Category: CT

Little comfort in ‘C’ grade for Connecticut for Integrity

Nor more comfort that the ‘C’ ranks us 3rd in the ‘Class’ of states.

New report from the Center for Public Integrity: How does your state rank for integrity? <read>
With the Connecticut details: Connecticut gets C- grade in 2015 State Integrity Investigation <read>

Let me start by applauding the Center for the report and Connecticut reporter Jennifer Frank for her contributions to the report. I will have some suggestions and criticisms of the report, yet having created a report on 169 Connecticut elections websites I know how challenging it is to set the criteria and perform uniform objective evaluations across several entities with multiple elevators.

Nor more comfort that the ‘C’ ranks us 3rd in the ‘Class’ of states.

New report from the Center for Public Integrity: How does your state rank for integrity? <read>
With the Connecticut details: Connecticut gets C- grade in 2015 State Integrity Investigation <read>

Let me start by applauding the Center for the report and Connecticut reporter Jennifer Frank for her contributions to the report. I will have some suggestions and criticisms of the report, yet having created a report on 169 Connecticut elections websites I know how challenging it is to set the criteria and perform uniform objective evaluations across several entities with multiple elevators.

It is interesting viewing the details for Connecticut, other  states, and also to see the criteria and evaluation methods. My comments:

  • No state got an A or a B.
  • I do not feel as comfortable as some might think, living in Connecticut, one of only three states getting a ‘C’.
  • Especially sad that the state with the first FOI law, once the envy of other states and countries gets an ‘F’ on FOI, worse that poor score ranks us 7th in the Nation !
  • Electoral Oversight is interesting for its criteria which has only a partial relationship with our work in Election Integrity, which I would include in a comprehensive report on State Integrity.The report section on Election Oversight is focused mainly on if the state has an independent oversight entity and how that agency functions.I appreciate our State Elections Enforcement Commission and the staff there, especially when they stick their necks out in politically challenging situations. Yet, I would quibble with some of the criteria or  the exact ratings.  As the reports states the SEEC is resource constrained – some investigations are completed quickly others have been on the books  for years with no resolution, and possibly no substantial investigation to date. (Complaints and actions short of complete investigation are apparently not open to public access)I note that for Connecticut and at least some other states, all the information was compiled by one person per state, and since it is subjective might be limited by that’s person’s understanding of the items rated and their evaluation of what they were provided.I would rather have a category like Election Integrity and a sub-category such as Evidence Based Elections including criteria such as ‘Voter Verified Paper Records/Ballots’, ‘Post-Election Audits’, ‘Recounts’, ‘Election Records Security’, ‘Public Access to Election Records’, ‘Public Observation of Elections’, and ‘Election Officials Protected from Interference’.

There is one sub-category relevant to Election Integrity included under the generally relevant category of Election Oversight: “In practice, statewide election data are accessible to the public in open data format.”  In the case of Connecticut it scores the state at 25% on the category which is poor, yet I would agree, reasonable for what Connecticut provides.  You can click categories and they list the criteria, and under the criteria you can click and get exactly what they found for the state. E.g. for election data:

EXPLANATION

Election returns and voter turnout from 2014 are available online on the website of the Secretary of the State’s (SOTS) office. The state does not release election results by precinct, but by municipality, down to each state House district. Results, which are handwritten by the town clerk, head moderator, or other voting official, include information, town by town, on results for any constitutional amendment questions, and the number of absentee ballots issued by the town clerk, the number of absentee ballots received and the number rejected. These results are available for download in pdf format only.

CRITERIA

A 100 score is earned if election returns and turnout are available online and can be easily accessed, downloaded in bulk, and in a machine readable format. The information must be broken down to the precinct level, with files that track the issuance and return of absentee ballots. A 50 score is earned if such information cannot be easily accessed and/or downloaded in bulk, but it can be downloaded in machine-readable format. A 0 score is earned if such information is not available online or it is but it cannot be downloaded.

SOURCE

Website of the Secretary of the State, (accessed June 10, 2015), LINK?a=3172&q=525432 Interview by phone and email exchange, Av Harris, communications director for the Secretary of the State’s Office, April 7, 2015. Email exchange, Tyler Kleykamp, Connecticut Chief Data Officer, Feb. 16, 2015

 

No transparent recount; No public access to ballots; No confidence

Sadly, Dorothy We are still in Kansas Kentucky. Many are concerned with the accuracy and result of the election for Governor of Kentucky, many are not.

once again — on Election Day yesterday. We see, again, the nightmare scenario I’ve warned about for so many years: a U.S. election where all of the pre-election polls suggest Candidate X is set to win, but Candidate Y ends up winning by a huge margin instead and nobody even bothers to verify that the computer tabulated results accurately reflect the intent of the voters.

