American Elections’ Legitimation Crisis
posted by Frank Pasquale
About a week ago Clive Thompson reported on continuing suspicions about voting machines. He offers a provocative analogy on the apparent outsourcing of essential government functions to private contractors:
[C]ritics maintain [that] people who make and sell machines are now central to running elections. Elections officials simply do not know enough about how the machines work to maintain or fix them. When a machine crashes or behaves erratically on Election Day, many county elections officials must rely on the vendors — accepting their assurances that the problem is fixed and, crucially, that no votes were altered.
In essence, elections now face a similar outsourcing issue to that seen in the Iraq war, where the government has ceded so many core military responsibilities to firms like Halliburton and Blackwater that Washington can no longer fire the contractor. Vendors do not merely sell machines to elections departments. In many cases, they are also paid to train poll workers, design ballots and repair broken machines, for years on end.
Thompson suggests that there is a fundamental problem in voting that tends to make suspicion of the results inevitable: “in an election, the voter must remain anonymous to the government. If a machine crashes and the county worries it has lost some ballots, it cannot go back and ask voters how they voted — because it doesn’t know who they are. It is the need for anonymity that fuels the quest for perfection in voting machines.” Some legal scholars have recently suggested excellent ways of addressing this problem.
In a comment at Madisonian, James Grimmelmann makes the case that we can separate the need for secrecy in voting from the need for secrecy in software for voting:
Giving a voter a receipt is technically tricky. You have to (a) give them a a receipt that doesn’t actually list their votes (or they could use it to sell their vote), and (b) give them a receipt that is comprehensible enough that they trust accurately reflects their vote and isn’t just a bunch of random gibberish. Doing (a) and (b) at the same time require serious cryptography; even if it’s working correctly, the voter may not believe that it is.
Voter-verified paper trails (as opposed to voter receipts) are a more robust solution, because the voting machine keeps the piece of paper (which can therefore show the actual names of the votes). The voter confirms that the paper correctly indicates her vote, but the ballot workers can then have a separate independent mechanism to count from in case of dispute.
The answer to your question, then, is that the secrecy of the ballot booth creates some requirements for less than complete transparency. Those requirements, however, don’t translate into a similar requirement that the source code of the voting machines be secret. That’s just ill-advised security by obscurity.
Michael Carrier has done insightful work on the topic, proposing “voter-verified paper trail[s], random audits, [and] open source software.” David Levine has contextualized the voting machine issue in the larger problem of trade secrets in infrastructure. Now Danielle Citron’s important new piece Open Code Governance is providing a new set of arguments for open software as a keystone of legitimacy for automated processes:
E-voting systems use proprietary software. As a result, election officials, candidates, technical experts, and interested citizens typically cannot inspect the source code to ensure the software works correctly. Courts provide trade secret protection to the source code, refusing access to it even in cases where programming errors allegedly caused election irregularities.
[But] open code e-voting systems would attract “the country’s best independent technical experts to analyze the source code and publish their findings.” Such projects generate interest due to the reputational advantages of participating in such projects.
Consider Australia’s open code e-voting project. A private company designed Australia’s e-voting system and posted its source code online for review and criticism. The vendor posted all of its drafts of the source code, including its final version. Interested programmers and independent auditors studied the source code and provided feedback. An Australian National University professor caught the most serious problem. The vendor, in turn, fixed the source code, shoring up the system’s security. Australia’s e-voting system has received broad praise for its reliability and security. Similarly, computer scientists working for the Open Voting Consortium have begun programming open source software for election systems in the United States.
Citron’s work chronicles extraordinary errors that happen due to extensive software utilization in both government programs and elections. Thankfully, Thompson reports, the issue can no longer be seen as a partisan gripe arising out of 2000’s razor’s edge Florida race:
In Pittsburgh, the chief opponent of the machines is David Fawcett, the lone Republican on the county board of elections. “It’s not a partisan issue,” he says. “And even if it was, Republicans, at least in this state, would have a much greater interest in accuracy. The capacity for error is big, and the error itself could be so much greater than it could be on prior systems.”
I think that’s the main reason election machine companies are finally starting to listen to the academics and activists who, like Princeton’s Ed Felten, have insisted that a great democracy deserves a dependable voting system:
Amazingly, the Diebold spokesman, Chris Riggall, admitted to me that the company is considering making the software open source on its next generation of touch-screen machines, so that anyone could download, inspect or repair the code. The pressure from states is growing, he added, and “if the expectations of our customers change, we’ll have to respond to that reality.”
PS: Before anyone comments that the term “legitimation crisis” seems overblown, let me note that I use it in the Habermasian sense: “The theoretical core of The Theory of Communicative Action is Habermas’ revision of Parsons’s AGIL functional prerequisites in order to describe the legitimation crisis of society, which Habermas calls the ‘colonization of lifeworld by systems.’” Those familiar with TCA (Vo. II) should see the problem with for-profit voting machine companies having unaccountable power over the political system designed to regulate them (as well as all other businesses).
January 10, 2008 at 10:30 pm
Posted in: Politics, Technology
Print This Post
Responses (1)
Jon Garfunkel - January 20, 2008 at 10:07 am
Frank– FYI, Danielle’s Open Code Governance is now on SSRN, so you can link to it directly.
Leave a Reply