2007 Press Releases
Wednesday, August 01, 2007
New Report Finds States Not Doing Enough to Ensure Accurate Count on Electronic Voting Machines
Susan Gluss, University of California, Berkeley, School of Law (510)-642-6936
Research: Random Post Election-Audits of Paper Records and Machines Essential to Ensuring Integrity of the Vote
New York, NY – The Brennan Center for Justice at NYU School of Law and the Samuelson Law, Technology & Public Policy Clinic at the University of California, Berkeley, School of Law (Boalt Hall) released a new report today that suggests a majority of states have not adopted adequate security measures to ensure the integrity of election results tallied on electronic voting machines.
While much of the voting security conversation to-date has focused on the importance of producing paper records of votes cast on electronic machines, today’s report questions that focus and suggests - absent improved post-election audit practices – the security value of new requirements for paper trails is highly questionable.
The report, "Post Elections Audits: Restoring Trust in Elections," details how few states are fully equipped to find sophisticated and targeted software-based attacks, non-systemic programming errors and software bugs that could change the outcome of an election.
To improve the integrity of election outcomes the report recommends both more targeted and rigorous audits of paper records produced by electronic voting machines. The report examines post-election audits of voter-verified paper records in detail, and explains how jurisdictions can use a randomly selected percentage of paper records after the polls have closed to check the electronic vote tallies and the performance of electronic voting machines.
“No matter how long we study machines, we're never going to think of every attack or find every bug. We can try to close up every hole we find, but ultimately using paper records to check electronic tallies is the only way we can trust these machines,” said Lawrence Norden, who is the lead author of the report and heads the Brennan Center 's Voting Technology Assessment Project. “When an election is very close we should do more auditing. In a very close race, even a small error could mean that the wrong candidate is declared the winner,” continued Norden.
To underscore the point the Brennan Center released data with the report compiled by Common Cause documenting instances in 30 states where machine malfunctions have changed vote tallies.
“Voting machines, like all other machines, break,” said Susannah Goodman, Director of Voting Integrity Programs for Common Cause. “Our chart shows that machine failures are all too common. We need systemic, mandatory audits to insure that voters choose candidates not software bugs or programming errors.”
Over the past year the Brennan Center and the Samuelson Clinic convened a blue ribbon panel of statisticians, voting experts, computer scientists, and the nation 's leading election officials, to craft practical recommendations for improving post-election audits. They spent months reviewing and evaluating existing post-election audit laws and procedures, and the papers of academics and election integrity activists that have frequently criticized such laws as inadequate.
Among the report’s key findings:
- Post-election audits of voter-verifiable paper records are a critical tool for detecting ballot-counting errors, discouraging fraud, and improving the security and reliability of electronic voting machines in future elections. Unfortunately, of the thirty-eight states that require or use voter-verifiable paper records throughout the state, twenty-three do not require such audits after every election.
- Of the few states that currently require and conduct post-election audits, none has adopted audit models that will maximize the likelihood of finding clever and targeted software-based attacks, non-systemic programming errors, and software bugs that could change the outcome of an election.
- Only one state, North Carolina, has collected and made public the most significant data from post-election audits for the purpose of improving future elections. Based upon the Brennan Center’s review of state laws and interviews with state election officials, the authors conclude that the vast majority of states conducting audits are not using them in a way that will maximize their ability to improve elections in the future.
- Regardless of the audit model a jurisdiction implements, there are several simple, practical, and inexpensive procedures that it can adopt to achieve the most important post-election auditing goals, without imposing unnecessary burdens on election officials.
The report lays out principles for local and state election officials to determine which votes should be audited, how audits should be properly conducted, and how to ensure overall audit effectiveness.
"The auditing process shouldn 't just produce recounts. Machine audits should look more like financial audits: when the results look funny, election officials should take a closer look. If they won't, candidates should be able to get the results double checked at little or no cost," said Aaron Burstein, a co-author of the report and the TRUST and ACCURATE Research Fellow for the Berkeley Center for Law and Technology and the Samuelson Law, Technology and Public Policy Clinic at the University of California, Berkeley School of Law (Boalt Hall).
“If there’s still an unexplained discrepancy between the paper record and the results on the machine – you need to have the ability to get under the hood and take a look at the source code on that machine. When you have unexplained discrepancies, there’s a high probability that something was going on with the software that produced an incorrect result.”
The Samuelson Law, Technology & Public Policy Clinic at Berkeley Law School was the first clinic in the country to provide law students with the opportunity to represent the public interest in cases and matters on the cutting-edge of high technology law. The clinic represents consumer interests in intellectual property, communications regulation and privacy issues.