Arizona’s Sham Election ‘Audit’: One Year of Evidence — And Counting

One year after filing its lawsuit for the release of records from the “audit,” American Oversight details the documents it has obtained that further expose the election review’s biased and partisan origins.

It’s been one year since American Oversight filed a lawsuit against the Arizona Senate seeking the release of records related to the Senate’s partisan “audit” of the 2020 election results in Maricopa County. In the months that followed, documents released in response to our litigation revealed the politically biased and conspiracy-rooted origins of the “audit,” as detailed in a report we published in September. Since then, American Oversight has continued to uncover yet more evidence that this sham election review was an anti-democratic tactic to undermine faith in the 2020 election results.


In the weeks after Joe Biden won the presidential election in Arizona, and as supporters of former President Donald Trump promoted his lies about widespread voter fraud, the state Senate began to plan an “audit” of votes cast in the state’s most populous county. Despite several independent reviews by experienced election auditors that verified the results, Senate President Karen Fann later hired Cyber Ninjas to conduct the “audit,” a firm with no election experience and whose founder and CEO, Doug Logan, had previously touted election-denying conspiracies. 

On May 19, 2021, American Oversight filed suit against the Senate for failing to release “audit”-related documents in response to our open records requests. Since then, multiple court rulings have found that both the Senate and Cyber Ninjas must turn over public documents related to the election review. The Senate is still seeking to withhold certain records under a broad claim of legislative privilege, which in May 2022 brought part of the lawsuit before the Arizona Supreme Court. Meanwhile, American Oversight has obtained tens of thousands of pages of documents related to the sham “audit.” 

This report outlines records obtained since last September’s report along with significant findings related to the “audit.” As we’ve previously reported, leaders of the election review had from the start set out to find evidence of fraud so as to cast doubt on the 2020 results. Moreover, the review had roots in a multi-state effort to overturn the election, and involved the encouragement and “expertise” of prominent Trump allies and election-denying conspiracy theorists. Along the way, the inexperience of those conducting the “audit” combined with the connections to election reviews in other states has demonstrated the operation’s dangerously anti-democratic consequences. 

Predetermined Conclusions: The Search for Fraud

The Arizona Senate’s election “audit” was initiated and encouraged by people with a political interest in finding — or inventing — evidence of voter wrongdoing or voting irregularities. That predetermined conclusion, that fraud or security issues might call into question President Biden’s electoral victory in Arizona, was the goal, and the review’s purported “findings” were tainted by that bias. 

Numerous early emails to constituents reveal Senate President Karen Fann’s determination to conduct a ballot review that many hoped would bring about a different election outcome. In response to a constituent demanding a hand count of ballots, Fann wrote on Nov. 14, 2020, “We will do whatever is possible within our legal boundaries and introduce legislation to change the laws that are tying our hands.”

Her emails also reveal her deference to the Trump campaign’s goals. “I totally agree with your frustrations and will not give up on our president or fixing the problems with our voting system,” Fann wrote on Nov. 15 in response to a constituent. The same day, she wrote to another, “[W]e are doing everything we can and trying hard not to interfere with the various lawsuits filed by President Trump’s team, the RNC, and state party. Since many of these issues involve numerous states it is being handled at the Trump campaign level.”

But from the beginning, there was never any legitimate evidence of widespread fraud, no matter how earnestly it was sought. In another email to constituents, Fann revealed that she had asked the Trump legal team for evidence of fraud that they could not provide: “We have to show some credible evidence for ‘fraud’ before the courts or anyone else can do anything,” she wrote on Nov. 29. “I have asked the Trump legal team MANY times to please bring us their proof of fraud so we may act on it. To date they have not provided any proof.”

One month later, after subpoenas had been issued to Maricopa County, Fann responded to a constituent email: “We are actively suing the [county Board of Supervisors] for the audit. We have the full support of Trump and [Rudy Giuliani].” The day before, she had written to another constituent, “I have the full support of [Giuliani] and a personal call from President Trump thanking us for pushing to prove any fraud.”  

The Plot to Overturn the Election

A recently released audio recording revealed that in March 2022, Senate President Fann — who originally claimed that the “audit” was undertaken merely to improve future elections — said that if state Attorney General Mark Brnovich were to verify the results of the “audit” and therefore find the election “uncertifiable,” then he would need to take the matter to court. 

