E-Voting's Biggest Test
The 2008 presidential election could be shaken by flawed electronic voting technology.
As the US heads into a historic and contentious presidential election, concerns over electronic voting technology could be about to stir up controversy over the legitimacy of some results.
Ironically, electronic voting machines were meant to make elections more reliable and secure. After the 2000 presidential election, when spoiled ballots and “hanging chads” sent the disputed result all the way to the Supreme Court, Congress began dispensing billions of dollars to help states replace punch-card ballots with more-sophisticated voting technology. Since then, however, concerns over the trustworthiness of electronic voting system have steadily grown.
Already in several key states, early voting has seen touch-screen voting machines “flip” votes from one candidate to another. Some voters casting early ballots in Virginia, Tennessee, and Texas say that machines have flipped their votes. All were able eventually to correct the mistake, but this has added a sense of urgency to long-held unease over the security and reliability of electronic voting systems.
Earlier this month, a report from Election Data Services (EDS), a Washington, DC-based firm that tracks election administration, said that electronic voting machine usage will drop this year for the first time ever. In Tuesday’s election, 32.6 percent of all ballots will be cast using an electronic voting machine, compared to 37.6 percent in 2006, the equivalent of 10 million fewer voters. “Basically, the activists and the political scientists have kind-of won that battle,” says EDS president Kimball Brace. “Most election administrators don’t find it worthwhile trying to fight the battle and are trying to move on.”
Nonetheless, that percentage will still be higher than it was during either of the last two presidential election races: in 2000, 22.0 percent of votes were cast electronically, compared to 29.2 percent in 2004. Also, several key swing states, including Ohio, Indiana, and Nevada, will rely heavily on electronic voting. Ohio and Indiana will use a combination of optically scanned paper ballots and electronic voting machines, while Nevada will rely almost entirely on electronic voting, according to the same EDS study.
Meanwhile, the political situation in Ohio couldn’t be more tense. Republicans and Democrats are already wrangling in court about voter registration issues and so, if the race is particularly tight, the state could well be the scene of fierce legal action centered on electronic voting irregularities.
E-voting machines are receiving an unprecedented amount of attention from experts and activists. Grassroots organizations such as Black Box Voting and Video the Vote are urging voters to monitor the election and have already publicized problems with some voting machines, including touch-screen vote flipping.
Many computer security experts have previously raised concerns about the reliability and accountability of these machines, an issue that is complicated, they say, by the fact that they are manufactured by a number of different private companies and make use of proprietary (or undisclosed) computer code. In 2004, Avi Rubin of Johns Hopkins University, Dan Wallach of Rice University, and colleagues published an analysis of an electronic voting machine used in Maryland and concluded that the machine was “far below even the most minimal security standards applicable in other contexts.”
The manufacturer, Diebold Election Systems, now Premier Election Solutions, disputes the conclusion. Nevertheless, in 2007, the Maryland General Assembly voted to move back to paper ballots, although it will still use e-voting machines in Tuesday’s election.
More recently, in a review commissioned by the state of California, researchers at the University of California found that electronic voting machines used in that state had security issues that made them vulnerable to vote tampering. The report prompted California to require that all voting machines also produce a paper trail.
Wallach of Rice University says that touch screens can often be poorly calibrated, causing the on-screen image to be misaligned with the touch-sensitive layer of the screen. Even a properly calibrated machine may not work well for an especially tall or short person because of their angle of view, he adds.
Critics’ greatest concern about electronic voting machines, however, is that they might be vulnerable to fraud. “I think it’s the complexity and the lack of transparency,” says Steven J. Murdoch, a computer security researcher at the University of Cambridge. “It’s certainly not apparent to the ordinary voter how it works, or whether it can be tampered with.”
Murdoch thinks the move towards electronic voting was driven in part by “modernization for modernization’s sake. When I was calling this a bad idea, I was being called a Luddite, but I’ve spent most of my life working with computers.”
However, David Beirne, executive director of the Election Technology Council, which represents voting-machine manufacturers, says that electronic systems are designed to solve real problems. He says that paper ballots are expensive, cumbersome, and often “spoiled” by voters who mark them incorrectly.
“Unfortunately, I think the criticisms have reached such a point that no voting system can satisfy the critics,” Beirne says. He also complains that critics often present unlikely scenarios, or ones that could easily be defended against with good management practices. And they don’t compare the machines against the vulnerabilities of paper ballots.
Charles Stewart, a professor of political science at MIT who has studied voting technology, agrees that paper ballots are also vulnerable to fraud. “Right now, we know a hundred different ways to corrupt paper systems that any idiot could perform. I don’t know of anything that any idiot could perform on voting machines,” he says. But Stewart also argues that the industry has been slow to address real security concerns that have been apparent for years.
A number of technological schemes have been suggested for fixing security problems related to electronic voting. The most common is to require that each machine generate a voter-verified paper ballot and to audit a sample of paper ballots after an election. Some states (including California) have moved towards this method.
Another proposal is to use encryption to ensure voters and observers that votes haven’t been tampered with. In one such scheme, developed by Wallach and colleagues and called VoteBox, when voters completed a ballot, their identity and a record of their vote would immediately be encrypted and posted online. Each machine would also issue an encryption key to voters so that the record could be decrypted to make sure the vote had been recorded correctly.
Couldn't get to Cambridge? We brought EmTech MIT to you!Watch session videos here