As some congressional Republicans call on President Donald Trump to concede the 2020 election and acknowledge President-elect Joe Biden, Trump is now centering his claims that he won the election in a “landslide” on the idea of a conspiracy involving Dominion Voting Systems.
Breitbart, the One America News Network, and Trump allies like Christian radio host Eric Metaxas have also pushed claims of massive fraud at Dominion, a Canadian-based company that provides voting equipment and software to various counties in 28 states. Biden and Trump have both won states that use Dominion.
Trump has repeatedly claimed that Dominion machines switched hundreds of thousands of Trump votes to Biden and “deleted” millions of Trump votes. No evidence supports the claims. A few technical glitches in Dominion voting machines, which election officials discovered through normal canvassing in a county in Georgia and a county in Michigan, were errors that came nowhere near flipping the states from Biden to Trump.
“There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised,” said a coalition of top Department of Homeland Security (DHS) officials and election experts in a joint statement. Last week Trump fired the head of DHS’s Cybersecurity and Infrastructure Security Agency, Christopher Krebs, after Krebs insisted the election was conducted securely.
The OSET Institute, a nonprofit focused on election security, said the 2020 election was indeed secure. But the organization was more tepid in its assessment of U.S. election cybersecurity overall, comparing it to a cancer patient still sick with cancer but who has received enough treatment to be stable. OSET said although “years of work” allowed for a secure 2020 election, the United States still uses “archaic technology incapable of long-term defense for an ever-evolving threat world.”
After the disputed 2000 election, counties began moving toward digital balloting. But now the gold standard is some type of printed ballots that voters can review at the polling place and that auditors can review later. Software then scans and counts the printed ballots. Security experts like OSET have recommended that model. Congress allocated $425 million last year for states to add paper balloting and beef up cybersecurity.
States at the center of the Trump legal team’s efforts to overturn the election results, such as Michigan, Pennsylvania, Arizona, and Georgia, all switched to paper balloting as a backup system recently. More than 90 percent of localities now have paper ballots as a backup, up from 80 percent in 2016.
After 18 years of electronic-only voting, Georgia overhauled its entire voting system last year for $104 million to include paper ballots as an extra layer of security. Georgia uses Dominion machines where voters cast a ballot on a touchscreen, print the ballot to review, and then submit it to be scanned and counted. Counties in other swing states use a variety of election systems, not just Dominion.
Still, Trump’s legal team made wild and wide-ranging claims about Dominion in a Thursday press conference at Republican National Committee headquarters. Trump lawyer Sidney Powell—whom the campaign has since disavowed—claimed Dominion and Smartmatic, another election software company, were both “created in Venezuela at the direction of Hugo Chavez to make sure he never lost an election.”
Dominion has no ties to Chavez (who died in 2013), nor is it connected to the election software company Smartmatic, which is a competitor. In interviews, Trump attorney Rudy Giuliani has repeated similar claims about Dominion and Smartmatic having ties to Chavez. Powell also claimed that “the Smartmatic software is in the DNA of every vote-tabulating company’s software and systems” and that it can “run an algorithm … all over the country” to flip votes from Trump to Biden.
Smartmatic confirmed to WORLD that its software was only used in Los Angeles County, Calif., this year.
Notably, Trump and his legal team have made their claims about Dominion on Twitter and on television, but not in courts. Two legal filings mention Dominion briefly, but more as an aside than a central argument.
Mishaps in Floyd County in Georgia and Antrim County in Michigan show both the holes and the layers of security in the election system. Floyd County missed 2,600 ballots that election officials discovered in the state’s audit and recount, adding 800 votes to Trump’s margin. Trump lost Georgia by 13,000 votes. Gabriel Sterling from the Georgia Secretary of State’s office said it was human error: An election official failed to upload data from a memory card. Sterling said the county’s election director should step down.
Trump eventually won Antrim County, Mich., but results initially showed Biden winning by 3,000 votes. The county flipped to Trump after canvassers reviewed the numbers. The Michigan secretary of state’s explanation for what happened in Antrim was confusing, but Andrew Appel, a computer security expert at Princeton University, told me it boils down to the bad design of Dominion’s election management software, which he explains more fully on his blog.
“Vulnerabilities are not the same as rigged elections,” Appel wrote on his blog.
He told me several measures catch any glitches like those in Antrim County.
“Alert local elections officials can notice that something doesn’t look right and get to the bottom of it, and that’s what they did,” he said about Antrim’s results. And Michigan can always go back and check paper ballots if a county isn’t sure about a software-tabulated vote.
“Local election officials caught it. But what if they didn’t notice? You do a risk-limiting audit—this would have been caught by that,” said Appel.
In a “risk-limiting audit,” easier than a full recount, officials take a percentage of randomly sampled ballots to check by hand. The percentage is based on an algorithm, so if the outcome is close, auditors would hand count a higher percentage of ballots to check for software anomalies.
Most states require some type of audit to check machine counting against paper ballots. Georgia’s “audit” involved hand-counting all of the ballots.
“If we start sampling a small number of ballots and see that they don’t quite match up to what we expect, then we can always count more ballots,” explained Matt Bernhard, a research engineer with the nonprofit Voting Works, which has helped with the audit of Georgia’s vote.
A risk-limiting audit helps counter the possibility of software glitches or a malicious actor manipulating computer code in the vote-recording software.
Bernhard said there has never been evidence in U.S. history of a “bad guy putting software on a scanner that intentionally ignores votes for one candidate, or flips votes from one candidate to another … but it’s still a concern.”
The risk-limiting audit would catch either malicious actions like that or glitches. There’s also a “process audit,” he added, which looks at how ballots were stored and the “chain of custody,” which would catch problems like a memory card data not being uploaded in Floyd County.
Bernhard said it would be much more difficult to launch a malicious cyberattack on a national scale without anyone noticing than to take other “lower cost” ways of changing an election outcome, like spreading “misinformation.”