, Columbia, Hillsborough, Indian River, Leon, Levy, Nassau, Palm Beach, Pinellas, Putnam, St. Lucie, Suwannee, according to "Levy County announces audit plans". Levy County FL Elections. 2021-05-03. Retrieved 2022-02-07.
  45. 1 2 "Risk Limiting Audit Directive" (PDF). dos.pa.gov. 2022-09-30. Retrieved 2022-12-13.
  46. "Use, Implementation and Operation of Electronic Voting Systems" (PDF). www.dos.pa.gov. 2016-08-09. Retrieved 2022-12-14.
  47. 1 2 "Stein v. Cortes, No. 2:16-CV-6287-PD" (PDF). PAcounties.org. 2018-11-28.
  48. "Fact Sheet on Settlement Agreement in League of Women Voters of Ohio v. Brunner, Case No. 3:05-CV-7309 (N.D. Ohio)" (PDF). 2009. Archived from the original (PDF) on 2016-12-17. Retrieved 2021-10-01. Agreement itself
  49. "Michigan Legislature - Section 168.31a". www.legislature.mi.gov. Retrieved 2021-03-31.
  50. "Risk-Limiting Audit Report" (PDF). Virginia Dept of Elections. 2021-03-31. Retrieved 2021-10-01.
  51. "2020 General Election: Post-Election Manual Ballot Tabulation Audit". elections.maryland.gov. Maryland State Board of Elections. Retrieved 2021-10-02.
  52. "COMAR 33.08.05.08 .Post-Election Audit — Ballot Tabulation Audit — In General". www.dsd.state.md.us. Retrieved 2021-10-02.
  53. Lamone, Linda (2016-12-22). "Joint Chairman's Report on the 2016 Post-Election Tabulation Audit" (PDF). Maryland State Board of Elections. Retrieved 2018-09-30.
  54. Casias, Danny (2017-11-08). "Audited contests in each county for 2017 RLA (XLSX)". www.sos.state.co.us/pubs/elections/auditCenter.html. Retrieved 2018-04-15.
  55. 1 2 "State Audit Report". www.sos.state.co.us. Colorado Secretary of State. 2017-11-20. Retrieved 2018-04-09.
  56. "AG Beshear announces results of random General Election audit for voting irregularities, investigations". Northern Kentucky Tribune. Retrieved 2021-10-01.
  57. Spears, Hailey (2020-11-18). "AG Daniel Cameron Randomly Selects Counties for Post-Election Audit". Spectrum News 1. Retrieved 2021-10-01.
  58. Antonyan, Tigran; Bromley, Theodore; Michel, Laurent; Russell, Alexander; Shvartsman, Alexander; Stark, Suzanne (2013-06-21). "Computer Assisted Post Election Audits" (PDF). State Certification Testing of Voting Systems National Conference. Archived from the original (PDF) on 2015-09-22 via University of Connecticut.
  59. Hanson, Ric (2020-11-12). "Post Election Audit results from Montgomery County". KJAN Radio Atlantic. Retrieved 2021-10-01.
  60. 1 2 "Post-Election Audit Report 2020 Pilot Program" (PDF). Arkansas State Bd of Election Commissioners. 2021-03-03. Retrieved 2021-10-01.
  61. "2019 Act 888, Arkansas Senate Bill 524" (PDF). Arkansas Legislature. 2019-04-12. Retrieved 2021-10-01.
  62. Ramlagan, Nadia (2020-12-01). "Arkansas Begins 2020 Election-Audit Pilot Program". KASU. Retrieved 2021-10-01.
  63. 1 2 3 "Nebraska Election Security". Nebraska Secretary of State. 2019-09-27. Retrieved 2021-10-08.
  64. "Audits-VoteWell". www.votewell.net. Retrieved 2021-10-20.
  65. "Secretary of State Jim Condos to Conduct Election Audit". www.vermont.gov. 2016-11-22. Archived from the original on 2018-09-30. Retrieved 2018-09-30.
  66. 1 2 Lindeman, Mark; Stark, Philip B. (2012-03-16). "Gentle Introduction to Risk-limiting Audits" (PDF). IEEE Security and Privacy (Special issue on electronic voting): 1, 3 via University of California at Berkeley.
  67. 1 2 Mark Lindeman; Jennie Bretschneider; Sean Flaherty; Susannah Goodman; Mark Halvorson; Roger Johnston; Ronald L. Rivest; Pam Smith; Philip B. Stark, eds. (October 2012). Risk-Limiting Post-Election Audits: Why and How (PDF) (Report). pp. 3, 16. Retrieved 2018-04-09 via University of California at Berkeley.
