Draft Summary of Hearing 4.21.08

Pima County Democratic Party v. Pima County Board of Supervisors

Hearing Date: Monday, April 21, 2008

Judge: Michael O. Miller

Supplemental Hearing Re: Additional expert testimony pertaining to any increased security threat(s) to the Pima County Elections Division since the Court ordered the release of .mdb/.gbf data files in December 19, 2007 Order

(Note: The following is a summary of highlights and not a verbatim transcript)

A quick recap of the posture of the case:

This case went to trial in December 2007. Plaintiff Pima County Democratic Party bore the burden of proof to establish that the .mdb/.gbf data files are “public records” under Arizona law and must be produced by Pima County pursuant to a public records request. If the Plaintiff carried its burden of proof, then the burden of proof shifted to Pima County to establish “public policy” justifications for not disclosing the .mdb/.gbf data files, despite being “public records.”

Judge Miller in his December 18, 2007 Minute Entry Order found in favor of the Pima County Democratic Party, holding that the .mdb/.gbf data files are a public record under Arizona law. However, in an apparent attempt to satisfy all parties (which satisfied no one), Judge Miller ordered the release of only the final .mdb/.gbf data files for the 2006 primary and general elections. The Court expressly conditioned its order with an instruction to Plaintiff that if it discovered grounds on which the court should reconsider its order, the court would entertain the motion. Judge Miller’s order did not address whether the .mdb/.gbf data files of future elections are to be treated as “public records” subject to a pubic records request.

The Democratic Party filed a motion for reconsideration of the Court’s findings of fact and conclusions of law (to conform to the evidence at trial), and in the alternative, a motion for new trial. At a February 27, 2008 hearing regarding pending motions, Judge Miller approved a supplemental hearing regarding additional expert testimony pertaining to any increased security threat(s) to the Pima County Elections Division since the Court ordered the release of .mdb/.gbf data files in its December 19, 2007 Order. Each party was permitted declarations and/or deposition testimony from four experts of their choosing.

Which brings us to today’s supplemental hearing.

Supplemental Hearing:

Judge Miller clearly stated the issue he wanted to be addressed by the parties: I want to know what the experts say about public disclosure of the .mdb/.gbf data base files since I entered my order in December. What’s happened in the last four months?

First, let me quickly summarize my lawyer’s opinion before I get to the actual arguments of counsel. I believe Plaintiff’s counsel Bill Risner carried his burden of proof, i.e., since the Court ordered the release of the .mdb/.gbf data files, no new or additional security threats to the Pima County Elections Division have been identified by Pima County. In fact at one point, Judge Miller directed his question to Pima County Attorney Chris Straub who had to concede that he did not know the answer, and suggested that the judge might order Pima County to examine this “technical” issue and report back to the Court (another attempt to delay these proceedings). Mr. Straub also conceded that his trial expert, Dr. Merle King, did not submit any additional declaration addressing this issue. Judge Miller’s question was the sole purpose of this hearing for which the County Attorney appeared wholly unprepared. Pima County relied upon its previously stated security “concerns” at trial, and failed to present any new or additional security threats to the Pima County Elections Division learned of in the past four months. Mr. Straub unwittingly conceded to the Court at one point that the Pima County Democratic Party has not released the .mdb/.gbf data bases “into the wild” and has been “behaving responsibly,” refuting Pima County’s own oft-stated position at trial that the Pima County Democratic Party would act irresponsibly by releasing the .mdb/.gbf data files “into the wild” and cause “mayhem and chaos” with Pima County elections.

Now today’s hearing.

Pima County submitted the declaration of its computer expert, Dr. John Moffett, and the deposition transcript of Assistant Secretary of State, Joseph Kanefield. [verify with Bill]

The Pima County Democratic Party submitted the declarations of Dr. David Jefferson, Dr. Thomas P. Ryan, and Dr. Thomas W. Ryan [verify with Bill]

Bill Risner (for the Pima County Democratic Party):

Bill Risner began by stating that both parties agree that the GEMS election software is a security “sieve” full of holes. The parties agree that protecting the election computers from outside access is important, because the computer is using software that makes rigging an election easy. Pima County has made a number of physical security improvements to the Elections Division with the cooperation and assistance of the Pima County Democratic Party.

Risner stated that no one knows how to corrupt an election from the outside without gaining access to the computer. We do know there are people on the inside that can rig an election. We have presented evidence at trial of an Elections Division employee who took election data home with him.

Risner continued, “If it’s easy to rig it, if it’s easy to cheat, who checks?” Risner said he was stunned by the testimony of Joseph Kanefield, who testified that the Secretary of State has no jurisdiction to check what a county does in the absence of fraud. The same is true for the Attorney General. The Arizona Attorney General did conduct an investigation in the course of this case. But the Attorney General investigation never looked at the allegation of whether there was a “flip” of election results in the RTA election, changing “no” votes to “yes.”

