It’s not like we weren’t warned. In the months leading up to the Nov. 2 elections, citizen activists and computer geeks alike pleaded with the State Board of Elections not to depend on paperless touchscreen computers–the direct recording electronic devices, or DREs, you’ve heard so much about by now–to count our votes in North Carolina. Please add printers to the DREs (they urged) so there’ll be a paper trail of the ballots just in case. “We don’t trust computer voting machines,” said Warren Murphy, a programmer himself as well as state chair of the reform group Common Cause, at a press conference in Raleigh on July 13. “They have failed too many times already, and our votes are too important to be lost.”
Hey, when you’re right, you’re right. And Murphy was right–on Nov. 2, we discovered that one of the still-paperless DRE machines in Carteret County had “lost” 4,438 votes. We know the exact number because the machine counted how many votes were cast; it just stopped recording what was on them when the software decided it was “full.” A “glitch,” in short. So sad. Votes gone. (However, since they were all “early” voters, we do know who they were.)
And as bad luck would have it for the SBOE, seeing how it had failed to take the geeks’ advice, the statewide election for agriculture commissioner was tight as a tick–less than 2,300 votes separated the leader, Republican candidate Steve Troxler, from incumbent Democrat Britt Cobb. What to do? Maybe Cobb would be ahead if those lost votes had been counted. (Unlikely, since Carteret votes Republican. But, we can’t just assume.)
The SBOE, more than two months later, is still struggling to decide how the outcome should be decided. Its latest scheme, a statewide rerun–at an estimated cost of $3.5 million–was shot down by a Superior Court judge last week. People are seriously talking about having the General Assembly make the call.
Oh, to have those ballot printouts now, eh?
Critics of the paperless DREs had insisted, too, that printouts were needed not merely to recapture lost votes but also to discover–and safeguard against–stolen votes.
That’s right, the critics warned, not printing out any ballots was an invitation to corrupt interests who could slip “backdoors” into the software, hack the results using modems and flash drives, and otherwise pull off stuff that, if you’re a Democrat, you absolutely know the Republicans would try to get away with if they could … and if you’re a Republican, well, you know what those Democrats would do given half a chance.
“We are in an American emergency,” wrote Ronnie Dugger, the Texas journalist-turned-activist who started the Alliance for Democracy, in a July 30 article for CommonDreams.org. “The coming national election is set up to be stolen.”
Paranoia? “No,” says self-styled “white-hat hacker” Chuck Herrin, a computer-security analyst from Winston-Salem with state-of-the-art credentials, “this is not just tin-foil hat stuff.” It’s all too real. Maybe.
Thus, even without the Carteret County fiasco, we’d likely have the official joint legislative study committee (whose members include the prescient Mr. Murphy) that is today looking at the issue of DREs and other voting machinery. Some 40 counties in North Carolina use them, according to www.ncvoter.net. But it’s Carteret that’s made us Exhibit B in the national “voting integrity” debate that surrounds these machines, as my survey of several excellent Web sites shows that we are. From committee testimony and the Web sites, here are some pertinent questions and answers.
If North Carolina is Exhibit B as I say, what’s Exhibit A?
It’s Ohio, of course.
Aha! So the hackers did steal Ohio for Bush after all!
Actually, no. If Bush stole Ohio, looks like he did it the old-fashioned way–by suppressing the black vote. I refer you to Greg Palast ( www.gregpalast.com ), the investigative reporter and author of The Best Democracy Money Can Buy for details. But the short version is that Republicans run Ohio; Republican Secretary of State J. Kenneth Blackwell (now a candidate for governor) ran the 2004 Ohio elections and the Bush-Cheney campaign in Ohio, and not at all by happenstance there weren’t nearly enough voting machines in the big-city neighborhoods of the state. Plus, they were the oldest, least reliable machines, including a lot of the punchcard variety that so fouled up the Florida voting in 2000–remember the “pregnant chads?”
The result in Ohio: long lines–up to eight hours–in the cities, disappointing potential voters who couldn’t wait, and tens of thousands of “spoiled” votes in the race for president (93,000 statewide), usually because the chads weren’t punched out of their ballot holes.
Moreover, some 155,000 Ohio voters–again heavily concentrated in minority neighborhoods–were given provisional ballots, only to have Blackwell rule most of them invalid after the fact because the voters were not in their proper precincts. To repeat: Voters who went to the wrong precincts (usually because they’d moved and failed to change their registration) were given a ballot that wouldn’t be counted rather than directed to the proper precinct. Slick.
Is that why exit polls in Ohio showed Kerry ahead, but Bush won anyway?
