Voting Machines

Most states now use electronic voting machines of some kind. It is reported that in at least 43 states the machines in use are more than 10 years old. There have been countless allegations and reports of irregularities concerning these machines. It has been shown that the use of these machines is frequently correlated with election results that differ unusually widely from pre election polls and/or exit polls.  In the past exit polls were considered the best way to detect election fraud; now, because of frequent anomalous results, they are no longer considered reliable.  It seems plausible that this is the result of widespread cheating rather than some change in the reliability of exit polls. 

All voting machines in use in the US are proprietary machines made by private companies. In some cases the top management of these companies are know supporters of a particular political point of view (pretty much exclusively the Republican point of view). It has been said that gambling machines in Nevada are better regulated than the machines that perform perhaps the most important task in any democracy, that of counting the votes. This is an unacceptable situation. 

I propose that a public interest group be set up with the aim of developing a voting machine that cannot be tampered with and that could be guaranteed to render the correct result. The code would be open to inspection by anyone. A large bounty would be offered to anyone who found a flaw, either a bug or an opportunity to alter the result. The penalty for exploiting such an opportunity would be so severe as to make the bounty much more attractive. 

The reason I am confident that this could be done successfully is that running an election is perhaps the simplest task a computer could be asked to do. The first requirement is that this be a completely purpose built machine. It should be designed to do only the minimum required to fulfill its function, and have no parts that are not necessary to that task. In other words it would not be a repurposed Windows or even Linux box. There is no need for any great degree of complexity, and certainly no need for any way of altering the code once the machines be had been set up for a particular election. Even then the only part that would be alterable would be the details about the candidates or propositions on the particular ballot. 

The underlying code would be burned into chips and completely unalterable. It would be able to handle any known voting system (first past the post, proportional representation, instant runoff etc). I am not sufficiently technically knowledgeable to be able to design such a system, but I know enough to be completely sure that it can be done, and indeed that it is not very difficult. As is often the case in our competitive system, most of the complexity is deliberately introduced either to discourage competition or to cover up opportunities for cheating. 

Part of the specification, and perhaps the hardest part, would be the requirement that there be some way for the voter to verify that his or her vote has been correctly recorded, while keeping in mind the principle that the vote be secret. It must be impossible for one’s employer, for instance, to demand proof of how someone voted, and the existence of a printed receipt that showed this information would enable him to do so. This would not therefore be a suitable way to provide this assurance. Again, I am confident that such a scheme could be devised if enough thought is given to the problem. This requirement might even be considered unnecessary in view of the fact that the code is available, and the voter can be sure that it has been vetted by a great many very smart people and that the machines had been tested according to a known protocol, and therefore perhaps be willing to take it on trust. After all, such an assurance is not available for any current method of voting. 

The machine itself could be made literally transparent for a powerful symbolic effect. Manufacturing should be a very straightforward matter and could be subcontracted. All machines would be thoroughly verified and the firmware loaded following a procedure designed to preclude cheating. This is perhaps the most critical aspect, as once the chips have been burned and permanently installed and the machine sealed no further tampering will be possible. I am confident that a group of intelligent people can come up with a suitable protocol, and this would also be published and feedback sought. The entire process would be as transparent as is humanly possible. 

Along with the machine the group should specify a complete protocol for its operation. This would include such topics as how it is protected from tampering between elections, and all aspects of its secure use. 

Once such a machine had been developed and tested, the group would turn its attention to getting it universally adopted.  A model law would be made available so that any state could easily require the use of our machine in all elections, and ban the use of proprietary machines.  It is hard to think of any valid objection that could be raised against such a proposal if it could truly be shown to be completed proof against tampering. 

The organization in charge of this project would be a nonprofit and would seek out highly respected people for its board. Bill Moyers and Jimmy Carter spring to mind, and I am sure a little thought would come up with many others. I feel that this is something that many people would regard as a public duty to participate in. 

One persistent puzzle is that all systems must be operated and managed by people, and given today’s extreme suspicion of governments how are we to design a system that is as close to incorruptible as is humanly possible, and persuade people of this fact? The goal should be to limit any potential tampering to only single machines as much as possible. If each machine has to be attacked individually it becomes much harder to mount an effective attack on the system. In addition all systems should be self checking and multiply redundant.