The computer ate my vote

"The computer ate my..." sounds like the setup for a bad excuse you'd hear in grade school. But the headline of this column, which appears on T-shirts from the activist group True Majority, points to not-so-funny problems that some voters encountered in past elections, and that may affect others in November.

Regardless of whether you vote for Bush or Kerry (or anyone else), chances are a good portion of you will be casting those ballots on a touch screen or a similar electronic device. You, like some of the editors at PC World, may even be among the millions who have already cast votes electronically in the primaries earlier this year, or in state and local elections in the past few years.

Odds are also good that if you have cast your vote electronically, you probably liked the experience and found it to be easy, efficient, and convenient -- which is precisely what it's supposed to be at its best. If you have a disability, need larger type to comfortably read your choices, or prefer to have a ballot in Spanish or Japanese or Polish -- or any other language -- an e-ballot may have met your needs, quickly and effectively, for the first time.

But you may also be among those who were turned away from polling places in this year's California primary because of machines with faulty batteries, or whose votes disappeared in Virginia County in 2003, or who got the wrong ballot from poll workers, which has happened on numerous occasions.

In the wake of problems in California, a state report presented at hearings in April even recommends removing some of the e-voting systems used. California's Secretary of State Kevin Shelley did just that last week, banning the Diebold Inc. machines used by four California counties, and ordering ten other counties to either add a paper trail or follow 23 security guidelines if they want to use their e-voting systems in November. (Shelley also requested a criminal and civil investigation of Diebold.)

Flaws and laws

Over the past year e-voting's flaws have been glaringly highlighted, with critics pointing to glitches that have occurred in elections, insufficient security of the machines and their data, questionable conduct by some e-voting vendors, and clear violations of federal and state certification guidelines -- all of which make suspect the supposedly reliable machines' vote counts.

There are now at least three bills in the Senate (S.1980, S.1986, and S.2045) and another in the House of Representatives (H.R.2239) that address the problems with e-voting by advocating some sort of voter-verified paper trail. That won't get rid of the problems per se, but it will help voters spot a miscount of their votes as they're cast, and will raise confidence in case a recount is needed.

However, even if one of these bills gets passed into federal law, there is no way a paper trail system could be ready and deployed by November's elections in all 27 states that have already bought e-voting machines. (California and other states also have mandated paper trails, as well, but it's also highly unlikely that these will be in place by November.)

And paper trails won't cure all of the ills -- of varying severity -- that taint the e-voting process.

Works in progress

The technology isn't wholly unreliable, nor is it much worse than others out there, including paper ballots and scanning systems. And the 2001 Caltech/MIT study of different voting systems' reliability showed that e-voting systems got better over time.

But there weren't supposed to be problems like this. E-voting was supposed to be the cure for all the ills of the 2000 election, and to meet the requirements of the Americans With Disabilities Act as well. In 2002, with the Help America Vote Act Congress allocated nearly 4 billion dollars to make it all happen by this year's presidential elections.

No such luck.

No panacea

We wanted voting systems to be perfect, but they're not. Like many electronic devices more complicated than a toaster, they're not quite finished yet. Software and firmware upgrades continuously aim to make the voting process smoother and easier, and hardware gets more compact or more reliable. That's progress.

However, voting systems aren't supposed to be treated like PCs, where patches and security updates are seemingly released every other week (Diebold may be one of the worst offenders on this point, but it is not alone). At some point -- in time for full federal and local certification of systems, one hopes -- code and hardware just have to freeze. And our elected officials have to enforce that.

Yes, that may mean that some bugs don't get fixed prior to an election, but I think that's well balanced by a better understanding of the existing systems, warts and all, by most everyone involved, and the certainty that everything that's there is in fact supposed to be there, in every machine -- no more, no less. There should be no rushing to deal with last-minute fixes that have not been tried and certified, and with flaws that have yet to be discovered.

We also have to resign ourselves to the necessity of contingency plans (leading to higher costs) to ensure that no voter gets turned away on election day. When glitches happen -- and they will, probably for years to come -- they won't be fixed immediately. Because these systems are not as simple as paper and pen, election officials and poll workers can't be expected to anticipate all the possible problems. No matter how much training they get, they won't suddenly become IT experts. They're not supposed to be rebooting systems or deciphering error messages flashing on an e-voting system's equivalent of the Windows blue screen of death.

Fixing the system

As everyone becomes more familiar with the technology, problems should diminish, just as basic problems with PCs have. Moreover, if all the pieces are certified before they get to a polling place, perhaps election workers will have a better idea of what to expect and counties may have better plans in place to take care of potential problems as they happen.

Paper trails won't address these issues; stricter enforcement of certification, as mandated by a couple of the Senate bills, will. Some states need only enforce more consistently the certification requirements they already have in place.

The certification guidelines themselves need work. Updated in 2002, they address all the right things: accuracy, reliability, security, and the like. But they apply to multiple systems, both paper and electronic, so they're somewhat vague. And they allow vendors to decide how they will achieve the mandated goals. (Even the FAQ acknowledges the guidelines may never be fully up to date, and a new agency is working on yet another update to the rules.)

States have their own guidelines, and perhaps this is where government should get more specific about how security is implemented and the minimum standards vendors must meet. For example, the RABA Technologies report to the state of Maryland on e-voting has some good suggestions on that point.

More troubling, however, is that only one of the bills in congress, the SAVE Voting Act (S.2045) sponsored by Senator Barbara Boxer (D-California), addresses the problem of insider tampering. This is seen by experts that PC World spoke with as the most likely way for someone to steal whole elections. And Boxer's bill only scrutinizes programmers responsible for code -- it doesn't get into ethical issues of conflict of interest or undue influence that may be caused by election officials going to work for e-voting system makers, or elected officials owning stock in e-voting companies, for example. Nor does it set up guidelines for the kind of track record that voting equipment companies should have for meeting certification requirements or equipment reliability in order for government officials to continue doing business with them.

We need to tackle those issues, too.

E-voting is already fairly good, and it has a lot of potential. But we were kidding ourselves to think it wouldn't also have problems, especially given how quickly it was deployed. Now that the blinders are off, we need to address the problems, not just condemn the technology. The good news is we can, and we can do it successfully. It'll just take time.

Readers speak out: Adult top-level domains

In last month's column on the Child Online Protection Act, I mentioned .kid Internet zones as a possible aid to help parents filter objectionable content away from their children. Several readers wrote in with a further suggestion: creating either .adult or .nc17 type domains, to further help filters work the way they're supposed to.

The idea has practical problems. For example, how do you judge what site needs such a domain in not-so-clear cases, such as advice sites where content may be explicit but not exactly pornographic? Do you make such domains mandatory? Under what circumstances? But I think it's a step in the right direction. It's certainly better than the government's proposal, which involves user registration with credit cards or other ID to prove age in order to access adult content.

Join the newsletter!

Error: Please check your email address.

More about MIT

Show Comments