The Government Accountability Office (GAO) issued a report today I requested with Rep. Henry Waxman and other Members Of Congress. In sum, the GAO found that "some of [the] concerns about electronic voting machines have been realized and have caused problems with recent elections, resulting in the loss and miscount of votes." GAO found that these concerns "merit the focused attention of federal state and local authorities responsible for election administration."
What does this mean? Much has been made about this issue during the 2004 Ohio election debaclehere on DailyKos and elsewhere, however, this is the first time Congress' investigatory arm has weighed in on the problems with our voting machines. The GAO studied the work of others and ultimately put their stamp of approval on it. That lends important credibility to the cause of election reform generally, aand more specifically to requiring that every machine have a voter verified paper ballot that is used in election days audits and, if discrepancies are found in those audits, becomes the official record for the election.
On this site and elsewhere, there have been discussions and debates about whether this or that election was "hacked." I would like to suggest putting that discussion aside for the moment (or longer -- I understand some such discussions can result in a ban from this blog community). In this context, we should focus on what we all agree on, and what the GAO found: these machines have substantial problems. To me, in addition to being an issue that goes to the heart of our democracy, this is a consumer protection issue. There are certainly voting machine manufacturers who produce a good product. But by and large, when it comes to a voting machine, the average voter is getting a lemon -- the Ford Pinto of voting technology. We must demand better.
More specifics about what GAO found: Serious problems were identified regarding the security control system, access controls, hardware controls, and the voter-verified paper audit trail system. Among the security shortcomings identified by GAO:
- Some electronic voting systems did not encrypt cast ballots or system audit logs, thus making it possible to alter them without detection.
- It is easy to alter a file defining how a ballot appears, making it possible for someone to vote for one candidate and actually be recorded as voting for an entirely different candidate.
- Falsifying election results without leaving any evidence of such an action by using altered memory cards.
- Access to the voting network was easily compromised because not all digital recording electronic voting systems (DREs) had supervisory functions password-protected, so access to one machine provided access to the whole network.
- Supervisory across to the voting network was also compromised by repeated use of the same user IDs combined with easily guessed passwords.
- The locks protecting access to the system were easily picked and keys were simple to copy.
- One DRE model was shown to have been networked in such a rudimentary fashion that a power failure on one machine would cause the entire network to fail.
- GAO identified further problems with the security protocols and background screening practices for vendor personnel.
The suggestions made by GAO to ensure the security of machines barely scratch the surface of the problems what is needed to improve the national voting systems standards. Their report divulges that, despite the many official assurances that the problems of the past elections were isolated and few, the election system is indeed riddled with problems and flaws.
The bottom line is until we make a serious commitment to address the significant security and controls concerns we have regarding our voting machines, American citizens have no reason to have complete confidence in our democracy.