USA Coup: Voting Machines In Georgia And Maryland

Friday, 21 February 2003, 2:06 pm
Article: The Scoop Editor

EDITOR'S NOTE: The following are two extremely insightful articles from http://www.citypaper.com/, the website of Baltimore's free weekly community paper, on the Voting Machine saga. The articles are archived here as part of Scoop's ongoing investigation into an AMERICAN COUP

FAIR USE NOTICE: This page contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of criminal justice, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.

From: http://www.citypaper.com/current/mobs2.html

In California and Georgia, skepticism is quickly growing over the computer systems used to administer elections. The same type of system in question--known as "direct recording electronic" (DRE)--is used in Baltimore City and four Maryland counties, and the entire state is committed to switch to DRE by 2006 ("Future Vote," Dec. 12 & Attached). Maryland elections officials are monitoring the budding controversy but remain unconvinced that computer elections in the Free State are risky, as critics contend.

The growing concerns arise from two recent developments. Reputable computer-security experts have joined forces in California to insist that the systems have inherent, though simply solved, security flaws. And allegations have surfaced in Georgia, where computers were used by all voters for the first time last November, that sensitive election-software files were on a publicly accessible Internet file server--a situation, computer experts say, that would present an opportunity for code tampering to manipulate election outcomes.

In Santa Clara County, Calif.--home to Stanford University and Silicon Valley, and thus a high-tech savvy electorate--technologists' security concerns about computer voting have led county officials to delay a planned $20 million voting-system purchase in order to gather more information about the risks. Computer-security expert Peter Neumann and Stanford computer scientist David Dill have testified twice so far this year before the county board of supervisors, explaining that the systems as currently designed provide no guarantee of accurate voting because they are not auditable.

The solution, Neumann, Dill, and others say, lies in providing paper receipts at polling booths that voters can use to verify that their votes are recorded as intended. This "voter-verifiable audit trail," reads a resolution Dill is promoting (which has been endorsed by more than 300 technologists, including professors at the University of Maryland and Johns Hopkins University), "should be one of the essential requirements" for the systems. Their cause got a boost from the newly elected California secretary of state, Kevin Shelley, who announced on Feb. 6 that he will convene a panel of experts to study the security risks of computer voting.

Meanwhile, two voting-machine companies--Avante of New Jersey and AccuPoll of California--have begun marketing systems that provide voter-verified receipts, an indication that some in the voting-machine industry see recent events as writing on the wall.

In Georgia, where a computerized November election handed the U.S. Senate majority to the Republican party, a state elections official says his office is being "bombarded" with questions about allegations of security breaches in the conduct of that election. The rush of scrutiny was touched off by recent postings on blackboxvoting.com, a Web site administered by Bev Harris, a Renton, Wash.-based public-relations consultant who is writing a book about the risks of computer voting.

Harris says that Diebold Election Systems, whose technology was used to run the Georgia elections, put sensitive software code used in that election on an Internet file server that was publicly accessible. "Anybody could download, edit, or upload those files," Harris said in a Feb. 17 telephone interview. "It was like a blueprint for how to mess with these machines--source codes, testing protocols, hardware and software specifications--up on the Web. Diebold doesn't even allow the government to look at this stuff, yet there it was for anyone to look at or manipulate."

When asked detailed questions about Harris' allegations, Diebold issued the following statement to City Paper: "Our review of this matter indicates that there is no merit to the insinuations of security breaches in the Diebold Election Systems solutions. The old Global Elections Systems site has been taken down because it contained old, out-of-date material. For 144 years, Diebold has been synonymous with security, and we take security very seriously in all of our products and services."

Maryland elections chief Linda Lamone says her staff discovered Diebold's open file server before last November's election and demanded that the company, which manufactures and administers touchscreen DREs for about 40 percent of the state's electorate, provide a secure server for Maryland's elections. Lamone says Diebold complied with the state's request. "They found [the open server] and refused to use it," Lamone says of the state election board's technical staff. "They were very upset about it."

