Brazil, U.S. Show That Secure Elections Require Agreement – Not Just Cybersecurity and Clear Ballot Records

A Set of Principles
I and others in my field tend to agree, and think most regular people would too, that election officials should aspire to the following basic criteria:

·  Every person with a legal right to vote is able to cast a ballot in a given election.

·  No person without a legal right to vote is able to cast a ballot.

·  No person is allowed to cast more than one ballot.

·  Every ballot unambiguously indicates the voter’s preference.

·  Every ballot cast by a legally legitimate voter is counted, but no other ballots are counted.

·  No ballot cast can be associated with the voter who cast the ballot (that is, voters can maintain the secrecy of their ballots).

To help uphold these standards, many election security analysts, including me, believe that paper records are an essential element of electronic voting systems. They leave open the possibility of recounting ballots in the event of a claim that electronic ballots were counted incorrectly. In general, only people who appear to have lost elections make these claims, though some states’ laws require automatic recounts when the margin of difference is small.

But Brazil has done away with paper voting entirely. The nation’s election officials take many measures to ensure that the electronic voting machines are working properly and are not tampered with, including testing a large sampling of the machines on Election Day, obtaining third-party analysis of at least parts of their software, and ensuring they are not connected to the internet, to increase their protection from hackers.

But no combination of these measures, nor any of the other protections, such as public posting of vote tallies and requiring voters to use fingerprints to unlock voting machines or to present photo identification to poll workers, is completely foolproof.

Paper ballots aren’t foolproof, either: Fraudulent ballots could potentially be manufactured and inserted into the counting process without being detected. Ballots can be irretrievably destroyed after being cast. Improperly made marks on a ballot may not clearly indicate the voter’s intent. Humans engaged in the mind-numbing effort of counting thousands of ballots get tired and make mistakes. Counting paper ballots takes considerable time that disgruntled parties can use to sow unfounded doubts about election integrity.

Intelligently designed paper-based voting systems take measures to ameliorate all of these problems. But just as in the case of electronic voting, it is ultimately a matter of human judgment about whether those protections result in an acceptable level of security. And guaranteeing 100% security in an election is essentially impossible.

Elections Are Necessary
Despite the inevitable flaws in voting and counting, democracies need to conduct elections. They must choose election officials for whom the public’s confidence in the security of the elections is more important than any partisan outcome.

Another key element of election integrity comes from the candidates. It’s important to public confidence in elections that candidates be willing to express their own support for the voting system, including whatever measures are set up for integrity and recounting, even if that system delivers them a loss.

The basic proposition of democracy is that all candidates agree to a particular process, election managers do their best to ensure that process unfolds fairly, and everyone abides by whatever the results are, no matter who winds up losing.

Without mutual agreement on process, it is impossible to have an uncontested election, because a candidate who doesn’t like the outcome can always claim – even without evidence – that it was somehow unfair.

True democracies require candidates who agree on election rules and processes in advance and agree to abide by the outcome of elections, even when they wish the results were otherwise. The alternative is continuing instability and doubt in the electorate – an outcome that serves no citizen’s interests.

Herbert Lin is Senior Research Scholar for Cyber Policy and Security, Center for International Security and Cooperation, Stanford University. This article is published courtesy of The Conversation.