- A quiet revolution is taking place in US politics. By
the time it's over, the integrity of elections will be in the unchallenged,
unscrutinised control of a few large - and pro-Republican - corporations.
Andrew Gumbel wonders if democracy in America can survive
-
- Something very odd happened in the mid-term elections
in Georgia last November. On the eve of the vote, opinion polls showed
Roy Barnes, the incumbent Democratic governor, leading by between nine
and 11 points. In a somewhat closer, keenly watched Senate race, polls
indicated that Max Cleland, the popular Democrat up for re-election, was
ahead by two to five points against his Republican challenger, Saxby Chambliss.
-
- Those figures were more or less what political experts
would have expected in state with a long tradition of electing Democrats
to statewide office. But then the results came in, and all of Georgia appeared
to have been turned upside down. Barnes lost the governorship to the Republican,
Sonny Perdue, 46 per cent to 51 per cent, a swing of as much as 16 percentage
points from the last opinion polls. Cleland lost to Chambliss 46 per cent
to 53, a last-minute swing of 9 to 12 points.
-
- Red-faced opinion pollsters suddenly had a lot of explaining
to do and launched internal investigations. Political analysts credited
the upset - part of a pattern of Republican successes around the country
- to a huge campaigning push by President Bush in the final days of the
race. They also said that Roy Barnes had lost because of a surge of "angry
white men" punishing him for eradicating all but a vestige of the
old confederate symbol from the state flag.
-
- But something about these explanations did not make sense,
and they have made even less sense over time. When the Georgia secretary
of state's office published its demographic breakdown of the election earlier
this year, it turned out there was no surge of angry white men; in fact,
the only subgroup showing even a modest increase in turnout was black women.
-
- There were also big, puzzling swings in partisan loyalties
in different parts of the state. In 58 counties, the vote was broadly in
line with the primary election. In 27 counties in Republican-dominated
north Georgia, however, Max Cleland unaccountably scored 14 percentage
points higher than he had in the primaries. And in 74 counties in the Democrat
south, Saxby Chambliss garnered a whopping 22 points more for the Republicans
than the party as a whole had won less than three months earlier.
-
- Now, weird things like this do occasionally occur in
elections, and the figures, on their own, are not proof of anything except
statistical anomalies worthy of further study. But in Georgia there was
an extra reason to be suspicious. Last November, the state became the first
in the country to conduct an election entirely with touchscreen voting
machines, after lavishing $54m (£33m) on a new system that promised
to deliver the securest, most up-to-date, most voter-friendly election
in the history of the republic. The machines, however, turned out to be
anything but reliable. With academic studies showing the Georgia touchscreens
to be poorly programmed, full of security holes and prone to tampering,
and with thousands of similar machines from different companies being introduced
at high speed across the country, computer voting may, in fact, be US democracy's
own 21st-century nightmare.
-
- In many Georgia counties last November, the machines
froze up, causing long delays as technicians tried to reboot them. In heavily
Democratic Fulton County, in downtown Atlanta, 67 memory cards from the
voting machines went missing, delaying certification of the results there
for 10 days. In neighbouring DeKalb County, 10 memory cards were unaccounted
for; they were later recovered from terminals that had supposedly broken
down and been taken out of service.
-
- It is still unclear exactly how results from these missing
cards were tabulated, or if they were counted at all. And we will probably
never know, for a highly disturbing reason. The vote count was not conducted
by state elections officials, but by the private company that sold Georgia
the voting machines in the first place, under a strict trade-secrecy contract
that made it not only difficult but actually illegal - on pain of stiff
criminal penalties - for the state to touch the equipment or examine the
proprietary software to ensure the machines worked properly. There was
not even a paper trail to follow up. The machines were fitted with thermal
printing devices that could theoretically provide a written record of voters'
choices, but these were not activated. Consequently, recounts were impossible.
Had Diebold Inc, the manufacturer, been asked to review the votes, all
it could have done was programme the computers to spit out the same data
as before, flawed or not.
