Risk-Limiting Audits: A Statistical Method to Ensure Election Quality

Electronic voting systems are subject to glitches and cyberattacks. Paper-based voting systems require an onerous hand-count to check results. Fortunately, an alternative is emerging. Risk-limiting audits use statistical methods to determine the smallest number of ballots needed to review in order to audit elections efficiently and reliably.

On February 3, the 2020 Presidential Election officially kicked off with the Iowa Caucus, which will determine how the share of Iowa’s 41 delegates will be allocated to each Democratic candidate. The first-in-the-nation voting suffered numerous riotous setbacks. The Iowa Democratic Party commissioned a rushed and under-tested app to count and report outcomes from each precinct. Results reported by the app were inconsistent with paper backups, delaying the outcome of the election. While party officials assured the nation that the delay was not due to voter hacking or intrusion, the debacle demonstrates the danger of depending on internet-connected election equipment. Many jurisdictions across the United States are planning on using this type of equipment, opening the way for cyberattacks. Paper ballots and risk-limiting audits will ensure the accuracy of our elections.

Election security regulations in America

Each year, thousands of Americans head to their local polling stations to cast ballots in local, state, or national elections with the expectation that the elections will be both free and fair. Election infrastructure – the voter databases, IT systems, voting systems, storage facilities, and polling places – must be secure to ensure confidence in the electoral process through physical and cybersecurity. Unfortunately, there are no federal requirements for election security measures, which are left to the States under the U.S. Constitution. Created by Congress in 2002, the Election Assistance Commission (EAC) helps States certify election infrastructure, test software and hardware, and provides standardized guidelines for election security. Yet these guidelines are voluntary and not followed by all states. However, election security experts are increasingly pushing for a low-tech fix to America’s high-tech voting machinery.

The vulnerability of paperless voting systems

Technical problems in voting did not start with Iowa. Various jurisdictions across the country have experienced similar problems as election managers increasingly deploy and rely on more sophisticated technology. In Georgia’s most recent state and local elections, poll workers were unable to produce voter access cards on new check-in computers, causing delays that reportedly discouraged some from voting. Similarly, security experts recently uncovered dozens of critical issues in Los Angeles County voting systems, including the access and altering of voting data. While Georgia and California now require a paper backup, experts recommend that all states adopt verifiable paper ballots for elections. And yet, several states still plan to use outdated paperless machines in the November elections, impacting millions of people. A 2019 report from the Brennan Center for Justice estimates that “as many as 12 percent of voters (approximately 16 million voters) will vote on paperless equipment in November 2020.”

These paperless systems are vulnerable to a variety of potential cyberattacks. Distributed denial of service (DDoS) attacks flood a single target, such as a voting machine, overwhelming the system and shutting down the machine. They are cheap, destructive, anonymous, and simple to organize or create. DDoS was used to attack voting systems during the 2019 elections in the United Kingdom. Another attack targeted the California Congressional race in 2018. Computerized equipment is also vulnerable to malware and software glitches. Security experts routinely suggest a cheap, reliable, hack-proof alternative: paper ballots completed by hand and scanned to count results.

Paper-based systems are more secure. They create a record that voters and auditors can review in the event of irregularities. The difficulty with paper-based systems is traditional audits require an onerous manual inspection of a fixed percentage of paper ballots.

The solution: Risk-limiting audits

However, risk-limiting audits (RLAs) present improvements to the traditional method. RLAs use statistical principles to determine the sample size of ballots: the larger the margin of victory, the smaller the sample size of ballots needed for review. After choosing the desired statistical confidence in the results (the risk limit), auditors draw and test a random sample of ballots. If results are consistent with the original vote, there is a high probability that the results are correct. If there are inconsistencies, the audit continues until there is enough statistical evidence to confirm results or until all ballots have been counted. Risk-limiting audits are an advantage because they take into account the margin of victory in an election to determine the sample needed to verify results, which is more efficient and reliable than a traditional audit of a set percentage or number of ballots. RLAs can thereby achieve a better confidence in results using fewer hand-reviewed ballots. This save states both time and money while also ensuring the results of an election.

Fortunately, risk-limiting audits are on the rise. Colorado completed the first statewide RLA in 2017, and many states, including Rhode Island, Virginia, Nevada, California, Georgia, and Washington have passed legislation to conduct RLAs. There are still significant hurdles in implementing RLAs, such as gaining public trust through piloting programs and paying for experts to train bureaucrats in statistical procedures. Still, given the potential impact that cyberattacks can have on delegitimizing elections, it is important to secure faith in the democratic process through proper auditing of elections. Risk-limiting audits offer this security through strong statistical principles and should be employed in future elections.

 

Banner image compiled from images by Joint Base Andrews and kai Stachowiak

+ posts

Nathan Smith is a MPP Candidate at the Georgetown McCourt School of Public Policy. His areas of interest are in technology policy, in particular cyber security challenges to democratic institutions. He holds a BA in International Studies from the University of Iowa.