Skip to main content
The Web    CNN.com      Powered by
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
SERVICES
 
 
 
 
 
 
 
SEARCH
Web CNN.com
powered by Yahoo!
Law
 

Paper trail should be required for electronic votes

By Anita Ramasastry, FindLawexternal link Columnist
Special to CNN.com


FOR THE PUBLIC  External site icon


LAW DICTIONARY  External site icon

On September 14, the Maryland Court of Appeals -- the state's highest court -- issued a crucial ruling. In its decision, it rejected a challenge to Maryland's current electronic touch-screen voting machine system -- slated to be used on November 2, everywhere in the state but in Baltimore.

Maryland's system uses Diebold's direct recording electronic (DRE) voting machines. The plaintiffs in the lawsuit requested that the court order the state to equipped these machines with printers -- which would then provide voters with a paper receipt as evidence of their vote. The court refused.

In this column, I will argue that the Maryland court got it wrong. Paper records are essential both to ensure voter confidence in electronic voting, and to safeguard against possible machine malfunctions or tampering. Experts say DRE machines are prone to bugs and vulnerable to hackers.

So unless a paper trail exists, voters and candidates will be left guessing whether the machine truly recorded the votes intended. And if there is tampering or a malfunction, unless there is a paper trail, there will be no remedy -- for there will be no other record of the votes that were cast.

Your ATM gives you a receipt; why shouldn't your voting machine?

Nearly one in three voters nationwide is expected to use electronic voting machines in the November 2 presidential election. Estimates suggest that 36 million votes will be tabulated this way. If paper receipts are not mandated, catastrophe may occur.

Laudably, Ohio and California are taking affirmative measures to require paper trails. But other states, such as Maryland, are not. And even the California and Ohio measures will not become effective until 2006. It's time for Congress to step in.

The Bush v. Gore Court recognized that voting in a federal election is a federal constitutional issue. In addition, it held that states must choose vote-counting mechanisms that comply with Due Process and Equal Protection. This holding applies to electronic voting, just as it does to paper voting. (Indeed, electronic voting may be even more prone to tampering and to mistakes than paper voting, as I will explain.)

There are several provisions currently before Congress that would require voter verified paper ballots to accompany use of electronic voting systems. This legislation is a critical means of maintaining confidence in our electoral system,

How DRE machines work

Of course, it was the presidential election recount battle in 2000 that has prompted the move toward electronic voting. The election -- with its controversies over butterfly ballots and hanging chads -- cast a very unflattering light on old-fashioned, paper-based voting methods.

Accordingly, in a direct response to Florida 2000, Congress provided funding through the Help America Vote Act to allow states upgrade their voting systems. Using this funding, many states opted to move from paper voting, to computer voting. And many opted for the DRE machines.

Here's how the DRE machines work: The machines record votes on digital memory cartridges. When the polls close, the cartridges are removed from the touch-screen machines. The cartridges are then hooked up to a computer, which downloads and tabulates the voting data.

Mistakes are already occurring

The result of the cartridge-and-computer system is that the only way a candidate can investigate questionable election results is by examining the voting systems' software code. Yet without a court order, that may be impossible.

Such codes are proprietary -- and thus kept strictly secret by a contract between the private company and its government client. Also, what if the problem is not in the software, but in the hardware? It might never be caught.

County election officers and voting-equipment company executives stress that voting machines and software are carefully examined by federal and state inspectors before receiving approval, and tested pre-election. But numerous mistakes already have occurred.

In January 2003, it was revealed that Diebold's FTP server was making its software source code available for anyone to see -- and thus making the code far easier to hack.

In November 2003, Georgia DRE voting machines failed -- due to a programming error -- to properly record write-in votes. Fortunately, there was a paper trail. Otherwise, it's not clear what the officials could have done.

In December 2003, a California state report revealed that seventeen California counties had used Diebold systems that were allegedly running software not approved by the State. And three of the seventeen counties -- including Los Angeles, the state's largest -- were using Diebold software that may not have been submitted for federal review.

In the March 2004 California primary, about 573 of 1,038 polling places in San Diego County failed to open on time because of computer malfunctions. Reportedly, the voting machines froze or displayed unfamiliar screens and error messages. Failure rates were 24 percent in Alameda County and about 40 percent in San Diego County.

