Elections 411
Public Tests, Audits, Recounts
Ballot Machines
Overview: In addition to the established and secure paper trail that is part of the election process in Minnesota, there are also safeguards on the ballot tabulation machines. These safeguards include the design and approval of the machines, testing of election equipment before they are used, and standards for conduct of elections. The Office of the Minnesota Secretary of State (OSS) uses the Statewide Voter Registration System (SVRS), which uses similar security measures to a bank, and has the voting tabulators tested by a federal agency before being certified by the state.
As part of testing election equipment before it is used counties run what are called “test decks” to verify equipment performance after which they conduct a certain minimum number of public tests of the tabulating machines to demonstrate they perform as required. By law on election day ballot recording and tabulating systems cannot be connected to any electronic network or to the internet. Only after a record of the election results has been printed by election judges can the head election judge electronically transmit the elections results. The results are transmitted using a special encrypted connection to upload the data to the county elections website. After a state general election, counties must conduct a public "post-election review (or audit)" for randomly-selected precincts to double check that the tabulators worked properly. The precincts to be audited are selected by the county canvassing board by lot, and the ballots are hand-counted by a party-balanced group of election judges of the votes cast for President or governor; United States Senator; and United States Representative.
Voting Machine Selection and Testing Voting machines are selected by each individual county from a list of equipment approved by the Secretary of State’s office. Before a voting machine is approved for use, it must first meet certain criteria and be certified by the Secretary of State’s office. This means that a machine used in an election gets rigorously tested before it is even purchased for use.
Part of the extensive testing that voting machines must go through prior to an election is accurately reading what are called “test decks.” These are a set of sheets / practice ballots. The people testing the machine have a spreadsheet of what the answers will look like when they come out of the tabulator. If the machine tabulates the correct numbers, then it is secured until election day. The testers must certify that they tested the machine with the appropriate test decks, and that the machine accurately read the decks.
Additionally, each county must conduct a certain minimum number of public tests of the tabulating machines. Anybody from the public is allowed to be present at the testing, and the final results are all published online. Again, the testers must certify and sign that they have done the testing, and that it was accurate before they seal and secure the machine again until election day. This ensures that election equipment is tested multiple times prior to every election to ensure that it is functioning properly. In between elections, these machines are completely shut down and secured, and completely inaccessible to any outside tampering.
Ballot recording and tabulating systems are not connected to the internet during voting, and so cannot be remotely hacked. They also cannot be physically hacked as the memory chips are locked into the machine, and only the head election judge or county clerk have the key for them, and/or can deputize another person to hold the key.
Along with the hardware being secure, and the software unable to be hacked, each memory chip from each tabulator is encrypted with the machine number on it. This means that when the information is pulled from the machines, it is impossible to duplicate the result from any of the machines – the data from one machine is only able to be pulled once. It would also indicate if data from any machine in the precinct is missing.
The only time during the process when the data is connected to any electronic network or the internet in any way is when it is being uploaded to the county elections or OSS website. In order to keep the data secure, a special encrypted connection is used. The election results from the tabulating system are printed before the results are electronically transmitted to county elections.
After all recounts, and the post-election audit is done, then the election materials are moved into permanent storage by pairs of two people. The area where the ballots are stored again has limited access including two people present at all times, sign-in requirements, and video surveillance. The election material is then kept for 22 months after the election.
Post-Election Audit Process
Election results are not official until they have been reviewed and certified by a canvassing board. The canvassing board checks to make sure the numbers received from the county and the election judges at the precincts match. If the numbers don’t match, the canvassing board must figure out where the discrepancy came from before they can certify the results.
Canvassing boards are also involved in the process of randomly selecting precincts for review after every statewide general election. They can also oversee a recount, but their main purpose is to certify that the numbers received from the election judges at the precincts and county election officials are a match. This makes the election results official pending legal challenges.
After the information is canvassed, the county moves to the post election review. This process is open to the public.
A random selection of precincts are drawn after every statewide general election, and the party-balanced election judges hand-count the ballots from the selected precincts to make sure they match up with the tabulating machine data.
Officials involved are again working in pairs at all times.
In addition to the automatic post-election review process, candidates can request a recount of their race.
If it is within a certain threshold, it is publicly funded.
If not, candidates can request a discretionary recount.
The recount process is also open to the public, and is conducted by the election officials in pairs at all times.
Additional Election Security Measures
Biggest security system is the decentralization of the election system – there is no “central” / federal system that can be hacked / tampered with. There are federal standards, but each state sets their own laws and standards.
Even the seals used to seal up election results information and voting machines are tracked via serial number to ensure no one tampers with them.
Election officials must verify that voting machines are printing out zeros at the start of the day and the ballot boxes are empty.
Paper trails are key in Minnesota and are used at practically every step in the process to check and re-check results.
Testing of vote tabulator machines is public.
We do have challengers (not poll watchers / poll observers) on election day and during the absentee vote certification process, but challengers must have personal knowledge that the person they are challenging is not eligible to vote.
We have a process for people to file complaints if they believe something went wrong or if they saw something against our election laws happening at a polling place. Complaints get turned over to their county attorney.
Transparency is a main focus of the Minnesota elections system.
Independent Election Observation
LWVMN in partnership with Citizens for Election Integrity MN (CEIMN) observed the 2022 post-election review in eleven counties and expressed confidence in the accuracy and integrity of the PER. Our partnership began in 2006 to provide independent non-partisan observation of election results, to insure that we have verifiable, transparent, and accurate elections.