Is a cybersecurity expert's testimony about election fraud based on verified incidents? No, the major examples Navid Keshavarz-Nia cites in a written legal declaration lack proof or direct evidence and are based on his speculation.
The allegations appear in a written declaration (archived here) executed on November 25, 2020.
Here is what the document looked like online at the time of writing:
The nine-page declaration Keshavarz-Nia executed on November 25, 2020, was filed in support of former Trump attorney Sidney Powell's lawsuit in Michigan federal court alleging widespread election fraud and vote manipulation. A federal judge dismissed that suit Monday, December 7, 2020, calling the allegations in it "nothing but speculation and conjecture."
Keshavarz-Nia's declaration is replete with errors and unproven allegations. Some of the errors are relatively minor, such as misspelled words. Some are severe, such as citing alleged voting irregularities in Edison County, Michigan, a county that does not exist. Nevertheless Keshavarz-Nia wrote:
In another case for Edison County, MI, Vice President Biden received more than 100% of the votes at 5:59 PM EST on November 5, 2020. These distributions are cause for concern and indicate fraud.
Even more significantly, though, Keshavarz-Nia bases many parts of his argument on unproven and undocumented allegations. He says "I believe" on more than one occasion. Elsewhere, he talks about "reported evidence" without offering a citation of where it was reported and by whom. In the next paragraph he mentions "media reports," but again fails to cite which media were reporting that information. In yet another paragraph, he uses the characterization "reportedly" to make an allegation.
Keshavarz-Nia discloses in his declaration:
I have not been granted access to examine any of the systems used in the 2020 Election.
On November 29, 2020, British science writer and investigator Mick West characterized Keshavarz-Nia's declaration this way:
It's largely speculation based on his experience and on media reports and has remarkably little in the way of actual analysis or data.
The sloppiness and unprofessionalism in Keshavarz-Nia's document is evident from the first word in the title, in which he spells "Decleration," instead of the correct "Declaration." In at least two instances he refers to the "NT Times," instead of the "NY Times." In another place, he spells "AuditMark" as "AutitMark."
His self-reported academic credentials also are not clear. In his declaration, Keshavarz-Nia cites a Ph.D. degree in Management of Engineering and Technology from CalSouthern University, a regionally accredited for-profit school that says it offers 100% of its courses online. However, the university's web page does not show a listing for a Ph.D. degree in Management of Engineering and Technology. Registrar Becky Sepi told Lead Stories in a telephone interview December 7, 2020, that:
Everything on our website is what we offer. It's possible he took classes other years.
In his declaration, Keshavarz-Nia states he is "employed by a large defense contractor as a chief cyber security engineer," but he does not mention which company. An online search by Lead Stories failed to determine which contractor he is referring to.
Much more significant, though, are the specific allegations he makes about voting programs, election industry companies and alleged activities to steal votes.
Keshavarz-Nia first takes aim at a purported vote-switching tool called Hammer and Scorecard and at election systems sold by Dominion Voting Systems (DVS) and Election Systems and Software (ES&E), which he erroneously calls Systems and Software. According to Keshavarz-Nia and others who subscribe to the conspiracy theory, Hammer breaks into an election network and Scorecard changes the votes.
The existence of Hammer and Scorecard has never been proven. Lead Stories has written about Hammer and Scorecard before, here. And a November 10, 2020, PolitiFact article said:
... let's be clear that independent election security researchers see no evidence that Hammer and Scorecard exist, and the head of the Cybersecurity and Infrastructure Security Agency, a government body created by President Donald Trump in 2018, has said this theory of election interference is "nonsense."
In his declaration, Keshavarz-Nia alleges:
I have previously discovered major exploitable vulnerabilities in DVS and ES&S that permit a nefarious operator to perform sensitive functions via its built-in covert backdoor. The backdoor enables an operator to access to perform system updates and testing via the Internet without detection. However, it can also be used to conduct illicit activities such as shifting votes, deleting votes, or adding votes in real-time (Source: DVS Democracy Suite EMS Manual, version 5.11-CO::7, P.43). These events can take place through the Internet and without leaving a trace.
