Civil Rights Organizations Applaud Renewal But Call For Stricter Enforcement Of Its Provisions

A bill to reauthorize expiring provisions of the Voting Rights Act of 1965 for another 25 years was passed unanimously in the US Senate yesterday. The vote was 98-0 with two Senators, Micahel Crapo (R-ID) and Michael Enzi (R-WY), not voting. The bill now goes to the President's desk for signature.

Senator Barack Obama (D-IL), the only African-American member of the Senate, commented, "Despite the progress these states have made in upholding the right to vote, it is clear the problems still exist."

The House passed the bill last week 390-33 over opposition from a small but vocal group of Representatives that objected to renewing a law that requires their states to submit changes in election laws to the Justice Department for "pre-clearance". Though some Senate Republicans voiced similar concerns during floor debate, none voted against the bill.

"Other states with much less impressive minority progress and less impressive minority participation are not covered, while Georgia still is," said Senator Saxby Chambliss (R-GA). "This seems both unfair as well as unwise." Senator Linsey Graham (R-SC) commented "South Carolinians, you have come a long way, but we, just like every other part of this country, still have a long way to go."

Others objected provisions that require jurisdictions with large populations of non-English-speaking citizens to print ballots in languages other than English. Read the Entire Article

This article appeared on OpEdNews.com. It is reposted here with permission of the authors.

Most computer scientists have long viewed Diebold as the poster child for all that is wrong with touch screen voting machines. But we never imagined that Diebold would be as irresponsible and incompetent as they have turned out to be.

Recently, computer security expert Harri Hursti revealed serious security vulnerabilities in Diebold's software. According to Michael Shamos, a computer scientist and voting system examiner in Pennsylvania, "It's the most severe security flaw ever discovered in a voting system."

Even more shockingly, we learned recently that Diebold and the State of Maryland had been aware of these vulnerabilities for at least two years. They were documented in analysis, commissioned by Maryland and conducted by RABA Technologies, published in January 2004. For over two years, Diebold has chosen not to fix the security holes, and Maryland has chosen not to alert other states or national officials about these problems.

Basically, Diebold included a "back door" in its software, allowing anyone to change or modify the software. There are no technical safeguards in a place to ensure that only authorized people can make changes. Read the Entire Article

This article was published in the electionline newsletter. It is reposted here with permission of the author.

The effectiveness of the 2005 Voluntary Voting System Guidelines was the planned subject of a joint U.S. House Committee on Science and Committee on House Administration hearing held yesterday. However, the continuing debate over the need for voter-verified paper audit trails (VVPATs) with electronic voting machines dominated the discussion.

At the outset of the hearing, House Administration Committee chairman Vernon Ehlers (R-MI, pictured at right), explicitly stated that the paper trail issue "won't be addressed today," promising a separate hearing on the issue in September.

However, with a steady stream of news stories about voting machine problems and dozens of paper-trail advocates filling the seats of the hearing room wearing T-shirts showing their support for H.R. 550, federal legislation requiring VVPATs and the auditing of voting systems, the issue could not be avoided.

H.R. 550, the Voter Confidence and Increased Accessibility Act of 2005, was introduced by Rep. Rush Holt, D-N.J. in early 2005 and has become popular among advocates as the primary vehicle to make VVPATs a federal mandate by amending the Help America Vote Act of 2002. If it passes, the bill would require the paper record to be used in recounts and audits.

"In the short-run, I think we also need to require paper trails - even though they have their own problems - to ensure that election results can be checked," said Rep. Sherwood Boehlert, R-N.Y., chairman of the House Committee on Science, in his opening statement.

This desire for paper trails - and more specifically, audits using the paper records - was endorsed by several of those testifying at the joint hearing.

"Studies have found that there are effective security measures available to protect election integrity, but many states have not implemented these measures. The most effective defense involves adoption of voter-verified paper records and mandatory manual audits of these records," said David Wagner, associate professor of computer science at the University of California at Berkeley. Wagner's comments echo the conclusions of a recent report on voting technology by the New York-based Brennan Center.Read the Entire Article

In one of the most extraordinary exchanges in an extraordinary hearing yesterday, Science Committee Chairman Sherwood Boehlert (R-NY, pictured at right) made a strong case for requiring voter verified paper records and mandatory manual audits of those paper records. During his five minute questioning period Rep. Bohlert commentd. "Let me get right to the heart of another question, and its brought up in the commentary in Dr. [David] Wagner's excellent testimony and the recommendations are to mandate voter verified paper records and mandatory manual audits. Sounds pretty good to me."