  68. Jerome Lovato; Danny Casias; Jessi Romero. "Colorado Risk-Limiting Audit:Conception to Application" (PDF). Bowen center for Public Affairs and Colorado Secretary of State. Retrieved 2018-04-05.
  69. Mark Lindeman; Ronald L. Rivest; Philip B. Stark; Neal McBurnett (2018-01-03). "Comments re statistics of auditing the 2018 Colorado elections" (PDF). Colorado Secretary of State. Retrieved 2018-04-09.
  70. Statement on Risk-limiting Auditing , American Statistical Association, April 2010. Accessed May 12, 2017
  71. Post-Election Risk-Limiting Audit Pilot Program 2011-2013 , Final Report to the United States Election Assistance Commission, California Secretary of State 2013. Accessed November 17, 2020
  72. The American Voting Experience: Report and Recommendations of the Presidential Commission on Election Administration , January 2014
  73. Stark, Philip B. (2010). "Super-Simple Simultaneous Single-Ballot Risk-Limiting Audits" (PDF). Proceedings of the 2010 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections via (EVT/WOTE ’10). USENIX.
  74. "Voting System, US Election Assistance Commission". www.eac.gov. Retrieved 2018-04-10.
  75. "Actions: The Brakey Method". BlackBoxVoting.org. Retrieved 2018-04-06.
  76. Stauffer, Jacob (2016-11-04). "Vulnerability & Security Assessment Report Election Systems &Software's Unity 3.4.1.0" (PDF). Verified Voting. Retrieved 2020-11-17.
  77. Hertz, Noah (2021-08-28). "Ballot auditor: Volusia County supervisor of elections did a good job". West Volusia Beacon. Retrieved 2021-09-29.
  78. Stone, Ken (2021-09-09). "El Cajon Democrat Wants Every Election in America Audited, Starts with 4 States". Times of San Diego. Retrieved 2021-09-29.
  79. Rosenfeld, Stephen (2021-05-12). "Election Audit in Arizona Under DOJ Scrutiny". LA Progressive. Retrieved 2021-09-29.
  80. "Open and Free Election Technology". Free & Fair. 2017-05-17. Retrieved 2021-09-29.
  81. Sutner, Shaun. "Voting fraud technology could play role in momentous election". Tech Target. Retrieved 2021-09-29.
  82. "Real Results". OSET Institute - Open Source Election Technology. Retrieved 2021-09-29.
  83. "California Supplement to the Statement of Vote, Statewide Summary by County for President" (PDF). elections.cdn.sos.ca.gov.
  84. "California Code, Elections Code - ELEC § 15154". Findlaw. Retrieved 2018-04-24.
  85. Zetter, Kim (2008-12-08). "Unique Transparency Program Uncovers Problems with Voting Software". WIRED. Retrieved 2018-04-06.
  86. 1 2 "The Elections Transparency Project". The Elections Transparency Project. Retrieved 2020-11-17.
  87. Trachtenberg, Mitch. "Humboldt County Election Transparency Project" (PDF). San Francisco Elections Commission. Retrieved 2018-04-05.
  88. 1 2 Trachtenberg, Mitch (2013-07-29). "The Humboldt County Election Transparency Project and TEVS" (PDF). Report for Elections Advisory Commission. Retrieved 2018-04-05.
  89. Post-election Audits , Verified Voting Foundation, undated. Accessed November 17, 2020.
  90. Santos, Melissa (2020-08-19). "Security and ballot drop boxes: How it works in WA". Crosscut. Retrieved 2021-03-03.
  91. Buckley, Thomas (2021-03-02). "Vaccine Shipments Present a Security Challenge Worthy of a James Bond Film". Bloomberg.com. Retrieved 2021-03-03.
  92. "Securing Ballot Boxes During Transportation". aceproject.org. Retrieved August 12, 2019.
  93. "South Africa: Most Mpumalanga Ballot Papers Recovered". AllAfrica. April 22, 2009. Retrieved August 15, 2019.
  94. King, Colbert (September 9, 2006). "A Ballad of the Ballot Follies in D.C." Washington Post. ISSN   0190-8286 . Retrieved August 15, 2019.