Dominion, which provides ballot tabulation systems but not voting machines, strongly denies Keshavarz-Nia's allegations. Addressing a similar suit Powell filed in Georgia (which a federal judge dismissed on December 7, 2020), Dominion said in a November 26, 2020 statement:
The allegations included in the draft complaint are baseless, senseless, physically impossible, and unsupported by any evidence whatsoever.
The company said "Powell's error-filled document" outlines a purported conspiracy that could not be carried out:
While Dominion Voting Systems is not named as a defendant, on Wednesday, November 25, 2020, Sidney Powell released what appears to be a very rough draft of a lawsuit against the Republican governor and secretary of state of Georgia alleging a bizarre election fraud conspiracy that -- were it possible -- would necessarily require the collaboration of thousands of participants, including state officeholders, bipartisan local elections officials, thousands of volunteer Election Day poll watchers in thousands of locations across the state of Georgia, federal and state government technology testing agencies, private elections service companies, and independent third-party auditors. This quite simply did not occur.
In a November 30, 2020, op-ed article in The Wall Street Journal, Dominion President and CEO John Poulos said:
There is no secret "vote flipping" algorithm. Third-party test labs, chosen by the bipartisan Election Assistance Commission and accredited by the National Institute of Standards and Technology, perform complete source-code reviews on every federally certified tabulation system. States replicate this process for their own certifications. Postelection canvassing and auditing also exist to provide additional assurance of the vote totals' accuracy.
Election Systems and Software vouched for its voting machines in article published November 11, 2020, by Globe News Wire. The article quoted Steve Pearson, ES&S senior vice president of certification as saying:
Each of our voting machines go through a tremendous amount of testing to prove accuracy and reliability. To earn certification from the U.S. Elections Assistance Commission, every unit must consecutively read 1.5 million ballot positions correctly. High-speed scanners such as the DS850 can tabulate up to 300 ballots per minute. We work with federal, state and local election officials to ensure we not only meet but exceed every testing standard.
A December 19, 2019, report by NBC News quoted Chris Wlaschin, head of systems security for ES&S, as saying at a Homeland Security cybersecurity summit in Washington in September 2019 that the company's machines are not prone to a remote attack over the internet.
In his declaration, Keshavarz-Nia alleges that election data was transferred abroad.
During my career, I have studied network communication reports that show DVS data being transferred to Internet Protocol (IP) addresses registered to Scytl in Barcelona, Spain. The results showed that Scytl maintained its SOE Software servers in a Barcelona data center for disaster recovery and backup purposes. In 2020, the SOE Software data center was moved to Frankfurt Germany where I believe 2020 election data was transferred.
Dominion said in its November 26, 2020 statement that:
Votes are not processed outside the United States. Votes are counted and reported by county and state election officials--not by Dominion, or any other election technology company.
Scytl, a software company based in Barcelona, Spain, denied the accusation in a November 13, 2020 release that said in part:
- Scytl has NO presence in Frankfurt, Germany
- Scytl did NOT provide any electronic voting machines to US jurisdictions and does NOT tabulate, tally or count votes in US public elections.
- Scytl has NO political affiliation.
The Associated Press reported November 15, 2020, that Scytl told the news service the company did have a temporary connection to Frankfurt last year. According to the AP, Jonathan Brill, the president and general manager for Scytl's U.S. division, said:
Backup servers in Frankfurt were used for a specific project for the European Parliament in 2019. These back-up servers were closed in September 2019. ... Scytl products sold to US customers are fully housed in the US, utilizing Amazon Web Services and have never been housed in Germany.
Keshavarz-Nia also attempted to tie Dominion Voting Systems to former Venezuelan leader Hugo Chavez, who died in March 2013. Keshavarz-Nia's declaration said:
DVS reportedly had a strategic relationship with Venezuela's Bitza Corporation, which was 28% owned by the former President Chavez. Intelligence reports indicate that the DVS/Bitza software was co-developed in Venezuela to alter vote counts to ensure President Chavez (and later, President Maduro) were guaranteed to win an election. The combined DVS/Bitza software was used in numerous countries such as Bolivia and Philippines to forge election results to favor a specific candidate. Subsequently, DVS and its international partners, including Diebold/ES&S (later acquired by DVS), Scytl, SOE Software/eClarity and Smartmatic to establish a global monopoly.
