Posts

Senate Estimates | Australian Electoral Commission

I spoke with the Tom Rogers of the Australian Electoral Commission (AEC) about the recent referendum and how the same shade of purple was used by the ‘Yes’ campaign.

One Nation calls on the Special Minister of State, Senator Farrell to introduce legislation to grant the AEC control over their own colourway, to prevent attempts to confuse voters in the next election or referendum.

I also asked about the failure to include the entire proposed change to the Constitution on the ballot paper, as required by S128 of the Constitution. Mr Rogers’ answer was not acceptable.

I call on the Minister to clarify this Constitutional provision by enacting legislation to require the full text of the amendment to be included on future referendum voting papers.

Transcript

Senator ROBERTS: Thank you. Firstly, Mr Rogers, thank you very much and congratulations on a successful referendum. You produced an accurate result and very quickly. I want to pass on comments from a
friend of mine who is fairly fussy and interested in accuracy. He volunteered to be one of your workers. He said the process of training and running the booth was first class. He had no problems, and he’s a fussy bugger. We do question the format of the ballot paper, but that’s history now. I wouldn’t take it personally about getting some nice messages. I think, after the last three years of the COVID response and the confusion around some of the Voice campaign, people are sick and tired of governments, so it wasn’t directed at you. I also noticed that ticks and crosses weren’t a thing. A Queanbeyan booth had 1,281 votes. Only one of those was a cross, and there were no ticks. However, in forms completed at the booth for declaration voting, I believe the elector was required to indicate their answer with a cross.

Chair: So no cause for conspiracy theory, then, but I’m interjecting.

Senator ROBERTS: Not at all. But please consider eliminating ticks and crosses from your own paperwork as a way of ensuring they are not used on polling day. That’s just a suggestion from one of the constituents. In the referendum, the Australian Electoral Commission allowed the use of AEC purple by the ‘yes’ campaign. That decision was correct in law, but let’s review that for the next time. Is that possible?

Mr Rogers: I might just talk about the purple signs issue because it’s a complex matter. We don’t own the colour purple. Legislatively, the AEC does not own the colour purple. I wish we did. I’d be very happy—

Senator ROBERTS: Despite the tie!

Mr Rogers: Indeed. There are only limited circumstances in which we can intervene with the use of the colour purple. In a lot of commentary that we saw both online and in the media, there’s this sort of thing about,
‘Oh my god, there are purple signs, and the AEC’s not doing anything about it.’ When you’re doing something like a short-form radio interview or a TV interview, it’s very hard to say, ‘Let us take you through the half hour of complexity of case law and legislation about this issue and why we don’t have power to do it.’ People just want to know about purple signs. Before the referendum, in fact I think before the last election, we’d made clear we would prefer that campaigners and parties do not use the colour purple. But that’s a legislative matter, and that would be a matter for parliament rather than for the AEC. But I can tell you that, wherever purple signs were deployed in those circumstances where we thought they would breach the legislation, we asked for those signs to be moved. By and large they were and in a fairly timely manner. We are satisfied with that, but again I make a plea to parties and campaigners in the future: please avoid the colour purple with white writing.

Senator ROBERTS: Was there a ruling regarding Josh Frydenberg’s campaign using purple with Chinese people?

Mr Rogers: There was a court case—Garbett v Liu—and, from memory, it found in very limited circumstances where the sign is indeed in purple with white writing, where that sign is placed in very close proximity to an ACC sign, almost next to it, and, as the third element, where it contains a message which says, ‘The right way to vote is X,’ it may breach the legislation. It’s that specific.

Senator ROBERTS: It is fairly specific. Thank you. Simon Frost worked for the ‘yes’ campaign in the area that created those deliberately misleading purple signs. Those signs did not pass the pub test, as I think you are implying. I also understand that Simon Frost worked for former treasurer Josh Frydenberg’s campaign. He was a senior adviser. Is there any comment there? It’s difficult.

Mr Rogers: No. As I’ve said, where those signs popped up, where we thought they were at risk of breaching the legislation, we took action. But we don’t own the colour purple and have no mandate over it.

Senator ROBERTS: So you’d support it if we put forward legislation on that?

Mr Rogers: Whatever bill passes through parliament is legislation I support in any case.

Mr Pope: We’d certainly welcome further clarification and widening of section 329, which I think is at the heart of your questioning.

Senator ROBERTS: The ballot paper, as I said a little while ago—we disagreed on that—did not include a full reproduction of the proposed change to the Constitution, as required by section 128 of the Constitution. I
understand that you don’t agree it has to be presented accurately in full and that the short description is sufficient. Is that still your position?

Mr Rogers: I understand that the argument was put by a legal academic in South Australia. I point out that this is absolutely a matter for the Attorney-General’s Department, not the AEC, but for the record I also note that a large number of other scholars dismissed that particular interpretation. For the record so that people understand: the form of the ballot paper followed exactly the form of the ballot paper in the legislation. The matter you are talking about is more of a constitutional and legal issue to be resolved by others, not by us.

Senator ROBERTS: Yes. As I understand—but I’m not a legal expert—the Constitution takes precedence over any legislation. Have you sought legal advice on that issue?

Mr Rogers: No, because that’s not my issue.

Senator ROBERTS: Attorney-General.

Mr Rogers: I have a number of other issues. I don’t need that one as well. But that would be the Attorney-General’s.

Senator ROBERTS: The Kennedy prepoll voting centre in Cairns was located in a shop in a shopping centre. Centre management initially refused both sides permission to hand out how-to-vote cards and display signage, instead offering a location off their property and down the street. As owners of the property, this is their prerogative, except the point of doing that was to set stalls in front of the voting centre for the bargain price of $250 a day, so they made a deal out of it. ‘Yes’ took up the offer, allowing them to position copious signage and poll workers in front of the prepoll voting centre. ‘No’ didn’t have the money and were prevented from handing out. Is it okay to have that operation of poll workers controlled by a private shopping centre management company?

Mr Rogers: It’s not actually unusual for this sort of thing to occur. I was saying before to Senator Liddle, we get four weeks notice to find whatever venues they can. They have to meet certain criteria as well, as you know. You have to have a number that have access for disabled Australians, and there are a range of other requirements such as security, so the number of venues that we get to choose from is quite small. Occasionally it comes down to either taking that one or there being no polling premises in that area. Occasionally, we’ve noticed before in certain large shopping centres and in airports when we’ve used those, there’s no ability for political parties to hand out material. We do try to advocate on behalf of the parties. As I said at the very start of my opening statement, we think scrutineers and campaigners play an important part in the process, but there will always be the odd event where the parties are unable to gain access rather than us arranging it. That was one of those very unfortunate circumstances. Of the over 7,000 polling places, there may have been only one or two that were like that.

Senator ROBERTS: Surely there’s a benefit for the shopping centre because your voting booth becomes a draw card for them. Can there be something written into the contract?

Mr Rogers: Sadly, I know that shopping centre—in fact, I think I visited that place last week, and I know Mr Pope has found some other issues up there as well and tried to secure polling premises, but it was difficult.

Chair: Can you write that into the contract?

Mr Rogers: Some of them will not write that into the contract. They say, ‘Either you sign the contract that we’re providing you or you or go somewhere else.’ I know that’s complex—

Mr Pope: I think we could suggest.

