Wednesday, February 7, 2007

Rep. Holt Introduces Electronic Voting Reform Bill

People For The American Way (PFAW) released an email and a press release yesterday about a new bill that will be introduced in the House soon. It's Rep. Rush Holt's (D-NJ) bill about electronic voting machines. Here is the bulk of the email. I'm sure they won't mind if I quote it verbatim:

Representative Rush Holt (D-NJ) has reintroduced the Voter Confidence and Increased Accessibility Act [Cujo359: I will use the acronym VCIAA to refer to this bill].

Please add your name to our petition to Congress to PASS THIS BILL!

Following last week's introduction of Senator Barack Obama's Deceptive Practices and Voter Intimidation Act, Rep. Holt’s bill signals this new Congress' commitment to correct serious problems with our elections that were neglected for years by Republican-led Congresses. Passing these and other measures will require sustained public pressure on Congress. They need to hear from you now to show the tremendous grassroots support for comprehensive election reform.

Rep. Holt has introduced version of this bill in 2003 and 2005. It's way overdue. The aim, as the PFAW states, is to make our voting system more accurate and better able to serve voters with disabilities. I could not find a copy of the VCIAA 2007 online yet, so will quote from the old one. Once a new version is online, I'll update with any differences I find.

Any American who hasn't heard about the voting problems in Florida in 2000 and Ohio in 2004 has probably been living in a cave for the last decade. These, and other instances of improper and suspicious vote counting, are troubling indications that our voting systems, both the machines and the process, need to be fixed. Rep. Holt's campaign site makes the case well:

The 2000 election was highly contested, but there was physical evidence - punch cards - through which the results could be independently confirmed. In 2004, more than 43.5 million voters (25%) voted on electronic voting systems that cannot be independently audited. While the 2004 election was also highly contested, there were even fewer audit trails to review than in 2000 (only 12.5% of registered voters voted on unauditable electronic voting systems in 2000).

Sign the Voter Confidence Petition in Support of H.R. 550

[NOTE: The petition this quote was taken from is no longer valid. It is for the 2005 version of the bill. Use the PFAW links].

The VCIAA attempts to ensure that all votes can be verified in the future. To continue quoting from the PFAW email:

Rep. Holt’s bill requires the following for ALL federal elections starting in 2008:

  • Paper Ballots -- ALL voting machines must produce a paper ballot
  • Audits -- ALL voting machines must be audit-able
  • No Secret Source Code -- ALL voting machine vendors MUST make the machines’ software available for inspection
  • Ban on Wireless Devices -- Prohibits wireless technology in voting machines
  • Access for All Eligible Voters -- Ensures disabled and minority language voters can vote privately and independently

Let's take these points one at a time.

Paper Ballots

First, paper ballots as backup are essential. Even assuming there are no bugs in an e-voting system that would cause a miscount, improper handling or component failure in an e-voting machine could lead to lost votes. Having a backup for counting those votes is essential for this reason alone. In addition, the paper ballots can be compared against the electronic tallies at randomly selected precincts. This is a good way of both validating that the systems are working properly and that the voting process is working properly. In other words, it's a good way to tell whether vote totals are being altered through bugs in the voting machines, of if the vote totals are being tampered with.

Auditing and Verification

Of course, paper ballots help make e-voting machines auditable, but it must also be possible to verify that a voting machine's software is the correct version, and that the software itself has not been altered in some way. This can be done using a checksum or series of checksums. In addition, random audits of the system hardware also should be possible to ensure that no unauthorized modifications have been made for the purpose of altering vote counts. The 2003 version of the VCIAA specifically mandated such checks:


The Election Assistance Commission shall conduct manual mandatory surprise recounts of the voter-verified records of each election for Federal office (and, at the option of the State or jurisdiction involved, of elections for State and local office) in .5 percent of the jurisdictions in each State and .5 percent of the overseas jurisdictions in which voter-verified records are preserved in accordance with this section immediately following each general election for Federal office, and shall promptly publish the results of those recounts. The treatment of the results of the recount shall be governed by applicable Federal, State, or local law, except that any individual who is a citizen of the jurisdiction involved may file an appeal with the Commission if the individual believes that such law does not provide a fair remedy.

Voter Confidence and Increased Accessibility Act of 2003

Whether 0.5 % of precincts is enough is a question I'll leave to statisticians, but the principle is valid.

Open Source Code

Source code is the human-language instructions that computer programmers write for computers. They are then compiled or interpreted by a computer to turn them into instructions a computer can understand. This source code must be available to the general public, and to computer programmers in particular, without requiring non-disclosure agreements. In my opinion, it should be open source. This would make it should be accessible to the public at large, who can point out flaws in its design without being silenced or bullied by the requirements of an NDA. This was implicitly part of previous versions of the VCIAA:

This section also adds a new section to HAVA covering software and modems. This amendment requires that the software contained or used in voting systems is disclosed to the Federal Election Commission as source code and that the code can be made "available for inspection upon request to any citizen"

Voter Confidence and Increased Accessibility Act of 2003 (

This open source policy should include the operating systems and any supporting software required by the voting software, as well. Several open source operating systems are available, including OpenBSD, which is specifically designed to operate securely.

