Protecting Your Vote
Just ask Rick Santorum. In January, Rick Santorum won the Iowa caucuses, but, because of vote counting and tabulation errors, Mitt Romney was declared the winner. In the two weeks before the error became clear, Romney’s campaign gained momentum, while Santorum’s withered.
Unfortunately, the same problem – or worse – could easily occur in Massachusetts. This year, voters will choose the president, and control of the US Senate may come down to the race shaping up between Scott Brown and Elizabeth Warren.
How will voters know their votes will be counted accurately? Massachusetts voters cast paper ballots. This is a good foundation for an election system, since the paper ballots form an “audit trail” that can be examined (and if necessary, recounted). In almost all cities and towns in the state, those ballots are slid into machines that read the ballots and total up all the votes at each polling place. The machines are reprogrammed for every election, but only 50 to 75 ballots are used to check the new programming, even though 1,000 ballots or more are likely to be put into each voting machine on Election Day. Votes from each location are then brought together and tabulated. In both steps of the process, there is the possibility of significant error.
As a technologist, I have spent decades working with information systems and computer programs, and can say one thing with certainty: mistakes can happen. In banking, business, and engineering, similar problems often arise, and they are solved elegantly: with random testing. The IRS does not take every tax return on faith – it audits a small number of them. These audits uncover errors and fraud, and serve as deterrent. Athletes are randomly tested for performance-enhancing drugs. Factories pull random samples of their products off the production line and conduct quality control checks. Municipalities send inspectors to gas stations to make sure that when the meter says you have pumped a gallon, there actually is a gallon of gas in your tank.
Audits and random tests are used anytime there are numbers involved and a lot at stake. And what could be more important than the elections we use to choose our government’s leaders?
Twenty-six states have election audits and that number is growing. After an election, the state selects a few random polling places to count the ballots by hand. The hand-counted totals are compared to machine results. If the numbers are close enough, there is confidence that any errors or mis-programming sufficient to have affected the election outcome will be discovered. Because only a few random polling locations are audited, costs are kept low. Many people are surprised to learn that we don’t audit election results here in Massachusetts.
There need not be any big conspiracies or widespread failures to make audits worthwhile. Voting machines are just like any other machine. Sometimes they break. In Waterville, Maine, voting machine malfunctions caused a Senate candidate to receive 27,000 votes – about 16,000 more than the number of registered voters in the entire district. In Barry County, Michigan, flawed programming caused incorrect results. The problem was discovered only when a county clerk received the results from the precinct where he voted and noticed that the candidate for whom he voted for had received no votes.
In addition to providing security and confidence, audits provide information. Information that election officials can use to make sure every person’s vote is counted. Audits can uncover common voter mistakes that could be fixed with, for example, better instructions. Audits can tell election officials if a ballot has been poorly designed in a way many voters cannot understand, so that future ballots can be designed better.
Let’s make 2012 the year where all Massachusetts voters have confidence that their vote will be counted. There is audit legislation pending in the Legislature. Lawmakers should pass it in time for the November election. Elections matter. And every vote counts.
Ronald L. Rivest is a professor of computer science at MIT. He is a founder of RSA Data Security.