By Robert X. Cringely
This is my follow-up to last week's column about the U.S. voting technology fiasco as an IT problem. We don't seem to do a very good job of running elections in this country. Our answer is to throw more technology at the problem, and last week, I suspected that our proposed solutions would just make the problems worse, not better. And I still feel that way, but this week, I have a solution to propose, and I promise you it isn't what you expect.
Last week, I questioned why the new touch screen voting machines coming into use don't create a result that can be audited. That is, they don't produce a paper trail. The rationale for not giving each voter a receipt that shows how he or she voted and can be used for later verification has always been that this would enable vote selling. If you could prove with an official receipt that you voted for Mr. Big, then it would be practical for Mr. Big to buy your vote, becoming Mayor Big. So receipts are bad, or at least, they can be bad. But that doesn't mean that auditing an election is bad, though many people -- some of them election officials -- make that illogical jump.
These same people also claim that receipts are bad because printers are unreliable or need to be refilled with paper, which they fear poll workers would be unable to do. We don't seem to have a problem printing ATM receipts or lotto cards, but then maybe the folks down at 7-11 are more technically sophisticated.
I asked the question, “Who decided to leave out this auditing capability?” The ability to audit is actually required by the Help America Vote Act of 2001, which is providing the $3.9 billion needed to buy all those touch screen voting machines. Or at least it appears to be required. Certainly, most of the Congressmen and Senators who voted for the Act thought it was required. But then the language was changed slightly in a conference committee, and for some reason, though the auditing requirement remains, most systems aren't auditable. Huh? The best explanation for this that I have seen so far says that the new machines are "able" to be audited in the same sense that I am "able" to fly a Boeing 747. I am a sentient being with basic motor skills just like all 747 pilots, so I am "able" to fly a 747. So we are "able" to audit these machines. We just don't know how.
But it would be a mistake to think that with touch screen voting we are necessarily giving up an auditing capability that we traditionally have had. The old lever voting machines that were used in the U.S. for most of the last century produced no paper trail, just lists of total votes.
Still, auditing in some form would be a good idea now because we seem to be entering a period when electronic elections can be subject to voter fraud on a massive scale. Rather than buying votes one at a time, the bogeyman is stealing votes en masse. Or even worse, it could be stealing votes on a very intelligent basis to just shade an election in a way that would go undetected. As President Kennedy once joked, his wealthy father might be willing to buy him an election, but he wouldn't buy a landslide.
There are lots of auditing ideas and systems under consideration. Many people don't see how these could work given the difficulty of rounding up all those receipts, but others point out that if even a random one percent of votes were audited, it would be a powerful discouragement to voting fraud.
My favorite voter receipt idea is the Vreceipt, which creates an auditable receipt that can't be read by the voter or by Mr. Big.
Now underlying all this is a deep distrust of the new technology and the people behind it. Software for these machines tends to be proprietary and hidden even from the officials who are supposed to "certify" that the code is accepted. This certification is a joke in that bug patches are routinely distributed after certification --- patches that ought to be re-certified, but aren't. Even worse, some of the software is considered to be off-the-shelf and not subject to certification. This applies to Windows CE, which is used in many new voting machines. But Windows CE isn't really an off-the-shelf product. Microsoft distributes it in the form of source code that is compiled for each target hardware device. So here is software that can be supremely compromised, yet the certification officials never even take a look at it.
And there's the big problem -- the people running the elections aren't actually running them. Vendors are doing that. Election officials don't know how their equipment works and won't know if it works wrong.
This is lunacy.
And it is also patronage. There is a lot of money in replacing all those machines, and that money is going primarily to the usual suspects. Remember that every public crisis in America is an opportunity for someone to make money.
In the last week, I have heard from all the voting machine companies and from some of their workers. I have heard from election officials and voting reform advocates. I have heard from all sides, including those who think I am a nut. I could take all that information those people have dumped on me and drag this thing out for another week or two in agonizing detail. I could write about the Open Source voting software being developed in Australia or the hard-wired electronic voting machines being used successfully in India . But I choose not to do that in favor of making a couple simple suggestions.
First, the area where technology might be useful but isn't being used much, as far as I can tell, is voter validation. This could be a pretty straightforward database application that simply ensures that people are who they say they are, and they only get to vote once. The Help America Vote Act and its $3.9 billion don't touch this problem. If I were even more of a cynic than I am, I might suggest that's because it is often easier to disenfranchise specific blocks of voters by losing or corrupting their registration data than any other way.
As for voting itself, I think we have made a horrible decision to solve this problem with technology. While the voting technology we have been considering is flawed, the best answer doesn't have to be some other voting technology that is somehow better. We turn to technology because it supposedly eliminates human error. I suggest that we add humans to the process in order to eliminate technological errors. And we'd save a lot of money in the process.
My model for smart voting is Canada . The Canadians are watching our election problems and laughing their butts off. They think we are crazy, and they are right.
Forget touch screens and electronic voting. In Canadian Federal elections, two barely-paid representatives of each party, known as "scrutineers," are present all day at the voting place. If there are more political parties, there are more scrutineers. To vote, you write an "X" with a pencil in a one centimeter circle beside the candidate's name, fold the ballot up and stuff it into a box. Later, the scrutineers AND ANY VOTER WHO WANTS TO WATCH all sit at a table for about half an hour and count every ballot, keeping a tally for each candidate. If the counts agree at the end of the process, the results are phoned-in and everyone goes home. If they don't, you do it again. Fairness is achieved by balanced self-interest, not by technology. The population of Canada is about the same as California , so the elections are of comparable scale. In the last Canadian Federal election the entire vote was counted in four hours. Why does it take us 30 days or more?
The 2002-2003 budget for Elections Canada is just over $57 million U.S. dollars, or $1.81 per Canadian citizen. It is extremely hard to get an equivalent per-citizen figure for U.S. elections, but trust me, it is a LOT higher. This week, San Francisco held a runoff mayoral election that cost $2.5 million, or $3.27 per citizen of the city. And this was for just one election, not a whole year of them.
We are spending $3.9 billion or $10 per citizen for new voting machines. Canada just prints ballots.
No voting system is perfect. Elections have been stolen and voters disenfranchised with paper ballots, too. But our approach of throwing technology at a problem with a result that election reliability is not improved, that it may well be compromised in new and even scarier ways, and that this all costs billions that could be put to better use makes no sense at all.