Diebold Voting Controversy picked up by British Media

All the President's votes?

Those figures were more or less what political experts would have expected in state with a long tradition of electing Democrats to statewide office. But then the results came in, and all of Georgia appeared to have been turned upside down. Barnes lost the governorship to the Republican, Sonny Perdue, 46 per cent to 51 per cent, a swing of as much as 16 percentage points from the last opinion polls. Cleland lost to Chambliss 46 per cent to 53, a last-minute swing of 9 to 12 points.

Red-faced opinion pollsters suddenly had a lot of explaining to do and launched internal investigations. Political analysts credited the upset - part of a pattern of Republican successes around the country - to a huge campaigning push by President Bush in the final days of the race. They also said that Roy Barnes had lost because of a surge of "angry white men" punishing him for eradicating all but a vestige of the old confederate symbol from the state flag.

But something about these explanations did not make sense, and they have made even less sense over time. When the Georgia secretary of state's office published its demographic breakdown of the election earlier this year, it turned out there was no surge of angry white men; in fact, the only subgroup showing even a modest increase in turnout was black women.

There were also big, puzzling swings in partisan loyalties in different parts of the state. In 58 counties, the vote was broadly in line with the primary election. In 27 counties in Republican-dominated north Georgia, however, Max Cleland unaccountably scored 14 percentage points higher than he had in the primaries. And in 74 counties in the Democrat south, Saxby Chambliss garnered a whopping 22 points more for the Republicans than the party as a whole had won less than three months earlier.

Now, weird things like this do occasionally occur in elections, and the figures, on their own, are not proof of anything except statistical anomalies worthy of further study. But in Georgia there was an extra reason to be suspicious. Last November, the state became the first in the country to conduct an election entirely with touchscreen voting machines, after lavishing $54m (£33m) on a new system that promised to deliver the securest, most up-to-date, most voter-friendly election in the history of the republic. The machines, however, turned out to be anything but reliable. With academic studies showing the Georgia touchscreens to be poorly programmed, full of security holes and prone to tampering, and with thousands of similar machines from different companies being introduced at high speed across the country, computer voting may, in fact, be US democracy's own 21st-century nightmare.

In many Georgia counties last November, the machines froze up, causing long delays as technicians tried to reboot them. In heavily Democratic Fulton County, in downtown Atlanta, 67 memory cards from the voting machines went missing, delaying certification of the results there for 10 days. In neighbouring DeKalb County, 10 memory cards were unaccounted for; they were later recovered from terminals that had supposedly broken down and been taken out of service...

...Astonishingly, these are the terms under which America's top three computer voting machine manufacturers - Diebold, Sequoia and Election Systems and Software (ES&S;) - have sold their products to election officials around the country. Far from questioning the need for rigid trade secrecy and the absence of a paper record, secretaries of state and their technical advisers - anxious to banish memories of the hanging chad fiasco and other associated disasters in the 2000 presidential recount in Florida - have, for the most part, welcomed the touchscreen voting machines as a technological miracle solution.

Georgia was not the only state last November to see big last-minute swings in voting patterns. There were others in Colorado, Minnesota, Illinois and New Hampshire - all in races that had been flagged as key partisan battlegrounds, and all won by the Republican Party. Again, this was widely attributed to the campaigning efforts of President Bush and the demoralisation of a Democratic Party too timid to speak out against the looming war in Iraq.

Strangely, however, the pollsters made no comparable howlers in lower-key races whose outcome was not seriously contested. Another anomaly, perhaps. What, then, is one to make of the fact that the owners of the three major computer voting machines are all prominent Republican Party donors? Or of a recent political fund-raising letter written to Ohio Republicans by Walden O'Dell, Diebold's chief executive, in which he said he was "committed to helping Ohio to deliver its electoral votes to the president next year" - even as his company was bidding for the contract on the state's new voting machinery?

Alarmed and suspicious, a group of Georgia citizens began to look into last November's election to see whether there was any chance the results might have been deliberately or accidentally manipulated. Their research proved unexpectedly, and disturbingly, fruitful.

