After concerns of a 'hacked' 2016 Presidential race and an unverifiable 'loss' in Georgia that again defied pre-election polling, Dems, the media and the American people are still missing the verifiable facts...
By Ernest A. Canning on 6/26/2017, 10:08am PT  

There are several basic election integrity truths that have escaped the attention of most Americans, even as they confront the scope of alleged Russian cyber intrusions into America's disparately run, local elections systems.

[Despite repeated assurances from U.S. officials that hackers didn't go so far as to alter vote counts, Department of Homeland Security officials concede that they failed to run an audit in order to determine whether the 2016 vote count had been manipulated by anyone, be they hackers, foreign or domestic, from Russia or anywhere else, or by election insiders whose direct access could facilitate a malicious, or even accidental, manipulation of vote totals. The mainstream U.S. media has also raised concerns that the United States, under the Donald Trump administration, is not doing enough to prevent hacking or manipulation of the 2018 and 2020 elections.]

The first basic election integrity truth is that, as The BRAD BLOG reported in 2009, following a stark presentation by a U.S. intelligence officer to the nation's only federal agency devoted to overseeing the use of electronic voting and tabulation systems, all electronically stored and/or processed data --- registration records, poll books, ballot definition scripts and, most importantly, computerized vote tabulators --- are vulnerable to malicious cyber intrusions.

"I follow the vote," CIA cybersecurity expert Steven Stigall warned members of the U.S. Election Assistance Commission (EAC) in a 2009 field hearing in Florida. "And wherever the vote becomes an electron and touches a computer, that’s an opportunity for a malicious actor potentially to…make bad things happen."

The second basic truth is that election system vulnerability is not confined only to malicious hackers, who may or may not be Russian. All electronic vote tabulation systems are vulnerable to election insider manipulation.

The third is that paper registration forms, poll books and hand-marked paper ballots are not, in and of themselves, vulnerable to electronic manipulation. (Paper ballots, of course, are not entirely risk free. Even before the advent of e-voting, there had been cases of ballot box stuffing. But it was the advent of central computerized/electronic tabulation that created a vulnerability to wholesale electoral theft by a "conspiracy" as large as one person, with little possibility of detection.)

The fourth is that the only way to ensure a transparent and verifiable count, one that can be overseen and confirmed the public, is to deploy what Brad Friedman aptly describes as "Democracy's Gold Standard": hand-marked paper ballots, publicly hand-counted with the verifiable results posted at each precinct on Election Night before ballots are moved to any other location.

The fifth is that the core issue in election integrity is not whether a given result is or is not the product of election fraud. Instead, as recently observed by Austria's Supreme Court, the issue is whether election officials have complied with procedures that are designed to ensure the integrity of a transparent and verifiable result.

Unfortunately, these basic democracy-sustaining truths, which have been judicially recognized in other nations, have been largely ignored by the U.S. mainstream media, the political leadership of both major U.S. political parties, and, critically, by our courts --- a point that truly came into focus with respect to the recent U.S. House Special Election in Georgia's 6th Congressional District...

Verifiable democracy

In 2009, Germany's highest court recognized that which the U.S. mainstream media, the leadership of both U.S. political parties and the U.S. courts have, for the most part, ignored. All forms of computerized vote counting --- via the Internet, Direct Recording Electronic (DRE's, usually touch-screens), and paper ballot optical-scan tabulators --- are vulnerable to malicious hacking and/or insider manipulation.

It is possible to verify the electronic optical-scan tally by hand-counting paper ballots (presuming, of course, that the chain of custody of the ballots has been secure and the ballots themselves known to be human-verified by hand-marked selections on the paper.) DRE touch-screen systems, however, are 100% unverifiable. Even with a post-election forensic examination that includes complete access to usually trade-secret protected source codes and ballot definition programming, there is no way to know whether the electronically recorded tally from a DRE device has any relationship to what any voter actually intended when they deposited their vote into the bowels of these electronic black holes.

