Pilot Letter: Crucial move toward auditable elections


The letter promotes a helpful, but insufficient, solution for election security.

I support paper ballots for all the reasons the letter describes. Auditable paper ballots, however, only protect the integrity of the vote-counting process. They do nothing to ensure the integrity of a voter registration database. For that we need positive voter identification, such as photo ID, to prevent fraudulent voting.

The reasons for voter ID are the same as the reasons for the paper ballot, just applied to a different part of the election process. To be eligible to register to vote, persons must prove their identity. But, subsequently, the registration record is vulnerable to hacking and modification. Repeating the identification check at the polling place is a way of auditing the registration records.

It is, in fact, the best way of auditing them as a technical matter. It should be done as a matter of routine.

6 thoughts on “Pilot Letter: Crucial move toward auditable elections

  1. You make a valid point. However, if the registration databases are hacked, then the records at polling places on Election Day could be inaccurate and eligible voters could be denied their rights. Id or not.


    1. I don’t understand your point. Even if you have good security against hacking, it is still necessary to validate the database. Repeating the registration ID check at the polling place is the best way to do that.


      1. If the databases are hacked prior to the election, there is no guarantee the files at the polling places are accurate. No form of ID can correct that. As an example. you arrive at your polling place, present your ID, and the poll worker tells you that there is no listing for John Roberts at the Chesapeake address on your ID. How does that get addressed? You may get to cast a provisional ballot, but eventually, your vote does not get counted because hackers removed you from the database. Based on that occurrence, the ID check at the polling place does nothing, except maybe expose the hack.


      2. RE: “the ID check at the polling place does nothing, except maybe expose the hack.”

        Exactly. Exposing the hack is part of why the ID check is necessary.


        1. And yet you still won’t have your vote counted. In fact, the entire election could be ruled void because of the hack. TI sbetter to prevent the hacking, follow up with a ballot that is auditable, and ensure all citizens have, not only their vote, but their right to vote protected.


        2. RE: “And yet you still won’t have your vote counted.”

          You, yourself mentioned the solution for that: casting provisional ballots.

          In any case, your observation isn’t logical, because hacking isn’t the only way a database can be corrupted. Data entry errors, power outages and bad maintenance actions can all cause the same damage as hacking. Thus, not validating the database by ID check means that the risk of using a corrupt database in the election is never mitigated.

          In other words, the problem of eligible votes not being counted, or of eligible votes being nullified by ineligible ones, is the same either way. Except that it is more likely to affect the election results without the ID check.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s