DVS, Scytl and Smartmatic all deny any connection to Chavez.
Addressing Powell's Georgia filing, the previously cited November 26, 2020, Dominion release said:
- Dominion was not "founded by oligarchs and dictators." It was founded in Toronto, Canada, and it is now a proud nonpartisan American company. Dominion has attested to its ownership --under penalty of perjury -- to local, state, and federal agencies, including the Committee on Foreign Investment in the United States, which includes all U.S. national security agencies.
- Dominion is not, and never has been, owned by Smartmatic. Neither has Smartmatic ever been a subsidiary of Dominion, as the complaint asserts. Dominion is an entirely separate company -- they do not collaborate in any way and have no affiliate relationships or financial ties. Dominion does not use Smartmatic. These are all facts verifiable in the public record as well as in regulatory and legal filings.
- Dominion has no ties to the Venezuelan government, nor any other foreign government, including China and Iran. Dominion has never participated in any elections in Venezuela and has no connection or relationship with the now deceased former Venezuelan dictator Hugo Chavez. Other companies have serviced elections in Venezuela, but Dominion is not one of them.
Similarly, Smartmatic issued an undated release after the election strongly refuting the Keshavarz-Nia allegations. It said in part:
- The founders of Smartmatic were born in Venezuela. The company, however, was founded in Boca Raton, Florida in 2000 and still maintains its US base there. ...
- There are no ties between Dominion Voting Systems and Smartmatic - plain and simple. No ownership ties, no software leasing, no business at all between them. In 2009, (that's more than a decade ago) Smartmatic licensed scanning machines from Dominion for use in The Philippines for a Smartmatic election project. Our one contract with Dominion was short-lived and ended in a lawsuit. That was the first and last time that Smartmatic and Dominion tried to do business together.
Scytl likewise mentioned in its November 13, 2020, release that it has no relationship with Dominion or Smartmatic.
According to a December 3, 2000, report by PolitiFact:
Smartmatic technology was not used in any of the battleground states won by Biden where Trump allies are disputing the results.
Keshavarz-Nia states in his declaration that election data from the NY Times (which he calls the NT Times) prove his point.
When analyzing the NT Times data for the 2020 election, I conclude that the software algorithm manipulated votes counts forging between 1-2% of the precinct results to favor Vice President Biden. The software performed data alteration in real-time in order to maintain close parity among the candidates and without raising red flags. The specific software algorithm was developed by Smartmatic and implemented in DVS machines to facilitate backdoor access by a nefarious operator to manipulate live data, as desired.
He goes on to say (note the apparent missing word in "until it momentum"):
The data variance favoring Vice President continues to accelerate after 4:30 AM EST on November 4, 2020 and continues until it momentum through November 9, 2020. This abnormality in variance is evident by the unusually steep slope for Vice President Biden in all battleground states on November 4, 2020. A sudden rise in slope is not normal and demonstrates data manipulation by artificial means.
But the previously mentioned analysis by investigator Nick West points out the fallacies in this argument, which he calls "simply nonsense." West writes that:
We can see from the correctly plotted graph that there is no "sudden rise in slope". Other than the occasional jumps from precincts or counting centers reporting a large batch, the slope of both lines gradually decreases. This is hidden slightly by the overnight pauses where the slope is flat, but if we mark those, then we can see each days slopes have no sudden rise. If anything there's a sudden fall from day-to-day.
The last major point Keshavarz-Nia makes in his declaration concerns a laptop and USB memory sticks that were stolen from a municipal warehouse in Philadelphia before the election. Officials said they used the memory sticks to program voting machines.
Keshavarz-Nia states in his declaration that the equipment by Election Systems and Software was stolen in 2019, but city officials said they were uncertain when the theft occurred.
