This weekend, the Wisconsin Grassroots Network allowed the Election Integrity Action Team to use part of its booth at the annual state Democratic Convention. With a colorful pamphlet titled “How to Steal Wisconsin Elections” on one side, and “How to Protect Wisconsin Elections” on the other, I was able to start good conversations with more than 100 people, a large number of them involved in local elections administration in some capacity—mostly as poll workers or board of canvass members.
In general, the Democrats were skeptical whenever I offered the pamphlet with the “How to Steal” side up asking, “Want to know how to hack voting machines? The Republicans know, so you should, too.”
But when I turned the pamphlet over to reveal the “How to Protect” side, they were receptive, confirming my sense that people are tired of being educated about problems they cannot solve, while they are ready to welcome constructive information about solutions.
Their reactions, after I’d given them the election-integrity elevator speech, confirmed that politically active people, like everyone else, typically assume our election results are routinely checked for accuracy and are shocked to learn they are not. Like all other sensible digital-age people, they immediately grasp the carelessness of that practice.
During the entire two days I staffed the booth, all but one of the conversations went very well, often ending with the person asking for more literature and promising to talk to their county clerk when they got home.
I ran into only one person who vigorously argued with me, and I hope you’re as disturbed as I was by who it was—or might have been.
After taking the pamphlet with a frown, one man listened to my short speech and flatly told me I was wrong. Voting machines are reliably accurate, he said, and he should know: Before he retired, he tested voting machines for the Wisconsin Government Accountability Board and for the State Elections Board before that.
I realize he could have been misrepresenting himself, but he might not have been. I recognized the GAB staff attitude toward citizen input and their talking points.
As he argued, he revealed either that he was painfully ill-informed about voting machines and IT security, or that he thought I was and could be distracted with misinformation. It was hard to tell.
For example, when I explained that the hacking information in the pamphlet was based on the findings of a national panel of voting-machine security experts, he said something along the lines of “The national experts’ findings are not applicable to Wisconsin. Wisconsin’s voting machines are programmed individually for each county—no hacker could get to all of them.”
I gently redirected him: “A hack wouldn't need to affect all the machines everywhere. Mathematically, you could change a statewide outcome merely by making one big county already likely to go for your candidate go even more decisively. Pundits will simply say, "Oh, wow. That party did a great get-out-the-vote effort in that county!"
"And besides, the national experts says that the most likely, most dangerous hack would affect the source code, not the set-up for each election. It's the set-up that is done separately for each county. The source code is programmed by just a few vendors.”
But he doubled down and insisted the source code is programmed individually into each voting machine by the counties.
We had drawn a few witnesses by now, so even though I suspected he knew it, I gave the basic explanation of the difference between programming the voting machine and setting it up for each election. (“When you get a new cell phone, it comes with lots of programming deep inside that neither you nor the salesperson touch as you set the phone up with your phone number and contacts.”) I reminded him that the source code must be tested by independent laboratories and approved by the federal government and that once approved, no one is allowed to make changes. If the voting machines’ source code is being “programmed individually,” as he claimed, someone is breaking the law. The speed with which he gave up that line of argument indicated to me he knew that all along.
He then tried the recount defense—claiming that if anyone suspects election results are wrong, they can demand a recount. Again, not knowing whether he was genuinely naïve or was hoping I was, I explained Wisconsin recount law. He finally conceded, “Well, yes, they would have to pay for the recount.”
When I asked, “Would you trust a bank that refused to verify your check had been deposited to the right account unless you paid for the audit?”, he moved on to his next point. We then danced through a set of well-worn arguments.
He: Local election officials store their machines securely.
Me: Local election officials have no control over the security of the software while it is with ES&S, Dominion, and Command Central.
He: But those companies have wonderful, effective security.
Me: They would be in the IT-security consulting business if they could do IT security better than Anthem, eBay, Target, and Sony.
He: There are no miscounts.
