— Brad Friedman, The BRAD BLOG
As if the former U.S. Election Assistance Commission (EAC) chair Paul DeGregorio hadn’t done enough damage to our nation’s electoral system during his disastrous reign as a commissioner from 2003 to 2007, it looks like he’s now more than happy to cash in on his Bush-appointed public post in the private sector as Chief Operating Officer for a dubious Internet voting operation.
Everyone Counts (E1C) is the San Diego-based firm which ran “America’s first all-digital online and telephone election” in Honolulu, which was completed last week. That’s the way it was described by Aaron Contorer, the company’s Chief of Products and Partnership, in a very thinly disguised press release, sadly posted, as if a news article, recently by Huffington Post. [Full Disclosure: We also contribute articles to HuffPo, though we try to offer news, rather than press releases.]
As COO of Everyone Counts, DeGregorio has posted a video commercial (and a bad one at that, see the bottom of this article where it’s re-posted) on his bio page at the company website. His face is also featured on the front page of their site. In the short video, DeGregorio crows about his 22 years in the election “business” while posing in front of the U.S. Capitol and Washington Monument in D.C.
Trading on his former self-proclaimed status as “America’s chief election official,” DeGregorio endorses the private company for which he now works, noting in the video: “I’ve been involved in this business for 22 years, having risen to the, America’s Chief election official. And I have found that Everyone Counts is the place for me to be, because it’s the only organization that provides transparency, accessibility, security and choice. And I think that’s the most important thing for any election official, anywhere in the world.”
While evidently accuracy doesn’t even make DeGregorio’s list of “most important thing[s] for any election official” — not surprising, given his oversight, during his tenure at the EAC, of federal approval for myriad electronic voting systems that fail to meet federal accuracy standards — the idea that EC’s Internet voting schemes provide “transparency” seems to be entirely without evidence, as The BRAD BLOG confirmed with a representative of the Honolulu Neighborhood Commission Office which sponsored last week’s election.
Moreover, Everyone Counts’ virtual election in Hawaii, according to late news reports this week, seems to have been a dismal failure, at least if the 83% plummet in voter participation might be taken as any indication, in addition to the election’s lack of transparency and verifiability.
Numerous commenters, including us, left responses to Contorer’s misleading and disinformative HuffPo item, noting serious concerns about E1C’s “all-digital” voting scheme. Concerns were expressed by many posters about citizens’ lack of ability to verify the accuracy of votes cast, and of transparency and security in the system which, Contorer claims, employs “military-grade encryption technology.” He goes on to try to convince readers that it’s also “faster, more reliable, and more secure than if they had voted on paper.” He failed to answer to any of our critical comments, however, and neither did he offer evidence to back up his claims about his company’s superior reliability and security over fully-transparent, paper-ballot voting.
Despite his shameless promotion, and an offer in his video to contact him with any questions, DeGregorio himself did no better in responding to our request for comment in regard to our concerns…
Unsecure, Unverifiable
According to Honolulu’s Star Bulletin, 115,000 voters were mailed nine-digit PIN numbers earlier this month, which they could then use to vote from their home computer, a touch-tone telephone, or one of several computer sites that the Neighborhood Commission Office had set up for voters to vote online if they didn’t have access to their own computer (or telephone, presumably).
Setting aside that there is apparently no way for citizens to know that anybody’s vote was actually recorded accurately by the EC techno-voting scheme, we were curious what safeguards were in place to keep any of those 115,000 voters from giving their PIN number away to someone else — either out of friendliness or for profit — to allow them to vote in their place.
Unlike Contorer, or anybody else at E1C, Bryan K Mick, a representative from the Neighborhood Commission in Honolulu, was very responsive to our queries. He conceded that “there is no procedure to stop someone from selling their vote,” though he noted that along with the PIN number, the last four-digits of a voters’ Social Security Number must be entered in order to vote via the E1C system. That, he believed, made the system “more secure” than their previous paper-ballot elections.
“In previous years we mailed everyone a paper ballot along with a return envelope,” he told us via email. “Although the return envelope [required] a signature, we did not have access to any signature database and therefore someone could simply have forged a signature. We therefore feel that this election is actually more secure.”
In response to follow-up questions, in which we noted that at least a signature would allow for some kind of authentication of votes, if allegations of fraud had occurred, Mick agreed we were “correct,” and “if there had been an allegation of fraud [with their paper system] we could pull the envelope.”
“I assume the City Clerk maintains a database [of signatures], but we don’t have access to it, at least at the current time,” he told us, before adding, “I know of no allegations of voter fraud.”
Mick seemed unaware of the many reports from governmental and private computer scientists and security experts who have argued that Internet voting is not secure. “I disagree that computer and voting experts don’t like this method,” he wrote. “Quite the opposite. If it wasn’t safe, there would be no way billions of dollars would be moved online every day.”