Later in the hearing, Rep. Boehlert commented, "Come sit in the Congress of the United States and hear some of our colleagues tell us repeatedly 'we don't want government mandates, this is wrong, and we don't need paper trails' and you got some of the vendors that are saying the same thing 'we don't need paper trails'. I think we need something that auditable, that we can check to make sure that things worked the way they were intended to work. So I grant you we need a little more time. but what about all these paper trail recommendations?"

Minnesota Secretary of State Mary Kiffmeyer (R, pictured at left) responding to Rep. Boehlert question of whether she supported a voter verified paper record requirement answered enthusiastically, "Absolutely, Chairman Boehlert, without a doubt. Recognizing the reality of the situation we are in today, the option for us was to do even better than the audit trail, but to do the actual paper ballots because the environment we are in right now today gave us the greatest level of security. But even there, Minnesota chose to do a source code review, to do post election audits as well, because we want to wrap the whole system."

Rep. Boehlert then began a straw poll of the witnesses turning next to EAC commissioner and former Colorado Secretary of State Donetta Davidson, asking "Well Secretary Kiffmeyer is for a paper trail, Dr. Wagner we know you're for it, because you recommended it, Ms. Davidson - yes or no?

Commissioner Davidson, also a Republican, replied "I was Secretary (of State) in Colorado when we passed paper trail, and we have an audit of that paper trail with the machine. So, I can only speak as myself - I'm not speaking as the agency. Just so that you know where I really came from." Read the Entire Article

The following written testimony was presented by Dr. David Wagner (pictured at right) before the Joint Hearing of the House Committee on Science and the Committee on House Administration on July 19, 2006. Dr. Wagner's interoduction can be found at the end of the report.

Background

Today, the state of electronic voting security is not good. Many of today's electronic voting machines have security problems. The ones at greatest risk are the paperless voting machines. These machines are vulnerable to attack: a single person with insider access and some technical knowledge could switch votes, perhaps undetected, and potentially swing an election. With this technology, we cannot be certain that our elections have not been corrupted.

Studies have found that there are effective security measures available to protect election integrity, but many states have not implemented these measures. The most effective defense involves adoption of voter-verified paper records and mandatory manual audits of these records, but only 13 states have mandated use of these security measures. (At present, 27 states mandate voter-verified paper records, another 8 states use voter-verified paper records throughout the state even though it is not required by law, and the remaining 15 states do not consistently use voter-verified paper records. Of the 35 states that do use voter-verified paper records statewide, only 13 require routine manual audits of those records.) Voter-verified paper records provide an independent way of reconstructing the voter's intent, even if the voting software is faulty or corrupt, making them a powerful tool for reliability and security.

The federal qualification process is not working. Federal standards call for voting machines to be tested by Independent Testing Authorities (ITAs) before the machines are approved for use, but the past few years have exposed shortcomings in the testing process. The ITAs are approving machines with reliability, security, and accuracy problems. Read the Entire Article

In the Joint Congressional Hearing of the Science and House Administration Committees on July 19, the question of the acceptable failure rate for voting systems was addressed to the panel of witnesses by Rep. Brian Baird (D-WA). Baird noted that "under the Voluntary Voting System Guidelines there’s an acceptance of a 9.2% failure rate of all voting systems used in any 15 hour period. I'm curious if that is actually the standard that we've set - a 9.2% failure rate - and if that's an acceptable standard, I’m very puzzled by that. That is, by the way, far less than an incandescent light bulb."

The absurdly lax reliability standard found in the current Voluntary Voting System Guidelines (VVSG), established by the Federal Election Commission in 2002 was carried over into the new standards adopted by the Election Assistance Commission last December, had previously been dismissed in public comment. This time it was acknoweledged immediately by NIST spokesman Mark Skall (pictured at right) of the Software Diagnostics and Conference Testing Division of the National Institute of Standards and Technology, who answered “Yeah, that comes from the existing standards and we're researching right now to actually update that and to make a much more acceptable failure rate."

Objecions to the acceptable failure rate was brought to the EAC's attention repreatedly during the public comment period and in public hearings of the Technical Guidelines Development Committee before the new VVSG wedre adopted and are detailed in Howard Stanislevic's report "DRE Reliability - Failure By Design”. An Open Letter from VoteTrustUSA to the EAC questioning the reliability standard and requesting action to improve it has been ignored so far. It is encouraging that the inadequacy of this standard has now been acknowledged and that a more acceptable failure rate apparently will be demanded of the machinery that counts our votes.

Will this take the form of an amendment to the new standards which don't tke effect until December, 2007? Or will it be part of the next iteration of the standards projected for adoption next summer and not effective until 2009? Are American voters stuck with a situation in which 1 out of 11 machines are allowed to fail in the 2006 and maybe even 2008 elections?