That’s exactly what happened in Kentucky on Tuesday, where Democratic Attorney General Jack Conway was leading by a fair margin (about 3 to 5 points) in almost every pre-election poll in his race for Governor, but then ended up being announced as the loser to ‘Tea Party’ Republican candidate Matt Bevin by a landslide (almost 9 points) — according to the state’s 100% unverified computer tabulation systems…

What would be good for Kansas and Kentucky would be good for Connecticut.   As just one example, recall the 2010 Citizen Audit of ballots in Bridgeport.

Because the City of Bridgeport gave the CT Post access to the ballots, we were able to recount them all and assure the state that the declared Governor was actually the choice of the voters.  If Bridgeport had not agreed, we would still be wondering and questioning the legitimacy of Governor Malloy.

Unfortunately, the official Connecticut system was not able to recount those votes, and has never recognized or counted the votes of some 1,500 citizens of Bridgeport.

Sadly, Dorothy We are still in Kansas Kentucky.

Many are concerned with the accuracy and result of the election for Governor of Kentucky, many are not,  for instance from BradBlog:  Questioning the Unverified Computer Results of Kentucky’s Governor’s Race <read>

once again — on Election Day yesterday. We see, again, the nightmare scenario I’ve warned about for so many years: a U.S. election where all of the pre-election polls suggest Candidate X is set to win, but Candidate Y ends up winning by a huge margin instead and nobody even bothers to verify that the computer tabulated results accurately reflect the intent of the voters.

That’s exactly what happened in Kentucky on Tuesday, where Democratic Attorney General Jack Conway was leading by a fair margin (about 3 to 5 points) in almost every pre-election poll in his race for Governor, but then ended up being announced as the loser to ‘Tea Party’ Republican candidate Matt Bevin by a landslide (almost 9 points) — according to the state’s 100% unverified computer tabulation systems…

Bev Harris, of BlackBoxVoting.org, who I spoke with earlier today, described the higher vote totals in the down ballot races as a “significant anomaly”. She tells me that, at least until more records are requested and examined, the KY-Gov’s race “has to be looked at as a questionable outcome, particularly because of the discrepancies in the down ballot races. More votes in those races and not at the top…that just doesn’t happen.”

There are many other reasons for supporters to question the reported results in the KY-Gov’s race, as I detail during the show. Of course, the reported results could also be completely accurate. But, without public, human examination of the hand-marked paper ballots (which, thankfully, now actually exist across most of the state!) and other related records, we have yet another unverified, 100% faith-based election to leave supporters wondering if they really won or lost…

There are many other reasons for supporters to question the reported results in the KY-Gov’s race, as I detail during the show. Of course, the reported results could also be completely accurate. But, without public, human examination of the hand-marked paper ballots (which, thankfully, now actually exist across most of the state!) and other related records, we have yet another unverified, 100% faith-based election to leave supporters wondering if they really won or lost.

We’ve seen this before, of course. Too many times.

Is there a problem in Kentucky?  How will we ever know, if the public does not have access to the actual ballots or the public can observe and verify a recount or a sufficient post-election audit?  Of course, they cannot.

Without that satisfaction the results  will always be in question.  And even if the election results are completely accurate, they will always be in question.  Democracy will be viewed as lacking credibility and the elected officials will always be viewed with doubt by a significant portion of the public.

We note the subsequent developments, reminiscent of our post from way back 5 days ago, also courtesy of Brad: <read>

A KY newspaper fires their well-respected pollster rather than bothering to find out if the polls were right and the results were wrong; Another reminder of why hand-marked paper ballots like those in KY are swell, but only if you bother to actually count them; We weather a few attacks from progressives who charge us with forwarding conspiracy theories and don’t think we should bother to count ballots;

We are skeptical that the information will be made available or that a sufficient audit or recount will be performed. Yet Kentucky is not Kansas Look at this recent news from Kansas: Kansas: Statistician gets support for suit over voting machine tapes <read>

A Wichita State University statistician seeking to audit voting machine tapes after finding statistical anomalies in election counts is garnering legal and other support as she pursues her lawsuit. Beth Clarkson had been pursuing the case herself, but now a Wichita lawyer has taken up her cause. Other supporters have helped set up a nonprofit foundation and an online crowdsourcing effort. A Sedgwick County judge is expected to set a trial date and filing deadlines on Monday. Clarkson, chief statistician for the university’s National Institute for Aviation Research, filed the open records lawsuit as part of her personal quest to find the answer to an unexplained pattern that transcends elections and states. She wants the tapes so she can establish a statistical model by checking the error rate on electronic voting machines used at a Sedgwick County voting station during the November 2014 general election. But top election officials for Kansas and Sedgwick County have asked the Sedgwick County District Court to block the release of voting machine tapes.