Georgia, however, did use the open server, downloading software patches to tweak the elections program and ensure it worked properly on Election Day. Brit Williams, a college professor who tested and certified Diebold's system in preparation for Georgia's November elections, explains in a Web-published transcript of an interview with Harris that "we were in the heat of the election. Some of the things we did [involving the open server], we probably compromised security a little bit. . . . We've gone back since the election and done extensive testing on all this."

Georgia elections spokesman Chris Rigel could not be reached for comment.

The U.S. Senate race in Georgia produced unexpected success for the Republican party, and City Paper's county-by-county analysis of the outcome, published in December, produced unusual results. The analysis showed that 60 percent of Georgia voters lived in 101 counties where the November results showed pronounced shifts of party loyalty from the August primary.

The potential for election fraud in Georgia "needs to be examined under oath," Harris says, adding that lawyers are crafting strategies to bring lawsuits that would focus on election-software security. "Citizens of any place that used [DREs] would have standing to sue," she contends.

In Maryland, Lamone is confident that code manipulation was prevented during last fall's election and adds that a "very high number of voters trusted the [new] equipment." As for voter-verified receipts, Lamone admits that the state elections board "didn't talk about it at all" as they explored the new computer-election technology in 2001. In light of the growing awareness of the need for receipts, and for better security in general when it comes to computer voting, Lamone now says that "if Diebold can provide [voter-verified receipts] and it's not too costly, I have no objection to it."

Paul Herrnson, a University of Maryland professor who has extensively studied and tested the state's new computer-voting technology, is emphatic when saying that "there are tremendous concerns" raised by computer voting. "The current system does not have a paper trail, and that is a problem." In light of Harris' allegations and the odd outcome in the Georgia Senate race, Herrnson adds: "People should have questions, and a [computer-voting machine] company that is not responsive to those questions is probably a company that should not be trusted."

FROM: http://www.citypaper.com/2002-12-11/feature.html

On Nov. 21, a computer programmer for Autotote, an electronic-wagering company, admitted in court that he was the "inside man" in a computer-based scheme that manipulated horse-racing stakes, culminating in an Oct. 23 Breeders' Cup wager that would have yielded $3 million in winnings for a Baltimore man had the bet not raised suspicions.

The scandal prompted the National Thoroughbred Racing Association to convene a panel headed by former New York mayor Rudolph Giuliani to review the industry's computer-betting system. It also spawned a lawsuit: Gambler Jimmy "the Hat" Allard accuses Autotote of negligence, claiming in a statement made through his law firm that the "betting public may have been cheated out of countless millions of dollars for possibly the past eight years" due to lapses in the company's computer security.

This fall, voters in four Maryland counties for the first time cast ballots on computerized voting machines using a technology called "direct recording electronic" (DRE), a system that Baltimoreans have been using since 1998. The whole state is scheduled to switch over to a unified computer voting system by 2006, but DRE system skeptics question the system's security because, just like the Breeders' Cup betting scandal, it could be rigged using computer code.

Imagine a computer programmer at Diebold Election Systems or Sequoia Pacific Systems, the two companies that manufacture computer voting machines used in Maryland, manipulating the software code used to run the machines to tweak the results in favor of some candidate, some party, some agenda. Imagine that he or she gets caught overreaching. Losers and voters in computerized elections nationwide would mull lawsuits and question the integrity of their races' results, just as Allard questions whether bettors have been cheated all along by the Autotote system.

"If you can fix the Breeders' Cup, I guess it's certainly possible to do the same with computer elections," says former Maryland U.S. Attorney George Beall, who also headed the state task force that investigated voting irregularities in the 1994 Baltimore City election. Given the potential stakes in politics vs. gambling--a hand on the purse strings of the public agenda, compared to a winning Pick Six ticket worth $3 million--the possibility seems worthy of consideration.

The potential stakes are even higher than the outcome of a few political campaigns. An actual incident of computer-voting fraud, should one ever be discovered, would cause a crisis of democracy. In addition to criminal charges being brought and state panels being convened to investigate, a shadow of doubt would fall over the legitimacy of all those who gained office with votes cast through computers, and the electorate's confidence in how we choose our leadership would fall further. There's never been a proven case, but what's to prevent it from happening?

