Ninja report insinuates wrongdoing, Fann calls for probe

Listen to this article

Senate election auditors provided no evidence of widespread fraud Friday but dangled enough insinuations of impropriety to give Donald Trump supporters an inkling of hope that future investigations will uncover wrongdoing in connection with the 2020 general election in Maricopa County. 

The auditors’ presentation did not divert significantly from draft copies of their report obtained by the media the day before the presentation, which showed, among other things, that the Cyber Ninjas’ hand count of Maricopa County’s 2.1 million ballots found Biden won by a slightly larger margin than what is included in the official county canvass. The hand count added 99 votes to Biden’s total and took away 261 Trump votes. 

In a statement, however, Trump said the audit “shows incomprehensible fraud at an election changing level. 

“Arizona must immediately decertify their 2020 presidential election results,” he said, though no one, including Trump, has explained how that is even a legal possibility. 

But the report also highlights various concerns the auditors have with the county’s elections processes, which drew criticism from election experts and Maricopa County officials. 

Senate President Karen Fann said she turned over all audit reports to Attorney General Mark Brnovich, and it is now up to him to investigate the auditor’s claims to determine if further actions are necessary. 

“He has access to a lot more rolls than we do; access to social security numbers; access to more death certificates,” she said, pointing to the legislature’s decision in recent years to fund the Attorney General’s election integrity unit. 

“He’s got the staff; he’s got the money – I want him to do it,” she said. 

Fann also did not rule out the possibility of a special session to draft new legislation based on recommendations from the auditors. 

She said the Senate’s Judiciary and Government & Ethics committees will review the information and begin drafting legislation “so we can get it done as quickly as possible.” 

“If there are some things that we can specifically get done that is reasonable – that we know we’ve got the votes on – we’ll reach out to our governor and say ‘would you mind calling a special session at least to get us the basic things in place before the next elections,’” Fann said. 

It does not appear Gov. Doug Ducey, who would have to call the special session, would comply with such a request, though. Fann also does not likely have the votes to support calling a special session without Ducey, which would require the support of two-thirds of both chambers. 

In a lengthy Twitter thread, Ducey wrote, “Any meaningful policy recommendations identified should be addressed in the next session of the legislature.” 

The governor’s spokesman did not respond to a request to clarify his stance on a potential special session. 

In his thread, Ducey said trust in the election system has eroded in recent years, but declared the audit and 2020 election are “over” and “there will be no decertification of the 2020 election…” 

FINDINGS 

The Cyber Ninjas’ report listed one finding as a “critical” concern and two as “high” concerns, but elections experts quickly refuted the claims. 

The report’s recommendations, based on its findings, also largely overlap with practices already in use in the state.  Amy Chan, Clean Elections commissioner and former elections director under former Republican Secretary of State Ken Bennett, noted the overlaps.. 

“It’s not that these are bad recommendations; it’s more that they’re telling on themselves that they don’t know we already do them,” Chan said. 

The report’s recommendation to compare voter rolls to Electronic Registration Information Center lists, or ERIC lists, for example, is unnecessary because Arizona is already an ERIC member state, Chan said. ERIC is a nonprofit that helps states maintain accurate voter rolls. Thirty states and D.C. are members. 

Elections in Arizona also already use paper ballots and create a paper trail for ballots cast by individuals with disabilities in an alternative format.   

Cyber Ninjas said its finding regarding mail-in votes from previous addresses was “critical.” The report said they found 23,344 ballots that “may have met this condition.”  

They claimed that the only way the correct person could return the ballot was if it was improperly forwarded or if the voter knew the current occupant of their previous address. 

That’s not true, the county and elections experts said.  

“Cyber Ninjas still don’t understand this is legal under federal election law,” the county’s Twitter posted. “To label it a ‘critical’ concern is either intentionally misleading or staggeringly ignorant. AZ senators should know this too.” 

Chan said there are a few reasons someone may vote and the address tied to their registration is different from where they’re currently living. Military and overseas voters can cast federal-only ballots linked to their stateside address, and people move all the time.  

The county added that it had 20,933 one-time temporary address requests for the November election. It also noted that snowbirds and college students may have forwarding addresses while they’re out of the county. Ballots are not forwarded. 