Wireless Networking Disallowed

Computer security is about making it harder for someone to break into a computer. There are no absolute guarantees that a computer will not be broken into, but making it more difficult makes it less likely. Toward that end, banning the use of wireless networking, commonly referred to as "wifi", is one way of making it more difficult. Without wifi, physical access to the network or the voting machines themselves is necessary, which makes it less likely will be able to break into the systems unobserved. With a wifi network, all someone would need is the key used to encrypt the transmissions, which would be easy to do by both technological and old-fashioned methods. It would then be possible to break into a voting machines' network from the parking lot outside the polling place, or from a room down the hall. This is one of the reasons the Defense Deptartment, among other users with security concerns, discourages or bans wifi from secure networks.

Enhanced Accessibility

Part of the motivation for using electronic voting machines is to make them more accessible to voters with disabilities including being visually impaired or having nerve conditions that make accurately marking a paper ballot difficult. The 2003 version of the VCIAA attempted to ensure that this was done as well as possible:

(c) SPECIFIC, DELINEATED REQUIREMENT OF STUDY, TESTING, AND DEVELOPMENT OF BEST PRACTICES- In addition to any other requirements under the Help America Vote Act of 2002, the Election Assistance Commission shall study, test, and develop best practices to enhance accessibility and voter-verification mechanisms for disabled voters.

Voter Confidence and Increased Accessibility Act of 2003

In short, it mandated that e-voting machine designs would be reviewed to ensure that they employ the best technology available for people with disabilities.

Our votes are too precious to count them badly, and there is no reason that they should be counted badly from a technological perspective. As Rep. Holt's prepared statement supporting this new version of the Act notes:

“Make no mistake: the need for election reform in this country is urgent. We’re facing an election in 2008 which will decide control of Congress and the presidency, as well as thousands of down-ballot races. Many of these races will be close. Americans deserve to know that they will cast a vote that will be counted—and, if necessary, recounted, by fair and independent observers.

“Martin Luther King, Jr. many times used the phrase ‘the urgency of now.’ If these reforms are to be in place for 2008, we must act now. People For calls on all Republicans, Democrats, and Independents to make sure that legislation addressing these problems becomes law by this summer. The heart and soul of our democracy is at stake.”

Representative Rush Holt Introduces Election Reform Legislation

Computers can be made to do their jobs reliably and securely. Automated teller machines, and cryptographic systems are examples of computer systems that have been designed to function with the minimum possibility of tampering or fraud, and maximum reliability. The key to making such systems secure and reliable is using a peer-reviewed and verified software development process. So far, this has not been done with e-voting machines, mostly, I think, due to concerns about cost. The fault isn't in the computers, but in ourselves. So, please sign the PFAW petition and write or call your representatives asking them to support these bills.

UPDATE: I emailed PFAW about the bill, requesting a link to an online version of it. They said they'd get back to me. I've also added subheadings so it's clear what points of the email I'm refering to.

UPDATE2: Here's a complete copy of the proposed bill:

Thanks to Josh Glasstetter at PFAW for locating it. It may change a bit before it's officially up at the Library of Congress site. It's quite long, so it's going to take a bit of time to digest.


Anonymous said...

Whoa!! The Holt bill, however, deceptively uses the term paper "ballot" yet the HOlt "ballots" will simply NEVER be counted in the first count on election night. Ever.

And, on top of that, although the Holt bill II provides for a sign that will hang in bold letters in each polling place stating that the paper "ballot" is the ballot of record for "ALL RECOUNTS AND AUDITS" that is also UNTRUE. As section 327 states, if your state for example has an automatic machine recount provision that is triggered, you'll get a machine recount (such as just reprinting the DRE totals which is meaningless) and Holt II, by its own terms, does not require any audits of any kind whatsoever.

The analysis is continuing, but the point here is that Holt is not what it purports to be. You'd think a ballot would be counted on the first count, Holt's "ballots" never are. You'd think a sign in every polling place would mean an audit in every polling place, but you'd be very wrong about that.

Stay tuned for more revelations about how Holt is not what it appears to be.

Cujo359 said...

Whoa!! The Holt bill, however, deceptively uses the term paper "ballot" yet the HOlt "ballots" will simply NEVER be counted in the first count on election night. Ever.

Nothing I wrote said otherwise. How states view election results is still largely their own concern. The Holt Bill just defines one of the methods of validating the result.