Precious little, nationally recognized computer-security experts say. First and foremost among them are Peter Neumann, principal scientist at SRI International's computer-science lab in Menlo Park, Calif., and Rebecca Mercuri, computer-science professor at Bryn Mawr College outside Philadelphia. Despite their well-aired warnings over at least the past 15 years and a few minor scandals involving the three companies that make most of the voting machines, simple steps that would abate the risk of tampering have not been implemented as counties and states across the country--and governments around the world--increasingly switch to computers for holding elections.

Federal legislation passed this fall, the Help America Vote Act (HAVA), includes $3.9 billion to help jurisdictions pay for election-technology upgrades, so, barring any changes in the trend, many more voters can look forward to casting digital ballots in the years ahead.

Diebold Election spokesman Joe Richardson says the security concerns that Neumann and Mercuri raise about DRE voting systems are moot. The level of security precautions already taken are sufficient to provide "what the voters are looking for," which, he says, is "peace of mind" that their votes were accurately recorded and counted. So why not give it to them by implementing the additional security that the skeptics say will prevent fraudulent outcomes while protecting ballot secrecy? Because the existing security "does not necessitate it," Richardson says.

In the coming months, the new HAVA regulations governing election technology will be written, and skeptics hope adequate security measures will be included. Even if they are, though, there's no way to be assured of the integrity of computer elections already held. A look at some of those outcomes in light of the security risks posed by electronic voting gives cause for concern.

When all was said and done, the Maryland elections on Nov. 5 were good to Bob Urosevich. As the president of North Canton, Ohio-based Diebold Election Systems, his reputation was riding on the performance of the AccuVote-TS computer-voting system, which got its first workout in Maryland during the fall elections. The state and Montgomery, Prince George's, Dorchester, and Allegany counties split the $13 million price tag for nearly 5,000 of Diebold's touch-screen units, which resemble the ubiquitous ATMs manufactured by Diebold Election's parent company, Diebold Inc. "We are pleased all four counties had successful general elections," Urosevich said in a press release the next day, "and look forward to working on the statewide implementation of this secure voting technology."

This fast-emerging way to vote appears at first glance to be manifestly better than what it is replacing. Lasting memories of past election debacles involving punch cards or lever machines--Florida in 2000, say, or Baltimore City in 1994--strengthen the allure of voting via a central device in most Americans' daily lives: the computer. So governments worldwide are increasingly relying on this privately owned technology to run public elections.

The rub, though, is in what can't be seen when the computers are recording and tabulating the votes--the proprietary software code that runs the system.

Like any voting system--and despite Urosevich's emphasis on its secure nature--DRE is not fraud-proof. With computers, security experts say, the method of committing election fraud is, in theory, insidiously simple. Here's how it would work: A company insider who knows how to write computer code surreptitiously inserts some nefarious programming language into the election software, causing votes on Election Day to be recorded and tabulated in whatever fashion achieves his or her purpose--for example, redirecting a small percentage of votes cast for Candidate A to Candidate B's total. Such a piece of code could run without otherwise obviously affecting the machine's operation or the outcome of other races.

Since nearly all computer elections are paperless, there is no independent, voter-verified record with which to compare the computer-generated outcome in the event of a recount. Computer-voting recounts, therefore, are merely a matter of taking another look at the same data that was stored in the computer's memory after the polls closed, and are therefore unlikely to produce any changes in the results. As long as the outcome is not patently bizarre--a complete unknown beats a popular incumbent in a landslide, for example, or more votes are cast than there are voters--it would be exceedingly difficult to question it. Knowing that the industry considers each election software code to be a trade secret, and won't let anyone examine it without a court order, the corrupt insider is able to commit the crime without fear of detection.

Neumann, the computer-security expert with SRI International, says the Breeders' Cup scandal aptly illustrates core security problems with electronic voting. The difference in the security precautions taken in electronic wagering vs. computer voting lies in what he calls the "desire for accountability." In betting, "you want complete accountability," he explains. "Everything's on the record, and there's no anonymity." Someone places a computer bet, and information associated with that bet is maintained so a name and a face can later be connected to it, if need be. With voting, though, "you want to maintain a level of secrecy, of anonymity, in the ballot. So the desire for accountability is less. And vendors, when selling these systems, essentially say, 'If you want ballot secrecy, we're not going to be able to give you accountability.'" The result: vastly less stringent safeguards in protecting computer elections from fraud than exist in protecting online wagering from fraud.