There's only one way to ensure a verifiable count that complies with Germany's constitutional mandate for "transparency": hand-marked paper ballots, publicly hand-counted with the observable tallies posted at each precinct on Election Night. The German court therefore banned all forms of e-vote tabulation in that nation's elections.

Skewed U.S. judicial reasoning

Unlike the German and Austrian judiciaries, our own courts have failed to grasp the necessity for transparency and public oversight of our election infrastructure.

Election integrity is a question that is best addressed before an election is underway. Otherwise, a candidate and an elector, who may have been victimized by an erroneous tally brought on by either machine error or malfeasance, can face the nearly impossible task of proving error on the part of a 100% unverifiable voting and tabulation system. (The task of post-election verification of an optical-scan computer tally can be hampered by inadequate chain-of-custody procedures and state statutes meant to prevent public post-election hand tallies of optically-scanned paper ballots. But, at least in theory, it can be done.)

Since 2002, with the exception of a relatively small number of verifiable mail-in paper ballots, citizens of Georgia have voted exclusively on 100% unverifiable Diebold touch-screen voting systems. The Georgia touch-screen system is older and less secure than the similar systems that, in 2007, were decertified by California's then Democratic Secretary of State Debra Bowen. Her decertification was based upon the documented Diebold touch-screen vulnerabilities to hacking and insider manipulation which, she found, could result in an election result being flipped in less than a minute, with little possibility of the manipulation ever being detected.

Bowen was by no means the first to discover the Diebold DRE's critical vulnerabilities. As Brad Friedman recently reported, "the vulnerabilities in GA's terrible voting and tabulation systems have been publicly known for years."

On May 25, 2017, two electors from Georgia's 6th Congressional District, along with a Colorado-based election integrity organization, the Rocky Mountain Foundation, filed a complaint along with a motion for a temporary restraining order in the Fulton County, Georgia Superior Court (Curling v. Kemp).

The Curling plaintiffs produced affidavits from multiple experts and peer-reviewed articles that documented the many critical vulnerabilities of Georgia's 100% unverifiable touch-screen voting system. Their filings also included a March 15, 2017 letter sent by 21 prominent computer scientists and e-voting experts to Georgia's Republican Secretary of State, Brian P. Kemp. That letter raised concerns about an ongoing FBI investigation into a cyberattack on the Kennesaw State University's Center for Election Systems (KSU Center) website. The KSU Center is the entity responsible for testing and programming the entirety of Georgia's electronic voting, voter registration and vote tabulation system.

As later revealed by Politico's Kim Zetter in "Will the Georgia Special Election Get Hacked?", the KSU Center itself has been found to be remarkably vulnerable to cyber intrusions.

In August of 2016, Logan Lamb, a 29-year old former cybersecurity researcher at the U.S. Oakridge National Laboratory, logged onto the KSU Center website. His concerns about cybersecurity in that instance had been triggered by an FBI report about hacker intrusions into local election databases.

Hoping to retrieve a few documents that would facilitate an understanding of the KSU Center's security procedures, "Lamb wrote an automated script to scrape the site" and left for lunch. "When he returned," Zetter reports, Lamb "discovered that the script had downloaded 15 gigabytes of data" --- a "mother lode" that included "registration records for the state's 6.7 million voters; multiple PDFs with instructions and passwords for election workers to sign in to a central server on Election Day," and access to the database of the GEMS, the computer system, which, among other tasks, is used to "tabulate votes and produce summaries of vote totals."

The State of Georgia pays $750,000 per year to the KSU Center to test and program all of its voting systems. Affidavits from the KSU Center were relied upon when attorneys representing former Secretary of State Karen Handel moved for summary judgment [PDF] in Favorito v. Handel, a case which challenged Handel's prior certification of the vulnerable and 100% unverifiable Diebold touch-screen system. Those affidavits ultimately led to the factually erroneous 2009 Georgia Supreme Court decision in which the Court ruled that the Diebold touch-screens, when "properly operated, record correctly and accurately every vote cast."

