May 22 2007
Electronic voting
Still in the news, too. And all the same issues still exist! While writing this week's column, I found this in the Irish Times archive -- written in 2002, well before the kerfuffle that led to the topic becoming a national issue and the establishment of the committee set up to examine the issue for Government -- which recommended all those €55 worth of e-voting machines be mothballed.
Electronic vote poses big security risk By Karlin Lillington NET RESULT: Last May, during the general election, the State experimented with electronic voting. Not widely - only a couple of constituencies used the new system. But the Government showed clear intent to introduce electronic voting throughout the State, with an eventual move to internet-based voting. We've got a big vote tomorrow, some of it to be conducted electronically. I used to think this was a great idea. Now I am a complete sceptic. I don't think we should be using these systems at all and here's why. It's not for the reason most people have put forward, that it is cruel to just announce without warning that a politician has lost his or her seat. This perspective was offered many times after the painful scene of Ms Nora Owens finding out, in the glare of TV spotlights, that she had lost her seat in the last election. Simply by offering regular tallies of the electronic vote - say, hourly - would resolve this problem, if people want to retain a running-tally style of reportage on elections. Alternatively, politicians are hardly delicate flowers. They make it to the Dáil after the rough and tumble of political debate and gruelling campaigns. To suggest that they cannot adjust to a new reality of knowing immediately if they have won or lost is utterly ridiculous. Political skin is among the thickest in the animal kingdom. No, the reason to object to electronic voting is that, technologically, it still falls shockingly short in terms of security. Any near-term move to internet-based voting would be even more short-sighted. A report completed in 2001 (after the Florida voting fiasco in the US presidential election) by the California and Massachusetts Institutes of Technology (the report is available at www.vote.caltech.edu/Reports/ index.html) noted that electronic voting machines produce the second-highest rate of unmarked, uncounted and spoiled ballots in US elections over the past 12 years. (Lever machines have the worst rate.) Industry group the US Public Policy Committee of the Association for Computing Machinery also warned of the inadequacies of electronic voting systems in an open letter to the US Congressional Science Committee: "While we recognize growing public demands seeking a technological solution to voting problems, we urge Congress to review the complex technical issues in formulating voting technology and standards legislation. The potential risks of fully electronic and especially internet-based voting are enormous and comprehensive technical assessments must be conducted by vendor-neutral experts. The well-intentioned but premature establishment of a vulnerable system for voting could result in unintended consequences undermining the confidence, integrity and accuracy of the nation's electoral process." What are the technological problems? These can be summarised as concerns about the ability to guarantee voter anonymity, auditability, accountability and recountability. But those can be boiled down to one key problem: computer systems fail. They do not have adequate means of doing the electronic equivalent of recounting a paper ballot without either compromising the anonymity of the individual voter, nor guaranteeing that those who administer the voting system cannot tamper with the vote. Put it this way: how many developing nations would trust their governments or unknown individuals in generally unknown companies to conduct an election electronically? And why should we, here in the Republic? Both the machines and the voting procedure must be overseen at present by what one expert calls "a technological elite" who understand how they work and how to read their results. That's why many security experts believe all electronic voting systems must, at the very least, be built on "open-source" computer code - code not held as a proprietary secret by a company, but code in the public domain - that a wide community of computer experts can examine at any time to make sure that malicious code has not been inserted. Electronic voting machines now are susceptible to tampering, either by those who might want to throw an election a certain way (for political reasons or simply because they were paid off), or by those who might want to sabotage an election. New York City spent $60 million (€61 million) in 1992 to commission an electronic voting system that it abandoned eight years later because it was deemed to be inadequate and insecure. In the face of such evidence, the State's insistence on ploughing ahead with electronic voting seems either incredibly naïve or short-sighted. And as for internet voting? Here's what renowned security expert Mr Bruce Schneier has to say about it: "A secure internet voting system is theoretically possible, but it would be the first secure networked application EVER CREATED in the history of computers." (His emphasis, not mine). Can we have paper ballots back, please? © 2002 The Irish Times
8 responses so far
Amen to that.
I really don’t understand this ignorant obsession with electronic voting. It reminds me a bit of the latin mass: nobody much understood what was going on but it was very sexy and mysterious. Though, to be fair, it had a bit of style to it.
Why add to the increasing complexity of modern living with electronic voting? The pencil and paper is tried and trusted and electronic voting is neither.
Seems to me the core issue is that there isn’t a simple verifiable piece of paper that can be referenced should the need come up.
I’ve been investigating the notion of ‘digital pens’ in my own environment (healthcare) for some time now & while it’s proved awkward to fit into the workflow I’ve looked at, it seems ideal for e-voting. The basic principle is that a device that looks just like a ballpoint pen (clunky but not obtrusively) writes on a piece of paper just like a pen but can automatically upload what you have written to a computer. You still have the paper for retrospective comparison. If I had any faith in public service procurement I’d have set up a start-up, but I don’t.
Anyway seems like all good ideas you can’t guarantee somebody else doesn’t have it:
http://www.anoto.com/Default.aspx?id=862&releaseid=263482
Interesting one, Martin.
I am normally in favour of letting computers do the work but in the case of e-voting without a paper trail I wouldn’t trust them as far as I could throw them.
If e-voting is introduced here, in the form in which it was proposed, wait for pressure for a first-past-the -post electoral system. The clumsy (but acceptable) compromises adopted in the paper count do not translate well into algorithm land.
PR has its faults but I would like to see the voting system decided on its merits rather than on the grounds of electronic convenience (and for whom?).
Check out this link for recent UK doubts about the whole thing.
We have the digital pen voting system ready for demonstrations and have already been present at 2 public election conferences with a new product. See http://www.votingindustry.com for more details.
Digital pen voting systems cannot meet basic requirements to the voting process:
- anonimity is not guaranteed: it is much too easy to print personalised ballots for the anoto system.
- the voting process is not verifiable by the average voter.
- it should take a large effort to make a large impact on the voting result. With electronic voting systems bribing a very small group of people is sufficient.
Stephan:
You are wrong as wrong can be. I will offer you the challenge to print your own Anoto ballot that will be accepted by our system. You CAN’T do it!!
The vote is in INK on paper and YES it can be verified. What else could you possibly want in verification. Or at least define that term. Verification is not the same thing as PROOF, and you must understand this.
I KNOW with certainty that you have not seen our system. As a result you should not run around making such claims. Let me ask you a fairly clear question: Do you believe that ONLY hand counted paper ballots are acceptable? If you answer YES, then I have nothing else to say to you because you are a Luddite and nothing will convince you.
If you answer NO, then you might be interested in something like Digital Pen Voting (as implemented by PenVote). If so, you might want to open your MIND and learn about how we are developing an OPEN SOURCE product, that is verifiable. The FACT is that digital pen voting offers the RICHEST PAPER BASED VOTING EXPERIENCE POSSIBLE. No other paper based system can do what we do. And if you like you are FREE to hand count our ballots as well. So what’s not to like?
But the simple truth is that our ANOTO ballots are FAR less possible to be reproduced than a standard optical scan ballot, or a plain paper ballot. Those basically have NO safeguards. But you clearly don’t understand what Anoto paper is all about.
It’s clear you do not understand the basic principles of voting.
The problem is not that I can print a ballot paper, it is that the unique number can be traced back to me, losing the anonimity that is essential.
I can understand elektronic systems, but I cannot see what is happening in them. Most voters do not understand elektronic systems. Voting should not be a black box system, people should be able to understand what’s happening. Currently the only voting systems satisfying this condition are paper-based, without involving electronics.