As Rep. pointed out to his colleagues on the committess "Given that many of us have lived or died on less than a percentage point margin in elections, including yours truly - I'd like to see a higher rate of reliability." Rep. Baird lost in his first attempt at election to Washington's 3rd District in 1996, Rep. Baird lost to incumbent Linda Smith by 887 votes, less than .4% of the votes cast.

Witnesses Reveal That While Touchscreens Are Expensive, Paper Ballots Are A Bargain

In his opening statement for the Joint Hearing of the Science and House Administration Committees last week, Rep. Sherwood Boehlert (R-NY) strongly endorsed the recommendation presented by Dr. David Wagner of the University of California Berkeley. "I think all of us need to pay close attention to the testimony that will be offered today by Dr. Wagner and to his recommendations for making sure that electronic voting machines make voting more accurate and more secure, not the opposite." He specifically noted Dr. Wagner's recommendation that Congress require a voter verified paper record of every vote, stating "we also need to require paper trails … to ensure that election results can be checked."

But what about the cost? Rep. Boehlert was clear on that count. "I don’t simply want to hear that the recommendations will be expensive. How much is American democracy worth? As a nation, we ought to be as willing to invest in election equipment as we are in campaign ads." The statements and responses from the two state election officials on the panel were revealing.

Those responses confirmed what numerous studies have shown: the use of touchscreen voting systems is vastly more expensive than paper ballot voting systems. Read the Entire Article

The following written testimony was submitted by VerifiedVoting.org to The US House of Representatives Committee on House Administration and Committee on Science Joint Hearing: "Voting Machines: Will the New Standards and Guidelines Help Prevent Future Problems?" on July 19, 2006.

There is a crisis of confidence today in electronic voting systems that are widely used across our nation. It grows each day as the public gains awareness of the inadequacies and vulnerabilities of those systems. The concern is perhaps greatest among those who have the most technical understanding of the computing systems that form the basis for the voting equipment.

The concerns that led to this crisis are not new, but no set of standards alone has been or will be sufficient to erase them.

There will be those who say the crisis is not the fault of inadequate systems but rather the fault of those who shed light on the inadequacies - a "shoot the messenger" approach to restoring the public's sense that they can be sure their votes will count. They are wrong. They might be able to bury their own heads in the sand, but asking the public to take it on faith that there's no such thing as a machine malfunction or someone who might want to tamper with an election is simply not good enough, and a simple review of historical fact belies that belief.

There will be those who say that system problems can be solved with a set of procedures. This too is a false fix, akin to directing the public to watch while we attach a big lock on the front door of the bank, while leaving the back door unlocked and the safe wide open. Good procedures are necessary, as are technical features that support system security, reliability and usability.

However, sometimes one needs mechanisms to prevent specific acts that doesn't depend on humans to follow rules. A procedural fix cannot alone solve a system problem. Read the Entire Article

The Democratic Party of Alaska is now suing to obtain the data from the voting machines to verify 2004 election results. The problem arises from the public results of the 2004 elections which, according to the lawsuit and others who have checked the tallying, do not make sense. If you add the totals of votes district by district in statewide elections, you come up with totals that do not match the final, official results of the election. The Division of Elections has not explained this discrepancy except to say that it is a reporting error and that the memory cards of the scanning machines were incorrectly programmed. The memory cards are the programming devices that go in each optical scan voting machine to tell it how to tally the marks on the ballot.

What are voters to think? If the memory cards were improperly programmed, how could we trust any of the results? If the memory cards are giving two different totals, how is it determined which one is valid? I was involved with the effort to call for the 2004 recount of the US Senate race. In the recount it was convincingly shown that properly programmed and secured optical scanning machines were giving accurate counts of ballots fed into them. If there was an error in the totals, it seems much more likely that the system software that totals the vote tallies from all the machines is at fault or there was a security breach. For Alaska the system software is a product called GEMS (General Election Management System) made by a subsidiary of Diebold, one of the largest manufacturers of voting equipment in the country. GES, the subsidiary, was infamous in voting security circles for having employed convicted high tech criminals in management. One of them, Jeffrey Dean, who was reportedly convicted of electronic embezzlement, is said to have been retained as a consultant for programming the optical scanning software used in Diebold machines (version 1.96). Diebold is a major voting machine supplier and its machines along with ES&S’s tallying equipment count 80% of the votes in the U.S. “GEMS” appears in the title of the voting results report that is posted on the Division of Elections web site. This is the system that is generating the faulty report.

