The Verified Voting Blog

This blog contains posts authored by the Verified Voting Team and by members of the Verified Voting Board of Advisors.

Verified Voting Puerto Rico Veto Letter P.S 1314

DOWNLOAD ENGLISH VERSION

DOWNLOAD SPANISH VERSION

 

March 19, 2020

Hon. Wanda Vázquez Garced (via email)

Governor of the Commonwealth of Puerto Rico

La Fortaleza

San Juan, Puerto Rico

RE:      Veto of Senate Bill 1314, “Puerto Rico Electoral Code of 2020”  – Internet Voting

Dear Governor Vázquez Garced,

We, Verified Voting, the undersigned computer scientists and cybersecurity experts, write to urge you to veto Senate Bill 1314 which proposes implementing a system of internet voting in Puerto Rico. Under the provisions of this bill, Puerto Rico would phase in internet voting as the sole option for Puerto Rican citizens. As explained more fully below, internet voting cannot be accomplished securely and provides no meaningful way to verify that the computers captured or counted votes accurately. This concept is settled science, notwithstanding efforts to increase internet voting use in some areas. In the current climate when nation states have sought to interfere in other nations’ elections, Puerto Rico’s bill is a risky move. Indeed, last year the Report of the Select Committee on Intelligence of the United States Senate made bipartisan recommendations, among them that “states should resist pushes” to move their elections online because in their words, “no system of online voting has yet established itself as secure.” 1 Read More

Recommendations for Election Officials and Voters ahead of March 17 Primaries

The following is a statement from Marian K. Schneider, president of Verified Voting in response to concerns around the March 17 primaries and the COVID-19 pandemic. For additional media inquiries, please contact aurora@newheightscommunications.com

PHILADELPHIA, Pa. – (March 16, 2020)We understand the growing concerns about keeping voters safe at the polls amid the spread of coronavirus (COVID-19), which is why it’s more important than ever that election officials have the tools, support and funding they need to comply with the CDC’s guidelines for containing COVID-19 at polling locations. Additionally, voters should check their polling place location with their county’s election office in case the location has moved.”

For more guidelines, please visit the CDC’s ‘Recommendations for Election Polling Locations.

 

### Read More

Big takeaways from Super Tuesday

Verified Voting was on the front line on Tuesday, March 3 at the Election Protection National Hotline, and from our vantage point, there were some SUPER clear takeaways from Super Tuesday:

Preventing long lines. Reports in Texas and California, the two largest Super Tuesday states, showed hours-long voting wait times. The waits stemmed from problems that included connecting to voter registration databases, machine equipment failures, and too few voting machines that were overwhelmed by high turnout. Verified Voting continues to urge all jurisdictions to plan for technology failures and have enough resources (including paper ballots, equipment, poll workers) to handle high turnout and ensure that every voter can vote. Election officials can check out the Bipartisan Policy Center’s project “Improving the Voter Experience” for guidance on preventing long lines; line optimization tools are available from the Voting Technology Project and on the  Election Assistance Commission’s (EAC) website.

Unnecessary scarcity. When precincts use all computerized devices for all voters, polling locations may not have enough machines to allow voters to cast their ballots relatively quickly and easily, resulting in unnecessary scarcity. Voting equipment shortages can disproportionately affect marginalized communities, and were reported in some of the largest counties in Texas, such as Bexar, Dallas, Harris, Tarrant and Travis counties. In addition to the increased security risks of BMDs and direct recording electronic machines (DREs), lack of availability is why we recommend that a majority of voters mark paper ballots by hand (supplemented by ballot marking devices for voters who need to use one) and oppose using ballot marking devices for all voters. Jurisdictions can avoid unnecessary scarcity with hand-marked paper ballots because they can more readily scale up in the face of heavy turnout. Read More

Verified Voting Data Shows Super Tuesday Voting Systems and Polling Equipment Trends Across States

This Super Tuesday, voters in the 14 states holding primaries will encounter a range of voting methods and polling equipment. Verified Voting maintains a comprehensive database of voting systems being used across the United States (see the Verifier) and is observing a number of trends across Super Tuesday states, including:
  • California - Los Angeles County is rolling out Voting Solutions for All People (VSAP), their in-house designed and publicly-owned ballot marking device (BMD) for all voters
  • North Carolina - More than half of North Carolinians are voting with new equipment, and seven counties are using BMDs for all voters. Verified Voting opposes the use of commercially-available BMDs for all voters because research suggests few voters actually check the paper outputs with enough attention to catch errors
  • Tennessee - 70% of registered voters will vote on unverifiable direct-recording electronic (DRE) voting machines; a few counties are using hand-marked paper ballots or BMDs
  • Texas - 36% of registered voters are voting on unverifiable DREs, and about half of all Texans will be using new voting equipment

