COLUMBIA, S.C. – President Trump has questioned the integrity of the 2020 election hundreds of times since Election Day, casting doubt on some of the private companies that made the voting computers, the process of collecting and counting ballots, and the legitimacy of voters who cast them. In a letter signed in mid-November by a group of over 50 election security professionals, the experts had this to say: There had been no credible evidence of computer fraud, and no amount of citing flaws in the system could prove that an attack occurred or an outcome had been altered in the absence of that. But though they disagreed with the president regarding what he used the information about the weaknesses in the voting system to suggest, they agreed that serious vulnerabilities exist.
“We and other scientists have warned for many years that there are security weaknesses in voting systems and have advocated that election systems be better secured against malicious attack,” they wrote. “It is imperative that the US continue working to bolster the security of elections against sophisticated adversaries.”
Two of the people that signed the letter, Dr. Duncan Buell and Dr. Dan Wallach, shared their recommendations with The GroundTruth Project.
The pair belong to the Election Verification Network, an invite-only group of interdisciplinary voting experts from around the country. Both agree that when states make choices about voting technology, people with technical expertise should be consulted to ensure their selections are sound. This didn’t always happen in South Carolina. Buell himself was allowed and then disallowed from presenting his opinion to a South Carolina board of five people with limited technical expertise, he said, who were responsible in 2019 for choosing the voting system that would replace the state’s aging one.
The panel ultimately selected voting computers known as Ballot Marking Devices from the vendor Election Systems & Software. Buell would have recommended the state pick a simpler system that used hand-marked ballots instead, which experts agree would have been safer and cheaper.
“It’s clear to me that the people making the decision were fed only and exactly the information that would lead them to make the decision they did,” Buell said.
South Carolina State Elections Commission spokesman Chris Whitmire indicated that inviting someone who had already decided which kind of system he preferred, as Whitmire said Buell had done, would not have been good for the panel’s decision making process.
But “the fact that they didn’t want to listen to him tells you volumes,” Wallach later told The GroundTruth Project.
If lawmakers do start consulting more with scientists about voting technology, Wallach said he’d be willing to help. “I will put on a coat and tie, and I will get on an airplane and show up at any hearing I’m invited to testify,” he said. Currently, however, “it happens sometimes, but it’s unfortunately the exception not the rule.”
Why low tech options are safer
Many voting experts agree with Buell’s preference for simple, hand-marked ballot systems, sometimes called optical scan ballots, and believe states should consider switching to the voting method if they currently use a more complicated voting technology.
In his testimony before congress earlier this year, Matt Blaze, a longtime professor of computer science and fellow signatory of the November letter, stated that paperless voting machines should be phased out “and urgently replaced with precinct-counted optical scan ballots that leave a direct artifact of voters’ choices,” marked by the hand of voters on paper ballots.
Paper is light-weight, low-power, works in low light, and is cheap, Wallach said. It’s so useful that “voting nerds joke that if we had a society without paper, and then somebody invented paper, it would be a huge hit.”
With hand-marked paper ballots, voters can actually verify which bubbles next to candidates’ names have been filled out and which ones have not been touched before they submit their choices. Because of that, a hand-marked ballot is verifiable, Buell said.
When more sophisticated computers or touchscreens are used to record votes, though they may print out confirmations about voter selections in English on paper, the tallying is often done based on the barcodes that are also printed, Buell added. Those votes are then counted by reading the information transmitted by the barcodes, not the English text. That means that “even if the voter could pull out a phone and scan the barcode and pull up numbers, the voter has no way to verify” if all the selections match up, he explained.
And in general, the more complicated a voting technology, the more likely it is to slow voting down if it fails. If one of the computers malfunctions, “the only way to expand capacity is to call the roving technician with a bunch of devices on his truck, and have this guy come and set one up,” Buell said. “It has been shown in general, that the use of these electronic devices slows things down.”
On Election Day this year in South Carolina’s capital city, a number of electronic poll books, the devices that allow election workers access to voter registration information during voter check-in, failed to work because there were power outages that disabled the internet connections the machines depended on. Poll workers had to wait for the power to return to allow people to vote.
Increased transparency across every arm of the election system would help, too, experts agree.
Technology companies and the election commissions that select their products often decline to provide information to the public about how the devices work or how they might fail, claiming that such disclosure would reveal trade secrets or put the voting system at risk of external attack, explained Wallach. He says this argument is baseless.
“This is something that the computer security community abandoned years ago,” he said. “It’s a sacrosanct idea […] that you don’t get to hide behind secrecy. Transparency can be a motivator to make better products: “You need to be secure, even when your adversary knows exactly how your thing works.”
Rigorous audits after an election are an essential part of voting systems becoming more transparent, and should be implemented nationwide, experts agree.
“The only way that a barcode system like what [South Carolinians] use, is in any way verifiable, is if we do a statistical sampling after the fact to make sure that the barcodes match up to the text,” Buell said. He is not aware of such an audit being conducted in the state.
Implementing “risk-limiting” audits was one of the key recommendations Blaze made to lawmakers this year. “Statistically rigorous ‘risk limiting audits’ should be routinely conducted after every election, in every jurisdiction, to detect and correct software failures and attacks,” he testified.
More suggestions for improving election technology
Since Wallach says the voting technology marketplace is dysfunctional and none of the companies selling to governments can claim to be innovative, why not ditch private companies altogether and let the counties create their own voting tools?
“This is a place where private industry did not solve the problem, so the government should create its own market and do it internally,” he said.
Currently, when counties purchase voting equipment from one of the few vendors that dominate the marketplace, they usually purchase a voting “system” that provides everything they need: the hardware, the software, the IT support, a training package for the staff, and customer service. Counties who make their own voting technology systems would do well to replace that tradition with one that allows for more modular technologies, Wallach suggested. If the voting equipment was interchangeable instead of proprietary, it would be cheaper and there would be more competition, he said, which would encourage a better end product. The same happened with the marketplace for personal computers, he pointed out. As laptop products and brands have become more interchangeable, add-ons have become less expensive and quality has improved.
“In a hypothetical future, where it’s open source software on standardized hardware, you could buy the standardized hardware from anybody,” Wallach added. That would have the added benefit of reducing the dependence of counties on one company to fulfill all their needs on Election Day.
And electronic poll books should be regulated, Wallach believes. As they do in South Carolina, electronic poll books often connect to the internet, which experts say makes them vulnerable to hacking. He and Buell confirmed that there are no standards or certifying entities of any kind that monitor the electronic poll book products provided to government agencies by private vendors.
While counties and commissions work on improving these more complicated election security issues, Wallach urged that ensuring that workers maintain basic security best-practices is essential.
“Our traditional boring cyber defenses, things like ‘do we have good passwords for the election officials? Did they install security updates on their computers?’ these very mundane security practices matter,” he said. “They matter a lot.”
This story is part of a reporting effort by The GroundTruth Project on voting rights in America, with support from the Jesse and Betsy Fink Charitable Fund, Solutions Journalism Network and MacArthur Foundation.