Maricopa County Forensic Audit

Initial Obstruction

Based on several unresolved issues from the election and the county’s own internal audit – as explained in our main Arizona article – the state Senate issued several subpoenas (legally binding requests) to the Maricopa Country election board and county recorder, to access its voting machines, copies of all ballots and much more so it can perform its own audit. The election board argued vehemently against those requests, saying they were overly broad, and aimed to negotiate a settlement with the Senate. ¹ The Senate eventually received the ballots and some of other requested materials, and began the audit.

Continued Obstruction

In May, mid-way through the major forensic audit, the senate committee identified the following issues that it asked the county election board to clarify: ²

1. Ongoing refusal to comply with the Senate’s subpoenas
2. Chain of custody and ballot organization anomalies
3. Deleted vote-counting databases

The Maricopa County Board of supervisors responded with this letter on May 17, 2021, denying all wrongdoing and heavily denouncing the skills of the auditors and legitimacy of the audit, however they appear themselves to misunderstand the workings of data recovery software.

July Senate Hearing

On July 16, 2021, a 2-hour hearing was given in the Arizona Senate, with auditors raising several questions and issues that are preventing them from completing the audit, including:

• 73,243 mail-in ballots have no record of being sent out ³ (Maricopa County later responded, arguing that this number also includes early in-person votes which would not have been mailed)

• 11,326 voters were not listed on November 3 voter roll, but were listed on December 4 voter roll and were listed as having voted in the election ³

• 18,000 who voted in November but were then removed from the rolls ^{3 4}

• Thousands of duplicated ballots that lacked serial numbers. Senate President Karen Fann noted that without serial numbers, it would be impossible to know how many times a ballot was duplicated. ³

• 168,000 ballots are printed on unofficial paper that the county claims they did not use. This could be a simple mistake, or an indication of fraudulent ballots. ³

• An unpublicised digital breach of the election system in November ^{3 4}

• A one-off digital event erasing the security log for the period covering the November election. The auditors reported 37,646 entries into the digital security log for the election management system – which has only eight accounts – on one day, 11 March 2021. Data being kept on a first-in, first-out principle, the digital deluge shoved enough previous data out to hide election security log events before February 2021. Rep. Finchem claims this shows criminal intent. ^{3 4}

The full hearing was available on YouTube Censored, or on Rumble, here.

Maricopa County officials have been highly oppositional to the audit at every stage, and deny each of the issues. They have responded to common questions and allegations on their website.

Further Subpoenas

Meanwhile, the Senate issued fresh subpoenas (legally binding requests) to obtain the missing information required to complete the audit: ballot envelopes (or images of them), voter records, routers (or router images), all findings concerning systems breaches, and all usernames and passwords for election machines. ⁵ After the subpoenas were refused, the Senate has referred the matter to the state’s Attorney General for investigation.

Common Criticisms of the Audit

Based partly on Ryan Wiggins’ article from 97.1 FM Talk.

“This is a partisan audit only done by Republicans, so it can’t be trusted.”

Democrat officials knowingly turned down being involved in the audit, instead preferring to discredit it to their media allies. ⁶ Volunteers involved in the audit were recruited from all political sides — in fact volunteers were not even asked which party they belonged to or who they voted for.

“It was paid for by far-right-wing groups.”

The Senate chose to avoid criticism by not spending millions of taxpayer dollars on it, instead leaving private donors as the only means of funding. ⁶ 56% of the funding came from The America Project, an organization led by Patrick Byrne, a Libertarian who did not even vote for Trump. Other funders include Former Lt. General Michael Flynn and Christina Bobb from OAN News ⁷ — hardly “far right”.

“Cyber Ninjas and other groups doing the audit have no forensic audit experience.”

This is, in fact, true. US elections have never been forensically examined at this scale, therefore nobody has any experience in doing such an audit. There has been no precedent. ⁶

“These people are not even certified auditors.”

Despite the media use of the term “certified auditors”, there is actually no such thing as accredited election auditors in America, only accredited voting system test laboratories (VSTLs). These labs are hired by voting machine companies like Dominion to grant them government EAC (US Election Assistance Commission) certification, and as such would be inherently biased against finding issues in machines that they themselves were paid to certify.

When the Senators then approached big financial auditing companies, they all refused, saying it would put their government contracts at risk. ⁸

“Even Republicans on the Maricopa Board of Supervisors have resisted this audit.”

Yes, they have resisted heavily! Early on they agreed with the idea, but after visits from out-of-state lawyers, they begin resisting efforts and even ignoring subpoenas. One would expect officials to comply with members of their own party, especially if it could exonerate them. They instead have resisted transparency. ⁶ What do they have to hide?

Seth Keshel also notes that Chairman Jack Sellers won his election by only 403 votes (0.1%) out of 424,531 cast, and is unlikely to want to risk his position by having the results investigated. ⁹

“There have already been audits that proved nothing happened in Maricopa County, AZ.”

The previous audit in Maricopa County was organized by themselves and utilized Pro V&V and SLI Compliance — companies that Dominion had previously contracted to certify their machines. They would likely be inherently biased against finding issues in the same machines they, themselves, were paid to certify.

