risk-limiting audit

Tag Archive

Media Release: To Enhance Election Security, Rhode Island Tests A New Way to Verify Election Results

Rhode Island is making good on its promise to road-test risk-limiting election audits, following 2017 passage of legislation by the Rhode Island General Assembly, requiring them. Beginning with the presidential primary in April 2020, Rhode Island will become the second state to require these audits to verify election results. A “risk limiting” audit checks if the election result is correct. Specifically it checks the counting of the votes. A “risk-limiting” audit limits the risk that the wrong election result will be certified. It can catch errors which change the result and correct a wrong result.

For more background on the legislation, visit here: and here.

To prepare for next year’s full implementation, the Rhode Island Board of Elections will conduct three pilot audits on January 16 and 17 at 50 Branch Avenue in Providence, Rhode Island beginning at 9:30 a.m. These pilot audits will be conducted with local election officials from Bristol, Cranston and Portsmouth, Rhode Island. Read More

National: New technologies could actually eliminate common voting controversies in the U.S. | Salon

As voting in 2018’s midterms ends on Tuesday, November 6, there will be contests with surprising results, races separated by the slimmest of margins, or even ties. How will voters know what to believe without falling prey to partisan angst and conspiracies? What if, as Dean Logan, Los Angeles County’s voting chief, retweeted this week, “the weakest link in election security is confidence”in the reported results? The factual answers lie in the voting system technology used and the transparency — or its lack — in the vote counting, count auditing and recount process. These steps all fall before outcomes are certified and the election is legally over. … In the past decade, two differing approaches to answering that question have emerged and evolved. The first to surface is what’s called a risk-limiting audit (RLA). Jerome Lovato, now an election technology specialist with the U.S. Election Assistance Commission, was present at the start of developing and implementing RLAs a decade ago when Colorado hired him to improve their audit process. Colorado had been sued for a lack of transparency surrounding its testing and certification after buying new machines in 2006. Back then, Colorado — like many states today — grabbed and examined hundreds of ballots after every election to see if they matched the announced winners. Read More

National: Democrats unveil push to secure state voting systems | The Hill

A group of Democratic senators is introducing a bill aimed at securing U.S. elections from hacking efforts, the latest response to attempted Russian interference in the 2016 presidential vote. The bill introduced Tuesday is specifically designed to ensure the integrity of and bolster confidence in the federal vote count. It would require state and local governments to take two steps to ensure that votes are counted correctly. Under the legislation, states would have to use voting systems that use voter-verified paper ballots that could be audited in the event a result is called into question. State and local officials would also be required to implement what are known as “risk-limiting audits” — a method that verifies election outcomes by comparing a random sample of paper ballots with their corresponding digital versions — for all federal elections. Read More

Colorado: State pioneers voting safeguard | Grand Junction Sentinel

Colorado became the first state in the nation after this month’s election to complete a “risk-limiting” audit, according to the Secretary of State’s Office. Such an audit, ordered by the Colorado Legislature in 2009, is a procedure designed to provide statistical evidence that the election outcome is correct, and has a higher-than-normal probability of correcting a wrong outcome. Risk-limiting audits require human beings to examine and verify more ballots in close races, and fewer ballots in races with wide margins. “Colorado is a national leader in exploring innovative solutions for accessible, secure and auditable elections,” said Matt Masterson, chairman of the U.S. Election Assistance Commission, who witnessed the audit. “Colorado’s risk-limiting audit provided great insights into how to conduct more efficient and effective post-election audits. (The commission) is eager to share some of the lessons learned with election officials across America.” Read More

Colorado: State embarks on a first-of-its-kind election audit that’s drawing interest from out of state | The Denver Post

Colorado is embarking on a first-of-its-kind, statewide election audit that seeks to validate the accuracy of the state’s ballot-counting machines amid national concern about election integrity. The so-called risk-limiting audit involves a manual recount of a sample of ballots from 56 counties that had elections this year to compare them with how they were interpreted by tabulating machines. The exercise is drawing observers from Rhode Island, as well as top federal voting-oversight officials. “It’s a huge deal in the election world,” said Lynn Bartels, spokeswoman for the Colorado Secretary of State’s Office, which is implementing the audit. Read More