That’s Palast’s theory. The exit polls measured how people thought they’d voted, not whether their votes were counted. Bush won Ohio by 136,000 votes. But more than that were discarded, and the discards were heavily minority voters. Democratic members of House Judiciary Committee in Washington concluded there were “numerous, serious election irregularities in the Ohio presidential election, which resulted in a significant disenfranchisement of voters. Cumulatively, these irregularities, which affected hundreds of thousands of votes and voters in Ohio, raise grave doubts regarding whether it can be said the Ohio electors selected on December 13, 2004, were chosen in a manner that conforms to Ohio law, let alone federal requirements and constitutional standards.” The Government Accountability Office is still investigating.
But what does this have to do with DREs? Compared to punchcard voting, it sure seems like electronic touchscreens would be a big improvement, with or without printouts?
Yes. So glad I brought that up. In fact, that’s what most people thought after Florida 2000, according to Doug Chapin, the president of Electionline.org, a nonprofit watchdog. The sight of Dade County officials holding up perforated ballots to the light (was that chad “hanging” or merely “dimpled”?) was seared into our brains, Chapin says. So, no surprise, all over the country elections officials jumped at the chance to buy paperless DREs–no more squinting! The computer does all the work! “DREs were the next big thing,” Chapin told our legislative study committee.
And wouldn’t DREs help with provisional ballot issues, too?
They could, sure. DREs in any precinct could be programmed to hold the different ballots for all of the precincts in a given jurisdiction–say, a county. Regardless where you voted in Wake, for example, if election officials looked up your registration and punched in the right precinct number, out would come your correct ballot.
OK, so one DRE machine screwed up in Carteret County. But it’s a long, long way from that to the 93,000 “spoiled” votes in Ohio, or the 180,000 in Florida four years ago. Aren’t the DREs still way ahead?
No. First of all, Carteret County wasn’t the only DRE screwup, or even the only one in North Carolina. It was just the only one where enough votes were lost–irretrievably–to throw a statewide election outcome into doubt. (Or, to be accurate about it, it’s the only one of that kind that we know about.)
DREs fail all the time, as do all voting machines–they’re machines, see, so they crash. On Election Day in Maryland, 11 percent of the DRE machines quit at some point. After Florida raced to put in DREs for its 2002 elections, they crashed so often and performed so badly that, with Gov. Jeb Bush’s embarrassed support, Congress was forced to pass the Help America Vote Act–legislation the Bush administration was cheering with one hand and delaying with the other up to then. HAVA gives the states money to buy new equipment.
Second, it’s not clear DREs give you fewer “spoiled” votes than their major competition, which is not punchcard machines but rather paper ballots–either the simple, hand-counted kind, or the ones you mark and then feed into an optical scanner to be counted.
In fact, a 2001 study by the Caltech/MIT Voting Technology Project concluded after studying the previous four presidential elections that paper ballots and optically scanned ballots (as well as the old-timey lever machines that nobody likes anymore because they’re so bulky and balky) “produce lower residual vote rates on the order of 1 to 2 percent of all ballots cast over punch card and electronic methods” (emphasis mine).
You’re losing me. What’s a residual vote?
It’s a “spoiled” vote–aka an “overvote” or an “undervote.” An overvote is where you mark your ballot for two candidates, say, when you’re only supposed to pick one. Your votes don’t count. An undervote is when you don’t vote for any of the candidates in a given election–you vote for governor, say, but not for president. Or, perhaps you did punch a chad for a presidential candidate, or touched a screen, but your punch/touch didn’t register. That’s an undervote.
I thought DREs didn’t let you overvote or undervote?
Right. If you overvote, the DRE rejects it, tells you why, and you get to try again. If you undervote, it “nudges” you–don’t you wanna vote for president, dogcatcher, whatever (hint, hint)?
So how come there’re still residuals with the DREs?
The Caltech/MIT researchers attribute it to “human factors.” Remember, people get flustered enough filling out paper ballots. They don’t know who any of the candidates are, perhaps, or what a state auditor does. It’s like taking a test in school and flunking. So imagine how the computer-unsavvy voter feels when he’s “nudged” by a talking touchscreen that tells him, “No good. Try again.” He may just walk away. But, over time, that problem should lessen, the experts say.
Anecdotally, there were lots of Election Day stories of people who said they “touched” Kerry and the machine came up “Bush,” or in some other way failed to reflect their choices. I’ve seen nothing that tells me any software was systematically tampered with, however. Then again, if the hackers were any good, Herrin tells me, nobody’d know they were even there.
That’s the big question, isn’t it? Could a hacker, or a corrupt official, get into the software, change the results and throw an election?
Who knows? But an awful lot of reputable computer experts out there, with no obvious political axes to grind, say it’s absolutely possible. Avi Rubin of Johns Hopkins. David Dill of Stanford. Check www.evoting-experts.com. Rebecca Mercuri, a Harvard University researcher with advanced degrees in engineering and computer science and 15 years of experience studying electronic voting systems, testified before our joint legislative committee two weeks ago. She was as serious as a heart attack: Because of their complexity, she said, “there is no way to prove that exploitable flaws and backdoors do not exist in voting software–vendors and ‘experts’ who testify otherwise are either lying or are unaware of fundamental, underlying laws of computer science.”
