I've been watching the Arizona vote audit with interest of late. I have *not* researched the process, on purpose, and have just been looking at the audit itself and some of the high-level news titles that say what's going on. I have some observations about security and the process in general.
I'm impressed with the process. I describe what I saw are below, but note that *everything* is recorded in a transparent way. The audit was livestreamed, so that anyone on the internet could view the process, ballots were read and verified by at least 3 human readers (under camera), the votes were photographed (both sides) and scanned, and lots of paperwork was recorded and kept.
The process gives us a scientific tool for sorting out election claims.
For example, one claim is that votes were (illegally) printed in China, shipped in, and added to the count. This is an hypothesis, it might be true and it might be false, but it's not completely crazy and we can test for it: paper from China contains bamboo, this should show up on a UV scan, and all votes were UV scanned. Done and done.
Another claim is that the tallies of the audit are not accurate due to partisan involvement. This is Russel's Teapot, and it's not even wrong: it makes no claims of *what* happened, or *where* in the process this could have happened, or *how*. It's not testable in any way. To make Russel's teapot claim, you also need to explain how the teapot got there in the first place.
We have video evidence for moving boxes of votes from secure storage, for the people reading votes, for scans of the votes read, and we have the physical votes themselves: where in this process did the adjustments happen? There is abundant traceability in the process: if you claim particular defect, you have to explain how it got through the redundancy checks, why it's not visible on the video feed, and how several people didn't notice it (but you did).
And note that if there *is* any discrepancy between vote tallies and people believe it's partisan, we still have the original votes and can turn the entire kit over to the other side and let *them* go through the physical votes looking for problems. Hopefully with the same level of transparency and recording.
It's really quite satisfying to know that there is this level of election integrity, and I hope other states use this process - or even improve on it.
There's a crisis of confidence in our elections right now, and a strongly secure and open audit will go a long way towards calming any unrest.
Notes on the actual process:
The audit focuses on Ballots, registration, and counting machines.
Machines:
Counting machines are being forensically audited, and I don't know much about this. There's been some leaks, but I can't tell if they come from official auditors or anyone else, so I'm going to wait until the results are published. Other forensic analyses (of vote counting machines) resulted in a report containing an abstract, a multi-page list of conclusions, and a many pages of "this is what we did, this is what we found". I expect something like that to come from the Audit.
If they're doing things right, they took an image of a counting machine disk and analyzed that; which means: they left the original machine unmodified, they have numerous *other* machines completely untouched, and any claims can be verified by examining an untouched machine.
Regardless of the conclusions, I'm confident the machine audit will be verifiable by skeptics from both sides.
Registration:
Registration is being checked in a computer/db kind of way, and I didn't get much info on this. Arizona claims to be going through the database looking for "obvious" problems (their word) such as 80 people registered from the same address, people registered at blank lots, voters who also have a death certificate, and so on.
Of note, there is no attempt to determine whether the mail-in ballots were signed (on the back, required by law), and there is no attempt to match the signatures with known signatures on file such as driver's license. (NB: I may have this wrong, or this could change later, or something similar.)
I like that and I think it's a good move: the purpose of the audit *isn't* to disenfranchise voters, and if people forget to sign the back of the form it's a system error and not a user error. Also, my own signature changes day-to-day, so signature matching isn't a valid check.
Ballots:
Ballots are read by a 5-person team sitting at a round table with a lazy-suzan in the middle (think Chinese restaurant table with lazy-susan). One person places a ballot on the carousel and slowly spins it to face 3 people to read and make marks on a count sheet, then the last person takes the ballot off and places it in a pile. This takes a couple of seconds per ballot, but sometimes you can see the carousel pause before a reader, she leans forward and adjusts her glasses, then nods to the dealer and the ballot proceeds (probably from verbal commands). One dealer, 3 readers, one taker.
The dealers I saw wore gloves, and I think this is a good idea. No blotches or ink-stains from dirty fingers, and if false ballots are detected we might be able to get fingerprints. The readers never touch the ballots: I saw some of the duplicate ballots slide off (longer ballots with a fold at one end) and the readers pushed back from the table and and allowed the dealer to make adjustments. (Duplicate ballots come from special votes: braille, large-text, E-mailed votes from overseas are transferred to a "duplicate ballot" for machine entry. Also, damaged ballots are sometimes duplicated.)
Ballots were read in groups (I counted 50 ballots for one run), then tallies were made, the tally sheets handed in, everything was dated and signed, and the tallies are kept in envelopes glued to the sides of the ballot boxes. If there's any question, we can match specific ballots with the individual dealers/readers and the time-stamped video stream to check what happened.
In a separate section, ballots are also photographed front-and-back, and the images are saved. Anyone could see the photographing stations and watch ballots placed and processed on the live stream.
Ballots are also scanned somehow, but I couldn't quite tell what this was from the video. I read that they are high-res scanned, and by UV looking for broken fibers from the fold and from the marks. If the marks were made by a pen-like instrument there should be broken fibers, but a photocopied mark won't have these. If there is no fold, then the mail-in ballot wasn't actually mailed.
Also, apparently the checkbox marks are checked for randomness: marks with exactly the same shape indicate a machine process.
The ballot scans will not be released except by court permission. I think this is because the mail-in ballots contain the voter information (name, address) and there were a lot of these this election. The database with the signatures obscured (or removed) would make a good database for AI research, so I hope this eventually happens.
