X

E-voting report could push audit trails

A blue-ribbon panel's conclusions could boost efforts to enact laws requiring paper audit trails.

Declan McCullagh Former Senior Writer
Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
See full bio
Declan McCullagh
2 min read
An election commission headed by former President Jimmy Carter and former secretary of state James A. Baker III drew attention last month by proposing that voters be outfitted with national identification cards.

But a less-noticed recommendation could accelerate reform efforts in state legislatures: Improving the security of electronic voting machines by outfitting them with a voter-verifiable paper audit trail.

That would "increase citizens' confidence that their vote will be counted accurately," permit a recount should one prove necessary, and allow a random selection of electronic voting machines to be tested for accuracy, the commission's final report concludes.

No such uniform requirement currently exists, which gave rise to questions about the security and reliability of electronic voting machines in the 2004 election. Electronic voting machines, which tallied about one-third of the votes in last year's presidential contest, displayed a smattering of irregularities that Democrats used to cast doubt on the procedures used in Ohio that led to President Bush's re-election.

House Minority Leader Nancy Pelosi, D-Calif., warned at the time that "malfunctioning electronic machines that may not have paper receipts" can cause an "additional loss of confidence by the public." Electronic voting machines became widespread as a result of the 2000 election debacle, which Congress responded to by spending some $650 million to upgrade voting machines--without setting any requirements for a paper trail.

The Carter-Baker commission's report is likely to fuel efforts by state and federal politicians to mandate some form of audit trails. Without such audit trails, many security researchers have warned, e-voting machines are vulnerable to a slew of problems including software glitches, viruses and malicious programming.

Politicians in New York, New Jersey and Oregon recently have enacted laws mandating various forms of paper records that can be viewed by voters but not removed from the polling place--bringing the total number of states with similar rules to at least 18, according to figures compiled by Electionline.org. (Ohio enacted such a law last year but it does not take effect until January 2006.)

The Association for Computing Machinery, the professional organization for computer scientists, applauded the commission's call for voter-verified audit trails, calling it a "crucial component for sound, trustworthy voting systems."

Bev Harris, an activist who edits BlackBoxVoting.org, was more critical. Harris responded with a critique saying that the commission's recommendations are too vague and don't delve deeply enough into the many ways that e-voting machines can be compromised.

Early this year, at least four proposals were introduced in the U.S. Congress that would amend the Help America Vote Act of 2002 by requiring some form of hard copy or verifiable paper ballots. Each is still bottled up in committee.

The commission also recommended that voting machine makers have a "legitimate" reason to keep their source code proprietary. Worries about backdoors could be eased by placing the source code in escrow with the government and making it available to select researchers, the panel members said.