When the IEEE, the world’s leading professional society of engineers, decided in the summer of 2001 to create a technical standard for electronic voting machines, most everyone concerned with the elections business thought it was a grand idea.
For the most part, the IEEE operates just as you’d expect a bunch of engineers to behave — the group is rigorous, open-minded, dispassionate, and reluctant to embark upon any major endeavor unless everyone with an opinion has had an opportunity to hold forth. “Consensus” is the IEEE’s main buzzword; and while that ethic can lead to some frustration, it also explains why so many industries and government agencies ask the IEEE to draw up technical standards for new technologies. People trust the IEEE’s open process, and when it sets down certain specifications — governing everything from aircraft gyros to wireless networks — the specs are widely respected by technologists.
And by the summer of 2001, a standard for voting machines was clearly needed. After the hobbled 2000 presidential election, officials across the nation were rushing to purchase new equipment to replace their maligned punch-card systems. Elections vendors were heavily promoting fully electronic, ATM-style touch-screen voting machines, but many computer scientists warned — and are warning still — of critical security flaws in such systems. The key players in the debate over electronic voting saw the IEEE as a good place to resolve concerns people had with the new systems; they hoped that after hearing all sides, the vaunted body could create respected technical guidelines for the machinery of modern democracy.
Two years later, however, the IEEE group charged with drafting a voting machine standard is paralyzed by bitter infighting. Members of the body can’t agree on the substance of a proposed standard for voting machines, nor can they even come to a consensus on a fair process for determining such a standard.
The parties involved are arguing about big things — about whether, for instance, electronic voting machines should be required to produce a “voter-verifiable” audit trail, which many security experts say is the only way to guarantee security in electronic systems — and tiny things, such as the order in which topics are discussed in the meetings they hold. To hear members of the committee tell it, the whole process has become a circus — a circus that illustrates how difficult it might be to eventually create a national standard for voting systems.
Advocates of the audit-trail requirement claim that the IEEE standards group has been hijacked by a “cabal” representing the voting equipment industry; this industry coalition has systematically attempted to “disenfranchise” its critics by abusing technicalities in the meeting bylaws, these activists charge.
“I think they do want to prevent stronger security methods from going into the standard,” says David Dill, a computer scientist at Stanford who is one of the leading advocates of verifiable ballots in electronic systems. “I feel that we are being deliberately shut out of the process.”
Rebecca Mercuri, a computer scientist and a research fellow at Harvard who has long questioned the security in electronic voting systems, says that the entire standards process has been shrouded in secrecy. “It’s not just the fact that they have all these rules,” she says. “We could live with the rules. But when someone asks for a clarification of the rules, they change the rules to suit their purposes.”
Is the voting equipment industry trying to silence its opponents in a standards group that has traditionally been committed to openness? That’s hard to say definitively; none of the industry officials on the voting-machine group — including Herb Deutsch, who is the chair of the committee charged with drafting the standard and an employee of Elections Systems & Software, the world’s largest voting company — responded to Salon’s requests for comment. But in interviews, several members of the committee who have called for tough security in voting systems pointed to specific “irregularities” in the standards process: People have been given conflicting and confusing instructions on how to join the group; some members appear to have been accorded preferential treatment; the committee’s leaders have used some technically legal but not very nice parliamentary procedures to prevent opponents from expressing their views; and when critics of the industry have managed to make comments, they appear to have been summarily ignored.
The storm of criticism swirling around the IEEE on this issue certainly doesn’t sound like a model of standards-building procedure. But some members of the committee are reluctant to put all of the blame on voting industry officials. One person who asked not to be identified said that advocates for strong security systems in voting machines seemed reluctant to work with others in the group and were only interested in pushing a “political agenda.”
The critics “would posture and grandstand and say the same thing over and over, taking a lot of air,” this person said. “To be quite honest I think that the people running meetings were intimidated and felt worried and frightened.” In their tone and language, the activists “project very clearly the idea that they want to take over the meetings,” this person said.
On Sept. 16, the committee held an acrimonious conference call in which it was decided, over the vociferous objections of a minority, that a draft of the voting machine standard was ready for members to vote on. The voting was kept open for a week, and the draft standard, which did not include a requirement that electronic machines print out a verifiable paper trail, did not pass (13 people opposed the standard, six were in favor). But activists calling for tough security in voting systems say that they only narrowly averted disaster — the committee came very close, the activists insist, to passing a weak standard. And because the IEEE sits on a federal committee charged with deciding a national standard for electronic voting machines, a weak IEEE standard would have led to unsafe machines all over the country, the activists say.
Proponents of a paper trail are now calling for broad public involvement in the standards group. Many members who felt spurned by leaders of the committee have gone to the Electronic Frontier Foundation with their complaints; Cindy Cohn, the EFF’s legal director, has lobbied the IEEE’s support staff on behalf of these members, and the EFF posted a petition on its site urging the IEEE committee to clean up its ways. But it’s not at all clear that greater public involvement will lead to a more objective, more rigorous process for creating a voting standard. Can the voting activists and the voting industry ever see eye to eye, or even just agree that talking to each other might lead to some good? The stories that members of the committee tell do not provide any basis for optimism.
The IEEE body working on the voting-machine standard is divided into two main committees — the working group, which creates the draft standard and which is technically open to anyone who wants to participate, and the sponsor group, which has final say on the draft and which is open only to members of the IEEE. The working group is where the action is supposed to occur; the committee holds meetings every few months (some are in-person in locations around the country, and some are on the phone) intended to get people to deliberate over the minutiae of voting technology.