Clarkson has analyzed election returns in Kansas and elsewhere over several elections and says her findings indicate “a statistically significant” pattern that shows the larger the precinct, the larger the percentage of Republican votes. She says the pattern could indicate election fraud.

“If she is right, it’s horrifying,” her attorney, Randy Rathbun, said Friday. “And so I visited with her and she has convinced me that she is right. So somebody needed to help her out because it kind of seemed like it was bullies pushing somebody around on a schoolyard since she was obviously out of her element in a courtroom.”

What would be good for Kansas and Kentucky would be good for Connecticut.  I have just returned from a League of Women Voters panel on Election Fraud.  The panelists, Political Scientists and Lawyers, saw no real need for FOIability of voted ballots.  As just one example, recall the 2010 Citizen Audit of ballots in Bridgeport.

Because the City of Bridgeport gave the CT Post access to the ballots, we were able to recount them all and assure the state that the declared Governor was actually the choice of the voters.  If Bridgeport had not agreed, we would still be wondering and questioning the legitimacy of Governor Malloy.

Unfortunately, the official Connecticut system was not able to recount those votes, and has never recognized or counted the votes of some 1,500 citizens of Bridgeport.

******
Update:  An earlier version confused Kentucky and Kansas.

Editorial: No Crisis in CT, unless we make one

For Connecticut this is a time for our legendary “Land of Stead Habits”. A real crisis would be a knee-jerk reaction to claims of a crisis. It would be the National reaction to 2000 and the Help America Vote Act all over again.

There will be a time to change deliberately, once better systems are available and proven.

Last month the Brennan Center released a report: America’s Voting Technology Crisis <article> <report>

Launching several articles like this one in the Washington Post:  America’s voting machines are in need of a serious upgrade  <read>

  • It is true that many states have risky DRE (touch screen) voting machines that should never have been purchased and should have been replaced long ago.  Not just because they are old and old technology, but because the were never a safe option for voting.
  • It is true that we only keep our smart phones for a couple of years, yet we keep our telephones, our routers, our printers, and fax machines for much longer.  Even our autos are highly computerized and, as flawed as they may be, we expect them to keep going for us and others for a couple of decades.
  • It is true that there are better voting  machines available today than those purchased years ago, yet many are relatively old technology. None have been federally certified for years, based on out-of-date standards.  The newly reactivated Elections Assistance Commission is working to create new standards, while restarting and improving Federal certification.
  • It is also true that LA County and Travis County, TX have significant projects aimed a creating much better, and much more economical systems.  None have been completed, independently evaluated, or available for purchase.  Here is the fine print from the Brennan article:

Currently, [LA County chief election official, Dean] Logan is working with the design consulting firm IDEO to develop the specifications for an electronic-ballot marking device and associated components of a comprehensive, modernized voting system. Next, the county will move forward with a contract to manufacture the device. On the software side, Logan envisions the system relying on open-source software, which will be maintained in-house at the registrar’s office. Fortunately, Logan’s office has a robust IT department that maintains the county’s existing vote tabulation system, and will maintain the county’s next system.

Logan believes the project has the potential to change the voting equipment marketplace for the better. “The design approach we are taking should result in lower-cost voting systems and market expansion,” he said. “I think it has the ability to move the regulatory environment and the market to a more competitive landscape that could allow jurisdictions to replace systems at a lower cost than in the past.”

Logan plans to begin implementing the system in 2017, and achieve a complete turnover of equipment by the 2020 election cycle. Elections officials across the country told us they are watching this project closely, and are excited to see what Logan and his team develop.

The bottom line is that dramatically more capable, safe, and less expensive voting systems will become available over the next five to ten years. We could waste a lot of money and opportunity by purchasing and implementing “new” systems today, unless absolutely necessary.

Connecticut has older technology optical scan voting machines.  At a huge cost we could purchase newer systems, which are incrementally improved.  Meanwhile our systems seem to be functioning pretty much as well as when they were originally deployed, in 2007.  (There is some anecdotal evidence that they may need more effective maintenance attention, yet the failure rate is low, and every polling place has a backup machine.)  As we have said many times, Connecticut has the best type of system legally available – paper ballots, scanned under observation in the polls, followed by post-election audits and recanvasses.  Even in those rare cases where a machine fails (perhaps a handful of machines in about 750 polling places in each election), voting can continue while the backup machine is fired up.

For Connecticut this is a time for our legendary “Land of Stead Habits”. A real crisis would be a knee-jerk reaction to claims of a crisis. It would be the National reaction to 2000 and the Help America Vote Act all over again – in that case Connecticut had a relatively deliberate process, that in the end made the right choice – a year earlier it would likely have resulted in DREs and years of the bad situations highlighted by Brennan.

