Re: “A Vote of No Confidence” (August 2004): It is hard to see why Rebecca Mercuri thinks electronic voting machines are not “trustworthy” enough to be used in U.S. elections. We in India have been using EVMs for quite a few years, incrementally refining their features, and in April and May 2004, used them in our national elections. More than 1 million EVMs were deployed and the 380 million voters who actually used them, a majority of them from rural India, had no difficulty whatsoever.
The EVMs were found to be tamperproof, there was no possibility of duplicate voting (i.e, voting for multiple candidates or casting more than one vote), they were rugged, had their own power supply, and made counting very easy and rapid, since the voting data merely had to be uploaded to the national computer network. The data was stored until the Election Commission ratified the results and all political parties signed off. Even the most cynical and crass politician in India has not found it possible to criticize the EVMs on grounds of reliability.
While the auditability of any IT system is important, one must keep in mind that auditing IT systems does not necessarily mean the use of techniques prevalent in the auditing of manual systems. When firms started auditing IT systems, for several years they insisted on IT systems being audited in the same manner as manual systems. Now these firms audit around the computer (a blackbox approach), looking at the overall system performance and identifying vulnerabilities in the input-output process and improving controls at both the hardware and software levels as necessary.
Eliminating paper has been a big savings. India is now researching ways of providing voters an option to exercise their franchise directly from their computers, rather than at the voting booth. Legal acceptance of electronic signatures and computerized voters lists, the first steps, are already in place.
Rebecca Mercuri should study the Indian experience before expressing a blanket vote of no confidence in the entire technology.
Hari Padmanabhan
IT Advisor
Southern Roadways Ltd.
Bangalore, India
Rebecca Mercuri replies: I have been following the deployment of electronic voting in India very closely. A few comments: First, the voting system in India is very different from that used in the U.S. You have one race, with a very limited number of candidates from which you can only select a single one. The U.S. typically has many races, with numerous candidates and various different balloting styles. In the California gubernatorial recall, there were 135 candidates, and the equipment in India would not be able to handle that. Nor could it handle lengthy paragraphs of referendum question text, or ballots in which there are a couple of dozen (or more) issues on which selections need to be made. The complexity of the equipment involved in handling U.S. elections poses a great problem in terms of programmability and reliability.
Second, from what I understand, the equipment used in India’s election was constructed by two government engineering firms. There is considerable skepticism regarding government-owned firms to be able to construct unbiased and trustworthy equipment.
Third, the election in your country did not run flawlessly. The Associated Press reported that newspapers were “full of reports of thugs taking away voting machines and tampering with booths.” I also understand that re-polling was required at 1,879 of the voting stations, and it is unclear whether tampering may have contributed to the surprise Congress Party victory.
And finally, voting is an activity unlike any other type that is audited. It is an anonymous process that must be preserved as such. With banking, there is a way for customers to check their balances, and if the bank starts losing their funds, they can go to another bank. This is not the case with voting. In order for an election to have the confidence of the citizens, they must be provided with some reason to believe that the votes they cast are being recorded and counted correctly. Since ballots are anonymous, voters need an independent way to assure themselves of the security of the process. Perhaps someday there will be cryptographic schemes that can provide these assurances, but they do not yet exist. Currently, this can only be provided with paper. As your election demonstrated, most of the security of elections comes from the people and the processes, not the equipment.