The evidence that was in the Secretary of State’s office (the pre-election backup tape of the RTA election) was neither requested nor examined during the Attorney General investigation. When that backup tape of the RTA election was eventually returned to Pima County (pursuant to a discovery request in this litigation), the backup tape was somehow “lost” and has not since been located. The Secretary of State’s office says that no county has ever checked its elections against the pre-election backup tapes.

Risner stated that if the political parties do not perform their statutorily prescribed duty to do the checking, no one will. There may be secret programming hidden in the software that no one will ever catch.

Risner stated to the Court that the Secretary of State’s legal position with respect to A.R.S. §16-445 is the same as the Pima County Democratic Party: state law prohibits only the Secretary of State and Attorney General from releasing the backup tapes, but the statute does not apply to the counties. Risner stated to the Court that there is a “duty of candor to the court.” Joseph Kanefield testified that the statute does not apply to the counties “by its plain language.”

“So what are the risks?” Risner asked rhetorically. Pima County says it is because Bryan Crane uses unique rotation codes for elections. But the rotation codes are not unique, they are required by statute, and appear in the GEMS election manual as the “Pima rotation.” Pima County claims there are unique candidate codes. But after a primary election when Pima County removes candidates it can simply change the candidate codes from election to election.

Pima County claims that someone will be able to discover a pattern and predict coding. But predicting codes gets you nowhere without access to the election computer. Ballot parameters are already stated in the Runbeck vendor contract and the parties receive a pre-election sample ballot to review. Pima County claims that someone could counterfeit ballots (this is the attack #12 identified in the Brennan Center for Justice Study). But this is too complex and cannot work in Pima County. Ballot stuffing simply will not work.

Risner then asked rhetorically, “what can work?” Pima County has one guy who runs the election and no one checks on him. We know that he took election data home with him. When everyone in the Elections Division threatened to exercise their Fifth Amendment right against self-incrimination, no questions were asked of these employees by our Board of Supervisors.

If the county has a security “concern,” then it has an obligation to identify what is the problem and what is it going to do to correct it? Pima County says that someone could “mimic” an election. But when I asked them for factual details, they simply repeated this prepared line. The county could not describe how one would mimic an election.

Pima County relies on vendors to test the election computer software (Cyber and Wylie labs), but when Cyber got into trouble for not fully testing software it defended that “Diebold lied to us.” The Arizona Secretary of State does not independently test election software (note: relies on the federal certification). The Secretary of State did not warn counties that there was a problem with the software. Dixie [LNU] from Gila County testified at trial that the Secretary of State “would have told us if there was a problem with the software.” To the contrary, the Secretary of State never advised the counties.

Brad Nelson testified that there is a Diebold user group in Arizona for the 12 counties that use Diebold. Brad Nelson testified that computer security has never been a topic of discussion in the group.

Then there is the issue of the “final” election data base. We have checked with our experts and there is no problem with releasing the iteration of all data bases from beginning to end, there is no security risk in doing so. Dr. John Moffett was asked about the iterations by Jim March and Supervisor Richard Elias at a Board of Supervisors meeting and Dr. Moffett stated the data base parameters should remain the same from the beginning to end of the election.

There has been an attempt by Pima County to fog the issues and to throw stuff against the wall and see what sticks.

Risner asked the Court to examine the thorough declaration of Dr. David Jefferson. Dr. Jefferson has served five secretaries of state in conducting reviews of their elections systems. Dr. Jefferson says there is no security risk in releasing the .mdb/.gbf data base files.

Dr. Tom W. Ryan worked on the Cuyahoga County report, and has published technical reports on Diebold. Dr. Ryan says there is no security risk in releasing the .mdb/.gbf data base files.

Dr. Tom P. Ryan has testified there is no security risk in releasing the .mdb/.gbf data base files.

Risner concluded that Pima County has failed to establish the risks of an outsider attack corrupting an election. But we have demonstrated the risk of an insider attack where no one checks. (So the parties need to check the work of the insiders).

The facts are on our side.

Chris Straub (for Pima County):

Pima County does not disagree about the parameters of election data bases. The information remains the same from beginning to the end of an election.

The data base is used to program voting machines.

Pima County does an extensive logic & accuracy testing procedure with representatives from the Secretary of State and the political parties. The political parties prepare test ballots (for which the Secretary of State has taken Pima County to task). There are over 1,600 ballot styles according to Bryan Crane. Once the parameters are set, they stay the same from the beginning to the end of an election. Straub claimed that the .mdb set up files are “confidential.” [I assume he means proprietary or trade secret].