Mr Rogers: And we do suggest. With that particular one, I understand, we did try to work with the centre management, and they flat-out refused.

Chair: Can you perhaps write it into their legal obligations?

Mr Rogers: They won’t sign it.

Senator ROBERTS: It’s a free world. Finally, the AEC has been criticised for responding to a question from a voter with regard to what happens to a voter if he votes twice? The response was accurate: that, well, you just count them. Could that have been more sensitively done in the sense of, ‘Well, we have to count them, but have precautions to make sure people don’t vote twice’? In hindsight it’s always easy.

Mr Rogers: Actually, I do have a view of this. I’m conscious of time, but I think I mentioned before that we were tagged in 145,000 comments in social media in the middle of delivering a referendum. We were trying to serve information to the community as quickly as possible. As you yourself said, that was highly accurate. But it was picked up by a few individuals and weaponised deliberately to try and denigrate Australia’s electoral system. I don’t understand why you’d do that. The electoral system isn’t owned by the AEC; it’s owned by all Australians. I was reflecting the other day on a section of the act—I think it’s 365—which contains a piece of information that, effectively, immaterial errors shouldn’t vitiate an election outcome. It was put in there by smart people. It says, effectively, elections are complex and minor issues shouldn’t be used in any way to denigrate election outcomes. What we’ve seen is that there are a few dedicated individuals online who want to pick up the most minor of issues and create it as a huge event to try to undercut citizens’ trust in electoral outcomes. Let me tell you that, going back in time, we’d do exactly the same thing because it was an accurate answer. What I can’t control is the manner in which people react. As I read out earlier—and I’ve read out two per cent of some of the nutty stuff that barrels down at us, where people seize on the most minor of issues. The whole thing we’ve said before about Dominion voting machines, which emerged again at this—we even had groups of people standing outside at least one polling place in Melbourne in an organised way, handing out pens to voters who were going in, saying, ‘The AEC are going to rub your votes out.’ It’s insane. I don’t know where this comes from. I never thought I’d see this sort of thing in Australia where these minor issues about one comment on a social media page are then used to weaponise such a ridiculous thing.

I’m sorry for the long answer, but I’m very proud of the work that our social media team did in serving up information to Australians in such a timely and informative fashion. I read out some statistics before about our
overarching awareness campaign. It was the biggest campaign we’ve run. I’m very proud of that. I’m proud of the work that our individuals do. I know you know this, but our social media team and the AEC in particular have copped a torrent of abuse from idiots online who should know better, including threats to our staff, including death threats to our staff. It is utterly ridiculous. I’m sorry for using that as a vehicle to point out that our staff do a great job, our social media team do a great job and I’m extraordinarily proud of the work that they do.

Senator ROBERTS: Fortunately, the number of people who do that is very small. Sometimes they get magnified. It’s just that some people latch on to what you didn’t say, which was that we have adequate precautions
to make sure people don’t vote twice. That’s all I’m suggesting.

Mr Rogers: That actually was put there; but, again, I am just pointing out that these minor issues are occasionally blown out of all proportion. I’m also just using that—and I know you won’t mind, because our staff
are so good—to thank our staff who put up with some of that abuse that they get on a very regular basis.

/by

Australian Electoral Commission and the Colour Purple

Next week the Senate will vote on my motion to refer two matters that came out of the recent referendum to the Joint Standing Committee on Election Matters.

The first is about the misappropriation of the purple colour used by the Australian Electoral Commission (AEC). It confuses people and should be available to the AEC only. Even the AEC Commissioner is asking for protection on the purple they use.

Secondly, we need to clarify the words that should appear on a referendum ballot paper includes the full text of the amendment. This is in keeping with the wording of the Constitution.

Please share this video among your family and friends, call or email your Senators, and let’s get these loopholes tightened up for the sake of future confidence in our elections.

/by

Election Integrity: Make sure our elections cannot be rigged

,

The Australian National Audit Office is one of the best agencies in government. They do great work chasing down wasteful government spending and exposing poor management.

The few times they have looked at the conduct of our elections, like in 2015, the report card was a solid fail. They haven’t audited the conduct of our elections since then despite promising to.

Last night at Senate Estimates the Auditor General was very honest and upfront with me. He cannot confirm the Australian Electoral Commission has comprehensive performance standards for elections. He cannot assure the Australian people that the electoral systems are fit for purpose.

He did say that the way for the community to be assured about the integrity of elections is through the Parliament acting. One Nation’s Election Integrity Bill (read more) was written for this very good reason. Whatever happens in the next election, if it passes, the public can have confidence in the result.

Parliament must pass an election integrity bill before the next election.

Transcript

Senator Rice, Senator Roberts, very quickly.

Thank you chair, and thank you all for attending. Hello Mr. Heir. I’ll just give some background, and then the questions will be quick.

Very quickly, Senator Roberts.

If I can reference the report titled third follow-up audit into the Australian electoral commission’s preparation for the conduct of federal elections. It’s ANAO audit number 6 2015-16. This inquiry was called by the joint standing committee on election electoral matters. The terms of reference were a performance audit focusing on the adequacy of the Australian electoral commission’s implementation of recommendations arising from earlier, and they are audit reports. Your findings were and I’ll quote, no meaningful action has been taken had been taken prior to 2013. The election that triggered the audit in relation to those recommendations directed towards more secure reporting of election night counts on the development of comprehensive or the development of comprehensive performance standards for the conduct of elections. And finally, conclusion number eight, ANAO plans to undertake a follow-up audit following the next federal election to examine adequacy and effectiveness of the AECs implementation of these 10 recommendations in that report. Did you do that followup audit?

We did. We didn’t do a followup, followup audit Senator of exactly that nature. We did a further audit, which was, which was focused on particular aspects of procurement, including IT, for the scanning system system following the next election. But now we didn’t follow up each of those recommendations as was then proposed.

Thank you. Can you confirm that the AEC now has comprehensive performance standards for the conduct of federal elections?

No, Senator we haven’t been in there to conduct a performance audit in this space since that, that one I mentioned. So, no, we don’t, we don’t, we don’t have current knowledges as to that know.

I like your quick answers. How, how would anyone know if that would, if they’d done that?

I suspect you’d ask them in estimates.

We’ve asked them lots of times and their questions are their answers. Why didn’t you do the follow-up audit? That would have been the fourth followup audit on the AEC.

I think we, what we decided to do was in the context of what was going on in the, in the office at the time, which was the IT procurement, that that was probably a, a better order to undertake in the AEC. It’s not a huge agency. It’s not the one. We go into every year. So, so about picking the topic. And at that particular time we thought that was that that procurement audit was a, a better topic to undertake.

Can you say with confidence that the AEC systems now are fit for purpose?

We haven’t been into the entity.

How can people be assured of the integrity of future elections?

I think through the parliamentary processes is the appropriate way for the community to be assured through the oversight. The parliament gives of the, the office.

I could make a comment. Do you not against you? Do you have the authority to audit?

Yes, I say yes.

Okay. My last question chair, in your submission to the finance and public administration’s inquiry into my Commonwealth electoral amendment integrity of elections, bill 2021. ANAO made this statement, I quote in accordance with the auditor General’s mandate under the auditor general act, 1997, the auditor general is empowered to conduct a review of a particular aspect of the operations of the AEC at any time. ANAO could have conducted a followup audit in respect to the AEC’s noncompliance with multiple ANAO audits. Yet you chose not to why I?

