Trump signed an executive order today about mail in voting.
-
It's worth trying to understand what problem this executive order is purporting to solve. It's not clear; you have to squint.
Trump and many of the election deniers have created a widespread impression that mail-in ballots are unsecured, and that there are no (or only ineffective) safeguards against sending in counterfeit, fake, or duplicated ballots and having them counted.
But, despite being repeated frequently, this impression is completely false and baseless, as I'll discuss.
Mail in ballots have security features and a processing workflow that mirror that of in-person voting. Just about every mechanism that prevents you from showing up to vote in person multiple times or without being registered has an analog - sometimes a stronger one - in mail-in ballot processing.
The precise details vary from state to state and for different voters, but roughly:
-
Mail in ballots have security features and a processing workflow that mirror that of in-person voting. Just about every mechanism that prevents you from showing up to vote in person multiple times or without being registered has an analog - sometimes a stronger one - in mail-in ballot processing.
The precise details vary from state to state and for different voters, but roughly:
1. Marked ballots are generally returned in two nested envelopes or wrappers; the inner wrapper has no identifying information, while the outer one is unique to the voter and has both identifying information and, generally, the voter's signature. In most cases the only way to obtain a valid ballot and envelope is to have it mailed to the address on file with the local election office.
2. The voter returns (by mail, dropbox, etc) their ballot in the two envelopes and signs the outer one.
...
-
It's worth trying to understand what problem this executive order is purporting to solve. It's not clear; you have to squint.
Trump and many of the election deniers have created a widespread impression that mail-in ballots are unsecured, and that there are no (or only ineffective) safeguards against sending in counterfeit, fake, or duplicated ballots and having them counted.
But, despite being repeated frequently, this impression is completely false and baseless, as I'll discuss.
@mattblaze Oh, we know what problems it purports to solve: the insecurity of mail-in ballots and non-citizens voting. What is unclear is how this actually solves either (non-existent) problem.
We also know what problem they're actually trying to solve: Democrats voting. -
1. Marked ballots are generally returned in two nested envelopes or wrappers; the inner wrapper has no identifying information, while the outer one is unique to the voter and has both identifying information and, generally, the voter's signature. In most cases the only way to obtain a valid ballot and envelope is to have it mailed to the address on file with the local election office.
2. The voter returns (by mail, dropbox, etc) their ballot in the two envelopes and signs the outer one.
...
3. When the ballot envelope reaches the election office, it's processed in two stages:
3a) First, the outer envelope is checked to verify that it contains the unique identifying information for the voter (usually a unique ID number), that that ballot wasn't already processed, and that the signature matches what's on file. If there is any discrepancy, the ballot is held for exception processing.
3b) If the verification was OK, the inner envelope (with the ballot inside) is sent to tallying.
... -
3. When the ballot envelope reaches the election office, it's processed in two stages:
3a) First, the outer envelope is checked to verify that it contains the unique identifying information for the voter (usually a unique ID number), that that ballot wasn't already processed, and that the signature matches what's on file. If there is any discrepancy, the ballot is held for exception processing.
3b) If the verification was OK, the inner envelope (with the ballot inside) is sent to tallying.
...@mattblaze
I conjecture that voters mostly fall in two groups:
1) Those who've never used vote-by-mail and maybe have suspicions.
2) Those who've used it for years and would never voluntarily stop using it. -
3. When the ballot envelope reaches the election office, it's processed in two stages:
3a) First, the outer envelope is checked to verify that it contains the unique identifying information for the voter (usually a unique ID number), that that ballot wasn't already processed, and that the signature matches what's on file. If there is any discrepancy, the ballot is held for exception processing.
3b) If the verification was OK, the inner envelope (with the ballot inside) is sent to tallying.
...4) The inner envelopes (of accepted ballots) are opened only later, in batches after they've been separated from the outer envelopes with the identifying information. This preserves ballot secrecy. Then the opened ballots are sent to the tally machines (generally optical scanners) and retained.
This workflow has a number of important properties.
...
-
4) The inner envelopes (of accepted ballots) are opened only later, in batches after they've been separated from the outer envelopes with the identifying information. This preserves ballot secrecy. Then the opened ballots are sent to the tally machines (generally optical scanners) and retained.