While Fann has since claimed she was misconstrued and has reiterated that the “audit” had found that votes were not miscounted, her remarks were an alarming parallel to the ongoing calls in various states to “decertify” the 2020 results. They also echoed multiple records that illustrate the review’s roots in the post-election efforts to subvert the results — or to prevent them from being certified at all during the congressional certification on Jan. 6, 2021. 

“The key here is ‘rampant fraud,’” Fann wrote in a Nov. 30, 2020, email to a constituent. “I have asked the Trump legal team many times to please provide any documentation they have so we could look into it. I also asked them to please file a lawsuit so the judge could put a hold on certification until we could get answers. No suit has been filed nor was a suit filed to contest the certification process.”

  • Alternate Electors

In the weeks following the election, multiple Arizona lawmakers attempted to prevent the election’s certification by proposing the appointment of alternate electors from the state, and records reveal that they anticipated that results from an “audit” would help in this scheme. 

American Oversight obtained a December 2020 letter signed by then-incoming state Sen. Kelly Townsend that was addressed to Vice President Mike Pence. It asked him to “not accept” Arizona’s valid electors during the Jan. 6 congressional certification of Electoral College votes. The letter also referenced the “alternate slate of electors” prepared by Arizona Trump supporters on Dec. 14, 2020, when Arizona and multiple other states submitted fake electoral certificates to Congress, seeking to overturn Biden’s victory by falsely claiming their states’ electoral votes went to Trump

In early January 2021, Townsend introduced a resolution in the Arizona Senate to revoke Biden’s electors and to appoint a slate of alternate electors. She emailed allies on Jan. 5 with a link to the resolution, writing, “This resolution to appoint the alternate slate of electors is prepared and ready for the election audit findings, should they result in what I expect to happen.”

Records also reveal that the office of U.S. Rep. Mo Brooks — a congressman from Alabama who on Jan. 6 gave an inflammatory speech to Trump supporters near the White House — was actively seeking information from Arizona that could be used to challenge election results. On Dec. 22, 2020, a Brooks staffer emailed Arizona Rep. Mark Finchem, another key figure in the effort to undermine the election, indicating that Brooks’ office was “putting together a master memo on the valid grounds” for objecting to the Electoral College certification. 

The staffer asked Finchem for a memo detailing “allegations of fraud and other election irregularities” from a meeting involving Rudy Giuliani that had been held on Nov. 30 in Phoenix. Later that day, a Townsend staffer sent a copy of Townsend’s resolution to Brooks’ office, asking to be notified once it was “submitted to Congress.” On Jan. 5, Finchem circulated another letter addressed to Pence regarding the “reclamation of Electoral College Electors from Arizona,” signed by Finchem, Townsend, and other Arizona House and Senate members. 

  • Possible Meeting with John Eastman

In a Dec. 13, 2020, email response to a constituent who demanded that the election results be decertified, Fann wrote, “With respect to the US Constitution Article 2 and 3 provisions, we spent an hour and a half with a nationally accredited constitutional attorney which was extremely interesting and I learned a lot. He stated that the ‘plenary clause’ allowing us to convene ourselves with a simple majority applies ‘when there is no clear winner of an election.’”

The records don’t indicate the name of the attorney who spoke with Fann, but the idea that state legislatures, rather than the popular vote, could determine the winner of the election was frequently espoused by Trump allies. In a now-famous memo prepared around that time, Trump-allied lawyer John Eastman outlined a plan for Pence to reject the results from states with “dual slates of electors,” writing that Article II granted state legislatures “the plenary power to determine the manner for choosing presidential electors.”

In her email, Fann added that there had “been no proof provided to the courts” of significant voter fraud, but that the Senate was “committed to pursuing these claims” through an “audit” of Maricopa County, referring to Jan. 6 as a deadline for altering the election’s results. “We are hoping any substantiated information from any state regarding voter fraud can be brought and verified by January 6th, 2021 when congress convenes to give the final ‘blessing’ on the election. That would be one of our last options to make a difference in the outcome of the 2020 election.”

