Issues over the Horizon

The Day After

When Electronic Voting Machines Fail

By Ian P. Cook

Ian Cook is a RAND management systems analyst with expertise in technology, information, and innovation.

In any democracy, delivering on the promise that every vote should count depends fundamentally on the ability to count votes accurately.

In the wake of the contentious 2000 presidential election, the Help America Vote Act of 2002 spurred rapid adoption of electronic voting machines as a supposedly superior method to that of punch cards. Today, 84 percent of registered voters live in precincts that rely on computers for voting, ballot counting, or both.

But huge questions remain about the reliability of these machines and their susceptibility to error and fraud. While computer experts debate the machines’ merits and faults, policy-makers need to confront the real threat of a spoiled election. In the Arkansas primary elections this past May, two voting machines allocated votes cast in one race to another, resulting in the wrong candidate being declared the second race’s victor. Local election officials discovered the error while investigating a separate, unrelated voting glitch. A paper trail allowed them to correct the error, but the cause remains unknown.

Computerized voting is not simply a new twist on the old problem of vote tampering; computerized voting introduces verification problems that cannot be addressed through traditional means. The computer software that either registers or counts votes is so complicated that it can almost never be proven free of error or malicious code. During elections, officials cannot monitor the machines for anything more than superficial problems. Serious flaws can be misdiagnosed, allowing the machines to be left in use.

Voting machines are produced by a limited number of companies with an equally limited interest in broadcasting the prevalence of any security issues. Bugs or malicious codes are propagated as each machine is built, replicating any underlying problem. For those with ill will, the cost of producing a fraudulent vote is radically lower than it was before.

Election audits are not uniformly required or implemented across the United States, allowing for the possibility that errors may go unnoticed or that fraud may be targeted at precincts with slack rules. Auditors might not see enough irregularity to cause concern on a precinct-by-precinct basis, while problems in the aggregate could decide an election.

Princeton University Professor Edward Felten
Princeton University Professor Edward Felten and two graduate students released a report and video in 2006 on how easily they tampered with a commonly used electronic voting machine. One of the graduate students picked the lock in ten seconds and installed malicious software in less than a minute, showing the potential to rig elections.

Recounts are usually triggered only in a close election, rather than as a tool to locate and root out error or fraud. Even if a paper trail is produced from a computerized voting machine, hand recounts are highly uncertain, proving to be less reliable in closer elections — precisely when an accurate accounting of each vote is most precious. Moreover, paper trails that indicate problems do not reveal anything about the underlying causes.

Readily apparent — and woefully unaddressed — is the fact that computerized election systems demand a dramatically more robust audit process for certifying election outcomes than is currently in place. Post-voting testing protocols for machines need to be developed on a scale large enough to reproduce errors or fraud that might have been introduced during an election. State election officials need better statistical guidance, to know when results warrant further investigation and how to distinguish error from fraud.

Transparency has to be the watchword — not only for the software inside the machines, but also for the data produced by the election itself. Election bodies could help deter threat of fraud, raise the likelihood of detecting systematic error, and elevate the level of public trust by facilitating, or even mandating, electronically available, open-access vote tallies that would enable wide-scale investigation by any interested party.

Refining voting machines alone cannot guarantee election security. Nor should we turn back the clock and ignore the benefits of electronically enabled voting. Rather, in the face of ever-greater reliance on electronic tools, the nation must confront the demonstrated likelihood of an election decided by error or deception — and take quick steps to minimize it. square