acm-header
Sign In

Communications of the ACM

The problems and potentials of voting systems

Introduction


View as: Print Mobile App ACM Digital Library Full Text (PDF) Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook

Technology today plays a greater role in elections than at any other point in the history of democracy. The Florida 2000 experience served to accelerate an existing trend in the U.S. of replacement of legacy voting technologies (mechanical lever machines and punch cards) with computer-based systems (typically optically scanned paper or fully electronic systems). Simultaneously, many democratic nations worldwide are converting to electronic voting, led by Brazil in 2000 as the first country to use fully computerized balloting.

Election processes are inherently subject to errors and are also historically subject to manipulation and fraud. These processes therefore require extraordinary integrity (particularly for any computerized systems involved), as well as honesty and experience among people involved in administering elections. The election process can require considerable sophistication on the part of voters as well.

Voting is in fact a paradigmatic example of an end-to-end security problem representing a very broad spectrum of technological and social problems that must be systematically addressedfrom registration and voter authentication to the casting of ballots and subsequent tallying of results.

Each of the current technologies has its own set of vulnerabilities; none is infallible. However, the fully electronic voting systems have raised considerable controversy because of a variety of factors, such as the proprietary nature of the software, the weakness of the certification criteria, the inability of black-box testing to provide full assurances of correctness, the general secrecy of the evaluation process, the vendor-commissioned evaluations, and the lack of any mechanism whereby independent recounting of the ballots and auditing of the vote totals can be performed.

A lead editorial in the New York Times (June 13, 2004) entitled "Gambling on Voting" points out the bar is set much higher for gaming machines than for voting machines. "But the truth is, gamblers are getting the best technology, and voters are being given systems that are cheap and untrustworthy by comparison. There are many questions yet to be resolved about electronic voting, but one thing is clear: a vote for president should be at least as secure as a 25-cent bet in Las Vegas."


Voting is a paradigmatic example of an end-to-end security problem representing a very broad spectrum of technological and social problems that must be systematically addressed.


Socially responsible applications of computer technologies have long been a major interest of the ACM. Indeed, many members of the association have taken an active role in the debate and direction of election technology. Their activities have included testifying for federal and state legislatures and committee hearings, issuing detailed reviews of equipment, drafting position papers and Web materials, participating in standards development, advising election officials in procurement processes, and working with special interest groups and the media in order to develop consensus and understanding.

This special section presents a broad range of voting-related problems and would-be solutions from a variety of perspectives. Many of the authors are in direct disagreement; some take diverse positions even within their own ranks. However, we note that this collection of articles is but the tip of a huge iceberg largely obfuscated and perhaps only very slowly melting. Evidence is often anecdotal due to the fact that funding for research, development, and empirical analysis of election systems has been lacking, and that the systems themselves often lack auditability. Hence, this work should be viewed as insightful in its discussion of current practices as well as for raising questions about the validity of those practices and providing suggestions for further improvement.

The section opens with a trio of articles addressing the nature of standards and testing in the election community. Stephen Berger, a recently appointed member of the Help America Vote Act's technical commission, and Herb Deutsch, employed by one of the world's largest voting system vendors, describe the IEEE's efforts toward the development of a new implementation-independent voting system standard. Carolyn Coggins, of SysTest Labs, one of the agencies authorized to perform voting system software testing, provides a rare insider's view of the certification process. Merle King and Brit Williams present a summary of the election equipment review procedure they administer in Georgia, the only state in the U.S. to have fully computerized balloting and tabulation.

The next set of articles considers problems with existing procedures in the voting scenario that can be exacerbated by technology. The article by Anthony Di Franco, Andrew Petro, Emmett Shear, and Vladimir Vladimirov is the result of a debate conducted last April at the Yale School of Engineering's symposium "Voting in an E-Democracy." The undergraduate debate team members won this year's competition by arguing about the fallibility of vote tabulation, even with paperusing an analysis of potential effects of small shifts in votes. Douglas Jones, election equipment examiner for the state of Iowa and a specialist in paper ballot systems, draws attention to the manner in which the auditing process can be used to improve election system design. Rebecca Mercuri and Jean Camp, from the Belfer Center for Science and International Affairs at Harvard's Kennedy School of Government, explain the inherent problems involved in embodying codes of laws into software code controlling the operations of voting systems.

The final duo of articles focuses on the future of election technology. David Jefferson, Barbara Simons, Avi Rubin, and David Wagner analyze a U.S. system proposed for handling military ballots via the Internet. The earlier release of a longer version of their article may have played a role in the Department of Defense's decision to abandon the planned use of this system for the November 2004 election (although the project is merely tabled and may resurface at some point). Finally, Jason Kitcat considers the pros and cons of open source availability in e-voting systems, as viewed from the vantage point of his role as a developer of open voting software.

I would be remiss to not acknowledge the assistance of Rebecca Mercuri in the development of this section. Her extensive contacts in the election technology community led to the collection of authors and topics presented here. Over the past 15 years, her criticism of unauditable voting practices and her leadership in suggesting implementable solutions have directly influenced much of the current thinking on this subject, for which she should be commended.

Back to Top

Author

Peter G. Neumann (neumann@csl.sri.com) is principal scientist at SRI International's Computer Science Lab in Menlo Park, CA. He also chairs the ACM Committee on Computers and Public Policy and serves as moderator for the ACM Risks Forum.


©2004 ACM  0001-0782/04/1000  $5.00

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.

The Digital Library is published by the Association for Computing Machinery. Copyright © 2004 ACM, Inc.


 

No entries found