For America’s political junkies, we are nearing the most wonderful time of the year: election season. Most amateur politicos are gleefully watching (in record numbers) Donald Trump and the rest of the Republican field, and debating the merits of Bernie Sanders’s economic platform. But as the campaign shifts away from the opinions of pundits and towards the actual process of voting, one of the few “fundamental rights” most Americans believe they are bestowed, the system in place for actually exercising that right is rapidly approaching a crisis.

America’s voting machines are out of date.

It sounds mundane. A fair rebuttal might be that many of America’s bridges and tunnels are out of date. But the risk posed by outdated election technology has the potential to jeopardize the rule of law in America, in a way that even collapsing bridges cannot. More frighteningly, while federal efforts to pass highway-funding legislation are ongoing, legislative efforts to repair our voting infrastructure are frustratingly lacking.

Several states (including perpetual swing state Florida) rely on electronic voting machines that are over 15 years old. Per the Brennan Center, all states are reporting severe issues of “degraded touchscreens, worn out modems . . . and failing motherboards and memory cards.”  In essence, our election technology relies on laptop computing technology that was state-of-the-art five years before the first generation iPhone was released. The result is election officials resorting to a black market for spare parts, and machines regularly failing due to hardware errors.

Most worryingly, the software underlying election technology is Microsoft XP, an operating system so antiquated that Microsoft is no longer supporting it. XP was known to be vulnerable to malicious software attacks since 2006. One recently appointed advisor to the White House Office of Science and Technology Policy has, with the help of graduate students at Princeton, shown exactly how such a vulnerability can be used to exploit the electoral process. A similar example of this vulnerability occurred four days before Election Day in 2010, when the DC school board allowed for a white-hat hack of its e-voting absentee balloting system. Within hours, Bender of Futurama fame won the school board election, with an outcome predetermined by code, so that each vote cast would be converted into a vote for Bender.

Such problems, one would figure, would rise to a level of national concern particularly as cybersecurity becomes an increasing part of the national security legal framework. But federalism concerns, and a lack of Congressional will have left the vulnerability in place. 2002 was the last major federal enactment for voting technology. In the wake of Bush v. Gore, Congress authorized states to spend $4 billion to upgrade their technology, and passed the Help America Vote Act, which established the Electronic Assistance Commission. Unfortunately, the EAC had been unable to fill a quorum since 2014, and is only now beginning to issue RFP’s for the next wave of voting technology. Even if RFP’s are approved in a timely fashion, and Congress enacts legislation to infuse the states with cash for these purchases, there remains the question of whether the government can mandate the expenditure to be for machines in compliance with certain security protocols (Per Wired, machine certification process falls within the domain of the states) that will actually make elections more secure.

Moreover, vocal critique of the existing voting machine technology remains taboo. Many state-level Secretaries of State worry that criticism and commentary will undermine voter confidence, as even patches to fix the voting apparatus have drawn skepticism and conspiracy theorist outcry.

In short, for one of the few “fundamental right” granted under the Constitution to be actionable requires technology that works in service of that aim. While we may enjoy mocking our political process now, it will be a shame if the joke is ultimately on the American people later due to our elected officials failure to use the law to fix our system’s technological issues.

Lawrence Crane-Moscowitz

One Response to America’s Coming Electoral (Software) Crisis

  1. Jacob Schumer says:

    While any vulnerability in vote tabulation machines is too much vulnerability, I can’t help but feel that this kind of vulnerability is greatly preferable to vulnerability that almost necessarily exists with traditional paper balloting.

    At least with digital vote tabulation, there is ostensibly some way to examine the individual votes, the software, or the machines themselves long after the actual voting (after all, even factory resets leave a lot of data intact). Whereas, we’ve seen cases of old-school ballot stuffing and other methods happen, and were only discovered by happenstance — someone opened the right dumpster at the right time, etc. None if this is to say that action should not be taken to consistently shore up and ensure the security of digital devices.

    For all of these propositions I cite absolutely nothing.