Verified Voting Calls on Florida to Rely on Paper Ballots for Election Recounts – Not Ballot Images

Verified Voting urges the Florida legislature to amend HB 1005 and SB 1312 to require a public manual comparison audit to check that electronic election result tabulations agree with the voter-verified paper ballots to a reasonable scientific standard. Election security researchers agree that all electronic vote tabulations should routinely be manually checked against paper ballots. A retabulation system can facilitate this verification: election officials can examine a relatively small random sample of the voted paper ballots to ensure that the system counted each ballot accurately. Given heightened public concern about security threats, it is important now more than ever to demonstrate – not just assert – that computerized systems performed correctly. “For Florida recounts to give Floridians the faith in election results that they deserve, recount procedures must demonstrate, to a reasonable scientific standard, that the computers counted the paper ballots accurately,” said Dan McCrea, Florida Director of Verified Voting. “As members of the Florida legislature recognized in a public hearing – that paper is the best evidence – we urge the legislature to amend the bill to routinely check this evidence.”

Highlights from Verified Voting’s Quarterly Field Report

Highlights from Verified Voting’s Quarterly Field Report

Check out our state highlights from February 2020’s Verified Voting Quarterly Field Report. For the full report (including recent publications, events, and press highlights), click here. 

California

We are continuing to advise the state on proposed risk-limiting audit regulations and Director of Science and Technology Policy Mark Lindeman and Senior Advisor Pamela Smith collaborated with the California Voter Foundation and other partners in submitting a public comment letter responding to the regulations. Read the letter here. Pam Smith also provided a comment on the certification process for Los Angeles County’s VSAP 2.0 system, available here.

Florida

Florida Director Dan McCrea and Mark Lindeman joined our lobbying team January 21 and 22 for an intense two-day schedule of stops at the Tallahassee Capitol. While there, we met with numerous Senators, Representatives, key staff, and the Secretary of State on HB 1005/SB 1312, which proposes to expand the use of their insecure image audit system from post-certification audits to conducting recounts. We oppose the bill as written, and are working to pave a path forward. We also met with Representatives to advise them on the risks of opening the door to internet voting. Read More

What We Don’t Know About the Voatz “Blockchain” Internet Voting System

The breakdown of the Iowa caucus’s mobile reporting app on February 3 highlights the risks of implementing new voting technologies that rely on the internet. Verified Voting advocates for the responsible use of technology in elections, and as President Marian K. Schneider noted, “The good news is that {Iowa) didn’t use (a mobile app) for voting, which means the results are available and have been preserved on paper.”

Internet voting is not secure, yet despite known vulnerabilities, internet and mobile phone voting are still being considered by some lawmakers as viable voting options. In 2019, Verified Voting Board Member David Jefferson and other authors published a paper about the risks of the Voatz mobile voting platform and the many questions that still remain unanswered. Read their 2019 paper below or download the PDF here  Read More

Verified Voting Says Situation with Iowa Caucuses Reveals Risks Associated with Technology

View the statement here: Verified Voting Statement on Iowa Caucuses

The following is a statement from Marian K. Schneider, president of Verified Voting following the delay of the results from the Iowa caucuses. For additional media inquiries, please contact aurora@newheightscommunications.com.

“The situation with Iowa’s caucus reveals the risks associated with technology, in this case with a mobile app, but more importantly that there needs to be a low tech solution in order to recover from technological failures — no matter the cause. There needs to be a way to monitor, detect, respond and recover. It’s clear that mobile apps are not ready for prime time, but thankfully Iowa has paper records of their vote totals and will be able to release results from those records.”

 

### Read More

Verified Voting Says Situation with Iowa Caucuses Reveals Risks Associated with Technology

View the statement here: Verified Voting Statement on Iowa Caucuses

The following is a statement from Marian K. Schneider, president of Verified Voting following the delay of the results from the Iowa caucuses. For additional media inquiries, please contact aurora@newheightscommunications.com.