-
- Astonishingly, these are the terms under which America's
top three computer voting machine manufacturers - Diebold, Sequoia and
Election Systems and Software (ES&S) - have sold their products to
election officials around the country. Far from questioning the need for
rigid trade secrecy and the absence of a paper record, secretaries of state
and their technical advisers - anxious to banish memories of the hanging
chad fiasco and other associated disasters in the 2000 presidential recount
in Florida - have, for the most part, welcomed the touchscreen voting machines
as a technological miracle solution.
-
- Georgia was not the only state last November to see big
last-minute swings in voting patterns. There were others in Colorado, Minnesota,
Illinois and New Hampshire - all in races that had been flagged as key
partisan battlegrounds, and all won by the Republican Party. Again, this
was widely attributed to the campaigning efforts of President Bush and
the demoralisation of a Democratic Party too timid to speak out against
the looming war in Iraq.
-
- Strangely, however, the pollsters made no comparable
howlers in lower-key races whose outcome was not seriously contested. Another
anomaly, perhaps. What, then, is one to make of the fact that the owners
of the three major computer voting machines are all prominent Republican
Party donors? Or of a recent political fund-raising letter written to Ohio
Republicans by Walden O'Dell, Diebold's chief executive, in which he said
he was "committed to helping Ohio to deliver its electoral votes to
the president next year" - even as his company was bidding for the
contract on the state's new voting machinery?
-
- Alarmed and suspicious, a group of Georgia citizens began
to look into last November's election to see whether there was any chance
the results might have been deliberately or accidentally manipulated. Their
research proved unexpectedly, and disturbingly, fruitful.
-
- First, they wanted to know if the software had undergone
adequate checking. Under state and federal law, all voting machinery and
component parts must be certified before use in an election. So an Atlanta
graphic designer called Denis Wright wrote to the secretary of state's
office for a copy of the certification letter. Clifford Tatum, assistant
director of legal affairs for the election division, wrote back: "We
have determined that no records exist in the Secretary of State's office
regarding a certification letter from the lab certifying the version of
software used on Election Day." Mr Tatum said it was possible the
relevant documents were with Gary Powell, an official at the Georgia Technology
Authority, so campaigners wrote to him as well. Mr Powell responded he
was "not sure what you mean by the words 'please provide written certification
documents' ".
-
- "If the machines were not certified, then right
there the election was illegal," Mr Wright says. The secretary of
state's office has yet to demonstrate anything to the contrary. The investigating
citizens then considered the nature of the software itself. Shortly after
the election, a Diebold technician called Rob Behler came forward and reported
that, when the machines were about to be shipped to Georgia polling stations
in the summer of 2002, they performed so erratically that their software
had to be amended with a last-minute "patch". Instead of being
transmitted via disk - a potentially time-consuming process, especially
since its author was in Canada, not Georgia - the patch was posted, along
with the entire election software package, on an open-access FTP, or file
transfer protocol site, on the internet.
-
- That, according to computer experts, was a violation
of the most basic of security precautions, opening all sorts of possibilities
for the introduction of rogue or malicious code. At the same time, however,
it gave campaigners a golden opportunity to circumvent Diebold's own secrecy
demands and see exactly how the system worked. Roxanne Jekot, a computer
programmer with 20 years' experience, and an occasional teacher at Lanier
Technical College northeast of Atlanta, did a line-by-line review and found
"enough to stand your hair on end".
-
- "There were security holes all over it," she
says, "from the most basic display of the ballot on the screen all
the way through the operating system." Although the programme was
designed to be run on the Windows 2000 NT operating system, which has numerous
safeguards to keep out intruders, Ms Jekot found it worked just fine on
the much less secure Windows 98; the 2000 NT security features were, as
she put it, "nullified".
-
- Also embedded in the software were the comments of the
programmers working on it. One described what he and his colleagues had
just done as "a gross hack". Elsewhere was the remark: "This
doesn't really work." "Not a confidence builder, would you say?"
Ms Jekot says. "They were operating in panic mode, cobbling together
something that would work for the moment, knowing that at some point they
would have to go back to figure out how to make it work more permanently."
She found some of the code downright suspect - for example, an overtly
meaningless instruction to divide the number of write-in votes by 1. "From
a logical standpoint there is absolutely no reason to do that," she
says. "It raises an immediate red flag."