National: States ramping up defenses against election hacks | The Hill

States across the nation are ramping up their digital defenses to prevent the hacking of election systems in 2018. The efforts come in the wake of Russia’s interference in the 2016 presidential election, which state officials say was a needed wake up call on cybersecurity threats to election systems and infrastructure. … Security experts are still divided over the extent of hacking risks to actual voting machines. Some say that because many different voting machines are used across the country and because they are not connected to the internet, that would make any large scale attack hard to carry out. … But others contend that digital voting machines are vulnerable and could be targeted to influence actual election outcomes. “Some election functions are actually quite centralized,” Alex Halderman, a University of Michigan computer science professor, told the Senate Intelligence Committee in June. “A small number of election technology vendors and support contractors service the systems used by many local governments. Attackers could target one or a few of these companies and spread malicious code to election equipment that serves millions of voters.” Read More

Colorado: State to require advanced post-election audits | Politco

Colorado on Monday said it will become the first state to regularly conduct a sophisticated post-election audit that cybersecurity experts have long called necessary for ensuring hackers aren’t meddling with vote tallies. The procedure — known as a “risk-limiting” audit — allows officials to double-check a sample of paper ballots against digital tallies to determine whether results were tabulated correctly. The election security firm Free & Fair will design the auditing software for Colorado, and the state will make the technology available for other states to modify for their own use. The audit will allow Colorado to say, “with a high level of statistical probability that has never existed before,” that official election results have not been manipulated, said Colorado Secretary of State Wayne Williams in a statement. Read More

Colorado: State hires startup to help audit digital election results | The Hill

The state of Colorado is moving to audit future digital election results, hiring a Portland-based startup to develop software to help ensure that electronic vote tallies are accurate. The startup Free & Fair announced on Monday that it had been selected by the state to develop a software system for state and local election officials to conduct what are called “risk-limiting audits.” A risk-limiting audit, or RLA, is a method that checks election outcomes by comparing a random sample of paper ballots to the accompanying digital versions. The development comes amid deepening fears on Capitol Hill about the possibility of foreign interference in future elections, following Russia’s use of cyberattacks and disinformation to influence the 2016 presidential election. According to the U.S. intelligence community, Moscow’s efforts also included targeting state and local election systems. Read More

National: How Applied Mathematics Could Help Democracy | The Atlantic

American voting relies heavily on technology. Voting machines and ballot counters have sped up the formerly tedious process of counting votes. Yet long-standing research shows that these technologies are susceptible to errors and manipulation that could elect the wrong person. In the 2016 presidential election, those concerns made their way into public consciousness, worrying both sides of the political fence. The uncertainty led to a set of last-minute, expensive state recounts—most of which were incomplete or blocked by courts. But we could ensure that all elections are fair and accurate with one simple low-tech fix: risk-limiting audits. Risk-limiting audits are specific to elections, but they are very similar to the audits that are routinely required of corporate America. Under them, a random sample of ballots is chosen and then hand-counted. That sample, plus a little applied math, can tell us whether the machines picked the right winner. Read More

Voting Blogs: Voting with Risk-Limiting Audits: Better, Faster, Cheaper | EFF

After extensive ups and downs, the election recount efforts in Michigan, Wisconsin, and Pennsylvania have concluded. The main lesson: ballot audits should be less exciting and less expensive. Specifically, we need to make audits an ordinary, non-partisan part of every election, done efficiently and quickly, so they are not subject to emergency fundraising and last-minute debates over their legitimacy. The way to do that is clear: make risk-limiting audits part of standard election procedure. After this year’s election, EFF joined many election security researchers in calling for a recount of votes in three key states. This was partly because of evidence that hackers affected other parts of the election (not directly related to voting machines). But more than that, it was based long-standing research showing that electronic voting machines and optical scanners are subject to errors and manipulation that could sway an election. In response to that call, Green Party candidate Jill Stein’s campaign raised more than $7 million to fund the recounts. Read More