This workflow has a number of important properties.
...
- First, you can only send in a ballot accompanied (on the outer envelope) by something that was sent specifically to the voter, with unique identifying information that a third party couldn't obtain (the ballot ID number). And each ballot ID can only be processed once, since it's checked off a list once it's accepted.
- Second, the submitter of the ballot has to sign the voter's signature. So we know not only that the ballot was sent to them, but have a signature to compare it with.
...
-
4) The inner envelopes (of accepted ballots) are opened only later, in batches after they've been separated from the outer envelopes with the identifying information. This preserves ballot secrecy. Then the opened ballots are sent to the tally machines (generally optical scanners) and retained.
This workflow has a number of important properties.
...
@mattblaze I'm concerned that the existence of the EO, even unimplemented, will have a chilling effect on people who might feel their vote is less likely to be counted.
-
- First, you can only send in a ballot accompanied (on the outer envelope) by something that was sent specifically to the voter, with unique identifying information that a third party couldn't obtain (the ballot ID number). And each ballot ID can only be processed once, since it's checked off a list once it's accepted.
- Second, the submitter of the ballot has to sign the voter's signature. So we know not only that the ballot was sent to them, but have a signature to compare it with.
...
- Third, exceptions are extremely rare and would be quickly noticed. If an even moderate number of duplicate ballots or ballots with invalid ID numbers were to come it, that would be a HUGE deal (and I'm not aware of any place in the US where it's actually happened). It would rapidly trigger a major investigation, likely involving both state/local and federal authorities.
...
-
- Third, exceptions are extremely rare and would be quickly noticed. If an even moderate number of duplicate ballots or ballots with invalid ID numbers were to come it, that would be a HUGE deal (and I'm not aware of any place in the US where it's actually happened). It would rapidly trigger a major investigation, likely involving both state/local and federal authorities.
...
@mattblaze this part. People can be nefarious. The checks and balances thwart it from becoming impactful. Volunteer for your local elections!!!
-
- Third, exceptions are extremely rare and would be quickly noticed. If an even moderate number of duplicate ballots or ballots with invalid ID numbers were to come it, that would be a HUGE deal (and I'm not aware of any place in the US where it's actually happened). It would rapidly trigger a major investigation, likely involving both state/local and federal authorities.
...
So in summary, mail-in ballots are secured by mechanisms and processes that replicate all the steps of the check-in process at in-person precinct polling stations, but with the ADDITIONAL safeguard that the voter needs to provide a unique document that was sent to their address for each election.
The idea that mail-in voting invites fraud is simply not supported by reality.
-
1. Marked ballots are generally returned in two nested envelopes or wrappers; the inner wrapper has no identifying information, while the outer one is unique to the voter and has both identifying information and, generally, the voter's signature. In most cases the only way to obtain a valid ballot and envelope is to have it mailed to the address on file with the local election office.
2. The voter returns (by mail, dropbox, etc) their ballot in the two envelopes and signs the outer one.
...
@mattblaze when I've done mail-in voting (in Canada, and for a US professional organization), it's been like this.
-
3. When the ballot envelope reaches the election office, it's processed in two stages:
3a) First, the outer envelope is checked to verify that it contains the unique identifying information for the voter (usually a unique ID number), that that ballot wasn't already processed, and that the signature matches what's on file. If there is any discrepancy, the ballot is held for exception processing.
3b) If the verification was OK, the inner envelope (with the ballot inside) is sent to tallying.
...A useful feature available in California is they can send you texts or emails at this step saying that they got your ballot, and when it was counted.
(Though you do have to sign up for the ballot notifications)And I'm guessing if there was a problem you'd get a different message explaining how to fix the ballot. (But I haven't seen that one)
-
@mattblaze I'm concerned that the existence of the EO, even unimplemented, will have a chilling effect on people who might feel their vote is less likely to be counted.
@jmjm @mattblaze But Utah and Oregon have universal mail-in voting. That's how everyone votes.
-
It's worth trying to understand what problem this executive order is purporting to solve. It's not clear; you have to squint.