-
- Mostly, though, she was struck by the shoddiness of much
of the programming. "I really expected to have some difficulty reviewing
the source code because it would be at a higher level than I am accustomed
to," she says. "In fact, a lot of this stuff looked like the
homework my first-year students might have turned in." Diebold had
no specific comment on Ms Jekot's interpretations, offering only a blanket
caution about the complexity of election systems "often not well understood
by individuals with little real-world experience".
-
- But Ms Jekot was not the only one to examine the Diebold
software and find it lacking. In July, a group of researchers from the
Information Security Institute at Johns Hopkins University in Baltimore
discovered what they called "stunning flaws". These included
putting the password in the source code, a basic security no-no; manipulating
the voter smart-card function so one person could cast more than one vote;
and other loopholes that could theoretically allow voters' ballot choices
to be altered without their knowledge, either on the spot or by remote
access.
-
- Diebold issued a detailed response, saying that the Johns
Hopkins report was riddled with false assumptions, inadequate information
and "a multitude of false conclusions". Substantially similar
findings, however, were made in a follow-up study on behalf of the state
of Maryland, in which a group of computer security experts catalogued 328
software flaws, 26 of them critical, putting the whole system "at
high risk of compromise". "If these vulnerabilities are exploited,
significant impact could occur on the accuracy, integrity, and availability
of election results," their report says.
-
- Ever since the Johns Hopkins study, Diebold has sought
to explain away the open FTP file as an old, incomplete version of its
election package. The claim cannot be independently verified, because of
the trade-secrecy agreement, and not everyone is buying it. "It is
documented throughout the code who changed what and when. We have the history
of this programme from 1996 to 2002," Ms Jekot says. "I have
no doubt this is the software used in the elections." Diebold now
says it has upgraded its encryption and password features - but only on
its Maryland machines.
-
- A key security question concerned compatibility with
Microsoft Windows, and Ms Jekot says just three programmers, all of them
senior Diebold executives, were involved in this aspect of the system.
One of these, Diebold's vice-president of research and development, Talbot
Iredale, wrote an e-mail in April 2002 - later obtained by the campaigners
- making it clear that he wanted to shield the operating system from Wylie
Labs, an independent testing agency involved in the early certification
process.
-
- The reason that emerges from the e-mail is that he wanted
to make the software compatible with WinCE 3.0, an operating system used
for handhelds and PDAs; in other words, a system that could be manipulated
from a remote location. "We do not want Wyle [sic] reviewing and certifying
the operating systems," the e-mail reads. "Therefore can we keep
to a minimum the references to the WinCE 3.0 operating system."
-
- In an earlier intercepted e-mail, this one from Ken Clark
in Diebold's research and development department, the company explained
upfront to another independent testing lab that the supposedly secure software
system could be accessed without a password, and its contents easily changed
using the Microsoft Access programme. Mr Clark says he had considered putting
in a password requirement to stop dealers and customers doing "stupid
things", but that the easy access had often "got people out of
a bind". Astonishingly, the representative from the independent testing
lab did not see anything wrong with this and granted certification to the
part of the software programme she was inspecting - a pattern of lackadaisical
oversight that was replicated all the way to the top of the political chain
of command in Georgia, and in many other parts of the country.
-
- Diebold has not contested the authenticity of the e-mails,
now openly accessible on the internet. However, Diebold did caution that,
as the e-mails were taken from a Diebold Election systems website in March
2003 by an illegal hack, the nature of the information stolen could have
been revised or manipulated.
-
- There are two reasons why the United States is rushing
to overhaul its voting systems. The first is the Florida debacle in the
Bush-Gore election; no state wants to be the centre of that kind of attention
again. And the second is the Help America Vote Act (HAVA), signed by President
Bush last October, which promises an unprecedented $3.9bn (£2.3bn)
to the states to replace their old punchcard-and-lever machines. However,
enthusiasm for the new technology seems to be motivated as much by a bureaucratic
love of spending as by a love of democratic accountability. According to
Rebecca Mercuri, a research fellow at Harvard's John F Kennedy School of
Government and a specialist in voting systems, the shockingly high error
rate of punchcard machines (3-5 per cent in Florida in 2000) has been known
to people in the elections business for years. It was only after it became
public knowledge in the last presidential election that anybody felt moved
to do anything about it.