There will be a time to change deliberately, once better systems are available and proven.

 

TSA provides “Security Theater” , not “Peace of Mind”

The Intercept covers the lack of security and abundance of BS from the TSA: TSA Doesn’t Care That Its Luggage Locks Have Been Hacked 

In a spectacular failure of a “back door” designed to give law enforcement exclusive access to private places, hackers have made the “master keys” for Transportation Security Administration-recognized luggage locks available to anyone with a 3D printer…

Now that they’ve been hacked, however, TSA says it doesn’t really care one way or another.

What reminders and lessons can we learn from this?

The Intercept covers the lack of security and abundance of BS from the TSA: TSA Doesn’t Care That Its Luggage Locks Have Been Hacked  <read>

In a spectacular failure of a “back door” designed to give law enforcement exclusive access to private places, hackers have made the “master keys” for Transportation Security Administration-recognized luggage locks available to anyone with a 3D printer…

When the locks were first introduced in 2003, TSA official Ken Lauterstein described them as part of the agency’s efforts to develop “practical solutions that contribute toward our goal of providing world-class security and world-class customer service.”

Now that they’ve been hacked, however, TSA says it doesn’t really care one way or another.

“The reported ability to create keys for TSA-approved suitcase locks from a digital image does not create a threat to aviation security,” wrote TSA spokesperson Mike England in an email to The Intercept.

“These consumer products are ‘peace of mind’ devices, not part of TSA’s aviation security regime,” England wrote.

What reminders and lessons can we learn from this?

  • Government lies and covers up.
  • “Backdoors” to security defeat security, such as backdoors to encryption.  If there were no master keys then this particular hack would not have happened.
  • Like the Snowden revelations, publishing this information informs and protects the public.  Not publishing it only serves the criminals and protects the government.
  • This is similar to the hack of Diebold/ES&S/Dominion AccuVote-OS optical scanners used in Connecticut – the keys were hacked by using a photo in the Diebold online catalog for extra keys.  Like the TSA keys, every AccuVote-OS uses the exact same key, in the possession of thousands of election officials in every election and between elections, easily duplicated.
  • Except for the master keys the TSA locks would be a bit safer than the seals used to “secure” Connecticut’s scanner and ballot cases – primarily because TSA keys are used by consumers to protect their valuables from others – ballot and scanner seals are used to protect against the very same people who apply and open the seals.

For more on the vulnerability of seals see our past coverage <here> <and here>

Cyber risks of Internet voting and electronic voting

Two articles this week on cyber risks, one refuting Colorado’s Secretary of State on online voting. Another articulating the risks of hacking electronic voting in general.

Stay tuned and stay involved!

Two articles this week on cyber risks, one refuting Colorado’s Secretary of State on online voting.  Another articulating the risks of hacking electronic voting in general.

From the Colorado Statesman: Colorado Secretary of State Wayne Williams obscured key facts in online-voting commentary  <read>

Last week’s guest commentary by Secretary of State Wayne Williams in The Colorado Statesman obscured some important facts. He was responding to criticism of his new rule establishing criteria for the casting of election ballots by email.

In it, Secretary Williams implies that the federal government expanded voting by email. He writes, “The federal government, along with the Colorado General Assembly, expanded the electronic ballot transmission for military and overseas voters.” In fact the federal government has neither endorsed nor expanded the return of marked ballots over email…

Secretary Williams claims that of the nearly 3,400 ballots sent back electronically in 2014 there was not a single report of tampering. This raises two issues: First, “no report” is meaningless when tampering of online ballots can be done undetectably. Experienced hackers can penetrate a system for a very long time without detection, as seen in recently publicized successful attacks on the FBI and Pentagon. A Colorado voter whose email ballot has been altered would never know; the elections office also will never know…Second, for years there has been no state rule to guide these vulnerable voters through this security minefield, nor to spell out the very narrow parameters required by law, needlessly putting many more than even those 3,400 votes at risk…

Given our shared concern is for ensuring the safe return of military and overseas voters’ ballots, the record of other states can be instructive. Minnesota and Wisconsin consistently lead the nation in the rate of military and overseas ballots returned, and neither permits online ballot return

Read the article for more.

From WhoWhatWhy:  Foreigners Could Hack U.S. Elections, Experts Say  <read>

What if a foreign head of state had the power to handpick our next President? It sounds like the plot of a movie, but it actually might be in the realm of possibility.

Most people take our elections for granted. The few who don’t often suspect that one party might be trying to steal votes from the other. But they don’t envision that the theft could be coming from outside US borders.

What experts are telling us, though, is that our voting machines are so insecure that all elections, whether at the national, state, or local level, are vulnerable to being attacked by hackers in other countries.

We’ll add that maybe foreigners might scare some of the complacent, yet all these attacks could be done by Americans bent by many similar motives and more.

We also add a specific added threat on our shores of insider attack – those with access the the system who can, desire, or are intimidated into changing the results.

For example, Russia may want to prevent a hawk like John McCain, who wants weapons in the Ukraine and faces a tough battle for his job next fall, from getting reelected.

Israel’s leaders believe that the Iran nuclear deal would doom their country, so if they thought they could get away with it, would they try to put in office US representatives who share that view?…

This begs the question: Given that the security at some of our most protected institutions can be breached, and given that US elections pose an enticing target for our adversaries, what would prevent a foreign agent from hacking our ballot boxes?

The answer: Not much.

Experts indicate that the election systems in place today do not provide the adequate protection that would be able to stop a foreign hacker — a hacker anywhere, in fact — from rigging our races. Even worse, these attacks could go undetected…

Since such attacks can easily go unnoticed, evidence of remote hacks is scarce. But it’s likely they’re happening more than we know, considering that unencrypted connections over the open internet aren’t too hard for a knowledgeable college student to breach…

One report [on  Internet voting], produced by computer scientists at the request of the Pentagon, examined a pilot iVoting project and concluded that an internet- and PC-based voting system presented “fundamental security problems” that couldn’t be fixed without a “radical breakthrough.”

Cyber attacks, the report concluded, “could occur on a large scale, and could be launched by anyone from a disaffected lone individual to a well-financed enemy agency outside the reach of U.S. law.”…

Despite its seemingly safe appearance, there are subtle ways the eVoting [polling place and central count voting] process could be susceptible to attack. For, in many cases, these systems actually do connect online.

John Sebes, CTO of the Open Source Elections Technology Foundation (OSET), told WhoWhatWhy that the most significant logistical issue for local officials is something called the election management system, or EMS.

As a component of the overall apparatus, the EMS is used for election data management and data entry — most likely on a PC in an elections office. Sebes said that, in theory, EMSs are never supposed to be online, but sometimes they get connected anyway. Not only do hackers then have the potential to breach election data on the PC, but malware could affect the removable media when it is taken out of the PC and inserted into the voting machines.

For now Connecticut is relatively safe from outsider attacks domestic and foreign.

  • While the Legislature voted for Internet voting, Secretary of the State Denise Merill maintained her staunch opposition, pointing out that Internet voting would violate our state constitutional requirement for a secret ballot.  Fortunately, a constitutional amendment to change that died between committee and the floor, in 2014. It should stay that way.
  • Right now we do not connect our optical scanners to external equipment. In fact, their external ports are sealed. Memory cards are never in a device connected to the outside world.  We do all our election results summary by addition and transcription from the printed scanner tapes.  However, the Secretary of the State’s Office has plans for acquiring GEMs systems for municipalities to speed the electronic calculations of results.  If, and its a big “if” right now, the GEMs systems are pristine, never were or never will be connected to the Internet, we would remain relatively safe from outsider attack.  Stay tuned and involved!

Remember that we are still at risk of insider attacks, where our only protection would be adequate ballot security, audits, and recounts.

Top Six Ways Hackers Could (have) Disrupt(ed) an Election

The election system is particularly vulnerable because it involves a combination of state, local, and federal government agencies with their own systems, software, hardware, and security protocols. Often, government departments are running old “legacy” computer systems that are extremely vulnerable to malware and hacking; and even if they have new systems, these are often put into place without a comprehensive security audit and performance review.

Who exactly is in charge of securing these overlapping networks isn’t always clear in government either.

From the Huffington Post: Top Six Ways Hackers Could Disrupt an Election <read>

Our own headline emphasizes that we have no reason to believe that these risks only apply to future elections. There is no reason to believe that some or all have not been used in past elections. From the article:

Hacking just a few electoral districts could allow an attacker to swing an election in a close race. The U.S. has had close elections multiple times in the past. In 1960, John F. Kennedy squeaked out a victory over Richard Nixon by just 0.1%. In the 2000 presidential election, the decision came down to just a few votes in Florida. In the end, the Supreme Court had to determine the winner.

The election system is particularly vulnerable because it involves a combination of state, local, and federal government agencies with their own systems, software, hardware, and security protocols. Often, government departments are running old “legacy” computer systems that are extremely vulnerable to malware and hacking; and even if they have new systems, these are often put into place without a comprehensive security audit and performance review.

