[conspire] Stolen election narratives, CA edition

[Rick Moen]

Quoting Josef Grosch (jgrosch at gmail.com):

> I think you hit the nail on the head, these forms of election
> rigging are dead and gone for one simple reason, numbers.

Right.  California's Sept. 14 gubernatorial recall campaign involved 
at least 10 million votes (and still counting; final tallies to be 
announced in about a month).  

Leaving aside the fact that, for example, the druggie arrested wtih 
about 300 votes had _no plausible way to use those_ (because of 
signature-checking, and also citizens having gotten replacement ballots
upon finding theirs missing from the apartment lobby's USPS mail), 
corrupting 300 ballots against over 10 million would also be pissing in
the ocean.

So, no credibly way to commit the fraud, and it would also be pointless
on account of the volume of voting.  Where there _is_ a credible way to 
abuse mis-acquired ballots, if the election seems likely to be really
close, and particularly if it's a relatively small-electorate issue,
then that's more practical.

Which brings me to North Carolina.

https://www.latimes.com/nation/la-na-nc-election-fraud-charge-20190227-story.html


   Operative in North Carolina congressional race arrested in ‘ballot
   harvesting’ case

   BY ASSOCIATED PRESS
   FEB. 27, 2019 5 PM PT

   [...]

   Leslie McCrae Dowless Jr., 63, was accused of directing workers to
   collect and mail in other people’s absentee ballots during the 2018
   Republican congressional primary and the 2016 general election. It is
   against the law in North Carolina for anyone other than the voter or a
   close relative to handle a mail-in ballot, a measure aimed at guarding
   against manipulation.

NC's 9th Congressional District covers rural Bladen County.  After the 
2016 elections, the state Board of ELections investigated shenanigans 
in several rural counties, found them to be true, and found the disputed
ballots to be decisive in the race that had (ostensibly) elected
onservative Republican and former Baptist preacher Mark Harris with a
905-vote margin -- and found them to be true.

First, the elections board noticed that the rate of absentee ballot
requests in that county (where only about 33,000 people live) were twice
the normal rate in other counties.  Second, an unusually large
proportion of requested absentee ballots -- 40% -- were never returned.
Third, candidate Harris won more than 60% of the submitted absentee
ballots in the county, even though Republicans constituted only 19% of
the voters who filed absentee ballots.  Hmm, interesting, right?

So, they did some checking, and found Dowless, a Runyonesque longtime
GOP operative, doing paid skullduggery on behalf of Harris.  He'd hired
four minions ($20 per day, minions being cheap in the NC backcountry),
and the lot of them went door-to-door requesting and collecting
citizens' absentee ballots.  Reportedly, in many cases, the ballots
hadn't yet been fully filled in, i.e., the citizens willingly gave their
ballots to Dowless and crew(!).  Ballots were kept at Dowless's home or
office for several days or longer, and operatives would fill in votes on
parts or all of some ballots to favor Republican candidates in the
election.  The crew forged witness signatures required by North Carolina
on all absentee ballots. including controlling the color of the pens
used for the witness signatures, signing a different person's name as a
witness to avoid having the same person as witness to too many ballots,
making sure to deliver no more than nine ballots in each visit to the
post office, and making sure to use post offices near where the voters
lived.

With these findings in hand, the Board of Elections declined to certify
Harris's election, and ordered a new special election for the 9th
Congressional District seat.  Harris declined to run in the new
election, and has never been charged in any crime.  He denies any
knowledge of Dowless's illegal acts, though he ackqowledges having hired 
Dowless's consulting group for, y'know, perfectly lawful things.  

Democratic Party nominee Dan McCready handily won the special election, 
and is now the seated Congressman for the 9th District.


So, as I mentioned before, 51 state (plus DC) jurisdictions have
diverse, different election laws, and some allow particular things
called "ballot harvesting" and others don't permit any such things.
Complicating discussion, _diverse_ things get referred to by that term.
Dowless's actions would be called ballot tampering in _any_
jurisdiction, plus were nothing like the lawful "ballot harvesting"
of completed ballots, sealed in their security envelopes, and bringing
them to the elections department within 3 days, that was described by
NBC ch. 7 San Diego's reporters as happening a week before Election 
Day  at (for example) San Diego megachurch Awaken Church.

