A bipartisan Commission on Federal Election Reform issues a consensus report that warns about lack of transparency in American electronic voting systems, and “insider” threats to manipulate software prior to installation in the machines. “Software can be modified maliciously before being installed into individual voting machines,” it warns.
It also calls for electronic voting systems manufacturers to provide their source code to a federal agency for independent inspection.
The Commission, co-chaired by former President Jimmy Carter and former Secretary of State James A. Baker III, makes 87 recommendations. Key points, with emphasis added:
- “Voting machines must … be transparent. They must allow for recounts and for audits, and thereby giver voters confidence in the accuracy of the vote tallies.” (p. 25)
- “If DREs [direct recording electronic machines] can be manipulated to alter the vote tallies, the same can be done with paper audit trails. Such manipulation can be detected and deterred by regular audits of voting machines. Regular audits should be done of all voting machines, including DREs and optical scan systems.” (p. 28)
- “The greater threat to most systems comes not from external hackers, but from insiders who have direct access to the machines. Software can be modified maliciously before being installed into individual voting machines. There is no reason to trust insiders in the election industry any more than in other industries, such as gambling, where sophisticated insider fraud has occurred despite extraordinary measures to prevent it.” (p. 28)
- “In addition to the output of DREs, which can be verified through a paper audit trail, the inside process of programming DREs should be open to scrutiny by candidates, their supporters, independent experts, and other interested citizens, so that problems can be detected, deterred, or corrected, and so that the public will have confidence in the machines.” (p. 28)
- “The public interest in transparency and the proprietary interests of manufacturers can be reconciled by placing the source code in escrow with the National Institute of Standards and Technology (NIST), and by making the source code available for inspection on a restricted basis to qualified individuals.” (p. 29)
- “Independent inspection of source codes would strengthen the security of voting systems software by encouraging manufacturers to improve voting system security. Expert reviews may also detect software design flaws or vulnerabilities.” (p. 29)
- “In addition to the source codes, the software and the voting machines themselves are potentially vulnerable to manipulation…..” (p. 29)
- “Manufacturers who are unwilling to submit their source codes for…supervised testing and for review by independent experts should be prohibited from selling their voting machines.” (p. 30)
- “Fraud in any degree and in any circumstance is subversive to the electoral process. The best way to maintain ballot integrity is to investigate all credible allegations of election fraud and otherwise prevent fraud before it can affect an election.”
Source:
1.https://www.american.edu/ia/cfer/report/full_report
1. In which US election cycles subsequent to this report did the Carter Center and Baker Institute urge state election authorities to carry out the four recommendations on security for voting systems?
2. What did the Carter Center and Baker Institute do to hold election voting systems companies responsible for facilitating the security recommendations?
3. What did the Center for Democracy and Election Management at the American University, the Carnegie Corporation of New York, the Ford Foundation, the John S. and James L Knight Foundation, the Omidyar Foundation, and the Pew Charitable Trusts do to press state election authorities and voting system companies to execute the security recommendations?
4. Why did the Carter Center, the Baker Institute of Rice University, and the Center for Democracy and Election Management at the American University remove this important report from their websites?
Comments are closed.