On today’s BradCast, after great news on voting rights from a bunch of state and federal courts over the past week, and sudden concerns from the the Right, the Left and the corporate media about the possibility of stolen elections, the Dept. of Homeland Security is finally looking into taking action. [Audio link to today’s program posted below.]
“We should carefully consider whether our election system, our election process is critical infrastructure, like the financial sector, like the power grid,” DHS Secretary Jeh Johnson said this week. “There’s a vital national interest in our electoral process.”
Years ago, I began reporting on the serious vulnerability of our election system to manipulation (and error) from both foreign and domestic sources. In 2006, for example, after helping supply computer security analysts at Princeton University with a Diebold touch-screen voting system for the first independent tests of such a machine, I reported both at The BRAD BLOG and at Salon that the analysts were able to hack into it, in about 60 seconds time, with a virus that would flip election results and pass itself from machine to machine with virtually no possibility of detection. That followed on an Exclusive series of 2005 reports from a Diebold insider who I called “DIEB-THROAT” at the time, describing how the company’s lead programmers admitted that the security on their systems was terrible and that a branch of DHS had already warned, in 2004, about an “undocumented back door” in the systems.
In 2009, by way of just one more example, we reported here on remarks delivered to the U.S. Elections Assistance Commission (EAC) by CIA cybersecurity analyst Steven Stigall, describing how “wherever the vote becomes an electron and touches a computer, that’s an opportunity for a malicious actor potentially to make bad things happen,” before going on to note that the CIA became interested in electronic voting systems years earlier “after concluding that foreigners might try to hack U.S. election systems.”
So, it is with some skepticism that I regard Johnson’s remarks this week about finally taking action to identify our existing, vulnerable electoral system as “critical infrastructure”. Is it too little, too late on the eve of another Presidential election? And is it even possible to protect the type of electronic vote casting and counting systems we currently use in our elections? And what does the designation as “critical infrastructure” actually mean any way?
I’m joined on today’s program for some answers by Scott Shackelford, cybersecurity law and business expert from Indiana University and the Harvard Kennedy School’s Belfter Center, to explain some of this, and to describe some of the ways in which the U.S. might expand existing international agreements to keep domestic elections from being tampered with by foreign powers. Shackelford, writes about the issue this week at the Christian Science Monitor in an op-ed titled “How to make democracy harder to hack.”
“It definitely is too late at this point to wake up and get all 9,000 jurisdictions on board for November,” he tells me today. “Maybe instead of focusing quite so much on driver’s licenses [to prevent fraud] and making sure we have different IDs in some of these states, it would’ve been great to have put that focus a little bit more on cybersecurity. But that didn’t happen.”
For what it’s worth, my answer, after more than a decade on this beat: No, it’s not possible to protect the type of electronic systems we currently use without moving to what I describe as “Democracy’s Gold Standard”. But Shackelford offers several ways we can, at least, try to improve the situation and mitigate the current dangers, as well as some thoughts on why action has been so long in coming. “Elections do quite a bit to focus minds. It is unfortunate that we lose some of that focus in the aftermath of these elections,” he says.
Also today, why the right to vote is so important, whether you like it or use it or not, and why, for me, at least, it’s still about rights, not politics, some 52 years to the day after the bodies of civil rights activists Andrew Goodman, James Earl Chaney and Michael Henry Schwerner were found after being murdered in Mississippi for trying to help register African-Americans to vote in 1964.
And, finally, speaking of vulnerable, as deadly, climate-fueled extreme weather continues across the planet, Republican U.S. Senator Ron Johnson of Wisconsin, up for re-election this year against former Democratic U.S. Senator Russ Feingold, offers up some of the dumbest, most embarrassing, scientifically disproven and just out-and-out inaccurate arguments against taking action on climate change that he could possibly muster. All of that and more on today’s BradCast…
CLICK TO LISTEN OR DOWNLOAD SHOW!…
[audio:http://bradblog.com/audio/BradCast_BradFriedman_ScottShackelford_ElectionCyberInfrastructure_080416.mp3]
(Snail mail support to “Brad Friedman, 7095 Hollywood Blvd., #594 Los Angeles, CA 90028” always welcome too!)
|
I hope every electronic voting machine across the nation reports that “Pikachu” has won every single position.
We’ll get a redo election where maybe Bernie gets a 2nd bite at the apple. And, it will be hand counted paper ballots from now on.
🙂
Dear Brad,
As an international ecology policy lawyer, I am deeply invested in the importance of effective democratic decision making (I can explain this connection later if necessary) and so I am indebted to you for your scrutiny of voting systems. I join you in considering this problem to be existential, not only for the future of democracy, but also for ecological sustainability. I have been listening to your discussions on voting systems and your desire for a system design that could somehow improve on the reliability and voter participation over what what we see now happening all over the world. A paper balloting system alone would maintain the status quo and is perhaps an acceptance of defeat, so I don’t see that as a wise course. In reply to your plea for new ideas, I would like to point you to a system I designed in order to address these problems (summary of system). The real question for anyone looking at the problem of voting systems is this: can you handle direct democracy, or are you just pretending? Much of the opposition to modernized voting systems such as the one presented here, stems from two anti-democratic ideas rather than from an impossibility of improving on simple paper balloting: 1) that voting people are not capable of making wise decisions for themselves, or 2)a desire to make democracy fail for a number of political reasons that I won’t go into here. I have heard your comments on the ineluctable hackability of all electronic voting systems and I suggest that there is a feasible method possible, as long as: 1) any voter can verify that their vote was properly recorded by the system, and 2) the voting data are verifiable at any time by any independent monitoring organization or individual with a computer who wishes to take the time to do so. In other words, the computerized data files must be verifiable by anyone and made publicly available. There are several other important features presented, but I wish only to mention here the possibility of fraud-proof electronic voting. Since you are obviously deeply engaged with this subject, I hope that you find these comments useful. Continued Luck With the Show, Adam
Adam D.C. Cherson @2 wrote:
and:
With all due respect the concept of “fraud-proof electronic voting” is an oxymoron. The critical problem is a lack of transparency in vote tabulation. It was the reason why, in 2009, Germany’s highest court ruled that all forms of e-vote tabulation violated that nation’s constitution which mandates a publicly observable count and precludes all systems that require specialized technical knowledge for citizens to monitor the count.