Who exactly is in charge of securing these overlapping networks isn’t always clear in government either…

  • According to Verizon’s 2015 Data Breach Investigations report, the public sector has the highest rate of “crimeware” infections of any industry sector…

If foreign governments can hack into U.S. government and defense systems, why would anyone think that foreign interests couldn’t also hack into U.S. elections? It’s important that we start talking about these risks because a “hack attack” could happen sooner than we think. Fixing this won’t be easy which is why we need to start preparing/safeguarding now!

The author lists his top six risks:

  1. Hack a voting machine

  2. Shut down the voting system or election agencies

  3. Delete or change election records

  4. Hijack a candidate’s website

  5. Doxing a candidate

  6. Target campaign donors

Just this week we understand that the Connecticut voter registration system was down for a day – a day when registrars were attempting to print party voter lists on the last legal day for party caucuses.  This year the Legislature said that same system could be used for voters to register during Election Day Registration (EDR) – if we got used to relying on that system and it failed on its own or with a little help from hackers – in a large turnout election, it could result in long lines and turned away/turned off voters!  In fact, that system is used today by officials on election day for EDR and for checking voter registrations when issues arise with the lists in pollbooks.

Another potential hack not mentioned would be attacking a local elections website.  A hacker could change polling place locations, switch polling places and streets between polling places.  Or simply knock out the web, preventing voters from obtaining polling place information on election day.

Of course, all these risks also apply, even more strongly to Internet voting where there are no paper backups to survive system failures, for audits, and for recounts.

Wisconsin’s One-Up Connecticut moment?

Wisconsin Governor Scott Walker wants to replace their election watch dog agency, apparently because it investigated his campaign.

Yet Wisconsin’s Governor may not be that far ahead of Connecticut’s.  Like Wisconsin our watch dog agencies were joined and weakened several years ago by Governor Malloy to “cut costs”.  How is that going for us?  It seems that the Governor is not out to do away with them, yet there has been some questionable attacks, just as the watchdog is working on investigating the Governor’s last campaign,

Wisconsin Governor Scott Walker wants to replace their election watch dog agency, apparently because it investigated his campaign: Don’t replace Wisconsin’s elections watchdog agency <read>

On Monday, Gov. Scott Walker piled on with the other Republicans who are attacking the state Government Accountability Board, arguing that it should be replaced by something more accountable. The GAB is the nonpartisan state elections and ethics watchdog agency Republicans are mad at because it did its job and dared investigate Walker’s election campaign. What some of these Republicans really mean by “more accountable” is more subservient to their partisan interests. What these folks would love to do with this watchdog is pull all its teeth and keep it on a very short leash. The people of Wisconsin should tell their legislators that’s unacceptable, just as citizens did a couple of weeks ago when 12 GOP legislators tried to shut down public access to certain records.

To be sure, the GAB isn’t perfect, as an audit last year showed. But the answer is to fix the agency and give it the resources it needs to do its job, not shut it down and replace it with a group of partisans who would report to their masters in the Legislature, as some have suggested.

In arguing for replacement, Walker didn’t rule out the possibility that the judges now on the board would be replaced by partisan appointees in a replacement agency. “It’s appropriate to just get rid of it and replace it with something that’s ultimately accountable and fair to the people of the state of Wisconsin,” Walker said.

But Assembly Minority Leader Peter Barca (D-Kenosha) had the clearer vision on motive here: “Clearly they want to have not election watchdogs. They want to have election lap dogs,” Barca said.

Yet Wisconsin’s Governor may not be that far ahead of Connecticut’s. Like Wisconsin our watch dog agencies were joined and weakened several years ago by Governor Malloy to “cut costs”.  How is that going for us?  It seems that the Governor is not out to do away with them, yet there has been some questionable attacks, just as the watchdog is working on investigating the Governor’s last campaign, as reported last week by Jon Lender in the Hartford Courant: Official Accuses Malloy Appointee Of
‘Incompetent’ Handling Of Computer Case <read>

The executive director of the State Elections Enforcement Commission has charged an appointee of Gov. Dannel P. Malloy with incompetence, as part of a festering controversy that began with the seizure of a computer from the commission’s office in early March…

Brandi also alleged that Brown has overreached her legal authority by trying to prevent the SEEC from re-hiring a key information-technology official who left the elections agency in 2014 after working there for seven years; the ex-employee soon sought to return by applying for a vacant position of IT manager, and Brandi wants to hire him…

The SEEC is currently investigating an allegation that Malloy’s 2014 re-election benefited from illegal funding through a state Democratic Party account intend
ed for candidates for federal office.

The Democratic Party has refused to comply with an SEEC investigative subpoena seeking documents that include communications between Malloy and top campaign aides. The SEEC recently voted to have the state attorney general go to Superior Court to enforce compliance with the subpoena, but no such action has yet been filed.