Clearly, this potential risk is not registering with decision-makers, at least not to the point where they demand a more secure system. The only example of a jurisdiction changing its mind about purchasing a DRE voting system, Neumann says, is from the mid-1990s, when New York City canceled a contract with Sequoia because of the concerns he continues to voice today. Otherwise, the trend is clear: Elections officials across the country--in Florida, Georgia, California, Texas, and Louisiana, to name but a few states--and officials as far away as Brazil and Belgium are opting to buy DRE systems. And when Maryland Secretary of State John Willis announced earlier this year that 2006 is the target date for all state elections to be entirely electronic, he did so fully aware of these risks. Today, he defends the decision, saying the state "felt that the advantages outweighed the disadvantages."

"An absolute disaster." That's how Neumann characterizes Maryland's decision to go with a unified, statewide DRE system without an independently verified audit trail. Neumann is not some loopy conspiracy nut who happens to have a lot of letters after his name. With his double-doctorate and 50 years as a computer scientist, he is the widely respected principal scientist at SRI, where he has worked since 1971. Earlier this year, he received the highest honor in information security: the Computer System Security Award from the U.S. Commerce Department's National Institute of Standards and Technology and the National Security Agency. When Neumann uses words like "absolute disaster," they carry some authority.

"He's being totally cynical about the process," retorts Willis, who chaired the Special Committee on Voting Systems and Procedures in Maryland, which recommended a unified DRE system. "It was the intent of the commission and of the governor and state legislature to capture as much voter intent as possible as efficiently as possible. And with Diebold's system, we are capturing more voter intent--assuming we believe the codes are right and nobody's manipulating them."

How does Willis know that's not happening? "Well, one, you have to have confidence in the vendor," he says. "And then you have testing before, during, and after the election, and the source codes are kept in escrow so they can't be changed. And then if something looks odd in the outcome, there are experienced people around who are going to notice aberrations from historical voting patterns at the precinct level. And if it could be empirically demonstrated that something there does not make sense, then a court could order a look at the code and the outcome would be challenged with technical expertise.

"So if somebody tried to rig a computer election here, it would require a good deal of sophistication. I think we'd be able to detect it," Willis continues. "But if they can beat all of that, how would we detect it and what would be do about it? Well, the academics are right--some of those questions are still unaddressed. We were aware of the risks, and I have no objection to raising theoretical concerns, and I can't say that those risks aren't there, but they were outweighed by the advantages of capturing as much voter intent as possible."

Neumann and Mercuri have some simple advice on how to get around the security problems that Willis describes: After a vote is cast, they say, the computer should issue a physical record of the choices made by the voter, not unlike an ATM receipt. The voter would then review the record for accuracy and drop it into a precinct lockbox. That way, in the event of a recount, the computer-generated outcome can be compared to the independently verified record contained in the lockbox. Absent such voter-verified receipts, Neumann says, "there is absolutely zero accountability."

Given this apparently simple solution, why are states buying DRE systems that don't provide such independent auditability? Maryland's commission weighed the option but decided against it, Willis says.

"We went through this philosophical debate over the whole idea of having paper records and putting them in a drop box," he says. "But at that point, it starts to seem like, 'So why not just go back to paper ballots?' And there are all sorts of problems with paper ballots." Willis acknowledges that providing such receipts would only require reconfiguring the printers already inside each Diebold machine in Maryland, but adds that "it's very labor intensive" to do manual recounts with receipts--"and there are going to be recounts."

Mercuri says she suspects election administrators like the potentially vulnerable computer systems because the recounts are so orderly and predictable--you always get the same outcome from the computer's memory. No messy manual recounts, no legal arguments over voter intent--no Florida 2000 debacles.