Keshavarz-Nia points out why he believes the theft is significant (once again, note the odd construction of the second sentence, which starts with "However," indicating sloppiness on the writer's part):
The company disputes the risks posed by lost USB memory cards containing the cryptographic key. However, according to the election security expert Eddie Perez of the nonpartisan OSET Institute states "it is very common that a USB memory card has a wealth of information that is related not only to the configuration of the election and its ballot -- and the behavior of the voting device -- but also internal system data used to validate the election." I have previously analyzed the contents of the DVS and other voting system cryptographic keys. I believe that USB memory cards were used to facilitate administrative access to the backdoor to disrupt polling operations and impact ballot counting across MI, GA, PA, AZ and WI.
But Election Systems and Software disputes that contention. An Associated Press story from October 1, 2020 states:
The laptop did not hold any "sensitive election-related data" and was not used for election programming, said spokeswoman Katina Granger, of Election Systems & Software of Omaha, Nebraska, the manufacturer. She said ES&S immediately cut it off from the vendor's network upon learning of the theft.
The Philadelphia Inquirer quoted an unnamed ES&S source also downplaying any risk:
The flash drives are encrypted to prevent tampering, and specifically matched with individual voting machines, said a spokesperson for Election Systems & Software, the voting machine vendor, adding: "Upon programming, these encryption keys 'marry' the USB with the machine, and if placed in another machine, it will cause an error and the machine will not work."
The strongest repudiation of any election interference comes from those individuals and agencies who worked to keep the balloting safe and fair.
A joint statement issued November 12, 2020, by the Elections Infrastructure Government Coordinating Council and the Election Infrastructure Sector Coordinating Executive Committees states in part (bold emphasis theirs):
The November 3rd election was the most secure in American history. ...
There is no evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised. ...
While we know there are many unfounded claims and opportunities for misinformation about the process of our elections, we can assure you we have the utmost confidence in the security and integrity of our elections, and you should too. When you have questions, turn to elections officials as trusted voices as they administer elections.
The committees point to the importance of paper ballots:
All of the states with close results in the 2020 presidential race have paper records of each vote, allowing the ability to go back and count each ballot if necessary. This is an added benefit for security and resilience. This process allows for the identification and correction of any mistakes or errors.
Christopher Krebs was the head of the Cybersecurity and Infrastructure Security Agency (CISA) until President Trump fired him November 17, 2020 for disputing allegations of voter fraud. Trump had put him in charge of overseeing election security on June 15, 2018.
In an interview with CBS' "60 Minutes" that aired November 29, 2020, Krebs said the vast use of paper ballots is the strongest safeguard:
Paper ballots give you the ability to audit, to go back and check the tape and make sure that you got the count right. And that's really one of the keys to success for a secure 2020 election. 95% of the ballots cast in the 2020 election had a paper record associated with it. Compared to 2016, about 82%. ...
That gives you the ability to prove that there was no malicious algorithm or hacked software that adjusted the tally of the vote, and just look at what happened in Georgia. Georgia has machines that tabulate the vote. They then held a hand recount and the outcome was consistent with the machine vote. ...
That tells you that there was no manipulation of the vote on the machine count side. And so that pretty thoroughly, in my opinion, debunks some of these sensational claims out there-- that I've called nonsense and a hoax, that there is some hacking of these election vendors and their software and their systems across the country. It's-- it's just-- it's nonsense.
He then went on to dispute some of the allegations contained in the Keshavarz-Nia declaration and also made by other conspiracy believers:
So all votes in the United States of America are counted in the United States of America. I don't-- I don't understand this claim. All votes in the United States of America are counted in the United States of America. Period. ...
So again, there's no evidence that any machine that I'm aware of has been manipulated by a foreign power. Period. ...
Look, I think these-- we can go on and on with all the farcical claims that -- alleging -- interference in the 2020 election, but the proof is in the ballots. The recounts are consistent with the initial count, and to me, that's further evidence, that's confirmation that the systems used in the 2020 election performed as expected, and the American people should have 100% confidence in their vote. ...
If there was an algorithm that was flipping votes or changing votes, it didn't work. I think the more likely explanation, though, is that there is no algorithm, that the systems performed as intended. That the series of security controls before, during, and after an election protected those systems from any sort of misbehavior. ...
Lastly, he concludes:
There is no foreign power that is flipping votes. There's no domestic actor flipping votes. I did it right. We did it right. This was a secure election.