Trump Allies and Conspiracy Theorists

  • Contact with Rudy Giuliani and Trump Allies

“I have spoken with Mayor Giuliani at least 6 times over the past two weeks,” Fann wrote in an email on Dec. 2, 2020. Direct communications between audit leaders and Trump attorney Rudy Giuliani in the weeks after the election point to the starkly political orientation of what would become the Maricopa County “audit.” 

On Nov. 30, Giuliani gathered Republican state lawmakers — including Sen. Townsend, Rep. Finchem, and Sen. Sonny Borrelli — at an unofficial “hearing” in Phoenix where participants made unsubstantiated allegations about the election’s integrity. 

On Dec. 4, Christina Bobb of the right-wing One America News network sent Fann an email titled “AZ Evidence/Affidavits,” writing, “Mayor Giuliani asked me to send you these declarations. He will follow up with you as well. I will have one more email follow[ing] this one.” Fann’s response revealed potential frustrations with the Trump legal team — she wrote back, “Staff has reviewed all the attachments and they appear to be the same exact documents your team left with us on Tuesday morning. I believe we are looking for all the additional information your team would send because they didn’t have it with them. The additional affidavits, lists containing names of deceased or illegal aliens who voted, etc.” 

Bobb continued to communicate regularly with Senate leaders, inaccurately reported on the “audit,” and later helped fund the effort through a nonprofit called Voices and Votes. She often worked on behalf of Giuliani and may have played a direct operational role in the review.

Additionally, in a text exchange from April 28, 2021, between “audit” spokesman Randy Pullen and Jeff DeWit, the chief operating officer of the Trump 2020 campaign, DeWit asked Pullen about the nonprofit The America Project, which was raising millions for Cyber Ninjas’ work. “So are they ok to donate to?” DeWit asked. “Trump asking.” DeWit, who communicated frequently with Pullen, may have been acting as an intermediary between Trump and “audit” officials.

  • Subcontracts with Conspiracy Theorists

Further evidencing the “audit’s” partisan bias and lack of credibility, senior leaders communicated closely with conspiracy theorists — known for touting destabilizing and discredited lies — throughout and after the investigation’s planning and execution. Among the most prominent were Dr. Shiva Ayyadurai, an anti-vaccine activist and two-time Massachusetts Senate candidate, and Jovan Hutton Pulitzer, whose reported theory that ballots were smuggled in from Asia led to a hunt for bamboo fibers in the ballots.

Records previously held by Cyber Ninjas that were recently released by the Senate in response to our lawsuit included a subcontract for Pulitzer with Cyber Ninjas signed on May 6, 2021. The agreement appears to be the first time we’ve seen the details of his terms of payment laid out, which show the cost of services as $210,000 — an amount Pulitzer said was a “deep discounting” from the original cost of $2.1 million.  

On Sept. 18, 2021, Pulitzer emailed Fann and Cyber Ninjas CEO Doug Logan (and state Sens. Warren Petersen, Wendy Rogers, and Townsend, as well as Randy Pullen) with a report on the work he completed using “kinematic artifact detection,” the technology he claimed to have developed to detect fraudulent ballots. 

His message reveals details about how Pullen had involved him in the review’s efforts early on: “I want to take time to thank Randy Pullen, who as many may not know starting [sic] working with me in late November 2020 (and very diligently thereafter for months) following my technology development and how it would aid an audit (to become a full forensic audit) in Maricopa County.” He added, “Randy has been a steadfast supporter, from the start took tremendous time to conduct calls, meetings, exchange emails, and even initially introduced my work to Chairman Ward, Representative Finchem, various lawyers, and other GOP notables.” Pulitzer continued emailing Arizona legislators as recently as March of this year.

The Senate also worked closely with Ayyadurai, who offered his own takedown of Pulitzer’s work. On Sept. 30, 2021, Pullen sent to Fann a statement of work and requested payment for Ayyadurai of $75,000, writing, “Dr. Shiva’s SOW. Managed to get a small discount.” The attached document explained the agreed-upon services and costs for work by Ayyadurai’s company EchoMail. Previously, Ayyadurai had entered a $50,000 subcontract with Cyber Ninjas, which records indicate that he terminated in August. 

