Election audits

src: media.npr.org

Election auditing refers to any review conducted after polls close for the purpose of determining whether the votes were counted accurately (a results audit) or whether proper procedures were followed (a process audit), or both.

Both results and process audits can be performed between elections for purposes of quality management, but if results audits are to be used to protect the official election results from undetected fraud and error, they must be completed before election results are declared final.

Recounts may be considered to be a specific type of audit, but not all audits are recounts. The Verified Voting Foundation explains the difference between audits and recounts: Post-election audits are performed to "routinely check voting system performance...not to challenge to the results, regardless of how close margins of victory appear to be", while "recounts repeat ballot counting (and are performed only) in special circumstances, such as when preliminary results show a close margin of victory. Post-election audits that detect errors can lead to a full recount." In the US, recount laws vary by state, but typically require recounting 100% of the votes, while audits may use samples. Recounts incorporate elements of both results and process audits.

Video Election audits

The need for verification of election results

In jurisdictions that tabulate election results exclusively with manual counts from paper ballots, or 'hand counts', officials rarely rely on a single person to view and count the votes. Instead, valid hand-counting methods incorporate redundancy, so that more than one person views and interprets each vote and more than one person confirms the accuracy of each tabulation. In this way, the manual count incorporates a confirmation step, and a separate audit may not be considered necessary.

However, when votes are read and tabulated electronically, confirmation of the results' accuracy must become a separate process.

Within and outside elections, use of computers for decision support comes with certain IT risks. Election-Day electronic miscounts can be caused by unintentional human error, such as incorrectly setting up the computers to read the unique ballot in each election and undetected malfunction, such as overheating or loss of calibration. Malicious intervention can be accomplished by either corrupt insiders or external hackers who accessed the software before Election Day.

Computer-related risks specific to elections include local officials' inability to draw upon the level of IT expertise available to managers of commercial decision-support computer systems and the intermittent nature of elections, which requires reliance on a large temporary workforce to manage and operate the computers.

To reduce the risk of flawed Election-Day output, election managers like other computer-dependent managers rely on testing and ongoing IT security. In the field of elections management, these measures take the form of federal certification of the electronic elections system designs; security measures in the local election officials' workplaces; and pre-election testing.

A third risk-reduction measure is performed after the computer has produced its output: Routinely checking the computers' output for accuracy, or auditing. Outside elections,auditing practices in the private sector and in other government applications are routine and well developed. In the practice of elections administration, however, the Pew Charitable Trusts stated in 2016, "Although postelection audits are recognized as a best practice to ensure that voting equipment is functioning properly, that proper procedures are being followed, and that the overall election system is reliable, the practice of auditing is still in its relative infancy. Therefore, a consensus has not arisen about what constitutes the necessary elements of an auditing program."

Routine results audits also support voter confidence by improving election officials' ability to respond effectively to allegations of fraud or error.

Maps Election audits

Audit challenges unique to election results

Confirming that votes were credited to the correct candidates' totals might seem to be a relatively uncomplicated task, but election managers face several audit challenges not present for managers of other decision-support IT applications. Primarily, ballot privacy prevents election officials from associating individual voters with individual ballots. This makes it impossible for election officials to use some standard audit practices such as those banks use to confirm that ATMs credited deposits to the correct account.

Another challenge is the need for a prompt and irrevocable decision. Election results need to be confirmed promptly, before officials are sworn into office. In many commercial uses of information technology, managers can reverse computer errors even when detected long after the event. However, once elected officials are sworn into office, they begin to make decisions such as voting on legislation or signing contracts on behalf of the government. Even if the official were to be removed because a computer error was discovered to have put that official in office, it would not be possible to reverse all the consequences of the error.

The intermittent nature of elections is another challenge. In most jurisdictions, elections take place no more than four times a year. This prevents development of a full-time, practiced workforce, for either the elections or the audits. Turning election audits over to an independent, disinterested professional accounting firm is another option not available to election officials. Because election results affect everyone, including the election officials themselves, truly disinterested auditors do not exist. Therefore, audit transparency is required to provide credibility.

src: wamu.org

Attributes of a good election results audit

No governing body or professional association has yet adopted a definitive set of best practices for election audits. However, in 2007 a group of election-integrity organizations, including the Verified Voting Foundation, Common Cause, and the Brennan Center for Justice at NYU School of Law collaborated with the American Statistical Association to produce a set of recommended best practices for post-election results audits:

• Transparency: The public must be allowed to observe, verify, and point out procedural mistakes in all phases of the audit. This requires that audit procedures and standards be adopted, in written form, and made available before the election.
• Independence: While the actual work of post-election audits may be best performed by the officials who conduct the elections, the authority and regulation of post-election audits should be independent of officials who conduct the elections.
• Paper Records: Vote-counting in the audit should be performed with hand-to-eye counts of voter-marked, voter-verified paper ballots.
• Ballot Accounting (chain of custody, or internal control): The records used in the audit must be verified to be true and complete records of the election.
• Confirmation of the correct winners: The audits must reach statistical confidence that the computer-tabulated results identified the correct winners.
• Addressing Discrepancies: When discrepancies are found, investigation is conducted to determine cause of the discrepancies.
• Comprehensive: The ballot-sample selection process includes all jurisdictions and all ballot types (e.g., absentee, mail-in and accepted provisional ballots).
• Additional Targeted Samples: The audit includes a limited non-random sample selected on the basis of factors useful for building voter confidence or improving election management, such as Election-Day problems or preliminary results that deviate significantly from historical voting patterns.
• Binding on Official Results: Post-election audits must be completed before election results are declared official and final, and must either verify or correct the outcome.

src: www.bridgemi.com

Current practices in election results auditing in the United States

Computerization of elections occurred rapidly in the United States following the presidential election of 2000, in which imprecise vote-counting practices played a controversial role, and the subsequent adoption of the Help America Vote Act (HAVA) of 2002. The rapid switch to computerized vote tabulation forced election officials to abandon many pre-automation practices that had been used to verify vote totals, such as the redundancy included in valid hand-counting procedures.