Think of.

If there were multiple audits.

We were doing.

My multiple follow-up audit. Sorry.

We did multiple followup audits then the last audit we did, I made a decision that the.

Not follow up at the specific electronics.

Yeah. That was the reason.

Will you audit the next election.

I.

Was seen it also understanding it through. The first three follow-up audits followed what happened in the 2013 election with Senate Ballot Papers in Western Australia being effectively lost. And whilst there are three audits that audit was conducted the then audit general received a specific request from the joint standing committee of electoral matters for us to do follow-up audit work, looking at an earlier audit we did have the 2007 election as to where those recommendations have been implemented. The only reason there were three followup audit wasn’t was because the joint standing committee of electoral matters, wanted us to one of particular things looked at very quickly. And so that’s why there were three performance audit. So we packaged up what are the recommendations we could follow up as a higher priority in a shorter timeframe and then a medium timeframe and then longer timeframe. So it was, it was by seen. By three audit was really packaging out the follow-up to that all the way earlier audit report, to meet a request of the parliament, So, you know.

So as Mr. Hare said, it’s, it’s a matter of looking at the, what the followup is in context of what’s going on. Okay. Thanks, Chair.

/1 Comment/by

Ensuring Election Integrity – Commonwealth Electoral Amendment (Integrity of Elections) Bill 2021

,

When I started researching election integrity I was doing it to show that our elections are secure. That is not what I found. There is no requirement to audit the results and no ID requirements to ensure there is no double voting. Our electoral legislation is full of holes. My bill seeks to fix those holes using audits that many well researched committees, agencies and investigations have already suggested. There really isn’t much reason to vote against it.

Transcript

As a servant to the people of Queensland and Australia I present the the Commonwealth Electoral Amendment (Integrity of Elections) Bill 2021, which amends the Commonwealth Electoral Act 1918.

This bill provides for the routine auditing of the electronic component of Australian federal elections and for the provision of voter identification.

It should also be noted that this bill does not look backward to previous elections, but rather forward to ensure confidence in the next election.

During COVID the actions of unelected bureaucrats and incompetent politicians has wiped out small businesses and jobs, disrupted lives and reduced many people to desperation.

The next election will be a powder keg.

It is essential to ensure that Australians can accept the result and move on.

Suspicion of the outcome can be easily fueled, especially on social media, and turned into violence by those who seek to manipulate the result for their own ends.

The level of trust in the result must be commensurate with the current heightened level of risk.

When I started researching election integrity it was to show that our elections are secure. That is not what I found.

The Australian National Audit Office conducted three audits into the 2013 federal election. Their final report came out in 2016. This is what ANAO said about the Australian Electoral Commission (the AEC):

In 2014 the Joint Standing Committee on Electoral Matters wrote to the Auditor General seeking a performance audit focusing on the adequacy of the Australian Electoral Commission implementation of recommendations arising from earlier ANAO audits of the AEC.

The Auditor General decided to conduct 3 related performance audits.

All three reports found that the AEC had not adequately and effectively implemented the earlier ANAO recommendations. The reports concluded that in order to protect the integrity of the Australian electoral system and rebuild confidence in the AEC these recommendations should be implemented.

AUDITOR-GENERAL REPORT NO. 6 OF 2015–16

The report went on to say:

“ANAO plans to undertake a follow-up audit following the next federal election, in 2016, to examine the adequacy and effectiveness of the AEC’s implementation of the ten recommendations made by ANAO across three reports.”

AUDITOR-GENERAL REPORT NO. 6 OF 2015–16

Those recommendations included:

“the AEC must develop a strategy for deeper reform to ensure and demonstrate integrity in all aspects of the election, including a fundamental overhaul of the AEC’s policies and procedures to restore confidence in the electoral process”.

AUDITOR-GENERAL REPORT NO. 6 OF 2015–16

Let me say that again – a fundamental overhaul to ensure election integrity.

Mr President the follow-up audit to test how well the AEC implemented this fundamental review into election integrity never occurred.

Perhaps someone should do a bill to bring on that audit. Oh wait Mr President, I did.

Were ANAO happy for this direction – apparently not.

In their submission to this bill ANAO said my bill was not necessary as they had the power to audit the AEC at any time.

If that is the case then they should get on with it.

Mr President New South Wales and Western Australia have provisions in their electoral acts to audit state elections.

New South Wales conducts an audit before each election to ensure systems are fit for purpose and then audits again after each election to ensure integrity, and to see what can be improved for next time.

Western Australia audits after every election.

There is no audit function currently specified in the Commonwealth Electoral Act 1918.

This bill creates a function for the Auditor General to audit the operation of the AEC twice in each election cycle:

  1. In the lead up to the election; and
  2. From polling day to the declaration of the poll.

 The audit provided for in this bill covers electronic measures, and tests if:

“the use of authorised technology produces the same result as would be obtained without the use of authorised technology.”

Put simply this is asking the Auditor General to ensure that the use of computerised voter rolls, tallying, preference allocations and related matters produced a result that accurately reflects the will of the people.

ANAO felt that was too high a bar to meet, I would consider ensuring the will of the people was accurately reflected in the result was the bare minimum for any election audit.

This bill does not specify what will be audited. The decision regarding the operation of the audit is best left to the agencies conducting the audit.

Secondly, this bill authorises the Australian Signals Directorate (ASD) to audit and monitor computer systems for unauthorised access internally and externally.

This is targeting both unauthorised access from within the system and unauthorised external access by malicious entities.

The Australia Signals Directorate is currently conducting a cyber “uplift program” at the Australian Electoral Commission. While the program is most welcome, there is no basis in the Commonwealth Electoral Act 1918 or the Intelligence Services Act 2001 for that program.

This bill brings legislation into line with current practice.

Mr President In May Senate estimates I asked the Australian Electoral Commission simple questions regarding their auditing. I was assured that audits are occurring. On no occasion then or since have the following questions been answered:

  • Who conducted the audit?
  • When was the audit conducted?
  • What was audited?
  • What was the result?
  • Have any changes been made as a result of the audit?

It is disturbing that such an audit could happen behind closed doors without direction or structure. It is more disturbing that this program has no legal basis in the Commonwealth Electoral Act.

We should not have to rely on the admirable conscientiousness of the Australian Signals Directorate. We should be able to rely on the completeness of our legislation.

Mr President I also looked at other issues around election integrity.

First up was a simple question: At the Senate Scanning Centre is the electronic data file containing each vote ever compared back to the paper ballot after the vote has been adjudicated?

That answer is no. At no time is the electronic record of a vote checked back against the paper ballot once the ballot is adjudicated.

Some disputed votes are held back and adjudicated later in the counting process, then filed away.

There is no routine sampling beyond that point. That is not acceptable.

The third part of my bill is for voter ID. Most of the recommendations in the ANAO report, that was never followed up, went to failures in the integrity of voter rolls.

It is too late to go back now and audit those rolls before the next election, by way of re-commencing residency checks, as ANAO recommended.

It is not too late for a quick fix – which is voter ID. Asking for simple identification will act as an audit on the rolls in real time, and ensure every vote cast was legitimate.

This is not my idea. Recommendation 21 of the Joint Standing Committee on Electoral Matters Inquiry into the 2019 Federal Election called for voter identification to be introduced. This same finding was made in 2016 and 2013.

Schedule 2 of this bill is drafted to give effect to the committee recommendation as literally as possible.

Voters must present a form of acceptable identification to be issued with an ordinary pre-poll or election day vote. Authorised identification must be suitably broad so as to not actively prevent electors from casting an ordinary ballot.

This bill allows a wide range of acceptable voter ID. The AEC is empowered to make further regulations to ensure voters are not disenfranchised.

The AEC noted in their submission to the JSCEM inquiry that:

“multiple voting is frequently the subject of media commentary and social media speculation. Such a degree of focus is entirely understandable: there can hardly be a more emblematic component of trust in electoral results than ensuring eligible voters only exercise the franchise [appropriately].”

Multiple voting is a red herring in this debate. My bill is not concerned with multiple voting, it is concerned with ensuring every vote cast was made according to law.

The Commonwealth Electoral Act (Integrity of Elections Bill) 2021 is about protecting confidence in our elections.

The cyber integrity of our elections and the use of voter identification is essential to that confidence.

I recommend the Commonwealth Electoral Amendment (Integrity of Elections) Bill 2021 to the Senate.

/2 Comments/by

Election Integrity – What has the government got to hide?

,

Suspicion about the results of our elections is an existential threat to our country. Confidence comes from having strict auditing and checking procedures. We’ve seen that these auditing, checks and system are not fit for purpose. One Nation is asking for those deficiencies to be rectified.

Senate Estimates Questioning:

Transcript

As a servant to the people of Queensland and Australia, here we go again. Yet again the Labor Party are about to sit comfortably in the laps of the Liberals and Nationals to vote through measures that are in both of their own interests. Just yesterday I spoke of this parliament being dysfunctional to the point of being a crime scene. The very next day here we are watching the proof unfold again before our very eyes.

For those watching at home and wondering why One Nation did not use these electoral bills to introduce actual electoral reform, the answer is simple: the way these bills were written. There is one bill per topic and they include a long description that prevents One Nation from introducing amendments that move outside of that very narrow, restrictive scope.

If the government and Labor wanted to join three bills together and vote in one line, they should have produced the three bills as an omnibus bill that One Nation and the crossbench could have amended—and the legislation badly needs amendment. Senators Wong and Birmingham are once again making a mockery of the democratic process—dodgy siblings doing another dirty deal behind closed doors. When are we going to start writing numbers on the perspex screens so we can distinguish between the Liberal-Nationals and Labor! The Joint Standing Committee on Electoral Matters made 27 recommendations towards more fair and effective elections. The ‘Lib-Lab duopoly’ has again rushed legislation before the Senate to implement a grand total of three of those recommendations, none of which does anything to ensure the integrity of our electoral process.

The Electoral Legislation Amendment (Electoral Offences and Preventing Multiple Voting) Bill 2021 pretends to do something about multiple voting. In the last three elections, the Australian Electoral Commission reviewed thousands of case of multiple voting and referred a few hundred of those to the Australian Federal Police for prosecution, who made the decision to prosecute none of them. Not one person has been prosecuted as a result of the ordinary operations of the Electoral Act despite recommendations to do so and despite that law being on the books for a very long time. That may be why the government has chosen to abandon the legal system and refer multiple voting to the Administrative Appeals Tribunal. Yesterday we saw cybercrime warrants being moved from the criminal court system to the administrative court system; today we have multiple voting moving over as well. One Nation is uncomfortable with the growing power of the Administrative Appeals Tribunal and with the whole concept of having two court systems. Criminal courts are founded in biblical and common law; administrative courts have no such higher purpose to be called on for guidance.

The Electoral Legislation Amendment (Party Registration Integrity) Bill 2021 is clearly an attempt by Lib-Lab to knock out smaller parties and entrench the power of the status quo. I hear the anger on social media over this measure, yet I have some questions in return. Should a multimillionaire be allowed to use his wealth to buy political influence through the United Australia Party? The requirement to have 500 supporters is not going to slow down a very wealthy individual, yet a requirement to have 1,500 supporters will—unless that party actually has grassroots support. This legislation is saying to Clive Palmer, ‘Put your supporters where your mouth is, not where your money is.’ There is criticism from some new parties who should be more worried about themselves. If you start fact-checking the memes you are spreading, and start offering voters evidence based policy, perhaps 1,500 may be more achievable. I understand that Senator Lambie too is in opposition to this bill. This raises a good question for the government—oops, the Lib-Labs—to answer: why is it 1,500 voters for registration in a populous state and 1,500 in Tasmania? Shouldn’t it be some percentage of registered voters in that state?

The Electoral Legislation Amendment (Counting, Scrutiny and Operational Efficiencies) Bill 2021 makes a number of small changes to voting. These have been mentioned by other speakers and I will not review those here. How will all these changes affect the integrity of our elections? Well, we don’t know. We don’t know now and we won’t know afterwards because our elections are not audited. My interest in election integrity started in January 2021, following the US presidential election. My office was inundated with people asking about whether election fraud, such as it was in the United States, could be happening in Australia. The problem is not whether election fraud is happening; the problem is that people think it is happening. Confidence in election outcomes is central to democracy.

The restrictions around COVID have people at boiling point. Small business closures, job losses, high-handed bureaucrats and politics have reduced many people to desperation. The next election will be a powder keg. It is essential to ensure that, whatever the result, the public can accept it and move on. Suspicion of the outcome can be easily fuelled and turned into violence by those who seek to manipulate the result for their own ends. We cannot let this happen. It is for this reason that New South Wales and Western Australia have provisions in their electoral acts to audit state elections.

New South Wales conducts an audit before each election to ensure systems are fit for purpose and then audits again after each election to ensure integrity and to see what can be improved for next time. Western Australia audits after every election.

The Commonwealth Electoral Act 1918 does not have audit provisions. In February, I started asking questions of the Australian Electoral Commission, the AEC. To be honest, I expected to hear that auditing was under control given the reputation the Australian Electoral Commission claims it has. That’s not what I found. The Australian Electoral Commission told me in Senate estimates that the Australian Signals Directorate had conducted an audit of the Australian Electoral Commission’s software. The next day in Senate estimates I asked the Australian Signals Directorate if they had done that audit and the answer was a clear no. The Australian Electoral Commission tried to conflate the security audit conducted by the Australian Signals Directorate with an audit of software and systems to pretend our software was being audited and, by extension, was fit for purpose. It has not been audited. The election software is not fit for purpose.

So why did the Australian Electoral Commission make a false statement or imply a false statement? The Australian Signals Directorate looked at potential intrusions into the system, both electronic and physical. Following the audit, the Australian Signals Directorate proceeded with an uplift program designed to harden the AEC network. I call that a fail. If your systems were audited for cybersecurity and the outcome was a comprehensive uplift program to improve your security then clearly the system failed the audit. What else would fail an audit at the Australian Electoral Commission?

In the May Senate estimates I asked the Australian Electoral Commission simple questions. When did the Australian Signals Directorate audit happen? The Australian Electoral Commission declined to answer. What was actually audited? The Australian Electoral Commission gave no useful response. What was the result of the audit? The Australian Electoral Commission declined to answer. What changes to the Australian Electoral Commission’s systems have been made in the uplift program? The Australian Electoral Commission declined to answer. Could the Australian Electoral Commission guarantee that the uplift program would render the Australian Electoral Commission computer system fit for purpose? The Australian Electoral Commission responded that nobody could ever guarantee their systems are fit for purpose. Let that sink in. Nobody could ever guarantee their systems are fit for purpose—the Australian Electoral Commission admitted it.

