This week, thousands of Georgians sat at tables in rooms large and small across the state’s 159 counties and counted nearly 5 million paper ballots by hand, in what officials called a statewide audit of the general election outcome. Though the process ended by confirming President-elect Joe Biden’s lead, certified by the state on Friday, expert observers across the nation familiar with the state and its history with election technology looked on, feeling what one described as “horrified.”
These observers included computer scientists, cybersecurity analysts, an adviser to Congress on election integrity, and the statistician who invented the method of auditing elections that Georgia Secretary of State Brad Raffensperger said the state was carrying out.
Their reactions to the noble efforts of exhausted election workers were not, they underlined, due to evidence of wrongdoing, or fraud, or challenges to the election’s legitimacy. Their concerns owed to the process being used, what state officials were calling it, and what this could mean for future attempts to build public trust in election results—including on January 5, when voters in Georgia will once again be in the national spotlight, as a special election decides the balance of power in the US Senate.
The series of events leading to the “audit” began with a flurry of attacks leveled at Raffensperger from within the GOP, launched not even a week after Election Day, urging everything from his resignation to a complete hand recount of all ballots from the November 3 election.
In a surprise move, Raffensperger announced on November 11 that he would order the count. He used what Gregory Miller, chief operating officer of OSET Institute, a nonprofit organization that researches and develops election technology, called “pretzel logic.” The state was obligated by law to perform a “risk-limiting audit”—a means of determining accuracy by counting a random sample chosen according to mathematical formulas. The technique has been tried in a small but growing number of states in recent years, and the National Academies of Sciences, Engineering, and Medicine concluded in a 2018 report that all states “should mandate risk-limiting audits.” But Raffensperger decided to forgo choosing a sample of ballots, insisting instead that counting all of the nearly 5 million ballots by hand, in less than a week, would be necessary to fulfill the obligation.
Georgia came to the idea of conducting risk-limiting audits last year, after US District Judge Amy Totenberg ordered the state to overhaul its entire election system because of outdated technology plagued by computing vulnerabilities. The state is one of only a handful that uses the same system statewide, whereas most states use a patchwork of voting methods; in addition, the voting machines then in use did not print out paper ballots.
But as state officials debated how to comply with the judge’s order, experts urged the state to abandon digital voting altogether, to adopt voting by hand-marked paper ballots, and to follow up elections with risk-limiting audits.
The latter received the imprimatur of the National Academies for a reason. For decades, many states have performed audits by hand-counting ballots in a fixed percentage of precincts. But a fixed percentage “may not provide adequate assurance with regard to the outcome of a close election,” according to the 2018 report. Risk-limiting audits, on the other hand, examine “randomly selected paper ballots until sufficient statistical assurance is obtained,” as the report’s authors wrote. The so-called risk limit refers to the largest possible chance that the audit will not correct an inaccurate result. For example, a 10 percent risk limit means an audit has a 90 percent chance of identifying the correct result of an election. The formulas underpinning the audit determine how many ballots will need to counted to reach that limit.
In the end, Georgia lawmakers decided to ignore most expert advice, and spent $107 million on a new computerized voting system, including voting machines that print out paper ballots—the object of this week’s count. They did, however, agree to carry out a version of risk-limiting audits, with the guidance of a nonprofit organization called Voting Works.
Raffensperger’s surprise announcement claimed that the race was so close that mathematical formulas suggested that up to 1.5 million ballots would need to be randomly pulled, and that counting all 5 million by hand would be easier. This appeared to satisfy GOP critics, while also complying with state law regarding risk-limiting audits. One problem: State law also doesn’t allow for changing the election outcome based on the audit results.
The secretary of state called it “an audit, recount and recanvass, all at once.” The issue, Miller noted in a widely read essay, was that each of these concepts has a different definition, and different legal and technical implications. (A recount, for example, is conducted by scanners, not by hand.)
Philip B. Stark, the University of California–Berkeley statistics professor widely recognized as the creator of risk-limiting audits, called the state’s decision a “FrankenCount” in an e-mail. “Part of me is delighted that the idea has caught on,” he added in a call. “Part of me is horrified—they’re misrepresenting what it can do.”
Stark told me that a risk-limiting audit, to be effective, must have “trustworthy ballots.” This means, among other things, that each county would have canvassed its results, and ensured that the number of ballots tallied before uploading results to the state matched the number of voters who turned up at the polls. This would have avoided the “discovery” of thousands of ballots in several counties during the hand count that had not been included in statewide results. In the current climate, this has added fuel to allegations of wrongdoing—even though it didn’t change the election’s outcome. After all was said and done, Biden was still the winner, by 12,284 votes—less than 500 votes different from the tally compiled by machine.
Stark also questioned Raffensperger’s claim regarding the necessary sample size, which Voting Works had estimated at 1.5 million. Stark said a risk-limiting audit “could have been done with 2,500 ballots, according to my methods and my calculations.”
On-the-ground observers of the count included Harri Hursti, an election cybersecurity expert who has studied elections in five countries, including the United States. “This whole thing was originally called a risk-limiting audit, then a hand recount, then an audit—I don’t know what it is; I don’t think anyone else knows,” he said.
Hursti noted that he had looked at the software being used to manage the hand count, an easy thing to do, given that Voting Works uses open-source code. He had seen more than a dozen changes to the code since the count began—a security concern, he said, since no entity had approved the original software or the changes.
Hursti also noted that staffers and volunteers in different counties—and sometimes in the same county—were following different procedures for counting the ballots. “Hand recounts only work when people are trained in and apply consistent methodologies,” said Richard DeMillo, computer science professor and interim chairman of the School of Cybersecurity and Privacy at Georgia Tech. “You could look at live feeds [of the hand count] and see that this is not the case.”
As Miller wrote in his essay, “Audits must be sufficiently well-organized and rigorous that they do not potentially risk becoming yet another ‘political football’ for partisans to argue over; the whole point of a post-election audit is to produce clear evidence that reduces uncertainty—not to give politicians a fresh set of new ‘irregularities’ to argue about.”
By Tuesday, the state appeared to have done a legal analysis of its effort; Gabriel Sterling, the state’s voting system manager, announced that the hand count would not in any way change the election’s results, for legal reasons. “What was the exercise about?” asked Marilyn Marks in response. Marks is executive director of the Coalition for Good Governance, an organization whose ongoing lawsuit against the state led to Judge Totenberg’s 2019 order. “Why take a week to do this, at a high cost and exposing so many workers to Covid?” Calls and e-mails requesting comment from the secretary of state, Sterling, and Voting Works were not returned.
On Thursday evening, with the hand count done, a federal judge denied a petition by attorney L. Lin Wood for a temporary restraining order on the state’s certifying its election results, which took place Friday. After certification, President Trump can legally ask for a recount, which again means tallying up all votes by scanner.
In the end, the path Georgia has taken is a loss for the concept of a genuine risk-limiting audit, said Miller. “This may not matter—except to those who want to preserve risk-limiting audits as an important means of trusting the vote,” he said. “On January 5, we will undoubtedly see incredibly close races—with attendant calls for recounts.… Will they apply regulations to ensure verification, accuracy and, ideally, transparent elections—or will it fuel the same sort of distractions they’re seeing now?”