On Feb. 4, 2022, Ayyadurai sent to Pullen and Fann a written analysis of a report by Pulitzer on supposedly fraudulent ballots, along with a $2,500 invoice. Ayyadurai labeled the report “utter rubbish,” writing that it was “filled with blatant prevarications that demand either a full blown criminal investigation of fraud of the author … or at a minimum complete dissociation from him.” 

The Selection of Contractors 

  • The Role of Phil Waldron and Allied Security

Another prominent election denier who aided the Senate “audit” was Phil Waldron, the retired Army colonel whose role in helping Trump’s efforts to overturn the election is being examined by the House Jan. 6 committee. In the days before the Jan. 6 riot, Waldron had briefed members of Congress and White House officials on election fraud theories, including by circulating an infamous 38-page PowerPoint presentation outlining schemes to overturn the election. 

Waldron’s firm, Allied Security Operations Group, was nearly hired by Fann to conduct the “audit” in early February. The firm had been behind a discredited report claiming election irregularities in Michigan’s Antrim County and had helped push the stolen election narrative. State Rep. Mark Finchem and state Sen. Sonny Borrelli, both vocal Big Lie supporters who helped push the plot to prevent the election’s certification, appear to have conducted the initial communications with Waldron and Allied Security.

On Dec. 8, 2020, Waldron forwarded a document titled “Arizona Report” — which he described as “the base research doc that our team produced on AZ” — to various Trump-allied lawyers and to Finchem, who forwarded it to Borrelli.

In the email, Waldron pitched his services for the planned audit, writing that he had “the capability to identify fraudulent ballots via optical scanning technology.” If the Senate were denied access to voting machines, he wrote, they could use “the ‘Scanned Ballot Images’ for Maricopa and Pima” County to “identify ballots that were 1) machine printed/filled out 2) not folded or put into an envelope 3) have barcodes that have been machine altered.” 

Waldron concluded, “This will allow us to pull out invalid votes out of the totals ‘By Candidate’ so that your state can certify normal elections and potentially not have to take extra legislative action.” (The proposal — that the state reach a different election outcome by pulling out “invalid” votes — was similar to a suggestion John Eastman made to a Pennsylvania legislator that same month.)

On Dec. 11, Waldron emailed Borrelli, Finchem, and state Sen. Eddie Farnsworth (who helped launch the “audit” before leaving the Senate) with attached affidavits regarding “existing technology that has been adapted to detect kinematic features of scanned or actual ballots to determine indicators of fraudulent activity.” Waldron proposed a plan in which “our local consultant and advisor, Dr. Lyle Rapacki,” would “take a hard drive to the Maricopa County Board of Supervisors, upload the export/audit file requested, and get the files to us.” 

Rapacki was copied on the email, as was Pulitzer, Allied Security founder Russ Ramsland, and Allied Security lawyer Charles Bundren. On Dec. 13, Bundren emailed Borrelli with a “proposed subpoena” for electronically stored voting information. Much of the content is similar to one of the subpoenas that the Senate issued on Dec. 15 for voting information from Maricopa County. 

  • Allied Security as a Potential Contractor

Allied Security was considered as a potential contractor during the early days of “audit” planning. On Jan. 26, 2021, Fann texted Waldron asking, “Could you please send me text when you are ready to email the proposal plz? We are getting hundreds of email in this and I don’t want your email getting lost in the pile.”

Allied helped Senate leaders connect with others to work on the “audit.” Allied Security founder Ramsland emailed Fann and Petersen on Jan. 29 with Bundren’s résumé and a profile of the company Digital Discovery, which he said “does many of our data collection assignments.” Ramsland wrote, “I trust all these will give you a sense of the depth of professionalism and capabilities of our team, and a breadth of understanding as to what it takes to perform a real election audit as opposed to a whitewash.” 

On Feb. 4, 2021, Fann asked Waldron via text if he had spoken with Steven Davis of Digital Discovery, to whom Fann had reached out two days prior. Waldron responded that he was “on a call with Prof Eastman” but that he would call afterward. A master services agreement from the end of March 2021 lists Digital Discovery as a subcontractor for Cyber Ninjas. 

