By Jennifer Cohn @jennycohn1
September 7, 2019
We can’t fix that which we don’t understand. The dark underbelly of America’s staggeringly insecure voting system is no exception. Without knowledge of the following facts, the American public is at grave risk of being scammed by pretend fixes to a system that is corrupted to the core.
The centralization of America’s election system.
Just two vendors — Election Systems & Software, LLC (ES&S) and Dominion Voting — account for eighty percent of US election equipment. Thus, corrupt insiders or foreign hackers could wreak havoc on elections throughout the United States by infiltrating either of these vendors.
ES&S, which by itself accounts for 44 percent of US election equipment, received its initial financing from the families of Nelson Bunker Hunt and Howard Ahmanson, Jr., right-wing billionaires who also contributed substantially to the Chalcedon Foundation, Christian Reconstruction’s main think tank.
Hunt and Ahmanson were also prominent early members of the Council for National Policy, a networking group for the Religious Right and billionaires whose recent members have included Kelly Anne Conway, Steve Bannon, Mike Pence, Richard DeVos, Wayne LaPierre of the NRA, Robert and Rebekka Mercer, and Bob Dallas, a convicted embezzler whose nonprofits have been closely linked to massive voter data leaks.
In 2000, ES&S’s founder, Bob Urosevich, was appointed President and Chief Operating Officer of another mega-vendor, Global Election Systems, which later changed its name to Diebold and was acquired by ES&S in 2009. Urosevich’s brother remained at ES&S the whole time as a Senior VP.
It was a Global/Diebold voting machine that “lost” 16,000 Gore votes in the 2000 presidential election in which George W. Bush was declared victorious over Al Gore by just 537 votes in Florida. The “Volusia error” was discovered only because an alert poll worker happened to notice Gore’s total dropping which should never happen — absent fraud or error. It is unknown whether other machines experienced similar issues because Bush — with an assist from future Supreme Court Justices Brett Kavanaugh and John Roberts — succeeded in stopping the recount.
As discovered by Black Box Voting author Bev Harris, Global’s largest shareholder & Senior Vice President was Jeffrey Dean, a convicted embezzler who programmed voting machines for the company. According to the Guardian, Dean programmed ⅓ of the machines in 37 states used in the 2004 presidential election.
In August 2004, the Department of Homeland Security issued a Cyber Security Bulletin regarding Diebold’s “GEMS” central tabulator, stating that “a vulnerability exists due to an undocumented backdoor account, which could [allow] a local or remote authenticated user [to] modify votes.”
The control cards that transfer the vote totals from the precincts to the central tabulators are another potential target for bad actors. From 2000 through at least 2017, ES&S got its control cards from a company called Vikant whose owner refused to tell an investigative reporter where the cards were made.
Meanwhile, as reported in Bloomberg and Salon and highlighted during a recent election-security panel by SMARTelections.us, ES&S (Diebold) voting machines in both Tennessee and Georgia seem to be “losing” large numbers of votes from predominantly black neighborhoods. It was concerned citizens, rather than election officials or campaigns, who discovered these problems by reviewing precinct totals (as shown on precinct poll tapes). The missing black votes in Georgia are now the subject of a citizen-funded lawsuit filed by the nonprofit Coalition for Good Governance. As a result of the lawsuit, the House has opened an investigation as well. Concerned citizens can donate to the litigation, which has national implications given ES&S’s national presence, via this link: https://coalitionforgoodgovernance.org/donate/
Compared to ES&S, even less is known about Dominion, which accounts for 37 percent of US election equipment. Dominion was a Canadian company that became a major player in US elections when the Department of Justice forced ES&S to sell some of Diebold’s assets because the combined ES&S/Diebold company had accounted for a whopping 70 percent of US election equipment.
It was Dominion that rose from obscurity to buy those Diebold assets in 2010. We don’t know if Dominion is related to ES&S, or if it’s a legitimate competitor because it is also owned by private equity.
What we do know is that Dominion does its programming in Serbia. And a former executive of GTech/IGT — an international gaming company and former Paul Manafort client — joined Dominion as a Senior Vice President in June 2016.
Another former executive of GTech/IGT, Donald Sweitzer, sits on the Board of the International Foundation for Electoral Systems with Ken Blackwell (infamous former Ohio Secretary of State) and Tad DeVine (Bernie Sanders’s 2016 campaign advisor).
These connections are concerning because, among other reasons, DeVine worked with Paul Manafort and Rick Gates (Manafort’s partner) as recently as 2014 to promote Vladimir Putin’s candidate and other interests in Ukraine and also advised the 2014 campaign of pro-Putin Aleksandar Vučić in Serbia.
As for Blackwell, he infamously hired Mike Connell (owner of GovTech and New Media Communications) and Jeff Averbeck (owner of Smartech and Airnet) — who were partners of Manafort’s lobbying/PR company called 3eDC — to re-route Ohio’s 2004 presidential election results through a backup server in Tennessee on election night. George W. Bush was declared the victor of that election, defying the exit polls, which Blackwell had attempted to block in Ohio.
