Skip to Content

The key to future election security starts with a roll of the dice

Risk-limiting audits help ensure the accuracy of vote counts, and could be crucial to securing democracy. But they use some unusual techniques.
SOS/Judd Choate

We’re now six weeks past Election Day, and electors in every state followed the will of the voters and confirmed the victory of Joe Biden. But while the Electoral College made the results official, President Donald Trump is continuing to protest them, despite having lost dozens of court cases within the past month. In any case, Congress is slated to complete the process of electing Biden on January 6.

President Trump’s attack on American elections accelerated a problem that already existed in the United States: the public doesn’t trust the vote. 

So how can we help more Americans believe in the most important function of our democracy? One of the states with the most contentious states votes in 2020 might have something to tell us.

How it went down in Georgia

Georgia’s election was close. When it turned out that were only 12,000 votes separating Joe Biden from Donald Trump, the world turned its attention to the count there.

The state’s election processes have changed significantly in just the last year, including a switch to more secure paper ballots and a law requiring a post-election audit, which was then used to examine this year’s tight presidential race.

An audit is not a recount. Instead, it is a routine check of a portion of ballots, using statistical tests to root out anomalies. This is meant to increase everyone’s confidence that the outcome is correct. Georgia’s secretary of state, a Republican, ran the audit this year: it discovered and corrected a relatively small number of counting errors. That process was open and transparent, and the changes were too few to affect the results. In the end, it reaffirmed Joe Biden’s win in Georgia.

This was one of the most high-profile post-election audits in American history, but it won’t be the last. Election integrity and security experts are increasingly pushing to make risk-limiting audits (RLAs) a legal requirement for elections in all 50 states. In just the last few years, 11 states have passed laws requiring, allowing, or piloting risk-limiting audits. The idea is to build trust in systems that have become less transparent as they are more mechanized.

“Machine counting is great, but should we trust them?” says Ben Adida, who runs the election security nonprofit VotingWorks. “The whole point of risk-limiting audits is that machines are great for speed, accuracy, and objectivity—but let’s audit them to make sure they don’t make mistakes and they haven’t been hacked.”

After a largely automated initial count, a risk-limiting audit takes a small number of ballots, which humans count and check against the initial outcome. The process has been put together and picked apart by statisticians, voting experts, election officials, and computer scientists over the last two decades, but it has only recently started to be used in significant elections. (Colorado was the first state to pass legislation about risk-limiting audits, in 2009; its first statewide RLA took place in 2017.)

Adida’s nonprofit, launched in 2018, has built open-source and free software to help conduct these audits cheaply and quickly, in the hope of getting states to adopt RLAs more widely. VotingWorks helped Georgia run its audit this year, and Adida is hopeful the idea will spread.

Starting with a dice roll

In Colorado, the process starts with a big, weird public ceremony that anyone can attend: the state rolls a 10-sided die 20 times in order to create a random “seed” number that kicks off the audit. That determines which ballots will be checked against the results. The whole thing is done this way to try building trust.

“The fact that risk-limiting audits are public ceremonies that the public and press can attend is a very positive thing that will help voters perceive elections to be more trustworthy in addition to the election being more trustworthy in actuality,” Adida says. “We’re going to think about how we name it and talk about it. Even the word audit itself has a lot of negative connotations, and that’s understandable.”

So what happens now? The next four years could see as many as half of all states adopt risk-limiting audits with those goals. In the meantime, aside from the final stages of congressional confirmation, this particular election is over.

Deep Dive


It’s time to retire the term “user”

The proliferation of AI means we need a new word.

Modernizing data with strategic purpose

Data strategies and modernization initiatives misaligned with the overall business strategy—or too narrowly focused on AI—leave substantial business value on the table.

How ASML took over the chipmaking chessboard

MIT Technology Review sat down with outgoing CTO Martin van den Brink to talk about the company’s rise to dominance and the life and death of Moore’s Law.


Why it’s so hard for China’s chip industry to become self-sufficient

Chip companies from the US and China are developing new materials to reduce reliance on a Japanese monopoly. It won’t be easy.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.