I think I forgot to include the link to that story, so here it is:
https://www.nbcsandiego.com/news/investigations/what-are-the-rules-of-ballot-harvesting-and-is-a-san-diego-megachurch-doing-it-right/2711804/



Anyway, my point is, IMO it's important to be clear about what one is
referring to, in talking about whether "ballot harvesting" is good or
bad, legal or illegal.  What Dowless's gang did in rural Bladen County
is vastly different (and quite illegal) from what Awaken Church staff
were doing in San Diego.

There was one curious note at the end of NBC ch. 7 San Diego's story:
As of news deadline (Sep. 7th), NBC7 executive producer Meredith
Royster's ballot, which she'd deposited with Awaken Church staff two
days earlier on-camera, hadn't yet arrived at San Diego County's
elections dept. (as checked via ballot tracking) -- a reminder that, if
you entrust handling of your ballot to others, your trust may be well
placed, or it may not.  (Ms. Royster's ballot certainly may have arrived
just after deadline, for all we know, and there was still plenty of
time for it to be counted.)  This is why I personally always choose to
just bring my ballot directly to San Mateo County Elections Office,
anyway.  I mean, f'heaven's sake, it's just a 9km bicycle ride to the
county building in Redwood City, no trouble, and I can combine that with
other errands.


> If one is going to get wound up about rigged elections try focusing
> on the electronic voting machines. The software that run those
> machine is propriety and no one outside of those companies has ever
> seen the source code let alone had a chance to analyze it. Only the
> executive of these companies know what sort of fuckery is going on
> in the code.

Former CA Secretary of State Debra Bowen did a fantastic job cracking
down on electronic voting machines, decertifying completely a bunch of 
models that some UC Berkeley professors determined to have security
flaws and not be fully auditable and verifable.

I nonetheless don't trust electronic voting machines, full stop.  
During in-person voting (in Before Times), the precinct volunteers
got to know me as the guy who always handed back the e-voting widget and
said "paper ballot, please".

Which reminds me:  The Sept. 14 gubernatorial recall election didn't
have ballot stubs.  Every previous paper ballot I've voted, going back
to 1976, had a detachable stub with a unique ballot number on it.

Now, frankly, there's an aspect of this that has always had a
disconcerting amount of "trust me" about it:  You detach the stub and
take it home from the precinct, so that you can "verify" that your
ballot has been counted.  But what does "verify" consist of?  It meant
that I could go to the S.M.C. Elections Office Web site, enter the
ballot number, and a Web CGI would say "Yay, congratulations, your
ballot has been received and counted.  Here's your cookie."  

And why would a Web CGI ever lie, right?  The whole model's kind of
bushwah.  That is _not_ verification.  

In theory, I could (in Before Times, at least) march into Elections
Office and say I'd like to see the official record showing that this
ballot (holds up stub) has been recorded.  

Let's actually rewind time to an example scenario.  It's June 1976, 
I've just voted in my first presidential primary election (and indeed my
first election, the 26th Amendment having given me the franchise in
1972).  At my precinct, Mariner's Island #2 recreation centre, San
Mateo, I voted in the Democratic Party primary for Frank Church of Idaho.
I took home my ballot stub, and did nothing with it.

But let's say I was a skeptical young man, and wanted to make sure.  So,
I bicycle up to S.M.C. Elections Dept.'s main office in the San Mateo
highlands, hold up my ballot stub, and want to verify that my voted choices 
have been correctly recorded.  The staff humour the bookish 18-year-old,
and show me the records where my ballot number is shown as having been
counted.  Done and done -- but is _that_ verification?

If I wanted to be That Guy, I would have said to the staff, "How do I
know, from this written record, that my ballot was recorded correctly,
then?  What evidence is there that my selection of Frank Church wasn't
misrecorded by accident or malfeasance as one for George Wallace?"  And,
my present understanding is that the staff would have given me the
polite version of a "Sonny, the world is imperfect" speech,  The county
election offices have internal auditing abilities in the event of
substantive reason to check, but an _individual_ voter is left with a
certain amount of "trust me" by a system whose transparency doesn't go
down to that level of individual checking.

