Secure Voting: What To Do, What Not To Do
One of the major election reform stories of 2006 is the efforts of states to comply with HAVA's 2006 voting technology deadlines, including the implementation of accessible technology and the replacement of punch-card and lever voting machines. In a weekly comment a couple of weeks ago, I shared some views on the state of voting technology, including both how we got to the place where we are now and what should be done next. One of the major points I made is that there's a great deal of experimentation going on in the states now, and we should take the time to study the results of these experiments before imposing new federal mandates.

Among the states that is struggling to meet HAVA's voting technology deadlines is Pennsylvania, as discussed here. The Pittsburgh Post-Gazette reports that Dr. Michael Shamos will be testing Sequoia's electronic voting system for vulnerabilities. As one of the people who understands not just the technology but also how real-world elections actually work, he's in a good position to evaluate whether the voting technology that Pennsylvania counties are planning to use really is vulnerable. This is a positive step toward moving the state into compliance with HAVA.

On the other hand, Florida's Leon County has had some well-publicized problems in obtaining compliant technology, as discussed in this Washington Post story. The problems started when election supervisor Ion Sancho brought in a Finnish computer scientist to test a Diebold optical-scan voting system, under the auspices of the "Black Box" voting group. That led to reports that the Diebold system could be hacked, although the company compares the test done to "leaving your car unlocked, with the windows down and keys left in the ignition and then acting surprised when your car is stolen." In any event, it seems that now none of the big three voting machine vendors (Diebold, ES&S and Sequoia) want anything to do with Sancho and Leon County.

While I don't condone the companies' refusal to do business with Leon County, it was poor judgment for Sancho to work in conjunction with the Black Box voting folks in conducting a test. These are folks who have clearly demonstrated that they have an agenda -- showing that voting technology is unsafe -- and are not above sensationalism in promoting this agenda. Thus, it shouldn't come as a great surprise that voting machine vendors aren't too anxious to sell their wares to Leon. It would have been more prudent to have had someone like Dr. Shamos conduct such a test, and the results obtained would've had much more credibility.

One other interesting voting technology item: The Georgia house voted to approve a study of "voter verified paper audit trail" (VVPAT) technology in three counties in November's general election. While I've been skeptical about whether VVPAT technology will actually provide a workable and effective solution to the security problems associated with electronic voting, if one really wants to determine whether this technology will function as intended, this is the way to do it -- that is, by experimenting with it in a few counties and then evaluating the results, rather than rushing to deploy technology that's not been successfully used anywhere throughout a state. Yet that's exactly what's happening elsewhere ... and we can expect that there will be problems. - posted by Dan Tokaji @ 9:16 PM