What Brad described in that article as “Democracy’s Gold Standard” – hand-marked paper ballots publicly hand tallied at each precinct on election night — is certainly not part of the status quo. While paper ballots are utilized in optical scan systems, almost all elections in the U.S. are decided without so much as a single ballot being counted by a single human being. Op-scan paper ballots are tallied electronically by easily hacked central tabulators.
A rare exception can be found in some New Hampshire towns that, applying Democracy’s Gold Standard, most often complete their transparent counts more rapidly than their machine-counting counterparts.
Finally, I am curious as to why your “summary of system” includes a provision for biometric authentication of voter ID? You do realize that in-person voter fraud is a phantom menace that is about as scarce as hens’ teeth — that the GOP has used the “Big Lie” about in-person voter fraud in order to disenfranchise minority voters, do you not?
From Adam’s paper:
PROPOSED VOTING SYSTEM FOR THE GLOBALIZED 21st CENTURY WORLD
4) voter places vote using an electronic system that can generate an instant paper copy of the vote…
This looks like a verification bottleneck to me. How can anyone know if what that machine generates has anything whatsoever to do with what the voter has input? This is the point!
Brad has stated an estimated ka-billion times that there is no substitute for hand-counted paper ballots which when counted can be overseen by the public.
Why, here’s one example right here:
Democracy’s Gold Standard
Hand-Marked, Hand-Counted Paper Ballots, Publicly Tabulated at Every Polling Place in America…
Adam D.C. Cherson said @2:
For the record, I haven’t called for “a system design” to help improve voter participation. I believe that’s up to the candidates offering a reason for voters to want to vote.
No idea what you even mean by that. We don’t have overseeable paper ballot tabulation in the vast majority of the U.S., so not sure how that would “maintain the status quo”.
I don’t believe I made a “plea for new ideas”.
I don’t know that I’ve called for “direct democracy”. I have called for overseeable voting and vote counting in support of the represenative democracy we currently have in this country. I’m open to discussions of direct democracy, I supposed, but I haven’t discussed it of late to my knowledge.
As to the voting system you suggest, I read your link VERY quickly. (Trying to do a whole lot at once, so please forgive if you feel I missed something important or am too terse in my response.) I appreciate the thought you’ve put into it. I’ve seen other systems similarly suggested (though yours is the first I’ve seen with the “fake receipt” element) and find theirs, like yours, unnecessarily complex and reliant on even more computers than we have now. I see the opportuninty for a LOT of chaos to be introduced — even one Denial of Service Attack can invalidate an entire election and/or disallow anybody from being able to cast a vote all — all of which endangers an election. And needlessly so.
Seems like you’re trying to find solutions to problems that don’t exist. But, very quickly, a few more specific responses to a few of the items in your paper:
There should be no way to match voters to their votes. Not sure who you trust to have access to this “master list” or why you think it won’t end up being released or in hands of bad actors. But, released or not, I don’t care for the idea of the government (or any other entity) having access to how I voted. I prefer secret balloting. Secret means secret and unknowable after the vote is cast.
Voters should never leave the polls with evidence of how they voted. Leads to vote buying/selling/intimidation (coercion). I prefer a secret ballot. That said, I appreciate your “fake receipt” idea, and that you speak to that concern in your scheme. But I don’t see it as a solution and, in fact, could make the process even more chaotic and difficult for the public to oversee (how can we tell which one is fake and isn’t? You speak to some of that in the Q&A section, but, again, a bad actor can throw off just one of the moving parts, and the entire scheme falls apart and the election is completely invalid.)
The system you suggest could be easily gamed in a number of ways, among them, by introducing confusing to ANY of the multiple entities where you ask that computers send the results (presumably by Internet? You actually think that’s a good idea?!)
The system allows a VOTER to verify their own vote (sort of, no way to tell if it was actually recorded that way by the computers you seem to like a lot here), but does not allow THE PUBLIC to oversee ALL of the results for EVERYBODY. That’s the key here. That’s the problem with cybervoting, including the type of cyber/crypto voting you are suggesting.
The system then goes on to call for Range Voting — sort of a separate issue — which I do not like at all. We have trouble enough adding 1 + 1 + 1, without the complicated math of Range Voting. (Approval Voting, on the other hand, is something I might support, as it doesn’t require difficult math, and could be tallied and easily overseeable very simply without computers — Oh, yeah, your system relies on more computers than we already needlessly use now! Did I mention that?) 🙂
Hope any of that is useful. And, again, my apologies for the terseness, out of necessity!