 

Concerned with two partisan registrars? Be careful what you ask for.

How to manage and judge our elections without partisan bias is tough. Occasionally Secretary’s of State act in blatantly partisan ways. Cases in recent history include Catherine Harris in Florida and Ken Blackwell in Ohio.

Here in Connecticut the Secretary of the State proposed turning elections over to a single unelected official in each town, rather than the current two elected registrars of opposing parties.

Meanwhile in Kansas a bill would give the Secretary of State the power to prosecute election fraud.

How to manage and judge our elections without partisan bias is tough. Occasionally Secretary’s of State act in blatantly partisan ways. Cases in recent history include Catherine Harris in Florida and Ken Blackwell in Ohio.

Here in Connecticut the Secretary of the State proposed turning elections over to a single unelected official in each town, rather than the current two elected registrars of opposing parties. Later that bill was changed dramatically – watered down, yet still increasing the Secretary’s powers in several ways, including temporarily suspending registrars.  We are skeptical of a single unelected official in each of our 169 towns would actually be non-partisan.  We would rather see regionalization with professional administration because it would be more professional, and less likely to be partisan. We are also skeptical of a single elected official being able to suspend other elected officials.

Bi-partisan management/judgement does not always work.  It seems to work better in Connecticut towns than it does Nationally. Take the Federal Elections Commission – please! A recent article in the Hill:   Partisanship stalemates FEC, says report <read>

Meanwhile in Kansas a bill would give the Secretary of State the power to prosecute election fraud.  How one feels about that bill may depend on one’s political opinion of the sitting Secretary and one’s opinion of election fraud.  Similarly one may lean for or against the Connecticut Secretary being able to remove registrars based on the current Secretary.

We suggest caution in Connecticut and in Kansas.

The limits of Democracy w/o Information

Last week Secretary of the State, Denise Merrill, addressed the League of Women Voters of Northeastern Connecticut on a variety of topics. One of the items discussed was the lack of education in civics and its possible link to the lack of participation by younger voters. The two are certainly related, yet we also live in an age when the at least over the last two administrations, the Constitution has been ignored in the name of security – just when those voters have come of age.

Also I recently read “They Know Everything About You”, which I highly recommend. This week the author, Robert Scheer, was interviewed in a seven part series at the Real News. Part three is particularly relevant to the subject of Democracy and information available to the voters. <video>

Last week Secretary of the State, Denise Merrill, addressed the League of Women Voters of Northeastern Connecticut on a variety of topics.  One of the items discussed was the lack of education in civics and its possible link to the lack of participation by younger voters.  The two are certainly related, yet we also live in an age when the at least over the last two administrations, the Constitution has been ignored in the name of security – just when those voters have come of age.

Also I recently read “They Know Everything About You”, which I highly recommend.  This week the author, Robert Scheer, was interviewed in a seven part series at the Real News.  Part three is particularly relevant to the subject of Democracy and information available to the voters. <video>

Too Reliable Computers: A threat to life and to democracy!

Most people are aware of the risks of unreliable computers, yet tend to be oblivious to the distinct risk of too reliable computers.  If computers were as unreliable as people, we would not be at risk of excess trust and overconfidence.

One particular anecdote from lasts night’s Newshour highlights the risks of computers that are too reliable, yet not perfect.  When it comes to medicine (or robotic weapons) too reliable computers can cause harm, including death.  When it comes elections too reliable computers can kill democracy.

Most people are aware of the risks of unreliable computers, yet tend to be oblivious to the distinct risk of too reliable computers.  If computers were as unreliable as people, we would not be at risk of excess trust and overconfidence.

One particular anecdote from lasts night’s Newshour highlights the risks of computers that are too reliable, yet not perfect.  When it comes to medicine (or robotic weapons) too reliable computers can cause harm, including death.  When it comes elections too reliable computers can kill democracy.

This week the Newshour is covering Artificial Intelligence, a subject first covered in the McNeil-Lehrer Report in 1985, if I recall correctly. Last night’s segment was Why We’re Teaching Computers to Diagnose Cancer <read/video>

Here is the critical excerpt:

DR. ROBERT WACHTER: A lot of medicine kind of lives in that middle ground, where it’s really messy. And someone comes in to see me and they have a set of complaints and physical exam findings all that. And it could be — if you look it up in a computer, it could be some weird — it could be the Bubonic plague, but it probably is the flu.

HARI SREENIVASAN: Wachter is also concerned about fatal implications that can result from an over-reliance on computers. In his book, he writes about a teenage patient at his own hospital who barely survived after he was given 39 times the amount of antibiotics he should have received.