-
- The problem is, computer touchscreen machines and other
so-called DRE (direct recording electronic) systems are significantly less
reliable than punchcards, irrespective of their vulnerability to interference.
In a series of research papers for the Voting Technology Project, a joint
venture of the prestigious Massachussetts and California Institutes of
Technology, DREs were found to be among the worst performing systems. No
method, the MIT/CalTech study conceded, worked more reliably than hand-counting
paper ballots - an option that US electoral officials seem to consider
hopelessly antiquated, or at least impractical in elections combining multiple
local, state and national races for offices from President down to dogcatcher.
-
- The clear disadvantages and dangers associated with DREs
have not deterred state and county authorities from throwing themselves
headlong into touchscreen technology. More than 40,000 machines made by
Diebold alone are already in use in 37 states, and most are touchscreens.
County after county is poised to spend hundreds of millions of dollars
more on computer voting before next spring's presidential primaries. "They
say this is the direction they have to go in to have fair elections, but
the rush to go towards computerisation is very dubious," Dr Mercuri
says. "One has to wonder why this is going on, because the way it
is set up it takes away the checks and balances we have in a democratic
society. That's the whole point of paper trails and recounts."
-
- Anyone who has struggled with an interactive display
in a museum knows how dodgy touchscreens can be. If they don't freeze,
they easily become misaligned, which means they can record the wrong data.
In Dallas, during early voting before last November's election, people
found that no matter how often they tried to press a Democrat button, the
Republican candidate's name would light up. After a court hearing, Diebold
agreed to take down 18 machines with apparent misalignment problems. "And
those were the ones where you could visually spot a problem," Dr Mercuri
says. "What about what you don't see? Just because your vote shows
up on the screen for the Democrats, how do you know it is registering inside
the machine for the Democrats?"
-
- Other problems have shown up periodically: machines that
register zero votes, or machines that indicate voters coming to the polling
station but not voting, even when a single race with just two candidates
was on the ballot. Dr Mercuri was part of a lawsuit in Palm Beach County
in which she and other plaintiffs tried to have a suspect Sequoia machine
examined, only to run up against the brick wall of the trade-secret agreement.
"It makes it really hard to show their product has been tampered with,"
she says, "if it's a felony to inspect it."
-
- As for the possibilities of foul play, Dr Mercuri says
they are virtually limitless. "There are literally hundreds of ways
to do this," she says. "There are hundreds of ways to embed a
rogue series of commands into the code and nobody would ever know because
the nature of programming is so complex. The numbers would all tally perfectly."
Tampering with an election could be something as simple as a "denial-of-service"
attack, in which the machines simply stop working for an extended period,
deterring voters faced with the prospect of long lines. Or it could be
done with invasive computer codes known in the trade by such nicknames
as "Trojan horses" or "Easter eggs". Detecting one
of these, Dr Mercuri says, would be almost impossible unless the investigator
knew in advance it was there and how to trigger it. Computer researcher
Theresa Hommel, who is alarmed by touchscreen systems, has constructed
a simulated voting machine in which the same candidate always wins, no
matter what data you put in. She calls her model the Fraud-o-matic, and
it is available online at www.wheresthepaper.org.
-
- It is not just touchscreens which are at risk from error
or malicious intrusion. Any computer system used to tabulate votes is vulnerable.
An optical scan of ballots in Scurry County, Texas, last November erroneously
declared a landslide victory for the Republican candidate for county commissioner;
a subsequent hand recount showed that the Democrat had in fact won. In
Comal County, Texas, a computerised optical scan found that three different
candidates had won their races with exactly 18,181 votes. There was no
recount or investigation, even though the coincidence, with those recurring
1s and 8s, looked highly suspicious. In heavily Democrat Broward County,
Florida - which had switched to touchscreens in the wake of the hanging
chad furore - more than 100,000 votes were found to have gone "missing"
on election day. The votes were reinstated, but the glitch was not adequately
explained. One local official blamed it on a "minor software thing".
