A new voting-rights struggle

Editor’s Note: Last Thursday, the California Supreme Court rejected all challenges against holding the recall election on October 7. The decision, arrived at during closed-door sessions, forces the state to hold an election in which numerous polling places will be consolidated, a scenario some fear will lead to chaos and possible discrimination. But that’s not the only problem on California’s electoral horizon, as Kim Alexander contends in the following essay.

No image from the Florida 2000 vote-counting fiasco is more memorable than that of Florida election workers holding punched ballot cards up to the light to check for hanging chads.

Now, election officials everywhere are trying to prevent another Florida-style election meltdown by replacing paper-based voting systems with new, completely computerized ones. The thinking seems to be that we can make those images of election workers carefully examining ballots a thing of the past simply by eliminating ballots altogether.

But that’s like trying to solve accounting errors by eliminating your accounting department. Computerized voting solves the problem of the moment—imperfect vote-counting technology—but replaces it with a whole set of new problems we are only just beginning to understand.

The biggest problem with computerized voting systems is that they are not transparent. There is simply no good reason for voters to trust a 100-percent computerized, paperless voting system run on proprietary software. People are not asked to exercise this kind of blind trust in any other important transaction, and voting is the most important transaction of all.

Voters who cast ballots on a touch screen have no way of knowing whether the machine captured their votes as intended. Software can have bugs. Software can contain malicious code. Software can be programmed incorrectly. Systems crash. It’s these kinds of risks that led hundreds of respected computer scientists and technologists to sign Stanford University computer-science professor David Dill’s Resolution on Electronic Voting, which insists there be an audit trail to back up digital ballots.

Increasing public awareness of these risks also led California Secretary of State Kevin Shelley to convene a task force earlier this year to study computerized voting. The Ad Hoc Touch Screen Task Force report was released July 2; members were divided on the paper-trail issue. After evaluating the report, Shelley will decide whether to raise the bar and require California’s computerized voting machines to provide a voter-verified paper backup of every digital ballot cast.

The task force’s report was released at a time when momentum for a voter-verified paper trail and improved election security has been building rapidly across California and the United States as states and counties work to implement new voting requirements imposed under the Help America Vote Act (HAVA).

Computerized voting is expected to increase dramatically all across the country within the next few years because of new federal HAVA funding to replace punch-card and lever machines and because of a mandate that all polling places provide at least one voting machine that allows blind and disabled voters to cast a secret ballot without assistance. Computerized machines are the only ones on the market today that can do that.

California is at the forefront of the paper-trail debate because the state is moving faster than other states to replace its voting systems in response to a federal court order to replace Florida-style punch-card voting machines. California also has $200 million in state bond funds to improve voting systems. If California’s secretary of state implements a voter-verified paper-trail requirement, it likely will have a ripple effect across the country because California is viewed as a trend-setting state when it comes to politics and technology.

Already, three California counties—Mendocino, Sacramento and San Mateo—have indicated their support for a voter-verified paper trail, and vendors are responding to the demand. In the past six months, all three of the nation’s top computerized voting vendors—Diebold, Election Systems & Software Inc. and Sequoia Voting Systems—have begun developing paper-trail auditing prototypes.

Some who think we don’t need a paper trail portray those of us who insist we do as paranoid conspiracy theorists. But any reasonable person who takes a moment to think about it quickly understands why it’s not a good idea to trust 100-percent-computerized, paperless voting systems run on secret software. A voter-verified, paper audit trail is the best way to mitigate the real and perceived security risks inherent in any computerized voting system.

Already, there are signs that some voters lack confidence in computerized voting systems. A poll taken of Georgia’s voters after that state deployed paperless touch screens statewide in November 2002 found a significant racial disparity in voter confidence. While 79 percent of Georgia’s white voters said they were very confident their votes would be accurately counted, only 40 percent of black voters expressed the same level of confidence.

This year, it was discovered that Georgia’s vendor, Diebold, had used a public File Transfer Protocol site on the Internet to distribute a software patch to county election offices. It would have been relatively easy for anyone in the world to find that site and replace that software patch with a different one that contained malicious code.

There’s no evidence of that having happened, but there’s no evidence that it didn’t happen either. That’s the problem: Computerized voting as it is in use today is not transparent. We don’t have access to the software, and we don’t yet have the right to inspect a hard-copy backup of our digital ballots before leaving the polls.

Transparency is not the easiest idea to conceptualize; the absence of transparency is even harder. But that’s what’s at stake here. It’s like we’ve had a window into the world of elections, but now it’s being shuttered.

For paper and lever voting systems, we have developed elaborate security procedures to safeguard votes. For example, in a lever voting system, poll workers check the mechanical counters before opening the polls to confirm the counters are set to zero. In a paper voting system, poll workers open the ballot box and show the first voter at the polls that the box is empty and hasn’t been pre-stuffed.

There are attempts to replicate such procedures in a computerized voting system. The first voter who casts a ballot on a touch screen sees a zero on the screen designed to indicate that there are no prerecorded votes in the machine. But neither the voter nor the poll worker actually can confirm that—the poll worker doesn’t open the box and inspect the software to see that, in fact, it does not have any pre-stored votes.

Paper-based systems do rely on software to count ballots, but the paper ballots serve as an auditing tool that can verify the accuracy of software-generated counts. California has a manual-count law that requires a subset of the paper ballots to be selected at random and publicly tallied by hand to show the hand-counted totals match the software-counted totals. If there is no longer a paper audit trail, then we lose the ability to verify the computerized count.

It doesn’t have to be this way. We could do this right. We could require computerized voting systems to create a paper backup of our digital ballots that voters can inspect (but not take with them) before leaving the polls. Election officials can then use these paper backups to verify the accuracy of computerized counts. That way, when there are problems (and there always are) we have a way to recover from them. We don’t have to ask voters to trust a handful of election officials and a private vendor to assure us that they got everything right.

Fortunately, support for a voter-verified paper trail is gaining momentum. A petition started by Martin Luther King III and author Greg Palast demands a halt to further computerization of voting systems until such methods are no longer susceptible to political manipulation, fraud and racial bias. So far, the petition has more than 39,000 signatures. In addition, Working Assets and the Electronic Frontier Foundation recently issued action alerts to their California members to contact the secretary of state and urge him to require a voter-verified paper trail.

Meanwhile, in Washington, D.C., Congressman Rush Holt, D-N.J., has introduced House Resolution 2239, the Voter Confidence and Increased Accessibility Act of 2003, which would require computerized voting systems to produce a voter-verified paper trail and would require California-style manual counts of those paper backups. His bill is co-sponsored by 26 other members of Congress, who no doubt trust Holt’s assessment of computerized-election security issues because, in part, he is not only a congressman but also a physicist.

The increasing interest and concern about computerized-voting security is leading people all over the country to speak up and get involved. Their voices are not falling on deaf ears; awareness of their concerns is building among politicians and election officials at all levels of government. The question is: How will election officials and politicians respond? We will soon find out whether California will blaze a trail down a path that will lead to real computerized-election security.

The fight for the right to inspect a paper backup of one’s digital ballot may end up being the voting-rights struggle of our time. For it is the consent of the governed that is the true mark of a legitimate government. And that consent can be won only when elections are conducted not in secret, but in plain sight.