E-Voting Is Very Different From E-Banking

from the paper-trail dept

Catching up on my reading, I recently came across this post from the University of Chicago's Saul Levmore about the merits of touchscreen voting. Levmore thinks that "the future is surely with the touch-screen or some other form of online voting." Levmore doesn't go into any detail about why he thinks this; I assume he's simply not familiar with the many e-voting problems we've covered here at Techdirt. He may not know, for example, that voting machines are susceptible to viruses that can allow a single person to corrupt every machine in a county or even an entire state. Levmore makes an interesting analogy to automatic teller machines. He points out that we've been using ATMs without any serious problems for decades, and wonders why we can't use the same technologies for voting machines.

What Levmore is missing is that the security model of an ATM is totally different from the security model of a voting machine. The most important line of defense against ATM fraud is not the machines themselves, but the fact that they produce a lengthy paper trail. If a hacker breaks into a bank's network and transfers funds from someone else's account to his own, two important things will happen. First, the victim will notice an unauthorized transaction and complain. And second, the perpetrator will need to pick up the money somehow, which will create a paper trail that will help the police find him. For example, a hacker trying to physically steal the cash from an ATM has to be physically present to pick up the cash, which increases the risk that he'll be caught in the act -- especially if he tries to knock off several machines in a row. It is the likelihood that fraud will be detected and punished, not the inherent unhackability of the machines themselves, that makes ATMs secure. In contrast, nobody knows what the "right" election outcome is supposed to be, so there's no one in a position to object if the results get altered. And because peoples' votes have to be kept secret, voting machines can't create the same kind of personally-identifiable paper trails that ATMs do. Unlike stolen cash, a stolen election doesn't need to be physically delivered to the beneficiary, so there's no way to trace the loot to find the perpetrator. That means that even if election fraud is detected, there's not going to be any straightforward way to figure out either who did it or what the result should have been. We can be pretty sure, for example, that something went wrong in the 2006 election in Sarasota County, but we have no way to be sure if foul play might have been involved or if (as seems more likely) the software was just flaky.

There's a more fundamental issue that should be especially familiar to the folks at the University of Chicago: banks have much stronger incentives to get things right than election officials. If a criminal succeeds in knocking off an ATM machine, the bank that owns that ATM machine stands to lose a lot of money. As a result, the bank has a strong incentive to take the steps necessary to secure the ATM, or to not deploy the ATM at all if it thinks that securing it would be too difficult. Banks have both the incentives and the resources to hire computer security experts to advise them on fixing potential problems with their ATM machines. In contrast, state officials have only a weak incentives to get voting machine security right. A stolen election will be a rare occurrence even with insecure voting machines, and if it does occur, state officials can easily shift blame to other people -- county election officials, vendors, poll workers. It's not surprising, therefore, that states have rushed to deploy electronic voting systems that virtually every computer securit expert on the planet says are insecure. Without strong accountability, election officials tend to be swayed by the superficial impression that computerized processes are inherently better than older technologies, or even by lobbying by voting machine vendors. Peoples' opposition to e-voting is not, as Levmore seems to think, a result of knee-jerk opposition to new technologies. It's a recognition that the e-voting problem is much harder than is generally supposed, and it's better to err on the side of caution until e-voting technology has had a chance to mature.

Filed Under: e-banking, e-voting, saul levmore


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Hans, 18 Mar 2008 @ 3:31pm

    Defining the problem wrong

    I think the problem we are having with electronic voting stems from a wrong assumption being made about the voting process. We are trying to automate what has been done before instead of improving the process with modern technology. The assumption that votes should be anonymous is the root of all this evil. In reality, we can make voting like atm transactions by removing the anonymous aspect. Now before anyone panics, let me add the rest of the banking, not ATM scenario. I will have an account that is secure and that only I have access to that will contain my voting history. But you see, I don't need to withdraw any cash, so I don't need the ATM analogy or security weaknesses. I would rather use the analogy of home banking over the internet, since no physical interaction is required to place a vote. This is a more accurate analogy and will allow me to vote over the internet from anyplace that I choose, will make absentee forms obsolete and will allow instant feedback to the entire world from the web of voting results.

    This will scare silly those that control the existing political voting system, because soon those that converse over the web will be able to swing the vote extensively by using the instant feedback online to alert those demographic groups that are not voting to get there. Because the secure account carries all of my demographics, but reports them only in aggregate, much more accurate statistics on participation will be available. The pollsters will have problems here because anyone that wants can query this base, and the primaries for both parties will be able to be managed completely without the crazy antics necessary today.

    The lamenting over those poor lost souls that they can't drag out to the voting booths will be a thing of the past. Rather than braving wind, rain sleet or hail to go out and get accosted by all those busybodies that are trying to sway voters last minute or find out what they did in the booths, I can sit comfortably at home in my ubiquitous bunny slippers and see who is winning, then cast my vote and see the difference I make in real time.

    If I log into my voting account and see a vote posted that I didn't do, or a double vote, I can lodge a complaint, just like with any other account that a transaction should be disputed over. In fact, third parties that should be seriously considered for this job would need to be credit card companies or credit reporting agencies that already manage personal data for most of us.

    This also addresses the auditing issues that concern many who contemplate this change in our voting process. By using systems that manage accounts similar to financial accounts, the auditing of these accounts could be done by independent groups to keep everyone honest. My personal account provides a voting record that I can refer back to whenever I choose. For those paranoids that don't want the government managing their private voting account (count me in here), this could always be managed by a third party. After all, that's what banks are, private keepers of our publicly issued currency. If I am willing to trust a bank or credit card company with my money, why not my vote?

    Let's stop trying to use 1700's processes when we have 22nd century technology.

    And, by the way, shame on you at tech dirt if you have been posting on these self-created problems forever, since it should be just you tech savvy guys that suggest innovative solutions to problems, not get caught up in the paranoia of the non-technical masses.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.