First, they wanted to know if the software had undergone adequate checking. Under state and federal law, all voting machinery and component parts must be certified before use in an election. So an Atlanta graphic designer called Denis Wright wrote to the secretary of state's office for a copy of the certification letter. Clifford Tatum, assistant director of legal affairs for the election division, wrote back: "We have determined that no records exist in the Secretary of State's office regarding a certification letter from the lab certifying the version of software used on Election Day." Mr Tatum said it was possible the relevant documents were with Gary Powell, an official at the Georgia Technology Authority, so campaigners wrote to him as well. Mr Powell responded he was "not sure what you mean by the words 'please provide written certification documents' ".

"If the machines were not certified, then right there the election was illegal," Mr Wright says. The secretary of state's office has yet to demonstrate anything to the contrary. The investigating citizens then considered the nature of the software itself. Shortly after the election, a Diebold technician called Rob Behler came forward and reported that, when the machines were about to be shipped to Georgia polling stations in the summer of 2002, they performed so erratically that their software had to be amended with a last-minute "patch". Instead of being transmitted via disk - a potentially time-consuming process, especially since its author was in Canada, not Georgia - the patch was posted, along with the entire election software package, on an open-access FTP, or file transfer protocol site, on the internet.

That, according to computer experts, was a violation of the most basic of security precautions, opening all sorts of possibilities for the introduction of rogue or malicious code. At the same time, however, it gave campaigners a golden opportunity to circumvent Diebold's own secrecy demands and see exactly how the system worked. Roxanne Jekot, a computer programmer with 20 years' experience, and an occasional teacher at Lanier Technical College northeast of Atlanta, did a line-by-line review and found "enough to stand your hair on end".

"There were security holes all over it," she says, "from the most basic display of the ballot on the screen all the way through the operating system." Although the programme was designed to be run on the Windows 2000 NT operating system, which has numerous safeguards to keep out intruders, Ms Jekot found it worked just fine on the much less secure Windows 98; the 2000 NT security features were, as she put it, "nullified"...

...But Ms Jekot was not the only one to examine the Diebold software and find it lacking. In July, a group of researchers from the Information Security Institute at Johns Hopkins University in Baltimore discovered what they called "stunning flaws". These included putting the password in the source code, a basic security no-no; manipulating the voter smart-card function so one person could cast more than one vote; and other loopholes that could theoretically allow voters' ballot choices to be altered without their knowledge, either on the spot or by remote access.

Diebold issued a detailed response, saying that the Johns Hopkins report was riddled with false assumptions, inadequate information and "a multitude of false conclusions". Substantially similar findings, however, were made in a follow-up study on behalf of the state of Maryland, in which a group of computer security experts catalogued 328 software flaws, 26 of them critical, putting the whole system "at high risk of compromise". "If these vulnerabilities are exploited, significant impact could occur on the accuracy, integrity, and availability of election results," their report says.

Ever since the Johns Hopkins study, Diebold has sought to explain away the open FTP file as an old, incomplete version of its election package. The claim cannot be independently verified, because of the trade-secrecy agreement, and not everyone is buying it. "It is documented throughout the code who changed what and when. We have the history of this programme from 1996 to 2002," Ms Jekot says. "I have no doubt this is the software used in the elections." Diebold now says it has upgraded its encryption and password features - but only on its Maryland machines...

...There are two reasons why the United States is rushing to overhaul its voting systems. The first is the Florida débâcle in the Bush-Gore election; no state wants to be the centre of that kind of attention again. And the second is the Help America Vote Act (HAVA), signed by President Bush last October, which promises an unprecedented $3.9bn (£2.3bn) to the states to replace their old punchcard-and-lever machines. However, enthusiasm for the new technology seems to be motivated as much by a bureaucratic love of spending as by a love of democratic accountability.

According to Rebecca Mercuri, a research fellow at Harvard's John F Kennedy School of Government and a specialist in voting systems, the shockingly high error rate of punchcard machines (3-5 per cent in Florida in 2000) has been known to people in the elections business for years. It was only after it became public knowledge in the last presidential election that anybody felt moved to do anything about it.