The truth is there is simply no way to verify that votes are counted, let alone counted accurately, within the bowels of these electronic black holes --- a point that appeared to have been conceded by Fulton County Superior Court Judge Kimberly Adams when, on June 9 of this year, she denied the Curling plaintiffs' motion for a temporary restraining order and dismissed their complaint in advance of the U.S. House Special Election in the 6th District (the most expensive U.S. House race in history, with some $55 million spent by both sides in hopes of securing the seat.)

"Plaintiffs' concern that the DRE voting system lacks a verification feature," Judge Adams wrote, "is legitimate." Yet, she refused to order Georgia election officials to conduct a verifiable election using hand-marked, hand-counted paper ballots for a multitude of reasons, including the Georgia Supreme Court's 2009 decision in Favorito and what she said was an "absence of evidence (e.g., voter testimony, malfunction, unexplained deviations, skewed results, historical data, national research, etc.)" that would support a judicial "conclusion that Georgia's DRE voting equipment and its related voting system are unsafe, inaccurate and impracticable."

The use of the words "voter testimony" and "malfunction" underscore the court's confusion. This was not a post-election contest in which plaintiffs might present, as sometimes occurs, testimony from voters who watched their votes being flipped on-screen. It was a case in which plaintiffs forcefully argued against "faith-based" elections in which the accuracy of an unverifiable count produced by a system that is vulnerable to hacking, insider manipulation and unknowable programming error, must blindly be accepted as true.

While there may have been other legitimate grounds for Judge Adams's refusal to grant extraordinary relief --- principally the failure of the Curling plaintiffs to seek judicial relief sooner, so that a TRO could have issued before the start of early voting --- this particular aspect of Judge Adams's decision underscores the failure of the American judiciary to understand the core principles of election integrity.

There can be little doubt that if this same issue came before either the German or Austrian courts, it would have produced the opposite result. If a purported count cannot be verified, it should not be accepted as valid or lawful.

Erroneous conclusions?

One day after the GA-06 election, The New York Times, citing the count announced by the state of Georgia, reported that the Republican former Sec. of State Handel defeated the Democrat Ossoff 51.9% to 48.1%.

While pro-Democratic Party members of the media, like MSNBC's Lawrence O'Donnell, opted for positive spin, describing the closeness of the race as an "ominous sign for the GOP," other reporters suggested that Handel's "win in Georgia...could strengthen the political will of Republicans in Congress."

Progressives, like The Nation's Robert Borsage, blamed the Ossoff "loss" on his embrace of lackluster, centrist "pabulum." Rather than draw a sharp contrast to the GOP's mean-spirited anti-egalitarian agenda, Borsage opined, Ossoff sounded "like a Republican." The well-funded, establishment-supported Democratic candidate "explicitly opposed Medicare for All and tax hikes on the rich." If Democrats are to win back the House in 2018, Borsage concluded, they must field "better candidates" who will "push to crystallize a bold agenda for change."

There was one common theme in these diverse analyses. All accepted, at face value, the official tally. All assumed that Handel did, in fact, defeat Ossoff by nearly 4%. None so much as hinted at an awareness of the "unverifiable" nature of the touch-screen "victory" or that, as Friedman reported, "according to the state's reported results...Democrat Jon Ossoff defeated Republican Karen a nearly 2 to 1 [margin] on the only verifiable ballots used in the race, the paper absentee mail-in ballots."

This discrepancy between the verifiable and unverifiable tallies suggests, but does not establish, an invalid count. But therein lies the central problem with relying upon unverifiable e-vote tabulation. The electorate can never really "know" who really won.

* * *
Ernest A. Canning is a retired attorney, author, Vietnam Veteran (4th Infantry, Central Highlands 1968) and a Senior Advisor to Veterans For Bernie. He has been a member of the California state bar since 1977. In addition to a juris doctor, he has received both undergraduate and graduate degrees in political science. Follow him on twitter: @cann4ing

Share article...