Diebold Election's voting industry director, Mark Radke, points out that his company's system offers an audit-trail option: the ability to print out each and every ballot, if the need arises. They're called "ballot images," and Mercuri says they "prove nothing" because voters do not see them at the time they vote and thus can't verify that the ballot accurately reflects their intended votes.

Asked repeatedly, "Is a ballot image a voter-verified receipt?" Radke refuses to give a yes or no answer. Instead, he repeatedly stresses the "overall security of the software," pointing out that testing, data scrambling, and encryption all work to secure the system to insure it produces accurate outcomes. As for the idea that a lack of voter-verified receipts may be sufficient to undermine voter confidence, Radke responds, "At that point, I guess we'll just have to agree to disagree," adding that, to date, no jurisdiction has asked for receipts.

Another factor to consider in trying to explain the rush to DRE technology is the influence of lobbyists. In Maryland this year, Diebold competitor Election Systems & Software hired a team of four lobbyists from the Annapolis firm Alexander & Cleaver. During the current election cycle, the company and the lobbyists combined have given nearly $30,000 to Maryland political campaigns--including to those of state senators Michael Collins (D-6th) and Joan Carter Conway (D-43rd), both members of the commission that recommended the new DRE systems. That kind of expenditure buys access to lawmakers, who (short of meddling in the procurement process) can help lobbyists influence state officials as they decide what election technology to buy.

At the federal level, the lobbying activity by Election.com is notable. Billing itself as "the global election company," Election.com provides computer election services and aims to talk the federal government into staging a national online computer election. With capital and a line of credit secured by Saudi investors, and former Republican congressman, cabinet member, and vice-presidential candidate Jack Kemp on its five-member board, Election.com has substantial political clout. An extra push was provided in 2000, when the company spent $100,000 to further its cause by hiring two lobbyists who specialize in representing the information-technology industry. Apparently, it paid off: In late October, Newsday reported that Election.com's federal contract to administer online electronic elections for the military in 2004 "appears on track."

Election Systems, of Omaha, Neb., doesn't have far to go for friends in high places. Major shareholder Michael McCarthy serves as the campaign treasurer for conservative Republican Nebraska Sen. Chuck Hagel, who is sure to answer the company's calls.

For Neumann, though, the rapid switch to DRE systems boils down to a simple explanation: "Inertia. There is simply no recognition on the part of the voting public as to how vulnerable the systems are," he says. "Nobody's listening, because voters, by and large, don't understand the technology. And the vendors stonewall any attempt to drive them into accountability, and I can only assume it's because then [the vendors] can't rig anything. I have no hard evidence that they do, but I don't know what else it could be."

It's one thing to theorize about the possibilities of computer-election fraud. It is quite another to ponder whether or not it has already happened. But that is the problem with election technology: Once it is understood that it can be rigged and detection is unlikely under the current level of security and oversight, people are free to doubt the integrity of any outcome. When upsets occur in computer elections, or when a series of tight contests all fall in favor of one party, security-savvy observers who doubt the safety of the technology are going to wonder whether someone has manipulated the code. Results across the country on Nov. 5, which were tabulated and announced without the expected benefit of exit polling, cause Rebecca Mercuri to suspect fraud might have occurred.

"All I have [to go on] is races across the country that looked to be close that were all won by candidates of the same party," Mercuri says. "OK, that could happen. But we have no real way to know whether the races were manipulated. And in states with computer voting, there were very surprising outcomes."

Voter News Service is an exit-polling outfit funded by the major TV networks and the Associated Press. After its analysis mistakenly prompted networks to call Florida for Al Gore on election night 2000, great effort was put into revamping VNS's data services, which provide much valuable information about how people vote--and also serve as a soft check to see if vote counts don't square up with how people say they voted. VNS's database broke down due to a computer glitch on this year's election night, and the data still aren't available. "Where is that data?" an exasperated Mercuri asks. "All they do . . . is Election Day exit polling. We rely on that for error-check, and without it there is no real way to know that something's amiss."

The results in Georgia, in particular, worry Mercuri. That's because it is the only state with a unified, statewide DRE system--similar to the one Maryland has decided to implement. And in Georgia, the results favored the Republican Party with unexpected decisiveness. The U.S. Senate race in Georgia helped clinch majority status in the U.S. Senate for the Republicans, and the Democratic governor was tossed out in favor of the Peach State's first Republican chief executive since Reconstruction.

