Contact Senators NOW about election security

A coalition of national pro-democracy groups is calling for a national day of action for election security. Wisconsin voters need to respond. On or before Tuesday, Sept. 17 contact our two senators to let them know Americans deserve secure elections! Important legislation is stalled in the US Senate, and the senators need to MOVE.

Here is Ron Johnson’s contact page. Ask him to support election security action and to pressure Mitch McConnell to allow votes on the election-security legislation passed by the House.
Here is Tammy Baldwin’s contact page. Thank her for supporting election-security legislation.

Wisconsin has paper ballots, but our election results are not secure. Our county clerks do not use those paper ballots to verify the Election-Night results before they certify the final results. Several other states don’t even have paper ballots. That threatens us all.

The risks are real. Evidence is overwhelming. In 2016, Russian operatives hacked and probed American political campaigns and voter registration systems. But Russia isn’t the only problem–maybe not even the worst. Why would it be? American elections are an attractive target for many around the world and in our own country.  Hackers in China and Iran are showing interest and have launched thousands of attacks not just in the U.S., but in 26 countries, according to Microsoft, which has been helping detect and deter attacks for democracy-supporting organizations of all stripes. 

Many in the US Congress appreciate the need for REAL election security–and NOW. The House of Representatives has passed federal legislation that would make it possible for every state to have:
1) A voter-verified paper ballot for every vote; and
2) Robust ​manual​ election​ ​audits that detect and correct any false outcomes before election results are declared final.

But the US Senate isn’t working.

The House passed $600 million (in H.R. 3351) in election security funding for states and localities to use to secure our vote. While Republicans and Democrats had different proposals, nearly every representative in both parties voted to designated hundreds of millions of dollars for election security. Now it’s time for the Senate to write and pass its funding proposal.

But Mitch McConnell said. “I’m not going to do that.” He and his obedient cronies are blocking the legislation that would allow the states to protect our federal elections in 2020.

Every single U.S. Senator must stand up for democracy now. The Senate must pass funding for election security. They must include the House bill language so that the counties that are the most vulnerable are able to get the funds they need to secure our elections for all. 

The House voted to provide the states with funding for:

  • Paper Records: Every voter can ​​mark​ ​a paper​ ​ballot​ by hand or with an assistive device and verify their vote, so that there is a paper record of every vote cast.
  • Checking the Results: Officials subject ​machine-counted​ ​results​​ to​ a robust ​manual​ ​post-election​ ​audit,​ that can detect and correct false outcomes.
  • Secure Voter Data: Voter databases should be backed up offline, monitored and secured using best practices. Poll workers should be trained to ensure that voters can cast a vote in case of a hack or error.
  • Election websites and election management systems, as well as the vendors themselves also need to be more secure and resilient in the face of possible hacking attempts and computer error. 

FAQ

Q: To what extent can Mitch McConnell hold up the funding?
McConnell can fully block the funding if he wants to. But his spokesperson recently said they have not ruled out an appropriation for election security so national election-security advovates believe there is an opening. At the end of September the government must be funded so the Senate either must pass appropriations bills or agree to a continuing resolution with the House leadership. In either case, $600 million in election security funding for states and localities can and should be included.

Q: Isn’t this a federal mandate on state elections? 
States and localities have been pleading for funding from Congress for years now, and every state wants to be able to secure its elections. The House passed a strong bill with $600 million requiring the funding be spent on the areas of greatest vulnerabilities.

Q: The states got $380 million for election security in 2018 and they haven’t spent it all. Shouldn’t we wait until should spend it before getting more money.
States and counties are spending down the funds, they expect to spend 85% of the funds by the 2020 election. But in too many places it wasn’t enough to do a lot of the serious work. We want them to proceed quickly, but carefully so they actually are able to use the funds to make our elections more secure.

Q: My election official says the voting machines are not connected to the internet, how can they be hacked?
Sadly, our local election officials cannot promise that–they simply cannot know. They don’t have control over the security of the voting-machine manufacturers, where the software is developed. Election officials have no way to know whether those companies’ computers are on or off line. And if the software has been compromised before it even reaches the local officials, it doesn’t matter whether the local clerk keeps it secure.

In addition, it’s just not true that the voting machines are never connected to the internet. Local election officials often don’t understand what the voting machines are doing when they transmit results on Election Night. Almost all of our voting machines and the county elections computers use the internet during pre-election tests and then again for election-night reporting of the results. And on top of that, national cybersecurity sleuths recently found that nine Wisconsin counties had left their county elections computers on line continuously for as much as a year!

Q: We already have paper ballots, what do we need this funding for?
Paper ballots are only decorative if no one ever uses them to verify the voting machines’ accuracy. As things now stand, after a Wisconsin voter casts his or her ballot, chances are it will never be looked at again. It will be sealed up on Election Night and will stay sealed until it is destroyed two years later. In the meantime, the voting-machine tape will be assumed to be correct.