Rather than noticing and fixing the problem itself, the Division of Elections only publicly recognized the problem when the Democratic Party requested an explanation for why the totals did not match up. The Division of Elections had only the answer that it was a reporting error and that the announced final election totals were correct. The Democratic Party then requested to see the data direct from the tabulation software. This would allow one at least to see which of the results seem to be accurate. The vote totaling software is probably the point of greatest vulnerability during an election, since it has to be widely connected to gather the information from each of the voting machines at each of the precincts, total the tallies up and gives the summary results. There is no high level mathematics in such a program, all it needs to do for election purposes is to add the vote totals from the machines, it does not even need to tally the votes. ADDITION is the only critical mathematical function that should be working. (The software also does perform the unnecessary function of calculating the percentage of voters, given the number of registered voters. I say unnecessary because that could easily be done by non-secured software after the vote totals are reported.) Read the Entire Article

Secretary of State Charlie Daniels and a bipartisan Voting System Performance Review Committee are reviewing a report submitted by by InfoSentry Services that analyzed Arkansas’s recent primary and run-off elections. The report recommended that Arkansas renegotiate its contract with Election Systems & Software (ES&S) as a result of problems that ranged from reports of a lack of training and difficulty reaching vendor employees to delivery trucks that showed up unnannounced and misprinted ballots repaired with correction fluid.

According to Daniels, the report stated "Elections Systems & Software did not commit adequate resources to the Arkansas voting system project until after other states' elections concluded [even when those other states' contracts were signed after Arkansas'], which was too late to allow sufficient testing, sufficient equipment programming, and ballot printing to meet critical early voting, absentee, and Election Day deadlines." In response to this finding, the report recommends "ES&S document to the State the names of every person at ES&S working on any component of the Arkansas voting system implementation project."

In an article in the Helena Daily World, one county official described the experience of working with ES&S, "This was the most disorganized bunch ever to run an election in Arkansas. They were untruthful in their responses. Their performance left the burden of this election on us and greatly increased the cost." Read the Entire Article

The following response to Proposals presnted by California Secretary of State Bruce McPherson at the recent meeting of the National Association of Secretaries of State was posted on Joseph Hall's Not Quite A Blog. It is reposted here with permission of the author.

Secretary McPherson outlined the following three proposals in an effort to engage his partners nationwide in the improvement of the voting system certification process:

First, Secretary McPherson outlined a proposal to enhance voting system security and reliability. The proposal would call on the states to join with the Election Assistance Commission (EAC) to develop a national program to conduct a comprehensive risk analysis of voting systems as part of the federal certification process. This would enhance the already rigorous security tests that are currently done, and create a program to conduct exhaustive examinations of all potential security risks and solutions prior to system certification. Read the Entire Article

Kansas: Reduction In Number Of Polling Places A Polical Issue In Secretary Of State Race
by Warren Stewart, VoteTrustUSA - July 24, 2006

Future of Electronic Voting In Kansas Also An Issue

As the August 1st primary nears, the dwindling number of polling places in Kansas elections has become a bipartisan political issue in the race for Secretary of State. Since 2000, Kansas has gone from over 2,400 polling sites to under 2000. Ron Thornburgh (pictured at right), who currently holds the office, has defended the trend over the past eight years toward the consolidation of polling places. In an article in the Hutchison News, he noted that the reduction in polling sites coincides with easier access afforded by early voting and easier absentee voting.

Thornburgh explained that, "Counties have had trouble finding poll workers," he said. "It's part of the natural squeeze as fewer people are willing or available to work at the polls on election days." He noted that the number of polling spots had remained stable for about a decade before the recent shrinkage. "This is a natural realignment taking place. We had one county with 70 polling places. We told them they really only needed about 32. They then decided to reduce to about 25." He has also said that the reduction in polling stations, he said, comes as counties come into compliance with the Help America Vote Act of 2002 (HAVA) and the difficulty of finding enough pollworkers.

A bipartisan coalition of seventeen political, religious and ethnic groups in Sedgewick County recently called for more polling places and Thornburgh's Republican primary opponent and the two Democrats vying for the opportunity to challenge him in the general election have made the reduction in polling places a campaign issue.

Wichita lawyer and Democratic candidate Robert Beattie said that the consolidation of polling places was ”a big reason why I'm campaigning for Secretary of State." He has proposed sweeping changes that include eliminate voting machines and returning Kansas to a paper ballot system. One of the first Kansas lawyers to practice computer law, he said in a Wichita Eagle article that electronic systems are too vulnerable to tampering or error, noting the ballot programming error in Pottawattamie County, Iowa that resulted in incorrect vote totals for nine candidates. "I want to get rid of the machines," he said. "People have complained (about them) to me every election cycle". Read the Entire Article

A recent article on VoteTrustUSA and in Election Integrity ("New York: Last in HAVA Compliance or First in Election Integrity?", 6/27/06), argues that things are going well in New York, because we have "transparent" mechanical lever voting machines that we can continue to use indefinitely. Author Howard Stanislevic also says that our "bipartisan" voting system officials have produced a fair process for choosing other, new, voting technology, and thus we are well on our way to having high-integrity voting.

