Simons, Felton Stress Security, Reliability and Backup Procedures to Ensure Public’s Trust
Washington, DC, September 28, 2006 — Barbara Simons, an electronic voting expert and past president of ACM, the Association for Computing Machinery, testified today that “providing a voter verified paper trail is a significant step toward mitigating the risks and ensuring the public’s trust in the nation’s election process.” At a Congressional hearing reviewing security for e-voting machines, Simons cited a range of defenses against multiple security risks, including the kinds of human error that have recently plagued primary elections in several parts of the country.
Also testifying at today’s hearing was Edward W. Felten, Professor of Computer Science and Public Affairs at Princeton University, and a member of ACM’s U.S. Public Policy Committee. Two weeks ago, his research team released a detailed analysis of the security of one of the most widely used e-voting machines. The hearing was held by the U.S. House of Representatives Committee on House Administration.
“Computerized voting has a lot of advantages, but all computerized voting systems currently available carry risks,” Dr. Simons said. Pointing to ACM’s 2004 statement on e-voting, she cited poor design, inferior software engineering, limited audit capabilities, and lack of rigorous testing among the risks.
She hailed the role of technology in easing the looming threat. “Technology, if engineered and tested carefully, and if deployed with safeguards against failure, can reduce error rates, provide more accessibility, increase accountability, and strengthen our voting system,” she said.
Dr. Simons recommended that the widely-used machines known as Direct Recording Electronic (DRE) devices produce a voter verified paper audit trail (VVPAT) or voter verified paper ballot (VVPB). “These procedures are not merely to eliminate fraud,” she said, “but rather to increase the safety of voting systems and to allow for routine election audits.” She also cited the need for routine random manual audits, and mandatory manual recounts as well as policies and procedures that guarantee the integrity of the paper and the quality of the printers used for printed paper trails.
Dr. Felten said his research revealed specific vulnerabilities as well as broader systemic problems with the voting machine he studied. “Because they are computers, e-voting machines are susceptible to familiar computer problems such as crashes, bugs, mysterious malfunctions, data tampering, and even computer viruses,” he said.
Noting that these challenges are not insurmountable, Dr. Felten made a number of recommendations to address these serious threats to the voting process. He reinforced Dr. Simons’ call for voter-verified paper audit trails, and called for:
- Extra care in securing voting machines throughout the election process
- Improved certification for software updates to e-voting machines
- Increased use of independent security experts from the technology community
“Voting technologies must help to build trust [in the electoral system]. Today’s e-voting infrastructure is not up to the task, but tomorrow’s can be,” Dr. Felten said.
Both witnesses indicated the need for further research to improve the voting system. They called for the technical community and the election community to work together to develop computerized voting and electronic registration systems that deserve the public’s trust.
Dr. Simons co-chaired ACM’s study of statewide databases of registered voters. http://www.acm.org/usacm/VRD/ which examined accuracy, privacy, usability, security, and reliability issues. She founded ACM’s US Public Policy committee (USACM) in 1993, and served for many years as its chair or co-chair. She was a member of the National Workshop on Internet Voting, and is retired from IBM, where she was a Research Staff Member at the IBM Almaden Research Center.
Dr. Felten is Director of the Center for Information Technology Policy at Princeton University. He serves on the Executive Committee of ACM’s US Public Policy Committee (USACM). He has advised the U.S. Departments of Justice, Defense, and Homeland Security, and the Federal Trade Commission on security-related issues. In 2003, Scientific American magazine named him to its list of fifty global leaders in science and technology.
ACM, the Association for Computing Machinery http://www.acm.org, is an educational and scientific society uniting the world’s computing educators, researchers and professionals to inspire dialogue, share resources and address the field’s challenges. ACM strengthens the profession’s collective voice through strong leadership, promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth of its members by providing opportunities for life-long learning, career development, and professional networking.