Let’s Audit the MI Auditor General Report on Elections

By Patrick Colbeck

The long-awaited Michigan Auditor General Report on the Michigan Bureau of Elections was released on March 4, 2022. The report was requested March 3, 2021 by Michigan Representative Julie Alexander.

There were four objectives specified in the report:

1. To assess the sufficiency of BOE’s efforts to maintain the integrity of the QVF
2. To assess the effectiveness of selected application access controls over QVF and the Electronic Poll Book
3. To assess the sufficiency of selected BOE post-election audit procedures to help ensure the integrity of elections.
4. To assess the sufficiency of BOE’s efforts to establish and provide training to the county, city, and township officials who are responsible for conducting elections

As someone who has examined the aftermath of Michigan’s election operations under Director Jonathan Brater, I was hoping to shed some additional insights into Bureau of Election operations. Furthermore, I would like to address the sufficiency of the Auditor General’s report in addressing the evidence of election fraud discovered as a result of the 2020 General Election.

In essence, I have audited the Auditor General’s audit of the Bureau of Elections audit procedures.

AUDIT COMPARISONS

FINDINGS

FINDING 1: Poor audit data integrity.

The actual number of votes cast in the November 3, 2020 election per the statement of votes and the Michigan Secretary of State is 5,579,317. The Auditor General stated that 5,533,818 votes were cast. That figure is not even sufficient to account for the number of votes cast for President, which was 5,539,302. There is a discrepancy of 45,499 ballots. This discrepancy brings into question all other numerical conclusions brought forward in their report as it questions the source of data used. The fact that they used BOE queries from the QVF to arrive at their numbers highlights a material deficiency in the quality of the QVF data and the quality of assertions made by the Auditor General on the basis of this data.

FINDING 2: MI SoS violated state statute regarding the integrity of the QVF data.

MCL 168.509q requires that voting history data be maintained for 5 years. The Auditor General analysis of the QVF data revealed that 45,499 voters from the 2020 General Election were not retained in the QVF. This also indicates a potential significant overvote in the 2020 election that provides substantive grounds for decertification of the 2020 General Election. This is a material deficiency.

FINDING 3: MI SoS ordered deletion of Pollbook software in violation of federal law.

USC 52 Section 20701 requires that “all” election records be retained for a period of at least 22 months after the election. The Michigan Bureau of Elections ordered the deletion of “EPB software and associated files” by the “seventh calendar day following the final canvas and certification of the election”. This begs the question as to why the Bureau of Elections would seek to delete the EPB software since this same software would presumably be needed in support of upcoming election operations. Of course, the data in the “associated files” would likely change for the next election cycle, but this data must still be retained not deleted under federal law. The BOE should be asked why they issued such a directive and be held accountable for directing the violation of federal law. It also indicates that the EPB software should be forensically analyzed for security vulnerabilities.

FINDING 4: The audit did not address the importance of analyzing the election record chain of custody during an election audit.

Objective 3 was explicitly defined as determining the sufficiency of the current post-election audit processes to ensure the integrity of our elections. The Auditor General took a narrow view of “ensure the integrity of our elections” that limited their evaluation to compliance with existing state law and BOE procedures. This approach assumes that the current statutes and BOE procedures are sufficient to “ensure the integrity of our elections” thereby abrogating their duty to evaluate the sufficient of the current state of affairs at the BOE to satisfy this objective. Any substantive attempt to evaluate the BOE-directed operations needs to address means of verifying that the election record chain of custody has been satisfied in the post-election audit procedures. Breaches in the QVF security can result in breaches of the poll book integrity. Breaches in poll book integrity can result in illegal ballots being cast. Illegal ballots being cast can result in fraudulent vote tallies being certified. Sadly, the term “chain of custody” did not appear at all in the report tasked with the objective of ensuring the integrity of elections. This is a material deficiency.

FINDING 5: The audit did not address the importance of electronic logs as data to be evaluated during an audit of election records.

While the report did discuss the electronic submittal process by which County Clerks submit their audit findings, it failed to address one of the most significant weaknesses in the current post-election audit process. This glaring weakness is the lack of examination of electronic logs related to the processing of key election records during an election cycle. This oversight is particularly important in light of the fact that most electronic records processing is not observable by poll challengers, poll watchers or even poll inspectors. There must be audit mechanisms in place that allow for independent oversight and analysis of the processing of these records when such processing is performed using electronic voting systems. Verifying the accuracy of electronic tabulators with hand counts is insufficient to address all of the remaining election processes which are managed electronically. This is a material deficiency.

FINDING 6: Funding intended for training was re-purposed by MI SoS.

The Michigan Secretary of State appropriated $4.5M in CARES Act funding to illegally mail absentee ballot applications to all registered voters not already on the permanent absentee voter list. Under MCL 168.759(3), only local clerks are authorized to distribute absentee ballot applications. This money could have been used to ensure adequate training for clerks. This is a material deficiency.

OBSERVATION 1: Conflicts with findings of the Michigan Election Security Advisory Commission.

In October 2020, the Michigan Security Advisory Commission issued their report on vulnerabilities to our election system. References to their findings in the Auditor General report were notably absent. Among the findings of the MESC were risks to Voter Registration and IT Security as well as deficiencies in the rigor of our post-election audits.

What actions were taken between release of MESC report and auditor general report that would merit such a stark difference in conclusions?

SUMMARY

The Auditor General report bases their assertions on inaccurate data. The inaccuracy of this data can be directly traced to the integrity of the QVF which served as the basis of their assertions. On these grounds alone, the merit of the Auditor General findings is suspect. Most concerning, however, is the failure to address the importance of chain of custody examinations in any substantive audit of an election.

There is one point of agreement, however, which should be highlighted. The legislature is in need of upgrading our statutes regarding the level of rigor needed to satisfy our constitutional right to an audit of statewide elections.

RELATED POSTS

Fake Election Over, Fake Audit Season Begins: What Can Be Done?

Antrim County Election: Audit or No Audit?

What Is A Forensic Audit?

Election Process Audit Map: Good Stuff and Bad Stuff

Election Chain of Custody

Risk-Limited Audits