He: Well, those should have been caught in pre-election voting machine tests.
Me: Right, but they were not. That’s why every human language has a word for ‘mistake,’ and why we need routinely to check Election-Day output for accuracy.
He: But you cannot just assume the computers are miscounting.
Me: Right. Just like you cannot assume they are counting accurately. Just like your municipal treasurer does not assume she’ll find errors as she spot checks the computer-generated property-tax bills before putting them in the mail. But she does it anyway because that’s what prudent managers do.
He: There’s not enough time or money for full recounts.
Me: No one is talking about full recounts. If you’ll stop arguing for a moment, I can tell you about sampling and risk-limiting auditing.
He: But you cannot assume any sample is representative.
Me: Right; that's why you calculate probability.
Of course, the conversation ended before he accepted the common-sense national consensus on routine verification of voting-machine output—but that was what I expected. You can tell when someone is engaging in sincere let’s-share-what-we-know conversation and when they are simply staking out a defensive position and reflexively contradicting everything you say. He was clearly doing the latter, so I let him leave when he ran out of breath. Who knows—maybe he went to his hotel room that night, gave the matter some sober thought, and moved slightly toward acceptance.
After he left, the handful of people who had been entertained by the exchange asked a few sincere questions and stayed for more information, so it turned out to be a useful exchange even if my antagonist never finds his way to common sense.
He might have been lying about having formerly tested voting machines for GAB, but I’m not lying when I say this sort of reaction is common (though far from universal) among Wisconsin elections officials from the state level on down. I had a very similar encounter with a municipal clerk just about a week before.
There’ s no need to condemn elections officials for this intellectual obstinacy, because psychological denial is a universal human foible. These men and women have likely certified dozens of elections without verifying accuracy, so it must be a real kick in the gut when they first realize how dangerous that is. When you introduce the notion they might have inadvertently certified hacked voting-machine output, I’m sure it feels to them as if you just suggested their spouse might be unfaithful.
In all but extraordinary human beings, that sort of unwelcome news creates an intolerable amount of cognitive dissonance and pretty much shuts down logical processing, at least for a while. None of us can process new information when our brain is fully occupied generating any possible excuse why the information might not be true.
So we need to be patient, to a point. I suggest that point will arrive sometime before November 2016, when we will need to insist on the resolution of our own cognitive dissonance, which comes from being forced to trust our sacred right to self-government to unaudited computer output.
The Facebook group Wisconsin Election Integrity has lately been dominated by two people: me and an advocate for hand-counted paper ballots. That school of election-integrity activists advocates for junking voting machines entirely. They believe verification would be as thoroughly fraudulent as they believe electronically counted elections to be and would therefore serve only to create even more voter complacency.
Advocating exclusive reliance on hand-counted paper ballots (HCPB), they demand that public, transparent hand counts be conducted in every polling place immediately after polls close. That speed is necessary to provide as little window of opportunity for tampering as possible. Electronic tabulators must not be used, they argue, because they count the votes inside a black box—that is, by one computer programmer acting alone in secret.
I usually try not to argue with HCPB-only advocates for two reasons. First, they are correct that their vision could produce accurate election results every time, and second, we all need to keep our eyes on the prize. We share the same goal—verified accurate election results—so this is an argument over means, not ends. As Bill Moyer explained in “Doing Democracy,” in every successful social reform movement, you can see people playing at least four different roles ('citizen,' 'rebel', 'change agent', and 'reformer'), and “dissension among them…reduces the movement’s power and effectiveness. Activists need to become allies with those playing other roles, since cooperation and mutual support will enhance the likelihood of success.”
Avoiding fights with people who are (or should be) big-picture allies is one thing. Refusing to explain yourself is another, and I think it’s past time that someone clearly laid out the rational case for demanding post-election verification of voting-machine output instead of demanding HCPB alone. So here goes.
