Posts

When I started researching election integrity I was doing it to show that our elections are secure. That is not what I found. There is no requirement to audit the results and no ID requirements to ensure there is no double voting. Our electoral legislation is full of holes. My bill seeks to fix those holes using audits that many well researched committees, agencies and investigations have already suggested. There really isn’t much reason to vote against it.

Transcript

As a servant to the people of Queensland and Australia I present the the Commonwealth Electoral Amendment (Integrity of Elections) Bill 2021, which amends the Commonwealth Electoral Act 1918.

This bill provides for the routine auditing of the electronic component of Australian federal elections and for the provision of voter identification.

It should also be noted that this bill does not look backward to previous elections, but rather forward to ensure confidence in the next election.

During COVID the actions of unelected bureaucrats and incompetent politicians has wiped out small businesses and jobs, disrupted lives and reduced many people to desperation.

The next election will be a powder keg.

It is essential to ensure that Australians can accept the result and move on.

Suspicion of the outcome can be easily fueled, especially on social media, and turned into violence by those who seek to manipulate the result for their own ends.

The level of trust in the result must be commensurate with the current heightened level of risk.

When I started researching election integrity it was to show that our elections are secure. That is not what I found.

The Australian National Audit Office conducted three audits into the 2013 federal election. Their final report came out in 2016. This is what ANAO said about the Australian Electoral Commission (the AEC):

In 2014 the Joint Standing Committee on Electoral Matters wrote to the Auditor General seeking a performance audit focusing on the adequacy of the Australian Electoral Commission implementation of recommendations arising from earlier ANAO audits of the AEC.

The Auditor General decided to conduct 3 related performance audits.

All three reports found that the AEC had not adequately and effectively implemented the earlier ANAO recommendations. The reports concluded that in order to protect the integrity of the Australian electoral system and rebuild confidence in the AEC these recommendations should be implemented.

AUDITOR-GENERAL REPORT NO. 6 OF 2015–16

The report went on to say:

“ANAO plans to undertake a follow-up audit following the next federal election, in 2016, to examine the adequacy and effectiveness of the AEC’s implementation of the ten recommendations made by ANAO across three reports.”

AUDITOR-GENERAL REPORT NO. 6 OF 2015–16

Those recommendations included:

“the AEC must develop a strategy for deeper reform to ensure and demonstrate integrity in all aspects of the election, including a fundamental overhaul of the AEC’s policies and procedures to restore confidence in the electoral process”.

AUDITOR-GENERAL REPORT NO. 6 OF 2015–16

Let me say that again – a fundamental overhaul to ensure election integrity.

Mr President the follow-up audit to test how well the AEC implemented this fundamental review into election integrity never occurred.

Perhaps someone should do a bill to bring on that audit. Oh wait Mr President, I did.

Were ANAO happy for this direction – apparently not.

In their submission to this bill ANAO said my bill was not necessary as they had the power to audit the AEC at any time.

If that is the case then they should get on with it.

Mr President New South Wales and Western Australia have provisions in their electoral acts to audit state elections.

New South Wales conducts an audit before each election to ensure systems are fit for purpose and then audits again after each election to ensure integrity, and to see what can be improved for next time.

Western Australia audits after every election.

There is no audit function currently specified in the Commonwealth Electoral Act 1918.

This bill creates a function for the Auditor General to audit the operation of the AEC twice in each election cycle:

  1. In the lead up to the election; and
  2. From polling day to the declaration of the poll.

 The audit provided for in this bill covers electronic measures, and tests if:

“the use of authorised technology produces the same result as would be obtained without the use of authorised technology.”

Put simply this is asking the Auditor General to ensure that the use of computerised voter rolls, tallying, preference allocations and related matters produced a result that accurately reflects the will of the people.

ANAO felt that was too high a bar to meet, I would consider ensuring the will of the people was accurately reflected in the result was the bare minimum for any election audit.

This bill does not specify what will be audited. The decision regarding the operation of the audit is best left to the agencies conducting the audit.

Secondly, this bill authorises the Australian Signals Directorate (ASD) to audit and monitor computer systems for unauthorised access internally and externally.

This is targeting both unauthorised access from within the system and unauthorised external access by malicious entities.

The Australia Signals Directorate is currently conducting a cyber “uplift program” at the Australian Electoral Commission. While the program is most welcome, there is no basis in the Commonwealth Electoral Act 1918 or the Intelligence Services Act 2001 for that program.

This bill brings legislation into line with current practice.

Mr President In May Senate estimates I asked the Australian Electoral Commission simple questions regarding their auditing. I was assured that audits are occurring. On no occasion then or since have the following questions been answered:

  • Who conducted the audit?
  • When was the audit conducted?
  • What was audited?
  • What was the result?
  • Have any changes been made as a result of the audit?

It is disturbing that such an audit could happen behind closed doors without direction or structure. It is more disturbing that this program has no legal basis in the Commonwealth Electoral Act.

We should not have to rely on the admirable conscientiousness of the Australian Signals Directorate. We should be able to rely on the completeness of our legislation.

Mr President I also looked at other issues around election integrity.

First up was a simple question: At the Senate Scanning Centre is the electronic data file containing each vote ever compared back to the paper ballot after the vote has been adjudicated?

That answer is no. At no time is the electronic record of a vote checked back against the paper ballot once the ballot is adjudicated.

