Below are possible talking points for letters and testimony.
(With some DREs, there is an Accessible Voter Verified Paper Audit Trail (AVVPAT) which could be counted, but some AVVPATs are not practical to count and may not overrule the DRE totals, depending on law.)
Back to the top
HAVA
HAVA is the common name for the
federal "Help America Vote Act" of 2002.
It mandates that starting in January 1, 2006, disabled and blind
people must be able to vote in federal elections privately and
unassisted. Both DREs and BMDs normally include an
an audio component so that you can vote even
if you are blind. Both may satisfy HAVA if done properly.
HAVA doesn't mandate either type, or even touchscreens at all.
See
"Myth Breakers, Facts about Electronic Elections",
http://www.VotersUnite.Org/MB2.pdf,
from VotersUnite!, for details on HAVA requirements.
Back to the top
It is estimated in Alameda County, with 600 polling stations that
all the Diebold equipment could be replaced for $2-$4 million, with
a mix of optical scan equipment plus one touch screen per polling
site. On the other hand, upgrading the 4000 DREs by adding
AVVPATs would cost $5.5 million
and would have less functionality, e.g. no IRV and a flakey audit trail..
There are hidden costs to DREs. In Arapahoe, Colorado, they forgot
to keep the batteries charged between elections, and they had
to be replaced at a cost of over $100,000
(see
"Electionline Weekly
- Feb 5, 2004, Section II").
Even if the batteries have a charge, but only a low charge,
the DREs lose the software which had been downloaded onto them.
(See
"Diebold's Voting Machine Expansion Rattles Investors", May 21, 2004
).
The cost for the charging, and the cost for the staff time to do the charging
generally will be in the Election Division budget, not directly
visible as a charge tied to the DREs.
Also Diebold systems are so complex to run that counties need roving
teams of Diebold techs, at $1500 per tech, on election day. Plus there
is $100 per year per DRE charge for the maintenance contract, whether
the machine is used or not.
Back to the top
Secretary of State Elections Analyst Wagaman
testified:
"Some county officials felt compelled to defend
an untested, unqualified, uncertified system after
having made large capital outlays."
"Following the discovery had in fact installed
uncertified and unqualified software in its California
counties in violation of California law, one would have
expected the vendor to show additional caution and
scrutiny in future applications...
Unfortunately, the fact do not support that assertion.
In the two months before the election, the company
submitted fully ten different requests for last
minute changes ..., more than three times any other
vendor."
"These applications present a disturbing pattern.
Virtually every application was submitted prior to
completion of federal testing... The vendor also showed
a disturbing pattern of abandoning attempts to seek
federal approval of previous versions of the firmware."
"In summary, the vendor marketed and sold its TSX
system before it was fully tested, qualified and
certified. It misrepresented the status of federal
testing in order to obtain State certification.
It failed to obtain federal qualification despite
assurances it would do so."
p. 63 - Panel member Miller: "it would appear from a
layman's perspective reading the contract that it
requires or permits Diebold to establish a direct
phone line, modem line with the server...from a lay
person's perspective, it sounds pretty scary.
...Would that be a customary provision in your
contracts?" Diebold didn't really answer this.
p.66: - Diebold had a 10 party restriction for primaries hard coded in
the firmware, which caused a lot of confusion in the days before the
March, 2004 primary, as California had 11 parties registered. Some
counties had to downgrade from firmware version 1.9.6 to
firmware version 194.W days before the election.
p. 68, Mott-Smith: "A second example would be San Diego county,
where we were informed that it was impossible, there
was no work-around, thee was no way to count
provisional ballots ... unless there was a change
made to the software."
Mott-Smith also asked about a problem reported
by many counties to the Secretary of State that
Diebold firmware could not handle cross-over votes
in the primary and they needed an emergency fix.
p.72: Mr. Dunn was hired by Diebold over the phone from an ad in
monster.com. His job was to help assemble, load software and ship
units. He said:
"problem of the batteries discharging
once they reached anywhere from about a 20 to 15
charge rate, they would then dump the settings,
sometimes dump the software load, and then on initial
startup, would bring up a standard Windows CE screen
and not the Diebold screen".
Also, Dunn said Diebold would come out with new software
versions and the installers would switch immediately
to the new version with no indication on the units.
Also, Dunn said, Quality Control was lacking significantly.
He said the battery problems on election day were "predicable".
p.101: Ann Barrett, Kern County registrar
Kern county contract: "The vendor, Diebold, must provide one dedicated
voice-grade line in the server room for the exclusive use by DESI
[Diebold Elections Systems Inc] as a modem support line
directly connected to server. Line must be a number that does
not go through a switchboard so that after-hours work can
be conducted whenever necessary."
Back to the top
Back to the top
Back to the top
This violates California Constitution Article II, Section 7,
and the California election code.
In Maryland, 106 DRE machines froze in the November, 2004 election when
the voter pushed the "Cast Ballot" area of the screen. When that happens,
the only thing the voter can do is to ask for help.
