October 12, 2024

Much-needed reminder

Highly recommend Jonathan Simon’s article "The Real Steal: Electoral Forensics and the 2020 Election" and his book CODE RED: Computerized Elections and the War on American Democracy: Election 2020 Edition; also the documentary KILL CHAIN: The Cyber War on America's Elections, featuring Harri Hursti.

January 09, 2024

In favor of hand-counted audits

January 8, 2024

Honorable members of the [New Hampshire] Senate Election Law and Municipal Affairs Committee:

I write in opposition to SB 489-FN, An act relative to election audits. [https://www.gencourt.state.nh.us/bill_status/pdf.aspx?id=22927&q=billVersion]

As I have written to Senator Gray in the past, I am opposed to the lack of transparency and public oversight and increased reliance on hackable, riggable computerized election machinery that using scanners and ballot images for audits embodies.

No true election security expert endorses using a scanner to perform an audit, even if it's a new make or model. Manual/hand-counted post-election audits have been recommended since 2009 by both the Secretary of State's own Electronic Ballot Counting Device Advisory Committee [formerly at http://sos.nh.gov/ballotcountdev.aspx; can supply] and the national League of Women Voters [https://www.lwv.org/sites/default/files/2018-07/report-electionaudits.pdf], as well as the experts who testified before the Kobach commission: Andrew Appel, Harri Hursti, and Ron Rivest. [https://youtu.be/XkPJbbKPJ_w?si=Lr3F0xQ1Az2gxpi5&t=7391]

Verified Voting, the premier body of election experts, is unequivocal: "Audits require human examination of voter-marked paper ballots... Audits cannot rely on scanned images or machine interpretations of the ballots to accurately reflect voter intent" (p. 7, Principles and Best Practices for… Audits). [P. 7, https://verifiedvoting.org/wp-content/uploads/2020/05/Principles-and-Best-Practices-For-Post-Eleciton-Tabulation-Audits.pdf]

Let us stop to ask, Why do audits in the first place? It's because election security experts know there are too many undetectable vulnerabilities with computerized voting, and manual audits of hand-marked paper ballots are our best defense. So why are we turning to computerized scanners and digital images when the experts say we should be doing hand-counted audits of the paper ballots?

The convenience of letting a machine do the work of auditing with digital images is very seductive. Proponents will even argue that people are more error-prone than machines. The problem is that the public can’t oversee the software in a scanner as it computes votes.

New Hampshire has a long, proud tradition of meticulous hand counts and recounts. The safeguards built into those can be utilized in audits and even strengthened to allow for maximum transparency and public oversight.

Here are concerns about the bill as written:

“I. The secretary of state shall randomly select not less than 8 ballot counting devices used by towns or city wards to be audited…. The selection of towns or city wards to be audited shall be non-public and made after any ballot counting device memory cards have been programmed.

“II. The secretary of state shall not announce which devices in the towns or city wards have been selected to be audited until after the polls are open on election day.”

The whole point of random audits is to make it impossible for *anyone* to know ahead of time which machines will be selected. Allowing the secretary of state to choose the machines in advance negates the protective effect of random selection.

“VI.(a) A random sample of the ballots counted and/or scanned by the device being audited, shall be selected and shall be compared with the voters' choices recorded for that ballot.”

The previous version of this bill, SB 366-FN [https://legiscan.com/NH/text/SB366/2022], was worded slightly differently:

"VI. A random sample of not less than 5 percent of the ballots scanned shall be selected and the images of the ballots [emphasis added] selected shall be compared with the voters' choices recorded for the ballot."

Given that the audits will be conducted using a scanner, I’m guessing that ballot images will again be used for comparison. I used to think this meant that the ballot images would be compared with the paper ballots to ensure that the images are accurate copies but instead am told that the ballot images will be compared with the cast vote record (CVR), a computer-generated record based on the ballot images. If true, this proposed audit never actually verifies that the ballot images – which the scanner uses to tabulate the votes – are accurate copies of the paper ballots.

Here's what Professors Andrew Appel and Philip Stark have to say about this:

"Audit the Digital Images?

"Some vendors are promoting systems that create digital images of ballots. These vendors claim that the images make RLAs [risk-limiting audits] easier to perform because fewer (or no) paper ballots need to be inspected. That is incorrect: if a risk-limiting audit relies on images of ballots, it must check that the error in making the images from the voter-verified paper ballots plus the error the system made interpreting those images to make cast-vote records is not large enough to cause the electoral outcome to be wrong. It is a mathematical fact that this requires examining at least as many physical ballots as an audit that compares CVRs to a human reading of the paper ballots, without relying on the digital images." [P. 537, https://georgetownlawtechreview.org/wp-content/uploads/2020/07/4.2-p523-541-Appel-Stark.pdf]

In other words, as I understand it, an audit that relies on digital images of ballots requires examining at least as many corresponding paper ballots as a hand-counted audit of the paper ballots alone. Which begs the question, wouldn’t it be easier to just audit the paper ballots?

Professor J. Alex Halderman's research also demonstrates the risks of auditing digital images rather than paper ballots:

"Abstract. As paper ballots and post-election audits gain increased adoption in the United States, election technology vendors are offering products that allow jurisdictions to review ballot images—digital scans produced by optical-scan voting machines—in their post-election audit procedures. Jurisdictions including the state of Maryland rely on such image audits as an alternative to inspecting the physical paper ballots. We show that image audits can be reliably defeated by an attacker who can run malicious code on the voting machines or election management system...." [https://jhalderm.com/pub/papers/unclear-evoteid19.pdf]

Please reject this cave-in to convenience and send a message that an audit requires the same high standard of proof that New Hampshire provides for recounts – nothing less. It must be truly random – not pre-selected – and hand-counted, with ample public oversight.

Respectfully,
Barbara Glassman
Nashua, NH