Communications suggest that Fann grew wary of the potential public backlash to selecting Allied Security, which was known for writing the debunked Michigan fraud report and for its work with the Trump campaign. In a Jan. 29 email responding to a draft press release announcing the Senate’s hiring of Allied Security, Fann wrote: “First we are not mentioning Allied at this point. Please just say we have selected our own independent qualified forensic auditing firm which will perform everything we have required in the subpoenas.” On Feb. 5, Fann texted Waldron that because of media “spin” to “trash Allied,” the Senate needed a “Plan B,” which likely indicated her decision to look for another contractor. 

In the months that followed Allied being dropped as a contractor, Fann and Waldron remained in communication, according to a privilege log provided by the Senate, which lists records withheld because of legislative and other privileges. 

  • Selection of Cyber Ninjas

Over the past year, American Oversight has uncovered a trove of records providing more information about the selection of Cyber Ninjas. Like Allied Security, Cyber Ninjas leadership’s sympathy to the “stolen election” narrative appears to have been a selling point for Senate leaders who hoped an investigation would uncover evidence of significant fraud. In addition, Cyber Ninjas CEO Doug Logan had also been involved in similar election-undermining efforts in other states. 

In response to a July 2021 press inquiry from a far-right media outlet, Fann said that early in the process of launching the “audit,” she had asked the Federal Election Commission for a list of “certified forensic election auditors” — a designation that doesn’t appear to exist. Cyber Ninjas had no election experience prior to the “audit,” and is not one of the two firms accredited by the Election Assistance Commission to certify voting machines. Earlier in 2021, those two firms had been hired by Maricopa County to perform an audit of voting equipment, and confirmed that the votes had been counted accurately. 

In her email, Fann went on to describe reaching out to “people in other states who were already talking about audits” and asking for recommendations. “It was part of this process that [Cyber Ninjas CEO] Doug Logan’s name came up along with many other referrals,” Fann wrote. “I was told Mr Logan was the gentleman working with the issues in Atrium County and Fulton County.” Fann was likely referring to Michigan’s Antrim County, the subject of the debunked report on fraud and where Logan was listed as a potential witness in a lawsuit challenging the county’s election results. Recent reporting on a potential security breach of voting equipment in a different Georgia county and Logan having potentially visited there at the same time — suggests that Fann was likely referring to Fulton County in Georgia. (Pennsylvania’s Fulton County was also home to a post-election partisan audit of election equipment conducted by Wake TSI, which later temporarily joined Cyber Ninjas’ team in Arizona. 

Records indicate that Logan and Fann were in contact as early as Feb. 5, 2021. Logan submitted a draft statement of work to the Senate on Feb 10. and re-sent it three days later after Fann asked him about it over text. On Feb. 27, Fann sent the statement of work to Pullen, writing, “Very confidential.”

Fann had also sought Waldron’s opinion about Cyber Ninjas. “Are you familiar with Doug Logan and Cyber Ninja?” Fann asked via text on Feb. 27. “They were on the list of 5 with Allied. There is no way we can contract with ‘allied’ or ‘Jovan,’ although I know allied is fully capable and probably the best in the field.” It’s unclear what “list of 5” Fann is referring to. 

Waldron responded, “Yes Ma’am – Doug is very reputable.”

Funding and Conducting the ‘Audit’ 

While the Senate initially authorized $150,000 in public funding for the “audit,” costs to Cyber Ninjas had skyrocketed to nearly $9 million by September 2021, according to records American Oversight obtained. Private funds from Trump-allied groups and nonprofits made up a large portion of money provided to run the costly operation, whose steep price tag was obvious early on. 

Records released in early May 2022 that were previously held by Cyber Ninjas support the conclusion that senior “audit” leaders knew early on that the review’s cost would far exceed its public funding. For example, by May 12, 2021 — just a few weeks after the “audit” began — StratTech, the company that took over for Wake TSI in leading the hand count of ballots, estimated its costs to be $1.5 million

A March 8 statement of work from Cyber Ninjas for the Senate indicates that funding would be provided by “patriots across the country” who “have desired for this audit to take place and have contributed funds to lessen the load on the state of Arizona.” (The statement of work also includes a reference to the in-person canvassing operations Senate allies conducted even after election watchdogs and the Department of Justice raised concerns about voter intimidation. Records obtained by American Oversight show that top Senate officials were aware of the door-to-door efforts, even if they hadn’t been officially sanctioned by the Senate.)