Unless the paper ballots are used in rigorous post-election audits comparing the votes on the paper with the numbers the machine reported, we can’t know for sure if the outcome of the election was correct.

The one huge hole in Wisconsin’s election security is that our officials do not routinely audit the results. The state elections agency could use this money to fund efforts to develop practical, reliable audit practices that fit with Wisconsin’s unique election-administration practices.

About those Russians…

In the past two weeks, three reporters have asked me to comment on Russian interference in US elections. Do I believe the Russians interfered with the 2016 election? Do I think they will try in 2020? And my least favorite: Do I think Russians are the worst threat to the voting machines?

I’ll answer the ‘worst’ question first: What the hell does it matter?  All threats are threats. Will it be a boring news story if our election is stolen by a Canadian anarchist living in his grandmother’s basement, or by a random computer glitch?

I’ll tell you what the worst threat is. It’s the threat that is literally the sum total of all other threats. Wisconsin county clerks are STILL not using the only safeguard effective against every voting-machine threat including the Russians: Using our paper ballots in prompt, routine, hand-counted audits that verify the correct winners.

The simple truth should be obvious. It is ridiculous to allow any computers to make any big decision unless you have a reliable way to detect and correct serious computer errors.  

Can you think of any other government agency that relies on computers and doesn’t have some way to notice if the computer screws up a big operation? No, you cannot. There isn’t one. Only election officials trust their computers that blindly, and demand our trust, too.

When Wisconsin’s county clerks declare election results final without verifying the correct winners, they are allowing computer programmers to pick the candidates who will govern us.1 They don’t supervise these programmers. They don’t know even know who or where they are.2

As to the other questions:  I don’t know whether the Russians or anyone else tampered with the voting machines in 2016 and 2018. No one does.

We don’t know because Wisconsin election officials didn’t check. 3 How is that not scandal enough?

Wisconsin’s election officials just seal our paper ballots on Election Night and leave them sealed until it’s time to destroy them two years later. No one ever knows if the paper ballots tell a different story than the computer tapes.

And I don’t know whether Russian criminals are planning to mess with the voting machines in 2020. I know that it is wise to assume they are. Most importantly, I know it will be criminally negligent if our county clerks make no effort to detect and correct any hacks that might get by the security system.

Call your Wisconsin County Clerk today and say: “Surely you understand that you cannot guarantee the security of our voting machines. Too much is outside your control. The only thing you can secure is the election results, and you can do that only by using our paper ballots in hand-counted audits during the county canvass to make sure you certify only the correct winners. Get busy now on developing audit procedures for the 2020 elections.”

– – –

1 A few Wisconsin county officials claim they “program their own voting machines” and imply that provides security. They don’t, and it doesn’t.
The county clerks ‘program’ the machines only in the sense that you ‘program’ a new cell phone with your personal address book and settings. If any are messing with the actual tabulation software, they are breaking federal law. Truth is, these county officials rely on the voting-machine company in the same way you rely on Samsung, Apple, or Nokia.

2 Example: In 2016, election-security advocates noticed that Dominion—the nation’s second-largest voting machine company, which counts many Wisconsin votes—was recruiting programmers in Serbia. The company’s official response was: “Like many of America’s largest technology companies, which develop some of the software for their products in places like Asia, India, Ireland and the Mideast, some of our software development is undertaken outside the U.S. and Canada, specifically, in Serbia, where we have conducted operations for 10 years.”

3 In the 2016 recount, half of Wisconsin’s presidential votes were “recounted” only by running the ballots back through voting machines programmed by the same people who programmed them for Election Day. These were the ballots in the state’s largest counties (except Dane)–the counties most at risk of hacking.
In the half that was hand-recounted, the recount found that more than 1 in every 170 votes had originally been miscounted. These errors were not deliberate and affected both major-party candidates equally. As a result, they did not change the outcome and the news media didn’t report it.
But notice this: even when that many votes had been miscountedup to 30% in some individual wardscounty clerks did not notice it in their regular canvass. They detected the incorrect vote totals only when forced to check their work with a recount. Unless our county clerks adopt routine audits, the same will happen when hackers put the Election-Night results outside Wisconsin’s microscopic recount threshold (0.25%). There won’t be a recount and the hackers will have successfully pulled off their crime.

Jump on this chance to improve Wisconsin election security!

Friday, March 30, 2018 – In defense of our right to self-government, please contact the Wisconsin Elections Commission in the next few days to tell them: Include routine election auditing in Wisconsin’s application for federal election-security funding.