There is no way for a voter to hide his or her ballot choices
from the election official or vendor representative who answers
his call for help. This once again
violates the secrecy of the vote.
The problem is that
if the screen freezes with a DRE, neither you nor the
poll workers know if your vote has been recorded or not.
If instead you are using a touch-screen Ballot Marking Device,
you can see if a ballot has been printed. If not,
you can simple pull the plug and start over again,
and secrecy is not compromised.
Back to the top
On May 12, 2005, Diebold issued a
"Development Overview of Instant Runoff Voting"
on the costs and time line
for IRV in Alameda County.
It says IRV development would cost $1-$2 million. It also states
that Alameda could only use it after an upgrade from Diebold GEMS
1.8 to Diebold GEMS 2.0, a product currently under development.
It does not say whether the GEMS upgrade would cost Alameda County any money.
Why did Diebold tell Alameda County it could do it in 2002, but tells
Alameda County now it can not do it?
Jim Lindsay, President and CTO of Voting Solutions LLC, in a
letter to the Board of Supervisors
dated Feb. 27, 200,
states that the programming would cost only $10,000 and
offered to do it at that price.
Other systems already have IRV, and San Francisco used IRV in its most
recent election. I have been told that Diebold is claiming it has IRV
in its response to San Diego's Request for Purchase. Does it or doesn't it?
Back to the top
HAVA money may be used not only for buying
equipment, but also for research and development. We should do this;
it will save us money in the long run.
Back to the top
Back to the top
You do need one disabled accessible polling station
per polling location
to satisfy the HAVA (Help America Vote Act) of 2002, but only one,
and that can be a Ballot Markup Device.
For more info, see:
Back to the top
Back to the top
There were massive problems with Diebold machines in Maryland in
the November, 2004, election.
Check out the
http://www.truevoteMD.org" for details.
The Diebold machines there are
under lock and key, and months after the election, Diebold had
still not figured out what happened.
In fact they sent some of the voting machines to other states,
and Canada, to try to figure out the problem.
Would it be legal under
California law to send a machine with votes in it out of state?
Back to the top
The base system software, Windows, is prone to security problems,
especially the older system of Windows being used. Why does the election
system require old versions of Windows?
How can poll workers tell if
there is a modem or wireless card or RFID installed and active? They can't.
The system is so primitive it requires
that all users on the system use the same logon and password.
This eliminates accountability; there is no way to track who
alters any election data.
The same logon and password is used on all Diebold tabulators
across the nation.
Computer security experts uniformly state DREs are not secure enough to
rely on during elections. See for example the ACM statements:
E-Voting Technology and Standards
and
ACM Recommends Integrity, Security, Usability in E-voting
Cites Risks of Computer-based Systems
Most academic computer scientists and researchers belong to
the ACM.
Bev Harris of BlackBoxVoting.org found the
Diebold system's source code on the Internet (via a google search!),
and downloaded it. A team of computer security experts, led by Prof.
Avi Rubin, John Hopkins University, examined it and declared it to be poorly
designed with respect to security.
Back to the top
Back to the top
Back to the top
Why is this whole process so shrouded in secrecy?
I understand, and sympathize with the County Registrars who would like
the process of California Certification to be sped up. Currently, it
appers that all voting systems applying for California certification must be
tested by Steven V. Freeman. The California Elections Code allows for up
to three outside consultants to test applicants' systems. If there is a
rush, why are we limiting ourselves to just one tester?
How many applicants are waiting for their systems to be tested?
Back to the top
Computers can not be made secure. There is an old saying:
"If someone tells you their computer is secure, they are either
a fool or lying". Open Source is better, but in the end, the
only way to have any faith is to use paper ballots (optionally created
by a touch screen ballot marking device), and public precinct
tabulation. If the tabulation is by machine, there must be hand-counting
of at least a section of the races to guarantee the results.
Back to the top
My profession is software engineering. I was able to convince my
colleagues in the Legislature that touch screen voting machines are
unreliable, badly flawed, insecure, and require massive amounts of
acceptance testing that typically is not done or even thought about.
They are quite arrogant. Prof. Avi Rubin of John Hopkins University
is a leading computer security expert and has authored a study
of Diebold software. Yet Mr. Urosevich, president of Diebold
Election Systems, only would say:
With their track record in California, and their arrogance,
there is no reason to expect better results in the future.
The Secretary of State should invoke his powers to ban
Diebold from California elections business for three years
and fine them $10,000 per machine with uncertified software.
(This would help with our debt!).
Cost
Comparisons show optical scanning systems are much cheaper than DREs.
The initial cost is much less with optical scan because you only need
one optical scanner and touch screen ballot marking device per polling
place while there needs to be four or five or more
touch screen DREs per precinct.
Diebold California history is not trustworthy
Diebold is irresponsible and cannot be trusted. Hear are some
excerpts from last year's VSPP hearing into Diebold problems.
(Minutes:
April 21, 2004 and
April 22, 2004).
"After developing the [TSx] system, the vendor
marketed, sold and installed the system in four
California counites Kern, San Diego, San Joaquin
and Solano. And it did do prior to completion of
testing, prior to federal qualification and prior
to State certification."