Are any of the results in Georgia so surprising that they raise questions about election integrity in light of the security problems with computer voting? The answer is a matter of perspective.

Incumbent Sen. Max Cleland, a first-term Democrat who lost three limbs in the Vietnam War and was the youngest-ever head of the Veterans Administration, ran unchallenged in the August primary. Saxby Chambliss, a four-term Republican congressman from central-south Georgia whose bad knee got him a deferment from serving in Vietnam, won a three-way GOP primary with President Bush's endorsement. During the general-election campaign, Chambliss aired a TV ad with an image of Osama bin Laden and a voice-over that questioned Cleland's commitment to national security, and another in which the Veterans of Foreign Wars endorsed Chambliss over the Democrat. The Republican consistently put out the message that Cleland is too liberal for Georgia. Cleland was stoic about the attacks, but also fought back, questioning Chambliss' voting record on issues important to senior citizens and students, among others. Between the primary and general elections, polling consistently showed Cleland in a double-digit lead over Chambliss, but slipping as Election Day approached; one election-eve poll had Chambliss in the lead by one point.

On Election Day, the conservative weekly magazine National Review published its predictions for Senate races nationwide. "Republicans may be disappointed if they don't capture the Senate tonight, but they should put things in perspective," national political reporter John Miller wrote. "Midterm elections usually lead to big-time losses for the party that controls the White House. At most, it appears the GOP will lose a seat or two." In Georgia, National Review predicted that Cleland would win. However, Chambliss' astounding 53 percent to 46 percent win over the Democrat helped the GOP win back the Senate, a clincher in a string of victories in races that had been too close to call before Nov. 5.

For those inclined to believe that the results in Georgia were legitimately recorded and counted--and other than Mercuri, no one spoken with for this article would do so on the record--the results are perfectly believable. Even without exit polling, it is clear that the influx of prominent national Republican leaders, including Bush, in Georgia prior to Election Day gave the party's statewide candidates a lift in the final stretch of the campaign. Georgia's Senate delegation historically tends to be Democratic, but, as was pointed out by in-state observers after the election, Georgia has been trending Republican for some time now. Election Day manifested the trend, as right-leaning voters came out in droves, due in part to the much-lauded get-out-the-vote effort engineered by former Christian Coalition leader Ralph Reed, who now heads the Georgia GOP, with substantial assistance from the national party and White House senior adviser Karl Rove. The GOP's success in Georgia was simply the result of the party's concentrated effort to win.

For those inclined to share Mercuri's worries about the Georgia outcome, the GOP's extraordinary effort only goes so far in explaining voter performance. A close look at county-level data for the primary and general elections, for instance, shows remarkably shifts in voter loyalties in unlikely areas of the state. Code manipulation or not, the results are unusual enough to stump, at least partially, the head of the University of Georgia's political science department. But first, some background on the race.

Voters in Georgia don't register as party members; they choose which primary to participate in when they show up at the polls. Thus, how voters cast their ballots in the primary serves as a leading indicator of the state's partisan patterns and provides a good comparison to general-election patterns, says Charles Bullock, the University of Georgia professor. With 3.7 million registered voters in 159 counties (by comparison, Maryland's 22 counties have 2.7 million voters), county-by-county analysis gives a pretty high level of definition as to how those patterns are distributed.

August's primary results reinforce Georgia political wisdom that there is a partisan wall separating the Republican-dominated northwest segment of the state--the 58 counties surrounding Atlanta, where two-thirds of the registered voters reside--and the other 101 counties to the south and east, which combined have half the population, but a greater number who cast Democratic ballots in August. Within each of these two regions are islands of renegade counties. DeKalb, Fulton, and Clayton counties in the Atlanta metro area, for instance, are heavily populated with Democratic voters; several areas in the rest of the state, including Chambliss' south-central Georgia base, show heavier Republican participation than Democratic. Overall, though, as Bullock confirms, North Georgia tends to lean Republican, South Georgia tends to lean Democrat.

