Usability, Privacy, Cybersecurity And The Right To Vote: Why Elections Are Not As Simple As They Seem

Abstract

All modern public elections in the United States use computers called voting machines to automate at least part of the voting process. Like all computers, voting machines can be misprogrammed, misconfigured, misused and hacked. Poorly secured data, open networks, and aging computing equipment with known vulnerabilities to malware are all subject to attack. There is substantial evidence that foreign adversaries have infiltrated American election systems and there is growing evidence that election results were affected. Federal agencies, the Intelligence Community, and congressional committees all agree that action is required. This talk will focus on the unique aspects of elections from a computing standpoint: (1) Why are there not national standards? (2) What cybersecurity tools would make elections more secure? (3) How does the right to a secret ballot affect election technology? (4) What is the future of electronic voting in the state of Georgia? In this talk I will pay special attention to usability and privacy problems and point out areas in which improved understanding of cognitive limitations of voters can influence public policy. This work is based in part on a recent paper entitled “Ballot Marking Devices (BMDs) cannot assure the will of the voters,” by Philip Stark, Andrew Appel, and me. This paper can be downloaded here:https://dx.doi.org/10.2139/ssrn.3375755