FAQ and Misconceptions About Electronic Voting


 

What is the problem with electronic voting systems?

Electronic voting machines are computers, and like all computers they are susceptible to software bugs, programming errors and hacking which could mis-tally or corrupt the vote count.

When voters cast ballots directly on an electronic voting machine, or Direct Record Electronic (DRE), vote choices are recorded solely in digital form and they are susceptible to alteration by errors or hacking. The change may not be detectable by the voter because the machine could display the correct vote choices, while digitally recording the wrong vote choices.

Votes can also be recorded on paper ballots, marked by the voter and counted by computerized scanners. The scanners are also computers and can count votes incorrectly because of errors or hacking, but because there is a paper ballot of the voters’ selections, the paper record of the vote choices cannot be modified by a digital error, providing a permanent record of the vote that can be used to audit the election results or conduct a recount.

 

Who can hack or rig our voting systems?

Voting machines could be hacked or rigged by “insiders” such as vendors or election workers able to access the voting machines or the systems that program machines and tally the election results. Voting systems may also be hacked or rigged remotely over the Internet by hackers anywhere in the world even though the voting machines themselves are not typically connected to the internet.

 Before each election, each voting machine must receive programming information about the candidates and contests in that election. The election programming is conducted on an election management system or “EMS.” The EMS is typically hosted on regular desktop or laptop computers which could potentially be used for other non-election related Internet connected activities. This means the device that hosts the EMS may be exposed to the Internet and serve as a pathway for a hacker to attack the EMS and the voting machines and infect these machines with malicious software that can corrupt the vote count.

 

Have we ever lost votes or had elections disrupted due to these machines?

Yes, there have been several cases in which a mis-programmed voting machine counted votes inaccurately disrupting the election or causing the contest to be determined incorrectly.

In North Carolina in 2004, DRE voting machines lost over 4,500 votes. A statewide contest was determined by fewer votes compelling the state to re-run the election.[1]

In Palm Beach County, Florida, in March 2012, a problem with the programming software caused votes to be assigned to the wrong candidate and the wrong contest. The election was conducted using voter-marked paper ballots which permitted the county to conduct a full hand-count of the ballots, which changed the winner in one contest.[2]

In these cases the errors were so pronounced it was clear that there was an error in the count. Without mandatory, routine post-election audits of the paper ballots it is possible that smaller errors in close elections could go undetected.

 

Are our voting machines connected to the Internet?

Most voting machines are not directly connected to the Internet, but this does not ensure they cannot be remotely hacked over the Internet. As discussed above, the Election Management System - which programs the voting machines and tallies the votes - may be hosted on a computer with Internet connectivity providing a pathway for a hacker to tamper with the election.

Furthermore, many voting machines have built-in wireless capability which will expose the voting machines to the Internet when transmitting election results.[3]

 

Which electronic voting systems are worse than others?

Voting machines which record votes electronically are the most vulnerable to undetectable errors or hacking because the digital record can be altered by hackers without any evidence.

Touchscreen voting machines can produce a paper record but these machines are undesirable because studies show voters frequently do not verify the ballot has been recorded correctly, which means the paper ballot does not provide a reliable independent record of the voters’ selections

Furthermore, many of these touchscreens/paper or “hybrid” systems also record the vote choices in a barcode which is used to count the votes. Because the voters cannot read the barcode, the voters are unable to verify the vote choices are recorded correctly, which renders the paper ballot meaningless as a method of verification.

Any voting structure which transmits voted ballots electronically via email, facsimile or Internet portal is the most vulnerable to hacking as these ballots are directly exposed to cyber attacks. Thirty-two states allow some voters to send ballots over the Internet and these ballots are highly vulnerable to hacking.

 

Who owns the electronic voting technology and why can't the public view the software?

