When the Help America Vote Act ("HAVA") was signed into law, October 29, 2002, the electronic voting machine industry was very small. The members of Congress who wrote and voted for HAVA were either ignorant or corrupt. I say that because HAVA authorized the expenditure of over $3 billion for computerized voting machines, DREs, that at that time were designed so that it was impossible to determine whether or not they were working correctly.
If you could make $3 billion by selling a product, but no one would ever know if it was working or not, where's the motivation to make it work?
Our federal certification standards reflect this historical period. The machines do not have to work. The testimony submitted today by Howard Stanislevic will go into detail about the federal standards of 2005, which still allow voting systems to be certified in spite of not complying with the technical requirements of these same standards .
But you don’t need a long explanation. All you need to do is read The Daily Voting News from VotersUnite.org and the weekly Election Integrity News from VoteTrustUSA.org, to become familiar with thousands of documented failures of federally and state certified DREs.
Computer scientists had warned Congress before HAVA passed that, despite the claims of vendors, these machines should not be used. But HAVA passed anyway.
At that time some people were demanding to see the programming source code from these machines. I believe that elections should be about the voters seeing their own ballot, and observers watching the handling, storage, and counting of the votes on those ballots. When elections turn into controversies about computers, the idea of the will of the people selecting our government tends to get lost.
All computer scientists have said that looking at source code cannot guarantee that you will find all the malicious and innocent errors, and no one can guarantee that the programming that you examine is what will be in your computerized voting machines on election day.
In those days three and a half years ago, it was easy to predict that if the voting machine source code ever became available for inspection, we would find
--pre-programmed "back doors" that allow tampering by persons with minimal technical knowledge, without the need to hack into the systems
--very poor quality design and programming that was not up to professional standards
Three and a half years ago, I speculated that the vendors’ motivation to conceal their source code was to prevent embarrassment for both these reasons.
In fact there have been numerous scandals about the low quality and "back doors" in Diebold software, the only major vendor whose source code has been studied. The other vendors have been more careful to protect their software from public inspection, but I would assume it is equally bad.
As a result of the problems I just described, a nationwide movement arose of citizen activists who demanded a voter-verified paper audit trail, called VVPAT. The idea of VVPAT was that Boards of Elections would conduct audits and confirm the correct operation of their DREs after each election.
I became an activist near the beginning of this movement, but became disillusioned when I realized that DREs could not be made reliable through the use of audits -- because no Board of Elections would ever perform a professional quality audit. I have worked as a short-term computer contractor since 1983, and have worked for hundreds of companies. Every one of them verifies every single transaction. I have never even heard of a company that only spot-checks a small percentage of their computer records, and then assumes the rest are accurate.
Again I bring up the idea of ignorance or corruption, because I have had election directors from around the country tell me, "We accept a 10% difference between the number of voters and the number of ballots cast," and other statements like that. Just two weeks ago, an election director excused the loss of 12% of the memory cards with election day results in her county by saying that they always lost more or less that many, no one ever made a fuss about it before.
Here in New York I believe that our Boards of Elections would never stand for that type of inaccuracy and chaos, but we may end up with it anyway if we select DREs as our voting machinery.
Computer technology is powerful, complex, and difficult to manage. No client that I have ever worked for has had full control over their computers. Clients with the best staff, organization, and security have had disasters. I believe that we can keep our elections simple and manageable by minimizing our use of computers as much as possible.
After my full time involvement with the issue of computerized voting for three and a half years, I believe that computers will never be properly or safely used in elections. Election directors, commissioners, and others who are responsible for the computers are not knowledgeable enough to evaluate the information they get from staff and vendors. Many honest people who sincerely want to run honest elections cannot do so, because they do not understand the technology, and work with uncontrollable part-time election-day workers who understand it even less.
I believe that we should keep our elections focused on voters and directly-voter-marked paper ballots, and call for observers to watch the handling, storage, and counting of votes on the ballots.
Industry statistics in the computer field tell us that 72% of computer systems never work. So the assumption that computer systems for voting will work is out of line.
FBI statistics tell us that computer systems are insecure. The "2005 FBI Computer Crime Survey" showed that last year 87% of companies had security incidents, 64% lost money (showing severity of the incident), and 44% had intrusions from within their own organization. The report itself mysteriously "was lost" from the FBI web site, and was not posted again for four months! I got a copy on paper from their Houston office. So the assumption that computer systems for voting will be secure is out of line.
When we look at the experience of states with DRE voting, we see an experience of malfunctions and failures on election day, as well as lawsuits by citizens, candidates, and parties.