According to information compiled by Verified Voting, as of early 2018, only Arizona, Colorado, Minnesota, New Mexico, the District of Columbia, and (in legislation that will not be fully implemented until 2020) Rhode Island require local election officials to perform audits that:

1. are completed promptly, before official results can be certified;
2. expand the size of the sample whenever the audit detects discrepancies in the original sample; and
3. are binding on the official results.

If followed by local election officials, such requirements create an opportunity to detect and correct any outcome-altering miscounts (whether caused by accident or fraud) that affected the preliminary Election-Night counts.

An additional 19 states prescribe audits that check a flat percentage, typically between 1 and 3 percent, of voting machines or precincts. These audits can detect problems in the individual voting machines selected for audit, but cannot confirm the correct results except in races with very large margins between the winner and losers.

Finally, 26 states finalize official election results without verifying computer-tabulated vote totals. These states either have no audit requirements, or in four states (Florida, Vermont, Virginia, and Wisconsin) allow audits to be delayed until after winners are certified.

Other ways to group the states include that 20 states audit by means of hand counts; others use machines or a mix. Ten states audit all races on the ballot; others generally audit the top race and 1-4 others. In 14 states the audit results are used to revise official winners when there is a discrepancy. Another 10 may revise official results, depending on local judgment, and in 9 states the audit creates a report without changing official results, including large states like California, Florida and Illinois. Only two states use hand counts to audit all races, and use the results to revise winners; both are small, Alaska and West Virginia.

Election audit practices, by state

Methods used

Hand and machine counts. Most audits count by hand, but some re-use the same machines used in the election. Three states use different machines, to provide some independent check.

Sample sizes. When states audit, they usually pick a random sample of 1% to 10% of precincts to recount by hand or by machine. If a precinct has more than one machine, and they keep ballots and totals separate by machine, they can draw a sample of machines rather than precincts. These samples can identify systematic errors widely present in the election. They have only a small chance of catching a hack or bug which was limited to a few precincts, even though that could change the result in close races.

Number of races. In the random sample, most states audit only a few races, so they can only find problems in those races.

Physical security. All audits are done several days after the election, so they can be affected by break-ins, accidents, or other losses of ballots between the election and the audit. North Carolina specifies that no audit is done if ballots are missing or damaged.

Ballot scans for the public. Humboldt County, CA, Clear Ballot, and TrueBallot scan all ballots with a commercial scanner, so extensive audits can be done on the scans without damaging paper ballots, by multiple groups, independently of the election software. Clear Ballot is certified by the US Election Assistance Commission for voting, and they also have an auditing system, ClearAudit. TrueBallot does not currently serve government elections, just private groups. Both use proprietary software, so if it were hacked at the vendor or locally to create false images of the ballots or false counts, then local officials and the public could not check it.

Humboldt uses open source software, so in principle local officials and the public can check it. Humboldt also makes scans publicly available for anyone to count, with a checksum/hash value to identify true copies. The first time they did this, in 2008, they found 200 missing ballots, showing the value of complete checks. Releasing scans to the public is the only practical way to audit a large number of close races, since affected candidates can count all the races they wish on the scanned files. If scanned on election night, scans are also the only practical way to bypass problems of physical security, since scans are done and released before ballots are stored, while other methods are too slow to do election night.

The "Brakey method" is a variant of the Humboldt scans, with a public release of electronic ballot images already created by most current US election systems. Pennsylvania uses these ballot images for its audits, though it does not release them to the public for the public to audit. However these ballot images can be hacked if the election software itself is hacked, either at the vendor or elsewhere, so they do not provide an independent check.

Risk-limiting audits are required in Colorado, North Carolina, Rhode Island and Virginia. These select random representative samples big enough to be sure results are accurate, up to an acceptable level of risk, such as 9%. For each audited race, if the original computer count identified the wrong winner, there is a 9% chance in Colorado that the audit will miss it, and the wrong winner will take office. A lower risk limit would let fewer errors through, but would require larger sample sizes. Close races also require larger sample sizes. They audit only a few races; it would be impractical to audit all local races, since some are close each year and would require large samples. Colorado notes that they have to be extremely careful to keep ballots in order, or they have to number them, to be sure of comparing the hand counts with the machine records of those exact ballots. Also they have to re-tally all the machine records, independently of the election software, to be sure the machine records they audit generate all the same winners reported by the election software.

In 2010, the American Statistical Association endorsed risk-limiting audits, to verify election outcomes. With use of statistical sampling to eliminate the need to count all the ballots, this method enables efficient, valid confirmation of the outcome (the winning candidates). In 2011, the federal Election Assistance Commission initiated grants for pilot projects to test and demonstrate the method in actual elections. In 2014, the Presidential Commission on Election Administration recommended the method for use in all jurisdictions following all elections, to reduce the risk of having election outcomes determined by undetected computer error or fraud. In 2017, Colorado became the first state to implement risk-limiting audits statewide as a routine practice during the post-election process of certifying election results.

src: images.slideplayer.com

References

src: itruck.news

External links

• Election Verification Network
• Verified Voting
• Principles and Best Practices for Election Auditing

Source of article : Wikipedia