CISA rolls out post-election audit tool for 2020

The Department of Homeland Security has announced a partnership with election nonprofit VotingWorks to pilot new open-source post-election auditing software in several states ahead of the 2020 U.S. elections.

The software, Arlo, was developed by VotingWorks as a free, open-source tool to help states conduct post-election audits to verify voting results. DHS said that election officials from Pennsylvania, Michigan, Missouri, Virginia, Ohio and Georgia have already signed on to the pilot and that earlier iterations of Arlo have already been deployed by several states in off-year elections held this month.

"At a time when we know foreign actors are attempting to interfere and cast doubt on our democratic processes, it's incredibly important elections are secure, resilient, and transparent," Cybersecurity and Infrastructure Security Agency Director Christopher Krebs said in a statement. "For years, we have promoted the value of auditability in election security, it was a natural extension to support this open source auditing tool for use by election officials and vendors, alike."

DHS said that the software "supports numerous types of post-election audits across various types of voting machines, including all major vendors."

In an interview, VotingWorks founder Ben Adida said that Arlo is designed to facilitate various forms of risk-limiting audits (RLAs) on voting machines with voter-verified paper backups.

He said CISA helped fund the engineering development of Arlo to ensure it was free and open source. In addition to the software, his organization will be offering states low-cost hosting and support options as well as training on how to customize the software for their specific election process, though he said states would not have to use or purchase either.

"This is an optional service that states can choose to use or not," Adida said. "They can host it on their own, they can get somebody else to host it … it's up to them how they want to do it. We're one of the options that states can use if they want."

CISA hopes to add more states to the list of participants. Currently only Colorado conducts such RLAs statewide, while Rhode Island passed legislation mandating their use and underwent pilot testing for the practice this year. Adida said the goal was to exponentially increase the number of states conducting such audits by November 2020.

"My sense is that I think at least five or six will do full RLAs in November 2020, and I'm hopeful that if we gather the right resources and if things are able to move quickly, then we can get to maybe 10 or 12, so that's probably the range I would expect," he said.

The pilot would include audits for ballot-marking devices (BMDs), voting machines primarily designed to assist voters with disabilities but which have been criticized by some as being incompatible with true RLAs, the method widely viewed as the gold standard for verifying election results. Indeed, there is a fierce debate within the election community over the value or prudence of auditing such machines.

Academics Philip Stark, Richard DeMillo and Andrew Appel wrote in an April 2019 paper that while voters can express their intent by hand marking ballots or through computer systems like BMDs, "only the BMD is also subject to systematic error from computer hacking or bugs in the process of recording the vote on paper, after the voter has expressed it," they wrote.

"Risk-limiting audits of a trustworthy paper trail can check whether errors in tabulating the votes as recorded altered election outcomes, but there is no way to check whether errors in how BMDs record expressed votes altered election outcomes," the trio wrote. "The outcomes of elections conducted on current BMDs therefore cannot be confirmed by audits."

However, Adida and others in the election community such as Georgetown University professor Matt Blaze, take a less absolutist position on the matter. Blaze, who has himself argued that BMDs are not ideal choices for post-election audits, has argued they aren't the only or even most vulnerable part of the voting process, calling criticism that such audits aren't worthwhile "baffling and counterproductive."

"The fact that states are actively conducting trials of this essential safeguard is an unqualified positive thing," Blaze said on Twitter. "Leaning how to do RLAs properly and at scale requires exactly the kind of experience these trials provide. Don't let the perfect strangle the good here."

Note: When originally published, this article stated that Adida believes other forms of paper ballots suffer from similar weaknesses as Ballot Marking Devices in verifying voter intent. The discussion about voter intent was specific to barcodes and Adida was not stating that BMDs and handmarked paper ballots are equivalent.