News » Up Front

Brave new elections

New machines open door for disabled-and fraud

by

comment

This past election day, Missoula’s ballot tabulator was working so hard observers could actually see the 20-year-old scanning machine smoking in the Missoula County Courthouse. But by 2004’s presidential race, Missoula will have ushered in new voting technologies including the “precinct counter,” a ballot box scanner that can alert voters if they’ve over- or under-voted. Optical scanners will still be used to count absentee ballots, but most data will be tabulated through the use of the precinct counters, whose data can be downloaded onto a disk and loaded into a PC at the County Courthouse, according to Missoula County Clerk and Recorder/Treasurer Vickie Zeier.

A more controversial coming change in election policy—not just in Missoula or Montana, but all across the U.S.—is the introduction of Direct Recording Equipment (DRE). A DRE is a touchscreen which digitally records votes. Each polling location throughout Montana will have a DRE machine available for voters who opt out of the more traditional optical scanning method—an audio-feedback option Zeier says will be particularly popular with the blind, who previously have had to enlist assistance to cast an accurate ballot, and the disabled, who will be able cast their vote on the mobile machine from their car.

“I saw a lady who’s blind that used the DRE and started to cry because she’s never been able to cast a private ballot in her life,” Zeier says.

Changes coming at Montana voters stem from the federally mandated Help America Vote Act (HAVA), which was passed into law after the 2000 election debacle in Florida. HAVA hasn’t yet received its full funding, but each state is required to come up with a HAVA implementation plan. Zeier served on the 20-member Montana Election Reform Advisory Committee which contributed input to Secretary of State Bob Brown’s preliminary state HAVA plan, and she says she is satisfied with the drafted results.

Another member of the Election Reform Advisory Committee, Sen. Carolyn Squires (D-Missoula), is not.

“I am not going to sanction that report,” Squires says of Montana’s HAVA draft, even though her name appears on it.

“This was supposed to solve the problems of the hanging chad, but I think they took a huge mallet to kill a small bug,” says Squires.

DRE technology is one aspect of Squires’ “huge mallet,” and much of the concern over DRE has centered on ownership of the technology. The CEO of Diebold, the second largest voting machine company, is Ohio’s Walden O’Dell, an avid fundraiser for George W. Bush who, after attending a meeting of Bush’s fundraising “pioneers” and “rangers” at Bush’s Crawford, Texas, ranch, wrote a letter to potential fundraisers stating his commitment to “helping Ohio deliver its electoral votes to the president next year.”

Likewise, the nation’s largest DRE company, Election Systems & Software (ESS), is owned by Michael McCarthy, campaign finance director for Nebraska’s Republican Sen. Chuck Hagel. Hagel, a former CEO and chairman of ESS, still held ESS shares even as his finance director’s voting machines tabulated the majority of Nebraska’s election, from which Hagel emerged victorious.

VoteHere, a software company seeking to install cryptography devices into all the other companies’ voting machines, has on its board of directors Robert Gates, the former CIA director who now works at the George Bush School of Business, and VoteHere’s chairman is Admiral Bill Owens, a member of the Defense Policy Board and close supporter of Vice President Dick Cheney.

Most of this information has come to light thanks to the efforts of Bev Harris, a Seattle-based literary publicist who quit her day job in order to work on a forthcoming book, Black Box Voting, and a website, www.blackboxvoting.org, along with a team of 22 computer scientists.

“I was just on my lunch hour and I decided to search LexisNexis and find out who owns [the voting technology companies]. No big deal, right?” says Harris. “But the name that pops out was Chuck Hagel, a Republican Senator running for office at the time. So I thought, ‘Well surely this has been reported,’ but it hadn’t. Then I thought, ‘Well surely he disclosed it,’ and I looked at his disclosure documents and he hadn’t. So then I thought, ‘My goodness!’”

That discovery was the first of several that Harris would make in the ensuing months. When Diebold left thousands of internal documents available on an unprotected website, Harris downloaded them. What she found included hundreds of internal memos discussing the company’s security problems. The problems were not entirely theoretical, either. One memo discussed an “unauthorized upload” during the 2000 presidential election which negated 16,000 votes for Al Gore and added 4,000 for George W. Bush in Florida.

“The correct votes were on a card numbered ‘zero,’ and… those votes were replaced with card number ‘three,’ and card number three had everything correct in all the races except the presidential race…card number three is now missing,” Harris says. “The memos are quite clear about this. In fact, in one, one programmer wrote, ‘Be careful. The boogieman might be reading these.’”

Among the files, Harris also found one titled “Rob Georgia,” which contained instructions for replacing voting system files for the 2002 congressional elections.

“I knew it was illegal because I had done enough research on how they do the certification,” Harris says. “Georgia had several upsets and was using 100 percent Diebold touchscreen machines. After seeing that file, I knew we had a problem.”

Harris’ investigation soon spread among activists and college campuses, whence the information was widely posted on the Internet. Before long, Diebold began sending cease-and-desist orders to students and activists.

“That’s because the information in [the memos] will sooner if not later pull the plug,” says Harris, “because they’ve got admission after admission that they’re using uncertified software.”

