March 22, 2019

Voting machines I recommend

I’ve written several articles critical of specific voting machines, and you might wonder, are there any voting machines I like?

For in-person voting (whether on election day or in early vote centers), I recommend Precinct-Count Optical Scan (PCOS) voting machines, with a ballot-marking device (BMD) available for those voters unable to mark a ballot by hand2.  For vote centers that must handle a wide variety of ballot styles (covering many different election districts), it may be appropriate to use ballot-on-demand printers to produce ballots for voters to fill in with a pen.

Five different U.S. companies make acceptable PCOS and BMD equipment:

PCOS BMD (acceptable for use by voters unable to mark ballots with a pen)
ClearBallot ClearCast ClearAccess
Dominion ICP ICP320, ICX BMD
ES&S DS200 ExpressVote (BMD mode only), Automark (autocast disabled)
Hart Verity Scan Verity TouchWriter
Unisyn OVO OVI,FVT

I do not recommend all-in-one voting machines that combine ballot marking and ballot tabulation in the same paper path, such as the ES&S ExpressVote (in all-in-one mode) or the Dominion ICE.

For mail-in1 ballots, I recommend Central Count Optical Scan (CCOS) voting machines with ballot-serial-number imprinters.

All five companies listed above make CCOS equipment, and at least three of these companies make CCOS with serial-number imprinters:  ClearBallot, ES&S and Dominion.  CCOS printers from Hart (and perhaps Unisyn) do not imprint serial numbers; they can still be used in ballot-level comparison audits5 but less efficiently.

I make these recommendations mainly on the basis of security: let’s have election results we can trust, even though the computers can be hacked.  But PCOS or CCOS voting is also less expensive to equip than touchscreen voting.

Now I will explain the basis for these recommendations.

[Read more…]

Reexamination of an all-in-one voting machine

The co-chair of the New York State Board of Elections has formally requested that the Election Operations Unit of the State Board re-examine the State’s certification of the Dominion ImageCast Evolution voting machine.

The Dominion ImageCast Evolution (also called Dominion ICE) is an “all-in-one” voting machine that combines in the same paper path an optical scanner (for hand-marked bubble ballots) with a printer (for machine-marked ballots via a touchscreen or audio interface).

Last October, I explained that why this is such a bad idea that it should be considered a design flaw:  if a hacker were able to install fraudulent software into the ICE, that software could print additional votes onto a voter’s ballot after the last time the voter sees the ballot.   I’ll just give one example of what the hacker’s vote-stealing software could do:  In any race where the voter undervotes (does not mark a choice), the hacked software could print a vote into the bubble for the candidate that the hacker wants to win.

The manufacturer may argue that “our software doesn’t do that;” true enough, the factory-installed software doesn’t do that–unless hackers hack into the manufacturer’s network.  They may argue that “our voting machines are not hackable;” well, it’s admirable that they are using modern-day authentication methods for the installation of new software, but in the current state of the art, it’s still the case that practically any computer is hackable.

And therefore, we rely on recounts and risk-limiting audits of the paper ballot as marked by the voter as our ultimate protection against computer hacking.  An all-in-one voting machine, that combines printing and scanning into the same paper path, seriously compromises that protection.

Douglas A. Kellner, co-chair of the New York State Board of elections, wrote on March 7 2019 to his fellow Board commissioners,

Two respected professors of computer science have provided reports that the Dominion ImageCast Evolution voting machine has a “design flaw.” … “after you mark your ballot, after you review your ballot, the voting machine can print more votes on it!” …

[New York State] Election Law § 7-201 requires that the State Board of Elections examine and approve each type of voting machine or voting system before it can be used in New York State…. The examination criteria for certification of voting equipment … requires … “the vendor shall identify each potential point of attack.” …

I have carefully reviewed Dominion’s [submission].  I do not see anything in the submission that addressed the point of attack or threats identified by Professors Appel and DeMillo. …

If there is a serious possibility that an insider could install malware that could program the printer to add marks to a ballot without the possibility of verification by the voter, then the entire audit process is compromised and circumvented. If it was possible for the machine to add a voting mark to the ballot without verification by the voter, the audit is not meaningful because it cannot confirm that the ballot was counted in the manner intended by the voter. …

