WI Assembly OKs Voting Paper Trail

AdamBLang writes "Madison Wisconsin's Capitol Times reports 'With only four dissenting votes, the state Assembly easily passed a bill that would require that electronic voting machines create a paper record. The goal of the legislation is to make sure that Wisconsin's soon-to-be-purchased touch screen machines create a paper ballot that can be audited to verify election results.' Slashdot has previously reported on this bill." More from the article: "Wisconsin cannot go down the path of states like Florida and Ohio in having elections that the public simply doesn't trust ... By requiring a paper record on every electronic voting machine, we will ensure that not only does your vote matter in Wisconsin, but it also counts."

Good but not great

[katana]

While this will help people put greater trust in the system by providing a paper trail, the core problem is still there. If you can commit fraud by altering a computer system, surely you can commit fraud by altering the part of the system that generates the paper trail, or by altering/switching the paper trail itself. This is a limitation of technological solutions to problems of trust and reciprocity. They always encounter the problem of infinite regress, where the technological solution to a problem (often a problem generated by a previous technological solution) is always able to be undermined. This is one of the arguments why DRM is doomed to fail (eg DVD Jon can always hack the next "improved" version of DRM). In this sense, electronic voting systems are much like DRM: an inevitably limited and imperfect techonological solution that gets in the way of an important process of trust and reciprocity.

Re:Good but not great

[saskboy]

The only solution to a paper trail that the public can trust, is to have the paper marked in front of the voter, and have it inserted into the ballot box in front of their eyes, so they can be confident that a machine isn't mis-marking their ballot, or discarding their ballot for another that's put into the ballot box.

Punch cards are really a good way to do a paper trail, as it's visible to the voter, and if there's a dimple or pregnant chad it's clear the voter meant to mark that one. If there's more than one dimple, it's spoiled. In Canada if there's any kind of a mark in the designated area, the ballot is considered valid, it doesn't have to be an X. But if there's marks outside of the Voting O circle for the candidate, then it's bad, or if there's more than one marked. It's not rocket science, it's democracy. Diebold just gets it very, very wrong.

Also good for error checking?

[Deathbane27]

I assume that after the vote is cast, the voter can view the receipt. That way they can make sure their vote registered (no more dimple or chad issues). Also, if there's a discrepency between what you actually voted and what the receipt says, you can take it to the election judge.

Re:Also good for error checking?

[Dachannien]

Yes. Usually, the paper copy of the ballot feeds up behind a plastic window, allowing the voter to view the receipt for accuracy. When they indicate that they are satisfied that the ballot is correct, the machine then automatically feeds the ballot into a box. The paper ballots can then be used if there is doubt as to the accuracy of the electronic vote tally kept by the machine.

Now If Only..

[TheFlyingGoat]

This takes care of one issue. Now they need to start requiring a photo id to vote. A couple of state politicians have presented plans that would work, including ones that provide free photo ids to anyone who doesn't have a driver's license. People who didn't have a photo id when they went to vote would still be able to cast their vote, but it would be flagged in case of a recount. The vote would be unflagged if the voter provided a photo id at any point after the vote.

It makes sense, especially when there were many cases of voter fraud in Milwaukee during the 2004 election. Many votes were cast from addresses that don't exist. Granted, a photo id won't solve all the issues with voter fraud, but neither will a paper trail. Both are still a step in the right direction.

Thank god...

[chriswaclawik]

...everybody knows that votes on paper can never be tampered with.

I live in Mexico...

[Spy+der+Mann]

and here are more or less the electoral fraud techniques used by the party in power for about 70 years:

* "pregnant urns". Before the votes took place, urns were already filled with votes.
* Operation "Carousel" - groups of persons voting twice, or more
* Operation "Tamal" (a tamal is some kind of corn candy kept inside corn leaves). You grab two ballots and fold them, so now you vote for two.
* Operation "Ratón Loco" (crazy mouse). Some guy steals the urns in strategic areas (specially where the opposition is strong) and disappears.
* Vote rewriting. Before impartial organisms counted the votes, the people in charge would alter votes that were against the party in power, and nullify them.
* Dead votes. People who had died managed miraculously to resurrect and vote in favor of the official candidate.

And the most famous of all... (drum rolls, please)
The system crash. In the 1988 elections, after all the ballots were collected, the computer counting the votes suddenly went down, and when the system was up again, the votes now favored the official candidate.

After having to endure all these forms of electoral fraud, laws in Mexico became stricter to make the elections safe from frauds. These laws were promoted and approved, of course, by the opposition congressmen. One of these measures, was the inclusion of photographs in the voting credential (official ID). Another was having a designated area to vote according to your registered address. The voting areas are usually schools or museums, not farther than 5 or 6 blocks from your home.