As section 327 states, if your state for example has an automatic machine recount provision that is triggered, you'll get a machine recount (such as just reprinting the DRE totals which is meaningless) and Holt II, by its own terms, does not require any audits of any kind whatsoever.

You seem to have skipped half of Section 327, namely the half in bold:

‘‘This subtitle does not apply to any election for which a recount is required automatically under State law because of the margin of victory between the two candidates receiving the largest number of votes in the election. Nothing in the previous sentence may be construed to waive the application of any other provision of this Act to any election (including the ballot verification and audit capacity requirements of section 301(a)(2)).

In other words, a state is not obligated to use hand recounts if their laws already permit automated counts. They are not released from their other obligations to audit and so forth.

This, by the way, is what is known as a "strawman argument". The bill wasn't meant to do what you say it's meant to do.

The analysis is continuing, but the point here is that Holt is not what it purports to be.

Actually, it is what it purports to be. "The analysis is continuing"? Give me a break. Next you'll be telling us it's fake because it doesn't stop voter intimidation.

Mark E. Smith said...

The requirement for mandatory audits is a fake. Even a requirement for 100% audits would be useless, no less 0.5%.

In California's 50th Congressional District, the candidate was sworn in as a Member of Congress before all the votes were counted and before the election was certified. When citizens asked for a recount, Congress said that according to the Constitution, once a Member is sworn in, only Congress has the right to order a recount.

We know that voting machines are subject to what the elections industry laughs off as "glitches," little things like subtracting 16,000 votes in one district, losing 18,000 votes in another, or registering 4,000% more votes than there are registered voters in a third.

Trusting to audits is like leaving your kids with a known child molester for the evening, and saying that it is okay because you'll take them to the doctor to be examined tomorrow to make sure they weren't molested. No audit or examination can undo the damage once something as precious as your children or your democracy has been harmed. Responsible citizens vet baby-sitters and elections systems carefully to prevent damage to democracy, rather than relying on audits or examinations to ascertain afterwards, when it is too late and the harm cannot be undone, if there has been any damage.

What we need in elections is full citizen oversight, and this cannot be achieved with voting machines because no human can see what goes on inside a machine and machines cannot be audited in time to prevent irreparable harm.

Only paper ballots that are cast by voters with pen or pencil without the use of marking machines that could produce butterfly ballots, hanging chads, or discrepancies between what is printed and what is fed to the central calculator, can be fully trusted. And those ballots need to be hand-counted at the precincts on election night in full public view with videotaping allowed to prevent fraud.

Take a look at what computer security expert Chuck Herrin has to say before you make up your mind:

Chuck Herrin

Our votes determine the people who get to decide how our tax money is spent, so we have a right to demand at least as much security in our elections as we demand from our bank.

Cujo359 said...

Mark E. Smith said...

The requirement for mandatory audits is a fake. Even a requirement for 100% audits would be useless, no less 0.5%.

As a validation of a design, it's fine. As a validation of a vote in a particular election, 0.5% may not be enough. I'll go with what statisticians say on that. My opinion is that if you've looked at something like 1% of the vote and not found a problem, there probably weren't any that were due to machine error.

You and Chuck Herrin both seem to think that there was no vote fraud or electoral mishap that preceded the use of e-voting machines. That is simply not the case. Paper ballots are no more proof against fraud than electronic, the method of the fraud is simply different.

If you travel by air, your life is dependent on the proper operation of a closet full of computers. You depend, whether you know it or not, on computers to properly count your money and transfer it accurately. Computers can be made extremely reliable, to the point where they can rival or surpass any process based on human judgement. They can also be made secure. The real problem is that achieving this reliability and security is a serious and expensive process. Is it worth the effort? I think that's what the debate is about.

I'm somewhat agnostic on the whole paper vs. e-voting debate. It seems that the government is determined to try e-voting machines, and they have some good reasons. They make it possible for people with certain handicaps to participate in voting more easily. They also, if they are in working order, make vote counts much more quickly. Whether e-voting is better or worse is a debatable point, but I'm not inclined to take seriously anyone who makes analogies to child molesting and accuses an entire industry as "laughing off" problems related to their product.


cujo .... Let us hope these things are fixed. Just think, all this because some old people in Fla. were confused by some lousey punch cards.

New left wing propaganda
This Bear Has Something to Say .... Version II

Cujo359 said...

Yes, Colorado Bob, sometimes the cure can be worse than the disease. But there is also wisdom in thinking of problems being opportunities, as well. This is an interesting experiment in how to make our government more representative of us, and to make our elections process more reliable. If that turns out to be a failure, then we'll just have to chalk that one up as another bad idea. There is, however, no technical obstacle to this working out correctly. There are only obstacles of cost and our collective will as a society to work on making it right.


See my current post.