While none of the DRE companies have been willing to open up their operating systems to public scrutiny, it’s clear that the industry is aware of the public relations nightmare potential of the Diebold situation. David Allen, the publisher of Black Box Voting, attended a phone conference of all the major DRE companies, thanks to a tip leaked to Harris from a voting technology insider. Allen tape-recorded the meeting, in which Harris Miller of the Information Technology Association of America (ITAA), a lobbying firm specializing in tech companies, revealed the full extent of the industry’s covert PR campaign.

“I just don’t like to put it in writing because if this thing winds up in the press somewhere inadvertently, I don’t want the story saying the e[lectronic] voting industry is in trouble and decided to hire a lobbying firm to take care of their problem for them,” Miller said, according to Allen’s tape.

The phone meeting of DRE companies—which Harris contends borders on collusion—also revealed that the Election Systems Task Force, a body identified as being essential to the passage of HAVA, was comprised of defense contractors and procurement agencies such as Lockheed-Martin, Northrop-Grumman, Accenture and EDS.

Allen’s tape paints DRE companies as eager to win over skeptics such as Missoula County Commissioner Barbara Evans.

“I do not want a voting system that doesn’t leave the ability to count votes by hand, because the public needs to feel confident that there is a way to double-check,” says Evans.

Squires is similarly concerned.

“I guess we wait for the first glitch and then try to close the door, but who wants to lose the first election?” she says.

In fact, at least one glitch has already shown up in Fairfax, Va., where a malfunction discovered in WINvote computer touchscreens this past election may have cost Republican school board member Rita S. Thompson her seat, as reported by the Washington Post.

With questions looming, Squires wonders if Montana ought to slow down its charge toward purchasing 710 DRE machines at a cost of around $2.8 million prior to the next election.

Not possible, says Amy Sullivan, Montana’s HAVA coordinator in the Secretary of State’s office.

“We have the HAVA deadlines and we have to meet those,” Sullivan says. If the state does not comply, Sullivan says, “the Justice Department has made it very clear that Attorney General [John Ashcroft] would fine us with a penalty.”

Sullivan assures that, unlike other states, Montana will demand that any voting machine it buys be capable of producing a paper trail. That may appease a Barbara Evans, but not a Bev Harris, who contends that without an active audit process in place, a paper trail is meaningless. Secretary of State Brown’s preliminary HAVA plan for Montana does not include an audit clause. It does include a list of performance goals, but none of those goals include checking the system to make sure it produces an accurate vote count.

“We get wrapped up in the scary parts of it,” Sullivan says, “but let’s also talk about the good points of HAVA,” including provisional voting for those who are mistakenly left off of voter rolls, as well as new convenience for disabled voters.

Sullivan and Secretary of State Brown stopped by the Independent office on Nov. 17 to drop off a September statement from the National Association of Secretaries of State (NASS) regarding voting security. The statement reads, in part, “We feel the issue of voting system security needs a more careful review by the scientific community—in particular, the [Department of Commerce’s] National Institute of Standards and Technology (NIST).”

An official-sounding name, argues Bev Harris, but the watchdog wonders exactly how “independent” the independent committee is, given a segment of Allen’s tape in which lobbyist Miller tells the gathered DRE companies that if NIST sought a committee chaired by someone such as Dr. David Dill, “no one would want to play.” Dill, a Stanford University professor of computer science, has been a vocal critic of DRE computer security, urging support for HR 2239, a bill that would require a voter-verified paper trail for all 2004 elections.

The ITAA also suggests that DRE companies might want to “re-engineer” the certification process in order to forestall criticism from watchdogs “who are somewhat credible.”

But NIST’s website reveals an agency acting more as a public relations machine than an organ of research; the site’s “computer security research” page reads, “As part of its responsibilities under [HAVA], the Commerce Department’s National Institute of Standards and Technology (NIST) will hold a symposium on building trust and confidence in voting systems at the agency’s Gaithersburg, Md., headquarters on Dec. 10–11, 2003”—prior to the “careful review” recommended by the Secretaries of State.

Asked about the appropriateness of promoting “trust and confidence” in a system prior to that system’s scientific review, NIST spokesman Phil Bulman replied, “Nobody has ever asked me that before.”

Given that HAVA coordinators such as Sullivan and Brown have had only approximately six months to work on implementation plans for next year’s election, the question arises: “What’s the hurry?”

“When we saw that Johns Hopkins study [in which a computer-security expert diagnoses Diebold’s security coding as laughably hackable], part of us thought, ‘Gee, maybe we shouldn’t go ahead until we figure all of this out,’” says Sullivan. “But then we thought, ‘And wait one more election where people who’ve never been able to vote independently don’t get a chance to vote?’”

While Squires understands the desire to make voting more accessible to the disabled, she wonders if we have fully considered what may come hand-in-hand with such an effort—namely, the most severe threat to the integrity of the U.S. electoral process in history.

“We’re opening up something for [the disabled], but we have to be careful that no one takes advantage of this, because someone could,” she says.

Harris is more pessimistic.

“If you have a door open, human nature is such that someone will walk through it,” she says.

Judging by the as-yet unexplained “unauthorized upload” of 20,000 votes in Volusia County, Fla., in the 2000 presidential election, it seems someone may have already walked through that door.

Add a comment