1) Verification of voting-machine output is hand-counting ballots, at least in those jurisdictions that use opscan machines, which is most of the big counties in Wisconsin. So this debate is actually a squabble over whether the hand count or the machine count should be accepted as definitive when they disagree, and to a lesser extent, how many of the votes we need to hand count to make sure the results are certified for the correct winner.
In Wisconsin at least, the HCPB advocates have already won the (non-existent) battle over which method produces more credible results, even if they don’t realize it. It’s not even up for debate. Statutes governing recounts already establish (and nearly every election official you can pin down agrees) that when an official hand count (not a citizens' audit) and machine count disagree, it’s the hand-counted result that prevails.
Once you’ve established that transparent human-counted results are more credible than black-box machine-counted results, it becomes apparent that doing both is more secure than doing either one alone. Even if ballots are fully hand-counted before dawn on Wednesday, obvious security advantages are created by having voters insert their ballots on Tuesday into a machine that automatically preserves a digital image of that ballot. And knowing that humans cannot ever be trusted implicitly, it is also obvious that you might as well get a preliminary electronic count when they cast their ballots, so that an election thief must jump over two hurdles (that is, to rig both an electronic system and a human one) instead of just one.
2) Verification would catch unintended miscounts, because nobody would be trying to hide them. It’s possible that the majority of electronic miscounts are accidental rather than deliberate—due to human programming or set-up error or to randomly occurring mechanical or electrical issues. (I would say it's likely most are inadvertent, but cannot prove it because no one checks for the sorts of miscounts that hacking would create, so every miscount except the obvious inadvertent ones goes undetected.)
Since no one expects the accidental miscounts, no one would sabotage a verification to cover them up, and they would be detected readily, in much the same way that recounts discover errors more often than not. Those who reject routine verification because they believe clerks often want to cover up fraud are, in practice, proposing we allow all the accidental miscounts to remain undetected because we shouldn't trust the clerks to reveal the fraudulent ones. I am not willing to do that; I'll take what I can get when it comes to detecting and correcting miscounts.
3) Verification would deter or detect fraud that the local officials were not in on. National experts believe the most likely and most dangerous form of electronic election fraud is one in which a single programmer makes illegitimate changes to the vote-tabulating software at some time while it is not in the control of local elections officials. John Washburn has also convinced me that it would be easy for someone to insert wireless communications capability into Wisconsin’s voting machines—again, before the hardware comes into the possession of any local elections official. This capability would go undetected by our election officials because they never look for it.
Wise criminals never involve anyone in fraud who does not need to be involved, and neither of these frauds needs to involve any local elections officials. So when elections are hacked, it's entirely possible the local elections clerks aren’t in on the scheme. Therefore, they have no reason to sabotage verification.
The only time a local elections clerk would want to sabotage a post-election verification would be when he or she is in on the fraud, and that clerk's resistance would then call attention to a problem, if the rest of the world knew what a decent post-election verification looked like. No one does now, because we don't do them.
4) Hand counts have their own problems. In the real world, it’s questionable whether relying entirely on hand counts would give us much more confidence in election results than relying entirely on machine counts. (To repeat: I think we need to do both full machine counts AND sufficient hand-counts to verify the outcomes.) Sloppy chain-of-custody practices come to light with every recount, and—I’ll be frank—I’ve never fully understood why people expect hand counts to be transparent enough. I’ve observed about six, and there wasn’t one of them where I could come close to seeing what the hand-counters saw except intermittently. The observers at Scotland’s referendum hand count were mightily frustrated by their inability to observe effectively, and what they did observe wasn’t reassuring.