How would they do it?
Sorry, that’s proprietary. Just kidding. But only a little. One of the huge problems with the DREs is that the companies selling them consider the software to be proprietary–meaning, it’s a trade secret, and we can’t see it. Rubin, Dill, Mercuri, they can’t see it either. Just by luck, however, a researcher named Bev Harris was googling for dirt on Diebold Corp. one day two years ago and stumbled across a link to some of its code–seven CDs worth. Rubin was among the experts who subsequently took a look at it. According to the Associated Press, he concluded that it was so riddled with mistakes that “a clever 15-year-old” could rig it to count a single vote multiple times. Diebold thereupon issued a 27-page defense, saying it was old code and no longer in use.
Diebold? The Ohio Diebold?
Oh, yes. The same Diebold whose CEO, Wally Odell, raised money for President Bush and said early in 2004 that he was “personally committed” to helping Bush win Ohio. Ouch!
Isn’t that just tin-hat stuff? Odell said he misspoke.
Wait, there’s more. Diebold is one of three big DRE sellers. But the biggest is ES&S, an Omaha-based company. It was started by Todd Urosevich, who’s still its president, and his brother Bob, who’s now VP at, yes, Diebold. Nebraska Sen. Chuck Hagel is a former ES&S chief executive. When he was first elected to the Senate, in a big upset, his own company helped count the votes. Then, there’s–
Aw, c’mon. You’re getting carried away.
Maybe. But I do believe Herrin when he says that anyone with “physical access” to the voting software could rig it to change votes on Election Day, then cover the tracks, “game over.” Unless there was a recount of paper ballots later, no one would even suspect. “So, steal big. Get yourself a mandate,” Herrin says. And if a recount does find the discrepancies–oops, “must be a glitch,” he laughs. “Elections are a very high-value target–look at all the money that’s spent on them.”
Herrin gave the legislative committee a little demonstration using the public-domain Diebold software used to count the votes in optical-scan machines. It runs on Microsoft Windows. (“Hacking Microsoft is like hunting a dairy cow with a high-powered rifle,” he crowed.) He went into the database, found and changed the password, changed the clock, changed the names of two candidates and switched their votes, then erased the audit trail that showed he’d been in there. All in about two minutes.
Someone could do the same thing instantly by plugging a flash drive into a computer port, he said later.
For real?
Justin Moore, a doctoral candidate in computer science at Duke, thinks so. Moore says it’s also possible to hack into the database by the modems that transmit each machine’s totals to the network server. Moore’s “takeaway points”: software engineering is “insanely difficult,” voting software is more complex than a 747’s, and all electronic communications are inherently vulnerable to attack.
Scary.
That’s what Sen. Ellie Kinnaird of Carrboro said.
So what’s the answer?
Herrin says vote on paper and count by hand. What’s the hurry when the integrity of an election is at stake? Mercuri says she likes the optical scanners, spot-checked by random hand-counting. Chapin, acknowledging that DREs help the visually impaired cast an anonymous ballot, says there’s a move to hybrid systems: People can mark a ballot by hand or use a DRE to generate it, but either way, there’s an actual ballot to spot-check or, if the election’s close, to recount. And the Board of Elections says what?
Gary Bartlett, the SBOE’s executive director, isn’t convinced that DREs need a paper trail, let alone that paper ballots are the way to go. But he does acknowledge that letting every county go its own way on voting equipment isn’t the right answer, either. Under HAVA, the federal government is supposed to recommend standards for accurate counting and verification that machines purchased with Uncle Sam’s money should meet. But those standards have been delayed. Bartlett suggests that North Carolina adopt its own, and then use whichever set is tougher going forward.
Does the joint legislative committee agree?
Not clear. There’s some sentiment for banning DREs, and some members want to use paper ballots only. But it’s more likely that they’ll allow DREs in a hybrid form along the lines Chapin suggests.
One last question: Why can’t we just use DREs like bank ATMs and generate paper receipts?
Banking isn’t anonymous–your bank knows everything about you. Voting is supposed to be–but that makes verifying that the vote you cast is the vote that’s counted much more difficult.
The committee meets again Friday, Jan. 21, at 10 a.m. in the Legislative Office Building in Raleigh (probably in Room 414). Discussion of the options for legislation is expected to continue.
Out on the Web
There is a lot of paranoia in cyberspace about how George W. Bush won the election. But there’s also a lot of great information about the plusses and minuses of e-voting machines. Good places to start:
Happy hunting.