Some disputed votes are held back and adjudicated later in the counting process, then filed away.

There is no routine sampling beyond that point. That is not acceptable.

The third part of my bill is for voter ID. Most of the recommendations in the ANAO report, that was never followed up, went to failures in the integrity of voter rolls.

It is too late to go back now and audit those rolls before the next election, by way of re-commencing residency checks, as ANAO recommended.

It is not too late for a quick fix – which is voter ID. Asking for simple identification will act as an audit on the rolls in real time, and ensure every vote cast was legitimate.

This is not my idea. Recommendation 21 of the Joint Standing Committee on Electoral Matters Inquiry into the 2019 Federal Election called for voter identification to be introduced. This same finding was made in 2016 and 2013.

Schedule 2 of this bill is drafted to give effect to the committee recommendation as literally as possible.

Voters must present a form of acceptable identification to be issued with an ordinary pre-poll or election day vote. Authorised identification must be suitably broad so as to not actively prevent electors from casting an ordinary ballot.

This bill allows a wide range of acceptable voter ID. The AEC is empowered to make further regulations to ensure voters are not disenfranchised.

The AEC noted in their submission to the JSCEM inquiry that:

“multiple voting is frequently the subject of media commentary and social media speculation. Such a degree of focus is entirely understandable: there can hardly be a more emblematic component of trust in electoral results than ensuring eligible voters only exercise the franchise [appropriately].”

Multiple voting is a red herring in this debate. My bill is not concerned with multiple voting, it is concerned with ensuring every vote cast was made according to law.

The Commonwealth Electoral Act (Integrity of Elections Bill) 2021 is about protecting confidence in our elections.

The cyber integrity of our elections and the use of voter identification is essential to that confidence.

I recommend the Commonwealth Electoral Amendment (Integrity of Elections) Bill 2021 to the Senate.

Transcript

[Senator Roberts]

Thank you Chair and thank you all for being here. I have a few short question mostly about elections. My questions are about the Australian Cyber Security Centre, in Senate estimates on the 19th of February 2019, Tom Rogers, the Deputy Director of the Australian Electoral Commission said, “We work very closely with our partner agencies, the Australian Cyber Security Centre from the Australian Signals Directorate,” and then he went on and then said again, “We work with them closely and we are very confident,” pause and then, “That there has been no breach of the AEC systems,” is that an accurate statement?

[Rachel Noble]

It absolutely is, we work very closely with the Australian Electoral Commission and actually as we do with all State and Territory electoral commission equivalents, particularly focused together in partnership in the lead up to an election, during the election and then post the election, where we’ll partner on looking for any cyber security or threats to the proper running of the election.

[Senator Roberts]

Thank you. Last night, the Australian Electoral Commission advised they have never used the Scytl software they purchased and instead used a bespoke system. They further commented that the internal code had been audited and reviewed. Has your office conducted a code level and server level audit of the Australian Electoral Commission election software?

[Rachel Noble]

Unless Ms. Bradshaw knows the answer to that specific question or Mr. Hanmore? No? We might have to take that level of detail on notice, Senator.

[Senator Roberts]

Okay. So, if you don’t know who did this mysterious audit, and do you also know if the software passed the audit? So, if you could, let us know that.

[Rachel Noble]

I could take that on notice, yes.

[Senator Roberts]

Thank you. During the election period, is the Australian Cyber Security Centre responsible for securing the data systems used by the Australian Electoral Commission?

[Rachel Noble]

Our functions, which are set out in the Intelligence Services Act allow us to provide advice and assistance, the ultimate accountability and responsibility is for the organisation, in this case the Australian Electoral Commission itself.

[Senator Roberts]

So, are you saying then that the Australian Electoral Commission itself secures the data systems that it uses?

[Rachel Noble]

[Rachel Noble]

That’s right.

[Senator Roberts]

[Rachel Noble]

Thank you. Last question, are you 100% confident the software and systems available to the Australian Electoral Commission for the 2022 election are fit for purpose?

We will partner, continue to partner with them but it would be unwise to sort of project into the future, we will, as I said in the lead up to that election, during and after, be working in, you know, the contemporary environment both based on the state of their systems that they in place at the time, our understanding of the threat environment that we will provide to them and we’ll work in a contemporary, agile and current environment at that time, but it would be unwise for me to provide guarantees about what may or may not happen in the future.

[Senator Roberts]

So, you don’t work with them on a regular basis more just around the elections?

[Rachel Noble]

That’s right, We’ll stay in partnership with them like we do all Australian government entities at all times, so, if we become aware of a specific threat to any Commonwealth or State and Territory or private entity for that matter, we will reach out with them and engage them on that, so, we’ll do that at any time throughout the year but we will have a particular, dedicated, focused effort with them, pre, during and after an election on top of that.

[Senator Roberts]

Okay, so, you will assess the situation at any time, and any time you might hear some potential threat and you get involved, but other than that you will only get involved just before during and after the election?

[Rachel Noble]

That’s right.

[Senator Roberts]

Thank you very much.

[Rachel Noble]

Thank you.

[Senator Roberts]

Thank you, Chair, see, it was less than five minutes.

[Chair]

Senator Patrick, you could take a leaf out of Senator Roberts’ book in relation to timeliness, but over to you.