It is impossible to deny that there are benefits to many of the electronic voting methods that have been used in the past or are being used currently. Accessibility to the electoral system and the ability to vote secretly and independently are essential to maintaining the satisfaction of the franchise with the electoral system. Efforts should be made to ensure that disabled voters, for example, can vote independently if the option becomes available. The difficulty arises when attempting to balance the risks associated with new technologies (and the perception voters have about the security of their vote) with a desire to encourage participation in the electoral process by making voting easy and accessible to as many people as possible.
Commentators cite many concerns with e-voting. Two of the most pressing appear to be a lack of both security and transparency. Some concerns are system-specific. The HBO documentary Hacking Democracy explores how votes are counted in the US. Their focus is on the machines manufactured by Diebold and the procedure for saving their results in case of a recount, spurred on by the 2000 Presidential results in Volusia County Florida where the voting machines counted Al Gore’s votes backward so that he received a negative total.
Regardless of whether any of these concerns ever come to fruition, the perception of the electorate is crucial to the viability of the electoral system. If the franchise does not believe in the integrity of the electoral system, voters will not want to participate and will call the legitimacy of the government into question.
Security Risks and Counting Irregularities
Many “first-generation” DRE systems do not generate a paper verification of a voter’s ballot. The only confirmation is what appears on the screen. There is no way to verify that what the voter has selected and what appears on the screen is what is recorded in the computer’s memory and later counted.
A Diebold Voting MachineSource: angelino.usc.ca
In 2004, a group of computer scientists, including Dr. Avi Rubin of Johns Hopkins University, produced an "Analysis of an Electronic Voting System".1 The report and Rubin’s findings are featured prominently in Hacking Democracy. While the assumptions made by Rubin and his team regarding how the system functions during a real election have been criticized, Rubin makes a valid point about paperless DRE systems:
The most fundamental problem with a [paperless DRE] voting system is that the entire election hinges on the correctness, robustness, and security of the software within the voting terminal. Should that code have security-relevant flaws, they might be exploitable either by unscrupulous voters or by malicious insiders [election officials, developers of the voting system, developers of the embedded operating system on which the voting system runs].”2
In “The Paperless Chase”, Tokaji, also writing in 2004, was correct that the debate that was and is raging in the US over paperless electronic voting, traditional paper-based electronic voting and electronic machines that generate a contemporaneous paper record, would not be resolved in time for the 2004 election.3 With the 2008 election now is sight, the debates are still raging with no sign of a resolution by November.
Rubin and his team found significant and wide-reaching security flaws in Diebold's 2002 source code (which Diebold inadvertently made available on a public FTP where it was discovered by Black Box Voting founder Bev Harris). Rubin's team found voters can easily program their own smartcards in order to cast multiple ballots with no built-in traceability, administrative functions can be performed by regular voters, and the threats posed by insiders such as poll workers and software developers is even greater. They also found multiple flaws in the written code itself, the details of which go beyond the scope of this project.4
Online Voting
Some concerns are specific to online voting. Mike Smit has his Masters and Bachelors degrees in Computer Science from Dalhousie University and is currently a PhD student at the University of Alberta Department of Computing Science. He wrote the online voting system yourVote for the Dalhousie Student Union. The system is designed for use in any online voting situation. I asked him what vulnerabilities he sees in online voting. He pointed out that many aspects of online voting are secure. “Assuming we can somehow get everyone a username and password, we have little problem encrypting the traffic, keeping hackers out, and so forth. We do online banking, and that's a much bigger target than online voting,” Smit writes. He went on to highlight some of the problems that have yet to be solved:
The biggest one is that anyone can be 'shoulder-surfing' while you vote. [Election officials] have no way of guaranteeing that no one is standing there with a gun to your head, forcing you to vote a certain way. Or that someone isn't looking over your shoulder to make sure you vote a certain way before they give you the $10 they promised.
The second concern that Smit raises is that there is no way to guarantee that the correct person is casting a ballot online. All that is known is that they have the necessary information. One could hypothetically gather up all their apathetic friends who are not planning to vote and ask for their information, thus gaining the ability to cast multiple votes. Smit points out that this is not a problem with the current system where identification is verified at polling stations, which could also be done at a polling station where machines are used.
A security concern Smit highlighted is that in an online voting system, “your computer is necessarily part of the voting system,” and because the people running the election are unable to control individual computers, the system becomes open to the vulnerabilities present on each computer (viruses, trojans, etc.)
Online voting also has the potential for ‘stolen votes’ by way of ‘phishing’, whereby voters are defrauded into entering their voting information into what appears to be a trustworthy website, not knowing that the information is being collected and used by the fraudster.
These many concerns, if widely held by the electorate, could have a detrimental effect on the confidence of voters in the electoral system and call the legitimacy of the government elected under such a system into question.
Transparency
A lack of transparency in e-voting systems arises because the technology used in such systems is often subject to certain protections that prevent its availability to the general public. In Hacking Democracy, we learn, “the [Diebold] software is a trade secret. It’s against federal and state law to look inside Diebold’s voting machines.” Even the technical advisor to California’s Secretary of State, David Jefferson, was not allowed to look at the software. The inability of the people running the elections to examine the software they use (and that the government has paid a significant amount of money for) is troubling given that there is no secret to how paper ballots work.
Regarding code for an online voting system, Smit explains, "In theory the code we write is copyrighted. We can patent algorithms and ideas, though not code." In spite of not being able to patent code, there are methods available to programmers to prevent people from being able to verify that the code does what it is supposed to do.
The solution to this problem that Smit highlights is to make the software open source so that anyone can download it, submit patches for it, and so on. Smit explains, "Then the government's contract is with a company that provides service and the technical support, not the company that wrote the software (though in practice, one company is writing most of the software)."
This myriad of issues has the potential to raise questions among the electorate which threatens the legitimacy of the systems and thus the outcome of elections.
1 Kohno, Tadayoshi, Adam Stubblefield, Aviel D. Rubin, and Dan S. Wallach. "Analysis of an Electronic Voting System." Johns Hopkins University Information Security Institute Technical Report. TR-2003-19, 23 July 2003. [Rubin Report]
2 Ibid. at p. 3.
3 Tokaji, supra. at p. 3.
4 Rubin Report, supra. at pp. 4 and 21.
No comments:
Post a Comment