“The situation with Iowa’s caucus reveals the risks associated with technology, in this case with a mobile app, but more importantly that there needs to be a low tech solution in order to recover from technological failures — no matter the cause. There needs to be a way to monitor, detect, respond and recover. It’s clear that mobile apps are not ready for prime time, but thankfully Iowa has paper records of their vote totals and will be able to release results from those records.” Read More

What Is A Risk-Limiting Audit (RLA)?

Download Risk Limiting Audit 2-pager (pdf)

Today Verified Voting released a guide describing risk-limiting audits, how they are different from other types of audits, and how a risk-limiting audit is conducted. The chart also outlines the elements needed for an RLA to meaningfully support confidence in reported election outcomes. For more information on the types of risk-limiting audits, view our chart comparing RLA methods.

Read More

Verified Voting Comment on Los Angeles County VSAP 2.0 Certification

The following is a comment on the certification process for Los Angeles County’s VSAP 2.0 system. To view a pdf, click here.

Los Angeles County Voting Systems for All People (VSAP) 2.0 Certification
Comment of Pamela Smith, Senior Advisor, Verified Voting

January 20, 2020 Verified Voting commends Los Angeles County for the decade-long process of reimagining a voting system that must effectively serve the nation’s most populous and most diverse voting jurisdiction, as that system approaches certification and use in California’s upcoming elections. We have appreciated the opportunity to participate on the County’s Technical Advisory Committee since it was established and provide vigorous comment through the development process. We also appreciate the changes brought about by California’s lawmakers and Secretary of State Padilla to establish a more rigorous set of requirements for testing and examination of voting systems prior to approval for use. We believe, however, that there is a gap in the certification process that must be addressed for it to be fully transparent and to enable the public to more fully understand voting system compliance with California’s requirements.

The California Voting System Standards (CVSS)1 framework is supported by a set of regulations1 which govern a sequence of events for certification of a system, from application and provision of documentation and system/s for test, to a series of tests by qualified testing entities on security, software, functionality and more, to a set of reports to be published prior to a public hearing and comment period, and to eventual approval or denial of certification.

The required publications include test reports from the involved testing authorities, and a staff report from the Office of Voting Systems Technology Assessment (OVSTA). Reviewing these reports show test results that are characterized as failing or not complying with requirements in some instances, while the subsequent Staff report indicates that the system is in compliance, which seems contradictory at best, and it is not clear to the public how to reconcile those reports. Read More

Verified Voting Comments on proposed amendments to Georgia State Election Board rules

Download as PDF

Verified Voting welcomes the opportunity to comment on the proposed amendments to Georgia’s State Election Board rules published on December 19, 2019. These amendments are wide-ranging, and we recognize that substantial work has gone into drafting them. Our comments focus on certain aspects especially relevant to cybersecurity and election verification. We substantially endorse the comments jointly submitted by the Brennan Center and Common Cause, but we have prepared these comments separately and more briefly.

Georgia’s new statewide voting system combines ballot marking devices, printers, and scanners on an unprecedented scale. The new system raises questions about voter verification and resilient election procedures about which little direct evidence exists. Accordingly, our recommendations our based on our review of this preliminary research recognizing that more research needs to occur.

Rule 183-1-12-.10 Before the Opening of the Polls

Voters will be instructed to verify their ballots, but it is unclear where or how. Providing a “station” for voters to verify their ballots – ideally, with good lighting and a magnifying glass available for any who need it – will help some voters to do so, and will encourage others even if they prefer not to use the station.

  • We recommend that election superintendents provide a verification station and/or otherwise accommodate voter verification in every polling place (and advance voting location).
  • We recommend that election superintendents provide a combination of interventions, some of which are described below, to encourage voters to check the accuracy of the printed ballots.
Read More

Verified Voting Statement on Ballot Marking Devices and Risk-limiting Audits

Download the pdf here

This statement is intended to clarify Verified Voting’s position regarding the use of ballot-marking devices (BMDs) in elections, and the use of risk-limiting audits (RLAs).  It is approved by the President, Board of Directors, and Staff of Verified Voting.

Ballot-marking devices

Verified Voting believes that voters should vote on paper ballots, but we recognize an important distinction between hand-marked and machine-marked ballots. Hand-marked paper ballots are not subject to inaccuracies or manipulation from software bugs or malicious code. In contrast, machine-marked paper ballots produced using BMDs might not accurately capture voter intent if the software or ballot configuration is buggy or malicious.

