CDR: Gary Chapman On Online Voting, Even if Secure, Won't Solve Election Troubles

Matthew Gaylor freematt at coil.com
Tue Nov 14 10:59:23 PST 2000 

DIGITAL NATION

Online Voting, Even if Secure, Won't Solve Election Troubles

By Gary Chapman

Copyright 2000, The Los Angeles Times. All Rights Reserved

The uproar over last week's election results, particularly the 
controversy over the vote in Florida, has fueled calls for online 
voting. Some experts think the problems of last week could be solved 
by computerized voting, while others insist that is fraught with 
insecurity.

Controversy about how computers handle votes has been around for a 
while. It was an issue championed for years by longtime Los Angeles 
civil-liberties activist Mae Churchill, who died in 1996 at age 84. 
Churchill was the founder of Pacific Palisades-based Election Watch, 
and 15 years ago she convinced many technical experts that there are 
serious problems when computers are introduced into the voting 
process.

"Mae Churchill got me into this issue," said Peter Neumann, a 
researcher at SRI International in Menlo Park, Calif., and an 
internationally known authority on computer security. Now, he said, 
"I would not trust a computerized voting system even if I had written 
itmyself, because of the many ways in which such systems can be 
subverted."

"It's so easy to rig an election," Neumann said. He cited the fact 
that "punch card" ballots -- the cardboard ballots that use a punched 
hole to read a vote -- can be invalidated simply by running a needle 
through a stack of the cards. That can make it look like a vote for 
two candidates for the same office. Florida election officials threw 
out more than 19,000 ballots last week because of the appearance of 
voters selecting two candidates in the presidential election.

In Boston in 1993, Neumann said, a local election's results were 
reversed after authorities discovered errors caused by "hanging 
chad," the tiny paper remnant of a punched hole that can hang off the 
back side of the card ballot and then reclose the hole when the 
ballot is run through a light scanner for tabulation. This problem 
reportedly caused some of the vote tallies to change in last week's 
recounts in Florida.

Also in 1993 in Florida, a St. Petersburg precinct that had no 
registered voters because it was an industrial area showed 1,429 
votes for an incumbent mayor, who won by 1,425 votes.

Another Florida case happened in 1988, when there were 200,000 fewer 
votes in the Senate race than for the presidential candidates, and 
most of the missing votes came from four counties that used the same 
computer vote-tallying vendor.

"If it was built by man, it can be broken by man," said Doug Lewis, 
director of the Election Center in Houston, an organization that does 
training and consulting for election officials nationwide. "People 
asking for [online voting] don't understand the electoral process and 
the incredible safety and security problems that go into that."

"I do worry that computer elections systems are large and complex 
systems," said David Jefferson, the technical director of the 
California Internet Voting Task Force and a researcher at Compaq 
Systems Research Center in Palo Alto. "The main worry is not bugs in 
the software or in communications, but each time they are used they 
have to be configured rather elaborately. Ballot choices have to fit 
a voter's residence, which can often be a complicated task. If they 
are misconfigured they can produce erroneous results."

The California secretary of state's task force on Internet voting 
recommended against remote online voting earlier this year.

"We have to understand that the security problems for allowing that 
are so severe that we can't recommend that solution at all. These 
problems are inherent in the architecture of the personal computer," 
Jefferson said.

Instead, some online voting proponents are supporting an interim 
solution: polling-place computer voting. "That kind of Internet 
voting can be fielded now, and the security problems are manageable," 
Jefferson noted.

Polling-place electronic voting involves using a networked computer 
to vote at a conventional polling site. This method has the added 
security of controlling the machines and identifying each voter in 
person.

Some argued last week that polling-place electronic voting would have 
solved some of the problems Florida encountered. "Spoiling a ballot 
would be prevented by computer," Jefferson said. The computer program 
could prevent a confused or deliberate vote for two candidates in the 
same race. Another benefit might be that counties could report 
real-time vote counts, which could help prevent television networks 
or Web sites from inaccurately guessing at how a state's electoral 
college vote might turn out. Vote totals also could be reported 
instantly after the polls closed.

But Jefferson said the alleged confusion last week in Palm Beach 
County, Fla., where some people claim to have voted for Pat Buchanan 
when they meant to vote for Al Gore, still could be a problem in 
electronic voting, Jefferson said.

"Someone with a good design sense has to be in charge of the design 
of a screen, just like a paper ballot," he said. Even so, the 
obstacles to adopting polling-place electronic voting are daunting. 
Aside from the expense of providing every polling place with multiple 
computer systems, there are still significant security issues and a 
dearth of trained personnel in our election system.

"Most of us who have been in elections a long time are uncomfortable 
with the idea of turning over elections to a private, for-profit 
company," said Lewis of the Election Center. Although private 
companies do run election systems, they are supervised by public 
officials, usually at the county level. Few counties in the U.S. can 
afford to pay for technical experts who can evaluate and monitor 
sophisticated networked computer systems with multiple redundancies, 
encryption, complex backup and security measures, and 
state-of-the-art equipment.

Moreover, Lewis said, fraud in U.S. elections is low because the 
systems we use are so decentralized and cumbersome. Centralized and 
computerized data would be a tempting target for hackers, subversives 
and perhaps foreign governments, he said.

"Even companies with tens of millions of dollars for protecting their 
systems are penetrated," Lewis said. "How many counties have that 
kind of money?"

"Electronic voting is not going to solve our problems," Neumann said.

Lewis added: "Everyone wants instant Internet gratification. We've 
been conditioned to expect this now. The truth is we're not going to 
have instantaneous Internet voting. We're not going to be doing this 
in 'Internet time.' "

Gary Chapman is director of the 21st Century Project at the 
University of Texas at Austin. He can be reached at 
gary.chapman at mail.utexas.edu.

    ------------------------------------------

To subscribe to a listserv that forwards copies of Gary Chapman's 
published articles, including his column "Digital Nation" in The Los 
Angeles Times, send mail to:

	listproc at lists.cc.utexas.edu

Leave the subject line blank. In the first line of the message, put:

	Subscribe Chapman [First name] [Last name]

Leave out the brackets, just put your name after Chapman.

Send this message.

You'll get a confirmation message back confirming your subscription. 
This message will contain some boilerplate text, generated by the 
listserv software, about passwords, which you should IGNORE. 
Passwords will not be used or required for this listserv.

Mail volume on this listserv is low; expect to get something two or 
three times a month. The list will be used only for forwarding 
published versions of Gary Chapman's articles, or else pointers to 
URLs for online versions of his articles -- nothing else will be sent 
to the list.

To unsubscribe from the listserv, follow the same instructions above, 
except substitute the word "Unsubscribe" for "Subscribe."

Please feel free to pass along copies of the forwarded articles, but 
please retain the relevant copyright information. Also feel free to 
pass along these instructions for subscribing to the listserv, to 
anyone who might be interested in such material.

Questions should be directed to Gary Chapman at gary.chapman at mail.utexas.edu.

**************************************************************************
Subscribe to Freematt's Alerts: Pro-Individual Rights Issues
Send a blank message to: freematt at coil.com with the words subscribe FA
on the subject line. List is private and moderated (7-30 messages per month)
Matthew Gaylor,1933 E. Dublin-Granville Rd., PMB 176, Columbus, OH  43229
(614) 313-5722     Archived at http://www.egroups.com/list/fa/
**************************************************************************

More information about the cypherpunks-legacy mailing list