In the 58 northern counties, in spite of the heavy rain that fell all day Nov. 5, turnout was higher than expected, at a little more than 55 percent. The official results had Chambliss with 53.3 percent of the vote to Cleland's 45.1 percent, with the rest going to the Libertarian candidate. In South Georgia, where turnout was slightly below average, voters also picked Chambliss, 51 percent to 47.4 percent. Unfortunate for Cleland, but not the sort of thing totally unexpected in politics.

What's interesting, though, is how the counties' party loyalties shifted between the primary and the general election. Voters in 58 counties spread throughout the state (accounting for 40 percent of the state's electorate) voted more as less as they did in the primary. In the other 101 counties, the results were a little odd. In 27 counties in the Republican-dominated North, voters supported Republican Chambliss as expected, but Democrat Cleland won 14 percent more of the vote than he did in the primary. Likewise in 74 counties in the traditionally Democratic South, Cleland carried the day, but Chambliss won 22 percent more of the ballots than he could have expected based on the primary results.

So in the end, 60 percent of Georgia's electorate live in counties which dramatically shifted partisan loyalties between the primary and general elections. Yet the final tally didn't follow those shifts. In addition to his stable power base, Cleland won those anomalous Southern counties that shifted toward the GOP in the primary by an 18 percent margin. Unfortunately for him, Chambliss won the Northern counties that veered towards the Dems in the primary by a whopping 29 percent of the vote. What happened?

"Good question," Bullock says over the phone, agreeing that it is a puzzling outcome. After mulling it over for a few days, he e-mails to suggest that the disparity in the number might be partially explained by voters in the minority party--say, Democrats in a heavily Republican county--casting ballots in the majority party's primary in order to influence local races, then switching back to their true allegiances for the general election. While he cautions that it would take a much deeper statistical analysis to determine exactly what went on in the 2002 Georgia Senate race, Bullock agrees that the vote swings are acute and intuitively don't make sense, especially since they occurred in county after county.

How would a programmer bent on throwing the Georgia Senate election go about using software code to create this outcome? Jason Kitcat, a British programmer who recently abandoned his long-pursued goal of designing a secure Internet-voting system because he now feels it is an impossibility, considered the question and explained his reasoning in an e-mail to City Paper:

"Where the system is entirely DRE [like Georgia's], then you have many problems and potential points of failure. The system could be compromised at the ballot station by informing voters that they have voted Republican and storing Democrat," Kitcat writes. "This can be done quite intelligently with randomisers, statistical analysers, etc., so that only a useful but hard-to-detect portion of the votes are manipulated. Depending on the system of transferring the sub-totals from each DRE 'ballot box' to intermediary and final counting systems, there are an incredible number of opportunities to compromise the vote."

Using Kitcat's suggested methods, theoretically it would be possible to, say, select counties where the outcome is expected to favor the Democrats by wide margins and target them for vote manipulation in favor of the GOP. That way, the outcome would still favor the Democrats, the Republicans would pick up the necessary votes, and no one would be the wiser.

"While computer audit tools allow you to track down changes to hard disks even after they have been erased, they would be useless in systems of the scale used for any serious public election," he continues. "If a few votes are changed here and there, it would be basically undetectable. This could be done at operating system, database, communications, or applications level. The final counting system can also modify the results in a huge number of clever ways using techniques mentioned above."

Given the potential for breaching DRE systems and manipulating codes, Kitcat, like Neumann and Mercuri, cannot comprehend why states are buying them. "While the technologies will always be flawed to some extent, the amount of trust election administrators put in the suppliers of DRE systems is shocking," he writes. "They provide closed, proprietary systems which have never been assessed by independent third parties--we have no reliable assurances of the security or privacy they claim to provide!"

And are the vendors worthy of the level of trust they get from election officials? That, like the integrity of the Georgia Senate election, is a matter of perspective. Maryland Secretary of State Willis says he trusts Diebold, in part, because it is experienced with this technology in the ATM market, which requires a very high level of security. But other observers point to ethics scandals involving the industry and wonder whether private companies should be entrusted with the voting process.

