Thursday, February 02, 2006

Voting Machines

I caught Lynn Landes on The Ed Schultz Show, KPOJ AM, PDX, somewhere around 2:45 PM today. She's a journalist suing the civilian authorities to recover transparency in voting, and now has a docket number with the US Supreme Court.

From the sound of it, she's against using machines entirely, at least in their present form, which makes sense, as their transparency is near zero.

So could we ever ensure a computerized voting system was honest? I imagine ballot type objects, each with a unique ID, and able to reconstitute as printed objects any time we like. Plus the ID numbers collate under each candidate, forming a cross-check. Historians get to download the bulk data in some standard format and analyze the hell out of it.

We keep it anonymous by not linking ballot ID numbers to people -- which doesn't mean we lose control on how many or which people get to vote (it's just how they vote that we don't track, not how many times).

With this infrastructure in place, one could randomly create fictitious ballots with known content and shunt then through the system, having them originate with the real votes, indistinguishably therefrom, at the precinct level.

In the final count, we would see if our fictitious ballots had been credited properly, as we'd have their ID numbers, which would then become public as not-counted audit checks. Since the ballot stuffers would come from a black box (stored in more than one location, including with election watch dogs), no vote counter would have a way to tell them apart from bona fide votes. Any significant miscounting would show up in the postmortem, perhaps voiding the results.

American Express uses a similar technique to spike proprietary mailing lists; if your store sends junk mail to the list more times than it paid for, various bogus addresses get pinged too many times, and your store gets called on the mat.

An interesting design question: should we give individuals privileged access to their own ballot ID number? Then it's their secret to keep or reveal. I could go to the data base via web form, ballot ID in hand, and call up my own voting record.

Any changes to any of my votes would be immediately obvious to me, although without the printed receipt (not counterfeited) no one would have to believe me if it said I'd wanted Chicken Little for president.

Some people might keep their ballot receipts just long enough to verify their choices were recorded properly (the ID number links to candidates' names in the relational data base), then destroy them.

Here's an idea: since the NSA is getting more involved on the domestic front, thanks to Al Qaeda, why not have the NSA come up with some new voting machine infrastructure, or at least the specifications? A consortium of universities could assist with this project.

Network security is a key specialty at the NSA. If our ability to accurately count the votes is being impaired by some kind of behind-the-scenes skulldudgery, our USG security establishment should be all about uprooting that.

The integrity of our USA codes is undermined to the extent we're unable to establish an unbroken link to the actual will of we the people. The legitimacy of the courts themselves depends on protecting the integrity of this social contract.

Congress has seemed remarkably reluctant to take this bull by the horns and address the widespread concerns of ordinary Americans that our system is broken. Maybe the executive and/or judicial branches will show more backbone?