The Cyber Ninjas came to their previous address voter number and other figures in their report by comparing the final voted file to a commercial database. Tammy Patrick, a former federal compliance officer for the Maricopa County Elections Department, said using commercial databases is problematic and that those products can be “some of the lowest quality” — outdated and inaccurate. Patrick is now a senior adviser to the elections program at the Democracy Fund, a nonpartisan foundation that advocates for the U.S. democratic system. 

“One of the most critical, critical pieces of this is they are relying a lot on that commercial addressing service,” Patrick said. “Traditionally, that is not a path that most people go down.” 

The Cyber Ninjas also labeled “high” their finding that 9,041 more ballots were returned than were received. But that finding and a finding that the official result totals don’t match the Final Voted File can be explained by protected voters, whose addresses aren’t included in the Final Voted File to protect their safety. 

“Standard stuff from this camp,” Maricopa County Recorder Stephen Richer tweeted. “Conveniently ignores the fact that there are protected voters who aren’t produced in these reports. Because, you know, we care about law enforcement, judges, domestic violence victims, etc.” 

Logan said his team asked the county about the discrepancy a week or so ago. 

“The day before we were to present results, they decided to tell us that those were actually protected voters,” Logan said.  

Logan said his team wasn’t able to determine if that was true before presenting its report, and he blamed Maricopa County for not cooperating sooner. 

The Cyber Ninjas’ third top finding was that 10,342 voters may have voted in Maricopa County and in other counties because they shared the same full name and birth year as someone who voted elsewhere. The report acknowledged that some people share that information but said it was not common and that the list should be reviewed. 

The county and experts disagreed. 

“There are dozens of people with the exact same name,” Patrick said. “Every year you see what are the most common baby names this year. Well, in 18 years, that means those people with the common baby names are all going to be registering to vote.” 

The county gave an example: There are seven active voters in Maricopa County named Maria Garcia who were born in 1980. There are 12 statewide. 

“To identify this as a critical issue is laughable,” the county tweeted. 

DELETED FILES 

Despite the county’s criticism, audit supporters appeared elated with the presentation. 

They burst into applause on multiple occasions, despite the fact the auditors never once uttered the word “fraud” or made claims the election was stolen from former President Donald Trump. 

One of those moments occurred when CyFir CEO Ben Cotton mentioned they had photos of Maricopa County employees at computers when information was supposedly deleted. 

Throughout his testimony, which focused on supposed cybersecurity issues with Maricopa County’s elections systems, Cotton alleged tens of thousands of security logs and other files containing election-related data were deleted from county scanners, servers and other machines. 

“So, I’m going to assume at this point that it’s not available for us to look at or else they would have turned that over to us,” Cotton said, referring to some of the security logs in question. 

He then told Fann and Petersen that the audit team obtained video footage of county workers using the machines at the time the logs and other files were deleted. 

While Cotton did not accuse those unknown workers of fraud, the mere insinuation was enough to elicit cheers from most of the non-media attendees packed into the Senate gallery. 

The celebrations died down considerably when Cotton said he would not reveal the identity of those individuals. 

Maricopa County officials quickly refuted Cotton’s claim on Twitter, explaining that county elections staff archived the data that Cotton thought was deleted. 

“Maricopa County strongly denies claims that (elections department) staff intentionally deleted data,” the county posted on its official Twitter account. “As we’ve stated, staff were conducting the March election & compiling info required to comply w/ Senate subpoena. We have backups for all Nov. data & those archives were never subpoenaed.” 

Cotton also claimed he found evidence that multiple county elections devices were connected to the Internet – a point of contention for election fraud theorists who believe that connection could have allowed a bad actor to alter vote tallies. 

To back up the claim, Cotton cited documentation he included in his presentation showing some devices he examined accessed outside webpages or IP addresses between January 2020 and February 2021. 

Again, Maricopa County refuted the claims that those logs proved anything nefarious occurred. 

“None of this is the election system. This is all the voter registration system. Sigh. This is so irresponsible,” Maricopa County Recorder Stephen Richer posted on Twitter. 

For instance, one of the devices cited by Cotton – named “REWEB1601” – was connected to the Internet, the county said on Twitter, because it is the server for the Maricopa County Recorder’s website. 

“Despite what Cotton is saying right now, none of this matters on an air gapped network,” the county posted. 

The term “air gapped” refers to a network that is not directly connected to the Internet or any other device that is connected to the Internet. 

Throughout the presentations, the audit team, Fann and Petersen repeatedly hedged allegations by pointing to the fact that the county did not cooperate with the audit, withholding items like routers and Splunk logs that the Senate subpoenaed. 