And then there’s the question of who, really, would come out to count or observe a hand count during the wee hours on Wednesday morning following Election Day? I have been greeted with “You’re the first citizen ever to show up to observe our public test!” at literally every single one of the dozen or so pre-election voting machine tests I’ve observed, so I can vouch for the fact that no one attends those--and they take only about two hours during the daytime! I’m all for making election work something like jury duty, but it would take years of work to get that legislation passed. That doesn't mean we shouldn't start now, but that brings me to…
5) We could get verification in place by November 2016; we don’t have a prayer of HCPB by then. I won't stand in the way of those who want to work on getting the voting machines thrown in the junk yard. But there is no way on god’s green earth that we’re going to get state law changed to require HCPB between now and the critical 2016 elections.
How many more elections are we going to let be decided by unverified black-box output, when the most basic common sense tells us how incredibly careless that is? I cannot speak for other states, but if enough Wisconsin citizens pressured their county clerks and county boards of canvass hard enough between now and, say, January of next year--especially if even one county clerk is willing to show leadership and vision by adopting such practices--we could have fairly decent post-election verification policies in place in the critical counties in time to protect the 2016 elections from electronic miscounts. Truly, there is nothing in state law or GAB written policy that forbids it—it’s all a matter of the county clerks’ discretion and voters’ interest.
I could go on, but those are my best arguments.
Someday soon, I’ll get around to laying out the case for verification to its other sometimes-hostile allies: Those who argue that our energy should be directed at improving the technology rather than wasting time with a low-tech, unsexy chore like verifying output.
Pay an hour’s attention to the vote-counting debate and you’ll probably hear several myths. From defenders of the status quo, you'll hear that the IT security systems of voting-machine companies like ES&S and Command Central are reliably able to stump hackers. (That must be why Sony, Anthem, and Target have been begging them to work as their IT security consultants, right?)
From critics, you'll hear that widespread flaws indicate widespread fraud, even when those flaws look exactly like the predictable errors of lightly trained nonprofessionals who run complex election procedures four days a year with little supervision or corrective coaching from professionals.
Those myths are easily debunked with a moment’s serious thought. All you have to do is raise an eyebrow and a county board supervisor will realize our elections software is not safer with a Minnesota strip-mall voting-machine-service company than our medical records are with Anthem. No dedicated League of Women Voters member has blind confidence in the infallibility of an elderly, 32-hours-a-year poll worker--particularly if the LWV member is an elderly, 32-hours-a-year poll worker.
However, there are other myths that more insistently keep otherwise intelligent people from thinking sensibly about vote-counting. I’m sure others can suggest more, but these are my top three.Read more
After the polls closed in Stoughton, Wisconsin last November 4, workers in three of the city’s four polling stations were surprised to see their voting machines had counted no votes for a municipal referendum. A different puzzle confronted the poll workers in the fourth polling station. In a precinct where 1,255 voters had cast ballots, the output tape indicated the machine had counted 16 votes (9 no, 7 yes.)
The main problem was rapidly diagnosed as a set-up error that sent all four optical scanners looking for referendum votes in a blank section on the back of the ballot, rather than in the ovals that voters had filled in. Had the error simply looked for 'yes' votes in the 'no' spot and vice-versa, the referendum would have failed and no one would ever have noticed the mistake under Wisconsin's current, ineffective post-election audit policies, However, because the error was so dramatic, a prompt hand count revealed the true results, which were certified on schedule.
But the mystery of the 16 votes remained. It was not possible that the optical scanners could have recognized 16 actual votes and ignored the rest. Those were phantom votes, cast by no one. What caused them?Read more
Four months ago, on July 7, citizens in Stoughton, Wisconsin presented their city clerk's office with petitions bearing enough signatures to get a Move to Amend referendum on the November ballot. City voters would be asked if they wanted a constitutional amendment overturning Citizens United--that is, putting an end to corporate personhood rights and the notion that money is constitutionally protected speech. This same referendum has been racking up 75-80 percent of the vote in other communities around Wisconsin.
Last Tuesday, nearly 5,350 good citizens of Stoughton went to the polls. If you believe the city's voting machines, exactly 16 of them had an opinion they cared to express on the matter. The rest thought "Whatevs" and left the referendum blank.
