USA TODAY: Electronic voting is the real threat to elections

June 6, 2012
Editorial Board of USA Today

Imagine how easy voting would be if Americans could cast ballots the same way they buy songs from iTunes or punch in a PIN code to check out at the grocery store: You could click on a candidate from a home computer or use a touch screen device at the local polling place.

It's not entirely a fantasy. In many states, some voters can already do both. The process is seductively simple, but it's also shockingly vulnerable to problems from software failure to malicious hacking. While state lawmakers burn enormous energy in a partisan fight over in-person vote fraud, which is virtually nonexistent, they're largely ignoring far likelier ways votes can be lost, stolen or changed.

How? Sometimes, technology or the humans running it simply fail:

•In March, malfunctioning software sent votes to the wrong candidate and the wrong municipal election in Palm Beach County, Fla. The mistake was corrected only after a court-approved hand count.

•In an election in Pennington County, S.D., in 2009, a software glitch almost doubled the number of votes actually cast.

•In Carteret County, N.C., 4,530 electronic votes simply disappeared in 2004 when the voting machine ran out of storage capacity and no one noticed until too late.

•In 2010, a University of Michigan assistant professor of computer science and three assistants hacked into Washington, D.C.'s online voting system during a test. They manipulated it undetected, even programming it to play the Michigan fight song. While inside, the hackers blocked probes from Iran, India and China. Washington officials canceled plans for online voting.

Experiences like these argue for great caution about expanding electronic voting, but too many states are choosing convenience over reliability. Sixteen states, for example, use electronic voting devices with no paper backup, according to a study by the Verified Voting Foundation, Common Cause and the Rutgers School of Law. This means there's no way to know whether the machine has recorded a vote accurately or, for that matter, recorded it at all. And there's no way for elections officials to conduct a verifiable recount if things go wrong. It's far better to have, as many other states do, machines that generate a simultaneous paper record that voters can see when they vote, and that officials can audit to make sure the machines are getting the votes right.

At least for now, the next frontier in electronic voting seems to be way too wild. Twenty-five states allow online voting, chiefly for military personnel and others overseas, which means 3 million people or more could cast ballots via the Web this fall. But Alex Halderman, who led the successful penetration of Washington's online system, warns that current technology just can't keep votes safe.

Home computers are frequently infested with malware, and central systems such as Washington's are notoriously hard to secure. Those who claim otherwise overlook the fact that hackers have penetrated or shut down systems at the Pentagon, FBI, Department of Homeland Security and CIA. All these agencies have cybersecurity budgets that dwarf those of any local elections board.

The danger is as troubling as it is obvious. Elections can be stolen, without anyone noticing. Some things are best done the old-fashioned way.