-
- Most suspect of all was the governor's race in Alabama,
where the incumbent Democrat, Don Siegelman, was initially declared the
winner. Sometime after midnight, when polling station observers and most
staff had gone home, the probate judge responsible for elections in rural
Baldwin County suddenly "discovered" that Mr Siegelman had been
awarded 7,000 votes too many. In a tight election, the change was enough
to hand victory to his Republican challenger, Bob Riley. County officials
talked vaguely of a computer tabulation error, or a lightning strike messing
up the machines, but the real reason was never ascertained because the
state's Republican attorney general refused to authorise a recount or any
independent ballot inspection.
-
- According to an analysis by James Gundlach, a sociology
professor at Auburn University in Alabama, the result in Baldwin County
was full of wild deviations from the statistical norms established both
by this and preceding elections. And he adds: "There is simply no
way that electronic vote counting can produce two sets of results without
someone using computer programmes in ways that were not intended. In other
words, the fact that two sets of results were reported is sufficient evidence
in and of itself that the vote tabulation process was compromised."
Although talk of voting fraud quickly subsided, Alabama has now amended
its election laws to make recounts mandatory in close races.
-
- The possibility of flaws in the electoral process is
not something that gets discussed much in the United States. The attitude
seems to be: we are the greatest democracy in the world, so the system
must be fair. That has certainly been the prevailing view in Georgia, where
even leading Democrats - their prestige on the line for introducing touchscreen
voting in the first place - have fought tooth-and-nail to defend the integrity
of the system. In a phone interview, the head of the Georgia Technology
Authority who brought Diebold machines to the state, Larry Singer, blamed
the growing chorus of criticism on "fear of technology", despite
the fact that many prominent critics are themselves computer scientists.
He says: "Are these machines flawless? No. Would you have more confidence
if they were completely flawless? Yes. Is there such a thing as a flawless
system? No." Mr Singer, who left the GTA straight after the election
and took a 50 per cent pay cut to work for Sun Microsystems, insists that
voters are more likely to have their credit card information stolen by
a busboy in a restaurant than to have their vote compromised by touchscreen
technology.
-
- Voting machines are sold in the United States in much
the same way as other government contracts: through intensive lobbying,
wining and dining. At a recent national conference of clerks, election
officials and treasurers in Denver, attendees were treated to black-tie
dinners and other perks, including free expensive briefcases stamped with
Sequoia's company logo alongside the association's own symbol. Nobody in
power seems to find this worrying, any more than they worried when Sequoia's
southern regional sales manager, Phil Foster, was indicted in Louisiana
a couple of years ago for "conspiracy to commit money laundering and
malfeasance". The charges were dropped in exchange for his testimony
against Louisiana's state commissioner of elections. Similarly, last year,
the Arkansas secretary of state, Bill McCuen, pleaded guilty to taking
bribes and kickbacks involving a precursor company to ES&S; the voting
machine company executive who testified against him in exchange for immunity
is now an ES&S vice-president.
-
- If much of the worry about vote-tampering is directed
at the Republicans, it is largely because the big three touchscreen companies
are all big Republican donors, pouring hundreds of thousands of dollars
into party coffers in the past few years. The ownership issue is, of course,
compounded by the lack of transparency. Or, as Dr Mercuri puts it: "If
the machines were independently verifiable, who would give a crap who owns
them?" As it is, fears that US democracy is being hijacked by corporate
interests are being fuelled by links between the big three and broader
business interests, as well as extremist organisations. Two of the early
backers of American Information Systems, a company later merged into ES&S,
are also prominent supporters of the Chalcedon Foundation, an organisation
that espouses theocratic governance according to a literal reading of the
Bible and advocates capital punishment for blasphemy and homosexuality.
-
- The chief executive of American Information Systems in
the early Nineties was Chuck Hagel, who went on to run for elective office
and became the first Republican in 24 years to be elected to the Senate
from Nebraska, cheered on by the Omaha World-Herald newspaper which also
happens to be a big investor in ES&S. In yet another clamorous conflict
of interest, 80 per cent of Mr Hagel's winning votes - both in 1996 and
again in 2002 - were counted, under the usual terms of confidentiality,
by his own company.
-
- In theory, the federal government should be monitoring
the transition to computer technology and rooting out abuses. Under the
Help America Vote Act, the Bush administration is supposed to establish
a sizeable oversight committee, headed by two Democrats and two Republicans,
as well as a technical panel to determine standards for new voting machinery.
