North Carolina Election Integrity Team (NCEIT)
--Position Statement on Use of Election Machines & Technology—
Purpose: The purpose of this position statement is to establish the official (NCEIT) organizational position with respect to the conduct of elections using election tabulation machines, ballot marking devices (BMD), direct record electronic (DRE) equipment, and paper ballots. This position statement does not address all aspects of election technology, but will provide the organization’s published preferences and policy pursuits for the use of machines and technology at all sites in the state.
Background: The 100 counties in North Carolina presently use election machines from two state-approved vendors – ES&S and Hart Intercivic. It is state policy that all newly acquired machines should be compliant with the Election Assistance Commission’s (EAC) Voluntary Voting Systems Guidelines (VVSG) and that all machines are to be tested for logic and accuracy prior to each use in an election. All tabulation machines are required to process paper ballots as marked by the voter or as produced by a ballot marking device (BMD) or direct record electronic (DRE) machine. The machines used in each county were acquired by that county from the approved state vendor & model listing, using Help America Vote Act (HAVA) funding from the federal government and local taxpayer funds. Once acquired, the machines are managed and maintained by local election office staff under the direction and supervision of the local Boards of Elections (BOEs), consistent with policy and directives from the North Carolina State Board of Elections (NCSBE).
Discussion: (1) North Carolina statutory guidelines require the availability and use of a pre-printed paper ballot wherein the voter can visually inspect and select his or her ballot, marking each race or issue to select the voter’s preferred candidate or position. Disabled voters and military/overseas voters have the ability to use purely electronic means of selecting preferred candidates using locally available BMD or DRE equipment or a web portal as part of the voting experience. The paper ballots that are created from the voting process are scanned into approved tabulation machines for purposes of recording and tallying the election results. The paper ballots are retained after the election and are subject to a risk limiting audit, as directed by the state. Tally tapes are generated from each machine and certified by the election judges or officials present. Electronic USB drives are used to record the electronic tallies from each tabulation machine.
(2) Tabulation machines and voting devices are not allowed to be connected to any public or private network. It is unlawful in NC to connect any voting or tabulating device to the internet. However, in most counties, electronic poll books (E-Poll Books) are used for check-in purposes, and these systems are internet-enabled allowing them to access the statewide voter registration database and to preclude repetitive voting anywhere in the state by any person who presents to vote.
(3) In some counties, on-demand ballot printing is performed for efficiency purposes (particularly in larger counties where many permutations of ballots are needed to accommodate many races and jurisdictions). In those counties, ballot printers are used and they are typically network addressable from anywhere in the voting enclosure.
(4) It is therefore permissible and even necessary for voting enclosures to have internet accessibility and for some (non-voting or tabulating) devices to be connected to the network. In every instance of network configuration, the local (county) information technology office is responsible to secure the network from intrusion and manipulation. There is no one standard for intrusion detection systems (IDS) in the state, but there are a wide range of systems approved for that use. Each county prescribes the standard and acceptable devices/systems to be used in protecting elections from intrusion and manipulation. The state NCSBE also uses a protected network configuration to receive and compile county tallies daily during early voting and after poll closure on election day.
NCEIT’s Policy Preferences and Standards for Secure Use of Election Machines & Technology:
(1) All election machines to be used in conducting an election must be pre-tested for logic and accuracy under the watchful eyes of partisan observers. All test ballots, scripts, records and results must be inspectable on demand.
(2) Electronic machines are conducive to achieving speed, efficiency and accuracy, particularly when large numbers of citizens are voting at one-stop early voting sites and precincts. But they are not a guarantee of a fair election. Machines must be closely monitored and inspected periodically to ensure they are not being externally manipulated or interfered with.
(3) All election networks must be pre-tested and closely monitored during the election cycle for intrusion or manipulation. Each county must have a reporting mechanism that allows it to receive notifications from the Cybersecurity and Infrastructure Security Agency (CISE) offices of the Department of Homeland Security. Each county should instantly alert its BOE and NCSBE if any suspicious activity occurs during the election cycle.
(4) At no time during the election cycle is it permissible to connect any external device (other than the designated USB election drive for that machine) to any tabulation machine.
(5) At no time during an election cycle is it permissible for a tabulation machine, a DRE device, or a BMD to be connected to a network using any form of modem, Bluetooth, or other networking device.
(6) At all times during the election cycle all tabulation machines must be secured by numbered seal to prevent surreptitious insertion or removal of ballots. Under emergency mode, election officials may modify the tabulation machine to allow for temporary opening of the emergency ballot bin for closely monitored placement of completed ballots while the machine is not tabulating. When so used, the site Chief Judge or Administrator should log all actions, ensure continuous monitoring of the machine, and be careful to count all ballots so placed. When the machine is restored to full operating capability, the emergency ballots ought to be scanned immediately into the secured ballot bin/box.
(7) Election machine seal numbers must always be recorded for proper chain of custody. It should be recorded each time a seal is broken for operational purposes.
(8) Chain of custody must always be maintained for ballot boxes containing completed ballots. Once removed from their tabulation machines, these ballot boxes must be secured by seal and recorded. Transportation of ballot boxes must be directly to and from the voting site and designated storage location, without interruption. Transportation should always be by two or more individuals with permitted observation by partisan observers.
(9) Source Code for all tabulation machines (including both software and firmware) must always be maintained in escrow by a third party escrow agent and subject to annual inventory and inspection by the respective political party technicians.
(10) It is NCEIT’s position that all tabulation machines maintain for 22 months all cast vote records (CVRs) compiled from previous elections. Those CVRs should be de-identified as to the voter, publicly releasable on demand, and used as part of any post-election audit.
Point of Contact:
James K. Womack
President, North Carolina Election Integrity Team (NCEIT)
Tel. (919) 770-4783