National: Elections at Risk in Cyberspace, Part IV: Securing the Vote | Signal Magazine

Standardizing voter registration processes, voting machines and vote tabulation is the key to eliminating most vulnerabilities plaguing U.S. elections, according to several cybersecurity experts. These standardizations would embed security, enable backups and eliminate many backdoors through which hackers and vote fraudsters currently can warp the results of an election. While voting is administered at the state and local levels, these remedies would need to be applied nationwide. The current web of diverse processes may increase the difficulty for wide-scale election tampering, but they also ensure that achieving security is too broad a challenge for any single remedy to be applied. This diversity also virtually ensures that some location will have a vulnerability that, if exploited effectively, could cast doubt on a nationwide election result. … Auditing capabilities are important, says Ron Bandes, network security analyst in the CERT division of the Software Engineering Institute of Carnegie Mellon University. He also is president of VoteAllegheny, a nonpartisan election integrity organization. Read More

Colorado: Dominion selected as uniform system for voting public | Grand Junction Sentinel

The Secretary of State’s Office chose a Denver-based company Tuesday to supply future voting machines for the state’s 64 counties, and Mesa County Clerk Sheila Reiner couldn’t be more pleased. That’s because Reiner used voting machines from that company, Dominion Voting Systems, as part of a three-year pilot project to test various machines for a uniform voting system. Having all counties use the same machines not only will allow each to get them cheaper, but also help save costs in maintenance, supplies and training time for election workers, Reiner said. She said Dominion, more than any of the other companies that were included in the pilot study, had a product that was ready to go. “Dominion … was by far the most developed and appropriate system for our state,” Reiner said. “I say that because from the simplicity of building the ballot definition all the way through the risk-limiting audit that we’re going to be required to do by statute in 2017, everything just fit with Colorado laws and current needs. The other vendors are still developing things to fit our model.” Read More

Colorado: Arapahoe County pioneering use of new vote verification system | The Denver Post

Arapahoe County is piloting a vote-checking system this week that promises to raise the level of confidence in the accuracy of election results in Colorado. Elections officials gathered Wednesday at the county’s clerk and recorder office in Littleton to put the system — dubbed the risk-limiting audit — through the paces. The goal is to work out the bugs and have it ready for statewide rollout by election day 2017, as required by the state legislature. “The way we do audits doesn’t present a good enough picture,” Arapahoe County Clerk Matt Crane said Wednesday. “Our citizens deserve to know that we have a fair, transparent and accurate voting process.” The way a post-election audit of ballots is done currently requires a canvass team to pull at least 500 randomly selected paper ballots and compare the results to the tally recorded by the tabulation machines used in the election. Under the risk-limiting audit, random numbers generated by a software program will identify certain ballots to be pulled for inspection. The sample size is statistically determined based on the total number of ballots cast, the margin of the contest and the audit results as they unfold.  Read More

California: Law sought to prevent recount fights | Fresno Bee

In 2010, California lawmakers approved legislation meant to reduce the incentive for expensive and contentious ballot recounts of the sort looming in the exceedingly close race for second place in the state controller’s primary. But the law went dormant at the end of last year and will have no bearing on the controller’s contest between Betty Yee and John A. Pérez. In a statement Tuesday, the Pérez campaign said it is conducting a review to “determine whether a recount is warranted. After nearly a month of counting votes and a vote margin of just 1/100th of one percent, out of more than 4 million votes cast, nobody would like to the see this process completed more than we would,” the statement said. “Since this is one of closest statewide elections in the history of California, we have an obligation to review and ensure that every vote cast is accurately counted. During our review, we will also determine whether a recount is warranted.” Read More

Editorials: Saving throw: securing democracy with stats, spreadsheets, and 10-sided dice | Ars Technica