The routers would show whether election equipment was connected to the Internet at any point during tabulation. 

The Senate and county have since agreed to a settlement under which the county will provide those materials to a special master – former Congressman John Shadegg – and a team of IT professionals, who will then answer the auditor’s questions. 

The third major prong of the auditors’ report focused on the validity of signatures on mail-in ballots. 

Shiva Ayyadurai, a former Republican U.S. Senate candidate from Massachusetts who claims to have invented email, was hired by the Senate to review signatures on early voting ballots. In his presentation, he said he found numerous discrepancies, including possible duplicate voting, 9,589 ballots that should not have been counted due to missing or scribbled signatures and a too-low rate of ballots being rejected due to signatures. Ayyadurai called for an audit of the county’s signature verification process. 

“Amazing report from Dr. Shiva,” tweeted state GOP Chairwoman Kelli Ward. “Many questions for Maricopa County as well as exposure of incompetence & possible malfeasance. A FULL SIGNATURE AUDIT IS ABSOLUTELY NECESSARY!” 

Maricopa County officials dismissed Ayyadurai’s conclusions and said there were innocuous explanations for the discrepancies he highlighted. 

“Reminder that — under court supervision (where you can’t lie willy nilly) as a part of 1 of 8 unsuccessful court cases — Kelli Ward’s handwriting expert looked at a sample of the signature affidavits and found … 0 signs of inaccuracy or fraud,” Richer tweeted. 

FINGER POINTING 

In her letter to Brnovich, Fann listed several changes to election administration she would like to see. Much of her letter criticized Maricopa County and its non-cooperation with the audit. 

“Laws should require transparency and affirmative cooperation from every elections official,” Fann wrote. 

Fann said elections officials must be required to preserve evidence so a “top-to-bottom audit” can be done. 

“Arizona voters deserve an unimpeachable electoral process — and the State Senate is already working hard on new legislation to deliver that,” Fann wrote. 

At the end of the hearing Sen. Warren Petersen, R-Gilbert, who is the chairman of Senate Judiciary and who presided over the hearing along with Fann, criticized the county for fighting the audit. 

“How much money have they spent trying to stop our audit?” he asked. “Has to be in the hundreds of thousands of dollars.” 

He listed areas he would like to see investigated further or addressed, such as cybersecurity issues related to election systems, unsigned ballot envelopes and reconciling the numbers in the various counts. 

“I look forward to working with my colleagues and with the Attorney General in any way to resolve these issues,” Petersen said. 

Fann said, if nothing else, the audit has taught us that we need more audits. 

“We need to do audits to some extent, we need to do bigger audits on every election just to make sure people are following the rules,” Fann said. 

Maricopa County Board of Supervisors Chairman Jack Sellers issued a statement after the presentation, noting that “the auditors buried this fact: their ballot recount was nearly identical to the County’s count, and the official results stand.” 

He criticized the auditors and Senate leadership for “falsely” and “recklessly” accusing county workers and officials of potential crimes. 

“Today’s hearing was irresponsible and dangerous,” he wrote. 

Followers of Arizona Sen. Wendy Rogers on the alternative social media site Gab made death threats against county officials during the presentation. 

“Drag them from their houses to the town square and hang them on every lamp post!!” user Jeffrey DeYoung wrote. 

House Minority Leader Reginald Bolding, D-Laveen, said the audit was meant to “allow for really radical right, extreme members of the (Republican) Party to use as a fundraising tool,” to rally Trump supporters and to provide justification for more legislation in 2022 that, Bolding fears, would make it more difficult to vote. 

“I imagine there’s a long list of pieces of legislation they’ll look at to make it actually more difficult for people to participate in democracy,” said Bolding, who is running for Secretary of State. 

Rep. Mark Finchem, R-Oro Valley, who has been a loud proponent of stolen election conspiracy theories and who is one of three sitting GOP lawmakers running for Secretary of State, has been calling for a door-to-door audit of the voter rolls.  

Bolding said he considers this voter intimidation and would be strongly opposed to it. 

“When you look at the Voter Rights Act, when you look at our Constitution, when you also look at what we should be doing as elected officials, one thing is we should not be intimidating voters by having third-party individuals knock on people’s doors to intimidate them,” Bolding said. 

Capitol Media Services contributed to this report.