The state of election technology is… improving

With the U.S. knee-deep in what has been an unusual presidential primary season, to say the least, many eligible voters are highly engaged in the process, passionate about their preferred candidates. But when it comes to voting trends, a reality check is in order: Voter turnout in the U.S. during the last midterm election hit the lowest point since the 1940s.

In fact, the number of Americans heading to the polls each election has been declining for the last 50 years, which helps explain a concerted push by election officials to deploy technology that simplifies the process of, and increases participation in, elections.

Election technology in context

Before delving into the current and future state of election technology, let’s summarize how we arrived at this point. Most jurisdictions today are using election technology developed in the 1990s, and the typical voting system is running an operating system that is no longer vendor-supported, no longer has security updates (which couldn’t be applied anyway because of certification requirements) and relies on technology that wasn’t considered “cutting edge” even when it was purchased.

All of which begs the question: Why are these outdated systems still in use?

Unsurprisingly, the answer comes down to money and contracts. Jurisdictions entered long-term buy/lease contracts with technology vendors and, due to significant budget constraints that have persisted the past decade or more, have not been in a financial position to write off these investments or engage in protracted, expensive upgrade projects. And on the vendor side, massive consolidation has left just a handful of vendors controlling the entire market.

Election officials tend to hit the pause button during presidential election years when it comes to ambitious new technology deployment. While there is an understandable risk aversion to trying something different when the stakes and voting volume are at their highest, traditional vendors are evolving their technology portfolios, and a set of emerging vendors with technical depth is entering the market with modern software solutions.

The emergence of new vendors is mainly about (1) recognizing the new business opportunities afforded by the evolution of jurisdictions’ voting methods (e.g. Colorado’s move to vote centers) and (2) witnessing the end of life for existing equipment and the expiration of contracts, which produces potential clients for the first time in years. The emerging vendors will offer election officials and municipalities more competition and choice.

Cyberattacks against computerized voting systems will inevitably increase, given the high stakes associated with elections.

Advancing election technology has proven to be an incredibly vexing proposition for all stakeholders — state and local election officials, voting technology vendors, voter integrity advocates and, of course, the voters themselves. That said, there are several election technology developments that we expect to see play out leading up to the 2016 November elections.

Movement toward open source

Three counties — Travis County, TX (which includes Austin); Los Angeles County; and San Francisco City/County — are now taking steps toward open-source election technology. As 2016 progresses, we should start to see the impact of these efforts, as other jurisdictions will be watching closely.

More widespread deployment will require addressing common misconceptions around the security of open-source technology. The fact is that open source introduces much needed transparency to elections and voting, and a fundamental tenet of secure systems is that they should be open and transparent.

Increasingly, influential jurisdictions are demanding that products and systems built for them are open source. These demands pressure vendors that have a vested interest in continuing to build proprietary, closed systems where they believe it is easier to protect their intellectual property. If open-source deployments go well in leading jurisdictions, it will open the floodgates to widespread adoption.

Movement toward COTS technology

Commercial off-the-shelf (COTS) technology boils down to ownership and control. Current voting systems are vendor-controlled, built with proprietary hardware that election officials must rely on the vendor to maintain over time. As jurisdictions move away from these proprietary vendor-controlled systems to COTS products and technologies the jurisdictions themselves can own, the dynamics of voting will change.

The use of COTS hardware will provide much-needed flexibility and cost transparency for election officials in purchasing and supporting their equipment, and the resulting deployment of iPads, Android devices and other COTS products will provide both voters and election officials with technology with which they are more familiar.

Ultimately, election officials would rather use an iPad than a proprietary black box to check voters into a polling station; eventually, jurisdictions will want to simply hand voters a tablet or mobile device for ballot casting.

User experience improvements

User experience (UX) plays a very important role in our digital lives. Although security and reliability guarantees are most important, UX is a critical aspect in elections: Dramatic UX failures, such as Florida’s infamous “butterfly ballot” in the 2000 presidential election, have the potential to confuse voters and affect election results.

Why are these outdated systems still in use?

Elections are infrequent and important, and an enduring pain point for voters is that they are asked to vote using unfamiliar and unintuitive user interfaces that do not incorporate state of the art in UX practice and research. The advent of technologies like highly responsive multi-touch displays and voice recognition has made many computing systems dramatically more understandable and easier to use over the last decade, but computerized election technology has not kept up.

Expect 2016 to be the beginning of a sea change in election technology user experience. Pressure will come from jurisdictions, election workers and voters from all demographics. Aging baby boomers will look for an intuitive user experience that works well for those with failing eyesight and arthritic hands, and others will expect voting technology to be at least as intuitive as an iPad or Kindle.

Inevitable cyberattacks

At no time in history have more adversaries been using information technology to affect national security. As election technology ages, security risks increase — particularly with closed, proprietary systems that offer limited visibility to outside parties able to identify vulnerabilities.

While defending election technology against cyberattacks is critical, it is even more important to be able to detect such attacks, mitigate them and attempt to identify the attackers. Unfortunately, computerized election technology has been repeatedly shown to be insecure. The closed nature of election systems makes it difficult to detect compromised election results — and next to impossible to mitigate or attribute the associated attacks.

Cyberattacks against computerized voting systems will inevitably increase, given the high stakes associated with elections. Awareness of this inevitability among election officials has grown; as a result, expect more attention paid to security and the need to view election technology as a “critical system” that demands high assurance (i.e. the ability to make certain provable guarantees about its function and reliability). Spacecraft, weapon guidance systems and passenger airplane control systems are among the technologies built using high-assurance methods, because they must be resilient to cyber threats and function correctly at all times.

Some will claim to have “solved” Internet voting

In 2016, we will see more companies claiming they’ve figured out how to securely conduct elections over the Internet. In reality, we are far from that point. Last July, the U.S. Vote Foundation released a comprehensive report (of which we are co-authors) on the security of Internet voting systems, and challenges that remain to put in place end-to-end verifiable Internet voting systems that are transparent, secure, auditable and usable.

Before that, Galois published a paper, “Modifying an Off-the-Shelf Wireless Router for PDF Ballot Tampering,” which explains an attack against common home routers that enables a hacker to intercept a PDF ballot and silently modify that ballot before sending it along to an election authority — an attack that is almost undetectable. Worryingly, PDF ballots have been used in remote voting trials, and, in some cases in binding elections in the U.S. over the past decade.

Coda

Election and voting technology remains of significant interest to a broad range of stakeholders, and in 2016 there will be meaningful movement toward ensuring these systems have the correctness, security, user experience and transparency required to ensure trustworthy elections.