Chances like this don’t come along very often. Congress sits on its hands for years, ignores problems, messes around, and then–when an issue is hot–throws some money at the states and says “Spend it quick!”

When that happens, states need to be able to grab the money and spend it on something worthwhile.

That is just what has happened with election security. Voters have been warning, shouting, complaining, and worrying for years about the dangers of poorly managed election technology, and then all of a sudden Congress awoke and leapt out of bed. (Thank you, Vladimir!) Last Friday, Congress passed a federal budget bill that includes $380 million for grants to the states for improving election security.*

Just short of $7 million of that is earmarked for Wisconsin–pending the Wisconsin Elections Commission’s submission of a plan for spending it.

Thirteen states should definitely spend their money to replace unauditable voting machines–the kind that don’t use or create a paper record of each ballot. But that’s not Wisconsin’s problem. Paperless vote-counting computers have always been illegal here.

Wisconsin’s big election-security hole–where we lag most other states–is not that our elections are unauditable. Wisconsin elections are simply unaudited.

Wisconsin is in relatively good shape on most other aspects of election security. The WEC has done a good job with those systems they control, which are the voter-registration system and the ‘canvass reporting system,’ the automated system that counties use to report results they have already counted and certified. In addition to having respectable security, both these systems also have effective backup in case of manipulation or failure. With same-day registration at the polls, hackers have to ask themselves how much effort they are going to waste deleting Wisconsin voters’ registrations when we will be able immediately to vote anyway, with only about five minutes’ re-registration inconvenience. And the canvass reporting system kicks in only after our votes have already been counted in the polling places and municipal clerks’ offices. Any hacking of that would be easily detectable and reversible, even without a serious audit effort.

But Wisconsin has no more security for our voting machines than any other state that uses paper ballots, and a paper trail is merely decorative if the ballots are sealed on Election Night and never seen again.

Our elections’ biggest unprotected vulnerability is that our county boards of canvass make a habit of declaring election results final without lifting a finger to check to see whether the vote-counting computers counted our votes correctly. That practice is justifiably illegal in 25 states (26 if you count D.C.) and contrary to every national election authority’s recommendation.

The practical solution: Wisconsin law provides county election officials with paper ballots and allows them to check accuracy before they certify, but they choose not to. The problem isn’t time or money. Wisconsin’s county clerks have as much time for the canvass as their counterparts in states that do audit, and modern election-audit methods are so efficient they could almost be funded from petty cash.

So we can only guess why our county officials continue to force us to trust our franchise to unaudited computer output–something they wouldn’t tolerate for a millisecond from their banks and ATMs. My best guess is that they’ve been allowed to ignore that basic managerial responsibility for so long that they fear they will find a host of problems when they start to look. Look at the panic this county official exhibited as she refused an observer’s request for verification during the 2016 recount. That level of distress looks to me like she knew the machines’ unreliability would be revealed if she allowed verification, so she refused to hand count “even five ballots.” And she was right: the machines were, in fact, miscounting and were later decertified by the Wisconsin Elections Commission.

What voters need to do: 
Contact the WEC and tell them that you want them to include funding for routine audits during the county canvass in Wisconsin’s federal grant application. WEC staff are up to date on national election-administration trends, and I believe they understand the need for, and practicality of, routine election audits. In addition, I sense that WEC Commissioners are favorably disposed to effective election audits and will do the right thing if enough citizens express interest and support.  

You can:

  • Tweet to @WI_Elections to say that you want to see county election audits in the application for federal funding;
  • Email Chair Mark Thomsen and Administrator Meagan Wolfe at elections@wi.gov. 
  • Snail-mail them at Wisconsin Elections Commission,  P.O. Box 7984, Madison, Wisconsin 53707-7984, with copies to U.S. Election Assistance Commission, 1335 East West Highway, Suite 4300, Silver Spring, MD 20910, and to Jill Lau, Chair, Wisconsin County Clerks Association, 421 Nebraska St, Sturgeon Bay, Wisconsin  54235.

If you want to do more, you can use these web-contact forms to tell Senator BaldwinSenator Johnson, and the US Election Assistance Commission that they, too, should encourage the WEC to seek funds for election auditing in Wisconsin.

Also, please, tell other voters about this so that they, too, can weigh in for election audits. The WEC hardly ever gets any citizen input on election security issues, and they will definitely sit up and take notice if they get a lot now. So go for it!

—-

* It would be unfair to accuse every member of Congress of inaction. Wisconsin’s very own Mark Pocan introduced an excellent elections-security bill, the Secure America’s Future Elections (SAFE) Act a year ago. As other representatives wake up to the issue, it’s still collecting new co-sponsors. If you live outside Wisconsin’s Second Congressional District, contact your congressperson today and ask them to sign on. If  you live in Rep. Pocan’s district, tell him “Thank you!”