Verified Voting specifically opposes the purchase and deployment of new voting systems in which all in-person voters in a polling place are expected to use BMDs. The trustworthiness of an election conducted using BMDs depends critically on how many voters actually verify their ballots, and how carefully they do it. All voters who vote on BMDs should be made aware of the importance of carefully and conscientiously verifying their ballots before casting them, and should be actively encouraged to do so. However, empirical research thus far shows that few voters using BMDs carefully verify their printed ballots. Moreover, if voters do verify BMD-marked ballots and find what they believe are discrepancies, there is no reliable way to resolve whether the voters made mistakes or the BMDs did. For these and other reasons (such as cost) Verified Voting recommends that the use of BMDs be minimized. Read More

Letter to Georgia Secretary of State regarding Verified Voting’s position and involvement with risk-limiting audit pilots

The following letter was sent to Georgia Secretary of State Brad Raffensperger on December 16, 2019. The letter addresses Verified Voting’s concerns following the November 2019 election in Georgia and provides clarity on Verified Voting’s position and involvement with risk-limiting audit pilots in the state.

Download the Letter (PDF)

Dear Secretary Raffensperger,

I am writing to address a few issues that have concerned us since the November election and so that you and your staff have clarity on Verified Voting’s position.

As an initial matter, Verified Voting did not recommend that Georgia purchase all ballot marking devices for all in-person voters. We made our position clear in a letter to the co-chairs of the SAFE Commission dated January 4, 2019 attached for your reference. Verified Voting stands by its position and notes that this continues to be our recommendation for jurisdictions who are deciding what system to purchase among commercially-available voting systems. The fact that Georgia did not follow our recommendation and purchased Dominion BMDs for all in- person voters does not change our position.

Since the summer of 2019, Verified Voting has been working with the staff of the Secretary of State to implement post-election risk-limiting audits. Mark Lindeman, Director of Science & Tech Policy at Verified Voting has been the primary contact for your staff and is a subject-matter expert on RLAs. Our work with you on the implementation phase in no way endorses Georgia’s decision to move forward with BMDs instead of our prior recommendation of both hand-marked paper ballots and ballot marking devices in the polling place.

A risk-limiting audit is a tabulation audit: it uses statistical methods to provide confidence that the paper ballots were correctly tabulated. It checks only the tabulation, namely whether a full hand-count of the cast paper ballots would reveal something different than the reported outcome. It does not check — among other things — that voters actually verified their paper ballots, or that the paper ballots being tabulated are exactly those paper ballots that should be tabulated. Nor does it check whether strong chain of custody procedures, proper ballot accounting or other processes necessary to create a trustworthy record were observed. To express or imply that doing an RLA pilot demonstrates the security of the system is simply not true. Read More

Letter to North Carolina Board of Elections Regarding Certification Waiver for ES&S EVS 5.2.4.0

Download the Letter (pdf)

Dear Members of the North Carolina Board of Elections,

I am writing to you in my capacity as President of Verified Voting. Please forgive the lateness of the communication as I only recently learned of your meeting today. I am writing to urge the State Board of Elections to proceed with caution and decline to waive certification requirements for the ES&S EVS 5.2.4.0 to allow Mecklenburg County to purchase uncertified ExpressVote HW2.1 ballot marking devices (“BMDs”) for all voters. Not only would such a decision run contrary to North Carolina statutory law, but the failure to carefully examine the differences between this system and the certified system could needlessly expose Mecklenburg County to increased security risks in the upcoming election. Because Mecklenburg County insists on buying computerized ballot marking devices for all voters, the increased risk to North Carolina voters is grave indeed.

As we discuss more fully below, the differences between the two systems in both software and hardware are substantial. We believe elevating the security risk is needless because Mecklenburg County has other options in two certified systems by two other vendors. Additionally, in our view, there is time for Mecklenburg to institute a more secure system in which voters primarily mark paper ballots with a pen and the county also supplies sufficient operable ballot marking devices for voters who need or wish to use them. According to the Board, a prerequisite to use of the certified ES&S system in Mecklenburg County is the use of the system in at least one precinct in the November 2019 election. That has apparently already occurred with ExpressVote HW1.0 ballot marking device. To avoid waiving any legislative requirements, Mecklenburg could institute hand-marked paper ballots that are scanned by the DS 200 and BMDs with the vendor’s existing supply of BMDs. If the vendor represents that it does not have enough systems to even supply a small number of BMDs for each precinct, the State Board of Elections should consider the vendor’s presentation of the system for certification as offered in bad faith, especially if the vendor knew it would no longer manufacture that version of its equipment and would be unable to adequately supply counties that chose it. Read More