Fortunately, no one believes the city's voting machines. The municipal canvass board wisely declined to certify those results and will instead hold a public hand count on Monday, November 10.
(Don't miss the update at the end of this post)
News coverage of Eric Cantor’s defeat in Virginia’s 7th Congressional District primary provides one of the most dramatic displays of psychological denial you are ever likely to witness.
After declaring the 56%-44% results to be “astonishing”, “a shocker”, “stunning”, and “historically unprecedented” the pundits go on to make dozens of guesses about how unknown Tea Party challenger Dave Brat knocked off the sitting House Majority Leader.
The pundits grasp at every straw--except one. Maybe Cantor's support for immigration reform doomed him. Well, no, most of the 7th District voters support reform. Okay, maybe a crossover Democratic vote? Over-confident Cantor voters staying home? No evidence of those, either. It certainly wasn’t that Brat spent more money. The Tea Party itself didn’t invest in that race. Pundits offer dozens more guesses; you can peruse some of them here, here, and here.
What is never discussed--not even mentioned--is a possible electronic miscount—something that has already happened in many elections elsewhere and that IT professionals consider a routine occurrence, given the inadequate IT management practices of America’s election officials.
The pre-election voting-machine security maintained by Virginia and its vendors is no better than other states’, and certainly far less rigorous than that used by, say, Target and eBay. Is any pundit so naïve and trusting to think that not even one Tea Party sympathizer (it would take only one) has the ability to hack rural Virginia’s electronic elections technology?
And unlike Target and eBay, which routinely audit to discover whether their computers' operations were affected by mistakes, malfunctions, or deliberate manipulation, Virginia (like most other states, including Wisconsin) treats the vote-tabulators as if they were Greek Oracles, providing raw output too sacred to be questioned or reviewed by mere humans before it is acted upon. Brad Friedman, a national commentator who concentrates on voting machine integrity, reports that 60 percent of the votes in Cantor’s primary were cast on touch-screen voting machines designed to leave no auditable record of the votes cast on those machines. (That type of machine is illegal in Wisconsin.) Got that? If a hacker succeeded in tampering with the vote-recording or vote-tabulating software in those machines, the truth cannot now be discovered. Would-be hackers know this, even if the pundits shield their eyes from these facts and journalists withhold them from voters.
What is the cause of the blindness to a clear and simple possibility that would routinely be investigated first if any other IT system produced such dramatically unexpected output?
Your guess is as good as mine. My most charitable guess is that political journalists and pundits are not inclined to lead the national discussion into areas they know little about, which include elections administration and prudent management of information technology. They want to talk about only those things they like to talk about.
But it’s hard to be charitable when all it really takes is common sense, not specialized knowledge. The pundits know enough about IT management that they’d immediately recognize a scandal if a grocery store chain never audited its checkout scanners and refused to verify its computers' output unless the customer paid for a rescan. Can you imagine the headlines if a bank set its ATMs up to be completely unauditable?
This surprising result in Virginia provides a perfect opening to educate our fellow citizens. Chances are, in the next couple weeks, each of us will find ourselves in discussions about Eric Cantor’s defeat. Use the opportunity to point out the common sense about prudent management of elections technology:
- Point out how ridiculous it is that elections are the one and only application of computer technology in business or government where major, consequential decisions are made on the basis of unaudited--often unauditable--computer output.
- Point out that our voting machines are programmed in secret by private vendors, who are accountable to no one for their IT security procedures.
- Point out that the voting machines are managed by local elected officials, none of whom is required to have any specialized expertise in IT security.
- And above all, point out that the output of those poorly managed computers is nearly universally certified as our final election results before being checked for accuracy, and rarely verified even after that.
Make sure they understand that with our current lack of post-election audits, we can never know whether anyone hacked Virginia’s 7th District primary.
Make sure they understand it is just as bad that we can never know as it would be if we knew for sure it had been rigged.
