Saturday, December 02, 2006

Voting Machine Oversight

Within the massive federal beaurocracy, there are a few organizations that do a really good job. One that I have a lot of respect for is the National Institute of Standards and Technology. (ok, it's a geeky organization to admire, but I'm an engineer) If you make a measurement with a calibrated instrument (in the US), it's certifiable back to NIST. They ensure that a gallon is the same volume next year as it is this year, etc..etc.

When I worked in pharmaceuticals there was a huge degree of scrutiny from the FDA. That's not so much related to NIST, but it's another government organization that exists to define and enforce standards. In making drugs, everything has to be documented, and functionally it has to be on paper (the heightened requirements for a paperless system make it more expensive and harder in practice). On the other hand, there seem to be a lot of electronic voting machines, and they don't seem as controlled. Some have had distinct problems.

So I'm thrilled to see the regulation of voting machines has fallen to one the NIST, who are the treating the measurement of votes with a clinical no-nonsense responsibility. I hope the system to elect our representitives gets the same level of regulation, oversight, and validation as the process to manufacture asprin. Or, to take an example from another highly accountable electronic device, is as secure as an ATM machine. Speaking of ATMs, I'd also like to see voting machines give recipts.

If I were designing a voting machine system...
  1. It would be electronic, both for the clarity of the system (no hanging chads, etc), and also for the immediacy of the tallies.
  2. Voters would be issued a paper recipt with their votes on it, and a annonymous unique identifier.
  3. A second paper recipt would be printed by the machine at the time of the vote and stored in a locked chamber within the machine.
  4. All results would be posted online (searchable by ID number).

A little complicated maybe, but the premise here is that it's easy to program a computer to throw elections. This method ensures a full circle of accountability. First, people would be able to confirm that their vote was correct by checking their recipt vs what they typed into the machine.

Second they can confirm their vote was recorded by checking the identifier on-line. In the case of a discrepancy, they have a recipt to take to the Feds.

In the event of a recount, officials have a paper record within the machine. That can easily be recounted, (as easily as current recount methods) and it can also be compared to the online database. If the paper copy matches the online record, it can be assumed it matches people's recipts.

The final way to cheat the system would be for a programmer to issue the same tracking number to muliple voters (say a 5 party Democrats get issued the same recipt, none would know it is a duplicate, and it would check out online) and then register false votes for the last 4 of them. The obvious way around this problem is to timestamp the recipts, and list the time online as well. Unfortunately that could have voter annonyminity issues. The second way around this glitch is to have voters insert a pin number that will be included on both recipts, and included on the website. That would "customize" their vote and greatly hinder computerized voter fraud.

Again, it may be complicated, but there's a lot of power at stake in free elections. Only a fool would think that people won't try to rig the system sooner or later. So let's take the time to make it secure. NIST has a better chance than most of getting it right.

PS: In checking the NIST site I see they have a "Draft Report on Voting System Vulnerability" (warning: boring). It delineates the various groups involved and their responsibilities. NIST seems to not have direct oversight. Still, I'm glad they're involved, because they've got their stuff together more than most.

0 Comments:

Post a Comment

<< Home