New Yorkers for Verified Voting has a different view. First, lever machines are anything but transparent, and they have had numerous breakdowns. Second, New York State election law clearly states that lever machines will not be allowed in New York after September 1, 2007. Finally, our progress toward defining voting system regulations, establishing fair, open and effective testing procedures, and purchasing new voting systems remains uncertain at best.

Problems with Lever Voting Machines

We need reliable voting systems that are understandable to voters and, ultimately, can be audited. With a lever voting machine, the voter flips levers and trusts that the counters corresponding to the chosen candidates are properly incremented. The average voter has little understanding of the workings of these machines. Most important, there is no way to verify a vote once it is cast; the voter cannot look at the counters and see if the machine has correctly counted their vote. There is no way to audit votes or recount them later. And there is no viable way to attach printers to produce a voter-verifiable paper trail, a requirement of New York election law. Read the Entire Article and Howard Stanislevic's Response

This article was posted on Joseph Hall's Not Quite A Blog. It is reposted here with permission of the author.

The three-member panel investigating the disasterous 2006 primary in Cuyahoga County, OH have issued their report. The report is amazingly detailed. And it is really scary what a little bit of sunshine will expose in a sufficiently complicated local election administration.

Here are choice nuggets I have come across

Apparently, the numerous places that vote data were stored on decreased the care in which data was handled:

5.19 Finding: The numerous media on which voting data were stored (DRE memory cards, zero cards, CCBOE central computer, DRE internal memory, VVPAT paper rolls) led to general confusion of poll workers and CCBOE staff at to which medium carried the official votes. No single medium took on the “precious cargo” status of the paper ballots and ballot boxes of old. [Interviews with IS, Ballot Department, and pink room staff, poll workers]

Here, they wanted to record absentee votes on DREs, but the OH SoS office instructed them not to produce a paper trail (and to do this, they had to load the paper rolls backwards):

6.4 Finding: Although the DRE units are designed to function only with the VVPAT printer units properly installed, and the DRE printer could have created a paper trail recording the votes, the SOS instructed the CCBOE not to permit the DREs to print the paper receipt. The CCBOE accomplished that instruction by loading the paper backwards so that the printers did not have a surface on which they could print.

The CCBOE did not agree with the SOS's decision, which it had given orally, to have the DREs set up so they were unable to create a VVPAT.

Lost memory cards are dangerous. If someone did use a Hursti II-like hack to modify vote totals, disappearing a memory card would be a great way to hide the evidence.

6.20 Finding: As of 6/22/2006, 51 days after the May Primary election, the CCBOE has yet to recover 12 lost memory cards. Missing cards did not result in votes going uncounted. When these cards could not be found, substitute memory cards were prepared and used to collect vote data from the DREs in question, which were then uploaded and included in tabulated results. Read the Entire Article

An issue that I have heard from many Oregonians about is ballot security. Our state is unique in the country in that we only have vote-by-mail and, as such, are guaranteed to have a paper trail that election officials can refer to if the need arises. However, numerous reports have been released by computer science experts that detail specific security flaws in electronic voting systems throughout the nation. In addition to security breaches by outside forces, electronic voting machines can suffer mechanical breakdowns and system failures like all computers. The so-called 'acceptable' failure rate for these machines is 9%, a higher rate than for traffic lights or even fluorescent light bulbs. Every vote should count, and it's unbelievable that anyone would 'accept' a 9% failure rate in voting machine reliability that might result in the deletion of computer memory and the loss of cast ballots.

Earlier this week, the Science Committee, of which I am a member, in cooperation with the House Administration Committee, held a hearing to review the federal voting guidelines that were put into place after the 2000 election and determine whether these new guidelines will prevent future problems. The witnesses' testimony showed that problems related to how votes are recorded and counted still exist and that attempts to use computing machines are presenting new difficulties that must be addressed.

A simple fix that I support is the use of an independent paper record to ensure that elections officials can audit election results, spot-check for accuracy, and re-count should electronic results be lost or compromised. It is not difficult to recognize the wisdom of having a paper trail to make sure that votes are being recorded and counted. Any action that can be taken by election officials to reassure citizens that their votes are being counted is one that I believe needs to be taken. Read the Entire Article