That’s the same line of rationalization Contorer mentioned in his Huff Po blog item, which misleads readers by arguing that “We have been banking online and shopping online for over a decade,” so it must be time to vote that way too!
Contorer failed to note — and likely failed to inform Mick, or the others in Honolulu – that Internet business transactions, while certainly less than 100% secure, are made far more secure via the transparency that comes with them. Unlike a secret ballot that can’t be traced to it’s “owner” once it’s been cast, business transactions can be tracked, transparently, double-checked, and triple-checked by all of those who are parties to the transaction, at any time afterward, to help ensure accuracy. That’s simply not the case with a secret ballot.
Ellen Theisen of the non-partisan election watchdog VotersUnite.org summarized just a few of the concerns about Internet voting, as detailed by experts, in her February 2009 testimony [PDF] prepared for the state of Washington. Washington, too, had been foolishly toying with the idea of Internet voting but wisely let the bill proposing it die. Her well-footnoted, three-page testimony describes how scores of experts have found that “safe use of the Internet for voting is essentially impossible, given the technology available today.” Theisen’s testimony begins with this handy summary:
- In 2004, a panel of experts commissioned by the U.S. Department of Defense concluded that it was not possible to ensure the privacy, security, or accuracy of votes cast over the Internet with its current architecture. They said the attempt to provide secure, all-electronic Internet voting was “an essentially impossible task.”
- In 2007, the U.S. Government Accountability Office (GAO) found that email and Internet voting is “more vulnerable to privacy and security compromises than the conventional methods now in use” and that “available safeguards may not adequately reduce the risks of compromise.”
- In 2008, the National Institute of Standards and Technology (NIST) wrote, “Technology that is widely deployed today is not able to mitigate many of the threats to casting ballots via the web.”
- In 2008, thirty leading computer science experts and professors at major universities signed a statement asserting that until “serious, potentially insurmountable, technical challenges” are overcome, permitting the Internet to be used for public elections “is an extraordinary and unnecessary risk to democracy.”
Theisen offered more supporting quotes from experts in an additional 7-page document [PDF]. We suspect Everyone Counts shared none of these warnings with the good folks of Honolulu.
Ironically enough, while Honolulu’s Mick had noted hopes that this year’s “all-digital” election might boost participation above the 25% of eligible voters who took part in last year’s election, the local ABC affiliate reports this week that participation in this year’s first “all-digital” election plummeted by 83%, compared to last year:
For the first time, Oahu voters had to use computers or the telephone to vote for their neighborhood board candidates and many people did not bother.
About 7,300 people voted this year, compared to 44,000 people who voted in the last neighborhood board race in 2007.
In another one of the many ironies related to this story, a judge in Hawaii, just last week, as voting in Honolulu’s local election was concluding, halted the use of electronic voting machines, and the Internet transmission of votes, in both state and federal elections in the state. Judge Joseph E. Cardoza found that the state’s use of Hart Intercivic e-voting systems was not implemented through lawful rulemaking, and that the Internet transmission of vote counts was not in compliance with state law.
As Honolulu’s elections were local only, Cardoza’s finding didn’t apply. In either case, it didn’t matter. This election was for the benefit of Everyone Counts, and their hopes of getting rich by undermining American democracy with Internet elections. It’s certainly not for the benefit of the voters, and the laws of Hawaii, like their voters, don’t matter a lick.
Speaking of Failures, DeGregorio Knows Better, Doesn’t Care
Everyone Counts’ DeGregorio was the EAC chair who first buried, and then completely rewrote, a bi-partisan report on “voter fraud,” or lack thereof (without consulting the reports’ authors) during his ignominious tenure at the federal commission. He had colluded, with fellow St. Louis, MO, hometown colleague and GOP “voter fraud” scam gangster, Thor Hearne of the American Center for Voting Rights (ACVR, whom The BRAD BLOG has spent many years exposing as the anti-democracy thug operation that they are), in hopes of keeping the report, which showed little or no evidence of actual polling-place voter fraud, from being seen by the public, prior to the 2006 election.
Given the Republican DeGregorio’s seeming obsession with “voter fraud” during his reign at the EAC, it seems a tad ironic that he’d be fronting for an e-voting vendor whose “all-digital” voting procedures virtually beg to be defrauded, and whose accuracy, in any case, can never be verified by the public.