The experience of other states, moreover, shows decent hard-working election professionals being put in a position of defending election irregularities, and telling the public that "the outcome of the election was not altered" when in fact they have no evidence of that -- nor any clue of what happened.
There is a difference between systems that fail in business, and those that fail in elections. The difference is that businesses have staffs that work 24x7 to monitor their computers, prove out the daily work (which might be called “auditing”), track down where the problems were, and correct the errors before their customers see them. No one is intending to do that with election systems. The 3% spot-check that our state law requires is a 97% mistake. That is my professional opinion.
In other states, electronic voting failures and malfunctions have been typically blamed on voters and poll workers. I urge you to take the position that we know what this equipment is for, and we know who will use it, and since it evidently cannot be used safely and properly by its intended users, then it should not be used at all.
Due to the use of secret software in electronic voting equipment, Boards of Elections will never fully understand what the equipment is doing, how it works, or what the vendor’s technicians are doing. Boards of Elections have been charged with the responsibility of running our elections, not contracting out the work. If this equipment was "easy to use" our State Board and our counties would be holding Mock Election Public Tests to show the doubtful public that they can do the work, and that the equipment can hold up under appropriate scrutiny. Our State Board and our counties would be holding public hacking tests to prove that the equipment was secure. Our State Board and our counties would be devising procedures to enable themselves, parties, and candidates to inspect the equipment technically to confirm that it was the same as what our State Board certifies, and that it contains no illegal wireless communications capability.
What we need is not high-tech equipment that brings high-tech problems with it. We need to keep it simple, and use low-tech equipment that does the job in a simple way and is manageable by elections staff, poll workers, voters, and election observers.
You shouldn't need a Ph.D. in computer science to figure out if your vote was cast. You shouldn't need a vendor service contract, programming contract, etc, in order to use your own equipment.
DREs come with a host of problems -- loss of voter confidence, spoiled elections, privatization, and lawsuits.
Here in New York State, in Saratoga County, citizens say the county's reports for November 2004 have a 7000-vote discrepancy.
We should not go further with DREs.
In conclusion, I urge you NOT to select DREs for use in New York City. I urge you to select the less computerized solution, paper ballots, optical scanners, and accessible ballot marking devices for voters with special needs.
An I-Team 8 Investigation
Excerpts from Interviews with MicroVote Executives, circa 2003
I-Team: Is there regulation of the industry? Aren’t there federal standards to ensure that voting systems are accurate, reliable and secure? Isn’t that why your equipment and software undergo federal qualification testing?
Bill Carson: Unfortunately the ITA (independent testing authority) has a limited scope in what they can test and check on the system. It is based on time and economics. For an independent test authority to absolutely, thoroughly test under all possible conditions that the device will operate properly they would have to spend, in my estimation, 10 times the amount of time and money as it took to develop it in the first place…. And the technology changes so rapidly, by the time they get done testing it, it’s obsolete.
I-Team: So what do ITAs not test?
Carson: (Picks up electrical cord.) UL says that this will not shock you and it will not catch fire. They don’t tell you that it actually works. That’s beyond the scope of UL testing. Absolutely nothing will you see in the FEC requirements that this (puts hand on DRE voting machine) has to work. It has to have these functions. But it doesn’t have to work.
I-Team: What about state certification testing?
Ries Jr.: We've been somewhat loosely monitored by the states. There's a lot of trust that the vendors are out for the best interest of the local jurisdictions. The states basically look at the federal qualification testing as being kind of the ultimate testing ground. As a vendor working with these independent testing authorities, they do a good job of following the test plans afforded to them by the vendors. They don't really go outside of those test plans. In the state of Indiana – and I'm not criticizing by any means – we just don't have the technical expertise to take these test result plans that the independent testing authorities provide them and really go through them in detail. Maybe it's just the leap of faith….
[] 72% of software projects in a typical year, 2000, were complete or partial failures, including 23% that were completely abandoned after huge expenditures (and waste) of time and money. Regarding partial failures, if a computer system “partially” doesn’t work, that means it doesn’t work. "Why the Current Touch Screen Voting Fiasco Was Pretty Much Inevitable" by Robert X. Cringely, December 4, 2003. http://www.pbs.org/cringely/pulpit/pulpit20031204.html
Of course, anyone who works with Microsoft Windows knows that computers don’t always work!
[] Computer security is impossible to control. The FBI lost their own report, and financial institutions with the most sophisticated computer security in the world have had massive losses. How will Boards of Elections prevent electronic tampering?
FBI: 87% of Companies Get Hacked, 44% of attacks are by insiders