Every Vote Counts - If It's Counted

[R. A. Hettinga]

<http://www.campaigndesk.org/archives/000805.asp>

CJR Campaign Desk: Archives

   Critique and analysis of 2004 campaign coverage
from Columbia Journalism Review





The Longer View
August 08, 2004

Every Vote Counts - If It's Counted



By Susan Q. Stranahan

On November 2, millions of Americans will vote on computers, many of which
may be vulnerable to partisan hackers, disgruntled poll workers, or anyone
else with a desire to alter the outcome of the election, writes Ronnie
Dugger in the current issue of The Nation. "The result," he says, "could be
the failure of an American presidential election and its collapse into
suspicions, accusations and a civic fury that will make Florida 2000 seem
like a family spat in the kitchen."

 Dugger's detailed analysis of the problems of electronic voting and the
potential for fraud and error would seem to be a crucial election story of
2004, full of the stuff journalists love -- hints of skullduggery,
cronyism, and conflicts of interest. But, with a few exceptions, the advent
of e-voting has remained an issue hovering persistently beneath the media's
radar.

The stories that have appeared largely have been local, piecemeal and
rarely rise much beyond the "he said/she said" level of reporting. As a
result, the public -- to the extent that it's even aware of the controversy
-- is left to its own devices to figure out a complex issue, with
considerable ramifications.

New York Times editorial page writer Adam Cohen is one of the very few who
has delved into the subject, spending much of the year writing about the
"mechanics" of democracy in a series entitled "Making Votes Count."
Electronic voting -- and its lack of accountability -- has been a frequent
topic.

Cohen, a lawyer with an interest in politics and technology, opened his
series last January with this warning:

The morning after the 2000 election, Americans woke up to a disturbing
realization: Our electoral system was too flawed to say with certainty who
had won. Three years later, things may actually be worse. If this year's
presidential election is at all close, there is every reason to believe
that there will be another national trauma over who the rightful winner is,
this time compounded by troubling new questions about the reliability of
electronic voting machines.

This is no way to run a democracy.

Given the media's lack of interest in the subject, it can also be said:
This is no way to cover one, either. Come November, can you be sure that
your vote will be accurately recorded? It seems a rather fundamental
question that cries out for an answer.

About one-third of the expected computerized vote this fall will be
tabulated by touch-screen machines that will provide no paper trail of a
voter's choices, and, as a result, are vulnerable to tampering. Writes
Dugger: "The United States therefore faces the likelihood that about three
out of 10 of the votes in the national election this November will be
unverifiable, unauditable and unrecountable."

In Florida, where the outcome of the 2000 presidential election remained in
limbo for 36 days due to voting irregularities, more than half the state's
voters will rely on paperless touch-screen systems. Florida is a crucial
swing state, with its winner garnering 27 electoral votes -- 10 percent of
the total needed.

Ironically, it was the chaos of the Florida returns four years ago that
catapulted the nation towards electronic voting. In 2002, Congress passed
the Help America Vote Act, and when President Bush signed it, he declared
that "when problems arise in the administration of elections, we have a
responsibility to fix them." But, as the Times' Cohen noted earlier this
year, the president's budget provided only $40 million of the $800 million
promised by Congress for election improvements at the state level. Wrote
Cohen: "[N]either the president nor Congress is very serious about fixing
the system."

Some states scrambled to switch to electronic voting, and for the limited
federal funds to buy new equipment. About 20 percent of the nation's 3,114
counties will have switched completely to computerized voting by November,
according to Election Data Services, Inc., a Washington, D.C. research
company. (Some of those machines offer a printed copy of the ballot as a
backup; some do not.)

But the states also discovered that there are no federal guidelines or
security standards for the equipment. That will come at a later date, long
after this presidential vote. (The Election Assistance Commission,
appointed by President Bush to set those standards and oversee the
transition, has been slow to get organized, in part because of a lack of
funding.)

The electronic voting market is dominated by a handful of companies, which
stand to make huge profits from the shift to touch-screen computers and the
software that runs them. Nearly 100 million votes will be cast on the
computers operated by this tiny group, which has aggressively promoted its
product and just as vigorously defended the secrecy and reliability of its
technology.

Diebold, Inc., of North Canton, Ohio, holds about 45 percent of the
equipment market. Its track record thus far has been less than impressive,
and not necessarily reassuring. As Dallas Morning News reporter Vikas Bajaj
noted (registration required), Diebold has "become a lightning rod for the
industry":

In April, California Secretary of State Kevin Shelley, citing security
concerns, banned Diebold machines in four counties. He has also required
that any electronic voting machines the state buys must have verified paper
trails.

Ohio's legislature in May required that all electronic voting machines have
paper trails by 2006. In July, the state's secretary of state, J. Kenneth
Blackwell, stopped the use of Diebold machines in three counties, saying
they hadn't met security requirements.

Diebold's problems don't stop there. Critics cite a fund-raising letter
written last year by the company's chairman and chief executive, Walden
O'Dell, who said he was "committed to helping Ohio deliver its electoral
votes to the president." He has since apologized.

More worrisome to many experts, however, is the apparent vulnerability of
the so-called source code used in the Diebold machines. "Given the gravity
of the security failings the computer security community has documented, it
is irresponsible to move forward without addressing them," Dr. Avi Rubin, a
computer science professor and technical director of the Information
Security Institute at Johns Hopkins University told a House committee last
month.