While we report far more on these pages, on the very real concerns about Election Fraud (fraud by insiders in the election “business” who are easily able to manipulate entire elections with the effort of little more than a key stroke or two) than on the imagined concerns about Voter Fraud (rarely used at the polls, as it’s a very difficult and dangerous way to game an election and requires a large conspiracy which is easily discovered, even though the GOP shamelessly exploits those concerns in order to implement disenfranchising polling-place ID restrictions to keep Democrats from casting legal votes), we recognize the way in which that sort of fraud can occur. Most frequently, it occurs via absentee voting, which is not subject to the same sort of ID restrictions Republicans across the country have been pushing to implement. However, unlike DeGregorio, apparently, we’d never do anything to help encourage such fraud. No, not even for money, as DeGregorio is seemingly all too happy to do.
Moreover — and not surprisingly — AP and Fox “News” were similarly all too happy to offer a largely glowing report on Honolulu’s experiment, downplaying any concerns of fraud, and not bothering to note the dismal “turnout” in last week’s election.
At the end of DeGregorio’s video ad for Everyone Counts, he says: “So check us out. Check out our webpage. See what Everyone Counts has to offer,” before concluding: “Contact us, and we’ll get right back to you.”
Well, we contacted Everyone Counts, several times, via email, requesting response to our questions about the security and transparency of their voting schemes. They never bothered to respond.
Maybe it’s not their fault, though. Perhaps the notes just got lost when they were sent over the Internet.
Here is former U.S. EAC chair Paul DeGregorio’s one-and-a-half-minute video commercial for Everyone Counts, as posted on his bio page at their website…
Oh smart,
vote through a network that is being snooped on (FIOS splitters) controlled completely by corporations (telco’s) and is completely unvalidatable (electronic signals are invisible?)
Absolute potential for an invisible “man in the middle” attack.
Hell if I were evil (I’m not) and high level (I’m not), in the NSA (I’m not), I would buffer all the vote signals and change them to keep the corrupt power base. With no public oversight, nobody can say anything. With compartmentalization and state secrets nobody could touch me.
We are being setup really bad in the United States. When these unconstitutional laws were passed they should have been immediately forced by the people to be redacted spare no expense, resource, and public protest.
How did we go from being upstanding citizens to homegrown terrorists in so few years?
Incremental tyranny!
Excellent article, Brad. Really outstanding reporting.
Wish the Hawaii media did real reporting as well. Instead, yesterday in the AP story we see pointless quotes like: “The technology side, it works.”
My self-cleaning oven works too, but it’s not a democracy. For democratic elections to work, you need public controls, you can’t count votes in secret, and you need participation. And on these three measures, the Internet-or-telephone voting system fails.
Only 6.3 percent of Hawaii’s eligible voters cast votes on the new Internet-or-phone voting system (as compared with 28 percent in a similar election previously), a record low turnout. So the press quotes the vendor saying:
“Our systems aren’t really about turnout. They’re more about accessibility to participation.”
Yes, that’s right: These new Internet voting systems are about “accessibility to participate”, rather than participation.
One of the reasons the frame “counting votes in secret” works better than calling it “transparency” is that the word “transparency” is converted to meaningless mush propaganda by people like DeGregorio, who claims the Everyone Counts system is transparent.
If you say so, fella. But you sure can’t tell us it counts votes in public, which is a dealbreaker requirement for democratic elections
Of course, in this case, they know that, and thus, didn’t bother to respond to my inquiries.
They know their system is garbage and it seems clear they mean to take advantage of those election officials who don’t know better. Hey, it worked with the e-voting machines for a while, why not try same with this Internet crap and make a few billion before folks catch on.
They get the election officials (see the very nice Bryan K Mick quoted in the story above), to do their PR for them, and once it’s too late (once the election officials realize they’ve been had), it’s too late for the officials to cop to that publicly, because they’ve already blown millions of tax payer dollars.
What a scam. And, where it was blind folks they took advantage of for the e-voting systems (blind folks need ’em to vote!), they’re now using the military to explain why Internet voting is needed (you don’t hate the troops do you?!)
Sigh…and so it goes…Just like wack-a-mole…
Mr. DeGregorio did write an article and publish it just prior to a vote in Florida to retire DRE voting machines called “Hype over Hacking”, seems he was on it then as he is now. That article sent to an election offical found its way into the polling station on the day of election, after traveling across State Lines to get there, and became evidence in an formal Law Enforcment investigation into influence of an election.
John – That “election official” who put the note on the tables at all of Sarasota’s precinct was the county’s Supervisor of Elections Kathy Dent. One of the nation’s worst.
Not only was DeGregorio’s horrible article put on the table, but Sarasota had an initiative on the bill that day asking voters whether they wanted to get rid of those machines or not!