As a result of all these measures, we finally had a president from the opposition party in 2000.

And it's kinda ironic that we have surpassed the U.S. (whom we had taken as model for transparency and democracy) because of U.S. problems like electronic voting machines, and because we use the popular vote and have more than two political parties.

technophilia

[circletimessquare]

what we need is simplicity when it comes to voting, not complexity. i believe we should never go to electronic voting, and even get rid of mechanical voting booths, which has a sordid history of tampering

fraud happens in all forms of voting mechanisms, and voting is just too much of an important and vulnerable part of our social cohesion and the source of so much faith in and integrity of our government. being so vital and vulnerable, the point in my mind would be to oversimplify the voting process on purpose. the more complex the system, the more points of failure and the more possibilities of fraud. so make the process very simple: paper ballots

i mean seriously, why the technophilia? voting is a problem that is not solved better with more technology, just made more complex. paper ballots i say. the slashdot crowd of any crowd of people should know all about the various and sordid ways malfeasance can be achieved in electronic communication and electronic storage. voting is not a complex math problem. it's very simple. no computer need apply

the slashdot crowd, as technophilic as it is, should know better than any crowd of people why electronic voting can be a downright scary prospect. don't mess with it, simplify it, which means avoiding computers in the voting process like the plague. i'm not a luddite, i am simply saying that specifically in reference to the voting process, it must be simplified technologically to ensure faith and integrity in our government

Paper trail worthless unless voter verifiable

[scottsevertson]

Any paper trail is worthless unless each voter is able to verify the printed record, *AND* the printed record is considered equivalent to any other vote. The Wisconsin bill only requires that a paper record be produced, not that the voter can see it. Why is this so important? Because of the FEC source code review clusterfuck.

HAVA [Help America Vote Act] gives the FEC governance over electronic voting, including establishing source code review procedures for all machines used in a Federal election (read: all voting machines). However, there are so many flaws in the FEC review procedure that it's downright scarry.

1. Coding standards more concerned with technical compliance than correct function. Turns out, the coding standards say more about the correct format of a "for" statement, or the appropriate amount of boilerplate documentation per method, than they do about defining correct operation, error tollerance, or anything else.
2. FEC code review doesn't cover "libraries". Want to include malicous code that only kicks in on the appropriate date, with sufficient voting volume to bury aberation in the noise? Throw it in a library, and use it in the project. Want to be really sneaky? Rebuild an open source library, or some external piece like a database driver or print driver with your malicous code.
3. Fudging alowed in FEC testing. System can't stay stable enough to run 100,000 votes sequentially on a single machine? Throw in automatic application restarts at a set interval into your test harness backend; test harness code isn't reviewed.
4. No enforcement procedure to verify reviewed code is the code running on election day. Not even checksums are required to verify compiled libraries/assmblies/executables are the same as the day they were submitted for review.
5. Reviewer incompetence. FEC reviewers may not be familiar with the language being reviewed. One claimed unequivocally that "length" was a Java keyword, and as such, couldn't be used as a variable name (a glance at the Java spec confirms his mistake). Why? Since it was used without parens like a method call, it must be a keyword.
6. Bogus documentation passes inspection. Don't have all the required class/method/variable documentation for the 2002 standards? Write a comment generator, fix it up a little by hand, and you're set!

OK, so the coding review and coding standards suck. What's that have to do with the voter verifiable paper trail? Everything. Unless the voter can visually check the ballot (and ideally should have to "sign off on it" before the electonic vote is committed), what's to stop hidden/poorly reviewed code from altering the printout *AND* the electronic vode database?

What about the paper receipt being equivelent to a traditional paper ballot? Some voting legeslation only allows the paper ballot to be used for verification, not as a true ballot. So, while you may recount the paper trail, the numbers from the recount are not legally votes, and cannot be used to change the outcome of an election (a fact that would be gleefully used by the conveniently "winning" side in a contested election). The Wisconsin bill does not specify in this matter.

How can we do better? Take a look at the procedure recommended by the Open Voting Consortium http://www.openvotingconsortium.org/>. The *primary* representation of a vote is the printed paper ballot, with a machine readable representation output beside the human readable representation. After voting concludes, each paper ballot is scanned, and compared to the electronic count.

By the way, hope your voting machine vendor has valid source control procedures (like not using a single account for all checkins?), so a malicious contractor can't check in random changes to the code base/libraries. [Evil laughter...]