New Coalition Raises Concerns About E-Voting

BOSTON -- A host of computer scientists and activists have joined forces to form the National Committee for Voting Integrity (NCVI) and to throw down a gauntlet to presidential candidates, inviting them to take a stance on electronic voting.

The group seeks to require a mechanism for voters to verify ballot choices rather than simply enter them via a touch screen without confirmation, as many current Direct Recording Electronic (DRE) systems do. Supporting its position is California Secretary of State Kevin Shelley, who on Friday said all such machines used in the state must produce paper receipts by 2006. The secretary of state is responsible for certifying voting systems for use in California.

"Verified voting" systems as called for by the NCVI will provide an independent paper audit trail otherwise generally lacking in elections using the new systems, according to the group.

The letter the NCVI is sending to presidential candidates states, in part: "We are writing to you regarding the integrity of the voting machines in the United States. It is our view that some of the technologies that have been adopted to tabulate votes, both before and after the 2000 Presidential election, pose a significant risk to the integrity of the democratic process in the United States. We write to you specifically to ask your views on this matter. What steps do you believe should be taken to ensure the integrity of voting?"

The committee will post responses on its site,

California's Rule

Shelley also set new software testing and auditing requirements as and new security protocols for manufacturers of the touch-screen machines used to record and tabulate votes in California, the country's most populous state.

Beginning July 1, 2005, no county or city may buy an electronic voting system that does not produce a "voter verified paper audit trail." As of July 2006, all systems used in California must produce voter-verifiable paper audit trails, according to a statement from the Secretary of State's office.

California voters using touch-screen machines will be able to view a printout of their ballot to verify their vote before actually casting it. The paper ballots will remain at the polling stations and help ensure the accuracy of votes cast and the tallies conducted at the end of elections, particularly when recounts are required.

Shelley created a technical oversight committee and announced random field testing on election days to ensure the machines work properly. He also called on the federal government to improve its processes of testing voting machines.

Decision Endorsed

Shelley had created a task force in February to address concerns over voting machine security. The group consisted of computer experts, election officials, members of the general public, and representatives of the disabled community.

The a civil liberties organization Electronic Frontier Foundation hailed Shelley's decision as a "courageous and important step" in response to the growing public concern about the security of voting machines. The EFF hopes California will lead the U.S. in implementing secure electronic voting standards, the organization says in a statement.

Electronic voting is not yet widely used in California. In the October gubernatorial recall election, 9 percent of registered voters in four counties voted electronically, says Saskia Mills, a spokesperson for the California Voter Foundation, a nonprofit, nonpartisan organization that promotes the use of technology for voting purposes.

Other NCVI Missions

The NCVI is chiefly concerned with new computerized voting systems, many of which are being purchased as voting districts across the nation seek to comply with the requirements of the Help America Vote Act of 2002. A November 4 report from the Congressional Research Service of the U.S. Library of Congress, posted by the Electronic Privacy Information Center, also raises concerns about the reliability and security of these systems.

Committee members include Aviel D. Rubin, a professor of computer science at Johns Hopkins University in Baltimore who was also on a team that examined code said to come from a major vendor of DRE systems, Diebold. That team's analysis found the voting system it examined to be "far below even the most minimal security standards applicable in other contexts," and raised issues such as its alleged capability to improperly grant users higher access privileges than they are authorized, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes, according to an abstract of its report, published in July. Diebold has issued its own rebuttal to the report.

Diebold is in court on a related matter involving the online discussion of its electronic voting systems. Earlier this week, a federal judge in San Jose heard arguments over Diebold's practice of sending cease and desist letters to universities, ISPs, nonprofit groups, and individuals who linked from their Web sites to online archived material that Diebold claims was illegally copied from its own servers. The material involves internal Diebold documents allegedly evaluating the security of the e-voting machines.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon