Skip Navigation
Analysis

A Smart and Effective Way to Safeguard Elections

Risk-limiting audits are an efficient way to protect against tampering with the vote.

  • Christopher Deluzio
July 25, 2018
Ballot box
Alexandru Nika/Shutterstock

Lest anyone have any doubt that the nation’s elec­tion infra­struc­ture is under attack, all one has to do is read Special Coun­sel Robert Mueller’s July 13 indict­ment of 12 Russian intel­li­gence officers. Among other things, the Russi­ans conspired “to hack into protec­ted computers of persons and entit­ies charged with the admin­is­tra­tion of the 2016 U.S. elec­tions in order to access those computers and steal voter data and other inform­a­tion stored on those computers.” In one uniden­ti­fied state, inform­a­tion about 500,000 voters was stolen, and county elec­tion admin­is­tra­tion websites in Geor­gia, Iowa, and Flor­ida were probed “to identify vulner­ab­il­it­ies.” 

At least accord­ing to the indict­ment, all the Russi­ans did in 2016 was penet­rate and steal. But it hardly takes a leap of imagin­a­tion to believe that some malefactor in the near future will try to alter elec­tion outcomes. 

In the wake of the Russian revel­a­tions, many are asking the quite reas­on­able ques­tion: How do we protect the integ­rity of our elec­tions? How can we be sure the right candid­ate actu­ally won?  

The good news is that there is already a simple way to confirm whether voting machines are record­ing and tally­ing votes correctly. It is known as a risk-limit­ing audit. It is one of the crit­ical meas­ures neces­sary to secure elec­tions and a key compon­ent of a broader cyber­se­cur­ity defense. In a prom­ising sign for elec­tion secur­ity, the City of Fair­fax in Virginia is going to test a risk-limit­ing audit next week — an endeavor with the poten­tial to serve as a model for the entire Common­wealth of Virginia and, hope­fully, the coun­try.

In straight­for­ward terms, a risk-limit­ing audit is an easy and effi­cient method for veri­fy­ing that vote tallies are accur­ate. By hand count­ing a stat­ist­ic­ally mean­ing­ful sample of the votes cast, the risk-limit­ing audit can determ­ine whether the original vote tally was correct. These audits can be conduc­ted publicly and can provide voters with confid­ence that a count­ing error or mali­cious attack did not change the outcome. 

Stat­ist­ical prin­ciples determ­ine the size of the sample — but, in plain terms, more ballots are coun­ted in a close race, while a race with a larger margin would require fewer ballots to be coun­ted. If test­ing of the sample is consist­ent with the original vote total, it is almost certain that the initially declared winner won the race. If, on the other hand, the sample has substan­tial discrep­an­cies with the original tally, the audit contin­ues until there is “suffi­ciently strong stat­ist­ical evid­ence that the appar­ent outcome is right, or until all the ballots have been manu­ally coun­ted.”  

To show how risk-limit­ing audits might work in the real world, two stat­ist­i­cians laid out how such a check would have worked in the 2016 pres­id­en­tial elec­tion. First, there would be an audit of the states Donald Trump won. Over­all, about 700,000 ballots would be coun­ted in the 29 states Trump carried, or about 0.5 percent of the votes cast. But the number of ballots coun­ted in each state would vary depend­ing on Trump’s margin of victory. In Missouri, where Trump won by 19 percent­age points, only ten ballots would need to be coun­ted to have high confid­ence in the results. In Texas, where Trump’s margin was nine percent­age points, about 700 ballots would need to be coun­ted.  

Import­antly, risk-limit­ing audits are an improve­ment on tradi­tional audits — used by 29 states and the District of Columbia — which require a set number (or percent­age) of ballots to be coun­ted, often irre­spect­ive of the margin of victory. Because risk-limit­ing audits take into account both the margin of victory and the total number of votes cast and use prin­ciples of stat­ist­ics, these audits can provide a high level of confid­ence in the results while gener­ally requir­ing fewer ballots to be hand coun­ted than what is already required in many states using tradi­tional audits.  

Risk-limit­ing audits are considered the “gold stand­ard” of post-elec­tion audits. Polit­ical scient­istsstat­ist­i­cians, and elec­tion-secur­ity experts have all lauded the bene­fits of post-elec­tion, risk-limit­ing audits. 

And an increas­ing number of juris­dic­tions are embra­cing them. Last year, Color­ado completed the nation’s first statewide risk-limit­ing audit. And Rhode Island recently enacted a law mandat­ing risk-limit­ing audits for all statewide primary, general, and special elec­tions. Marion County, Indi­ana, conduc­ted a test risk-limit­ing audit in May. And juris­dic­tions in Virginia (which last year enacted a law embra­cing risk-limit­ing audits), Cali­for­nia, and else­where are also plan­ning test audits this year and after the Novem­ber 2018 elec­tion.  

Brenda Cabrera, the City of Fair­fax’s General Regis­trar and Director of Elec­tions, has been a driv­ing force behind the test audit taking place in Fair­fax next week, which will bring together elec­tion secur­ity experts and elec­tion offi­cials from around the state. Cabrera is optim­istic about the trial, saying, “Our pilot should not only lay the ground­work for future risk-limit­ing audits but also serve as an example to juris­dic­tions across Virginia and the coun­try about how crucial post-elec­tion audits are to secur­ing the vote.”

Yet, as import­ant as risk-limit­ing audits are in ensur­ing the integ­rity of vote counts, they can work only if the voting method leaves a paper trail. The prerequis­ite for a risk-limit­ing audit is an indi­vidual paper ballot. Unfor­tu­nately, 13 states still use elec­tronic machines that leave no voter-veri­fi­able paper record. What no doubt seemed like a forward-think­ing voting tech­no­logy in the 20thcentury is utterly unsuited to meet the threats of the 21st. It is imper­at­ive that these elec­tronic machines are replaced by a voting method that produces a paper trail. And in states where audit­able paper trails are already avail­able, risk-limit­ing audits should be mandat­ory after every elec­tion. This effi­cient, cost-effect­ive check will give voters the confid­ence they deserve that their ballots were coun­ted prop­erly. 

(Image: Alex­an­dru Nika/Shut­ter­stock)