Straub says that Bryan Crane testified that the RTA election irregularity was a “key stroke error.” Straub asserts that Risner is wrong, that the Attorney General had the RTA pre-election backup file to examine. “This is a red herring.” [Note: what did the iBeta report say?]

Straub asserts that the Democratic Party has had the RTA data base files since January and they have not disclosed any wrongdoing. “Where’s the beef?” [Note: the real question is where is the backup tape “lost” by Pima County? In addition, a team of computer experts are building an analytical program to examine the data files, and the analytical program has not yet been completed and peer review tested – a necessary step given Pima County’s conspiratorial accusations against the Pima County Democratic Party. The analytical program needs to have undergone peer review examination to qualify for admission in evidence in court.]

Straub takes issue with Risner’s assertion of his lack of candor to the court. Joseph Kanefield testified that A.R.S. §16-444(a)(4) includes .mdb set up files as “computer programs.” He testified that the statute applies to the Secretary of State and Attorney Geenral, but the Secretary of State “takes no position” with respect to others. [Note: see Kanefiled deposition for his use of “the plain language of the statute” that Risner cited.]

Straub asked rhetorically, “what is new in the last four months?” Then outlined his four points:

1. Plaintiff’s own experts concede that others “could construe” the data files as a “computer program.”

2. The Secretary of State has amended the Elections Manual (post-trial) to redefine “computer programs” consistent with Pima County’s interpretation.

3. The data from past elections allows for an accumulation of data to design an attack on future elections.

4. The audit of electronic data base files does not serve as a good basis for auditing an election as the statutory hand-count audit of paper ballots.

The electronic data bases include “SQL queries.” Dr. John Moffett concludes that Doctors Ryan and Ryan said the SQL queries “could be construed” as computer programs by others. Plaintiff’s other expert witnesses said the SQL queries could be “construed” as computer programs by others.

Dr. David Jefferson even cited a case, Positive [Software] Solutions Inc. v. [?] (N.D.Tex), reversed on other grounds, which held that an SQL query is a “computer program” for copyright law purposes (not directly on point).

At this point, Judge Miller interrupted Mr. Straub and asked him “haven’t you waived the statutory argument?” Straub argues he has not waived the statutory argument “going forward” for future elections. Judge Miller asked Straub about the County’s Rule 60(c)(6) motion – “what does the county want changed going forward?” [I have a break in my notes here]

Judge Miller stated “I have not heard any testimony that the .mdb files can be segregated out, as the County offered to do earlier in this case. Are you suggesting that these .mdb files are “confidential” going forward? [I do not have Straub’s response] Judge Miller asked Mr. Straub “how does the County suggest that the .mdb files cannot be released?” Straub responded with “I don’t know,” it’s a technical issue, and “the court could order the county to research the issue and report back to the court.”

At this point the Judge stated that the Court reporter needed to take a break, and suggested to Mr. Straub that he consider his answer (indicating his displeasure with his lack of preparedness).

Straub (Cont.)

The County can provide the votes cast reports and summary reports we have provided without having to give up the confidential .mdb files.

Judge Miller returned to his earlier question: The waiver of your statutory argument is that the County complied with my Order. You did not file a Rule 59 motion or request a stay of order. I believe my order has been functioning as a Rule 54(b) Judgment since December. Straub replied that he agrees that the statutory argument is moot as to the files the County has already produced, but not going forward for future elections. Judge Miller then asked for clarification of what files have already been produced: the complete iterations of the RTA election and primary and general election in 2006.

Straub asserted that that there are at least 27 jurisdictional elections in the set up .mdb files that could be compromised.

Straub referred to trial exhibit “D” which is an admission that having a memory card makes it easy to alter an election without detection. One needs the GEMS software, and there is at least one version of GEMS software in the public domain. Having access to these .mdb data files allows someone to detect patterns and develop counterfeit ballots or memory cards. There is also the “man in the middle” attack. [Note: Pima County says it no longer uses modems to report data, so the man in the middle attack is no longer practical]

Straub takes issue with Risner’s claim about the Brennan Center for Justice Study and distinguishes attack #12 as being a simulation of a “statewide” vote, which would be easier to carry out in a smaller jurisdiction. He referred Judge Miller to page 57 “of your version” which describes that up to this point there has been no evidence of a successful software attack on election software, however, there have been sophisticated attacks on non-voting software. Pima County is being prudent by taking precautions. Straub conceded that “we all agree that the software is terribly flawed.”

Straub referenced the Florida State University study to argue that the software had not been rigorously tested by the federal testing labs.