...Anyone who has struggled with an interactive display in a museum knows how dodgy touchscreens can be. If they don't freeze, they easily become misaligned, which means they can record the wrong data. In Dallas, during early voting before last November's election, people found that no matter how often they tried to press a Democrat button, the Republican candidate's name would light up.

After a court hearing, Diebold agreed to take down 18 machines with apparent misalignment problems. "And those were the ones where you could visually spot a problem," Dr Mercuri says. "What about what you don't see? Just because your vote shows up on the screen for the Democrats, how do you know it is registering inside the machine for the Democrats?"

Other problems have shown up periodically: machines that register zero votes, or machines that indicate voters coming to the polling station but not voting, even when a single race with just two candidates was on the ballot. Dr Mercuri was part of a lawsuit in Palm Beach County in which she and other plaintiffs tried to have a suspect Sequoia machine examined, only to run up against the brick wall of the trade-secret agreement. "It makes it really hard to show their product has been tampered with," she says, "if it's a felony to inspect it."

As for the possibilities of foul play, Dr Mercuri says they are virtually limitless. "There are literally hundreds of ways to do this," she says. "There are hundreds of ways to embed a rogue series of commands into the code and nobody would ever know because the nature of programming is so complex. The numbers would all tally perfectly." Tampering with an election could be something as simple as a "denial-of-service" attack, in which the machines simply stop working for an extended period, deterring voters faced with the prospect of long lines. Or it could be done with invasive computer codes known in the trade by such nicknames as "Trojan horses" or "Easter eggs". Detecting one of these, Dr Mercuri says, would be almost impossible unless the investigator knew in advance it was there and how to trigger it.

Computer researcher Theresa Hommel, who is alarmed by touchscreen systems, has constructed a simulated voting machine in which the same candidate always wins, no matter what data you put in. She calls her model the Fraud-o-matic, and it is available online at wheresthepaper.org....

...Voting machines are sold in the United States in much the same way as other government contracts: through intensive lobbying, wining and dining. At a recent national conference of clerks, election officials and treasurers in Denver, attendees were treated to black-tie dinners and other perks, including free expensive briefcases stamped with Sequoia's company logo alongside the association's own symbol. Nobody in power seems to find this worrying, any more than they worried when Sequoia's southern regional sales manager, Phil Foster, was indicted in Louisiana a couple of years ago for "conspiracy to commit money laundering and malfeasance".

The charges were dropped in exchange for his testimony against Louisiana's state commissioner of elections. Similarly, last year, the Arkansas secretary of state, Bill McCuen, pleaded guilty to taking bribes and kickbacks involving a precursor company to ES&S; the voting machine company executive who testified against him in exchange for immunity is now an ES&S; vice-president.

If much of the worry about vote-tampering is directed at the Republicans, it is largely because the big three touchscreen companies are all big Republican donors, pouring hundreds of thousands of dollars into party coffers in the past few years. The ownership issue is, of course, compounded by the lack of transparency. Or, as Dr Mercuri puts it: "If the machines were independently verifiable, who would give a crap who owns them?" As it is, fears that US democracy is being hijacked by corporate interests are being fuelled by links between the big three and broader business interests, as well as extremist organisations.

Two of the early backers of American Information Systems, a company later merged into ES&S;, are also prominent supporters of the Chalcedon Foundation, an organisation that espouses theocratic governance according to a literal reading of the Bible and advocates capital punishment for blasphemy and homosexuality.

The chief executive of American Information Systems in the early Nineties was Chuck Hagel, who went on to run for elective office and became the first Republican in 24 years to be elected to the Senate from Nebraska, cheered on by the Omaha World-Herald newspaper which also happens to be a big investor in ES&S.; In yet another clamorous conflict of interest, 80 per cent of Mr Hagel's winning votes - both in 1996 and again in 2002 - were counted, under the usual terms of confidentiality, by his own company.

