May 24, 2022

Testimony to the Special Committee on Voter Confidence, Derry, NH

Honorable Members of the Special Committee on Voter Confidence:

My name is Barbara Glassman. I moved to Nashua from Pennsylvania in 2012. In 2005 I became the webmaster for a nonpartisan election integrity group trying to convince county commissioners to purchase optical scanners rather than paperless voting machines. We failed, but I’ve kept posting about election integrity, now on Facebook at Save Our Vote. [https://www.facebook.com/SaveOurVote


New Hampshire was one of the first states to adopt computerized voting with its purchase of the AccuVote in the early 1990s. Election security experts recognized the danger. Vote rigging had become much easier. All it would take is a few lines of code, riding on a memory card.


No one wanted to hear it. Neither major political party, nor the media, nor election administrators had any interest in casting doubt on the outcomes of elections. 


Security experts understood that the best defense against rigging or hacking is hand-counted audits of hand-marked paper ballots. Verified Voting has been saying that since 2004 [https://verifiedvoting.org/issues/]. The national League of Women Voters said it in 2009 [https://sites.google.com/a/leagueofwomenvoters.org/clearinghouse/rep/election-administration/lwvus-report-on-election-auditing]. In New Hampshire in 2009, the Electronic Ballot Counting Device Advisory Committee called for hand-counted audits, saying, “[T]his deserves the highest priority.” [formerly at http://sos.nh.gov/ballotcountdev.aspx; can supply] Secretary Gardner’s hand-picked experts – Andrew Appel, Harri Hursti, and Ron Rivest – testified to the need in 2017 in Manchester [at 2’3” in the afternoon session: https://youtu.be/XkPJbbKPJ_w?t=7391].


Despite New Hampshire’s long, proud history of meticulous manual recounts, Secretary Gardner resisted hand-counted audits. If he hadn’t, if he followed his own experts’ recommendations, this committee might not have been needed. A publicly observed hand-counted audit would have answered many of New Hampshire voters’ questions about the 2020 election, at least in our state.


Instead, Secretary Gardner turned to a new, high-speed scanner marketed for audits. It will scan the paper ballots and then audit the digital images. How will we even know that the images are accurate copies of the ballots? Only 5 out of every 10,000 ballots will be compared with their images to see if they match. 


Here's what Professors Andrew Appel and Philip Stark have to say about this: "These vendors claim that the images make RLAs [risk-limiting audits] easier to perform because fewer (or no) paper ballots need to be inspected. That is incorrect…. [T]his requires examining at least as many physical ballots as an audit” of the paper ballots alone. [P. 537, https://georgetownlawtechreview.org/wp-content/uploads/2020/07/4.2-p523-541-Appel-Stark.pdf] Which begs the question as to why it wouldn’t make more sense to just audit the paper ballots.

The convenience of letting a machine do the work of auditing with digital images is very seductive. It allows us to rationalize away the futility of trying to solve an inscrutable software problem by throwing more inscrutable software at it.

Suppose Secretary Gardner had proposed abandoning New Hampshire’s long tradition of hand recounts in favor of simply running the ballots through a new scanner. Pushback would have been immediate. How would we know which scanner was accurate without a hand recount? We can’t know. Yet that is what is offered in Senate Bill 366: machine-counted audits with a new scanner and grossly inadequate verification of ballot image accuracy.


BTW, pre- and post-election testing cannot detect every software problem. Computers know what day and time it is. Scanners can be programmed to perform well when tested and behave differently on election day. 

The VW cheating scandal is a perfect illustration. VW's software allowed their cars to pass emissions tests, only to pollute when not in testing mode. [See "What if Volkswagen made Voting Machines?" https://thevotingnews.com/what-if-vw-made-voting-machines/]

The GOP is the first major political party to recognize the fallibility of software and the need for audits. Unfortunately, a highly publicized audit in Arizona relied on inexperienced, partisan third parties that didn’t even have the confidence of some fellow Republicans. Sadly, many Democrats now view audits with suspicion and resistance. 

So if confidence in New Hampshire elections is to be restored, it will require reversing the trend toward secrecy and instead welcoming public oversight, starting with repeal of the ballot and ballot image exemptions from public records and passage of legislation that would allow moderators to do a verification count at the polls on election night, as in Senate Bill 79 [https://legiscan.com/NH/bill/SB79/2021], a measure that used to go unchallenged. Routine, mandatory audits would need to be hand-counted and publicly observed, delivering the same high standard of proof that New Hampshire recounts provide.

Designing an effective audit is a formidable task. It deserves more time and study than legislators alone can spare. I know a few New Hampshire voters who are interested in drafting a plan. I hope their voices will be heard.

Thank you for the opportunity to offer suggestions. It’s much appreciated.

Respectfully,

Barbara Glassman   

Nashua, NH 


Addendum

Verified Voting, the premier body of election experts, is unequivocal: "Audits require human examination of voter-marked paper ballots... Audits cannot rely on scanned images or machine interpretations of the ballots to accurately reflect voter intent.” [P. 7, https://verifiedvoting.org/publication/principles-and-best-practices-for-post-election-tabulation-audits/].

