Op-Ed Column: Hack the Vote

 

NYTimes, December 2, 2003, A 31

By PAUL KRUGMAN

 

 

 

 

 

Inviting Bush supporters to a fund-raiser, the host wrote,

"I am committed to helping Ohio deliver its electoral votes

to the president next year." No surprise there. But Walden

O'Dell - who says that he wasn't talking about his business

operations - happens to be the chief executive of Diebold

Inc., whose touch-screen voting machines are in

increasingly widespread use across the United States.

 

 

For example, Georgia - where Republicans scored spectacular

upset victories in the 2002 midterm elections - relies

exclusively on Diebold machines. To be clear, though there

were many anomalies in that 2002 vote, there is no evidence

that the machines miscounted. But there is also no evidence

that the machines counted correctly. You see, Diebold

machines leave no paper trail.

 

 

Representative Rush Holt of New Jersey, who has introduced

a bill requiring that digital voting machines leave a paper

trail and that their software be available for public

inspection, is occasionally told that systems lacking these

safeguards haven't caused problems. "How do you know?" he

asks.

 

 

What we do know about Diebold does not inspire confidence.

The details are technical, but they add up to a picture of

a company that was, at the very least, extremely sloppy

about security, and may have been trying to cover up

product defects.

 

 

Early this year Bev Harris, who is writing a book on voting

machines, found Diebold software - which the company

refuses to make available for public inspection, on the

grounds that it's proprietary - on an unprotected server,

where anyone could download it. (The software was in a

folder titled "rob-Georgia.zip.") The server was used by

employees of Diebold Election Systems to update software on

its machines. This in itself was an incredible breach of

security, offering someone who wanted to hack into the

machines both the information and the opportunity to do so.

 

 

 

An analysis of Diebold software by researchers at Johns

Hopkins and Rice Universities found it both unreliable and

subject to abuse. A later report commissioned by the state

of Maryland apparently reached similar conclusions. (It's

hard to be sure because the state released only a heavily

redacted version.)

 

 

Meanwhile, leaked internal Diebold e-mail suggests that

corporate officials knew their system was flawed, and

circumvented tests that would have revealed these problems.

The company hasn't contested the authenticity of these

documents; instead, it has engaged in legal actions to

prevent their dissemination.

 

 

Why isn't this front-page news? In October, a British

newspaper, The Independent, ran a hair-raising

investigative report on U.S. touch-screen voting. But while

the mainstream press has reported the basics, the Diebold

affair has been treated as a technology or business story -

not as a potential political scandal.

 

 

This diffidence recalls the treatment of other voting

issues, like the Florida "felon purge" that inappropriately

prevented many citizens from voting in the 2000

presidential election. The attitude seems to be that

questions about the integrity of vote counts are divisive

at best, paranoid at worst. Even reform advocates like Mr.

Holt make a point of dissociating themselves from

"conspiracy theories." Instead, they focus on legislation

to prevent future abuses.

 

 

But there's nothing paranoid about suggesting that

political operatives, given the opportunity, might engage

in dirty tricks. Indeed, given the intensity of

partisanship these days, one suspects that small dirty

tricks are common. For example, Orrin Hatch, the chairman

of the Senate Judiciary Committee, recently announced that

one of his aides had improperly accessed sensitive

Democratic computer files that were leaked to the press.

 

 

This admission - contradicting an earlier declaration by

Senator Hatch that his staff had been cleared of

culpability - came on the same day that the Senate police

announced that they were hiring a counterespionage expert

to investigate the theft. Republican members of the

committee have demanded that the expert investigate only

how those specific documents were leaked, not whether any

other breaches took place. I wonder why.

 

 

The point is that you don't have to believe in a central

conspiracy to worry that partisans will take advantage of

an insecure, unverifiable voting system to manipulate

election results. Why expose them to temptation?

 

 

I'll discuss what to do in a future column. But let's be

clear: the credibility of U.S. democracy may be at stake.