An oversight in York County, Pennsylvania on the eve of last November’s Election Day questioned the rightful winner of the election, but thankfully the potential damage stopped there. Still, the discovery of a technical error — one that allowed voters to cast multiple votes for a candidate in races with cross-filed candidates — risked the integrity of the election. This could’ve been easily preventable with paper ballots. Most Pennsylvania voters are using paperless electronic voting machines to cast their ballot. The problem is that these outdated machines — also known as direct recording electronic (DRE) systems —are unverifiable. DREs, or voting machines without paper ballot back-up, have been the source of controversy for years because of their inability to allow anyone to verify the results. Instilling confidence in election outcomes can only occur by replacing these systems with newer ones that provide a software independent record of voter intent and implementing statistically meaningful audits of those records.
The Verified Voting Blog
This blog contains posts authored by the Verified Voting Team and by members of the Verified Voting Board of Advisors.
Verified Voting Says Paper Ballots and Post-Election Audits Can Safeguard our Elections as State and Local Election Officials Discuss Election Security
“As officials look to address the risks our elections face today, it is essential that voter-verified paper ballots and post-election audits are recognized as the best way – given current technology – to ensure that an attack on our voting systems can be detected and the outcome verified. With midterm elections quickly approaching, it’s time we also prepare to monitor, detect, respond and recover from these potential attacks. The good news is that we can, and Congress has a bill that goes a long way in doing so.
“The bipartisan Secure Elections Act, introduced late last month by Sen. James Lankford (R-OK) and co-sponsored by Sen. Amy Klobuchar (D-MN), Sen. Lindsey Graham (R-SC), Sen. Kamala Harris (D-CA), Sen, Susan Collins (R-ME) and Sen. Martin Heinrich, (D-NM), aims to provide states with the resources needed to implement these safeguards.
Verified Voting Urges Congress to Pass the Secure Elections Act; Bipartisan Legislation Empowers States to Protect Themselves
The following is a statement from Marian K. Schneider, president of Verified Voting, on the Secure Elections Act, which was introduced by Sen. James Lankford (R-OK) and co-sponsored by Sen. Amy Klobuchar (D-MN), Sen. Lindsey Graham (R-SC),Sen. Kamala Harris (D-CA), Sen, Susan Collins (R-ME) and Sen. Martin Heinrich,(D-NM) on December 21, 2017.
“The Secure Elections Act addresses the new reality that our election infrastructure must be protected as matter of national security. At a time when our democracy needs increased protection, Congress should fast-track the newly introduced Secure Elections Act to provide resources for states to safeguard our voting systems and ensure election infrastructure is resilient.
“This bipartisan legislation establishes a structured grant program that creates incentives for states to adopt good cyber hygiene measures in accordance with guidelines developed by an advisory panel of experts. Coupling grants to the states with effective guidelines on spending will ensure the money is used well and moves toward strengthening our elections. In addition, the bill improves the exchange of information about security threats among the different levels of government to allow timely response and action.
Verified Voting Testimony before the Pennsylvania State Senate Senate State Government Committee: Voting System Technology and Security
The security of election infrastructure has taken on increased significance in the aftermath of the 2016 election cycle. During the 2016 election cycle, a nation-state conducted systematic, coordinated attacks on America’s election infrastructure, with the apparent aim of disrupting the election and undermining faith in America’s democratic institutions. Intelligence reports that have been published in 2017 demonstrate that state databases and third-party vendors not only were targeted for attack, but were breached.1 Regardless of the success of hacking attempts in 2016, the consensus among the intelligence community is that future attacks on American elections are inevitable.2 The inevitability of attacks is a key concept in cyber security, that is, it’s not whether a system will be attacked, but when.
The existence and national significance of this threat have escalated the priority of securing Pennsylvania’s elections infrastructure. Two primary areas that require immediate and sustained attention are 1) securing both the state and county networks, databases and data transmission infrastructure that touch elections; and 2) instilling confidence in election outcomes by replacing legacy voting systems with new systems that permit reliable recounts and audits.
During the time that I served the Commonwealth as Deputy Secretary for Elections and Administration and Special Advisor to the Governor on Election Policy, I worked with the Office of Administration-Office of Information Technology to protect the Commonwealth’s networks that touch elections and to implement procedures to recover from any potential attacks. These efforts complied with cyber security best practices to monitor, detect, respond and recover. OA-OIT’s experienced staff is continuing this effort, and along with the Department of State, they have engaged county CIOs and technology staff to coordinate similar efforts at the counties working through the Commonwealth’s relationship with the County Commissioners Association of Pennsylvania (CCAP). Assuming the administration receives support from the General Assembly, the Commonwealth is on the right track to taking the necessary steps to monitor, detect, respond and recover from cyber attacks.
Election Security Experts Raise Concern about the Integrity of Alabama’s U.S. Senate Election if a Recount is Needed
MEDIA CONTACT: Aurora Matthews 301-221-7984
Marian K. Schneider: “Alabama’s recount laws won’t do enough to protect voters’ votes.”
The following is a statement from Marian K. Schneider, president of Verified Voting, on election integrity, and the need for manual recounts and audits. For additional media inquires, please contact email@example.com
“All eyes might be on the candidates running for the U.S. Senate seat in Alabama, but Alabama’s election practices and recount laws also deserve scrutiny. If the race goes to a recount following the election, Alabama’s recount laws won’t do enough to protect voters’ votes because it has no audit structure in place and relies on re-tabulation – where ballots that were tabulated by optical scanners are now re-tabulated by machine. If a recount occurs, it cannot be relied on to detect and correct a potential error in the computerized count unless it is done manually.
