Hosted by the Caltech/MIT Voting Technology Project, a seminar entitled “Election Integrity: Past, Present, and Future” will commemorate the 25th anniversary of the First National Symposium on Security and Reliability of Computers in the Electoral Process, held in Boston in 1986.  

The panelists will look back at the issues that first aroused concerns about the use of computers in public elections a quarter of a century ago, then assess the current situation and future directions for enhancing election integrity. The goal is also to continue dialogues among all stakeholders in the election process, including election administrators, technical professionals, academics, citizens, and vendors. There will be a Q&A period following each panel.

From the MIT website:
A renewed focus on voting technologies and election administration erupted following the 2000 presidential election and the recount controversy in Florida. Since 2000, the focus of analysis has expanded to consider other vital aspects of U.S. public elections, including transparency and the public verification of election results. (more)

I visited Estonia in mid-July of this year at the invitation of Edgar Savisaar, the country’s first prime minister and current mayor of Tallinn. Mr. Savisaar is the leader of the Centre Party, which placed second in recent national elections. The Centre Party and Mr. Savisaar have been questioning the outcome of the Internet voting portion of those elections. They invited me to Estonia because of a presentation I made at a European Parliament panel on the risks of Internet voting.

I told my hosts that I was happy to discuss the risks of Internet voting, but I would not comment on internal Estonian politics. When asked whether or not I thought the national election was rigged, I refused to comment, aside from saying that no one could prove that it was or was not rigged, because there is no way to conduct a recount of an Internet election.

The Internet portion of the 2011 election lasted from February 24 to March 2, with paper balloting conducted on March 6. The Internet vote was counted the evening of March 6. Estonian law allows complaints to be submitted only during the 3 days immediately following the procedure being challenged. Since Internet voting is considered separate from paper voting, the final day for submitting complaints about Internet voting was March 5. Graduate student Paavo Pihelgas was the only person who submitted a complaint by the deadline. (The Centre Party and independent candidates tried to file complaints, but they did not do so within the required 72 hour time frame). (more)

Military and overseas voters saw improvements in their ability to vote in 2010, thanks to the Military and Overseas Voter Empowerment Act (MOVE) passed in late 2009, according to a report to Congress last month by the Military Postal Service Agency (MPSA). The report indicates that MOVE will improve things further as its provisions become better known and implemented.

The MOVE Act required states to send ballots to military and overseas voters at least 45 days before election-day in federal elections so they have time to return their voted ballot. MPSA must pick up ballots for return to election offices no later than 7 days before election day. MOVE also sped up the process by requiring states to offer electronic transmission (website, email, fax) of blank ballots and registration materials. The law stopped short of establishing electronic return of voted ballots because ballots cannot be secured against undetected interception and manipulation over the internet. New procedures were implemented for 2010, coordinating MPSA with USPS, including the use of Express Military Mail Service (EMMS) for uniformed overseas service members and their families.

(more)

In the August 3 primary in Mississippi voters experienced voting machine problems: candidates’ names and entire contests missing from the voting machine screens and equipment failing to booting up properly. Problems were reported in Hinds County, which uses the Advanced Voting Systems Winvote and in several counties that use the Premier  (Diebold) TSx equipped with a voter-verifiable paper audit trail printer.

Advanced Voting Systems has been out of business for several years after they failed to meet requirements for certification to Federal voting systems standards but their machines are still used in Hinds County and in several jurisdictions in Virginia.  The same type of AVS machine produced still-unexplained anomalies in Fairfax County, Virginia in 2009. The majority of Mississippi counties use the Premier TSx and most are equipped with voter verified paper audit trail printers, though the printers are not required by state law or regulation.

(more)

I am very concerned about the widespread push toward Internet voting in the U.S., of which email voting is just one kind.  Neither the Internet itself, nor voters’ computers, nor the email vote collection servers are secure against any of a hundred different cyber attacks that might be launched by anyone in the world from a self-aggrandizing loner to a foreign intelligence agency. Such an attack might allow automated and undetectable modification or loss of any or all of the votes transmitted.

While all Internet voting systems are vulnerable to such attacks and thus should be unacceptable to anyone, email voting is by far the worst Internet voting choice from a national security point of view since it is the easiest to attack in the largest number of different ways.

The technical points I am about to state are not my opinions alone. The computer security research community in the U.S. is essentially unanimous in its condemnation of any currently feasible form of Internet voting, but most especially of email voting. I strongly urge legislators in states considering e-mail voting to request testimony from other independent computer network security experts who are not affiliated with or paid by any voting system vendor.  Email voting is extremely dangerous in ways that people without strong technical background are not likely to anticipate. (more)

The second risk-limiting audit under California AB 2023 was conducted on May 6 in Monterey County. The contest was a Special all-mail election for Monterey Peninsula Water Management District Director, Division 1.  Monterey uses Sequoia equipment. There were two candidates: Brenda Lewis and Thomas M. Mancini, and write-ins. 2111 ballots were cast in all.  The reported totals were 1353 reported for Lewis, 742 for Mancini, and 13 write-ins. The remaining 3 ballots were recorded as undervotes and overvotes.  Lewis was reported to have 64.18% of the valid votes.

Two members of the public observed the entire audit process, which took roughly 90 minutes including some preliminary explanation of the procedure. They confirmed that their interpretation of the ballots agreed with mine and the elections officials’, and they helped roll the dice used to select ballots at random.  In conversations afterward, they seemed quite satisfied with the transparency of the procedure (although perhaps not utterly convinced by the mathematics that justified the details).

The audit was performed as follows. After the ballots had been tabulated officially, elections officials Bates-stamped each with a unique serial number (1962 ballots that were scanned had been stamped prior to audit day; the remaining 149 were stamped as part of the audit). It is my understanding that stamping the ballots took about 5 person-hours in all. (more)

This article was posted at the CT Mirror and is cross-posted here with permission.

Online voting is an appealing option to speed voting for military and overseas voters. Yet it is actually “Democracy Theater”, providing an expensive, risky illusion of supporting our troops. Technologists warn of the unsolved technical challenges, while experience shows that the risks are tangible and pervasive. There are safer, less expensive solutions available.

This year, the Government Administration and Elections Committee held hearings on a bill for online voting for military voters. Later they approved a “technical bill”, S.B. 939. Tucked at the end was a paragraph requiring that the Secretary of the State “shall, within available appropriations, establish a method to allow for on-line voting by military personnel stationed out of state.”

In 2008, over thirty computer scientists, security experts and technicians signed the “Computer Technologists’ Statement on Internet Voting,” listing five unsolved technical challenges and concluding: “e believe it is necessary to warn policymakers and the public that secure internet voting is a very hard technical problem, and that we should proceed with internet voting schemes only after thorough consideration of the technical and non-technical issues in doing so.”

The prevailing attitude seems to be, if voters and election officials like it and see no obvious problems then it must be safe. (more)