Monday, October 20, 2003

Democracy & Voting

Obviously a core feature that Democratic governments depend on is their ability to gaurantee free and fair elections to their citizens. If the citizens will is thwarted because the voting system is rigged, then it's not a democracy is it?

The year 2000 elections ended with a voting fiasco. At the surface the election results were "too close to call" in many races, most specifically the Presidential election. If ever there were a demonstration of your vote always counts, the 500 or so vote margin in the Florida Presidential election results is it. If only a few hundred more voters showed up, the election could have gone a different way.

Part of the fiasco was the recount. Many Florida counties relied on a punch card system which was probably the Cool New Thing when it was first unveiled, but in todays Internet Age they are so 60's it's pathetic. The issue in Florida is that the chad's don't always come off cleanly, which left the recount workers struggling to determine the will of the voter based on the condition of those chads.

Across the country an effort was made to replace older styles of voting systems with newer ones. A prominent suggestion was

Touch Screen Voting

These are a kiosk through which to vote. It has a computer screen, easy to use computerized menus, and you interact by touching the screen. What could be more Cool New Thing than that, I ask you?

[November 1, 2004; During the 2000 election Ralph Nader strongly promoted "instant runoff" voting. Instant runoff voting would have made for a different way to solve the 2000 election fiasco than the "touch screen voting" system examined on this page.]

Touch screen voting has the potential to be great, but for the security issues. The design they have rolled out has no paper trail. The obvious question being begged is, what if someone were to rig the machines? If there's no paper trail, there's no way to independantly verify anything. Any election with the possibility of impropriety, well, we have the experience of Florida in 2000 to guide us. That was a difficult time, with two candidates who believed they had been elected, both demanding a fair count, and the fair count being fraught with error. Wind ourselves a few years into the future, with no paper trail and the possibility of election fraud, and what would happen?

[Oct 13, 2003; Wired News; wired.com/news/politics/0,1283,60563,00.html] Did E-Vote Firm Patch Election? Diebold Election Systems has had a tumultuous year, and it doesn't look like it's getting any better.

... Now a former worker in Diebold's Georgia warehouse says the company installed patches on its machines before the state's 2002 gubernatorial election that were never certified by independent testing authorities or cleared with Georgia election officials.

If the charges are true, Diebold could be in violation of federal and state election-certification rules. The charges also raise questions about the integrity of the Georgia election results and any other election that uses patched Diebold systems that have not been re-certified.

The article goes on for three pages, and has these points to make:

  • A former worker is alleging that Deibold patched the voting machines just before the election.
  • The Republican won the race in a result that went far against the predicted outcome from polling. Further it is the first Republican win for the Georgia Governors seat in over 150 years, and a rare time when a Democratic Governor lost his bid for a second term.
  • The former worker claimed that 25-30 percent of the voting machines were malfunctioning, and the patches were needed to make them reliable.
  • Patches were applied without recertifying the machines. The patches were applied 1 month before the election, and recertification would take 6 months.
  • The former worker alleges being in meetings where Deibold employees debated how much truth to tell the Georgia officials.
  • Both Deibold and Georgia officials either deny the allegations, or refuse to comment.

Obviously a computer system needs to be updated as bugs are found. However for something as sensitive as an election, you must tread very carefully around these issues.

That the machines were not recertified after patching is troublesome. Presumably the certification process is thorough enough to prevent fraud by anybody. But any time you update (patch) a computer system not only can the beneficial code be added, the code can be harmful. The patch could be any software, and doesn't have to be just the changes needed to fix a bug. Hence, someone could sneak a back door into the voting systems to rig the outcome of the election. That is, unless the machines are formerly certified and software changes rigorously controlled.

But, that's only because there is no paper trail.

If the machines produced an easily verifiable piece of paper, then the machines couldn't be a source of election fraud. And it wouldn't be all that hard, and it could still be a Cool touch screen voting machine. Here's what you would have to do:

  • Touch screen voting machine lets voter pick their candidates with great ease.
  • The voting machine has no wires, or other network connectivity, other than a power cable.
  • When the user is done voting, the machine prints out a summary sheet listing their vote.
  • The summary sheet is printed with a controlled text font making it both easy to scan using an Optical Character Recognition (OCR) computer, and easy to read by humans.
  • The person voting reviews what's printed on the sheet, and then carries it to the poll worker who puts it in a box as is currently done.
  • The elections commission has OCR computers to scan all the vote printouts. If there's a misfeed, it's trivial to check what the intended vote was and could be a normal part of the process to manually enter any votes that misfeed.
  • If the election results are called into question, the election officials can easily read what the intended vote is.