Download Locations:
Summary:
In July 2003, computer scientists from Johns Hopkins and Rice Universities
released a security analysis of software purportedly from a direct recording electronic
(DRE) touchscreen voting machine of a major voting-system vendor. The study drew
public attention to a long-simmering controversy about whether current DREs are
vulnerable to tampering that could influence the outcome of an election.
Many innovations that have become familiar features of modern elections, such
as the secret ballot and mechanical lever voting machines, originated at least in part
as a way to reduce election fraud and abuse. Computer-assisted counting of ballots,
first used in the 1960s, can be done very rapidly and makes some kinds of tampering
more difficult. However, it does not eliminate the potential for fraud, and it has
created new possibilities for tampering through manipulation of the counting
software and hardware. DREs, introduced in the 1970s, are the first voting systems
to be completely computerized. Touchscreen DREs are arguably the most versatile
and user-friendly of any current voting system. Their use is expected to increase
substantially under provisions of The Help America Vote Act of 2002 (HAVA, P.L.
107-252), especially the requirement that, beginning in 2006, each polling place used
in a federal election have at least one voting machine that is fully accessible for
persons with disabilities.
With DREs, unlike document-ballot systems, the voter sees only a
representation of the ballot; votes are registered electronically. Some computer
security experts believe that this and other features of DREs make them more
vulnerable to tampering than other kinds of voting systems, especially through the
use of malicious computer code. While there are some differences of opinion among
experts about the extent and seriousness of those security concerns, there appears to
be an emerging consensus that in general, current DREs do not adhere sufficiently
to currently accepted security principles for computer systems, especially given the
central importance of voting systems to the functioning of democratic government.
Others caution, however, that there are no demonstrated cases of computer tampering
in public elections, and any major changes that might be made to improve security
could have unanticipated negative effects of their own. Several proposals have been
made to improve the security of DREs and other computer-assisted voting systems.
They include (1) ensuring that accepted security protocols are followed appropriately,
(2) improving security standards and certification of voting systems, (3) use of opensource
computer code, and (4) improvements in verifiability and transparency.
Much of the current debate has focused on which such proposals should be
implemented and through what means - in particular, whether federal involvement
is necessary. Some states are already addressing these issues. The Election
Assistance Commission established by HAVA will have some responsibilities
relating to voting system security and could address this controversy directly. Some
observers have also proposed federal funding for research and development in this
area, while others have proposed legislative solutions including enhancement of the
audit requirements under HAVA.
