Summary: Wisconsin’s election officials have been informed of adversaries’ desires to sow chaos in American elections. And they have been informed of vulnerabilities in the voting-machine system that they cannot secure. And they have been informed of modern canvass practices capable of detecting and correcting any hacked results. And yet eight months before the Presidential election, Wisconsin’s election security plan still contains no mention of, or funding for, results-securing audits. This blog post is a last-ditch effort to motivate election officials to action by making sure that, if Wisconsin wakes up on November 4 to electoral chaos and no way to fix it, our election officials cannot claim they were not warned and could not have been prepared.
In 2012, former municipal clerk Jim Mueller spoke extemporaneously to a priority-setting conference of the Wisconsin Grassroots Network. I was there, but at the time naïve about election security.
Mueller told us that, as a local election official, he was required to sign a statement after every election attesting that the results were correct. He felt panic and despair when he realized Wisconsin’s election-administration procedures gave him no way to know whether that was true.
He explained that the voting-machine companies legally prohibit independent review of the vote-counting software. He told us that although the ballots are public records and local clerks their legal custodians, state election officials aggressively discouraged clerks from hand-counting the votes before they certified results. He described the blow-back from his fellow clerks when he proposed responsible review procedures. They didn’t want him to contradict their favorite labor-saving myth: Trust in the voting machines is a Good Thing.
Mueller’s passion led to the formation of Wisconsin Election Integrity. And for eight years, we’ve been pressuring the state elections agency—first the Government Accountability Board, now the Wisconsin Elections Commission—to promote canvass procedures that verify the correct winners before officials declare results final.
None of us present at WEI’s founding were aware of a growing national movement for secure elections. At that time, however, the federal Elections Assistance Commission was already funding pilot tests of an efficient, practical method of using paper ballots to quickly verify the correct winners, known as risk-limiting audits.
In 2020, awareness of the threats is fully mainstream. We’re no longer “conspiracy theorists” for acknowledging that no one can truly secure the voting machines. Vendors have testified under oath before Congress that the machines all contain programmable components manufactured in China, and that their technicians can and have installed unauthorized remote-access software on the county computers used to program the voting machines. It is those who deny the existence of vulnerabilities who are now considered irrational, not those who point them out.
Solutions have also become mainstream (at least outside Wisconsin). Federal agencies including the Department of Homeland Security are unanimous in promoting protective election audits. Groups as esteemed as the National Academies of Sciences promote routine outcome-securing audits. The House of Representatives has passed legislation that would require them. (It’s being blocked in the Senate by Mitch McConnell.)
As a result, this November officials in all or parts of as many as 20 other states will conduct audits that verify the correct winners. It’s unlikely any will detect hacked results because the protective audits’ primary value is deterrence: Why bother to mess with a state’s voting machines if officials are going to calmly detect and correct your handiwork before they declare the results final?
But in Wisconsin, if nothing changes between now and November, election officials will once again certify only unverified ‘winners’.
Sadly, half-measures have even made Wisconsin more, not less, attractive to chaos-seeking hackers. If WEC follows the same playbook in November that they have in the past, they will order municipal clerks to audit a few hundred randomly selected voting machines. But if those audits reveal a miscount, WEC has no plans for response and recovery before the certification deadline. They’ve developed no procedures capable of verifying the true winner. They’ve never said that the results of the hand-counted paper-ballot audit should be binding on the certified results.
Audit practices like those—designed only to reveal but not to correct any hacked results—make Wisconsin catnip for adversaries who want only to disrupt. Those adversaries want their handiwork to be detected. Then they want the system to freeze up, to be unable to regain its legitimacy, and collapse in recriminations and vicious legal battles. And it will. No matter how obvious the hack, attorneys for the Election-Night ‘winner’ are not going to smile and nod if WEC decides to prescribe novel canvass procedures only after seeing the Election-Night results.
The reason for this blog post is the same reason I testified yesterday at the WEC meeting, and it’s not a pretty one. I’m publishing this so that, if things go south next November, there is public proof that the Commission was warned. Because of the Commission’s resistance to giving voters a seat at the table during its deliberations, a ham-handed warning like this is the best a voter can do to motivate improvement.
WEC’s election-security plans contain no provision for results-securing audits because those plans are formulated inside a tightly closed feedback loop between local officials and WEC staff.
But local clerks are not knowledgeable about any security measures WEC does not teach them. For example, Commissioners spent significant time at yesterday’s meeting focusing on security education for the local clerks and expressing frustration with some who have not yet embraced even basic safeguards.
Yet nearly every page of the materials staff prepared for that meeting contained reference to local clerks’ input, opinions, surveys, and preferences—and none to voters’ or experts’. In one breath, the Commission was bemoaning the local clerks’ naivete and lack of commitment. In the next, they were relying on them as their exclusive source of security guidance.
For eight years, I and other WEI participants have written letters and testified in the five-minute blurbs the Commission allows. Last year, Chair Dean Knudson did ask me for a letter about risk-limiting audits, but because public input is the thing-they-must-not-admit, I received no response or even acknowledgment that they’d received it. In fact, I cannot remember ever receiving the Commission’s response to anything but legal open-records requests.
So, it comes to this icky way to try to get WEC to exercise leadership for truly results-securing audits, after eight years of polite requests. This blog post is evidence: If Wisconsin election officials still have no orderly procedures in place to detect and correct hacked results, and we wake up on November 4th to find that Trump has carried Wisconsin on the basis of enormous support in Milwaukee County, or that Sanders carried the state thanks to Waukesha County, the Wisconsin Elections Commission cannot say they were not warned, and could not have been prepared.