It is disturbing that such an audit could happen behind closed doors without direction or without structure. It is more disturbing still that this program has no legal basis in the Australian Commonwealth Electoral Act. We should not have to rely on the admirable conscientiousness of the Australian Signals Directorate. We should be able to rely on the completeness of our legislation. We need it fixed. It must be fixed.

Then I looked at other issues around election integrity. First up was a simple question: is the electronic data file containing each vote ever compared back to the paper ballot after the vote has been adjudicated? That answer is no. At no time is the electronic record of a vote checked back against the paper ballot. Senator Birmingham and the Australian Electoral Commission have assured us that there is a check, yet when we peer through the veil of language deliberately calculated to obfuscate no such check is happening, contrary to the minister’s response. The only time this happens is when a ballot is disputed and a paper ballot is pulled out for scrutiny. After the ballot is adjudicated, there is no further check.

These votes are sitting for up to a month in a system that failed an Australian Signals Directorate security test. Data integrity requires that a final audit be conducted immediately before declaration of the poll by pulling paper ballots out at random and comparing them back to the electronic record and vice versa. It’s one day’s work for all the counting staff as they finish their regular counting. It will not delay the result. It will guarantee that the system has not been compromised accidentally or by a malicious party.

My second question was on the accuracy of the voter rolls. The Australian Electoral Commission used to check the accuracy of their rolls by conducting residency checks.

Before this system was discontinued in 1995, those checks revealed a significant number of false registrations: people who had left the country, people who had died and people who had moved. Most of the incidences of multiple voting stem from voting in their old location and their new location: double voting. This legislation does not address that problem. How can anyone say that the voter roll is accurate if they never check it?

My third question is on the software algorithm at the Senate scanning centre that allocates preferences. The Australian Electoral Commission publishes what is basically a data dump of the raw vote count. Leading cryptographers, led by Dr Vanessa Teague, from the Australian National University, have written a check routine to test the preference flow against the published result. Their finding was that the Senate preference flow was correct, so we know this this aspect of the Australian Electoral Commission software works. Why it is up to the university academics to write complicated software at their own expense and on their own time to audit our elections? Since when did the government decide to crowdsource its job? So, what next? A GoFundMe page to pay for it?

This is why next week I will introduce into the Senate the Commonwealth electoral amendment (integrity of elections) bill 2021. This bill requires a preaudit of the Australian Electoral Commission systems prior to each election to ensure the systems are fit for purpose. It requires an audit after the election, as New South Wales and Western Australia require and as the ACT proposes. We propose an audit of the electoral roll and voter ID: voter identification. In short, this bill will audit the elections and the voter. Then we will all have confidence in the next election result.

After decades of this Lib-Lab parliament, people are starting to see how parliament is failing our country. The Lib-Lab duopoly, though, is desperate to continue its hold on a parliament that has a record of decades of not serving the people of Australia. We, though, are keen to restore parliamentary democracy. We have one flag, we are one community, we are one nation.

/by

Audit the election software

, ,

I asked the AEC about the new software they used for counting votes. Concerns have been raised about previous AEC software by cryptologists and the National Audit Office.

The AEC claims to have written new software that fixes all of these problems, but they won’t tell us who audited it and what the results were. An open and transparent audit is absolutely necessary to ensure there is 100% confidence in our elections.

Transcript

Thank you, Miss Jay.

Thanks Senator Sullivan, Senator Roberts.

[Malcolm Roberts] Thank you. And thank you for appearing today. My questions apart from the first and third, fairly brief. So the first one, in reference to testimony at the last estimates, and I’ve I’ve got copies of your questions on that, responses to your questions and that is. The AEC bought but did not use the Scytl software. Rather you write your own. To write your own election software is a really impressive feat. We’ve been talking to people, they’re very impressed. May I ask how many staff are on the development team please?

I’d have to take that on notice.

[Malcolm Roberts] Okay. What was the total cost of doing that?

I’d have to take that on notice.

[Malcolm Roberts] Okay. What testing did you use before deployment now I’d imagine some kind of parallel running or some form of a dry run.

Well, in fact, we did multiple forms of testing and assurance Senator, as I’m sure you would as I’m sure you’d be aware. And look Senator, to be abundantly helpful here, we’re happy to provide you a more detailed personal briefing on this. I’m happy to talk to you about it. It is a complex process. As you’re aware, we’ve been using our audit, our checked software, easy CAAT for a number of years and we’ve redeveloped that that’s effectively what we deployed as part of the 2016 solution. As I think we said last time, the Siedel solution, we got Seidel on board as really as a business assurance process to make sure that we had software that was going to work at 12 week period to deliver it. The software we’re using has been checked, double-checked and assured. And not only that, the important point to note it’s totally in line with the existing legislation and all of the data that we then generate from that software is put online and the results are then replicated by a number of psephologists and political science departments who use that data to replicate the count. And it exactly matches the outcome of their own. So there’s a range of different ways of assuring that this software is fit for purpose.

[Malcolm Roberts] Okay, thank you. Still part of the first question. Were any of the staff involved doctorate or masters degree qualified in a suitable discipline such as mathematics or cryptology?

Senator I’d have to take that on notice.

[Malcolm Roberts] Could we get their names please? When you provide it a notice?

No.

[Malcolm Roberts] Okay. And how long did it take?

We had for the 2016 process we had that 12 week periods in Israel, as I’ve said previously.

[Malcolm Roberts] Yeah. And can you provide their qualifications?

Senator again, if you can help me here on letting me know where you’re trying to head, maybe I can provide some more fulsome answers.

[Malcolm Roberts] Perhaps we can, we can go into that in the briefing. I’d love to take you up on that. So did your bespoke solution use any code from Scytl and if so, what percentage?

It did not.

[Malcolm Roberts] None at all. Great. Your software, you intimated has been audited in accordance with standards published by the National Association of Testing Authorities, NADA. That certification does not specify a standard for the auditing of election software. It’s more of a general process for an audit to follow, as I understand it. Having the audit is not a guarantee that your software works within acceptable accuracy levels. Although these issues may come out in an audit who conducted the audit and how much did it cost and what was the result?

Senator as I’ve just said, if you can help me here by telling me where you’re trying to head with this process I would get some of these questions. If somehow the results of this were somehow secret or behind closed doors. We use a piece of software that’s been tested and assured on multiple occasions. The same time, all of the data that this software produces is then publicly published on our virtual teller even on our website, which on election day, as one of the most used pages in Australia, that data is then used by a variety of psephologists and computer and political science experts to replicate those results. It’s intensely public. If you’re trying to indicate that there’s some sort of issue, I just don’t understand why you’d be doing that when there’s been no evidence of that at all.

[Malcolm Roberts] Well, we were just concerned about the auditing. That’s all. Because we got some answers from the, I think it was a Nao that didn’t give us the assurance. So let’s go onto some of the physical things then of the 511 polling places in the last election. How many of those had computers or other devices that communicated with the AEC computer system or were capable of doing so?