Taken as a whole, the voting-machine industry is tightly knit and has a decidedly right-wing flavor, according to well-documented research by public-relations executive Bev Harris and Philadelphia journalist Lynn Landes, who question the soundness of putting private-sector partisans in charge of secretive vote counts.

Harris and Landes point to a bribery scheme involving the purchase of Sequoia machines in Louisiana, which was uncovered in 1999 and netted convictions against state elections commissioner Jerry Fowler and Sequoia's exclusive agent there, David Philpot. A vice president of Election Systems, which makes absentee-ballot-counting machines in use in Maryland, received immunity in exchange for his cooperation in a successful corruption case against the Arkansas secretary of state in 1995. Given the taint of bribery surrounding voting-machine companies, Mercuri says, "you have to wonder what's going on" as more and more states purchase DRE systems.

Whether or not you believe computer elections have already been tampered with, the risk remains. As long as there is no voter-verified audit trail, results that seem bizarre can be questioned only in theory. Mercuri sees an opportunity to close this credibility gap as regulations are written pursuant to HAVA, Congress' new voting-system legislation.

"The legislation calls for an audit trail," Mercuri says. "But it's clear that the computer-voting companies interpret that as meaning ballot images--the post-election printouts of how each vote was recorded. Ballot images don't prove anything. The voter never sees it, never checks it for accuracy. This can be fixed, though, as the regulations are written by making sure the words 'voter-verified audit trail' are included. So we'll see if that makes it in there."

Either way, Mercuri is not impressed with the new technology--voter-verified audit trail or not. As she monitored the Election Day performance of DRE voting systems in states across the country, she noted problems cropping up. "These things are programmed incorrectly, or the screens and push-buttons are misaligned," she says, pointing out cases in Texas, Florida, and Georgia where voters selected one candidate and the computer screen kept indicating they had selected a different candidate. "And then it's reported that a programmer came in and fixed the problem," Mercuri says. "How do we know he fixed it? Why should we trust these results? No one's going to notice that mistakes were made unless the outcome is completely weird.

"Everyone was saying it was fine, it went well on Election Day for new computer-voting machines, and I don't understand why the news covered it that way," she continues. "It didn't go well. There were major news reports about these problems, yet the whole thing was spun as if they never happened. We don't accept this level of bad performance in other products that are time-critical and have to be accurate, but we accept it when it's voting machines."

Diebold's Radke says voters "have accepted the new technology," pointing to Georgia, where polling for "positive remarks" found a 97 percent acceptance rate. "It went very, very smoothly in Georgia, " he concludes. "People accepted the new technology."

In Maryland on Election Day, software problems did occur in Montgomery County with the new DRE units. One Washington Post reporter summed it up by writing that "confusion reigned" in the use of the new machines. Despite the fact that the two main parties don't have separate ballots in a general election, programming errors caused the word "Democrat" to be displayed at the top of some ballots, "Republican" on others. One voter, a Silver Spring computer consultant, told the Post reporter, "there something wrong. I could check 'Ehrlich' and I could check 'Morella,' but I'm not sure those answers went into the database. . . . It's hard for me to believe."

Despite these problems, Maryland Secretary of State Willis says the state studied voter acceptance of the new technology and found it to be very high. "Most of the voters adapted to it pretty well," he says. As for whether or not the problems in Montgomery may have altered outcomes, Willis is confident that they didn't. "We have looked hard at the results, and we know that they comport with historical voting patterns," he says. "So if anyone's rigging computer elections, they didn't mess with Maryland."

Given the risks of undetected manipulation, though, voters will have to trust computer elections won't be messed with in the future.

FAIR USE NOTICE: This page contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of criminal justice, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.

© Scoop Media

Scoop

Scoop Independent News

Scoop is NZ's largest independent news source; respected widely in media, political, business and academic circles for being the place on the internet for publishing "what was really said", and for the quality of its analysis of issues.

Contact Scoop

• Editorial - editor@scoop.co.nz
• Twitter - @ScoopNZ
• Facebook
• YouTube
• Services - services@scoop.co.nz
• Phone - 04 910 1844