U.S. agency recommends e-voting paper trail

The U.S. National Institute of Standards and Technology (NIST) has recommended that the U.S. government require touch-screen electronic voting machines to include independent audit technology, such as printouts.

"The lack of an independent audit capability in systems is one of the main reasons behind continued questions about voting system security and diminished public confidence in elections," says a NIST paper released this month. "In practical terms the software-dependent approach cannot be made secure or highly reliable."

The Technical Guidelines Development Committee of the U.S. Elections Assistance Commission (EAC) is scheduled to review the NIST's recommendation that direct record electronic (DRE) machines include voter-verified paper trails or other auditing mechanisms at a meeting Monday and Tuesday.

DREs do not assure that voting records are accurate, and 15 states using the e-voting machines do not use independent audit mechanisms statewide, the NIST paper says.

"Trust in an election outcome relies heavily upon trusting the correctness of the DRE's software and upon trusting that the DRE software has not been replaced or tampered with," the paper says. "Simply put, the DRE architecture's inability to provide for independent audits of its electronic records makes it a poor choice for an environment in which detecting errors and fraud is important."

A spokesman for the Information Technology Association of America (ITAA), representing e-voting machine vendors, didn't immediately return a message seeking comment on the NIST recommendations. The ITAA has argued that paper trail ballots may simply print out the same results stored on the DREs. Paper trail systems can be costly to add on to DREs, and printer breakdowns can cause problems during elections, the ITAA has said.

One e-voting critic praised the report. "That's really good news," said Barbara Burt, director of the election reform program at Common Cause, one of several groups calling for e-voting paper trails. "It looks like it's going to help us finally get rid of the paperless DREs."

NIST's recommendations come after scattered reports of problems with DREs in the Nov. 7 U.S. elections. In Florida's 13th congressional district, Democratic candidate Christine Jennings has filed a lawsuit asking for a revote after 18,000 voters failed to cast a vote in the U.S. House of Representatives race.

Two recounts found Republican Vern Buchanan the winner of the race, but Sarasota County did not require the Elections System and Software (ES&S) e-voting machines to include paper printouts to back up the electronic vote.

While e-voting supporters say the machines make it hard to undervote, Sarasota County voters cast about 16,000 more votes in the Florida governor's race and in the Florida Senate race than were recorded in the House race. About 4,000 more people cast ballots for the county's Southern District Hospital Board than were recorded in the House race.

Thirty-five states either mandate voter-verified paper-trail systems or use them statewide without a mandate, according to the NIST report. But 10 states use paper-trail ballots on a county-by-county basis, and five states, including Maryland, Georgia and Louisiana, use DREs statewide without paper- trail ballots.

The NIST paper published this month recommends states use "software-independent" voting systems, using either paper-trail ballots or cryptographic audit systems instead of relying on the "correctness of the software" for election results.

The paper suggests that the EAC require audit mechanisms in e-voting machines, and recommends that federal election officials stop certifying e-voting machines without independent audit systems after 2009 or 2010.