Testimony of Verified Voting to the Georgia House of Representatives House Science and Technology Committee
Georgia’s voting machines need an update. The lifespan of voting machines has been estimated at 10-15 years.1 Purchased in 2002 Georgia’s voting machines are at the outside of that estimate. As voting systems age they are more susceptible to error, malfunction or security threats potentially losing or miscounting votes.
Georgia is one of only a handful of States that is still casting votes on entirely electronic voting systems, known as Direct Record Electronics (DREs). These machines record votes only in digital form; if the digital records are corrupted, either by benign error or malicious attack, there are no backup records and no way to know whether votes have been corrupted. When Georgia purchased these machines in 2002, the national trend was toward paperless touchscreen voting machines. Since then, however, most states moved away from paperless voting systems, driven by mounting research establishing these machines’ security flaws and some high profile and costly machine failures.2 Most of the nation has adopted voting systems that rely on a voter-marked paper ballot, an election safeguard recognized as essential by election officials and computer security experts alike.
A paper ballot provides a durable, physical record that is out of reach of a cyber attack and cannot be lost by a digital malfunction or programming error. Paper ballots can be used in a recount or to perform a post-election audit or check on the election results to help ensure the election outcome is correct. Today roughly 70% of voters in our nation mark a paper ballot which is counted by an electronic scanner.
In 2016 the threat of cyber attacks on our elections from foreign entities became an alarming reality. We learned that an adversarial nation was targeting our election systems with the intent to disrupt and undermine the legitimacy of our free, democratic government. In the declassified report “Assessing Russian Activities and Intentions in Recent U.S. Elections” the U.S. Intelligence Community warned that “Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards.”1 Several months ago we learned that the U.S. Department of Homeland Security (DHS) contacted officials in twenty-one states to notify them that their election systems had been targeted by Russian hackers. When asked at a June hearing of the Senate Select Committee of Intelligence if we should expect continued cyber attacks on our election infrastructure, then FBI director James Comey stated emphatically, “[t]hey will be back.”2 The gravity of this threat cannot be overstated. It is critical that we take every precaution to protect our election systems.
The stealth, skill and sophistication of today’s state-level cyber attackers should not be underestimated. Cyber security experts have warned that attacks today continue to outpace our ability to defend against them. The unending list of high profile and well-defended enterprises that have fallen victim to cyber attacks3 demonstrates the impracticality of trying to defend any computer system absolutely. Further complicating the problem, our election offices are typically under-resourced and understaffed. Though the New York State Board of Elections currently has in place some of the more advanced cyber security and cyber hygiene requirements for election systems, we cannot expect our county election offices to defend against cyber attacks from a state-level attacker.
Verified Voting is a national non-partisan, not for profit research and advocacy organization founded by computer scientists and committed to safeguarding democracy in the digital age. We promote technology and policies that ensure auditable, accessible and resilient voting for all eligible citizens. We urge you to adopt the proposed amendments and vote “YES” on A-4619.
New Jersey is one of only a handful of states whose voters are still casting votes on entirely electronic voting systems, direct recording electronic (DREs). Because these systems record votes directly onto computer memory without any independent paper record of the vote, they are especially vulnerable to undetectable and uncorrectable errors in the vote count.
Numerous studies and security evaluations of DRE systems over the years have found that the DREs in use in New Jersey have insecurities making them vulnerable to undetectable manipulation and tampering.1 Because DRE systems prevent anyone from verifying that the electronic tally accurately reflects voter intent, many States have discontinued the use of electronic DRE voting systems in favor of paper ballots. In 2006 only 25% of voters nationwide cast their ballots on paper but in 2017 more than 70% of U.S. voters marked a paper ballot.2
Verified Voting Names Voting Rights Lawyer and Pennsylvania Election Official Marian K. Schneider New President
Nearly a year after intelligence agencies confirmed foreign interference in our elections – and with midterm primaries just around the corner – the U.S. is looking to safeguard its elections infrastructure. To that end, Verified Voting, the leading national organization focused solely on making our voting technology secure, has named voting rights lawyer and former Pennsylvania election official Marian K. Schneider as its new president. Schneider, who most recently served as the special advisor to Pennsylvania Governor Tom Wolf on election policy, will focus on restoring faith in the democratic process of voting by securing our elections.
A lawyer with expertise in voting rights and election law, Schneider has extensive experience with state government administration as well as in the nonprofit social justice sector.
“Marian brings an uncommon mix of passion and experience as an on-the-ground election official and as an advocate to Verified Voting, and we couldn’t be more pleased to have her join,” said Barbara Simons who served as Interim President and will now return to her role as Board Chair. “We are confident that under Marian’s leadership, Verified Voting can achieve its goals to secure future elections.”
A new report on cyber vulnerabilities of our elections systems raises awareness of a critical issue, but in order to secure our elections, we need fundamental changes made at the state and local level. Verified Voting collaborated on the DEFCON Hacker Village to raise awareness of a chilling reality: our enemies have the will, intention and ability to tamper with our election infrastructure, potentially delegitimizing our elections and destabilizing our government. Verified Voting has known of this frightening possibility for years—we were founded in 2004, in the wake of election irregularities, to secure our democracy by ensuring that Americans’ votes would be counted the way they intended to cast them.
We know from deep experience: protecting our election infrastructure is a national security issue, and if we don’t act now, as former FBI Director James Comey has stated, ‘They’ll be back.’ That’s why Verified Voting has worked continuously with state election officials to safeguard their systems. Just last month, Verified Voting worked closely with Virginia’s Board of Elections in their move to decertify and remove its insecure, untrustworthy paperless voting machines and replace them with voter-marked paper ballots.