Senate Rules and Administration Committee
Hearing on S. 1487, the Ballot Integrity Act of 2007

Comments by Jerry Berkman, July 24, 2007

Introduction

These comments will be online with live links at:

http://election-reform.org/laws/S1487comments.html

Here are my minimum requirements for 2008, most of these points are expanded upon below:

• Grants: No more money for DREs or VVPATs
• Paper ballots: Paper ballots should be available at every polling place for anyone who asks for one, and this should be publicized, and the paper ballots should be counted as regular votes by optical scanners or by hand (not by having staff enter them into a DRE, as was done in Riverside County) [4].
• Audits: Independent audits done by someone other than the elections officials, not only recounting a subset of the ballots, but also auditing whether remade ballots match the voters original ballots, whether the proper software is on the machines, whether signature verification rejected valid voters or allowed invalid voters to vote, etc. Professional auditors (CPAs) should be in charge of audits.
• EAC: Reduce the power of the EAC or eliminate it.
• Secret software: Don't reinforce private, secret software by putting it into law.
• Research: Since the voting machine market is too small for the vendors to expend the effort needed for high quality systems, have NSF fund several programs to develop better voting systems. These should be major programs, probably $50 million each, developing open source software that any jurisdiction can then use.
• Computers: Do not write in the law any condition which requires computers. For accessiblity, allow innovation with non-computerized solutions such as Braille, tactile systems, the new VotePad [5] and Equalivote [6] assistive devices.

DREs

Do not provide any money to buy DREs or VVPATs.

General DRE problems

• DREs have been around for a long time, and the vendors still can't get them right, e.g. see video evidence of a DRE switching votes in a city council race in Louisiana in 1995 [7].
• DREs increase undervotes by minorities, see a striking example of this from the 2006 election in New Mexico [8] and an analysis by Teresa Hommel [9].
• DREs are easy to hack, see 10 minute video explanation by Princeton researchers [10].
• DREs can not be made secure [11].
• DREs loose votes; Sarasota, Florida had the well known 18% undervote on iVotronic DREs for a Congressional District race, but Charlotte County had an even higher 25% undervote for the Florida Attorney General race [12], and other counties as well had high undervotes when using iVotronics [13]. Clearly iVotronics are not safe, but there is no movement to ban them, except Florida's Governor Crist is moving the state to paper ballots.
• Many counties and states have had such disasters with DREs that they are now going to optical scan ballots, e.g.:
  • Florida [14]
  • New Mexico [15]
  • Maryland [16]
  • Riverside County, California [17]
• No one has examined DREs for security. Elections Officials are fond of saying the systems are state tested and federally qualified. However the state testers and federal qualifiers at the California Secretary of State's Voting Testing Summit in Nov., 2005 all said that testing the security of the systems was not the purpose of their examinations.
• DREs cause long lines at the polls and disenfranchise voters [18].

VVPATs do not solve problems, they add new problems.

• None of the VVPATs currently on the market meet the requirements of S. 1487 (or H.R. 811).
• The VVPATs on the market right now violate the secrecy of the voter by recording the ballots on a continuous roll.
• Current VVPATs are too slow to count. Jill Lavine, Registrar of Sacramento, CA, testified to the EAC, that for early voting ballots, "It took 127.5 hours to recount the 114 ballots, or approximately an hour and 15 minutes for each ballot." [19]
  Thus these are unsuitable for audits.
• They don't meet Federal and State specifications and don't work reasonably. New Jersey passed a VVPAT requirement law in July 2005 and recently reported the VVPATs two years later still do not satisfy the requirements, and have many problems. For example, if the VVPAT fails, the DRE will not suspend voting, but just keeps on running without any special intervention by a poll worker [20].
• VVPATs are too expensive. The New Jersey report says $1000-$2000 per VVPAT printer [20]. Alameda County, CA, was charged $800 for each VVPAT printer, as part of an inital purchase.
• Voters are unable to or don't verify DRE summary screens or VVPATs [21]. Which means they do not solve the problem of verifiability.
• Election Sciences, Institute (ESI) reported that about 10% of the VVPATs rolls in the May, 2006 primary in Cuyahoga County (Cleveland), Ohio were unusable [22].

The EAC (Elections Assistance Commission)

• Changing the text of the consultant's report on voter fraud (voting twice, voting for dead people, etc.), and not allowing the authors to comment on the changed text for months,
• Suppressing the consultant's report on the effect of voter ID laws,
• Hiding from the public for months that Ciber wouldn't be accreditted, until this was reported by the New York Times,
• Being years behind schedule on taking over the certification of voting machines.
• Being very secretive and not responsive to the public.

According to Teresa Hommel, Section 104.(c) of S. 1487 exempts the EAC from Freedom of Information requests. If the EAC is kept, it should definitely not be exempted from Freedom of Information requests.

Intentional undervotes

Source disclosure

Either require full, public disclosure of source, or delete it from S. 1487. We can do much better than the terms in S. 1487 in state law.

Data disclosure

In Alaska, they are still litigating over who can see the raw vote total files from 2004. The Democrats want to see them because the published numbers just don't add up to the published totals [23].

Footnotes:

• ACM Computers, Freedom, and Privacy 2004 Conference, April 20-23, 2004, Oakland, CA. http://www.acm.org/announcements/cfp.3-24-04.html
• National Institute of Standards and Technology Workshop, "Developing an Analysis of Threats to Voting Systems", October 7, 2005, Gaithersburg, Maryland. http://vote.nist.gov/threats/
• California Secretary of State's Voting Systems Testing Summit, Nov. 28-29, 2005, Sacramento, CA. http://www.sos.ca.gov/elections/elections_vst_summit.htm

It is mentioned in the New York Times review of "Hacking Democracy", http://movies2.nytimes.com/2006/11/02/arts/television/02hack.html/?adxnnl=1&adxnnlx=1185228651-al2d8wjglwc05asYHovt+g

"Susan Bernecker, a Republican candidate for City Council in Jefferson Parish, La., in the mid-1990s, went to test the voting machines years ago [after she lost the election]. Twice, in a demo, she pressed her own name to see how it would register; twice the name of her opponent was registered in the memory of the machine. They test 15 more machines and find the same results."

"[Errors] included poll workers loading thermal paper into VVPAT printers backwards, blank audit trails, accordion-style crumpling of ballots, long blank spaces between ballots that could have represented missing or unprinted VVPATs, torn and taped-together VVPATs and missing ballot text."

"ESI researchers found that nearly 10 percent of VVPAT ballots sampled were in some way compromised, damaged or otherwise uncountable ..."