In April 2004, California's Secretary of State, Kevin Shelley, held hearings regarding these malfunctions. Ultimately, California's Voting Systems and Procedures Panel, by an 8-0 vote, recommended that California cease the use of certain Diebold machines. (Shelley also banned one Diebold voting system in particular -- one similar to the machine to be used in Maryland).

This month, California dropped a pending criminal investigation into Diebold. However, Attorney General Bill Lockyer has announced that the State will join an existing civil lawsuit charging that the company made false claims about the machines' reliability.

The suit alleges that Diebold sold voting machines to Alameda County that were not federally certified and not adequately protected against tampering. The lawsuit seeks restitution of some $12 million paid for the machines.

Plainly, these machines cannot be trusted to safeguard our precious right to vote -- or our precious democratic system. Fortunately, however, there is a solution that does not require junking the machines -- which were costly -- but simply modifying them.

How mandating a paper trail would help

Johns Hopkins computer scientists have highlighted the DRE machines' vulnerabilities. In a July 2003 report, they revealed the machines' security flaws, and concluded that hackers could easily crack the computer code.

Subsequently, the same scientists were asked to examine Maryland's DRE systems, in particular, they found that they were able to gain control of the system, corrupt vote counts, and delete election results. Obviously, Maryland has a problem -- though its judges have refused to recognize that.

To address these flaws, the Johns Hopkins report recommended the use of an "electronic voting system that produce a paper trail that can be seen and verified by the voter."

Why would a paper trail help? There are several reasons.

First, if the receipt were incorrect, the voter could call attention to the problem. If a Bush voter saw Kerry's name on her receipt, or vice-versa, she could go to the local election official and complain. The receipt would be anonymous, and she would not have to reveal how she had voted. But she could let the official know that the vote she cast, wasn't the vote that was counted.

We wouldn't use ATMs that didn't give us a record of how much we'd withdrawn, or deposited. Why should we use voting machines that give us no receipt -- and thus, no recourse?

Second, even if there are no problems with the machines, the receipt would enhance voter confidence in election results -- an especially important goal, given the dissatisfaction and distrust inspired in many Americans by the 2000 election.

Third, with a paper trail, a paper recount could occur, if necessary. An electronic recount of an electronic vote might just repeat the problems of the initial count. But a paper receipt could provide an independent way to recount. Yet unlike with butterfly ballots and hanging chads, the paper receipt could be as objective -- and easy to read -- as an ATM receipt.

Fourth, with a paper trail, an election could easily be audited for fraud or tampering. The paper totals could be compared with the machines' totals. But without paper receipts, there's no comparison to make: We must simply trust the machine.

Paper receipts ought to be mandated by federal law

In much of the country, the black box replaces the ballot box -- with DRE machines offering voters no assurance that their vote was properly counted, and keeping no paper record of that vote.

Understandably, concern is growing that local officials are becoming dependent on a handful of private corporations to ensure the integrity and accuracy of elections. And given the corporations' already-spotty track record, it seems that dependency is very dangerous. Paper receipts are the obvious answer: Without them, there is no safeguard, and no way to double-check results.

Some have claimed that the DRE machines cannot be modified to provide a receipt prior to the November election. But even if this is so, voters could at least be asked to both use the machines and fill out paper ballots -- so the paper ballots could be used for a recount or audit if necessary.

Florida gave recounts a bad name. But there is something much worse than a recount: The utter inability to recount votes, and reconstruct voters' true intent, in light of a serious computer error. If our voting computers malfunction this November, we will have no recourse.

tz.ramasastry.jpg

Anita Ramasastry is an Associate Professor of Law at the University of Washington School of Law in Seattle and a Director of the Shidler Center for Law, Commerce & Technology.


Story Tools
Subscribe to Time for $1.99 cover
Top Stories
CNN/Money: Ex-Tyco CEO found guilty
Top Stories
CNN/Money: Security alert issued for 40 million credit cards

City:

International Edition
CNN TV CNN International Headline News Transcripts Advertise With Us About Us
SEARCH
   The Web    CNN.com     
Powered by
© 2005 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser.
CNN.com does not endorse external sites.
 Premium content icon Denotes premium content.
Add RSS headlines.