Senator I’m Jeff Pope, deputy electoral commissioner. I’m not sure what you’re referring to with 511 polling places we had nearly 8,000.

[Malcolm Roberts] Could that be state?

Perhaps you might be referring to–

[Malcolm Roberts] While it is not a mandatory requirement for pre-poll voting centres at the 2019 federal election. 115 of the 511 people voting centres. So pre-poll, sorry, pre-poll. My mistake.

[Man] Right.

[Malcolm Roberts] Had me worried there.

You had me worried.

[Malcolm Roberts] Well, just how many have got a physical connection? How many had a physical connection?

For what purpose, Senator?

[Malcolm Roberts] Well, I’m going to go into that in the next few questions.

Many in terms of the role. And–

There are, we have electronic certified lists in every I think in every one of those pre-poll centres last event where citizens names and marked off the roll.

[Malcolm Roberts] No, it’s beyond that. I note from your answer on questions on notice F-O six five on polling place security, that those electronic devices were protected by monitored back to base alarm in only 115 of the 511 polling places. Were any other measures in place to protect the cyber integrity of those devices during the election period? For example were they air gaped, were they turned off at night, was there IP traffic monitoring for the period when they should have been none because they were turned off? That’s what we’re after.

I think all of your thoughts–

[Malcolm Roberts] You think?–

So we’ll take it on notice. But again, we’ve had no issue with any breach of our software or our hardware, with respect to delivery of the election–

At all, and no indicator of any breach and our handling of all of that data. And the physical equipment was in line with relevant Commonwealth guidelines and regulations and the risk assessment that we undertook.

[Malcolm Roberts] Okay. I’m just doing my job on behalf of my constituents.

I get it Senator. And I’m doing my job.

[Malcolm Roberts] Yes.

On also defending one of the world’s best and most transparent electoral systems.

[Malcolm Roberts] Well I’m not attacking it. I’m just making sure that–

Fantastic. And so we’re both doing our jobs in terms of making sure that citizens have the information they need to form their judgements.

[Malcolm Roberts] Correct. I’ve only got three questions to go. In your response to questions on notice F-0 six eight, you make the comment, ” All preferences and all Senate ballot papers are reviewed by at least one person at the scanning side.” Does that mean that they compare the scanned ballot with the paper ballot to ensure accuracy? Because that’s the impression your answer gives. Do they compare the actual scanned ballot with the paper ballot?

Senator the process is that a data is both manually entered and scanned and then that’s matched with the automated process–

[Malcolm Roberts] All the ballot papers are manually entered?

Manually entered but all paper is scanned when it first arrives. Then from that image which is an image that data is then entered. And then the scan, the data from the scan is then compared with that to make sure that they match. Where they don’t match, we undertake further processes.

[Malcolm Roberts] Could you explain that in terms of, we have a physical paper ballot that is scanned in–

[Man] Correct.

[Malcolm Roberts] And then–

And then it captures an image.

[Malcolm Roberts] Right. And then what is compared with that image?

That image is then presented to the Data Entry Operator who enters the data from that image–

[Malcolm Roberts] From the image–

Right.

[Malcolm Roberts] So he or she enters it physically.

Correct.

[Malcolm Roberts] So that’s the manual part.

That’s the manual part, then at the same time the data capture process as part of capturing the image is then compared with that manual process. Where that matches, that’s taken to be an accurate match. And that’s included in the count. Where it doesn’t match, we undertake further processes.

[Malcolm Roberts] So that last estimates in October, I asked what percentage of computer records that checked back against the paper record. And you took that on notice, your lengthy answer failed to provide a figure. Is that because it’s a hundred percent?

Which was the question Senator?

[Malcolm Roberts] I asked what percentage of computer records are checked back against the paper record? And you took that a notice, your lengthy answer, which is I think F-068. Hang on, it might be zero eight four. Sorry, zero eight, four. So, as I was saying your lengthy answer failed to provide a figure. Counting ballots is a quantitative exercise. So everything comes down to figures. What percentage of electronic voting cards are compared back to the ballot paper and what is the variance?

I wonder whether we’re talking about different things here, Senator. The process that I’ve just been through demonstrates that every single paper.

[Malcolm Roberts] Thank you.

Yep.

[Malcolm Roberts] Last question . On this topic, anyway. Has the AEC ever run a test batch of a few thousand ballot papers through your system then run those same ballots through a second time and compared the result? Surely any variance between these two runs would give you a figure for system accuracy.

Again, Senator I’d rely on what I’ve just said before that the process that we’re running involves a full manual entry of every single ballot paper compared then to the scanning, capture of the scanned data. So we’re doing that in any case.

[Malcolm Roberts] That that’s what I thought. Okay. Just a final question. Just to lose question. I was thinking as, the senators were asking questions. Voters tell us quite often that they’re then not in favour of being assaulted by a number of how to vote cards distributors being volunteers, distributing how to vote cards when they’re entering a polling booth and some of the premises managers getting to have a bit of strife with it too. I don’t know. I haven’t read the act that covers this, but would there be any possibility or any consideration given to putting the, how to vote cards in the booth or is that fundamentally flawed?

Absolutely not Senator yet. I know what you’re saying that occasionally people do so that. What I’d say in defensive 99.9% of all of the party workers is most people strive to do the right thing.

[Man] Yeah.

We have a few over-excited individuals that really like to get those how to vote cards in the hands of voters. And that can cause some offence but most people do the right thing. We would never put a how to votes in the polling place, because then get confused and think we’re endorsing a particular process and it creates grief.

[Malcolm Roberts] What about if everyone was in there? Every party.

Same thing people then get confused and I’d be absolutely–

[Malcolm Roberts] That’s a fair comment. So if someone’s handing it they can stop them and ask questions about it. Okay. Thank you. Thank you, Chair.

Thank you, Senator Roberts.

/by

Australian Signals Directorate

, ,

Transcript

[Senator Roberts]

Thank you Chair and thank you all for being here. I have a few short question mostly about elections. My questions are about the Australian Cyber Security Centre, in Senate estimates on the 19th of February 2019, Tom Rogers, the Deputy Director of the Australian Electoral Commission said, “We work very closely with our partner agencies, the Australian Cyber Security Centre from the Australian Signals Directorate,” and then he went on and then said again, “We work with them closely and we are very confident,” pause and then, “That there has been no breach of the AEC systems,” is that an accurate statement?

[Rachel Noble]

It absolutely is, we work very closely with the Australian Electoral Commission and actually as we do with all State and Territory electoral commission equivalents, particularly focused together in partnership in the lead up to an election, during the election and then post the election, where we’ll partner on looking for any cyber security or threats to the proper running of the election.

[Senator Roberts]

Thank you. Last night, the Australian Electoral Commission advised they have never used the Scytl software they purchased and instead used a bespoke system. They further commented that the internal code had been audited and reviewed. Has your office conducted a code level and server level audit of the Australian Electoral Commission election software?

[Rachel Noble]

Unless Ms. Bradshaw knows the answer to that specific question or Mr. Hanmore? No? We might have to take that level of detail on notice, Senator.

[Senator Roberts]

Okay. So, if you don’t know who did this mysterious audit, and do you also know if the software passed the audit? So, if you could, let us know that.

[Rachel Noble]

I could take that on notice, yes.

[Senator Roberts]

Thank you. During the election period, is the Australian Cyber Security Centre responsible for securing the data systems used by the Australian Electoral Commission?