The latest change -- and I'm not 100% sure how new -- was State of
California outsourcing citizens' did-you-get-my-ballot inquiries to 
i3logix, Inc. d/b/a BallotTrax, operators of Web site "WheresMyBallot" 
at http://wheresmyballot.sos.ca.gov/ .  Presumably, the 58 county 
election offices (and USPS?) periodically squirt received-ballot 
information to that site's database.  A voter can query the site by
entering Firstname (no middle initial allowed!), Lastname, DOB, and Zip
Code -- and the magic CGI tells you (claimed) status.  No ballot stub
number.

Just to make sure I'm clear:  There is nothing especially wrong with any
of this.  It's just that there are design limitations in the system.

Which leads to:  Would be it be possible and feasible (including
cost-effective) to fix that?  Let's spitball this, with necessarily 
a dollop of handwavium.

I'm picturing a future ballot mechanism where the ballot has a unique
number shown and readable.  But also, my entering choices on the ballot
generates a crypto hash value derived from my choices, maybe with a
salting value added, and I'm able to read off and store that value with 
my ballot number.  Imagine this going onto into an electronic record 
signed by the election office's key, and I get a copy when I vote.  This
is thus the higher-tech version of a paper "stub", but adds in the hash
representing my voted selections.

In this scenario, the ballot numbers and accompanying salted hashes of
all received votes would be public information, available for everyone
to scrutinise.  I, as the voter, having my independently received and 
stored "stub", could verify not only that my ballot was recorded, but 
also that it was recorded _correctly_ -- that my vote for Frank Church
wasn't corrupted into one for George Wallace, so to speak.

The United States, like its UK progenitor, made a policy decision a long
time ago that ballot secrecy should be protected, to allow voters to
privately vote any way they want without backlash from anyone.  But,
please note:  Ballot secrecy is _not_ necessary in order to have a
healthy democracy.  For privacy, yes.  For democracy, no.  This policy 
imperative always makes election _security_ a bit more challenging, 
because it means a citizen's entitlement to vote, having not voted
twice, etc. must be verified _before_ counting votes, as the ballot
must get separated from all identifying information permitting anyone
to trace back a particular set of choices to a particular voter.

To date (using me as an example), there's a public record of when I
registered (May 1976, San Mateo), when I changed my registration
(first to Moraga, then San Francisco, then Concord, then San Mateo, 
then San Francisco again, then to two addresses in West Menlo Park), 
that my party preference has always been Democratic Party, and that I 
missed one election, the special election in 1978 to replace my 
congressman, Leo Ryan, murdered at Jonestown.  I was at college in 
New Jersey, and didn't find out about the election in time to request 
an absentee ballot.

But the record doesn't include _whom/what_ I voted for, over any of
those 45 years of voting -- because of our policy of ballot secrecy.
You only know I voted for Frank Church in 1976 because I chose to say so
-- and I could be lying, for all you know.  I could have gone covert
segregationist, and voted for George Wallace.  ;->

I _think_ the whiteboard-exercise ballot redesign that I just spitballed
achieves ability to trace (and verify the correct recording of) one's
full voting choices as an individual voter, and at the same time
protects voter ballot secrecy.  That is, I'm pretty sure that a
competently hashed, salted value put into the public record cannot be
reversed to determine whether I voted for Frank Church vs. George
Wallace vs. Mo Udall vs. Henry "Scoop" Jackson vs. Jerry Brown (back
when he had hair) vs. Jimmy Carter vs. Sargent Shriver vs. Birch Bayh
vs. Lloyd Bentsen.

I think.  But admittedly, this is a difficult problem, which is why it's 
only ever been spitballed and never implemented -- especially since
election bureaus are expected to be perfect and instantaneous while 
costing nothing.

Anyway, there are also other possible variations, e.g., the hash gets
stored at S.M.C. Election Office and is _non-public_, but I can 
authenticate myself and verify it against my record.  That could be an
improvement, possibly.