As you might imagine, it is hard to choose from the many
events of Election Day 2008 to report and reflect on! But I thought that I’d
pick a handful of events that show just how vitally important it is the
election equipment be designed carefully – and the consequences of products
that aren’t, and vendors that don’t seem to care. I have to say, it’s
potentially dire, which is why I’ve picked as many as 3 events to support my

First stop, New
Jersey, where some colleagues have reported first
hand that the equipment in their home precincts are failing to work ideally, in
a seemingly innocent way: "chirp!"
That’s the sounds that Sequoia AVC Advantage DRE
voting machine
should make when a voter casts and electronic ballot, just
the same as antique ballot boxes that rang a bell when a ballot was inserted.
The point of course is to provide some accountability to voters who might otherwise
be tempted to attempt to vote more than once. Whether or not you think that’s a
big deal, or even an effective method to help poll workers detect it, consider
this: with the antique ballot box, you couldn’t ‘"turn off’"the bell. With the
modern electronic voting station, a county official can choose to re-configure
to software to be silent. Why was that particular on/off switch a good feature
to have? Probably this is a product design mistake, and though simple, it
creates a way that a machine can "mal-function" and raise questions about
whether it is correctly working in other more important ways.

The vendor simply didn’t consider that designing the machine
with many configuration options (bells and whistles if you’ll pardon the pun)
simply creates the opportunity for more perceived malfunctions and lower trust.
Trust – that’s the missing design concept in NJ.

Next stop, Michigan,
where Oakland County Clerk Ruth Johnson complained that their Election Systems
& Software M-100 machines where incorrectly tabulating results during
pre-election testing. To paraphrase the vendor ES&S’s response, the machines were working correctly, but the observed
problems were the fault of the people who performed the tests incorrectly. It’s
a common refrain from all the vendors, and one that’s often – but hardly always
– true. But it misses the point. These machines are so complex and the correct
operation so detailed that in thousands of county offices across the country,
ordinary people make mistakes that make the machines appear to be

It’s the same principle in MI as in NJ. The vendor made the
machine too complex and user-error prone that the machines do not appear to be
worthy of trust. And therefore they are in fact untrustworthy! We don’t trust
an important system because somebody else keeps assuring us that it’s really
working fine – especially since there have been occasions when similar systems
were definitely found to be not working fine.

Last stop, Everywhere USA. You’ll see news reports from all
over, starting with early voting many days ago, of voting machines doing "vote
flipping." Most of these reports are
mistaken, based on voters misunderstanding what they are seeing (as I earlier
about Knox County, TN). But again, if the machines are so
poorly designed the many ordinary people don’t understand what they are seeing,
you’ve got the same missing ingredient.


Now of course many readers know that OSDV is working on
trustworthy voting systems (including our first prototype release!) But that
isn’t my final point. The really, really big problem here is what happens when
the public trust seriously starts to break down, which may be happening right
now. Probably the most notable mis-trust factor is potential security problems,
which in fact are probably less worrisome than actual reliability problems. But
security is the stated reason for threatened litigation to contest election
results using the following logic: the results in county
XYZ varied from polls; the results
contributed to a close race; the machines in county XYZ
can be hacked; therefore the results may be invalid and there should be an
investigation before election results are finalized.

I am not making this up, just to send chills down your spine
just like mine. The title of this news article is enough: Republican National Committee Prepares for Computerized
Voting Fraud Legal
Battle. Read the details if you dare, but “hackability” is the core argument of
threatened lawsuits.

We all know that no computer is perfectly secure, but the
voting equipment in use to day has fallen so far from trust – trust which
deserve to be able to place in the machineries of democracy – that now they
create a potentially huge inroad for the greatest bane of confidence in
election outcome – the courts. And I don’t mean one election landing in the
Supreme Court like in 2000. It could be many elections landing in many courts
across the land, in claims that simply cannot be refuted: “Prove to me that
this computer hasn’t been tampered with, and worked perfectly.”

When trust in our election process is reduced to that un-answerable
question, then I think that poorly designed, unreliable technology has dragged
us almost as far down as we can go down the trust scale. Let’s hope it doesn’t
come to pass in 2008.