Published on TheHill.com
It’s not too early to think about how the 2016 election might be stolen.
A recent story about an audit by the Virginia Information Technologies Agency on one of its major voting system providers, AVS’s WINVote product, details how ridiculously easy it was to hack the WINVote system, used in 568 precincts in 30 localities around the state through 2014. The April 14, 2015 report, reviewable online, concluded that a “malicious third party could be able to alter votes on these devices.” Indeed, “one of the most significant concerns involving the WINVote system is the ability to access the devices from a remote location…” Needless to say, WINVote, the product of a company in since before WWI, has been decertified in Virginia.
And it’s that little tidbit that positively begs the next question, but before we ask it, let’s zoom in a bit:
Looking back over the 2000, 2008, and 2012 presidential contests, one might easily discern that the 2016 election will be settled, not by the vast number of electoral fly-over states, and not even in the dozen or so purported battleground states. Likely, it will be decided in one or two of five states with a total of 113 electoral votes: FL-29, VA-13, OH-18, NC-15, and TX-38.
For most observers this list makes a good bit of sense—except for Texas. Each of the five states uses two of the same principal vendors: ES&S and Dominion, except that at present, ES&S is the only firm in North Carolina certified to produce a verifiable, individual paper ballot, but this will not be required until 2019. These companies produce and sell DRE (Direct Record Electronic systems) and Optical-Scanners, along with reporting software. Only DRE’s equipped with voter verified paper records (VVPR) or voter-verified paper audit trails (VVPAT) can be satisfactorily audited to determine the honesty and accuracy of an election. Of course, traditional plain paper ballots are fully auditable.
Why is this important?
Simple. Having an individual paper ballot, even if reported electronically, permits election officials to determine with the greatest degree of accuracy whether voters’ ballots are exactly matched to electronic reporting systems known to experience—to one degree or another—reporting/vote transposition errors. When such a safety net is not available, then what the Virginia techies discovered with WINVote becomes more than a possibility with others. That’s the “man in the middle” scenario, and rarely is there a 100% audit. Voter ID laws become irrelevant when an election can be stolen at some remote location by parties—domestic or foreign—with an interest in the outcome.
Is that likely? Except for Virginia, the other four states have audit laws on the books, but aside from the WINVote episode and a storied 2006 audit in Florida’s 13th Congressional District in 2006, it is hard to find records of actual audits on state websites. As seen with WINVote, however, only an aggressive, “attack” audit truly ensures election integrity.
Texas is attractive for two reasons. For Republicans, anyway, the state may be vulnerable in 2016: In addition to using the same two principal vendors mentioned above, Texas has reached the demographic tipping point. According to “Texas QuickFacts from the US Census Bureau,” those claiming Asian (4.3%), Latino (38.4%) or Black (12.4%) descent typically do not vote Republican, and neither does all of the White population (44%). Only 16% claim “foreign born.”
There is no evidence other vendors mirror WINVote’s weaknesses, but neither is there evidence to the contrary. So to the question: Will these five states—or any others—stress-test their voting systems and pronounce them secure? Will they guarantee every last one of us our most basic election right? After all, what will happen there, will matter everywhere.