SECURITY AND PRIVACY

by Evan Ravitz, director, Voting by Phone Foundation

First, it must be understood that presently, most votes in the U.S. are counted by computers using programs which are proprietary secrets, so that none of us, including election officials, can verify that the programs do what they should and nothing else. Testing of the program is of course allowed, but there are many ways these secret programs could be devised to test out perfectly, but cheat in the actual votecounting. Our proposal for confirming everyone’s vote makes such cheating much more difficult. See below. The programs (“source code”) should also be publicly owned and open to inspection by anyone.

This is not a complete technical discussion of phone voting, but it’s easy to understand and use if you use ATM machines, which have buttons just like a phone. Instead of the ATM card you punch in a Personal Identification Number (PIN). We suggest giving you three tries to enter the right numbers, so the likelihood of “hackers” guessing your PIN is three in about 100,000. If they keep trying with computers, to tie up the lines if nothing else, we can shut them out.

There is more to it, obviously, but consider that people have been using much less sophisticated banking by phone and shopping by phone systems for decades. They’re not perfect, (they’re run and used by people, after all) but they work. Ours will be better:

Here’s the bottom line about security: everyone who votes by phone can be given the order in which they voted (“You were the 5790th to vote”) and the complete results of the election can be published in order of those numbers, like running races are, in a few pages of newsprint. Everyone gets their vote confirmed, but only you know which is yours. Further, these results can be published on computer diskette or the Internet so that anyone with access to a personal computer can check to see that the votes add up to the announced totals. No other voting system can offer this protection!

Worried that people will claim incorrect confirmations to try to disrupt elections? Easy. Have a group of respected nonpartisan citizens whose job is to publicly agree that their votes were published correctly. If they and the vast majority agree, disrupters will be ignored.

The present system not only cannot confirm that each vote was counted correctly, but in Colorado no ID is required and signatures are only compared if someone challenges a voter. Nobody has been challenged for impersonation in Boulder for at least 20 years! (Source: Boulder County Elections Office Manager Nancy Wurl) The system used to work because the election judges knew everyone in their precinct. Now in Boulder they often don’t even preside in their own precincts!

In 1988 CBS newswoman Barbara Nevins registered under 5 false names around New York City, and was subsequently admitted to vote 5 times. (Source: New York Times 4/23/88)

This May (1995) Denver’s KUSA reporter Paula Woodwood easily registered a dog, a cat, “Bill Clinton”, a dead person, and 11 other ineligibles. The point is: There are no perfect voting systems. They are all run by people. But phone voting is more secure than any present system.

If (rarely) someone did steal another’s ID numbers, and voted your vote before you did, the computer wouldn’t let you vote “again” and you would have to show an election official some ID and they would let you vote individually, just as would now happen if someone impersonated you before you got to the polls.

Privacy

Here’s the bottom line about privacy: Now, every absentee ballot is returned to the government in an envelope with the voter’s name and signature! We can make it much harder for elections officials to peek at your vote than that, but, as now, you must trust them to some extent. Besides, most people are proud of how they vote and tell everyone. A government that can read your license plate from outer space can also laser fingerprint your ballot or watch you vote with a camera in a crack above the booth, if it cares what you think.

There is absolutely no doubt in my mind that electronic voting would be as safe as electronic banking and at least as safe as the voting system we now use.” – Dr. Joseph Pelton, Director of Interdisciplinary Telecommunications, University of Colorado.

I don’t see any problem with trying it.” – Roy Saltman, National Institute for Science and Technology’s election systems expert.