A new report from the National Academies of Sciences, Engineering, and Medicine is recommending the use of human-readable paper ballots as the best way to protect the security and integrity of US elections, at least in the immediate future.
In fact, the committee behind the report wants election officials to consider ditching voting methods that do not provide a reliable paper-verifiable audit trail as early as the upcoming 2018 midterms and for all local, state, and federal elections by 2020.
It also does not want jurisdictions to permit the use of the Internet and Internet-connected systems to return marked ballots until "very robust guarantees" of security and verifiability are developed. Other recommendations include the need for states to mandate risk-limiting audits prior to the certification of election results and routine assessments of the integrity of voter registration systems and databases.
The report, funded by grants from the Carnegie Corporation, the William and Flora Hewlett Foundation, and several others, is based on an exhaustive analysis of the state of US election security in the wake of concerns over Russian interference in the 2016 general elections. It also examines the current state of technology and standards for voting across the country with a particular emphasis on the challenges — including those related to cybersecurity issues — stemming from the last elections.
Lee Bollinger, president of Columbia University and co-chair of the committee that developed the report, described the study as coming at a critical time for American democracy.
In a live-streamed event on Thursday, Bollinger said that when the committee began working on the report, it had fully expected to find that US voting systems were moving away from physical, in-person balloting toward Internet and remote voting.
"However, by the time the committee's first meeting in April 2017, it was clear the most significant threat to American elections was coming not simply from the need for new technologies, but rather from efforts by foreign actors seeking to undermine the credibility of election results," he said.
The report makes note of assessments by the US intelligence community of Russian involvement in several cyberattacks and attempted attacks against US election infrastructure in the months leading to the 2016 presidential election. Among them was an incident in June 2016 when network credentials to the Arizona state voter registration system were posted on a site frequented by suspected Russian hackers, and another later that month involving a voter registration system in Illinois.
Such incidents combined with aging and insecure voting equipment, inadequate poll worker training, and vulnerable voter registration systems mandate a return to paper ballots, Bollinger said. The ballot could be marked either by hand or machine using a ballot-marking device and could be counted using an optical scanner or even hand-counted.
"Paper ballots are evidence that cannot be manipulated by faulty software or hardware," he noted. "And they can be used to audit and verify the results of an election."
Marian Schneider, president of election watchdog group Verified Voting, says the recommendations in the new report are exactly in line with what her organization has been calling for, as well.
While many states already use the kind of paper-based voting system that the report recommends, many others do not, she says. Some states use completely paperless voting systems or Direct Recording Electronic (DRE) systems, for which a voter's choice is recorded and stored directly in the computer. Some DREs support a paper-based audit trail where voters can verify the system has properly captured their intent before casting their vote. And many states use a combination of paper and paperless systems, Schneider notes.
Five states — Delaware, New Jersey, Georgia, Louisiana, and South Carolina — currently vote exclusively on machines that do not support a paper record. In a report this July, the Committee on House Administration categorized these states as being exposed to the most critical election security vulnerabilities. "It is nearly impossible to determine if paperless voting machines have been hacked and if vote tallies have been altered," the report had noted.
Even DREs that support a voter verifiable paper audit trail are not foolproof because voters may not always verify their ballots before casting them. So it is possible that the information stored in a computer's memory does not accurately reflect the voter's intent, Schneider says. At the moment, the best way to mitigate such risks is to use hand- or machine-marked paper ballots.
"The most significant takeaway is that certain times in a nation's history demand unity. This is one of them," Schneider says.
The new report comes amid ongoing concerns over hacking and other forms of interference in US elections. A survey conducted at Black Hat by security vendor LastLine found 84% of the respondents saying there will be some form of hacking during the 2018 midterm elections. About 54% believed it would happen at a national level, while 47% expected disruption at the state level, with the goal of influencing state-level races. Nearly one-third believed that any hacking that takes place would be designed for propaganda purposes and not to affect the outcome of the election.
- Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
- The Votes Are In: Election Security Matters
- 70 US Election Jurisdictions Adopt Free Website Security Service
- 8 Steps Toward Safer Elections
Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.