On Tuesday, the House Committee on Administration approved Rush Holt's (D-NJ) e-voting reform bill by a 6-3 vote. The vote broke down along party lines, with the six Democrats supporting the legislation, and the three Republicans opposing it.
As we reported last month, the legislation includes several provisions on the wish list of e-voting critics. It requires a voter-verified paper ballot, dictates that those ballots be the official record in the event of a recount, and mandates random audits of election results. It also prohibits voting machines with wireless network capabilities or connections to the Internet.
Before approving Holt's legislation, the committee accepted an amendment by Rep. Zoe Lofgren (D-CA) that made two important changes to Holt's original proposal. First, the amount of money made available to help states comply with the requirements of the legislation was tripled to a billion dollars. This was undoubtedly a response to the testimony of several state election officials who argued that the previous figure of $300 million would not be sufficient to allow the states to meet the legislation's requirements.
Limits on source code disclosure
Second, Lofgren's amendment significantly watered down the requirement that voting machine source code be made publicly available. Holt's original legislation had required that source code be "available for inspection promptly upon request to any person." The version approved by the House still requires vendors to disclose source code to an independent third party, but that third party may only disclose the source code to government officials, to parties in election-related litigation, or to a person "who reviews, analyzes, or reports on the technology solely for an academic, scientific, technological, or other investigation or inquiry concerning the accuracy or integrity of the technology."
In addition, under Lofgren's amendment, anyone who receives copies of the source code may also be required to sign a non-disclosure agreement. This isn't quite as bad as it sounds because the amendment requires that the non-disclosure agreement must:
Allow the signatory to perform analyses on the technology (including by executing the technology), disclose reports and analyses that describe operational issues pertaining to the technology (including vulnerabilities to tampering, errors, risks associated with use, failures as a result of use, and other problems), and describe or explain why or how a voting system failed or otherwise did not perform as intended.
It seems likely that this change was made at the urging of e-voting vendors, who were uncomfortable with the idea of their source code being available to the general public. But it's hard to see what rationale there could be for limiting source code disclosure. Piracy is certainly not a plausible risk: government purchasers aren't going to buy voting machines that run pirated software, and there's not much of a private market for e-voting machines.
The NDA requirement could, however, have two serious harmful consequences. First, by requiring people to jump through more hoops before they can get access to the source code, it is likely to reduce the total number of people who are willing and able to examine the source code for vulnerabilities, reducing the chance that serious vulnerabilities will be spotted in time. Second, regardless of what the legislation says, the non-disclosure agreement could give voting machine vendors a pretext for legal harassment of security researchers who publicize security problems with their products. The Lofgren amendment is still better than the status quo—in which no one is allowed to see voting machine source code under any circumstances—but it's a big step backwards from the excellent language of the original Holt proposal.
Dealing with damaged and missing ballots
Another possible weakness of the legislation is that it does not seem to deal very clearly with the risk that the voter-verified paper trail will be undermined by printer jams or lost ballots. The legislation is unclear on what procedure to follow in these cases. It states that if the paper ballots are shown to have been compromised, "the appropriate remedy with respect to the election shall be made in accordance with applicable State law, except that the electronic tally shall not be used as the exclusive basis for determining the official certified vote tally."
It would be difficult to craft legislation to directly prevent printer jams, but here's an intriguing approach that could help to address the problem, suggested to me by Ars' own Jon Stokes: require that if, during an audit, more than five percent of paper ballots are found to have been damaged, missing, or inadequately labeled, that the election in that precinct be re-held. That proposal would likely have positive effects on election security, but in light of the difficulties of pulling together an extra election on a few days' notice, it's likely that such a requirement would be fiercely opposed by state election officials.
Fortunately, even without such a provision, the legislation has several requirements that will give election officials good reason to pay careful attention to safeguarding the paper ballots. The law requires automatic random recounts of at least three percent of precincts in every congressional district or state, with higher audit rates for closer elections. Any widespread problems with the voter-verified paper trails are likely to come to light in the course of these recounts.
State action on e-voting
The Holt legislation must still be approved by the full House of Representatives, and companion legislation will also need to be passed by the Senate. But while Congress deliberates, the states have not been standing still. In the last two weeks, Florida's house and senate have both passed legislation replacing the state's touchscreen voting machines with an optical-scan paper system. The change was made at the behest of Florida's new governor, Charlie Crist, who is determined that his state avoid yet another round of embarrassing election problems. And yesterday California Secretary of State Debra Bowen initiated a comprehensive review of the state's election systems, including creating a "red team" who will be given access to voting equipment in order to probe it for vulnerabilities.
Regardless of what happens in Congress, the developments in Florida and California make it clear that the tide has turned in the debate over e-voting. Until the 2006 elections, it was widely believed that touchscreen voting was the wave of the future. Critics of computerized voting faced an uphill battle convincing the public of their dangers. Today, touchscreen voting machines are widely seen as buggy and insecure—even anachronistic. It may take a few years to completely phase out touchscreen voting machines, but the debate is increasingly not over whether to phase them out, but when and how to do so.
reader comments