In a March 24 email, Logan objected to various revisions to his contract proposed by the Senate, including a provision reducing the overall compensation from $500,000 to $150,000. He indicated that the originally proposed $500,000 made up 25 percent of the overall cost of the investigation, further suggesting that remaining funds were intended to be crowdsourced.

American Oversight also recently obtained documents from February 2022 showing the high costs of security contractors — the firm Law Enforcement Specialists and the armed volunteer organization Arizona Rangers — hired to work at venues where the “audit” took place.

Connections to Political Partisans and Efforts in Other States

The Arizona review’s connections to election-undermining efforts in other states as well as to the larger plot to overturn President Trump’s loss is further illustrated by records obtained by American Oversight. 

According to additional statements of work from May 2021, among the employees retained by Wake TSI to conduct “ballot counting” for the Arizona operation was someone named Mike Roman — the same name as that of the director of Election Day operations for former President Trump’s 2020 campaign, who also served as an executive with the America Project’s “Fund the Audit” group. Other Wake hirees include attorney Scott Sigman (who communicated with Trump lawyer Cleta Mitchell on “audit” payments, as revealed in records we previously obtained); Heather Honey (the owner of Pennsylvania-based Haystack Investigations, which also worked on the review); and Andre McCoy (whose name appeared on the “alternate” electoral certificate submitted by Trump supporters in Pennsylvania). 

Over the summer of 2021, conservative lawmakers from several states, including Pennsylvania and Wisconsin, visited the Arizona “audit” with the goal of replicating the operation in their home states. Records reveal communications between Pennsylvania elected officials and Arizona leaders that June; that fall, Republican lawmakers in Pennsylvania launched a “forensic investigation” into the election.

Last year, a partisan majority in Wisconsin’s Assembly also launched an election review. American Oversight has been investigating that investigation as well, which has been overseen by Michael Gableman, a conservative former Wisconsin Supreme Court justice. Records we obtained from Arizona indicate that last summer, Christina Bobb had put Gableman in touch with Fann. “WI Supreme Court Justice (Retired) has been appointed to oversee an audit in WI,” Bobb texted on Aug. 1. “He has asked for your number. Do you mind if I share it with him? His name is Michael Gableman.” 

Gableman emailed Fann that same day, writing, “As I am in the early stages of designing that procedure, it would be invaluable if I could speak with you and/or the process implemented in Arizona and any lessons learned therefrom.” Text exchanges between Gableman and Randy Pullen have also surfaced in records we’ve obtained.

Remaining Questions

As of this writing, the Senate continues to withhold more than 1,000 documents under an overly broad claim of legislative privilege, an issue being considered by the Arizona Supreme Court. Cyber Ninjas also has a potentially large amount of public documents it has not yet released. While our investigation has uncovered a wealth of information about the “audit,” several important questions remain:

  • Who paid for the “audit” and what was the total cost? Public records have provided important details about costs and subcontract agreements, but the public still needs to see additional documentation regarding how much money was raised from different sources and how much was paid to various subcontractors. 
  • What role did funders or prominent supporters play in the execution of the “audit”? Despite assurances from the Senate and from Cyber Ninjas that external funders would not exert undue influence over the operation, we have seen a number of indications that funders or other “audit” supporters played operational roles. Staff of the review’s single largest funder, the America Project, were copied on routine emails about scheduling shifts for ballot counting, and as outlined above, Mike Roman — an executive in the America Project’s “Fund the Audit” group — appears to have been on Wake TSI’s list of employees. Right-wing news host Christina Bobb, a prominent election denier who communicated regularly with Senate leaders and helped fund the “audit,” appears to have played a direct operational role through work on behalf of Giuliani. 
  • What communications might Cyber Ninjas have had with subcontractors or external entities? Given Doug Logan’s involvement in wider efforts to overturn the 2020 election, we’re concerned about the nature of his communications with other contractors and with external individuals and entities, which could reveal further information about the intent of the “audit.” 

American Oversight’s investigation of the sham “audit” in Arizona is ongoing. More information on the investigation and records uncovered to date can be found here. Legal filings related to the case against the Senate and Cyber Ninjas can be found here.