The four commission heads were supposed to have been in place by last February,
but so far just one has been appointed. The technical panel also remains
unconstituted, even though the new machines it is supposed to vet are already
being sold in large quantities - a state of affairs Dr Mercuri denounces
as "an abomination".
-
- One of the conditions states have to fulfil to receive
federal funding for the new voting machines, meanwhile, is a consolidation
of voter rolls at state rather than county level. This provision sends
a chill down the spine of anyone who has studied how Florida consolidated
its own voter rolls just before the 2000 election, purging the names of
tens of thousands of eligible voters, most of them African Americans and
most of them Democrats, through misuse of an erroneous list of convicted
felons commissioned by Katherine Harris, the secretary of state doubling
as George Bush's Florida campaign manager. Despite a volley of lawsuits,
the incorrect list was still in operation in last November's mid-terms,
raising all sorts of questions about what other states might now do with
their own voter rolls. It is not that the Act's consolidation provision
is in itself evidence of a conspiracy to throw elections, but it does leave
open that possibility.
-
- Meanwhile, the administration has been pushing new voting
technology of its own to help overseas citizens and military personnel,
both natural Republican Party constituencies, to vote more easily over
the internet. Internet voting is notoriously insecure and open to abuse
by just about anyone with rudimentary hacking skills; just last January,
an experiment in internet voting in Toronto was scuppered by a Slammer
worm attack. Undeterred, the administration has gone ahead with its so-called
SERVE project for overseas voting, via a private consortium made up of
major defence contractors and a Saudi investment group. The contract for
overseeing internet voting in the 2004 presidential election was recently
awarded to Accenture, formerly part of the Arthur Andersen group (whose
accountancy branch, a major campaign contributor to President Bush, imploded
as a result of the Enron bankruptcy scandal).
-
- Not everyone in the United States has fallen under the
spell of the big computer voting companies, and there are signs of growing
wariness. Oregon decided even before HAVA to conduct all its voting by
mail. Wisconsin has decided it wants nothing to do with touchscreen machines
without a verifiable paper trail, and New York is considering a similar
injunction, at least for its state assembly races. In California, a Stanford
computer science professor called David Dill is screaming from the rooftops
on the need for a paper trail in his state, so far without result. And
a New Jersey Congressman called Rush Holt has introduced a bill in the
House of Representatives, the Voter Confidence and Increased Accessibility
Act, asking for much the same thing. Not everyone is heeding the warnings,
though. In Ohio, publication of the letter from Diebold's chief executive
promising to deliver the state to President Bush in 2004 has not deterred
the secretary of state - a Republican - from putting Diebold on a list
of preferred voting-machine vendors. Similarly, in Maryland, officials
have not taken the recent state-sponsored study identifying hundreds of
flaws in the Diebold software as any reason to change their plans to use
Diebold machines in March's presidential primary.
-
- The question is whether the country will come to its
senses before elections start getting distorted or tampered with on such
a scale that the system becomes unmanageable. The sheer volume of money
offered under HAVA is unlikely to be forthcoming again in a hurry, so if
things aren't done right now it is doubtful the system can be fixed again
for a long time. "This is frightening, really frightening," says
Dr Mercuri, and a growing number of reasonable people are starting to agree
with her. One such is John Zogby, arguably the most reliable pollster in
the United States, who has freely admitted he "blew" last November's
elections and does not exclude the possibility that foul play was one of
the factors knocking his calculations off course. "We're ploughing
into a brave new world here," he says, "where there are so many
variables aside from out-and-out corruption that can change elections,
especially in situations where the races are close. We have machines that
break down, or are tampered with, or are simply misunderstood. It's a cause
for great concern."
-
- Roxanne Jekot, who has put much of her professional and
personal life on hold to work on the issue full time, puts it even more
strongly. "Corporate America is very close to running this country.
The only thing that is stopping them from taking total control are the
pesky voters. That's why there's such a drive to control the vote. What
we're seeing is the corporatisation of the last shred of democracy.
-
- "I feel that unless we stop it here and stop it
now," she says, "my kids won't grow up to have a right to vote
at all."
-
- © 2003 Independent Digital (UK) Ltd
-
- http://news.independent.co.uk/world/americas/story.jsp?story=452972
|