[Rachel Noble]

Our functions, which are set out in the Intelligence Services Act allow us to provide advice and assistance, the ultimate accountability and responsibility is for the organisation, in this case the Australian Electoral Commission itself.

[Senator Roberts]

So, are you saying then that the Australian Electoral Commission itself secures the data systems that it uses?

[Rachel Noble]

[Rachel Noble]

That’s right.

[Senator Roberts]

[Rachel Noble]

Thank you. Last question, are you 100% confident the software and systems available to the Australian Electoral Commission for the 2022 election are fit for purpose?

We will partner, continue to partner with them but it would be unwise to sort of project into the future, we will, as I said in the lead up to that election, during and after, be working in, you know, the contemporary environment both based on the state of their systems that they in place at the time, our understanding of the threat environment that we will provide to them and we’ll work in a contemporary, agile and current environment at that time, but it would be unwise for me to provide guarantees about what may or may not happen in the future.

[Senator Roberts]

So, you don’t work with them on a regular basis more just around the elections?

[Rachel Noble]

That’s right, We’ll stay in partnership with them like we do all Australian government entities at all times, so, if we become aware of a specific threat to any Commonwealth or State and Territory or private entity for that matter, we will reach out with them and engage them on that, so, we’ll do that at any time throughout the year but we will have a particular, dedicated, focused effort with them, pre, during and after an election on top of that.

[Senator Roberts]

Okay, so, you will assess the situation at any time, and any time you might hear some potential threat and you get involved, but other than that you will only get involved just before during and after the election?

[Rachel Noble]

That’s right.

[Senator Roberts]

Thank you very much.

[Rachel Noble]

Thank you.

[Senator Roberts]

Thank you, Chair, see, it was less than five minutes.

[Chair]

Senator Patrick, you could take a leaf out of Senator Roberts’ book in relation to timeliness, but over to you.

/by

Is Australia’s election software hackable? Questioning the AEC at Senate Estimates

, ,

Confidence in our elections is a cornerstone of our democracy and many questions have been raised by events in the United States Presidential election about our own software, which was originally sourced from the same supplier – Scytl.

Last night I asked questions of the AEC regarding the serious issues found in other audits by the Australian National Audit Office and the Australian Signals Directorate, as well as by leading University cryptographers.

The AEC replied that having purchased Scytl software they then chose not to use it, and have developed their own bespoke system. They claim this has been audited and the AEC had every confidence it worked.

One Nation feel bland assurances of this critical issue is not good enough. Today I will ask the Australian Signals Directorate, who are responsible for cyber security, if they have conducted a server-level and code-level audit of that software. If ASD haven’t, then who did the audit and what was the result?

Audits are normally done by the Australian National Audit Office and that agency has not audited the AEC. We need to know that this software is fit for purpose so the public, candidates and media can have complete confidence in our elections.

Transcript

[Chair]

Thank you, Senator O’Sullivan, Senator Roberts.

[Malcolm Roberts]

Thank you Chair, thank you for attending tonight. My questions should be pretty quick I think, in terms of going through them. I’ve got a number of them. Where are pre poll votes kept during the pre polling period and where are they counted?

I might ask the National Elections Manager to step forward.

[Assistant Commissioner]

First Assistant Commissioner, they are kept in a secure location within the polling booth. We have secure facilities that hold those while they’re not counted until after 6:00 PM on election night.

[Malcolm Roberts]

What percentage of pre-post centres have monitored back to base alarms and monitored surveillance cameras covering the location of the stored paper ballots?

[Assistant Commissioner]

I don’t have that on me, I’ll have to take notice.

We’d have to take that on notice.

[Malcolm Roberts]

Do any?

[Assistant Commissioner]

Pardon!

[Malcolm Roberts]

Do any?

[Assistant Commissioner]

I couldn’t answer right off here now.

[Tom Rogers]

There’s a whole range of security measures that are put in place including the involvement of scrutinies in every step of the process, signed documentation with numbered seals that can’t be cut and security guards, were security guards are required and a range of other measures that provide total security for all of those ballots. We treat that very seriously.

[Malcolm Roberts]

So the Senate first preference votes are counted in the polling place and then, to get a rough count. And then transported to the Senate scrutiny centre to be recounted, is that correct?

[Assistant Commissioner]

Correct.

[Tom Rogers]

That’s correct.

[Malcolm Roberts]

Do you compare the polling place count with the machine count?

[Assistant Commissioner]

We do.

[Malcolm Roberts]

Thank you. The 2013, how often or how, what sort of frequency, what sort of sampling?

[Assistant Commissioner]

The whole time. We manage those numbers all the way through to make sure that we’ve got the right… Are you’re talking about the… Well, sorry, there’s two parts to your question there. The first is that we always compare to the first count and we always see what we’ve done throughout the thing. I think what you’re asking there is how much sampling you just said?

[Malcolm Roberts]

Correct.

[Assistant Commissioner]

Right. We do do a portion of sampling throughout to make sure that it’s consistent.

[Malcolm Roberts]

What sort of portion, roughly?

[Assistant Commissioner]

I don’t have that on me. I have to take that on notice.

[Malcolm Roberts]

Okay, thank you. The 2016 Senate machine count was supplemented by a hand count. Did you compare the scanning accuracy with the manual count accuracy?

[Assistant Commissioner]

Great, so-

[Tom Rogers]

I might just start before Ms. White answers. It wasn’t supplemented, It’s actually part of the process, Senator. So it’s not a supplemented issue. What we’ve got is a manual count and a scanning process. The results of those are compared and where there’s no issues then that vote is then included in the count. It’s deliberately set up that way as a check mechanism. It’s not supplemented by. It’s actually one part of the-

[Malcolm Roberts]

Part of the process?

[Assistant Commissioner]

Yeah.

[Assistant Commissioner]

Correct.

[Malcolm Roberts]

Okay. Thank you. The software you use in the Senate scrutiny centre is sourced from Scytl.

[Assistant Commissioner]

No, it is not.

[Malcolm Roberts]

No. Who is it sourced from?

[Assistant Commissioner]

We, it is a bespoke system that we use within the AEC.

[Malcolm Roberts]

Okay thank you. I understand the AEC issued a contract to Scytl Australia to update the software between 2016 and ’19. Is that correct?

[Assistant Commissioner]

No.

[Malcolm Roberts]

There’s a Tender here.

[Assistant Commissioner]

Yeah, there is. So in 2016, when we had the short lead time to put this new scanning solution in, we had a number of tenders go out to see who could replace or upgrade the systems to be able to do the new process. They did try and do that but we ended up going with our internal process.

[Malcolm Roberts]

Okay, so the serious flaws found in the Scytl software in 2016 and in the 2019 New South Wales state audit. So I note that the 2016 audit found that admin passwords were left in during the election period, admin logs were not kept, software changed logs were not kept and the wifi was not disabled on the computers holding the votes.

[Tom Rogers]

I think you’re talking about the New South Wales.

[Assistant Commissioner]

Your New South Wales, that’s what it was.

[Tom Rogers]

I actually don’t wanna dispatch our New South Wales colleagues but I think you’re talking about the New South Wales state election and I-

[Malcolm Roberts]

We’ve got questions about that, yeah.

[Tom Rogers]

I think that’s what you’re referring to there.