Fortunately, the election was only for “elected officials” of the neighborhood boards that really have nothing but minimal advisory power only. I hope our City Council members and State legislators don’t get it in their heads to implement this system to elect people to their respective bodies that have real power. I will much more vigorously fight such a move and ridicule the fools that think that is a good idea. I want to return to the day when votes were counted by hand in front of public witnesses at the precinct polling place at the end of the day. That is the most secure and efficient way of conducting elections IMHO.
Wow, where’s the beret for Phil? I’m sure you can photoshop his picture as well. After all, isn’t everyone involved in the elections business OTHER than your followers an evil, nearly satanic conspirator?
Doug
Wow, where’s the beret for Phil?
You really want my BEFORE USAF photo compared to my current photo? Maybe you should just watch my show all year and HOPE I give you a clean frame.
I’m sure you can photoshop his picture as well.
Sounds like your applying for the job. It pays ZERO.
After all, isn’t everyone involved in the elections business OTHER than your followers an evil, nearly satanic conspirator?
Blanket statement, your moving WHERE with this shit?
Note: I will put a foot to your ass if your trying to put one to my ass. I am sick of this shit, so grow the fuck up.
Tell you what doug allen, write to: http://www.usace.army.mil and ask them for my photo. Who knows maybe you can get me at McKinley park at the water sports, or at the bar-b-que chicken/hotdog, if that fails you could try to look up history on GAFB, Ca.
Maybe you’ll find something from the 1970’s?
I’ve not yet seen an example where electronic voting is a savings in terms of dollars. Given how many elections are contested, it’s not always a savings in time either.
Additionally, the savings in time is something I question. Let’s start with there is always time to do it right the first time. This means, if we have robust civic processes with people involved, we can do an election in a timely manner using only warm bodies and simple communications means and methods.
This appears to always be true, regardless of the population. Many nations employ systems modeled after ours, and with oversight like what President Carter does, function better than ours does.
The most disturbing thing about these vote reform efforts appears to be:
-agenda setting
There are parties trying to restrict the vote and over expand the vote.
-consistent lack of oversight
Secrecy is employed far more often than it needs to be. If one goes to look at how the vote is actually counted, it’s often quite difficult to determine this! The larger the election, the bigger the mess is.
Why are we not using time tested means and methods to count votes under the public eye? This works. It works well.
-belief that technology improves the state of things.
Our election processes in many places are garbage. Automating those only produces faster garbage. Why do it? I suppose the answer lies in the very hard to shake assumption that electronics brings an automatic improvement.
The reality is that it doesn’t do this, unless the processes are considered as carefully, or more carefully than the electronics are. My day job involves complex business process analysis, and I’ve seen this truism play out over and over and over.
Automate crap, and you get faster crap.
Nothing has changed about what makes a trustworthy election. These four ideas need to be embodied in the process to the maximum extent possible:
1. Transparency
We need to be able to see the process and the votes from initial vote cast, through to final tally. Enduring records of the vote need to be human readable without enabling technology. It’s not actually necessary that people see the votes, but it must be possible to do so. Without this, we cannot vet the process that empowers our elections.
2. Oversight
If we have transparency, then oversight is possible. Ideally, it’s embodied in the process where citizens can audit vote counts, the process and be involved in their civic process.
3. Freedom
This is simply the choice whether or not to vote.
4. Anonymity
Bank transactions are keyed to actual people. This is what makes them robust enough to trust for dollars. Votes cannot be keyed to people, or we risk exploiting their votes. The Hawaii system does key votes to people, with the tradeoff of encrypting access. This is a best case abuse of this idea, marginalized by the financial failures and marginal performance on the other ideas.
I don’t see anything here that’s ground breaking. Layers of encryption force citizens to trust a system to record their vote. They trust a system to count their vote. No real link between voter intent and vote cast can be established by the voter. (machine could record different vote and they would not know)
IMHO, this is an expensive mess.
Frankly, the only upside is convenience and turnout. Those can be archived with Vote By Mail just as easily. And given the costs associated with the electronic system, I’m not sure I see a return over more simple and human oriented methods.
Sure seems to me the cost of our democracy is some level of civic involvement. Even if a very small fraction of us are involved, that’s enough to meet the burden. Why not do that then? Do we really need elections that are secret and untrustworthy, just for some speed?
Does it cost us that much more to get results in a day, maybe two, vs a few hours?
Does that cost equation hold true given the fouled up elections we’ve seen hit the courts?
In the matter of Franken -vs- Coleman (maybe the other way around), had they used electronic voting for the entire election, there would be no way to sort out an election that close. As much as I don’t like the court games, I am reassured being able to actually follow the votes, see the record, watch the challenges and see our system of justice work as intended.
When I see Democratic and relatively progressive Hawaii falling for this scheme, I can’t help but think of a line from an early 60s tune by Peter, Paul & Mary. “When will they ever learn?”
Ernest A. Canning