Verified Voting staff and partners comment on California’s proposed risk-limiting audit regulations

Verified Voting Director of Science and Technology Policy Mark Lindeman and Senior Advisor Pamela Smith collaborated with the California Voter Foundation and other partners in submitting a public comment letter responding to California’s proposed risk-limiting audit regulations. Visit the California Secretary of State’s website to view the proposed regulations. Download the Letter (pdf)

Dear Secretary Padilla:

We write in response to your recent request for public comment on proposed regulations that would impact the procedures used by election officials to conduct risk-limiting audits.1

Thank you for your office’s efforts in developing the proposed regulations. As most of us are members of the workgroup that your office convened earlier this year, we appreciate the amount of work that went into developing these proposed regulations. We especially applaud the inclusion of the provisions regarding chain of custody, certification of contest results and reporting of audit results, public education, and the requirement for posted written audit procedures.2

We do, however, urge four modifications to the regulations. First, the regulations appear to conflict with California law which requires that when a county conducts a risk-limiting audit in place of the one percent manual tally, it must do so for each and every contest; as we discuss below, the language of the proposed regulations only requires RLAs for three contests and establishes a new auditing procedure not found in the statute. Second, we recommend that the final regulations require the Secretary to disclose the source code of the RLA software tool. Third, we urge the Secretary to ensure in the regulations that cast vote records be made publicly available online sufficient to allow the public to verify that the RLA is being conducted appropriately. Finally, we recommend that the Secretary clarify how partial RLAs will work. Read More

The Role of Risk-Limiting Audits in Evidence-Based Elections

In the aftermath of the 2016 election cycle, interest in securing American elections from tampering or hacking has intensified. Given that 99% of our votes are counted by computers, and that computers are used in every aspect of the electoral process, election security is a top priority. For over a decade, Verified Voting has advocated for the widespread adoption of post-election risk-limiting audits (RLAs) alongside other best practices to facilitate a trustworthy and auditable record of votes cast.

A post-election risk-limiting audit (RLA) is one of the pillars of cyber security. In this day and age of nation state attacks on our election systems, it is very important for election systems to be resilient and provide a way for jurisdictions to identify problems and to recover from them. Security experts agree that the best method is voter-marked paper ballots (which voters choose to mark by hand or with a ballot marking device), having a deliberate and intentional step for voters to verify their ballot selections, providing a strong chain of custody of the ballots, and checking that the computers counted them correctly (RLAs).

Evidence-Based Election Ecosystem

Risk-limiting audits are one piece of the larger ecosystem of evidence-based elections that depend upon a trustworthy record to give confidence to election outcomes. There are some things that risk-limiting audits do not do. They do not tell us whether the voting system has been hacked. They do not and cannot determine whether voters actually verified their ballots. But they can detect and correct tabulation errors that could alter election outcomes — or provide strong evidence that a full hand count would yield the same outcomes.   Read More

Verified Voting supports respectful public observation of elections

For more than a decade Verified Voting has supported and encouraged respectful public observation of the election process consistent with a state or jurisdiction’s regulations governing observers, and promoted transparency as a key element of reliable, evidence-based elections. Election observers should be free from harassment and intimidation. Observation enables parties, candidates, citizen groups and independent organizations to deploy observers to witness the electoral process without interfering with it.

Election observation offers many benefits. The presence of election observers can “build public trust in a transparent and verifiably democratic process.” Credible election observers can help ensure that procedures are correctly followed, can alert busy election officials when issues arise, and can offer recommendations that make each election better than the last one. States and localities should welcome information gathered by observers. Verified Voting has partnered with the Election Protection Coalition for many years who have also advocated for this kind of nonpartisan observation. Read More

ICYMI: John Oliver Takes on Voting Machines

John Oliver took a deep dive into voting machines on the November 3, 2019 episode of “Last Week Tonight with John Oliver” and the Verified Voting team was excited to advise on the feature and provide our data from the Verifier. The 20 minute segment noted that while America’s voting systems are still vulnerable, the solution to securing our elections is surprisingly simple: voter-marked paper ballots, a strong chain of custody of those ballots, and risk limiting audits. Check out the segment here: 
Read More