A recently released Congressional Research Service (CRS) report suggests eVoting isn’t quite ready for primetime, despite its rapid embrace, which has been partially funded (to the tune of almost $4 billion) by The Help America Vote Act of 2002 (HAVA, P.L. 107-252).
… there appears to be an emerging consensus that in general, current DREs [direct recording electronic systems] do not adhere sufficiently to currently accepted security principles for computer systems, especially given the central importance of voting systems to the functioning of democratic government.
Concurrent with this announcement, one of the major equipment manufacturers is in federal court this week, battling the release of internal documents which, on the surface, support the CRS security caution.
Using the mantle of intellectual property, Diebold has sent cease-and-desist orders to ISPs and students who have published links to internal documents which raise security concerns about America’s wholesale rush to eVoting.
The ISP Online Policy Group (IOPG) has asked the courts to issue an injunction barring Diebold from sending the cease-and-desist letters.
There are several issues which seem invisible to reporters covering the story.
Ironic security breach
First, Diebold controls 50,000 touchscreen voting terminals. Diebold has assured Secretaries of State that these machines are secure.
And yet … Diebold’s own internal network was broken in March, resulting in the leak of 1.8 gigabytes of data. Am I the only person who sees this as ironic and worrisome?
Paper v. electrons
Second, many states (such as Washington, California) have debated whether a paper audit trail is necessary. Advocates for the disabled are opposing the paper trail; so are eVoting system manufacturers.
However, according to the CalTech-MIT Voting Technology Project, optical scan systems (paper ballots) should be the technological solution of choice. This system has a low error rate, complementary with hand-counted paper ballots.
So why are we spending a gazillion dollars on DREs that use touchscreens (or other systems with no paper trail), when the error rate of these machines matches the punch card system that they are designed to replace? [p2]
How can we justify this cost, when the cost for converting punch card systems to optical scan systems is in the millions, not billions? And when so many counties (40.2% in 2000) are already using optical scanners? What (from whom?) is the political push for CRTs?
Yes, the federal act sets for accessibility guidelines that are biased towards DREs. But why the bias?
Voters as lab rats?
Third, our experiments in eVoting (the CRT solution) are not proceeding smoothly. While not widely reported (or, apparently, investigated by mainsteam media), the glitches just keep on trickling in.
Peter G. Neumann of SRI International has compiled an extensive list of risks to the public relating to using computer systems. The list includes risks of electronic voting. A few examples follow:
- California 2003 recall election
State officials halted certification of Diebold’s voting machines after learning that uncertified software had been installed (remotely) on Alameda County machines. The county has invested $12 million in the equipment.The optical scan system is used in most of California’s 58 counties, but Diebold has a toe in 13. For example, San Joaquin County has invested $5.7 million. The state wants the company to pay for a supplementary audit.Diebold says that it thought the patches were ok because they had been certified by the feds.
- Fairfax, Virginia 2003 election
Nine malfunctioning WINvote machines (system cost $3.5 million) were “removed for repair and then put back in service,” leading Republicans to challenge the election. According to RISKS-L, the machines were taken off-site and the seals were broken, but election officials were told to resume using the machines.In additon, the machines reportedly subtracted one vote for every 100 cast for School Board member Rita S. Thompson, who lost a close race. - Georgia, 2002
Secretary of State Cathy Cox bet the farm on Diebold; Georgia was the first state to order the system, valued at $54 million.First news reports suggested the system performed flawlessly. However, some voters found that when they tried to vote for Candidate A, the machine recorded a vote for Candidate B. Officials say that the problem was fixed. When? How?Recent reports suggest Diebold installed uncertified patches on the Georgia machines – patches that were not certified by the feds or the state. The Wired story said that “25 to 30 percent of the machines in one shipment to the warehouse either crashed upon booting or had problems with their real-time clocks, causing the systems to register the date inaccurately then boot improperly or freeze up altogether.”
This jibes with later reports of problems at polling places in suburban and downtown Atlanta, where almost 100 memory cards went missing. Were they counted or not? We’ll never know for sure, because the count was conducted by none other than Diebold, a firm dominated by high-rolling Republican National Committee contributors.
Republicans took two key races, results which contradicted polling data. Anomolies were similar to those in the 2000 Florida election.
- Houston 2003
Technicians discovered that 12 eSlate machines were improperly configured; there was at least one malfunctioning machine; and election officials gave voters paper, torn in half, and directed them to create their own, makeshift ballots. - Indiana 2003 County election
A MicroVote system showed that 144,000 votes had been cast … with a pool of 19,000 registered voters. Just how the counting was corrected was not reported. According to the CRS report:Some kinds of error could be detected when voter registers and vote tallies are reconciled — for example, if the total number of votes for an office were greater than the total number
of voters at the precinct. However, resolving such a problem in a way that reflects how voters actually voted would not be straightforward. (p8) - Maryland’s Diebold purchase
In a July 2003 review of the controversial Diebold files, computer scientists at Johns Hopkins and Rice Universities called attention to potential security violations.The State of Maryland subsequently launched its own research and found that the system “as implemented in policy, procedure, and technology, is at high risk ofcompromise” (p12). In addition, the report asserts that state procedures “help mitigate the weaknesses identified in the July 23 report,[but] do not, in many cases meet the standard of best practice or the State of Maryland Security Policy.”And yet … the state characterized this report as “a positive independent review.” Maryland is going ahead with a record $55.6 million purchase of Diebold AccuVote-TS voting terminals. What madness is this?
- Ohio promised to Republicans
Associated Press and the Cleveland Plain Dealer reported that Diebold’s CEO sent invitations to a $1000-a-plate fundraiser, stating that he was “committed to helping Ohio deliver its electoral votes to the president next year.”The letter was mailed the day before the Secretary of State was to certify Diebold as one of three firms eligible to sell eVoting equipment to Ohio counties.Two days later, Diebold offered to consider building all machines in Ohio should it win the contract, which it has. The state has budgeted $136 million for computerized equipment for the 2004 election.
Resources:
- Accuracy, Integrity, and Security in Computerized Vote-Tallying (National Bureau of Standards, 1998)
- Black Box Voting
- Campaign for Verified Voting
- California Ad Hoc Touch Screen Task Force Report
- The Diebold AccuVote TS Should be Decertified (USENEX Security Symposium, 2003)
- EFF “E-voting” archiveElectronic Voting – Assessing the Threat (CPSR, 1993)
- Electronic Voting Hotlist
- Electronic Voting Update (Rebecca Mercuri)
- Security Criteria for Electronic Voting (16th National Computer Security Conference, 1993)
Links: Australian IT (AP – 19 Nov); The Indepedent (14 Oct); The Register (18 Nov)