Mr. Urosevich, president of Diebold Election Systems,
was very arrogant. He said
about the Diebold code found on a public Diebold ftp site
that "basically the code was stolen". On Prof. Ruben's
of John Hopkins University's analysis:
"Well, Hopkins was not a study, it was a homework assignment ..."
Diebold's Staff is not Trustworthy
How can we trust Diebold with the security of our elections when:
Diebold's AVVPAT is inadequate
All touchscreen DRE (Direct Recording Electronic) voting machines
in use after Jan. 1, 2006 must include an Accessible Voter Verified
Paper Audit Trail (AVVPAT). This means you can look on paper
to see if your votes were recorded accurately, before you press the
button to cast your ballot.
Diebold and Ballot Secrecy
The California Constitution and California Elections Code mandate
that citizens be able to vote in secret.
Diebold's AVVPAT prints ballots in the order cast. This
does not preserve secrecy as one can watch the order of the voters,
and then read their ballot on a recount, or possibly in a public records
request.
Instant Runoff Voting
Diebold has told Alameda County it can not do Instant Runoff
Voting (IRV), also
known as Rank Choice Voting (RCV) or Preferential Voting.
Several cities and districts in the state
have already decided to use IRV, to save costs on runoffs, etc. Diebold
in its response to the Alameda County RFP (Request for Purchase) in 2002
said
"GLOBAL's AccuVote-OS and TS
system IS THE ONLY SYSTEM on the market
today that handles cumulative and preferential voting".
(Diebold RFP Response).
Open Voting Consortium
The "Open Voting Consortium" (OVC) is a system being developed using
Open Source Software.
The open source software is software that no company owns.
Any one with knowledge of programming can look
at the source and see if there are any problems that need fixing.
For a summary of why open voting software is better,
see OVC summary.
For full details, see the Open Voting Consortium
web site.
Open Source Software
Open Source Software is software which is developed in public and
is not owned by or controlled by any particular individual or corporation.
Click here to learn more.
Optical scan performs better than touch screen
Survey after survey show that touch screen perform better than
touch screen, both in cost and in other measurements, such
as ballot falloff rate.
Outsourcing
Poll workers can't run election unassisted - they need the help of
roving teams of Diebold techs. These techs often reboot the systems,
reinstall software, etc. even though
they are not licensed or bonded, may be from out of state,
and have not sworn to the poll worker's oath.
In addition, many jurisdictions can not figure out how to
configure the
ballot definitions and contract with Diebold to do that for them.
This is out-sourcing our elections to unknown, uncertified parties.
Reliability
Diebold systems are not reliable. In San Diego, in the March 2004
primary, thousands of voters could not vote because faulty power
switches on Diebold encoders prevented the polls from opening on time,
and a second "glitch" caused 2821 votes to be miscounted.
Security
The security of Diebold Election Systems is impossible to verify.
Diebold software is proprietary; and can not be examined.
In addition, Diebold requires
modifying the firmware on the computers it is run on.
Why does this system modify the firmware?
Transparency
People are losing faith in our elections. To restore that faith we
need full transparency, where people can see their vote is counted as
they intended. Proprietary software and votes hidden in a machine do
not inspire that confidence. Survey show 30% of voters do not believe
the vote is counted accurately.
The Elimination of Neighborhood Polling Sites
In recent years, an increasing percentage of the population is using
absentee ballots. This is probably due to a number of reasons:
None of these are good trends. We are not gaining anything in return.
We must return to simple paper ballot,
possibly with the option of a ballot markup device (but not DREs)
to restore our citizens faith and ability to vote in neighborhood
polling places.
Secretary of State Obfuscations
We find it unacceptable:
Who is Steven V. Freeman? What are his credentials?
What is his contract with the state?
Computer Security
No computer used in the election should be connected to a network
and should not contain a wireless card or modem or any other way
to connect outside itself. What with RFID and similar technology,
there is no way for an election official to tell if or when such
technology is used. It must be banned and physically removed from
the machines.
Montana Bans DREs
From an article in the National Ballot Integrity Project,
Montana Outlaws Touch Screen Voting Machines
Representative Brady Wiseman, Bozeman, MT - ...
I thought you might like to know that here in Montana,
we just outlawed touch screen voting machines. House Bill 297,
sponsored by myself, passed the Montana Legislature by wide margins. It
simply requires that paper ballots be used in all elections. The
ballots may be counted by machine, and may be marked for the voter by a
machine, but we will not allow electronic ballots, with a tiny
exception for handicapped voters.
Why Not Ban Diebold?
Diebold has clearly installed uncertified, unqualified software
on systems in many California counties. They admitted to that
in the April 21-22, 2004 hearings.
"Well, Hopkins was not a study, it was a homework assignment ..."
As for the copy of the Diebold software found on a public Diebold web
site, he called it "stolen". As for the battery problems which
blocked the polls from opening on time in San Diego in the March,
2004 primary, he referred to that as an "inconvenience" and would
not admit some were disenfranchised.