Voting is the free world’s Achilles heel and/or Trojan horse. Valid voters are suppressed. Vote audits are suppressed. Voter registration systems are hacked. And the worst-case scenario of all looms before us all like a monster in a horror movie: what if voting machines themselves are hacked, the “results” are faked, and democracy is quietly cancelled without the general public even noticing?
Many of the minds of the technical world have considered this problem of late, and considered various technical measures. Facebook and Google are funding and advising a bipartisan “Defending Digital Democracy” project at Harvard’s Belfer Center, with an eye to identifying and sharing threat information, and providing cybersecurity tools and playbooks to America’s vast, semi-decentralized, county-by-county electoral system.
On arguably the other end of the establishment / counterculture spectrum, at Def Con today a “Voting Machine Hacking Village” was set up, organized by technical experts such as Matt Blaze, to assess vulnerabilities in a suite of voting machines purchased at surplus and on eBay.
Admirable innovations all! But there are other, simpler, less technical, more effective steps that we could take to safeguard free and fair voting, which don’t rely on building unhackable voting machines are beefing up cybersecurity. Barbara Simons of Verified Voting has been lobbying for them for years. They are:
- Require paper ballots for all votes. No all-electronic voting; no online voting; no “cryptographically assured” e-voting. Always generate, and maintain, simple physical boxes full of individually marked paper ballots. Ballot boxes can theoretically still be stuffed, of course, but that’s easier to guard against and does not scale to scores of jurisdictions and entire nation-states.
- Dynamically audit all votes after the fact, as a precautionary measure. By “dynamically” I mean “for each and every jurisdiction, after the initial tabulation of the vote, take a small random sampling of votes and compare them to the tabulated results. I there seems to be an anomaly, go back and take a larger sample; repeat until an anomaly is statistically confirmed or cleared.”
To quote Ronald Reagan: “Trust, but verify.” Obviously we also want secure and encrypted networks, secure voting machines, etcetera. But the above plan, simple and yet effective, treats voting machines as black boxes whose output can be verified even if they have been corrupted. It’s an obvious, effective, non-partisan solution; and the slight added cost and complexity is more than justified by the value in shoring up the foundation on which our entire society is built.
For this to happen, though, it has to become an urgent priority. We as a species have a long history of reacting to new kinds of attacks only after the first few are broadly successful. That’s not a good option in this case. Fortunately, it looks like across the technical and government spectrums, and hopefully across the general public at all, there’s a growing creeping realization that voting has to be secured.