No E(asy) Cure
The lengthy machinations of last November's election proved one thing: that the instruments we have for measuring the people's will are not precise. Ballot recounting largely amounts to delving into statistical noise.
What probably astonished most people was the sheer range of voting systems in the U.S. Certainly it was a source of astonishment in Britain, where people were genuinely puzzled about why Americans needed anything more complicated than the simple piece of paper and stub of pencil that British voters use to choose their members of Parliament.
It took only a few days before war was declared on chad and people started talking about electronic and online voting systems as the answer to everything. By that time the experts were already heading them off at the pass. Electronic and online voting systems are not going to provide perfect systems, basically because the specifications for elections are very complex. Voting machines (of whatever type) must be absolutely reliable: they must not invisibly lose or create votes. They must be easy for the broadest of audiences to use. They must be verifiably resistant to electoral fraud. They must protect voters' anonymity and privacy.
Talk to the people selling digital signatures, cryptographic products and online voting systems, and you'll be told that all these problems can be solved. The Italian Parliament, for example, votes via "smart cards." That's fine for a relatively small, educated group of professionals whose votes are a matter of public record anyway; for the 140-million-plus registered U.S. voters, whose choices are anonymous, you'd be looking at vast expense. Currently about 9 percent of them vote electronically.
In a posting to the RISKS Forum (http:// catless.ncl.ac.uk/Risks/) on Election Day, Douglas W. Jones, chair of the Iowa State Board of Examiners for Voting Machines and Electronic Voting Systems, pointed out that although Federal Election Commission guidelines require that custom-built software be reviewed by an independent third party, "industry standard components" are acceptable without such a review. Increasingly, he wrote, custom voting software is being replaced with off-the-shelf, proprietary software. In other words: Windows. And who knows what's going on in there? As Thomas went on to say, a dedicated individual out to fix an election--not now, perhaps, but in the future--might find himself a job within a relevant software company. He could seek to be assigned to the right group of programmers to allow him to modify code that when the right date came along could swing, say, 10 percent of the votes away from a specified party and distribute them in random amounts to other parties. In such a case, you wouldn't see anything as obvious as Palm Beach County's now famous anomalous blip for Pat Buchanan.
Doctored software isn't the only risk. There are also power failures, bugs, hacker attacks and uncertainty whether the software inside the voting machine is the same software that was approved by the state. In Internet voting, there's the political issue of shifting the burden of supplying and maintaining the voting infrastructure from election officials to individual voters. Not to mention the fact that not everyone has access to the Internet. Even the argument of lowered costs is specious, says Rebecca Mercuri in the November 2000 Communications of the ACM, when you compare the costs of mailing out passwords and authenticating voters with the costs of today's well-understood absentee ballots. (Mercuri, a faculty member at Bryn Mawr College, successfully defended her doctoral dissertation on the perils of electronic voting last fall; when published, it is expected by some to be one of the most comprehensive contributions to the subject.)
"All the experts agree on some things," says Lorrie Cranor, a researcher at AT&T Labs Research who has written extensively on voting systems. "For example, that Internet voting is a huge can of worms, that there is no perfect system--all technology solutions are going to have problems--and that punch-card ballots are the worst thing we could have. The place where the experts don't all agree is if you get rid of punch cards, what do you replace them with?"
One suggestion has been direct-recording electronic (DRE) devices. Such machines, which register votes directly into a computer, have no audit trail, cannot be made rigorously bipartisan and may be expensive. Mercuri, for these reasons, is adamantly against DRE systems. Carnegie Mellon's Michael Shamos, on the other hand, has been saying for nearly a decade that it is naive to believe that mechanical and paper-based systems are more trustworthy than electronic ones.
Even so, in a local election in South Brunswick, N.J., an electronic machine was shown to have failed to record votes. In such a case, there's no ballot box to find in the back of a car and no way to restore the lost votes. Or rather, as the vendor told the newspaper there: machines don't lose votes; votes aren't cast. That kind of subtlety may be lost on voters.
Overall, it seems unlikely that electronic voting would fix the kind
of problem that happened in Florida, where the margin for error in the
voting systems was greater than the margin of victory. Of course, e-voting
would have spared all those dedicated poll workers from hours of ballot
checking, prevented the seemingly endless court battles over recounts and
kept chad jokes at bay. But even if you could prove that electronic systems
were the most reliable--doubtful, considering the Y2K bug--democracy is
in part about perception and the reinforcement of trust. There is a comforting,
ritual quality to that painstaking ballot counting and its close, bipartisan
observance. In a narrow election decided wholly by electronic voting, there
would be no comparable way to convince people that every vote really did
WENDY M. GROSSMAN wrote From Anarchy to Power: The Net Comes of Age, due out this month from NYU Press.