At least if we knew that the election was rigged, we could fix it. If we have no way even to notice fraud when it occurs, all the pre-election security measures are mere decoration--and those who have the motive, ability, and opportunity to steal our elections know that.
Update, June 2015: Less than a year after Cantor lost his seat, poll workers in one Virginia polling place noticed that voting machines would crash whenever someone tried to download music using an iPhone. The investigation was wisely taken away from the election officials and given to the state's IT office. It resulted in emergency decertification and replacement of the machines. Investigators determined, too late for Eric Cantor, that Virginians had been voting on "the worst voting machine in the US."
I’ve told the story of the 2004 Medford, Wisconsin election miscount often enough that I figured it was time to call the people involved and get some first-hand details. Fortunately, the principals are still on the job: Bruce Strama is still Taylor County Clerk, despite having had to deal with what must be a clerk’s nightmare: telling more than 600 of his most partisan constituents he hadn’t counted their votes. The vendor had misprogrammed Medford’s voting machines to ignore straight-party-ticket votes on the November 2004 ballot, which included a presidential election. Strama didn't discover the problem, though. We can credit Mark Grebner for that, who is still with the political consulting firm that first noticed the anomaly while using Taylor County's election records to compile voter lists.
So I looked up Grebner’s firm, Practical Political Consulting, on the Internet and emailed him. I told him we were using his story as the opening attention-getter in our road show, and that I’d like to ask a few questions about his experience in Medford in March 2005. (That’s when his staff had noticed the previous November’s election results seemed to indicate that hundreds of Medford voters went to the poll only to cast unmarked ballots.)
About two hours later, my phone rang. I thanked him for calling back so quickly.
“Well, it wasn’t that quick,” Grebner said. “I had to look back through my emails to remind myself what happened in Medford.”
“Wow,” I replied. “If I’d discovered such a major error, I’d surely remember it!”
“Oh, this kind of thing happens all the time,” he said. “The details are always different, but there’s an endless number of ways the people who run our elections can botch them up. Every election has something.”
I glanced at my prepared questions and slid them into the wastebasket. Lordamighty, the guy who makes his living working with election records doesn’t even remember what I had considered a jaw-dropping discovery! Fortunately, I didn’t need to come up with new questions; Grebner was eager to talk.
“You want stories? I can tell you lots of stories.” he continued. “Everybody finds different ways not to follow the instructions.”
His firm has done most of its work in Michigan. They work with election records to create lists of voters’ names and addresses. Political campaigns use these lists for purposes such as sending flyers to only those homes where residents are likely to vote.
He recalled a precinct in Detroit that had a problem worse than Medford’s. Poll workers believed that ballots were to be inserted into the optical scan machine face down, but the machines were spitting them out. They called the city clerk’s office and were told to push the override button and insert the ballot again. That made the machine accept the ballots. The override button was pushed for every ballot cast that day. Problem solved.
Solved, that is, unless your definition of ‘solved’ includes counting the votes. The real problem, Grebner said, was that the voting machine could read ballots only if they were inserted face up.
But not the only real problem, I thought. Another real problem is that no one noticed a precinct with zero votes until a political consultant came through to compile voter lists long after the election was over. But Grebner was already on to the next story.
Ottawa County, Michigan used the old lever-type machines, which fell out of favor because they required so much maintenance. They also didn’t create a record of every vote, but merely tracked the total in the same way mechanical odometers do. When you pulled the lever, your candidate’s total clicked up one vote.
The area is intensely Republican, Grebner explained, so in line with its desire to provide small, cheap government, the county board cut the clerk’s budget, and the clerk stopped maintaining the voting machines. Never mind that one machine lost the ability to roll the total over to 200. It would count the first 199 votes, jam up, and count no more.
“This didn’t hurt any Democratic candidates,” Grebner explained. “They never got more than 199 votes anyway. But you could see the Republican candidate always getting exactly 199 votes.” Grebner’s staff found the anomaly went back several years.
