Daily Archives: March 6, 2004

Electronic Democracy

A report in Mother Jones looks at the pre-election state of electronic voting in the US through the prism of Super Tuesday and sees pretty much what the critics have been telling us we’d see.

Nearly 10 million people are voting via computer this primary season. Most election officials in e-voting states hailed the outcome of Super Tuesday as a success for the largest test of electronic kiosks to date. Still, some of the six million California citizens who tried it found machines that didn’t boot up and coding software that failed to match votes with those who cast them. Some poll workers found that the programs they were called on to administer weren’t the ones they’d been trained for. Encoding problems even omitted propositions from some ballots.

About 10% of the 6M votes cast in CA were subject to these flaws. That means 600,000 voters were, to all intents and purposes, disenfranchised–more than enough to throw an election; it wouldn’t even have to be all that close.

For anybody who has dealt with computers, none of this is much of a surprise. Even absent deliberate attempts to hack or defraud, computers are very touchy instruments with annoying tendencies to develop murderous glitches and unexplained malfunctions. Booting up just this morning, I got three different error messages, two programs didn’t respond when I tried to open them, Real Player opened whenever I hit the shift key, and my browser closed itself twice. Granted, my little 3-yr-old Compaq isn’t exactly state-of-the-art, but everybody I know, even the ones with expensive, top-line equipment, reports similar boo-boos on a more-or-less regular basis. There have always been questions about whether we really wanted to put our elections in the hands of a technology with more than its fair share of gremlins. It was Florida in 2000 that shoved everybody over the edge.

Congress pledged $3.9 billion through the Help America Vote Act in 2002 for states to phase out punch-cards and lever voting booths and make voting easier for the elderly and disabled. States rushed to scrap paper ballots and set up computers for 2004 that would make voting as dummy-proof as withdrawing money from an ATM machine.But it hasn’t quite worked out that way.

The effort to establish e-voting operates according to the same kind of dot-com era blind faith that prophesized paper-free workplaces. Studies show that offices use more paper than they did a decade ago; and electronic voting systems are proving the potential to be just as error-prone — if not more so — than the old way. Some Senate votes were double counted in South Dakota two years ago and in 2000, Florida machines added up a negative 16,000 votes for Gore.

In the whole country, perhaps, there is no more concentrated group of computer-savvy geeks than will be found in Silicon Valley. What do they think of electronic voting?

Nobody seems as worried about this equipment as the technologically savvy voters in California’s Silicon Valley region, one of the thousands of places hurrying to implement the touch screens. Yesterday, a good number of those voters showed up at the Santa Clara County elections office in order to avoid having to vote by computer.”I came out here early because I want to put a real mark on a real piece of paper,” said Kai Frazer, 28, who spends his days developing computer programs for industrial applications. It is precisely because he understands the technology behind the voting machines so well, Mr. Frazer said, that he sought out an advance-voting ballot form, the kind where you put an X on paper.

“I know just how much you could screw with these things if you wanted to cause some mischief,” he said, gesturing at the squat black Sequoia Voting Systems machines, which look like extra-large laptop computers.

The nation-wide demand that voting computers generate a verifiable a paper-trail is growing, and most states are either doing it or have indicated they intend to but even the states with laws requiring paper validation admit they won’t have it before 2006. Can we trust the results from electronic voting machines until then? David Coursey, Executive Editor of the online mag for IT professionals, ZDNet, says No.

Now, I’ll admit that when computerized, even Internet, voting was discussed in the past, I was enamored with the idea. Wouldn’t it help more people vote? Wouldn’t the counts be nearly instantaneous? Wouldn’t greater voter empowerment mean greater real democracy?Not on your life. As a computer professional, I have one word for anyone who’d like to use any sort of electronic balloting system–at least one that can’t be easily audited by hand: Don’t do it. Why? Because computers can never be totally trusted, especially for something as seemingly simple (yet critical) as holding an election.

The Globe and Mail has some specifics:

The machines have already caused problems: In January, touch-screen machines used in a Florida county election failed to register 134 votes in a race won by just 12 ballots. And a number of recent studies have found security flaws that could allow hackers to break into machines and alter voting data undetected. One found that any high-school student with intermediate computer training would be able to use off-the-shelf equipment to forge cards used to initialize the voting machines and identify voters.

The hacking problem worries Coursey, too, but he’s just as concerned about the lack of understanding election officials–who are not professional programmers–display about the systems they have to oversee, and even more so about the demonstrated lack of accountability of the vendors.

[A]ny system that starts with a computer scares me, at least in part because even election officials don’t seem to understand what’s happening with them. What a surprise it was to officials here in California when Diebold, the electronic voting vendor, swapped out the officially sanctioned code on its voting machines and replaced it with non-approved software--without telling anyone. I’m not saying Diebold did so with any ill intent. But the episode proves that election officials can’t really have faith in the technology that they use. Is this really our software? Or is it software that someone’s hacked and we don’t know about it? (emphasis added)

MoJo identifies this kind of secrecy and corporate high-handedness as the real problem. While Republicans have been pooh-poohing the worry voiced over the infamous Diebold memo, MoJo points out that the unbreakable secrecy Diebold demands feeds the supposition that they have something they want to hide besides incompetence.

Diebold’s GOP support is especially key to note because as the corporation is private, so are its records. The equipment, software, and employees tallying votes are not subject to public scrutiny — so any suspicion of a skewed election can neither be proved or disprovedActivists last summer posted online thousands of internal Diebold emails suggesting that the company was hiding glitches in its systems. When Diebold demanded that Internet service providers delete the links, it was accused of stifling free speech. Diebold later backed down. Yet even government lacks the right to peek into this privately owned data to determine, say, the cause of the glitches in the most recent round of primaries.

Even if Diebold and the other manufacturers of voting equipment don’t intend any electronic mischief, how can we trust them when they insist they’re untouchable and then try to hide flaws? How can we trust their security when tests show a relatively uninformed hacker could do major damage without half working at it? The answer, Coursey says, is: We can’t.

Computer fraud, as we know, needs only a single disgruntled person who may be sitting half a world away. I don’t know about you, but the prospect of some kid in the Philippines deciding who the next lieutenant governor of Texas will be scares me more than the idea of the voters in my native state making the choice themselves. Just a tad more, but more nonetheless.Those of us who love freedom and know computers realize the first is too important to allow its fate to rest upon the second. Computer- or (worse) Internet-based voting systems are much more of a threat than most people realize and should not be used until the technology is iron-clad secure–which may be never for something this important. (emphasis added)

What can we do before election day this year to fix the problem? Probably nothing on an institutional level. We are looking at an exploitable hole the size of Montana in our democracy, facing the least responsible, least ethical, most “We don’t care how we win as long as we win” opponent in our history and there appears to be nothing we can do to keep them honest. God help us.

Well, I can only do what I can do. I intend to vote early and demand a paper ballot. I suggest you do likewise. Then cross your fingers. If we get through this election without major fraud being perpetrated on the system (and how would we know?), we will have dodged a bullet aimed straight for our hearts.