E-Voting Systems Face Security QuestionsE-Voting Systems Face Security Questions

Are electronic-voting systems secure? A number of recent studies have raised questions about the security and reliability of electronic-voting machines that a growing number of cities, counties, and states are deploying. Vendors defend the security of their systems and say the criticisms are overblown.

More than one-third of local election districts are using, or planning to use, electronic-voting systems during this election year. These deployments are supported by the Help America Vote Act, which Congress passed in 2002 to prevent a repeat of the voting problems that plagued Florida during the 2000 presidential election. The law, which requires modernization of voting systems, included $3.6 billion to help local jurisdictions move from paper-based punch-card systems to electronic or optical systems.

But critics say the new systems lack strong password management and encryption, don't provide voter-verifiable receipts or a paper trail for audits and recounts, and are vulnerable to tampering by hackers and election insiders.

In Ohio, a state-funded security study last year found problems with electronic-voting systems from four vendors: Diebold Election Systems, Election Systems & Software, Hart InterCivic, and Sequoia Voting Systems. That has caused some counties to delay selecting a vendor until the problems have been corrected. "We want to put a system in place that has both the maximum security as well as trust with the voters," says Timothy Burke, chairman of the Hamilton County board of elections.

In Utah, security concerns have caused election officials to delay plans to have at least one electronic-voting machine in each precinct by the November election. "If it were up to me, we wouldn't make the change at all. There are too many questions," says Salt Lake City councilman David Wilde.

Diebold, one of the largest providers of electronic systems with more than 80,000 units in operation throughout the country, says it's working with local officials to resolve security concerns. Each electronic-voting machine undergoes stringent federal and state testing and must pass logic and accuracy tests before being used in an election, says Mark Radke, director of marketing for Diebold Election Systems.

Many of the systems being deployed look and operate like bank automatic-teller machines with touch screens. Votes are tabulated electronically and stored in a secure device or downloaded and tallied at a central location. In some cases, registered voters are issued smart cards that are used to tell the voting machines they're authorized to vote.

But there can be problems. In south Florida last month, an electronic-voting system from Election Systems & Software was used in a special election to fill a seat in the state Legislature. The election was decided by 12 votes. However, more than 130 voters cast blank ballots using the touch-screen system.

No one is sure why those ballots were blank. Speculation ranges from voters deciding at the last minute not to vote to software errors to voters failing to confirm their votes on the final screen. Normally, such a close election results in a recount. But without paper ballots or punch cards to check, there's nothing to recount.

As a result of episodes like that, states such as California are requiring some type of paper trail so recounts and audits can be conducted. "Without something tangible to count," asks David Dill, a computer-science professor at Stanford University and an electronic-voting expert, "how do you prove the results of an election are authentic?"