They informed the city clerk of the problem, assuming the usual: that no one had noticed before. Uh-uh. The clerk told them he'd known about it for a long time, but had done nothing. His attitude was, “If the county board wants the voting machines to work, they can restore my budget.” (Grebner assured me a call to the state elections board was taken more seriously.)
“You want more stories? I’ve got dozens,” Grebner offered. I’d pretty much caught his drift, so we went on to talk about why.
“Think about it,” he said. “In Wisconsin, you have what—1,800, 2,000 election officials?”
“In 72 counties, we have 1,851 municipalities responsible for administering elections,” I replied.
Think of how they’re trained, he said. Think of how they’re paid. What kind of supervision and oversight do they get? (In Wisconsin, the job of town clerk is often not even a full-time job, but I didn’t tell him that.)
“Each one can get his own idea of how things should work and stick with it,” Grebner said. “Who is going to know any different? Who is going to set them straight?
“The poll workers may be well-intentioned, but they don't always get selected for having good sense,” he pointed out.
“It’s ridiculous that I should be the one catching the errors. We should be counting our votes at least as well as we count money. Can you imagine if the Department of Corrections wasn’t sure how many inmates we are confining and how many we have released? If the Department of Administration couldn’t tell you how many state cars we own?
“Recounts always find errors, and no one blinks. It’s accepted. How long would a bank teller keep her job if her till was off by a few dollars every time someone checked?”
I asked if he was among those who believe we should dump electronic elections technology and go back to publicly hand-counted paper ballots.
“The problem isn’t the machines,” he said. “Banks use machines for everything they do and we don’t mind. That’s because the banks don’t implicitly believe whatever their computers tell them. They check. They audit.”
“Votes are treated like they just don’t matter,” he continued. “It’s true in every state. It’s just not that important to get it right.”
* * *
This conversation certainly provides support for our campaign for post-election audits. It also gave me a lot to think about. In my experience, I’ve noticed only a few—a very few—Wisconsin election clerks who give the impression they don’t think it’s important to ‘get it right.’
The key to understanding this from the clerks' point of view, I suspect, is understanding what the ‘it’ is that they want to get right. In every election, there are hundreds of details clerks must get right—follow the latest registration law, make sure every name on the ballot is spelled correctly, make sure the polling place is accessible, that all the right notices are hung in the right place…on and on and on. Wisconsin’s election laws, regulations, and instructions prescribe dozens of processes our elections clerks must get right.
Unfortunately, our statutes contain no requirement to get the results right. Our current laws give that responsibility explicitly to no one. With computerized vote-tabulation, no matter who you are, getting the count right is someone else’s job—arguably, it's the vendor’s software programmer, but who knows who that is?
The scandal isn't that mistakes are being made. That's predictable. The scandal is that we've provided no one--including our election officials--with the responsibility to look for, find, and correct those mistakes.
Imagine a cargo-plane crew who have responsibility for a lot of complex, important tasks: making sure the plane is maintained, fueled, and fully operational; loading the cargo correctly; and taking off and landing on time.
But the destination? Imagine that no human ever looks at the address labels on the cargo containers. A computer reads the labels as the containers are loaded and feeds the data to a navigational computer. The crew merely links the navigational computer to the autopilot and stands back. They’ll learn the destination when they get there.
What airline could guarantee the correct delivery under those circumstances? This imaginary airline could at least count on the sender to notify them if the goods were delivered to the wrong recipient. But if it’s an election victory that is being delivered, the shippers—we, the voters—don’t know the correct destination any more than the flight crew. We can’t help them out. Neither they nor we will ever know if our votes were delivered to the correct candidate...unless the results are routinely verified.
Getting the totals right is common sense. It’s what we all want. It’s not that hard.
But as much as both we and our election officials want to get votes counted accurately, verifying the totals is not among the many things our system is currently designed to do. We need to fix that.