As Knight Ridder's Sumana Chatterjee wrote: "The main problem, according to
Rubin, is that there's no way for election officials to be sure that
electronic machines are free of codes designed to manipulate results.
Companies are reluctant to share their 'source code,' the proprietary
software that controls voting and tabulating results, so their software can
be checked independently."

Backers of computerized voting -- among them many state and local election
officials -- dispute the critics' worries about vulnerability. Chatterjee
quoted Linda Lamone, Maryland state administrator of elections, who also
testified before the committee: "Although any electronic voting system is
hypothetically 'hackable,' I am confident that the likelihood of this
occurring is extremely remote." Hackers would need a working knowledge of
the software's specific programming language and gain physical access to
computer servers and voting machines, she testified.

Unlikely, maybe, but the first of those two conditions has already been
met. Bev Harris, a Seattle literary agent and voting rights advocate, has
become something of a legend among critics of e-voting. Miami Herald
columnist Jim Defede wrote about Harris last month: Concerned about the
lack of security, Harris Googled Diebold, hoping to find a computer
engineer or programmer who could put her fears to rest. Instead, she
stumbled across a link to 40,000 files of the company's ultra-secret source
codes, which she downloaded and posted on her own web site, asking experts
for help in analyzing the information. Diebold obtained a court order
shutting down her site. Ultimately the codes were posted on the
congressional website of Democratic Rep. Dennis Kucinich. Diebold claims
the code was outdated and no longer in use.

In Georgia during the run-up to the 2002 Senate race, as The Times' Adam
Cohen reported, Diebold machines were plagued by hardware and software
problems, and the company on several occasions sent "patches" --
programming updates -- for installation. (The software was installed
without the required review and approval by the Georgia Secretary of
State.) When the votes were counted, Sen. Max Cleland, a Vietnam war hero
and triple amputee, who held a strong lead in the polls before Election
Day, suffered a decisive loss to challenger Saxby Chambliss (who also ran
ads picturing Cleland with Osama bin Laden). Critics, like Bev Harris,
questioned whether the patches could have converted Cleland votes into
Chambliss votes. Because there was no paper trail, there was no evidence to
prove or disprove the allegation.

In his series, Cohen notes that the secrecy over source code may be a red
herring. Source code can be produced, if authorities insist. Nevada gaming
officials have instant access to source codes and all equipment at casinos
in the state without compromising proprietary information. Ironically, he
says, "gamblers are more protected than voters."

 Critics of e-voting come from two camps -- a growing number of local
activist groups around the country which last month sponsored a national
"The Computer Ate My Vote Day,' and computer security experts. The Nation's
Dugger quotes one of the most outspoken, Dr. David Dill of Stanford
University:

Last fall during a public talk on "The Voting Machine War" for advanced
computer-science students at Stanford, Dill asked, "Why am I always being
asked to prove these systems aren't secure? The burden of proof ought to be
on the vendor. You ask about the hardware. 'Secret.' The software?
'Secret.' What's the cryptography? 'Can't tell you because that'll
compromise the secrecy of the machines.' ... Federal testing procedures?
'Secret'! Results of the tests? 'Secret'! Basically we are required to have
blind faith."

Dugger also quotes recent testimony from Johns Hopkins' Avi Rubin to the
federal Election Assistance Commission: "I do not know of a single computer
security expert who would testify that these machines are secure."

Advocates of e-voting have portrayed criticism as coming from a handful of
unhappy academics, or as being motivated by partisan politics -- claims the
media have largely bought into. Among the chief proponents of the new
system is Gov. Jeb Bush, who presided over the 2000 debacle from which his
brother emerged with an official winning margin of 537 votes. As the Miami
Herald reported last month, Gov. Bush has suggested that, as the paper put
it, "people who repeatedly raise questions about the touch-screen machines
were doing it to motivate their voters in the upcoming presidential
election, in which Florida will be a battleground state."

But that's not necessarily true elsewhere. The Republican secretaries of
state in Nevada and Missouri -- both expected to be hotly contested this
fall -- have expressed concerns about the reliability of the equipment. As
a result, they have required that touch-screen voting machines also be
equipped with a "voter-verified paper trail" in November. (This is an
inexpensive add-on to the machine, which allows a voter to confirm manually
his or her vote before it is cast; that confirmation is retained
independently of the computer tally in the event a recount is required.) It
is this type of backup that Adam Cohen and others believe will eliminate
many of the potential problems with e-voting.

Nevada's 2,000 electronic voting machines will all come equipped with
printers this fall. Secretary of State Dean Heller told the Associated
Press that paper receipts are "an intrinsic component of voter confidence."
Nevada is the first state to institute such a policy statewide. Nationally,
legislation requiring printed backups is pending in both the House and
Senate -- but no action is expected before November.

So, the question remains: Will this year's contested presidential election
proceed smoothly, or will the scenario be closer to what a letter-writer to
The New York Times predicted: "[T]he havoc wreaked by the butterfly ballot
[in 2000] will soon be compounded by a plague of worms, the kind encoded in
electronic voting machines that leave no 'voter verified paper trail.'"

No one knows. But it sure sounds like a story worth pursuing by more than a
few lonely souls like The Nation's Ronnie Dugger and the Times' Adam Cohen.

Posted 08/08/04 at 12:01 AM

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'