[Malcolm Roberts]

So can you assure the committee that none of these errors affected the 2019 election in federally.

[Assistant Commissioner]

Well I can tell you it didn’t, because we didn’t use that software.

[Malcolm Roberts]

At all?

[Assistant Commissioner]

We’ve never used Scytl software for our election.

[Malcolm Roberts]

You’ve used your own bespoke system.

[Assistant Commissioner]

We have.

[Malcolm Roberts]

Okay. Dr. Vanessa Teague associate professor at the ANU college of Engineering and Computer science and Australia’s leading cryptologist was able to hack into the New South Wales Scytl server and change the votes in real time before they were passed through to the AEC server. Can this be done to the system you propose to use in the next federal election?

[Assistant Commissioner]

Nothing is plausible.

[Tom Rogers]

Just for the record, That’s not the AEC server, that was the New South Wales

[Malcolm Roberts]

New South Wales Again?

[Tom Rogers]

commission again. And we have sufficient measures in place that we’re satisfied with all the security measures that we have for the federal event and for the scanning of the Senate vote.

[Malcolm Roberts]

So Dr. Teague is Australia’s leading cryptologist. Would she be welcome to come back and do further audits?

[Tom Rogers]

Frankly, Senator, no. We’ve complied with, we work with a range of partners including the Australian Signals Directorate, the Australian Cyber Security Centre. We’ve had our internal code audited, checked and a range of other issues and not being rude, I’m sure that Dr. Teague is a wonderful person but we’ve had sufficient checks in place to assure ourselves that that system is running smoothly.

[Malcolm Roberts]

Okay. In Senate estimates on the 27th of February, 2018 in response to concerns raised about the audit software I think by Senator Farrell, Mr. Rogers, you made the following comment, quote “To the extent that I can be confident that nothing untoward happened. I’m very confident that nothing untoward happened and I am very confident the processes we’ve put in place.” That doesn’t sound like a resounding guarantee of the cyber integrity. Can you make an unequivocable guarantee of this as the sole assurance of the sovereign integrity of the software?

[Tom Rogers]

What I can tell you, Senator is that no one would sit in this chair and give an unequivocal guarantee about that issue. I would be cheapening the guarantee by giving it. What I’ve done very clearly is said to the extent that we’re aware and our partner agencies are aware, and the security agencies that we work with, we are satisfied with all the measures we have put in place. But no one is going to give you an unequivocal guarantee on that because there are unknown factors at play. But I am very, very, very confident that we’ve got an incredibly robust system in place that’s worked well and continues to work, and we continue to assess it. We continue to work with our partner agencies. We comply with all Commonwealth guidelines, cyber security guidelines. And I think it’s a fantastically secure system. I can’t give any stronger than that. If I said, I give you an unequivocal guarantee I don’t think anyone would give an unequivocal guarantee about anything, there are factors that I’m not aware of.

[Malcolm Roberts]

Well you’ve certainly lifted a burden from my mind with regard to Scytl. In 2016, it took 29 days to transport the completed ballot to the Senate Scrutiny Centre, you allowed apparently 18 days and it took 29. How long did it take in 2019 to get the ballots to the Senate Scrutiny Centre? And what is your projection for 2022?

[Assistant Commissioner]

So I’d have to take that on notice, and probably ask you to expand a little bit on that because we do a rolling transportational logistics of all our papers every day as they’re counted in our outpost of centres. We continually roll them through to our scanning,

[Tom Rogers]

Count them, all of them, send them off…

[Assistant Commissioner]

So it might take a total of 29 days to do all of those millions of ballot papers but they won’t take 29 days to get there.

[Malcolm Roberts]

So they take from each pre polling centre each day?

[Assistant Commissioner]

And each polling day output and into the output centre. And then they are rolled out and continually scanned through the whole process. If we waited till the 29th day you wouldn’t have a Senate result in time.

[Malcolm Roberts]

What sort of confidence do you have with regard to the integrity of the votes being preserved during that transfer.

[Tom Rogers]

Very high. We’ve got a whole system in place. We, as I said before, we’ve got specially designed boxes. Those boxes are secured by numbered seals that are witnessed at both sites. They’re counted in and out. They’re reconcile when they arrive at the Senate scanning centre-

[Assistant Commissioner]

Scrutineers can also-

[Tom Rogers]

Scrutineers are also involved in the process. It’s a good system, sir.

[Malcolm Roberts]

So you’ve got serial numbers recorded as they leave a pre polling place.

[Assistant Commissioner]

Yes.

[Tom Rogers]

That’s correct.

[Malcolm Roberts]

And when they arrive to the destination.

That’s correct. At the last Senate estimates in response to a question from Senator Farrell again on the AEC budget, Mr. Ryan made the statement that quote, “We are cognizant of the complex cyber environment that we operate in. At the moment we do a 24/7 manual look at security for cyber at election time. Could you please tell me what 24/7 manual look at security for cyber looks like?

[Assistant Commissioner]

Well…

[Malcolm Roberts]

What does it mean?

[Tom Rogers]

Well, I can tell you that. As I mentioned before, Senator, we are compliant with all Commonwealth cybersecurity guidelines. We are always, did it say Mr. Rogers or Mr. Ryan said this, by the way?

[Malcolm Roberts]

Mr. Ryan.

[Tom Rogers]

Mr. Ryan. What it means is that we are fully compliant with Commonwealth guidelines. We monitor our system at 24 hours a day like every other Commonwealth government department does to make sure that it’s safe and secure. And I think that’s what Mr. Ryan was probably indicating. It’s not so much a manual process that we do that in any case. And we’re always monitoring our own system. We’ve got good arrangements in place. We work with other Commonwealth security agencies to make sure our systems are monitored. And we’re very satisfied with the level of security we have on our system.

[Malcolm Roberts]

Okay. Thank you. I understand your software was approved by IBM in 2017 as having a likely error rate below 0.5%. Is that correct? And what was your error rate in 2019?

[Tom Rogers]

I might have to take that one on notice, I think Senator

[Malcolm Roberts]

Okay. Thank you. 16.4 million ballots at 0.5% error rate indicates that up to 80,000 Senate votes nationally were recorded in error. Is that acceptable to the AEC?

[Tom Rogers]

I think I’d wanna look at the statistics of that before I answer Senator, I don’t think we have that here tonight so,

[Malcolm Roberts]

On notice?

[Tom Rogers]

Let me look at that.

[Malcolm Roberts]

Okay. Two more questions, Chair. What audit has been conducted on the software used in the Senate scrutiny centre including comparison of the accuracy of the scanned file against the original paper record and the accuracy of the routine use to allocate preferences?

[Tom Rogers]

I’ll take that on notice.

[Malcolm Roberts]

Thank you. In previous estimates… This is a different line of questioning. In previous estimates, the AEC has indicated that when a federal election follows a state election there is an increase in informal votes as voters vote federally in the manner they voted in the state election. That’s understandable. I note your testimony that the AEC spends extra time and money educating voters in those States. Can I ask if any consideration has been given to allowing the States to specify the voting technique for their own state and federal elections, which would remove this confusion for good? I’m not advocating it I’m just asking about it.

[Tom Rogers]

No.

[Malcolm Roberts]

No consideration? Thank you very much. Thanks Chair.

Thank you very much, Senator Roberts, your economy with your questioning is very much appreciated.

/by