One imagines that, given the seriousness of the work they’re doing, members would engage in a lot of high-minded, concerned debate over the nature of voting machines and their impact on society, but that doesn’t seem to happen too often. Instead, participants say, there’s a lot of talk about the process.
“It was the most strange experience of my life,” Ted Selker, a computer scientist at MIT who’s an expert on elections procedures, says of a meeting he attended in Denver in July. “There was this daze. A whole lot of time was spent on the logistics of carefully running the meeting, and it took probably five hours before we started talking about anything substantive.”
From its inception, the working group seems to have been heavily represented with people who, if they were not from the voting industry, were at least very sympathetic to the industry’s views. Vincent Lipsio, an engineer from Gainesville, Fla., joined the group because he thought it might be fun to work on voting standards. He remembers attending an early meeting and suggesting to the group that the standard should require software on voting machines to be stored on internal read-only drives, rather than on a write-able media like CDs or memory cards. “Well, I remember this old guy stands up and says things like, ‘Son, you’ve got to trust the voting officials,’ and ‘It’s really not necessary to go to all these lengths to protect the machines.’ The tone said that I was naïve — and almost everyone had that attitude.”
Critics of the committee say that its leaders were not clear about what people had to do in order to join the group. Alice Allen, the president of Alpha Data Services, a firm that makes vote-counting software, attended her first meeting in January in Washington, “and I thought that I would be given the privilege of voting as any other member,” she says. But when she asked about her rights during the meeting, Bill Welsh, the chairman of ES&S, told her that she needed to attend three meetings before she could vote. Allen began attending meetings regularly, but later she found out that the rules of the committee stated that members only had to attend one meeting before they became eligible for voting rights. Allen says it’s possible that Welsh could have made a mistake, but if so, why didn’t anybody else correct him? “The statement was made,” she says; “the statement was incorrect. It was not the same requirement for others, so why was it told to me? If the information was wrong it was up to them to say so.”
On its own, Allen’s experience seems easy to dismiss, but it’s part of a pattern, the voting activists say, that reveals the voting industry’s desire to keep people off. The worst transgression, one that almost everyone interviewed pointed to, occurred in a conference call on Sept. 16. The agenda for that meeting was sent to participants before the call, and it clearly states that the first order of business would be to approve new members, after which the committee would decide whether or not the draft standard was ready to be approved. The new members up for approval that day were Jim Adler, Alice Allen, Chuck Corry, David Dill, G.D. Miller, Ted Selker and Barbara Simons — many of whom are in favor of verifiable audit trails in voting machines.
But when people got on the phone that day, Vern Williams, a voting security expert at SAIC, an information technology consulting firm, suggested that the agenda be switched so that new members were approved after the committee voted on the draft standard — a move that would ensure that the new members would have no say on the proposed standard. Williams’ motion passed. Then the committee decided to open the draft standard for voting. And after that, the new members were approved.
The activists were outraged at this maneuver. “I kept saying, ‘We’ve been disenfranchised!’” says Simons, a computer scientist who worries about the security of electronic voting systems. Simons and others tried to reopen the vote on the standard, but one of the committee leaders then proposed a motion to adjourn the meeting. According to Roberts Rules of Order, an adjournment motion takes precedence over other motions. The motion won by one vote, and the meeting was adjourned.
According to Susan Tatiner, the associate managing director of the IEEE, who helps standards committees run smoothly, the bitterness on this committee is not especially unusual. “We are always dealing with different issues, some thornier than others,” she says. “We see difficulties a lot because getting to a consensus is a really grueling process. I’m sure the Mideast peace negotiations are worse, but probably not by much at some points.”
Tatiner said she’s been working with the committee to address some of the concerns the activists expressed. Many activists claim that when they submit suggestions for revisions they want to see in the draft standard, their comments are shunted off to a mysterious “editing committee” on the group — and this editing committee always seems to find reasons for why the proposed change won’t work. For instance, Rebecca Mercuri recently submitted a comment proposing that voting machines achieve “a zero-error rate, so as not to affect the outcome of any election. If a zero-error rate is not able to be achieved, jurisdictions must be informed as to the actual error rate, such that if an election falls within this range between candidates, a run-off election must be required.” The editing committee decided not to act on her proposal: “Not achievable by any known means,” it said, refusing to elaborate on which part of her idea was not achievable. One member of the group provided Salon with an Excel file filled with members’ comments and such cryptic responses; it is hard to see any rhyme or reason to how the editing committee goes about its work.
Tatiner conceded this was a problem, and she suggested that at the committee’s next meeting, the activist members try to elect one of their own to the editing committee. Still, nothing compels the committee to listen to everyone. “All comments must be ‘addressed,’” Tatiner says. “That is the word that we use, and what we mean by that is that it needs serious consideration. They do have to ‘address’ it and they have to ‘discuss’ it.” But groups do not have to act on every proposal, a system that concerns many of the activists.
One member of the group — who asked not to be identified because he feared antagonizing the more established members — exhorted Salon to make this article a call to arms for all computer scientists interested in voting security. If the people who are wary of the electronic machines can effectively stack the committee, the voting company officials will have to yield, this person reasoned. The call may work; David Dill’s online petition calling for verified voting systems has garnered hundreds of the most well-respected people in computer science.
But participating in the IEEE is hard work, and it’s not clear if many people would put up with the tedium of the process. Still, says David Aragon, a volunteer with Votermarch, a Web-based voting rights group, this standard could be pivotal for the future of voting. “It should be made less like a circus,” he says. “But I do think that’s important. There is no other national standard for voting systems, and when the time comes this one is going to be the one that matters.”
The committee’s next meeting is in Austin, Texas, in late October.