Judge Amy Totenberg has issued a decision in which she agrees that there is sufficient reason to believe that the electronic voting machines used by the state of Georgia have substantial defects.
The district court judge found that there is sufficient reason to believe that there may be “cybersecurity deficiencies that unconstitutionally burden plaintiffs’ First and Fourteenth Amendment rights and ability to cast effective votes that are accurately counted.”
Totenberg scheduled a bench trial for Jan. 9, 2024, which involves the absence of a jury. However, he acknowledged that a compromise could be possible if the state legislature took action.
“The Court cannot wave a magic wand in this case to address the various challenges to our democracy and electoral system in recent years, including those presented in this case,” he wrote. “But reasonable and timely discussion and compromise in this case, along with prompt and informed legislative action, can surely make a difference that benefits the parties and the public.”
Critically, the court denied that criticisms of Georgia’s voting machine security failures are based solely on “conspiracy theories.”
“The Court notes that the evidence in the record does not suggest that Plaintiffs are conspiracy theorists of any kind. Indeed, some of the nation’s leading cybersecurity experts and computer scientists have provided testimony and affidavits on behalf of Plaintiffs’ case in the long course of this litigation,” the judge’s footnote noted.
The District Court then presented several set objections to the 2020 election.
First, the Court recognized this, because the DREs did not include any documents
voting track, “No voter could verify whether their particular desired votes
the candidates were elected.”
The court notes that several voting machines were running an outdated Windows XP/2000 operating system, and the DRE machines were running software from 2005.
this was “so outdated that the software manufacturers no longer supported it
or provide security patches.”
The Court then reviewed “the newly available evidence regarding the CES/KSU
data breach, mismanagement of data systems and record destruction events
previously addressed in the PI Order of 2018. The expanded record was disclosed
additional troubling details about the breach.”
Additionally, the Court found in its 2019 Order that “plaintiffs submitted
significant evidence of vulnerabilities in the State’s voter registration database
connection with the previously discussed exposure of voter data, the exposure of
passwords and outdated software issues.”
Plaintiffs also raised issues related to the State’s ability “to audit the functionality of BMDs, specifically in the event that selections contained in QR codes do not match those appearing in human-readable text (for example, if the (QR codes) had been tampered with.) At the hearing, the State Defendants argued that the audits would focus on the human-readable text, not the QR codes. The plaintiffs argued that the audits would not necessarily address this problem because most voters do not review each of their selections contained in human readable text. This would not allow the impressions to be properly audited against the QR data…”
Ultimately, the Court concludes that there are “disputed material facts presented in the record that preclude the granting of the State Defendants’ motions for summary judgment on the primary claims.”
The Court then announced that it “will resolve these disputes of material fact and related legal issues based on the evidence presented at a trial to begin on January 9, 2024.”
Importantly, the Court recognizes that the most important remedies for electoral integrity may be political rather than judicial.
“To be clear at the outset, the Court does not have the legal authority to award
the broadest relief plaintiffs seek in this case without directly infringing
the state legislature’s vested power to enact legislation,” the judge said. “Even if plaintiffs prevail on their substantive claims, the Court cannot enjoin the Georgia legislature from passing legislation creating a system of paper voting or judicially impose a statewide ballot system as an injunctive relief in this case. Simply put, the Court has the legal authority to identify constitutional deficiencies with the existing voting system, but it does not have the power to prescribe or order new voting systems (ie, a paper voting system) to replace the system current promulgated by legislation. “
But the court did not want to hear evidence that insufficient election security can amount to a violation of constitutional rights.
“That said, as the Eleventh Circuit previously recognized in this case, it accommodates challenging election procedures. [or policies] are routine’, and there are critical issues raised in this case that do not ‘present a policy question beyond the reach of this Court.’ Curling v. Raffensperger, 50 F.4th 1114, 1121 n.3 (11th Cir. 2022).”
“Nonetheless, Plaintiffs have a heavy burden to establish a constitutional violation related to Georgia’s BMD electronic voting system, whether through the manner in which the State Defendants have implemented the voting system, i.e. , which imposes serious security voting risks and burdens affecting plaintiffs’ voting rights, or otherwise,” the judge added.
Several election security experts testified on behalf of the plaintiffs: Dr. J. Alex Halderman, Dr. Philip Stark, Kevin Skoglund, Dr. Andrew Appel, and Harri Hursti.
Perhaps the most substantive critique of the current state of voting systems in Georgia came from Dr. J Alex Halderman.
On July 1, 2021, Dr. Halderman filed an extensive and detailed report both (1) outlining his previous testimony in this case and (2) identifying additional vulnerabilities he found in the BMD system, based on his evidence of a DMO and associated election team that provided him by Fulton County. (See redacted Halderman Report, Doc. 1681.)
Dr. Halderman identifies seven main vulnerabilities, as follows:
1. Attackers can alter QR codes on printed ballots to alter voter selections
2. Anyone with brief physical access to BMD machines can install malware on the machines
3. Attackers can spoof or tamper with the smart cards used by a BMD to authenticate technicians, poll workers and voters, which could then be used by anyone with physical access to the machines to install malware on the BMDs (id .);
4. Attackers can run arbitrary code with supervisory privileges and then exploit it to spread malware to all BMDs in a county or state (id.);
5. Attackers can alter BMD audit logs (id.);
6. Attackers with brief access to a single BMD or a single poll worker card and PIN can obtain the county-wide cryptographic keys, which are used for authentication and to protect election results on the poll cards scanner memory (id.); i
7. A rogue poll worker with brief access to the ICP scanner’s memory card could determine how individual voters voted (id.).
Dr. Halderman also opines that “privileged voters and ordinary voters could
be recruited by domestic political actors or hostile sophisticated foreign nations
attack Georgia’s voting system, for example, by planting malware.”
Following the trial court’s review of the case, the State defendants’ motions for summary judgment were granted in part and denied in part.
Fulton County’s motion for summary judgment, however, was granted in its entirety.
NOW READ:
Fulton County Board of Elections discovers ‘missing’ ballots from November election
English 
Español de Venezuela 