May 03, 2022

In New Hampshire: A continuing plea for hand-counted audits

May 3, 2022

Dear Representatives:

I write in opposition to SB 366-FN, An act requiring an audit of ballots cast in the 2022 primary and general election.

As I have written to Senator Gray in the past, I am opposed to the lack of transparency and public oversight and increased reliance on hackable, riggable computerized election machinery that using scanners and ballot images for audits embodies.

No true election security expert endorses using a scanner to perform an audit, even if it's a new make or model. Manual/hand-counted post-election audits have been recommended since 2009 by both the Secretary of State's own Electronic Ballot Counting Device Advisory Committee [formerly at http://sos.nh.gov/ballotcountdev.aspx] and the national League of Women Voters [https://sites.google.com/a/leagueofwomenvoters.org/clearinghouse/rep/election-administration/lwvus-report-on-election-auditing], as well as the experts who testified before the Kobach commission: Andrew Appel, Harri Hursti, and Ron Rivest. [https://youtu.be/XkPJbbKPJ_w?t=7391]

Verified Voting, the premier body of election experts, is unequivocal: "Audits require human examination of voter-marked paper ballots... Audits cannot rely on scanned images or machine interpretations of the ballots to accurately reflect voter intent" (p. 7, Principles and Best Practices for… Audits). [P. 7, https://verifiedvoting.org/wp-content/uploads/2020/05/Principles-and-Best-Practices-For-Post-Eleciton-Tabulation-Audits.pdf

Let us stop to ask, Why do audits in the first place? It's because election security experts know there are too many undetectable vulnerabilities with computerized voting, and manual audits of hand-marked paper ballots are our best defense. So why are we turning to computerized scanners and digital images when the experts say we should be doing hand-counted audits of the paper ballots?

The convenience of letting a machine do the work of auditing with digital images is very seductive. Proponents will even argue that people are more error-prone than machines. The problem is that the public can’t oversee the software in a scanner as it computes votes. 

New Hampshire has a long, proud tradition of meticulous hand counts and recounts. The safeguards built into those can be utilized in audits and even strengthened to allow for maximum transparency and public oversight.

Here are concerns about the bill as written:

4. “I. The secretary of state shall randomly select one to 3 percent of AccuVote devices, but not less than 4 such devices, to be used at the 2022 state general election to be audited…. The selection of devices to be audited shall be non-public and made at least 2 weeks prior to the general election, after the AccuVote memory cards have been programed [sic]."  

 

The whole point of random audits is to make it impossible for *anyone* to know ahead of time which machines will be selected. Allowing the secretary of state to choose the machines in advance negates the protective effect of random selection.

4. "VI.  A random sample of not less than 5 percent of the ballots scanned shall be selected and the images of the ballots selected shall be compared with the voters' choices recorded for the ballot."

So this bill allows as little as 1 percent of the AccuVote machines, but not less than four, to be audited, and then as little as 5 percent of the ballots from those machines to have their images compared with "the voters' choices recorded for the ballot," presumably, the voters’ hand-marked paper ballots. If my husband, an engineer, is not mistaken, that works out to a rate of 0.05 percent of the AccuVote ballots, or 5 in 10,000 paper ballots that will be compared with the corresponding ballot images to try to establish that the digital images are accurate copies of the hand-marked ballots. Does anyone see that as sufficient to inspire confidence? In contrast, Massachusetts conducts hand-counted audits of the paper ballots in 3 percent of all precincts when the president is on the ballot.

Here's what Professors Andrew Appel and Philip Stark have to say about this:

"Audit the Digital Images?

"Some vendors are promoting systems that create digital images of ballots. These vendors claim that the images make RLAs easier to perform because fewer (or no) paper ballots need to be inspected. That is incorrect: if a risk-limiting audit relies on images of ballots, it must check that the error in making the images from the voter-verified paper ballots plus the error the system made interpreting those images to make cast-vote records is not large enough to cause the electoral outcome to be wrong. It is a mathematical fact that this requires examining at least as many physical ballots as an audit that compares CVRs to a human reading of the paper ballots, without relying on the digital images." [P. 537, https://georgetownlawtechreview.org/wp-content/uploads/2020/07/4.2-p523-541-Appel-Stark.pdf

In other words, as I understand it, an audit that relies on digital images of ballots requires examining at least as many corresponding paper ballots as a hand-counted audit of the paper ballots alone. Which begs the question, wouldn’t it be easier to just audit the paper ballots?

Professor J. Alex Halderman's research also demonstrates the risks of auditing digital images rather than paper ballots: 

"Abstract. As paper ballots and post-election audits gain increased adoption in the United States, election technology vendors are offering products that allow jurisdictions to review ballot images—digital scans produced by optical-scan voting machines—in their post-election audit procedures. Jurisdictions including the state of Maryland rely on such image audits as an alternative to inspecting the physical paper ballots. We show that image audits can be reliably defeated by an attacker who can run malicious code on the voting machines or election management system...." [https://jhalderm.com/pub/papers/unclear-evoteid19.pdf]

Please reject this cave-in to convenience and send a message that an audit requires the same high standard of proof that New Hampshire provides for recounts – nothing less. It must be hand-counted with ample public oversight.

Respectfully,

Barbara Glassman

Nashua, NH