Defending Democracy 2020

Defending Democracy

Democracy was invented in Athens, Greece. There were 3,000 electors and they cast votes using clay tablets deposited in a jar: white for, black against. When the votes were all cast the jar was broken open and tablets counted. They also counted the uncast tablets, to make sure there were not any more added or removed. Simple and effective secret balloting with built-in cross-checking and voter registration and verification. For the Greeks also knew if people could cheat, then they will.

Fast forward 2,000 years and we have 300,000,000+ people and about 200,000,000 eligible voters. Add in digital technology and paper ballots, early-voting, and mail-in ballots. There has been a lot made of paper ballots and how sacrosanct they are, and how tamper-proof they are. How true is that, and what has changed to undermine the authenticity of paper ballots? What remedies can be applied to restore the security of balloting in a technology age?

In modern digital voting systems, there are a lot of safeguards built in. We have evolved from all digital systems to ones that combine paper and digital records along with precinct level digital scanners to verify the paper ballot images. Coupled to this are the poll books that track who is voting in person at polling stations, along with who has submitted absentee ballots. The focus has been in security of this process and ensuring that votes reported matched the number of paper ballots and the poll book entries. The number of absentee ballots were limited to overseas voters, military, diplomats and temporarily out of state residents who followed a strict procedure to obtain ballots and return votes. Furthermore, auditing processes are also tuned to match these election procedures along with triggers of when an audit is necessary, and the types of audits needed. This all built a secure “castle” around the election voting process.

Recently this scenario has changed dramatically by the widespread introduction of mail-in paper ballots. Effectively this has been like the invention of gunpowder and cannon to the security of the current voting castle. It is not designed to cope with the challenges this provides. And if people can cheat then they will. Worse, if you are going to cheat, cheat big because then it is even harder to argue against the outcomes and you avoid the audit criteria that are all focused on narrow winning margins in close elections.

The challenges that mail-in paper ballots provide in todays modern digital world are many. First digital technologies can replicate paper ballots that are hard to invalidate by simple visual inspection. Second digital scanners designed to handle tabulations in precinct are ill-equipped to cross-check mail-in ballots. Where did this ballot originate from, has it been already counted, has this person already voted, is this person a registered voter? Of course, it is possible to use secure one time use digital codes on paper ballots to ensure these aspects are checked. Today that is not happening.

A further aspect of digital technology is the free access to electoral voter rolls and addresses with personal data such as age, life preferences and more. Coupled to this is highspeed computer data analysis tools that can cross reference these to death records, state, and county records, and more. This allows mail-in ballots to be tailored and printed for targeted voter populations and the creation of “vote dumps”.

The upshot is that people can generate paper mail-in ballots that bypass the necessary checks, that visually can pass inspection and will be included into the vote counting process by the clerks tasked with receiving and accepting them. Similarly, the computer scanners will accept them, and most importantly, once these ballots are included into the regular blocks of ballots then they are indistinguishable and cannot be separated back out again. To use the castle analogy again, this is the perfect Trojan Horse.

With mail-in paper ballots you have very limited ability to crosscheck between the number of ballots mailed out, the numbers received back, and the people who did cast those ballots. Has the same person voted multiple times? Has the same ballot been copied and submitted by multiple people? Did the person vote or did someone else vote on their behalf? What has happened to the ballots we did not receive back again? How can people see if the ballot they mailed in has been counted? Clearly there are simply too many variables at play and a huge potential for exploitation of the process.

Restoring Trusted Election Processes

Modern digital technology provides many conveniences and the ability to validate and verify. Banking systems are an obvious example. Banking systems work well because the identity of the actors and transactions are known. This is the biggest challenge with voting systems, the need to retain voter privacy. However, one aspect of accounting that can and should apply is the idea of double ledgers. Simply put, if there is more than one secure record chain of custody, then those can be crosschecked. With polling place in person voting then you have this with the paper ballots, the digital scans, and the poll book entries. All these can be crosschecked for accuracy matching tally counts.

Today we have three aspects of voting: early voting, day-of voting, and now large-scale mail-in voting.

What is required are additional security measures and mechanisms to validate and verify across these three. Creating those multiple sets of records that can be matched. This is indeed very possible and can be implemented.

A further aspect that we can see from the original Greek system is also needed. One of independent verification. A simple system can be easily witnessed and inspected. Today almost all of elections are being managed by three commercial vendors and their systems. The software is owned by them and the details are trade secrets. Computer scientists will tell you they can make things secure with encryption and other tools such as scanner QR codes. All this does is effectively obfuscate things for poll workers and observers so that the entire process is opaque.

To solve that requires the use of open public international election standards coupled with the use of software that is open source. This allows the process being used to be independently verified and reviewed. This is not new. Watch dog groups have been asking for this for decades. The international standards have been built and published. The industry and commercial vendors have repeated obstructed the adoption and built their own proprietary methods instead. Ironically those international standards do include the very mechanisms and crosschecks needed to secure mail-in balloting.