2018 Government Innovation Awards
Inspiring trust in elections
The buzz around election security often focuses on front-end vulnerabilities, such as voting machines, state registration websites and online disinformation campaigns. However, one state has taken the lead on implementing a critical form of backend vote verification that can alert officials if their election has been hacked.
Colorado is the first — and so far the only — state to legislatively mandate and implement risk-limiting audits of its elections. Security experts consider such audits to be the gold standard for ensuring accurate election results. Rhode Island is poised to become the second state to adopt the approach.
Colorado relies on open-source software called ColoradoRLA that compares a random sampling of a precinct’s paper ballots with their corresponding digital votes. If it discovers enough discrepancies, the software flags the ballots for a larger manual count.
Anyone can download ColoradoRLA for free and deconstruct its code. Dwight Shellman, county support manager at the state’s Elections Division, said officials wanted to give technology-minded citizens and organizations the ability to validate the state’s results for themselves.
“The whole purpose of a risk-limiting audit is to obtain a statistical level of confidence that the outcome of an election is correct,” Shellman said. “We needed software to do it, but it’s hard to go back to the public and say, ‘Trust us. This software we developed shows that we’re correct.’ That’s just not going to sell.”
Since Colorado instituted the audits in 2017, Shellman said other states have expressed interest in the approach, and Colorado has sent representatives to speak with other election officials about implementing their own versions. The state is also working with a vendor to build and enhance the software’s reporting capabilities for future elections.
Connect with the GCN staff on Twitter @GCNtech.