John Kerry has since said that his own campaign suspected electronic vote tally manipulation during the 2004 election in Ohio, but decided against “dividing the country” with a court challenge.
(It was election attorney and journalist Bob Fitrakis of the Columbus Free Press in Ohio that made the connection between Connel/Averbeck and Manafort.)
In 2006, Ohio had a new Secretary of State, Jennifer Brunner (D), who attempted to clean up after Blackwell by, among other things, firing members of a county election board (after the criminal convictions of two members for rigging the 2004 Ohio recount), commissioning a study that revealed alarming ES&S vulnerabilities, and suing Diebold for damages.
But by 2012, Ohio’s Secretary of State was John Husted (R), who was caught allowing ES&S to install uncertified software patches throughout Ohio just before the election. Fitrakis, who made this alarming discovery as well, sued to compel Husted to remove the patches. Although the court dismissed the case as premature (no damages), she said that she would be “happy” to consider ordering a recount after the election. Fitrakis apparently deemed this unnecessary when Barack Obama won re-election, triggering the infamous on air melt down of political consultant Karl Rove (George W. Bush’s former senior advisor) when Ohio didn’t go as Rove had expected.
Husted, however, was undeterred in his quest to undermine the integrity of Ohio’s elections. In 2016, citizen advocates discovered that he had allowed election officials throughout Ohio to disable voting machines’ “ballot image” audit functions. Litigation again ensued, and the court again ruled in Husted’s favor. Trump proceeded to defy the exit polls and win the state in 2016.
Ohio’s current Secretary of State is Frank LaRose who chose Ken Blackwell to lead his transition team and is in the midst of purging more than 200,000 supposedly “inactive” voters from the state’s voter rolls despite numerous concerns, including the recent discovery that 1600 active voters were mistakenly included on the purge list. The vendor responsible for this “mistake”? ES&S.
The National Election Defense Coalition, Public Citizen, OSET, the NAACP, the League of Women Voters and other election-integrity groups have asked the House Administration Committee, which is chaired by Representative Zoe Lofgren, to conduct a hearing and call the vendors to provide testimony, presumably about ownership and other security concerns. But it is not at all clear that the Committee will oblige.
Even if it does subpoena the vendors, it is unclear how deep the Democratic House majority will be willing to dig. The House majority leader, Steny Hoyer (D), co-wrote the Help America Vote Act of 2002 (HAVA), which allocated billions of dollars for new voting machines without requiring a paper trail. Not only that, Hoyer joined with Mitch McConnell and Bob Ney — who later went to prison for accepting bribes from Diebold lobbyist Jack Abramoff— to defeat legislation that would have included such a requirement. Hoyer also sits on the International Foundation for Electoral Systems with Dan Sweitzer, Tad DeVine, and Ken Blackwell.
Vendor lies re: election security
Voting machine vendors have an alarming history of deception. In July 2018, cybersecurity journalist Kim Zetter reported that, despite ES&S’s prior denials, ES&S’s election-management system (EMS) computers were sold with remote access software between 2000 and 2006. ES&S won’t say where it installed the remote access software that it lied about, but claims it’s been removed. According to Zetter’s article, Diebold’s EMS computers were sold with remote access software as well, and Dominion refused to comment.
The installation of remote access software in EMS computers is a big deal because these are centralized county or state computers used to program all voting machines in the county or state. According to Zetter’s reporting, some of these computers also include the central tabulators that aggregate all precinct totals.
But the vendor lies don’t end there. On August 8, 2019, Zetter further reported that ES&S’s EMS computers also connect to the internet, something else that ES&S had said was not the case but that leading election-security experts had long suspected.
Meanwhile, ES&S installed wireless modems in ballot scanners in Florida, Wisconsin, and Illinois starting in about 2015. Although some election officials claimed that these modems do not connect to the internet, this too was a lie, as further reported by Zetter.
Vendors’ misleading new definition of “paper ballots.”
In terms of solutions, experts say that the only way to know for sure if electronic vote totals have been altered is to compare a hand tally of the paper ballots to the electronic totals.
But over the past several years vendors, have changed the meaning of “paper ballot” to include not only unhackable hand marked paper ballots, but also hackable machine-marked summary cards with barcodes from expensive new electronic ballot marking devices (BMDs). The barcode, which voters can’t read, is the only part of the printout counted as your vote.
Although the printouts also include a human readable summary, the BMDs can be hacked to change or omit the selections on the summary.
We’ve seen the problems with vote-flipping touch screen voting machines in Mississippi, Georgia, and Texas. The situation will be no better if voters notice vote flipping or deletions on the paper printouts marked by these new BMDs. As before, the concern will not be the voters who notice and correct problems, but rather those who don’t.
This is extremely problematic because any manual audit or recount based on a corrupted paper trail will produce a corrupted result. Thus, according to leading election-security experts, BMDs cannot assure the will of the voters and should be purchased only for those voters who are unable to hand mark their ballots.
The critical takeaway here is that, if election officials or lawmakers don’t mention the “hand marked” prefix, they are probably about to scam the public with machine-marked summary cards with barcodes from pricey and insecure BMDs.