Armed with a set of 10-sided dice (we’ll get to those in a moment), an online Web tool, and a stack of hundreds of ballots, University of California-Berkeley statistics professor Philip Stark spent last Friday unleashing both science and technology upon a recent California election. He wanted to answer a very simple question—had the vote counting produced the proper result?—and he had developed a stats-based system to find out. On June 2, 6,573 citizens went to the polls in Napa County and cast primary ballots for supervisor of the 2nd District in one of California’s most famous wine-producing regions, on the northern edge of the San Francisco Bay Area. The three candidates—Juliana Inman, Mark van Gorder, and Mark Luce—would all have liked to come in first, but they really didn’t want to be third. That’s because only the two top vote-getters in the primary would proceed to the runoff election in November; number three was out. Napa County officials announced the official results a few days later: Luce, the incumbent, took in 2,806 votes, van Gorder got 1,911 votes, and Inman received 1,856 votes—a difference between second and third place of just 55 votes. Given the close result, even a small number of counting errors could have swung the election. Vote counting can go wrong in any number of ways, and even the auditing processes designed to ensure the integrity of close races can be a mess (did someone say “hanging, dimpled, or pregnant chads”?). Measuring human intent at the ballot box can be tricky. To take just one example, in California, many ballots are cast by completing an arrow, which is then optically read. While voters are instructed to fully complete the thickness of the arrow, in practice some only draw a line. The vote tabulation system used by counties sometimes do not always count those as votes. So Napa County invited Philip Stark to look more closely at their results. Stark has been on a four-year mission to encourage more elections officials to use statistical tools to ensure that the announced victor is indeed correct. He first described his method back in 2008, in a paper called “Conservative statistical post-election audits,” but he generally uses a catchier name for the process: “risk-limiting auditing.” Read More

Florida: New post-election audit method could improve detection of vote-counting flaws – and fix them | Palm Beach Post

In California, 13 million people voted in the 2008 presidential race. But double-checking the result could have been as simple as looking at the right 96 ballots. Post-election audits in Florida are done with hand recounts of a sliver of ballots, taken from a few random precincts. They help identify widespread problems, as one did recently in Wellington, when it caught the fact that results for three races had been accidentally switched by Palm Beach County’s vote-counting software. But they tell you nothing about what happened in precincts that weren’t checked. In theory, a huge problem could go undetected. A new method of audit – developed by Philip Stark, statistics department vice chairman at the University of California, Berkeley – gets around that. Stark’s method works like an opinion poll, by looking at a random sample of ballots from across the race. The key word is random: The ballots have to be picked with precision, from a master list of every ballot cast. Once picked, only that ballot will do. The number of ballots reviewed depends on the margin of victory. Tighter races need more ballots. In California in 2008, Barack Obama won with 61 percent of the vote, so 96 ballots would do. If Obama had won with 52 percent, the state would have needed to check about 3,900 ballots, Stark said. Read More

Florida: New post-election audit method could improve detection of vote-counting flaws – and fix them | Palm Beach Post

In California, 13 million people voted in the 2008 presidential race. But double-checking the result could have been as simple as looking at the right 96 ballots. Post-election audits in Florida are done with hand recounts of a sliver of ballots, taken from a few random precincts. They help identify widespread problems, as one did recently in Wellington, when it caught the fact that results for three races had been accidentally switched by Palm Beach County’s vote-counting software. But they tell you nothing about what happened in precincts that weren’t checked. In theory, a huge problem could go undetected. A new method of audit – developed by Philip Stark, statistics department vice chairman at the University of California, Berkeley – gets around that. Stark’s method works like an opinion poll, by looking at a random sample of ballots from across the race. The key word is random: The ballots have to be picked with precision, from a master list of every ballot cast. Once picked, only that ballot will do. The number of ballots reviewed depends on the margin of victory. Tighter races need more ballots. In California in 2008, Barack Obama won with 61 percent of the vote, so 96 ballots would do. If Obama had won with 52 percent, the state would have needed to check about 3,900 ballots, Stark said. Read More