Many other audits of this nature are also small “risk limiting audits” which examine a small percentage of the ballots. The full forensic audit examined around 2,100,000 ballots, including the paper, the counting process, the chain of custody, and other related processes. This was a much deeper examination than had been done before.

“There were blue and black pens on the tables. They were looking for bamboo fibers in the papers. One of the insurrectionists was there counting. Etc…“

Lots of small things were raised to nitpick on the audit, yet it was live-streamed 24 hours a day from more than a dozen camera angles. Security was very tight, and anyone – regardless of party – was held to the high standard.

“Cyber Ninjas CEO Doug Logan pushed election conspiracy theories.”

The main accusation against him (that we could find) is that he is allegedly “Anon”, the anonymous interviewee in the documentary The Deep Rig (something we have not yet been able to confirm) who apparently said that “If we don’t fix our election integrity now, we may no longer have a democracy.” The interviewee also claimed that current and former members of the Central Intelligence Agency (CIA) were involved with a “disinformation” campaign directed at the 2020 presidential election. ¹⁰

If true, the first statement can hardly be called “conspiracy”. And while the second does allege a form of conspiracy, it’s not at all baseless, as federal agencies have been clearly implicated by Department of Defense Chief of Staff Kash Patel, and US House Intelligence Committee Chairman Devin Nunes, as they explain in detail in the documentary The Plot Against The President.

If fraud does exist in Maricopa County, it is arguably better to have someone sceptical of the results investigate — as long as they can legitimately prove their conclusions — rather than someone who believes everything is fine already.

Also, if the Democrats had accepted the offer to be involved in the audit from the start, they could have participated in picking the cyber team. Why did they choose not to participate?

Telling the Story

On Aug 12, at the Cyber Symposium, Arizona State Representatives Mark Finchem, Sonny Borrelli, and Wendy Rogers told the story of the entire audit process, including responding to early election fraud reports and moving through with the forensic audit despite many obstructions from Maricopa County, the media and others.

Senate President Karen Fann also tells the story from her perspective in a 3-part video series on Twitter. See Part 1, Part 2, Part 3.

Settlement Regarding Routers and Splunk Logs

After further pressure from the Senate to release the routers and splunk logs for auditing, the Senate and County reached a settlement agreement (read it here) where the County Supervisors will give the Splunk logs and the routers over to a third party, a trusted source which is former Arizona Congressman, John Shadegg, who will act as a caretaker of the data, a trusted 3rd party. Cyber Ninjas will then (reportedly) be able to get everything that they want from him ¹¹, although the terms of the agreement appear to conflict with this. ¹²

Unfortunately, it has been reported that John Shadegg has lobbied on behalf of company “Hickman’s Eggs” in the past. Hickman’s Eggs is owned by the then Chair of the Maricopa County Supervisors, Clint Hickman. Supervisor Hickman has been a hostile player in regard to the audit, and as such, John Shadegg may not be a neutral player, but instead hold a direct conflict of interest. ¹³

Senator Kelly Townsend has been posting regular updates on her Telegam channel — despite not being allowed into the audit committee itself, she is keeping a close eye on proceedings. The Arizona Conservatives Channel also has regular updates.

Forensic Audit Results

The final forensic audit results are due to be released Friday, September 24, at 1pm Arizona time.

The Arizona Audit team was previously posting frequent updates on Twitter here, until Twitter suspended their account in late July. Updates are now on Telegram at @ArizonaAudit.

Voter Canvassing Effort

A part of the Maricopa Forensic Audit involved voter canvassing — directly interviewing voters and visiting registered addresses to confirm that official records match how residents actually voted. The Federal Department of Justice swiftly enacted significant pressure against this canvassing, saying that it equated to “voter intimidation”, and would be potentially illegal. This blockade of the Senate’s efforts forced them to focus on the remaining aspects of the audit.

But hundreds of private citizens such as those led by Liz Harris had already begun their own grass-roots canvassing effort, visiting 11,708 residential properties and gathering data on 4,570 voters. We’ve summarized her team’s findings on the main Arizona page, here.

Final Report

On Sep 24, 2021, the Arizona Senate heard presentations from the key auditors, presenting their findings.

The audit report identifies more than 57K questionable votes, intentionally deleted election files, and other suspicious voting machine activity. ¹⁴

The official written reports can be obtained from The Arizona State Senate Republican Caucus, or we’ve included direct links below.

Major issues identified:

• 255,326 early votes are recorded in the VM55 file of counted ballots but are missing from the EV33 file ¹⁵

• 17,322 duplicate votes (where voters sent in 2 or more ballots) that were illegally counted in the final certified tally (a large surge of these were dated the week following the election) ¹⁶

• 27,807 ballots cast from individuals who had moved prior to the election, and are unlikely to have physically received their ballots legally

• Envelopes without signatures that were stamped as “approved”

• Ballot envelopes showing an apparent “approved” stamp behind the basic graphics of the envelope, suggesting tampering, or at the very least, poor quality scanning and archival of envelope images

• The systems related to elections integrity had numbers that could not balance or agree with each other

• The voter rolls and the registration management process itself having many data integrity issues. For instance, over 200 individuals were easily identifiable as likely being the same person but having two different Voter IDs and voting twice in the election.