DR. ROBERT WACHTER: So, in two different cases, the computers threw up alerts on the computer screen that said, this is an overdose. But the alert for a 39-fold overdose and the alert for a 1 percent overdose looked exactly the same. And the doctors clicked out of it. The pharmacists clicked out of it. Why? Because they get thousands of alerts a day, and they have learned to just pay no attention to the alerts.

Where the people are relegated to being monitors of a computer system that’s right most of the time, the problem is, periodically, the computer system will be wrong. And the question is, are the people still engaged or are they now asleep at the switch because the computers are so good?

There are several related problems all contributing to increase the risk of too reliable computers:

  • High Reliability: Most of the time the computers are more accurate than people, especially when the people are unsure of the diagnosis or remedy.
  • Irrational Trust: The people are told and correctly believe the machine is more reliable than they are, especially when they are unsure or outside their expertise. Its likely our nature instilled by evolution to trust what has proven accurate.  Its only irrational when the trust exceeds the risk.  People are good at estimating accuracy, but not so good at intuiting the risks of lower probability events. We have biases for irrational fear and irrational trust, both can be costly, yet in different ways.
  • Mesmerization: We get jaded or used to things going a particular way and miss the details that may indicate something is different. Here it is medical staff used to seeing irrelevant or low level warnings, missing the implications of a similar significant risk.  Airline pilots, railroad engineers, drivers, doctors, and dentists among many others are subject to Mesmerization.

Another similar situation is too great a trust in vehicle electronics.  Either a manufacturer relying on electronics to always apply the break or accelerator correctly when the pedal is pushed, or people trusting that car computers always work as designed and tested, with no danger of being hacked.

How does this apply by analogy to elections and too reliable voting machines?

It seems that almost everyone trusts electronic voting machines.  We are used, for the most part, to computers working when they seem to work.  When we use a spreadsheet we tend to assume it is working properly.  Yet, beyond the chance of error in the spreadsheet software, we tend to trust the formulas put into spreadsheets by people.  Even though we are flawed individuals,we tend to forget that equally flawed individuals (even ourselves) may have made a simple error in creating formulas e.g. adding up only some of the numbers, double counting others, or made a “small, harmless” change after testing the spreadsheet.

Election officials tend to have trust in voting machines. They are told that all types of voting machines or online voting machines are created by very smart people and include certification and “military grade” security.  Yet, we are given no effective proof of those claims and typical officials are not able to judge such proofs. Officials see reports of tests and post-election audits that claim the machines are flawless, increasing their trust in the machines.  Typically if they count ballots by hand and they do not match the machine counts, they count again and usually the machine was accurate.

On the other hand, those that are familiar with election equipment, computers and computer science know:

  • No computer or software can ever be proven error free. In fact, most, even modestly complex, software is very likely to have multiple undetected bugs.
  • It has not happened often, but computers and computer systems have counted incorrectly. Including in CA, FL, N.J., D.C., and in Connecticut.
  • Without paper ballots and effective post-election audits there is no reason to trust that machines count accurately, or to know how often they do not.
  • Machines are programmed for each election and voting district, so errors can be introduced into the system at any time.
  • Beyond errors, insiders have multiple means of changing election results.  Often a single individual insider can change results alone or with the help or by the intimidation of outsiders.
  • A voting machine can be entirely accurate, yet its results or the total result can be changed independently of the voting machine.  Unless the results are audited end-to-end or in each step of the process, the result cannot be legitimately trusted.

What about Connecticut?

  • We have post-election audits, but they are not conducted in a manner that gives justified confidence.  Errors in machine results have been detected, yet most differences between machine results and manual audits have been accepted as a human counting error without investigation.  This makes common sense since usually when results are checked the human was wrong the first time – common sense that is at least as risky and unjustified as the unjustified trust in medical artificial intelligence directives in the Newshour story above.
  • Connecticut is considering legislating Machine Audits, based on procedures to be approved by the Secretary of the State.  Common sense supports a method demonstrated by UConn and the Secretary of the State’s office and touted in a paper presented at a conference – unjustified common sense.  There is no scientific justification for that method demonstrated, and worse, every reason to believe that it would be subject to unjustified official trust in computers and mesmirization.  Professor Alex Shvartsman of UConn has agreed that the procedures is insufficient to provide public verification.

Fortunately, there is a very effective solution available.  We have proposed a sound method of Machine Assisted Audits based on proven scientific methods.  Using Machine Assisted Audits in an effective manner could result in more accurate, trusted audits at less cost and stress to local election officials. If machine audits become law, we will work to insist on effective transparent and publicly verifiable procedures are employed. (Still, we would much prefer a law that mandated sufficient requirements now, that could not be weakened by a future Secretary of the State) <read more in our comments on the bill before the Connecticut General Assembly>