June 4, 2006

Electronic voting is for the birds

By: Tim Lee

Did George Bush steal the 2004 election?

Some left-wing activists are convinced he did. They point out that initial exit poll results in swing states predicted a Kerry victory. And they note that Walden O’Dell, the head of voting machine manufacturer Diebold, wrote in a 2003 fundraising letter that he was “committed to helping Ohio deliver its electoral votes to the president next year.”

Personally, I don’t find their evidence very compelling. Exit polls can be wrong for a variety of reasons, and the O’Dell quote only proves that he was a partisan Republican, not that he did anything illegal.

What’s disturbing, however, is that our nation’s headlong rush to adopt computerized voting machines has given such conspiracy theories a certain air of plausibility. There’s little evidence of foul play in this case, but there are good reasons to be concerned. Last month, a consumer group released a report warning of serious security problems with Diebold voting machines. The report shows that it’s possible to install malicious software in minutes that could surreptitiously miscount votes.

Presumably, Diebold will fix the flaws uncovered by this study. But many computer security experts believe that such problems are inevitable with computerized voting machines.

The computer chips at the heart of the new machines get their power from the fact that they’re programmable. But when it comes to voting machines, this strength becomes an Achilles heel. A malicious individual can change the functionality of the machine by changing its software, and the change can be camouflaged by mimicking the behavior of the original software. Because of this mimickry, there’s no surefire way to verify that a machine’s programming hasn’t been tampered with.

There are some ways to minimize the risk of malicious tampering with voting machines. One would be to require that the machines’ source code be made available for public inspection, so that security researchers can examine it and bring flaws to the attention of election officials. Voting machines could also be required to automatically produce a paper record of each vote cast, and an opportunity for the voter to inspect the paper record to verify that the vote was correct. That would both make it easier to detect tampering and give poll workers a way to verify the integrity of the vote totals if foul play is suspected.

But it’s worth asking a more fundamental question: why are we using computerized voting machines in the first place? The most important characteristic of a voting system is not speed or user-friendliness. It’s not even accuracy, although accuracy is certainly important. Even more important is transparency; it’s important that vote-counting procedures be understandable to ordinary citizens, so that they will have confidence in the outcome.

Here, computerized voting machines fall woefully short, because their inner workings are only understandable to computer programmers. Should there be a dispute over the validity of election results, the general public will have little way to evaluate the competing claims for themselves, as each side will doubtless be able to find computer experts to bolster their argument.

As we learned from the 2000 elections, older punch-card voting machines are flawed and need to be phased out. But precincts with newer optical-scan voting machines have reported much lower error rates. And such systems have the advantage that in the event of a dispute, it’s always possible to count the ballots by hand.

We’ve grown accustomed to assuming that computerized devices are always better than older technologies. That’s true of most devices, but it’s probably not true of voting machines. When it comes to our elections, it would be a good idea to follow the KISS principle: Keep It Simple,
Stupid.

Tim Lee is the science and technology editor of Brainwash and the editor at the Show-Me Institute, a Missouri think tank. His website is www.angryblog.org.