While many states are taking voting machine vulnerabilities more seriously, others seem to ignore cybersecurity concerns as a rift emerges among election security advocates.
After years of being neglected as an issue, election integrity is finally being covered by major media outlets and, therefore, is on the minds of voters. In light of the growing assault on voting rights and democracy ahead of this year’s election, this awareness is crucial. Yet it is equally important that election accountability watchdogs present a united front in this fight. Unfortunately, some cracks appear to be emerging over voting machine audits.
In Georgia, where cybersecurity expert Logan Lamb just made public evidence that the state’s central server had been hacked, state officials rushed through an audit of new touchscreen voting machines despite serious cybersecurity concerns. One of the experts who criticized the process is the creator of the very type of audit used to verify that the new machines are safe.
Election accountability groups play a key role in providing state officials with information needed to ensure that what voting machine vendors say about their products is true, given that vendors often overpromise security that they cannot deliver.
But now two security experts have resigned from the board of a key election integrity group. They are concerned that the organization, Verified Voting, is giving cover to election officials in Georgia and other states by signing off on the expensive and vulnerable voting machines these states are purchasing.
Providing Cover for Flawed Voting Machines
Verified Voting, a well-known election accountability group focusing on voting machines, participated in a risk-limiting audit (RLA) this past November in Georgia. Dr. Richard DeMillo, an election security expert who had been advising the organization, lives in Georgia but had not been aware that the audit was taking place — or that Verified Voting was part of it.
When he found out about Verified Voting’s involvement in the audit, DeMillo said he could no longer be a part of the organization. He resigned just days after learning, from press reports and other election integrity advocates, that the audit had happened.
“I was surprised that they were here and I didn’t know about it,” DeMillo, a distinguished professor of computing at the Georgia Institute of Technology, told WhoWhatWhy. “It’s very unusual for an organization to operate in a board member’s backyard and not let them know that they are there.”
DeMillo said that after reading comments attributed to Verified Voting’s president Marian Schneider in a press release put out by Republican Secretary of State Brad Raffensperger’s office, he was horrified — and he was not alone.
Dr. Philip Stark, a professor of statistics at the University of California at Berkeley and creator of RLAs, resigned from the board of directors in an open letter and alleged that the organization’s leadership had provided cover for state officials to use voting machines that have been proven to have numerous security flaws.
A Difference of Opinions
The initial press release by Raffensperger’s office hailing the audit as a success concerned Stark, because it is not possible for an RLA to determine whether there has been an issue with a BMD after an election — since BMDs cannot verify voter intent. So he asked Verified Voting to clarify the record. Verified Voting later issued a statement that attempted to clarify that the group continues to oppose the new voting machines, and that its review did not constitute an endorsement.
“It is still a little bit murky around the edges because of what [Verified Voting’s statement] doesn’t say, which is that if you do a risk-limiting audit of a trustworthy paper trail, that actually does confirm outcomes,” Stark told WhoWhatWhy.
Although they did not directly discuss their involvement in Georgia, Christy Setzer, the organization’s spokeswoman, told WhoWhatWhy that a serious issue like election security comes with “many passionate voices and differences of opinions.”
“We are grateful for Philip and Rich’s contributions in the election security space, and Verified Voting in particular,” Setzer said in a statement.
Election Officials Ignore Warning Signs
DeMillo raised concerns about state election boards making it up as they go. In his resignation letter, DeMillo accused Verified Voting of supporting “misleading public statements that those pilots confirm outcomes and even prove the security of new election systems.”
“I’m very concerned and disappointed … I thought [Verified Voting] was going to be informed by the science and technology,” DeMillo said. “That’s turned out not to be the case.”
After reviewing transcripts of recent election board meetings throughout the country, DeMillo sees election board members who firmly believe that it’s a matter of opinion whether or not a voting machine is vulnerable or not, and whether those machines have been subjected to the kind of review that a certification would require.
“It may be rhetoric they hear from the vendors, but for election boards — who are supposed to be the responsible policymakers and regulators for elections — to not understand the difference between an opinion and not is alarming,” DeMillo said.
Setzer told WhoWhatWhy that while the organization opposes BMDs as a one-size-fits-all for voters, “it’s simply not possible, currently, to eliminate the use of BMDs while serving all voters.”
“While we look to academics and researchers for guidance on standards, implementing those standards is a process involving incremental change,” Setzer said. “Our efforts must focus on making all voters who vote on BMDs aware of the importance of carefully and conscientiously verifying their ballots before casting them, and actively encouraging them to do so.”
An Unpredictable Gamble
The problem, Stark suggested, is messaging. Some things can be audited and others simply cannot, he said. “It’s very different to mark a paper ballot by hand and by machine,” Stark added.
“Yes, there is a paper record. But the paper record isn’t trustworthy,” Stark explained, adding that although the tabulation of that paper record can be audited, “there’s no way to audit whether the paper record shows what the voter did.”
Still, despite their resignations, DeMillo and Stark say that they will continue to advocate for improvements to US election infrastructure independently.
“It’s probably a mischaracterization to say that without an organization like Verified Voting that those of us working in technology do not have a voice — we do,” DeMillo said.
Stark also argued that calls to include voters in the verification process when casting a ballot are unnecessary, because it is not their responsibility to ensure that voting machines are safe.
“We should have trustworthiness before we try to encourage people to have trust,” Stark said, adding that election officials are “entirely gambling on the equipment functioning as intended, no bugs, no hacking, no anything else, and we’ve seen quite recently that it’s not a reasonable assumption to make.”
Related front page panorama photo credit: Adapted by WhoWhatWhy from pacastcms / YouTube.