Judge Miller interrupted Mr. Straub to ask him “why didn’t you provide any declaration from Dr. Merle King” about any new or additional threats since the release of these data files in January? [I do not have his response]

Straub then stated that the Pima County Democratic Party has not released the .mdb/.gbf data bases “into the wild” and has been “behaving responsibly.” (Refuting Pima County’s own oft-stated position at trial that the Pima County Democratic Party would act irresponsibly by releasing the .mdb/.gbf data files “into the wild” and cause “mayhem and chaos” with Pima County elections.)

Judge Miller asked Straub for clarification that Pima County’s concern is about the release of multiple elections, not multiple data bases? Straub replied “yes.”

Straub argued that the architecture of a future election could be disclosed by the release of multiple election data from which someone could figure out patterns of coding.

Bill Risner (Reply):

Judge Miller asked Mr. Risner whether he considers his Order as a final Judgment. Risner replied, “yes, that’s why we filed a motion to amend findings of fact and conclusions of law and alternatively, a motion for nee trial.”

It is also the law of the case now that the .mdb data files are a “public record” and the County has the burden of proof to demonstrate why the data files should not be released. [Note: this is critical for an appeal]

Risner stated that he now has the trial transcript of testimony of Dr. John Moffett and Dr. Merle King that he offered to submit the Court. [Note: the Court later advised Risner that it would not be necessary, infra]

Risner stated that the County’s experts “have never put any meat on the bones about its concerns for ‘mayhem and chaos’ regarding counterfeit ballots or other attacks.” The experts testified that these types of attacks are equally possible already.

Dr. David Jefferson testified that the County could just use a hash code to protect against this type of attack.

Pima County has not presented any actual problems from release of this data. The “concerns” it has are types of attacks which are equally possible already. It will not be made worse by the release of the .mdb/.gbf data files.

The concern about counterfeit memory cards are protected against by the physical security measures that are in place.

The “mythical possible attacks” like the “man in the middle” attack requires the use of a modem and someone having knowledge of the phone numbers. This cannot be done in Pima County because it no longer transmits election data over phone modems.

The County only brings up insignificant matters because “they’ve got nothing, that’s the really shocking thing about why we are here.”

“Not disclosing the data files is the map for cheating,” because no one checks the work of an insider. Simply changing an SQL query can change the outcome of an election.

There are trivial simple things the County can do to prevent attacks on its election computer.

Risner offered to read the disputed passage from the Brennan Center for Justice Study into the record. Judge Miller asked if it had been part of previous trial testimony, and both Risner and Straub stated that page 57 was an exhibit to depositions in the record. Judge Miller stated that he would take judicial notice of the book and had Risner read the book title and authors into the record.

Risner concluded by stating that all of these attacks occur from the inside, one has to have access to the election computer. We must be able to audit the electronic data bases. The hand-count audit of paper ballots is important, but it is only a part of the audit process.

Judge Miller addressed a pending motion. He stated that a supplemental declaration from Dr. Merle King is denied, but that he would accept a supplemental declaration from Dr. John Moffett. Judge Miller asked Risner about the trial testimony transcripts he wanted to submit. Risner explained that the trial testimony of Dr. John Moffett and Dr. Merle King did not sustain the Court’s findings of fact and conclusions of law. Judge Miller stated that the transcripts would not be necessary.

Judge Miller said he could not rule today since he had not read everything, and he would take the matter under advisement.

Judge Miller reminded the parties that a hearing on the Motion for Attorney’s Fees and Costs is scheduled for one hour on May 5, 2008 at 2:00 p.m.

<End>

Commentary:

One subject of new information learned today was that Secretary of State Jan Brewer, acting upon the recommendations of County Administrator Chuck Huckelberry that the Secretary of State should amend her Elections Manual to conform to Pima County's interpretation of "computer programs" argued at trial, did in fact act upon this request and amended the Elections Manual to change this definition.

In other words, Pima County appealed to an executive officer, the Secretary of State, to use her executive rule making authority to overrule the judiciary, i.e., Judge Miller's Order holding that the .mdb data files are not "computer programs."

This raises ethical issues of interference with the judiciary, i.e., an executive department officer attempting to overrule a Judge of the Superior Court by executive fiat in active litigation to which the Secretary of State is not a party (despite Pima County’s request that her office intervene), and a violation of the constitutional separation of powers doctrine.

It certainly appears unseemly for Pima County to appeal to Secretary of State Jan Brewer to change the rules of the game after Pima County has already lost this argument at trial, and may have waived this argument, as Judge Miller correctly noted at today’s hearing. There is no “do over.” While the amended rule is entitled to consideration by the Court, it is not conclusive or binding upon the court (since the amendment was adopted post-trial - at the request of a litigant no less - and was never considered in evidence at trial).

Chuck Huckelberry and Jan Brewer both acted as if they are above the rule of law and can simply change the rules as they see fit. This is a shocking arrogance and abuse of power for which both should be held accountable.