• Without access to the County’s detailed records including personally identifiable information and registration systems it is more likely there were many tens of thousands of improper votes in the election from double voters, deceased voters, voters for which there is no trace in the public records nor association to their voting address

• Proper voter registration law and procedures were not followed

• There were unexplained large purges of registered voters, right after the election, of people who had voted in the election

• There was back-dating of registrations, adjustments made to historical voting and voter records, unexplained linking of voter registration affidavits to multiple voters and more

• Files were missing from the Election Management System (EMS) Server and other voting machines, either intentionally or negligently removed

• Ballot images on the EMS were corrupt or missing

• Logs appeared to have been intentionally overwritten

• All data in one database related to the 2020 General Election had been fully wiped. This occurred on the day prior to Maricopa’s own internal audit. ¹⁷

• On the ballot side, batches were not always clearly delineated, duplicated ballots were missing the required serial numbers, some originals were duplicated more than once, and the auditors were never provided chain-of-custody documentation for the ballots for the time-period prior to the ballot’s movement into the auditors’ care. This all increased the complexity and difficulty in properly auditing the results.

• There were significant anomalies identified in the ratio of hand-folded ballots, on-demand printed ballots, and a significant increase in provisional ballot rejections for a mail-in ballot already being cast, suggestive of mail-in ballots being cast for voters without their knowledge.

• Maricopa County failed to follow basic cyber security best practices and guidelines from CISA ¹⁸

• Remote Access and “Terminal Services” features of Windows were enabled allowing machines to be remotely controlled ¹⁸

• Software and patch protocols were not followed ¹⁸

• Credential management was flawed: unique usernames and passwords were not allocated. Many (if not all) accounts shared the same password, and multiple users appear to have shared the same account. ¹⁸

• A dual-boot configuration was discovered on adjudication equipment which is not an approved configuration. The second hard drive contained non-Maricopa County data.

Here is a summary table from the Cyber Ninjas report (Volume III). This does not include the 17,322 duplicate ballots found by Dr. Shiva (EchoMail) and the 255,326 early votes that appear in the VM55 but are missing from EV33 file.

A lot of the mainstream media has picked up on a single results table from Doug Logan that showed that the audit team’s count of the ballots closely matched the certified results, using that as supposed proof that Biden still won the state. What is being overlooked is the highly questionable validity of those votes.

Also note that this is not the complete audit report. Analysis of the routers, Splunk logs, and paper ballots is still ongoing.

Thanks to @LibertyOverwatchChannel for sifting through the reports and providing summaries. A further summary, with slightly more detail is on Patrick Byrne’s website.

Below, you can watch the full 3-hour hearing:

Several workers from the forensic audit — Maricopa residents who voted in the election and passed background checks — were interviewed on what they witnessed during the audit. They reported seeing numerous anomalies including ballots that were filled in “too perfectly”, indicating possible duplication by machine; and abnormal repeating patterns such as 7 for Biden, 1 for Trump, 7 for Biden, 1 for Trump, 7 for Biden, 1 for Trump. Despite being reported, these issues may not have made it into the final report. See their testimony in the video below:

Editor’s note: Regarding the machine-printed ballots mentioned in the video above, Doug Logan, the lead auditor from Cyber Ninjas reported that there are some legitimate scenarios where ballots are marked by a machine, such as if they are damaged, or unable to be scanned ¹⁹, or from ballot marking devices (BMDs) used by voters who are unable or uncomfortable marking a ballot by hand. While BMDs may be needed for voters with disabilities, they have known issues when used in large populations.

Analysis of the routers, Splunk logs, and paper ballots is still ongoing. We’ll update this page as more findings are uncovered.

Continued Debate

Maricopa County officials took to Twitter and sympathetic media channels to deny the allegations and minimize the report’s findings. They claimed the results were mistaken and that they had provided everything in the Senate’s subpoena, despite several key items still being withheld.

Members of the Maricopa County Board of Supervisors, as well as Ken Bennett, Senate liason for the audit, presented testimony to Federal Congress’ Oversight Committee on the findings, during which the county admitted to removing election files from machines prior to the audit. ²⁰

Dr. Shiva, who ran the audit of ballot envelopes, held a follow-up open discussion forum on the Maricopa Audit, open to Republicans, Democrats and state/county officials. See the full video and our summary here.

Cyber Ninjas later provided a great, detailed rebuttal to Maricopa County on their denials and deflections. It addresses specific claims, one-by-one, with screenshot evidence and links to further references.

So What Happens Now?

Senator Karen Fann has forwarded all reports onto Attorney General Mark Brnovich, who is in the process of identifying criminal activity and other breaches of law that need to be prosecuted.

The state congress will also likely explore further actions such as potentially decertifying the results. We expect to hear more about this in the coming days and weeks. ²¹

Footnotes & References

Visitor Comments

Show Comments