Trump and many of the election deniers have created a widespread impression that mail-in ballots are unsecured, and that there are no (or only ineffective) safeguards against sending in counterfeit, fake, or duplicated ballots and having them counted.
But, despite being repeated frequently, this impression is completely false and baseless, as I'll discuss.
@mattblaze two faced double tongue. Creeps
-
So in summary, mail-in ballots are secured by mechanisms and processes that replicate all the steps of the check-in process at in-person precinct polling stations, but with the ADDITIONAL safeguard that the voter needs to provide a unique document that was sent to their address for each election.
The idea that mail-in voting invites fraud is simply not supported by reality.
@mattblaze @mattblaze We do all mail-in ballots in WA and it works just fine. We don't have walk-in polling centers anymore.
One advantage is you get a receipt and can go to a web site to see that your vote was received and counted.
-
@mattblaze @mattblaze We do all mail-in ballots in WA and it works just fine. We don't have walk-in polling centers anymore.
One advantage is you get a receipt and can go to a web site to see that your vote was received and counted.
Or rejected, which is great if (let's say) your name changed and you signed your old name.
Vote in mail is the best and I hate that I now live in a State without it, but I'll keep fighting for it because more people vote with mail in ballots (which is why some are trying to kill it)
-
@mattblaze Oh, we know what problems it purports to solve: the insecurity of mail-in ballots and non-citizens voting. What is unclear is how this actually solves either (non-existent) problem.
We also know what problem they're actually trying to solve: Democrats voting.@SteveBellovin
> the insecurity ...
Mail in ballots are secure, we know this, once they arrive - as described by Matt Blaze in this thread.> problem they're actually trying to solve: Democrats voting.
This EO deals exactly with this, IMO in a viable way:
1. The voter lists handed over by the State (voluntarily or not) contain the very data that will be used to make a barcode to be placed on the *outside* of the outer envelope.
2. Each and every such envelope *must* travel through at least one high-volume mail sorting machine. In this point, a bug in the software seeing a "suspected non-citizen" barcode can put their ballot aside for later inspection. While some 5,000 DBCS machines are in operation, it is only a few types of them. And only those close to the CCL-s matter. (In few States tabulation occurs at County/Municipal level)
@mattblaze
It is well in your capacity to call to secure procedure against the above scenario.a) simplest: The outer envelope ID should be registered at arrival then after separating it should be *published* online.
b) robust: Hash(ID) printed on the inside additional wraper on the top and bottom. Voter is instructed to tear this wrapper to two, one to be returned, second for a protest had their H(ID) was not registered upon arrival.Kind regards, your welcome, Ohir Ripe
-
@SteveBellovin
> the insecurity ...
Mail in ballots are secure, we know this, once they arrive - as described by Matt Blaze in this thread.> problem they're actually trying to solve: Democrats voting.
This EO deals exactly with this, IMO in a viable way:
1. The voter lists handed over by the State (voluntarily or not) contain the very data that will be used to make a barcode to be placed on the *outside* of the outer envelope.
2. Each and every such envelope *must* travel through at least one high-volume mail sorting machine. In this point, a bug in the software seeing a "suspected non-citizen" barcode can put their ballot aside for later inspection. While some 5,000 DBCS machines are in operation, it is only a few types of them. And only those close to the CCL-s matter. (In few States tabulation occurs at County/Municipal level)
@mattblaze
It is well in your capacity to call to secure procedure against the above scenario.a) simplest: The outer envelope ID should be registered at arrival then after separating it should be *published* online.
b) robust: Hash(ID) printed on the inside additional wraper on the top and bottom. Voter is instructed to tear this wrapper to two, one to be returned, second for a protest had their H(ID) was not registered upon arrival.Kind regards, your welcome, Ohir Ripe
c) at least advise States that parted with their voter lists to securely make *new* IDs and as close to the ballot package distribution as possible. Ideally this new ID should be generated and printed when clerk signs the package to be mailed out.
-
@mattblaze So the extreme hypothetical conspiracy would be to somehow obtain the voter unique ballot IDs, create duplicates, and send them in before the voter can send in the legit ballot. I'm not suggesting it's even plausible! Just mulling over what it would take to create actual voter fraud. And even then, as you say, a large number of duplicates would cause a red flag.