  95. Krimmer, Robert; Volkamer, Melanie; Braun Binder, Nadja; Kersting, Norbert; Driza Maurer, Ardita; Dueñas-Cid, David; Kulyk, Oksana; Schürmann, Carsten; Vinkel, Priit; Pereira, Olivier; Loeber, Leontine (2017). Electronic voting: second International Joint Conference, E-Vote-ID 2017, Bregenz, Austria, October 24–27, 2017, proceedings. Cham, Switzerland: Springer. p. 122. ISBN   9783319686875. OCLC   1006721597.
  96. Ad Hoc Committee for 2020 Election Fairness and Legitimacy (2020-04-28). "Fair Elections During a Crisis: Bipartisan and Diverse Blue-Ribbon Group of Scholars and Thinkers Releases Report on Urgent Changes Needed for November U.S. Elections". U of California, Irvine. Retrieved 2022-05-16. RLAs require paper ballots or records, and a degree of chain-of-custody over ballots that few states and local jurisdictions currently require.
  97. Mark Lindeman; Mark Halvorson; Pamela Smith; Lynn Garland; Vittorio Addona; Dan McCrea (September 2008). "Best Practices: Chain of Custody and Ballot Accounting" (PDF). ElectionAudits.org. Retrieved April 9, 2018. as soon as possible after the initial tallies
  98. 1 2 "Principles and Best Practices for Post-Election Tabulation Audits" (PDF). ElectionAudits.org. 2018. Retrieved August 12, 2019.
  102. 1 2 "Chapter 3. PHYSICAL SECURITY" (PDF). US Election Assistance Commission. Retrieved April 24, 2018.
  103. "2 CCR § 20124". California Code of Regulations. 2020-08-21. Retrieved 2020-09-03.
  104. "SOS - Statewide risk-limiting election audit process to begin at 11 a.m." www.michigan.gov. Retrieved 2021-01-26.
  105. Game, Chris (May 7, 2015). "Explainer: how Britain counts its votes". The Conversation. Retrieved August 16, 2019.Keaveney, Paula (June 8, 2017). "How votes are counted on election night". The Conversation. Retrieved August 16, 2019.
  106. "Elections, Our Country, Our Parliament". lop.parl.ca. Retrieved August 16, 2019.
  107. "Qu'est-ce qu'un dépouillement ?  Comment se déroule une journée dans un bureau de vote ? Découverte des institutions  Repères  vie-publique.fr" (in French). January 14, 2018. Retrieved August 16, 2019.
  108. "Stimmenauszählung". Mülheim an der Ruhr (in German). 2019. Retrieved August 17, 2019.
  109. "¿Qué es el escrutinio y cómo se cuentan los votos en las elecciones generales 2019?". El Confidencial (in Spanish). April 28, 2019. Retrieved August 17, 2019. and Section 14 of the law: "Ley Orgánica 5/1985, de 19 de Junio, del régimen electoral general. SECCIÓN 14.ª ESCRUTINIO EN LAS MESAS ELECTORALES". www.juntaelectoralcentral.es. Retrieved August 17, 2019.
  110. Casey, Liam (May 9, 2018). "Electronic voting machines expected to speed up voting, ballot counting: Elections Ontario". Global News. Retrieved August 16, 2019.
  111. "Quelles sont les règles applicables dans les bureaux de vote dotés d'une machine à voter ? - Conseil constitutionnel présidentielle 2017". presidentielle2017.conseil-constitutionnel.fr. Retrieved August 16, 2019.
  112. Stofan, Jake (April 25, 2018). "Leon County among Florida precincts to implement Clear Audit for elections". WCTV. Retrieved August 17, 2019.
  113. Burke, Paul (2018). "Scanners, Hashes, and Election Security" (PDF). J of Physical Security. 11: 1–19 via RBSekurity.
  114. 1 2 Johnston, Roger G., and Jon S. Warner (July 31, 2012). "How to Choose and Use Seals". Army Sustainment. Retrieved May 4, 2018.
  115. Stark, Philip (July 26, 2018). "An Introduction to Risk-Limiting Audits and Evidence-Based Elections Prepared for the Little Hoover Commission" (PDF). University of California, Berkeley. Retrieved August 16, 2019.
  116. Coherent Cyber (August 28, 2017). Security Test Report: ES&S Electionware 5.2.1.0 (PDF) (Report). Freeman, Craft, McGregor Group. p. 9 via California Secretary of State.
