June 11, 2015
Dear Deputy Secretary Staiert:
To our knowledge, there has been no official effort on the
part of Colorado government to ensure the purity of elections that allow for
remote voting. Yet, it is our understanding that the government is responsible
for establishing laws, rules, and standards for accomplishing same. We are
deeply concerned that government has not stepped up to fulfill this most vital
role.
The watcher advisory panel has apparently accepted as a
given that signature verification is a substantially compliant fulfillment of
the requirements that every eligible elector is given the opportunity to vote,
and that only eligible electors are allowed to vote. It is apparently accepted
that watching election judges perform signature verification procedure is a
substantially compliant fulfillment of the opportunity for watchers to verify
every step in the election process. We believe that these are faulty assumptions
that must be defended.
In the interest of brevity, we will not recite the many details
supporting this assertion. But we will identify a few of the controls to remind
committee members of the requirements that are implemented for in-person
voting. The controls are designed to ensure that:
· · Electors are protected from electioneering while
voting
· Electors are protected from intimidation –private voting booth, anonymous ballot, etc.
· The identity of the person claiming to be a particular registered voter is verified before admittance to the polling location
· The eligibility of the elector to receive, mark, and cast a ballot in each of the relevant contests is verified before the ballot is placed into the ballot box.
· A rigid chain of ballot custody ensures that only the eligible elector can receive, mark, and cast their ballot, and once cast the chain continues until the ballots are archived.
· Votes are anonymous – without exception.
· The ballot box is protected from vote that were sold or traded
· Etc., etc., etc.
· Electors are protected from intimidation –private voting booth, anonymous ballot, etc.
· The identity of the person claiming to be a particular registered voter is verified before admittance to the polling location
· The eligibility of the elector to receive, mark, and cast a ballot in each of the relevant contests is verified before the ballot is placed into the ballot box.
· A rigid chain of ballot custody ensures that only the eligible elector can receive, mark, and cast their ballot, and once cast the chain continues until the ballots are archived.
· Votes are anonymous – without exception.
· The ballot box is protected from vote that were sold or traded
· Etc., etc., etc.
Watchers in a polling place are able to verify, challenge,
participate in resolution, etc. Watchers
in remote voting are generally not.
With regard to the signature process itself, it is fatally
flawed. It is not tested, it is inadequately measured, it is not transparent,
and it is inadequately watched.
An example flaw is the unfair imbalance between the
treatment of rejected and accepted signatures.
Rejected signature are subjected to an elaborate process to ensure
against false rejects. Accepted
signatures are not subjected to an equivalent process. Yet a false accept has the same negative
consequence as a false reject -- an eligible voter is disenfranchised.
We have offered suggestions for improvement (not a total
cure), but government appears to be uninterested. Several techniques should be
evaluated, and considered for adoption. All will improve, but not cure the
abilities to effectively perform watcher duties.
1.
The signature verification process must be
tested. To do so, the entire subsystem
including signature verification training, typical signature verification
judge, actual signature verification processes (including interactions with
other processes) and full transparency including operator identified time
stamped transaction logs. The test data
must be fabricated for the test, otherwise there is no practical way to know
the correct decision on each signature, and it is not likely that the
variations would include all of the know ways to produce fraudulent signatures.
2. The
signature verification process requires a means to conduct near-time in
addition to real-time watching. In
near-time watching, the logs and signatures created by the real-time process
will be available to watchers for a reasonable period of time before each
real-time-batch is released to the next process (certainly before envelopes are
opened).
3. The
signature verification process requires a rule to require that each signature processed
be verified by a second, absolutely independent election judge (or team). The go/nogo decisions of each team will be independently
compared (probably automatically by processing their logs), and any
discrepancies will reported and treated in a uniform manner. It is vital that there be no
communication between the first and second pass – this would spoil the
independent nature of the process. It is vital that the second pass be
completed before an envelope is released to be opened.
Signature verification is a totally inadequate method for
achieving the requirements of a pure election (see above). Watchers, and election judges are unable to
perform their duties when Colorado’s remote voting methods are employed. The
proposals above do not correct these problems, but do make for an improvement
to the Colorado’s existing signature verification methods.
We ask that you immediately adopt the three techniques
outlined above. Number 1 will reduce the
uncertainty surrounding the integrity of the signature verification
methods. Number 2 will expand the
ability of watchers to perform their duties.
Number 3 will increase the quality of the signature verification
process, reduce voter disenfranchisement, and increase transparency related to
signature verification, and improve watcher access and effectiveness.
We are available to discuss these recommendations.
Will you please have this distributed to committee
members? Thank you.
No comments:
Post a Comment