When a jurisdiction purchases commercially available voting systems, they typically purchase the hardware outright, but they must license the software as the vendors retain proprietary ownership of the software that is used to record and count votes. This means the county or state government must pay ongoing software licensing fees in order to use the software on the voting machines each year. Furthermore, because the software is proprietary, it is not available for public inspection and in most cases, cannot be inspected by the jurisdiction licensing the software.

 

Aren't current testing and certification requirements for these machines sufficient?

No. The testing and certification process tests for basic functionality and accessibility and cannot be relied on to ensure voting system security. Software and computer testing is notoriously unable to ensure a system’s security.

 

Why do we need a paper ballot?

Voting machines are computers, and like all computers they are susceptible to software bugs, programming errors and hacking which could mis-tally or corrupt the vote count. When votes are recorded only in digital form, the digital record of the voters’ selections can be altered undetectably. A voter-verified paper ballot provides a physical record of the voter’s intent that cannot be altered or manipulated by software errors or hacking.


Aren't paper ballots easy to rig - remember the old "stuffed" ballot boxes?

There will always be bad actors intent on cheating and rigging elections so we must find ways to mitigate and minimize the risk. It is possible to protect elections effectively from paper ballot fraud through robust physical security measure which can minimize the risk of fraud and/or make it extremely likely that the fraud would be detectable.

Electronic voting carries a much higher risk because it can be carried out undetectably and on a much larger scale. Research has concluded that a single individual could successfully rig electronic voting machines to manipulate a statewide election.[4]

 

What does it mean to "audit" with paper ballots?

Experts have long recommended that all elections should be audited before the winner is certified to ensure the results are correct. This entails using statistical models to retrieve a small sample of paper ballots that are examined by hand to ensure the machines recorded and counted the votes correctly. If discrepancies are discovered the audit can be escalated to a full hand count and the hand count of the paper ballots becomes the official result.

 

Don't we already audit our elections?

Less than a quarter of states do a post-election audit that manually examines the paper ballots which could catch an error in the election results and only two states currently conduct post-election audits that use statistics to provide reliable evidence that the election results are correct.  All states conduct post-election ballot reconciliation which will determine if the number of voters checked in matches the number of ballots cast. This procedure provides no evidence that the votes were not altered. Furthermore, in some states there is no remediation if the number of ballots and voters don’t match.

 

Can't we just get rid of all the electronic machines and just count all the ballots by hand?

Hand-counting ballots is common in Europe and Canada which has a parliamentary system of government where voters only cast one vote for their preferred party, which makes hand counting much simpler. U.S. ballots are far, far more complex making hand counting difficult in large jurisdictions.



When we find a problem with our voting results we always fix it, right?

Regrettably, no. Each state has its own election law and regulations governing the election process with varying procedures and responses to errors or irregularities. Establishing and adopting best practices in all 50 states for ensuring our election are secure and accurate would improve the trustworthiness of elections across the nation.


Who exactly is in charge of making decisions about voting technology and processes?

Again, this varies from state to state. In some states it is the Secretary of State or the State Election Director. In other states it is a State Election Board.


What can I do to help secure elections? I am a (citizen, organization, law maker)

Get involved and sign up to be a poll-worker with your local election board. You can also promote the adoption of voter-marked paper ballots and post-election audits to your state legislators and state and local election officials.

 

[1] “More than 4,500 North Carolina votes lost because of mistake in voting machine capacity,” Associate Press, Nov. 4, 2004

[2] Jaikumar Vijayan, E-voting System Awards Election to Wrong Candidates in Florida Village, COMPUTERWORLD, (Apr. 4, 2012),

http://www.computerworld.com.au/article/420523/evoting_

system_awards_election_wrong_candidates_florida_village/?fp=4&fpid=18.

[3] Kim Zetter, “The Myth of the Hacker-Proof Voting Machines,” The New York Times, Feb 21, 2018

[4] “The Machinery of Democracy,” Brennan Center for Justice, 2006

 

 

Contact: Info@ElectionDefense.org