In theory, the federal government should be monitoring the transition to computer technology and rooting out abuses. Under the Help America Vote Act, the Bush administration is supposed to establish a sizeable oversight committee, headed by two Democrats and two Republicans, as well as a technical panel to determine standards for new voting machinery. The four commission heads were supposed to have been in place by last February, but so far just one has been appointed. The technical panel also remains unconstituted, even though the new machines it is supposed to vet are already being sold in large quantities - a state of affairs Dr Mercuri denounces as "an abomination".

One of the conditions states have to fulfil to receive federal funding for the new voting machines, meanwhile, is a consolidation of voter rolls at state rather than county level. This provision sends a chill down the spine of anyone who has studied how Florida consolidated its own voter rolls just before the 2000 election, purging the names of tens of thousands of eligible voters, most of them African Americans and most of them Democrats, through misuse of an erroneous list of convicted felons commissioned by Katherine Harris, the secretary of state doubling as George Bush's Florida campaign manager. Despite a volley of lawsuits, the incorrect list was still in operation in last November's mid-terms, raising all sorts of questions about what other states might now do with their own voter rolls. It is not that the Act's consolidation provision is in itself evidence of a conspiracy to throw elections, but it does leave open that possibility.

Meanwhile, the administration has been pushing new voting technology of its own to help overseas citizens and military personnel, both natural Republican Party constituencies, to vote more easily over the internet. Internet voting is notoriously insecure and open to abuse by just about anyone with rudimentary hacking skills; just last January, an experiment in internet voting in Toronto was scuppered by a Slammer worm attack. Undeterred, the administration has gone ahead with its so-called SERVE project for overseas voting, via a private consortium made up of major defence contractors and a Saudi investment group.

The contract for overseeing internet voting in the 2004 presidential election was recently awarded to Accenture, formerly part of the Arthur Andersen group (whose accountancy branch, a major campaign contributor to President Bush, imploded as a result of the Enron bankruptcy scandal).

Not everyone in the United States has fallen under the spell of the big computer voting companies, and there are signs of growing wariness. Oregon decided even before HAVA to conduct all its voting by mail. Wisconsin has decided it wants nothing to do with touchscreen machines without a verifiable paper trail, and New York is considering a similar injunction, at least for its state assembly races.

In California, a Stanford computer science professor called David Dill is screaming from the rooftops on the need for a paper trail in his state, so far without result. And a New Jersey Congressman called Rush Holt has introduced a bill in the House of Representatives, the Voter Confidence and Increased Accessibility Act, asking for much the same thing. Not everyone is heeding the warnings, though. In Ohio, publication of the letter from Diebold's chief executive promising to deliver the state to President Bush in 2004 has not deterred the secretary of state - a Republican - from putting Diebold on a list of preferred voting-machine vendors.

Similarly, in Maryland, officials have not taken the recent state-sponsored study identifying hundreds of flaws in the Diebold software as any reason to change their plans to use Diebold machines in March's presidential primary.

The question is whether the country will come to its senses before elections start getting distorted or tampered with on such a scale that the system becomes unmanageable. The sheer volume of money offered under HAVA is unlikely to be forthcoming again in a hurry, so if things aren't done right now it is doubtful the system can be fixed again for a long time. "This is frightening, really frightening," says Dr Mercuri, and a growing number of reasonable people are starting to agree with her.

One such is John Zogby, arguably the most reliable pollster in the United States, who has freely admitted he "blew" last November's elections and does not exclude the possibility that foul play was one of the factors knocking his calculations off course. "We're ploughing into a brave new world here," he says, "where there are so many variables aside from out-and-out corruption that can change elections, especially in situations where the races are close. We have machines that break down, or are tampered with, or are simply misunderstood. It's a cause for great concern."

Roxanne Jekot, who has put much of her professional and personal life on hold to work on the issue full time, puts it even more strongly. "Corporate America is very close to running this country. The only thing that is stopping them from taking total control are the pesky voters. That's why there's such a drive to control the vote. What we're seeing is the corporatisation of the last shred of democracy.

"I feel that unless we stop it here and stop it now," she says, "my kids won't grow up to have a right to vote at all..."

All trademarks and copyrights on this page are owned by their respective companies.

printed from Diebold Voting Controversy picked up by British Media on 2004-05-01 00:12:13