Tuesday, October 17, 2006

No on Question 4: the Election Technology Boondoggle Act

This post continues a series arguing against Maryland's Question 4, a referendum on election law revisions that I christened the "Linda Lamone Lifetime Appointment Act" in the prior post because it makes it far too difficult to remove Ms. Lamone from her post as state election administrator.

While the proposed election laws threaten to make Ms. Lamone a permanent fixture on the Maryland political scene, they don't stop there. It's far worse really that Question 4 threatens to make "election technology for its own sake" not only policy, but a matter of state law, without a thought or a care to whether it's actually appropriate to the task at hand.

Take for instance provision 2-103 (b)(6) of HB 1368, the law that Question 4 puts to a statewide vote (emphases added here and below):
[2-103.]
[b) The State Administrator shall:]
6) implement, in a uniform and nondiscriminatory manner, a single, uniform, official, centralized, interactive computerized statewide voter registration list;
Yes, by all means: let's let the administrative and IT geniuses at our state and county boards of elections set up a single, centralized, interactive, computerized voter registration target for hackers the world over. Let's also put a big "KICK ME" at the top of the Maryland state web site while we're at it.

The "electronic poll book" provision has a similar problem (capitalization in original):
10-302.(B) (1) EACH POLLING PLACE SHALL BE EQUIPPED WITH A COMPUTER DEVICE THAT CONTAINS A RECORD OF ALL REGISTERED VOTERS IN THE COUNTY AND THAT IS CAPABLE OF BEING NETWORKED TO OTHER POLLING PLACE COMPUTER DEVICES.*
But networks are not just a capability, even a small scale network can also present a security problem. From computer science professor and election judge Aviel Rubin's account of his work as an election official on September 12:
So, a couple of hours into the election, when one of the poll books seemed to be out of sync with the others, the judges came and brought me to have a look. It appeared that this poll book was not getting synced with the others. I tested it by waiting for someone to sign in with a different poll book, and then a few minutes later trying to sign in that voter on the one in question. The voter was shown as having not voted yet. I repeated this test for about 20 minutes, but it never registered that voter as having voted, and the poll book was falling behind - about 30 by then - the other poll book machines.
That is, far from guaranteeing magical voter registration verification, an unnecessary technology fix introduced an opportunity for mistakes and/or mischief. Moreover, I have little doubt there will be a video demonstration like this one a month or a year from now showing how to ruin a network of electronic poll books by propagating a records-deleting or -altering virus.

In this case, for this purpose of voter identification and vetting, paper (or other hardcopy) records don't need to be networked. Each copy just sits there and is what it is. In this case, paper is better. Not problem-free; just better.

In a way, though, the most insidious feature of Question 4's election law revisions is this:
2-102. [...]
[(b) In exercising its authority under this article and in order to ensure compliance with this article and with any requirements of federal law, the State Board shall:]
(7) maximize the use of technology in election administration, including the development of a plan for a comprehensive computerized elections management
Absent any statutory constraint on "maximiz[ing] the use of technology," why, the sky's the limit. Any tomfool, gee-whiz election technology that comes along -- voter kiosks at the mall, biometric ID, imputing undervotes for all I know -- and there's literally a built-in imperative to adopt it. Sure, a plump, juicy state committed by law to "maximizing the use of technology" in its elections is great for the likes of Diebold -- notorious for "charging out the yin-yang" (as a colorful Diebold employee e-mail put it) when it gets half a chance. But it's not so great for Maryland.

Now you might object that of course the drafters meant something like "when appropriate, feasible, secure, auditable and tested," but then (a) this doesn't say so, and (b) you probably haven't been paying attention to Maryland election officials in action over the past many years.

Opponents of electronic voting and elections systems are often called Luddites, technophobes, and the like. The reality is diametrically opposite. Time after time, it's the people with the real understanding of computer science who expose the flaws in these systems, and time after time it's naive "technology cheerleaders" who think that using words like "computerized," "interactive," and "maximizing technology" makes them look smart and modern.

Far better that we work with paper voter registration lists to ensure that no one who's entitled to vote is kept from doing so. Far better that we demand voter-verified electronic voting, or even use paper ballots, than that we expose our democracy to the risk of a hacked or crashed election.** Far better that we rethink our whole headlong rush to questionable and unnecessary voting technology.

And thus far better that we vote "no" on Question 4 this November.


===

Next time -- No on Question 4: the Election Central Command and Control Act.


=====
NOTES: This post is based on a "No On 4" post I wrote in late September. The ATM hack item is via Michael Silence.

* Just one device? I guess having more than one doesn't contradict having "a" device, and you'd better have more than one, in case of crashes. Paper doesn't crash.
** In Germany, for instance, the count is done manually by local civil servants, overseen by volunteer citizen observers.

0 Comments:

Post a Comment

<< Home