e-Voting: Taking the faith-based initiative

interesting article on evoting from the gadget site gizmodo.com. a little over-wrought perhaps, but he raises most of the important issues.

--
This week columnist Sanford May cracks open that hoary chestnut e-voting and wonders if it may be time to stop worrying and start loving the bomb. The bomb of self-rule, I'm saying.

Dare to dream of soon casting your vote in local and national elections via laptop or mobile phone, you'll run headlong into the great black wall of security issues. Indeed, security experts are lined up against e-voting, and they often present well-reasoned arguments. Yet as the Internet and devices that use it rapidly subsume other means of communication, the yen for perfect security in the digital realm is becoming outmoded. Each major step in the evolution of democracy has involved risks, obvious flaws, hidden traps, and, most importantly, the will of the people to solve the problems in the best way possible. The only sure route to the success of a democratic society is faith in the system. E-voting has the potential to greatly enhance democracy, in voter representation and a more direct process. At some point we must trust ourselves -- our talents and innovative spirit -- to create the future of self-rule.

E-voting has already begun at the polls, and there are immediate concerns about accuracy. Although most of us are confident that good software can manage arithmetic, it's not that simple. Any voting process involves translating the voter's intent, often through multiple steps. Security expert Bruce Schneier tells me, "Accuracy is not how well the ballots are counted by, for example, the optical scanner. It's how well the process translates voter intent into properly counted votes." The machines must sum votes and display ballots comprehensible to voters. In this respect, LCD panels suffer from the same drawbacks of paper.

And ballot design is not the only sticking point. Cliff Stoll believes electronic systems don't set the right tone for voting. "Computers encourage an attitude of 'don't think, just respond' rather than 'think it through and then respond'. It's shoot from the mental hip." Stoll has written about the conflicts between high technology and human society, in Silicon Snake Oil and other work; he's adept at pointing out the negative aspects of computer technology. But we are a people on the move. What was awkward yesterday may very well seem natural tomorrow.

Critics of today's e-voting machines insist that electronic voting must incorporate a paper audit trail. I'm all for it -- you do backup, don't you? Perhaps the most viable paper fallback scheme is the use of voter receipts; but the notion of issuing these receipts has resulted in a fair amount of public discomfort. We certainly don't want to carry around a receipt documenting our selections as a ticket to be strong-armed later. But Schneier makes a very important clarification about voter receipts. "The way a paper trail works is this: the voter votes on the computer; the computer prints out a paper ballot; the voter examines the paper ballot and then puts it in a box. He takes nothing away with him." (Schneier thinks "receipts" is the wrong word to use in this context.) Provided voters are compelled to drop their receipts in the box - and nefarious elements are aware that no one can leave the polling place with his receipt in his pocket - it's an efficient solution to the problem of paper audit trail. Computers do all the work, counting the votes via electronic means; when questions arise, the archived paper ballot verifications serve as official record.

Voting fraud isn't anything new; elections were first compromised about the time we started holding elections. But e-voting does recast this brand of chicanery to play on a massive scale. For fun, profit or political dissidence, a programmer developing election software can create a deceptive system. Or, perhaps undetected, he can break into an e-voting company's network and insert his own criminal computer code. No magic tech will make it airtight. No cryptographer worth his one-time pad can promise software encryption schemes will be secure in all cases.

If you believe otherwise, Bruce Schneier has a hard knock for you. "Right now, we as computer scientists have no idea how to create secure and reliable software. There is no scientific theory behind anything we do." Computer science remains a wild frontier. Schneier tells me, "We're making it up. We're guessing. We know a bunch of tricks, and that's all." The expectation that any voting system, paper or e-, will be perfectly secure is folly. We have however come to live with the risks inherent in today's systems, just as we may strike a balance in e-voting. It's that same motivation to devise and use tricks that can propel us into the future of voting.

E-voting machines at the polls are only the first wave. Except for some timely reporting features, it's still just a box in a building across town, a place I have to reach in the car, in the middle of a traffic jam, with the baby screaming his head off in the backseat. But as an entrée to the convenience of off-site e-voting on the Internet, widespread acceptance of e-voting machines is essential. Our society must trust voting via computer before we'll ever feel comfortable voting via the Internet. In that regard, public gaffs like the one perpetrated by Diebold CEO Wally O'Dell don't help.

In a campaign fundraising letter last year, O'Dell rather infamously remarked that he is "committed to helping Ohio deliver its electoral votes to the president next year." I don't for a minute believe that O'Dell had any intent of conspiring to rig Diebold e-voting machines to favor one candidate over another. It's not that he would, it's that he reminded voters that he perhaps could. Forget all of Diebold's quality assurance and internal security and every valid argument discrediting such an act; with that one statement, O'Dell did more to scare people away from his own products than any damage done by serious academic commentary. We will not use things we fear. Remember, in droves we gave up movie-theater popcorn popped in coconut oil because the Center for Science in the Public Interest announced that it might be bad for us over the long term. Popcorn. Coconut oil. In movie theaters. Absolutely no way we'll e-vote if we believe it means losing control of the process by which we elect our representatives.

Public anxiety isn't the only thing holding off-site e-voting back. Today, the concept fares no better under the well-informed critical eye, with unreliable security once again at the top of the charts. Bruce Schneier says, "We know we can't protect Internet computers from viruses and worms, and that all operating systems are vulnerable to attack. What recourse is there if the voting system is hacked, or simply gets overloaded and fails? There would be no means of recovery, no way to do a recount." He illustrates a doomsday scenario. "Imagine if someone hacked the vote in Florida. Redoing the election would be the only possible solution." Not far behind are concerns about society, about the potential for injustice in off-site e-voting. Cliff Stoll says, "Not everyone is hooked to the Internet. Probably less than half our population has immediate access to the net." It's true, as well, that not everyone with net access is entirely comfortable using it. Stoll continues, "What about the single mom holding down two jobs? Or the farm worker pulling a 14-hour day? Or the retired grandmother who runs a daycare center in her living room? The Inuit hunter who's away for a week. These people get disenfranchised." These are excellent reasons for caution and study; but they are not the reasons to reject without further consideration a concept that may well embrace disenfranchised voters, giving that single mom and overworked farmhand the opportunity to decide the fate of their country when they can't otherwise make time in their lives for regular voting.

I believe that a more direct democracy and a well-represented population are worthwhile goals for any society. Achieving these goals won't be easy, and implementing e-voting as a solution won't be easy. But stand back: I'm going to quote Jack Kennedy. "We choose to go to the moon in this decade and do the other things, not because they are easy, but because they are hard." He was talking primarily about space exploration in the 1960s and I'm talking about e-voting in the 21st century, but they both have the potential to improve the human experience on this planet. The efforts of computer security experts are invaluable in assessing the perils of e-voting and developing systems that address these hazards to the extent the technology allows; but it is we the people who must decide the future of our electoral process. Yes, the thought of widespread malicious vote manipulation concerns me.

But we are expected to have faith in our elected representatives - it's a vital part of our democracy - yet we are advised against trusting these same individuals to keep their hands out of the ballot box. That is a significant contradiction.

In two weeks, I'll come back to this topic, go into some detail about the benefits of off-site e-voting, and look at some options for security that may ultimately make us as comfortable with the new as with the old.