  117. Stauffer, Jacob (November 4, 2016). Vulnerability & Security Assessment Report Election Systems & Software's Unity 3.4.1.0 (PDF) (Report). Freeman, Craft, MacGregor Group for California Secretary of State.
  118. 1 2 3 Seivold, Garett (April 2, 2018). "Physical Security Threats and Vulnerabilities  LPM". losspreventionmedia.com. Retrieved April 24, 2018.
  119. Vanderbilt, Tom (March 12, 2013). "The Strange Things That Happen at a Lock-picking Convention" . Retrieved August 15, 2019.
  120. Menn, Joseph (August 6, 2019). "Exclusive: High-security locks for government and banks hacked by researcher". Reuters. Retrieved August 16, 2019.
  121. Greenberg, Andy (August 29, 2017). "Inside an Epic Hotel Room Hacking Spree". Wired. ISSN   1059-1028 . Retrieved August 16, 2019.
  122. Tien, Lee (October 26, 2014). "Peekaboo, I See You: Government Authority Intended for Terrorism is Used for Other Purposes". Electronic Frontier Foundation. Retrieved August 15, 2019.
  123. Bannister, Adam (October 7, 2016). "How to hack a security camera. It's alarmingly simple". IFSEC Global, Security and Fire News and Resources. Retrieved August 16, 2019.
  124. Doffman, Zak. "Official Cybersecurity Review Finds U.S. Military Buying High-Risk Chinese Tech (Updated)". Forbes. Retrieved August 14, 2019.
  125. Schneier, Bruce (October 8, 2007). "Hacking Security Cameras  Schneier on Security". www.schneier.com. Retrieved August 16, 2019.
  126. Dunn, John (June 11, 2019). "Critical flaws found in Amcrest security cameras". Naked Security. Retrieved August 16, 2019.
  127. Schwartz, John (2003-01-23). "Many Locks All Too Easy To Get Past". The New York Times. ISSN   0362-4331 . Retrieved 2021-02-20. few institutions want to spend the money for robust security... in a battle between convenience and security, convenience has a way of winning.
  128. Blaze, Matt. "Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks" (PDF). International Association for Cryptologic Research. Retrieved 2021-02-20.
  129. Burgess, Ben; Wustrow, Eric; Halderman, J. Alex; Shields, Clay; Iyer, Ravishankar K.; Rossow, Christian (2015). Replication Prohibited: Attacking Restricted Keyways with 3D-Printing (PDF). 9th USENIX Workshop on Offensive Technologies.
  130. Greenberg, Andy (2020-08-05). "Inside the Courthouse Break-Ins that Landed 2 White Hat Hackers in Jail". Wired. ISSN   1059-1028 . Retrieved 2020-08-09.
  131. Singhal, Raag (2018-05-11). "Order on Plaintiff's Motion for Summary Judgment." Circuit Court of the 17th Judicial District. CACE17-010904(21)" (PDF). Hollerback film.
  132. Friesdat, Lulu (2017-12-12). "Was the Heated 2016 Democratic Primary Rigged for Debbie Wasserman Schultz?". Truthout. Retrieved 2022-05-13.
  133. Gumbel, Andrew (2018-08-13). "Why US elections remain 'dangerously vulnerable' to cyber-attacks". The Guardian. Retrieved 2022-05-13.
  134. Recount Now (January 11, 2017). "Report on the 2016 Presidential Recount in Clark County, Nevada. Page 20" (PDF). Internet Archive. Archived from the original (PDF) on August 12, 2019. Retrieved August 17, 2019.
  135. Weeks, Luther (2011-01-26). "CO Chain of Custody". CTVotersCount. Retrieved 2022-05-16.
  136. Gottlieb, Jeff , Hector Becerra and Ruben Vives (2012-07-13). "Feds detail scale of graft in Cudahy". Los Angeles Times. Retrieved 2022-05-13.
  137. Turner, Karl (November 5, 2007). "Elections board workers take plea deal". Cleveland Plain Dealer. Retrieved August 17, 2019.
  138. "US District Ct, ED KY, Indictment 09-16-Art US v. Maricle, et al" (PDF). 2009-03-03. Archived from the original (PDF) on 3 August 2021. Retrieved 2022-05-13.
  139. "Docket for United States v. Maricle, 6:09-cr-00016". CourtListener. 2018-03-19. Retrieved 2022-05-13.
  140. Stapleton (1994-03-16). "MARKS v. STINSON 19 F.3d 873 (1994)". Leagle. Retrieved 2022-05-13.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.