The following states include one or more counties that have already chosen barcode BMDs for 2020: Ohio, Wisconsin, Pennsylvania, Texas, New York, New Jersey, Kansas, Kentucky, West Virginia, Tennessee, South Carolina, North Carolina, Georgia, Indiana, Delaware, and California. I’m told that Florida recently passed a law to enable to the use of barcode BMDs as well.
The corruption fueling the purchase of dangerous new barcode ballot marking devices (BMDs).
Despite objections from leading election-security experts and advocates, jurisdictions throughout the United States are flocking to these new barcode BMDs and purchasing them for use by all voters. It appears that corruption is enabling and fueling many of these decisions. Here are some indicators of this corruption:
- ES&S has donated $30,000 to the Republican State Leadership Committee — which houses the Republican Secretary of State’s Association — since 2013.
- Both ES&S and Dominion have made donations to Senate Majority Leader Mitch McConnell’s campaign. He, in turn, is blocking all federal election-security legislation, including the SAFE Act, which would ban barcode BMDs altogether.
- South Carolina’s top election official sat on voting machine vendor ES&S’s secret advisory board & received trips, lodging, & dining worth $20,000 from ES&S. The entire state recently signed a $51 million contract for ES&S’s ExpressVote barcode BMDs.
- New York City’s top election official also sat on ES&S’s secret gift-giving advisory board and is pushing the City to buy ES&S’s ExpressVote XL barcode hybrid BMDs for early voting.
- The Pennsylvania Auditor General reported earlier this year that election officials in at least 18 Pennsylvania counties have accepted gifts from voting machine vendors.
- ES&S used lobbyists to make donations to the two decision markers in Philadelphia who ignored leading experts and election-security advocates by choosing ES&S’s risky barcode “hybrid” BMDs, rather than hand marked paper ballots.
- Dallas County, Texas rejected unhackable hand marked paper ballots in favor of hackable machine-marked printouts with barcodes from ES&S’s ExpressVote machines after the county’s election administrator attended a lavish ES&S boondoggle in Las Vegas.
- Voting machine vendor ES&S’s agent in North Carolina, Printelect, has also sweetened the pot with donations to the governor of North Carolina and many others in the state. A few weeks ago, the North Carolina Board of Elections ignored leading experts and election-security advocates by certifying the ExpressVote barcode BMD system.
Confusion over competing election-security bills.
The only election-security bills in the Senate with any traction are the Secure Elections Act (SEA) and the SAFE Act. The SAFE Act would ban barcode BMDs, require that jurisdictions give voters the option to vote with hand marked paper ballots, and require robust manual audits. The SEA would do none of these things. It would provide a false sense of security.
But the SEA is the only bill with bipartisan support thus far. Although it failed in the senate’s last session, Republicans for the Rule of Law have been promoting it, and Senator Lankford (R) said in August that it will be re-introduced and that Mitch McConnell is open to it.
Voters should demand, at a minimum, that lawmakers amend the Secure Elections Act to ban barcode BMDs and to require that all voters have the option to use hand marked paper ballots at the polling place.
The US government’s opposition to transparency.
In 2017, a U.S. Air Force veteran and NSA contractor named Reality Winner leaked a classified report, which showed that Russia had successfully penetrated three election-service providers, one of which was VR Systems, which services eight states. The next day, the Election Assistance Commission, which is responsible for certifying voting equipment, tweeted out election-security guidance and recommendations, using the #RealityWinner hashtag. Key state election officials were unaware of Russian hacking before Reality Winner leaked the report.
The leaked report also seems to have been the catalyst for election officials in North Carolina to finally submit its VR Systems electronic poll books, which had failed spectacularly in 2016 in Durham County, to the Department of Homeland Security for forensic analysis.
But the US government opposes such transparency. It imprisoned Reality Winner for five years due to the leak and won’t disclose the names of the other two vendors that were breached by Russia. Nor will it tell the public the name of the second Florida county whose voter registration system is confirmed to have been penetrated by Russia. It is unclear whether it will tell the public the result of its forensic analysis of North Carolina’s electronic poll books.
Meanwhile, it has omitted to mention that VR Systems provides not only electronic poll books and voter-registration-system software, but also is involved with election websites and election-management systems.
Demand transparency — it may deter fraud and increase voter interest and participation.
As noted by journalist Sue Halpern in an election-security piece for the New Yorker, there is indeed a school of thought that telling the public the truth about hacking and election-system vulnerabilities will depress voter turnout. But in a Harris poll conducted in 2018, voters said they were more likely to vote due to concerns about hacking. Thus, the apparent rationale for keeping the public in the dark on these vital issues may be a fallacy.
Not only that, this lack of transparency may actually hinder meaningful change by dampening the outrage that apparently is needed to overcome the corruption plaguing the system.
Thus, in addition to demanding that election-security legislation prioritize hand marked paper ballots and robust manual audits (and ban barcode voting), voters should insist that Representative Zoe Lofgren and other members of the House subpoena the vendors to testify under oath about ownership, past security lapses, and where and when they have installed remote access software and wireless modems.