Election Law § 7-201(3) provides that:  “If at any time after any machine or system has been approved,…the state board of elections has any reason to believe that such machine or system does not meet all the requirements for voting machines or systems set forth in this article, it shall forthwith cause such machine or system to be examined again.” …

In view of the omission of the security threats identified by Professors Appel and DeMillo in the submission by Dominion in support of its application for certification of the ImageCast Evolution, and in view of the absence of any analysis of this issue in the SLI and NYSTEC reports, I request that the Election Operations Unit of the State Board examine again the ImageCast Evolution to consider the vulnerability of the voting system because the printer could be programmed to add marks to ballots without verification by the voter, and that SLI and NYSTEC supplement their reports with respect to these issues.

Do Mobile News Alerts Undermine Media’s Role in Democracy? Madelyn Sanfilippo at CITP

Why do different people sometimes get different articles about the same event, sometimes from the same news provider? What might that mean for democracy?

Speaking at CITP today is Dr. Madelyn Rose Sanfilippo, a postdoctoral research associate here at CITP. Madelyn empirically studies the governance of sociotechnical systems, as well as outcomes, inequality, and consequences within these systems–through mixed method research design.

Today, Madelyn tells us about a large scale project with Yafit Lev-Aretz  to examine how push notifications and personalized distribution and consumption of news might influence readers and democracy. The project is funded by the Tow Center for Digital Journalism at Columbia University and the Knight Foundation.

Why Do Push Notification Matters for Democracy?

Americans’ trust in media have been diverging in recent years, even as society worries about the risks to democracy from echo chambers. Madelyn also tells us about changes in how Americans get their news.

Push notifications are one of those changes– news organizations that send alerts to people’s computers and to our mobile phones about news they think are important. And we get a lot of them. In 2017, Tow Center researcher Pete Brown found that people get almost one push notification per minute on their phones– interrupting us with news.

In 2017, 85% of Americans were getting news via their mobile devices, and while it’s not clear how many of that came from push notifications, mobile phones tend to come with news apps that have push notifications enabled by default.

When Madelyn and Yafit  started to analyze push notifications, they noticed something fascinating: the same publisher often pushes different headlines to different platforms. They also found that news publishers use language with less objectivity and more subjective, emotional content in those notifications.

Madelyn and Yafit especially wanted to know if media outlets covered breaking news differently based on political affiliation of their readers. Comparing notifications of disasters, gun violence, and terrorism, they found differences in the number of push notifications published by publishers with higher and lower affiliation. They also found differences in the machine-coded subjectivity and objectivity of how these publishers covered those stories.

Composite subjectivity of different sources (higher is more subjective)

Do Push Notifications Create Political Filter Bubbles?

Finally, Madelyn and Yafit wanted to know if the personalization of push notifications shaped what people might be aware of. First, Madelyn explains to us that personalization takes multiple forms:

  • Curation: sometimes which articles we see is curated by personalized algorithms (like Google News)
  • Sometimes the content itself is personalized, where two people see very different text even though they’re reading the same article

Together, they found that location based personalization is common. Madelyn tells us about three different notifications that NBC news sent to people the morning after the Democratic primary. Not only did national audiences get different notifications, but different cities received notes that mentioned Democrat and Republican candidates differently. Aside from midterms, Madelyn and her colleagues found out that sports news is often location-personalized.

Behavioral Personalization

Madelyn tells us that many news publishers also personalize news articles based on information about their readers, including their reading behavior and surveys. They found that some news publishers personalize messages based on what they consider to be a person’s reading level. They also found evidence that publishers tailor news based on personal information that they never provided to the publisher.

Governing News Personalization

How can we ensure that news publishers are serving democracy in the decisions that they make and the knowledge they contribute to society? In many publishers, decisions about the structure of news personalization are made by the business side of the organization.

Madelyn tells us about future research she hopes to do. She’s looking at the means available to news readers to manage these notifications as well as policy avenues for governing news personalization.

Madelyn also thanks her funders for supporting this collaboration with Yafit Lev-Aretz: the Knight Foundation and the Tow Center for Digital Journalism.